sip-protocol
diff --git a/‎packages/sdk/src/chains/solana/providers/generic.ts‎
Lines changed: 35 additions & 3 deletions b/‎packages/sdk/src/chains/solana/providers/generic.ts‎
Lines changed: 35 additions & 3 deletions
diff --git a/‎packages/sdk/src/chains/solana/scan.ts‎
Lines changed: 45 additions & 18 deletions b/‎packages/sdk/src/chains/solana/scan.ts‎
Lines changed: 45 additions & 18 deletions
diff --git a/‎packages/sdk/src/chains/solana/types.ts‎
Lines changed: 30 additions & 3 deletions b/‎packages/sdk/src/chains/solana/types.ts‎
Lines changed: 30 additions & 3 deletions
@@ -30,8 +30,11 @@ import {
   TOKEN_PROGRAM_ID,
   getAssociatedTokenAddress,
   getAccount,
+  TokenAccountNotFoundError,
+  TokenInvalidAccountOwnerError,
 } from '@solana/spl-token'
 import type { SolanaRPCProvider, TokenAsset, GenericProviderConfig } from './interface'
+import { NetworkError } from '../../../errors'
 
 /**
  * RPC endpoint URLs by cluster
@@ -119,6 +122,12 @@ export class GenericProvider implements SolanaRPCProvider {
    *
    * Uses getAccount on the associated token address.
    */
+  /**
+   * Get token balance for a specific mint
+   *
+   * M1 FIX: Properly differentiate between missing accounts (return 0n)
+   * and actual RPC errors (throw NetworkError)
+   */
   async getTokenBalance(owner: string, mint: string): Promise<bigint> {
     // Validate addresses before trying to fetch (these errors should propagate)
     const ownerPubkey = validateSolanaAddress(owner, 'owner')
@@ -133,9 +142,32 @@ export class GenericProvider implements SolanaRPCProvider {
 
       const account = await getAccount(this.connection, ata)
       return account.amount
-    } catch {
-      // Account doesn't exist or other RPC error
-      return 0n
+    } catch (error) {
+      // M1 FIX: Only return 0n for "account not found" errors
+      // Throw for actual RPC/network errors
+      if (
+        error instanceof TokenAccountNotFoundError ||
+        error instanceof TokenInvalidAccountOwnerError
+      ) {
+        // Account doesn't exist - this is expected, return 0n
+        return 0n
+      }
+
+      // Check for common RPC error patterns
+      const errorMessage = error instanceof Error ? error.message : String(error)
+      if (
+        errorMessage.includes('could not find account') ||
+        errorMessage.includes('Account does not exist')
+      ) {
+        return 0n
+      }
+
+      // Actual RPC/network error - throw
+      throw new NetworkError(
+        `Failed to get token balance: ${errorMessage}`,
+        undefined,
+        { endpoint: this.connection.rpcEndpoint }
+      )
     }
   }
 
 
@@ -119,28 +119,54 @@ export async function scanForPayments(
           const announcement = parseAnnouncement(memoContent)
           if (!announcement) continue
 
-          // Check if this payment is for us using view tag first
-          const ephemeralPubKeyHex = solanaAddressToEd25519PublicKey(
-            announcement.ephemeralPublicKey
-          )
+          // M5 FIX: Wrap ephemeral key conversion in try-catch
+          let ephemeralPubKeyHex: HexString
+          try {
+            ephemeralPubKeyHex = solanaAddressToEd25519PublicKey(
+              announcement.ephemeralPublicKey
+            )
+          } catch {
+            // Invalid ephemeral key format, skip this announcement
+            continue
+          }
 
