Governance: Create mint governance (#1953)

* feat: implement CreateMintGovernance instruction

* fix: ensure mint is initialised in assert_is_valid_spl_token_mint

* fix: ensure token account is initialised in assert_is_valid_spl_token_account

* chore: move account type and instruction to the end to avoid breaking changes

* chore: make clippy happy

Co-authored-by: Jon Cinque <jon.cinque@gmail.com>

Author: SebastianBor

governance/program/src/error.rs

@@ -168,6 +168,10 @@ pub enum GovernanceError {
     #[error("Invalid account owner")]
     InvalidAccountOwner,
 
+    /// Account doesn't exist
+    #[error("Account doesn't exist")]
+    AccountDoesNotExist,
+
     /// Invalid Account type
     #[error("Invalid Account type")]
     InvalidAccountType,
@@ -180,6 +184,18 @@ pub enum GovernanceError {
     #[error("Proposal does not belong to given Governing Mint")]
     InvalidGoverningMintForProposal,
 
+    /// Current mint authority must sign transaction
+    #[error("Current mint authority must sign transaction")]
+    MintAuthorityMustSign,
+
+    /// Invalid mint authority
+    #[error("Invalid mint authority")]
+    InvalidMintAuthority,
+
+    /// Mint has no authority
+    #[error("Mint has no authority")]
+    MintHasNoAuthority,
+
     /// ---- SPL Token Tools Errors ----
 
     /// Invalid Token account owner
@@ -194,6 +210,10 @@ pub enum GovernanceError {
     #[error("Token Account is not initialized")]
     SplTokenAccountNotInitialized,
 
+    /// Token Account doesn't exist
+    #[error("Token Account doesn't exist")]
+    SplTokenAccountDoesNotExist,
+
     /// Token account data is invalid
     #[error("Token account data is invalid")]
     SplTokenInvalidTokenAccountData,
@@ -206,6 +226,10 @@ pub enum GovernanceError {
     #[error("Token Mint account is not initialized")]
     SplTokenMintNotInitialized,
 
+    /// Token Mint account doesn't exist
+    #[error("Token Mint account doesn't exist")]
+    SplTokenMintDoesNotExist,
+
     /// ---- Bpf Upgradable Loader Tools Errors ----
 
     /// Invalid ProgramData account Address

governance/program/src/instruction.rs

@@ -3,7 +3,8 @@
 use crate::{
     state::{
         governance::{
-            get_account_governance_address, get_program_governance_address, GovernanceConfig,
+            get_account_governance_address, get_mint_governance_address,
+            get_program_governance_address, GovernanceConfig,
         },
         proposal::get_proposal_address,
         proposal_instruction::{get_proposal_instruction_address, InstructionData},
@@ -126,7 +127,7 @@ pub enum GovernanceInstruction {
         config: GovernanceConfig,
 
         #[allow(dead_code)]
-        /// Indicate whether Program's upgrade_authority should be transferred to the Governance PDA
+        /// Indicates whether Program's upgrade_authority should be transferred to the Governance PDA
         /// If it's set to false then it can be done at a later time
         /// However the instruction would validate the current upgrade_authority signed the transaction nonetheless
         transfer_upgrade_authority: bool,
@@ -290,6 +291,28 @@ pub enum GovernanceInstruction {
     ///   2. `[]` Clock sysvar
     ///   3+ Any extra accounts that are part of the instruction, in order
     ExecuteInstruction,
+
+    /// Creates Mint Governance account which governs a mint
+    ///
+    ///   0. `[]` Realm account the created Governance belongs to    
+    ///   1. `[writable]` Mint Governance account. PDA seeds: ['mint-governance', realm, governed_mint]
+    ///   2. `[writable]` Mint governed by this Governance account
+    ///   3. `[signer]` Current Mint Authority
+    ///   4. `[signer]` Payer
+    ///   5. `[]` SPL Token program
+    ///   6. `[]` System program
+    ///   7. `[]` Sysvar Rent
+    CreateMintGovernance {
+        #[allow(dead_code)]
+        /// Governance config
+        config: GovernanceConfig,
+
+        #[allow(dead_code)]
+        /// Indicates whether Mint's authority should be transferred to the Governance PDA
+        /// If it's set to false then it can be done at a later time
+        /// However the instruction would validate the current mint authority signed the transaction nonetheless
+        transfer_mint_authority: bool,
+    },
 }
 
 /// Creates CreateRealm instruction
@@ -514,6 +537,42 @@ pub fn create_program_governance(
     }
 }
 
