Skip to content

fix(rewards-program): use Anchor-compatible 8-byte event discriminators#37

Merged
dev-jodee merged 2 commits into
mainfrom
fix/event-discriminators-anchor-compat
Apr 22, 2026
Merged

fix(rewards-program): use Anchor-compatible 8-byte event discriminators#37
dev-jodee merged 2 commits into
mainfrom
fix/event-discriminators-anchor-compat

Conversation

@dev-jodee
Copy link
Copy Markdown
Collaborator

@dev-jodee dev-jodee commented Apr 17, 2026

Summary

  • Replaces single-byte event discriminators with 8-byte constants derived from sha256("event:StructName")[..8], matching Anchor's convention
  • EVENT_DISCRIMINATOR_LEN changes from 9 to 16 bytes (8-byte EVENT_IX_TAG + 8-byte discriminator)
  • Removes the EventDiscriminators enum — each event struct now holds its own pre-computed 8-byte constant
  • Updates all 18 event files and their unit tests (byte offset shift: data starts at byte 16 instead of byte 9)

⚠️ Breaking change: Event wire format changes. Indexers and parsers consuming these events must update their discriminator matching logic.

Audit finding: #5

Test plan

  • cargo test -p rewards-program --lib (405 unit tests)
  • cargo test -p tests-rewards-program --lib (204 integration tests)

@dev-jodee
fix(rewards-program): use Anchor-compatible 8-byte event discriminators
c5ea759 
Replace single-byte event discriminators with 8-byte constants derived
from sha256("event:StructName")[..8], matching Anchor's convention.

This is a breaking change to the event wire format. Event data now
starts at byte 16 (8-byte EVENT_IX_TAG + 8-byte discriminator) instead
of byte 9 (8-byte EVENT_IX_TAG + 1-byte discriminator).

Previously, standard Anchor event parsers couldn't decode these events
because they expected 8-byte discriminators.
@dev-jodee
refactor(rewards-program): derive event discriminators at compile time
60a5c5a 
Replace hardcoded 8-byte discriminator arrays in each event struct
with calls to a new const fn event_discriminator(name) that computes
sha256("event:" + name)[..8] at compile time via const-crypto's
re-exported sha2-const-stable.

Adding a new event now just requires:
    const DISCRIMINATOR: [u8; 8] = event_discriminator(b"FooEvent");

instead of manually computing sha256 offline and pasting the bytes.
Fixes OptInEvent/OptOutEvent discriminators to match their actual
struct names (were previously derived from the old enum variant
names OptedIn/OptedOut).
@dev-jodee dev-jodee requested a review from amilz April 20, 2026 13:32
@dev-jodee dev-jodee merged commit 2bf46fb into main Apr 22, 2026
7 checks passed
@dev-jodee dev-jodee deleted the fix/event-discriminators-anchor-compat branch April 22, 2026 18:58
@dev-jodee dev-jodee mentioned this pull request Apr 24, 2026
Merged
dev-jodee added a commit that referenced this pull request Apr 24, 2026
@dev-jodee
chore: add OtterSec audit report (#39)
13773bf 
Add the OtterSec security assessment (2026-04-24) covering the
rewards program at commit d795849. All 8 findings were resolved
in PRs #32-#37 and marked as such in the report.

Track the audited-through commit and unaudited delta in
audits/AUDIT_STATUS.md. Drop the "not audited" notice from the
README and add a Security Audit section linking the report.

Co-authored-by: Jo D <dev-jodee@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amilz amilz Awaiting requested review from amilz

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dev-jodee