#[repr(u8)]
pub enum ConfidentialTransferInstruction {
Show 14 variants InitializeMint = 0, UpdateMint = 1, ConfigureAccount = 2, ApproveAccount = 3, EmptyAccount = 4, Deposit = 5, Withdraw = 6, Transfer = 7, ApplyPendingBalance = 8, EnableConfidentialCredits = 9, DisableConfidentialCredits = 10, EnableNonConfidentialCredits = 11, DisableNonConfidentialCredits = 12, TransferWithSplitProofs = 13,
}
Expand description

Confidential Transfer extension instructions

Variants§

§

InitializeMint = 0

Initializes confidential transfers for a mint.

The ConfidentialTransferInstruction::InitializeMint instruction requires no signers and MUST be included within the same Transaction as TokenInstruction::InitializeMint. Otherwise another party can initialize the configuration.

The instruction fails if the TokenInstruction::InitializeMint instruction has already executed for the mint.

Accounts expected by this instruction:

  1. [writable] The SPL Token mint.

Data expected by this instruction: InitializeMintData

§

UpdateMint = 1

Updates the confidential transfer mint configuration for a mint.

Use TokenInstruction::SetAuthority to update the confidential transfer mint authority.

Accounts expected by this instruction:

  1. [writable] The SPL Token mint.
  2. [signer] Confidential transfer mint authority.

Data expected by this instruction: UpdateMintData

§

ConfigureAccount = 2

Configures confidential transfers for a token account.

The instruction fails if the confidential transfers are already configured, or if the mint was not initialized with confidential transfer support.

The instruction fails if the TokenInstruction::InitializeAccount instruction has not yet successfully executed for the token account.

Upon success, confidential and non-confidential deposits and transfers are enabled. Use the DisableConfidentialCredits and DisableNonConfidentialCredits instructions to disable.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyPubkeyValidityProof instruction of the zk_token_proof program in the same transaction or the address of a context state account for the proof must be provided.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writeable] The SPL Token account.
  2. [] The corresponding SPL Token mint.
  3. [] Instructions sysvar if VerifyPubkeyValidityProof is included in the same transaction or context state account if VerifyPubkeyValidityProof is pre-verified into a context state account.
  4. [signer] The single source account owner.
  • Multisignature owner/delegate
  1. [writeable] The SPL Token account.
  2. [] The corresponding SPL Token mint.
  3. [] Instructions sysvar if VerifyPubkeyValidityProof is included in the same transaction or context state account if VerifyPubkeyValidityProof is pre-verified into a context state account.
  4. [] The multisig source account owner. 4.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: ConfigureAccountInstructionData

§

ApproveAccount = 3

Approves a token account for confidential transfers.

Approval is only required when the ConfidentialTransferMint::approve_new_accounts field is set in the SPL Token mint. This instruction must be executed after the account owner configures their account for confidential transfers with ConfidentialTransferInstruction::ConfigureAccount.

Accounts expected by this instruction:

  1. [writable] The SPL Token account to approve.
  2. [] The SPL Token mint.
  3. [signer] Confidential transfer mint authority.

Data expected by this instruction: None

§

EmptyAccount = 4

Empty the available balance in a confidential token account.

A token account that is extended for confidential transfers can only be closed if the pending and available balance ciphertexts are emptied. The pending balance can be emptied via the ConfidentialTransferInstruction::ApplyPendingBalance instruction. Use the ConfidentialTransferInstruction::EmptyAccount instruction to empty the available balance ciphertext.

Note that a newly configured account is always empty, so this instruction is not required prior to account closing if no instructions beyond ConfidentialTransferInstruction::ConfigureAccount have affected the token account.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyZeroBalanceProof instruction of the zk_token_proof program in the same transaction or the address of a context state account for the proof must be provided.

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [] Instructions sysvar if VerifyZeroBalanceProof is included in the same transaction or context state account if VerifyZeroBalanceProof is pre-verified into a context state account.
  3. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] Instructions sysvar if VerifyZeroBalanceProof is included in the same transaction or context state account if VerifyZeroBalanceProof is pre-verified into a context state account.
  3. [] The multisig account owner. 3.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: EmptyAccountInstructionData

§

Deposit = 5

Deposit SPL Tokens into the pending balance of a confidential token account.

The account owner can then invoke the ApplyPendingBalance instruction to roll the deposit into their available balance at a time of their choosing.

Fails if the source or destination accounts are frozen. Fails if the associated mint is extended as NonTransferable.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [signer] The single account owner or delegate.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [] The multisig account owner or delegate. 3.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: DepositInstructionData

§

Withdraw = 6

Withdraw SPL Tokens from the available balance of a confidential token account.

Fails if the source or destination accounts are frozen. Fails if the associated mint is extended as NonTransferable.

In order for this instruction to be successfully processed, it must be accompanied by the VerifyWithdraw instruction of the zk_token_proof program in the same transaction or the address of a context state account for the proof must be provided.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [] Instructions sysvar if VerifyWithdraw is included in the same transaction or context state account if VerifyWithdraw is pre-verified into a context state account.
  4. [signer] The single source account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The token mint.
  3. [] Instructions sysvar if VerifyWithdraw is included in the same transaction or context state account if VerifyWithdraw is pre-verified into a context state account.
  4. [] The multisig source account owner. 4.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: WithdrawInstructionData

§

Transfer = 7

Transfer tokens confidentially.

In order for this instruction to be successfully processed, it must be accompanied by either the VerifyTransfer or VerifyTransferWithFee instruction of the zk_token_proof program in the same transaction or the address of a context state account for the proof must be provided.

