Approve grants a delegate permission to transfer up to a specified amount of tokens from your account.
- Each token account can have only one delegate at a time.
- Any new approval overwrites the previous one.
Revoke removes all delegate permissions from a Light Token account.
Only the token account owner can approve or revoke delegates.

Agent skill

npx skills add https://zkcompression.com

See the AI tools guide for dedicated skills.

TypeScript Client
Rust Client
Program

Approve
Revoke

approve grants a delegate permission to transfer up to a specified amount of tokens.

revoke removes all delegate permissions from a Light Token account.

Find the source code: delegate-approve.ts | delegate-revoke.ts

Guide
AI Prompt

Approve a delegate

Installation

npm
yarn
pnpm

Install packages in your working directory:

npm install @lightprotocol/stateless.js@beta \
            @lightprotocol/compressed-token@beta

Install the CLI globally:

npm install -g @lightprotocol/zk-compression-cli@beta

Install packages in your working directory:

yarn add @lightprotocol/stateless.js@beta \
         @lightprotocol/compressed-token@beta

Install the CLI globally:

yarn global add @lightprotocol/zk-compression-cli@beta

Install packages in your working directory:

pnpm add @lightprotocol/stateless.js@beta \
         @lightprotocol/compressed-token@beta

Install the CLI globally:

pnpm add -g @lightprotocol/zk-compression-cli@beta

Localnet
Devnet

# start local test-validator in a separate terminal
light test-validator

In the code examples, use createRpc() without arguments for localnet.

Get an API key from Helius and add to .env:

.env

API_KEY=<your-helius-api-key>

In the code examples, use createRpc(RPC_URL) with the devnet URL.

import "dotenv/config";
import { Keypair } from "@solana/web3.js";
import { createRpc } from "@lightprotocol/stateless.js";
import {
    createMintInterface,
    mintToCompressed,
    approve,
} from "@lightprotocol/compressed-token";
import { homedir } from "os";
import { readFileSync } from "fs";

// devnet:
// const RPC_URL = `https://devnet.helius-rpc.com?api-key=${process.env.API_KEY!}`;
// const rpc = createRpc(RPC_URL);
// localnet:
const rpc = createRpc();

const payer = Keypair.fromSecretKey(
    new Uint8Array(
        JSON.parse(readFileSync(`${homedir()}/.config/solana/id.json`, "utf8")),
    ),
);

(async function () {
    const { mint } = await createMintInterface(rpc, payer, payer, null, 9);
    await mintToCompressed(rpc, payer, mint, payer, [{ recipient: payer.publicKey, amount: 1000n }]);

    const delegate = Keypair.generate();
    const tx = await approve(
        rpc,
        payer,
        mint,
        500,
        payer,
        delegate.publicKey,
    );

    console.log("Tx:", tx);
})();

Revoke a delegate

import "dotenv/config";
import { Keypair } from "@solana/web3.js";
import { createRpc } from "@lightprotocol/stateless.js";
import {
    createMintInterface,
    mintToCompressed,
    approve,
    revoke,
} from "@lightprotocol/compressed-token";
import { homedir } from "os";
import { readFileSync } from "fs";

// devnet:
// const RPC_URL = `https://devnet.helius-rpc.com?api-key=${process.env.API_KEY!}`;
// const rpc = createRpc(RPC_URL);
// localnet:
const rpc = createRpc();

const payer = Keypair.fromSecretKey(
    new Uint8Array(
        JSON.parse(readFileSync(`${homedir()}/.config/solana/id.json`, "utf8")),
    ),
);

(async function () {
    const { mint } = await createMintInterface(rpc, payer, payer, null, 9);
    await mintToCompressed(rpc, payer, mint, payer, [{ recipient: payer.publicKey, amount: 1000n }]);

    const delegate = Keypair.generate();
    await approve(rpc, payer, mint, 500, payer, delegate.publicKey);

    const delegatedAccounts = await rpc.getCompressedTokenAccountsByDelegate(
        delegate.publicKey,
        { mint },
    );
    const tx = await revoke(rpc, payer, delegatedAccounts.items, payer);

    console.log("Tx:", tx);
})();

