GLAM ProtocolProduction
grant_revoke_delegate_permissions
Grants or revokes delegate permissions limited by integration program and protocol.
Handler narrative
- Load the GLAM state or program account required by the instruction and verify the signer.
- Update the access-control record in the state account after checking owner authority and timelock or emergency rules.
Required conditions
- The submitted accounts must match the declared account list, signer requirements, writable requirements, fixed program addresses, and account relationships shown below.
- The GLAM state account is the source of truth for owner, enabled integrations, delegate permissions, policies, assets, borrowable assets, timelock settings, mint linkage, and pricing records.
- Owner-level actions must be signed by the state owner unless the instruction is explicitly an integration callback, mint-authority callback, delegate action, or emergency access update.
- The delegate public key, integration program, protocol bitflag, and permission bitmask must be provided explicitly; the resulting delegate ACL entry grants only those exact capabilities.
Accounts
| Account | Role | Description |
|---|---|---|
| glam_state | writable | State account owned by the GLAM Protocol program; it records vault configuration, policies, and pricing records. |
| glam_signer | signer, writable | Calling authority. It must be the owner or a delegate with the explicit permission required by this instruction. |
Arguments
| Argument | Type | Notes |
|---|---|---|
| delegate | pubkey | Delegate public key receiving or losing the named permissions. |
| integration_program | pubkey | Integration program under which the delegate permission is recorded. |
| protocol_bitflag | u16 | Protocol bitflag within the integration program, such as Kamino Lending, Kamino Vaults, SPL Token, or Jupiter Swap. |
| permissions_bitmask | u64 | Permission bitmask that identifies the exact actions granted or revoked for the delegate. |
| set_granted | bool |
Policy & permissions
- No external integration enablement is required beyond the program-level functionality involved in this instruction.
- Caller must be the owner or a delegate with the explicit protocol permission required by this instruction.
TypeScript SDK usage
import { BN } from "@coral-xyz/anchor";
import { PublicKey } from "@solana/web3.js";
await glamClient.access.grantDelegatePermissions(
new PublicKey(delegate),
new PublicKey(integrationProgram),
protocolBitflag,
new BN(0b11),
);Cross-instruction constraints
- No additional cross-instruction constraint is documented beyond account initialization, authority checks, and policy validation.