fixup! Implement LoanPay (untested)

- Also fix the case of the names of the new Lending helper functions.
- Also add an XRPL_ASSERT2, which splits the parts of the assert message
  so I don't have to remember the proper formatting.

.clang-format

@@ -44,6 +44,7 @@ DerivePointerAlignment: false
 DisableFormat:   false
 ExperimentalAutoDetectBinPacking: false
 ForEachMacros:   [ Q_FOREACH,  BOOST_FOREACH ]
+IncludeBlocks:   Regroup
 IncludeCategories:
   - Regex:           '^<(test)/'
     Priority:        0
@@ -53,8 +54,12 @@ IncludeCategories:
     Priority:        2
   - Regex:           '^<(boost)/'
     Priority:        3
-  - Regex:           '.*'
+  - Regex:           '^.*/'
     Priority:        4
+  - Regex:           '^.*\.h'
+    Priority:        5
+  - Regex:           '.*'
+    Priority:        6
 IncludeIsMainRegex: '$'
 IndentCaseLabels: true
 IndentFunctionDeclarationAfterType: false

.github/actions/build/action.yml

@@ -20,8 +20,6 @@ runs:
           ${{ inputs.generator && format('-G "{0}"', inputs.generator) || '' }} \
           -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
           -DCMAKE_BUILD_TYPE=${{ inputs.configuration }} \
-          -Dassert=TRUE \
-          -Dwerr=TRUE \
           -Dtests=TRUE \
           -Dxrpld=TRUE \
           ${{ inputs.cmake-args }} \

.github/actions/dependencies/action.yml

@@ -14,8 +14,9 @@ runs:
       run: |
         conan config set general.revisions_enabled=1
         conan export external/snappy snappy/1.1.10@
-        conan export external/rocksdb rocksdb/6.29.5@
+        conan export external/rocksdb rocksdb/9.7.3@
         conan export external/soci soci/4.0.3@
+        conan export external/nudb nudb/2.0.8@
     - name: add Ripple Conan remote
       shell: bash
       run: |
@@ -54,7 +55,3 @@ runs:
           --options xrpld=True \
           --settings build_type=${{ inputs.configuration }} \
           ..
-    - name: upload dependencies to remote
-      if: (steps.binaries.outputs.missing != '[]') && (steps.remote.outputs.outcome == 'success')
-      shell: bash
-      run: conan upload --remote ripple '*' --all --parallel --confirm

.github/workflows/clang-format.yml

@@ -1,9 +1,13 @@
 name: clang-format
 
-on: [push, pull_request]
+on:
+  push:
+  pull_request:
+    types: [opened, reopened, synchronize, ready_for_review]
 
 jobs:
   check:
+    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
     runs-on: ubuntu-24.04
     env:
       CLANG_VERSION: 18
@@ -20,7 +24,7 @@ jobs:
           sudo apt-get update
           sudo apt-get install clang-format-${CLANG_VERSION}
       - name: Format first-party sources
-        run: find include src -type f \( -name '*.cpp' -o -name '*.hpp' -o -name '*.h' -o -name '*.ipp' \) -exec clang-format-${CLANG_VERSION} -i {} +
+        run: find include src tests -type f \( -name '*.cpp' -o -name '*.hpp' -o -name '*.h' -o -name '*.ipp' \) -exec clang-format-${CLANG_VERSION} -i {} +
       - name: Check for differences
         id: assert
         run: |

.github/workflows/doxygen.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: write
-    container: rippleci/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
     steps:
       - name: checkout
         uses: actions/checkout@v4

.github/workflows/instrumentation.yml

@@ -1,103 +0,0 @@
-name: instrumentation
-on:
-  pull_request:
-  push:
-    # If the branches list is ever changed, be sure to change it on all
-    # build/test jobs (nix, macos, windows, instrumentation)
-    branches:
-      # Always build the package branches
-      - develop
-      - release
-      - master
-      # Branches that opt-in to running
-      - 'ci/**'
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-
-  # NOTE we are not using dependencies built inside nix because nix is lagging
-  # with compiler versions. Instrumentation requires clang version 16 or later
-
-  instrumentation-build:
-    env:
-      CLANG_RELEASE: 16
-    strategy:
-      fail-fast: false
-    runs-on: [self-hosted, heavy]
-    container: debian:bookworm
-    steps:
-        - name: install prerequisites
-          env:
-            DEBIAN_FRONTEND: noninteractive
-          run: |
-            apt-get update
-            apt-get install --yes --no-install-recommends \
-              clang-${CLANG_RELEASE} clang++-${CLANG_RELEASE} \
-              python3-pip python-is-python3 make cmake git wget
-            apt-get clean
-            update-alternatives --install \
-              /usr/bin/clang clang /usr/bin/clang-${CLANG_RELEASE} 100 \
-              --slave /usr/bin/clang++ clang++ /usr/bin/clang++-${CLANG_RELEASE}
-            update-alternatives --auto clang
-            pip install --no-cache --break-system-packages "conan<2"
-
-        - name: checkout
-          uses: actions/checkout@v4
-
-        - name: prepare environment
-          run: |
-            mkdir ${GITHUB_WORKSPACE}/.build
-            echo "SOURCE_DIR=$GITHUB_WORKSPACE" >> $GITHUB_ENV
-            echo "BUILD_DIR=$GITHUB_WORKSPACE/.build" >> $GITHUB_ENV
-            echo "CC=/usr/bin/clang" >> $GITHUB_ENV
-            echo "CXX=/usr/bin/clang++" >> $GITHUB_ENV
-
-        - name: configure Conan
-          run: |
-            conan profile new --detect default
-            conan profile update settings.compiler=clang default
-            conan profile update settings.compiler.version=${CLANG_RELEASE} default
-            conan profile update settings.compiler.libcxx=libstdc++11 default
-            conan profile update settings.compiler.cppstd=20 default
-            conan profile update options.rocksdb=False default
-            conan profile update \
-              'conf.tools.build:compiler_executables={"c": "/usr/bin/clang", "cpp": "/usr/bin/clang++"}' default
-            conan profile update 'env.CXXFLAGS="-DBOOST_ASIO_DISABLE_CONCEPTS"' default
-            conan profile update 'conf.tools.build:cxxflags+=["-DBOOST_ASIO_DISABLE_CONCEPTS"]' default
-            conan export external/snappy snappy/1.1.10@
-            conan export external/soci soci/4.0.3@
-
-        - name: build dependencies
-          run: |
-            cd ${BUILD_DIR}
-            conan install ${SOURCE_DIR} \
-              --output-folder ${BUILD_DIR} \
-              --install-folder ${BUILD_DIR} \
-              --build missing \
-              --settings build_type=Debug
-
-        - name: build with instrumentation
-          run: |
-            cd ${BUILD_DIR}
-            cmake -S ${SOURCE_DIR} -B ${BUILD_DIR} \
-              -Dvoidstar=ON \
-              -Dtests=ON \
-              -Dxrpld=ON \
-              -DCMAKE_BUILD_TYPE=Debug \
-              -DSECP256K1_BUILD_BENCHMARK=OFF \
-              -DSECP256K1_BUILD_TESTS=OFF \
-              -DSECP256K1_BUILD_EXHAUSTIVE_TESTS=OFF \
-              -DCMAKE_TOOLCHAIN_FILE=${BUILD_DIR}/build/generators/conan_toolchain.cmake
-            cmake --build .  --parallel $(nproc)
-
-        - name: verify instrumentation enabled
-          run: |
-            cd ${BUILD_DIR}
-            ./rippled --version | grep libvoidstar
-
-        - name: run unit tests
-          run: |
-            cd ${BUILD_DIR}
-            ./rippled -u --unittest-jobs $(( $(nproc)/4 ))

.github/workflows/levelization.yml

@@ -1,9 +1,13 @@
 name: levelization
 
-on: [push, pull_request]
+on:
+  push:
+  pull_request:
+    types: [opened, reopened, synchronize, ready_for_review]
 
 jobs:
   check:
+    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
     runs-on: ubuntu-latest
     env:
       CLANG_VERSION: 10

.github/workflows/libxrpl.yml

@@ -8,19 +8,21 @@ on:
     paths:
       - 'src/libxrpl/protocol/BuildInfo.cpp'
       - '.github/workflows/libxrpl.yml'
+    types: [opened, reopened, synchronize, ready_for_review]
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 jobs:
   publish:
+    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
     name: Publish libXRPL
     outputs:
       outcome: ${{ steps.upload.outputs.outcome }}
       version: ${{ steps.version.outputs.version }}
       channel: ${{ steps.channel.outputs.channel }}
     runs-on: [self-hosted, heavy]
-    container: rippleci/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
     steps:
       - name: Wait for essential checks to succeed
         uses: lewagon/wait-on-check-action@v1.3.4
@@ -85,4 +87,5 @@ jobs:
         run: |
           gh api --method POST -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" \
           /repos/xrplf/clio/dispatches -f "event_type=check_libxrpl" \
-          -F "client_payload[version]=${{ needs.publish.outputs.version }}@${{ needs.publish.outputs.channel }}"
+          -F "client_payload[version]=${{ needs.publish.outputs.version }}@${{ needs.publish.outputs.channel }}" \
+          -F "client_payload[pr]=${{ github.event.pull_request.number }}"

.github/workflows/macos.yml

@@ -1,6 +1,7 @@
 name: macos
 on:
   pull_request:
+    types: [opened, reopened, synchronize, ready_for_review]
   push:
     # If the branches list is ever changed, be sure to change it on all
     # build/test jobs (nix, macos, windows, instrumentation)
@@ -18,6 +19,7 @@ concurrency:
 jobs:
 
   test:
+    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
     strategy:
       matrix:
         platform:
@@ -73,7 +75,6 @@ jobs:
         run : |
           conan profile new default --detect || true
           conan profile update settings.compiler.cppstd=20 default
-          conan profile update 'conf.tools.build:cxxflags+=["-DBOOST_ASIO_DISABLE_CONCEPTS"]' default
       - name: build dependencies
         uses: ./.github/actions/dependencies
         env:
@@ -87,9 +88,10 @@ jobs:
         with:
           generator: ${{ matrix.generator }}
           configuration: ${{ matrix.configuration }}
-          cmake-args: ${{ matrix.cmake-args }}
-      - name: test
-        run: |
-          n=$(nproc)
-          echo "Using $n test jobs"
-          ${build_dir}/rippled --unittest --unittest-jobs $n
+          cmake-args: "-Dassert=TRUE -Dwerr=TRUE ${{ matrix.cmake-args }}"
+      # TODO: Temporary disabled tests
+      # - name: test
+      #   run: |
+      #     n=$(nproc)
+      #     echo "Using $n test jobs"
+      #     ${build_dir}/rippled --unittest --unittest-jobs $n