Approve and revoke token delegates

Open in Cursor

---
description: Approve and revoke token delegates
allowed-tools: Bash, Read, Write, Edit, Glob, Grep, WebFetch, AskUserQuestion, Task, TaskCreate, TaskGet, TaskList, TaskUpdate, TaskOutput, mcp__deepwiki, mcp__zkcompression
---

## Approve and revoke token delegates

Context:
- Guide: https://zkcompression.com/light-token/cookbook/approve-revoke
- Skills and resources index: https://zkcompression.com/skill.md
- SPL to Light reference: https://zkcompression.com/api-reference/solana-to-light-comparison
- Packages: @lightprotocol/compressed-token, @lightprotocol/stateless.js

SPL equivalent: approve() / revoke() → Light Token: approve() / revoke()

### 1. Index project
- Grep `@solana/spl-token|Connection|Keypair|approve|revoke|delegate` across src/
- Glob `**/*.ts` for project structure
- Identify: RPC setup, existing delegation logic, entry point for delegation
- Task subagent (Grep/Read/WebFetch) if project has multiple packages to scan in parallel

### 2. Read references
- WebFetch the guide above — follow the TypeScript Client tab
- WebFetch skill.md — check for a dedicated skill and resources matching this task
- TaskCreate one todo per phase below to track progress

### 3. Clarify intention
- AskUserQuestion: what is the goal? (new feature, migrate existing SPL code, add alongside existing)
- AskUserQuestion: does the project already have delegate operations to extend, or is this greenfield?
- Summarize findings and wait for user confirmation before implementing

### 4. Create plan
- Based on steps 1–3, draft an implementation plan: which files to modify, what code to add, dependency changes
- Verify existing connection/signer setup is compatible with the cookbook prerequisites
- If anything is unclear or ambiguous, loop back to step 3 (AskUserQuestion)
- Present the plan to the user for approval before proceeding

### 5. Implement
- Add deps if missing: Bash `npm install @lightprotocol/compressed-token @lightprotocol/stateless.js`
- Follow the cookbook guide and the approved plan
- Write/Edit to create or modify files
- TaskUpdate to mark each step done

### 6. Verify
- Bash `tsc --noEmit`
- Bash run existing test suite if present
- TaskUpdate to mark complete

### Tools
- mcp__zkcompression__SearchLightProtocol("<query>") for API details
- mcp__deepwiki__ask_question("Lightprotocol/light-protocol", "<q>") for architecture
- Task subagent with Grep/Read/WebFetch for parallel lookups
- TaskList to check remaining work

Approve
Revoke

Guide
AI Prompt

Prerequisites

Dependencies

Cargo.toml

[dependencies]
light-token = "0.4.0"
light-client = { version = "0.19.0", features = ["v2"] }
solana-sdk = "2"
borsh = "0.10.4"
tokio = { version = "1", features = ["full"] }

Developer Environment

In-Memory (LightProgramTest)
Localnet (LightClient)
Devnet (LightClient)

Test with Lite-SVM (…)

# Initialize project
cargo init my-light-project
cd my-light-project

# Run tests
cargo test

use light_program_test::{LightProgramTest, ProgramTestConfig};
use solana_sdk::signer::Signer;

#[tokio::test]
async fn test_example() {
    // In-memory test environment 
    let mut rpc = LightProgramTest::new(ProgramTestConfig::default())
        .await
        .unwrap();

    let payer = rpc.get_payer().insecure_clone();
    println!("Payer: {}", payer.pubkey());
}

Connects to a local test validator.

