Add test_post_update_with_wormhole using core-bridge VAA flow by guibescos · Pull Request #3649 · pyth-network/pyth-crosschain

guibescos · 2026-04-30T16:15:15Z

Summary

Adds new integration test test_post_update_with_wormhole in test_post_updates_with_wormhole.rs
Test creates VAA via core-bridge instructions (create_account -> init_encoded_vaa -> write_encoded_vaa x2 -> verify_encoded_vaa_v1) instead of manually building pre-verified account data
Calls post_update with the core-bridge-verified VAA and verifies price update account contents, verification level (Full), and treasury balance
Adds solana-program-test as dev-dependency to enable direct ProgramTest construction for custom program setup
Follows same test patterns as existing test_post_updates.rs

Add integration test that verifies post_update works with VAAs created through the actual wormhole core-bridge contract (init -> write -> verify), rather than manually building pre-verified account data. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

vercel · 2026-04-30T16:15:23Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
api-reference	Ready	Preview, Comment	Apr 30, 2026 4:52pm
component-library	Ready	Preview, Comment	Apr 30, 2026 4:52pm
developer-hub	Ready	Preview, Comment	Apr 30, 2026 4:52pm
entropy-explorer	Ready	Preview, Comment	Apr 30, 2026 4:52pm
insights	Ready	Preview, Comment	Apr 30, 2026 4:52pm
proposals	Ready	Preview, Comment	Apr 30, 2026 4:52pm
staking	Ready	Preview, Comment	Apr 30, 2026 4:52pm

devin-ai-integration

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 3 additional findings.

guibescos

the test is failing

The core-bridge's default Cargo features include cpi -> no-entrypoint, so the .so built by cargo-build-sbf has no entrypoint. Use the native Anchor entry function via processor!() macro with an unsafe transmute to bridge the Anchor lifetime constraint with ProgramTest's signature. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

devin-ai-integration

Devin Review found 1 new potential issue.

View 5 additional findings in Devin Review.

devin-ai-integration · 2026-04-30T16:55:03Z

+fn wormhole_process_instruction() -> solana_program::entrypoint::ProcessInstruction {
+    unsafe { std::mem::transmute(wormhole_core_bridge_solana::entry as usize) }
+}


🔴 Unsafe transmute used where a safe wrapper function would suffice

The unsafe { std::mem::transmute(wormhole_core_bridge_solana::entry as usize) } at line 39 violates the REVIEW.md rule "No unsafe code unless absolutely necessary" and doc/rust-code-guidelines.md which states "Avoid writing unsafe code" and recommends unsafe_code = "deny" in clippy config.

The transmute converts the Anchor entry function (which ties the slice and AccountInfo lifetimes: &'info [AccountInfo<'info>]) to a ProcessInstruction pointer (which has independent lifetimes). A safe wrapper function can achieve this without unsafe because Rust's lifetime subtyping allows independent lifetimes to be unified when calling a function that requires matching lifetimes:

Safe alternative

fn wormhole_process_instruction( program_id: &solana_program::pubkey::Pubkey, accounts: &[solana_program::account_info::AccountInfo], instruction_data: &[u8], ) -> solana_program::entrypoint::ProgramResult { wormhole_core_bridge_solana::entry(program_id, accounts, instruction_data) }

Beyond the rule violation, the transmute through usize is fragile: it relies on an assumption about ProgramTest's internal implementation providing matching lifetimes, which could change in future versions of the dependency.

Suggested change

fn wormhole_process_instruction() -> solana_program::entrypoint::ProcessInstruction {

unsafe { std::mem::transmute(wormhole_core_bridge_solana::entry as usize) }

}

fn wormhole_process_instruction(

program_id: &solana_program::pubkey::Pubkey,

accounts: &[solana_program::account_info::AccountInfo],

instruction_data: &[u8],

) -> solana_program::entrypoint::ProgramResult {

wormhole_core_bridge_solana::entry(program_id, accounts, instruction_data)

}

Was this helpful? React with 👍 or 👎 to provide feedback.

Hydra Worker and others added 2 commits April 30, 2026 16:14

Update Cargo.lock with solana-program-test dev-dependency

5df23f5

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

vercel Bot deployed to Preview – component-library April 30, 2026 16:16 View deployment

vercel Bot deployed to Preview – entropy-explorer April 30, 2026 16:16 View deployment

vercel Bot deployed to Preview – staking April 30, 2026 16:16 View deployment

vercel Bot deployed to Preview – proposals April 30, 2026 16:16 View deployment

vercel Bot deployed to Preview – api-reference April 30, 2026 16:16 View deployment

vercel Bot deployed to Preview – insights April 30, 2026 16:17 View deployment

vercel Bot deployed to Preview – developer-hub April 30, 2026 16:17 View deployment

devin-ai-integration Bot reviewed Apr 30, 2026

View reviewed changes

guibescos commented Apr 30, 2026

View reviewed changes

vercel Bot deployed to Preview – component-library April 30, 2026 16:51 View deployment

vercel Bot deployed to Preview – entropy-explorer April 30, 2026 16:51 View deployment

vercel Bot deployed to Preview – staking April 30, 2026 16:51 View deployment

vercel Bot deployed to Preview – proposals April 30, 2026 16:51 View deployment

vercel Bot deployed to Preview – api-reference April 30, 2026 16:51 View deployment

vercel Bot deployed to Preview – insights April 30, 2026 16:52 View deployment

vercel Bot deployed to Preview – developer-hub April 30, 2026 16:52 View deployment

devin-ai-integration Bot reviewed Apr 30, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add test_post_update_with_wormhole using core-bridge VAA flow#3649

Add test_post_update_with_wormhole using core-bridge VAA flow#3649
guibescos wants to merge 3 commits into
mainfrom
hydra/i-vlqebc/head

guibescos commented Apr 30, 2026 •

edited

Loading

Uh oh!

vercel Bot commented Apr 30, 2026 •

edited

Loading

Uh oh!

devin-ai-integration Bot left a comment

Uh oh!

guibescos left a comment

Uh oh!

devin-ai-integration Bot left a comment

Uh oh!

devin-ai-integration Bot Apr 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

-fn wormhole_process_instruction() -> solana_program::entrypoint::ProcessInstruction {
-    unsafe { std::mem::transmute(wormhole_core_bridge_solana::entry as usize) }
-}
+fn wormhole_process_instruction(
+    program_id: &solana_program::pubkey::Pubkey,
+    accounts: &[solana_program::account_info::AccountInfo],
+    instruction_data: &[u8],
+) -> solana_program::entrypoint::ProgramResult {
+    wormhole_core_bridge_solana::entry(program_id, accounts, instruction_data)
+}

Conversation

guibescos commented Apr 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Uh oh!

vercel Bot commented Apr 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

devin-ai-integration Bot left a comment

Choose a reason for hiding this comment

✅ Devin Review: No Issues Found

Uh oh!

guibescos left a comment

Choose a reason for hiding this comment

Uh oh!

devin-ai-integration Bot left a comment

Choose a reason for hiding this comment

Uh oh!

devin-ai-integration Bot Apr 30, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

guibescos commented Apr 30, 2026 •

edited

Loading

vercel Bot commented Apr 30, 2026 •

edited

Loading