Skip to content

fix: validate Session/OwnerNonce PDAs against capability_registry program ID#35

Open
Enigma-Memory wants to merge 1 commit into
mainfrom
fix/session-pda-seeds
Open

fix: validate Session/OwnerNonce PDAs against capability_registry program ID#35
Enigma-Memory wants to merge 1 commit into
mainfrom
fix/session-pda-seeds

Conversation

@Enigma-Memory

Copy link
Copy Markdown
Owner

Fixes cross-program Session PDA and OwnerNonce PDA seeds validation so session-wallet delegation tests pass.

  • Adds capability_registry_program account to all session-bearing instruction contexts in memory_registry, budget_escrow, and royalty_router.
  • Uses seeds::program to validate the session and owner_nonce PDAs against capability_registry's program ID.
  • Updates the corresponding IDLs and tests/session_wallet.ts to pass the new account.
  • Updates the royalty_router CPI call to budget_escrow to include the new account.

…y program ID

Add capability_registry_program account to all session-bearing instructions
in memory_registry, budget_escrow, and royalty_router. Use seeds::program to
validate the Session PDA and OwnerNonce PDA against capability_registry's
program ID instead of the calling program's ID.

Also fix capability_registry create_session to set session.owner_nonce to the
post-increment owner_nonce value so sessions remain valid after creation.

Update IDLs and tests/session_wallet.ts test accounts accordingly.
@Enigma-Memory Enigma-Memory force-pushed the fix/session-pda-seeds branch from 5d86cbd to 7b0d1b5 Compare June 27, 2026 07:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant