# GLAM Programs Documentation

## Global Context

GLAM is a modular Solana program for tokenized vaults, external integrations, and policy enforcement. GLAM Protocol is the core program: it owns the state account, derives the vault account from the state account, records access control, stores vault-level policies, and authorizes vault-signed actions. Readers who want the underlying Solana model for deterministic program-controlled accounts can refer to the official [Program Derived Addresses](https://solana.com/docs/core/pda) documentation.

GLAM Mint manages Token-2022 share mints, subscription and redemption flows, fee logic, request queues, escrows, and pricing validation for tokenized vaults. Token-2022 behavior such as extensions, transfer hooks, and default account state is documented by Solana in the official [Token-2022 extensions](https://solana.com/docs/tokens/extensions) documentation. Integration programs connect a GLAM vault to external protocols while preserving GLAM-level authorization. GLAM Config stores protocol-wide configuration, and GLAM Policies provides Token-2022 transfer-hook policy checks.

Account ownership and purpose:

This document covers 21 programs and 274 instructions. The table below summarizes the persistent accounts each program owns or controls. It intentionally describes account purpose rather than raw PDA seed arrays.

| Program | Program ID | Accounts owned or controlled |
| --- | --- | --- |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | State account, Vault PDA, Anchor event authority |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | Tokenized vault mint, Request queue PDA, Escrow PDA, Anchor event authority |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | Integration authority PDA, Kamino user, obligation, farm, and vault accounts |
| SPL Integration | `G1NTsQ36mjPe89HtPYqxKsjY5HmYsDR6CbD2gd2U2pta` | Integration authority PDA |
| CCTP Integration | `G1NTcMDYgNLpDwgnrpSZvoSKQuR9NXG7S3DmtNQCDmrK` | Integration authority PDA, Anchor event authority |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | Global config PDA, Asset metadata records |
| GLAM Policies (Transfer Hook) | `po1iCYakK3gHCLbuju4wGzFowTMpAJxkqK1iwUqMonY` | Policy account, Extra account metas PDA |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | State account, Vault PDA, Anchor event authority |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | Tokenized vault mint, Request queue PDA, Escrow PDA, Token ACL gate accounts, Anchor event authority |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | Integration authority PDA, Kamino user, obligation, farm, and vault accounts |
| SPL Integration Staging | `gstgs9nJgX8PmRHWAAEP9H7xT3ZkaPWSGPYbj3mXdTa` | Integration authority PDA |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | Bridge registry PDA, LayerZero OFT route records, Managed transfer records |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | Registered position registry data, Observation state PDA |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | Loopscale strategy accounts, Loopscale loan accounts |
| Neutral Trade Integration Staging | `gstgNyHgtURH7iuMn19GQczzv6Wc9fhPV2WDySZVyKx` | Neutral user bundle account |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | Integration authority PDA, Phoenix trader accounts |
| Jupiter Lend Integration Staging | `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9` | Integration authority PDA |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | Integration authority PDA, Orca Whirlpool positions |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | Integration authority PDA, MarginFi accounts |
| Marinade Integration Staging | `gstgmvM2o7h7GcScvXymH1oFgWskukWWxRHC1UJJ9FJ` | Integration authority PDA |
| Stake Pool Integration Staging | `gstgS4dNeT3BTEQa1aaTS2b8CsAUz1SmwQDGosHSPsw` | Integration authority PDA |

Policies and access control:

Access control has three layers that must be read together:

1. The vault owner has all rights on the vault, but only for functionality enabled at the vault level (e.g., an enabled integration).
2. Integrations are opt-in. A Kamino, SPL, CCTP, Bridge, Registered Positions, Loopscale, Neutral Trade, Phoenix, Jupiter Lend, Orca, or MarginFi instruction requires the corresponding integration to be enabled on the vault before it can run.
3. Delegates start with no rights. Adding a delegate only registers an address; the owner must explicitly grant protocol-specific permissions before that delegate can act.

The recommended operating pattern is for the owner to be a multisig, such as Squads, with timelocks enabled for sensitive changes. Timelocks make policy, fee, integration, and access-control changes visible before they take effect. Emergency access updates are intended for narrow response actions such as disabling a compromised delegate or integration.

Policies apply even when the signer is the owner. Vault policies cover asset allowlists, borrowable assets, transfer destinations, and timelocks. Mint policies cover capacity, minimum subscription and redemption amounts, allowlists, blocklists, lockups, and fulfillment rules. Integration policies add protocol-specific restrictions such as slippage limits, market allowlists, borrow allowlists, vault allowlists, destination allowlists, etc.

Pricing atomicity:

**All pricing instructions for a given pricing operation must be included in the same Solana transaction.**

Splitting pricing instructions across multiple transactions is not supported and will produce incorrect or rejected NAV calculations. Pricing writes per-protocol valuation records into the GLAM state. Subscription fulfillment, redemption fulfillment, fee crystallization, and AUM validation rely on those records being fresh and internally consistent for the same operation.

Remaining-account validation:

Many GLAM instructions accept additional accounts via Anchor's `remaining_accounts` slot — for CPI into external programs, batch operations, or transfer-hook extra metas. These extras are not constrained by Anchor's account-struct macros, so GLAM enforces them inside the instruction: the only vault-controlled accounts the instruction can touch are the ones it is meant to act on.

For example, `jupiter_swap` and `jupiter_swap_v2` reject any vault token accounts in `remaining_accounts` other than the input and output ATAs — preventing a caller from sneaking additional vault token accounts into the route and having them swapped or otherwise mutated.

This is an ongoing effort: per-instruction validation is being applied progressively across every instruction that accepts remaining accounts.

## The Big Seven Account Pattern

Most integration instructions share a standard account pattern before the destination protocol's own accounts appear. This common prefix gives GLAM enough information to authorize the action, prove the vault authority, and invoke the external program. The destination-program accounts that follow then mirror that protocol's instruction requirements one-for-one; GLAM validates the accounts it needs, adds any policy-specific data or checks, and forwards the external protocol accounts through CPI.

| # | Account | Purpose |
| --- | --- | --- |
| 1 | State | GLAM state account owned by the core protocol program. It records owner, enabled integrations, delegate permissions, policies, assets, borrowable assets, timelocks, mint linkage, and pricing records. |
| 2 | Vault | Vault PDA controlled by the core protocol program and derived conceptually from the state account. It acts as the vault authority for SOL, token accounts, and supported registered positions. |
| 3 | Signer / FeePayer | Owner, authorized delegate, manager, or transaction fee payer. Delegates must hold the exact permission required by the instruction. |
| 4 | Integration Authority PDA | PDA controlled by the integration program for integration-level signing and authorization flows. |
| 5 | Destination Program | External program being invoked, such as Kamino, SPL Token, Circle CCTP, LayerZero, Loopscale, Neutral Trade, Phoenix, Jupiter Lend, Orca, or MarginFi. |
| 6 | GLAM Core Protocol Program | Core program used by the integration to authorize vault-signed CPI and update GLAM state where required. |
| 7 | System Program | Solana System Program, required for account creation, SOL movement, rent handling, or PDA-related flows. |