.github/workflows/missing-commits.yml

@@ -9,7 +9,7 @@ on:
       - release
 
 jobs:
-  check:
+  up_to_date:
     runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v4

.github/workflows/nix.yml

@@ -1,9 +1,10 @@
 name: nix
 on:
   pull_request:
+    types: [opened, reopened, synchronize, ready_for_review]
   push:
     # If the branches list is ever changed, be sure to change it on all
-    # build/test jobs (nix, macos, windows, instrumentation)
+    # build/test jobs (nix, macos, windows)
     branches:
       # Always build the package branches
       - develop
@@ -15,9 +16,9 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
-# This workflow has two job matrixes.
-# They can be considered phases because the second matrix ("test")
-# depends on the first ("dependencies").
+# This workflow has multiple job matrixes.
+# They can be considered phases because most of the matrices ("test",
+# "coverage", "conan", ) depend on the first ("dependencies").
 #
 # The first phase has a job in the matrix for each combination of
 # variables that affects dependency ABI:
@@ -30,12 +31,16 @@ concurrency:
 # to hold the binaries if they are built locally.
 # We must use the "{upload,download}-artifact" actions instead.
 #
-# The second phase has a job in the matrix for each test configuration.
-# It installs dependency binaries from the cache, whichever was used,
-# and builds and tests rippled.
+# The remaining phases have a job in the matrix for each test
+# configuration. They install dependency binaries from the cache,
+# whichever was used, and build and test rippled.
+#
+# "instrumentation" is independent, but is included here because it also
+# builds on linux in the same "on:" conditions.
 
 jobs:
   dependencies:
+    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
     strategy:
       fail-fast: false
       matrix:
@@ -59,7 +64,7 @@ jobs:
               cc: /usr/bin/clang-14
               cxx: /usr/bin/clang++-14
     runs-on: [self-hosted, heavy]
-    container: rippleci/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
     env:
       build_dir: .build
     steps:
@@ -121,7 +126,7 @@ jobs:
           - "-Dunity=ON"
     needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: rippleci/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
     env:
       build_dir: .build
     steps:
@@ -155,7 +160,61 @@ jobs:
         with:
           generator: Ninja
           configuration: ${{ matrix.configuration }}
-          cmake-args: ${{ matrix.cmake-args }}
+          cmake-args: "-Dassert=TRUE -Dwerr=TRUE ${{ matrix.cmake-args }}"
+      - name: test
+        run: |
+          ${build_dir}/rippled --unittest --unittest-jobs $(nproc)
+
+  reference-fee-test:
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - linux
+        compiler:
+          - gcc
+        configuration:
+          - Debug
+        cmake-args:
+          - "-DUNIT_TEST_REFERENCE_FEE=200"
+          - "-DUNIT_TEST_REFERENCE_FEE=1000"
+    needs: dependencies
+    runs-on: [self-hosted, heavy]
+    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
+    env:
+      build_dir: .build
+    steps:
+      - name: upgrade conan
+        run: |
+          pip install --upgrade "conan<2"
+      - name: download cache
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ matrix.platform }}-${{ matrix.compiler }}-${{ matrix.configuration }}
+      - name: extract cache
+        run: |
+          mkdir -p ~/.conan
+          tar -xzf conan.tar -C ~/.conan
+      - name: check environment
+        run: |
+          env | sort
+          echo ${PATH} | tr ':' '\n'
+          conan --version
+          cmake --version
+      - name: checkout
+        uses: actions/checkout@v4
+      - name: dependencies
+        uses: ./.github/actions/dependencies
+        env:
+          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
+        with:
+          configuration: ${{ matrix.configuration }}
+      - name: build
+        uses: ./.github/actions/build
+        with:
+          generator: Ninja
+          configuration: ${{ matrix.configuration }}
+          cmake-args: "-Dassert=TRUE -Dwerr=TRUE ${{ matrix.cmake-args }}"
       - name: test
         run: |
           ${build_dir}/rippled --unittest --unittest-jobs $(nproc)
@@ -172,7 +231,7 @@ jobs:
           - Debug
     needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: rippleci/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
     env:
       build_dir: .build
     steps:
@@ -211,6 +270,8 @@ jobs:
           generator: Ninja
           configuration: ${{ matrix.configuration }}
           cmake-args: >-
+            -Dassert=TRUE
+            -Dwerr=TRUE
             -Dcoverage=ON
             -Dcoverage_format=xml
             -DCODE_COVERAGE_VERBOSE=ON
@@ -244,7 +305,7 @@ jobs:
   conan:
     needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: rippleci/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
     env:
       build_dir: .build
       configuration: Release
@@ -283,7 +344,7 @@ jobs:
           echo "reference=${reference}" >> "${GITHUB_ENV}"
       - name: build
         run: |
-          cd examples/example
+          cd tests/conan
           mkdir ${build_dir}
           cd ${build_dir}
           conan install .. --output-folder . \
@@ -293,3 +354,90 @@ jobs:
             -DCMAKE_BUILD_TYPE=${configuration}
           cmake --build .
           ./example | grep '^[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+'
+
+  # NOTE we are not using dependencies built above because it lags with
+  # compiler versions. Instrumentation requires clang version 16 or
+  # later
+
+  instrumentation-build:
+    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
+    env:
+      CLANG_RELEASE: 16
+    strategy:
+      fail-fast: false
+    runs-on: [self-hosted, heavy]
+    container: debian:bookworm
+    steps:
+        - name: install prerequisites
+          env:
+            DEBIAN_FRONTEND: noninteractive
+          run: |
+            apt-get update
+            apt-get install --yes --no-install-recommends \
+              clang-${CLANG_RELEASE} clang++-${CLANG_RELEASE} \
+              python3-pip python-is-python3 make cmake git wget
+            apt-get clean
+            update-alternatives --install \
+              /usr/bin/clang clang /usr/bin/clang-${CLANG_RELEASE} 100 \
+              --slave /usr/bin/clang++ clang++ /usr/bin/clang++-${CLANG_RELEASE}
+            update-alternatives --auto clang
+            pip install --no-cache --break-system-packages "conan<2"
+
+        - name: checkout
+          uses: actions/checkout@v4
+
+        - name: prepare environment
+          run: |
+            mkdir ${GITHUB_WORKSPACE}/.build
+            echo "SOURCE_DIR=$GITHUB_WORKSPACE" >> $GITHUB_ENV
+            echo "BUILD_DIR=$GITHUB_WORKSPACE/.build" >> $GITHUB_ENV
+            echo "CC=/usr/bin/clang" >> $GITHUB_ENV
+            echo "CXX=/usr/bin/clang++" >> $GITHUB_ENV
+
+        - name: configure Conan
+          run: |
+            conan profile new --detect default
+            conan profile update settings.compiler=clang default
+            conan profile update settings.compiler.version=${CLANG_RELEASE} default
+            conan profile update settings.compiler.libcxx=libstdc++11 default
+            conan profile update settings.compiler.cppstd=20 default
+            conan profile update options.rocksdb=False default
+            conan profile update \
+              'conf.tools.build:compiler_executables={"c": "/usr/bin/clang", "cpp": "/usr/bin/clang++"}' default
+            conan profile update 'env.CXXFLAGS="-DBOOST_ASIO_DISABLE_CONCEPTS"' default
+            conan profile update 'conf.tools.build:cxxflags+=["-DBOOST_ASIO_DISABLE_CONCEPTS"]' default
+            conan export external/snappy snappy/1.1.10@
+            conan export external/soci soci/4.0.3@
+
+        - name: build dependencies
+          run: |
+            cd ${BUILD_DIR}
+            conan install ${SOURCE_DIR} \
+              --output-folder ${BUILD_DIR} \
+              --install-folder ${BUILD_DIR} \
+              --build missing \
+              --settings build_type=Debug
+
+        - name: build with instrumentation
+          run: |
+            cd ${BUILD_DIR}
+            cmake -S ${SOURCE_DIR} -B ${BUILD_DIR} \
+              -Dvoidstar=ON \
+              -Dtests=ON \
+              -Dxrpld=ON \
+              -DCMAKE_BUILD_TYPE=Debug \
+              -DSECP256K1_BUILD_BENCHMARK=OFF \
+              -DSECP256K1_BUILD_TESTS=OFF \
+              -DSECP256K1_BUILD_EXHAUSTIVE_TESTS=OFF \
+              -DCMAKE_TOOLCHAIN_FILE=${BUILD_DIR}/build/generators/conan_toolchain.cmake
+            cmake --build .  --parallel $(nproc)
+
+        - name: verify instrumentation enabled
+          run: |
+            cd ${BUILD_DIR}
+            ./rippled --version | grep libvoidstar
+
+        - name: run unit tests
+          run: |
+            cd ${BUILD_DIR}
+            ./rippled -u --unittest-jobs $(( $(nproc)/4 ))

.github/workflows/windows.yml

@@ -2,6 +2,7 @@ name: windows
 
 on:
   pull_request:
+    types: [opened, reopened, synchronize, ready_for_review]
   push:
     # If the branches list is ever changed, be sure to change it on all
     # build/test jobs (nix, macos, windows, instrumentation)
@@ -21,6 +22,7 @@ concurrency:
 jobs:
 
   test:
+    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
     strategy:
       fail-fast: false
       matrix:
@@ -87,7 +89,7 @@ jobs:
           generator: '${{ matrix.version.generator }}'
           configuration: ${{ matrix.configuration.type }}
           # Hard code for now. Move to the matrix if varied options are needed
-          cmake-args: '-Dassert=ON -Dreporting=OFF -Dunity=ON'
+          cmake-args: '-Dassert=TRUE -Dwerr=TRUE -Dreporting=OFF -Dunity=ON'
           cmake-target: install
       - name: test
         shell: bash

API-CHANGELOG.md

@@ -83,16 +83,25 @@ The [commandline](https://xrpl.org/docs/references/http-websocket-apis/api-conve
 
 The `network_id` field was added in the `server_info` response in version 1.5.0 (2019), but it is not returned in [reporting mode](https://xrpl.org/rippled-server-modes.html#reporting-mode). However, use of reporting mode is now discouraged, in favor of using [Clio](https://github.com/XRPLF/clio) instead.
 
