Develop & Integrate
Try in Sandbox

Interact with Solana Programs

📘

This feature is currently in beta and might be subject to changes - Please contact your CSM for any additional information.

Overview of Solana Programs and Transactions

Solana programs are on-chain executable codes that power the decentralized applications (dApps) and other functionalities within the Solana blockchain. They enable smart contract-like behavior, where developers can write logic to process transactions and manage state.


Solana Transactions

A Solana transaction is a set of instructions bundled together to be executed automically on the blockchain. It typically consists of the following components:

  1. Signatures: A list of cryptographic signatures to authorize the transaction.
  2. Message: The core of the transaction, which includes:
    1. Instructions: The set of actions to be performed, where each instruction:
      1. Targets a specific program on the blockchain.
      2. Includes accounts to be accessed or modified.
      3. Contains any necessary data for the operation.
    2. Account Keys: A list of all accounts involved in the transaction.
    3. Recent Blockhash: A reference to a recent block to ensure the transaction is processed promptly and prevent replay attacks.

When a transaction is submitted, it is signed by the relevant parties and serialized before being broadcast to the network.

Fireblocks simplifies interacting with Solana programs by allowing you to use the createTransaction endpoint. This endpoint supports Solana program calls through the PROGRAM_CALL operation, ensuring secure transaction signing and execution.



   

Transaction Authorization Policy (TAP) configuration


Solana Program Calls can be executed in Fireblocks without whitelisting any addresses if the One Time Address feature is enabled. In this scenario, the Transaction Authorization Policy (TAP) rule should include a condition for the Program Call operation, with the destination set to Any.

For clients who prefer to work with whitelisted addresses due to security concerns and Fireblocks best practices, the TAP rule should be configured with the destination type set to Whitelisted only for any Program Call operation. In this case, the client must whitelist the following addresses involved in the Solana Program Call transaction:

  1. Any non-prewhitelisted program: Fireblocks internally whitelists certain built-in Solana programs, including:

    Additionally, the following Sysvar Cluster Data accounts are pre-whitelisted:

    Any other program must be explicitly whitelisted as an External Wallet/Contract in Fireblocks.

  2. Any account designated as a destination for the Transfer instructions (if applicable) within the Program Call transaction.

   

Practical Example

When performing a SOL to USDC swap on Jupiter, the following list of programs participate in the transaction:



In the example above, Programs 1, 2, and 4 (Green) are automatically whitelisted. However, in this scenario, the customer must manually whitelist the following programs (Red):

  1. Associated Token Program
  2. Token Program
  3. Program #6, which is a custom Jupiter program

Note: The addresses of those can be found when expanding the specific program's section (the programId value).

Additionally, expanding the System Program section reveals that this program includes a single instruction: Transfer.
Expanding the Transfer instruction shows that, as expected, two accounts are involved:

  • from account (index 1)
  • to account (index 2)

To ensure the Program Call operation functions correctly, the pubkey value of the to address must be whitelisted.


   

Note: The addresses shown above are for illustrative purposes only. Customers should review and determine which addresses need to be whitelisted based on the specific Program Call context relevant to their use case.

   

   

How Program Calls in Fireblocks Work?

To make a Solana program call using the Fireblocks API, you will:

  1. Build the Solana Transaction: Use the Solana web3.js library or other tools to construct the unsigned transaction. Ensure the transaction includes all necessary instructions and accounts.
  2. Serialize and Encode: Serialize the unsigned transaction object and encode it in Base64 format.
  3. Call Fireblocks API:
    1. Use the Create Transaction endpoint.
    2. Set the operation parameter to PROGRAM_CALL.
    3. Pass the serialized, Base64 encoded transaction object in the programCallData parameter within the extraParams object.

Fireblocks securely signs the transaction using your organization’s private key, ensuring seamless execution without exposing sensitive cryptographic materials.


Example Transaction Structure

Below is a sample payload for invoking a Solana program using the Create Transaction API :

{  
  "operation": "PROGRAM_CALL",  
  "assetId": "SOL",  
  "source": {  
    "type": "VAULT_ACCOUNT",  
    "id": "\<your_vault_account_id>"  
  },
  "extraParams": {  
    "programCallData": "\<base64_encoded_transaction>"  
  }  
}

Parameters

  1. operation: Must be PROGRAM_CALL for Solana program calls.
  2. assetId: Use SOL for Solana mainnet transactions, SOL_TEST for devnet.
  3. source: The vault account ID that holds the funds and signs the transaction.
  4. extraParams.programCallData: The unsigned, serialized transaction object (Base64 encoded).

📘

Durable Nonce

When you submit a transaction, Fireblocks automatically includes a durable nonce by adding an AdvanceNonce instruction to your transaction object.
Learn more about Solana Durable Nonces.

   

Fireblocks Solana Web3 Connection Adapter (Beta)

The Fireblocks Solana Web3 Connection Adapter serves as a bridge between the Fireblocks API and Solana blockchain, streamlining transaction submissions via Fireblocks when using Solana's official web3.js library.