## Overview Table

| Program | Program ID | Instruction | Short Description |
| --- | --- | --- | --- |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`cancel_timelock`](#glam-protocol-cancel_timelock) | Cancels a pending timelocked change on the GLAM state. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`close_state`](#glam-protocol-close_state) | Closes a disabled GLAM state account that is not linked to a mint. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`cpi_proxy`](#glam-protocol-cpi_proxy) | Internal authorization proxy that enabled integration programs use to request vault-signed CPI under core GLAM access checks. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`emergency_access_update`](#glam-protocol-emergency_access_update) | Bypasses timelock for emergency access changes such as disabling a delegate, integration, or state. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`enable_disable_protocols`](#glam-protocol-enable_disable_protocols) | Enables or disables a protocol on a vault's integration ACL. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`extend_state`](#glam-protocol-extend_state) | Extends or reallocates GLAM state capacity for additional configuration data. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`grant_revoke_delegate_permissions`](#glam-protocol-grant_revoke_delegate_permissions) | Grants or revokes delegate permissions limited by integration program and protocol. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`initialize_state`](#glam-protocol-initialize_state) | Initializes a GLAM state account for a vault or related account type. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`jupiter_swap`](#glam-protocol-jupiter_swap) | Executes a Jupiter swap for vault-held assets under GLAM policies and delegate permissions. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`jupiter_swap_v2`](#glam-protocol-jupiter_swap_v2) | Executes a Jupiter swap for vault-held assets under GLAM policies and delegate permissions, with oracle price guardrails. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`link_unlink_mint_by_mint_authority`](#glam-protocol-link_unlink_mint_by_mint_authority) | Internal GLAM Mint authority flow for linking or unlinking a Token-2022 mint to GLAM state. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`reset_priced_protocols_by_mint_authority`](#glam-protocol-reset_priced_protocols_by_mint_authority) | Internal GLAM Mint authority flow for clearing priced-protocol records before repricing. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`set_jupiter_swap_policy`](#glam-protocol-set_jupiter_swap_policy) | Sets Jupiter swap policy including slippage and allowlist guardrails. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`set_protocol_policy`](#glam-protocol-set_protocol_policy) | Sets raw policy bytes for an enabled integration protocol on the GLAM state. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`set_protocol_policy_by_integration_authority`](#glam-protocol-set_protocol_policy_by_integration_authority) | Persists an integration protocol policy using the integration authority PDA. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`set_system_transfer_policy`](#glam-protocol-set_system_transfer_policy) | Sets system SOL transfer policy and destination allowlist guardrails. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`system_transfer`](#glam-protocol-system_transfer) | Transfers SOL or wraps SOL from the vault under GLAM authorization and destination policy. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`token_transfer_checked_by_mint_authority`](#glam-protocol-token_transfer_checked_by_mint_authority) | Internal GLAM Mint authority flow for checked token transfers involving vault-held assets. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`update_mint_params`](#glam-protocol-update_mint_params) | Updates mint-related parameters stored in GLAM state, subject to access control and timelock rules. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`update_mint_params_by_mint_authority`](#glam-protocol-update_mint_params_by_mint_authority) | Internal GLAM Mint authority path for mint-parameter updates that are not owner-timelocked. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`update_priced_protocol`](#glam-protocol-update_priced_protocol) | Internal integration-only update path for publishing priced protocol records into GLAM state. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`update_state`](#glam-protocol-update_state) | Updates GLAM state metadata, policies, assets, ACLs, or owner-controlled settings. |
| GLAM Protocol | `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz` | [`update_state_apply_timelock`](#glam-protocol-update_state_apply_timelock) | Applies a previously proposed timelocked GLAM state update. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`burn_tokens`](#glam-mint-burn_tokens) | Burns GLAM mint/share tokens as part of redemption or manager-controlled token lifecycle. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`cancel`](#glam-mint-cancel) | Cancels an eligible queued subscription or redemption request. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`claim`](#glam-mint-claim) | Claims fulfilled subscription shares or redeemed assets from the mint flow. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`claim_fees`](#glam-mint-claim_fees) | Claims accrued manager or protocol fees from a tokenized vault. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`close_mint`](#glam-mint-close_mint) | Closes a zero-supply GLAM mint after unlinking it from state and clearing its request queue. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`crystallize_fees`](#glam-mint-crystallize_fees) | Calculates and crystallizes time/performance fees for a tokenized vault. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`emergency_update_mint`](#glam-mint-emergency_update_mint) | Emergency mint update path for pausing or changing sensitive mint controls. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`force_transfer_tokens`](#glam-mint-force_transfer_tokens) | Forces movement of share tokens using mint administrative authority. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`fulfill`](#glam-mint-fulfill) | Fulfills pending subscription or redemption requests after required pricing and settlement conditions. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`initialize_mint`](#glam-mint-initialize_mint) | Initializes a new GLAM Token-2022 mint and, for tokenized vaults, the linked GLAM state. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`mint_tokens`](#glam-mint-mint_tokens) | Mints GLAM share tokens under authorized mint-management flow. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`price_kamino_obligations`](#glam-mint-price_kamino_obligations) | Prices Kamino lending obligations held by the vault and records their value for vault AUM. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`price_kamino_vault_shares`](#glam-mint-price_kamino_vault_shares) | Prices Kamino vault share holdings and records their value for vault AUM. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`price_marginfi_accounts`](#glam-mint-price_marginfi_accounts) | Prices MarginFi accounts registered to the vault and records their value for vault AUM. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`price_orca_whirlpool_positions`](#glam-mint-price_orca_whirlpool_positions) | Prices Orca Whirlpool positions registered to the vault and records their value for vault AUM. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`price_registered_positions`](#glam-mint-price_registered_positions) | Prices validated RPI observations for registered positions and records their aggregate value for vault AUM. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`price_single_asset_vault`](#glam-mint-price_single_asset_vault) | Prices a SingleAssetVault by its base asset balance. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`price_vault_tokens`](#glam-mint-price_vault_tokens) | Prices the vault SOL balance and allowlisted token holdings. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`queued_redeem`](#glam-mint-queued_redeem) | Queues a redemption request for later fulfillment and claim. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`queued_subscribe`](#glam-mint-queued_subscribe) | Queues a subscription request for later fulfillment and claim. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`set_mint_policy`](#glam-mint-set_mint_policy) | Sets tokenization policy such as cap, minimums, lockup, allowlist, and blocklist. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`set_protocol_fees`](#glam-mint-set_protocol_fees) | Updates protocol fee configuration for mint flows. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`set_token_accounts_states`](#glam-mint-set_token_accounts_states) | Freezes or thaws Token-2022 token accounts associated with the GLAM mint. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`subscribe`](#glam-mint-subscribe) | Performs an instant subscription into a tokenized vault when policy and valuation allow. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`update_mint`](#glam-mint-update_mint) | Updates mutable mint configuration. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`update_mint_apply_timelock`](#glam-mint-update_mint_apply_timelock) | Applies a pending timelocked mint update. |
| GLAM Mint | `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh` | [`validate_aum`](#glam-mint-validate_aum) | Validates vault AUM after pricing instructions populate priced protocol records. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`farms_harvest_reward`](#kamino-integration-farms_harvest_reward) | Harvests Kamino Farms rewards for a vault-owned farm position. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`farms_initialize_user`](#kamino-integration-farms_initialize_user) | Initializes Kamino Farms user state for a GLAM vault. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`farms_stake`](#kamino-integration-farms_stake) | Stakes vault-held tokens into a Kamino farm. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`farms_unstake`](#kamino-integration-farms_unstake) | Unstakes vault-owned tokens from a Kamino farm. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`farms_withdraw_unstaked_deposits`](#kamino-integration-farms_withdraw_unstaked_deposits) | Withdraws previously unstaked Kamino farm deposits back to vault control. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_borrow_obligation_liquidity_v2`](#kamino-integration-lending_borrow_obligation_liquidity_v2) | Borrows liquidity from Kamino Lending against a vault-owned obligation. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_deposit_reserve_liquidity_and_obligation_collateral_v2`](#kamino-integration-lending_deposit_reserve_liquidity_and_obligation_collateral_v2) | Deposits reserve liquidity into Kamino Lending and receives obligation collateral for the vault. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_init_obligation`](#kamino-integration-lending_init_obligation) | Initializes a Kamino Lending obligation owned by the GLAM vault. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_init_obligation_farms_for_reserve`](#kamino-integration-lending_init_obligation_farms_for_reserve) | Initializes Kamino farm state associated with a lending obligation and reserve. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_init_user_metadata`](#kamino-integration-lending_init_user_metadata) | Initializes Kamino Lending user metadata for the GLAM vault. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_liquidate_obligation_and_redeem_reserve_collateral_v2`](#kamino-integration-lending_liquidate_obligation_and_redeem_reserve_collateral_v2) | Liquidates a Kamino obligation and redeems reserve collateral through the GLAM integration. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_repay_obligation_liquidity_v2`](#kamino-integration-lending_repay_obligation_liquidity_v2) | Repays Kamino Lending liquidity borrowed by a vault-owned obligation. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_request_elevation_group`](#kamino-integration-lending_request_elevation_group) | Requests an elevation group change for a vault-owned Kamino Lending obligation. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`lending_withdraw_obligation_collateral_and_redeem_reserve_collateral_v2`](#kamino-integration-lending_withdraw_obligation_collateral_and_redeem_reserve_collateral_v2) | Withdraws Kamino obligation collateral and redeems it back to reserve liquidity for the vault. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`set_lending_policy`](#kamino-integration-set_lending_policy) | Sets Kamino lending market and borrow allowlists. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`set_vaults_policy`](#kamino-integration-set_vaults_policy) | Sets Kamino vault account allowlist. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`vaults_deposit`](#kamino-integration-vaults_deposit) | Deposits vault assets into an allowlisted Kamino vault. |
| Kamino Integration | `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde` | [`vaults_withdraw`](#kamino-integration-vaults_withdraw) | Withdraws shares or assets from a Kamino vault back to the GLAM vault. |
| SPL Integration | `G1NTsQ36mjPe89HtPYqxKsjY5HmYsDR6CbD2gd2U2pta` | [`set_token_transfer_policy`](#spl-integration-set_token_transfer_policy) | Sets SPL token transfer allowlist policy for vault token movement. |
| SPL Integration | `G1NTsQ36mjPe89HtPYqxKsjY5HmYsDR6CbD2gd2U2pta` | [`token_close_account`](#spl-integration-token_close_account) | Closes a vault-owned SPL token account. |
| SPL Integration | `G1NTsQ36mjPe89HtPYqxKsjY5HmYsDR6CbD2gd2U2pta` | [`token_transfer_checked`](#spl-integration-token_transfer_checked) | Transfers vault SPL/Token-2022 tokens with checked mint decimals under GLAM authorization and transfer policy. |
| CCTP Integration | `G1NTcMDYgNLpDwgnrpSZvoSKQuR9NXG7S3DmtNQCDmrK` | [`deposit_for_burn`](#cctp-integration-deposit_for_burn) | Burns vault USDC through CCTP for an outbound cross-chain transfer. |
| CCTP Integration | `G1NTcMDYgNLpDwgnrpSZvoSKQuR9NXG7S3DmtNQCDmrK` | [`set_cctp_policy`](#cctp-integration-set_cctp_policy) | Sets allowed CCTP destination domains and recipients. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`close`](#glam-config-close) | Closes the global GLAM configuration account. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`delete_asset_meta`](#glam-config-delete_asset_meta) | Deletes asset/oracle metadata from GLAM config. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`deprecate_asset_meta`](#glam-config-deprecate_asset_meta) | Marks a GLAM Config asset metadata record as deprecated. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`initialize`](#glam-config-initialize) | Initializes the global GLAM configuration account. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`update_admin`](#glam-config-update_admin) | Updates the GLAM config admin authority. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`update_fee_authority`](#glam-config-update_fee_authority) | Updates the global GLAM Config fee authority. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`update_protocol_fees`](#glam-config-update_protocol_fees) | Updates protocol-wide fee parameters. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`update_referrer`](#glam-config-update_referrer) | Updates protocol referrer configuration. |
| GLAM Config | `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX` | [`upsert_asset_meta`](#glam-config-upsert_asset_meta) | Creates or updates asset/oracle metadata in GLAM config. |
| GLAM Policies (Transfer Hook) | `po1iCYakK3gHCLbuju4wGzFowTMpAJxkqK1iwUqMonY` | [`close_extra_metas_account`](#glam-policies-transfer-hook-close_extra_metas_account) | Closes a Token-2022 extra-account-metas account for GLAM Policies. |
| GLAM Policies (Transfer Hook) | `po1iCYakK3gHCLbuju4wGzFowTMpAJxkqK1iwUqMonY` | [`close_policy`](#glam-policies-transfer-hook-close_policy) | Closes a GLAM Policies lockup policy account. |
| GLAM Policies (Transfer Hook) | `po1iCYakK3gHCLbuju4wGzFowTMpAJxkqK1iwUqMonY` | [`create_policy`](#glam-policies-transfer-hook-create_policy) | Creates a GLAM Policies account for transfer-hook lockup enforcement. |
| GLAM Policies (Transfer Hook) | `po1iCYakK3gHCLbuju4wGzFowTMpAJxkqK1iwUqMonY` | [`execute`](#glam-policies-transfer-hook-execute) | Executes the GLAM Policies Token-2022 transfer-hook validation path. |
| GLAM Policies (Transfer Hook) | `po1iCYakK3gHCLbuju4wGzFowTMpAJxkqK1iwUqMonY` | [`initialize_extra_metas_account`](#glam-policies-transfer-hook-initialize_extra_metas_account) | Initializes transfer-hook extra-account-metas for a Token-2022 mint. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`add_assets`](#glam-protocol-staging-add_assets) | Adds assets. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`cancel_timelock`](#glam-protocol-staging-cancel_timelock) | Cancels a pending timelocked change on the GLAM state. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`close_state`](#glam-protocol-staging-close_state) | Closes a disabled GLAM state account that is not linked to a mint. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`cpi_proxy`](#glam-protocol-staging-cpi_proxy) | Internal authorization proxy that enabled integration programs use to request vault-signed CPI under core GLAM access checks. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`delete_assets`](#glam-protocol-staging-delete_assets) | Deletes assets. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`emergency_access_update`](#glam-protocol-staging-emergency_access_update) | Bypasses timelock for emergency access changes such as disabling a delegate, integration, or state. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`enable_disable_protocols`](#glam-protocol-staging-enable_disable_protocols) | Enables or disables a protocol on a vault's integration ACL. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`extend_state`](#glam-protocol-staging-extend_state) | Extends or reallocates GLAM state capacity for additional configuration data. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`grant_revoke_delegate_permissions`](#glam-protocol-staging-grant_revoke_delegate_permissions) | Grants or revokes delegate permissions limited by integration program and protocol. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`initialize_state`](#glam-protocol-staging-initialize_state) | Initializes a GLAM state account for a vault or related account type. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`jupiter_swap`](#glam-protocol-staging-jupiter_swap) | Executes a Jupiter swap for vault-held assets under GLAM policies and delegate permissions. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`jupiter_swap_v2`](#glam-protocol-staging-jupiter_swap_v2) | Executes a Jupiter swap for vault-held assets under GLAM policies and delegate permissions, with oracle price guardrails. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`link_unlink_mint_by_mint_authority`](#glam-protocol-staging-link_unlink_mint_by_mint_authority) | Internal GLAM Mint authority flow for linking or unlinking a Token-2022 mint to GLAM state. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`reset_priced_protocols_by_mint_authority`](#glam-protocol-staging-reset_priced_protocols_by_mint_authority) | Internal GLAM Mint authority flow for clearing priced-protocol records before repricing. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`set_jupiter_swap_policy`](#glam-protocol-staging-set_jupiter_swap_policy) | Sets Jupiter swap policy including slippage and allowlist guardrails. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`set_protocol_policy`](#glam-protocol-staging-set_protocol_policy) | Sets raw policy bytes for an enabled integration protocol on the GLAM state. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`set_protocol_policy_by_integration_authority`](#glam-protocol-staging-set_protocol_policy_by_integration_authority) | Persists an integration protocol policy using the integration authority PDA. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`set_system_transfer_policy`](#glam-protocol-staging-set_system_transfer_policy) | Sets system SOL transfer policy and destination allowlist guardrails. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_authorize`](#glam-protocol-staging-stake_authorize) | Performs native stake-program action `stake_authorize` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_deactivate`](#glam-protocol-staging-stake_deactivate) | Performs native stake-program action `stake_deactivate` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_delegate_stake`](#glam-protocol-staging-stake_delegate_stake) | Performs native stake-program action `stake_delegate_stake` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_initialize`](#glam-protocol-staging-stake_initialize) | Performs native stake-program action `stake_initialize` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_merge`](#glam-protocol-staging-stake_merge) | Performs native stake-program action `stake_merge` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_move`](#glam-protocol-staging-stake_move) | Performs native stake-program action `stake_move` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_split`](#glam-protocol-staging-stake_split) | Performs native stake-program action `stake_split` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`stake_withdraw`](#glam-protocol-staging-stake_withdraw) | Performs native stake-program action `stake_withdraw` for a GLAM vault. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`system_transfer`](#glam-protocol-staging-system_transfer) | Transfers SOL or wraps SOL from the vault under GLAM authorization and destination policy. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`token_transfer_checked_by_mint_authority`](#glam-protocol-staging-token_transfer_checked_by_mint_authority) | Internal GLAM Mint authority flow for checked token transfers involving vault-held assets. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`update_mint_params`](#glam-protocol-staging-update_mint_params) | Updates mint-related parameters stored in GLAM state, subject to access control and timelock rules. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`update_mint_params_by_mint_authority`](#glam-protocol-staging-update_mint_params_by_mint_authority) | Internal GLAM Mint authority path for mint-parameter updates that are not owner-timelocked. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`update_priced_protocol`](#glam-protocol-staging-update_priced_protocol) | Internal integration-only update path for publishing priced protocol records into GLAM state. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`update_state`](#glam-protocol-staging-update_state) | Updates GLAM state metadata, policies, assets, ACLs, or owner-controlled settings. |
| GLAM Protocol Staging | `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz` | [`update_state_apply_timelock`](#glam-protocol-staging-update_state_apply_timelock) | Applies a previously proposed timelocked GLAM state update. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`acl_gate_add_wallet`](#glam-mint-staging-acl_gate_add_wallet) | Manages token ACL gate data for `add wallet`. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`acl_gate_create_list`](#glam-mint-staging-acl_gate_create_list) | Manages token ACL gate data for `create list`. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`acl_gate_delete_list`](#glam-mint-staging-acl_gate_delete_list) | Manages token ACL gate data for `delete list`. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`acl_gate_remove_wallet`](#glam-mint-staging-acl_gate_remove_wallet) | Manages token ACL gate data for `remove wallet`. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`acl_gate_setup_extra_metas`](#glam-mint-staging-acl_gate_setup_extra_metas) | Manages token ACL gate data for `setup extra metas`. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`burn_tokens`](#glam-mint-staging-burn_tokens) | Burns GLAM mint/share tokens as part of redemption or manager-controlled token lifecycle. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`cancel`](#glam-mint-staging-cancel) | Cancels an eligible queued subscription or redemption request. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`claim`](#glam-mint-staging-claim) | Claims fulfilled subscription shares or redeemed assets from the mint flow. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`claim_fees`](#glam-mint-staging-claim_fees) | Claims accrued manager or protocol fees from a tokenized vault. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`close_mint`](#glam-mint-staging-close_mint) | Closes a zero-supply GLAM mint after unlinking it from state and clearing its request queue. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`crystallize_fees`](#glam-mint-staging-crystallize_fees) | Calculates and crystallizes time/performance fees for a tokenized vault. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`emergency_update_mint`](#glam-mint-staging-emergency_update_mint) | Emergency mint update path for pausing or changing sensitive mint controls. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`enable_token_acl`](#glam-mint-staging-enable_token_acl) | Enable Token Acl instruction. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`force_transfer_tokens`](#glam-mint-staging-force_transfer_tokens) | Forces movement of share tokens using mint administrative authority. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`fulfill`](#glam-mint-staging-fulfill) | Fulfills pending subscription or redemption requests after required pricing and settlement conditions. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`initialize_mint`](#glam-mint-staging-initialize_mint) | Initializes a new GLAM Token-2022 mint and, for tokenized vaults, the linked GLAM state. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`mint_tokens`](#glam-mint-staging-mint_tokens) | Mints GLAM share tokens under authorized mint-management flow. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_bridge_managed_transfers`](#glam-mint-staging-price_bridge_managed_transfers) | Prices bridge-managed inflight transfers and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_kamino_obligations`](#glam-mint-staging-price_kamino_obligations) | Prices Kamino lending obligations held by the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_kamino_vault_shares`](#glam-mint-staging-price_kamino_vault_shares) | Prices Kamino vault share holdings and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_loopscale_loans`](#glam-mint-staging-price_loopscale_loans) | Prices Loopscale loan positions held by the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_loopscale_strategies`](#glam-mint-staging-price_loopscale_strategies) | Prices Loopscale strategy accounts registered to the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_loopscale_vault_positions`](#glam-mint-staging-price_loopscale_vault_positions) | Prices Loopscale vault LP and stake positions registered to the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_marginfi_accounts`](#glam-mint-staging-price_marginfi_accounts) | Prices MarginFi accounts registered to the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_neutral_bundle_depositors`](#glam-mint-staging-price_neutral_bundle_depositors) | Prices Neutral bundle depositor positions held by the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_orca_whirlpool_positions`](#glam-mint-staging-price_orca_whirlpool_positions) | Prices Orca Whirlpool positions registered to the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_phoenix_traders`](#glam-mint-staging-price_phoenix_traders) | Prices Phoenix trader accounts registered to the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_registered_positions`](#glam-mint-staging-price_registered_positions) | Prices validated RPI observations for registered positions and records their aggregate value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_single_asset_vault`](#glam-mint-staging-price_single_asset_vault) | Prices a SingleAssetVault by its base asset balance. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_stake_accounts`](#glam-mint-staging-price_stake_accounts) | Prices native stake accounts tracked by the vault and records their value for vault AUM. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`price_vault_tokens`](#glam-mint-staging-price_vault_tokens) | Prices the vault SOL balance and allowlisted token holdings. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`queued_redeem`](#glam-mint-staging-queued_redeem) | Queues a redemption request for later fulfillment and claim. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`queued_subscribe`](#glam-mint-staging-queued_subscribe) | Queues a subscription request for later fulfillment and claim. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`set_mint_policy`](#glam-mint-staging-set_mint_policy) | Sets tokenization policy such as cap, minimums, lockup, allowlist, and blocklist. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`set_protocol_fees`](#glam-mint-staging-set_protocol_fees) | Updates protocol fee configuration for mint flows. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`set_token_accounts_states`](#glam-mint-staging-set_token_accounts_states) | Freezes or thaws Token-2022 token accounts associated with the GLAM mint. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`subscribe`](#glam-mint-staging-subscribe) | Performs an instant subscription into a tokenized vault when policy and valuation allow. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`token_acl_freeze`](#glam-mint-staging-token_acl_freeze) | Applies token ACL `freeze` behavior to a mint token account. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`token_acl_thaw`](#glam-mint-staging-token_acl_thaw) | Applies token ACL `thaw` behavior to a mint token account. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`update_mint`](#glam-mint-staging-update_mint) | Updates mutable mint configuration. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`update_mint_apply_timelock`](#glam-mint-staging-update_mint_apply_timelock) | Applies a pending timelocked mint update. |
| GLAM Mint Staging | `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5` | [`validate_aum`](#glam-mint-staging-validate_aum) | Validates vault AUM after pricing instructions populate priced protocol records. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`farms_harvest_reward`](#kamino-integration-staging-farms_harvest_reward) | Harvests Kamino Farms rewards for a vault-owned farm position. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`farms_initialize_user`](#kamino-integration-staging-farms_initialize_user) | Initializes Kamino Farms user state for a GLAM vault. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`farms_stake`](#kamino-integration-staging-farms_stake) | Stakes vault-held tokens into a Kamino farm. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`farms_unstake`](#kamino-integration-staging-farms_unstake) | Unstakes vault-owned tokens from a Kamino farm. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`farms_withdraw_unstaked_deposits`](#kamino-integration-staging-farms_withdraw_unstaked_deposits) | Withdraws previously unstaked Kamino farm deposits back to vault control. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_borrow_obligation_liquidity_v2`](#kamino-integration-staging-lending_borrow_obligation_liquidity_v2) | Borrows liquidity from Kamino Lending against a vault-owned obligation. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_deposit_reserve_liquidity_and_obligation_collateral_v2`](#kamino-integration-staging-lending_deposit_reserve_liquidity_and_obligation_collateral_v2) | Deposits reserve liquidity into Kamino Lending and receives obligation collateral for the vault. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_init_obligation`](#kamino-integration-staging-lending_init_obligation) | Initializes a Kamino Lending obligation owned by the GLAM vault. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_init_obligation_farms_for_reserve`](#kamino-integration-staging-lending_init_obligation_farms_for_reserve) | Initializes Kamino farm state associated with a lending obligation and reserve. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_init_user_metadata`](#kamino-integration-staging-lending_init_user_metadata) | Initializes Kamino Lending user metadata for the GLAM vault. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_liquidate_obligation_and_redeem_reserve_collateral_v2`](#kamino-integration-staging-lending_liquidate_obligation_and_redeem_reserve_collateral_v2) | Liquidates a Kamino obligation and redeems reserve collateral through the GLAM integration. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_repay_obligation_liquidity_v2`](#kamino-integration-staging-lending_repay_obligation_liquidity_v2) | Repays Kamino Lending liquidity borrowed by a vault-owned obligation. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_request_elevation_group`](#kamino-integration-staging-lending_request_elevation_group) | Requests an elevation group change for a vault-owned Kamino Lending obligation. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`lending_withdraw_obligation_collateral_and_redeem_reserve_collateral_v2`](#kamino-integration-staging-lending_withdraw_obligation_collateral_and_redeem_reserve_collateral_v2) | Withdraws Kamino obligation collateral and redeems it back to reserve liquidity for the vault. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`set_lending_policy`](#kamino-integration-staging-set_lending_policy) | Sets Kamino lending market and borrow allowlists. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`set_vaults_policy`](#kamino-integration-staging-set_vaults_policy) | Sets Kamino vault account allowlist. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`vaults_deposit`](#kamino-integration-staging-vaults_deposit) | Deposits vault assets into an allowlisted Kamino vault. |
| Kamino Integration Staging | `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq` | [`vaults_withdraw`](#kamino-integration-staging-vaults_withdraw) | Withdraws shares or assets from a Kamino vault back to the GLAM vault. |
| SPL Integration Staging | `gstgs9nJgX8PmRHWAAEP9H7xT3ZkaPWSGPYbj3mXdTa` | [`set_token_transfer_policy`](#spl-integration-staging-set_token_transfer_policy) | Sets SPL token transfer allowlist policy for vault token movement. |
| SPL Integration Staging | `gstgs9nJgX8PmRHWAAEP9H7xT3ZkaPWSGPYbj3mXdTa` | [`token_close_account`](#spl-integration-staging-token_close_account) | Closes a vault-owned SPL token account. |
| SPL Integration Staging | `gstgs9nJgX8PmRHWAAEP9H7xT3ZkaPWSGPYbj3mXdTa` | [`token_transfer_checked`](#spl-integration-staging-token_transfer_checked) | Transfers vault SPL/Token-2022 tokens with checked mint decimals under GLAM authorization and transfer policy. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`add_layerzero_oft_route`](#bridge-integration-staging-add_layerzero_oft_route) | Add Layerzero Oft Route configuration action. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`commit_oft_transfer`](#bridge-integration-staging-commit_oft_transfer) | Verifies the OFT send completed and records the resulting transfer. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`delete_layerzero_oft_route`](#bridge-integration-staging-delete_layerzero_oft_route) | Delete Layerzero Oft Route configuration action. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`prepare_oft_transfer`](#bridge-integration-staging-prepare_oft_transfer) | Prepares the auxiliary token account used by the OFT transfer flow. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`price_managed_transfers`](#bridge-integration-staging-price_managed_transfers) | Prices managed inflight transfers and publishes aggregated amount. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`settle_managed_transfer`](#bridge-integration-staging-settle_managed_transfer) | Settles a managed inflight transfer and removes it from the registry. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`update_layerzero_oft_route`](#bridge-integration-staging-update_layerzero_oft_route) | Update Layerzero Oft Route configuration action. |
| Bridge Integration Staging | `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA` | [`validate_managed_transfer`](#bridge-integration-staging-validate_managed_transfer) | Validates a managed inflight transfer so that it becomes priceable. |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | [`remove_registered_position`](#registered-positions-integration-staging-remove_registered_position) | Removes a registered position from the RPI policy and observation state. |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | [`submit_observation`](#registered-positions-integration-staging-submit_observation) | Submits a trusted raw observation for a configured registered position. |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | [`submit_observation_wormhole`](#registered-positions-integration-staging-submit_observation_wormhole) | Submits a Wormhole Guardian-verified observation for a configured registered position. |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | [`upsert_registered_position`](#registered-positions-integration-staging-upsert_registered_position) | Creates or updates a registered position configuration. |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | [`upsert_registered_position_wormhole_config`](#registered-positions-integration-staging-upsert_registered_position_wormhole_config) | Creates or updates Wormhole verification config for a Wormhole-sourced registered position. |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | [`upsert_registered_position_wormhole_hyperliquid_config`](#registered-positions-integration-staging-upsert_registered_position_wormhole_hyperliquid_config) | Creates or updates Hyperliquid payload constraints for a Wormhole-sourced registered position. |
| Registered Positions Integration Staging | `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX` | [`validate_observation`](#registered-positions-integration-staging-validate_observation) | Validates a pending observation, normalizes it into the vault base asset, and promotes it for pricing. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`borrow_principal`](#loopscale-integration-staging-borrow_principal) | Borrow principal against a locked loan. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`claim_vault_rewards`](#loopscale-integration-staging-claim_vault_rewards) | Claims vault rewards. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`close_loan`](#loopscale-integration-staging-close_loan) | Close an existing Loopscale loan PDA. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`close_strategy`](#loopscale-integration-staging-close_strategy) | Close a direct lender strategy owned by the GLAM vault. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`create_loan`](#loopscale-integration-staging-create_loan) | Create a new Loopscale loan PDA owned by the GLAM vault. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`create_strategy`](#loopscale-integration-staging-create_strategy) | Create a direct lender strategy owned by the GLAM vault. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`deposit_collateral`](#loopscale-integration-staging-deposit_collateral) | Deposit collateral into a Loopscale loan. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`deposit_strategy`](#loopscale-integration-staging-deposit_strategy) | Deposit principal into a direct lender strategy. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`deposit_user_vault`](#loopscale-integration-staging-deposit_user_vault) | Deposits user vault. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`repay_principal`](#loopscale-integration-staging-repay_principal) | Repay principal on a Loopscale loan. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`sell_ledger`](#loopscale-integration-staging-sell_ledger) | Sell a loan ledger from one strategy to another. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`set_borrow_policy`](#loopscale-integration-staging-set_borrow_policy) | Set the Loopscale borrow policy (collateral allowlist and market policies). |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`set_lending_policy`](#loopscale-integration-staging-set_lending_policy) | Set the Loopscale lending policy (allowlists, market policies, and sell-ledger limits). |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`set_vault_policy`](#loopscale-integration-staging-set_vault_policy) | Set the Loopscale vault policy (vault allowlist). |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`stake_user_vault_lp`](#loopscale-integration-staging-stake_user_vault_lp) | Stakes user vault lp. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`unstake_user_vault_lp`](#loopscale-integration-staging-unstake_user_vault_lp) | Unstakes user vault lp. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`update_strategy`](#loopscale-integration-staging-update_strategy) | Update direct lender strategy terms. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`update_weight_matrix`](#loopscale-integration-staging-update_weight_matrix) | Update the collateral weight matrix on a loan. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`withdraw_collateral`](#loopscale-integration-staging-withdraw_collateral) | Withdraw collateral from a Loopscale loan. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`withdraw_strategy`](#loopscale-integration-staging-withdraw_strategy) | Withdraw principal from a direct lender strategy. |
| Loopscale Integration Staging | `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG` | [`withdraw_user_vault`](#loopscale-integration-staging-withdraw_user_vault) | Withdraws user vault. |
| Neutral Trade Integration Staging | `gstgNyHgtURH7iuMn19GQczzv6Wc9fhPV2WDySZVyKx` | [`close_user_bundle_account`](#neutral-trade-integration-staging-close_user_bundle_account) | Close an empty Neutral user bundle account and remove it from GLAM registered positions. |
| Neutral Trade Integration Staging | `gstgNyHgtURH7iuMn19GQczzv6Wc9fhPV2WDySZVyKx` | [`initialize_bundle_depositor`](#neutral-trade-integration-staging-initialize_bundle_depositor) | Initialize a non-permissioned Neutral user bundle account for the GLAM vault. |
| Neutral Trade Integration Staging | `gstgNyHgtURH7iuMn19GQczzv6Wc9fhPV2WDySZVyKx` | [`request_deposit`](#neutral-trade-integration-staging-request_deposit) | Request a Neutral bundle deposit from the GLAM vault's token account. |
| Neutral Trade Integration Staging | `gstgNyHgtURH7iuMn19GQczzv6Wc9fhPV2WDySZVyKx` | [`request_withdrawal`](#neutral-trade-integration-staging-request_withdrawal) | Request a Neutral bundle withdrawal for the GLAM vault. |
| Neutral Trade Integration Staging | `gstgNyHgtURH7iuMn19GQczzv6Wc9fhPV2WDySZVyKx` | [`set_ntbundle_policy`](#neutral-trade-integration-staging-set_ntbundle_policy) | Sets the NT bundle allowlist policy. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`cancel_all`](#phoenix-integration-staging-cancel_all) | Cancels all of the trader's resting orders on the market identified by the orderbook account. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`cancel_orders_by_id`](#phoenix-integration-staging-cancel_orders_by_id) | Cancels specific resting orders by their order IDs. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`cancel_up_to`](#phoenix-integration-staging-cancel_up_to) | Cancels orders on one side of the book up to an optional count and/or tick limit. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`deposit`](#phoenix-integration-staging-deposit) | Ember deposit: converts the vault's input mint into the Phoenix-side output mint. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`deposit_funds`](#phoenix-integration-staging-deposit_funds) | Deposits base or quote mint tokens from the vault's token account into the Phoenix trader account. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`place_limit_order`](#phoenix-integration-staging-place_limit_order) | Places a limit order; the unfilled portion rests on the orderbook. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`place_market_order`](#phoenix-integration-staging-place_market_order) | Places an immediate-or-cancel market order; unfilled size is dropped rather than rested. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`place_multi_limit_order`](#phoenix-integration-staging-place_multi_limit_order) | Places multiple limit orders (bids and/or asks) on a single market in one CPI. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`register_trader`](#phoenix-integration-staging-register_trader) | Initializes a Phoenix trader account (parent or child subaccount) owned by the vault. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`set_phoenix_policy`](#phoenix-integration-staging-set_phoenix_policy) | Sets the GLAM Phoenix policy (market allowlist, order types, and price-deviation limits) on the vault state. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`sync_parent_to_child`](#phoenix-integration-staging-sync_parent_to_child) | Syncs collateral and state from a parent trader account down to a child subaccount. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`transfer_collateral`](#phoenix-integration-staging-transfer_collateral) | Transfers collateral from a source trader subaccount to a destination trader subaccount. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`transfer_collateral_child_to_parent`](#phoenix-integration-staging-transfer_collateral_child_to_parent) | Transfers collateral from a child subaccount back to its parent trader account. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`update_trader_state`](#phoenix-integration-staging-update_trader_state) | Refreshes the trader account's cached state (PnL, funding, margin) against current market data. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`withdraw`](#phoenix-integration-staging-withdraw) | Ember withdraw: converts the Phoenix-side output mint back to the input mint; `None` = full balance. |
| Phoenix Integration Staging | `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L` | [`withdraw_funds`](#phoenix-integration-staging-withdraw_funds) | Withdraws base or quote mint tokens from the Phoenix trader account back to the vault's token account. |
| Jupiter Lend Integration Staging | `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9` | [`borrow_init_position`](#jupiter-lend-integration-staging-borrow_init_position) | Initialize a Jupiter Borrow position NFT owned by the GLAM vault. |
| Jupiter Lend Integration Staging | `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9` | [`borrow_operate`](#jupiter-lend-integration-staging-borrow_operate) | Operate a Jupiter Borrow position. Required permissions are derived from signed deltas: positive collateral = deposit, negative collateral = withdraw, positive debt = borrow, negative debt = repay. |
| Jupiter Lend Integration Staging | `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9` | [`earn_deposit`](#jupiter-lend-integration-staging-earn_deposit) | Deposit underlying tokens into Jupiter Earn and mint jlTokens to the GLAM vault. |
| Jupiter Lend Integration Staging | `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9` | [`earn_withdraw`](#jupiter-lend-integration-staging-earn_withdraw) | Burn Jupiter Earn jlTokens and withdraw underlying tokens to the GLAM vault. |
| Jupiter Lend Integration Staging | `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9` | [`set_borrow_policy`](#jupiter-lend-integration-staging-set_borrow_policy) | Set the Jupiter Borrow policy on the GLAM state. |
| Jupiter Lend Integration Staging | `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9` | [`set_earn_policy`](#jupiter-lend-integration-staging-set_earn_policy) | Set the Jupiter Earn policy on the GLAM state. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`close_position_with_token_extensions`](#orca-integration-staging-close_position_with_token_extensions) | Close an empty Token-2022 Orca Whirlpools position owned by the GLAM vault. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`collect_fees_v2`](#orca-integration-staging-collect_fees_v2) | Collect accrued pool fees using Token-2022-aware accounts. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`collect_reward_v2`](#orca-integration-staging-collect_reward_v2) | Collect one reward emission using Token-2022-aware accounts. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`decrease_liquidity_v2`](#orca-integration-staging-decrease_liquidity_v2) | Decrease liquidity in an Orca Whirlpools position using Token-2022-aware accounts. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`increase_liquidity_by_token_amounts_v2`](#orca-integration-staging-increase_liquidity_by_token_amounts_v2) | Increase liquidity by token amount bounds using Token-2022-aware accounts. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`increase_liquidity_v2`](#orca-integration-staging-increase_liquidity_v2) | Increase liquidity in an Orca Whirlpools position using Token-2022-aware accounts. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`initialize_tick_array`](#orca-integration-staging-initialize_tick_array) | Initialize an Orca fixed tick array for an allowlisted Whirlpool. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`open_position_with_token_extensions`](#orca-integration-staging-open_position_with_token_extensions) | Open a Token-2022 Orca Whirlpools position owned by the GLAM vault. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`reposition_liquidity_v2`](#orca-integration-staging-reposition_liquidity_v2) | Reposition liquidity into a new Orca Whirlpools tick range. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`set_whirlpools_policy`](#orca-integration-staging-set_whirlpools_policy) | Set the Orca Whirlpools policy for a GLAM vault. |
| Orca Integration Staging | `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy` | [`update_fees_and_rewards`](#orca-integration-staging-update_fees_and_rewards) | Update accrued fees and rewards for an Orca Whirlpools position. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`kamino_deposit`](#marginfi-integration-staging-kamino_deposit) | Deposits Kamino-backed collateral into a MarginFi account. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`kamino_withdraw`](#marginfi-integration-staging-kamino_withdraw) | Withdraws Kamino-backed collateral from a MarginFi account. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`lending_account_borrow`](#marginfi-integration-staging-lending_account_borrow) | Borrows liquidity from MarginFi into the GLAM vault. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`lending_account_deposit`](#marginfi-integration-staging-lending_account_deposit) | Deposits liquidity from the GLAM vault into a MarginFi account. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`lending_account_repay`](#marginfi-integration-staging-lending_account_repay) | Repays borrowed liquidity from the GLAM vault to a MarginFi account. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`lending_account_withdraw`](#marginfi-integration-staging-lending_account_withdraw) | Withdraws liquidity from a MarginFi account to the GLAM vault. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`marginfi_account_close`](#marginfi-integration-staging-marginfi_account_close) | Closes an empty MarginFi account PDA owned by the GLAM vault. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`marginfi_account_initialize_pda`](#marginfi-integration-staging-marginfi_account_initialize_pda) | Initializes a MarginFi account PDA owned by the GLAM vault. |
| MarginFi Integration Staging | `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY` | [`set_marginfi_policy`](#marginfi-integration-staging-set_marginfi_policy) | Sets the MarginFi policy for group, bank, and borrow-token allowlists. |
| Marinade Integration Staging | `gstgmvM2o7h7GcScvXymH1oFgWskukWWxRHC1UJJ9FJ` | [`deposit`](#marinade-integration-staging-deposit) | Deposits. |
| Marinade Integration Staging | `gstgmvM2o7h7GcScvXymH1oFgWskukWWxRHC1UJJ9FJ` | [`deposit_stake_account`](#marinade-integration-staging-deposit_stake_account) | Deposits stake account. |
| Marinade Integration Staging | `gstgmvM2o7h7GcScvXymH1oFgWskukWWxRHC1UJJ9FJ` | [`liquid_unstake`](#marinade-integration-staging-liquid_unstake) | Liquid unstake. |
| Marinade Integration Staging | `gstgmvM2o7h7GcScvXymH1oFgWskukWWxRHC1UJJ9FJ` | [`withdraw_stake_account`](#marinade-integration-staging-withdraw_stake_account) | Withdraws stake account. |
| Stake Pool Integration Staging | `gstgS4dNeT3BTEQa1aaTS2b8CsAUz1SmwQDGosHSPsw` | [`deposit_sol`](#stake-pool-integration-staging-deposit_sol) | Deposits sol. |
| Stake Pool Integration Staging | `gstgS4dNeT3BTEQa1aaTS2b8CsAUz1SmwQDGosHSPsw` | [`deposit_stake`](#stake-pool-integration-staging-deposit_stake) | Deposits stake. |
| Stake Pool Integration Staging | `gstgS4dNeT3BTEQa1aaTS2b8CsAUz1SmwQDGosHSPsw` | [`withdraw_sol`](#stake-pool-integration-staging-withdraw_sol) | Withdraws sol. |
| Stake Pool Integration Staging | `gstgS4dNeT3BTEQa1aaTS2b8CsAUz1SmwQDGosHSPsw` | [`withdraw_stake`](#stake-pool-integration-staging-withdraw_stake) | Withdraws stake. |

## Detailed Instruction Sections

## GLAM Protocol

Program ID: `GLAMpaME8wdTEzxtiYEAa5yD8fZbxZiz2hNtV58RZiEz`

Main vault program. It owns the GLAM state model, derives the vault PDA, enforces integration and delegate ACLs, applies vault policies and timelocks, and hosts native integrations such as system transfers and Jupiter swaps. Once the CPI depth limit is increased to 8, Jupiter Swap will be moved to its own integration program.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| State account | GLAM Protocol | Canonical vault record for metadata, owner, enabled integrations, delegates, policies, assets, borrowable assets, timelock settings, and pricing records. |
| Vault PDA | Controlled by GLAM Protocol | Asset-holding account derived from the state account. Integrations use it as the vault authority for token accounts and external protocol positions. |
| Anchor event authority | GLAM Protocol | Program-derived event helper used when instructions emit Anchor events. |

Integration notes:

- Relevant official references: [Solana Program Derived Addresses](https://solana.com/docs/core/pda), [Solana documentation](https://solana.com/docs).

### GLAM Protocol: cancel_timelock

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.
- Cancels any pending timelock update by clearing pending state and mint changes and resetting the timelock deadline. Can be called before expiry; succeeds even when no update is pending.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: close_state

Required conditions:

- The state owner must sign; this owner check is defined by the close-state account constraints.
- The state must not be linked to a GLAM mint; the instruction checks that the mint field is the default public key before closure.
- The state must already be disabled; the instruction rejects closure while the state enabled flag is true.
- The vault PDA must be writable so any remaining SOL balance can be transferred to the signer before the state account is closed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `system_program` | read-only | Solana System Program. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: cpi_proxy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `integration_authority` | signer | Program-derived authority used by the integration for downstream invocation. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `data` | `bytes` |  |
| `extra_params` | `vec<ExtraParams>` |  |

Policy and permission requirements:

- `glam_signer` must be the GLAM owner or a registered delegate.
- `integration_authority` must be an authorized integration PDA enabled in `integration_acls` before the CPI program is invoked and any extra params are applied.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: emergency_access_update

Required conditions:

- The update must be limited to emergency access actions: removing an integration, removing a delegate, or enabling or disabling the GLAM state.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `EmergencyAccessUpdateArgs` |  |

Policy and permission requirements:

- Only the GLAM owner can call; delegates are rejected.
- Allowed actions: remove an integration, remove a delegate, or enable or disable the GLAM state.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: enable_disable_protocols

Required conditions:

- The selected integration program and protocol selection are written into the state integration ACL; disabling a protocol prevents both owner-driven delegated use and delegate-driven use of that protocol through integration checks.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `integration_program` | `pubkey` |  |
| `protocols_bitmask` | `u16` |  |
| `set_enabled` | `bool` |  |

Policy and permission requirements:

- Only the GLAM owner can call; delegates are rejected even when they hold matching protocol permissions.
- SingleAssetVault states are rejected; only Vault, TokenizedVault, and Mint state types are accepted.
- When the state has a non-zero timelock duration, the change is staged into the pending state update; otherwise it is applied directly.

TypeScript SDK usage:

```typescript
import { GlamClient, getProgramAndBitflagByProtocolName } from "@glamsystems/glam-sdk";
import { PublicKey } from "@solana/web3.js";

const glamClient = new GlamClient({ statePda: vaultState });
const [program, bitflag] = getProgramAndBitflagByProtocolName()["KaminoVaults"];
await glamClient.access.enableProtocols(new PublicKey(program), parseInt(bitflag, 2));
```

### GLAM Protocol: extend_state

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `bytes` | `u32` |  |

Policy and permission requirements:

- No owner or delegate access check is enforced. Any signer can extend the state account; `glam_signer` is the rent payer for the additional space.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: grant_revoke_delegate_permissions

Required conditions:

- The delegate public key, integration program, protocol selection, and permission set must be provided explicitly; the resulting delegate ACL entry grants only those exact capabilities.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `delegate` | `pubkey` |  |
| `integration_program` | `pubkey` |  |
| `protocol_bitflag` | `u16` |  |
| `permissions_bitmask` | `u64` |  |
| `set_granted` | `bool` |  |

Policy and permission requirements:

- Only the GLAM owner can call; delegates cannot grant or revoke delegate permissions.