+## XRP Ledger server version 2.5.0
+
+As of 2025-04-04, version 2.5.0 is in development. You can use a pre-release version by building from source or [using the `nightly` package](https://xrpl.org/docs/infrastructure/installation/install-rippled-on-ubuntu).
+
+### Additions and bugfixes in 2.5.0
+
+- `channel_authorize`: If `signing_support` is not enabled in the config, the RPC is disabled.
+
 ## XRP Ledger server version 2.4.0
 
-As of 2025-01-28, version 2.4.0 is in development. You can use a pre-release version by building from source or [using the `nightly` package](https://xrpl.org/docs/infrastructure/installation/install-rippled-on-ubuntu).
+[Version 2.4.0](https://github.com/XRPLF/rippled/releases/tag/2.4.0) was released on March 4, 2025.
 
 ### Additions and bugfixes in 2.4.0
 
 - `ledger_entry`: `state` is added an alias for `ripple_state`.
+- `ledger_entry`: Enables case-insensitive filtering by canonical name in addition to case-sensitive filtering by RPC name.
 - `validators`: Added new field `validator_list_threshold` in response.
 - `simulate`: A new RPC that executes a [dry run of a transaction submission](https://github.com/XRPLF/XRPL-Standards/tree/master/XLS-0069d-simulate#2-rpc-simulate)
-- Signing methods autofill fees better and properly handle transactions that don't have a base fee.
+- Signing methods autofill fees better and properly handle transactions that don't have a base fee, and will also autofill the `NetworkID` field.
 
 ## XRP Ledger server version 2.3.0
 

BUILD.md

@@ -178,9 +178,9 @@ It does not override paths to dependencies when building with Visual Studio.
 
    ```
    # Conan 1.x
-   conan export external/rocksdb rocksdb/6.29.5@
+   conan export external/rocksdb rocksdb/9.7.3@
    # Conan 2.x
-   conan export --version 6.29.5 external/rocksdb
+   conan export --version 9.7.3 external/rocksdb
    ```
 
 Export our [Conan recipe for SOCI](./external/soci).
@@ -222,13 +222,15 @@ It fixes some source files to add missing `#include`s.
    the `install-folder` or `-if` option to every `conan install` command
    in the next step.
 
-2. Generate CMake files for every configuration you want to build. 
+2. Use conan to generate CMake files for every configuration you want to build:
 
     ```
     conan install .. --output-folder . --build missing --settings build_type=Release
     conan install .. --output-folder . --build missing --settings build_type=Debug
     ```
 
+    To build Debug, in the next step, be sure to set `-DCMAKE_BUILD_TYPE=Debug`
+
     For a single-configuration generator, e.g. `Unix Makefiles` or `Ninja`,
     you only need to run this command once.
     For a multi-configuration generator, e.g. `Visual Studio`, you may want to
@@ -258,13 +260,16 @@ It fixes some source files to add missing `#include`s.
 
     Single-config generators:
 
