A Program-Derived Address is a Solana address that lies off the Ed25519 curve, meaning no private key exists for it. PDAs are computed by hashing a program ID together with a list of seeds and a single-byte bump until the result falls off the curve. Because only the owning program can authorise transactions for a PDA via invoke_signed, PDAs are the standard way for a program to hold state and custody assets without delegating to an external key.
SolMask uses five PDAs per asset pool: pool (the program-state account holding configuration), vault (the SPL token account holding the deposits), fee_vault (the protocol-fee accumulator), merkle_frontier (the append side of the Merkle tree plus the leaf counter), and root_history (the ring buffer of recent valid roots).
PDAs are deterministic: given the program ID and seeds, any client can compute the same address. This lets the relayer, the indexer, and your wallet all agree on which account holds the pool state without out-of-band configuration.