Category: Coding Mistakes
Incorrectly requiring accounts to be a signer
Low Impact
Low Severity
High Likelihood
Description
The new implementation of the system program incorrectly requires one of the accounts passed to the AllocateWithSeed and AssignWithSeed instructions to be signers.
In the new implementation, both accounts passed to the instruction are required to be signers of the transaction.
Here is an example for AllocateWithSeed:
pub fn invoke_signed(&self, signers: &[Signer]) -> ProgramResult {
// account metadata
let account_metas: [AccountMeta; 2] = [
AccountMeta::writable_signer(self.account.key()),
AccountMeta::readonly_signer(self.base.key()),
];
...Here is an example for AssignWithSeed:
pub fn invoke_signed(&self, signers: &[Signer]) -> ProgramResult {
// account metadata
let account_metas: [AccountMeta; 2] = [
AccountMeta::writable_signer(self.account.key()),
AccountMeta::readonly_signer(self.base.key()),
];
...The current implementation of the system program does not require both accounts to be signers of the transaction.
Here is the allocate_with_seed example:
pub fn allocate_with_seed(
address: &Pubkey, // must match create_with_seed(base, seed, owner)
base: &Pubkey,
seed: &str,
space: u64,
owner: &Pubkey,
) -> Instruction {
let account_metas = vec![
AccountMeta::new(*address, false),
AccountMeta::new_readonly(*base, true),
];
...Here is the assign_with_seed example:
#[cfg(feature = "bincode")]
pub fn assign_with_seed(
address: &Pubkey, // must match create_with_seed(base, seed, owner)
base: &Pubkey,
seed: &str,
owner: &Pubkey,
) -> Instruction {
let account_metas = vec![
AccountMeta::new(*address, false),
AccountMeta::new_readonly(*base, true),
];
...Impact
The new implementation would break programs that rely on the correct signer flags to be set.
Recommendations
Adjust the signer flags so they match the current implementation of the system program.