feat: add support for Solana Address Lookup Table in withdraw and call

[skosito]

Description

recreating this PR since it is easier than rebasing #4227

comments from that PR are addressed in that one, i think biggest question is how to test on live networks

my assumption here is that on live networks ALT will be pre-setup and provided as argument, so I added bunch of random wallets that are prefunded for local testing only

Solana PR: zeta-chain/protocol-contracts-solana#128

Regarding changes in solana-go, it is basically adding instructions to create and extend ALT, which is just used in e2e tests, so change is safe to use until upstream PR is merged

This PR adds additional encoding for withdraw and call payload:

type ExecuteMsgALT struct {
	AltAddress       [32]byte
	WriteableIndexes []uint8
	Data             []byte
}

old one still is supported as legacy, but we can remove it if it's practically not used, but just for illustration:

type ExecuteMsg struct {
	Accounts []AccountMeta
	Data     []byte
}

Information we need for ALT to work are ALT address and indexes in ALT of mutable/writable accounts. If there is some better way from UX perspective to encode this information while still maintain ok size in terms of solidity encoding, please leave suggestions in PR.

How Has This Been Tested?

• Tested CCTX in localnet
• Tested in development environment
• Go unit tests
• Go integration tests
• Tested via GitHub Actions

---

Note

Add Solana Address Lookup Table (ALT) support across gateway messages, signer/observer, and E2E tests, including new ALT message encoding and ALT-backed transaction building.

• Solana ALT Support:
  • Add ExecuteMsgALT and GenericExecuteMsg to support ALT-based account provisioning alongside legacy ExecuteMsg in pkg/contracts/solana.
  • Extend MsgExecute/MsgExecuteSPL to carry ALT address and resolved ALT state addresses.
  • Update signer to decode generic execute messages, fetch ALT state, construct remaining accounts, and include ALT tables in signed transactions; signTx and createOutboundWithFallback now accept ALT.
  • Observer: use MaxSupportedTransactionVersion0 in GetTransaction and fix inner-instruction parsing via CompiledInstruction conversion.
• E2E & Localnet:
  • New tests: solana_withdraw_and_call_alt, spl_withdraw_and_call_alt; add helpers to create/extend ALTs and many prefunded test accounts; add ParseUint8Array for writable index parsing.
  • Adjust existing SOL/SPL tests to encode full account lists; minor arg text updates.
• Dependencies:
  • Replace github.com/gagliardetto/solana-go with github.com/zeta-chain/solana-go fork.
• Test Data & Changelog:
  • Add archived ALT tx results; update changelog with Solana ALT feature entry.

^{Written by Cursor Bugbot for commit 6a8340c. This will update automatically on new commits. Configure here.}

Summary by CodeRabbit

• New Features

  • Added Solana Address Lookup Table (ALT) support for withdraw-and-call on SOL and SPL tokens.

• Improvements

  • Enhanced transaction signing and execution to leverage ALTs for larger account sets.
  • Increased Solana RPC compatibility by specifying supported transaction version in queries.
  • Refined message encoding/decoding to support ALT-aware execute messages.

• Tests

  • Added comprehensive e2e and unit tests for ALT paths on SOL and SPL flows.
  • Included new Solana transaction fixtures with ALT lookups.

• Documentation

  • Changelog updated with “Solana ALT support.”

• Chores

  • Switched solana-go dependency to a maintained fork.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Adds Solana Address Lookup Table (ALT) support across contracts, signer, observer, e2e runner/tests, and localnet setup. Introduces ALT-aware execute message variants, integrates ALT into transaction signing and outbound creation, updates parsing to handle ALT, expands tests (including new ALT tests), and replaces solana-go with a fork.

