Bridge Integration StagingStaging
commit_oft_transfer
Verifies the OFT send completed and records the resulting transfer.
Handler narrative
- Load the GLAM state or program account required by the instruction and verify the signer.
- Verify that the integration is enabled on the vault and that the caller has the required delegate permission or owner authority.
- Validate the instruction-specific policy, then invoke the external protocol with the vault authority where required.
- Verifies the OFT send completed and records the resulting transfer.
Required conditions
- The submitted accounts must match the declared account list, signer requirements, writable requirements, fixed program addresses, and account relationships shown below.
- The GLAM state account is the source of truth for owner, enabled integrations, delegate permissions, policies, assets, borrowable assets, timelock settings, mint linkage, and pricing records.
- The vault account must be the PDA controlled by the core protocol program and derived conceptually from the state account; instructions use it as the vault authority for SOL, token accounts, and external positions.
- The vault integration ACL must enable this integration before the instruction is accepted; that enablement is defined on the GLAM state account.
- If the signer is not the owner, the delegate ACL on the GLAM state must contain the exact protocol permission required by this instruction; registering a delegate alone is insufficient.
- Instruction-specific destination accounts must satisfy the external protocol's own account model; GLAM validates the accounts it needs for authorization and policy enforcement, then passes the remaining protocol accounts through CPI.
- Asset, amount, and destination restrictions must satisfy the configured transfer or destination policy when that policy is present.
Accounts
Uses the standard Big Seven account pattern, plus the instruction-specific accounts below.
| Account | Role | Description |
|---|---|---|
| instructions | read-only | Fixed program or sysvar account required by this instruction. |
| bridge_registry | writable | Bridge configuration or registry account used by the instruction. |
| bridge_session | writable | Program-derived account used by this instruction; clients should prefer SDK helpers when available. |
| source_token_account | writable | Token account read or written by the instruction. |
| source_mint | read-only | Token mint account used by the instruction. |
| auxiliary_token_account | writable | Token account read or written by the instruction. |
Arguments
| Argument | Type | Notes |
|---|---|---|
| args | CommitOftTransferArgs | Instruction parameter object; field details are listed below. Fields: transfer_id: pubkey |
Policy & permissions
- Enable the Bridge integration program before LayerZero OFT or managed-transfer actions.
- Caller must be the owner or a delegate with the explicit protocol permission required by this instruction.
- Destination and asset restrictions must satisfy the configured transfer or destination policy when one is set.
Cross-instruction constraints
- Run after the OFT transfer has been prepared and sent by the bridge flow.