Skip to Content
Quickstart

Quickstart

Three instructions. One CPI call.

1. Add the dependency

[dependencies]
anchor-lang = "0.32.0"
trana       = { version = "0.1", features = ["cpi"] }

2. Add Trana accounts

Add a trana_cpi_ctx() helper on your accounts struct so the enforce call is one line everywhere you use it.

use trana::cpi::accounts::Enforce;
use trana::program::Trana;
use trana::Policy;
 
#[derive(Accounts)]
pub struct Withdraw<'info> {
    #[account(mut, has_one = owner, seeds = [b"vault", owner.key().as_ref()], bump)]
    pub vault: Account<'info, VaultState>,
    #[account(mut)]
    pub owner: Signer<'info>,
    /// CHECK: withdrawal destination
    #[account(mut)]
    pub destination: UncheckedAccount<'info>,
 
    // Trana — three accounts
    pub trana_guard_program: Program<'info, Trana>,
    #[account(
        mut,
        seeds  = [b"2fa", owner.key().as_ref()],
        bump,
        seeds::program = trana_guard_program.key(),
        constraint = trana_registry.enabled @ VaultError::PasskeyNotRegistered,
    )]
    pub trana_registry: Account<'info, trana::TwoFactorRegistry>,
    /// CHECK: Instructions sysvar
    #[account(address = anchor_lang::solana_program::sysvar::instructions::ID)]
    pub trana_instructions: UncheckedAccount<'info>,
}
 
impl<'info> Withdraw<'info> {
    pub fn trana_cpi_ctx(&self) -> CpiContext<'_, '_, '_, 'info, Enforce<'info>> {
        CpiContext::new(self.trana_guard_program.to_account_info(), Enforce {
            registry:     self.trana_registry.to_account_info(),
            owner:        self.owner.to_account_info(),
            instructions: self.trana_instructions.to_account_info(),
        })
    }
}

3. Call enforce

pub fn withdraw(ctx: Context<Withdraw>, amount: u64) -> Result<()> {
    require!(amount > 0,                           VaultError::ZeroAmount);
    require!(amount <= ctx.accounts.vault.balance, VaultError::InsufficientFunds);
 
    // Passkey required when amount >= 1 SOL. Guard reads amount directly; the caller can't fake it.
    trana::cpi::enforce(ctx.accounts.trana_cpi_ctx(), Policy::Limit { param_offset: 0, limit: 1_000_000_000 })?;
 
    let vault_info = ctx.accounts.vault.to_account_info();
    let dest_info  = ctx.accounts.destination.to_account_info();
    **vault_info.try_borrow_mut_lamports()? -= amount;
    **dest_info.try_borrow_mut_lamports()?  += amount;
 
    ctx.accounts.vault.balance = ctx.accounts.vault.balance
        .checked_sub(amount)
        .ok_or(VaultError::Overflow)?;
 
    Ok(())
}

Below 1 SOL, enforce() returns Ok(()). No passkey needed.

param_offset is the byte position of your target u64, counted after the 8-byte Anchor discriminator. The guard reads this value directly from the instruction data — the caller cannot fake it.

Instructionparam_offset
fn withdraw(ctx, amount: u64)0
fn transfer(ctx, recipient: Pubkey, amount: u64)32
fn action(ctx, flag: bool, amount: u64)1

Each type occupies its byte size: Pubkey = 32, u64 = 8, u32 = 4, bool/u8 = 1.

4. Client

Wrap your app once, then call authorizeAndSend wherever you trigger a protected transaction.

// _app.tsx
import { TranaProvider, TranaModal } from "@tranaprotocol/guard-sdk"
import { PublicKey } from "@solana/web3.js"
 
const TRANA_GUARD_PROGRAM_ID = new PublicKey(process.env.NEXT_PUBLIC_TRANA_GUARD_PROGRAM_ID!)
 
export default function AppShell({ children }: { children: React.ReactNode }) {
  return (
<TranaProvider config={{
  tranaGuardProgramId: TRANA_GUARD_PROGRAM_ID,
  policy: "trana.limit",
}}>
  {children}
  <TranaModal />
</TranaProvider>
  )
}
// withdraw.tsx
const { authorizeAndSend } = useTrana()
 
const withdrawIx = await program.methods.withdraw(amount).instruction()
 
await authorizeAndSend({
  instruction: withdrawIx,
  label: `Withdraw ${amount / 1e9} SOL`,
  buildTransaction: async ({ recentBlockhash }) => {
    const tx = new Transaction({ recentBlockhash, feePayer: wallet.publicKey })
    tx.add(withdrawIx)
    return tx
  },
})

The SDK handles everything on the client side: simulation, first-time registration, the review modal, the biometric prompt, and proof construction. Your program code stays the same.

Policies

VariantFires when
Policy::RequireAlways
Policy::Limit { param_offset, limit }u64 at offset ≥ limit
Policy::NotBefore { slot }current slot < slot
Policy::NotAfter { slot }current slot > slot

When a conditional policy doesn’t fire, enforce() returns Ok(()). No proof required.

Authenticators

Touch ID · Face ID · Android biometric · YubiKey 5 · Google Titan · Windows Hello

Last updated on
How it worksIntegration