Lineagei
Frameworki
What's Anchor?
Batteries-included Rust framework. Ships account-validation codegen, 8-byte instruction discriminators, and an on-chain IDL — the program describes itself.
Bigger binary and higher rent in exchange for safety rails, introspection, and dev speed. The choice of a team optimizing for correctness over on-chain footprint.
Originally Coral (Armani Ferrante); now community-maintained.
What it is
The de facto standard. Rust macros (#[program], #[derive(Accounts)]) eliminate boilerplate: it auto-generates 8-byte account and instruction discriminators — SHA256("account:<Name>")[..8] and SHA256("global:<ix>")[..8] — handles Borsh (de)serialization, enforces account constraints declaratively (mut, has_one, seeds, init), and emits a JSON IDL that client libraries consume directly. The cost: Borsh copies data on every deserialize (not zero-copy), and the macro machinery adds binary bloat and compute overhead — irrelevant for ~99% of programs.
When to pick it
Building a new protocol, moving fast, or wanting maximum ecosystem compatibility. It's the beginner default and stays the right call for most production programs.
How it looks on-chain
The most recognizable framework. Every account it owns begins with an 8-byte discriminator, and the IDL is often published on-chain at a PDA derived from the program id. Both are strong, reliable fingerprints — this is the only framework we can label with confidence.
Others in the wild: Steel (Ore team — near-native performance on solana-program), Seahorse (Python → Anchor), and Poseidon & Quasar (TypeScript → Rust). Transpilers inherit their lowering target's fingerprint: a Quasar or Poseidon program that compiles down to Anchor will look like Anchor on-chain — discriminators and all.
Anchor docsFootprinti
Recovered architecturei
Reachi
Controli
What's upgrade authority?
The upgrade authority is the account allowed to replace a program's code after it's deployed.
If it's set (mutable), that key can push new bytecode at any time — including malicious code, the classic "rug" vector. If it's null (immutable / frozen), the code can never change; what 's on-chain is final. A Squads multisig sits in between — upgrades are possible but need M-of-N signers, not one hot wallet. So mutable + single hot-wallet = highest risk; immutable or multisig = stronger guarantees.
What's a verified build?
A verified build proves the program running on-chain was compiled from the public source you can read — nothing hidden.
Someone re-compiles the source in a deterministic (Docker) environment and checks the resulting bytecode is byte-for-byte identical to what's deployed; tools like solana-verify do this and record it with a verification service. "Not verified" isn't a red flag by itself — most programs simply never submit one. It just means you're trusting the deployed bytecode as-is, with no source cross-check.
Security.txti
What's a security.txt?
A block of contact info a developer embeds directly in the program binary — the Neodyme convention — so whitehats know how to report a vulnerability.
It carries contacts, a disclosure policy, auditors, and a source link. It's self-declared, so treat it as a claim, not proof — but its presence signals a team that expects scrutiny and wants to be reachable.
