fix: add owner and mint check create ata idempotent

[ananas-block]

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • Enhanced validation for associated token accounts to ensure proper data consistency when reusing existing accounts, preventing potential mismatches and improving system reliability.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The PR enhances ATA creation's idempotent validation by adding CToken deserialization to rigorously verify internal fields (mint and owner) match expected values, replacing the previous approach that only checked PDA derivation.

Changes

Cohort / File(s)	Summary
ATA Idempotent Validation programs/compressed-token/program/src/create_associated_token_account.rs	Added imports for AccountInfoTrait and CToken; idempotent path now deserializes account data into CToken and validates mint/owner fields match expected values, returning InvalidAccountData on mismatch instead of auto-approving PDA-owned accounts

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• CToken deserialization correctness: Verify the deserialization logic handles account data properly and doesn't introduce silent failures or panic conditions
• Mint/owner field comparison: Ensure byte-level comparisons are appropriate and handle edge cases (e.g., serialization format consistency)
• Error handling and messaging: Review the detailed mismatch logging to confirm it provides actionable debugging information and maintains security without leaking sensitive data

Possibly related PRs

• refactor: remove create ata2 #2098: Refactors how owner/mint are passed and outer wiring in the ATA creation flow
• feat: add create_ata2 instructions with owner/mint as accounts #2000: Adds ATA2 entrypoints and new inner function for ATA creation idempotent path
• fix: robust account creation #2097: Refactors ATA PDA seed handling in the same account-creation flow

Suggested labels

ai-review

Suggested reviewers

• sergeytimoshin
• SwenSchaeferjohann

Poem

🪙 When ATAs were checked, so lightly they'd pass,
Now mint and owner fields face the glass,
CToken reveals if something's amiss,
No more false validation's bliss,
Data integrity sealed with a kiss ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding owner and mint validation checks to the ATA creation idempotent path.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 70.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch jorrit/fix-add-owner-check-create-ata-idempotent

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7119a91 and c58ed44.

📒 Files selected for processing (1)

• programs/compressed-token/program/src/create_associated_token_account.rs (2 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

programs/**/*.rs

📄 CodeRabbit inference engine (CLAUDE.md)

Unit tests in programs must not depend on light-test-utils; integration tests must be located in program-tests/

Files:

• programs/compressed-token/program/src/create_associated_token_account.rs

🧠 Learnings (25)

📓 Common learnings

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: programs/compressed-token/program/CLAUDE.md:0-0
Timestamp: 2025-12-07T18:10:14.606Z
Learning: Applies to programs/compressed-token/program/src/create_token_account.rs : Create token account instructions (CreateTokenAccount, CreateAssociatedCTokenAccount, CreateAssociatedTokenAccountIdempotent) require ACTIVE config validation only

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: programs/compressed-token/program/docs/instructions/CLAUDE.md:0-0
Timestamp: 2025-11-24T18:01:54.689Z
Learning: Applies to programs/compressed-token/program/docs/instructions/instructions/CREATE_TOKEN_ACCOUNT.md : Create Token Account Instructions documentation must cover creation of regular and associated ctoken accounts

📚 Learning: 2025-12-07T18:10:14.606Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: programs/compressed-token/program/CLAUDE.md:0-0
Timestamp: 2025-12-07T18:10:14.606Z
Learning: Applies to programs/compressed-token/program/src/create_token_account.rs : Create token account instructions (CreateTokenAccount, CreateAssociatedCTokenAccount, CreateAssociatedTokenAccountIdempotent) require ACTIVE config validation only

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T18:01:54.689Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: programs/compressed-token/program/docs/instructions/CLAUDE.md:0-0
Timestamp: 2025-11-24T18:01:54.689Z
Learning: Applies to programs/compressed-token/program/docs/instructions/instructions/CREATE_TOKEN_ACCOUNT.md : Create Token Account Instructions documentation must cover creation of regular and associated ctoken accounts

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:59:54.233Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/PACKED_ACCOUNTS.md:0-0
Timestamp: 2025-11-24T17:59:54.233Z
Learning: Applies to program-libs/account-checks/docs/program-libs/account-checks/src/**/*.rs : Provide descriptive names in ProgramPackedAccounts error messages (e.g., 'token_mint' instead of 'account')

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T03:17:42.217Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/CLAUDE.md:0-0
Timestamp: 2025-12-07T03:17:42.217Z
Learning: Applies to program-libs/account-checks/**/account_info/account_info_trait.rs : Provide PDA derivation functions (`find_program_address`, `create_program_address`) in AccountInfoTrait

