Program ID
Escrowae7RaUfNn4oEZHywMXE5zWzYCXenwrCDaEoifg
Deployments
| Network | Program ID |
|---|---|
| Devnet | Escrowae7RaUfNn4oEZHywMXE5zWzYCXenwrCDaEoifg |
Overview
A configurable escrow program for Solana that enables receipt-based token deposits and withdrawals. Admins create escrows and allowlist specific mints, while depositors receive receipts that can be redeemed after optional lock mechanisms (e.g., timelocks, hooks, etc.) are satisfied.
Key Features
- Receipt-based deposits - Each deposit creates a unique receipt PDA for tracking
- Per-escrow mint allowlisting - Admins control which tokens can be deposited
- Token-2022 extension blocking - Optionally block mints with specific extensions (PermanentDelegate, NonTransferable, Pausable, etc.)
- Configurable timelocks - Set lock durations that must pass before withdrawals
- Custom hook programs - Invoke external programs pre/post deposit and withdrawal
Hook Warning
If a hook is configured and the escrow is later made immutable, that hook configuration becomes permanent.
- The hook cannot be changed or removed after immutability is set.
- Hook callbacks run at all four hook points: PreDeposit, PostDeposit, PreWithdraw, PostWithdraw.
- Any hook revert aborts the escrow instruction.
- A buggy or malicious hook can permanently block deposit and/or withdraw flows.
Account Types
| Account | PDA Seeds | Description |
|---|---|---|
| Escrow | ["escrow", escrow_seed] |
Main escrow config (admin, bump) |
| Receipt | ["receipt", escrow, depositor, mint, receipt_seed] |
Deposit record with amount and timestamp |
| AllowedMint | ["allowed_mint", escrow, mint] |
Marker that a mint is allowed |
| EscrowExtensions | ["extensions", escrow] |
TLV-encoded extensions (timelock, hook, blocked extensions) |
Workflow
sequenceDiagram
participant Admin
participant Program
participant Accounts
Admin->>Program: CreatesEscrow
Program->>Accounts: create Escrow PDA
Admin->>Program: AllowMint
Program->>Accounts: create AllowedMint PDA + Vault
Admin-->>Program: AddTimelock (optional)
Program-->>Accounts: create Extensions PDA
Admin-->>Program: SetHook (optional)
Program-->>Accounts: create Extensions PDA
sequenceDiagram
participant Depositor
participant Program
participant Accounts
Depositor->>Program: Deposit
Program->>Accounts: transfer to Vault
Program->>Accounts: create Receipt PDA
Note over Depositor,Accounts: timelock passes
Depositor->>Program: Withdraw
Program->>Accounts: verify Receipt
Program->>Accounts: verify Hooks
Program->>Depositor: transfer tokens
Program->>Accounts: close Receipt
Documentation
- Program Overview - Instructions, accounts, and technical reference
- CU Benchmarks - Compute unit usage per instruction
- Improvements - Possible future enhancements
Local Development
Prerequisites
- Rust
- Node.js (see
.nvmrc) - pnpm (see
package.jsonpackageManager) - Solana CLI
All can be conveniently installed via the Solana CLI Quick Install.
Client Examples
Check out the TypeScript demo for a complete example of the escrow program in action.
Build & Test
# Install dependencies just install # Full build (IDL + clients + program) just build # Run integration tests just integration-test # Format and lint just fmt
Tech Stack
- Pinocchio - Lightweight
no_stdSolana framework - Codama - IDL-driven client generation
- LiteSVM - Fast local testing
Security Audit
escrow has been audited by Accretion. View the audit report.
Audit status, audited-through commit, and the current unaudited delta are tracked in audits/AUDIT_STATUS.md.
Built and maintained by the Solana Foundation.
Licensed under MIT. See LICENSE for details.
Support
- Solana StackExchange - tag
escrow-program - Open an Issue