kora_lib/rpc_server/method/

transfer_transaction.rs

use serde::{Deserialize, Serialize};
use solana_client::nonblocking::rpc_client::RpcClient;
use solana_keychain::SolanaSigner;
use solana_message::Message;
use solana_sdk::{message::VersionedMessage, pubkey::Pubkey};
use solana_system_interface::instruction::transfer;
use std::{str::FromStr, sync::Arc};
use utoipa::ToSchema;

use crate::{
    constant::NATIVE_SOL,
    state::get_request_signer_with_signer_key,
    transaction::{TransactionUtil, VersionedMessageExt},
    validator::transaction_validator::TransactionValidator,
    CacheUtil, KoraError,
};

#[cfg(not(test))]
use crate::state::get_config;

#[cfg(test)]
use crate::tests::config_mock::mock_state::get_config;

/// **DEPRECATED**: Use `getPaymentInstruction` instead for fee payment flows.
/// This endpoint will be removed in a future version.
///
/// Request payload for creating a simple token or SOL transfer transaction.
/// This endpoint constructs an unsigned transfer where Kora acts as the fee payer,
/// but the user must still sign the transaction before it can be submitted.
#[derive(Debug, Deserialize, ToSchema)]
pub struct TransferTransactionRequest {
    /// Amount to transfer (in the token's smallest unit, e.g. lamports for SOL)
    pub amount: u64,
    /// Token mint address to transfer (use native SOL address for SOL transfers)
    pub token: String,
    /// The source wallet address that will send the tokens
    pub source: String,
    /// The destination wallet address that will receive the tokens
    pub destination: String,
    /// Optional public key of the signer to ensure consistency
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub signer_key: Option<String>,
}

/// **DEPRECATED**: Use `getPaymentInstruction` instead for fee payment flows.
///
/// Response payload containing the constructed transfer transaction.
#[derive(Debug, Serialize, ToSchema)]
pub struct TransferTransactionResponse {
    /// Unsigned base64-encoded transaction ready for the user to sign
    pub transaction: String,
    /// Unsigned base64-encoded message
    pub message: String,
    /// The blockhash used when constructing the transaction
    pub blockhash: String,
    /// Public key of the Kora signer used as the fee payer (for client consistency)
    pub signer_pubkey: String,
}

/// **DEPRECATED**: Use `getPaymentInstruction` instead for fee payment flows.
///
/// Creates an unsigned transfer transaction from source to destination.
/// Kora is the fee payer but does NOT sign - user must sign before submitting.
#[deprecated(since = "2.2.0", note = "Use getPaymentInstruction instead for fee payment flows")]
pub async fn transfer_transaction(
    rpc_client: &Arc<RpcClient>,
    request: TransferTransactionRequest,
) -> Result<TransferTransactionResponse, KoraError> {
    let signer = get_request_signer_with_signer_key(request.signer_key.as_deref())?;
    let config = &get_config()?;
    let signer_pubkey = signer.pubkey();

    let validator = TransactionValidator::new(config, signer_pubkey)?;

    let source = Pubkey::from_str(&request.source)
        .map_err(|e| KoraError::ValidationError(format!("Invalid source address: {e}")))?;
    let destination = Pubkey::from_str(&request.destination)
        .map_err(|e| KoraError::ValidationError(format!("Invalid destination address: {e}")))?;
    let token_mint = Pubkey::from_str(&request.token)
        .map_err(|e| KoraError::ValidationError(format!("Invalid token address: {e}")))?;

    // Check source and destination are not disallowed
    if validator.is_disallowed_account(&source) {
        return Err(KoraError::InvalidTransaction(format!(
            "Source account {source} is disallowed"
        )));
    }
    if validator.is_disallowed_account(&destination) {
        return Err(KoraError::InvalidTransaction(format!(
            "Destination account {destination} is disallowed"
        )));
    }

    let mut instructions = vec![];

    // Handle native SOL transfers
    if request.token == NATIVE_SOL {
        instructions.push(transfer(&source, &destination, request.amount));
    } else {
        // Handle wrapped SOL and other SPL tokens
        let token_mint =
            validator.fetch_and_validate_token_mint(&token_mint, config, rpc_client).await?;
        let token_program = token_mint.get_token_program();
        let decimals = token_mint.decimals();

        let source_ata = token_program.get_associated_token_address(&source, &token_mint.address());
        let dest_ata =
            token_program.get_associated_token_address(&destination, &token_mint.address());

        CacheUtil::get_account(config, rpc_client, &source_ata, false).await.map_err(
            |e| match e {
                KoraError::AccountNotFound(_) => KoraError::AccountNotFound(source_ata.to_string()),
                other => other,
            },
        )?;

        match CacheUtil::get_account(config, rpc_client, &dest_ata, false).await {
            Ok(_) => {} // account exists, no ATA needed
            Err(KoraError::AccountNotFound(_)) => {
                // Create ATA for destination if it doesn't exist (Kora pays for ATA creation)
                instructions.push(token_program.create_associated_token_account_instruction(
                    &signer_pubkey, // Kora pays for ATA creation
                    &destination,
                    &token_mint.address(),
                ));
            }
            Err(e) => return Err(e), // propagate real errors
        }

        instructions.push(
            token_program
                .create_transfer_checked_instruction(
                    &source_ata,
                    &token_mint.address(),
                    &dest_ata,
                    &source,
                    request.amount,
                    decimals,
                )
                .map_err(|e| {
                    KoraError::InvalidTransaction(format!(
                        "Failed to create transfer instruction: {e}"
                    ))
                })?,
        );
    }

    let blockhash = CacheUtil::get_or_fetch_latest_blockhash(config, rpc_client).await?;

    let message = VersionedMessage::Legacy(Message::new_with_blockhash(
        &instructions,
        Some(&signer_pubkey), // Kora as fee payer
        &blockhash,
    ));
    let transaction = TransactionUtil::new_unsigned_versioned_transaction(message);

    let encoded = TransactionUtil::encode_versioned_transaction(&transaction)?;
    let message_encoded = transaction.message.encode_b64_message()?;