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T03:17:42.217Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/CLAUDE.md:0-0
Timestamp: 2025-12-07T03:17:42.217Z
Learning: Applies to program-libs/account-checks/**/*.rs : Use AccountInfoTrait abstraction for unified account handling across both solana-program and pinocchio SDKs

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T03:17:28.803Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: sdk-tests/sdk-ctoken-test/README.md:0-0
Timestamp: 2025-12-07T03:17:28.803Z
Learning: Applies to sdk-tests/sdk-ctoken-test/**/{lib,main}.rs : Clone AccountInfo structs when building CPI builder pattern account structs to avoid borrow checker issues

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:58:50.237Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/ACCOUNT_CHECKS.md:0-0
Timestamp: 2025-11-24T17:58:50.237Z
Learning: Applies to program-libs/account-checks/docs/program-libs/account-checks/src/checks.rs : Use generic `AccountInfoTrait` parameter for all account validation functions to enable compatibility with both Solana and Pinocchio runtimes

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:59:36.701Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/DISCRIMINATOR.md:0-0
Timestamp: 2025-11-24T17:59:36.701Z
Learning: Applies to program-libs/account-checks/docs/**/account-checks/**/*.rs : Use check_account_info<T> function for full account validation including discriminator and ownership checks

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T18:10:14.606Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: programs/compressed-token/program/CLAUDE.md:0-0
Timestamp: 2025-12-07T18:10:14.606Z
Learning: All compressed token account implementations must reference and comply with the account layout specifications in programs/compressed-token/program/docs/ACCOUNTS.md

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:59:13.714Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/ACCOUNT_ITERATOR.md:0-0
Timestamp: 2025-11-24T17:59:13.714Z
Learning: Applies to program-libs/account-checks/docs/**/*.rs : Use descriptive account names when calling AccountIterator methods (e.g., `iter.next_account("token_mint")` instead of `iter.next_account("account_3")`)

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-06T00:49:21.983Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/compressible/CLAUDE.md:0-0
Timestamp: 2025-12-06T00:49:21.983Z
Learning: Applies to program-libs/compressible/src/config.rs : CompressibleConfig account structure must support serialization via Anchor, Pinocchio, and Borsh formats for Light Registry program integration

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:57:39.230Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/batched-merkle-tree/docs/QUEUE_ACCOUNT.md:0-0
Timestamp: 2025-11-24T17:57:39.230Z
Learning: Applies to program-libs/batched-merkle-tree/docs/src/queue.rs : Validate account ownership by Light account compression program using `check_owner` from `light-account-checks` when deserializing `BatchedQueueAccount` with `output_from_account_info`

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T18:09:57.240Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/compressible/docs/CONFIG_ACCOUNT.md:0-0
Timestamp: 2025-12-07T18:09:57.240Z
Learning: Applies to program-libs/compressible/docs/**/*.rs : Anchor deserialization of CompressibleConfig must use `AccountDeserialize::try_deserialize()` which automatically validates the discriminator to prevent invalid account type mismatches

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T03:17:42.217Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/CLAUDE.md:0-0
Timestamp: 2025-12-07T03:17:42.217Z
Learning: Applies to program-libs/account-checks/**/*.rs : Use AccountIterator for sequential account processing with detailed error locations (file:line:column)

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T03:17:42.217Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/CLAUDE.md:0-0
Timestamp: 2025-12-07T03:17:42.217Z
Learning: Applies to program-libs/account-checks/**/account_iterator.rs : Implement AccountIterator with named account retrieval and automatic validation capabilities

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-06T00:49:21.983Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/compressible/CLAUDE.md:0-0
Timestamp: 2025-12-06T00:49:21.983Z
Learning: Applies to program-libs/compressible/src/config.rs : Implement PDA derivation methods (`derive_pda`, `derive_v1_config_pda`) on CompressibleConfig for account discovery

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:57:53.312Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/batched-merkle-tree/docs/TREE_ACCOUNT.md:0-0
Timestamp: 2025-11-24T17:57:53.312Z
Learning: Applies to program-libs/batched-merkle-tree/docs/**/*.rs : When deserializing BatchedMerkleTreeAccount in Solana programs, use `BatchedMerkleTreeAccount::state_from_account_info()` for state trees and `BatchedMerkleTreeAccount::address_from_account_info()` for address trees

