Building SolSab

Written by Iaroslav Mazur, Smart Contract Engineer at Sablier Labs

Ever since 2019, Sablier has been the go-to protocol for token streaming and vesting on Ethereum. And for many of these years, we kept getting the same question from our users: "Wen Solana?"

"Fair enough!", we thought. Solana's high speed, low costs and growing ecosystem made it an obvious next step for us. So, we set out to build SolSab - two production-ready Anchor programs that'd bring token streaming to Solana.

Now, after many months of dedicated glass-chewing, we'd like to go over the challenges we've faced and the things we've learned shipping Lockup (streaming/vesting) and Merkle Instant (instant airdrops) to Solana.

The Tech Stack

First, the basics. SolSab has been built with the Anchor framework, using the latest version of the Solana toolchain. Its tech stack also includes:

• Dual token standard support: Both SPL Token and Token2022 are supported by the Lockup and Merkle Instant programs.
• NFT-based stream identification: Each Lockup stream is represented via an NFT implementing the Metaplex Token Metadata standard. We considered ditching NFTs for Solana, but decided that it's best to maintain the same UX our users like in the EVM ecosystem.
• Chainlink oracle integration for price feeds.
• Vitest + anchor-bankrun for comprehensive testing of the programs.
• BiomeJS, Prettier, and just for code quality and task automation.

Technical Challenges

Now, let's go over some of the challenges we've faced while developing SolSab.

Multiple Streams Created in a Single Transaction

The elegant, deterministic seed generation for the stream-related PDAs we've initially implemented was, sadly, incompatible with the batch-creation of streams. Therefore, in order to always generate unique PDAs, we've introduced a random "salt" into our PDA seeds. As a result, you can now create an entire team's vesting schedule in a single transaction!

Wrestling with Metaplex

Integrating NFT functionality using Metaplex Token Metadata was... quite an experience. Documentation gaps, edge cases, unexpected behaviors - you name it. However, thanks to persistence and experimentation, we've successfully completed this integration - and are now working on upgrading our NFTs to the MPL Core standard for an even cleaner and more efficient UX.

Fee mechanism design

Because Solana doesn't allow transferring value SOL and executing a program function in the same instruction, we had to rethink our approach to fee charging - and come up with a new one, from scratch.

Instruction Stack Limit

Solana's instruction stack limit hit us hard. We couldn't fit all the necessary accounts into several of our instructions - and had to split the corresponding logic into more instructions with a smaller size.

The good news? Anchor fixed this problem in a later release (shoutout to the Anchor team!) - and we could, ultimately, go back to a simpler instruction architecture.

Testing via TypeScript, Instead of Rust

Having to write our tests in TypeScript, rather than Rust (which is the language of the tested programs), was a real bummer. While Rust tests were, theoretically, possible, documentation- and feature-wise, TypeScript was the pragmatic choice for testing.

Fuzz Testing with Trident

Striving to offer the safest UX to our users, we didn't think twice when we heard about Trident - a cutting-edge fuzzing framework for testing Solana programs. Its fast-paced development, breaking changes and poor documentation didn't scare us, as we eagerly became one of their early users - and used the framework to develop a Fuzz test suite of our own.

The fuzzer found zero bugs in our programs, transforming this challenge into a real achievement for Sablier!

Contributing back

While developing SolSab, we've actively reported issues and submitted PRs to the open-source tools we depend on, including Trident and anchor-bankrun, because a rising tide lifts all boats!

Testing Philosophy

Our testing strategy centers around anchor-bankrun's time travel capability. When you're testing vesting schedules that unlock over months or years, fast-forwarding time is non-negotiable!

We also use:

• Chainlink mocks for deterministic price feed testing
• External program fixtures (Metaplex, Chainlink binaries) downloaded during the test setup
• Trident for fuzz testing and invariant checking

Security Audit

For DeFi protocols handling user funds, third-party security review isn't optional - it's a must!

Therefore, we're pleased to share that we've successfully passed a security audit by Cantina. You can read the full audit report on GitHub.

What's Next

We're not done! Our Solana roadmap for the near future includes:

• LockupTranched: More flexible vesting curves beyond linear streaming
• MPL Core upgrade: Cleaner NFT integration with the latest Metaplex standard

Try It!

Check out the SolSab dApp at solana.sablier.com, our open-source repo at github.com/sablier-labs/solsab - or ping us on Discord/Twitter if you have any questions!

For the full technical breakdown of the SolSab programs, check out our Solana documentation.