Release v1 code review (#40)

* chore: validate realm address against registrar

* chore: validate token owner address against VoterWeightRecord

* chore: validate token owner address against VoterWeightRecord

* chore: Update CastNftVote comment

* chore: Update CastNftVote comments

* chore: use owner and executable constraints

* chore: remove unnecessary mut account flag

* chore: add governance account comments

* chore: add NftVoteRecord seeds validation comment

* chore: remove redundant spl-token dependency

* chore: add missing  log_version()

* chore: update IDL

Author: SebastianBor

.vscode/settings.json

@@ -4,6 +4,7 @@
     "arrayref",
     "itertools",
     "Keypair",
+    "lamports",
     "Metaplex",
     "Metas",
     "Pubkey",

package.json

@@ -1,6 +1,6 @@
 {
     "name": "@solana/governance-program-library",
-    "version": "0.14.0",
+    "version": "0.15.0",
     "description": "Client for Governance Program Library which is a set of extensions for Solana's spl-governance program.",
     "author": "Solana Maintainers <[email protected]>",
     "license": "MIT",

programs/nft-voter/Cargo.toml

@@ -29,5 +29,4 @@ spl-token = { version = "3.3", features = [ "no-entrypoint" ] }
 [dev-dependencies]
 borsh = "0.9.1"
 solana-sdk = "1.9.5"
-solana-program-test = "1.9.5"
-spl-token = { version = "^3.3.0", features = ["no-entrypoint"] }
+solana-program-test = "1.9.5"

programs/nft-voter/src/error.rs

@@ -5,8 +5,8 @@ pub enum NftVoterError {
     #[msg("Invalid Realm Authority")]
     InvalidRealmAuthority,
 
-    #[msg("Invalid Registrar Realm")]
-    InvalidRegistrarRealm,
+    #[msg("Invalid Realm for Registrar")]
+    InvalidRealmForRegistrar,
 
     #[msg("Invalid Collection Size")]
     InvalidCollectionSize,
@@ -26,8 +26,8 @@ pub enum NftVoterError {
     #[msg("Invalid VoterWeightRecord Mint")]
     InvalidVoterWeightRecordMint,
 
-    #[msg("Invalid VoterWeightRecord Owner")]
-    InvalidVoterWeightRecordOwner,
+    #[msg("Invalid TokenOwner for VoterWeightRecord")]
+    InvalidTokenOwnerForVoterWeightRecord,
 
     #[msg("Collection must be verified")]
     CollectionMustBeVerified,

programs/nft-voter/src/instructions/cast_nft_vote.rs

@@ -7,7 +7,11 @@ use crate::error::NftVoterError;
 
 /// Casts NFT vote. The NFTs used for voting are tracked using NftVoteRecord accounts
 /// This instruction updates VoterWeightRecord which is valid for the current Slot and the target Proposal only
-/// and hance the instruction has to be executed inside the same transaction as spl-gov CastVote
+/// and hance the instruction has to be executed inside the same transaction as spl-gov.CastVote
+/// 
+/// CastNftVote instruction and NftVoteRecord are not directional. They don't record vote choice (ex Yes/No)
+/// VoteChoice is recorded by spl-gov in VoteRecord and this CastNftVote only tracks voting NFTs
+/// 
 #[derive(Accounts)]
 #[instruction(proposal: Pubkey)]
 pub struct CastNftVote<'info> {
@@ -21,14 +25,13 @@ pub struct CastNftVote<'info> {
 
         constraint = voter_weight_record.governing_token_mint == registrar.governing_token_mint
         @ NftVoterError::InvalidVoterWeightRecordMint,
-
-        constraint = voter_weight_record.governing_token_owner == governing_token_owner.key()
-        @ NftVoterError::InvalidVoterWeightRecordOwner,
     )]
     pub voter_weight_record: Account<'info, VoterWeightRecord>,
 
     /// The token owner who casts the vote
-    #[account(mut)]
+    #[account(
+        address = voter_weight_record.governing_token_owner @ NftVoterError::InvalidTokenOwnerForVoterWeightRecord
+    )]
     pub governing_token_owner: Signer<'info>,
 
     /// The account which pays for the transaction 
@@ -64,6 +67,8 @@ pub fn cast_nft_vote<'a,'b,'c,'info>(ctx: Context<'a,'b,'c,'info,CastNftVote<'in
         voter_weight = voter_weight.checked_add(nft_vote_weight as u64).unwrap();
 