+    Pass the CMake variable [`CMAKE_BUILD_TYPE`][build_type]
+    and make sure it matches the one of the `build_type` settings
+    you chose in the previous step.
+
+    For example, to build Debug, in the next command, replace "Release" with "Debug"
+
     ```
     cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake -DCMAKE_BUILD_TYPE=Release -Dxrpld=ON -Dtests=ON ..
     ```
 
-    Pass the CMake variable [`CMAKE_BUILD_TYPE`][build_type]
-    and make sure it matches the `build_type` setting you chose in the previous
-    step.
 
     Multi-config generators:
 
@@ -274,7 +279,7 @@ It fixes some source files to add missing `#include`s.
 
     **Note:** You can pass build options for `rippled` in this step.
 
-4. Build `rippled`.
+5. Build `rippled`.
 
    For a single-configuration generator, it will build whatever configuration
    you passed for `CMAKE_BUILD_TYPE`. For a multi-configuration generator,
@@ -293,7 +298,7 @@ It fixes some source files to add missing `#include`s.
    cmake --build . --config Debug
    ```
 
-5. Test rippled.
+6. Test rippled.
 
    Single-config generators:
 
@@ -403,6 +408,23 @@ After any updates or changes to dependencies, you may need to do the following:
 4. Re-run [conan install](#build-and-test).
 
 
+### 'protobuf/port_def.inc' file not found
+
+If `cmake --build .` results in an error due to a missing a protobuf file, then you might have generated CMake files for a different `build_type` than the `CMAKE_BUILD_TYPE` you passed to conan.
+
+```
+/rippled/.build/pb-xrpl.libpb/xrpl/proto/ripple.pb.h:10:10: fatal error: 'google/protobuf/port_def.inc' file not found
+   10 | #include <google/protobuf/port_def.inc>
+      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+1 error generated.
+```
+
+For example, if you want to build Debug:
+
+1. For conan install, pass `--settings build_type=Debug`
+2. For cmake, pass `-DCMAKE_BUILD_TYPE=Debug`
+
+
 ### no std::result_of
 
 If your compiler version is recent enough to have removed `std::result_of` as

Builds/levelization/results/loops.txt

@@ -14,10 +14,10 @@ Loop: xrpld.app xrpld.net
   xrpld.app > xrpld.net
 
 Loop: xrpld.app xrpld.overlay
-  xrpld.overlay == xrpld.app
+  xrpld.overlay > xrpld.app
 
 Loop: xrpld.app xrpld.peerfinder
-  xrpld.app > xrpld.peerfinder
+  xrpld.peerfinder ~= xrpld.app
 
 Loop: xrpld.app xrpld.rpc
   xrpld.rpc > xrpld.app

Builds/levelization/results/ordering.txt

@@ -6,6 +6,7 @@ libxrpl.protocol > xrpl.basics
 libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
 libxrpl.resource > xrpl.basics
+libxrpl.resource > xrpl.json
 libxrpl.resource > xrpl.resource
 libxrpl.server > xrpl.basics
 libxrpl.server > xrpl.json
@@ -19,6 +20,7 @@ test.app > xrpl.basics
 test.app > xrpld.app
 test.app > xrpld.core
 test.app > xrpld.ledger
+test.app > xrpld.nodestore
 test.app > xrpld.overlay
 test.app > xrpld.rpc
 test.app > xrpl.json
@@ -41,6 +43,7 @@ test.consensus > xrpl.basics
 test.consensus > xrpld.app
 test.consensus > xrpld.consensus
 test.consensus > xrpld.ledger
+test.consensus > xrpl.json
 test.core > test.jtx
 test.core > test.toplevel
 test.core > test.unit_test
@@ -57,7 +60,6 @@ test.json > test.jtx
 test.json > xrpl.json
 test.jtx > xrpl.basics
 test.jtx > xrpld.app
-test.jtx > xrpld.consensus
 test.jtx > xrpld.core
 test.jtx > xrpld.ledger
 test.jtx > xrpld.net
@@ -157,7 +159,6 @@ xrpld.core > xrpl.basics
 xrpld.core > xrpl.json
 xrpld.core > xrpl.protocol
 xrpld.ledger > xrpl.basics
-xrpld.ledger > xrpld.core
 xrpld.ledger > xrpl.json
 xrpld.ledger > xrpl.protocol
 xrpld.net > xrpl.basics
@@ -182,7 +183,6 @@ xrpld.peerfinder > xrpld.core
 xrpld.peerfinder > xrpl.protocol
 xrpld.perflog > xrpl.basics
 xrpld.perflog > xrpl.json
-xrpld.perflog > xrpl.protocol
 xrpld.rpc > xrpl.basics
 xrpld.rpc > xrpld.core
 xrpld.rpc > xrpld.ledger

CMakeLists.txt

@@ -16,16 +16,36 @@ set(CMAKE_CXX_EXTENSIONS OFF)
 set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
+if(CMAKE_CXX_COMPILER_ID MATCHES "GNU")
+    # GCC-specific fixes
+    add_compile_options(-Wno-unknown-pragmas -Wno-subobject-linkage)
+    # -Wno-subobject-linkage can be removed when we upgrade GCC version to at least 13.3
+elseif(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
+    # Clang-specific fixes
+    add_compile_options(-Wno-unknown-warning-option) # Ignore unknown warning options
+elseif(MSVC)
+    # MSVC-specific fixes
+    add_compile_options(/wd4068) # Ignore unknown pragmas
+endif()
+
 # make GIT_COMMIT_HASH define available to all sources
 find_package(Git)
 if(Git_FOUND)
-    execute_process(COMMAND ${GIT_EXECUTABLE} --git-dir=${CMAKE_CURRENT_SOURCE_DIR}/.git describe --always --abbrev=40
+    execute_process(COMMAND ${GIT_EXECUTABLE} --git-dir=${CMAKE_CURRENT_SOURCE_DIR}/.git rev-parse HEAD
         OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE gch)
     if(gch)
         set(GIT_COMMIT_HASH "${gch}")
         message(STATUS gch: ${GIT_COMMIT_HASH})
         add_definitions(-DGIT_COMMIT_HASH="${GIT_COMMIT_HASH}")
     endif()
+
+    execute_process(COMMAND ${GIT_EXECUTABLE} --git-dir=${CMAKE_CURRENT_SOURCE_DIR}/.git rev-parse --abbrev-ref HEAD
+        OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE gb)
+    if(gb)
+        set(GIT_BRANCH "${gb}")
+        message(STATUS gb: ${GIT_BRANCH})
+        add_definitions(-DGIT_BRANCH="${GIT_BRANCH}")
+    endif()
 endif() #git
 
 if(thread_safety_analysis)

CONTRIBUTING.md

@@ -107,6 +107,19 @@ Refer to
 ["How to Write a Git Commit Message"](https://cbea.ms/git-commit/)
 for general rules on writing a good commit message.
 
+tl;dr
+> 1. Separate subject from body with a blank line.
+> 2. Limit the subject line to 50 characters.
+>    * [...]shoot for 50 characters, but consider 72 the hard limit.
+> 3. Capitalize the subject line.
+> 4. Do not end the subject line with a period.
+> 5. Use the imperative mood in the subject line.
+>    * A properly formed Git commit subject line should always be able
+>      to complete the following sentence: "If applied, this commit will
+>      _your subject line here_".
+> 6. Wrap the body at 72 characters.
+> 7. Use the body to explain what and why vs. how.
+
 In addition to those guidelines, please add one of the following
 prefixes to the subject line if appropriate.
 * `fix:` - The primary purpose is to fix an existing bug.

RELEASENOTES.md

@@ -5,6 +5,108 @@
 This document contains the release notes for `rippled`, the reference server implementation of the XRP Ledger protocol. To learn more about how to build, run or update a `rippled` server, visit https://xrpl.org/install-rippled.html
 
 Have new ideas? Need help with setting up your node? [Please open an issue here](https://github.com/xrplf/rippled/issues/new/choose).
+## Full Changelog
+
+### Amendments
+
+The following amendments are open for voting with this release:
+
+- **DynamicNFT (XLS-46)** - Adds the ability to mint mutable `NFToken` objects whose URI can be changed. ([#5048](https://github.com/XRPLF/rippled/pull/5048))
+- **PermissionedDomains (XLS-80)** - Adds Permissioned Domains, which act as part of broader systems on the XRP Ledger to restrict access to satisfy compliance rules. ([#5161](https://github.com/XRPLF/rippled/pull/5161))
+- **DeepFreeze (XLS-77)** - Adds the ability to deep freeze trust lines, enabling token issuers to block the transfer of assets for holders who have been deep frozen. ([#5187](https://github.com/XRPLF/rippled/pull/5187))
+- **fixFrozenLPTokenTransfer** - Prohibits the transfer of LP tokens when the associated liquidity pool contains at least one frozen asset. ([#5227](https://github.com/XRPLF/rippled/pull/5227))
+- **fixInvalidTxFlags** - Adds transaction flag checking for `CredentialCreate`, `CredentialAccept`, and `CredentialDelete` transactions. ([#5250](https://github.com/XRPLF/rippled/pull/5250))
+
+
+### New Features
+
+- Added a new `simulate` API method to execute dry runs of transactions and see the simulated metadata. ([#5069](https://github.com/XRPLF/rippled/pull/5069), [#5265](https://github.com/XRPLF/rippled/pull/5265))
+- Added the ability to specify MPTs when defining assets in transactions. ([#5200](https://github.com/XRPLF/rippled/pull/5200))
+- Added a `state` alias for `ripple_state` in the `ledger_entry` API method. Also refactored `LedgerEntry.cpp` to make it easier to read.  ([#5199](https://github.com/XRPLF/rippled/pull/5199))
+- Improved UNL security by enabling validators to set a minimum number of UNL publishers to agree on validators. ([#5112](https://github.com/XRPLF/rippled/pull/5112))
+- Updated the XRPL Foundation UNL keys. ([#5289](https://github.com/XRPLF/rippled/pull/5289))
+- Added a new XRPL Foundation subdomain to enable a staged migration without modifying the key for the current UNL list. ([#5326](https://github.com/XRPLF/rippled/pull/5326))
+- Added support to filter ledger entry types by their canonical names in the `ledger`, `ledger_data`, and `account_objects` API methods. ([#5271](https://github.com/XRPLF/rippled/pull/5271))
+- Added detailed logging for each validation and proposal received from the network. ([#5291](https://github.com/XRPLF/rippled/pull/5291))
+- Improved git commit hash lookups when checking the version of a `rippled` debug build. Also added git commit hash info when using the `server_info` API method on an admin connection. ([#5225](https://github.com/XRPLF/rippled/pull/5225))
+
+
+### Bug fixes
+
+- Fixed an issue with overlapping data types in the `Expected` class. ([#5218](https://github.com/XRPLF/rippled/pull/5218))
+- Fixed an issue that prevented `rippled` from building on Windows with VS2022. ([#5197](https://github.com/XRPLF/rippled/pull/5197))
+- Fixed `server_definitions` prefixes. ([#5231](https://github.com/XRPLF/rippled/pull/5231))
+- Added missing dependency installations for generic MasOS runners. ([#5233](https://github.com/XRPLF/rippled/pull/5233))
+- Updated deprecated Github actions. ([#5241](https://github.com/XRPLF/rippled/pull/5241))
+- Fixed a failing assert scenario when submitting the `connect` admin RPC. ([#5235](https://github.com/XRPLF/rippled/pull/5235))
+- Fixed the levelization script to ignore single-line comments during dependency analysis. ([#5194](https://github.com/XRPLF/rippled/pull/5194))
+- Fixed the assert name used in `PermissionedDomainDelete`. ([#5245](https://github.com/XRPLF/rippled/pull/5245))
+- Fixed macOS unit tests. ([#5196](https://github.com/XRPLF/rippled/pull/5196))
+- Fixed an issue with validators not accurately reflecting amendment votes. Also added debug logging of amendment votes. ([#5173](https://github.com/XRPLF/rippled/pull/5173), [#5312](https://github.com/XRPLF/rippled/pull/5312))
+- Fixed a potential issue with double-charging fees. ([#5269](https://github.com/XRPLF/rippled/pull/5269))