Changes

Cohort / File(s)	Summary
Changelog changelog.md	Added Unreleased features entry for Solana ALT support.
Local e2e command wiring cmd/zetae2e/local/local.go	Registers new ALT test variants for Solana and SPL suites.
Localnet provisioning contrib/localnet/solana/start-solana.sh	Adds airdrops for multiple e2e test accounts; no control-flow changes.
E2E test registry e2e/e2etests/e2etests.go	Adds ALT test constants and entries; updates SPL arg descriptions; supplies ALT args.
E2E tests (Solana legacy ordering tweaks) e2e/e2etests/test_solana_withdraw_and_call.go, .../test_solana_withdraw_and_call_invalid_tx_size.go, .../test_solana_withdraw_and_call_revert_with_call.go	Reorders an AccountMeta (privkey pubkey) within ExecuteMsg account lists.
E2E tests (new ALT flows) e2e/e2etests/test_solana_withdraw_and_call_alt.go, e2e/e2etests/test_spl_withdraw_and_call_alt.go	Adds new end-to-end tests executing WithdrawAndCall via ALT for SOL and SPL paths.
E2E tests (SPL message encoding) e2e/e2etests/test_spl_withdraw_and_call.go, .../test_spl_withdraw_and_call_revert.go	Replaces raw payloads with encoded ExecuteMsg; constructs accounts incl. random wallet ATA.
E2E runner + utils e2e/runner/solana.go, e2e/utils/parsing.go	Runner: changes SPL WithdrawAndCall to accept encoded msg; adds ALT setup helpers; imports ALT libs. Utils: adds ParseUint8Array.
Contracts: message types (ALT) pkg/contracts/solana/gateway_message.go, pkg/contracts/solana/instruction.go, pkg/contracts/solana/gateway_message_test.go	Adds ALT fields/accessors to MsgExecute/MsgExecuteSPL and constructors; introduces ExecuteMsgALT, GenericExecuteMsg, decoding logic; updates tests to new constructor signatures.
Signer: ALT integration and APIs zetaclient/chains/solana/signer/signer.go, .../execute.go, .../execute_spl.go, .../increment_nonce.go, .../withdraw.go, .../withdraw_spl.go, .../whitelist.go	Extends signTx and createOutboundWithFallback to accept ALT and address tables; prepares ALT accounts, decodes messages via GenericExecuteMsg; threads ALT through execute paths; adjusts call sites.
Observer zetaclient/chains/solana/observer/inbound_parser.go, .../outbound.go, .../outbound_test.go	Uses CompiledInstruction for inner instructions; sets MaxSupportedTransactionVersion on queries; adds ALT parsing tests for Execute and ExecuteSPL.
Testdata (ALT transactions) zetaclient/testdata/solana/*.json	Adds ALT transaction result fixtures for outbound parsing tests.
Dependency go.mod	Replaces github.com/gagliardetto/solana-go with github.com/zeta-chain/solana-go fork/version.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User as E2E Test/Signer
  participant ZEVM as ZEVM Gateway (EVM)
  participant ZSigner as Solana Signer
  participant RPC as Solana RPC
  participant Gateway as Solana Gateway Program
  participant ALT as Address Lookup Table

  rect rgb(238,246,255)
  note over User,ZSigner: Withdraw-and-Call with ALT (SOL/SPL)
  User->>ZEVM: Approve + WithdrawAndCall{msgEncoded/ALT}
  ZEVM-->>ZSigner: CCTX (Execute/Revert data)
  ZSigner->>ZSigner: Decode GenericExecuteMsg (Legacy or ALT)
  ZSigner->>RPC: fetch ALT entries (if msg.ALT present)
  RPC-->>ZSigner: ALT state addresses
  ZSigner->>ZSigner: Build remaining accounts + writable indexes
  ZSigner->>Gateway: createOutboundWithFallback(mainInst, alt, addrs)
  ZSigner->>RPC: Submit tx (with AddressTableLookup)
  RPC-->>ZSigner: Tx signature/result
  end

  rect rgb(245,255,245)
  note over Gateway,RPC: On-chain execution
  RPC->>Gateway: Execute instruction
  Gateway-->>RPC: Program logs/state updates
  end

Loading

sequenceDiagram
  autonumber
  participant Observer as Observer
  participant RPC as Solana RPC

  rect rgb(255,248,240)
  note over Observer: Outbound parsing with ALT
  Observer->>RPC: GetTransaction{Finalized, MaxSupportedVersion0}
  RPC-->>Observer: TransactionResult (with addressTableLookups)
  Observer->>Observer: Convert inner to CompiledInstruction
  Observer->>Observer: ParseInstructionExecute[_SPL] (ALT/Legacy)
  Observer-->>Observer: Extract sender, nonce, amounts
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~70 minutes

Possibly related PRs

• feat: spl withdraw and call #3520 — Touches SPL withdraw-and-call paths and related runner/contracts/signer code, overlapping with ALT-enabled SPL changes.
• feat: integrate execute spl revert #3797 — Modifies Solana execute message constructors/types, directly related to added ALT parameters and decoding.

Suggested reviewers

• lumtis
• swift1337
• brewmaster012
• ws4charlie

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The pull request description includes narrative context and a test checklist but does not adhere to the repository’s template: it lacks a concise summary of changes and related issue, leaves all testing checkboxes unchecked, and does not list dependencies in the designated section.	Please revise the description to fully follow the required template by adding a clear summary of changes and linked issue, listing any dependencies, and marking or detailing the tests performed under the “How Has This Been Tested?” section.
Docstring Coverage	⚠️ Warning	Docstring coverage is 45.83% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title clearly and concisely describes the primary addition of support for Solana Address Lookup Tables in the withdraw and call workflows, matching the core objective of the PR.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

❌ Patch coverage is 8.46154% with 119 lines in your changes missing coverage. Please review.
✅ Project coverage is 65.88%. Comparing base (7bbc4b9) to head (dc19b45).
⚠️ Report is 2 commits behind head on develop.