npm
yarn
pnpm

npm install -g @lightprotocol/zk-compression-cli@beta

yarn global add @lightprotocol/zk-compression-cli@beta

pnpm add -g @lightprotocol/zk-compression-cli@beta

# Initialize project
cargo init my-light-project
cd my-light-project

# Start local test validator (in separate terminal)
light test-validator

use light_client::rpc::{LightClient, LightClientConfig, Rpc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Connects to http://localhost:8899
    let rpc = LightClient::new(LightClientConfig::local()).await?;

    let slot = rpc.get_slot().await?;
    println!("Current slot: {}", slot);

    Ok(())
}

Replace <your-api-key> with your actual API key. Get your API key here.

use light_client::rpc::{LightClient, LightClientConfig, Rpc};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let rpc_url = "https://devnet.helius-rpc.com?api-key=<your_api_key>";
    let rpc = LightClient::new(
        LightClientConfig::new(rpc_url.to_string(), None, None)
    ).await?;

    println!("Connected to Devnet");
    Ok(())
}

Approve or revoke delegates

Find the source code here.

Approve
Revoke

Action
Instruction

use borsh::BorshDeserialize;
use light_client::rpc::Rpc;
use light_token_client::actions::Approve;
use rust_client::{setup, SetupContext};
use solana_sdk::{signature::Keypair, signer::Signer};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Setup creates mint and associated token account with tokens
    let SetupContext {
        mut rpc,
        payer,
        associated_token_account,
        ..
    } = setup().await;

    let delegate = Keypair::new();

    let sig = Approve {
        token_account: associated_token_account,
        delegate: delegate.pubkey(),
        amount: 500_000,
        owner: Some(payer.pubkey()),
    }
    .execute(&mut rpc, &payer)
    .await?;

    let data = rpc.get_account(associated_token_account).await?.ok_or("Account not found")?;
    let token = light_token_interface::state::Token::deserialize(&mut &data.data[..])?;
    println!("Delegate: {:?} Tx: {sig}", token.delegate);

    Ok(())
}

use borsh::BorshDeserialize;
use light_client::rpc::Rpc;
use light_token::instruction::Approve;
use rust_client::{setup, SetupContext};
use solana_sdk::{signature::Keypair, signer::Signer};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Setup creates mint and associated token account with tokens
    let SetupContext {
        mut rpc,
        payer,
        associated_token_account,
        ..
    } = setup().await;

    let delegate = Keypair::new();
    let delegate_amount = 500_000u64;

    let approve_instruction = Approve {
        token_account: associated_token_account,
        delegate: delegate.pubkey(),
        owner: payer.pubkey(),
        amount: delegate_amount,
    }
    .instruction()?;

    let sig = rpc
        .create_and_send_transaction(&[approve_instruction], &payer.pubkey(), &[&payer])
        .await?;

    let data = rpc.get_account(associated_token_account).await?.ok_or("Account not found")?;
    let token = light_token_interface::state::Token::deserialize(&mut &data.data[..])?;
    println!("Delegate: {:?} Tx: {sig}", token.delegate);

    Ok(())
}

Action
Instruction

use borsh::BorshDeserialize;
use light_client::rpc::Rpc;
use light_token_client::actions::Revoke;
use rust_client::{setup, SetupContext};
use solana_sdk::signer::Signer;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Setup creates mint and associated token account with approved delegate
    let SetupContext {
        mut rpc,
        payer,
        associated_token_account,
        ..
    } = setup().await;

    let sig = Revoke {
        token_account: associated_token_account,
        owner: Some(payer.pubkey()),
    }
    .execute(&mut rpc, &payer)
    .await?;

    let data = rpc.get_account(associated_token_account).await?.ok_or("Account not found")?;
    let token = light_token_interface::state::Token::deserialize(&mut &data.data[..])?;
    println!("Delegate: {:?} Tx: {sig}", token.delegate);

