Ed/swi 66 implement offchain signing instruction per new srfc

[edo-chan]

This pull request introduces support for SIWS (Sign-In With Solana) challenge payloads and signature validation instructions in the interface crate, along with improved error handling for argument serialization. The main focus is on enabling and verifying SIWS-based authentication flows, including support for various authority types (Ed25519, Secp256k1, Secp256r1, and program execution authorities).

The most important changes are:

SIWS Challenge Support:

• Added the SiwsChallengeV1 struct, which models the SIWS challenge payload, including serialization to message strings/bytes and a corresponding test to ensure correct formatting. (interface/src/lib.rs)

Signature Validation Instructions:

• Introduced the IsValidSignatureInstruction struct with methods to construct signature validation instructions for Ed25519, Secp256k1, Secp256r1, and program execution authorities, using the SIWS challenge. (interface/src/lib.rs)
• Added IsValidSignatureArgs to the imports for use in signature validation. (interface/src/lib.rs)
• Updated the program IDL to include the new IsValidSignature instruction with its required accounts. (program/idl.json)

Error Handling Improvements:

• Improved error handling for argument and account meta serialization by replacing .unwrap() calls with explicit error propagation using map_err and anyhow. (interface/src/lib.rs) [1] [2] [3] [4]

These changes collectively enable robust SIWS authentication flows and improve code safety by handling serialization errors more gracefully.

[Copilot]

Pull request overview

This pull request implements SIWS (Sign-In With Solana) challenge validation for off-chain authentication flows in the Swig wallet program. The implementation follows the SIWS specification and enables verifying that a role authority can sign a challenge payload and has the requested permissions, intended primarily for off-chain transaction simulation.

Changes:

• Added comprehensive SIWS challenge payload support with ABNF-compliant message serialization and parsing
• Implemented IsValidSignature instruction for validating signatures against SIWS challenges across multiple authority types (Ed25519, Secp256k1, Secp256r1, and program execution authorities)
• Improved error handling by replacing .unwrap() calls with proper error propagation in instruction building code

Reviewed changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
program/tests/is_valid_signature_test.rs	Comprehensive test suite covering happy path, permission denial, role mismatch, and malformed challenge scenarios
program/src/instruction.rs	Added IsValidSignature instruction variant (discriminant 16) with account definitions
program/src/actions/mod.rs	Integrated new instruction modules and dispatch logic for IsValidSignature
program/src/actions/is_valid_signature_abnf.rs	ABNF parser for SIWS challenge format with strict validation of field ordering and content
program/src/actions/is_valid_signature.rs	Core validation logic for authenticating authorities, verifying resource bindings, and checking scope permissions
program/idl.json	Updated IDL with IsValidSignature instruction schema
interface/src/lib.rs	Added SiwsChallengeV1 struct with message serialization and instruction builder methods for all authority types; improved error handling
.gitignore	Added .idea/ for JetBrains IDE configuration files

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.