The Anchor port of ../ledger.js.
ledger.js is the in-memory version of this
program: same fairness laws, now enforced by the
Solana runtime.
programs/ledger/src/ledger.solana.rs โ the
program (Anchor/Rust).tests/ledger.solana.test.ts โ the canonical
Anchor test, run on a local validator. Mirrors
../ledger.test.js scenario-for-scenario.Anchor.toml / Cargo.toml โ workspace config.| ledger.js | on chain |
|---|---|
state.accounts[id] |
a TokenAccount PDA per wallet, seeds ["acct", owner] |
state.refs (dedup) |
a Ref PDA per backing ref, seeds ["ref", sha256(ref)] โ init-once, so a repeated purchase fails at the runtime |
| genesis + oracle | a Config PDA, seeds ["config"] |
RATE = 100 |
const RATE: u64 = 100 (must match) |
decide guards |
require! / checked_* โ same error names |
Fairness, enforced on chain:
record_purchase, which the runtime lets the
oracle signer alone call.Ref PDA is init; a
second purchase with the same ref id aborts.checked_sub
/ checked_mul.Needs the Solana + Anchor toolchain:
# 1. toolchain (once)
sh -c "$(curl -sSfL https://release.anza.xyz/stable/install)"
cargo install anchor-cli --version 0.30.1 --locked
# 2. from this directory
cd aces/solana
yarn # or npm install
anchor keys sync # align declare_id with the
# generated program keypair
anchor test # boots a throwaway validator,
# deploys, runs the TS test
anchor test starts a fresh solana-test-
validator, so no airdrop or funding dance is
needed โ thatโs why localnet is the default here
(devnet airdrops are rate-limited and flaky). To
run against devnet instead: set
[provider] cluster = "devnet", fund the wallet
once, and cache the identity at
~/.config/solana/id.json; the test body is
unchanged.
The program, the test, and the config are
complete and the program ID is already generated
(declare_id! and Anchor.toml are synced). It
has NOT been validator-run inside this projectโs
sandbox: cargo-build-sbf downloads the Solana
platform-tools from GitHub at build time, and
this environmentโs egress proxy re-terminates TLS,
so that specific download fails with an untrusted-
issuer error (and the downloader ignores the CA
env vars). On any ordinary machine (your laptop,
a CI runner without a TLS-intercepting proxy) the
anchor test block above builds and runs as
written. The Rust mirrors the fully-proven
../ledger.js (12/12 in ../ledger.test.js)
one instruction at a time.
The reactive client (shaped like every other sync
adapter โ { publish, subscribe }) is described
in ../ledger.solana.md:
publish maps ledger events to instructions;
subscribe decodes Anchor emit! logs back into
ACES facts with _origin: "solana", so
multisync.combineSync([...]) treats the chain as
one more backend. The fiat on-ramp (Stripe, see
../pay.stripe.md) is the
ONLY place a server is needed โ crypto users pay
the program directly.