Documentação SolanaTokens na SolanaExtensões

Queima com Permissão

O Que É a Queima com Permissão?

A extensão de mint PermissionedBurnConfig do Token Extensions Program exige que uma autoridade de queima configurada co-assine cada queima do mint.

Enquanto a autoridade de queima estiver definida:

  • As instruções padrão Burn e BurnChecked falham com TokenError::InvalidInstruction.
  • As queimas devem usar PermissionedBurnInstruction::Burn ou PermissionedBurnInstruction::BurnChecked, assinadas tanto pela autoridade de queima quanto pelo proprietário ou delegado do token account.

A autoridade de queima é uma co-assinante, não uma substituta do proprietário. A autoridade por si só não pode queimar tokens do token account de outra pessoa, e o proprietário de um token account não pode queimar sem a assinatura da autoridade. Um delegado permanente também deve usar as instruções de queima com permissão e ainda precisa da co-assinatura da autoridade de queima.

Isso permite que um emissor mantenha o fornecimento de tokens sincronizado com um registro fora da cadeia — por exemplo, um ativo tokenizado que deve permanecer lastreado em proporção de 1:1 — impedindo que os detentores queimem tokens unilateralmente.

A autoridade de queima pode ser rotacionada posteriormente com SetAuthority usando AuthorityType::PermissionedBurn. Definir a autoridade como None desativa a queima com permissão e reativa as instruções de queima padrão. Os dados da extensão permanecem no mint.

Disponibilidade

A queima com permissão está disponível no Token-2022 program@v11.0.0. Está disponível no devnet hoje e está prevista para ser habilitada na mainnet em junho de 2026. O Token Extensions Program é implantado separadamente em cada cluster, portanto, confirme se a implantação no cluster alvo inclui a versão v11.0.0 ou posterior.

Um validator de teste local também inclui uma versão mais antiga do Token-2022, portanto, para executar os exemplos desta página, carregue o programa v11.0.0 da devnet no seu validator de teste:

Terminal
solana program dump -u devnet TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb token_2022.so

solana-test-validator --reset --bpf-program TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb token_2022.so

Como Criar um Mint e Burn com Permissão

Para criar um mint com burn com permissão e queimar tokens:

  1. Calcule o tamanho do mint account e o rent necessário para o mint e a extensão PermissionedBurnConfig.
  2. Crie o mint account com CreateAccount, inicialize PermissionedBurnConfig e inicialize o mint com InitializeMint.
  3. Crie um token account e emita tokens.
  4. Execute o burn com PermissionedBurnInstruction::BurnChecked assinado tanto pelo proprietário do token account quanto pela autoridade de burn.
  5. Opcionalmente, desative o burn com permissão usando SetAuthority com AuthorityType::PermissionedBurn e uma autoridade None, o que reativa as instruções de burn padrão. Os exemplos de código completos abaixo mostram esta etapa.

Calcular o tamanho da conta

Calcule o tamanho do mint account para o mint base mais a extensão PermissionedBurnConfig. Este é o tamanho utilizado em CreateAccount.

Calcular o rent

Calcule o rent usando o tamanho necessário para o mint mais a extensão PermissionedBurnConfig.

Criar o mint account

Crie o mint account com o espaço e os lamports calculados.

Inicializar PermissionedBurn

Inicialize a extensão PermissionedBurnConfig no mint com a autoridade de burn.

Inicializar o mint

Inicialize o mint com InitializeMint na mesma transação.

Criar um token account e cunhar tokens

Crie um token account para o pagador e cunhe tokens para ele.

Example
const client = await createClient()

  .use(generatedPayer())

  .use(

    solanaRpc({

      rpcUrl: "http://localhost:8899",

      rpcSubscriptionsUrl: "ws://localhost:8900"

    })

  )

  .use(rpcAirdrop())

  .use(airdropPayer(lamports(1_000_000_000n)));



const mint = await generateKeyPairSigner();

const burnAuthority = await generateKeyPairSigner();



const permissionedBurnExtension = extension("PermissionedBurn", {

  authority: burnAuthority.address

});



const mintSpace = BigInt(getMintSize([permissionedBurnExtension]));



const mintRent = await client.rpc

  .getMinimumBalanceForRentExemption(mintSpace)