    Ok(TransferTransactionResponse {
        transaction: encoded,
        message: message_encoded,
        blockhash: blockhash.to_string(),
        signer_pubkey: signer_pubkey.to_string(),
    })
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::tests::{
        common::{setup_or_get_test_signer, RpcMockBuilder},
        config_mock::ConfigMockBuilder,
    };

    #[tokio::test]
    #[allow(deprecated)]
    async fn test_transfer_transaction_invalid_source() {
        let _m = ConfigMockBuilder::new().build_and_setup();
        let _ = setup_or_get_test_signer();

        let rpc_client = Arc::new(RpcMockBuilder::new().with_mint_account(6).build());

        let request = TransferTransactionRequest {
            amount: 1000,
            token: Pubkey::new_unique().to_string(),
            source: "invalid".to_string(),
            destination: Pubkey::new_unique().to_string(),
            signer_key: None,
        };

        let result = transfer_transaction(&rpc_client, request).await;

        assert!(result.is_err(), "Should fail with invalid source address");
        let error = result.unwrap_err();
        assert!(matches!(error, KoraError::ValidationError(_)), "Should return ValidationError");
        match error {
            KoraError::ValidationError(error_message) => {
                assert!(error_message.contains("Invalid source address"));
            }
            _ => panic!("Should return ValidationError"),
        }
    }

    #[tokio::test]
    #[allow(deprecated)]
    async fn test_transfer_transaction_invalid_destination() {
        let _m = ConfigMockBuilder::new().build_and_setup();
        let _ = setup_or_get_test_signer();

        let rpc_client = Arc::new(RpcMockBuilder::new().with_mint_account(6).build());

        let request = TransferTransactionRequest {
            amount: 1000,
            token: Pubkey::new_unique().to_string(),
            source: Pubkey::new_unique().to_string(),
            destination: "invalid".to_string(),
            signer_key: None,
        };

        let result = transfer_transaction(&rpc_client, request).await;

        assert!(result.is_err(), "Should fail with invalid destination address");
        let error = result.unwrap_err();
        match error {
            KoraError::ValidationError(error_message) => {
                assert!(error_message.contains("Invalid destination address"));
            }
            _ => panic!("Should return ValidationError"),
        }
    }

    #[tokio::test]
    #[allow(deprecated)]
    async fn test_transfer_transaction_invalid_token() {
        let _m = ConfigMockBuilder::new().build_and_setup();
        let _ = setup_or_get_test_signer();

        let rpc_client = Arc::new(RpcMockBuilder::new().with_mint_account(6).build());

        let request = TransferTransactionRequest {
            amount: 1000,
            token: "invalid_token_address".to_string(),
            source: Pubkey::new_unique().to_string(),
            destination: Pubkey::new_unique().to_string(),
            signer_key: None,
        };

        let result = transfer_transaction(&rpc_client, request).await;

        assert!(result.is_err(), "Should fail with invalid token address");
        let error = result.unwrap_err();
        match error {
            KoraError::ValidationError(error_message) => {
                assert!(error_message.contains("Invalid token address"));
            }
            _ => panic!("Should return ValidationError"),
        }
    }

    #[tokio::test]
    #[allow(deprecated)]
    async fn test_transfer_transaction_account_not_found_preserved() {
        // Let's test the specific error mapping logic that was fixed at line 112.
        let pubkey = Pubkey::new_unique();

        // This is simulating the error returned by CacheUtil::get_account when the account is not found
        let error_from_cache = KoraError::AccountNotFound(pubkey.to_string());

        let mapped_error = Err::<(), KoraError>(error_from_cache).map_err(|e| match e {
            KoraError::AccountNotFound(_) => KoraError::AccountNotFound(pubkey.to_string()),
            other => other,
        });

        assert!(matches!(mapped_error.unwrap_err(), KoraError::AccountNotFound(_)));
    }

    #[tokio::test]
    #[allow(deprecated)]
    async fn test_transfer_transaction_rpc_error_preserved() {
        // Test the specific error mapping logic that was fixed at line 112 for RPC errors.
        let pubkey = Pubkey::new_unique();

        // This is simulating the error returned by CacheUtil::get_account when there's an RPC error
        let error_from_cache = KoraError::RpcError("Service Unavailable".to_string());

        let mapped_error = Err::<(), KoraError>(error_from_cache).map_err(|e| match e {
            KoraError::AccountNotFound(_) => KoraError::AccountNotFound(pubkey.to_string()),
            other => other,
        });

        let err = mapped_error.unwrap_err();
        assert!(matches!(err, KoraError::RpcError(_)));
        if let KoraError::RpcError(msg) = err {
            assert_eq!(msg, "Service Unavailable");
        }
    }
}