Skip to content

Commit ae220ce

Browse files
armaniferrantearmaniferrante
committed
Invalidate transactions when owner set changes
1 parent be70755 commit ae220ce

File tree

2 files changed

+12
-1
lines changed

2 files changed

+12
-1
lines changed

programs/multisig/src/lib.rs

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ pub mod multisig {
3939
multisig.owners = owners;
4040
multisig.threshold = threshold;
4141
multisig.nonce = nonce;
42+
multisig.owner_set_seqno = 0;
4243
Ok(())
4344
}
4445

@@ -69,6 +70,7 @@ pub mod multisig {
6970
tx.signers = signers;
7071
tx.multisig = *ctx.accounts.multisig.to_account_info().key;
7172
tx.did_execute = false;
73+
tx.owner_set_seqno = ctx.accounts.multisig.owner_set_seqno;
7274

7375
Ok(())
7476
}
@@ -98,6 +100,8 @@ pub mod multisig {
98100
}
99101

100102
multisig.owners = owners;
103+
multisig.owner_set_seqno += 1;
104+
101105
Ok(())
102106
}
103107

@@ -184,6 +188,7 @@ pub struct CreateTransaction<'info> {
184188

185189
#[derive(Accounts)]
186190
pub struct Approve<'info> {
191+
#[account("multisig.owner_set_seqno == transaction.owner_set_seqno")]
187192
multisig: ProgramAccount<'info, Multisig>,
188193
#[account(mut, belongs_to = multisig)]
189194
transaction: ProgramAccount<'info, Transaction>,
@@ -205,6 +210,7 @@ pub struct Auth<'info> {
205210

206211
#[derive(Accounts)]
207212
pub struct ExecuteTransaction<'info> {
213+
#[account("multisig.owner_set_seqno == transaction.owner_set_seqno")]
208214
multisig: ProgramAccount<'info, Multisig>,
209215
#[account(seeds = [
210216
multisig.to_account_info().key.as_ref(),
@@ -220,6 +226,7 @@ pub struct Multisig {
220226
owners: Vec<Pubkey>,
221227
threshold: u64,
222228
nonce: u8,
229+
owner_set_seqno: u32,
223230
}
224231

225232
#[account]
@@ -236,6 +243,8 @@ pub struct Transaction {
236243
signers: Vec<bool>,
237244
// Boolean ensuring one time execution.
238245
did_execute: bool,
246+
// Owner set sequence number.
247+
owner_set_seqno: u32,
239248
}
240249

241250
impl From<&Transaction> for Instruction {

tests/multisig.js

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,10 +40,10 @@ describe("multisig", () => {
4040
});
4141

4242
let multisigAccount = await program.account.multisig(multisig.publicKey);
43-
4443
assert.equal(multisigAccount.nonce, nonce);
4544
assert.ok(multisigAccount.threshold.eq(new anchor.BN(2)));
4645
assert.deepEqual(multisigAccount.owners, owners);
46+
assert.ok(multisigAccount.ownerSetSeqno === 0);
4747

4848
const pid = program.programId;
4949
const accounts = [
@@ -88,6 +88,7 @@ describe("multisig", () => {
8888
assert.deepEqual(txAccount.data, data);
8989
assert.ok(txAccount.multisig.equals(multisig.publicKey));
9090
assert.equal(txAccount.didExecute, false);
91+
assert.ok(txAccount.ownerSetSeqno === 0);
9192

9293
// Other owner approves transactoin.
9394
await program.rpc.approve({
@@ -129,5 +130,6 @@ describe("multisig", () => {
129130
assert.equal(multisigAccount.nonce, nonce);
130131
assert.ok(multisigAccount.threshold.eq(new anchor.BN(2)));
131132
assert.deepEqual(multisigAccount.owners, newOwners);
133+
assert.ok(multisigAccount.ownerSetSeqno === 1);
132134
});
133135
});

0 commit comments

Comments
 (0)