Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Pinocchio and p-token>Discussion>Less robust Pubkey definition
GeneralOverview
Findings
Critical (1)
High (3)
Medium (1)
Low (3)
Informational (1)
DiscussionNew off-chain implementation of impl_sysvar_get may return different ProgramErrorMissing unsafe in validate_owner functionMissing mut in Pinocchio testsAccounting error in batched instructionsUsage of magic numbers in various locationsThe invoke_signed function now enforces account orderLess robust Pubkey definitionStatically compute max_digits in log macroMessage difference in process_initialize_immutable_ownerThe withdraw_excess_lamports function does not prevent self-transfersThe Default trait implementation for Rent sysvar differs from solana-program
Audit ResultsAssessment Results

Less robust Pubkey definition

In the existing solana-program (and therefore solana-pubkey) crates, the definition for Pubkey is a transparent type that wraps a [u8; 32]. This reflects the use of a powerful design pattern called the "New Type" pattern. This design pattern is often used to help provide type-level safety and distinction to what would otherwise be an arbitrary set of 32 bytes, clearly delineating an instance of those bytes as representing a Pubkey.

The advantages of this design are that it helps prevent logic errors by enabling the compiler to more readily catch misused functions, providing methods on the type that allow further proper state transitions that are specific to operations performed on Pubkeys (such as deriving additional program addresses or seed addresses), and that it makes writing extension methods via extension traits easy.

We noticed the redefinition of Pubkey to instead be a type alias for [u8; 32], which we feel is a step backward in the design and goes against many principles that the Rust language and community value and recognize. We believe that this definition, while implemented to make it easier for serialization frameworks to work with Pubkey, ultimately has more consequences than benefits. We encourage the use of the original, more robust definition.

Zellic © 2025Back to top ↑