+/// Creates CreateMintGovernance instruction
+pub fn create_mint_governance(
+    program_id: &Pubkey,
+    // Accounts
+    governed_mint_authority: &Pubkey,
+    payer: &Pubkey,
+    // Args
+    config: GovernanceConfig,
+    transfer_mint_authority: bool,
+) -> Instruction {
+    let mint_governance_address =
+        get_mint_governance_address(program_id, &config.realm, &config.governed_account);
+
+    let accounts = vec![
+        AccountMeta::new_readonly(config.realm, false),
+        AccountMeta::new(mint_governance_address, false),
+        AccountMeta::new(config.governed_account, false),
+        AccountMeta::new_readonly(*governed_mint_authority, true),
+        AccountMeta::new_readonly(*payer, true),
+        AccountMeta::new_readonly(spl_token::id(), false),
+        AccountMeta::new_readonly(system_program::id(), false),
+        AccountMeta::new_readonly(sysvar::rent::id(), false),
+    ];
+
+    let instruction = GovernanceInstruction::CreateMintGovernance {
+        config,
+        transfer_mint_authority,
+    };
+
+    Instruction {
+        program_id: *program_id,
+        accounts,
+        data: instruction.try_to_vec().unwrap(),
+    }
+}
+
 /// Creates CreateProposal instruction
 #[allow(clippy::too_many_arguments)]
 pub fn create_proposal(

governance/program/src/processor/mod.rs

@@ -4,6 +4,7 @@ mod process_add_signatory;
 mod process_cancel_proposal;
 mod process_cast_vote;
 mod process_create_account_governance;
+mod process_create_mint_governance;
 mod process_create_program_governance;
 mod process_create_proposal;
 mod process_create_realm;
@@ -25,6 +26,7 @@ use process_add_signatory::*;
 use process_cancel_proposal::*;
 use process_cast_vote::*;
 use process_create_account_governance::*;
+use process_create_mint_governance::*;
 use process_create_program_governance::*;
 use process_create_proposal::*;
 use process_create_realm::*;
@@ -96,6 +98,11 @@ pub fn process_instruction(
             transfer_upgrade_authority,
         ),
 
+        GovernanceInstruction::CreateMintGovernance {
+            config,
+            transfer_mint_authority,
+        } => process_create_mint_governance(program_id, accounts, config, transfer_mint_authority),
+
         GovernanceInstruction::CreateAccountGovernance { config } => {
             process_create_account_governance(program_id, accounts, config)
         }

governance/program/src/processor/process_create_mint_governance.rs

@@ -0,0 +1,80 @@
+//! Program state processor
+
+use crate::{
+    state::{
+        enums::GovernanceAccountType,
+        governance::{
+            assert_is_valid_governance_config, get_mint_governance_address_seeds, Governance,
+            GovernanceConfig,
+        },
+    },
+    tools::{
+        account::create_and_serialize_account_signed,
+        spl_token::{assert_spl_token_mint_authority_is_signer, set_spl_token_mint_authority},
+    },
+};
+use solana_program::{
+    account_info::{next_account_info, AccountInfo},
+    entrypoint::ProgramResult,
+    pubkey::Pubkey,
+    rent::Rent,
+    sysvar::Sysvar,
+};
+
+/// Processes CreateMintGovernance instruction
+pub fn process_create_mint_governance(
+    program_id: &Pubkey,
+    accounts: &[AccountInfo],
+    config: GovernanceConfig,
+    transfer_mint_authority: bool,
+) -> ProgramResult {
+    let account_info_iter = &mut accounts.iter();
+
+    let realm_info = next_account_info(account_info_iter)?; // 0
+    let mint_governance_info = next_account_info(account_info_iter)?; // 1
+
+    let governed_mint_info = next_account_info(account_info_iter)?; // 2
+    let governed_mint_authority_info = next_account_info(account_info_iter)?; // 3
+
+    let payer_info = next_account_info(account_info_iter)?; // 4
+    let spl_token_info = next_account_info(account_info_iter)?; // 5
+
+    let system_info = next_account_info(account_info_iter)?; // 6
+
+    let rent_sysvar_info = next_account_info(account_info_iter)?; // 7
+    let rent = &Rent::from_account_info(rent_sysvar_info)?;
+
+    assert_is_valid_governance_config(program_id, &config, realm_info)?;
+
+    let mint_governance_data = Governance {
+        account_type: GovernanceAccountType::MintGovernance,
+        config: config.clone(),
+        proposals_count: 0,
+    };
+
+    create_and_serialize_account_signed::<Governance>(
+        payer_info,
+        mint_governance_info,
+        &mint_governance_data,
+        &get_mint_governance_address_seeds(&config.realm, &config.governed_account),
+        program_id,
+        system_info,
+        rent,
+    )?;
+
+    if transfer_mint_authority {
+        set_spl_token_mint_authority(
+            governed_mint_info,
+            governed_mint_authority_info,
+            mint_governance_info.key,
+            spl_token_info,
+        )?;
+    } else {
+        assert_spl_token_mint_authority_is_signer(
+            governed_mint_info,
+            governed_mint_authority_info,
+        )?;
+    }
+
+    Ok(())
+}

