fix: pass fee_payer in TransferInterfaceCpi LightToLight path

[tilo-14]

Summary

• TransferInterfaceCpi hardcoded fee_payer: None for LightToLight transfers, causing PrivilegeEscalation when the on-chain program attempted rent top-ups using the readonly authority account
• Pass self.payer as fee_payer instead — payer is already writable (it pays tx fees), so it can fund rent top-ups
• token-sdk: set fee_payer: Some(self.payer) in TransferInterface::instruction() and add system_program + payer to account_infos in invoke()/invoke_signed()
• token-pinocchio: set fee_payer: Some(self.payer) in TransferCpi construction for both invoke() and invoke_signed() (TransferCpi already handles fee_payer in its account_infos internally)

Test plan

• cargo test-sbf -p sdk-light-token-test -- test_transfer_interface — 10/10 passed
• cargo test-sbf -p sdk-light-token-pinocchio-test -- test_transfer_interface — 10/10 passed
• cargo test -p token-client-test — 4/4 passed (including 2 transfer_interface tests)

Summary by CodeRabbit

• Bug Fixes
  • Fixed fee payer handling in Light-to-Light token transfers to ensure proper payer information is passed and accounted for during transfer operations.

[coderabbitai]

📝 Walkthrough

Walkthrough

Two transfer interface implementations are updated to explicitly provide the payer as fee_payer and include system_program and payer accounts in the CPI instruction for LightToLight transfer paths, modifying how these transfers establish their execution context.

Changes

Cohort / File(s)	Summary
LightToLight Transfer Interface Updates sdk-libs/token-pinocchio/src/instruction/transfer_interface.rs, sdk-libs/token-sdk/src/instruction/transfer_interface.rs	Both files modified to set fee_payer to Some(self.payer) instead of None in LightToLight transfer paths. Additionally, system_program and payer accounts are now included in the account_infos sequence passed to invoke and invoke_signed methods. These changes ensure the payer is explicitly designated for fee assessment and available in the CPI call context.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat: add fee payer to light token ixs #2189 — Aligns with the fee_payer provisioning pattern and CPI account list modifications for transfer-related instructions that this PR implements.

Suggested labels

ai-review

Suggested reviewers

• SwenSchaeferjohann
• sergeytimoshin

Poem

💸 A payer steps forth from the shadows so deep,
No longer forgotten in transfers to keep,
With system program at their side for the fee,
LightToLight flows now, elegantly free! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 70.00%.
Title check	✅ Passed	The title accurately describes the primary change: fixing fee_payer provision in TransferInterfaceCpi's LightToLight transfer path, which directly addresses the bug causing PrivilegeEscalation errors.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/transfer-interface-fee-payer

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}