+- Removed the `new parent hash` assert and replaced it with a log message. ([#5313](https://github.com/XRPLF/rippled/pull/5313))
+- Fixed an issue that prevented previously-failed inbound ledgers to not be acquired if a new trusted proposal arrived. ([#5318](https://github.com/XRPLF/rippled/pull/5318))
+
+
+### Other Improvements
+
+- Added unit tests for `AccountID` handling. ([#5174](https://github.com/XRPLF/rippled/pull/5174))
+- Added enforced levelization in `libxrpl` with CMake. ([#5199](https://github.com/XRPLF/rippled/pull/5111))
+- Updated `libxrpl` and all submodules to use the same compiler options. ([#5228](https://github.com/XRPLF/rippled/pull/5228))
+- Added Antithesis instrumentation. ([#5042](https://github.com/XRPLF/rippled/pull/5042), [#5213](https://github.com/XRPLF/rippled/pull/5213))
+- Added `rpcName` to the `LEDGER_ENTRY` macro to help prevent future bugs. ([#5202](https://github.com/XRPLF/rippled/pull/5202))
+- Updated the contribution guidelines to introduce a new workflow that avoids code freezes. Also added scripts that can be used by maintainers in branch management, and a CI job to check that code is consistent across the three main branches: `master`, `release`, and `develop`. ([#5215](https://github.com/XRPLF/rippled/pull/5215))
+- Added unit tests to check for caching issues fixed in `rippled 2.3.0`. ([#5242](https://github.com/XRPLF/rippled/pull/5242))
+- Cleaned up the API changelog. ([#5207](https://github.com/XRPLF/rippled/pull/5207))
+- Improved logs readability. ([#5251](https://github.com/XRPLF/rippled/pull/5251))
+- Updated Visual Studio CI to VS 2022, and added VS Debug builds. ([#5240](https://github.com/XRPLF/rippled/pull/5240))
+- Updated the `secp256k1` library to version 0.6.0. ([#5254](https://github.com/XRPLF/rippled/pull/5254))
+- Changed the `[port_peer]` parameter in `rippled` example config back to `51235`; also added the recommendation to use the default port of `2459` for new deployments. ([#5290](https://github.com/XRPLF/rippled/pull/5290), [#5299](https://github.com/XRPLF/rippled/pull/5299))
+- Improved CI management. ([#5268](https://github.com/XRPLF/rippled/pull/5268))
+- Updated the git commit message rules for contributors. ([#5283](https://github.com/XRPLF/rippled/pull/5283))
+- Fixed unnecessary `setCurrentThreadName` calls. ([#5280](https://github.com/XRPLF/rippled/pull/5280))
+- Added a check to prevent permissioned domains from being created in the event the Permissioned Domains amendement is enabled before the Credentials amendement. ([#5275](https://github.com/XRPLF/rippled/pull/5275))
+- Updated Conan dependencies. ([#5256](https://github.com/XRPLF/rippled/pull/5256))
+- Fixed minor typos in code comments. ([#5279](https://github.com/XRPLF/rippled/pull/5279))
+- Fixed incorrect build instructions. ([#5274](https://github.com/XRPLF/rippled/pull/5274))
+- Refactored `rotateWithLock()` to not hold a lock during callbacks. ([#5276](https://github.com/XRPLF/rippled/pull/5276))
+- Cleaned up debug logging by combining multiple data points into a single message. ([#5302](https://github.com/XRPLF/rippled/pull/5302))
+- Updated build flags to fix performance regressions. ([#5325](https://github.com/XRPLF/rippled/pull/5325))
+
+
+## Credits
+
+The following people contributed directly to this release:
+
+- Aanchal Malhotra <amalhotra@ripple.com>
+- Bart Thomee <11445373+bthomee@users.noreply.github.com>
+- Bronek Kozicki <brok@incorrekt.com>
+- code0xff <ian.jungyong.um@gmail.com>
+- Darius Tumas <tokeiito@tokeiito.eu>
+- David Fuelling <fuelling@ripple.com>
+- Donovan Hide <donovanhide@gmail.com>
+- Ed Hennis <ed@ripple.com>
+- Elliot Lee <github.public@intelliot.com>
+- Javier Romero <jromero@ripple.com>
+- Kenny Lei <klei@ripple.com>
+- Mark Travis <7728157+mtrippled@users.noreply.github.com>
+- Mayukha Vadari <mvadari@gmail.com>
+- Michael Legleux <mlegleux@ripple.com>
+- Oleksandr <115580134+oleks-rip@users.noreply.github.com>
+- Qi Zhao <qzhao@ripple.com>
+- Ramkumar Srirengaram Gunasegharan <rgunasegharan@ripple.com>
+- Shae Wang <swang@ripple.com>
+- Shawn Xie <shawnxie920@gmail.com>
+- Sophia Xie <sxie@ripple.com>
+- Vijay Khanna Raviraj <vraviraj@ripple.com>
+- Vladislav Vysokikh <vvysokikh@gmail.com>
+- Xun Zhao <xzhao@ripple.com>
+
+## Bug Bounties and Responsible Disclosures
+
+We welcome reviews of the `rippled` code and urge researchers to responsibly disclose any issues they may find.
+
+To report a bug, please send a detailed report to: <bugs@xrpl.org>
 
 # Version 2.3.1
 

cfg/rippled-example.cfg

@@ -410,14 +410,17 @@
 #   starter list is included in the code and used if no other hostnames are
 #   available.
 #
-#   One address or domain name per line is allowed. A port may must be
-#   specified after adding a space to the address.  The ordering of entries
-#   does not generally matter.
+#   One address or domain name per line is allowed. A port may be specified
+#   after adding a space to the address. If a port is not specified, the default
+#   port of 2459 will be used. Many servers still use the legacy port of 51235.
+#   To connect to such servers, you must specify the port number. The ordering
+#   of entries does not generally matter.
 #
 #   The default list of entries is:
 #     - r.ripple.com 51235
 #     - sahyadri.isrdc.in 51235
 #     - hubs.xrpkuwait.com 51235
+#     - hub.xrpl-commons.org 51235
 #
 #   Examples:
 #
@@ -1423,6 +1426,9 @@ admin = 127.0.0.1
 protocol = http
 
 [port_peer]
+# Many servers still use the legacy port of 51235, so for backward-compatibility
+# we maintain that port number here. However, for new servers we recommend
+# changing this to the default port of 2459.
 port = 51235
 ip = 0.0.0.0
 # alternatively, to accept connections on IPv4 + IPv6, use:

cfg/validators-example.txt

@@ -54,13 +54,13 @@
 
 [validator_list_sites]
 https://vl.ripple.com
-https://vl.xrplf.org
+https://unl.xrplf.org
 
 [validator_list_keys]
 #vl.ripple.com
 ED2677ABFFD1B33AC6FBC3062B71F1E8397C1505E1C42C64D11AD1B28FF73F4734
-# vl.xrplf.org
-ED45D1840EE724BE327ABE9146503D5848EFD5F38B6D5FEDE71E80ACCE5E6E738B
+#unl.xrplf.org
+ED42AEC58B701EEBB77356FFFEC26F83C1F0407263530F068C7C73D392C7E06FD1
 
 # To use the test network (see https://xrpl.org/connect-your-rippled-to-the-xrp-test-net.html),
 # use the following configuration instead:

cmake/RippledCore.cmake

@@ -136,6 +136,9 @@ if(xrpld)
   add_executable(rippled)
   if(tests)
     target_compile_definitions(rippled PUBLIC ENABLE_TESTS)
+    target_compile_definitions(rippled PRIVATE
+                                       UNIT_TEST_REFERENCE_FEE=${UNIT_TEST_REFERENCE_FEE}
+    )
   endif()
   target_include_directories(rippled
     PRIVATE

cmake/RippledSettings.cmake

@@ -11,6 +11,12 @@ option(assert "Enables asserts, even in release builds" OFF)
 option(xrpld "Build xrpld" ON)
 
 option(tests "Build tests" ON)
+if(tests)
+  # This setting allows making a separate workflow to test fees other than default 10
+  if(NOT UNIT_TEST_REFERENCE_FEE)
+    set(UNIT_TEST_REFERENCE_FEE "10" CACHE STRING "")
+  endif()
+endif()
 
 option(unity "Creates a build using UNITY support in cmake. This is the default" ON)
 if(unity)

conanfile.py

@@ -24,14 +24,14 @@ class Xrpl(ConanFile):
     }
 
     requires = [
-        'date/3.0.1',
+        'date/3.0.3',
         'grpc/1.50.1',
-        'libarchive/3.6.2',
+        'libarchive/3.7.6',
         'nudb/2.0.8',
-        'openssl/1.1.1u',
+        'openssl/1.1.1v',
         'soci/4.0.3',
         'xxhash/0.8.2',
-        'zlib/1.2.13',
+        'zlib/1.3.1',
     ]
 
     tool_requires = [
@@ -99,14 +99,14 @@ class Xrpl(ConanFile):
             self.options['boost'].visibility = 'global'
 
     def requirements(self):
-        self.requires('boost/1.82.0', force=True)
-        self.requires('lz4/1.9.3', force=True)
+        self.requires('boost/1.83.0', force=True)
+        self.requires('lz4/1.10.0', force=True)
         self.requires('protobuf/3.21.9', force=True)
-        self.requires('sqlite3/3.42.0', force=True)
+        self.requires('sqlite3/3.47.0', force=True)
         if self.options.jemalloc:
             self.requires('jemalloc/5.3.0')
         if self.options.rocksdb:
-            self.requires('rocksdb/6.29.5')
+            self.requires('rocksdb/9.7.3')
 
     exports_sources = (
         'CMakeLists.txt',

docs/consensus.md

@@ -558,7 +558,7 @@ struct ConsensusResult
     ConsensusTimer roundTime;
 
     // Indicates state in which consensus ended.  Once in the accept phase
-    // will be either Yes or MovedOn
+    // will be either Yes or MovedOn or Expired
     ConsensusState state = ConsensusState::No;
 };
 

external/rocksdb/conandata.yml

@@ -1,27 +1,12 @@
 sources:
-  "6.29.5":
-    url: "https://github.com/facebook/rocksdb/archive/refs/tags/v6.29.5.tar.gz"
-    sha256: "ddbf84791f0980c0bbce3902feb93a2c7006f6f53bfd798926143e31d4d756f0"
-  "6.27.3":
-    url: "https://github.com/facebook/rocksdb/archive/refs/tags/v6.27.3.tar.gz"
-    sha256: "ee29901749b9132692b26f0a6c1d693f47d1a9ed8e3771e60556afe80282bf58"
-  "6.20.3":
-    url: "https://github.com/facebook/rocksdb/archive/refs/tags/v6.20.3.tar.gz"
-    sha256: "c6502c7aae641b7e20fafa6c2b92273d935d2b7b2707135ebd9a67b092169dca"
-  "8.8.1":
-    url: "https://github.com/facebook/rocksdb/archive/refs/tags/v8.8.1.tar.gz"
-    sha256: "056c7e21ad8ae36b026ac3b94b9d6e0fcc60e1d937fc80330921e4181be5c36e"
+  "9.7.3":
+    url: "https://github.com/facebook/rocksdb/archive/refs/tags/v9.7.3.tar.gz"
+    sha256: "acfabb989cbfb5b5c4d23214819b059638193ec33dad2d88373c46448d16d38b"
 patches:
-  "6.29.5":
-    - patch_file: "patches/6.29.5-0001-add-include-cstdint-for-gcc-13.patch"
-      patch_description: "Fix build with gcc 13 by including cstdint"
-      patch_type: "portability"
-      patch_source: "https://github.com/facebook/rocksdb/pull/11118"
-    - patch_file: "patches/6.29.5-0002-exclude-thirdparty.patch"
+  "9.7.3":
+    - patch_file: "patches/9.x.x-0001-exclude-thirdparty.patch"
       patch_description: "Do not include thirdparty.inc"
       patch_type: "portability"
-  "6.27.3":
-    - patch_file: "patches/6.27.3-0001-add-include-cstdint-for-gcc-13.patch"
-      patch_description: "Fix build with gcc 13 by including cstdint"
+    - patch_file: "patches/9.7.3-0001-memory-leak.patch"
+      patch_description: "Fix a leak of obsolete blob files left open until DB::Close()"
       patch_type: "portability"
-      patch_source: "https://github.com/facebook/rocksdb/pull/11118"

external/rocksdb/conanfile.py

@@ -15,10 +15,10 @@ required_conan_version = ">=1.53.0"
 
 class RocksDBConan(ConanFile):
     name = "rocksdb"
-    homepage = "https://github.com/facebook/rocksdb"
+    description = "A library that provides an embeddable, persistent key-value store for fast storage"
     license = ("GPL-2.0-only", "Apache-2.0")
