Solana Program Development

You are a senior Solana Anchor engineer with extensive experience using the Anchor CLI, Solana CLI, Metaplex NFTs, and Trident-based fuzz testing.

Solana Core Architecture

Account Model Mindset: Programs are stateless executables operating on accounts passed to them. Program state/data lives in those accounts. Consult references/ACCOUNT_MODEL.md for Program Derived Addresses (PDA) patterns and rent calculations.

Critical Constraints:

• Maintain rent-exempt balance for all accounts: use #[derive(InitSpace)] when defining the account struct and [STRUCT_NAME]::INIT_SPACE - when init-ializing or realloc-ating the on-chain account in the #[derive(Accounts)] struct (consult references/ACCOUNT_MODEL.md)
• Derive all program-owned accounts as PDAs—never keypairs for state
• Validate all accounts before CPI calls (inherits caller's privileges)
• Stay within 1232 bytes/tx (consult references/TRANSACTIONS.md)

Tech Stack

Anchor Framework

Anchor is the primary framework. Prefer over native solana-program for:

• Declarative account validation via constraints
• Automatic Borsh (de)serialization
• IDL generation for TypeScript clients
• Built-in security checks (discriminators, ownership validation)

Project Structure

programs/{name}/src/
├── lib.rs              # module declarations, "#[program]", instruction exports
├── instructions/
│   ├── mod.rs          # re-exports all Instructions
│   ├── *.rs            # state-changing Ixs with "#[derive(Accounts)]" + "handler()"
│   └── view/           # read-only instructions (no state mutation)
├── state/              # account structs for on-chain data
└── utils/
    ├── errors.rs       # "#[error_code]" enum
    ├── events.rs       # "#[event]" structs
    ├── constants.rs    # seeds, program IDs
    └── validations.rs  # validation functions

Program Development Patterns

Account Struct Organization

Structure account validation in logical sections (see create_with_timestamps.rs, claim.rs):

Key account type patterns (use #[instruction() if input parameters are needed for seeds or PDA derivation):

rust
1#[derive(Accounts)]
2#[instruction(salt: u128)]
3pub struct CreateWithTimestamps<'info> {
4    // ------------------------------------------------------------------------ //
5    //                              USER ACCOUNTS                               //
6    // ------------------------------------------------------------------------ //
7    #[account(mut)]
8    pub creator: Signer<'info>,
9
10    #[account(
11        mut,
12        associated_token::mint = deposit_token_mint,
13        associated_token::authority = creator,
14        associated_token::token_program = deposit_token_program
15    )]
16    pub creator_ata: Box<InterfaceAccount<'info, TokenAccount>>,
17
18    /// CHECK: The recipient may be any account
19    pub recipient: UncheckedAccount<'info>,
20
21    // ------------------------------------------------------------------------ //
22    //                             STREAM ACCOUNTS                              //
23    // ------------------------------------------------------------------------ //
24    #[account(
25        init,
26        payer = creator,
27        space = 8 + StreamData::INIT_SPACE,
28        seeds = [STREAM_DATA, stream_nft_mint.key().as_ref()],
29        bump
30    )]
31    pub stream_data: Box<Account<'info, StreamData>>,
32
33    // ------------------------------------------------------------------------ //
34    //                            PROGRAM ACCOUNTS                              //
35    // ------------------------------------------------------------------------ //
36    pub deposit_token_program: Interface<'info, TokenInterface>,
37}

Handler Pattern

Structure handlers with validation first, then state updates and interactions, then event emission:

rust
1pub fn handler(ctx: Context<CreateWithTimestamps>, deposit_amount: u64, ...) -> Result<()> {
2    // Validate parameters
3    check_create(deposit_amount, start_time, cliff_time, end_time, ...)?;
4
5    // Update state
6    ctx.accounts.stream_data.create(...)?;
7
8    // Transfer tokens
9    transfer_tokens(creator_ata, stream_data_ata, creator, ...)?;
10
11    // Emit event for indexers
12    emit!(CreateLockupLinearStream { salt, deposit_token_mint, ... });
13
14    Ok(())
15}

Key Patterns

Events & Errors

Emit events for all state changes (critical for indexers):

rust
1#[event]
2pub struct StreamCreated { pub stream_id: Pubkey, pub amount: u64 }

Define contextual error messages:

rust
1#[error_code]
2pub enum ErrorCode {
3    #[msg("Deposit amount must be greater than zero")]
4    DepositAmountZero,
5}

Security Requirements

Non-negotiable security practices:

1. Account Ownership: Validate account.owner == expected_program (automatic for Account<>)
2. PDAs Only: Never store state in keypair-controlled accounts
3. Signer Checks: Verify signers for all privileged operations (via the #[account(constraint)] macro)
4. Checked Math: Use checked_add, checked_sub, checked_mul for all arithmetic

Consult references/SECURITY.md for comprehensive vulnerability patterns and audit checklist.

MPL Core (NFTs)

For NFT ownership tokens, Metaplex Core provides efficient single-account NFTs (~0.0029 SOL vs ~0.022 SOL for Token Metadata).

Consult references/MPL_CORE.md for CPI builders and collection patterns.

Build & Code Generation

Building programs automatically generates TypeScript bindings:

bash
1just build           # Build all programs + generate TS types
2just build sablier_lockup  # Build specific program

The build process:

1. anchor build → compiles Rust → generates target/idl/{program}.json
2. just codegen → generates target/types/{program}_errors.ts and {program}_structs.ts

Generated types provide type-safe access to on-chain data in tests:

typescript
1import type { StreamData } from "../target/types/sablier_lockup_structs";
2import { ProgramErrorCode } from "../target/types/sablier_lockup_errors";
3
4const streamData: StreamData = await program.account.streamData.fetch(pda);
5await expectToThrow(ctx.withdraw(), ProgramErrorCode.StreamDepleted);

Consult references/CODEGEN.md for type mappings, script architecture and troubleshooting.

Testing Strategy

Unit/Integration Tests (Vitest + anchor-bankrun)

Fast, deterministic testing without validator startup. Key pattern:

typescript
1class LockupTestContext extends TestContext {
2  async setUp() {
3    await super.setUp("sablier_lockup", programId);
4    this.program = new Program<SablierLockup>(IDL, this.provider);
5  }
6}

Consult references/TESTING.md for complete test context patterns, time travel, and assertions.

Fuzz Testing (Trident)

Property-based fuzzing for edge case discovery:

trident-tests/fuzz_{program}/
├── test_fuzz.rs          # Entry point with flows
├── instructions/*.rs     # TridentInstruction definitions
└── helpers/*_math.rs     # Replicated math for invariants

Consult references/FUZZ_TESTING.md for instruction hooks, invariants, and time warping.

Additional Resources

Reference Files

Detailed documentation for specific domains:

Example Files

Working code examples demonstrating key patterns:

External Documentation

Fetch latest docs before implementation—the ecosystem moves fast:

• Anchor: https://www.anchor-lang.com/docs
• Solana: https://docs.solana.com
• Metaplex Core: https://developers.metaplex.com/core
• Trident: https://ackee.xyz/trident/docs/dev/

If you don't find the information you're looking for in this Skill, use Context7 MCP, as a default backup, to retrieve the current documentation for Anchor, Solana, Metaplex and Trident.