Files with missing lines	Patch %	Lines
zetaclient/chains/solana/signer/execute.go	0.00%	77 Missing ⚠️
zetaclient/chains/solana/signer/execute_spl.go	0.00%	14 Missing ⚠️
zetaclient/chains/solana/signer/signer.go	0.00%	13 Missing ⚠️
zetaclient/context/feature_flags.go	0.00%	8 Missing ⚠️
.../chains/solana/signer/outbound_tracker_reporter.go	0.00%	2 Missing ⚠️
...etaclient/chains/solana/observer/inbound_parser.go	83.33%	0 Missing and 1 partial ⚠️
zetaclient/chains/solana/signer/increment_nonce.go	0.00%	1 Missing ⚠️
zetaclient/chains/solana/signer/whitelist.go	0.00%	1 Missing ⚠️
zetaclient/chains/solana/signer/withdraw.go	0.00%	1 Missing ⚠️
zetaclient/chains/solana/signer/withdraw_spl.go	0.00%	1 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #4266      +/-   ##
===========================================
- Coverage    65.93%   65.88%   -0.06%     
===========================================
  Files          462      463       +1     
  Lines        33786    33996     +210     
===========================================
+ Hits         22278    22398     +120     
- Misses       10530    10614      +84     
- Partials       978      984       +6     

Files with missing lines	Coverage Δ
zetaclient/chains/solana/observer/outbound.go	40.49% <100.00%> (+0.24%)	⬆️
zetaclient/config/types.go	46.93% <100.00%> (+2.75%)	⬆️
zetaclient/orchestrator/orchestrator.go	72.09% <100.00%> (+0.61%)	⬆️
...etaclient/chains/solana/observer/inbound_parser.go	36.02% <83.33%> (+2.05%)	⬆️
zetaclient/chains/solana/signer/increment_nonce.go	0.00% <0.00%> (ø)
zetaclient/chains/solana/signer/whitelist.go	0.00% <0.00%> (ø)
zetaclient/chains/solana/signer/withdraw.go	0.00% <0.00%> (ø)
zetaclient/chains/solana/signer/withdraw_spl.go	0.00% <0.00%> (ø)
.../chains/solana/signer/outbound_tracker_reporter.go	0.00% <0.00%> (ø)
zetaclient/context/feature_flags.go	0.00% <0.00%> (ø)
... and 3 more

... and 15 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

!!!WARNING!!!
nosec detected in the following files: e2e/e2etests/test_solana_withdraw_and_call_alt.go, e2e/e2etests/test_spl_withdraw_and_call_alt.go

Be very careful about using #nosec in code. It can be a quick way to suppress security warnings and move forward with development, it should be employed with caution. Suppressing warnings with #nosec can hide potentially serious vulnerabilities. Only use #nosec when you're absolutely certain that the security issue is either a false positive or has been mitigated in another way.

Only suppress a single rule (or a specific set of rules) within a section of code, while continuing to scan for other problems. To do this, you can list the rule(s) to be suppressed within the #nosec annotation, e.g: /* #nosec G401 */ or //#nosec G201 G202 G203
Broad #nosec annotations should be avoided, as they can hide other vulnerabilities. The CI will block you from merging this PR until you remove #nosec annotations that do not target specific rules.

Pay extra attention to the way #nosec is being used in the files listed above.

[cursor]

Comment @cursor review or bugbot run to trigger another review on this PR

[coderabbitai]

Actionable comments posted: 9

♻️ Duplicate comments (2)

e2e/e2etests/test_solana_withdraw_and_call_revert_with_call.go (1)

55-64: Same account reordering as in other test files.

This file contains the same account metadata reordering as observed in test_solana_withdraw_and_call_invalid_tx_size.go. The r.GetSolanaPrivKey().PublicKey().Bytes() entry has been moved to the fifth position.

Refer to the verification request in the previous file regarding account order consistency.

e2e/e2etests/test_solana_withdraw_and_call.go (1)

59-68: Same account reordering pattern observed.

This file exhibits the same account metadata reordering as the previous test files. The consistency across multiple test files (test_solana_withdraw_and_call.go, test_solana_withdraw_and_call_revert_with_call.go, test_solana_withdraw_and_call_invalid_tx_size.go) suggests this is an intentional change.

Refer to the verification request in test_solana_withdraw_and_call_invalid_tx_size.go regarding account order consistency with gateway program expectations.

🧹 Nitpick comments (13)

zetaclient/testdata/solana/chain_901_outbound_tx_result_ayu91XsBcdpqTPmkxB5vfVRpJUsjxyXZhGg4RTAStU7zufqRQsAjEq3CtWhcAWgjayNZiJ3f5gX8oNfz87sbrHE.json (5)

596-620: ALT address lookups: verify index mapping invariants

Message.version v0 with addressTableLookups is correct. Please ensure:

• readonlyIndexes/writableIndexes are 0-based into the table’s address array, and
• all instruction account indices are within base accountKeys + loaded ALT addresses length.

Add a small assertion in the test to validate these invariants to catch regressions early.

---

264-409: Token balance deltas self-consistent; add sum checks in test

Sender drops by 1.0; recipients aggregate to 1.0 (0.5 + 10×0.05). Consider adding an assertion in the test that validates sum of recipient deltas equals source delta for robustness.

Also applies to: 434-579

---

180-239: Logs are verbose; consider trimming to stable anchors

To reduce fixture churn and speed up diffs, prefer asserting a few critical log anchors (e.g., “ExecuteSplToken”, “OnCall”, final “Execute SPL done”) rather than storing all intermediate TransferChecked logs, unless they are explicitly required by the parser.

---

598-598: Gitleaks false positive: allowlist Solana base58 addresses in testdata

Line contains a public Solana address, not a secret. Add a path-scoped allowlist to silence false positives.

