fix: script to fill jupiter swap #819

Reinis-FRP · 2024-12-23T09:45:43Z

Adds a script to test Across+ fills with Jupiter swap integration on mainnet. Note that all remaining tokens above minimum output amount can be stolen by anyone. This could be improved by either creating a sweeper program that reads actual handler ATA balance and transfers all of them to the recipient ATA or building this functionality in the Multicall handler.

Tested on below mainnet deployments:

multicall_handler = "71cJqNV4vkmxsbk422c2KpST3aSwuvKsQ4kpLD8RBHZ5"
svm_spoke = "D1WcTLKRyN4TuqnfMBGPvc16nACHfNhFPbgWNExb1aur"

Signed-off-by: Reinis Martinsons <[email protected]>

Reinis-FRP · 2024-12-23T09:58:06Z

src/svm/transactionUtils.ts

@@ -76,5 +116,33 @@ export async function sendTransactionWithLookupTable(
  versionedTx.sign([sender]);
  const txSignature = await connection.sendTransaction(versionedTx);

-  return { txSignature, lookupTableAddress };
+  // Confirm the versioned transaction
+  await confirmTransaction(connection, txSignature);


This might conflict once #811 is merged in, but seems better to have reusable transaction confirmation helper

Reinis-FRP · 2024-12-23T09:59:12Z

src/svm/transactionUtils.ts

This has some overlaps from #811 as we needed better tx confirmation for filling across+

Signed-off-by: Reinis Martinsons <[email protected]>

Reinis-FRP · 2024-12-23T10:16:34Z

scripts/svm/acrossPlusJupiter.ts

+const svmSpokeIdl = require("../../target/idl/svm_spoke.json");
+const svmSpokeProgram = new Program<SvmSpoke>(svmSpokeIdl, provider);
+const handlerIdl = require("../../target/idl/multicall_handler.json");
+const handlerProgram = new Program<MulticallHandler>(handlerIdl, provider);


might want to simplify this once #806 is in

Reinis-FRP · 2024-12-23T10:19:35Z

deployments/README.md

not related to this PR, but linter picked these up

Reinis-FRP · 2024-12-23T10:20:30Z

src/svm/instructionParamsUtils.ts

We might also consider passing priority fees to loadExecuteRelayerRefundLeafParams, but that would require some refactor not directly related to this PR

md0x · 2025-01-06T18:11:13Z

src/svm/transactionUtils.ts

+/*
+ * Prepends optional ComputeBudget instructions to the transaction instructions.
+ */
+export function prependComputeBudget(


Nice helpers!

md0x · 2025-01-13T12:43:20Z

scripts/svm/acrossPlusJupiter.ts

+      data: Buffer.from(instruction.data, "base64"),
+    });
+    const innerCpiLimit = 1280;
+    const innerCpiSize = transactionInstruction.keys.length * 34 + transactionInstruction.data.length;


nit: const accountMetaSize = 34

md0x · 2025-01-13T12:51:24Z

scripts/svm/acrossPlusJupiter.ts

+  const outputMintInfo = await provider.connection.getAccountInfo(outputMint);
+  if (!outputMintInfo) throw new Error("Output mint account not found");
+  const outputTokenProgram = new PublicKey(outputMintInfo.owner);
+  const recipientOutputTA = getAssociatedTokenAddressSync(outputMint, recipient, true, outputTokenProgram);


Nit: shoud this be called recipientOutputATA?

md0x · 2025-01-13T12:51:41Z

scripts/svm/acrossPlusJupiter.ts

+  if (!outputMintInfo) throw new Error("Output mint account not found");
+  const outputTokenProgram = new PublicKey(outputMintInfo.owner);
+  const recipientOutputTA = getAssociatedTokenAddressSync(outputMint, recipient, true, outputTokenProgram);
+  const handlerOutputTA = getAssociatedTokenAddressSync(outputMint, handlerSigner, true, outputTokenProgram);


Nit: shoud this be called handlerOutputATA?

md0x · 2025-01-13T13:03:43Z

scripts/svm/acrossPlusJupiter.ts

+  const message = new AcrossPlusMessageCoder({
+    handler: handlerProgram.programId,
+    readOnlyLen: multicallHandlerCoder.readOnlyLen,
+    valueAmount: new BN(valueAmount), // Must exactly cover ATA creation.


Question: what happens if handlerATA or recipientATA already exist? Would this error if we send exempt rent x2 and we only create 1 or 0?
I have this question because it seems to me that createAssociatedTokenAccountIdempotentInstruction creates the ATA only if needed, otherwise it does nothing, that's why I consider the scenario of my question possible. is this correct?

md0x · 2025-01-13T13:09:09Z

scripts/svm/acrossPlusJupiter.ts

+    relayer,
+    addressLookupTableAccounts
+  );
+  console.log("Fill transaction signature:", txSignature);


Should we log the new balances after the execution?

md0x · 2025-01-13T13:10:32Z

scripts/svm/acrossPlusJupiter.ts

+  const slippageBps = resolvedArgv.slippageBps || 100; // default to 1%
+  const maxAccounts = resolvedArgv.maxAccounts || 24;
+  const priorityFeePrice = resolvedArgv.priorityFeePrice;
+  const fillComputeUnit = resolvedArgv.fillComputeUnit || 400_000;


Is it possible to calculate this on the fly instead of hardcoding it or is it difficult to estimate the Jupiter transactions consumption?

md0x

Very cool. Added a few comments and questions for my understanding but approving already.

chrismaree · 2025-03-04T13:07:49Z

given this POC is done, shall we merge it in so we have it within the repo?