    Ok(())
}

use borsh::BorshDeserialize;
use light_client::rpc::Rpc;
use light_token::instruction::Revoke;
use rust_client::{setup, SetupContext};
use solana_sdk::signer::Signer;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Setup creates mint, associated token account with tokens, and approves delegate
    let SetupContext {
        mut rpc,
        payer,
        associated_token_account,
        ..
    } = setup().await;

    let revoke_instruction = Revoke {
        token_account: associated_token_account,
        owner: payer.pubkey(),
    }
    .instruction()?;

    let sig = rpc
        .create_and_send_transaction(&[revoke_instruction], &payer.pubkey(), &[&payer])
        .await?;

    let data = rpc.get_account(associated_token_account).await?.ok_or("Account not found")?;
    let token = light_token_interface::state::Token::deserialize(&mut &data.data[..])?;
    println!("Delegate: {:?} Tx: {sig}", token.delegate);

    Ok(())
}

Approve and revoke token delegates

Open in Cursor

---
description: Approve and revoke token delegates
allowed-tools: Bash, Read, Write, Edit, Glob, Grep, WebFetch, AskUserQuestion, Task, TaskCreate, TaskGet, TaskList, TaskUpdate, TaskOutput, mcp__deepwiki, mcp__zkcompression
---

## Approve and revoke token delegates

Context:
- Guide: https://zkcompression.com/light-token/cookbook/approve-revoke
- Skills and resources index: https://zkcompression.com/skill.md
- SPL to Light reference: https://zkcompression.com/api-reference/solana-to-light-comparison
- Crates: light-token-client (actions), light-token (instructions), light-client (RPC)

SPL equivalent: spl_token::instruction::approve / revoke → Light Token: Approve / Revoke

### 1. Index project
- Grep `light_token::|light_token_client::|solana_sdk|Keypair|async|Approve|Revoke|delegate` across src/
- Glob `**/*.rs` for project structure
- Identify: RPC setup, existing token ops, entry point for delegation
- Check Cargo.toml for existing light-* dependencies and solana-sdk version
- Task subagent (Grep/Read/WebFetch) if project has multiple crates to scan in parallel

### 2. Read references
- WebFetch the guide above — follow the Rust Client tab
- WebFetch skill.md — check for a dedicated skill and resources matching this task
- TaskCreate one todo per phase below to track progress

### 3. Clarify intention
- AskUserQuestion: what is the goal? (new feature, migrate existing SPL code, add alongside existing)
- AskUserQuestion: does the project already have delegation operations to extend, or is this greenfield?
- AskUserQuestion: action-level API (high-level, fewer lines) or instruction-level API (low-level, full control)?
- Summarize findings and wait for user confirmation before implementing

### 4. Create plan
- Based on steps 1–3, draft an implementation plan: which files to modify, what code to add, dependency changes
- Verify existing Rpc/signer setup is compatible with the cookbook prerequisites (light_client::rpc::Rpc, solana_sdk::signature::Keypair)
- If anything is unclear or ambiguous, loop back to step 3 (AskUserQuestion)
- Present the plan to the user for approval before proceeding

### 5. Implement
- Add deps if missing: Bash `cargo add light-token-client light-token light-client --features light-client/v2`
- Follow the cookbook guide and the approved plan
- Write/Edit to create or modify files
- TaskUpdate to mark each step done

### 6. Verify
- Bash `cargo check`
- Bash `cargo test` if tests exist
- TaskUpdate to mark complete

### Tools
- mcp__zkcompression__SearchLightProtocol("<query>") for API details
- mcp__deepwiki__ask_question("Lightprotocol/light-protocol", "<q>") for architecture
- Task subagent with Grep/Read/WebFetch for parallel lookups
- TaskList to check remaining work

Guide
AI Prompt

Find a full code example at the end.