         // Create NFT vote record to ensure the same NFT hasn't been already used for voting
+        // Note: The correct PDA of the NftVoteRecord is validated in create_and_serialize_account_signed
+        // It ensures the NftVoteRecord is for ('nft-vote-record',proposal,nft_mint) seeds
         require!(
             nft_vote_record_info.data_is_empty(),
             NftVoterError::NftAlreadyVoted

programs/nft-voter/src/instructions/configure_collection.rs

@@ -18,12 +18,13 @@ use crate::{error::NftVoterError};
 #[derive(Accounts)]
 pub struct ConfigureCollection<'info> {
     /// Registrar for which we configure this Collection
-    #[account(mut,
-        constraint = registrar.realm == realm.key() 
-        @ NftVoterError::InvalidRegistrarRealm
-    )]
+    #[account(mut)]
     pub registrar: Account<'info, Registrar>,
 
+    #[account(
+       address = registrar.realm @ NftVoterError::InvalidRealmForRegistrar,
+       owner = registrar.governance_program_id
+    )]
     /// CHECK: Owned by spl-governance instance specified in registrar.governance_program_id
     pub realm: UncheckedAccount<'info>,
 

programs/nft-voter/src/instructions/create_max_voter_weight_record.rs

@@ -20,8 +20,10 @@ pub struct CreateMaxVoterWeightRecord<'info> {
 
     /// The program id of the spl-governance program the realm belongs to
     /// CHECK: Can be any instance of spl-governance and it's not known at the compilation time
+    #[account(executable)]
     pub governance_program_id: UncheckedAccount<'info>,
 
+    #[account(owner = governance_program_id.key())]
     /// CHECK: Owned by spl-governance instance specified in governance_program_id
     pub realm: UncheckedAccount<'info>,
 

programs/nft-voter/src/instructions/create_registrar.rs

@@ -23,6 +23,7 @@ pub struct CreateRegistrar<'info> {
 
     /// The program id of the spl-governance program the realm belongs to
     /// CHECK: Can be any instance of spl-governance and it's not known at the compilation time
+    #[account(executable)]
     pub governance_program_id: UncheckedAccount<'info>,
 
     /// An spl-governance Realm
@@ -32,6 +33,7 @@ pub struct CreateRegistrar<'info> {
     /// - governing_token_mint must be the community or council mint
     /// - realm_authority is realm.authority
     /// CHECK: Owned by spl-governance instance specified in governance_program_id
+    #[account(owner = governance_program_id.key())]
     pub realm: UncheckedAccount<'info>,
 
     /// Either the realm community mint or the council mint.

programs/nft-voter/src/instructions/create_voter_weight_record.rs

@@ -22,9 +22,11 @@ pub struct CreateVoterWeightRecord<'info> {
 
     /// The program id of the spl-governance program the realm belongs to
     /// CHECK: Can be any instance of spl-governance and it's not known at the compilation time
+    #[account(executable)]
     pub governance_program_id: UncheckedAccount<'info>,
 
     /// CHECK: Owned by spl-governance instance specified in governance_program_id
+    #[account(owner = governance_program_id.key())]
     pub realm: UncheckedAccount<'info>,
 
     /// Either the realm community mint or the council mint.

programs/nft-voter/src/instructions/relinquish_nft_vote.rs

@@ -20,23 +20,28 @@ pub struct RelinquishNftVote<'info> {
 
         constraint = voter_weight_record.governing_token_mint == registrar.governing_token_mint
         @ NftVoterError::InvalidVoterWeightRecordMint,
-
-        constraint = voter_weight_record.governing_token_owner == governing_token_owner.key()
-        @ NftVoterError::InvalidVoterWeightRecordOwner,
     )]
     pub voter_weight_record: Account<'info, VoterWeightRecord>,
 
     /// CHECK: Owned by spl-governance instance specified in registrar.governance_program_id
+    /// Governance account the Proposal is for
+    #[account(owner = registrar.governance_program_id)]
     pub governance: UncheckedAccount<'info>,
 
     /// CHECK: Owned by spl-governance instance specified in registrar.governance_program_id
+    #[account(owner = registrar.governance_program_id)]
     pub proposal: UncheckedAccount<'info>,
 
     /// The token owner who cast the original vote
-    #[account(mut)]
+    #[account(
+        address = voter_weight_record.governing_token_owner  @ NftVoterError::InvalidTokenOwnerForVoterWeightRecord
+    )]
     pub governing_token_owner: Signer<'info>,
 
     /// CHECK: Owned by spl-governance instance specified in registrar.governance_program_id
+    /// The account is used to validate that it doesn't exist and if it doesn't then Anchor owner check throws error
+    /// The check is disabled here and performed inside the instruction 
+    /// #[account(owner = registrar.governance_program_id)] 
     pub vote_record: UncheckedAccount<'info>,
 
     /// CHECK: The beneficiary who receives lamports from the disposed NftVoterRecord accounts can be any account