Signed-off-by: Reinis Martinsons <[email protected]>

Signed-off-by: Ihor Farion <[email protected]>

…eturned from Jupiter in an ALT Signed-off-by: Ihor Farion <[email protected]>

Signed-off-by: Ihor Farion <[email protected]>

* initial impl Signed-off-by: Ihor Farion <[email protected]> * avoid sending USDC to handler. Send directly to recipient Signed-off-by: Ihor Farion <[email protected]> * use getSpokePoolProgram / getMulticallHandlerProgram fns Signed-off-by: Ihor Farion <[email protected]> --------- Signed-off-by: Ihor Farion <[email protected]>

Signed-off-by: Ihor Farion <[email protected]>

socket-security · 2025-09-18T17:10:18Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Quality	Maintenance
	form-data@4.0.0
	protobufjs@7.2.4 ⏵ 7.1.2			⁺²
	elliptic@6.5.4 ⏵ 6.5.7	⁺¹
	testrpc@0.0.1
	ethereum-protocol@1.0.1
	isarray@2.0.5
	side-channel@1.0.4
	hasown@2.0.2
	jsonify@0.0.1 ⏵ 0.0.0	^-5	^-10
	has-tostringtag@1.0.2
	has-property-descriptors@1.0.2
	set-function-length@1.2.2
	es-define-property@1.0.1
	typed-array-buffer@1.0.3
	gopd@1.2.0
	has-symbols@1.1.0
	object.assign@4.1.0
	function-bind@1.1.2
	safe-buffer@5.2.1
	json-stable-stringify@1.3.0 ⏵ 1.0.1	⁺¹
	for-each@0.3.5
	which-typed-array@1.1.19
	minimalistic-assert@1.0.1
	object-assign@4.1.1
	is-typed-array@1.1.15
	ghost-testrpc@0.0.2
	is-fn@1.0.0
	imul@1.0.1
	escape-string-regexp@1.0.5
	is-stream-ended@0.1.4
	crypt@0.0.2
	set-immediate-shim@1.0.1
	fake-merkle-patricia-tree@1.0.1
See 370 more rows in the dashboard

View full report

socket-security · 2025-09-18T17:10:19Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		`[email protected]` has Obfuscated code. Confidence: 0.94 Location: Package overview From: yarn.lock → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Reinis-FRP added 4 commits December 19, 2024 07:30

fix: script to fill jupiter swap

6a3908a

Signed-off-by: Reinis Martinsons <[email protected]>

fix: use compute budget

3615d15

Signed-off-by: Reinis Martinsons <[email protected]>

Merge branch 'master' into reinis-frp/jupiter-script

cee258c

Signed-off-by: Reinis Martinsons <[email protected]>

fix

7fbddc5

Signed-off-by: Reinis Martinsons <[email protected]>

Reinis-FRP commented Dec 23, 2024

View reviewed changes

fix

1cad65b

Signed-off-by: Reinis Martinsons <[email protected]>

Reinis-FRP requested review from md0x and chrismaree December 23, 2024 10:10

Reinis-FRP commented Dec 23, 2024

View reviewed changes

deployments/README.md Outdated

Copy link

Contributor Author

Reinis-FRP Dec 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not related to this PR, but linter picked these up

Reinis-FRP commented Dec 23, 2024

View reviewed changes

md0x reviewed Jan 6, 2025

View reviewed changes

md0x reviewed Jan 13, 2025

View reviewed changes

md0x previously approved these changes Jan 13, 2025

View reviewed changes

Merge branch 'master' into reinis-frp/jupiter-script

ebc93b1

Signed-off-by: Reinis Martinsons <[email protected]>

Reinis-FRP dismissed md0x’s stale review via ebc93b1 August 1, 2025 14:30

Reinis-FRP requested review from mrice32, nicholaspai, pxrl and bmzig as code owners August 1, 2025 14:30

grasphoper added 3 commits August 1, 2025 20:09

fix script TS errors

a4cd649

Signed-off-by: Ihor Farion <[email protected]>

correct innerCpiLimit

3f23a49

Signed-off-by: Ihor Farion <[email protected]>

add minHops to CLI args

a780e0b

Signed-off-by: Ihor Farion <[email protected]>

grasphoper and others added 9 commits August 13, 2025 21:30

add a bit to perform a gas swap; send a part of SOL to user for gas

e879787

Signed-off-by: Ihor Farion <[email protected]>

checkpoint: add a lot of debug logs and ability to combine Accounts r…

c0ff7ec

…eturned from Jupiter in an ALT Signed-off-by: Ihor Farion <[email protected]>

neve enforce onlyDirectRoutes on Jupiter API call

1dc620c

Signed-off-by: Ihor Farion <[email protected]>

prettify the script

41c661d

Signed-off-by: Ihor Farion <[email protected]>

configure gas swap and main swap separately

a7c9f2d

Signed-off-by: Ihor Farion <[email protected]>

add logging to inspect dust left over after Jupiter swaps

f2cb7e7

Signed-off-by: Ihor Farion <[email protected]>

if USDC is mintOut, don't include main swap

0d9e76b

Signed-off-by: Ihor Farion <[email protected]>

Merge branch 'master' into reinis-frp/jupiter-script

d529ade

fix: script to fill jupiter swap #819

Are you sure you want to change the base?

fix: script to fill jupiter swap #819

Uh oh!

Conversation

Reinis-FRP commented Dec 23, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

md0x Jan 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

md0x left a comment

Choose a reason for hiding this comment

Uh oh!

chrismaree commented Mar 4, 2025

Uh oh!

socket-security bot commented Sep 18, 2025

Uh oh!

socket-security bot commented Sep 18, 2025

Uh oh!

Uh oh!

Reinis-FRP commented Dec 23, 2024 •

edited

Loading

md0x Jan 13, 2025 •

edited

Loading