Other token accounts can be mistaken for multisig accounts

[jstarry]

Problem

Accounts are determined to be multisig if their data size equals the size of a multisig account. There is no restriction on non-multisig accounts that they must not equal the size of a multisig account so other token account types could be mistaken as a multisig account if they are big enough and are set as a token account owner

Doesn't seem likely that this would happen in practice, but if it did, it could result in an owner account that has always passes the owner validation check if m is 0.

Proposed Change

• Assert that token account types are different sizes
• Require token accounts to have a specific size

[mvines]

I think we just need a unit test that asserts the sizes of the three token account types are not the same

[jstarry]

We don't enforce the data length of token accounts when they are initialized though

[mvines]

Ha, yeah we might need to add handling to reject a multisig account where N == 0 as well. It looks like we might accept that

[jstarry]

There is a check for that: is_valid_signer_index

[mvines]

Oh good so then we just need this unit test then: #86 (comment)

[jackcmay]

Do you mean a test like this? ;-)

solana-program-library/token/src/state.rs

Line 597 in 07d249b

fn test_unique_account_sizes() {

I'll add the account size assertions too as I'm looking into breaking up the 'State' enum

[mvines]

Yep!