From d12959163855a2bb9939ef10cb4dddbbb7aa1ab2 Mon Sep 17 00:00:00 2001
From: Hardhat Chad <hardhatchad@gmail.com>
Date: Tue, 15 Jul 2025 12:08:09 -0700
Subject: [PATCH] secure logs

---
 api/src/instruction.rs |  4 +++-
 api/src/sdk.rs         | 11 +++++++----
 cli/src/main.rs        |  3 +--
 program/src/log.rs     | 18 +++++++++++++-----
 4 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/api/src/instruction.rs b/api/src/instruction.rs
index e5025fd..f78a90a 100644
--- a/api/src/instruction.rs
+++ b/api/src/instruction.rs
@@ -48,7 +48,9 @@ pub struct Deposit {
 
 #[repr(C)]
 #[derive(Clone, Copy, Debug, Pod, Zeroable)]
-pub struct Log {}
+pub struct Log {
+    pub block_id: [u8; 8],
+}
 
 #[repr(C)]
 #[derive(Clone, Copy, Debug, Pod, Zeroable)]
diff --git a/api/src/sdk.rs b/api/src/sdk.rs
index 55cd2ca..85f76f6 100644
--- a/api/src/sdk.rs
+++ b/api/src/sdk.rs
@@ -91,12 +91,15 @@ pub fn close(
     }
 }
 
-pub fn log(signer: Pubkey, msg: &[u8]) -> Instruction {
-    let mut data = Log {}.to_bytes();
+pub fn log(signer: Pubkey, block_id: u64, msg: &[u8]) -> Instruction {
+    let mut data = Log {
+        block_id: block_id.to_le_bytes(),
+    }
+    .to_bytes();
     data.extend_from_slice(msg);
     Instruction {
         program_id: crate::ID,
-        accounts: vec![AccountMeta::new(signer, false)],
+        accounts: vec![AccountMeta::new(signer, true)],
         data: data,
     }
 }
@@ -107,7 +110,7 @@ pub fn program_log(
     msg: &[u8],
 ) -> Result<(), ProgramError> {
     invoke_signed(
-        &log(*accounts[0].key, msg),
+        &log(*accounts[0].key, block_id, msg),
         accounts,
         &crate::ID,
         &[BLOCK, &block_id.to_le_bytes()],
diff --git a/cli/src/main.rs b/cli/src/main.rs
index 89c9b60..3f855b8 100644
--- a/cli/src/main.rs
+++ b/cli/src/main.rs
@@ -12,7 +12,6 @@ use solana_sdk::{
     signature::{read_keypair_file, Signer},
     transaction::Transaction,
 };
-use spl_token::amount_to_ui_amount;
 use steel::{AccountDeserialize, Clock, Discriminator};
 
 #[tokio::main]
@@ -247,7 +246,7 @@ async fn get_blocks(rpc: &RpcClient) -> Result<Vec<(Pubkey, Block)>, anyhow::Err
     Ok(blocks)
 }
 
-async fn simulate_transaction(
+async fn _simulate_transaction(
     rpc: &RpcClient,
     payer: &solana_sdk::signer::keypair::Keypair,
     instructions: &[solana_sdk::instruction::Instruction],
diff --git a/program/src/log.rs b/program/src/log.rs
index 7b72b6f..9f81c24 100644
--- a/program/src/log.rs
+++ b/program/src/log.rs
@@ -1,13 +1,21 @@
 use ore_api::prelude::*;
+use solana_program::log::sol_log;
 use steel::*;
 
 /// No-op, use instruction data for logging w/o truncation.
-pub fn process_log(accounts: &[AccountInfo<'_>], _data: &[u8]) -> ProgramResult {
+pub fn process_log(accounts: &[AccountInfo<'_>], data: &[u8]) -> ProgramResult {
+    // Load data
+    let block_id_bytes = data[..8].try_into().unwrap();
+    let block_id = u64::from_le_bytes(block_id_bytes);
+    sol_log(format!("Block ID: {}", block_id).as_str());
+
     // Load accounts.
-    // let [signer_info] = accounts else {
-    //     return Err(ProgramError::NotEnoughAccountKeys);
-    // };
-    // signer_info.as_account::<Block>(&ore_api::ID)?;
+    let [signer_info] = accounts else {
+        return Err(ProgramError::NotEnoughAccountKeys);
+    };
+    signer_info
+        .is_signer()?
+        .has_seeds(&[BLOCK, &block_id.to_le_bytes()], &ore_api::ID)?;
 
     // For data integrity, only a block can log messages.