FV-ANC-2-CL2 No is_signer check

Bad

// Signer validation missing entirely
if authority.key != expected_authority_key {
    return Err(ProgramError::MissingRequiredSignature);
}

Good

// Explicitly ensure the signer has signed
if !ctx.accounts.authority.is_signer {
    return Err(ProgramError::MissingRequiredSignature);
}

Last updated