Use globalstate index instead of client-passed index multicast PDA

[martinsander00]

Resolves: #1996

Summary of Changes

• Fixed CreateMulticastGroup to derive the PDA using the incremented globalstate.account_index instead of the client-provided value.index
• Ensures the smart contract is the authoritative source of truth for account indices, preventing clients from passing arbitrary index values that could cause PDA-to-index mismatches
• CHANGELOG.md update: Added entry under changes

Testing Verification

• Existing test test_multicastgroup passes, validates that multicast groups are created with correct index values and all operations work properly
• Added test_multicastgroup_create_with_wrong_index_fails to verify that clients cannot pass incorrect index values

[Copilot]

Pull request overview

This PR fixes a security issue in the CreateMulticastGroup function by ensuring the smart contract is the authoritative source for account indices. Previously, clients could pass arbitrary index values, potentially causing PDA-to-index mismatches.

Key Changes:

• Modified PDA derivation to use the incremented globalstate.account_index instead of the client-provided value.index
• Moved global state parsing earlier in the function to enable this validation
• Added test coverage to verify clients cannot create multicast groups with incorrect index values

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File	Description
smartcontract/programs/doublezero-serviceability/src/processors/multicastgroup/create.rs	Updated PDA derivation logic to use contract-controlled index and reordered global state parsing
smartcontract/programs/doublezero-serviceability/tests/multicastgroup_test.rs	Added test verifying rejection of incorrect client-provided indices
CHANGELOG.md	Documented the security fix for multicast group creation

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[juan-malbeclabs]

LGTM