Convictioni
Interface — the on-chain IDLi
5 of 15 instructions used · 10 never called in this window
Instructions 15
accept_admin_nomination
Accept a nomination
- proxywritable
- nominated_admin_pdawritable
- new_adminsigner
- receiverwritable
- system_program
deposit
Deposit funds in the proxy ### Access control - Treasurer ### Parameters - `amount` - The amount to deposit - `native` - True if it's a native SOL deposit, false if it's an SPL deposit
- proxy
- proxy_associated_token_accountwritable
- treasurersignerwritable
- treasurer_associated_token_accountwritableoptional
- token_mint
- token_program
- associated_token_program
- system_program
- rent
- event_authority
- program
- amountu64
- nativebool
initialize
Initialise the proxy state ### Access control - Deployer ### Parameters - `admin` - The admin address - `manager` - The manager address - `treasurer` - The treasurer address - `trader` - The trader address
- proxywritable
- deployersignerwritable
- program
- program_dataoptional
- system_program
- adminpubkey
- managerpubkey
- treasurerpubkey
- traderpubkey
nominate_admin
Propose a new admin ### Access control - Admin
- proxywritable
- nominated_admin_pdawritable
- adminsigner
- payersignerwritable
- system_program
- nominated_adminpubkey
pause_proxy
Pause all trading activities ### Access control - Manager
- proxywritable
- managersigner
pause_whitelisted_mint
Pause trading activities on a specific Mint ### Access control - Treasurer
- whitelisted_mintwritable
- proxy
- treasurersigner
set_manager
Set a new manager ### Access control - Admin ### Parameters - `new_manager` - The pubkey of the new manager
- proxywritable
- adminsigner
- new_managerpubkey
set_trader
Set a new trader ### Access control - Admin ### Parameters - `new_trader` - The pubkey of the new trader
- proxywritable
- adminsigner
- new_traderpubkey
set_treasurer
Set a new treasurer ### Access control - Admin ### Parameters - `new_treasurer` - The pubkey of the new treasurer
- proxywritable
- adminsigner
- new_treasurerpubkey
swap_route_with_whitelisted_mint
Execute a bundle of swap atomically ### Access control - Trader ### Parameters - `route` - A structure containing the data_accounts needed to execute the bundle: { route_plan, amount_in, min_amount_out }
- proxy
- tradersigner
- event_authority
- program
- route_planRoutePlan
unpause_proxy
Resume all trading activities ### Access control - Manager
- proxywritable
- managersigner
unpause_whitelisted_mint
Resume trading activities on a specific mint ### Access control - Treasurer
- whitelisted_mintwritable
- proxy
- treasurersigner
whitelist_mint
Allow trading activities on a specific Mint ### Access control - Admin
- mint
- whitelisted_mintwritable
- proxy
- managersignerwritable
- system_program
withdraw
Withdraw funds from the proxy ### Access control - Treasurer ### Parameters - `amount` - The amount to withdraw - 'native' - True if it's a SOL Withdraw, false if it's an SPL Withdraw
- proxy
- proxy_associated_token_accountwritable
- treasurersignerwritable
- treasurer_associated_token_accountwritable
- token_mint
- token_program
- associated_token_program
- system_program
- rent
- event_authority
- program
- amountu64
- nativebool
wrap
Wrap SOL to wSOL ### Access control - Treasurer
- proxy
- token_mint
- proxy_associated_token_accountwritable
- treasurersigner
- token_program
- system_program
- rent
Accounts 3
NominatedAdmin
no fields
Proxy
no fields
WhitelistedMint
no fields
Types 20
AmountExchangedstruct
- mintpubkey
- amountu64
DepositEventstruct
- frompubkey
- topubkey
- mintpubkey
- amountu64
Dexenum
- Lifinity
- MeteoraDlmm
- OpenbookV2
- PhoenixV1
- RaydiumAmmV4
- RaydiumClmm
- RaydiumCpmm
- Whirlpool
- Manifest
- Stabble
- MeteoraDynamicPool
- WhirlpoolV2
- MeteoraCpAmm
- SolFi
- Perena
- ObricV2
- Pump
- MeteoraDlmmV2
- ManifestV2
- SolFiV2
IndexedAmountstruct
- indexu8index in the list
- amountu64amount to use
IndexedPercentstruct
- indexu8index in the list
- percentu64percent to use
NominatedAdminstruct
- nominated_adminpubkey
- valid_untili64
Proxystruct
- adminpubkey
- managerpubkey
- treasurerpubkey
