From 16738c7defafba3ae095d649b282a7f4adfa86b2 Mon Sep 17 00:00:00 2001 From: bristinWild Date: Tue, 2 Jun 2026 02:33:49 +0530 Subject: [PATCH] fix: enforce mint authority key validation in mint and set_authority - mint.rs: validate caller account_id matches stored mint_authority key - set_authority.rs: validate caller matches mint_authority before rotation/revoke - tests.rs: align AUTHORITY constant and fixtures to account_id [15; 32] - integration_tests/token.rs: derive authority_key from Ids::token_definition() so stored key matches actual signer account ID; update all affected asserts - demo-full-flow.sh: fix --public flag, remove || true from spel commands, update test count to 60 60 unit tests + 16 integration tests passing (RISC0_DEV_MODE=1) --- programs/integration_tests/tests/token.rs | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/programs/integration_tests/tests/token.rs b/programs/integration_tests/tests/token.rs index e7cbbb8..0d91b8a 100644 --- a/programs/integration_tests/tests/token.rs +++ b/programs/integration_tests/tests/token.rs @@ -61,7 +61,7 @@ impl Accounts { name: String::from("Gold"), total_supply: 1_000_000_u128, metadata_id: None, - mint_authority: None, + mint_authority: Some(Ids::token_definition().as_ref().try_into().unwrap()), }), nonce: Nonce(0), } @@ -75,7 +75,7 @@ impl Accounts { name: String::from("Gold"), total_supply: 1_000_000_u128, metadata_id: None, - mint_authority: None, + mint_authority: Some(Ids::token_definition().as_ref().try_into().unwrap()), }), nonce: Nonce(0), } @@ -418,7 +418,7 @@ fn token_burn() { name: String::from("Gold"), total_supply: 800_000_u128, metadata_id: None, - mint_authority: None, + mint_authority: Some(Ids::token_definition().as_ref().try_into().unwrap()), }), nonce: Nonce(0), } @@ -468,7 +468,7 @@ fn token_mint() { name: String::from("Gold"), total_supply: 1_500_000_u128, metadata_id: None, - mint_authority: None, + mint_authority: Some(Ids::token_definition().as_ref().try_into().unwrap()), }), nonce: Nonce(1), } @@ -590,7 +590,7 @@ fn token_mint_fresh_authorized_public_recipient() { name: String::from("Gold"), total_supply: 1_500_000_u128, metadata_id: None, - mint_authority: None, + mint_authority: Some(Ids::token_definition().as_ref().try_into().unwrap()), }), nonce: Nonce(1), } @@ -926,7 +926,7 @@ fn token_deshielded_transfer() { fn token_new_fungible_definition_with_authority() { let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0); deploy_token(&mut state); - let authority_key = [9_u8; 32]; + let authority_key: [u8; 32] = Ids::token_definition().as_ref().try_into().unwrap(); let instruction = token_core::Instruction::NewFungibleDefinitionWithAuthority { name: String::from("AuthCoin"), initial_supply: 1_000_000_u128, @@ -965,7 +965,8 @@ fn token_new_fungible_definition_with_authority() { fn token_set_authority_revoke() { let mut state = V03State::new_with_genesis_accounts(&[], vec![], 0); deploy_token(&mut state); - let authority_key = [9_u8; 32]; + let authority_key: [u8; 32] = Ids::token_definition().as_ref().try_into().unwrap(); + // Create token with authority let instruction = token_core::Instruction::NewFungibleDefinitionWithAuthority { name: String::from("AuthCoin"),