feat(amm): add admin authority and UpdateConfig instruction#151
Merged
Conversation
Add an admin authority to the AMM config so configuration can be changed after initialization. AmmConfig gains an `authority` field, set by Initialize, and a new UpdateConfig instruction lets that admin change config values. UpdateConfig is access-controlled: the authority account must equal the stored config.authority and be passed authorized (signed). Both fields are optional — token_program_id updates the chained-call token program, and new_authority transfers admin control to a different account. Without this gate any caller could repoint the AMM at a malicious token program.
gravityblast
approved these changes
Jun 19, 2026
There was a problem hiding this comment.
Pull request overview
This PR adds an admin authority to the AMM’s singleton config account and introduces a new UpdateConfig instruction so the token program ID and/or admin authority can be changed after initialization, with signature-based access control.
Changes:
- Extend
AmmConfigwith anauthority: AccountIdfield and updateInitializeto set it. - Add
UpdateConfiginstruction + program implementation that only allows the configured authority (signed) to mutate config fields. - Update guest method handlers, IDL artifacts, and integration/unit tests to cover the new config layout and access control behavior.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| programs/integration_tests/tests/amm.rs | Adds admin key/id helpers and new integration tests covering UpdateConfig behavior and authority handoff. |
| programs/amm/src/update_config.rs | Implements update_config handler with authority checks; adds unit tests for happy path and failure cases. |
| programs/amm/src/tests.rs | Updates AMM test scaffolding to include the new authority field in config data. |
| programs/amm/src/lib.rs | Exposes the new update_config module. |
| programs/amm/src/initialize.rs | Extends initialize to store authority in config; updates tests accordingly. |
| programs/amm/methods/guest/src/bin/amm.rs | Updates the guest instruction interface for Initialize and adds guest handler for UpdateConfig. |
| programs/amm/core/src/lib.rs | Updates the core instruction enum and AmmConfig struct to include authority; documents UpdateConfig. |
| artifacts/amm-idl.json | Updates IDL to include the new initialize arg and new update_config instruction + updated config type. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add an admin authority to the AMM config so configuration can be changed after initialization. AmmConfig gains an
authorityfield, set by Initialize, and a new UpdateConfig instruction lets that admin change config values.UpdateConfig is access-controlled: the authority account must equal the stored config.authority and be passed authorized (signed). Both fields are optional — token_program_id updates the chained-call token program, and new_authority transfers admin control to a different account. Without this gate any caller could repoint the AMM at a malicious token program.