  .send();



await client.sendTransaction([

  getCreateAccountInstruction({

    payer: client.payer,

    newAccount: mint,

    lamports: mintRent,

    space: mintSpace,

    programAddress: TOKEN_2022_PROGRAM_ADDRESS

  }),

  getInitializePermissionedBurnInstruction({

    mint: mint.address,

    authority: burnAuthority.address

  }),

  getInitializeMintInstruction({

    mint: mint.address,

    decimals: 0,

    mintAuthority: client.payer.address,

    freezeAuthority: client.payer.address

  })

]);



const [sourceToken] = await findAssociatedTokenPda({

  mint: mint.address,

  owner: client.payer.address,

  tokenProgram: TOKEN_2022_PROGRAM_ADDRESS

});



await client.sendTransaction([

  await getCreateAssociatedTokenInstructionAsync({

    payer: client.payer,

    mint: mint.address,

    owner: client.payer.address

  }),

  getMintToCheckedInstruction({

    mint: mint.address,

    token: sourceToken,

    mintAuthority: client.payer,

    amount: 2n,

    decimals: 0

  })

]);

Queimar com a autoridade de queima

Queime tokens com PermissionedBurnInstruction::BurnChecked assinado tanto pelo proprietário do token account quanto pela autoridade de queima.

Example
const client = await createClient()

  .use(generatedPayer())

  .use(

    solanaRpc({

      rpcUrl: "http://localhost:8899",

      rpcSubscriptionsUrl: "ws://localhost:8900"

    })

  )

  .use(rpcAirdrop())

  .use(airdropPayer(lamports(1_000_000_000n)));



const mint = await generateKeyPairSigner();

const burnAuthority = await generateKeyPairSigner();



const permissionedBurnExtension = extension("PermissionedBurn", {

  authority: burnAuthority.address

});



const mintSpace = BigInt(getMintSize([permissionedBurnExtension]));



const mintRent = await client.rpc

  .getMinimumBalanceForRentExemption(mintSpace)

  .send();



await client.sendTransaction([

  getCreateAccountInstruction({

    payer: client.payer,

    newAccount: mint,

    lamports: mintRent,

    space: mintSpace,

    programAddress: TOKEN_2022_PROGRAM_ADDRESS

  }),

  getInitializePermissionedBurnInstruction({

    mint: mint.address,

    authority: burnAuthority.address

  }),

  getInitializeMintInstruction({

    mint: mint.address,

    decimals: 0,

    mintAuthority: client.payer.address,

    freezeAuthority: client.payer.address

  })

]);



const [sourceToken] = await findAssociatedTokenPda({

  mint: mint.address,

  owner: client.payer.address,

  tokenProgram: TOKEN_2022_PROGRAM_ADDRESS

});



await client.sendTransaction([

  await getCreateAssociatedTokenInstructionAsync({

    payer: client.payer,

    mint: mint.address,

    owner: client.payer.address

  }),

  getMintToCheckedInstruction({

    mint: mint.address,

    token: sourceToken,

    mintAuthority: client.payer,

    amount: 2n,

    decimals: 0

  })

]);



await client.sendTransaction([

  getPermissionedBurnCheckedInstruction({

    account: sourceToken,

    mint: mint.address,

    permissionedBurnAuthority: burnAuthority,

    authority: client.payer,

    amount: 1n,

    decimals: 0

  })

]);

Calcular o tamanho da conta

Calcule o tamanho do mint account para o mint base mais a extensão PermissionedBurnConfig. Este é o tamanho utilizado em CreateAccount.

Calcular o rent

Calcule o rent usando o tamanho necessário para o mint mais a extensão PermissionedBurnConfig.

Criar o mint account

Crie o mint account com o espaço e os lamports calculados.

Inicializar PermissionedBurn

Inicialize a extensão PermissionedBurnConfig no mint com a autoridade de burn.

Inicializar o mint

Inicialize o mint com InitializeMint na mesma transação.

Criar um token account e cunhar tokens

Crie um token account para o pagador e cunhe tokens para ele.