TypeScript SDK usage:

```typescript
import { BN } from "@coral-xyz/anchor";
import { PublicKey } from "@solana/web3.js";

await glamClient.access.grantDelegatePermissions(
  new PublicKey(delegate),
  new PublicKey(integrationProgram),
  protocolBitflag,
  new BN(0b11),
);
```

### GLAM Protocol: initialize_state

Required conditions:

- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `system_program` | read-only | Solana System Program. |
| `base_asset_mint` | read-only | Token mint account used or validated by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `state` | `StateModel` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
import { GlamClient, StateAccountType, nameToChars } from "@glamsystems/glam-sdk";

const glamClient = new GlamClient();
await glamClient.state.create({
  accountType: StateAccountType.VAULT,
  name: nameToChars("Managed Vault"),
});
```

### GLAM Protocol: jupiter_swap

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `input_stake_pool` | optional | Stake, stake-pool, or staking-related account. |
| `output_stake_pool` | optional | Stake, stake-pool, or staking-related account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `data` | `bytes` |  |

Policy and permission requirements:

- SingleAssetVault states are rejected.
- Caller: GLAM owner, or a delegate with one of GLAM Protocol / Jupiter Swap / `SwapToAny`, `SwapFromAny`, `SwapAllowlisted`, or `SwapLst` — selected from the configured `JupiterSwapPolicy` allowlist and from whether both mints resolve as LSTs through the supplied stake-pool accounts.
- Slippage is bounded by the `JupiterSwapPolicy.max_slippage_bps` setting.
- `remaining_accounts` may not include vault token accounts other than the input and output ATAs.

TypeScript SDK usage:

```typescript
import { GlamClient, WSOL } from "@glamsystems/glam-sdk";

const glamClient = new GlamClient({ jupiterApiKey: "YOUR_API_KEY" });
await glamClient.jupiterSwap.swap({
  quoteParams: {
    inputMint: WSOL.toBase58(),
    outputMint: usdcMint.toBase58(),
    amount: 1_000_000_000,
    slippageBps: 50,
  },
});
```

### GLAM Protocol: jupiter_swap_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `input_stake_pool` | optional | Stake, stake-pool, or staking-related account. |
| `output_stake_pool` | optional | Stake, stake-pool, or staking-related account. |
| `glam_config` | optional | Global GLAM configuration account for fee and asset/oracle metadata. |
| `sol_usd_oracle` | optional | Oracle or price account used for valuation or downstream validation. |
| `input_token_oracle` | optional | Oracle or price account used for valuation or downstream validation. |
| `output_token_oracle` | optional | Oracle or price account used for valuation or downstream validation. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `skip_quote_price_check` | `bool` |  |
| `data` | `bytes` |  |

Policy and permission requirements:

- SingleAssetVault states are rejected.
- Caller: GLAM owner, or a delegate with one of GLAM Protocol / Jupiter Swap / `SwapToAny`, `SwapFromAny`, `SwapAllowlisted`, or `SwapLst` — selected from the configured `JupiterSwapPolicy` allowlist and from whether both mints resolve as LSTs through the supplied stake-pool accounts.
- Slippage is bounded by the `JupiterSwapPolicy.max_slippage_bps` setting.
- The instruction performs a quote-vs-oracle price check using the supplied SOL/input/output oracles validated against `glam_config` asset metas. The check is skipped only when the signer holds GLAM Protocol / Jupiter Swap / `SkipQuotePriceCheck` (unconditional skip), or `SkipQuotePriceCheckLimited` and the output token has no oracle configured in `glam_config` (limited skip).
- `remaining_accounts` may not include vault token accounts other than the input and output ATAs.

TypeScript SDK usage:

```typescript
await glamClient.jupiterSwap.swapV2({
  quoteParams,
  skipQuotePriceCheck: false,
  trackingAccount,
});
```

### GLAM Protocol: link_unlink_mint_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer | Token mint account used or validated by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `link` | `bool` |  |

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). Owner and delegate signers are not accepted; this is an internal callback path used by GLAM Mint to link or unlink `state.mint`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: reset_priced_protocols_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer | Token mint account used or validated by this instruction. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). Owner and delegate signers are not accepted; the instruction clears `priced_protocols` and is an internal callback path used by GLAM Mint.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: set_jupiter_swap_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `JupiterSwapPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Non-empty policy data requires the native GLAM Protocol `JupiterSwap` bit to already be enabled in `integration_acls`.
- Empty policy data clears the existing policy.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: set_protocol_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `integration_program` | `pubkey` |  |
| `protocol_bitflag` | `u16` |  |
| `data` | `bytes` |  |

Policy and permission requirements:

- Only the GLAM owner can call.
- Non-empty policy data requires the target integration program and protocol bit to already be enabled in `integration_acls`. Empty data only deletes or no-ops.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: set_protocol_policy_by_integration_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_protocol_policy_by_integration_authority` instruction (see program source for the full constraint). |
| `integration_program` | read-only | `integration_program` account required by the `set_protocol_policy_by_integration_authority` instruction (see program source for the full constraint). |
| `integration_authority` | signer | `integration_authority` account required by the `set_protocol_policy_by_integration_authority` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `protocol_bitflag` | `u16` |  |
| `data` | `bytes` |  |

Policy and permission requirements:

- `integration_authority` must be the PDA derived for the supplied `integration_program`.
- The supplied integration program must already be enabled in the GLAM state's integration ACLs.
- On mainnet, the integration program must also be in GLAM's integration-program allowlist.
- The instruction writes policy data directly through the integration authority path; owner/delegate signer authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: set_system_transfer_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `TransferPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Non-empty policy data requires the native GLAM Protocol `System` bit to already be enabled in `integration_acls`.
- Empty policy data clears the existing policy.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: system_transfer

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `to` | writable | to account read or updated by GLAM Protocol's system transfer instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `lamports` | `u64` |  |

Policy and permission requirements:

- SingleAssetVault states are rejected.
- Signer must be the GLAM owner or a delegate with the appropriate System permission for the destination kind:
-   • WSOL token-account destinations owned by the vault require System `WSOL`.
-   • Stake-account destinations require Stake `Stake` and the stake account's withdraw authority must be the vault.
-   • Other destinations check the `TransferPolicy` destination allowlist and require System `Transfer`. WSOL token accounts owned by an allowlisted address use this same `Transfer` path and additionally require the vault not to be a tokenized vault.
- There is no mint/asset or amount policy on this instruction.

TypeScript SDK usage:

```typescript
await glamClient.vault.systemTransfer(
  1_000_000_000,
  recipient,
);
```

### GLAM Protocol: token_transfer_checked_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer, writable | Token mint account used or validated by this instruction. |
| `from` | writable | from account read or updated by GLAM Protocol's token transfer checked by mint authority instruction. |
| `to` | writable | to account read or updated by GLAM Protocol's token transfer checked by mint authority instruction. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `token_program` | read-only | Token program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `decimals` | `u8` |  |

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). The transfer comes from the vault PDA. No owner/delegate or transfer-policy check is performed.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: update_mint_params

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `vec<EngineField>` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: update_mint_params_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer | Token mint account used or validated by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `vec<EngineField>` |  |

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). Validated mint EngineFields are written directly; the path bypasses owner/timelock authorization.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: update_priced_protocol

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `integration_authority` | signer | Program-derived authority used by the integration for downstream invocation. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `priced_protocol` | `PricedProtocol` |  |

Policy and permission requirements:

- Signer must be an integration authority PDA. GLAM Mint may update any priced protocol; other integration authorities must match `priced_protocol.integration_program`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: update_state

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `state` | `StateModel` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol: update_state_apply_timelock

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call; delegates are rejected.
- Requires a timelock layout to be staged on the state; calls against states without staged timelock storage are rejected.
- The staged timelock deadline must have elapsed; pre-deadline calls are rejected. The instruction does not check that a pending change actually exists — it materializes whatever is currently staged and clears the timelock state.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## GLAM Mint

Program ID: `GM1NtvvnSXUptTrMCqbogAdZJydZSNv98DoU5AZVLmGh`

Tokenized vault and mint lifecycle program. It initializes Token-2022 share mints, handles subscription and redemption flows, pricing/AUM validation, fee accrual/claims, token-account controls, and mint-policy updates.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Tokenized vault mint | Token-2022 account with GLAM Mint authority | Share-token mint for tokenized vaults. It uses Token-2022 extensions for metadata, transfer hooks, and default account state where configured. |
| Request queue PDA | GLAM Mint | Queue for subscription and redemption requests that cannot settle instantly. |
| Escrow PDA | Controlled by GLAM Mint | Temporary holding account used by queued subscription and redemption flows until fulfillment and claim. |
| Anchor event authority | GLAM Mint | Program-derived event helper used when instructions emit Anchor events. |

Integration notes:

- Tokenized vault shares use Token-2022 features such as metadata, transfer hooks, and default account state when configured.
- Relevant official references: [Solana Token-2022 extensions](https://solana.com/docs/tokens/extensions).

### GLAM Mint: burn_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `from_token_account` | writable | Token account read or written by this instruction. |
| `from` | read-only | from account read by GLAM Mint's burn tokens instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- GLAM state must be enabled and `supports_mint()` (TokenizedVault, SingleAssetVault, or Mint).
- Signer must be the GLAM owner or a delegate holding Mint `BurnTokens`.
- The Token-2022 source account's mint and owner are validated; the GLAM mint PDA performs the burn.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: cancel

Required conditions:

- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `user` | read-only | user account read by GLAM Mint's cancel instruction. |
| `recover_token_mint` | read-only | Token mint account used or validated by this instruction. |
| `user_ata` | writable | Token account read or written by this instruction. |
| `escrow_ata` | writable | Token account read or written by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `recover_token_program` | read-only | Token program account. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

No arguments.

Policy and permission requirements:

- The request owner can cancel their own request unconditionally — no allowlist, blocklist, or minimum check is enforced.
- For any other signer: the GLAM owner can cancel another user's request directly; non-owner delegates must hold Mint `CancelRequest`.
- After authorization, the recovered asset is validated and the escrowed tokens are returned.

TypeScript SDK usage:

```typescript
await glamClient.invest.cancel();
```

### GLAM Mint: claim

Required conditions:

- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `claim_user` | read-only | Investor or request owner receiving assets or shares from the queued claim flow. |
| `claim_token_mint` | read-only | Token mint account used or validated by this instruction. |
| `claim_user_ata` | writable | Token account read or written by this instruction. |
| `escrow_ata` | writable | Token account read or written by this instruction. |
| `claim_user_policy` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `claim_token_program` | read-only | Token program account. |
| `glam_policies_program` | read-only | glam policies program account invoked or checked by this instruction. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

No arguments.

Policy and permission requirements:

- The request owner can claim their own request unconditionally.
- For any other signer: the GLAM owner can claim for another user directly; non-owner delegates must hold Mint `ClaimRequest`.
- Subscription share claims create a recipient lockup policy only when lockup is configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.claim();
```

### GLAM Mint: claim_fees

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The vault must have fresh pricing records for the operation; fee or fulfillment math depends on NAV values written by the pricing flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `deposit_asset` | read-only | Mint account for the asset being deposited, subscribed with, or used for fee settlement. |
| `vault_deposit_ata` | writable | Token account read or written by this instruction. |
| `protocol_fee_authority` | read-only | Configured protocol fee recipient authority for accrued tokenized-vault fees. |
| `protocol_fee_authority_ata` | writable | Token account read or written by this instruction. |
| `manager_fee_authority` | read-only | Configured manager fee recipient authority for accrued tokenized-vault fees. |
| `manager_fee_authority_ata` | writable | Token account read or written by this instruction. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `deposit_token_program` | read-only | Token program account. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: GLAM owner, or a delegate with Mint `ClaimFees`.
- The `manager` and `protocol authority` accounts are validated payout recipients, not signer authorities.

TypeScript SDK usage:

```typescript
await glamClient.fees.claimFees();
```

### GLAM Mint: close_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The GLAM state owner must sign through the mint close authority path.
- The Token-2022 mint supply must be zero before the mint account can be closed.
- For tokenized vaults, the request queue account must be present and its request count must be zero.
- The transfer-hook extra-account-metas account must be writable because the mint close flow closes it through the GLAM Policies program.
- The mint must be unlinked from the GLAM state before the Token-2022 mint account and request queue are closed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `request_queue` | writable, optional | Request queue account used by mint subscription or redemption flows. |
| `extra_metas_account` | writable | extra metas account account read or updated by GLAM Mint's close mint instruction. |
| `system_program` | read-only | Solana System Program. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
await glamClient.mint.close();
```

### GLAM Mint: crystallize_fees

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The vault must have fresh pricing records for the operation; fee or fulfillment math depends on NAV values written by the pricing flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

No arguments.

Policy and permission requirements:

- No manager or protocol authority access check is enforced. Any signer can trigger fee crystallization when AUM and fee state are valid.

TypeScript SDK usage:

```typescript
await glamClient.fees.crystallizeFees();
```

Cross-instruction constraints:

- Requires fresh pricing for the vault. The pricing operation itself must be atomic in a single transaction.

### GLAM Mint: emergency_update_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `EmergencyUpdateMintArgs` |  |

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Mint `EmergencyUpdate`.
- Effect: toggles the subscription or redemption pause flag on the request queue.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: force_transfer_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `from_token_account` | writable | Token account read or written by this instruction. |
| `to_ata` | writable | Token account read or written by this instruction. |
| `from` | read-only | from account read by GLAM Mint's force transfer tokens instruction. |
| `to` | read-only | to account read by GLAM Mint's force transfer tokens instruction. |
| `to_policy_account` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Requires a Mint GLAM state.
- Caller: GLAM owner, or a delegate with Mint `ForceTransferTokens`.
- Source and destination Token-2022 accounts are validated; a recipient lockup policy is created when configured. The system and SPL transfer policies are not consulted.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: fulfill

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The vault must have fresh pricing records for the operation; fee or fulfillment math depends on NAV values written by the pricing flow.
- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `asset` | read-only | Mint account for the asset being fulfilled or settled in this mint flow. |
| `vault_asset_ata` | writable | Token account read or written by this instruction. |
| `escrow_asset_ata` | writable | Token account read or written by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `deposit_token_program` | read-only | Token program account. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `limit` | `option<u32>` | Needed to avoid CU exhaustion in the case of a large amount of pending requests. |

Policy and permission requirements:

- Permissionlessness is controlled by `notify_and_settle.permissionless_fulfillment`.
- When permissionless, any signer can fulfill queued requests.
- Otherwise the caller must be the GLAM owner or a delegate with Mint `Fulfill`.

TypeScript SDK usage:

```typescript
const preInstructions = await glamClient.price.priceVaultIxs();
await glamClient.invest.fulfill(null, {
  preInstructions,
  lookupTables: glamClient.price.lookupTables,
  simulate: true,
});
```

Cross-instruction constraints:

- Requires fresh pricing for the vault. The pricing operation itself must be atomic in a single transaction.

### GLAM Mint: initialize_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `new_mint` | writable | Token mint account used or validated by this instruction. |
| `request_queue` | writable, optional | Request queue account used by mint subscription or redemption flows. |
| `extra_metas_account` | writable | extra metas account account read or updated by GLAM Mint's initialize mint instruction. |
| `base_asset_mint` | read-only | Token mint account used or validated by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `mint_model` | `MintModel` |  |
| `created_key` | `[u8; 8]` |  |
| `account_type` | `AccountType` |  |
| `decimals` | `option<u8>` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
import { GlamClient, StateAccountType, WSOL, nameToChars } from "@glamsystems/glam-sdk";
import { BN } from "@coral-xyz/anchor";

const glamClient = new GlamClient();
await glamClient.mint.initialize({
  accountType: StateAccountType.TOKENIZED_VAULT,
  name: nameToChars("My Fund"),
  symbol: "gFUND",
  baseAssetMint: WSOL,
  maxCap: new BN(1_000_000_000_000),
});
```

### GLAM Mint: mint_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `mint_to` | writable | Token mint account used or validated by this instruction. |
| `recipient` | writable | Destination account or owner receiving newly issued share tokens. |
| `policy_account` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Requires a Mint GLAM state.
- Caller: GLAM owner, or a delegate with Mint `MintTokens`.
- A recipient lockup policy is created when configured; tokens are minted to the recipient ATA.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: price_kamino_obligations

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint: price_kamino_vault_shares

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `num_vaults` | `u8` |  |

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint: price_marginfi_accounts

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `glam_vault` | read-only | `glam_vault` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | read-only | `sol_usd_oracle` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `base_asset_oracle` | read-only | `base_asset_oracle` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `glam_config` | read-only | `glam_config` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |

Arguments:

No arguments.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: price_orca_whirlpool_positions

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `glam_vault` | read-only | `glam_vault` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | read-only | `sol_usd_oracle` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `base_asset_oracle` | read-only | `base_asset_oracle` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `glam_config` | read-only | `glam_config` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `num_positions` | `u8` |  |

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: price_registered_positions

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `observation_state` | read-only | `observation_state` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_registered_positions` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: price_single_asset_vault

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `base_asset_ata` | read-only | Token account read or written by this instruction. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Requires a Single-asset vault GLAM state.
- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint: price_vault_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `agg_indexes` | `vec<[i16; 4]>` |  |

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint: queued_redeem

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `signer_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount_in` | `u64` |  |

Policy and permission requirements:

- Investor caller must satisfy mint policy, including allowlist, blocklist, lockup, and minimum amount checks where configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.queuedRedeem(
  new BN(5_000_000_000),
);
```

### GLAM Mint: queued_subscribe

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The investor must satisfy mint policy checks, including allowlist, blocklist, minimum subscription amount, max-cap, and lockup configuration where enabled.
- The subscription asset mint and token accounts must match the mint's base asset configuration, and the resulting share calculation must use the validated NAV path for the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `deposit_asset` | read-only | Mint account for the asset being deposited, subscribed with, or used for fee settlement. |
| `escrow_deposit_ata` | writable | Token account read or written by this instruction. |
| `signer_deposit_ata` | writable | Token account read or written by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `deposit_token_program` | read-only | Token program account. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount_in` | `u64` |  |

Policy and permission requirements:

- Investor caller must satisfy mint policy, including allowlist, blocklist, lockup, and minimum amount checks where configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.subscribe(
  new BN(10_000_000_000),
  true,
);
```

### GLAM Mint: set_mint_policy

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `MintPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.
- Policy changes should be governed by owner controls and timelock settings.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: set_protocol_fees

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `base_fee_bps` | `u16` |  |
| `flow_fee_bps` | `u16` |  |

Policy and permission requirements:

- Signer must be the global `glam_config` `fee_authority` on mainnet and staging.
- Protocol fees must have been crystallized at the current timestamp before this update is accepted.

TypeScript SDK usage:

```typescript
await glamClient.fees.setProtocolFees(
  1,
  2000,
);
```

### GLAM Mint: set_token_accounts_states

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `frozen` | `bool` |  |

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding the Mint `SetTokenAccountState` permission.
- Affected token accounts must be Token-2022 accounts whose freeze authority is the GLAM mint PDA.

TypeScript SDK usage:

```typescript
await glamClient.mint.setTokenAccountsStates(
  [tokenAccount],
  true,
);
```

### GLAM Mint: subscribe

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The investor must satisfy mint policy checks, including allowlist, blocklist, minimum subscription amount, max-cap, and lockup configuration where enabled.
- The subscription asset mint and token accounts must match the mint's base asset configuration, and the resulting share calculation must use the validated NAV path for the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | read-only | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `signer_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `deposit_asset` | read-only | Mint account for the asset being deposited, subscribed with, or used for fee settlement. |
| `vault_deposit_ata` | writable | Token account read or written by this instruction. |
| `signer_deposit_ata` | writable | Token account read or written by this instruction. |
| `signer_policy` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `deposit_token_program` | read-only | Token program account. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount_in` | `u64` |  |

Policy and permission requirements:

- Investor caller must satisfy mint policy, including allowlist, blocklist, lockup, and minimum amount checks where configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.subscribe(
  new BN(10_000_000_000),
  false,
);
```

### GLAM Mint: update_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `mint_model` | `MintModel` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
await glamClient.mint.update({
  maxCap: new BN(5_000_000_000_000),
  minSubscription: new BN(500_000_000),
});
```

### GLAM Mint: update_mint_apply_timelock

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.
- The pending change must exist, the configured delay must have elapsed, and the account receiving the change must still match the pending update target.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `request_queue` | optional | Request queue account used by mint subscription or redemption flows. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint: validate_aum

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Any signer can call. AUM is computed from `glam_state` and emitted as an `AumRecord` event; no pricing-caller ACL is checked and no per-protocol valuation records are written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
```

Cross-instruction constraints:

- Run after all required pricing instructions, and include validation in the same transaction when the operation depends on an atomic NAV calculation.

## Kamino Integration

Program ID: `G1NTkDEUR3pkEqGCKZtmtmVzCUEdYa86pezHkwYbLyde`

Integration adapter for Kamino Lending, Kamino Vaults, and Kamino Farms. It performs CPI into Kamino programs with the GLAM vault PDA as the authority and enforces protocol enablement, delegate permissions, and market/vault policies.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | Kamino Integration | Program-derived authority used for integration-level signing during Kamino CPI calls. |
| Kamino user, obligation, farm, and vault accounts | Kamino programs with GLAM vault authority | External protocol accounts created or updated by the integration for GLAM-managed positions. |

Integration notes:

- Kamino Integration must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [Kamino documentation](https://kamino.com/docs/overview).

### Kamino Integration: farms_harvest_reward

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `global_config` | read-only | global config account read by Kamino Integration's farms harvest reward instruction. |
| `reward_mint` | read-only | Token mint account used or validated by this instruction. |
| `user_reward_ata` | writable | Token account read or written by this instruction. |
| `rewards_vault` | writable | Vault or downstream vault account. |
| `rewards_treasury_vault` | writable | Vault or downstream vault account. |
| `farm_vaults_authority` | read-only | Vault or downstream vault account. |
| `scope_prices` | optional | Oracle or price account used for valuation or downstream validation. |
| `token_program` | read-only | Token program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `reward_index` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoFarms` on the vault integration ACL.
- Delegate permission: Kamino Farms `HarvestReward`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoFarm.harvest([farmState]);
```

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration: farms_initialize_user

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `rent` | read-only | Solana sysvar account. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Kamino Farms `Stake`.
- Initializes the Kamino user state using the supplied rent and farm accounts.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration: farms_stake

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `farm_vault` | writable | Vault or downstream vault account. |
| `user_ata` | writable | Token account read or written by this instruction. |
| `token_mint` | read-only | Token mint account used or validated by this instruction. |
| `scope_prices` | optional | Oracle or price account used for valuation or downstream validation. |
| `token_program` | read-only | Token program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoFarms` on the vault integration ACL.
- Delegate permission: Kamino Farms `Stake`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoFarm.stake(
  new BN(1_000_000_000),
  farmState,
);
```

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration: farms_unstake

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `scope_prices` | optional | Oracle or price account used for valuation or downstream validation. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u128` |  |

Policy and permission requirements:

- Enable `KaminoFarms` on the vault integration ACL.
- Delegate permission: Kamino Farms `Unstake`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoFarm.unstake(
  new BN(500_000_000),
  farmState,
);
```

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration: farms_withdraw_unstaked_deposits

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `user_ata` | writable | Token account read or written by this instruction. |
| `farm_vault` | writable | Vault or downstream vault account. |
| `farm_vaults_authority` | read-only | Vault or downstream vault account. |
| `token_program` | read-only | Token program account. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Kamino Farms `Unstake` before withdrawing unstaked deposits.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration: lending_borrow_obligation_liquidity_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Borrowing must satisfy both the vault-level borrowable asset list and the integration-specific borrow allowlist where one is configured.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `borrow_reserve` | writable | Kamino reserve account. |
| `borrow_reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_source_liquidity` | writable | Kamino reserve account. |
| `borrow_reserve_liquidity_fee_receiver` | writable | Kamino reserve account. |
| `user_destination_liquidity` | writable | Vault-owned token account that receives liquidity borrowed or withdrawn from Kamino. |
| `referrer_token_state` | writable, optional | Optional Kamino referrer token state credited during borrow flows when a referrer is configured. |
| `token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Borrow`.
- Borrowing must satisfy the vault-level borrowable asset list and any integration-specific borrow allowlist.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.borrow(
  market,
  usdcMint,
  new BN(200_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration: lending_deposit_reserve_liquidity_and_obligation_collateral_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `reserve` | writable | Kamino reserve account. |
| `reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_liquidity_supply` | writable | Kamino reserve account. |
| `reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `reserve_destination_deposit_collateral` | writable | Kamino reserve account. |
| `user_source_liquidity` | writable | Vault-owned token account that supplies liquidity for Kamino deposit, repay, or liquidation flows. |
| `placeholder_user_destination_collateral` | optional | Optional collateral destination placeholder required by Kamino account ordering when collateral is not received. |
| `collateral_token_program` | read-only | Token program account. |
| `liquidity_token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Deposit`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.deposit(
  market,
  usdcMint,
  new BN(1_000_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration: lending_init_obligation

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `fee_payer` | signer, writable | Calling authority or fee payer. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `seed1_account` | read-only | Seed account used by Kamino when deriving the obligation address. |
| `seed2_account` | read-only | Second seed account used by Kamino when deriving the obligation address. |
| `owner_user_metadata` | read-only | Token account read or written by this instruction. |
| `rent` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `InitObligationArgs` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Init`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration: lending_init_obligation_farms_for_reserve

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `payer` | signer, writable | Fee payer funding rent or account allocation for this instruction. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `reserve` | writable | Kamino reserve account. |
| `reserve_farm_state` | writable | Kamino reserve account. |
| `obligation_farm` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `farms_program` | read-only | Kamino farm account. |
| `rent` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `mode` | `u8` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Init` with farm setup context.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration: lending_init_user_metadata

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `fee_payer` | signer, writable | Calling authority or fee payer. |
| `user_metadata` | writable | Token account read or written by this instruction. |
| `referrer_user_metadata` | optional | Token account read or written by this instruction. |
| `rent` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `user_lookup_table` | `pubkey` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Init`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.initUserMetadata();
```

### Kamino Integration: lending_liquidate_obligation_and_redeem_reserve_collateral_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `repay_reserve` | writable | Kamino reserve account. |
| `repay_reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `repay_reserve_liquidity_supply` | writable | Kamino reserve account. |
| `withdraw_reserve` | writable | Kamino reserve account. |
| `withdraw_reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `withdraw_reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_reserve_collateral_supply` | writable | Kamino reserve account. |
| `withdraw_reserve_liquidity_supply` | writable | Kamino reserve account. |
| `withdraw_reserve_liquidity_fee_receiver` | writable | Kamino reserve account. |
| `user_source_liquidity` | writable | Vault-owned token account that supplies liquidity for Kamino deposit, repay, or liquidation flows. |
| `user_destination_collateral` | writable | Vault-owned collateral token account receiving Kamino collateral during liquidation. |
| `user_destination_liquidity` | writable | Vault-owned token account that receives liquidity borrowed or withdrawn from Kamino. |
| `collateral_token_program` | read-only | Token program account. |
| `repay_liquidity_token_program` | read-only | Token program account. |
| `withdraw_liquidity_token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `collateral_obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `collateral_reserve_farm_state` | writable, optional | Kamino reserve account. |
| `debt_obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `debt_reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |
| `min_acceptable_received_liquidity_amount` | `u64` |  |
| `max_allowed_ltv_override_percent` | `u64` |  |

Policy and permission requirements:

- Signer must hold Kamino Lending `Liquidate`.
- Lending policy and market allowlist are checked.
- Output collateral mint must be a vault asset, or otherwise configured as borrowable or priced.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration: lending_repay_obligation_liquidity_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `repay_reserve` | writable | Kamino reserve account. |
| `reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_destination_liquidity` | writable | Kamino reserve account. |
| `user_source_liquidity` | writable | Vault-owned token account that supplies liquidity for Kamino deposit, repay, or liquidation flows. |
| `token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Repay`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.repay(
  market,
  usdcMint,
  new BN(200_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration: lending_request_elevation_group

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `elevation_group` | `u8` |  |

Policy and permission requirements:

- Signer must hold Kamino Lending `Borrow`.
- Lending policy and market or elevation-group constraints are checked before forwarding the CPI.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration: lending_withdraw_obligation_collateral_and_redeem_reserve_collateral_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `withdraw_reserve` | writable | Kamino reserve account. |
| `reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_source_collateral` | writable | Kamino reserve account. |
| `reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `reserve_liquidity_supply` | writable | Kamino reserve account. |
| `user_destination_liquidity` | writable | Vault-owned token account that receives liquidity borrowed or withdrawn from Kamino. |
| `placeholder_user_destination_collateral` | optional | Optional collateral destination placeholder required by Kamino account ordering when collateral is not received. |
| `collateral_token_program` | read-only | Token program account. |
| `liquidity_token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `collateral_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Withdraw`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.withdraw(
  market,
  usdcMint,
  new BN(500_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration: set_lending_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `LendingPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration: set_vaults_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `VaultsPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration: vaults_deposit

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `vault_state` | writable | Vault or downstream vault account. |
| `token_vault` | writable | Vault or downstream vault account. |
| `token_mint` | read-only | Token mint account used or validated by this instruction. |
| `base_vault_authority` | read-only | Vault or downstream vault account. |
| `shares_mint` | writable | Token mint account used or validated by this instruction. |
| `user_token_ata` | writable | Token account read or written by this instruction. |
| `user_shares_ata` | writable | Token account read or written by this instruction. |
| `klend_program` | read-only | Kamino Lending program account invoked or checked by this instruction. |
| `token_program` | read-only | Token program account. |
| `shares_token_program` | read-only | Token program account. |
| `event_authority` | read-only | Event authority or downstream event account. |
| `program` | read-only | Anchor program account used by the downstream protocol. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `max_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoVaults` on the vault integration ACL.
- Delegate permission: Kamino Vaults `Deposit`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoVaults.deposit(
  kaminoVault,
  new BN(1_000_000_000),
);
```

Cross-instruction constraints:

- The target Kamino vault must be allowed by the Kamino vaults policy before deposit or withdrawal.

