helius 1.1.0

An asynchronous Helius Rust SDK for building the future of Solana
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174

pub mod enhanced_transaction_types;
pub mod enhanced_websocket;
pub mod enums;
pub mod inner;
pub mod options;
pub mod zk_compression_types;

pub use self::enhanced_transaction_types::*;
pub use self::enhanced_websocket::{
    FullTransactionNotification, RpcTransactionsConfig, TransactionCommitment, TransactionNotification,
    TransactionSubscribeFilter, TransactionSubscribeOptions, UiEnhancedTransactionEncoding,
};
pub use self::enums::*;
pub use self::inner::*;
pub use self::options::*;
pub use self::zk_compression_types::*;

// Re-export wallet and admin types
pub use self::inner::{
    AdminBillingCycle, AdminSubscriptionDetails, AdminUsageBreakdown, BalanceChange, BalancesPagination,
    BalancesResponse, BatchIdentityRequest, FundingSource, HistoryResponse, HistoryTransaction, Identity, Nft,
    Pagination, ProjectUsage, TokenAccountsOption, TokenBalance, Transfer, TransferDirection, TransfersResponse,
};

use crate::error::{HeliusError, Result};
use url::Url;

/// Type-safe wrapper for Helius API keys.
///
/// Validates that keys are non-empty and provides type safety to prevent
/// accidentally passing wrong strings as API keys.
///
/// # Examples
///
/// ```
/// use helius::types::ApiKey;
///
/// let key = ApiKey::new("your-api-key").unwrap();
/// assert_eq!(key.as_str(), "your-api-key");
/// ```
#[derive(Clone, Debug)]
pub struct ApiKey(String);

impl ApiKey {
    /// Creates a new API key.
    ///
    /// # Errors
    /// Returns `HeliusError::InvalidInput` if the key is empty or whitespace-only.
    ///
    /// # Examples
    ///
    /// ```
    /// use helius::types::ApiKey;
    ///
    /// let key = ApiKey::new("my-api-key").unwrap();
    /// assert_eq!(key.as_str(), "my-api-key");
    ///
    /// // Empty keys are rejected
    /// assert!(ApiKey::new("").is_err());
    /// assert!(ApiKey::new("   ").is_err());
    /// ```
    pub fn new(key: impl Into<String>) -> Result<Self> {
        let key = key.into();
        let trimmed = key.trim();

        if trimmed.is_empty() {
            return Err(HeliusError::InvalidInput("API key cannot be empty".to_string()));
        }

        Ok(ApiKey(key))
    }

    /// Returns the API key as a string slice.
    pub fn as_str(&self) -> &str {
        &self.0
    }
}

impl From<ApiKey> for String {
    fn from(key: ApiKey) -> String {
        key.0
    }
}

/// Validates RPC URLs with essential security checks.
///
/// # Security
/// - Only allows http/https schemes (prevents file://, javascript:, etc.)
/// - Rejects embedded credentials (user:pass@ format)
/// - Validates URL structure
///
/// # Arguments
/// * `url` - The RPC endpoint URL to validate
///
/// # Examples
/// ```
/// use helius::types::validate_rpc_url;
///
/// // Valid URLs
/// assert!(validate_rpc_url("https://api.mainnet-beta.solana.com").is_ok());
/// assert!(validate_rpc_url("http://localhost:8899").is_ok());
///
/// // Invalid URLs
/// assert!(validate_rpc_url("file:///etc/passwd").is_err());
/// assert!(validate_rpc_url("https://user:pass@api.com").is_err());
/// ```
pub fn validate_rpc_url(url: &str) -> Result<Url> {
    let parsed = Url::parse(url)
        .map_err(|e| HeliusError::InvalidInput(format!("Invalid URL format: {}. Expected: https://example.com/", e)))?;

    // Only allow http/https schemes
    match parsed.scheme() {
        "http" | "https" => {}
        scheme => {
            return Err(HeliusError::InvalidInput(format!(
                "Invalid URL scheme '{}'. Only 'http' and 'https' are allowed for RPC endpoints.",
                scheme
            )))
        }
    }

    // Reject credentials in URL (security risk - logged by proxies)
    if !parsed.username().is_empty() || parsed.password().is_some() {
        return Err(HeliusError::InvalidInput(
            "URL contains embedded credentials. Remove them and use .with_api_key() instead.".to_string(),
        ));
    }

    Ok(parsed)
}

/// Validates WebSocket URLs (wss:// or ws://).
///
/// # Security
/// - Only allows ws/wss schemes
/// - Rejects embedded credentials
/// - Validates URL structure
///
/// # Arguments
/// * `url` - The WebSocket endpoint URL to validate
///
/// # Examples
/// ```
/// use helius::types::validate_ws_url;
///
/// // Valid URLs
/// assert!(validate_ws_url("wss://atlas-mainnet.helius-rpc.com").is_ok());
/// assert!(validate_ws_url("ws://localhost:8900").is_ok());
///
/// // Invalid URLs
/// assert!(validate_ws_url("http://example.com").is_err());
/// assert!(validate_ws_url("wss://user:pass@example.com").is_err());
/// ```
pub fn validate_ws_url(url: &str) -> Result<Url> {
    let parsed = Url::parse(url).map_err(|e| HeliusError::InvalidInput(format!("Invalid WebSocket URL: {}", e)))?;

    match parsed.scheme() {
        "ws" | "wss" => {}
        scheme => {
            return Err(HeliusError::InvalidInput(format!(
                "Invalid WebSocket scheme '{}'. Only 'ws' and 'wss' are allowed.",
                scheme
            )))
        }
    }

    if !parsed.username().is_empty() || parsed.password().is_some() {
        return Err(HeliusError::InvalidInput(
            "WebSocket URL contains embedded credentials.".to_string(),
        ));
    }

    Ok(parsed)
}