Enum safe_token_2022::extension::confidential_transfer::instruction::ConfidentialTransferInstruction

source · 
#[repr(u8)]
pub enum ConfidentialTransferInstruction {

Show 16 variants    InitializeMint,
    UpdateMint,
    ConfigureAccount,
    ApproveAccount,
    EmptyAccount,
    Deposit,
    Withdraw,
    Transfer,
    ApplyPendingBalance,
    EnableConfidentialCredits,
    DisableConfidentialCredits,
    EnableNonConfidentialCredits,
    DisableNonConfidentialCredits,
    WithdrawWithheldTokensFromMint,
    WithdrawWithheldTokensFromAccounts,
    HarvestWithheldTokensToMint,

}
Expand description

Confidential Transfer extension instructions

Variants§

§

InitializeMint

Initializes confidential transfers for a mint.

The ConfidentialTransferInstruction::InitializeMint instruction requires no signers and MUST be included within the same Transaction as TokenInstruction::InitializeMint. Otherwise another party can initialize the configuration.

The instruction fails if the TokenInstruction::InitializeMint instruction has already executed for the mint.

Note that the withdraw_withheld_authority_encryption_pubkey cannot be updated after it is initialized.

Accounts expected by this instruction:

  1. [writable] The SPL Token mint.

Data expected by this instruction: InitializeMintData

§

UpdateMint

Updates the confidential transfer mint configuration for a mint.

Use TokenInstruction::SetAuthority to update the confidential transfer mint authority.

The withdraw_withheld_authority_encryption_pubkey and withheld_amount ciphertext are not updatable.

Accounts expected by this instruction:

  1. [writable] The SPL Token mint.
  2. [signer] Confidential transfer mint authority.

Data expected by this instruction: UpdateMintData

§

ConfigureAccount

Configures confidential transfers for a token account.

The instruction fails if the confidential transfers are already configured, or if the mint was not initialized with confidential transfer support.

The instruction fails if the TokenInstruction::InitializeAccount instruction has not yet successfully executed for the token account.

Upon success, confidential and non-confidential deposits and transfers are enabled. Use the DisableConfidentialCredits and DisableNonConfidentialCredits instructions to disable.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyPubkey instruction of the zk_token_proof program in the same transaction.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writeable] The SPL Token account.
  2. [] The corresponding SPL Token mint.
  3. [] Instructions sysvar.
  4. [signer] The single source account owner.
  • Multisignature owner/delegate
  1. [writeable] The SPL Token account.
  2. [] The corresponding SPL Token mint.
  3. [] The multisig source account owner.
  4. [] Instructions sysvar. 4.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: ConfigureAccountInstructionData

§

ApproveAccount

Approves a token account for confidential transfers.

Approval is only required when the ConfidentialTransferMint::approve_new_accounts field is set in the SPL Token mint. This instruction must be executed after the account owner configures their account for confidential transfers with ConfidentialTransferInstruction::ConfigureAccount.

Accounts expected by this instruction:

  1. [writable] The SPL Token account to approve.
  2. [] The SPL Token mint.
  3. [signer] Confidential transfer auditor authority.

Data expected by this instruction: None

§

EmptyAccount

Prepare a token account for closing. The account must not hold any confidential tokens in its pending or available balances. Use ConfidentialTransferInstruction::DisableConfidentialCredits to block balance credit changes first if necessary.

Note that a newly configured account is always empty, so this instruction is not required prior to account closing if no instructions beyond ConfidentialTransferInstruction::ConfigureAccount have affected the token account.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyCloseAccount instruction of the zk_token_proof program in the same transaction.

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [] Instructions sysvar.
  3. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] Instructions sysvar.
  3. [] The multisig account owner. 3.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: EmptyAccountInstructionData

§

Deposit

Deposit SPL Tokens into the pending balance of a confidential token account.

The account owner can then invoke the ApplyPendingBalance instruction to roll the deposit into their available balance at a time of their choosing.

Fails if the source or destination accounts are frozen. Fails if the associated mint is extended as NonTransferable.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [signer] The single account owner or delegate.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [] The multisig account owner or delegate. 3.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: DepositInstructionData

§

Withdraw

Withdraw SPL Tokens from the available balance of a confidential token account.

Fails if the source or destination accounts are frozen. Fails if the associated mint is extended as NonTransferable.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyWithdraw instruction of the zk_token_proof program in the same transaction.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [] Instructions sysvar.
  4. [signer] The single source account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [] Instructions sysvar.
  4. [] The multisig source account owner. 4.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: WithdrawInstructionData

§

Transfer

Transfer tokens confidentially.

In order for this instruction to be successfully processed, it must be accompanied by either the VerifyTransfer or VerifyTransferWithFee instruction of the zk_token_proof program in the same transaction.

Fails if the associated mint is extended as NonTransferable.

  • Single owner/delegate
  1. [writable] The source SPL Token account.
  2. [writable] The destination SPL Token account.
  3. [] The token mint.
  4. [] Instructions sysvar.
  5. [signer] The single source account owner.
  • Multisignature owner/delegate
  1. [writable] The source SPL Token account.
  2. [writable] The destination SPL Token account.
  3. [] The token mint.
  4. [] Instructions sysvar.
  5. [] The multisig source account owner. 6.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: TransferInstructionData

§

ApplyPendingBalance

Applies the pending balance to the available balance, based on the history of Deposit and/or Transfer instructions.