governance/program/src/state/enums.rs

@@ -32,6 +32,9 @@ pub enum GovernanceAccountType {
 
     /// ProposalInstruction account which holds an instruction to execute for Proposal
     ProposalInstruction,
+
+    /// Mint Governance account
+    MintGovernance,
 }
 
 impl Default for GovernanceAccountType {

governance/program/src/state/governance.rs

@@ -58,6 +58,7 @@ impl IsInitialized for Governance {
     fn is_initialized(&self) -> bool {
         self.account_type == GovernanceAccountType::AccountGovernance
             || self.account_type == GovernanceAccountType::ProgramGovernance
+            || self.account_type == GovernanceAccountType::MintGovernance
     }
 }
 
@@ -73,6 +74,9 @@ impl Governance {
                 &self.config.realm,
                 &self.config.governed_account,
             ),
+            GovernanceAccountType::MintGovernance => {
+                get_mint_governance_address_seeds(&self.config.realm, &self.config.governed_account)
+            }
             _ => return Err(GovernanceError::InvalidAccountType.into()),
         };
 
@@ -115,6 +119,29 @@ pub fn get_program_governance_address<'a>(
     .0
 }
 
+/// Returns MintGovernance PDA seeds
+pub fn get_mint_governance_address_seeds<'a>(
+    realm: &'a Pubkey,
+    governed_mint: &'a Pubkey,
+) -> [&'a [u8]; 3] {
+    // 'mint-governance' prefix ensures uniqueness of the PDA
+    // Note: Only the current mint authority can create an account with this PDA using CreateMintGovernance instruction
+    [b"mint-governance", realm.as_ref(), governed_mint.as_ref()]
+}
+
+/// Returns MintGovernance PDA address
+pub fn get_mint_governance_address<'a>(
+    program_id: &Pubkey,
+    realm: &'a Pubkey,
+    governed_mint: &'a Pubkey,
+) -> Pubkey {
+    Pubkey::find_program_address(
+        &get_mint_governance_address_seeds(realm, governed_mint),
+        program_id,
+    )
+    .0
+}
+
 /// Returns AccountGovernance PDA seeds
 pub fn get_account_governance_address_seeds<'a>(
     realm: &'a Pubkey,

governance/program/src/tools/account.rs

@@ -89,7 +89,7 @@ pub fn get_account_data<T: BorshDeserialize + IsInitialized>(
     owner_program_id: &Pubkey,
 ) -> Result<T, ProgramError> {
     if account_info.data_is_empty() {
-        return Err(ProgramError::UninitializedAccount);
+        return Err(GovernanceError::AccountDoesNotExist.into());
     }
     if account_info.owner != owner_program_id {
         return Err(GovernanceError::InvalidAccountOwner.into());
@@ -103,7 +103,8 @@ pub fn get_account_data<T: BorshDeserialize + IsInitialized>(
     }
 }
 
-/// Asserts the given account is not empty, owned given program and of the expected type
+/// Asserts the given account is not empty, owned by the given program and of the expected type
+/// Note: The function assumes the account type T is stored as the first element in the account data
 pub fn assert_is_valid_account<T: BorshDeserialize + PartialEq>(
     account_info: &AccountInfo,
     expected_account_type: T,
@@ -114,7 +115,7 @@ pub fn assert_is_valid_account<T: BorshDeserialize + PartialEq>(
     }
 
     if account_info.data_is_empty() {
-        return Err(ProgramError::UninitializedAccount);
+        return Err(GovernanceError::AccountDoesNotExist.into());
     }
 
     let account_type: T = try_from_slice_unchecked(&account_info.data.borrow())?;

governance/program/src/tools/mod.rs

@@ -5,3 +5,5 @@ pub mod account;
 pub mod spl_token;
 
 pub mod bpf_loader_upgradeable;
+
+pub mod pack;

governance/program/src/tools/pack.rs

@@ -0,0 +1,14 @@
+//! General purpose packing utility functions
+
+use arrayref::array_refs;
+use solana_program::{program_error::ProgramError, program_option::COption, pubkey::Pubkey};
+
+/// Unpacks COption from a slice
+pub fn unpack_coption_pubkey(src: &[u8; 36]) -> Result<COption<Pubkey>, ProgramError> {
+    let (tag, body) = array_refs![src, 4, 32];
+    match *tag {
+        [0, 0, 0, 0] => Ok(COption::None),
+        [1, 0, 0, 0] => Ok(COption::Some(Pubkey::new_from_array(*body))),
+        _ => Err(ProgramError::InvalidAccountData),
+    }
+}