Apply a repo-level gitleaks allowlist (adjust if you already have one):

+#[[allowlist]]
+#[allowlist.description = "Allow Solana base58 addresses/signatures in solana testdata"]
+#[allowlist.paths]
+#+ = "^zetaclient/testdata/solana/"
+#[allowlist.regexes]
+#+ = "\\b[1-9A-HJ-NP-Za-km-z]{32,88}\\b"

If you keep gitleaksignore instead, add a scoped ignore for this path with the same regex.

---

1-1: Provenance note for fixture regeneration

Add a short README or header note (in a sibling README) describing the RPC method/flags used to obtain this JSON (e.g., getTransaction with encoding=json, maxSupportedTransactionVersion=0). It helps future regeneration.

zetaclient/testdata/solana/chain_901_outbound_tx_result_58azV5L9kTLV7p3XRQRioorv6PvYzz1M6bNLfLjfwYoDuRcVv3A52QdCrr81yEYbc3vvVKxRCZdj4DcfTtDQdCPr.json (2)

312-380: Gitleaks false positive: public Solana key flagged as “generic API key”.

Line 314 is an ALT account public key in testdata, not a secret. Recommend allowlisting this testdata path in Gitleaks to avoid noise.

If you agree, add a path-based allowlist entry (e.g., testdata/solana/*.json) in your Gitleaks config.

---

164-229: Sanity-check balances vs account count.

preBalances and postBalances should match total account count (static keys + ALT-resolved). Add a quick test assertion to guard future fixture edits.

Also applies to: 231-296

zetaclient/chains/solana/observer/outbound_test.go (1)

51-53: Good ALT coverage for execute/executeSPL parsing

Fixtures and assertions are consistent; the tests exercise the expected signer/nonce/amount for ALT flows.

Add a quick guard before indexing instructions to make tests more robust against fixture drift:

- instruction := tx.Message.Instructions[instructionIndex]
+ require.GreaterOrEqual(t, len(tx.Message.Instructions), instructionIndex+1, "unexpected instruction count")
+ instruction := tx.Message.Instructions[instructionIndex]

Also applies to: 57-59, 635-706, 708-779

pkg/contracts/solana/instruction.go (1)

725-770: ALT message ABI and encoding look coherent

Struct fields align with ABI and Encode/Decode mirrors the legacy path. No functional concerns here.

Consider standardizing spelling to “WritableIndexes” across code and ABI for consistency. This would be a coordinated change (ABI + struct/tag updates).

e2e/runner/solana.go (2)

794-910: Safer ALT extension: chunk addresses, dedupe, and poll instead of fixed sleeps.

• ExtendAddressLookupTable in a single 30-item chunk can exceed instruction/tx size on some nodes; chunk to <=20 per extend.
• Dedupe accounts before extending to avoid wasting table slots.
• Replace fixed sleeps with polling until the ALT account reflects the created/extended state.

Apply this diff to chunk extensions (example with maxPerExtend=20):

- // need to wait a bit for ALT to be active
- time.Sleep(1 * time.Second)
-
- extendALTInstruction := addresslookuptable.NewExtendAddressLookupTableInstruction(accounts[:30], altAddress, privkey.PublicKey(), privkey.PublicKey()).
-   Build()
-
- signedTx = r.CreateSignedTransaction(
-   []solana.Instruction{extendALTInstruction},
-   privkey,
-   []solana.PrivateKey{},
- )
- r.BroadcastTxSync(signedTx)
-
- time.Sleep(1 * time.Second)
-
- extendALTInstruction = addresslookuptable.NewExtendAddressLookupTableInstruction(accounts[30:], altAddress, privkey.PublicKey(), privkey.PublicKey()).
-   Build()
-
- signedTx = r.CreateSignedTransaction(
-   []solana.Instruction{extendALTInstruction},
-   privkey,
-   []solana.PrivateKey{},
- )
- r.BroadcastTxSync(signedTx)
+ // optionally dedupe 'accounts' here if needed
+ maxPerExtend := 20
+ for i := 0; i < len(accounts); i += maxPerExtend {
+   j := i + maxPerExtend
+   if j > len(accounts) {
+     j = len(accounts)
+   }
+   extend := addresslookuptable.NewExtendAddressLookupTableInstruction(accounts[i:j], altAddress, privkey.PublicKey(), privkey.PublicKey()).
+     Build()
+   signedTx = r.CreateSignedTransaction(
+     []solana.Instruction{extend},
+     privkey,
+     []solana.PrivateKey{},
+   )
+   r.BroadcastTxSync(signedTx)
+ }

Optionally, poll for ALT activation (Confirm/Processed) via GetAccountInfo instead of sleeping.

---

912-980: Avoid duplication: extract common ALT-setup helper.

SetupTestALTWithRandomWallets and SetupTestALTWithRandomWalletsSPL share most logic. Extract a helper (derive ALT PDA, create, chunked extend, wait) and parameterize “accounts” to reduce duplication and future drift.

pkg/contracts/solana/gateway_message.go (2)

341-349: Fix comment style for consistency.

The comments for ALT() and ALTStateAddresses() use "return" instead of "returns", which is inconsistent with the existing comment style in this file (e.g., line 302: "ChainID returns the chain ID").

