How do I install Rust & Solana?

Install Rust & Solana with a single command: npx mdskills install PatrickJS/cursor-rust. This downloads the skill files into your project and your AI agent picks them up automatically.

What platforms support Rust & Solana?

Rust & Solana works with Cursor. Skills use the open SKILL.md format which is compatible with any AI coding agent that reads markdown instructions.

← Back to rules

Rust & Solana

Name: Rust & Solana: AI Agent Skill
Rating: 8 (1 reviews)
Author: PatrickJS

Verified

RulesCode GenerationIntermediate

Rust best practices for Solana smart contract development using Anchor framework and Solana SDK

by @PatrickJS0Updated 2 weeks ago

Add this skill

npx mdskills install PatrickJS/cursor-rust

Fork & Edit

Skill Advisor8.0

Comprehensive Solana/Anchor ruleset with strong security, testing, and workflow guidance

+Covers security patterns thoroughly including signer validation and replay prevention
+Provides clear testing guidance with TypeScript/Mocha setup and validation patterns
+Includes performance optimization tips like zero-copy deserialization and compute profiling
-Lacks concrete code examples to demonstrate best practices in action
-Shell/network permissions seem excessive for a passive ruleset that guides code style

SKILL.md

Edit in Browser

1---
2description: Rust best practices for Solana smart contract development using Anchor framework and Solana SDK
3globs: programs/**/*.rs, src/**/*.rs, tests/**/*.ts
4---
5 
6# Rust + Solana (Anchor) Best Practices
7 
8## Program Structure
9- Structure Solana programs using `Anchor` framework standards
10- Place program entrypoint logic in `lib.rs`, not `main.rs`
11- Organize handlers into modules (e.g., `initialize`, `update`, `close`)
12- Separate state definitions, errors, instructions, and utils
13- Group reusable logic under a `utils` module (e.g., account validation)
14- Use `declare_id!()` to define program ID
15 
16## Anchor Framework
17- Use `#[derive(Accounts)]` for all instruction contexts
18- Validate accounts strictly using constraint macros (e.g., `#[account(mut)]`, `seeds`, `bump]`)
19- Define all state structs with `#[account]` and `#[derive(AnchorSerialize, AnchorDeserialize)]`
20- Prefer `Init`, `Close`, `Realloc`, `Mut`, and constraint macros to avoid manual deserialization
21- Use `ctx.accounts` to access validated context accounts
22- Handle CPI (Cross-Program Invocation) calls via Anchor’s CPI helpers
23 
24## Serialization
25- Use **Borsh** or Anchor's custom serializer (not Serde) for on-chain data
26- Always include `#[account(zero_copy)]` or `#[repr(C)]` for packed structures
27- Avoid floating point types — use `u64`, `u128`, or fixed-point math
28- Zero out or close unused accounts to reduce rent costs
29 
30## Testing
31- Write tests in TypeScript using Anchor’s Mocha + Chai setup (`tests/*.ts`)
32- Use `anchor.workspace.MyProgram` to load deployed contracts
33- Use `provider.simulate()` to inspect failed txs
34- Spin up a local validator (`anchor test`) and reset between tests
35- Airdrop SOL to wallets with `provider.connection.requestAirdrop(...)`
36- Validate program logs using `tx.confirmation.logMessages`
37 
38## Solana SDK (Manual)
39- Use `solana_program` crate when not using Anchor (bare-metal programs)
40- Carefully deserialize accounts using `AccountInfo`, `try_from_slice_unchecked`
41- Use `solana_program::msg!` for lightweight debugging logs
42- Verify accounts via `is_signer`, `is_writable`, `key == expected`
43- Never panic! Use `ProgramError::Custom(u32)` or `ErrorCode` enums
44 
45## Security Patterns
46- Always validate `msg.sender`/signer with `account_info.is_signer`
47- Prevent replay attacks via `seeds`, `bump`, and unique PDAs
48- Use strict size checks before reallocating or deserializing
49- Avoid unsafe unchecked casting; prefer Anchor deserialization
50- For CPIs, validate `target_program` against expected program ID
51- When using randomness, never rely on timestamps — use oracles or off-chain VRFs
52 
53## Performance
54- Prefer zero-copy deserialization when accounts are large
55- Minimize compute usage; avoid loops and recursion
56- Avoid memory reallocations mid-instruction
57- Use `#[account(zero_copy)]` and `#[repr(packed)]` for tight layout
58- Profile compute units with `solana logs` and `anchor run`
59 
60## Dev Workflow
61- Use `anchor init` to scaffold projects
62- Add Anchor IDL support for front-end usage (JSON ABI)
63- Use `anchor build`, `anchor deploy`, `anchor test` consistently
64- Use separate `Anchor.toml` environments for devnet/mainnet/localnet
65- Format all Rust code with `cargo fmt`, lint with `cargo clippy`
66- Keep `Cargo.lock` checked into `programs/` but not root
67 
68## Documentation
69- Use `///` Rust doc comments for all instructions and accounts
70- Include doc examples for each instruction
71- Document PDA derivation logic and bump seed expectations
72- Maintain up-to-date `README.md` with test commands and deployment steps
73 
74## Wallet & Network Handling
75- Use `anchorProvider.wallet.publicKey` for signer verification in tests
76- Do not hardcode keypairs — use env-based loading (`process.env.ANCHOR_WALLET`)
77- Deploy with clear `cluster` targets (`localnet`, `devnet`, `mainnet`)
78- Use `anchor keys sync` to propagate program ID changes
79- Commit `target/idl/` and `target/types/` to share with front end
80 
81## CI/CD & Deploy
82- Use GitHub Actions with `solana-cli`, `anchor-cli`, and `node` installed
83- Run `anchor test` in CI for every PR
84- Use `solana program deploy` with explicit `--program-id` on production deploys
85- Upload IDLs to a central registry (e.g., GitHub, IPFS, or `anchor.cloud`)
86

Full transparency — inspect the skill content before installing.