let (pda, _) = Pubkey::create_program_address(&[seed, &[bump]], ctx.program_id);
// No validation to ensure PDA is derived correctly
// Verify PDA derivation using `find_program_address`
let (expected_pda, expected_bump) = Pubkey::find_program_address(&[seed], ctx.program_id);
if ctx.accounts.pda.key() != expected_pda || bump != expected_bump {
return Err(ProgramError::InvalidArgument);
}