### Kamino Integration: vaults_withdraw

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `withdraw_from_available_vault_state` | writable | Vault or downstream vault account. |
| `withdraw_from_available_global_config` | read-only | withdraw from available global config account read by Kamino Integration's vaults withdraw instruction. |
| `withdraw_from_available_token_vault` | writable | Vault or downstream vault account. |
| `withdraw_from_available_base_vault_authority` | read-only | Vault or downstream vault account. |
| `withdraw_from_available_user_token_ata` | writable | Token account read or written by this instruction. |
| `withdraw_from_available_token_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_from_available_user_shares_ata` | writable | Token account read or written by this instruction. |
| `withdraw_from_available_shares_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_from_available_token_program` | read-only | Token program account. |
| `withdraw_from_available_shares_token_program` | read-only | Token program account. |
| `withdraw_from_available_klend_program` | read-only | withdraw from available Kamino Lending program account invoked or checked by this instruction. |
| `withdraw_from_available_event_authority` | read-only | Event authority or downstream event account. |
| `withdraw_from_available_program` | read-only | withdraw from available program account invoked or checked by this instruction. |
| `withdraw_from_reserve_vault_state` | writable | Vault or downstream vault account. |
| `withdraw_from_reserve_reserve` | writable | Kamino reserve account. |
| `withdraw_from_reserve_ctoken_vault` | writable | Vault or downstream vault account. |
| `withdraw_from_reserve_lending_market` | read-only | Kamino reserve account. |
| `withdraw_from_reserve_lending_market_authority` | read-only | Kamino reserve account. |
| `withdraw_from_reserve_reserve_liquidity_supply` | writable | Kamino reserve account. |
| `withdraw_from_reserve_reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_from_reserve_reserve_collateral_token_program` | read-only | Token program account. |
| `withdraw_from_reserve_instruction_sysvar_account` | read-only | Solana sysvar account. |
| `event_authority` | read-only | Event authority or downstream event account. |
| `program` | read-only | Anchor program account used by the downstream protocol. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `shares_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoVaults` on the vault integration ACL.
- Delegate permission: Kamino Vaults `Withdraw`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoVaults.withdraw(
  kaminoVault,
  new BN(500_000_000),
);
```

Cross-instruction constraints:

- The target Kamino vault must be allowed by the Kamino vaults policy before deposit or withdrawal.

## SPL Integration

Program ID: `G1NTsQ36mjPe89HtPYqxKsjY5HmYsDR6CbD2gd2U2pta`

Integration adapter for SPL Token and Token-2022 account operations. It supports vault-controlled checked transfers and closing token accounts under transfer policy.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | SPL Integration | Program-derived authority used for integration-level signing during SPL Token and Token-2022 CPI calls. |

Integration notes:

- SPL Integration must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [Solana Token-2022 extensions](https://solana.com/docs/tokens/extensions).

### SPL Integration: set_token_transfer_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `TransferPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

```typescript
import { TransferPolicy } from "@glamsystems/glam-sdk";

const policy = new TransferPolicy([approvedDestination]);
await glamClient.access.setProtocolPolicy(
  glamClient.extSplProgram.programId,
  0b01,
  policy.encode(),
);
```

### SPL Integration: token_close_account

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `token_account` | writable | Token account read or written by this instruction. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or any unexpired delegate; no SPL `Transfer` or token-close-specific permission is required.
- Routed through `cpi_proxy`.

TypeScript SDK usage:

```typescript
await glamClient.vault.closeTokenAccounts([
  tokenAccount,
]);
```

### SPL Integration: token_transfer_checked

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `from` | writable | from account read or updated by SPL Integration's token transfer checked instruction. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `to` | writable | to account read or updated by SPL Integration's token transfer checked instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `decimals` | `u8` |  |

Policy and permission requirements:

- `TokenTransferPolicy` is checked against the destination token account's owner only — no mint/asset or amount policy is consulted.
- Allowlisted destination owners require SPL `Transfer`.
- For the GLAM-owner-destination path: the GLAM owner must sign and the vault must not be a tokenized vault.

TypeScript SDK usage:

```typescript
await glamClient.vault.tokenTransfer(
  usdcMint,
  50_000_000,
  recipient,
);
```

## CCTP Integration

Program ID: `G1NTcMDYgNLpDwgnrpSZvoSKQuR9NXG7S3DmtNQCDmrK`

Integration adapter for Circle Cross-Chain Transfer Protocol. It lets a GLAM vault burn USDC on Solana for outbound bridge transfers while enforcing GLAM integration ACLs, delegate permissions, and CCTP destination policy.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | CCTP Integration | Program-derived authority used for integration-level signing during CCTP CPI calls. |
| Anchor event authority | CCTP Integration | Program-derived event helper used when instructions emit Anchor events. |

Integration notes:

- CCTP Integration must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [Circle CCTP documentation](https://developers.circle.com/cctp).

### CCTP Integration: deposit_for_burn

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `sender_authority_pda` | read-only | CCTP sender authority PDA that authorizes the vault burn through Circle's token messenger. |
| `burn_token_account` | writable | Token account read or written by this instruction. |
| `denylist_account` | read-only | Circle CCTP denylist account checked before the USDC burn is submitted. |
| `message_transmitter` | writable | Circle CCTP MessageTransmitter state account updated when the outbound message is recorded. |
| `token_messenger` | read-only | Circle CCTP TokenMessenger account that coordinates the USDC burn and cross-chain message. |
| `remote_token_messenger` | read-only | Circle CCTP remote TokenMessenger account for the destination domain. |
| `token_minter` | read-only | Token mint account used or validated by this instruction. |
| `local_token` | writable | Circle CCTP local-token metadata account for the burned USDC mint. |
| `burn_token_mint` | writable | Token mint account used or validated by this instruction. |
| `message_sent_event_data` | signer, writable | Token account read or written by this instruction. |
| `message_transmitter_program` | read-only | message transmitter program account invoked or checked by this instruction. |
| `token_messenger_minter_program` | read-only | Token mint account used or validated by this instruction. |
| `token_program` | read-only | Token program account. |
| `event_authority` | read-only | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `DepositForBurnParams` |  |

Policy and permission requirements:

- Requires a Vault GLAM state.
- Caller: GLAM owner, or a delegate with CCTP `Transfer`.
- The CCTP policy gates the `(destination_domain, mint_recipient)` pair against an allowlist; asset and amount are not gated.

TypeScript SDK usage:

```typescript
await glamClient.cctp.bridgeUsdc(
  new BN(1_000_000),
  0,
  destinationAddress,
  { maxFee: new BN(500_000), minFinalityThreshold: 1000 },
);
```

### CCTP Integration: set_cctp_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `CctpPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

```typescript
const policy = new CctpPolicy([
  { domain: destinationDomain, address: destinationAddress },
]);
await glamClient.access.setProtocolPolicy(
  glamClient.extCctpProgram.programId,
  0b01,
  policy.encode(),
);
```

## GLAM Config

Program ID: `gConFzxKL9USmwTdJoeQJvfKmqhJ2CyUaXTyQ8v9TGX`

Global protocol configuration program for protocol fee parameters, admin authority, referrer configuration, and asset/oracle metadata used across vaults.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Global config PDA | GLAM Config | Protocol-wide configuration for admin authority, fee settings, referrers, and asset/oracle metadata. |
| Asset metadata records | GLAM Config | Configuration entries that map supported assets to pricing metadata and validation requirements. |

### GLAM Config: close

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | Global Config PDA being closed after the admin authority check; its lamports are reclaimed by the writable admin signer. |
| `admin` | signer, writable | Current GLAM Config admin authority. It signs the close instruction and receives the reclaimed lamports. |
| `system_program` | read-only | Solana System Program. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the stored global config admin. Lamports are refunded to that admin.
- GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: delete_asset_meta

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | Global Config PDA storing protocol-wide admin authority, fee settings, referrers, and asset/oracle metadata. |
| `admin` | signer, writable | Current GLAM Config admin authority that signs protocol configuration changes. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `asset` | `pubkey` |  |
| `oracle` | `pubkey` |  |

Policy and permission requirements:

- Signer must be the stored global config admin. GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: deprecate_asset_meta

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | `global_config` account required by the `deprecate_asset_meta` instruction (see program source for the full constraint). |
| `admin` | signer, writable | `admin` account required by the `deprecate_asset_meta` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deprecate_asset_meta` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `asset` | `pubkey` |  |
| `oracle` | `pubkey` |  |

Policy and permission requirements:

- Signer must be the stored global config admin.
- The asset metadata record matching the supplied asset and oracle pubkeys must exist; the instruction marks it deprecated by setting its priority to `-1`.
- GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: initialize

Required conditions:

- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | Global Config PDA storing protocol-wide admin authority, fee settings, referrers, and asset/oracle metadata. |
| `payer` | signer, writable | Fee payer funding rent or account allocation for this instruction. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `admin` | `pubkey` |  |
| `fee_authority` | `pubkey` |  |
| `referrer` | `pubkey` |  |
| `base_fee_bps` | `u16` |  |
| `flow_fee_bps` | `u16` |  |

Policy and permission requirements:

- No GLAM state involvement. `payer` plus the supplied `admin`, `fee_authority`, `referrer`, and fee values establish the global config PDA.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: update_admin

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | Global Config PDA storing protocol-wide admin authority, fee settings, referrers, and asset/oracle metadata. |
| `admin` | signer, writable | Current GLAM Config admin authority that signs protocol configuration changes. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `new_admin` | `pubkey` |  |

Policy and permission requirements:

- Signer must be the current stored global config admin. Sets a new admin. GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: update_fee_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | `global_config` account required by the `update_fee_authority` instruction (see program source for the full constraint). |
| `fee_authority` | signer | `fee_authority` account required by the `update_fee_authority` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `fee_authority` | `pubkey` |  |

Policy and permission requirements:

- Signer must be the current stored global config `fee_authority`.
- The supplied pubkey becomes the new fee authority. GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: update_protocol_fees

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | Global Config PDA storing protocol-wide admin authority, fee settings, referrers, and asset/oracle metadata. |
| `fee_authority` | signer | Authority allowed to update protocol fee or referrer configuration. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `base_fee_bps` | `u16` |  |
| `flow_fee_bps` | `u16` |  |

Policy and permission requirements:

- Signer must be the stored global config `fee_authority`. Base and flow fees are capped by the program's `MAX_PROTOCOL_*` constants.
- GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: update_referrer

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | Global Config PDA storing protocol-wide admin authority, fee settings, referrers, and asset/oracle metadata. |
| `fee_authority` | signer | Authority allowed to update protocol fee or referrer configuration. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `referrer` | `pubkey` |  |

Policy and permission requirements:

- Signer must be the stored global config `fee_authority`. GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Config: upsert_asset_meta

Required conditions:

- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `global_config` | writable | Global Config PDA storing protocol-wide admin authority, fee settings, referrers, and asset/oracle metadata. |
| `admin` | signer, writable | Current GLAM Config admin authority that signs protocol configuration changes. |
| `system_program` | read-only | Solana System Program. Used to pay rent and reallocate the config account when adding new asset metadata. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `asset_meta` | `AssetMeta` |  |

Policy and permission requirements:

- Signer must be the stored global config admin.
- The instruction inserts or updates an asset-meta record keyed by the asset and oracle pubkeys carried in the argument; existing records with the same pair are overwritten in place. The config account may be reallocated to fit a new record.
- GLAM state owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## GLAM Policies (Transfer Hook)

Program ID: `po1iCYakK3gHCLbuju4wGzFowTMpAJxkqK1iwUqMonY`

Token-2022 transfer-hook support program. It stores per-subject policy accounts and enforces lockup-related transfer restrictions for mints that opt into hooks.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Policy account | GLAM Policies (Transfer Hook) | Per-subject lockup policy used by Token-2022 transfer-hook validation. |
| Extra account metas PDA | GLAM Policies (Transfer Hook) | Token-2022 transfer-hook metadata account that tells the token program which extra accounts to pass during transfers. |

Integration notes:

- This program is invoked through Token-2022 transfer hooks when a mint requires lockup validation.
- Relevant official references: [Solana Token-2022 extensions](https://solana.com/docs/tokens/extensions).

### GLAM Policies (Transfer Hook): close_extra_metas_account

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `extra_metas_account` | writable | extra metas account account read or updated by GLAM Policies (Transfer Hook)'s close extra metas account instruction. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `authority` | signer, writable | authority account read or updated by GLAM Policies (Transfer Hook)'s close extra metas account instruction. |
| `destination` | writable | destination account read or updated by GLAM Policies (Transfer Hook)'s close extra metas account instruction. |
| `system_program` | read-only | Solana System Program. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the Token-2022 mint authority (validated through the mint constraint). The extra metas PDA is closed and its lamports are sent to the destination.
- GLAM owner authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Policies (Transfer Hook): close_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `policy_account` | writable | Policy account or policy-related account. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `subject` | writable | subject account read or updated by GLAM Policies (Transfer Hook)'s close policy instruction. |
| `system_program` | read-only | Solana System Program. |

Arguments:

No arguments.

Policy and permission requirements:

- Any signer can close an expired policy PDA. Lamports are refunded to the subject.
- No GLAM owner authority or empty-state check is required.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Policies (Transfer Hook): create_policy

Required conditions:

- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `policy_account` | writable | Policy account or policy-related account. |
| `authority` | signer, writable | authority account read or updated by GLAM Policies (Transfer Hook)'s create policy instruction. |
| `subject` | read-only | subject account read by GLAM Policies (Transfer Hook)'s create policy instruction. |
| `payer` | signer, writable | Fee payer funding rent or account allocation for this instruction. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `subject_token_account` | read-only | Token account read or written by this instruction. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `locked_until` | `u64` |  |
| `time_unit` | `TimeUnit` |  |

Policy and permission requirements:

- `authority` must be the Token-2022 mint authority or permanent delegate.
- A separate `payer` is allowed. Existing lockups can only be extended; not shortened.
- GLAM owner/delegate authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Policies (Transfer Hook): execute

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `src_account` | read-only | Source token account being evaluated by the Token-2022 transfer hook. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `dst_account` | read-only | Destination token account being evaluated by the Token-2022 transfer hook. |
| `src_account_authority` | read-only | Authority for the source token account in Token-2022 transfer-hook validation. |
| `extra_metas_account` | read-only | extra metas account account read by GLAM Policies (Transfer Hook)'s execute instruction. |
| `src_policy_account` | read-only | Policy account or policy-related account. |
| `dst_policy_account` | read-only | Policy account or policy-related account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `_amount` | `u64` |  |

Policy and permission requirements:

- Token-2022 transfer-hook callback. Source and destination accounts must be in transferring state; the source policy PDA is validated; unexpired source lockups are rejected.
- There is no GLAM owner/delegate signer.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Policies (Transfer Hook): initialize_extra_metas_account

Required conditions:

- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `extra_metas_account` | writable | extra metas account account read or updated by GLAM Policies (Transfer Hook)'s initialize extra metas account instruction. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `authority` | signer, writable | authority account read or updated by GLAM Policies (Transfer Hook)'s initialize extra metas account instruction. |
| `payer` | signer, writable | Fee payer funding rent or account allocation for this instruction. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `metas` | `vec<AnchorExtraAccountMeta>` |  |

Policy and permission requirements:

- Signer must be the Token-2022 mint authority. The TLV extra metas account for the transfer hook is initialized.
- GLAM owner authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## GLAM Protocol Staging

Program ID: `gstgptmbgJVi5f8ZmSRVZjZkDQwqKa3xWuUtD5WmJHz`

Staging deployment of GLAM Protocol. Mirrors the production program with additional or pre-release functionality for review. Once the CPI depth limit is increased to 8, Jupiter Swap will be moved to its own integration program.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| State account | GLAM Protocol Staging | Canonical vault record for metadata, owner, enabled integrations, delegates, policies, assets, borrowable assets, timelock settings, and pricing records. |
| Vault PDA | Controlled by GLAM Protocol Staging | Asset-holding account derived from the state account. Integrations use it as the vault authority for token accounts and external protocol positions. |
| Anchor event authority | GLAM Protocol Staging | Program-derived event helper used when instructions emit Anchor events. |

Integration notes:

- Relevant official references: [Solana Program Derived Addresses](https://solana.com/docs/core/pda), [Solana documentation](https://solana.com/docs).

### GLAM Protocol Staging: add_assets

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `add_assets` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `add_assets` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call; delegates are rejected.
- Requires at least one remaining account; each remaining account must be a valid SPL Token or Token-2022 mint.
- Asset-list update is staged through the state timelock when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: cancel_timelock

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: GLAM owner, or a non-expired delegate with GLAM Protocol / System / `CancelTimelock` permission.
- Cancels any pending timelock update by clearing pending state and mint changes and resetting the timelock deadline. Can be called before expiry; succeeds even when no update is pending.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: close_state

Required conditions:

- The state owner must sign; this owner check is defined by the close-state account constraints.
- The state must not be linked to a GLAM mint; the instruction checks that the mint field is the default public key before closure.
- The state must already be disabled; the instruction rejects closure while the state enabled flag is true.
- The vault PDA must be writable so any remaining SOL balance can be transferred to the signer before the state account is closed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `system_program` | read-only | Solana System Program. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: cpi_proxy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `integration_authority` | signer | Program-derived authority used by the integration for downstream invocation. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `data` | `bytes` |  |
| `extra_params` | `vec<ExtraParams>` |  |

Policy and permission requirements:

- `glam_signer` must be the GLAM owner or a registered delegate.
- `integration_authority` must be an authorized integration PDA enabled in `integration_acls` before the CPI program is invoked and any extra params are applied.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: delete_assets

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `delete_assets` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `delete_assets` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call; delegates are rejected.
- Remaining accounts must be an even-length list of `[mint, vault_ata]` pairs.
- Cannot delete the base asset; vault token balances must be zero or absent.
- Update is staged through the state timelock when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: emergency_access_update

Required conditions:

- The update must be limited to emergency access actions: removing an integration, removing a delegate, or enabling or disabling the GLAM state.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `EmergencyAccessUpdateArgs` |  |

Policy and permission requirements:

- Caller: GLAM owner, or a delegate with System `EmergencyUpdate` permission.
- Allowed actions: remove an integration, remove a delegate, or enable or disable the GLAM state.
- A *pure veto delegate* — one whose only permission is GLAM Protocol / System / `CancelTimelock` — cannot be removed through this path; the emergency update is rejected. Its sole purpose is to cancel pending timelocked updates (it does not affect the timelock mechanism itself), so it stays in place to preserve the veto capability.
- Delegates that hold `CancelTimelock` together with any other permission are not protected by this guard.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: enable_disable_protocols

Required conditions:

- The selected integration program and protocol selection are written into the state integration ACL; disabling a protocol prevents both owner-driven delegated use and delegate-driven use of that protocol through integration checks.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `integration_program` | `pubkey` |  |
| `protocols_bitmask` | `u16` |  |
| `set_enabled` | `bool` |  |

Policy and permission requirements:

- Only the GLAM owner can call; delegates are rejected even when they hold matching protocol permissions.
- SingleAssetVault states are rejected; only Vault, TokenizedVault, and Mint state types are accepted.
- When the state has a non-zero timelock duration, the change is staged into the pending state update; otherwise it is applied directly.

TypeScript SDK usage:

```typescript
import { GlamClient, getProgramAndBitflagByProtocolName } from "@glamsystems/glam-sdk";
import { PublicKey } from "@solana/web3.js";

const glamClient = new GlamClient({ statePda: vaultState });
const [program, bitflag] = getProgramAndBitflagByProtocolName()["KaminoVaults"];
await glamClient.access.enableProtocols(new PublicKey(program), parseInt(bitflag, 2));
```

### GLAM Protocol Staging: extend_state

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `bytes` | `u32` |  |

Policy and permission requirements:

- No owner or delegate access check is enforced. Any signer can extend the state account; `glam_signer` is the rent payer for the additional space.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: grant_revoke_delegate_permissions

Required conditions:

- The delegate public key, integration program, protocol selection, and permission set must be provided explicitly; the resulting delegate ACL entry grants only those exact capabilities.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `delegate` | `pubkey` |  |
| `integration_program` | `pubkey` |  |
| `protocol_bitflag` | `u16` |  |
| `permissions_bitmask` | `u64` |  |
| `set_granted` | `bool` |  |

Policy and permission requirements:

- Only the GLAM owner can call; delegates cannot grant or revoke delegate permissions.

TypeScript SDK usage:

```typescript
import { BN } from "@coral-xyz/anchor";
import { PublicKey } from "@solana/web3.js";

await glamClient.access.grantDelegatePermissions(
  new PublicKey(delegate),
  new PublicKey(integrationProgram),
  protocolBitflag,
  new BN(0b11),
);
```

### GLAM Protocol Staging: initialize_state

Required conditions:

- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `system_program` | read-only | Solana System Program. |
| `base_asset_mint` | read-only | Token mint account used or validated by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `state` | `StateModel` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
import { GlamClient, StateAccountType, nameToChars } from "@glamsystems/glam-sdk";

const glamClient = new GlamClient();
await glamClient.state.create({
  accountType: StateAccountType.VAULT,
  name: nameToChars("Managed Vault"),
});
```

### GLAM Protocol Staging: jupiter_swap

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `input_stake_pool` | optional | Stake, stake-pool, or staking-related account. |
| `output_stake_pool` | optional | Stake, stake-pool, or staking-related account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `data` | `bytes` |  |

Policy and permission requirements:

- SingleAssetVault states are rejected.
- Caller: GLAM owner, or a delegate with one of GLAM Protocol / Jupiter Swap / `SwapToAny`, `SwapFromAny`, `SwapAllowlisted`, or `SwapLst` — selected from the configured `JupiterSwapPolicy` allowlist and from whether both mints resolve as LSTs through the supplied stake-pool accounts.
- Slippage is bounded by the `JupiterSwapPolicy.max_slippage_bps` setting.
- `remaining_accounts` may not include vault token accounts other than the input and output ATAs.

TypeScript SDK usage:

```typescript
import { GlamClient, WSOL } from "@glamsystems/glam-sdk";

const glamClient = new GlamClient({ jupiterApiKey: "YOUR_API_KEY" });
await glamClient.jupiterSwap.swap({
  quoteParams: {
    inputMint: WSOL.toBase58(),
    outputMint: usdcMint.toBase58(),
    amount: 1_000_000_000,
    slippageBps: 50,
  },
});
```

### GLAM Protocol Staging: jupiter_swap_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `input_stake_pool` | optional | Stake, stake-pool, or staking-related account. |
| `output_stake_pool` | optional | Stake, stake-pool, or staking-related account. |
| `glam_config` | optional | Global GLAM configuration account for fee and asset/oracle metadata. |
| `sol_usd_oracle` | optional | Oracle or price account used for valuation or downstream validation. |
| `input_token_oracle` | optional | Oracle or price account used for valuation or downstream validation. |
| `output_token_oracle` | optional | Oracle or price account used for valuation or downstream validation. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `skip_quote_price_check` | `bool` |  |
| `data` | `bytes` |  |

Policy and permission requirements:

- SingleAssetVault states are rejected.
- Caller: GLAM owner, or a delegate with one of GLAM Protocol / Jupiter Swap / `SwapToAny`, `SwapFromAny`, `SwapAllowlisted`, or `SwapLst` — selected from the configured `JupiterSwapPolicy` allowlist and from whether both mints resolve as LSTs through the supplied stake-pool accounts.
- Slippage is bounded by the `JupiterSwapPolicy.max_slippage_bps` setting.
- The instruction performs a quote-vs-oracle price check using the supplied SOL/input/output oracles validated against `glam_config` asset metas. The check is skipped only when the signer holds GLAM Protocol / Jupiter Swap / `SkipQuotePriceCheck` (unconditional skip), or `SkipQuotePriceCheckLimited` and the output token has no oracle configured in `glam_config` (limited skip).
- `remaining_accounts` may not include vault token accounts other than the input and output ATAs.

TypeScript SDK usage:

```typescript
await glamClient.jupiterSwap.swapV2({
  quoteParams,
  skipQuotePriceCheck: false,
  trackingAccount,
});
```

### GLAM Protocol Staging: link_unlink_mint_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer | Token mint account used or validated by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `link` | `bool` |  |

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). Owner and delegate signers are not accepted; this is an internal callback path used by GLAM Mint to link or unlink `state.mint`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: reset_priced_protocols_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer | Token mint account used or validated by this instruction. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). Owner and delegate signers are not accepted; the instruction clears `priced_protocols` and is an internal callback path used by GLAM Mint.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: set_jupiter_swap_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `JupiterSwapPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Non-empty policy data requires the native GLAM Protocol `JupiterSwap` bit to already be enabled in `integration_acls`.
- Empty policy data clears the existing policy.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: set_protocol_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `integration_program` | `pubkey` |  |
| `protocol_bitflag` | `u16` |  |
| `data` | `bytes` |  |

Policy and permission requirements:

- Only the GLAM owner can call.
- Non-empty policy data requires the target integration program and protocol bit to already be enabled in `integration_acls`. Empty data only deletes or no-ops.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: set_protocol_policy_by_integration_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_protocol_policy_by_integration_authority` instruction (see program source for the full constraint). |
| `integration_program` | read-only | `integration_program` account required by the `set_protocol_policy_by_integration_authority` instruction (see program source for the full constraint). |
| `integration_authority` | signer | `integration_authority` account required by the `set_protocol_policy_by_integration_authority` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `protocol_bitflag` | `u16` |  |
| `data` | `bytes` |  |

Policy and permission requirements:

- `integration_authority` must be the PDA derived for the supplied `integration_program`.
- The supplied integration program must already be enabled in the GLAM state's integration ACLs.
- On mainnet, the integration program must also be in GLAM's integration-program allowlist.
- The instruction writes policy data directly through the integration authority path; owner/delegate signer authority is not used.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: set_system_transfer_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `TransferPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Non-empty policy data requires the native GLAM Protocol `System` bit to already be enabled in `integration_acls`.
- Empty policy data clears the existing policy.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_authorize

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `stake` | writable | Stake, stake-pool, or staking-related account. |
| `clock` | read-only | Solana sysvar account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `new_authority` | `pubkey` |  |
| `staker_or_withdrawer` | `u32` |  |

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Stake` or owner-level stake authority management.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_deactivate

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `stake` | writable | Stake, stake-pool, or staking-related account. |
| `clock` | read-only | Solana sysvar account. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Unstake`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_delegate_stake

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `stake` | writable | Stake, stake-pool, or staking-related account. |
| `vote` | read-only | Validator vote account delegated to by the stake account. |
| `clock` | read-only | Solana sysvar account. |
| `stake_history` | read-only | Solana sysvar account. |
| `stake_config` | read-only | Stake, stake-pool, or staking-related account. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Stake`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_initialize

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `stake` | writable | Stake, stake-pool, or staking-related account. |
| `rent` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Stake`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_merge

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `destination_stake` | writable | Stake, stake-pool, or staking-related account. |
| `source_stake` | writable | Stake, stake-pool, or staking-related account. |
| `clock` | read-only | Solana sysvar account. |
| `stake_history` | read-only | Solana sysvar account. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Stake`/`Unstake` depending merge flow.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_move

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `source_stake` | writable | Stake, stake-pool, or staking-related account. |
| `destination_stake` | writable | Stake, stake-pool, or staking-related account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `move_stake` | `bool` |  |
| `lamports` | `u64` |  |

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Stake`/`Unstake` depending account movement.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_split

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `stake` | writable | Stake, stake-pool, or staking-related account. |
| `split_stake` | writable | Stake, stake-pool, or staking-related account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `lamports` | `u64` |  |

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Stake`/`Unstake` depending split flow.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: stake_withdraw

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `stake` | writable | Stake, stake-pool, or staking-related account. |
| `clock` | read-only | Solana sysvar account. |
| `stake_history` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `lamports` | `u64` |  |

Policy and permission requirements:

- Enable native Stake Program access on GLAM Protocol staging builds.
- Delegate permission: Stake Program `Unstake`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: system_transfer

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `to` | writable | to account read or updated by GLAM Protocol Staging's system transfer instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `lamports` | `u64` |  |

Policy and permission requirements:

- SingleAssetVault states are rejected.
- Signer must be the GLAM owner or a delegate with the appropriate System permission for the destination kind:
-   • WSOL token-account destinations owned by the vault require System `WSOL`.
-   • Stake-account destinations require Stake `Stake` and the stake account's withdraw authority must be the vault.
-   • Other destinations check the `TransferPolicy` destination allowlist and require System `Transfer`. WSOL token accounts owned by an allowlisted address use this same `Transfer` path and additionally require the vault not to be a tokenized vault.
- There is no mint/asset or amount policy on this instruction.

