Protocol/Contract

Contract

Invia is a single Anchor program (Rust) deployed to Solana. The source is open on GitHub under MIT, the upgrade authority is renounced at the launch deploy, and the bytecode is verifiable against the published source.

Program ID

DevnetC9YABXJdHpiz4gjDuVrmCV7Qhq7uGGLNcdDnKu5UBiUV

MainnetLocked at the D0 deploy and published here.

Upgrade authorityRenounced at the launch transaction. The on-chain bytecode becomes permanent.

TreasuryGkwMZWc2yDomxMwNVsr9zDysXybyEQcz5RAGL4As6rCY

Source

The Anchor program is open under MIT at github.com/invia-app/invia-app under program/programs/invia/src/lib.rs. The whole program is roughly 300 lines of Rust.

Verification

After the mainnet deploy, the program is verifiable against the source using solana-verify:

solana-verify verify-from-repo \
  https://github.com/invia-app/invia-app

This rebuilds the program from the published commit and compares the resulting bytecode hash against the on-chain bytecode. A pass means the source you read is exactly the bytecode the cluster runs.

What is hardcoded

These values are constants in the source and cannot be changed without publishing new bytecode (which the renounced upgrade authority makes impossible):

FEE_BPS20

MAX_EXPIRY_SECONDS2_592_000

EXPIRY_BOUNTY_LAMPORTS1_000_000

TREASURYGkwMZWc2yDomxMwNVsr9zDysXybyEQcz5RAGL4As6rCY

Allowed payment mintsUSDC, USDT, wSOL, checked by program at create_offer

The point of hardcoding

Hardcoding is the trust model. Every parameter you might want to change to extract value from users, fee rate, treasury, payment mint whitelist, is a compile-time constant. Changing any of them would require new bytecode, and the upgrade authority is gone. The contract cannot evolve against you.