Skip to content

fix: validate ATA derivation in both idempotent and non-idempotent paths#2250

Closed
ananas-block wants to merge 3 commits intomainfrom
fix/audit-issue-3-ata-derivation-check
Closed

fix: validate ATA derivation in both idempotent and non-idempotent paths#2250
ananas-block wants to merge 3 commits intomainfrom
fix/audit-issue-3-ata-derivation-check

Conversation

@ananas-block
Copy link
Contributor

@ananas-block ananas-block commented Feb 6, 2026
edited
Loading

Summary

  • Move ATA derivation validation before the idempotent early-return check so it runs in both code paths, preventing creation of non-derived ATA accounts.

@ananas-block
fix: validate ATA derivation in both idempotent and non-idempotent paths
59f20f2 
Audit issue #3 (MEDIUM): validate_ata_derivation was only called inside
the IDEMPOTENT block, so non-idempotent ATA creation never verified the
PDA derivation. Move validation before the IDEMPOTENT check so both
code paths enforce correct ATA derivation.
@ananas-block
fix: collapse nested if per clippy collapsible_if
64f260f
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 6, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The ATA derivation validation logic is refactored to perform validation uniformly in both idempotent and non-idempotent modes, then optimize the idempotent path by combining the early-return condition into a single check when the ATA is owned by LIGHT_CPI_SIGNER.

Changes

Cohort / File(s) Summary
ATA Derivation Validation Optimization
programs/compressed-token/program/src/ctoken/create_ata.rs		 Reorganized validation logic to perform ATA derivation validation upfront for all modes, then combine the idempotent early-return condition into a single check, eliminating redundant re-validation when ATA is owned by LIGHT_CPI_SIGNER.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

ai-review

Suggested reviewers

  • sergeytimoshin
  • SwenSchaeferjohann

Poem

✨ Validations dance in perfect stride,
Early returns, no double-check tide,
ATA signer's ownership claims its place,
One unified path—efficiency embraced! 🚀

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title directly and accurately describes the main change: moving ATA derivation validation to run in both code paths before the idempotent early return.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 70.00%.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/audit-issue-3-ata-derivation-check

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@ananas-block
fix: fmt and update test assertion for ATA derivation check
f7fef3e 
Run cargo fmt on create_ata.rs and update test_create_ata_failing test 5
to expect error 3 (InvalidAccountData) since validate_ata_derivation now
catches wrong bumps before account creation.
@ananas-block ananas-block mentioned this pull request Feb 9, 2026
Merged
@ananas-block
Copy link
Contributor Author

ananas-block commented Feb 9, 2026

Superseded by #2249 which combines issues #3, #4, and #15.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ananas-block