Queimar com a autoridade de queima

Queime tokens com PermissionedBurnInstruction::BurnChecked assinado tanto pelo proprietário do token account quanto pela autoridade de queima.

Example
const client = await createClient()

  .use(generatedPayer())

  .use(

    solanaRpc({

      rpcUrl: "http://localhost:8899",

      rpcSubscriptionsUrl: "ws://localhost:8900"

    })

  )

  .use(rpcAirdrop())

  .use(airdropPayer(lamports(1_000_000_000n)));



const mint = await generateKeyPairSigner();

const burnAuthority = await generateKeyPairSigner();



const permissionedBurnExtension = extension("PermissionedBurn", {

  authority: burnAuthority.address

});



const mintSpace = BigInt(getMintSize([permissionedBurnExtension]));

Ordem das Instruções

PermissionedBurnInstruction::Initialize deve vir antes de InitializeMint. CreateAccount, PermissionedBurnInstruction::Initialize e InitializeMint devem estar incluídos na mesma transação.

Referência de Origem

ItemDescriçãoOrigem
PermissionedBurnConfigExtensão de mint que armazena a autoridade necessária para co-assinar cada queima do mint.Origem
PermissionedBurnInstruction::InitializeInstrução que inicializa a configuração de queima com permissão antes de InitializeMint.Origem
PermissionedBurnInstruction::BurnInstrução de queima que requer assinaturas da autoridade de queima e do proprietário ou delegado do token account.Origem
PermissionedBurnInstruction::BurnCheckedInstrução de queima com verificação de casas decimais que usa as mesmas contas que PermissionedBurnInstruction::Burn.Origem
AuthorityType::PermissionedBurnDiscriminador de autoridade usado com SetAuthority para rotacionar ou desativar a autoridade de queima num mint.Origem
process_initializeLógica do processador que inicializa PermissionedBurnConfig num mint não inicializado e armazena a autoridade de queima.Origem
process_burnLógica do processador que rejeita queimas padrão quando a autoridade de queima está definida e verifica a assinatura da autoridade.Origem
process_set_authorityLógica do processador que valida e rotaciona a autoridade de queima quando AuthorityType::PermissionedBurn é utilizado.Origem

Typescript

O exemplo Kit abaixo usa as instruções geradas diretamente. O pacote legado publicado @solana/spl-token ainda não inclui suporte a queima com permissão, portanto, nenhum exemplo legado está incluído.

Kit

Instructions
import {

  lamports,

  createClient,

  generateKeyPairSigner,

  unwrapOption

} from "@solana/kit";

import { solanaRpc, rpcAirdrop } from "@solana/kit-plugin-rpc";

import { generatedPayer, airdropPayer } from "@solana/kit-plugin-signer";

import { getCreateAccountInstruction } from "@solana-program/system";

import {

  AuthorityType,

  extension,

  fetchMint,

  fetchToken,

  findAssociatedTokenPda,

  getBurnCheckedInstruction,

  getCreateAssociatedTokenInstructionAsync,

  getInitializeMintInstruction,

  getInitializePermissionedBurnInstruction,

  getMintSize,

  getMintToCheckedInstruction,

  getPermissionedBurnCheckedInstruction,

  getSetAuthorityInstruction,

  isExtension,

  TOKEN_2022_PROGRAM_ADDRESS

} from "@solana-program/token-2022";



const client = await createClient()

  .use(generatedPayer())

  .use(

    solanaRpc({

      rpcUrl: "http://localhost:8899",

      rpcSubscriptionsUrl: "ws://localhost:8900"

    })

  )

  .use(rpcAirdrop())

  .use(airdropPayer(lamports(1_000_000_000n)));



const mint = await generateKeyPairSigner();

const burnAuthority = await generateKeyPairSigner();



const permissionedBurnExtension = extension("PermissionedBurn", {

  authority: burnAuthority.address

});

const mintSpace = BigInt(getMintSize([permissionedBurnExtension]));

const mintRent = await client.rpc

  .getMinimumBalanceForRentExemption(mintSpace)

  .send();



await client.sendTransaction([

  getCreateAccountInstruction({

    payer: client.payer, // Account funding account creation.

    newAccount: mint, // New mint account to create.

    lamports: mintRent, // Lamports funding the mint account rent.

    space: mintSpace, // Account size in bytes for the mint plus PermissionedBurnConfig.

    programAddress: TOKEN_2022_PROGRAM_ADDRESS // Program that owns the mint account.

