feat: light mint AccountLoader

[ananas-block]

Notes:

1. we cannot use non anchor types instead of UncheckedAccount or AccountInfo or AccountLoader.
2. it seems like we can implement LightMint or a custom AccountLoader<Mint> only by replacing anchors Accounts

Summary by CodeRabbit

• New Features
  • Introduced new account loading mechanism supporting zero-copy data access patterns
  • Enhanced PDA account helper macros to recognize and support additional account field types
  • Extended Anchor framework integration through additional trait implementations for ecosystem compatibility
  • Added feature-gated module providing optional Anchor framework functionality

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces an AccountLoader<'info, T> zero-copy wrapper type for Light Protocol accounts with full Anchor integration. It includes new macro infrastructure to automatically generate Anchor trait implementations when AccountLoader fields are detected in structs deriving LightAccounts.

Changes

Cohort / File(s)	Summary
Core AccountLoader Type program-libs/token-interface/src/state/mint/anchor_wrapper.rs	New 470-line module introducing AccountLoader<'info, T> wrapper with zero-copy load() / load_mut() methods, Mint-specific helpers, Anchor trait integrations (Accounts, AccountsExit, ToAccountMetas, ToAccountInfos), and new LightZeroCopy trait marker.
Constants & Module Exposure program-libs/token-interface/src/state/mint/compressed_mint.rs, mod.rs	Extracted IS_INITIALIZED_OFFSET constant (value 45) from zero_copy.rs; feature-gated public re-exports of AccountLoader and LightZeroCopy under "anchor" feature.
Zero-Copy Refactor program-libs/token-interface/src/state/mint/zero_copy.rs	Updated to import and reuse IS_INITIALIZED_OFFSET constant instead of local definition.
Macro Attribute & Docs sdk-libs/macros/src/lib.rs	Extended LightAccounts proc-macro to recognize "account" attribute; clarified documentation that AccountLoader<'info, Mint> requires deriving LightAccounts alone.
Macro CodeGen Support sdk-libs/macros/src/light_pdas/accounts/builder.rs	Added 244 lines introducing has_light_loader_fields() and generate_anchor_accounts_impl() methods to detect and emit Anchor trait implementations, bumps type, and client module boilerplate for AccountLoader fields.
Field Parsing Infrastructure sdk-libs/macros/src/light_pdas/accounts/parse.rs	Added 89 lines: new ParsedField struct and type-checking helpers (is_light_loader_type, is_signer_type, has_mut_attribute) to track AccountLoader presence; extended ParsedLightAccountsStruct with all_fields and has_light_loader_fields.
Macro Integration & Detection sdk-libs/macros/src/light_pdas/accounts/derive.rs, light_pdas/program/instructions.rs	Conditionally include generated Anchor implementations when light loader fields detected; extended instruction detection to recognize structs deriving LightAccounts in addition to Accounts.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~28 minutes

Possibly related PRs

• fix: sdk macros #2190 — Modifies sdk-libs/macros codegen to recognize and handle Mint-related light account types alongside this PR's AccountLoader introduction.
• refactor: sdk macros 2 #2175 — Updates sdk-libs/macros to detect and generate Anchor trait implementations specifically for AccountLoader<'info, Mint> fields, directly complementing this PR's type definition.
• feat: macro token account support #2181 — Extends the same light_pdas accounts builder (builder.rs) to support additional account loader types, sharing the infrastructure patterns introduced here.

Suggested labels

ai-review

Suggested reviewers

• sergeytimoshin
• SwenSchaeferjohann

Poem

🔐 Zero-copy dreams now dance with Anchor's grace,
AccountLoader steps in with type-safe embrace,
No validation cruft, just raw account delight—
Mint fields flow true, both mutable and tight! 🌟

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: light mint AccountLoader' clearly and concisely describes the main change: introducing a new AccountLoader for Light Protocol mint accounts.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 70.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch jorrit/feat-light-mint-v2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🤖 Fix all issues with AI agents

In `@program-libs/token-interface/src/state/mint/anchor_wrapper.rs`:
- Around line 49-55: Add the LightZeroCopy trait bound to the generic
AccountLoader<'info, T> so T: LightZeroCopy (and update every impl block for
AccountLoader<'info, T>) — this ensures only types marked by the LightZeroCopy
marker (e.g., Mint) can be used with AccountLoader and keeps the API
self-documenting; update the struct/generic declaration and all impl blocks
referencing AccountLoader<'info, T> to include the T: LightZeroCopy bound.
- Around line 288-469: Add two unit tests: one that verifies
AccountLoader::load_mut successfully returns a mutable Mint when account owner
and data indicate a valid, initialized Mint (set IS_INITIALIZED_OFFSET = 1 and
populate any required fields) and that modifications through the returned &mut
Mint persist in the wrapped AccountInfo data; and another that calls
AccountLoader::load() twice on the same AccountLoader instance (or two fresh
AccountLoader::new(info) views if necessary) to assert both calls succeed and
return equivalent Mint values, ensuring repeated reads are supported. Locate
tests near the existing test module and reference AccountLoader::load_mut and
AccountLoader::load (and IS_INITIALIZED_OFFSET, Mint) when creating the mock
AccountInfo.

