Enable self served token pools (#961)

Author: agusaldasoro

.gitignore

@@ -26,3 +26,7 @@
 .idea
 
 vendor/
+
+.vscode
+chains/solana/tsclient/src/staging.ts
+*node_modules

chains/solana/contracts/programs/base-token-pool/src/common.rs

@@ -16,6 +16,8 @@ pub const POOL_SIGNER_SEED: &[u8] = b"ccip_tokenpool_signer";
 pub const EXTERNAL_TOKEN_POOLS_SIGNER: &[u8] = b"external_token_pools_signer";
 pub const ALLOWED_OFFRAMP: &[u8] = b"allowed_offramp";
 
+pub const CONFIG_SEED: &[u8] = b"config";
+
 pub const fn valid_version(v: u8, max_version: u8) -> bool {
     !uninitialized(v) && v <= max_version
 }
@@ -329,6 +331,11 @@ pub struct ReleaseOrMintOutV1 {
     pub destination_amount: u64, // token amounts local to solana
 }
 
+#[event]
+pub struct GlobalConfigUpdated {
+    pub self_served_allowed: bool,
+}
+
 #[event]
 pub struct Burned {
     pub sender: Pubkey,

chains/solana/contracts/programs/burnmint-token-pool/src/context.rs

@@ -10,6 +10,43 @@ use crate::{program::BurnmintTokenPool, ChainConfig, State};
 
 const MAX_POOL_STATE_V: u8 = 1;
 
+#[derive(Accounts)]
+pub struct InitGlobalConfig<'info> {
+    #[account(
+        init,
+        seeds = [CONFIG_SEED],
+        bump,
+        payer = authority,
+        space = ANCHOR_DISCRIMINATOR + PoolConfig::INIT_SPACE,
+    )]
+    pub config: Account<'info, PoolConfig>, // Global Config PDA of the Token Pool
+
+    #[account(mut)]
+    pub authority: Signer<'info>,
+    pub system_program: Program<'info, System>,
+
+    // Global Config updates only allowed by program upgrade authority
+    #[account(constraint = program_data.upgrade_authority_address == Some(authority.key()) @ CcipTokenPoolError::Unauthorized)]
+    pub program_data: Account<'info, ProgramData>,
+}
+
+#[derive(Accounts)]
+pub struct UpdateGlobalConfig<'info> {
+    #[account(
+        mut,
+        seeds = [CONFIG_SEED],
+        bump,
+    )]
+    pub config: Account<'info, PoolConfig>, // Global Config PDA of the Token Pool
+
+    pub authority: Signer<'info>,
+    pub system_program: Program<'info, System>,
+
+    // Global Config updates only allowed by program upgrade authority
+    #[account(constraint = program_data.upgrade_authority_address == Some(authority.key()) @ CcipTokenPoolError::Unauthorized)]
+    pub program_data: Account<'info, ProgramData>,
+}
+
 #[derive(Accounts)]
 pub struct InitializeTokenPool<'info> {
     #[account(
@@ -31,8 +68,14 @@ pub struct InitializeTokenPool<'info> {
 
     // Token pool initialization only allowed by program upgrade authority. Initializing token pools managed
     // by the CLL deployment of this program is limited to CLL. Users must deploy their own instance of this program.
-    #[account(constraint = program_data.upgrade_authority_address == Some(authority.key()) @ CcipTokenPoolError::Unauthorized)]
+    #[account(constraint = allowed_to_initialize_token_pool(&program_data, &authority, &config, &mint) @ CcipTokenPoolError::Unauthorized)]
     pub program_data: Account<'info, ProgramData>,
+
+    #[account(
+        seeds = [CONFIG_SEED],
+        bump,
+    )]
+    pub config: Account<'info, PoolConfig>, // Global Config PDA of the Token Pool
 }
 
 #[derive(Accounts)]
@@ -367,3 +410,22 @@ pub struct DeleteChainConfig<'info> {
     #[account(mut, address = state.config.owner)]
     pub authority: Signer<'info>,
 }
+
+// This account can not be declared in the common crate, the program ID for that Account would be incorrect.
+#[account]
+#[derive(InitSpace)]
+pub struct PoolConfig {
+    pub self_served_allowed: bool,
+}
+
+/// Checks if the given authority is allowed to initialize the token pool.
+pub fn allowed_to_initialize_token_pool(
+    program_data: &Account<ProgramData>,
+    authority: &Signer,
+    config: &Account<PoolConfig>,
+    mint: &InterfaceAccount<Mint>,
+) -> bool {
+    program_data.upgrade_authority_address == Some(authority.key()) || // The upgrade authority of the token pool program can initialize a token pool
+    (config.self_served_allowed && Some(authority.key()) == mint.mint_authority.into() )
+    // or the mint authority of the token
+}

chains/solana/contracts/programs/burnmint-token-pool/src/lib.rs

@@ -15,6 +15,29 @@ use crate::context::*;
 pub mod burnmint_token_pool {
     use super::*;
 
