feat: zero-copy-derive

fix: light-zero-copy tests

comment derive mut

commented byte len

fix: derive macro for non mut

pre bytelen

refactor: detach bytelen trait

stash adding config

simple config derive works

stash

stash new at

stash new at Compressed Account

stash

man InstructionDataInvoke new_zero_copy works

stash simple config zero_copy_new tests

stash

refactor

fixed lifetime issue

stash

instruction data tests work

move byte_len to init_mut

added randomized tests

stash got failing random tests

fixed u8 and bool

remove bytelen

renamed trait

fix lint

fix tests

apply feedback meta_struct

use syn to parse options instead of strings

primitive types Replace string-based type comparisons with proper syn AST matching

replace parse_str with parse_quote

replace empty quote with unreachable!

add byte len check borsh_vec_u8_as_slice_mut

converted unimplemented to panic

cleanup redundant as u64 etc

fix docs

cleanup

cleanup commtend code

cleanup mut conditionals

remove bytelen derive

cleanup

refactor: replace duplicate code with generate_deserialize_call

refactor detecting copy

moved to internal

refactor: add error handling

cleanup

cleanup file structure

stash wip

transform all primitive types to zero copy types

simplify analyze_struct_fields

fix empty meta struct generation

stash zero copy changes

unified some with Deserialize::Output

unified integer field type enum

renam VecNonStaticZeroCopy -> VecDynamicZeroCopy

Simplify Option inner type extraction using syn utilities.

Add bounds check before writing discriminant byte.

improve generate_field_initialization

remove debug test

Incorrect type conversion from u8 to u32, add note options in arrays are not supported

Error context lost in conversion

format and add heap allocation check

Check the last path segment for accurate type detection

fix: test

fix: test

improve cache robustness

Author: ananas-block

.github/workflows/rust.yml

@@ -53,7 +53,8 @@ jobs:
               cargo test -p light-account-checks  --all-features
               cargo test -p light-verifier --all-features
               cargo test -p light-merkle-tree-metadata --all-features
-              cargo test -p light-zero-copy --features std
+              cargo test -p light-zero-copy --features "std, mut, derive"
+              cargo test -p light-zero-copy-derive --features "mut"
               cargo test -p light-hash-set --all-features
           - name: program-libs-slow
             packages: light-bloom-filter light-indexed-merkle-tree light-batched-merkle-tree

.gitignore

@@ -86,3 +86,5 @@ output1.txt
 .zed
 
 **/.claude/**/*
+
+expand.rs

Cargo.lock

@@ -13,6 +13,7 @@ members = [
     "program-libs/hash-set",
     "program-libs/indexed-merkle-tree",
     "program-libs/indexed-array",
+    "program-libs/zero-copy-derive",
     "programs/account-compression",
     "programs/system",
     "programs/compressed-token",
@@ -167,6 +168,7 @@ light-compressed-account = { path = "program-libs/compressed-account", version =
 light-account-checks = { path = "program-libs/account-checks", version = "0.3.0" }
 light-verifier = { path = "program-libs/verifier", version = "2.1.0" }
 light-zero-copy = { path = "program-libs/zero-copy", version = "0.2.0" }
+light-zero-copy-derive = { path = "program-libs/zero-copy-derive", version = "0.1.0" }
 photon-api = { path = "sdk-libs/photon-api", version = "0.51.0" }
 forester-utils = { path = "forester-utils", version = "2.0.0" }
 account-compression = { path = "programs/account-compression", version = "2.0.0", features = [

Cargo.toml

@@ -399,9 +399,13 @@ impl<'a> Deserialize<'a> for InstructionDataInvokeCpiWithAccountInfo {
         let (account_infos, bytes) = {
             let (num_slices, mut bytes) = Ref::<&[u8], U32>::from_prefix(bytes)?;
             let num_slices = u32::from(*num_slices) as usize;
-            // TODO: add check that remaining data is enough to read num_slices
-            // This prevents agains invalid data allocating a lot of heap memory
             let mut slices = Vec::with_capacity(num_slices);
+            if bytes.len() < num_slices {
+                return Err(ZeroCopyError::InsufficientMemoryAllocated(
+                    bytes.len(),
+                    num_slices,
+                ));
+            }
             for _ in 0..num_slices {
                 let (slice, _bytes) = CompressedAccountInfo::zero_copy_at_with_owner(
                     bytes,

program-libs/compressed-account/src/instruction_data/with_account_info.rs

@@ -347,8 +347,14 @@ impl<'a> Deserialize<'a> for InstructionDataInvokeCpiWithReadOnly {
         let (input_compressed_accounts, bytes) = {
             let (num_slices, mut bytes) = Ref::<&[u8], U32>::from_prefix(bytes)?;
             let num_slices = u32::from(*num_slices) as usize;
-            // TODO: add check that remaining data is enough to read num_slices
-            // This prevents agains invalid data allocating a lot of heap memory
+            // Prevent heap exhaustion attacks by checking if num_slices is reasonable
+            // Each element needs at least 1 byte when serialized
+            if bytes.len() < num_slices {
+                return Err(ZeroCopyError::InsufficientMemoryAllocated(
+                    bytes.len(),
+                    num_slices,
+                ));
+            }
             let mut slices = Vec::with_capacity(num_slices);
             for _ in 0..num_slices {
                 let (slice, _bytes) =