Apply this diff to align with the file's comment style:

-// ALT return address of ALT
+// ALT returns the address of ALT
 func (msg *MsgExecute) ALT() *solana.PublicKey {
 	return msg.altAddress
 }
 
-// ALTStateAddresses returns addresses from ALT state
+// ALTStateAddresses returns the addresses from ALT state
 func (msg *MsgExecute) ALTStateAddresses() solana.PublicKeySlice {
 	return msg.altStateAddresses
 }

---

669-677: Fix comment style for consistency.

Similar to MsgExecute, the comments here use "return" instead of "returns", which is inconsistent with the file's existing style.

Apply this diff to align with the file's comment style:

-// ALT return address of ALT
+// ALT returns the address of ALT
 func (msg *MsgExecuteSPL) ALT() *solana.PublicKey {
 	return msg.altAddress
 }
 
-// ALTStateAddresses returns addresses from ALT state
+// ALTStateAddresses returns the addresses from ALT state
 func (msg *MsgExecuteSPL) ALTStateAddresses() solana.PublicKeySlice {
 	return msg.altStateAddresses
 }

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 3b3ed36 and 6a8340c.

⛔ Files ignored due to path filters (3)

• contrib/localnet/solana/connected.so is excluded by !**/*.so
• contrib/localnet/solana/connected_spl.so is excluded by !**/*.so
• go.sum is excluded by !**/*.sum

📒 Files selected for processing (30)

• changelog.md (1 hunks)
• cmd/zetae2e/local/local.go (2 hunks)
• contrib/localnet/solana/start-solana.sh (1 hunks)
• e2e/e2etests/e2etests.go (4 hunks)
• e2e/e2etests/test_solana_withdraw_and_call.go (1 hunks)
• e2e/e2etests/test_solana_withdraw_and_call_alt.go (1 hunks)
• e2e/e2etests/test_solana_withdraw_and_call_invalid_tx_size.go (1 hunks)
• e2e/e2etests/test_solana_withdraw_and_call_revert_with_call.go (1 hunks)
• e2e/e2etests/test_spl_withdraw_and_call.go (1 hunks)
• e2e/e2etests/test_spl_withdraw_and_call_alt.go (1 hunks)
• e2e/e2etests/test_spl_withdraw_and_call_revert.go (1 hunks)
• e2e/runner/solana.go (4 hunks)
• e2e/utils/parsing.go (2 hunks)
• go.mod (1 hunks)
• pkg/contracts/solana/gateway_message.go (8 hunks)
• pkg/contracts/solana/gateway_message_test.go (4 hunks)
• pkg/contracts/solana/instruction.go (2 hunks)
• zetaclient/chains/solana/observer/inbound_parser.go (1 hunks)
• zetaclient/chains/solana/observer/outbound.go (1 hunks)
• zetaclient/chains/solana/observer/outbound_test.go (2 hunks)
• zetaclient/chains/solana/signer/execute.go (5 hunks)
• zetaclient/chains/solana/signer/execute_spl.go (3 hunks)
• zetaclient/chains/solana/signer/increment_nonce.go (1 hunks)
• zetaclient/chains/solana/signer/outbound_tracker_reporter.go (1 hunks)
• zetaclient/chains/solana/signer/signer.go (3 hunks)
• zetaclient/chains/solana/signer/whitelist.go (1 hunks)
• zetaclient/chains/solana/signer/withdraw.go (1 hunks)
• zetaclient/chains/solana/signer/withdraw_spl.go (1 hunks)
• zetaclient/testdata/solana/chain_901_outbound_tx_result_58azV5L9kTLV7p3XRQRioorv6PvYzz1M6bNLfLjfwYoDuRcVv3A52QdCrr81yEYbc3vvVKxRCZdj4DcfTtDQdCPr.json (1 hunks)
• zetaclient/testdata/solana/chain_901_outbound_tx_result_ayu91XsBcdpqTPmkxB5vfVRpJUsjxyXZhGg4RTAStU7zufqRQsAjEq3CtWhcAWgjayNZiJ3f5gX8oNfz87sbrHE.json (1 hunks)

🧰 Additional context used

📓 Path-based instructions (2)

**/*.go

⚙️ CodeRabbit configuration file

Review the Go code, point out issues relative to principles of clean code, expressiveness, and performance.

Files:

• e2e/e2etests/test_solana_withdraw_and_call_revert_with_call.go
• zetaclient/chains/solana/observer/inbound_parser.go
• e2e/e2etests/test_spl_withdraw_and_call_revert.go
• zetaclient/chains/solana/signer/outbound_tracker_reporter.go
• pkg/contracts/solana/instruction.go
• zetaclient/chains/solana/signer/signer.go
• pkg/contracts/solana/gateway_message_test.go
• pkg/contracts/solana/gateway_message.go
• zetaclient/chains/solana/signer/execute_spl.go
• zetaclient/chains/solana/observer/outbound.go
• e2e/e2etests/e2etests.go
• zetaclient/chains/solana/signer/execute.go
• cmd/zetae2e/local/local.go
• zetaclient/chains/solana/observer/outbound_test.go
• zetaclient/chains/solana/signer/withdraw_spl.go
• e2e/e2etests/test_solana_withdraw_and_call_invalid_tx_size.go
• zetaclient/chains/solana/signer/whitelist.go
• zetaclient/chains/solana/signer/withdraw.go
• e2e/e2etests/test_solana_withdraw_and_call_alt.go
• e2e/utils/parsing.go
• zetaclient/chains/solana/signer/increment_nonce.go
• e2e/e2etests/test_solana_withdraw_and_call.go
• e2e/e2etests/test_spl_withdraw_and_call_alt.go
• e2e/e2etests/test_spl_withdraw_and_call.go
• e2e/runner/solana.go

**/*.sh

⚙️ CodeRabbit configuration file

Review the shell scripts, point out issues relative to security, performance, and maintainability.

