The Immutable Owner Extension
The ImmutableOwner extension is a Token account extension that prevents any changes in ownership of the Token account. This secures accounts against unauthorized access and transfer attempts.
All
TokenExtensions Program ATAs have immutable owners enabled by default
Initializing the Token Account
To initialie the ImmutableOwner extension on a Token account we're going to need the initializeImmutableOwner() function.
Here's how to create a mint with the Immutable Owner extension:
import {
Keypair,
SystemProgram,
Transaction,
sendAndConfirmTransaction,
} from '@solana/web3.js';
import {
createInitializeAccountInstruction,
createInitializeImmutableOwnerInstruction,
getAccountLen,
ExtensionType,
TOKEN_2022_PROGRAM_ID,
} from '@solana/spl-token';
const tokenAccount = Keypair.generate();
// Calculate the size needed for a Token account with Transfer Fee extension
const accountLen = getAccountLen([ExtensionType.ImmutableOwner]);
// Calculate minimum lamports required for rent exemption
const lamports = await connection.getMinimumBalanceForRentExemption(accountLen);
// Create the account with the correct size and owner
const createAccountInstruction = SystemProgram.createAccount({
fromPubkey: keypair.publicKey,
newAccountPubkey: tokenAccount.publicKey,
space: accountLen,
lamports,
programId: TOKEN_2022_PROGRAM_ID,
});
// Initialize the Immutable Owner extension
const initializeImmutableOwnerInstruction = createInitializeImmutableOwnerInstruction(
tokenAccount.publicKey,
TOKEN_2022_PROGRAM_ID,
);
// Initialize the Token account itself
const initializeAccountInstruction = createInitializeAccountInstruction(
tokenAccount.publicKey,
mint.publicKey,
keypair.publicKey,
TOKEN_2022_PROGRAM_ID,
);
const transaction = new Transaction().add(
createAccountInstruction,
initializeImmutableOwnerInstruction,
initializeAccountInstruction,
);
const signature = await sendAndConfirmTransaction(connection, transaction, [keypair, tokenAccount], {skipPreflight: false});
console.log(`Token accounts created! Check out your TX here: https://explorer.solana.com/tx/${signature}?cluster=devnet`);As pointed out, if we want to add this extension to an Associated Token account, we just initialize it with the Token2022 program.