Function require_token_mint 

pub fn require_token_mint(
    token_account: &AccountView,
    expected_mint: &Address,
) -> ProgramResult

Verify an SPL Token account’s mint field matches expected_mint.

SPL TokenAccount layout: bytes [0..32] are the mint pubkey. Token-2022 extensions never shift the base-layout prefix. the TLV extensions live past byte 165 behind the account-type discriminator, so reading bytes 0..32 is valid for both Token and Token-2022 accounts.

This is the precondition behind Hopper’s #[account(token::mint = X)] attribute. It surfaces a Hopper-branded InvalidAccountData error before any downstream CPI runs, so a user-visible failure clearly points at “wrong mint” rather than an opaque SPL token error.

Innovation over Anchor

Anchor’s token::mint = X is checked by deserializing the full TokenAccount struct via anchor_spl, which pulls in the anchor-spl crate and costs compute on every check. Hopper’s version reads the exact 32 bytes of interest directly from the already-borrowed data buffer. zero extra crate dependencies, no full-struct deserialize, and the check is trivially inlinable.