Skip to content

Feat/sol contract whitelist policy #349

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 17 commits into
base: main
Choose a base branch
from
Open

Feat/sol contract whitelist policy #349

wants to merge 17 commits into from
+1,465 −171

Conversation

@spacesailor24
Copy link
Contributor

@spacesailor24 spacesailor24 commented Sep 27, 2025
edited
Loading

Description

Adds a new Policy for restricting what contracts can be called by transactions signed by the @lit-protocol/vincent-ability-sol-transaction-signer Ability

Users whitelist specific Solana program IDs for each available Solana cluster (network i.e. devnet, testnet, mainnet-beta)

Type of change

  • New feature (non-breaking change which adds functionality)

How Has This Been Tested?

Adds the policy to the existing E2E Solana tx signer Ability tests. Verifies a transaction is permitted to sign calling a whitelisted program on devnet, but Ability execution is denied when making a signing request to execute the same program on mainnet-beta (which has no whitelisted programs)

Checklist:

  • I created a release plan (nx release plan) describing my changes and the version bump
  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

@vercel
Copy link

vercel bot commented Sep 27, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
vincent-app-dashboard Ready Ready Preview Comment Oct 4, 2025 5:16am
vincent-docs Ready Ready Preview Comment Oct 4, 2025 5:16am

Base automatically changed from feat/sol-sign-ability to feat/delegated-wks October 3, 2025 06:26
@spacesailor24 spacesailor24 marked this pull request as ready for review October 4, 2025 04:04
@spacesailor24 spacesailor24 requested a review from Copilot October 4, 2025 04:04
Copilot AI reviewed Oct 4, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces a new Solana contract whitelist policy that restricts which programs can be called by transactions signed by the @lit-protocol/vincent-ability-sol-transaction-signer Ability. Users can whitelist specific Solana program IDs for each available Solana cluster (devnet, testnet, mainnet-beta).

  • Adds a new @lit-protocol/vincent-policy-sol-contract-whitelist package with validation logic
  • Integrates the policy with the existing Solana transaction signer ability
  • Updates E2E tests to verify policy enforcement across different clusters

Reviewed Changes

Copilot reviewed 34 out of 65 changed files in this pull request and generated 3 comments.

File Description
packages/apps/policy-sol-contract-whitelist/ New policy package implementation with schemas, validation logic, and build configuration
packages/apps/ability-sol-transaction-signer/ Integration of the new whitelist policy and schema updates
packages/apps/abilities-e2e/ Enhanced E2E tests to validate policy enforcement scenarios
nx.json Build configuration updates
Files not reviewed (1)
  • pnpm-lock.yaml: Language not supported
Comments suppressed due to low confidence (1)

packages/apps/policy-sol-contract-whitelist/src/lib/lit-action-helpers/deserializeTransaction.ts:1

  • The deserialization logic is duplicated between this file and the ability's deserializeTransaction helper. Consider extracting this logic to a shared utility module to avoid code duplication and ensure consistent behavior across both implementations.
import { Transaction, VersionedTransaction } from '@solana/web3.js';

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

spacesailor24
spacesailor24 commented Oct 4, 2025
View reviewed changes
packages/apps/abilities-e2e/test-e2e/solana-transaction-signer.spec.ts
const precheckResult = await client.precheck(
{
rpcUrl: SOL_RPC_URL,
rpcUrl: null,
Copy link
Contributor Author

@spacesailor24 spacesailor24 Oct 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm having to pass rpcUrl: null for both precheck and execute and make the parameter .optional().nullable() in both the Policy and Ability schemas in order to support having an optional parameter for a Policy

rpcUrl is something we want as a optional param for Policy/Ability precheck because otherwise we'd be using the publically available SOL RPC packaged in the web3.js SDK. However this RPC can be throttled and rate limited, so it needs to be possible for the caller to pass their own RPC URL for precheck to function. This isn't an issue with execute because the Lit nodes have their own private RPC available

However, when defining:

const ProgramWhitelistPolicy = createVincentAbilityPolicy({
  abilityParamsSchema,
  bundledVincentPolicy,
  abilityParameterMappings: {
    rpcUrl: 'rpcUrl',
    cluster: 'cluster',
    serializedTransaction: 'serializedTransaction',
  },
});

this throws an error if rpcUrl is undefined. The workaround is to pass null but this is bad Devx because you must pass rpcUrl: null whenever the Policy is enabled for the Ability

Base automatically changed from feat/delegated-wks to main October 9, 2025 02:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@awisniew207 awisniew207 Awaiting requested review from awisniew207 awisniew207 is a code owner

@Ansonhkg Ansonhkg Awaiting requested review from Ansonhkg Ansonhkg is a code owner

@DashKash54 DashKash54 Awaiting requested review from DashKash54 DashKash54 is a code owner

@FedericoAmura FedericoAmura Awaiting requested review from FedericoAmura FedericoAmura is a code owner

@MaximusHaximus MaximusHaximus Awaiting requested review from MaximusHaximus MaximusHaximus is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@spacesailor24