TypeScript SDK usage:

```typescript
await glamClient.vault.systemTransfer(
  1_000_000_000,
  recipient,
);
```

### GLAM Protocol Staging: token_transfer_checked_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer, writable | Token mint account used or validated by this instruction. |
| `from` | writable | from account read or updated by GLAM Protocol Staging's token transfer checked by mint authority instruction. |
| `to` | writable | to account read or updated by GLAM Protocol Staging's token transfer checked by mint authority instruction. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `token_program` | read-only | Token program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `decimals` | `u8` |  |

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). The transfer comes from the vault PDA. No owner/delegate or transfer-policy check is performed.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: update_mint_params

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `vec<EngineField>` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: update_mint_params_by_mint_authority

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `glam_mint_authority` | signer | Token mint account used or validated by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `vec<EngineField>` |  |

Policy and permission requirements:

- Signer must be `glam_mint_authority` (the GLAM mint PDA). Validated mint EngineFields are written directly; the path bypasses owner/timelock authorization.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: update_priced_protocol

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `integration_authority` | signer | Program-derived authority used by the integration for downstream invocation. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `priced_protocol` | `PricedProtocol` |  |

Policy and permission requirements:

- Signer must be an integration authority PDA. GLAM Mint may update any priced protocol; other integration authorities must match `priced_protocol.integration_program`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: update_state

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `state` | `StateModel` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Protocol Staging: update_state_apply_timelock

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call; delegates are rejected.
- Requires a timelock layout to be staged on the state; calls against states without staged timelock storage are rejected.
- The staged timelock deadline must have elapsed; pre-deadline calls are rejected. The instruction does not check that a pending change actually exists — it materializes whatever is currently staged and clears the timelock state.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## GLAM Mint Staging

Program ID: `gstgm1M39mhgnvgyScGUDRwNn5kNVSd97hTtyow1Et5`

Tokenized vault and mint lifecycle program. It initializes Token-2022 share mints, handles subscription and redemption flows, pricing/AUM validation, fee accrual/claims, token-account controls, and mint-policy updates. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Tokenized vault mint | Token-2022 account with GLAM Mint Staging authority | Share-token mint for tokenized vaults. It uses Token-2022 extensions for metadata, transfer hooks, and default account state where configured. |
| Request queue PDA | GLAM Mint Staging | Queue for subscription and redemption requests that cannot settle instantly. |
| Escrow PDA | Controlled by GLAM Mint Staging | Temporary holding account used by queued subscription and redemption flows until fulfillment and claim. |
| Token ACL gate accounts | GLAM Mint Staging | Optional allowlist-style token account controls used by staging ACL gate instructions. |
| Anchor event authority | GLAM Mint Staging | Program-derived event helper used when instructions emit Anchor events. |

Integration notes:

- Tokenized vault shares use Token-2022 features such as metadata, transfer hooks, and default account state when configured.
- Relevant official references: [Solana Token-2022 extensions](https://solana.com/docs/tokens/extensions).

### GLAM Mint Staging: acl_gate_add_wallet

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `list_config` | writable | ACL gate list configuration account used to manage wallet allowlist entries. |
| `wallet` | read-only | Wallet address being added to the ACL gate list. |
| `wallet_entry` | writable | Wallet entry PDA being removed from the ACL gate list. |
| `token_acl_gate_program` | read-only | token ACL gate program account invoked or checked by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Mint `TokenAclManageList`.
- CPIs to the Token ACL Gate program with the GLAM mint PDA as list authority to add the wallet entry.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: acl_gate_create_list

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `list_config` | writable | ACL gate list configuration account used to manage wallet allowlist entries. |
| `token_acl_gate_program` | read-only | token ACL gate program account invoked or checked by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `seed` | `[u8; 32]` |  |
| `mode` | `u8` |  |

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Mint `TokenAclManageList`.
- Requires `mode <= 2`.
- Creates a Token ACL Gate list controlled by the GLAM mint PDA.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: acl_gate_delete_list

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `list_config` | writable | ACL gate list configuration account used to manage wallet allowlist entries. |
| `token_acl_gate_program` | read-only | token ACL gate program account invoked or checked by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Mint `TokenAclManageList`.
- CPIs to Token ACL Gate to delete an empty list controlled by the GLAM mint PDA.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: acl_gate_remove_wallet

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `list_config` | writable | ACL gate list configuration account used to manage wallet allowlist entries. |
| `wallet_entry` | writable | Wallet entry PDA being removed from the ACL gate list. |
| `token_acl_gate_program` | read-only | token ACL gate program account invoked or checked by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Mint `TokenAclManageList`.
- CPIs to Token ACL Gate to remove a wallet entry from the list.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: acl_gate_setup_extra_metas

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `mint_config` | read-only | Token mint account used or validated by this instruction. |
| `extra_metas` | writable | extra metas account read or updated by GLAM Mint Staging's ACL gate setup extra metas instruction. |
| `token_acl_gate_program` | read-only | token ACL gate program account invoked or checked by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Mint `TokenAclApplyList`.
- Collects the remaining `ListConfig` accounts and CPIs to Token ACL Gate to configure thaw extra metas for the share mint.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: burn_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `from_token_account` | writable | Token account read or written by this instruction. |
| `from` | read-only | from account read by GLAM Mint Staging's burn tokens instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- GLAM state must be enabled and `supports_mint()` (TokenizedVault, SingleAssetVault, or Mint).
- Signer must be the GLAM owner or a delegate holding Mint `BurnTokens`.
- The Token-2022 source account's mint and owner are validated; the GLAM mint PDA performs the burn.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: cancel

Required conditions:

- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `user` | read-only | user account read by GLAM Mint Staging's cancel instruction. |
| `recover_token_mint` | read-only | Token mint account used or validated by this instruction. |
| `user_ata` | writable | Token account read or written by this instruction. |
| `escrow_ata` | writable | Token account read or written by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `recover_token_program` | read-only | Token program account. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

No arguments.

Policy and permission requirements:

- The request owner can cancel their own request unconditionally — no allowlist, blocklist, or minimum check is enforced.
- For any other signer: the GLAM owner can cancel another user's request directly; non-owner delegates must hold Mint `CancelRequest`.
- After authorization, the recovered asset is validated and the escrowed tokens are returned.

TypeScript SDK usage:

```typescript
await glamClient.invest.cancel();
```

### GLAM Mint Staging: claim

Required conditions:

- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `claim_user` | read-only | Investor or request owner receiving assets or shares from the queued claim flow. |
| `claim_token_mint` | read-only | Token mint account used or validated by this instruction. |
| `claim_user_ata` | writable | Token account read or written by this instruction. |
| `escrow_ata` | writable | Token account read or written by this instruction. |
| `claim_user_policy` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `claim_token_program` | read-only | Token program account. |
| `glam_policies_program` | read-only | glam policies program account invoked or checked by this instruction. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

No arguments.

Policy and permission requirements:

- The request owner can claim their own request unconditionally.
- For any other signer: the GLAM owner can claim for another user directly; non-owner delegates must hold Mint `ClaimRequest`.
- Subscription share claims create a recipient lockup policy only when lockup is configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.claim();
```

### GLAM Mint Staging: claim_fees

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The vault must have fresh pricing records for the operation; fee or fulfillment math depends on NAV values written by the pricing flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `deposit_asset` | read-only | Mint account for the asset being deposited, subscribed with, or used for fee settlement. |
| `vault_deposit_ata` | writable | Token account read or written by this instruction. |
| `protocol_fee_authority` | read-only | Configured protocol fee recipient authority for accrued tokenized-vault fees. |
| `protocol_fee_authority_ata` | writable | Token account read or written by this instruction. |
| `manager_fee_authority` | read-only | Configured manager fee recipient authority for accrued tokenized-vault fees. |
| `manager_fee_authority_ata` | writable | Token account read or written by this instruction. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `deposit_token_program` | read-only | Token program account. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: GLAM owner, or a delegate with Mint `ClaimFees`.
- The `manager` and `protocol authority` accounts are validated payout recipients, not signer authorities.

TypeScript SDK usage:

```typescript
await glamClient.fees.claimFees();
```

### GLAM Mint Staging: close_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The GLAM state owner must sign through the mint close authority path.
- The Token-2022 mint supply must be zero before the mint account can be closed.
- For tokenized vaults, the request queue account must be present and its request count must be zero.
- The transfer-hook extra-account-metas account must be writable because the mint close flow closes it through the GLAM Policies program.
- The mint must be unlinked from the GLAM state before the Token-2022 mint account and request queue are closed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `request_queue` | writable, optional | Request queue account used by mint subscription or redemption flows. |
| `extra_metas_account` | writable | extra metas account account read or updated by GLAM Mint Staging's close mint instruction. |
| `system_program` | read-only | Solana System Program. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
await glamClient.mint.close();
```

### GLAM Mint Staging: crystallize_fees

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The vault must have fresh pricing records for the operation; fee or fulfillment math depends on NAV values written by the pricing flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

No arguments.

Policy and permission requirements:

- No manager or protocol authority access check is enforced. Any signer can trigger fee crystallization when AUM and fee state are valid.

TypeScript SDK usage:

```typescript
await glamClient.fees.crystallizeFees();
```

Cross-instruction constraints:

- Requires fresh pricing for the vault. The pricing operation itself must be atomic in a single transaction.

### GLAM Mint Staging: emergency_update_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `EmergencyUpdateMintArgs` |  |

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Mint `EmergencyUpdate`.
- Effect: toggles the subscription or redemption pause flag on the request queue.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: enable_token_acl

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `mint_config` | writable | Token mint account used or validated by this instruction. |
| `token_acl_program` | read-only | token ACL program account invoked or checked by this instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `system_program` | read-only | Solana System Program. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `gating_program` | `option<pubkey>` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Delegates cannot call this instruction.
- The mint freeze authority must be the GLAM mint PDA. The instruction delegates freeze authority to Token ACL, sets permissionless thaw, and updates metadata.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: force_transfer_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `from_token_account` | writable | Token account read or written by this instruction. |
| `to_ata` | writable | Token account read or written by this instruction. |
| `from` | read-only | from account read by GLAM Mint Staging's force transfer tokens instruction. |
| `to` | read-only | to account read by GLAM Mint Staging's force transfer tokens instruction. |
| `to_policy_account` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Requires a Mint GLAM state.
- Caller: GLAM owner, or a delegate with Mint `ForceTransferTokens`.
- Source and destination Token-2022 accounts are validated; a recipient lockup policy is created when configured. The system and SPL transfer policies are not consulted.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: fulfill

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The vault must have fresh pricing records for the operation; fee or fulfillment math depends on NAV values written by the pricing flow.
- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `asset` | read-only | Mint account for the asset being fulfilled or settled in this mint flow. |
| `vault_asset_ata` | writable | Token account read or written by this instruction. |
| `escrow_asset_ata` | writable | Token account read or written by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `deposit_token_program` | read-only | Token program account. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `limit` | `option<u32>` | Needed to avoid CU exhaustion in the case of a large amount of pending requests. |

Policy and permission requirements:

- Permissionlessness is controlled by `notify_and_settle.permissionless_fulfillment`.
- When permissionless, any signer can fulfill queued requests.
- Otherwise the caller must be the GLAM owner or a delegate with Mint `Fulfill`.

TypeScript SDK usage:

```typescript
const preInstructions = await glamClient.price.priceVaultIxs();
await glamClient.invest.fulfill(null, {
  preInstructions,
  lookupTables: glamClient.price.lookupTables,
  simulate: true,
});
```

Cross-instruction constraints:

- Requires fresh pricing for the vault. The pricing operation itself must be atomic in a single transaction.

### GLAM Mint Staging: initialize_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `new_mint` | writable | Token mint account used or validated by this instruction. |
| `request_queue` | writable, optional | Request queue account used by mint subscription or redemption flows. |
| `extra_metas_account` | writable | extra metas account account read or updated by GLAM Mint Staging's initialize mint instruction. |
| `base_asset_mint` | read-only | Token mint account used or validated by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `mint_model` | `MintModel` |  |
| `created_key` | `[u8; 8]` |  |
| `account_type` | `AccountType` |  |
| `decimals` | `option<u8>` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
import { GlamClient, StateAccountType, WSOL, nameToChars } from "@glamsystems/glam-sdk";
import { BN } from "@coral-xyz/anchor";

const glamClient = new GlamClient();
await glamClient.mint.initialize({
  accountType: StateAccountType.TOKENIZED_VAULT,
  name: nameToChars("My Fund"),
  symbol: "gFUND",
  baseAssetMint: WSOL,
  maxCap: new BN(1_000_000_000_000),
});
```

### GLAM Mint Staging: mint_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `mint_to` | writable | Token mint account used or validated by this instruction. |
| `recipient` | writable | Destination account or owner receiving newly issued share tokens. |
| `policy_account` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Requires a Mint GLAM state.
- Caller: GLAM owner, or a delegate with Mint `MintTokens`.
- A recipient lockup policy is created when configured; tokens are minted to the recipient ATA.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: price_bridge_managed_transfers

Required conditions:

- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: price_kamino_obligations

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: price_kamino_vault_shares

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `num_vaults` | `u8` |  |

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: price_loopscale_loans

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: price_loopscale_strategies

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `glam_vault` | read-only | `glam_vault` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | read-only | `sol_usd_oracle` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `base_asset_oracle` | read-only | `base_asset_oracle` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `glam_config` | read-only | `glam_config` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_loopscale_strategies` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: price_loopscale_vault_positions

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `glam_vault` | read-only | `glam_vault` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | read-only | `sol_usd_oracle` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `base_asset_oracle` | read-only | `base_asset_oracle` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `glam_config` | read-only | `glam_config` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_loopscale_vault_positions` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `num_vaults` | `u8` |  |

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: price_marginfi_accounts

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `glam_vault` | read-only | `glam_vault` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | read-only | `sol_usd_oracle` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `base_asset_oracle` | read-only | `base_asset_oracle` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `glam_config` | read-only | `glam_config` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_marginfi_accounts` instruction (see program source for the full constraint). |

Arguments:

No arguments.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: price_neutral_bundle_depositors

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | State account owned by the GLAM Protocol program; it records vault configuration, policies, and pricing records. |
| `glam_vault` | read-only | Vault account controlled by the GLAM Protocol program; conceptually derived from the state account and used as the vault authority. |
| `signer` | signer, writable | Calling authority. It must be the owner or a delegate with the explicit permission. |
| `sol_usd_oracle` | read-only | Pricing or oracle account used to calculate value for the instruction. |
| `base_asset_oracle` | read-only | Pricing or oracle account used to calculate value for the instruction. |
| `integration_authority` | read-only | Program-derived authority used by an integration during CPI into an external protocol. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Program-derived account. |
| `event_program` | optional | Fixed program or sysvar account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: price_orca_whirlpool_positions

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `glam_vault` | read-only | `glam_vault` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | read-only | `sol_usd_oracle` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `base_asset_oracle` | read-only | `base_asset_oracle` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `glam_config` | read-only | `glam_config` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_orca_whirlpool_positions` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `num_positions` | `u8` |  |

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: price_phoenix_traders

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `glam_vault` | read-only | `glam_vault` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | read-only | `sol_usd_oracle` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `base_asset_oracle` | read-only | `base_asset_oracle` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `glam_config` | read-only | `glam_config` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_phoenix_traders` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: price_registered_positions

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `signer` | signer, writable | `signer` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `observation_state` | read-only | `observation_state` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `glam_protocol` | read-only | `glam_protocol` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `event_authority` | optional | `event_authority` account required by the `price_registered_positions` instruction (see program source for the full constraint). |
| `event_program` | optional | `event_program` account required by the `price_registered_positions` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: price_single_asset_vault

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `base_asset_ata` | read-only | Token account read or written by this instruction. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Requires a Single-asset vault GLAM state.
- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: price_stake_accounts

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: price_vault_tokens

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `sol_usd_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `agg_indexes` | `vec<[i16; 4]>` |  |

Policy and permission requirements:

- Caller: any signer; no pricing-caller ACL is checked.
- Supplied account, oracle, and protocol data are validated before the priced protocol record is written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.

### GLAM Mint Staging: queued_redeem

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The request queue or escrow account must contain the expected request state for the signer, request type, timing window, and amount being processed.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `signer_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount_in` | `u64` |  |

Policy and permission requirements:

- Investor caller must satisfy mint policy, including allowlist, blocklist, lockup, and minimum amount checks where configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.queuedRedeem(
  new BN(5_000_000_000),
);
```

### GLAM Mint Staging: queued_subscribe

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The investor must satisfy mint policy checks, including allowlist, blocklist, minimum subscription amount, max-cap, and lockup configuration where enabled.
- The subscription asset mint and token accounts must match the mint's base asset configuration, and the resulting share calculation must use the validated NAV path for the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | writable | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `deposit_asset` | read-only | Mint account for the asset being deposited, subscribed with, or used for fee settlement. |
| `escrow_deposit_ata` | writable | Token account read or written by this instruction. |
| `signer_deposit_ata` | writable | Token account read or written by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `deposit_token_program` | read-only | Token program account. |
| `associated_token_program` | read-only | Associated Token Account program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount_in` | `u64` |  |

Policy and permission requirements:

- Investor caller must satisfy mint policy, including allowlist, blocklist, lockup, and minimum amount checks where configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.subscribe(
  new BN(10_000_000_000),
  true,
);
```

### GLAM Mint Staging: set_mint_policy

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `MintPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.
- Policy changes should be governed by owner controls and timelock settings.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: set_protocol_fees

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_mint` | read-only | Token mint account used or validated by this instruction. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `base_fee_bps` | `u16` |  |
| `flow_fee_bps` | `u16` |  |

Policy and permission requirements:

- Signer must be the global `glam_config` `fee_authority` on mainnet and staging.
- Protocol fees must have been crystallized at the current timestamp before this update is accepted.

TypeScript SDK usage:

```typescript
await glamClient.fees.setProtocolFees(
  1,
  2000,
);
```

### GLAM Mint Staging: set_token_accounts_states

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `frozen` | `bool` |  |

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding the Mint `SetTokenAccountState` permission.
- Affected token accounts must be Token-2022 accounts whose freeze authority is the GLAM mint PDA.

TypeScript SDK usage:

```typescript
await glamClient.mint.setTokenAccountsStates(
  [tokenAccount],
  true,
);
```

### GLAM Mint Staging: subscribe

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- The investor must satisfy mint policy checks, including allowlist, blocklist, minimum subscription amount, max-cap, and lockup configuration where enabled.
- The subscription asset mint and token accounts must match the mint's base asset configuration, and the resulting share calculation must use the validated NAV path for the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | read-only | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `glam_escrow` | read-only | Escrow account or escrow token account used by mint flows. |
| `request_queue` | read-only | Request queue account used by mint subscription or redemption flows. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `signer_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `escrow_mint_ata` | writable | Token mint account used or validated by this instruction. |
| `deposit_asset` | read-only | Mint account for the asset being deposited, subscribed with, or used for fee settlement. |
| `vault_deposit_ata` | writable | Token account read or written by this instruction. |
| `signer_deposit_ata` | writable | Token account read or written by this instruction. |
| `signer_policy` | writable, optional | Policy account or policy-related account. |
| `system_program` | read-only | Solana System Program. |
| `deposit_token_program` | read-only | Token program account. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `policies_program` | read-only | policies program account invoked or checked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount_in` | `u64` |  |

Policy and permission requirements:

- Investor caller must satisfy mint policy, including allowlist, blocklist, lockup, and minimum amount checks where configured.

TypeScript SDK usage:

```typescript
await glamClient.invest.subscribe(
  new BN(10_000_000_000),
  false,
);
```

### GLAM Mint Staging: token_acl_freeze

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `mint_config` | read-only | Token mint account used or validated by this instruction. |
| `token_acl_program` | read-only | token ACL program account invoked or checked by this instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: GLAM owner, or a delegate with Mint `TokenAclFreezeThaw`.
- Freezes each remaining token account through the Token ACL program, using the GLAM mint PDA as authority.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: token_acl_thaw

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `mint_config` | read-only | Token mint account used or validated by this instruction. |
| `token_acl_program` | read-only | token ACL program account invoked or checked by this instruction. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Caller: GLAM owner, or a delegate with Mint `TokenAclFreezeThaw`.
- Thaws each remaining token account through the Token ACL program, using the GLAM mint PDA as authority.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: update_mint

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `mint_model` | `MintModel` |  |

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

```typescript
await glamClient.mint.update({
  maxCap: new BN(5_000_000_000_000),
  minSubscription: new BN(500_000_000),
});
```

### GLAM Mint Staging: update_mint_apply_timelock

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.
- The pending change must exist, the configured delay must have elapsed, and the account receiving the change must still match the pending update target.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_mint` | writable | Token mint account used or validated by this instruction. |
| `request_queue` | optional | Request queue account used by mint subscription or redemption flows. |
| `system_program` | read-only | Solana System Program. |
| `token_2022_program` | read-only | Token-2022 program account. |
| `glam_protocol` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

No arguments.

Policy and permission requirements:

- Only the GLAM owner can call this; delegates are rejected.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### GLAM Mint Staging: validate_aum

Required conditions:

- Mint actions must satisfy the linked GLAM state, Token-2022 mint configuration, mint policy, and any request queue or escrow state involved in the flow.
- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `signer` | signer, writable | Calling authority or fee payer. |
| `event_authority` | optional | Event authority or downstream event account. |
| `event_program` | optional | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Any signer can call. AUM is computed from `glam_state` and emitted as an `AumRecord` event; no pricing-caller ACL is checked and no per-protocol valuation records are written.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
```

Cross-instruction constraints:

- Run after all required pricing instructions, and include validation in the same transaction when the operation depends on an atomic NAV calculation.

## Kamino Integration Staging

Program ID: `gstgKa2Gq9wf5hM3DFWx1TvUrGYzDYszyFGq3XBY9Uq`

Integration adapter for Kamino Lending, Kamino Vaults, and Kamino Farms. It performs CPI into Kamino programs with the GLAM vault PDA as the authority and enforces protocol enablement, delegate permissions, and market/vault policies. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | Kamino Integration Staging | Program-derived authority used for integration-level signing during Kamino CPI calls. |
| Kamino user, obligation, farm, and vault accounts | Kamino programs with GLAM vault authority | External protocol accounts created or updated by the integration for GLAM-managed positions. |

Integration notes:

- Kamino Integration Staging must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [Kamino documentation](https://kamino.com/docs/overview).

