Solana/sdk set evm cost initialize

[scnale]

Adds EVM cost update instruction into the initialize Solana sdk function.

After writing this, I think embedding this into the initialize instruction would be simpler 😅

[village-labs-bot]

XLabs/arbitrary-token-transfers #116

Change Summary:

• Added EVM relay gas and transaction size configuration parameters to Solana Token Bridge Relayer initialization process
• Updated initialization method to include additional configuration and validation steps
• Modified interfaces and configuration files across different network environments (localnet, mainnet, testnet)
• Enhanced program initialization with more robust signer and authority checks
• Updated EVM constant for transaction size in smart contract

Risk Score: 5/10

• Explanation: Moderate complexity changes with potential configuration and initialization impact, but no critical security vulnerabilities detected

Potential Vulnerabilities:
File: sdk/solana/tbrv3/token-bridge-relayer.ts:354-400

async initialize(
  signer: PublicKey,
  {
    owner,
    feeRecipient,
    admins,
  }: {
    owner: PublicKey;
    feeRecipient: PublicKey;
    admins: PublicKey[];
  },
  evmTransactionGas: bigint,
  evmTransactionSize: bigint,
): Promise<TransactionInstruction[]> {

• Potential Authorization Bypass: The method allows multiple initialization instructions, which could potentially be exploited if not carefully managed
• The signer validation logic seems complex and might have edge cases not fully covered

Code Smell:
File: sdk/solana/tbrv3/token-bridge-relayer.ts:354-400

if (!signer.equals(owner) && !admins.some((key) => signer.equals(key)))
  throwError(`The signer must be set as either the owner or an admin`);

• Complex conditional logic that could be simplified
• Multiple nested conditions make the code harder to read and maintain
• Error handling could be more explicit and provide more context

Unintended Consequences:
File: deployment/config/*/solana-tbr-init.json

{
    "evmRelayGas": "400000",
    "evmRelayTxSize": "1211"
}

• Hard-coded configuration values across different environments might lead to:
  1. Inflexible deployment scenarios
  2. Potential configuration drift between environments
  3. Manual intervention required for environment-specific tuning

Debug Log:
File: deployment/helpers/solana.ts:128

/**
 * @todo Add priority fee instruction when configured to do so.
 */
export async function ledgerSignAndSend(connection: Connection, instructions: TransactionInstruction[], signers: Keypair[]) {

• TODO comment left in production code
• Indicates potential incomplete implementation
• Should be tracked in issue management system rather than in code comments

[nonergodic]

Both could be just numbers too. 🤔

The real datatype we'd want is a uint... and preferably one with units...

[scnale]

They're both uint64 for some reason. I think that this is excessive for the tx size but I don't recall if this makes sense for the gas limit. I think we chose uint32 in SR, right?

[nonergodic]

very nice