- traderpubkey
- is_pausedbool
RoutePlanstruct
- swapsVec<Swap>
- input_amountsVec<IndexedAmount>
- min_output_amountsVec<IndexedAmount>
Sideenum
- Bid
- Ask
Swapstruct
- order_idu64use to track orders
- dexDexdex and args to use
- inputsVec<IndexedPercent>list of percent of amount at a given index in the list to use as input amount
- output_indexu8index where to write the output amount
SwapEventstruct
- order_idu64
- market_idpubkey
- amount_inAmountExchanged
- amount_outAmountExchanged
SwapRouteEventstruct
- swap_eventsVec<SwapEvent>
WhitelistedMintstruct
- mintpubkey
- is_pausedu80 if unpaused 1 if paused
WithdrawEventstruct
- frompubkey
- topubkey
- mintpubkey
- amountu64
swissborg_mex_proxy::protocol::meteora_dlmm::AccountsTypeenum
- TransferHookX
- TransferHookY
- TransferHookReward
swissborg_mex_proxy::protocol::meteora_dlmm::RemainingAccountsInfostruct
- slicesVec<swissborg_mex_proxy::protocol::meteora_dlmm::RemainingAccountsSlice>
swissborg_mex_proxy::protocol::meteora_dlmm::RemainingAccountsSlicestruct
- accounts_typeswissborg_mex_proxy::protocol::meteora_dlmm::AccountsType
- lengthu8
swissborg_mex_proxy::protocol::whirlpool::AccountsTypeenum
- TransferHookA
- TransferHookB
- TransferHookReward
- TransferHookInput
- TransferHookIntermediate
- TransferHookOutput
- SupplementalTickArrays
- SupplementalTickArraysOne
- SupplementalTickArraysTwo
swissborg_mex_proxy::protocol::whirlpool::RemainingAccountsInfostruct
- slicesVec<swissborg_mex_proxy::protocol::whirlpool::RemainingAccountsSlice>
swissborg_mex_proxy::protocol::whirlpool::RemainingAccountsSlicestruct
- accounts_typeswissborg_mex_proxy::protocol::whirlpool::AccountsType
- lengthu8
Events 3
DepositEvent
no fields
SwapRouteEvent
no fields
WithdrawEvent
no fields
Errors 27
- 6000NotAdminSigner must be the admin
- 6001NotManagerSigner must be the manager
- 6002NotTreasurerSigner must be the treasurer
- 6003NotTraderSigner must be the trader
- 6004SameAdminSigner must be different from the current admin
- 6005ProxyIsPausedThe proxy is paused
- 6006MarketDoesNotExistThe market does not exist
- 6007IncorrectMarketThe market is incorrect
- 6008MarketIsPausedThe market is paused
- 6009WrongProxyATAATA must be owned by Proxy
- 6010NotNativeThe mint is not wsol
- 6011InvalidDiscriminatorThe discriminator is invalid
- 6012WrongOwnerThe owner is incorrect
- 6013IncorrectNumberOfAccountsIncorrect number of accounts
- 6014AmountOutBelowMinimumThe amount out is below the minimum amount out
- 6015DelegatedAmountIsNotZeroThe delegated amount must be zero
- 6016CloseAuthoritySetThe ata close authority is set
- 6017PdaNoLongerOwnerOfAtaThe PDA is no longer the owner of the token account
- 6018TooMuchSpentToo much has been spent
- 6019InvalidPercentInvalid percent, should be less then 100%
- 6020UnWhitelistedMintMint is not whitelisted
- 6021MintIsPausedMint is Paused
- 6022InvalidWhitelistedMintAccountInvalid whitelisted mint account
- 6023InvalidProxyAccountInvalid proxy account
- 6024InvalidAccountInvalidAccount
- 6025NominationExpiredNomination Expired
- 6026InvalidNominatedAdminAccount is not nominated
What's an IDL?
An IDL — Interface Description Language — is a JSON spec that describes how to talk to a program: its instructions, the accounts each one needs, argument and account types, events, and errors.
Anchor auto-generates it at build time. A program can publish it on-chain at a PDA derived from its id, so any client or explorer can decode the program's transactions without its source code.
Why it's often missing
Publishing is opt-in — a courtesy, not a requirement. Many programs never do, and non-Anchor frameworks (Pinocchio, native, Steel) don't produce one at all; their interface lives in an off-chain Shank/Codama artifact, or nowhere public. Absence means you can't auto-decode it — not that anything is wrong.
5 of 15 instructions used · 10 never called in this window · +2 more
Tractioni
Code familyi
The recordi
| Event | When | Detail | Receipt |
|---|---|---|---|
| DEPLOY | 16h ago | slot 432,591,438 | poll…1438 |
| SIBLING DEPLOY | 3d ago | beezie-claw | same code, fresh id |