Files:

• contrib/localnet/solana/start-solana.sh

🧠 Learnings (2)

📚 Learning: 2025-03-04T22:39:58.395Z

Learnt from: gartnera
PR: zeta-chain/node#3632
File: zetaclient/chains/solana/signer/signer.go:304-304
Timestamp: 2025-03-04T22:39:58.395Z
Learning: The Solana signer implementation in zetaclient/chains/solana/signer/signer.go has limited test coverage, particularly for the transaction broadcasting logic with fallback scenarios. Adding this coverage has been acknowledged as a potential future improvement outside the scope of immediate fixes.

Applied to files:

• zetaclient/chains/solana/signer/signer.go
• zetaclient/chains/solana/signer/withdraw_spl.go
• zetaclient/chains/solana/signer/whitelist.go
• zetaclient/chains/solana/signer/withdraw.go
• zetaclient/chains/solana/signer/increment_nonce.go

📚 Learning: 2025-01-14T03:37:18.430Z

Learnt from: ws4charlie
PR: zeta-chain/node#3306
File: pkg/math/integer_test.go:0-0
Timestamp: 2025-01-14T03:37:18.430Z
Learning: Use big.Int for handling large number calculations and edge cases to avoid integer overflow issues.

Applied to files:

• e2e/utils/parsing.go

🧬 Code graph analysis (10)

e2e/e2etests/test_spl_withdraw_and_call_revert.go (1)

pkg/contracts/solana/instruction.go (2)

• ExecuteMsg (720-723)
• AccountMeta (714-717)

pkg/contracts/solana/gateway_message_test.go (2)

pkg/contracts/solana/gateway_message.go (4)

• NewMsgExecute (277-299)
• ExecuteTypeCall (29-29)
• NewMsgExecuteSPL (594-620)
• ExecuteTypeRevert (30-30)

pkg/contracts/solana/instruction.go (1)

• AccountMeta (714-717)

e2e/e2etests/e2etests.go (4)

e2e/runner/e2etest.go (3)

• NewE2ETest (41-58)
• ArgDefinition (88-91)
• WithMinimumVersion (16-20)

e2e/e2etests/test_solana_withdraw_and_call_alt.go (1)

• TestSolanaWithdrawAndCallALT (21-144)

e2e/e2etests/test_spl_withdraw_and_call.go (1)

• TestSPLWithdrawAndCall (24-153)

e2e/e2etests/test_spl_withdraw_and_call_alt.go (1)

• TestSPLWithdrawAndCallALT (22-175)

zetaclient/chains/solana/signer/execute.go (4)

zetaclient/chains/solana/signer/signer.go (1)

• Signer (89-104)

pkg/contracts/solana/gateway_message.go (3)

• ExecuteType (26-26)
• ExecuteTypeRevert (30-30)
• ExecuteTypeCall (29-29)

pkg/contracts/solana/instruction.go (4)

• GenericExecuteMsg (819-822)
• RevertOptions (117-132)
• DecodeExecuteMsg (825-856)
• AccountMeta (714-717)

x/crosschain/types/cross_chain_tx.pb.go (1)

• CctxStatus_PendingRevert (34-34)

cmd/zetae2e/local/local.go (1)

e2e/e2etests/e2etests.go (2)

• TestSolanaWithdrawAndCallALTName (74-74)
• TestSPLWithdrawAndCallALTName (95-95)

zetaclient/chains/solana/observer/outbound_test.go (4)

pkg/chains/chains.go (1)

• SolanaDevnet (350-360)

zetaclient/testutils/testdata.go (1)

• LoadSolanaOutboundTxResult (341-351)

zetaclient/chains/bitcoin/observer/observer_test.go (1)

• TestDataDir (36-36)

pkg/contracts/solana/instruction.go (2)

• ParseInstructionExecute (339-353)
• ParseInstructionExecuteSPL (550-564)

e2e/e2etests/test_solana_withdraw_and_call_alt.go (6)

e2e/runner/runner.go (1)

• E2ERunner (86-222)

e2e/utils/parsing.go (2)

• ParseBigInt (28-33)
• ParseUint8Array (35-57)

pkg/contracts/solana/gateway.go (2)

• ComputeConnectedPdaAddress (101-103)
• ComputePdaAddress (91-98)

pkg/contracts/solana/instruction.go (1)

• ExecuteMsgALT (725-729)

e2e/utils/zetacore.go (1)

• WaitCctxMinedByInboundHash (60-72)

e2e/utils/require.go (1)

• RequireCCTXStatus (13-29)

e2e/e2etests/test_spl_withdraw_and_call_alt.go (7)

e2e/runner/runner.go (1)

