refactor(pda): use descriptive string seeds for PDA derivation#191
Open
0x-r4bbit wants to merge 1 commit into
Open
refactor(pda): use descriptive string seeds for PDA derivation#1910x-r4bbit wants to merge 1 commit into
0x-r4bbit wants to merge 1 commit into
Conversation
Replace the hardcoded numeric byte-stream seeds ([0; 32], [1; 32], ...)
used for domain separation in PDA derivation with descriptive byte-string
constants, mirroring the AMM config account's existing b"CONFIG" seed.
amm: [0; 32] -> b"LIQUIDITY_TOKEN"
[1; 32] -> b"LP_LOCK_HOLDING"
stablecoin: [0; 32] -> b"POSITION"
[1; 32] -> b"POSITION_VAULT"
twap_oracle: [2; 32] -> b"PRICE_OBSERVATIONS"
[3; 32] -> b"ORACLE_PRICE_ACCOUNT"
[4; 32] -> b"CURRENT_TICK_ACCOUNT"
Since the seeds are now variable-length, each compute_*_pda_seed function
builds its hash input with a Vec and extend_from_slice instead of a
fixed-size buffer with offset writes.
Closes #146
There was a problem hiding this comment.
Pull request overview
Refactors PDA derivation across the AMM, Stablecoin, and TWAP Oracle core crates by replacing numeric 32-byte domain-separation seeds ([0; 32], [1; 32], …) with descriptive byte-string tags (e.g. b"POSITION"), and updates the hash preimage construction to support variable-length seeds.
Changes:
- Replace hardcoded numeric
[u8; 32]PDA seed constants with descriptive&[u8]byte-string constants. - Update
compute_*_pda_seedhelpers to build hash inputs usingVec+extend_from_slicerather than fixed-size buffers. - Adjust documentation comments describing the PDA seed hash inputs.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 10 comments.
| File | Description |
|---|---|
| programs/amm/core/src/lib.rs | Switch AMM liquidity/LP-lock PDA domain separators to string tags; update seed hashing input assembly. |
| programs/stablecoin/core/src/lib.rs | Switch Stablecoin position/vault PDA domain separators to string tags; update seed hashing input assembly. |
| programs/twap_oracle/core/src/lib.rs | Switch TWAP oracle PDA domain separators to string tags; update seed hashing input assembly. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+11
to
+14
| // These stable domain-separation tags are part of the PDA derivation scheme and must stay | ||
| // unchanged for address compatibility. | ||
| const LIQUIDITY_TOKEN_PDA_SEED: &[u8] = b"LIQUIDITY_TOKEN"; | ||
| const LP_LOCK_HOLDING_PDA_SEED: &[u8] = b"LP_LOCK_HOLDING"; |
Comment on lines
+11
to
+14
| // Stable domain-separation tags for the position PDAs; these must stay unchanged for address | ||
| // compatibility. | ||
| const POSITION_PDA_DOMAIN: &[u8] = b"POSITION"; | ||
| const POSITION_VAULT_PDA_DOMAIN: &[u8] = b"POSITION_VAULT"; |
| // ────────────────────────────────────────────────────────────────────────────── | ||
|
|
||
| const PRICE_OBSERVATIONS_PDA_SEED: [u8; 32] = [2; 32]; | ||
| const PRICE_OBSERVATIONS_PDA_SEED: &[u8] = b"PRICE_OBSERVATIONS"; |
| let (pool_bytes, seed_bytes) = bytes.split_at_mut(32); | ||
| pool_bytes.copy_from_slice(&pool_id.to_bytes()); | ||
| seed_bytes.copy_from_slice(&LIQUIDITY_TOKEN_PDA_SEED); | ||
| let mut bytes = Vec::new(); |
| let (pool_bytes, seed_bytes) = bytes.split_at_mut(32); | ||
| pool_bytes.copy_from_slice(&pool_id.to_bytes()); | ||
| seed_bytes.copy_from_slice(&LP_LOCK_HOLDING_PDA_SEED); | ||
| let mut bytes = Vec::new(); |
| bytes[0..32].copy_from_slice(&owner_id.to_bytes()); | ||
| bytes[32..64].copy_from_slice(&collateral_definition_id.to_bytes()); | ||
| bytes[64..96].copy_from_slice(&POSITION_PDA_DOMAIN); | ||
| let mut bytes = Vec::new(); |
| let mut bytes = [0u8; 64]; | ||
| bytes[0..32].copy_from_slice(&position_id.to_bytes()); | ||
| bytes[32..64].copy_from_slice(&POSITION_VAULT_PDA_DOMAIN); | ||
| let mut bytes = Vec::new(); |
| bytes[..32].copy_from_slice(&price_source_id.to_bytes()); | ||
| bytes[32..40].copy_from_slice(&window_duration.to_le_bytes()); | ||
| bytes[40..72].copy_from_slice(&PRICE_OBSERVATIONS_PDA_SEED); | ||
| let mut bytes = Vec::new(); |
| bytes[..32].copy_from_slice(&price_source_id.to_bytes()); | ||
| bytes[32..40].copy_from_slice(&window_duration.to_le_bytes()); | ||
| bytes[40..72].copy_from_slice(&ORACLE_PRICE_ACCOUNT_PDA_SEED); | ||
| let mut bytes = Vec::new(); |
| let mut bytes = [0u8; 64]; | ||
| bytes[..32].copy_from_slice(&price_source_id.to_bytes()); | ||
| bytes[32..64].copy_from_slice(&CURRENT_TICK_ACCOUNT_PDA_SEED); | ||
| let mut bytes = Vec::new(); |
3esmit
approved these changes
Jun 19, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replace the hardcoded numeric byte-stream seeds ([0; 32], [1; 32], ...) used for domain separation in PDA derivation with descriptive byte-string constants, mirroring the AMM config account's existing b"CONFIG" seed.
amm: [0; 32] -> b"LIQUIDITY_TOKEN"
[1; 32] -> b"LP_LOCK_HOLDING"
stablecoin: [0; 32] -> b"POSITION"
[1; 32] -> b"POSITION_VAULT"
twap_oracle: [2; 32] -> b"PRICE_OBSERVATIONS"
[3; 32] -> b"ORACLE_PRICE_ACCOUNT"
[4; 32] -> b"CURRENT_TICK_ACCOUNT"
Since the seeds are now variable-length, each compute_*_pda_seed function builds its hash input with a Vec and extend_from_slice instead of a fixed-size buffer with offset writes.
Closes #146