In `@sdk-libs/macros/src/light_pdas/accounts/builder.rs`:
- Around line 404-427: The IDL generator (__anchor_private_gen_idl_accounts)
currently hardcodes writable: false and signer: false for every field; update
the code that builds the account list to collect per-field metadata (e.g., use
the ParsedField values: ParsedField.is_mut and ParsedField.is_signer alongside
field_names) and emit each IdlInstructionAccount with writable set to is_mut and
signer set to is_signer; locate the vector construction that iterates over
`#field_names` and change it to iterate over a collected (name, is_mut, is_signer)
tuple so each IdlInstructionAccount reflects the real mutability and signer
flags.

In `@sdk-libs/macros/src/light_pdas/accounts/parse.rs`:
- Around line 204-220: The current has_mut_attribute uses
token_str.contains("mut") which can produce false positives; instead parse the
attribute's Meta::List and iterate its list.nested items, and treat the
attribute as mut only when you find a NestedMeta that is exactly the identifier
"mut" (e.g., match NestedMeta::Meta(syn::Meta::Path(path)) and
path.is_ident("mut")). Update has_mut_attribute to ignore other nested meta
forms (like key = value or function calls) and only return true for a standalone
mut NestedMeta so you don't match substrings inside other tokens.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider adding LightZeroCopy trait bound to AccountLoader<T>.

The LightZeroCopy marker trait exists to mark types compatible with AccountLoader, but the generic AccountLoader<'info, T> struct doesn't require T: LightZeroCopy. Currently, someone could construct AccountLoader<'info, SomeOtherType> even though only Mint has the specialized load() methods.

This isn't a bug (there's no generic load() they could call), but adding the bound would make the API more self-documenting.

🔧 Optional: Add trait bound

-pub struct AccountLoader<'info, T> {
+pub struct AccountLoader<'info, T: LightZeroCopy> {
     info: AccountInfo<'info>,
     _phantom: PhantomData<T>,
 }

Note: This would require adding the bound to all impl blocks as well.

Also applies to: 82-85

🤖 Prompt for AI Agents

In `@program-libs/token-interface/src/state/mint/anchor_wrapper.rs` around lines
49 - 55, Add the LightZeroCopy trait bound to the generic AccountLoader<'info,
T> so T: LightZeroCopy (and update every impl block for AccountLoader<'info, T>)
— this ensures only types marked by the LightZeroCopy marker (e.g., Mint) can be
used with AccountLoader and keeps the API self-documenting; update the
struct/generic declaration and all impl blocks referencing AccountLoader<'info,
T> to include the T: LightZeroCopy bound.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Good test coverage!

The tests cover construction, trait implementations, error cases, and the is_initialized quick check. Consider adding a test for load_mut() success path and a test verifying that calling load() twice works (since each creates a fresh view).

🤖 Prompt for AI Agents

In `@program-libs/token-interface/src/state/mint/anchor_wrapper.rs` around lines
288 - 469, Add two unit tests: one that verifies AccountLoader::load_mut
successfully returns a mutable Mint when account owner and data indicate a
valid, initialized Mint (set IS_INITIALIZED_OFFSET = 1 and populate any required
fields) and that modifications through the returned &mut Mint persist in the
wrapped AccountInfo data; and another that calls AccountLoader::load() twice on
the same AccountLoader instance (or two fresh AccountLoader::new(info) views if
necessary) to assert both calls succeed and return equivalent Mint values,
ensuring repeated reads are supported. Locate tests near the existing test
module and reference AccountLoader::load_mut and AccountLoader::load (and
IS_INITIALIZED_OFFSET, Mint) when creating the mock AccountInfo.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

IDL metadata loses field mutability and signer information.

The generated IdlInstructionAccount hardcodes writable: false and signer: false for all fields, but you have this metadata available in ParsedField.is_mut and ParsedField.is_signer. Clients relying on IDL to construct transactions may incorrectly mark accounts as read-only.

