Second review round on PR #125 (LP-0013):
- set_authority now rejects foreign-owned definitions. It takes the
ProgramContext and asserts definition_account.program_owner ==
self_program_id, matching mint and initialize_account. Without this a
foreign-owned account with token-shaped data could have its authority
field rewritten. Added test_set_authority_rejects_foreign_owned_definition.
- demo-full-flow.sh now calls instruction and flag names that exist in
the regenerated token IDL: new-fungible-definition (was the nonexistent
new-fungible-definition-with-authority), --total-supply (was
--initial-supply), and drops --authority-account for the self-authority
mint/set-authority path (the rest account is --authority-accounts and is
empty when the definition is its own authority).
- Stripped a trailing-space lint nit in docs/LP-0013-README.md.
- set_authority rejects all-zero new_authority on rotation (matches creation guard)
- SetAuthority/Mint doc comments now list the required authority signer account
- README: add --authority-account to mint/set-authority CLI examples,
correct error-code table to actual panic strings, make program ID build-dependent