After submitting ApplyPendingBalance, the client should compare ConfidentialTransferAccount::expected_pending_balance_credit_counter with ConfidentialTransferAccount::actual_applied_pending_balance_instructions. If they are equal then the ConfidentialTransferAccount::decryptable_available_balance is consistent with ConfidentialTransferAccount::available_balance. If they differ then there is more pending balance to be applied.

Account expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: ApplyPendingBalanceData

§

EnableConfidentialCredits

Configure a confidential extension account to accept incoming confidential transfers.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] Single authority.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] Multisig authority. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

DisableConfidentialCredits

Configure a confidential extension account to reject any incoming confidential transfers.

If the allow_non_confidential_credits field is true, then the base account can still receive non-confidential transfers.

This instruction can be used to disable confidential payments after a token account has already been extended for confidential transfers.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

EnableNonConfidentialCredits

Configure an account with the confidential extension to accept incoming non-confidential transfers.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

DisableNonConfidentialCredits

Configure an account with the confidential extension to reject any incoming non-confidential transfers.

This instruction can be used to configure a confidential extension account to exclusively receive confidential payments.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

WithdrawWithheldTokensFromMint

Transfer all withheld confidential tokens in the mint to an account. Signed by the mint’s withdraw withheld tokens authority.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyWithdrawWithheldTokens instruction of the zk_token_proof program in the same transaction.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The token mint. Must include the TransferFeeConfig extension.
  2. [writable] The fee receiver account. Must include the TransferFeeAmount and ConfidentialTransferAccount extensions.
  3. [] Instructions sysvar.
  4. [signer] The mint’s withdraw_withheld_authority.
  • Multisignature owner/delegate
  1. [writable] The token mint. Must include the TransferFeeConfig extension.
  2. [writable] The fee receiver account. Must include the TransferFeeAmount and ConfidentialTransferAccount extensions.
  3. [] Instructions sysvar.
  4. [] The mint’s multisig withdraw_withheld_authority.
  5. ..3+M [signer] M signer accounts.

Data expected by this instruction: WithdrawWithheldTokensFromMintData

§

WithdrawWithheldTokensFromAccounts

Transfer all withheld tokens to an account. Signed by the mint’s withdraw withheld tokens authority. This instruction is susceptible to front-running. Use HarvestWithheldTokensToMint and WithdrawWithheldTokensFromMint as an alternative.

Note on front-running: This instruction requires a zero-knowledge proof verification instruction that is checked with respect to the account state (the currently withheld fees). Suppose that a withdraw withheld authority generates the WithdrawWithheldTokensFromAccounts instruction along with a corresponding zero-knowledge proof for a specified set of accounts, and submits it on chain. If the withheld fees at any of the specified accounts change before the WithdrawWithheldTokensFromAccounts is executed on chain, the zero-knowledge proof will not verify with respect to the new state, forcing the transaction to fail.

If front-running occurs, then users can look up the updated states of the accounts, generate a new zero-knowledge proof and try again. Alternatively, withdraw withheld authority can first move the withheld amount to the mint using HarvestWithheldTokensToMint and then move the withheld fees from mint to a specified destination account using WithdrawWithheldTokensFromMint.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyWithdrawWithheldTokens instruction of the zk_token_proof program in the same transaction.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [] The token mint. Must include the TransferFeeConfig extension.
  2. [writable] The fee receiver account. Must include the TransferFeeAmount and ConfidentialTransferAccount extensions.
  3. [] Instructions sysvar.
  4. [signer] The mint’s withdraw_withheld_authority.
  5. ..3+N [writable] The source accounts to withdraw from.
  • Multisignature owner/delegate
  1. [] The token mint. Must include the TransferFeeConfig extension.
  2. [writable] The fee receiver account. Must include the TransferFeeAmount and ConfidentialTransferAccount extensions.
  3. [] Instructions sysvar.
  4. [] The mint’s multisig withdraw_withheld_authority.
  5. ..4+M [signer] M signer accounts. 4+M+1. ..3+M+N [writable] The source accounts to withdraw from.

Data expected by this instruction: WithdrawWithheldTokensFromAccountsData

§

HarvestWithheldTokensToMint

Permissionless instruction to transfer all withheld confidential tokens to the mint.

Succeeds for frozen accounts.

Accounts provided should include both the TransferFeeAmount and ConfidentialTransferAccount extension. If not, the account is skipped.

Accounts expected by this instruction:

  1. [writable] The mint.
  2. ..1+N [writable] The source accounts to harvest from.

Data expected by this instruction: None

Trait Implementations§

source§

impl Clone for ConfidentialTransferInstruction

source§

fn clone(&self) -> ConfidentialTransferInstruction

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for ConfidentialTransferInstruction

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl From<ConfidentialTransferInstruction> for u8

source§

fn from(enum_value: ConfidentialTransferInstruction) -> Self

Converts to this type from the input type.
source§

impl TryFrom<u8> for ConfidentialTransferInstruction

§

type Error = TryFromPrimitiveError<ConfidentialTransferInstruction>

The type returned in the event of a conversion error.
source§

fn try_from(number: u8) -> Result<Self, TryFromPrimitiveError<Self>>

Performs the conversion.
source§

impl TryFromPrimitive for ConfidentialTransferInstruction

§

type Primitive = u8

source§

const NAME: &'static str = _

source§

fn try_from_primitive( number: Self::Primitive ) -> Result<Self, TryFromPrimitiveError<Self>>

source§

impl Copy for ConfidentialTransferInstruction

Auto Trait Implementations§

Blanket Implementations§

§

impl<T> AbiExample for T

§

default fn example() -> T

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

const: unstable · source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

const: unstable · source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize = mem::align_of::<T>()

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
const: unstable · source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
const: unstable · source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V