sdk: migrate serviceability commands to RFC-26 instruction builders (R10)#4060
Open
juan-malbeclabs wants to merge 1 commit into
Open
sdk: migrate serviceability commands to RFC-26 instruction builders (R10)#4060juan-malbeclabs wants to merge 1 commit into
juan-malbeclabs wants to merge 1 commit into
Conversation
…R10) Delegate every serviceability commands/* execute() to the pure doublezero-serviceability-instruction builders and a new DoubleZeroClient::send_transaction (compute-budget prelude + sign + send), replacing the four execute_*(instruction, accounts) methods and the client-side account assembly. Command execute() signatures/returns are unchanged, so CLI/sentinel/daemon consumers are unaffected. Behavior change: the Rust SDK no longer attaches the payer's Permission PDA to serviceability transactions; authorize() uses the legacy GlobalState allowlist path until the builder-side Permission append is re-enabled per instruction (must be sequenced with the permission-model rollout). Adds a solana-program-test safety net that runs the highest-cardinality builders (create_device, create_link, create_subscribe_user, atomic delete_device, clear_topology) against the real program to catch account-order drift.
2194abb to
24c23fe
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary of Changes
commands/*execute()to the puredoublezero-serviceability-instructionbuilders (RFC-26), so account layout has a single source of truth in the builder crate rather than being hand-assembled per command.DoubleZeroClient::execute_*(instruction, accounts)trait methods and the client-side account assembly with a singlesend_transaction(Instruction)(+_quiet) that just prepends the compute-budget prelude, signs, and sends. Commandexecute()signatures/returns are unchanged, so CLI/sentinel/daemon consumers are unaffected.authorize()uses the legacy GlobalState allowlist path until the builder-side Permission append is re-enabled per instruction (must be sequenced with the permission-model rollout).solana-program-testsafety net that runs the highest-cardinality builders (create_device,create_link,create_subscribe_user, atomicdelete_device,clear_topology) against the real program to catch account-order drift.client.rs(the append, when re-enabled, lands in the builder — derived offline — so the RPC-based path is not needed).This is the final PR of the RFC-26 stack; it carries the global changelog entry. See
rfcs/rfc26-rust-instruction-builder-library.md.Diff Breakdown
Net −1150 lines: a mostly-mechanical migration (77 command delegations + a doc fix) on top of a genuine send-path/trait rewrite and one new program-test suite. This exceeds doublezero's ~500-line PR norm, but the migration + its program-test safety net are one logical unit and the net change is a reduction; splitting would land the safety net separately from the code it guards.
Key files (click to expand)
smartcontract/programs/doublezero-serviceability/tests/rfc26_builders_test.rs(+696) — new program-test safety net; builds via the RFC-26 builders and runs them against the real program.smartcontract/sdk/rs/src/client.rs(+81/-539) — reworkexecute_transaction_innerintosend_transaction_inner(ix, quiet); dropassemble_instructions, the permission-resolve/cache and stale-retry loop, and their tests.smartcontract/sdk/rs/src/commands/exchange/setdevice.rs(+117/-131) — two-send command migrated toset_device_exchangebuilder.smartcontract/sdk/rs/src/commands/user/delete.rs(+85/-215) — composed unsubscribe +delete_userbuilder; keeps cascade orchestration.smartcontract/sdk/rs/src/commands/link/update.rs(+77/-81) —update_linkbuilder withLinkUpdateAuthority; builder recomputesuse_onchain_allocation.smartcontract/sdk/rs/src/commands/tenant/delete.rs(+62/-127) —delete_tenantbuilder; keeps cascade + reference-count poll.smartcontract/sdk/rs/src/commands/device/delete.rs(+59/-87) — legacy/atomic paths viadelete_device+DeviceDeleteResources.smartcontract/sdk/rs/src/doublezeroclient.rs(+9/-33) — trait: fourexecute_*methods →send_transaction/send_transaction_quiet.Testing Verification
solana-program-testsuite (rfc26_builders_test.rs): 5 tests exercising the highest-cardinality builders against the real program —create_device,create_link+clear_topology,create_subscribe_user(atomic subscriber), and atomicdelete_device(owners read on-chain in processor order). All pass.cargo test -p doublezero_sdk: 164 passed (rewritten command tests now assertpredicate::eq(builder(...))on the exact instruction each command sends, including tightened expectations for the composeduser/delete,tenant/delete,user/requestbancommands and new unit tests for theresource/*commands).exchange/setdevice,topology/clear,topology/assign_node_segments) preserve their per-instruction sequencing.