serviceability: add reservation account for connection pre-reservation#3086
Open
martinsander00 wants to merge 5 commits intomainfrom
Open
serviceability: add reservation account for connection pre-reservation#3086martinsander00 wants to merge 5 commits intomainfrom
martinsander00 wants to merge 5 commits intomainfrom
Conversation
Add Reservation onchain account to hold connection seats on devices before the Activator creates the actual User account. This enables the reserve-connections-for-settlement workflow where an offchain oracle can pre-reserve capacity. New state: - Reservation struct (account_type, owner, device_pk, client_ip, status) - ReservationStatus enum (Reserved, Settled, Pruned) - PDA: [prefix, reservation, device_pk, client_ip] New instructions: - ReserveConnection (95): creates reservation, increments device.reserved_seats - PruneReservation (96): marks pruned, decrements device.reserved_seats - SettleReservation (97): marks settled, seat stays committed GlobalState changes: - reservation_authority_pk field for access control Device changes: - reserved_seats field, factored into capacity checks
…uction Remove ReservationStatus enum and status field — account existence is sufficient. Collapse PruneReservation + SettleReservation into a single CloseReservation that closes the account and decrements reserved_seats. Add integration tests for reserve, close, capacity, and double-reserve.
Add test_reserve_connection_at_capacity_with_users_count that sets users_count=1 via UpdateDevice and verifies the combined capacity formula (users_count + reserved_seats >= max_users) rejects correctly.
Replace the foundation_allowlist fallback test with a proper test that creates a second keypair not in the allowlist and not the reservation authority, then verifies ReserveConnection fails with NotAllowed.
martinsander00
requested review from
bgm-malbeclabs,
karl-dz,
packethog and
snormore
Add Device.reserved_seats (u16) and GlobalState.reservation_authority_pk (pubkey) to Go, TypeScript, and Python SDKs. Regenerate binary fixtures.
snormore
reviewed
Feb 24, 2026
| pub activator_authority_pk: Option<Pubkey>, | ||
| pub sentinel_authority_pk: Option<Pubkey>, | ||
| pub health_oracle_pk: Option<Pubkey>, | ||
| #[incremental(default = None)] |
Contributor
There was a problem hiding this comment.
You can exclude this and it'll just use None as the default.
| let mut device = Device::try_from(device_account)?; | ||
|
|
||
| // Check device capacity: users_count + reserved_seats < max_users | ||
| if device.max_users > 0 && device.users_count + device.reserved_seats >= device.max_users { |
Contributor
There was a problem hiding this comment.
If max_users == 0 I think we want this to error with MaxUsersExceeded
| let mut device = Device::try_from(device_account)?; | ||
|
|
||
| // Check device capacity: users_count + reserved_seats < max_users | ||
| if device.max_users > 0 && device.users_count + device.reserved_seats >= device.max_users { |
Contributor
There was a problem hiding this comment.
We need take into account reserved seats on user create too right? Here: https://github.com/malbeclabs/doublezero/blob/ms/reserve-connections/smartcontract/programs/doublezero-serviceability/src/processors/user/create.rs#L236
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Reservationonchain account that allows an offchain reservation authority to pre-reserve connection seats on devices before the Activator creates User accountsReserveConnectionandCloseReservationinstructions — account existence represents a reserved seat, closing the account releases itreserved_seatsto Device, factored into capacity checks (users_count + reserved_seats >= max_users)reservation_authority_pkto GlobalState for access controlKey files
state/reservation.rs— new Reservation account struct and serializationstate/device.rs—reserved_seatsfield, capacity check updateprocessors/reservation/reserve.rs— ReserveConnection processorprocessors/reservation/close.rs— CloseReservation processor (closes account, decrements seats)processors/globalstate/setauthority.rs— support for settingreservation_authority_pkDetails
The Reservation account is a lightweight PDA (
[prefix, reservation, device_pk, client_ip]) that tracks which device and client IP a seat is held for. There is no status enum — the account existing means "reserved", and closing it means "done".CloseReservationcloses the account, returns rent to the payer, and decrementsreserved_seatson the device.Authority is checked against
reservation_authority_pkin GlobalState, with a fallback to the foundation allowlist.Testing Verification
make rust-lintclean