### Kamino Integration Staging: farms_harvest_reward

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `global_config` | read-only | global config account read by Kamino Integration Staging's farms harvest reward instruction. |
| `reward_mint` | read-only | Token mint account used or validated by this instruction. |
| `user_reward_ata` | writable | Token account read or written by this instruction. |
| `rewards_vault` | writable | Vault or downstream vault account. |
| `rewards_treasury_vault` | writable | Vault or downstream vault account. |
| `farm_vaults_authority` | read-only | Vault or downstream vault account. |
| `scope_prices` | optional | Oracle or price account used for valuation or downstream validation. |
| `token_program` | read-only | Token program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `reward_index` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoFarms` on the vault integration ACL.
- Delegate permission: Kamino Farms `HarvestReward`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoFarm.harvest([farmState]);
```

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration Staging: farms_initialize_user

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `rent` | read-only | Solana sysvar account. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Kamino Farms `Stake`.
- Initializes the Kamino user state using the supplied rent and farm accounts.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration Staging: farms_stake

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `farm_vault` | writable | Vault or downstream vault account. |
| `user_ata` | writable | Token account read or written by this instruction. |
| `token_mint` | read-only | Token mint account used or validated by this instruction. |
| `scope_prices` | optional | Oracle or price account used for valuation or downstream validation. |
| `token_program` | read-only | Token program account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoFarms` on the vault integration ACL.
- Delegate permission: Kamino Farms `Stake`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoFarm.stake(
  new BN(1_000_000_000),
  farmState,
);
```

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration Staging: farms_unstake

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `scope_prices` | optional | Oracle or price account used for valuation or downstream validation. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u128` |  |

Policy and permission requirements:

- Enable `KaminoFarms` on the vault integration ACL.
- Delegate permission: Kamino Farms `Unstake`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoFarm.unstake(
  new BN(500_000_000),
  farmState,
);
```

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration Staging: farms_withdraw_unstaked_deposits

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `user_state` | writable | User position state account updated by the downstream protocol. |
| `farm_state` | writable | Kamino farm account. |
| `user_ata` | writable | Token account read or written by this instruction. |
| `farm_vault` | writable | Vault or downstream vault account. |
| `farm_vaults_authority` | read-only | Vault or downstream vault account. |
| `token_program` | read-only | Token program account. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or a delegate holding Kamino Farms `Unstake` before withdrawing unstaked deposits.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Kamino farm user state must be initialized before stake, unstake, withdrawal, or reward harvest flows.

### Kamino Integration Staging: lending_borrow_obligation_liquidity_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Borrowing must satisfy both the vault-level borrowable asset list and the integration-specific borrow allowlist where one is configured.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `borrow_reserve` | writable | Kamino reserve account. |
| `borrow_reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_source_liquidity` | writable | Kamino reserve account. |
| `borrow_reserve_liquidity_fee_receiver` | writable | Kamino reserve account. |
| `user_destination_liquidity` | writable | Vault-owned token account that receives liquidity borrowed or withdrawn from Kamino. |
| `referrer_token_state` | writable, optional | Optional Kamino referrer token state credited during borrow flows when a referrer is configured. |
| `token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Borrow`.
- Borrowing must satisfy the vault-level borrowable asset list and any integration-specific borrow allowlist.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.borrow(
  market,
  usdcMint,
  new BN(200_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration Staging: lending_deposit_reserve_liquidity_and_obligation_collateral_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `reserve` | writable | Kamino reserve account. |
| `reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_liquidity_supply` | writable | Kamino reserve account. |
| `reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `reserve_destination_deposit_collateral` | writable | Kamino reserve account. |
| `user_source_liquidity` | writable | Vault-owned token account that supplies liquidity for Kamino deposit, repay, or liquidation flows. |
| `placeholder_user_destination_collateral` | optional | Optional collateral destination placeholder required by Kamino account ordering when collateral is not received. |
| `collateral_token_program` | read-only | Token program account. |
| `liquidity_token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Deposit`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.deposit(
  market,
  usdcMint,
  new BN(1_000_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration Staging: lending_init_obligation

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `fee_payer` | signer, writable | Calling authority or fee payer. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `seed1_account` | read-only | Seed account used by Kamino when deriving the obligation address. |
| `seed2_account` | read-only | Second seed account used by Kamino when deriving the obligation address. |
| `owner_user_metadata` | read-only | Token account read or written by this instruction. |
| `rent` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `InitObligationArgs` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Init`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration Staging: lending_init_obligation_farms_for_reserve

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `payer` | signer, writable | Fee payer funding rent or account allocation for this instruction. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `reserve` | writable | Kamino reserve account. |
| `reserve_farm_state` | writable | Kamino reserve account. |
| `obligation_farm` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `farms_program` | read-only | Kamino farm account. |
| `rent` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `mode` | `u8` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Init` with farm setup context.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration Staging: lending_init_user_metadata

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `fee_payer` | signer, writable | Calling authority or fee payer. |
| `user_metadata` | writable | Token account read or written by this instruction. |
| `referrer_user_metadata` | optional | Token account read or written by this instruction. |
| `rent` | read-only | Solana sysvar account. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `user_lookup_table` | `pubkey` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Init`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.initUserMetadata();
```

### Kamino Integration Staging: lending_liquidate_obligation_and_redeem_reserve_collateral_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `repay_reserve` | writable | Kamino reserve account. |
| `repay_reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `repay_reserve_liquidity_supply` | writable | Kamino reserve account. |
| `withdraw_reserve` | writable | Kamino reserve account. |
| `withdraw_reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `withdraw_reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_reserve_collateral_supply` | writable | Kamino reserve account. |
| `withdraw_reserve_liquidity_supply` | writable | Kamino reserve account. |
| `withdraw_reserve_liquidity_fee_receiver` | writable | Kamino reserve account. |
| `user_source_liquidity` | writable | Vault-owned token account that supplies liquidity for Kamino deposit, repay, or liquidation flows. |
| `user_destination_collateral` | writable | Vault-owned collateral token account receiving Kamino collateral during liquidation. |
| `user_destination_liquidity` | writable | Vault-owned token account that receives liquidity borrowed or withdrawn from Kamino. |
| `collateral_token_program` | read-only | Token program account. |
| `repay_liquidity_token_program` | read-only | Token program account. |
| `withdraw_liquidity_token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `collateral_obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `collateral_reserve_farm_state` | writable, optional | Kamino reserve account. |
| `debt_obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `debt_reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |
| `min_acceptable_received_liquidity_amount` | `u64` |  |
| `max_allowed_ltv_override_percent` | `u64` |  |

Policy and permission requirements:

- Signer must hold Kamino Lending `Liquidate`.
- Lending policy and market allowlist are checked.
- Output collateral mint must be a vault asset, or otherwise configured as borrowable or priced.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration Staging: lending_repay_obligation_liquidity_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `repay_reserve` | writable | Kamino reserve account. |
| `reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_destination_liquidity` | writable | Kamino reserve account. |
| `user_source_liquidity` | writable | Vault-owned token account that supplies liquidity for Kamino deposit, repay, or liquidation flows. |
| `token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Repay`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.repay(
  market,
  usdcMint,
  new BN(200_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration Staging: lending_request_elevation_group

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `elevation_group` | `u8` |  |

Policy and permission requirements:

- Signer must hold Kamino Lending `Borrow`.
- Lending policy and market or elevation-group constraints are checked before forwarding the CPI.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration Staging: lending_withdraw_obligation_collateral_and_redeem_reserve_collateral_v2

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `obligation` | writable | Kamino lending obligation account. |
| `lending_market` | read-only | Kamino lending market account for the reserves and obligations touched by this instruction. |
| `lending_market_authority` | read-only | Kamino market authority PDA that authorizes reserve and obligation operations. |
| `withdraw_reserve` | writable | Kamino reserve account. |
| `reserve_liquidity_mint` | read-only | Token mint account used or validated by this instruction. |
| `reserve_source_collateral` | writable | Kamino reserve account. |
| `reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `reserve_liquidity_supply` | writable | Kamino reserve account. |
| `user_destination_liquidity` | writable | Vault-owned token account that receives liquidity borrowed or withdrawn from Kamino. |
| `placeholder_user_destination_collateral` | optional | Optional collateral destination placeholder required by Kamino account ordering when collateral is not received. |
| `collateral_token_program` | read-only | Token program account. |
| `liquidity_token_program` | read-only | Token program account. |
| `instruction_sysvar_account` | read-only | Solana sysvar account. |
| `obligation_farm_user_state` | writable, optional | Kamino lending obligation account. |
| `reserve_farm_state` | writable, optional | Kamino reserve account. |
| `farms_program` | read-only | Kamino farm account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `collateral_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoLend` on the vault integration ACL.
- Delegate permission: Kamino Lending `Withdraw`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoLending.withdraw(
  market,
  usdcMint,
  new BN(500_000_000),
);
```

Cross-instruction constraints:

- Kamino user metadata and the relevant obligation accounts must exist before lending movement instructions run.

### Kamino Integration Staging: set_lending_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `LendingPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration Staging: set_vaults_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `VaultsPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Kamino Integration Staging: vaults_deposit

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `vault_state` | writable | Vault or downstream vault account. |
| `token_vault` | writable | Vault or downstream vault account. |
| `token_mint` | read-only | Token mint account used or validated by this instruction. |
| `base_vault_authority` | read-only | Vault or downstream vault account. |
| `shares_mint` | writable | Token mint account used or validated by this instruction. |
| `user_token_ata` | writable | Token account read or written by this instruction. |
| `user_shares_ata` | writable | Token account read or written by this instruction. |
| `klend_program` | read-only | Kamino Lending program account invoked or checked by this instruction. |
| `token_program` | read-only | Token program account. |
| `shares_token_program` | read-only | Token program account. |
| `event_authority` | read-only | Event authority or downstream event account. |
| `program` | read-only | Anchor program account used by the downstream protocol. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `max_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoVaults` on the vault integration ACL.
- Delegate permission: Kamino Vaults `Deposit`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoVaults.deposit(
  kaminoVault,
  new BN(1_000_000_000),
);
```

Cross-instruction constraints:

- The target Kamino vault must be allowed by the Kamino vaults policy before deposit or withdrawal.

### Kamino Integration Staging: vaults_withdraw

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `withdraw_from_available_vault_state` | writable | Vault or downstream vault account. |
| `withdraw_from_available_global_config` | read-only | withdraw from available global config account read by Kamino Integration Staging's vaults withdraw instruction. |
| `withdraw_from_available_token_vault` | writable | Vault or downstream vault account. |
| `withdraw_from_available_base_vault_authority` | read-only | Vault or downstream vault account. |
| `withdraw_from_available_user_token_ata` | writable | Token account read or written by this instruction. |
| `withdraw_from_available_token_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_from_available_user_shares_ata` | writable | Token account read or written by this instruction. |
| `withdraw_from_available_shares_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_from_available_token_program` | read-only | Token program account. |
| `withdraw_from_available_shares_token_program` | read-only | Token program account. |
| `withdraw_from_available_klend_program` | read-only | withdraw from available Kamino Lending program account invoked or checked by this instruction. |
| `withdraw_from_available_event_authority` | read-only | Event authority or downstream event account. |
| `withdraw_from_available_program` | read-only | withdraw from available program account invoked or checked by this instruction. |
| `withdraw_from_reserve_vault_state` | writable | Vault or downstream vault account. |
| `withdraw_from_reserve_reserve` | writable | Kamino reserve account. |
| `withdraw_from_reserve_ctoken_vault` | writable | Vault or downstream vault account. |
| `withdraw_from_reserve_lending_market` | read-only | Kamino reserve account. |
| `withdraw_from_reserve_lending_market_authority` | read-only | Kamino reserve account. |
| `withdraw_from_reserve_reserve_liquidity_supply` | writable | Kamino reserve account. |
| `withdraw_from_reserve_reserve_collateral_mint` | writable | Token mint account used or validated by this instruction. |
| `withdraw_from_reserve_reserve_collateral_token_program` | read-only | Token program account. |
| `withdraw_from_reserve_instruction_sysvar_account` | read-only | Solana sysvar account. |
| `event_authority` | read-only | Event authority or downstream event account. |
| `program` | read-only | Anchor program account used by the downstream protocol. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `shares_amount` | `u64` |  |

Policy and permission requirements:

- Enable `KaminoVaults` on the vault integration ACL.
- Delegate permission: Kamino Vaults `Withdraw`.

TypeScript SDK usage:

```typescript
await glamClient.kaminoVaults.withdraw(
  kaminoVault,
  new BN(500_000_000),
);
```

Cross-instruction constraints:

- The target Kamino vault must be allowed by the Kamino vaults policy before deposit or withdrawal.

## SPL Integration Staging

Program ID: `gstgs9nJgX8PmRHWAAEP9H7xT3ZkaPWSGPYbj3mXdTa`

Integration adapter for SPL Token and Token-2022 account operations. It supports vault-controlled checked transfers and closing token accounts under transfer policy. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | SPL Integration Staging | Program-derived authority used for integration-level signing during SPL Token and Token-2022 CPI calls. |

Integration notes:

- SPL Integration Staging must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [Solana Token-2022 extensions](https://solana.com/docs/tokens/extensions).

### SPL Integration Staging: set_token_transfer_policy

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `TransferPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

```typescript
import { TransferPolicy } from "@glamsystems/glam-sdk";

const policy = new TransferPolicy([approvedDestination]);
await glamClient.access.setProtocolPolicy(
  glamClient.extSplProgram.programId,
  0b01,
  policy.encode(),
);
```

### SPL Integration Staging: token_close_account

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `token_account` | writable | Token account read or written by this instruction. |

Arguments:

No arguments.

Policy and permission requirements:

- Signer must be the GLAM owner or any unexpired delegate; no SPL `Transfer` or token-close-specific permission is required.
- Routed through `cpi_proxy`.

TypeScript SDK usage:

```typescript
await glamClient.vault.closeTokenAccounts([
  tokenAccount,
]);
```

### SPL Integration Staging: token_transfer_checked

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `from` | writable | from account read or updated by SPL Integration Staging's token transfer checked instruction. |
| `mint` | read-only | Token mint account used or validated by this instruction. |
| `to` | writable | to account read or updated by SPL Integration Staging's token transfer checked instruction. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `decimals` | `u8` |  |

Policy and permission requirements:

- `TokenTransferPolicy` is checked against the destination token account's owner only — no mint/asset or amount policy is consulted.
- Allowlisted destination owners require SPL `Transfer`.
- For the GLAM-owner-destination path: the GLAM owner must sign and the vault must not be a tokenized vault.

TypeScript SDK usage:

```typescript
await glamClient.vault.tokenTransfer(
  usdcMint,
  50_000_000,
  recipient,
);
```

## Bridge Integration Staging

Program ID: `gstgxS9yTioViNKdsM4DC33k1TU9un2VCYDQK8fAeSA`

Integration adapter for LayerZero OFT routes and managed bridge transfers. It prepares, commits, validates, prices, and settles inflight bridge transfers that are tracked as registered positions. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Bridge registry PDA | Bridge Integration Staging | Registry for LayerZero OFT routes and managed bridge transfer records. |
| LayerZero OFT route records | Bridge Integration Staging | Route configuration for source mint, destination chain, provider program, recipient, and allowed amount range. |
| Managed transfer records | Bridge Integration Staging | Inflight bridge-transfer records used for validation, pricing, and settlement. |

Integration notes:

- Bridge Integration Staging must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [LayerZero OFT documentation](https://docs.layerzero.network/v2/concepts/technical-reference/oft-reference).

### Bridge Integration Staging: add_layerzero_oft_route

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `route` | `LayerzeroOftRoute` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Delegates cannot manage LayerZero OFT routes.
- The instruction loads the existing OFT policy, appends the route, validates routes, and persists the policy.

TypeScript SDK usage:

```typescript
await glamClient.bridge.addLayerzeroOftRoute({
  sourceMint,
  destinationChain,
  destinationRecipient,
  providerProgram,
  managementMode,
  minAmount,
  maxAmount,
});
```

### Bridge Integration Staging: commit_oft_transfer

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Asset, amount, and destination restrictions must satisfy the configured transfer or destination policy when that policy is present.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `instructions` | read-only | Solana sysvar account. |
| `bridge_registry` | writable | Bridge route, session, registry, or managed-transfer account. |
| `bridge_session` | writable | Bridge route, session, registry, or managed-transfer account. |
| `source_token_account` | writable | Token account read or written by this instruction. |
| `source_mint` | read-only | Token mint account used or validated by this instruction. |
| `auxiliary_token_account` | writable | Token account read or written by this instruction. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `CommitOftTransferArgs` |  |

Policy and permission requirements:

- Signer must hold Bridge `Send`.
- A matching `prepare_oft_transfer` instruction must be present in the same transaction.
- OFT route and transfer policy checks are enforced before the LayerZero OFT send CPI.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- Run after the OFT transfer has been prepared and sent by the bridge flow.

### Bridge Integration Staging: delete_layerzero_oft_route

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `route` | `LayerzeroOftRoute` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Delegates cannot manage LayerZero OFT routes.
- The instruction removes a matching route or errors if none match, then persists the policy.

TypeScript SDK usage:

```typescript
await glamClient.bridge.deleteLayerzeroOftRoute(route);
```

### Bridge Integration Staging: prepare_oft_transfer

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Asset, amount, and destination restrictions must satisfy the configured transfer or destination policy when that policy is present.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `bridge_registry` | writable | Bridge route, session, registry, or managed-transfer account. |
| `bridge_session` | writable | Bridge route, session, registry, or managed-transfer account. |
| `source_token_account` | writable | Token account read or written by this instruction. |
| `source_mint` | read-only | Token mint account used or validated by this instruction. |
| `auxiliary_token_account` | writable | Token account read or written by this instruction. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `instructions` | read-only | Solana sysvar account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `PrepareOftTransferArgs` |  |

Policy and permission requirements:

- Signer must hold Bridge `Send`.
- OFT route and transfer policy rules are validated.
- A matching `commit_oft_transfer` instruction must be present in the same transaction.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Bridge Integration Staging: price_managed_transfers

Required conditions:

- All pricing instructions for the same pricing operation must be in one Solana transaction; splitting them across multiple transactions is unsupported and can produce stale, inconsistent, or rejected NAV calculations.
- Oracle, token-account, position, and pricing-record accounts must all refer to the same vault state and base asset so the AUM calculation is internally consistent.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `bridge_registry` | read-only | Bridge route, session, registry, or managed-transfer account. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `glam_config` | read-only | Global GLAM configuration account for fee and asset/oracle metadata. |
| `base_asset_oracle` | read-only | Oracle or price account used for valuation or downstream validation. |

Arguments:

No arguments.

Policy and permission requirements:

- No signer or pricing-caller ACL is enforced. Validated managed transfers from the bridge registry are priced via supplied oracles and published as a priced protocol through the integration authority.

TypeScript SDK usage:

```typescript
const pricingIxs = await glamClient.price.priceVaultIxs();
const validateIx = await glamClient.price.validateAumIx();
// Submit all pricing instructions and validation together.
```

Cross-instruction constraints:

- All pricing instructions for this pricing operation must be included in the same Solana transaction. Splitting them across multiple transactions is not supported and will produce incorrect or rejected NAV calculations.
- Managed transfers must be validated before they are priceable.

### Bridge Integration Staging: settle_managed_transfer

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `bridge_registry` | writable | Bridge route, session, registry, or managed-transfer account. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `system_program` | read-only | Solana System Program. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `SettleManagedTransferArgs` |  |

Policy and permission requirements:

- The `bridge_registry` account must belong to this GLAM state.
- Signer access is checked through the record's protocol against Bridge `Settle`.
- Record status must be `Committed` or `Validated`. The instruction removes the record and syncs the managed-transfer position when needed.

TypeScript SDK usage:

```typescript
await glamClient.bridge.settleManagedTransfer(transferId);
```

Cross-instruction constraints:

- Run after validation and downstream settlement are complete so the managed transfer can be removed from the registry.

### Bridge Integration Staging: update_layerzero_oft_route

Required conditions:

- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `route` | `LayerzeroOftRoute` |  |

Policy and permission requirements:

- Owner-only.
- Loads the OFT policy, replaces the matching route, validates the route set, and persists through core policy storage; state timelock applies when active.

TypeScript SDK usage:

```typescript
await glamClient.bridge.updateLayerzeroOftRoute(route);
```

### Bridge Integration Staging: validate_managed_transfer

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_signer` | signer | Calling authority or fee payer. |
| `bridge_registry` | writable | Bridge route, session, registry, or managed-transfer account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `ValidateManagedTransferArgs` |  |

Policy and permission requirements:

- The `bridge_registry` account must belong to this GLAM state.
- Signer access is checked through the record's protocol against Bridge `Validate`.
- Record status must be `Committed`. The instruction marks the record `Validated`. (Route and transfer constraints are not re-validated here.)

TypeScript SDK usage:

```typescript
await glamClient.bridge.validateManagedTransfer(transferId);
```

Cross-instruction constraints:

- Run after a managed transfer is committed and before the transfer is included in pricing.

## Registered Positions Integration Staging

Program ID: `gstge5RzNEGQwpwBPKTJbP9yczoFEzzm5upSSsie9fX`

Integration adapter for trusted, native, or Wormhole-sourced registered positions. It registers position configs, accepts raw observations, validates and normalizes them into the vault base asset, and maintains the observation state consumed by GLAM Mint pricing. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Registered position registry data | Registered Positions Integration Staging | Configuration for valued or tokenized positions that are priced through trusted or native observations. |
| Observation state PDA | Registered Positions Integration Staging | Pending and active observations for configured registered positions. |

Integration notes:

- Registered Positions Integration Staging must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- `submit_observation` records a pending trusted observation. `submit_observation_wormhole` records a Wormhole-verified pending observation. `validate_observation` computes the base-asset-normalized value from the pending observation and oracle metadata, then promotes it for GLAM Mint pricing.

### Registered Positions Integration Staging: remove_registered_position

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `remove_registered_position` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `remove_registered_position` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `remove_registered_position` instruction (see program source for the full constraint). |
| `observation_state` | writable | `observation_state` account required by the `remove_registered_position` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `remove_registered_position` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `remove_registered_position` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `remove_registered_position` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `position_id` | `[u8; 32]` |  |

Policy and permission requirements:

- Signer must hold the RPI `Configure` ACL permission on the GLAM state and be on the position's configure allowlist.
- Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path — so a delegate with `Configure` cannot complete the removal by itself.
- The position is removed from the RPI policy and observation state, and vault registered-position coverage is synced through `cpi_proxy` side effects.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Registered Positions Integration Staging: submit_observation

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | `glam_state` account required by the `submit_observation` instruction (see program source for the full constraint). |
| `glam_signer` | signer | `glam_signer` account required by the `submit_observation` instruction (see program source for the full constraint). |
| `observation_state` | writable | `observation_state` account required by the `submit_observation` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `input` | `PositionObservationInput` |  |

Policy and permission requirements:

- Signer must hold RPI `SubmitObservation`.
- Position must be enabled and trusted; signer must be on the position's submit allowlist.
- Denomination and freshness are validated; a pending observation is then written.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Registered Positions Integration Staging: submit_observation_wormhole

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | `glam_state` account required by the `submit_observation_wormhole` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `submit_observation_wormhole` instruction (see program source for the full constraint). |
| `observation_state` | writable | `observation_state` account required by the `submit_observation_wormhole` instruction (see program source for the full constraint). |
| `wormhole_config` | writable | `wormhole_config` account required by the `submit_observation_wormhole` instruction (see program source for the full constraint). |
| `guardian_set` | read-only | `guardian_set` account required by the `submit_observation_wormhole` instruction (see program source for the full constraint). |
| `guardian_signatures` | read-only | `guardian_signatures` account required by the `submit_observation_wormhole` instruction (see program source for the full constraint). |
| `wormhole_verify_vaa_shim` | read-only | `wormhole_verify_vaa_shim` account required by the `submit_observation_wormhole` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `position_id` | `[u8; 32]` |  |
| `guardian_set_bump` | `u8` |  |
| `vaa_body` | `bytes` |  |

Policy and permission requirements:

- RPI role access is not required for this submit path; the signer relays a Wormhole VAA body whose signatures have already been posted to the Wormhole Verification Shim.
- Position must be enabled, configured as a USD-valued Wormhole position, and match the stored Wormhole and Hyperliquid payload constraints.
- Accepted payloads become pending USD observations; `validate_observation` still performs GLAM oracle normalization before pricing.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Registered Positions Integration Staging: upsert_registered_position

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `upsert_registered_position` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `upsert_registered_position` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `upsert_registered_position` instruction (see program source for the full constraint). |
| `observation_state` | writable | `observation_state` account required by the `upsert_registered_position` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `upsert_registered_position` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `upsert_registered_position` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `upsert_registered_position` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `config` | `PositionConfig` |  |

Policy and permission requirements:

- Signer must hold the RPI `Configure` ACL permission on the GLAM state and be on the position's configure allowlist.
- Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path — so a delegate with `Configure` cannot complete the policy change by itself.
- Vault registered-position coverage is also updated through `cpi_proxy` side effects.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Registered Positions Integration Staging: upsert_registered_position_wormhole_config

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | `glam_state` account required by the `upsert_registered_position_wormhole_config` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `upsert_registered_position_wormhole_config` instruction (see program source for the full constraint). |
| `wormhole_config` | writable | `wormhole_config` account required by the `upsert_registered_position_wormhole_config` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `upsert_registered_position_wormhole_config` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `input` | `WormholeObservationConfigInput` |  |

Policy and permission requirements:

- Signer must hold the RPI `Configure` ACL permission on the GLAM state.
- Creates or updates the Wormhole envelope config for an existing Wormhole-sourced registered position.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Registered Positions Integration Staging: upsert_registered_position_wormhole_hyperliquid_config

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | read-only | `glam_state` account required by the `upsert_registered_position_wormhole_hyperliquid_config` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `upsert_registered_position_wormhole_hyperliquid_config` instruction (see program source for the full constraint). |
| `wormhole_config` | read-only | `wormhole_config` account required by the `upsert_registered_position_wormhole_hyperliquid_config` instruction (see program source for the full constraint). |
| `hyperliquid_config` | writable | `hyperliquid_config` account required by the `upsert_registered_position_wormhole_hyperliquid_config` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `upsert_registered_position_wormhole_hyperliquid_config` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `input` | `WormholeHyperliquidObservationConfigInput` |  |

Policy and permission requirements:

- Signer must hold the RPI `Configure` ACL permission on the GLAM state.
- Creates or updates Hyperliquid payload constraints for an existing USD-valued Wormhole-sourced registered position.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Registered Positions Integration Staging: validate_observation

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `validate_observation` instruction (see program source for the full constraint). |
| `glam_signer` | signer | `glam_signer` account required by the `validate_observation` instruction (see program source for the full constraint). |
| `observation_state` | writable | `observation_state` account required by the `validate_observation` instruction (see program source for the full constraint). |
| `glam_config` | optional | `glam_config` account required by the `validate_observation` instruction (see program source for the full constraint). |
| `sol_usd_oracle` | optional | `sol_usd_oracle` account required by the `validate_observation` instruction (see program source for the full constraint). |
| `base_asset_oracle` | optional | `base_asset_oracle` account required by the `validate_observation` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `position_id` | `[u8; 32]` |  |

Policy and permission requirements:

- Signer must hold RPI `ValidateObservation`.
- Signer must be on the position's validate allowlist.
- A fresh pending observation is required; RPI computes the base-asset-normalized amount from the pending observation and validated oracle metadata before promoting it for pricing.
- USD and non-base-mint observations require GLAM oracle metadata plus the base asset oracle; SOL-denominated oracle prices also require the SOL/USD oracle.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## Loopscale Integration Staging

Program ID: `gstgL6y4uWjsfM3Qjs5euoTDmEcXoUjqx8rkYJhYngG`

Integration adapter for Loopscale direct-lender strategies and loan positions. It creates/manages vault-owned strategies and loans, prices those positions, and applies Loopscale deposit, borrow, and market allowlist policy. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Loopscale strategy accounts | Loopscale program with GLAM vault authority | Direct-lender strategy accounts created and managed for the GLAM vault. |
| Loopscale loan accounts | Loopscale program with GLAM vault authority | Loan records for collateral, principal, repayment, locking, unlocking, and pricing flows. |

Integration notes:

- Loopscale Integration Staging must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [Loopscale documentation](https://docs.loopscale.com/introduction/overview).

### Loopscale Integration Staging: borrow_principal

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Borrowing must satisfy both the vault-level borrowable asset list and the integration-specific borrow allowlist where one is configured.
- The instruction metadata names `BorrowPrincipal` as the delegate permission for this instruction.
- `principal_mint` must be present in the Loopscale borrow allowlist.
- `market_information` must be present in the Loopscale markets allowlist.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `bs_auth` | signer | bs auth account read by Loopscale Integration Staging's borrow principal instruction. |
| `loan` | writable | Loopscale loan account. |
| `strategy` | writable | Loopscale strategy account. |
| `market_information` | writable | Loopscale market information account for the strategy, collateral, or principal asset. |
| `principal_mint` | read-only | Token mint account used or validated by this instruction. |
| `borrower_ta` | writable | Token account read or written by this instruction. |
| `strategy_ta` | writable | Token account read or written by this instruction. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `token_program` | read-only | Token program account. |
| `event_authority` | read-only | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `BorrowPrincipalParams` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `BorrowPrincipal`.
- Borrowing must satisfy the vault-level borrowable asset list and any integration-specific borrow allowlist.

TypeScript SDK usage:

```typescript
const borrowPrincipalIx =
  await glamClient.loopscale.txBuilder.borrowPrincipalIx(
    { amount, assetIndexGuidance, duration, expectedLoanValues, skipSolUnwrap },
    { loan, strategy, marketInformation, principalMint, remainingAccounts },
  );
```

Cross-instruction constraints:

- The Loopscale loan must exist; locking and unlocking determine when principal and collateral movements are valid.

