Program security - Signer auth lesson updated #432
Conversation
…o fix-program-security-signer-auth
… into fix-program-security-signer-auth
… into fix-program-security-signer-auth
There was a problem hiding this comment.
More excellent work with great attention to detail @0xCipherCoder. Some small changes needed but marking this as the winner assuming you do them. 🏆
| - **Signer Checks** are essential to verify that specific accounts have signed a | ||
| transaction. Without proper signer checks, unauthorized accounts may execute | ||
| instructions they shouldn't be allowed to perform. | ||
| - In Rust, implement a signer check by verifying that an account's `is_signer` |
There was a problem hiding this comment.
| - In Rust, implement a signer check by verifying that an account's `is_signer` | |
| - In native Rust, implement a signer check by verifying that an account's `is_signer` |
There was a problem hiding this comment.
Also we should probably start with Anchor, since that's the most common path.
There was a problem hiding this comment.
Updated content to start with Anchor.
| Anchor, the | ||
| [`UncheckedAccount`](https://docs.rs/anchor-lang/latest/anchor_lang/accounts/unchecked_account/struct.UncheckedAccount.html) | ||
| type indicates that no checks are performed on the account before executing the | ||
| instruction handler. |
There was a problem hiding this comment.
I appreciate the attention to detail here.
|
|
||
| ```typescript | ||
| ```rust |
| source Solana program to audit. A great place to start is with the | ||
| [SPL programs](https://github.com/solana-labs/solana-program-library) if | ||
| you’re comfortable working with native Rust. |
There was a problem hiding this comment.
| source Solana program to audit. A great place to start is with the | |
| [SPL programs](https://github.com/solana-labs/solana-program-library) if | |
| you’re comfortable working with native Rust. | |
| source Solana program to audit. A great place to start is with the | |
| [program examples](https://github.com/solana-developers/program-examples) repo. |
There was a problem hiding this comment.
This is a better codebase as it has anchor examples (and could use an audit!).
There was a problem hiding this comment.
Yes, I updated the link for the same.
|
Oh also the repo is cloned to https://github.com/solana-developers/signer-auth/ and your changes are in. |
Thanks! @mikemaccana I have updated the corresponding links for the starter and solution branch in this lesson. |
Thanks! @mikemaccana I have resolved the comments and updated the content accordingly. Please review and let me know if any additional changes are required. |
Problem
Summary of Changes
Fixes #
Unboxed PRs
Starter - Unboxed-Software/solana-signer-auth#6
Solution - Unboxed-Software/solana-signer-auth#7