Skip to content

Commit

Permalink
feat(multisig): make sure no members have unknown permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@vovacodes
vovacodes committed Aug 2, 2023
1 parent 13240af commit 4089d5d
Show file tree
Hide file tree
Showing 5 changed files with 69 additions and 0 deletions.
2 changes: 2 additions & 0 deletions programs/multisig/src/errors.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,4 +60,6 @@ pub enum MultisigError {
SpendingLimitExceeded,
#[msg("Decimals don't match the mint")]
DecimalsMismatch,
#[msg("Member has unknown permission")]
UnknownPermission,
}
6 changes: 6 additions & 0 deletions programs/multisig/src/state/multisig.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,12 @@ impl Multisig {
let has_duplicates = members.windows(2).any(|win| win[0].key == win[1].key);
require!(!has_duplicates, MultisigError::DuplicateMember);

// Members must not have unknown permissions.
require!(
members.iter().all(|m| m.permissions.mask < 8), // 8 = Initiate | Vote | Execute
MultisigError::UnknownPermission
);

// There must be at least one member with Initiate permission.
let num_proposers = Self::num_proposers(members);
require!(num_proposers > 0, MultisigError::NoProposers);
Expand Down
5 changes: 5 additions & 0 deletions sdk/multisig/idl/multisig.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2181,6 +2181,11 @@
"code": 6028,
"name": "DecimalsMismatch",
"msg": "Decimals don't match the mint"
},
{
"code": 6029,
"name": "UnknownPermission",
"msg": "Member has unknown permission"
}
],
"metadata": {
Expand Down
23 changes: 23 additions & 0 deletions sdk/multisig/src/generated/errors/index.ts
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

33 changes: 33 additions & 0 deletions tests/suites/multisig-sdk.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,39 @@ describe("Multisig SDK", () => {
);
});

it("error: member has unknown permission", async () => {
const creator = await generateFundedKeypair(connection);
const member = Keypair.generate();

const createKey = Keypair.generate();
const [multisigPda] = multisig.getMultisigPda({
createKey: createKey.publicKey,
});

await assert.rejects(
() =>
multisig.rpc.multisigCreate({
connection,
createKey,
creator,
multisigPda,
configAuthority: null,
timeLock: 0,
threshold: 1,
members: [
{
key: member.publicKey,
permissions: {
mask: 1 | 2 | 4 | 8,
},
},
],
sendOptions: { skipPreflight: true },
}),
/Member has unknown permission/
);
});

// We cannot really test it because we can't pass u16::MAX members to the instruction.
it("error: too many members");

Expand Down

0 comments on commit 4089d5d

Please sign in to comment.