     url = "https://github.com/conan-io/conan-center-index"
-    description = "A library that provides an embeddable, persistent key-value store for fast storage"
+    homepage = "https://github.com/facebook/rocksdb"
     topics = ("database", "leveldb", "facebook", "key-value")
     package_type = "library"
     settings = "os", "arch", "compiler", "build_type"
@@ -58,12 +58,12 @@ class RocksDBConan(ConanFile):
     @property
     def _compilers_minimum_version(self):
         return {} if self._min_cppstd == "11" else {
-                "apple-clang": "10",
-                "clang": "7",
-                "gcc": "7",
-                "msvc": "191",
-                "Visual Studio": "15",
-            }
+            "apple-clang": "10",
+            "clang": "7",
+            "gcc": "7",
+            "msvc": "191",
+            "Visual Studio": "15",
+        }
 
     def export_sources(self):
         export_conandata_patches(self)
@@ -89,13 +89,13 @@ class RocksDBConan(ConanFile):
         if self.options.with_snappy:
             self.requires("snappy/1.1.10")
         if self.options.with_lz4:
-            self.requires("lz4/1.9.4")
+            self.requires("lz4/1.10.0")
         if self.options.with_zlib:
             self.requires("zlib/[>=1.2.11 <2]")
         if self.options.with_zstd:
-            self.requires("zstd/1.5.5")
+            self.requires("zstd/1.5.6")
         if self.options.get_safe("with_tbb"):
-            self.requires("onetbb/2021.10.0")
+            self.requires("onetbb/2021.12.0")
         if self.options.with_jemalloc:
             self.requires("jemalloc/5.3.0")
 
@@ -115,9 +115,9 @@ class RocksDBConan(ConanFile):
         check_min_vs(self, "191")
 
         if self.version == "6.20.3" and \
-           self.settings.os == "Linux" and \
-           self.settings.compiler == "gcc" and \
-           Version(self.settings.compiler.version) < "5":
+                self.settings.os == "Linux" and \
+                self.settings.compiler == "gcc" and \
+                Version(self.settings.compiler.version) < "5":
             raise ConanInvalidConfiguration("Rocksdb 6.20.3 is not compilable with gcc <5.") # See https://github.com/facebook/rocksdb/issues/3522
 
     def source(self):
@@ -163,6 +163,8 @@ class RocksDBConan(ConanFile):
         if self.options.with_jemalloc:
             deps.set_property("jemalloc", "cmake_file_name", "JeMalloc")
             deps.set_property("jemalloc", "cmake_target_name", "JeMalloc::JeMalloc")
+        if self.options.with_zstd:
+            deps.set_property("zstd", "cmake_target_name", "zstd::zstd")
         deps.generate()
 
     def build(self):

external/rocksdb/patches/6.29.5-0001-add-include-cstdint-for-gcc-13.patch

@@ -1,30 +0,0 @@
---- a/include/rocksdb/utilities/checkpoint.h
-+++ b/include/rocksdb/utilities/checkpoint.h
-@@ -8,6 +8,7 @@
- #pragma once
- #ifndef ROCKSDB_LITE
- 
-+#include <cstdint>
- #include <string>
- #include <vector>
- #include "rocksdb/status.h"
---- a/table/block_based/data_block_hash_index.h
-+++ b/table/block_based/data_block_hash_index.h
-@@ -5,6 +5,7 @@
- 
- #pragma once
- 
-+#include <cstdint>
- #include <string>
- #include <vector>
- 
---- a/util/string_util.h
-+++ b/util/string_util.h
-@@ -6,6 +6,7 @@
- 
- #pragma once
- 
-+#include <cstdint>
- #include <sstream>
- #include <string>
- #include <unordered_map>

external/rocksdb/patches/6.29.5-0002-exclude-thirdparty.patch

@@ -1,16 +0,0 @@
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index ec59d4491..35577c998 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -101 +100,0 @@ if(MSVC)
--  option(WITH_GFLAGS "build with GFlags" OFF)
-@@ -103,2 +102,2 @@ if(MSVC)
--  include(${CMAKE_CURRENT_SOURCE_DIR}/thirdparty.inc)
--else()
-+endif()
-+
-@@ -117 +116 @@ else()
--  if(MINGW)
-+  if(MINGW OR MSVC)
-@@ -183 +181,0 @@ else()
--endif()

external/rocksdb/patches/9.7.3-0001-memory-leak.patch

@@ -0,0 +1,319 @@
+diff --git a/HISTORY.md b/HISTORY.md
+index 36d472229..05ad1a202 100644
+--- a/HISTORY.md
++++ b/HISTORY.md
+@@ -1,6 +1,10 @@
+ # Rocksdb Change Log
+ > NOTE: Entries for next release do not go here. Follow instructions in `unreleased_history/README.txt`
+ 
++## 9.7.4 (10/31/2024)
++### Bug Fixes
++* Fix a leak of obsolete blob files left open until DB::Close(). This bug was introduced in version 9.4.0.
++
+ ## 9.7.3 (10/16/2024)
+ ### Behavior Changes
+ * OPTIONS file to be loaded by remote worker is now preserved so that it does not get purged by the primary host. A similar technique as how we are preserving new SST files from getting purged is used for this. min_options_file_numbers_ is tracked like pending_outputs_ is tracked.
+diff --git a/db/blob/blob_file_cache.cc b/db/blob/blob_file_cache.cc
+index 5f340aadf..1b9faa238 100644
+--- a/db/blob/blob_file_cache.cc
++++ b/db/blob/blob_file_cache.cc
+@@ -42,6 +42,7 @@ Status BlobFileCache::GetBlobFileReader(
+   assert(blob_file_reader);
+   assert(blob_file_reader->IsEmpty());
+ 
++  // NOTE: sharing same Cache with table_cache
+   const Slice key = GetSliceForKey(&blob_file_number);
+ 
+   assert(cache_);
+@@ -98,4 +99,13 @@ Status BlobFileCache::GetBlobFileReader(
+   return Status::OK();
+ }
+ 
++void BlobFileCache::Evict(uint64_t blob_file_number) {
++  // NOTE: sharing same Cache with table_cache
++  const Slice key = GetSliceForKey(&blob_file_number);
++
++  assert(cache_);
++
++  cache_.get()->Erase(key);
++}
++
+ }  // namespace ROCKSDB_NAMESPACE
+diff --git a/db/blob/blob_file_cache.h b/db/blob/blob_file_cache.h
+index 740e67ada..6858d012b 100644
+--- a/db/blob/blob_file_cache.h
++++ b/db/blob/blob_file_cache.h
+@@ -36,6 +36,15 @@ class BlobFileCache {
+                            uint64_t blob_file_number,
+                            CacheHandleGuard<BlobFileReader>* blob_file_reader);
+ 
++  // Called when a blob file is obsolete to ensure it is removed from the cache
++  // to avoid effectively leaking the open file and assicated memory
++  void Evict(uint64_t blob_file_number);
++
++  // Used to identify cache entries for blob files (not normally useful)
++  static const Cache::CacheItemHelper* GetHelper() {
++    return CacheInterface::GetBasicHelper();
++  }
++
+  private:
+   using CacheInterface =
+       BasicTypedCacheInterface<BlobFileReader, CacheEntryRole::kMisc>;
+diff --git a/db/column_family.h b/db/column_family.h
+index e4b7adde8..86637736a 100644
+--- a/db/column_family.h
++++ b/db/column_family.h
+@@ -401,6 +401,7 @@ class ColumnFamilyData {
+                          SequenceNumber earliest_seq);
+ 
+   TableCache* table_cache() const { return table_cache_.get(); }
++  BlobFileCache* blob_file_cache() const { return blob_file_cache_.get(); }
+   BlobSource* blob_source() const { return blob_source_.get(); }
+ 
+   // See documentation in compaction_picker.h
+diff --git a/db/db_impl/db_impl.cc b/db/db_impl/db_impl.cc
+index 261593423..06573ac2e 100644
+--- a/db/db_impl/db_impl.cc
++++ b/db/db_impl/db_impl.cc
+@@ -659,8 +659,9 @@ Status DBImpl::CloseHelper() {
+   // We need to release them before the block cache is destroyed. The block
+   // cache may be destroyed inside versions_.reset(), when column family data
+   // list is destroyed, so leaving handles in table cache after
+-  // versions_.reset() may cause issues.
+-  // Here we clean all unreferenced handles in table cache.
++  // versions_.reset() may cause issues. Here we clean all unreferenced handles
++  // in table cache, and (for certain builds/conditions) assert that no obsolete
++  // files are hanging around unreferenced (leak) in the table/blob file cache.
+   // Now we assume all user queries have finished, so only version set itself
+   // can possibly hold the blocks from block cache. After releasing unreferenced
+   // handles here, only handles held by version set left and inside
+@@ -668,6 +669,9 @@ Status DBImpl::CloseHelper() {
+   // time a handle is released, we erase it from the cache too. By doing that,
+   // we can guarantee that after versions_.reset(), table cache is empty
+   // so the cache can be safely destroyed.
++#ifndef NDEBUG
++  TEST_VerifyNoObsoleteFilesCached(/*db_mutex_already_held=*/true);
++#endif  // !NDEBUG
+   table_cache_->EraseUnRefEntries();
+ 
+   for (auto& txn_entry : recovered_transactions_) {
+@@ -3227,6 +3231,8 @@ Status DBImpl::MultiGetImpl(
+       s = Status::Aborted();
+       break;
+     }
++    // This could be a long-running operation
++    ROCKSDB_THREAD_YIELD_HOOK();
+   }
+ 
+   // Post processing (decrement reference counts and record statistics)
+diff --git a/db/db_impl/db_impl.h b/db/db_impl/db_impl.h
+index 5e4fa310b..ccc0abfa7 100644
+--- a/db/db_impl/db_impl.h
++++ b/db/db_impl/db_impl.h
+@@ -1241,9 +1241,14 @@ class DBImpl : public DB {
+   static Status TEST_ValidateOptions(const DBOptions& db_options) {
+     return ValidateOptions(db_options);
+   }
+-
+ #endif  // NDEBUG
+ 
++  // In certain configurations, verify that the table/blob file cache only
++  // contains entries for live files, to check for effective leaks of open
++  // files. This can only be called when purging of obsolete files has
++  // "settled," such as during parts of DB Close().
++  void TEST_VerifyNoObsoleteFilesCached(bool db_mutex_already_held) const;
++
+   // persist stats to column family "_persistent_stats"
+   void PersistStats();
+ 
+diff --git a/db/db_impl/db_impl_debug.cc b/db/db_impl/db_impl_debug.cc
+index 790a50d7a..67f5b4aaf 100644
+--- a/db/db_impl/db_impl_debug.cc
++++ b/db/db_impl/db_impl_debug.cc
+@@ -9,6 +9,7 @@
+ 
+ #ifndef NDEBUG
+ 
++#include "db/blob/blob_file_cache.h"
+ #include "db/column_family.h"
+ #include "db/db_impl/db_impl.h"
+ #include "db/error_handler.h"
+@@ -328,5 +329,49 @@ size_t DBImpl::TEST_EstimateInMemoryStatsHistorySize() const {
+   InstrumentedMutexLock l(&const_cast<DBImpl*>(this)->stats_history_mutex_);
+   return EstimateInMemoryStatsHistorySize();
+ }
++
++void DBImpl::TEST_VerifyNoObsoleteFilesCached(
++    bool db_mutex_already_held) const {
++  // This check is somewhat expensive and obscure to make a part of every
++  // unit test in every build variety. Thus, we only enable it for ASAN builds.
++  if (!kMustFreeHeapAllocations) {
++    return;
++  }
++
++  std::optional<InstrumentedMutexLock> l;
++  if (db_mutex_already_held) {
++    mutex_.AssertHeld();
++  } else {
++    l.emplace(&mutex_);
++  }
++
++  std::vector<uint64_t> live_files;
++  for (auto cfd : *versions_->GetColumnFamilySet()) {
++    if (cfd->IsDropped()) {
++      continue;
++    }
++    // Sneakily add both SST and blob files to the same list
++    cfd->current()->AddLiveFiles(&live_files, &live_files);
++  }
++  std::sort(live_files.begin(), live_files.end());
++
++  auto fn = [&live_files](const Slice& key, Cache::ObjectPtr, size_t,
++                          const Cache::CacheItemHelper* helper) {