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:56:50.011Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/batched-merkle-tree/docs/INITIALIZE_STATE_TREE.md:0-0
Timestamp: 2025-11-24T17:56:50.011Z
Learning: Applies to program-libs/batched-merkle-tree/docs/src/initialize_state_tree.rs : Return error `AccountError::InvalidAccountSize` (error code 12006) when account data length doesn't match calculated size requirements

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:58:50.237Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/ACCOUNT_CHECKS.md:0-0
Timestamp: 2025-11-24T17:58:50.237Z
Learning: Applies to program-libs/account-checks/docs/program-libs/account-checks/src/checks.rs : Implement `check_account_info` function to validate account ownership by program_id and verify discriminator matches type T

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:58:50.237Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/ACCOUNT_CHECKS.md:0-0
Timestamp: 2025-11-24T17:58:50.237Z
Learning: Applies to program-libs/account-checks/docs/program-libs/account-checks/src/checks.rs : Implement `check_pda_seeds` function to derive PDA using `find_program_address` and verify it matches account key, returning `InvalidSeeds` (20010) error on mismatch

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:58:50.237Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/ACCOUNT_CHECKS.md:0-0
Timestamp: 2025-11-24T17:58:50.237Z
Learning: Applies to program-libs/account-checks/docs/program-libs/account-checks/src/checks.rs : Implement `check_owner` function to verify account is owned by specified program, returning `AccountOwnedByWrongProgram` (20001) error on mismatch

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:58:50.237Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/ACCOUNT_CHECKS.md:0-0
Timestamp: 2025-11-24T17:58:50.237Z
Learning: Applies to program-libs/account-checks/docs/program-libs/account-checks/src/checks.rs : Implement `check_account_info_mut` function to validate account is writable, owned by program_id, and discriminator matches type T

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-12-07T03:17:42.217Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/CLAUDE.md:0-0
Timestamp: 2025-12-07T03:17:42.217Z
Learning: Applies to program-libs/account-checks/**/checks.rs : Provide account ownership validation functions (`check_owner`, `check_program`) in checks module

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

📚 Learning: 2025-11-24T17:58:50.237Z

Learnt from: CR
Repo: Lightprotocol/light-protocol PR: 0
File: program-libs/account-checks/docs/ACCOUNT_CHECKS.md:0-0
Timestamp: 2025-11-24T17:58:50.237Z
Learning: Applies to program-libs/account-checks/docs/program-libs/account-checks/src/checks.rs : Implement `check_account_info_non_mut` function to validate account is NOT writable, owned by program_id, and discriminator matches type T

Applied to files:

• programs/compressed-token/program/src/create_associated_token_account.rs

🧬 Code graph analysis (1)

programs/compressed-token/program/src/create_associated_token_account.rs (2)

program-libs/ctoken-interface/src/state/ctoken/zero_copy.rs (1)

• zero_copy_at_checked (473-488)

program-libs/compressed-account/src/pubkey.rs (1)

• new_from_array (79-81)

⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: programs (system-cpi-test-v2-functional-account-infos, ["cargo-test-sbf -p system-cpi-v2-test -- ...
• GitHub Check: programs (system-cpi-test, ["cargo-test-sbf -p system-cpi-test", "cargo test -p light-system-prog...
• GitHub Check: programs (system-cpi-test-v2-functional-read-only, ["cargo-test-sbf -p system-cpi-v2-test -- func...
• GitHub Check: programs (account-compression-and-registry, ["cargo-test-sbf -p account-compression-test", "cargo...
• GitHub Check: programs (compressed-token-and-e2e, ["cargo test -p light-compressed-token", "cargo-test-sbf -p c...
• GitHub Check: stateless-js-v2

🔇 Additional comments (2)

programs/compressed-token/program/src/create_associated_token_account.rs (2)

3-11: LGTM!

Import additions are well-aligned with usage: AccountInfoTrait for try_borrow_data() and CToken for zero-copy deserialization. Clean organization.

---

106-134: Solid security enhancement for idempotent ATA creation.

This change properly validates that an existing ATA's internal state (mint and owner fields) matches expectations, not just the PDA derivation. This prevents accepting a correctly-derived ATA address that might have mismatched internal data.

The implementation is sound:

• zero_copy_at_checked validates account initialization state before field access
• Byte comparisons are direct and avoid unnecessary allocations
• Detailed error messages aid debugging while still returning appropriate InvalidAccountData errors

One minor observation: mapping all CTokenError variants to InvalidAccountData (line 112) loses diagnostic specificity (e.g., InvalidAccountState vs InvalidAccountData from the underlying check). This is acceptable for the public error but could make debugging harder in some edge cases.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}