program-libs/compressed-account/src/instruction_data/with_readonly.rs

@@ -0,0 +1,26 @@
+[package]
+name = "light-zero-copy-derive"
+version = "0.1.0"
+edition = "2021"
+license = "Apache-2.0"
+description = "Proc macro for zero-copy deserialization"
+
+[features]
+default = []
+mut = []
+
+[lib]
+proc-macro = true
+
+[dependencies]
+proc-macro2 = "1.0"
+quote = "1.0"
+syn = { version = "2.0", features = ["full", "extra-traits"] }
+lazy_static = "1.4"
+
+[dev-dependencies]
+trybuild = "1.0"
+rand = "0.8"
+borsh = { workspace = true }
+light-zero-copy = { workspace = true, features = ["std", "derive"] }
+zerocopy = { workspace = true, features = ["derive"] }

program-libs/zero-copy-derive/Cargo.toml

@@ -0,0 +1,103 @@
+# Light-Zero-Copy-Derive
+
+A procedural macro for deriving zero-copy deserialization for Rust structs used with Solana programs.
+
+## Features
+
+This crate provides two key derive macros:
+
+1. `#[derive(ZeroCopy)]` - Implements zero-copy deserialization with:
+   - The `zero_copy_at` and `zero_copy_at_mut` methods for deserialization
+   - Full Borsh compatibility for serialization/deserialization
+   - Efficient memory representation with no copying of data
+   - `From<Z<StructName>>` and `From<Z<StructName>Mut>` implementations for easy conversion back to the original struct
+
+2. `#[derive(ZeroCopyEq)]` - Adds equality comparison support:
+   - Compare zero-copy instances with regular struct instances
+   - Can be used alongside `ZeroCopy` for complete functionality
+   - Derivation for Options<struct> is not robust and may not compile.
+
+## Rules for Zero-Copy Deserialization
+
+The macro follows these rules when generating code:
+
+1. Creates a `ZStruct` for your struct that follows zero-copy principles
+   1. Fields are extracted into a meta struct until reaching a `Vec`, `Option` or non-`Copy` type
+   2. Vectors are represented as `ZeroCopySlice` and not included in the meta struct
+   3. Integer types are replaced with their zerocopy equivalents (e.g., `u16` → `U16`)
+   4. Fields after the first vector are directly included in the `ZStruct` and deserialized one by one
+   5. If a vector contains a nested vector (non-`Copy` type), it must implement `Deserialize`
+   6. Elements in an `Option` must implement `Deserialize`
+   7. Types that don't implement `Copy` must implement `Deserialize` and are deserialized one by one
+
+## Usage
+
+### Basic Usage
+
+```rust
+use borsh::{BorshDeserialize, BorshSerialize};
+use light_zero_copy_derive::ZeroCopy;
+use light_zero_copy::{borsh::Deserialize, borsh_mut::DeserializeMut};
+
+#[repr(C)]
+#[derive(Debug, PartialEq, BorshSerialize, BorshDeserialize, ZeroCopy)]
+pub struct MyStruct {
+    pub a: u8,
+    pub b: u16,
+    pub vec: Vec<u8>,
+    pub c: u64,
+}
+let my_struct = MyStruct {
+    a: 1,
+    b: 2,
+    vec: vec![1u8; 32],
+    c: 3,
+};
+// Use the struct with zero-copy deserialization
+let mut bytes = my_struct.try_to_vec().unwrap();
+
+// Immutable zero-copy deserialization
+let (zero_copy, _remaining) = MyStruct::zero_copy_at(&bytes).unwrap();
+
+// Convert back to original struct using From implementation
+let converted: MyStruct = zero_copy.clone().into();
+assert_eq!(converted, my_struct);
+
+// Mutable zero-copy deserialization with modification
+let (mut zero_copy_mut, _remaining) = MyStruct::zero_copy_at_mut(&mut bytes).unwrap();
+zero_copy_mut.a = 42;
+
+// The change is reflected when we convert back to the original struct
+let modified: MyStruct = zero_copy_mut.into();
+assert_eq!(modified.a, 42);
+
+// And also when we deserialize directly from the modified bytes
+let borsh = MyStruct::try_from_slice(&bytes).unwrap();
+assert_eq!(borsh.a, 42u8);
+```
+
+### With Equality Comparison
+
+```rust
+use borsh::{BorshDeserialize, BorshSerialize};
+use light_zero_copy_derive::ZeroCopy;
+
+#[repr(C)]
+#[derive(Debug, PartialEq, BorshSerialize, BorshDeserialize, ZeroCopy)]
+pub struct MyStruct {
+    pub a: u8,
+    pub b: u16,
+    pub vec: Vec<u8>,
+    pub c: u64,
+}
+let my_struct = MyStruct {
+    a: 1,
+    b: 2,
+    vec: vec![1u8; 32],
+    c: 3,
+};
+// Use the struct with zero-copy deserialization
+let mut bytes = my_struct.try_to_vec().unwrap();
+let (zero_copy, _remaining) = MyStruct::zero_copy_at(&bytes).unwrap();
+assert_eq!(zero_copy, my_struct);
+```