diff --git a/nssa/core/src/account.rs b/nssa/core/src/account.rs index 0f9248e3..c1e5b0ad 100644 --- a/nssa/core/src/account.rs +++ b/nssa/core/src/account.rs @@ -126,6 +126,11 @@ pub struct AccountWithMetadata { pub account: Account, pub is_authorized: bool, pub account_id: AccountId, + /// The program that owns this account. Programs can use this to verify + /// that an input account is owned by themselves, preventing spoofing attacks. + /// See: https://github.com/logos-blockchain/logos-execution-zone/issues/347 + #[serde(default)] + pub owner_program_id: Option, } #[cfg(feature = "host")] @@ -135,8 +140,14 @@ impl AccountWithMetadata { account, is_authorized, account_id: account_id.into(), + owner_program_id: None, } } + + pub fn with_owner_program_id(mut self, program_id: crate::program::ProgramId) -> Self { + self.owner_program_id = Some(program_id); + self + } } #[derive( diff --git a/nssa/src/public_transaction/transaction.rs b/nssa/src/public_transaction/transaction.rs index 8c46c88f..cc1e625a 100644 --- a/nssa/src/public_transaction/transaction.rs +++ b/nssa/src/public_transaction/transaction.rs @@ -112,11 +112,20 @@ impl PublicTransaction { .account_ids .iter() .map(|account_id| { + let account = state.get_account_by_id(*account_id); + let owner_program_id = account.program_owner; + let is_default_owner = owner_program_id == nssa_core::program::DEFAULT_PROGRAM_ID; AccountWithMetadata::new( - state.get_account_by_id(*account_id), + account, signer_account_ids.contains(account_id), *account_id, ) + .with_owner_program_id(if is_default_owner { + // Uninitialized accounts have no meaningful owner + nssa_core::program::DEFAULT_PROGRAM_ID + } else { + owner_program_id + }) }) .collect();