Port Protocol

Solana has authentication (signing) but no authorization (what signers can do). Port adds that missing layer. You delegate a token account to your Port PDA, attach rules, and every transfer must pass through the rule pipeline. If it fails, the transfer is rejected on-chain.

Program ID: 6YrcR3XaF5uJYtNiZnREouLWVUMRUvXTCJxDX8CeHBo7

Status: Live on Solana devnet.

How It Works

1. Create a Port for a specific token mint. Each mint gets its own Port PDA with isolated rules and counters.
2. Delegate token account authority to the Port PDA. Your wallet can no longer transfer directly from that account.
3. Add rules to define what transfers are allowed. Rules are per-mint, so different tokens can have different protections.
4. Transfer through the Port. The program evaluates every active rule. All must pass.
5. Undelegate or revoke at any time to reclaim direct control.

Rule Types

Type	Description
Amount Threshold	Transfers above a max amount require a co-signer. Below the threshold, transfers pass freely.
Rate Limit	Caps total tokens transferred within a rolling time window. Prevents rapid drain.
Whitelist	Only allows transfers to specific destination wallets (up to 3 per rule). Everything else is rejected.
Time Window	Restricts transfers to specific hours of the day (UTC). Outside the window, all transfers are blocked.
Auto Sweep	When the source account balance exceeds a threshold, anyone can trigger a sweep to a cold wallet. Automated via TukTuk cron.

Rules can be combined. A port with a Whitelist + Rate Limit + Time Window rule will enforce all three on every transfer.

Up to 16 rules per port. Each rule can be individually enabled, disabled, or removed.

Architecture

port-protocol/
  programs/port-core/    Solana program (Pinocchio, no_std)
  client/                TypeScript SDK (Codama-generated from Shank IDL)
  app/                   Next.js dashboard and landing page
  scripts/               TukTuk automation (task queue + cron sweep)
  idl/                   Shank IDL output
  docs/                  Design docs and implementation plan

On-Chain Program

Built with Pinocchio for minimal CU consumption. 16 rules evaluate in roughly 10,000 CU.

10 instructions: create_port, add_rule, update_rule, remove_rule, execute_transfer, trigger_sweep, revoke_port, freeze_port, unfreeze_port, undelegate.

Two account types:

• PortAccount (144 bytes): owner, mint, active rules bitmask, freeze state, transfer counters, rate limit window tracking. One per wallet-mint pair.
• RuleAccount (172 bytes): rule type, active flag, 128-byte data field for type-specific parameters.

Both SPL Token and Token-2022 are supported for transfers and authority management.

Client SDK

Generated with Codama from the Shank IDL. Provides typed instruction builders, PDA derivation helpers, and rule data encoders for all five rule types.

npm install @port-protocol/client

Dashboard

Next.js 16 with Tailwind CSS 4 and Motion for animations. Connects via @solana/wallet-adapter-react (auto-detects Phantom, Solflare, Backpack, and other wallet-standard wallets).

Features:

• Token-centric dashboard: one card per mint showing protection status, rules, accounts, and transfers
• Port creation, freeze/unfreeze, revoke (per mint)
• Rule management: add, enable/disable, remove with full parameter editing
• Token account delegation and undelegation with automatic port creation
• Transfer execution with automatic rule account inclusion and ATA creation
• Auto Sweep with auto-selected source accounts and destination ATA creation
• Token metadata: fetches on-chain Metaplex data for token images, names, and symbols
• Wrap/unwrap SOL for protecting native SOL via wSOL
• Human-readable error messages naming which rule blocked a transfer

TukTuk Integration

Auto Sweep runs on a schedule using Helium TukTuk for decentralized cron jobs.

• scripts/setup-task-queue.ts: one-time task queue creation and authority setup.
• scripts/schedule-sweep.ts: schedules a recurring sweep cron job for a given port and Auto Sweep rule.

Development

Prerequisites

• Rust with the Solana toolchain (cargo build-sbf)
• Node.js 20+
• Solana CLI configured for devnet

Build the program

cargo build-sbf --manifest-path programs/port-core/Cargo.toml

Run program tests

cargo test --manifest-path programs/port-core/Cargo.toml

75 tests covering all instructions, security edge cases, and CU profiling.

Run the dashboard

cd app
npm install
npm run dev

Opens at http://localhost:3000. The dashboard connects to devnet by default.

Run SDK tests

cd client
npm install
npm test

37 tests (26 unit + 11 e2e devnet integration).

Deploy to devnet

solana program deploy target/deploy/port_core.so \
  --program-id 6YrcR3XaF5uJYtNiZnREouLWVUMRUvXTCJxDX8CeHBo7

Set up TukTuk automation

cd scripts
npm install

# Create task queue (one-time)
ANCHOR_PROVIDER_URL=https://api.devnet.solana.com \
ANCHOR_WALLET=~/.config/solana/id.json \
npx tsx setup-task-queue.ts

# Schedule sweep for a port
ANCHOR_PROVIDER_URL=https://api.devnet.solana.com \
ANCHOR_WALLET=~/.config/solana/id.json \
npx tsx schedule-sweep.ts \
  --port <port_pda> --rule <rule_pda> \
  --source <source_ata> --dest <dest_ata> \
  --mint <mint> --interval 3600

Security

The program has been reviewed for:

• Arithmetic overflow (all math uses checked_add/saturating_sub)
• Missing signer/writable validation on every instruction
• Token program impersonation (assert_known_token_program)
• PDA authority verification
• Rule cross-reference validation
• Whitelist count bounds
• Time window hour bounds (0-23)
• Rate limit window validation (must be > 0)

Emergency freeze is available on every port. Freezing immediately blocks all transfers and sweeps.

Tech Stack

Layer	Stack
Program	Pinocchio 0.10, bytemuck, pinocchio-token, pinocchio-token-2022
IDL	Shank 0.4 + Codama
SDK	@solana/kit 6.5, TypeScript
Frontend	Next.js 16, React 19, Tailwind CSS 4, Motion
Testing	LiteSVM 0.10 (Rust), Vitest (TS)
Automation	Helium TukTuk + Cron SDK

License

MIT