An example contract for Solana (#72)

* Add example contract for solana

Co-authored-by: dadepo <dadepo@gmail.com>
Co-authored-by: Ali Behjati <bahjatia@gmail.com>

Author: 3 people

Cargo.toml

@@ -6,4 +6,5 @@ members = [
     "pyth-sdk-solana/test-contract",
     "pyth-sdk-cw",
     "examples/cw-contract",
+    "examples/sol-contract"
 ]

examples/sol-contract/.gitignore

@@ -0,0 +1,5 @@
+build/example_sol_contract.so
+build/example_sol_contract-keypair.json
+scripts/invoke.js
+scripts/invoke.js.map
+scripts/node_modules/

examples/sol-contract/Cargo.toml

@@ -0,0 +1,18 @@
+[package]
+name = "example-sol-contract"
+version = "0.1.0"
+authors = ["Pyth Data Foundation"]
+edition = "2021"
+
+[lib]
+crate-type = ["cdylib", "lib"]
+
+[dependencies]
+borsh = "0.9"
+arrayref = "0.3.6"
+solana-program = "1.10.40"
+pyth-sdk-solana = { path = "../../pyth-sdk-solana", version = "0.6.1" }
+
+[dev-dependencies]
+solana-sdk = "1.10.40"
+solana-client = "1.10.40"

examples/sol-contract/README.md

@@ -0,0 +1,53 @@
+# Pyth SDK Example Program for Solana
+
+This is an example demonstrating how to read prices from Pyth on Solana.
+
+The program has two instructions: `Init` and `Loan2Value`.
+`Init` can *only* be invoked by the program admin and it will initialize some loan information.
+`Loan2Value` can be invoked by anyone and it uses the current Pyth price to compare the value of the loan and the value of the collateral.
+This is an important functionality in many lending protocols.
+
+The key program logic is in 3 files.
+The loan information structure is defined in `src/state.rs`, which also contains the serialization and deserialization code.
+The two instructions are implemented in `src/processor.rs`.
+An example invocation of these instructions on the Solana devnet can be found in `scripts/invoke.ts`.
+
+## Where and how is the Pyth SDK used?
+Pyth SDK is used in the `Loan2Value` instruction in `src/processor.rs`.
+For the loan, the code first reads the unit price from the Pyth oracle.
+```rust
+let feed1 = load_price_feed_from_account_info(pyth_loan_account)?;
+let result1 = feed1.get_current_price().ok_or(ProgramError::Custom(3))?;
+```
+
+And then calculate the loan value given the quantity of the loan.
+```rust
+let loan_max_price = result1
+    .price
+    .checked_add(result1.conf as i64)
+    .ok_or(ProgramError::Custom(4))?;
+let loan_max_value = loan_max_price
+    .checked_mul(loan_qty)
+    .ok_or(ProgramError::Custom(4))?;
+```
+
+This code says that, with high confidence, the maximum value of the loan does not exceed `loan_max_value * 10^(result1.expo)` at the time of the query.
+In a similar way, the code then calculates the minimum value of the collateral and compare the two.
+
+More on Pyth best practice and price confidence interval can be found [here](https://docs.pyth.network/consume-data/best-practices).
+
+## Run this program
+We assume that you have installed `cargo`, `solana`, `npm` and `node`.
+
+```shell
+# Enter the root directory of this example
+> cd examples/sol-contract
+# Build the example contract
+> scripts/build.sh
+# Config solana CLI and set the url as devnet
+> solana config set --url https://api.devnet.solana.com
+# Deploy the example contract
+> scripts/deploy.sh
+# Invoke the example contract
+> scripts/invoke.ts
+```

examples/sol-contract/build/README.md

@@ -0,0 +1 @@
+This directory holds the output of build-bpf. See scripts/build.sh.

examples/sol-contract/scripts/build.sh

@@ -0,0 +1 @@
+cargo build-bpf --bpf-out-dir ./build

examples/sol-contract/scripts/deploy.sh

@@ -0,0 +1,4 @@
+echo "Airdropping..."
+solana airdrop 1 --url https://api.devnet.solana.com
+echo "Deploying the program..."
+solana program deploy --program-id build/example_sol_contract-keypair.json build/example_sol_contract.so