  }),

  getInitializePermissionedBurnInstruction({

    mint: mint.address, // Mint account that stores the PermissionedBurnConfig extension.

    authority: burnAuthority.address // Authority required to co-sign every burn for the mint.

  }),

  getInitializeMintInstruction({

    mint: mint.address, // Mint account to initialize.

    decimals: 0, // Number of decimals for the token.

    mintAuthority: client.payer.address, // Authority allowed to mint new tokens.

    freezeAuthority: client.payer.address // Authority allowed to freeze token accounts.

  })

]);



const [sourceToken] = await findAssociatedTokenPda({

  mint: mint.address,

  owner: client.payer.address,

  tokenProgram: TOKEN_2022_PROGRAM_ADDRESS

});



await client.sendTransaction([

  await getCreateAssociatedTokenInstructionAsync({

    payer: client.payer, // Account funding the associated token account creation.

    mint: mint.address, // Mint for the associated token account.

    owner: client.payer.address // Owner of the associated token account.

  }),

  getMintToCheckedInstruction({

    mint: mint.address, // Mint account that issues the tokens.

    token: sourceToken, // Token account receiving the newly minted tokens.

    mintAuthority: client.payer, // Signer authorized to mint new tokens.

    amount: 2n, // Token amount in base units.

    decimals: 0 // Decimals defined on the mint.

  })

]);



let standardBurnFailure: string | undefined;

try {

  await client.sendTransaction([

    getBurnCheckedInstruction({

      account: sourceToken, // Token account to burn from.

      mint: mint.address, // Mint with the permissioned burn configuration.

      authority: client.payer, // Token account owner signing the burn.

      amount: 1n, // Token amount in base units.

      decimals: 0 // Decimals defined on the mint.

    })

  ]);

} catch (error) {

  standardBurnFailure = error instanceof Error ? error.message : String(error);

}

if (!standardBurnFailure) {

  throw new Error("Expected the standard burn to fail");

}



await client.sendTransaction([

  getPermissionedBurnCheckedInstruction({

    account: sourceToken, // Token account to burn from.

    mint: mint.address, // Mint with the permissioned burn configuration.

    permissionedBurnAuthority: burnAuthority, // Burn authority co-signing the burn.

    authority: client.payer, // Token account owner signing the burn.

    amount: 1n, // Token amount in base units.

    decimals: 0 // Decimals defined on the mint.

  })

]);



await client.sendTransaction([

  getSetAuthorityInstruction({

    owned: mint.address, // Mint with the permissioned burn configuration.

    owner: burnAuthority, // Current burn authority signing the update.

    authorityType: AuthorityType.PermissionedBurn, // Authority type to update.

    newAuthority: null // Setting the authority to None disables permissioned burning.

  })

]);



await client.sendTransaction([

  getBurnCheckedInstruction({

    account: sourceToken, // Token account to burn from.

    mint: mint.address, // Mint with permissioned burning disabled.

    authority: client.payer, // Token account owner signing the burn.

    amount: 1n, // Token amount in base units.

    decimals: 0 // Decimals defined on the mint.

  })

]);



const sourceAccount = await fetchToken(client.rpc, sourceToken);

const mintAccount = await fetchMint(client.rpc, mint.address);

const permissionedBurnConfig = (

  unwrapOption(mintAccount.data.extensions) ?? []

).find((item) => isExtension("PermissionedBurn", item));



console.log("Mint Address:", mint.address);

console.log("Error From Failed Standard Burn:", standardBurnFailure);

console.log("Source Amount After Burns:", sourceAccount.data.amount);

console.log("Extension After Disable:", permissionedBurnConfig);

Rust

Rust
use anyhow::{anyhow, Result};

use solana_client::nonblocking::rpc_client::RpcClient;

use solana_commitment_config::CommitmentConfig;

use solana_sdk::{

    signature::{Keypair, Signer},

    transaction::Transaction,

};

use solana_system_interface::instruction::create_account;

use spl_associated_token_account_interface::{

    address::get_associated_token_address_with_program_id,

    instruction::create_associated_token_account,

};

use spl_token_2022_interface::{

    extension::{

        permissioned_burn::{instruction as permissioned_burn_ix, PermissionedBurnConfig},