+    pub fn init_global_config(ctx: Context<InitGlobalConfig>) -> Result<()> {
+        ctx.accounts.config.self_served_allowed = false;
+
+        emit!(GlobalConfigUpdated {
+            self_served_allowed: ctx.accounts.config.self_served_allowed,
+        });
+
+        Ok(())
+    }
+
+    pub fn update_global_config(
+        ctx: Context<UpdateGlobalConfig>,
+        self_served_allowed: bool,
+    ) -> Result<()> {
+        ctx.accounts.config.self_served_allowed = self_served_allowed;
+
+        emit!(GlobalConfigUpdated {
+            self_served_allowed: ctx.accounts.config.self_served_allowed,
+        });
+
+        Ok(())
+    }
+
     pub fn initialize(
         ctx: Context<InitializeTokenPool>,
         router: Pubkey,

chains/solana/contracts/programs/lockrelease-token-pool/src/context.rs

@@ -3,17 +3,50 @@ use anchor_spl::{
     associated_token::get_associated_token_address_with_program_id,
     token_interface::{Mint, TokenAccount},
 };
-use base_token_pool::common::{
-    uninitialized, valid_version, CcipTokenPoolError, LockOrBurnInV1, ReleaseOrMintInV1,
-    RemoteAddress, RemoteConfig, ALLOWED_OFFRAMP, ANCHOR_DISCRIMINATOR,
-    EXTERNAL_TOKEN_POOLS_SIGNER, POOL_CHAINCONFIG_SEED, POOL_SIGNER_SEED, POOL_STATE_SEED,
-};
+use base_token_pool::common::*;
 use ccip_common::seed;
 
 use crate::{program::LockreleaseTokenPool, ChainConfig, State};
 
 const MAX_POOL_STATE_V: u8 = 1;
 
+#[derive(Accounts)]
+pub struct InitGlobalConfig<'info> {
+    #[account(
+        init,
+        seeds = [CONFIG_SEED],
+        bump,
+        payer = authority,
+        space = ANCHOR_DISCRIMINATOR + PoolConfig::INIT_SPACE,
+    )]
+    pub config: Account<'info, PoolConfig>, // Global Config PDA of the Token Pool
+
+    #[account(mut)]
+    pub authority: Signer<'info>,
+    pub system_program: Program<'info, System>,
+
+    // Global Config updates only allowed by program upgrade authority
+    #[account(constraint = program_data.upgrade_authority_address == Some(authority.key()) @ CcipTokenPoolError::Unauthorized)]
+    pub program_data: Account<'info, ProgramData>,
+}
+
+#[derive(Accounts)]
+pub struct UpdateGlobalConfig<'info> {
+    #[account(
+        mut,
+        seeds = [CONFIG_SEED],
+        bump,
+    )]
+    pub config: Account<'info, PoolConfig>, // Global Config PDA of the Token Pool
+
+    pub authority: Signer<'info>,
+    pub system_program: Program<'info, System>,
+
+    // Global Config updates only allowed by program upgrade authority
+    #[account(constraint = program_data.upgrade_authority_address == Some(authority.key()) @ CcipTokenPoolError::Unauthorized)]
+    pub program_data: Account<'info, ProgramData>,
+}
+
 #[derive(Accounts)]
 pub struct InitializeTokenPool<'info> {
     #[account(
@@ -25,6 +58,7 @@ pub struct InitializeTokenPool<'info> {
     )]
     pub state: Account<'info, State>, // config PDA for token pool
     pub mint: InterfaceAccount<'info, Mint>, // underlying token that the pool wraps
+
     #[account(mut)]
     pub authority: Signer<'info>,
     pub system_program: Program<'info, System>,
@@ -34,8 +68,14 @@ pub struct InitializeTokenPool<'info> {
 