### Loopscale Integration Staging: claim_vault_rewards

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `bs_auth` | signer | `bs_auth` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `vault` | read-only | `vault` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `vault_rewards_info` | writable | `vault_rewards_info` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `user_rewards_info` | writable | `user_rewards_info` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `stake_account` | writable | `stake_account` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |
| `event_authority` | read-only | `event_authority` account required by the `claim_vault_rewards` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `mints` | `vec<pubkey>` |  |

Policy and permission requirements:

- Loopscale integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Loopscale `ClaimVaultRewards`.
- Claims rewards through the Loopscale vault CPI.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: close_loan

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The target account must be writable and controlled by the program or authority expected by the instruction.
- The rent refund destination or signer account must be writable because closing returns lamports to that account.
- Any protocol-specific empty-state requirement, such as zero balance, zero supply, no pending request, or no active position, must be satisfied before closure.
- The instruction metadata names `ManageLoan` as the delegate permission for this instruction.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `bs_auth` | signer | bs auth account read by Loopscale Integration Staging's close loan instruction. |
| `loan` | writable | Loopscale loan account. |
| `event_authority` | read-only | Event authority or downstream event account. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `ManageLoan`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: close_strategy

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The target account must be writable and controlled by the program or authority expected by the instruction.
- The rent refund destination or signer account must be writable because closing returns lamports to that account.
- Any protocol-specific empty-state requirement, such as zero balance, zero supply, no pending request, or no active position, must be satisfied before closure.
- The instruction metadata names `CloseStrategy` as the delegate permission for this instruction.
- `strategy` must be tracked in the vault's registered-position registry.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `bs_auth` | signer | Fixed program or sysvar account. |
| `strategy` | writable | External strategy account. |
| `principal_mint` | read-only | Token mint account. |
| `token_program` | read-only | Token program (SPL Token or Token-2022) used by the strategy's principal mint during close. |
| `associated_token_program` | read-only | Standard Solana program account. |
| `event_authority` | read-only | Anchor event authority PDA used when the invoked program emits events. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `CloseStrategy`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Loopscale strategy must be tracked in the vault's registered positions when required by policy.

### Loopscale Integration Staging: create_loan

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.
- The instruction metadata names `ManageLoan` as the delegate permission for this instruction.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `bs_auth` | signer | bs auth account read by Loopscale Integration Staging's create loan instruction. |
| `loan` | writable | Loopscale loan account. |
| `event_authority` | read-only | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `CreateLoanParams` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `ManageLoan`.

TypeScript SDK usage:

```typescript
const loan = glamClient.loopscale.getLoanPda(nonce);
const createLoanIx = await glamClient.loopscale.txBuilder.createLoanIx(
  { nonce },
  { loan },
);
```

### Loopscale Integration Staging: create_strategy

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.
- The instruction metadata names `CreateStrategy` as the delegate permission for this instruction.
- the `lender` argument must be the GLAM vault.
- any external yield-source configuration must be unset.
- `principal_mint` must be present in the Loopscale deposit allowlist.
- `market_information` must be present in the Loopscale markets allowlist.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `bs_auth` | signer | Fixed program or sysvar account. |
| `nonce` | signer | nonce account read by Loopscale Integration Staging's create strategy instruction. |
| `strategy` | writable | External strategy account. |
| `market_information` | read-only | Loopscale market information account for the strategy, collateral, or principal asset. |
| `principal_mint` | read-only | Token mint account. |
| `event_authority` | read-only | Anchor event authority PDA used when the invoked program emits events. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `CreateStrategyParams` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `CreateStrategy`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: deposit_collateral

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The instruction metadata names `DepositCollateral` as the delegate permission for this instruction.
- `deposit_mint` must be present in the Loopscale deposit allowlist.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `bs_auth` | signer | bs auth account read by Loopscale Integration Staging's deposit collateral instruction. |
| `loan` | writable | Loopscale loan account. |
| `borrower_collateral_ta` | writable | Token account read or written by this instruction. |
| `loan_collateral_ta` | writable | Token account read or written by this instruction. |
| `deposit_mint` | read-only | Token mint account used or validated by this instruction. |
| `asset_identifier` | read-only | Loopscale asset identifier account used to validate collateral metadata. |
| `token_program` | read-only | Token program account. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `event_authority` | read-only | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `DepositCollateralParams` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `DepositCollateral`.

TypeScript SDK usage:

```typescript
const depositCollateralIx =
  await glamClient.loopscale.txBuilder.depositCollateralIx(
    { amount, assetType: 0, assetIdentifier, assetIndexGuidance },
    { loan, depositMint: collateralMint },
  );
```

Cross-instruction constraints:

- The Loopscale loan must exist; locking and unlocking determine when principal and collateral movements are valid.

### Loopscale Integration Staging: deposit_strategy

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The instruction metadata names `DepositStrategy` as the delegate permission for this instruction.
- `strategy` must be tracked in the vault's registered-position registry.
- `principal_mint` must be present in the Loopscale deposit allowlist.
- `market_information` must be present in the Loopscale markets allowlist.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `bs_auth` | signer | Fixed program or sysvar account. |
| `strategy` | writable | External strategy account. |
| `market_information` | read-only | Loopscale market information account for the strategy, collateral, or principal asset. |
| `principal_mint` | read-only | Token mint account. |
| `lender_ta` | writable | Lender token account used by Loopscale strategy deposit and withdrawal flows. |
| `strategy_ta` | writable | External strategy account. |
| `associated_token_program` | read-only | Standard Solana program account. |
| `token_program` | read-only | Token program (SPL Token or Token-2022) used by the strategy's principal mint during deposit. |
| `event_authority` | read-only | Anchor event authority PDA used when the invoked program emits events. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` | Principal amount to deposit into the Loopscale strategy. |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `DepositStrategy`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Loopscale strategy must be tracked in the vault's registered positions when required by policy.

### Loopscale Integration Staging: deposit_user_vault

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `bs_auth` | signer | `bs_auth` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `vault` | writable | `vault` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `strategy` | writable | `strategy` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `market_information` | read-only | `market_information` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `lp_mint` | writable | `lp_mint` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `user_lp_ta` | writable | `user_lp_ta` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `user_principal_ta` | writable | `user_principal_ta` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `strategy_principal_ta` | writable | `strategy_principal_ta` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `principal_mint` | read-only | `principal_mint` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `principal_token_program` | read-only | `principal_token_program` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `token_2022_program` | read-only | `token_2022_program` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |
| `event_authority` | read-only | `event_authority` account required by the `deposit_user_vault` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `LpParams` |  |

Policy and permission requirements:

- Loopscale integration must be enabled.
- Caller: GLAM owner, or a delegate with Loopscale `DepositUserVault`.
- The strategy must be allowed by the Loopscale deposit policy. The market is not gated for this path.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: repay_principal

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The instruction metadata names `RepayPrincipal` as the delegate permission for this instruction.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `bs_auth` | signer | bs auth account read by Loopscale Integration Staging's repay principal instruction. |
| `loan` | writable | Loopscale loan account. |
| `strategy` | writable | Loopscale strategy account. |
| `market_information` | writable | Loopscale market information account for the strategy, collateral, or principal asset. |
| `principal_mint` | read-only | Token mint account used or validated by this instruction. |
| `borrower_ta` | writable | Token account read or written by this instruction. |
| `strategy_ta` | writable | Token account read or written by this instruction. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `token_program` | read-only | Token program account. |
| `event_authority` | read-only | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `RepayPrincipalParams` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `RepayPrincipal`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Loopscale loan must exist; locking and unlocking determine when principal and collateral movements are valid.

### Loopscale Integration Staging: sell_ledger

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `bs_auth` | signer | `bs_auth` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `loan` | writable | `loan` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `new_strategy_ta` | writable | `new_strategy_ta` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `lender_auth_ta` | writable | `lender_auth_ta` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `old_strategy` | writable | `old_strategy` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `new_strategy` | writable | `new_strategy` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `old_strategy_market_information` | writable | `old_strategy_market_information` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `new_strategy_market_information` | writable | `new_strategy_market_information` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `principal_mint` | read-only | `principal_mint` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `user_vault` | read-only | `user_vault` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `old_strategy_ta` | read-only | `old_strategy_ta` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `protocol_admin_state` | read-only | `protocol_admin_state` account required by the `sell_ledger` instruction (see program source for the full constraint). |
| `event_authority` | read-only | `event_authority` account required by the `sell_ledger` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `SellLedgerParams` |  |

Policy and permission requirements:

- Permission: `LendingPermissions::SellLedger`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: set_borrow_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |
| `integration_program` | read-only | `integration_program` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `BorrowPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: set_lending_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_lending_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_lending_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_lending_policy` instruction (see program source for the full constraint). |
| `integration_program` | read-only | `integration_program` account required by the `set_lending_policy` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `set_lending_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `LendingPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: set_vault_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_vault_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_vault_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_vault_policy` instruction (see program source for the full constraint). |
| `integration_program` | read-only | `integration_program` account required by the `set_vault_policy` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `set_vault_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `VaultPolicy` |  |

Policy and permission requirements:

- Permission: `VaultPermissions::SetPolicy`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: stake_user_vault_lp

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `bs_auth` | signer | `bs_auth` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `nonce` | signer | `nonce` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault` | writable | `vault` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault_stake` | writable | `vault_stake` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `lp_mint` | read-only | `lp_mint` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `user_lp_ta` | writable | `user_lp_ta` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault_stake_lp_ta` | writable | `vault_stake_lp_ta` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault_rewards_info` | writable | `vault_rewards_info` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `user_rewards_info` | writable | `user_rewards_info` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |
| `event_authority` | read-only | `event_authority` account required by the `stake_user_vault_lp` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `VaultStakeParams` |  |

Policy and permission requirements:

- Loopscale integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Loopscale `StakeUserVaultLp` before forwarding the CPI.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: unstake_user_vault_lp

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `bs_auth` | signer | `bs_auth` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault` | writable | `vault` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `lp_mint` | writable | `lp_mint` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault_stake` | writable | `vault_stake` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `user_lp_ta` | writable | `user_lp_ta` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault_stake_lp_ta` | writable | `vault_stake_lp_ta` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `vault_rewards_info` | writable | `vault_rewards_info` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `user_rewards_info` | writable | `user_rewards_info` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |
| `event_authority` | read-only | `event_authority` account required by the `unstake_user_vault_lp` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `VaultUnstakeParams` |  |

Policy and permission requirements:

- Loopscale integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Loopscale `UnstakeUserVaultLp` before forwarding the CPI.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Loopscale Integration Staging: update_strategy

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.
- The instruction metadata names `UpdateStrategy` as the delegate permission for this instruction.
- `strategy` must be tracked in the vault's registered-position registry.
- any external yield-source configuration must be unset when `params` is provided.
- `principal_mint` must be present in the Loopscale deposit allowlist.
- When provided, the `market_information` argument must be present in the Loopscale markets allowlist.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `bs_auth` | signer | Fixed program or sysvar account. |
| `strategy` | writable | External strategy account. |
| `principal_mint` | read-only | Token mint account. |
| `strategy_ta` | writable | External strategy account. |
| `associated_token_program` | read-only | Standard Solana program account. |
| `token_program` | read-only | Token program (SPL Token or Token-2022) used by the strategy's principal mint during update. |
| `event_authority` | read-only | Anchor event authority PDA used when the invoked program emits events. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `collateral_terms` | `vec<MultiCollateralTermsUpdateParams>` | `apy: u64`; `indices: vec<CollateralTermsIndices>` |
| `params` | `option<UpdateStrategyParams>` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `UpdateStrategy`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Loopscale strategy must be tracked in the vault's registered positions when required by policy.

### Loopscale Integration Staging: update_weight_matrix

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Configuration changes must pass owner or authorized-manager checks and, when the state or mint timelock is active, must follow the propose/apply timing model instead of taking effect immediately.
- The instruction metadata names `ManageLoan` as the delegate permission for this instruction.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `bs_auth` | signer | bs auth account read by Loopscale Integration Staging's update weight matrix instruction. |
| `loan` | writable | Loopscale loan account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `UpdateWeightMatrixParams` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `ManageLoan`.

TypeScript SDK usage:

```typescript
const updateWeightMatrixIx =
  await glamClient.loopscale.txBuilder.updateWeightMatrixIx(
    { collateralIndex, weightMatrix, expectedLoanValues, assetIndexGuidance },
    { loan },
  );
```

### Loopscale Integration Staging: withdraw_collateral

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The instruction metadata names `WithdrawCollateral` as the delegate permission for this instruction.

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | GLAM state account that stores vault configuration, integration ACLs, delegate permissions, policies, assets, mint linkage, and pricing records. |
| `glam_vault` | writable | Vault PDA associated with the GLAM state and used as the vault authority. |
| `glam_signer` | signer, writable | Calling authority or fee payer. |
| `integration_authority` | read-only | Program-derived authority used by the integration for downstream invocation. |
| `cpi_program` | read-only | Downstream program invoked by this instruction. |
| `glam_protocol_program` | read-only | GLAM Protocol program account used for authorization or CPI. |
| `system_program` | read-only | Solana System Program. |
| `bs_auth` | signer | bs auth account read by Loopscale Integration Staging's withdraw collateral instruction. |
| `loan` | writable | Loopscale loan account. |
| `borrower_ta` | writable | Token account read or written by this instruction. |
| `loan_ta` | writable | Token account read or written by this instruction. |
| `asset_mint` | read-only | Token mint account used or validated by this instruction. |
| `token_program` | read-only | Token program account. |
| `associated_token_program` | read-only | Associated Token Account program. |
| `event_authority` | read-only | Event authority or downstream event account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `WithdrawCollateralParams` |  |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `WithdrawCollateral`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Loopscale loan must exist; locking and unlocking determine when principal and collateral movements are valid.

### Loopscale Integration Staging: withdraw_strategy

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The instruction metadata names `WithdrawStrategy` as the delegate permission for this instruction.
- `strategy` must be tracked in the vault's registered-position registry.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `bs_auth` | signer | Fixed program or sysvar account. |
| `strategy` | writable | External strategy account. |
| `market_information` | read-only | Loopscale market information account for the strategy, collateral, or principal asset. |
| `principal_mint` | read-only | Token mint account. |
| `lender_ta` | writable | Lender token account used by Loopscale strategy deposit and withdrawal flows. |
| `strategy_ta` | writable | External strategy account. |
| `associated_token_program` | read-only | Standard Solana program account. |
| `token_program` | read-only | Token program (SPL Token or Token-2022) used by the strategy's principal mint during withdraw. |
| `event_authority` | read-only | Anchor event authority PDA used when the invoked program emits events. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` | Principal amount to withdraw from the Loopscale strategy. |
| `withdraw_all` | `bool` | If true, withdraw the full available strategy balance instead of an exact amount. |

Policy and permission requirements:

- Enable the Loopscale integration program on the vault integration ACL before Loopscale position actions.
- Delegate permission: `WithdrawStrategy`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Loopscale strategy must be tracked in the vault's registered positions when required by policy.

### Loopscale Integration Staging: withdraw_user_vault

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `bs_auth` | signer | `bs_auth` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `vault` | writable | `vault` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `strategy` | writable | `strategy` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `market_information` | read-only | `market_information` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `lp_mint` | writable | `lp_mint` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `user_lp_ta` | writable | `user_lp_ta` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `user_principal_ta` | writable | `user_principal_ta` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `strategy_principal_ta` | writable | `strategy_principal_ta` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `principal_mint` | read-only | `principal_mint` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `principal_token_program` | read-only | `principal_token_program` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `token_2022_program` | read-only | `token_2022_program` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |
| `event_authority` | read-only | `event_authority` account required by the `withdraw_user_vault` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `LpParams` |  |

Policy and permission requirements:

- Loopscale integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Loopscale `WithdrawUserVault`.
- `LoopscalePolicy` is not loaded or validated for this withdraw path.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## Neutral Trade Integration Staging

Program ID: `gstgNyHgtURH7iuMn19GQczzv6Wc9fhPV2WDySZVyKx`

Integration adapter for Neutral bundle depositor accounts. It initializes and manages bundle deposits/withdrawals for a GLAM vault under a bundle allowlist. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Neutral user bundle account | Neutral program with GLAM vault authority | Bundle depositor account used for Neutral Trade deposit and withdrawal requests. |

Integration notes:

- Neutral Trade Integration Staging must be enabled on the vault before integration actions can run. Delegate permissions are still required for non-owner callers.
- Relevant official references: [Neutral Trade documentation](https://docs.neutral.trade/).

### Neutral Trade Integration Staging: close_user_bundle_account

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The target account must be writable and controlled by the program or authority expected by the instruction.
- The rent refund destination or signer account must be writable because closing returns lamports to that account.
- Any protocol-specific empty-state requirement, such as zero balance, zero supply, no pending request, or no active position, must be satisfied before closure.
- The instruction metadata names `CloseUserBundleAccount` as the delegate permission for this instruction.
- `bundle_account` must be present in the Neutral bundles allowlist.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `user_bundle_account` | writable | Neutral user bundle account that tracks this vault's bundle deposit or withdrawal requests. |
| `bundle_account` | read-only | Neutral bundle account for the asset bundle being deposited into or withdrawn from. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable the Neutral integration program on the vault integration ACL before Neutral bundle actions.
- Delegate permission: `CloseUserBundleAccount`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Neutral bundle depositor account must be initialized and the bundle must remain allowlisted.

### Neutral Trade Integration Staging: initialize_bundle_depositor

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Creation-style flows require the target account or PDA to be uninitialized or intentionally updatable, the fee payer to be writable, and the System Program to be present when rent or allocation is needed.
- The instruction metadata names `InitializeBundleDepositor` as the delegate permission for this instruction.
- `bundle_account` must be present in the Neutral bundles allowlist.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `bundle_account` | writable | Neutral bundle account for the asset bundle being deposited into or withdrawn from. |
| `user_bundle_account` | writable | Neutral user bundle account that tracks this vault's bundle deposit or withdrawal requests. |

Arguments:

No arguments.

Policy and permission requirements:

- Enable the Neutral integration program on the vault integration ACL before Neutral bundle actions.
- Delegate permission: `InitializeBundleDepositor`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Neutral Trade Integration Staging: request_deposit

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The instruction metadata names `RequestDeposit` as the delegate permission for this instruction.
- `bundle_account` must be present in the Neutral bundles allowlist.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `user_token_account` | writable | Token account read or written by the instruction. |
| `pending_deposit_token_account` | writable | Token account read or written by the instruction. |
| `treasury_account` | writable | Neutral treasury token account that receives assets for a bundle deposit request. |
| `user_bundle_account` | writable | Neutral user bundle account that tracks this vault's bundle deposit or withdrawal requests. |
| `asset_address` | writable | asset address account read or updated by Neutral Trade Integration Staging's request deposit instruction. |
| `oracle_data` | writable | Pricing or oracle account used to calculate value for the instruction. |
| `bundle_temp_data` | writable | Token account read or written by the instruction. |
| `bundle_account` | writable | Neutral bundle account for the asset bundle being deposited into or withdrawn from. |
| `pending_bundle_asset_authority` | writable | pending bundle asset authority required to authorize this instruction. |
| `token_program` | read-only | Token program owning the bundle asset's mint and associated token accounts for the deposit request. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` | Token amount requested for deposit into the Neutral bundle. |

Policy and permission requirements:

- Enable the Neutral integration program on the vault integration ACL before Neutral bundle actions.
- Delegate permission: `RequestDeposit`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Neutral bundle depositor account must be initialized and the bundle must remain allowlisted.

### Neutral Trade Integration Staging: request_withdrawal

Required conditions:

- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- The instruction metadata names `RequestWithdrawal` as the delegate permission for this instruction.
- `bundle_account` must be present in the Neutral bundles allowlist.

Accounts:

This instruction uses the standard account pattern described in [The Big Seven Account Pattern](#the-big-seven-account-pattern). Instruction-specific accounts beyond that pattern:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `user_bundle_account` | writable | Neutral user bundle account that tracks this vault's bundle deposit or withdrawal requests. |
| `bundle_account` | writable | Neutral bundle account for the asset bundle being deposited into or withdrawn from. |
| `oracle_data` | writable | Pricing or oracle account used to calculate value for the instruction. |
| `bundle_temp_data` | writable | Token account read or written by the instruction. |
| `token_program` | read-only | Token program owning the bundle asset's mint and associated token accounts for the withdrawal request. |
| `rent` | read-only | Fixed program or sysvar account. |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `shares_amount` | `u128` | Neutral bundle share amount requested for withdrawal. |
| `min_estimated_value` | `u64` | Minimum estimated value the withdrawal must return for the request to be acceptable. |

Policy and permission requirements:

- Enable the Neutral integration program on the vault integration ACL before Neutral bundle actions.
- Delegate permission: `RequestWithdrawal`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

Cross-instruction constraints:

- The Neutral bundle depositor account must be initialized and the bundle must remain allowlisted.

### Neutral Trade Integration Staging: set_ntbundle_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_ntbundle_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_ntbundle_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_ntbundle_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `NtBundlePolicy` |  |

Policy and permission requirements:

- Only requires `glam_state`, `glam_signer`, and `glam_protocol_program`; does not use the Big Seven account pattern.
- Rejects policies with too many bundles, default bundle pubkeys, or duplicate bundles before persistence.
- Persistence runs through GLAM Protocol's owner-only protocol-policy persistence path.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## Phoenix Integration Staging

Program ID: `gstgPL7r9aYedDDsXNtLpr4atYtNvY7zubAWWstqS3L`

Integration adapter for Phoenix. Lets a GLAM vault register Phoenix trader accounts, deposit or withdraw funds, place and cancel Phoenix orders, move collateral between trader accounts, and sync trader state under GLAM authorization. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | Phoenix Integration Staging | Program-derived authority used for integration-level signing during Phoenix CPI calls. |
| Phoenix trader accounts | Phoenix | Trader accounts registered to, refreshed for, and priced as GLAM vault-controlled positions. |

### Phoenix Integration Staging: cancel_all

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `cancel_all` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `cancel_all` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `cancel_all` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `cancel_all` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `cancel_all` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `cancel_all` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `cancel_all` instruction (see program source for the full constraint). |

Arguments:

No arguments.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: cancel_orders_by_id

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `cancel_orders_by_id` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `cancel_orders_by_id` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `cancel_orders_by_id` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `cancel_orders_by_id` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `cancel_orders_by_id` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `cancel_orders_by_id` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `cancel_orders_by_id` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `order_ids` | `OrderIds` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: cancel_up_to

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `cancel_up_to` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `cancel_up_to` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `cancel_up_to` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `cancel_up_to` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `cancel_up_to` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `cancel_up_to` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `cancel_up_to` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `CancelUpToInstruction` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: deposit

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `deposit` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `deposit` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `deposit` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `deposit` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `deposit` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `deposit` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deposit` instruction (see program source for the full constraint). |
| `ember_state` | read-only | `ember_state` account required by the `deposit` instruction (see program source for the full constraint). |
| `input_mint` | read-only | `input_mint` account required by the `deposit` instruction (see program source for the full constraint). |
| `output_mint` | writable | `output_mint` account required by the `deposit` instruction (see program source for the full constraint). |
| `input_token_account` | writable | `input_token_account` account required by the `deposit` instruction (see program source for the full constraint). |
| `output_token_account` | writable | `output_token_account` account required by the `deposit` instruction (see program source for the full constraint). |
| `ember_vault` | writable | `ember_vault` account required by the `deposit` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `deposit` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `deposit_params` | `DepositParams` |  |

Policy and permission requirements:

- Marinade integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Marinade `Stake` before depositing SOL for mSOL.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: deposit_funds

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `deposit_funds` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `deposit_funds` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `deposit_funds` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `deposit_funds` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `deposit_funds` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `deposit_funds` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deposit_funds` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `DepositFundsInstruction` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: place_limit_order

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `place_limit_order` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `place_limit_order` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `place_limit_order` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `place_limit_order` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `place_limit_order` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `place_limit_order` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `place_limit_order` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `packet` | `OrderPacket` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: place_market_order

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `place_market_order` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `place_market_order` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `place_market_order` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `place_market_order` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `place_market_order` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `place_market_order` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `place_market_order` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `packet` | `OrderPacket` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: place_multi_limit_order

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `place_multi_limit_order` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `place_multi_limit_order` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `place_multi_limit_order` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `place_multi_limit_order` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `place_multi_limit_order` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `place_multi_limit_order` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `place_multi_limit_order` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `packet` | `MultipleOrderPacket` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: register_trader

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `register_trader` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `register_trader` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `register_trader` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `register_trader` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `register_trader` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `register_trader` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `register_trader` instruction (see program source for the full constraint). |
| `log_authority` | read-only | `log_authority` account required by the `register_trader` instruction (see program source for the full constraint). |
| `global_config` | read-only | `global_config` account required by the `register_trader` instruction (see program source for the full constraint). |
| `trader_account` | writable | `trader_account` account required by the `register_trader` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `args` | `RegisterTraderParams` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: set_phoenix_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_phoenix_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_phoenix_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_phoenix_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `PhoenixPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: sync_parent_to_child

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `sync_parent_to_child` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `sync_parent_to_child` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `sync_parent_to_child` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `sync_parent_to_child` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `sync_parent_to_child` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `sync_parent_to_child` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `sync_parent_to_child` instruction (see program source for the full constraint). |

Arguments:

No arguments.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: transfer_collateral

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `transfer_collateral` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `transfer_collateral` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `transfer_collateral` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `transfer_collateral` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `transfer_collateral` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `transfer_collateral` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `transfer_collateral` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `TransferCollateralInstruction` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: transfer_collateral_child_to_parent

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `transfer_collateral_child_to_parent` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `transfer_collateral_child_to_parent` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `transfer_collateral_child_to_parent` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `transfer_collateral_child_to_parent` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `transfer_collateral_child_to_parent` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `transfer_collateral_child_to_parent` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `transfer_collateral_child_to_parent` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `TransferCollateralChildToParentInstruction` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: update_trader_state

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `update_trader_state` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `update_trader_state` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `update_trader_state` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `update_trader_state` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `update_trader_state` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `update_trader_state` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `update_trader_state` instruction (see program source for the full constraint). |

Arguments:

No arguments.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: withdraw

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `withdraw` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `withdraw` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `withdraw` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `withdraw` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `withdraw` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `withdraw` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `withdraw` instruction (see program source for the full constraint). |
| `ember_state` | read-only | `ember_state` account required by the `withdraw` instruction (see program source for the full constraint). |
| `input_mint` | read-only | `input_mint` account required by the `withdraw` instruction (see program source for the full constraint). |
| `output_mint` | writable | `output_mint` account required by the `withdraw` instruction (see program source for the full constraint). |
| `input_token_account` | writable | `input_token_account` account required by the `withdraw` instruction (see program source for the full constraint). |
| `output_token_account` | writable | `output_token_account` account required by the `withdraw` instruction (see program source for the full constraint). |
| `ember_vault` | writable | `ember_vault` account required by the `withdraw` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `withdraw` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `withdraw_params` | `WithdrawParams` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Phoenix Integration Staging: withdraw_funds

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `withdraw_funds` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `withdraw_funds` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `withdraw_funds` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `withdraw_funds` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `withdraw_funds` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `withdraw_funds` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `withdraw_funds` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `params` | `WithdrawFundsInstruction` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## Jupiter Lend Integration Staging

Program ID: `gstgJbGqoE3p1SdFA2dET9tcaCzNqGcdD8wpbGctnU9`

Integration adapter for Jupiter Lend. Lets a GLAM vault deposit and withdraw Jupiter Earn assets and initialize or operate Jupiter Borrow positions under GLAM authorization. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | Jupiter Lend Integration Staging | Program-derived authority used for integration-level signing during Jupiter Earn and Borrow CPI calls. |

### Jupiter Lend Integration Staging: borrow_init_position

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `vault_admin` | read-only | `vault_admin` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `vault_state` | writable | `vault_state` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `position_mint` | writable | `position_mint` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `position_token_account` | writable | `position_token_account` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `metadata_account` | writable | `metadata_account` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `sysvar_instruction` | read-only | `sysvar_instruction` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `metadata_program` | read-only | `metadata_program` account required by the `borrow_init_position` instruction (see program source for the full constraint). |
| `rent` | read-only | `rent` account required by the `borrow_init_position` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `vault_id` | `u16` |  |
| `next_position_id` | `u32` |  |

