Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document or change behavior of #[account(signer)] when CPI feature is enabled #97

Closed
armaniferrante opened this issue Mar 4, 2021 · 3 comments · Fixed by #849
Closed

Document or change behavior of #[account(signer)] when CPI feature is enabled #97

armaniferrante opened this issue Mar 4, 2021 · 3 comments · Fixed by #849
Assignees
@armaniferrante
Labels
documentation Improvements or additions to documentation lang priority:1

Comments

@armaniferrante
Copy link
Member

armaniferrante commented Mar 4, 2021
edited
Loading

When the "cpi" feature is enabled we don't check the signer field. See https://github.com/project-serum/anchor/blob/master/lang/syn/src/codegen/accounts.rs#L347.

We should either document or change this behavior. One should never enable the CPI feature when building and deploying the program. It should only be used when using a program as a CPI dependency.
@armaniferrante armaniferrante added documentation Improvements or additions to documentation lang labels Apr 9, 2021
@armaniferrante
Copy link
Member Author

armaniferrante commented Apr 11, 2021
edited
Loading

A better solution is to add a new attribute #[account(program_signer)], or #[account(signer = program)] that has the behavior described above. The #[account(signer)] attribute should always check the signature, even if the cpi feature is enabled.

@armaniferrante armaniferrante self-assigned this Apr 11, 2021
@rav3nh0lm
Copy link

actually, how does it work now? https://github.com/project-serum/anchor/blob/master/CHANGELOG.md#features-3 is the Signer that is introduced here how we are supposed to check this now?

@armaniferrante
Copy link
Member Author

This is no longer necessary now that #824 was implemented, and one shouldn't run into this as a result.

We can remove the special case for the cpi feature.

@armaniferrante armaniferrante mentioned this issue Oct 7, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@armaniferrante armaniferrante

Labels
documentation Improvements or additions to documentation lang priority:1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

lang: Remove cpi feature flag for account signer check coral-xyz/anchor
2 participants
@armaniferrante @rav3nh0lm