     // Token pool initialization only allowed by program upgrade authority. Initializing token pools managed
     // by the CLL deployment of this program is limited to CLL. Users must deploy their own instance of this program.
-    #[account(constraint = program_data.upgrade_authority_address == Some(authority.key()) @ CcipTokenPoolError::Unauthorized)]
+    #[account(constraint = allowed_to_initialize_token_pool(&program_data, &authority, &config, &mint) @ CcipTokenPoolError::Unauthorized)]
     pub program_data: Account<'info, ProgramData>,
+
+    #[account(
+        seeds = [CONFIG_SEED],
+        bump,
+    )]
+    pub config: Account<'info, PoolConfig>, // Global Config PDA of the Token Pool
 }
 
 #[derive(Accounts)]
@@ -400,3 +440,22 @@ pub struct TokenTransfer<'info> {
     #[account(constraint = authority.key() == state.config.owner || authority.key() == state.config.rebalancer @ CcipTokenPoolError::Unauthorized)]
     pub authority: Signer<'info>,
 }
+
+// This account can not be declared in the common crate, the program ID for that Account would be incorrect.
+#[account]
+#[derive(InitSpace)]
+pub struct PoolConfig {
+    pub self_served_allowed: bool,
+}
+
+/// Checks if the given authority is allowed to initialize the token pool.
+pub fn allowed_to_initialize_token_pool(
+    program_data: &Account<ProgramData>,
+    authority: &Signer,
+    config: &Account<PoolConfig>,
+    mint: &InterfaceAccount<Mint>,
+) -> bool {
+    program_data.upgrade_authority_address == Some(authority.key()) || // The upgrade authority of the token pool program can initialize a token pool
+    (config.self_served_allowed && Some(authority.key()) == mint.mint_authority.into() )
+    // or the mint authority of the token
+}

chains/solana/contracts/programs/lockrelease-token-pool/src/lib.rs

@@ -13,6 +13,19 @@ pub mod lockrelease_token_pool {
 
     use super::*;
 
+    pub fn init_global_config(ctx: Context<InitGlobalConfig>) -> Result<()> {
+        ctx.accounts.config.self_served_allowed = false;
+        Ok(())
+    }
+
+    pub fn update_global_config(
+        ctx: Context<UpdateGlobalConfig>,
+        self_served_allowed: bool,
+    ) -> Result<()> {
+        ctx.accounts.config.self_served_allowed = self_served_allowed;
+        Ok(())
+    }
+
     pub fn initialize(
         ctx: Context<InitializeTokenPool>,
         router: Pubkey,

chains/solana/contracts/target/idl/base_token_pool.json

@@ -295,6 +295,16 @@
     }
   ],
   "events": [
+    {
+      "name": "GlobalConfigUpdated",
+      "fields": [
+        {
+          "name": "selfServedAllowed",
+          "type": "bool",
+          "index": false
+        }
+      ]
+    },
     {
       "name": "Burned",
       "fields": [

chains/solana/contracts/target/idl/burnmint_token_pool.json

@@ -2,6 +2,63 @@
   "version": "0.1.0-dev",
   "name": "burnmint_token_pool",
   "instructions": [
+    {
+      "name": "initGlobalConfig",
+      "accounts": [
+        {
+          "name": "config",
+          "isMut": true,
+          "isSigner": false
+        },
+        {
+          "name": "authority",
+          "isMut": true,
+          "isSigner": true
+        },
+        {
+          "name": "systemProgram",
+          "isMut": false,
+          "isSigner": false
+        },
+        {
+          "name": "programData",
+          "isMut": false,
+          "isSigner": false
+        }
+      ],
+      "args": []
+    },
+    {
+      "name": "updateGlobalConfig",
+      "accounts": [
+        {
+          "name": "config",
+          "isMut": true,
+          "isSigner": false
+        },
+        {
+          "name": "authority",
+          "isMut": false,
+          "isSigner": true
+        },
+        {
+          "name": "systemProgram",
+          "isMut": false,
+          "isSigner": false
+        },
+        {
+          "name": "programData",
+          "isMut": false,
+          "isSigner": false
+        }
+      ],
+      "args": [
+        {
+          "name": "selfServedAllowed",
+          "type": "bool"
+        }
+      ]
+    },
     {
       "name": "initialize",
       "accounts": [
@@ -34,6 +91,11 @@
           "name": "programData",
           "isMut": false,
           "isSigner": false
+        },
+        {
+          "name": "config",
+          "isMut": false,
+          "isSigner": false
         }
       ],
       "args": [
@@ -579,6 +641,18 @@
     }
   ],
   "accounts": [
+    {
+      "name": "PoolConfig",
+      "type": {
+        "kind": "struct",
+        "fields": [
+          {
+            "name": "selfServedAllowed",
+            "type": "bool"
+          }
+        ]
+      }
+    },
     {
       "name": "State",
       "type": {