From cc43721cac7427d5282923e75f937fcae5def619 Mon Sep 17 00:00:00 2001
From: ygd58 <buraysandro9@gmail.com>
Date: Fri, 27 Mar 2026 22:51:01 +0100
Subject: [PATCH] feat: add owner_program_id field to AccountWithMetadata

Programs can now verify that input accounts are owned by themselves,
preventing spoofing attacks where malicious programs pass fake accounts
with matching data layouts.

Changes:
- Add optional owner_program_id field to AccountWithMetadata
- Add with_owner_program_id() builder method
- Backward compatible: serde(default) = None for existing data

Usage in programs:
  if let Some(owner) = account.owner_program_id {
      assert_eq!(owner, SELF_PROGRAM_ID, 'account not owned by this program');
  }

Fixes #347
---
 nssa/core/src/account.rs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/nssa/core/src/account.rs b/nssa/core/src/account.rs
index 0f9248e3..c1e5b0ad 100644
--- a/nssa/core/src/account.rs
+++ b/nssa/core/src/account.rs
@@ -126,6 +126,11 @@ pub struct AccountWithMetadata {
     pub account: Account,
     pub is_authorized: bool,
     pub account_id: AccountId,
+    /// The program that owns this account. Programs can use this to verify
+    /// that an input account is owned by themselves, preventing spoofing attacks.
+    /// See: https://github.com/logos-blockchain/logos-execution-zone/issues/347
+    #[serde(default)]
+    pub owner_program_id: Option<crate::program::ProgramId>,
 }
 
 #[cfg(feature = "host")]
@@ -135,8 +140,14 @@ impl AccountWithMetadata {
             account,
             is_authorized,
             account_id: account_id.into(),
+            owner_program_id: None,
         }
     }
+
+    pub fn with_owner_program_id(mut self, program_id: crate::program::ProgramId) -> Self {
+        self.owner_program_id = Some(program_id);
+        self
+    }
 }
 
 #[derive(