++    if (helper != BlobFileCache::GetHelper()) {
++      // Skip non-blob files for now
++      // FIXME: diagnose and fix the leaks of obsolete SST files revealed in
++      // unit tests.
++      return;
++    }
++    // See TableCache and BlobFileCache
++    assert(key.size() == sizeof(uint64_t));
++    uint64_t file_number;
++    GetUnaligned(reinterpret_cast<const uint64_t*>(key.data()), &file_number);
++    // Assert file is in sorted live_files
++    assert(
++        std::binary_search(live_files.begin(), live_files.end(), file_number));
++  };
++  table_cache_->ApplyToAllEntries(fn, {});
++}
+ }  // namespace ROCKSDB_NAMESPACE
+ #endif  // NDEBUG
+diff --git a/db/db_iter.cc b/db/db_iter.cc
+index e02586377..bf4749eb9 100644
+--- a/db/db_iter.cc
++++ b/db/db_iter.cc
+@@ -540,6 +540,8 @@ bool DBIter::FindNextUserEntryInternal(bool skipping_saved_key,
+     } else {
+       iter_.Next();
+     }
++    // This could be a long-running operation due to tombstones, etc.
++    ROCKSDB_THREAD_YIELD_HOOK();
+   } while (iter_.Valid());
+ 
+   valid_ = false;
+diff --git a/db/table_cache.cc b/db/table_cache.cc
+index 71fc29c32..8a5be75e8 100644
+--- a/db/table_cache.cc
++++ b/db/table_cache.cc
+@@ -164,6 +164,7 @@ Status TableCache::GetTableReader(
+ }
+ 
+ Cache::Handle* TableCache::Lookup(Cache* cache, uint64_t file_number) {
++  // NOTE: sharing same Cache with BlobFileCache
+   Slice key = GetSliceForFileNumber(&file_number);
+   return cache->Lookup(key);
+ }
+@@ -179,6 +180,7 @@ Status TableCache::FindTable(
+     size_t max_file_size_for_l0_meta_pin, Temperature file_temperature) {
+   PERF_TIMER_GUARD_WITH_CLOCK(find_table_nanos, ioptions_.clock);
+   uint64_t number = file_meta.fd.GetNumber();
++  // NOTE: sharing same Cache with BlobFileCache
+   Slice key = GetSliceForFileNumber(&number);
+   *handle = cache_.Lookup(key);
+   TEST_SYNC_POINT_CALLBACK("TableCache::FindTable:0",
+diff --git a/db/version_builder.cc b/db/version_builder.cc
+index ed8ab8214..c98f53f42 100644
+--- a/db/version_builder.cc
++++ b/db/version_builder.cc
+@@ -24,6 +24,7 @@
+ #include <vector>
+ 
+ #include "cache/cache_reservation_manager.h"
++#include "db/blob/blob_file_cache.h"
+ #include "db/blob/blob_file_meta.h"
+ #include "db/dbformat.h"
+ #include "db/internal_stats.h"
+@@ -744,12 +745,9 @@ class VersionBuilder::Rep {
+       return Status::Corruption("VersionBuilder", oss.str());
+     }
+ 
+-    // Note: we use C++11 for now but in C++14, this could be done in a more
+-    // elegant way using generalized lambda capture.
+-    VersionSet* const vs = version_set_;
+-    const ImmutableCFOptions* const ioptions = ioptions_;
+-
+-    auto deleter = [vs, ioptions](SharedBlobFileMetaData* shared_meta) {
++    auto deleter = [vs = version_set_, ioptions = ioptions_,
++                    bc = cfd_ ? cfd_->blob_file_cache()
++                              : nullptr](SharedBlobFileMetaData* shared_meta) {
+       if (vs) {
+         assert(ioptions);
+         assert(!ioptions->cf_paths.empty());
+@@ -758,6 +756,9 @@ class VersionBuilder::Rep {
+         vs->AddObsoleteBlobFile(shared_meta->GetBlobFileNumber(),
+                                 ioptions->cf_paths.front().path);
+       }
++      if (bc) {
++        bc->Evict(shared_meta->GetBlobFileNumber());
++      }
+ 
+       delete shared_meta;
+     };
+@@ -766,7 +767,7 @@ class VersionBuilder::Rep {
+         blob_file_number, blob_file_addition.GetTotalBlobCount(),
+         blob_file_addition.GetTotalBlobBytes(),
+         blob_file_addition.GetChecksumMethod(),
+-        blob_file_addition.GetChecksumValue(), deleter);
++        blob_file_addition.GetChecksumValue(), std::move(deleter));
+ 
+     mutable_blob_file_metas_.emplace(
+         blob_file_number, MutableBlobFileMetaData(std::move(shared_meta)));
+diff --git a/db/version_set.h b/db/version_set.h
+index 9336782b1..024f869e7 100644
+--- a/db/version_set.h
++++ b/db/version_set.h
+@@ -1514,7 +1514,6 @@ class VersionSet {
+   void GetLiveFilesMetaData(std::vector<LiveFileMetaData>* metadata);
+ 
+   void AddObsoleteBlobFile(uint64_t blob_file_number, std::string path) {
+-    // TODO: Erase file from BlobFileCache?
+     obsolete_blob_files_.emplace_back(blob_file_number, std::move(path));
+   }
+ 
+diff --git a/include/rocksdb/version.h b/include/rocksdb/version.h
+index 2a19796b8..0afa2cab1 100644
+--- a/include/rocksdb/version.h
++++ b/include/rocksdb/version.h
+@@ -13,7 +13,7 @@
+ // minor or major version number planned for release.
+ #define ROCKSDB_MAJOR 9
+ #define ROCKSDB_MINOR 7
+-#define ROCKSDB_PATCH 3
++#define ROCKSDB_PATCH 4
+ 
+ // Do not use these. We made the mistake of declaring macros starting with
+ // double underscore. Now we have to live with our choice. We'll deprecate these
+diff --git a/port/port.h b/port/port.h
+index 13aa56d47..141716e5b 100644
+--- a/port/port.h
++++ b/port/port.h
+@@ -19,3 +19,19 @@
+ #elif defined(OS_WIN)
+ #include "port/win/port_win.h"
+ #endif
++
++#ifdef OS_LINUX
++// A temporary hook into long-running RocksDB threads to support modifying their
++// priority etc. This should become a public API hook once the requirements
++// are better understood.
++extern "C" void RocksDbThreadYield() __attribute__((__weak__));
++#define ROCKSDB_THREAD_YIELD_HOOK() \
++  {                                 \
++    if (RocksDbThreadYield) {       \
++      RocksDbThreadYield();         \
++    }                               \
++  }
++#else
++#define ROCKSDB_THREAD_YIELD_HOOK() \
++  {}
++#endif

external/rocksdb/patches/9.x.x-0001-exclude-thirdparty.patch

@@ -0,0 +1,30 @@
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 93b884d..b715cb6 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -106,14 +106,9 @@ endif()
+ include(CMakeDependentOption)
+
+ if(MSVC)
+-  option(WITH_GFLAGS "build with GFlags" OFF)
+   option(WITH_XPRESS "build with windows built in compression" OFF)
+-  option(ROCKSDB_SKIP_THIRDPARTY "skip thirdparty.inc" OFF)
+-
+-  if(NOT ROCKSDB_SKIP_THIRDPARTY)
+-    include(${CMAKE_CURRENT_SOURCE_DIR}/thirdparty.inc)
+-  endif()
+-else()
++endif()
++if(TRUE)
+   if(CMAKE_SYSTEM_NAME MATCHES "FreeBSD" AND NOT CMAKE_SYSTEM_NAME MATCHES "kFreeBSD")
+     # FreeBSD has jemalloc as default malloc
+     # but it does not have all the jemalloc files in include/...
+@@ -126,7 +121,7 @@ else()
+     endif()
+   endif()
+
+-  if(MINGW)
++  if(MSVC OR MINGW)
+     option(WITH_GFLAGS "build with GFlags" OFF)
+   else()
+     option(WITH_GFLAGS "build with GFlags" ON)

external/soci/conanfile.py

@@ -62,15 +62,15 @@ class SociConan(ConanFile):
 
     def requirements(self):
         if self.options.with_sqlite3:
-            self.requires("sqlite3/3.41.1")
+            self.requires("sqlite3/3.47.0")
         if self.options.with_odbc and self.settings.os != "Windows":
             self.requires("odbc/2.3.11")
         if self.options.with_mysql:
-            self.requires("libmysqlclient/8.0.31")
+            self.requires("libmysqlclient/8.1.0")
         if self.options.with_postgresql:
-            self.requires("libpq/14.7")
+            self.requires("libpq/15.5")
         if self.options.with_boost:
-            self.requires("boost/1.81.0")
+            self.requires("boost/1.83.0")
 
     @property
     def _minimum_compilers_version(self):

include/xrpl/basics/BasicConfig.h

@@ -27,7 +27,6 @@
 
 #include <algorithm>
 #include <optional>
-#include <ostream>
 #include <string>
 #include <unordered_map>
 #include <vector>

include/xrpl/basics/Buffer.h

@@ -22,10 +22,9 @@
 
 #include <xrpl/basics/Slice.h>
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <cstdint>
 #include <cstring>
-#include <memory>
-#include <utility>
 
 namespace ripple {
 

include/xrpl/basics/CompressionAlgorithms.h

@@ -21,9 +21,11 @@
 #define RIPPLED_COMPRESSIONALGORITHMS_H_INCLUDED
 
 #include <xrpl/basics/contract.h>
+
+#include <lz4.h>
+
 #include <algorithm>
 #include <cstdint>
-#include <lz4.h>
 #include <stdexcept>
 #include <vector>
 

include/xrpl/basics/CountedObject.h

@@ -21,6 +21,7 @@
 #define RIPPLE_BASICS_COUNTEDOBJECT_H_INCLUDED
 
 #include <xrpl/beast/type_name.h>
+
 #include <atomic>
 #include <string>
 #include <utility>

include/xrpl/basics/Expected.h

@@ -24,9 +24,7 @@
 
 #include <boost/outcome.hpp>
 
-#include <concepts>
 #include <stdexcept>
-#include <type_traits>
 
 namespace ripple {
 

include/xrpl/basics/IntrusivePointer.h

@@ -0,0 +1,515 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2023 Ripple Labs Inc.
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#ifndef RIPPLE_BASICS_INTRUSIVEPOINTER_H_INCLUDED
+#define RIPPLE_BASICS_INTRUSIVEPOINTER_H_INCLUDED
+
+#include <concepts>
+#include <cstdint>
+#include <type_traits>
+#include <utility>
+
+namespace ripple {
+
+//------------------------------------------------------------------------------
+
+/** Tag to create an intrusive pointer from another intrusive pointer by using a
+    static cast. This is useful to create an intrusive pointer to a derived
+    class from an intrusive pointer to a base class.
+*/
+struct StaticCastTagSharedIntrusive
+{
+};
+
+/** Tag to create an intrusive pointer from another intrusive pointer by using a
+    dynamic cast. This is useful to create an intrusive pointer to a derived
+    class from an intrusive pointer to a base class. If the cast fails an empty
+    (null) intrusive pointer is created.
+*/
+struct DynamicCastTagSharedIntrusive
+{
+};
+
+/** When creating or adopting a raw pointer, controls whether the strong count
+    is incremented or not. Use this tag to increment the strong count.
+*/
+struct SharedIntrusiveAdoptIncrementStrongTag
+{
+};
+
+/** When creating or adopting a raw pointer, controls whether the strong count
+    is incremented or not. Use this tag to leave the strong count unchanged.
+*/
+struct SharedIntrusiveAdoptNoIncrementTag
+{
+};
+
+//------------------------------------------------------------------------------
+//
+
+template <class T>
+concept CAdoptTag = std::is_same_v<T, SharedIntrusiveAdoptIncrementStrongTag> ||
+    std::is_same_v<T, SharedIntrusiveAdoptNoIncrementTag>;
+
+//------------------------------------------------------------------------------
+
+/** A shared intrusive pointer class that supports weak pointers.
+
+    This is meant to be used for SHAMapInnerNodes, but may be useful for other
+    cases. Since the reference counts are stored on the pointee, the pointee is
+    not destroyed until both the strong _and_ weak pointer counts go to zero.
+    When the strong pointer count goes to zero, the "partialDestructor" is
+    called. This can be used to destroy as much of the object as possible while
+    still retaining the reference counts. For example, for SHAMapInnerNodes the
+    children may be reset in that function. Note that std::shared_poiner WILL