examples/sol-contract/scripts/invoke.sh

@@ -0,0 +1 @@
+cd scripts; npm install typescript; npm run build; node invoke.js

examples/sol-contract/scripts/invoke.ts

@@ -0,0 +1,144 @@
+const fs = require('fs');
+const web3 = require("@solana/web3.js");
+const {struct, b, u8, blob} = require("@solana/buffer-layout");
+
+export const invoke = async (loan: string, collateral: string) => {
+    /* Obtain the contract keypair */
+    var contract;
+    try {
+        let data = fs.readFileSync(
+            '../build/example_sol_contract-keypair.json'
+        );
+        contract = web3.Keypair.fromSecretKey(
+            new Uint8Array(JSON.parse(data))
+        );
+        console.info("Invoking contract " + contract.publicKey);
+    } catch (error) {
+        console.error("Please run scripts/build.sh first.");
+        return;
+    }
+
+    /* Prepare the payer account */
+    let conn = new web3.Connection(web3.clusterApiUrl('devnet'));
+    console.info("Airdropping to the payer account...");
+    let payer = web3.Keypair.generate();
+    let airdropSig = await conn.requestAirdrop(
+        payer.publicKey, web3.LAMPORTS_PER_SOL
+    );
+    await conn.confirmTransaction(airdropSig);
+
+    /* Prepare the createInst instruction which creates an
+     * account storing the AdminConfig data for the instructions */
+    let loanInfoSize = 1 + 32 + 32;
+    let dataAccount = web3.Keypair.generate();
+    let dataCost = await conn.getMinimumBalanceForRentExemption(loanInfoSize);
+    const createInst = web3.SystemProgram.createAccount({
+        lamports: dataCost,
+        space: loanInfoSize,
+        programId: contract.publicKey,
+        fromPubkey: payer.publicKey,
+        newAccountPubkey: dataAccount.publicKey,
+    });
+
+    /* Prepare the accounts and instruction data for transactions */
+    const dataKey = dataAccount.publicKey;
+    const loanKey = new web3.PublicKey(loan);
+    const collateralKey = new web3.PublicKey(collateral);
+    let accounts =
+        [{pubkey: contract.publicKey, isSigner: true, isWritable: false},
+         {pubkey: dataKey, isSigner: false, isWritable: false},
+         {pubkey: loanKey, isSigner: false, isWritable: false},
+         {pubkey: collateralKey, isSigner: false, isWritable: false},
+        ];
+
+    let initLayout = struct([ u8('instruction') ])
+    let initData = Buffer.alloc(initLayout.span);
+    let loan2ValueLayout = struct([
+        u8('instruction'), blob(8, 'loan_qty'), blob(8, 'collateral_qty')
+    ])
+    let loan2ValueData = Buffer.alloc(loan2ValueLayout.span);
+
+    /* Invoke the Init instruction (instruction #0) */
+    console.log("Creating data account and invoking Init...");
+    initLayout.encode({instruction: 0}, initData);
+    let txInit = new web3.Transaction({ feePayer: payer.publicKey });
+    txInit.add(
+        createInst,                        /* Create data account */
+        new web3.TransactionInstruction({  /* Initialize data account */
+            data: initData,
+            keys: accounts,
+            programId: contract.publicKey
+        })
+    );
+    let txInitSig = await web3.sendAndConfirmTransaction(
+        conn, txInit, [payer, dataAccount, contract]
+    );
+    console.log("TxHash: " + txInitSig);
+
+    /* Invoke the Loan2Value instruction (instruction #1) */
+    console.log("Checking loan to value ratio...");
+    /* Encode 0x1 in big ending */
+    let loan_qty = Buffer.from('0100000000000000', 'hex');
+    /* Encode 0xbb8 (3000) in big ending */
+    let collateral_qty = Buffer.from('b80b000000000000', 'hex');
+    loan2ValueLayout.encode(
+        {instruction: 1,
+         loan_qty: blob(8).decode(loan_qty),
+         collateral_qty: blob(8).decode(collateral_qty)}
+    , loan2ValueData);
+
+    let txCheck = new web3.Transaction({ feePayer: payer.publicKey });
+    txCheck.add(
+        new web3.TransactionInstruction({
+            data: loan2ValueData,
+            keys: accounts,
+            programId: contract.publicKey
+        })
+    );
+    let txCheckSig = await web3.sendAndConfirmTransaction(
+        conn, txCheck, [payer, contract]
+    );
+    console.log("TxHash: " + txCheckSig);
+
+    /* Try to invoke the Init instruction without authority */
+    console.log("Trying an unauthorized invocation of Init...");
+    let attacker = web3.Keypair.generate();
+    accounts[0].pubkey = attacker.publicKey
+
+    let attackerDataAccount = web3.Keypair.generate();
+    const attackerCreateInst = web3.SystemProgram.createAccount({
+        lamports: dataCost,
+        space: loanInfoSize,
+        programId: contract.publicKey,
+        fromPubkey: payer.publicKey,
+        newAccountPubkey: attackerDataAccount.publicKey,
+    });
+
+    let txAttacker = new web3.Transaction({ feePayer: payer.publicKey });
+    txAttacker.add(
+        attackerCreateInst,
+        new web3.TransactionInstruction({
+            data: initData,
+            keys: accounts,
+            programId: contract.publicKey
+        })
+    );
+
+    var attacker_succeed = false, txAttackerSig;
+    try {
+        txAttackerSig = await web3.sendAndConfirmTransaction(
+            conn, txAttacker, [payer, attackerDataAccount, attacker]
+        );
+        attacker_succeed = true;
+    } catch (error) {
+        console.log("Attacker failed to invoke unauthorized Init.");
+    }
+
+    if (attacker_succeed)
+        throw new Error("Attacker succeeded! TxHash: " + txAttackerSig);
+}
+
+/* Pyth price accounts on the solana devnet */
+let ethToUSD = "EdVCmQ9FSPcVe5YySXDPCRmc8aDQLKJ9xvYBMZPie1Vw";
+let usdtToUSD = "38xoQ4oeJCBrcVvca2cGk7iV1dAfrmTR1kmhSCJQ8Jto";
+invoke(ethToUSD, usdtToUSD);