🔧 Proposed fix to use actual field metadata

-                        anchor_lang::idl::types::IdlInstructionAccountItem::Single(
-                            anchor_lang::idl::types::IdlInstructionAccount {
-                                name: stringify!(`#field_names`).into(),
-                                docs: vec![],
-                                writable: false,
-                                signer: false,
-                                optional: false,
-                                address: None,
-                                pda: None,
-                                relations: vec![],
-                            }
-                        )
+                        anchor_lang::idl::types::IdlInstructionAccountItem::Single(
+                            anchor_lang::idl::types::IdlInstructionAccount {
+                                name: stringify!(`#field_names`).into(),
+                                docs: vec![],
+                                writable: `#field_is_mut`,
+                                signer: `#field_is_signer`,
+                                optional: false,
+                                address: None,
+                                pda: None,
+                                relations: vec![],
+                            }
+                        )

You'll need to collect the is_mut and is_signer values alongside field_names:

let field_metadata: Vec<_> = fields.iter().map(|f| {
    let name = &f.ident;
    let is_mut = f.is_mut;
    let is_signer = f.is_signer;
    (name, is_mut, is_signer)
}).collect();

🤖 Prompt for AI Agents

In `@sdk-libs/macros/src/light_pdas/accounts/builder.rs` around lines 404 - 427,
The IDL generator (__anchor_private_gen_idl_accounts) currently hardcodes
writable: false and signer: false for every field; update the code that builds
the account list to collect per-field metadata (e.g., use the ParsedField
values: ParsedField.is_mut and ParsedField.is_signer alongside field_names) and
emit each IdlInstructionAccount with writable set to is_mut and signer set to
is_signer; locate the vector construction that iterates over `#field_names` and
change it to iterate over a collected (name, is_mut, is_signer) tuple so each
IdlInstructionAccount reflects the real mutability and signer flags.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

String-based mut detection may produce false positives.

The token_str.contains("mut") check at line 214 will match any occurrence of "mut" in the attribute content, including:

• #[account(seeds = [b"immutable"])]
• #[account(constraint = compute_mutable(...))]

Consider checking for mut as a standalone token or at word boundaries.

🔧 Proposed fix using word boundary matching

 fn has_mut_attribute(attrs: &[syn::Attribute]) -> bool {
     for attr in attrs {
         if attr.path().is_ident("account") {
             // Parse the attribute content to look for `mut`
             let tokens = match &attr.meta {
                 syn::Meta::List(list) => list.tokens.clone(),
                 _ => continue,
             };
             let token_str = tokens.to_string();
-            if token_str.contains("mut") {
-                return true;
-            }
+            // Check for `mut` as a standalone token (not part of another word)
+            // Handles: mut, mut), (mut, etc.
+            for token in token_str.split(|c: char| !c.is_alphanumeric() && c != '_') {
+                if token == "mut" {
+                    return true;
+                }
+            }
         }
     }
     false
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	/// Check if field has `#[account(mut)]` attribute.
	fn has_mut_attribute(attrs: &[syn::Attribute]) -> bool {
	for attr in attrs {
	if attr.path().is_ident("account") {
	// Parse the attribute content to look for `mut`
	let tokens = match &attr.meta {
	syn::Meta::List(list) => list.tokens.clone(),
	_ => continue,
	};
	let token_str = tokens.to_string();
	if token_str.contains("mut") {
	return true;
	}
	}
	}
	false
	}
	/// Check if field has `#[account(mut)]` attribute.
	fn has_mut_attribute(attrs: &[syn::Attribute]) -> bool {
	for attr in attrs {
	if attr.path().is_ident("account") {
	// Parse the attribute content to look for `mut`
	let tokens = match &attr.meta {
	syn::Meta::List(list) => list.tokens.clone(),
	_ => continue,
	};
	let token_str = tokens.to_string();
	// Check for `mut` as a standalone token (not part of another word)
	// Handles: mut, mut), (mut, etc.
	for token in token_str.split(|c: char| !c.is_alphanumeric() && c != '_') {
	if token == "mut" {
	return true;
	}
	}
	}
	}
	false
	}

🤖 Prompt for AI Agents

In `@sdk-libs/macros/src/light_pdas/accounts/parse.rs` around lines 204 - 220, The
current has_mut_attribute uses token_str.contains("mut") which can produce false
positives; instead parse the attribute's Meta::List and iterate its list.nested
items, and treat the attribute as mut only when you find a NestedMeta that is
exactly the identifier "mut" (e.g., match
NestedMeta::Meta(syn::Meta::Path(path)) and path.is_ident("mut")). Update
has_mut_attribute to ignore other nested meta forms (like key = value or
function calls) and only return true for a standalone mut NestedMeta so you
don't match substrings inside other tokens.