Policy and permission requirements:

- Permission: `BorrowPermissions::InitPosition`.
- Policy: `vault_state` must be in `BorrowPolicy::vaults_allowlist`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Jupiter Lend Integration Staging: borrow_operate

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `signer_supply_token_account` | writable | `signer_supply_token_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `signer_borrow_token_account` | writable | `signer_borrow_token_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `recipient` | optional | `recipient` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `recipient_borrow_token_account` | writable, optional | `recipient_borrow_token_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `recipient_supply_token_account` | writable, optional | `recipient_supply_token_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `vault_config` | read-only | `vault_config` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `vault_state` | writable | `vault_state` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `supply_token` | read-only | `supply_token` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `borrow_token` | read-only | `borrow_token` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `oracle` | read-only | `oracle` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `position_token_account` | read-only | `position_token_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `current_position_tick` | writable | `current_position_tick` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `final_position_tick` | writable | `final_position_tick` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `current_position_tick_id` | read-only | `current_position_tick_id` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `final_position_tick_id` | writable | `final_position_tick_id` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `new_branch` | writable | `new_branch` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `supply_token_reserves_liquidity` | writable | `supply_token_reserves_liquidity` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `borrow_token_reserves_liquidity` | writable | `borrow_token_reserves_liquidity` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `vault_supply_position_on_liquidity` | writable | `vault_supply_position_on_liquidity` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `vault_borrow_position_on_liquidity` | writable | `vault_borrow_position_on_liquidity` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `supply_rate_model` | read-only | `supply_rate_model` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `borrow_rate_model` | read-only | `borrow_rate_model` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `vault_supply_token_account` | writable | `vault_supply_token_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `vault_borrow_token_account` | writable | `vault_borrow_token_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `supply_token_claim_account` | writable, optional | `supply_token_claim_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `borrow_token_claim_account` | writable, optional | `borrow_token_claim_account` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `liquidity` | read-only | `liquidity` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `liquidity_program` | read-only | `liquidity_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `oracle_program` | read-only | `oracle_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `supply_token_program` | read-only | `supply_token_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `borrow_token_program` | read-only | `borrow_token_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `borrow_operate` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `new_col` | `i128` |  |
| `new_debt` | `i128` |  |
| `transfer_type` | `option<TransferType>` |  |
| `remaining_accounts_indices` | `bytes` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Jupiter Lend Integration Staging: earn_deposit

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `depositor_token_account` | writable | `depositor_token_account` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `recipient_token_account` | writable | `recipient_token_account` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `mint` | read-only | `mint` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `lending_admin` | read-only | `lending_admin` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `lending` | writable | `lending` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `f_token_mint` | writable | `f_token_mint` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `supply_token_reserves_liquidity` | writable | `supply_token_reserves_liquidity` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `lending_supply_position_on_liquidity` | writable | `lending_supply_position_on_liquidity` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `rate_model` | read-only | `rate_model` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `vault` | writable | `vault` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `liquidity` | writable | `liquidity` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `liquidity_program` | writable | `liquidity_program` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `rewards_rate_model` | read-only | `rewards_rate_model` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `earn_deposit` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `earn_deposit` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `assets` | `u64` |  |
| `min_amount_out` | `u64` |  |

Policy and permission requirements:

- Permission: `EarnPermissions::Deposit`.
- Policy: underlying `mint` must be in `EarnPolicy::mints_allowlist`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Jupiter Lend Integration Staging: earn_withdraw

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `owner_token_account` | writable | `owner_token_account` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `recipient_token_account` | writable | `recipient_token_account` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `lending_admin` | read-only | `lending_admin` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `lending` | writable | `lending` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `mint` | read-only | `mint` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `f_token_mint` | writable | `f_token_mint` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `supply_token_reserves_liquidity` | writable | `supply_token_reserves_liquidity` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `lending_supply_position_on_liquidity` | writable | `lending_supply_position_on_liquidity` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `rate_model` | read-only | `rate_model` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `vault` | writable | `vault` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `claim_account` | writable | `claim_account` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `liquidity` | writable | `liquidity` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `liquidity_program` | writable | `liquidity_program` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `rewards_rate_model` | read-only | `rewards_rate_model` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `earn_withdraw` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `earn_withdraw` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `max_shares_burn` | `u64` |  |

Policy and permission requirements:

- Permission: `EarnPermissions::Withdraw`.
- Policy: underlying `mint` must be in `EarnPolicy::mints_allowlist`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Jupiter Lend Integration Staging: set_borrow_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_borrow_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `BorrowPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Jupiter Lend Integration Staging: set_earn_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_earn_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_earn_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_earn_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `EarnPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## Orca Integration Staging

Program ID: `gstgo1EgmTp2PbLSaL6Qg57P7uADx3aiRZrMsewEdSy`

Integration adapter for Orca Whirlpools. Lets a GLAM vault open, close, reposition, fund, and harvest Token-2022-aware Whirlpool positions under GLAM authorization. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | Orca Integration Staging | Program-derived authority used for integration-level signing during Orca Whirlpools CPI calls. |
| Orca Whirlpool positions | Orca Whirlpools | Vault-owned concentrated-liquidity positions that can be opened, modified, harvested, closed, and priced through GLAM. |

### Orca Integration Staging: close_position_with_token_extensions

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `whirlpool` | read-only | `whirlpool` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `position_mint` | writable | `position_mint` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `position_token_account` | writable | `position_token_account` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |
| `token_2022_program` | read-only | `token_2022_program` account required by the `close_position_with_token_extensions` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Permission: `ClosePosition`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: collect_fees_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `whirlpool` | read-only | `whirlpool` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `position_token_account` | read-only | `position_token_account` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_mint_a` | read-only | `token_mint_a` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_mint_b` | read-only | `token_mint_b` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_owner_account_a` | writable | `token_owner_account_a` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_vault_a` | writable | `token_vault_a` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_owner_account_b` | writable | `token_owner_account_b` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_vault_b` | writable | `token_vault_b` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_program_a` | read-only | `token_program_a` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `token_program_b` | read-only | `token_program_b` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |
| `memo_program` | read-only | `memo_program` account required by the `collect_fees_v2` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `remaining_accounts_info` | `option<RemainingAccountsInfo>` |  |

Policy and permission requirements:

- Permission: `CollectFees`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: collect_reward_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `whirlpool` | read-only | `whirlpool` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `position_token_account` | read-only | `position_token_account` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `reward_owner_account` | writable | `reward_owner_account` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `reward_mint` | read-only | `reward_mint` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `reward_vault` | writable | `reward_vault` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `reward_token_program` | read-only | `reward_token_program` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |
| `memo_program` | read-only | `memo_program` account required by the `collect_reward_v2` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `reward_index` | `u8` |  |
| `remaining_accounts_info` | `option<RemainingAccountsInfo>` |  |

Policy and permission requirements:

- Permission: `CollectReward`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: decrease_liquidity_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `whirlpool` | writable | `whirlpool` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_program_a` | read-only | `token_program_a` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_program_b` | read-only | `token_program_b` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `memo_program` | read-only | `memo_program` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `position_token_account` | read-only | `position_token_account` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_mint_a` | read-only | `token_mint_a` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_mint_b` | read-only | `token_mint_b` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_owner_account_a` | writable | `token_owner_account_a` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_owner_account_b` | writable | `token_owner_account_b` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_vault_a` | writable | `token_vault_a` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `token_vault_b` | writable | `token_vault_b` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `tick_array_lower` | writable | `tick_array_lower` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |
| `tick_array_upper` | writable | `tick_array_upper` account required by the `decrease_liquidity_v2` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u128` |  |
| `token_min_a` | `u64` |  |
| `token_min_b` | `u64` |  |
| `remaining_accounts_info` | `option<RemainingAccountsInfo>` |  |

Policy and permission requirements:

- Permission: `DecreaseLiquidity`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: increase_liquidity_by_token_amounts_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `whirlpool` | writable | `whirlpool` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_program_a` | read-only | `token_program_a` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_program_b` | read-only | `token_program_b` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `memo_program` | read-only | `memo_program` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `position_token_account` | read-only | `position_token_account` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_mint_a` | read-only | `token_mint_a` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_mint_b` | read-only | `token_mint_b` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_owner_account_a` | writable | `token_owner_account_a` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_owner_account_b` | writable | `token_owner_account_b` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_vault_a` | writable | `token_vault_a` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `token_vault_b` | writable | `token_vault_b` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `tick_array_lower` | writable | `tick_array_lower` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |
| `tick_array_upper` | writable | `tick_array_upper` account required by the `increase_liquidity_by_token_amounts_v2` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `method` | `IncreaseLiquidityMethod` |  |
| `remaining_accounts_info` | `option<RemainingAccountsInfo>` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: increase_liquidity_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `whirlpool` | writable | `whirlpool` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_program_a` | read-only | `token_program_a` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_program_b` | read-only | `token_program_b` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `memo_program` | read-only | `memo_program` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `position_token_account` | read-only | `position_token_account` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_mint_a` | read-only | `token_mint_a` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_mint_b` | read-only | `token_mint_b` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_owner_account_a` | writable | `token_owner_account_a` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_owner_account_b` | writable | `token_owner_account_b` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_vault_a` | writable | `token_vault_a` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `token_vault_b` | writable | `token_vault_b` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `tick_array_lower` | writable | `tick_array_lower` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |
| `tick_array_upper` | writable | `tick_array_upper` account required by the `increase_liquidity_v2` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `liquidity_amount` | `u128` |  |
| `token_max_a` | `u64` |  |
| `token_max_b` | `u64` |  |
| `remaining_accounts_info` | `option<RemainingAccountsInfo>` |  |

Policy and permission requirements:

- Permission: `IncreaseLiquidity`.
- Policy: Whirlpool and both pool token mints must be allowlisted.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: initialize_tick_array

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `whirlpool` | read-only | `whirlpool` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |
| `tick_array` | writable | `tick_array` account required by the `initialize_tick_array` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `start_tick_index` | `i32` |  |

Policy and permission requirements:

- Permission: `InitializeTickArray`.
- Policy: Whirlpool and both pool token mints must be allowlisted.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: open_position_with_token_extensions

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `position_mint` | signer, writable | `position_mint` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `position_token_account` | writable | `position_token_account` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `whirlpool` | read-only | `whirlpool` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `token_2022_program` | read-only | `token_2022_program` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `associated_token_program` | read-only | `associated_token_program` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |
| `metadata_update_auth` | read-only | `metadata_update_auth` account required by the `open_position_with_token_extensions` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `tick_lower_index` | `i32` |  |
| `tick_upper_index` | `i32` |  |
| `with_token_metadata_extension` | `bool` |  |

Policy and permission requirements:

- Permission: `OpenPosition`.
- Policy: Whirlpool and both pool token mints must be allowlisted.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: reposition_liquidity_v2

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `whirlpool` | writable | `whirlpool` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_program_a` | read-only | `token_program_a` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_program_b` | read-only | `token_program_b` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `memo_program` | read-only | `memo_program` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `position_token_account` | read-only | `position_token_account` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_mint_a` | read-only | `token_mint_a` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_mint_b` | read-only | `token_mint_b` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_owner_account_a` | writable | `token_owner_account_a` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_owner_account_b` | writable | `token_owner_account_b` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_vault_a` | writable | `token_vault_a` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `token_vault_b` | writable | `token_vault_b` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `existing_tick_array_lower` | writable | `existing_tick_array_lower` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `existing_tick_array_upper` | writable | `existing_tick_array_upper` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `new_tick_array_lower` | writable | `new_tick_array_lower` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |
| `new_tick_array_upper` | writable | `new_tick_array_upper` account required by the `reposition_liquidity_v2` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `new_tick_lower_index` | `i32` |  |
| `new_tick_upper_index` | `i32` |  |
| `method` | `RepositionLiquidityMethod` |  |
| `remaining_accounts_info` | `option<RemainingAccountsInfo>` |  |

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: set_whirlpools_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_whirlpools_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_whirlpools_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_whirlpools_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `WhirlpoolsPolicy` |  |

Policy and permission requirements:

- Only the GLAM owner can call. Persistence is gated through GLAM Protocol's owner-only protocol-policy persistence path; delegates cannot complete the policy change on their own.
- For non-empty policy data, the target protocol must already be enabled in `integration_acls`.
- State timelock applies when active.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Orca Integration Staging: update_fees_and_rewards

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `whirlpool` | writable | `whirlpool` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `position` | writable | `position` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `tick_array_lower` | read-only | `tick_array_lower` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |
| `tick_array_upper` | read-only | `tick_array_upper` account required by the `update_fees_and_rewards` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Permission: `UpdateFeesAndRewards`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## MarginFi Integration Staging

Program ID: `gstgMghFitRBz2GXKwgpMd7L1JXd1sg59q2v5Y83vSY`

Integration adapter for MarginFi. Lets a GLAM vault initialize MarginFi accounts, deposit or withdraw collateral, borrow or repay liquidity, close accounts, and use Kamino-backed collateral under GLAM authorization. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | MarginFi Integration Staging | Program-derived authority used for integration-level signing during MarginFi CPI calls. |
| MarginFi accounts | MarginFi | Vault-controlled lending accounts that can be initialized, funded, borrowed against, repaid, closed, and priced through GLAM. |

### MarginFi Integration Staging: kamino_deposit

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `group` | read-only | `group` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `bank` | writable | `bank` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `signer_token_account` | writable | `signer_token_account` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `liquidity_vault_authority` | writable | `liquidity_vault_authority` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `liquidity_vault` | writable | `liquidity_vault` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `integration_acc_2` | writable | `integration_acc_2` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `lending_market` | read-only | `lending_market` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `lending_market_authority` | read-only | `lending_market_authority` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `integration_acc_1` | writable | `integration_acc_1` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `mint` | read-only | `mint` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `reserve_liquidity_supply` | writable | `reserve_liquidity_supply` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `reserve_collateral_mint` | writable | `reserve_collateral_mint` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `reserve_destination_deposit_collateral` | writable | `reserve_destination_deposit_collateral` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `obligation_farm_user_state` | writable, optional | `obligation_farm_user_state` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `reserve_farm_state` | writable, optional | `reserve_farm_state` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `kamino_program` | read-only | `kamino_program` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `farms_program` | read-only | `farms_program` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `collateral_token_program` | read-only | `collateral_token_program` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `liquidity_token_program` | read-only | `liquidity_token_program` account required by the `kamino_deposit` instruction (see program source for the full constraint). |
| `instruction_sysvar_account` | read-only | `instruction_sysvar_account` account required by the `kamino_deposit` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Permission: `MarginfiPermissions::KaminoDeposit`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: kamino_withdraw

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `group` | read-only | `group` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `bank` | writable | `bank` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `destination_token_account` | writable | `destination_token_account` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `liquidity_vault_authority` | writable | `liquidity_vault_authority` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `liquidity_vault` | writable | `liquidity_vault` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `integration_acc_2` | writable | `integration_acc_2` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `lending_market` | read-only | `lending_market` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `lending_market_authority` | read-only | `lending_market_authority` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `integration_acc_1` | writable | `integration_acc_1` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `mint` | writable | `mint` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `reserve_liquidity_supply` | writable | `reserve_liquidity_supply` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `reserve_collateral_mint` | writable | `reserve_collateral_mint` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `reserve_source_collateral` | writable | `reserve_source_collateral` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `obligation_farm_user_state` | writable, optional | `obligation_farm_user_state` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `reserve_farm_state` | writable, optional | `reserve_farm_state` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `kamino_program` | read-only | `kamino_program` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `farms_program` | read-only | `farms_program` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `collateral_token_program` | read-only | `collateral_token_program` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `liquidity_token_program` | read-only | `liquidity_token_program` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |
| `instruction_sysvar_account` | read-only | `instruction_sysvar_account` account required by the `kamino_withdraw` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `withdraw_all` | `option<bool>` |  |

Policy and permission requirements:

- Permission: `MarginfiPermissions::Withdraw`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: lending_account_borrow

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `group` | read-only | `group` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `bank` | writable | `bank` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `destination_token_account` | writable | `destination_token_account` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `bank_liquidity_vault_authority` | read-only | `bank_liquidity_vault_authority` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `liquidity_vault` | writable | `liquidity_vault` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `lending_account_borrow` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |

Policy and permission requirements:

- Permission: `MarginfiPermissions::Borrow`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: lending_account_deposit

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `group` | read-only | `group` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `bank` | writable | `bank` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `signer_token_account` | writable | `signer_token_account` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `liquidity_vault` | writable | `liquidity_vault` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `lending_account_deposit` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `deposit_up_to_limit` | `option<bool>` |  |

Policy and permission requirements:

- Permission: `MarginfiPermissions::Deposit`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: lending_account_repay

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `group` | read-only | `group` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `bank` | writable | `bank` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `signer_token_account` | writable | `signer_token_account` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `liquidity_vault` | writable | `liquidity_vault` account required by the `lending_account_repay` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `lending_account_repay` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `repay_all` | `option<bool>` |  |

Policy and permission requirements:

- Permission: `MarginfiPermissions::Repay`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: lending_account_withdraw

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `group` | read-only | `group` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `bank` | writable | `bank` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `destination_token_account` | writable | `destination_token_account` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `bank_liquidity_vault_authority` | read-only | `bank_liquidity_vault_authority` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `liquidity_vault` | writable | `liquidity_vault` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `lending_account_withdraw` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `amount` | `u64` |  |
| `withdraw_all` | `option<bool>` |  |

Policy and permission requirements:

- Permission: `MarginfiPermissions::Withdraw`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: marginfi_account_close

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `marginfi_account_close` instruction (see program source for the full constraint). |

Arguments:

No arguments.

Policy and permission requirements:

- Permission: `MarginfiPermissions::CloseAccount`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: marginfi_account_initialize_pda

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `marginfi_group` | read-only | `marginfi_group` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `marginfi_account` | writable | `marginfi_account` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |
| `instructions_sysvar` | read-only | `instructions_sysvar` account required by the `marginfi_account_initialize_pda` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `account_index` | `u16` |  |
| `third_party_id` | `option<u16>` |  |

Policy and permission requirements:

- Permission: `MarginfiPermissions::InitAccount`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### MarginFi Integration Staging: set_marginfi_policy

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `set_marginfi_policy` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `set_marginfi_policy` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `set_marginfi_policy` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `policy` | `MarginfiPolicy` |  |

Policy and permission requirements:

- Permission: GLAM state owner via `glam_protocol::set_protocol_policy`.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## Marinade Integration Staging

Program ID: `gstgmvM2o7h7GcScvXymH1oFgWskukWWxRHC1UJJ9FJ`

Integration adapter for Marinade. Lets a GLAM vault deposit SOL or stake accounts for mSOL, perform liquid unstakes, and withdraw stake accounts under GLAM authorization. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | Marinade Integration Staging | Program-derived authority used for integration-level signing during Marinade CPI calls. |

### Marinade Integration Staging: deposit

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `deposit` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `deposit` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `deposit` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `deposit` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `deposit` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `deposit` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deposit` instruction (see program source for the full constraint). |
| `state` | writable | `state` account required by the `deposit` instruction (see program source for the full constraint). |
| `msol_mint` | writable | `msol_mint` account required by the `deposit` instruction (see program source for the full constraint). |
| `liq_pool_sol_leg_pda` | writable | `liq_pool_sol_leg_pda` account required by the `deposit` instruction (see program source for the full constraint). |
| `liq_pool_msol_leg` | writable | `liq_pool_msol_leg` account required by the `deposit` instruction (see program source for the full constraint). |
| `liq_pool_msol_leg_authority` | read-only | `liq_pool_msol_leg_authority` account required by the `deposit` instruction (see program source for the full constraint). |
| `reserve_pda` | writable | `reserve_pda` account required by the `deposit` instruction (see program source for the full constraint). |
| `mint_to` | writable | `mint_to` account required by the `deposit` instruction (see program source for the full constraint). |
| `msol_mint_authority` | read-only | `msol_mint_authority` account required by the `deposit` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `deposit` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `lamports` | `u64` |  |

Policy and permission requirements:

- Marinade integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Marinade `Stake` before depositing SOL for mSOL.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Marinade Integration Staging: deposit_stake_account

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `state` | writable | `state` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `validator_list` | writable | `validator_list` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `stake_list` | writable | `stake_list` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `stake_account` | writable | `stake_account` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `duplication_flag` | writable | `duplication_flag` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `msol_mint` | writable | `msol_mint` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `mint_to` | writable | `mint_to` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `msol_mint_authority` | read-only | `msol_mint_authority` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `clock` | read-only | `clock` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `rent` | read-only | `rent` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |
| `stake_program` | read-only | `stake_program` account required by the `deposit_stake_account` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `validator_index` | `u32` |  |

Policy and permission requirements:

- Marinade integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Marinade `Stake` before depositing a stake account into Marinade.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Marinade Integration Staging: liquid_unstake

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `state` | writable | `state` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `msol_mint` | writable | `msol_mint` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `liq_pool_sol_leg_pda` | writable | `liq_pool_sol_leg_pda` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `liq_pool_msol_leg` | writable | `liq_pool_msol_leg` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `treasury_msol_account` | writable | `treasury_msol_account` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `get_msol_from` | writable | `get_msol_from` account required by the `liquid_unstake` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `liquid_unstake` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `msol_amount` | `u64` |  |

Policy and permission requirements:

- Marinade integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Marinade `Unstake` before liquid unstaking mSOL.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Marinade Integration Staging: withdraw_stake_account

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `state` | writable | `state` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `msol_mint` | writable | `msol_mint` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `burn_msol_from` | writable | `burn_msol_from` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `treasury_msol_account` | writable | `treasury_msol_account` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `validator_list` | writable | `validator_list` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `stake_list` | writable | `stake_list` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `stake_withdraw_authority` | read-only | `stake_withdraw_authority` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `stake_deposit_authority` | read-only | `stake_deposit_authority` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `stake_account` | writable | `stake_account` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `split_stake_account` | signer, writable | `split_stake_account` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `clock` | read-only | `clock` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |
| `stake_program` | read-only | `stake_program` account required by the `withdraw_stake_account` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `stake_index` | `u32` |  |
| `validator_index` | `u32` |  |
| `msol_amount` | `u64` |  |
| `beneficiary` | `pubkey` |  |

Policy and permission requirements:

- Marinade integration must be enabled.
- Signer must be the GLAM owner or a delegate holding Marinade `Unstake` before withdrawing a stake account.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

## Stake Pool Integration Staging

Program ID: `gstgS4dNeT3BTEQa1aaTS2b8CsAUz1SmwQDGosHSPsw`

Integration adapter for SPL Stake Pools. Lets a GLAM vault deposit SOL or stake accounts into a stake pool and withdraw SOL or stake accounts back, with the protocol derived from the supplied stake-pool program. This staging deployment exposes additional or pre-release functionality for review.

Accounts owned or controlled by this program:

| Account | Owner or authority | Purpose |
| --- | --- | --- |
| Integration authority PDA | Stake Pool Integration Staging | Program-derived authority used for integration-level signing during SPL Stake Pool CPI calls. |

### Stake Pool Integration Staging: deposit_sol

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `stake_pool` | writable | `stake_pool` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `stake_pool_withdraw_authority` | read-only | `stake_pool_withdraw_authority` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `reserve_stake` | writable | `reserve_stake` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `pool_tokens_to` | writable | `pool_tokens_to` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `fee_account` | writable | `fee_account` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `pool_mint` | writable | `pool_mint` account required by the `deposit_sol` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `deposit_sol` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `lamports_in` | `u64` |  |
| `minimum_pool_tokens_out` | `option<u64>` |  |

Policy and permission requirements:

- The target protocol is derived from the supplied stake-pool program and must be enabled on the GLAM state.
- Signer must be the GLAM owner or a delegate holding Stake Pool `DepositSolAny` — or `DepositSol` suffices when the pool mint is already in the vault asset allowlist.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Stake Pool Integration Staging: deposit_stake

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `stake_pool` | writable | `stake_pool` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `validator_list` | writable | `validator_list` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `stake_pool_deposit_authority` | read-only | `stake_pool_deposit_authority` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `stake_pool_withdraw_authority` | read-only | `stake_pool_withdraw_authority` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `deposit_stake` | writable | `deposit_stake` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `validator_stake_account` | writable | `validator_stake_account` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `reserve_stake_account` | writable | `reserve_stake_account` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `pool_tokens_to` | writable | `pool_tokens_to` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `fee_account` | writable | `fee_account` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `pool_mint` | writable | `pool_mint` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `clock` | read-only | `clock` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `stake_history` | read-only | `stake_history` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `deposit_stake` instruction (see program source for the full constraint). |
| `stake_program` | read-only | `stake_program` account required by the `deposit_stake` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `minimum_pool_tokens_out` | `option<u64>` |  |

Policy and permission requirements:

- The target protocol is derived from the supplied stake-pool program and must be enabled on the GLAM state.
- Signer must be the GLAM owner or a delegate holding Stake Pool `DepositStakeAny` — or `DepositStake` suffices when the pool mint is already in the vault asset allowlist.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Stake Pool Integration Staging: withdraw_sol

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `stake_pool` | writable | `stake_pool` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `stake_pool_withdraw_authority` | read-only | `stake_pool_withdraw_authority` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `pool_tokens_from` | writable | `pool_tokens_from` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `reserve_stake` | writable | `reserve_stake` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `fee_account` | writable | `fee_account` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `pool_mint` | writable | `pool_mint` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `clock` | read-only | `clock` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `stake_history` | read-only | `stake_history` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `stake_program` | read-only | `stake_program` account required by the `withdraw_sol` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `withdraw_sol` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `pool_tokens_in` | `u64` |  |
| `minimum_lamports_out` | `option<u64>` |  |

Policy and permission requirements:

- The target protocol is derived from the supplied stake-pool program and must be enabled on the GLAM state.
- Signer must be the GLAM owner or a delegate holding Stake Pool `WithdrawSol` before withdrawing SOL.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.

### Stake Pool Integration Staging: withdraw_stake

Accounts:

| Account | Role | Ownership and purpose |
| --- | --- | --- |
| `glam_state` | writable | `glam_state` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `glam_vault` | writable | `glam_vault` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `glam_signer` | signer, writable | `glam_signer` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `integration_authority` | read-only | `integration_authority` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `cpi_program` | read-only | `cpi_program` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `glam_protocol_program` | read-only | `glam_protocol_program` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `system_program` | read-only | `system_program` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `stake_pool` | writable | `stake_pool` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `validator_list` | writable | `validator_list` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `stake_pool_withdraw_authority` | read-only | `stake_pool_withdraw_authority` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `validator_stake_account` | writable | `validator_stake_account` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `stake` | writable | `stake` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `pool_tokens_from` | writable | `pool_tokens_from` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `fee_account` | writable | `fee_account` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `pool_mint` | writable | `pool_mint` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `clock` | read-only | `clock` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `token_program` | read-only | `token_program` account required by the `withdraw_stake` instruction (see program source for the full constraint). |
| `stake_program` | read-only | `stake_program` account required by the `withdraw_stake` instruction (see program source for the full constraint). |

Arguments:

| Argument | Type | Notes |
| --- | --- | --- |
| `pool_tokens_in` | `u64` |  |
| `minimum_lamports_out` | `option<u64>` |  |

Policy and permission requirements:

- The target protocol is derived from the supplied stake-pool program and must be enabled on the GLAM state.
- Signer must be the GLAM owner or a delegate holding Stake Pool `WithdrawStake` before withdrawing a stake account.

TypeScript SDK usage:

No public TypeScript SDK snippet is documented for this instruction.
