@@ -255,13 +255,15 @@ impl Service {
255255 & self ,
256256 tx : & VersionedTransaction ,
257257 user_wallet : & Pubkey ,
258+ relayer_wallet : & Pubkey ,
258259 ) -> Result < ( ) , RestError > {
259260 for ( index, ix) in tx. message . instructions ( ) . iter ( ) . enumerate ( ) {
260261 self . validate_swap_transaction_instruction (
261262 ix. program_id ( tx. message . static_account_keys ( ) ) ,
262263 ix,
263264 tx,
264265 user_wallet,
266+ relayer_wallet,
265267 index,
266268 )
267269 . await ?;
@@ -277,6 +279,7 @@ impl Service {
277279 ix : & CompiledInstruction ,
278280 tx : & VersionedTransaction ,
279281 user_wallet : & Pubkey ,
282+ relayer_wallet : & Pubkey ,
280283 ix_index : usize ,
281284 ) -> Result < ( ) , RestError > {
282285 match self . check_approved_program_instruction ( program_id, ix) {
@@ -285,7 +288,7 @@ impl Service {
285288 // TODO: this loop will be slow and invoke many rpc calls if there are many lookup accounts. either parallelize this extraction or limit number of lookup accounts
286289 for i in 0 ..ix. accounts . len ( ) {
287290 let account_key = self . extract_account ( tx, ix, i) . await ?;
288- if account_key == * user_wallet {
291+ if ( account_key == * user_wallet) | ( account_key == * relayer_wallet ) {
289292 return Err ( RestError :: InvalidInstruction ( Some ( ix_index) , e) ) ;
290293 }
291294 }
@@ -1061,6 +1064,7 @@ impl Service {
10611064 self . validate_swap_transaction_instructions (
10621065 bid_chain_data_create_svm. get_transaction ( ) ,
10631066 & user_wallet,
1067+ & self . config . chain_config . express_relay . relayer . pubkey ( ) ,
10641068 )
10651069 . await ?;
10661070
@@ -2645,7 +2649,7 @@ mod tests {
26452649 vec![ AccountMeta {
26462650 pubkey: user_wallet_address,
26472651 is_signer: false ,
2648- is_writable: true ,
2652+ is_writable: false ,
26492653 } ] ,
26502654 ) ,
26512655 Instruction :: new_with_bincode(
@@ -2677,6 +2681,61 @@ mod tests {
26772681 }
26782682 }
26792683
2684+ #[ tokio:: test]
2685+ async fn test_verify_bid_when_arbitrary_program_invokes_relayer ( ) {
2686+ let ( service, opportunities) = get_service ( true ) ;
2687+ let opportunity = opportunities. user_token_specified . clone ( ) ;
2688+ let bid_amount = 1 ;
2689+ let searcher = Keypair :: new ( ) ;
2690+ let swap_instruction = svm:: Svm :: get_swap_instruction ( GetSwapInstructionParams {
2691+ searcher : searcher. pubkey ( ) ,
2692+ opportunity_params : get_opportunity_params ( opportunity. clone ( ) ) ,
2693+ bid_amount,
2694+ deadline : ( OffsetDateTime :: now_utc ( ) + Duration :: seconds ( 30 ) ) . unix_timestamp ( ) ,
2695+ fee_receiver_relayer : Pubkey :: new_unique ( ) ,
2696+ relayer_signer : service. config . chain_config . express_relay . relayer . pubkey ( ) ,
2697+ } )
2698+ . unwrap ( ) ;
2699+ let relayer = service. config . chain_config . express_relay . relayer . pubkey ( ) ;
2700+ let instructions = vec ! [
2701+ Instruction :: new_with_bincode(
2702+ Pubkey :: new_unique( ) ,
2703+ & "" ,
2704+ vec![ AccountMeta {
2705+ pubkey: relayer,
2706+ is_signer: false ,
2707+ is_writable: false ,
2708+ } ] ,
2709+ ) ,
2710+ Instruction :: new_with_bincode(
2711+ Pubkey :: new_unique( ) ,
2712+ & "" ,
2713+ vec![ AccountMeta {
2714+ pubkey: relayer,
2715+ is_signer: true ,
2716+ is_writable: true ,
2717+ } ] ,
2718+ ) ,
2719+ ] ;
2720+ for instruction in instructions. into_iter ( ) {
2721+ let program_id = instruction. program_id ;
2722+ let result = get_verify_bid_result (
2723+ service. clone ( ) ,
2724+ searcher. insecure_clone ( ) ,
2725+ vec ! [ instruction, swap_instruction. clone( ) ] ,
2726+ opportunities. user_token_specified . clone ( ) ,
2727+ )
2728+ . await ;
2729+ assert_eq ! (
2730+ result. unwrap_err( ) ,
2731+ RestError :: InvalidInstruction (
2732+ Some ( 0 ) ,
2733+ InstructionError :: UnapprovedProgramId ( program_id)
2734+ )
2735+ ) ;
2736+ }
2737+ }
2738+
26802739 #[ tokio:: test]
26812740 async fn test_verify_bid_when_arbitrary_program_does_not_invoke_user ( ) {
26822741 let ( service, opportunities) = get_service ( true ) ;
0 commit comments