⚓ Anchor Escrow Protocol

Trustless Token Exchange on Solana A non-custodial escrow smart contract facilitating secure, atomic assets swaps between two parties without an intermediary.

💡 The Problem & Solution

In peer-to-peer trades, trust is the bottleneck. If Alice sends tokens to Bob, she must trust Bob to send his tokens back. Anchor Escrow solves this by acting as a programmatic middleman:

1. Alice (Maker) creates an offer, depositing Token A into a secure vault.
2. The Program holds these tokens in a PDA (Program Derived Address).
3. Bob (Taker) can only withdraw Token A if he simultaneously sends the required amount of Token B to Alice.
4. The swap is atomic: either both transfers happen, or neither does.

🏗 System Architecture

The protocol uses a Vault Authority pattern where the program controls the assets via a PDA, ensuring no user (including the developer) can steal funds.

High-Level Flow

[Maker] —(Init & Deposit Token A)→ [Escrow Vault (PDA)] ⬇ [Taker] —(Deposit Token B)→ [Maker] [Escrow Vault] —(Release Token A)→ [Taker]

State Management (Escrow Account)

Every active trade creates a unique Escrow account storing the deal terms:

• Maker: The user who initialized the trade.
• Mint A / Mint B: The token types being exchanged.
• Receive Amount: Exact amount of Token B required.
• Seeds/Bump: Cryptographic proofs for security.

🛠 Tech Stack

• Language: Rust (Anchor Framework)
• Blockchain: Solana
• Client: TypeScript / Mocha (Tests)
• Token Standards: SPL Token & Token Extensions (Interface compatible)

🔐 Security Features

1. Program Derived Addresses (PDAs)

We use PDAs to effectively sign transactions programmatically without storing a private key.

• Vault Identity: The token vault is owned by a PDA derived from seeds: [b"escrow", maker_pubkey, seed_u64].
• Canonical Bump Checks: The program validates the bump passed during initialization to ensure the address falls off the Ed25519 curve, making it mathematically impossible to forge signatures.

2. Constraint Validation (has_one)

We utilize Anchor's #[account(...)] macros to strictly enforce ownership:

• has_one = maker: Ensures only the original creator can refund.
• has_one = mint_a: Prevents attackers from swapping out token types during the trade.

3. Cross-Program Invocations (CPI)

All transfers use CPI to the SPL Token Program. This ensures that the token logic follows the official standard and is not re-implemented (and potentially buggy) custom code.

• Safe Transfers: Uses transfer_checked to validate decimals and mints before moving funds.

🚀 Getting Started

Prerequisites

• Node.js v18+
• Rust & Cargo
• Solana CLI
• Anchor CLI 0.30+

Installation

# 1. Clone the repository
git clone [https://github.com/subodhkd001/anchor_escrow.git](https://github.com/subodhkd001/anchor_escrow.git)
cd anchor_escrow

# 2. Install dependencies
yarn install

# 3. Build the program
anchor build

# 4. Run tests (Local Validator)
anchor test