Skip to content

feat(program): allow inert token extensions#134

Merged
dev-jodee merged 6 commits into
mainfrom
feat/allow-confidential-transfer-mints
May 26, 2026
Merged

feat(program): allow inert token extensions#134
dev-jodee merged 6 commits into
mainfrom
feat/allow-confidential-transfer-mints

Conversation

@dev-jodee
Copy link
Copy Markdown
Collaborator

@dev-jodee dev-jodee commented May 26, 2026
edited
Loading

Summary

  • stop rejecting Token-2022 mints that include ConfidentialTransferMint
  • allow TransferHook mints only when both hook authority and hook program id are unset
  • keep configured or mutable TransferHook mints blocked
  • add coverage for public-balance transfers on confidential-transfer and inert transfer-hook mints

Test Plan

  • cd program && cargo build-sbf
  • cargo test -p tests-subscriptions token_2022 -- --nocapture
  • cargo test -p tests-subscriptions transfer_hook -- --nocapture
  • cargo test -p tests-subscriptions transfer -- --nocapture
  • push hook: format check and lint check

@vercel
Copy link
Copy Markdown

vercel Bot commented May 26, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
solana-subscriptions-program Ready Ready Preview, Comment May 26, 2026 7:08pm

Request Review

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 26, 2026
edited
Loading

Compute Unit Report

Instruction Samples Min CUs Max CUs Avg CUs Est Cost (Low) [SOL] Est Cost (Med) [SOL] Est Cost (High) [SOL]
cancel_subscription 22 1720 2030 1919 0.000005000 0.000005076 0.000005959
close_subscription_authority 10 1803 1833 1806 0.000005000 0.000005072 0.000005903
create_fixed_delegation 41 3522 9517 4972 0.000005001 0.000005198 0.000007486
create_plan 97 3436 10949 5016 0.000005001 0.000005200 0.000007508
create_recurring_delegation 29 3550 9555 4694 0.000005001 0.000005187 0.000007347
delete_plan 9 359 359 359 0.000005000 0.000005014 0.000005179
init_subscription_authority 173 4772 21226 9699 0.000005002 0.000005387 0.000009849
resume_subscription 3 1723 1723 1723 0.000005000 0.000005068 0.000005861
revoke_delegation 19 255 519 353 0.000005000 0.000005014 0.000005176
subscribe 32 6485 17009 8179 0.000005002 0.000005327 0.000009089
transfer_fixed 9 5479 14340 8864 0.000005002 0.000005354 0.000009432
transfer_recurring 19 5591 14684 8171 0.000005002 0.000005326 0.000009085
transfer_subscription 10 5799 10341 7493 0.000005002 0.000005299 0.000008746
update_plan 22 424 503 477 0.000005000 0.000005019 0.000005238

Generated: 2026-05-26

@dev-jodee dev-jodee changed the title feat(program): allow confidential transfer mints feat(program): allow inert token extensions May 26, 2026
dev-jodee added 3 commits May 26, 2026 15:03
@dev-jodee
refactor(program): normalize TLV overflow error variant
8e00c15 
Return InvalidToken2022MintAccountData on checked_add overflow during
mint extension parsing instead of the generic InvalidAccountData, so
both bounds-violation paths emit the same, more specific error.
@dev-jodee
test(program): cover token-2022 recurring transfers
1fc02fe 
Mirror the new fixed-delegation token-2022 tests onto the recurring
pathway: a confidential-transfer mint and an unconfigured transfer hook
both complete a recurring transfer against the public balance.
@dev-jodee
docs: clarify token-2022 extension policy
4f02177 
CLAUDE.md previously claimed the program rejects every non-trivial
Token-2022 extension. Update it to reflect the current rule: only
mints with a configured TransferHook are rejected; all other
extensions (ConfidentialTransferMint, NonTransferable, PermanentDelegate,
TransferFeeConfig, MintCloseAuthority, Pausable) are accepted.

Add a matching section to ADR-001 explaining why an inert TransferHook
is safe (no authority means the hook can never be installed) and why a
ConfidentialTransferMint does not break subscription transfers (the
public balance is unaffected by the extension).

Annotate the now-dormant MintHasConfidentialTransfer error variant as
compat-reserved so downstream clients can keep their existing error
handlers.
@dev-jodee
docs: trim token-2022 extension notes
26ab457 
Drop the prose explaining why each non-rejected extension is safe; the
implementation and tests are the source of truth.
@dev-jodee dev-jodee merged commit 0221a37 into main May 26, 2026
13 checks passed
@dev-jodee dev-jodee deleted the feat/allow-confidential-transfer-mints branch May 26, 2026 20:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dev-jodee