        BaseStateWithExtensions, ExtensionType, StateWithExtensions,

    },

    instruction::{burn_checked, initialize_mint, mint_to_checked, set_authority, AuthorityType},

    state::{Account, Mint},

    ID as TOKEN_2022_PROGRAM_ID,

};



#[tokio::main]

async fn main() -> Result<()> {

    let client = RpcClient::new_with_commitment(

        String::from("http://localhost:8899"),

        CommitmentConfig::confirmed(),

    );

    let fee_payer = Keypair::new();

    let burn_authority = Keypair::new();



    let airdrop_signature = client

        .request_airdrop(&fee_payer.pubkey(), 5_000_000_000)

        .await?;



    loop {

        let confirmed = client.confirm_transaction(&airdrop_signature).await?;

        if confirmed {

            break;

        }

    }



    let mint = Keypair::new();



    let mint_space =

        ExtensionType::try_calculate_account_len::<Mint>(&[ExtensionType::PermissionedBurn])?;

    let mint_rent = client

        .get_minimum_balance_for_rent_exemption(mint_space)

        .await?;



    let create_mint_transaction = Transaction::new_signed_with_payer(

        &[

            create_account(

                &fee_payer.pubkey(), // Account funding account creation.

                &mint.pubkey(), // New mint account to create.

                mint_rent, // Lamports funding the mint account rent.

                mint_space as u64, // Account size in bytes for the mint plus PermissionedBurnConfig.

                &TOKEN_2022_PROGRAM_ID, // Program that owns the mint account.

            ),

            permissioned_burn_ix::initialize(

                &TOKEN_2022_PROGRAM_ID, // Token program that owns the mint.

                &mint.pubkey(), // Mint account that stores the PermissionedBurnConfig extension.

                &burn_authority.pubkey(), // Authority required to co-sign every burn for the mint.

            )?,

            initialize_mint(

                &TOKEN_2022_PROGRAM_ID, // Program that owns the mint account.

                &mint.pubkey(), // Mint account to initialize.

                &fee_payer.pubkey(), // Authority allowed to mint new tokens.

                Some(&fee_payer.pubkey()), // Authority allowed to freeze token accounts.

                0, // Number of decimals for the token.

            )?,

        ],

        Some(&fee_payer.pubkey()),

        &[&fee_payer, &mint],

        client.get_latest_blockhash().await?,

    );

    client

        .send_and_confirm_transaction(&create_mint_transaction)

        .await?;



    let source_token = get_associated_token_address_with_program_id(

        &fee_payer.pubkey(),

        &mint.pubkey(),

        &TOKEN_2022_PROGRAM_ID,

    );



    let create_token_account_transaction = Transaction::new_signed_with_payer(

        &[

            create_associated_token_account(

                &fee_payer.pubkey(), // Account funding the associated token account creation.

                &fee_payer.pubkey(), // Owner of the associated token account.

                &mint.pubkey(), // Mint for the associated token account.

                &TOKEN_2022_PROGRAM_ID, // Token program that owns the token account.

            ),

            mint_to_checked(

                &TOKEN_2022_PROGRAM_ID, // Token program that owns the mint and token account.

                &mint.pubkey(), // Mint account that issues the tokens.

                &source_token, // Token account receiving the newly minted tokens.

                &fee_payer.pubkey(), // Signer authorized to mint new tokens.

                &[&fee_payer.pubkey()], // Additional multisig signers.

                2, // Token amount in base units.

                0, // Decimals defined on the mint.

            )?,

        ],

        Some(&fee_payer.pubkey()),

        &[&fee_payer],

        client.get_latest_blockhash().await?,

    );

    client

        .send_and_confirm_transaction(&create_token_account_transaction)

        .await?;



    let standard_burn_ix = burn_checked(

        &TOKEN_2022_PROGRAM_ID, // Token program that processes the burn.

        &source_token, // Token account to burn from.