           // Construct stealth address object for checking
           // viewTag is a number (0-255), parse from hex string
           const viewTagNumber = parseInt(announcement.viewTag, 16)
-          const stealthAddressToCheck: StealthAddress = {
-            address: announcement.stealthAddress
+
+          // M5 FIX: Validate view tag range
+          if (!Number.isInteger(viewTagNumber) || viewTagNumber < 0 || viewTagNumber > 255) {
+            continue
+          }
+
+          let stealthAddressHex: HexString
+          try {
+            stealthAddressHex = announcement.stealthAddress
               ? solanaAddressToEd25519PublicKey(announcement.stealthAddress)
-              : ('0x' + '00'.repeat(32)) as HexString, // Will be computed
+              : ('0x' + '00'.repeat(32)) as HexString
+          } catch {
+            continue
+          }
+
+          const stealthAddressToCheck: StealthAddress = {
+            address: stealthAddressHex,
             ephemeralPublicKey: ephemeralPubKeyHex,
             viewTag: viewTagNumber,
           }
 
-          // Check if this is our payment
-          const isOurs = checkEd25519StealthAddress(
-            stealthAddressToCheck,
-            viewingPrivateKey,
-            spendingPublicKey
-          )
+          // M5 FIX: Wrap checkEd25519StealthAddress in try-catch
+          // This can throw for invalid curve points
+          let isOurs = false
+          try {
+            isOurs = checkEd25519StealthAddress(
+              stealthAddressToCheck,
+              viewingPrivateKey,
+              spendingPublicKey
+            )
+          } catch {
+            // Invalid keys or malformed data - not our payment
+            continue
+          }
 
           if (isOurs) {
             // Parse token transfer from transaction
@@ -179,14 +205,15 @@ export async function scanForPayments(
             }
           }
         }
-      } catch (err) {
-        // Skip failed transaction parsing
-        console.warn(`Failed to parse tx ${sigInfo.signature}:`, err)
+      } catch {
+        // M10 FIX: Skip failed transaction parsing silently
+        // Individual tx parse failures shouldn't block scanning
       }
     }
   } catch (err) {
-    console.error('Scan failed:', err)
-    throw new Error(`Failed to scan for payments: ${err}`)
+    // M10 FIX: Remove console.error, throw proper error
+    const message = err instanceof Error ? err.message : String(err)
+    throw new Error(`Failed to scan for payments: ${message}`)
   }
 
   return results
 
@@ -154,6 +154,8 @@ export interface SolanaAnnouncement {
 /**
  * Parse announcement from memo string
  * Format: SIP:1:<ephemeral_pubkey_base58>:<view_tag_hex>
+ *
+ * M4 FIX: Validates view tag is exactly 1-2 hex characters (1 byte)
  */
 export function parseAnnouncement(memo: string): SolanaAnnouncement | null {
   if (!memo.startsWith('SIP:1:')) {
@@ -165,10 +167,35 @@ export function parseAnnouncement(memo: string): SolanaAnnouncement | null {
     return null
   }
 
+  const ephemeralPublicKey = parts[0]
+  const viewTag = parts[1]
+  const stealthAddress = parts[2]
+
+  // M4 FIX: Validate ephemeral public key (base58, 32-44 chars for Solana)
+  if (!ephemeralPublicKey || ephemeralPublicKey.length < 32 || ephemeralPublicKey.length > 44) {
+    return null
+  }
+
+  // M4 FIX: Validate view tag is 1-2 hex characters (represents 1 byte: 0-255)
+  if (!viewTag || viewTag.length > 2 || !/^[0-9a-fA-F]+$/.test(viewTag)) {
+    return null
+  }
+
+  // M4 FIX: Validate view tag numeric range (0-255)
+  const viewTagNum = parseInt(viewTag, 16)
+  if (viewTagNum < 0 || viewTagNum > 255) {
+    return null
+  }
+
+  // M4 FIX: Validate stealth address if provided
+  if (stealthAddress && (stealthAddress.length < 32 || stealthAddress.length > 44)) {
+    return null
+  }
+
   return {
-    ephemeralPublicKey: parts[0],
-    viewTag: parts[1],
-    stealthAddress: parts[2],
+    ephemeralPublicKey,
+    viewTag,
+    stealthAddress,
   }
 }