Fails if the associated mint is extended as NonTransferable.

  • Single owner/delegate
  1. [writable] The source SPL Token account.
  2. [] The token mint.
  3. [writable] The destination SPL Token account.
  4. [] Instructions sysvar if VerifyTransfer or VerifyTransferWithFee is included in the same transaction or context state account if these proofs are pre-verified into a context state account.
  5. [signer] The single source account owner.
  • Multisignature owner/delegate
  1. [writable] The source SPL Token account.
  2. [] The token mint.
  3. [writable] The destination SPL Token account.
  4. [] Instructions sysvar if VerifyTransfer or VerifyTransferWithFee is included in the same transaction or context state account if these proofs are pre-verified into a context state account.
  5. [] The multisig source account owner. 6.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: TransferInstructionData

§

ApplyPendingBalance = 8

Applies the pending balance to the available balance, based on the history of Deposit and/or Transfer instructions.

After submitting ApplyPendingBalance, the client should compare ConfidentialTransferAccount::expected_pending_balance_credit_counter with ConfidentialTransferAccount::actual_applied_pending_balance_instructions. If they are equal then the ConfidentialTransferAccount::decryptable_available_balance is consistent with ConfidentialTransferAccount::available_balance. If they differ then there is more pending balance to be applied.

Account expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: ApplyPendingBalanceData

§

EnableConfidentialCredits = 9

Configure a confidential extension account to accept incoming confidential transfers.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] Single authority.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] Multisig authority. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

DisableConfidentialCredits = 10

Configure a confidential extension account to reject any incoming confidential transfers.

If the allow_non_confidential_credits field is true, then the base account can still receive non-confidential transfers.

This instruction can be used to disable confidential payments after a token account has already been extended for confidential transfers.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

EnableNonConfidentialCredits = 11

Configure an account with the confidential extension to accept incoming non-confidential transfers.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

DisableNonConfidentialCredits = 12

Configure an account with the confidential extension to reject any incoming non-confidential transfers.

This instruction can be used to configure a confidential extension account to exclusively receive confidential payments.

Accounts expected by this instruction:

  • Single owner/delegate
  1. [writable] The SPL Token account.
  2. [signer] The single account owner.
  • Multisignature owner/delegate
  1. [writable] The SPL Token account.
  2. [] The multisig account owner. 2.. [signer] Required M signer accounts for the SPL Token Multisig account.

Data expected by this instruction: None

§

TransferWithSplitProofs = 13

Transfer tokens confidentially with zero-knowledge proofs that are split into smaller components.

In order for this instruction to be successfully processed, it must be accompanied by suitable zero-knowledge proof context accounts listed below.

The same restrictions for the Transfer applies to TransferWithSplitProofs. Namely, the instruction fails if the associated mint is extended as NonTransferable.

  • Transfer without fee
  1. [writable] The source SPL Token account.
  2. [] The token mint.
  3. [writable] The destination SPL Token account.
  4. [] Context state account for VerifyCiphertextCommitmentEqualityProof.
  5. [] Context state account for VerifyBatchedGroupedCiphertext2HandlesValidityProof.
  6. [] Context state account for VerifyBatchedRangeProofU128. If close_split_context_state_on_execution is set, all context state accounts must be writable and the following sequence of accounts that are marked with asterisk are needed: 7*. [] The destination account for lamports from the context state accounts. 8*. [signer] The context state account owner. 9*. [] The zk token proof program.
  7. [signer] The source account owner.
  • Transfer with fee
  1. [writable] The source SPL Token account.
  2. [] The token mint.
  3. [writable] The destination SPL Token account.
  4. [] Context state account for VerifyCiphertextCommitmentEqualityProof.
  5. [] Context state account for VerifyBatchedGroupedCiphertext2HandlesValidityProof.
  6. [] Context state account for VerifyFeeSigmaProof.
  7. [] Context state account for VerifyBatchedGroupedCiphertext2HandlesValidityProof.
  8. [] Context state account for VerifyBatchedRangeProofU256. If close_split_context_state_on_execution is set, all context state accounts must be writable and the following sequence of accounts that are marked with asterisk are needed: 9*. [] The destination account for lamports from the context state accounts. 10*. [signer] The context state account owner. 11*. [] The zk token proof program.
  9. [signer] The source account owner.

Data expected by this instruction: TransferWithSplitProofsInstructionData

Trait Implementations§

source§

impl Clone for ConfidentialTransferInstruction

source§

fn clone(&self) -> ConfidentialTransferInstruction

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for ConfidentialTransferInstruction

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl From<ConfidentialTransferInstruction> for u8

source§

fn from(enum_value: ConfidentialTransferInstruction) -> Self

Converts to this type from the input type.
source§

impl TryFrom<u8> for ConfidentialTransferInstruction

§

type Error = TryFromPrimitiveError<ConfidentialTransferInstruction>

The type returned in the event of a conversion error.
source§

fn try_from(number: u8) -> Result<Self, TryFromPrimitiveError<Self>>

Performs the conversion.
source§

impl TryFromPrimitive for ConfidentialTransferInstruction

§

type Primitive = u8

§

type Error = TryFromPrimitiveError<ConfidentialTransferInstruction>

source§

const NAME: &'static str = "ConfidentialTransferInstruction"

source§

fn try_from_primitive( number: Self::Primitive, ) -> Result<Self, TryFromPrimitiveError<Self>>

source§

impl Copy for ConfidentialTransferInstruction

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

default unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> CloneToUninit for T
where T: Copy,

source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V