• E2ERunner (86-222)

e2e/utils/parsing.go (2)

• ParseBigInt (28-33)
• ParseUint8Array (35-57)

pkg/contracts/solana/gateway.go (2)

• ComputeConnectedPdaAddress (101-103)
• ComputePdaAddress (91-98)

pkg/contracts/solana/instruction.go (1)

• ExecuteMsgALT (725-729)

e2e/utils/zetacore.go (1)

• WaitCctxMinedByInboundHash (60-72)

e2e/e2etests/test_solana_withdraw_and_call_alt.go (1)

• ConnectedPdaInfo (123-129)

e2e/e2etests/test_spl_withdraw_and_call.go (1)

• ConnectedPdaInfo (110-116)

e2e/e2etests/test_spl_withdraw_and_call.go (1)

pkg/contracts/solana/instruction.go (2)

• ExecuteMsg (720-723)
• AccountMeta (714-717)

e2e/runner/solana.go (2)

e2e/runner/runner.go (1)

• E2ERunner (86-222)

zetaclient/chains/solana/observer/observer.go (1)

• SolanaClient (18-67)

🪛 Gitleaks (8.28.0)

zetaclient/testdata/solana/chain_901_outbound_tx_result_ayu91XsBcdpqTPmkxB5vfVRpJUsjxyXZhGg4RTAStU7zufqRQsAjEq3CtWhcAWgjayNZiJ3f5gX8oNfz87sbrHE.json

[high] 598-598: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

zetaclient/testdata/solana/chain_901_outbound_tx_result_58azV5L9kTLV7p3XRQRioorv6PvYzz1M6bNLfLjfwYoDuRcVv3A52QdCrr81yEYbc3vvVKxRCZdj4DcfTtDQdCPr.json

[high] 314-314: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (11)

• GitHub Check: Cursor Bugbot
• GitHub Check: test-sim-import-export / sim
• GitHub Check: test-sim-fullappsimulation / sim
• GitHub Check: test-sim-nondeterminism / sim
• GitHub Check: test-sim-after-import / sim
• GitHub Check: build-zetanode
• GitHub Check: gosec
• GitHub Check: build
• GitHub Check: lint
• GitHub Check: build-and-test
• GitHub Check: analyze (go)

🔇 Additional comments (32)

zetaclient/testdata/solana/chain_901_outbound_tx_result_ayu91XsBcdpqTPmkxB5vfVRpJUsjxyXZhGg4RTAStU7zufqRQsAjEq3CtWhcAWgjayNZiJ3f5gX8oNfz87sbrHE.json (4)

158-179: Meta.loadedAddresses present; ensure parser uses it

The fixture includes meta.loadedAddresses (readonly/writable). Verify the decoding path consumes these for account resolution, not only message.addressTableLookups.

---

240-263: Pre/Post lamports and fee are consistent

Lamports delta matches fee (5000). Looks good.

Also applies to: 410-433

---

673-673: Version 0 (v0) message is appropriate for ALT

Using version: 0 is correct for ALT-enabled transactions.

---

2-2: Block time usage

Ensure tests don’t assert on blockTime (can vary). Use it only for informational purposes.

changelog.md (1)

23-23: LGTM!

The changelog entry correctly documents the addition of Solana ALT support in PR 4266. The formatting is consistent with other entries, and the placement under "Features" in the "Unreleased" section is appropriate.

e2e/utils/parsing.go (1)

35-57: LGTM! Well-implemented parsing utility.

The ParseUint8Array function is clean, straightforward, and appropriate for test utilities. The implementation correctly:

• Handles empty input and empty segments
• Uses appropriate parsing with 8-bit bounds checking
• Employs efficient slice pre-allocation
• Leverages standard library functions properly

The error handling with require.NoError is suitable for test contexts where test failure is the expected behavior on invalid input.

zetaclient/chains/solana/signer/outbound_tracker_reporter.go (1)

65-66: LGTM! Necessary change for versioned transaction support.

Adding MaxSupportedTransactionVersion set to MaxSupportedTransactionVersion0 enables the RPC client to handle versioned transactions, which is essential for ALT support. Without this parameter, the GetTransaction call would fail when querying transactions that use Address Lookup Tables (which require transaction version 0).

The change is minimal, focused, and correctly implemented.

zetaclient/chains/solana/signer/withdraw_spl.go (1)

49-49: Verified createOutboundWithFallback signature and nil args: the alt and addrs parameters are optional and passing nil, nil for non-ALT operations aligns with all existing call sites.

e2e/e2etests/test_solana_withdraw_and_call_invalid_tx_size.go (1)

56-65: No account order change detected. The Accounts slice in test_solana_withdraw_and_call_invalid_tx_size.go is identical to the related tests; there is no reordering to address.

Likely an incorrect or invalid review comment.

cmd/zetae2e/local/local.go (1)

420-420: LGTM!

The new ALT test variants are correctly registered in the Solana and SPL test suites, following the existing pattern and conditional logic.

Also applies to: 442-442

zetaclient/chains/solana/signer/increment_nonce.go (1)

54-54: LGTM!

The signTx call signature has been correctly extended with nil ALT parameters, consistent with the broader ALT integration across the signer implementation.

zetaclient/chains/solana/observer/outbound.go (1)

262-263: LGTM!

