Goal: Use Program‑Derived Addresses correctly.

Cover: Seeds and bump, PDA signing (invoke_signed), canonical seeds, authority models, ATA derivation.

Activity: Create a PDA‑owned vault and restrict writes to PDA authority.

Takeaway: “I can gate actions with PDAs instead of private keys.”

1) Module overview

Program‑Derived Addresses (PDAs) are deterministic addresses that don’t have private keys (they’re forced off the Ed25519 curve). Your program can still “sign” for them during CPIs via invoke_signed, using the exact seeds and bump used to derive the PDA. Use PDAs to own your state, act as authorities, and create safe vaults—without ever managing secret keys on‑chain.

2) Plain‑English explainer

Seeds, bump, and the canonical bump

• A PDA = hash(program_id + seeds + bump) chosen so the result is off‑curve (no private key exists).
• The SDK searches bump values 255 → 0 and the first off‑curve bump is the canonical bump.
• Store that bump in your account if you’ll need to re‑derive later.

Deriving PDAs (SDKs)

• Rust: Pubkey::find_program_address / try_find_program_address
• web3.js: PublicKey.findProgramAddressSync

These return (pda, bump); pass the same seeds + bump to the program (or re‑compute in‑program) when you need PDA signing.

PDA signing (how programs “sign”)

• When a CPI needs a signer and that signer is a PDA your program controls, call invoke_signed(instruction, accounts, &[&seeds_with_bump]).
• The runtime re‑computes the PDA and, if it matches, treats it as a signer for that single CPI.