        &mint.pubkey(), // Mint with the permissioned burn configuration.

        &fee_payer.pubkey(), // Token account owner signing the burn.

        &[&fee_payer.pubkey()], // Additional multisig signers.

        1, // Token amount in base units.

        0, // Decimals defined on the mint.

    )?;



    let standard_burn_transaction = Transaction::new_signed_with_payer(

        &[standard_burn_ix],

        Some(&fee_payer.pubkey()),

        &[&fee_payer],

        client.get_latest_blockhash().await?,

    );

    let standard_burn_result = client

        .simulate_transaction(&standard_burn_transaction)

        .await?;

    let standard_burn_failure = standard_burn_result

        .value

        .err

        .ok_or_else(|| anyhow!("Expected the standard burn to fail"))?;



    let permissioned_burn_instruction = permissioned_burn_ix::burn_checked(

        &TOKEN_2022_PROGRAM_ID, // Token program that processes the burn.

        &source_token, // Token account to burn from.

        &mint.pubkey(), // Mint with the permissioned burn configuration.

        &burn_authority.pubkey(), // Burn authority co-signing the burn.

        &fee_payer.pubkey(), // Token account owner signing the burn.

        &[], // Additional multisig signers.

        1, // Token amount in base units.

        0, // Decimals defined on the mint.

    )?;



    let permissioned_burn_transaction = Transaction::new_signed_with_payer(

        &[permissioned_burn_instruction],

        Some(&fee_payer.pubkey()),

        &[&fee_payer, &burn_authority],

        client.get_latest_blockhash().await?,

    );

    client

        .send_and_confirm_transaction(&permissioned_burn_transaction)

        .await?;



    let disable_authority_transaction = Transaction::new_signed_with_payer(

        &[

            set_authority(

                &TOKEN_2022_PROGRAM_ID, // Token program that owns the mint.

                &mint.pubkey(), // Mint with the permissioned burn configuration.

                None, // Setting the authority to None disables permissioned burning.

                AuthorityType::PermissionedBurn, // Authority type to update.

                &burn_authority.pubkey(), // Current burn authority signing the update.

                &[], // Additional multisig signers.

            )?,

        ],

        Some(&fee_payer.pubkey()),

        &[&fee_payer, &burn_authority],

        client.get_latest_blockhash().await?,

    );

    client

        .send_and_confirm_transaction(&disable_authority_transaction)

        .await?;



    let standard_burn_after_disable_transaction = Transaction::new_signed_with_payer(

        &[

            burn_checked(

                &TOKEN_2022_PROGRAM_ID, // Token program that processes the burn.

                &source_token, // Token account to burn from.

                &mint.pubkey(), // Mint with permissioned burning disabled.

                &fee_payer.pubkey(), // Token account owner signing the burn.

                &[&fee_payer.pubkey()], // Additional multisig signers.

                1, // Token amount in base units.

                0, // Decimals defined on the mint.

            )?,

        ],

        Some(&fee_payer.pubkey()),

        &[&fee_payer],

        client.get_latest_blockhash().await?,

    );

    client

        .send_and_confirm_transaction(&standard_burn_after_disable_transaction)

        .await?;



    let source_account = client.get_account(&source_token).await?;

    let source_state = StateWithExtensions::<Account>::unpack(&source_account.data)?;

    let mint_account = client.get_account(&mint.pubkey()).await?;

    let mint_state = StateWithExtensions::<Mint>::unpack(&mint_account.data)?;

    let permissioned_burn_config = mint_state.get_extension::<PermissionedBurnConfig>()?;



    println!("Mint Address: {}", mint.pubkey());

    println!(

        "Error From Failed Standard Burn: {:?}",

        standard_burn_failure

    );

    println!(

        "Source Amount After Burns: {}",

        u64::from(source_state.base.amount)

    );

    println!("Extension After Disable: {:?}", permissioned_burn_config);



    Ok(())

}

Is this page helpful?

Anterior

Cunhagem pausável

Próximo

Transferência confidencial

Índice

Editar Página
Use Solana
Desenvolver
Empresarial
Produtos
Ecossistema
Agentes de IA
© 2026 Fundação Solana. Todos os direitos reservados.