Approve
Revoke

Build Account Infos and CPI the Light Token Program

Use invoke for external signers or invoke_signed when the authority is a PDA.

invoke (External signer)
invoke_signed (PDA owner)

use light_token::instruction::ApproveCpi;

ApproveCpi {
    token_account: token_account.clone(),
    delegate: delegate.clone(),
    owner: owner.clone(),
    system_program: system_program.clone(),
    amount,
}
.invoke()?;

use light_token::instruction::ApproveCpi;

let approve_cpi = ApproveCpi {
    token_account: token_account.clone(),
    delegate: delegate.clone(),
    owner: owner.clone(),
    system_program: system_program.clone(),
    amount,
};

let signer_seeds: &[&[u8]] = &[TOKEN_ACCOUNT_SEED, &[bump]];
approve_cpi.invoke_signed(&[signer_seeds])?;

Build Account Infos and CPI the Light Token Program

Use invoke for external signers or invoke_signed when the authority is a PDA.

invoke (External signer)
invoke_signed (PDA owner)

use light_token::instruction::RevokeCpi;

RevokeCpi {
    token_account: token_account.clone(),
    owner: owner.clone(),
    system_program: system_program.clone(),
}
.invoke()?;

use light_token::instruction::RevokeCpi;

let revoke_cpi = RevokeCpi {
    token_account: token_account.clone(),
    owner: owner.clone(),
    system_program: system_program.clone(),
};

let signer_seeds: &[&[u8]] = &[TOKEN_ACCOUNT_SEED, &[bump]];
revoke_cpi.invoke_signed(&[signer_seeds])?;

Full Code Example

Approve
Revoke

View the source code and full example with shared test utilities.

#![allow(unexpected_cfgs, deprecated)]

use anchor_lang::prelude::*;
use light_token::instruction::ApproveCpi;

declare_id!("37XmzKqSG2VD1ZBvzyfbt1HN1mT1bqVAmfzX2ziB3KT1");

#[program]
pub mod light_token_anchor_approve {
    use super::*;

    pub fn approve(ctx: Context<ApproveAccounts>, amount: u64) -> Result<()> {
        ApproveCpi {
            token_account: ctx.accounts.token_account.to_account_info(),
            delegate: ctx.accounts.delegate.to_account_info(),
            owner: ctx.accounts.owner.to_account_info(),
            system_program: ctx.accounts.system_program.to_account_info(),
            amount,
        }
        .invoke()?;
        Ok(())
    }
}

#[derive(Accounts)]
pub struct ApproveAccounts<'info> {
    /// CHECK: Light token program for CPI
    pub light_token_program: AccountInfo<'info>,
    /// CHECK: Validated by light-token CPI
    #[account(mut)]
    pub token_account: AccountInfo<'info>,
    /// CHECK: Validated by light-token CPI
    pub delegate: AccountInfo<'info>,
    pub owner: Signer<'info>,
    pub system_program: Program<'info, System>,
}

View the source code and full example with shared test utilities.

#![allow(unexpected_cfgs, deprecated)]

use anchor_lang::prelude::*;
use light_token::instruction::RevokeCpi;

declare_id!("G3ph4MK5qaSdxYnfxToETg31AHEMMqVhPuMRgBhk38tQ");

#[program]
pub mod light_token_anchor_revoke {
    use super::*;

    pub fn revoke(ctx: Context<RevokeAccounts>) -> Result<()> {
        RevokeCpi {
            token_account: ctx.accounts.token_account.to_account_info(),
            owner: ctx.accounts.owner.to_account_info(),
            system_program: ctx.accounts.system_program.to_account_info(),
        }
        .invoke()?;
        Ok(())
    }
}

#[derive(Accounts)]
pub struct RevokeAccounts<'info> {
    /// CHECK: Light token program for CPI
    pub light_token_program: AccountInfo<'info>,
    /// CHECK: Validated by light-token CPI
    #[account(mut)]
    pub token_account: AccountInfo<'info>,
    pub owner: Signer<'info>,
    pub system_program: Program<'info, System>,
}

