Solana:更改帐户所有者

Solana: Change owner of account

我目前正在尝试使用 Solana 帐户,我想知道是否可以更改帐户的所有者。

我很好奇这是否可能,因为某些程序的安全性依赖于此所有者检查,正如所解释的 here

我也在研究 assign 函数及其工作原理,但我还不能让它工作。

我是误会了什么还是无法让它发挥作用?

这里使用了Python代码:

tx = Transaction().add(
    create_account(CreateAccountParams(
        from_pubkey=attacker_keypair.public_key,
        new_account_pubkey=account_keypair.public_key,
        lamports=client.get_minimum_balance_for_rent_exemption(0)["result"],
        space=0,
        program_id=attacker_keypair.public_key,
    ))
)
send_and_confirm_tx(client, tx, attacker_keypair, account_keypair)

print('Sending 1st tx to program')
tx = Transaction().add(TransactionInstruction(
    keys=[
        AccountMeta(pubkey=account_keypair.public_key, is_signer=False, is_writable=False),    
    ],
    program_id=PROGRAM_ID,
))

send_and_confirm_tx(client, tx, attacker_keypair)

print('Sending 2nd tx to program')
tx = Transaction().add(assign(AssignParams(
    account_pubkey=account_keypair.public_key,
    program_id=attacker2_keypair.public_key
)))

send_and_confirm_tx(client, tx, account_keypair)

错误信息是:InvalidAccountForFee

account_keypair 已分配给 attacker_keypair,因此当您尝试将其用作 2nd tx 中的费用支付者时,运行时会对您大喊大叫,因为 account_keypair只能通过位于 attacker_keypair 的程序减少它的 lamports。要快速解决您当前的问题,您可以这样做:

print('Sending 2nd tx to program')
tx = Transaction().add(assign(AssignParams(
    account_pubkey=account_keypair.public_key,
    program_id=attacker2_keypair.public_key
)))

send_and_confirm_tx(client, tx, attacker_keypair, account_keypair)

但这会导致另一个问题。 account_keypair 已由 attacker_keypair 拥有,因此只有部署到 attacker_keypair 的程序才能重新分配 account_keypair 的所有权。您可以在以下位置阅读有关 Solana 帐户模型的更多信息:https://docs.solana.com/developing/programming-model/accounts#ownership-and-assignment-to-programs

您感兴趣的部分是:

The owner is a program id. The runtime grants the program write access to the account if its id matches the owner. For the case of the System program, the runtime allows clients to transfer lamports and importantly assign account ownership, meaning changing the owner to a different program id. If an account is not owned by a program, the program is only permitted to read its data and credit the account.

这意味着要重新分配所有权,您需要编写一个 on-chain 程序,将所有权重新分配给 attacker2_keypair,将其部署到 attacker_keypair,然后发送一个包含attacker_keypair.

指令

以下是一些在 AccountInfo 上执行 assign 的示例程序:https://github.com/solana-labs/solana/blob/85a2e599bbbf3d51f201167f921718e52c7ce59f/programs/bpf/rust/realloc/src/processor.rs#L54