The addition of MaxSupportedTransactionVersion is necessary to query versioned transactions (v0) that use Address Lookup Tables. This change correctly enables ALT transaction retrieval while maintaining finalized commitment.

zetaclient/chains/solana/observer/inbound_parser.go (1)

208-213: LGTM!

The conversion of inner instructions to CompiledInstruction standardizes instruction handling and aligns with the top-level instruction processing pattern, improving type consistency across the ALT-enabled parsing flow.

zetaclient/chains/solana/signer/whitelist.go (1)

52-52: LGTM!

The signTx call signature has been correctly extended with nil ALT parameters, consistent with the ALT integration pattern across the signer implementation.

e2e/e2etests/test_spl_withdraw_and_call_revert.go (2)

94-94: LGTM!

The WithdrawAndCallSPLZRC20 invocation correctly uses the encoded message payload, consistent with the updated API signature.

---

71-89: Verify account ordering against the connected program
Could not locate the on_call handler or #[account] structs in the program sources—please confirm the ExecuteMsg.Accounts slice matches the on-chain program’s expected account order and writability flags.

e2e/e2etests/test_spl_withdraw_and_call.go (2)

91-91: LGTM!

The WithdrawAndCallSPLZRC20 invocation correctly uses the encoded message payload, consistent with the updated API signature.

---

68-86: Verify account ordering matches connected program’s expectations
Could not locate the connected program’s on_call handler or #[account] definitions in this repo; please manually confirm that the account order and writeability flags align with the program’s requirements.

zetaclient/chains/solana/signer/withdraw.go (1)

44-44: Ignore prepareExecuteMsg relocation concern. The prepareExecuteMsg method remains implemented in execute.go and its logic is intact.

Likely an incorrect or invalid review comment.

e2e/e2etests/e2etests.go (1)

74-74: ALT test registrations and labels look good

New ALT constants and test entries are consistent with existing patterns and min versioning. SPL arg description updates are clear.

Ensure the corresponding test implementations gracefully handle 1 vs 3 args. In particular, confirm they don’t index args[1]/args[2] when only the amount is provided (see the ALT e2e tests).

Also applies to: 95-95, 746-756, 801-801, 806-816, 821-821

pkg/contracts/solana/gateway_message_test.go (1)

116-117: Constructor updates align with new ALT parameters

Passing nil for optional ALT params preserves previous behavior while matching new signatures. Hash expectations remain stable.

Also applies to: 142-143, 165-166, 190-191

zetaclient/chains/solana/signer/signer.go (3)

279-287: ALT-aware signTx: looks good; ensure address-table mapping consistency.

Inclusion of TransactionAddressTables when alt/addrs are provided is correct. Please verify the ordering of addrs matches the on-chain ALT state to avoid incorrect account index resolution at runtime.

Also applies to: 304-315, 316-317

---

391-392: Fallback tx excludes ALT as intended.

Passing nil ALT/addrs on fallback is correct so the increment-nonce path stays minimal.

---

410-419: ALT plumbed into createOutboundWithFallback appropriately.

Signature/usage changes are consistent with signTx; no issues.

Also applies to: 421-422

zetaclient/chains/solana/signer/execute.go (2)

49-56: ALT context propagation into outbound creation is correct.

Forwarding msg.ALT()/ALTStateAddresses() into createOutboundWithFallback aligns signer with message format.

---

166-169: MsgExecute fields: Data() and ALT metadata wiring LGTM.

Switch to msg.Data() and passing ALT address/state addresses is consistent with new ABI and signer plumbing.

Please confirm NewMsgExecute expects nil ALT parameters for the legacy path.

Also applies to: 177-182

zetaclient/chains/solana/signer/execute_spl.go (2)

45-52: ALT plumbed into outbound creation for SPL path.

Forwarding msg.ALT()/ALTStateAddresses() here mirrors SOL path and looks correct.

---

118-121: SPL execute param prep and ALT fields wiring LGTM.

Using prepareExecuteMsgParams and msg.Data()/ALT metadata is consistent with execute.go.

Confirm NewMsgExecuteSPL handles nil ALT parameters for legacy messages.

Also applies to: 133-138

pkg/contracts/solana/gateway_message.go (4)

269-273: LGTM: ALT fields follow existing patterns.

The new fields altAddress and altStateAddresses are appropriately typed and documented. Using a pointer for altAddress allows optional ALT usage (nil when not applicable), and the slice accommodates variable-length address lists.

---

277-299: LGTM: Constructor updated correctly.

The constructor signature is extended with the new ALT parameters, which are correctly assigned to the struct fields. Adding parameters at the end maintains a logical flow and aligns with the file's existing patterns.

---

586-590: LGTM: ALT fields consistent with MsgExecute.

The ALT fields in MsgExecuteSPL mirror those in MsgExecute, maintaining consistency across the message types.

---

594-620: LGTM: Constructor updated correctly.

The constructor changes for NewMsgExecuteSPL follow the same pattern as NewMsgExecute, with the ALT parameters correctly added and assigned.

[lumtis]

The code looks good to me, we'll have to do some manual testing

[kingpinXD]

Looks good