Add approve and revoke CPI to an Anchor program

Open in Cursor

---
description: Add approve and revoke CPI to an Anchor program
allowed-tools: Bash, Read, Write, Edit, Glob, Grep, WebFetch, AskUserQuestion, Task, TaskCreate, TaskGet, TaskList, TaskUpdate, TaskOutput, mcp__deepwiki, mcp__zkcompression
---

## Add approve and revoke CPI to an Anchor program

Context:
- Guide: https://zkcompression.com/light-token/cookbook/approve-revoke
- Skills and resources index: https://zkcompression.com/skill.md
- SPL to Light reference: https://zkcompression.com/api-reference/solana-to-light-comparison
- Crate: light-token (ApproveCpi, RevokeCpi)
- Example: https://github.com/Lightprotocol/examples-light-token/tree/main/programs/anchor/basic-instructions/approve

Key CPI structs: `light_token::instruction::ApproveCpi`, `light_token::instruction::RevokeCpi`

### 1. Index project
- Grep `declare_id|#\[program\]|anchor_lang|Account<|Pubkey|invoke|approve|revoke|delegate` across src/
- Glob `**/*.rs` and `**/Cargo.toml` for project structure
- Identify: program ID, existing instructions, account structs, delegate accounts
- Read Cargo.toml — note existing dependencies and framework version
- Task subagent (Grep/Read/WebFetch) if project has multiple crates to scan in parallel

### 2. Read references
- WebFetch the guide above — review both Approve and Revoke CPI code samples
- WebFetch skill.md — check for a dedicated skill and resources matching this task
- TaskCreate one todo per phase below to track progress

### 3. Clarify intention
- AskUserQuestion: what is the goal? (add approve/revoke to existing program, new program from scratch, migrate from SPL approve/revoke)
- AskUserQuestion: should the owner be an external signer or a PDA? (determines invoke vs invoke_signed)
- AskUserQuestion: do you need both approve and revoke, or just one?
- Summarize findings and wait for user confirmation before implementing

### 4. Create plan
- Based on steps 1–3, draft an implementation plan: which files to modify, what code to add, dependency changes
- Follow the guide's step order: Build ApproveCpi/RevokeCpi structs → call .invoke() or .invoke_signed()
- If anything is unclear or ambiguous, loop back to step 3 (AskUserQuestion)
- Present the plan to the user for approval before proceeding

### 5. Implement
- Add deps if missing: Bash `cargo add light-token anchor-lang@0.31`
- Follow the guide and the approved plan
- Write/Edit to create or modify files
- TaskUpdate to mark each step done

### 6. Verify
- Bash `anchor build`
- Bash `anchor test` if tests exist
- TaskUpdate to mark complete

### Tools
- mcp__zkcompression__SearchLightProtocol("<query>") for API details
- mcp__deepwiki__ask_question("Lightprotocol/light-protocol", "<q>") for architecture
- Task subagent with Grep/Read/WebFetch for parallel lookups
- TaskList to check remaining work

Introduction

Light Token Program

PDA Accounts

For Other Use Cases

Learn

Resources

Approve and Revoke Delegates

Approve a delegate

Revoke a delegate

Prerequisites

Approve or revoke delegates

Build Account Infos and CPI the Light Token Program

Build Account Infos and CPI the Light Token Program

Full Code Example

Next Steps

Go back to the overview for the Light Token standard

Introduction

Light Token Program

PDA Accounts

For Other Use Cases

Learn

Resources

​Approve a delegate

​Revoke a delegate

​Prerequisites

​Approve or revoke delegates

​Build Account Infos and CPI the Light Token Program

​Build Account Infos and CPI the Light Token Program

​Full Code Example

​Next Steps

Go back to the overview for the Light Token standard

Approve a delegate

Revoke a delegate

Prerequisites

Approve or revoke delegates

Build Account Infos and CPI the Light Token Program

Build Account Infos and CPI the Light Token Program

Full Code Example

Next Steps