+    run the destructor when the strong count reaches zero, but may not free the
+    memory used by the object until the weak count reaches zero. In rippled, we
+    typically allocate shared pointers with the `make_shared` function. When
+    that is used, the memory is not reclaimed until the weak count reaches zero.
+*/
+template <class T>
+class SharedIntrusive
+{
+public:
+    SharedIntrusive() = default;
+
+    template <CAdoptTag TAdoptTag>
+    SharedIntrusive(T* p, TAdoptTag) noexcept;
+
+    SharedIntrusive(SharedIntrusive const& rhs);
+
+    template <class TT>
+    // TODO: convertible_to isn't quite right. That include a static castable.
+    // Find the right concept.
+        requires std::convertible_to<TT*, T*>
+    SharedIntrusive(SharedIntrusive<TT> const& rhs);
+
+    SharedIntrusive(SharedIntrusive&& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedIntrusive(SharedIntrusive<TT>&& rhs);
+
+    SharedIntrusive&
+    operator=(SharedIntrusive const& rhs);
+
+    bool
+    operator!=(std::nullptr_t) const;
+
+    bool
+    operator==(std::nullptr_t) const;
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedIntrusive&
+    operator=(SharedIntrusive<TT> const& rhs);
+
+    SharedIntrusive&
+    operator=(SharedIntrusive&& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedIntrusive&
+    operator=(SharedIntrusive<TT>&& rhs);
+
+    /** Adopt the raw pointer. The strong reference may or may not be
+        incremented, depending on the TAdoptTag
+     */
+    template <CAdoptTag TAdoptTag = SharedIntrusiveAdoptIncrementStrongTag>
+    void
+    adopt(T* p);
+
+    ~SharedIntrusive();
+
+    /** Create a new SharedIntrusive by statically casting the pointer
+        controlled by the rhs param.
+    */
+    template <class TT>
+    SharedIntrusive(
+        StaticCastTagSharedIntrusive,
+        SharedIntrusive<TT> const& rhs);
+
+    /** Create a new SharedIntrusive by statically casting the pointer
+       controlled by the rhs param.
+    */
+    template <class TT>
+    SharedIntrusive(StaticCastTagSharedIntrusive, SharedIntrusive<TT>&& rhs);
+
+    /** Create a new SharedIntrusive by dynamically casting the pointer
+       controlled by the rhs param.
+    */
+    template <class TT>
+    SharedIntrusive(
+        DynamicCastTagSharedIntrusive,
+        SharedIntrusive<TT> const& rhs);
+
+    /** Create a new SharedIntrusive by dynamically casting the pointer
+       controlled by the rhs param.
+    */
+    template <class TT>
+    SharedIntrusive(DynamicCastTagSharedIntrusive, SharedIntrusive<TT>&& rhs);
+
+    T&
+    operator*() const noexcept;
+
+    T*
+    operator->() const noexcept;
+
+    explicit
+    operator bool() const noexcept;
+
+    /** Set the pointer to null, decrement the strong count, and run the
+        appropriate release action.
+      */
+    void
+    reset();
+
+    /** Get the raw pointer */
+    T*
+    get() const;
+
+    /** Return the strong count */
+    std::size_t
+    use_count() const;
+
+    template <class TT, class... Args>
+    friend SharedIntrusive<TT>
+    make_SharedIntrusive(Args&&... args);
+
+    template <class TT>
+    friend class SharedIntrusive;
+
+    template <class TT>
+    friend class SharedWeakUnion;
+
+    template <class TT>
+    friend class WeakIntrusive;
+
+private:
+    /** Return the raw pointer held by this object. */
+    T*
+    unsafeGetRawPtr() const;
+
+    /** Exchange the current raw pointer held by this object with the given
+        pointer. Decrement the strong count of the raw pointer previously held
+        by this object and run the appropriate release action.
+     */
+    void
+    unsafeReleaseAndStore(T* next);
+
+    /** Set the raw pointer directly. This is wrapped in a function so the class
+        can support both atomic and non-atomic pointers in a future patch.
+     */
+    void
+    unsafeSetRawPtr(T* p);
+
+    /** Exchange the raw pointer directly.
+        This sets the raw pointer to the given value and returns the previous
+        value. This is wrapped in a function so the class can support both
+        atomic and non-atomic pointers in a future patch.
+     */
+    T*
+    unsafeExchange(T* p);
+
+    /** pointer to the type with an intrusive count */
+    T* ptr_{nullptr};
+};
+
+//------------------------------------------------------------------------------
+
+/** A weak intrusive pointer class for the SharedIntrusive pointer class.
+
+Note that this weak pointer class asks differently from normal weak pointer
+classes. When the strong pointer count goes to zero, the "partialDestructor"
+is called. See the comment on SharedIntrusive for a fuller explanation.
+*/
+template <class T>
+class WeakIntrusive
+{
+public:
+    WeakIntrusive() = default;
+
+    WeakIntrusive(WeakIntrusive const& rhs);
+
+    WeakIntrusive(WeakIntrusive&& rhs);
+
+    WeakIntrusive(SharedIntrusive<T> const& rhs);
+
+    // There is no move constructor from a strong intrusive ptr because
+    // moving would be move expensive than copying in this case (the strong
+    // ref would need to be decremented)
+    WeakIntrusive(SharedIntrusive<T> const&& rhs) = delete;
+
+    // Since there are no current use cases for copy assignment in
+    // WeakIntrusive, we delete this operator to simplify the implementation. If
+    // a need arises in the future, we can reintroduce it with proper
+    // consideration."
+    WeakIntrusive&
+    operator=(WeakIntrusive const&) = delete;
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    WeakIntrusive&
+    operator=(SharedIntrusive<TT> const& rhs);
+
+    /** Adopt the raw pointer and increment the weak count. */
+    void
+    adopt(T* ptr);
+
+    ~WeakIntrusive();
+
+    /** Get a strong pointer from the weak pointer, if possible. This will
+       only return a seated pointer if the strong count on the raw pointer
+       is non-zero before locking.
+     */
+    SharedIntrusive<T>
+    lock() const;
+
+    /** Return true if the strong count is zero. */
+    bool
+    expired() const;
+
+    /** Set the pointer to null and decrement the weak count.
+
+    Note: This may run the destructor if the strong count is zero.
+    */
+    void
+    reset();
+
+private:
+    T* ptr_ = nullptr;
+
+    /** Decrement the weak count. This does _not_ set the raw pointer to
+    null.
+
+    Note: This may run the destructor if the strong count is zero.
+    */
+    void
+    unsafeReleaseNoStore();
+};
+
+//------------------------------------------------------------------------------
+
+/** A combination of a strong and a weak intrusive pointer stored in the
+    space of a single pointer.
+
+    This class is similar to a `std::variant<SharedIntrusive,WeakIntrusive>`
+    with some optimizations. In particular, it uses a low-order bit to
+    determine if the raw pointer represents a strong pointer or a weak
+    pointer. It can also be quickly switched between its strong pointer and
+    weak pointer representations. This class is useful for storing intrusive
+    pointers in tagged caches.
+  */
+
+template <class T>
+class SharedWeakUnion
+{
+    // Tagged pointer. Low bit determines if this is a strong or a weak
+    // pointer. The low bit must be masked to zero when converting back to a
+    // pointer. If the low bit is '1', this is a weak pointer.
+    static_assert(
+        alignof(T) >= 2,
+        "Bad alignment: Combo pointer requires low bit to be zero");
+
+public:
+    SharedWeakUnion() = default;
+
+    SharedWeakUnion(SharedWeakUnion const& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakUnion(SharedIntrusive<TT> const& rhs);
+
+    SharedWeakUnion(SharedWeakUnion&& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakUnion(SharedIntrusive<TT>&& rhs);
+
+    SharedWeakUnion&
+    operator=(SharedWeakUnion const& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakUnion&
+    operator=(SharedIntrusive<TT> const& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakUnion&
+    operator=(SharedIntrusive<TT>&& rhs);
+
+    ~SharedWeakUnion();
+
+    /** Return a strong pointer if this is already a strong pointer (i.e.
+       don't lock the weak pointer. Use the `lock` method if that's what's
+       needed)
+     */
+    SharedIntrusive<T>
+    getStrong() const;
+
+    /** Return true if this is a strong pointer and the strong pointer is
+        seated.
+     */
+    explicit
+    operator bool() const noexcept;
+
+    /** Set the pointer to null, decrement the appropriate ref count, and
+       run the appropriate release action.
+     */
+    void
+    reset();
+
+    /** If this is a strong pointer, return the raw pointer. Otherwise
+       return null.
+     */
+    T*
+    get() const;
+
+    /** If this is a strong pointer, return the strong count. Otherwise
+     * return 0
+     */
+    std::size_t
+    use_count() const;
+
+    /** Return true if there is a non-zero strong count. */
+    bool
+    expired() const;
+
+    /** If this is a strong pointer, return the strong pointer. Otherwise
+        attempt to lock the weak pointer.
+     */
+    SharedIntrusive<T>
+    lock() const;
+
+    /** Return true is this represents a strong pointer. */
+    bool
+    isStrong() const;
+
+    /** Return true is this represents a weak pointer. */
+    bool
+    isWeak() const;
+
+    /** If this is a weak pointer, attempt to convert it to a strong
+       pointer.
+
+        @return true if successfully converted to a strong pointer (or was
+                already a strong pointer). Otherwise false.
+      */
+    bool
+    convertToStrong();
+
+    /** If this is a strong pointer, attempt to convert it to a weak
+       pointer.
+
+        @return false if the pointer is null. Otherwise return true.
+      */
+    bool
+    convertToWeak();
+
+private:
+    // Tagged pointer. Low bit determines if this is a strong or a weak
+    // pointer. The low bit must be masked to zero when converting back to a
+    // pointer. If the low bit is '1', this is a weak pointer.
+    std::uintptr_t tp_{0};
+    static constexpr std::uintptr_t tagMask = 1;
+    static constexpr std::uintptr_t ptrMask = ~tagMask;
+
+private:
+    /** Return the raw pointer held by this object.
+     */
+    T*
+    unsafeGetRawPtr() const;
+
+    enum class RefStrength { strong, weak };
+    /** Set the raw pointer and tag bit directly.
+     */
+    void
+    unsafeSetRawPtr(T* p, RefStrength rs);
+
+    /** Set the raw pointer and tag bit to all zeros (strong null pointer).
+     */
+    void unsafeSetRawPtr(std::nullptr_t);
+
+    /** Decrement the appropriate ref count, and run the appropriate release
+        action. Note: this does _not_ set the raw pointer to null.
+     */
+    void
+    unsafeReleaseNoStore();
+};
+
+//------------------------------------------------------------------------------
+
+/** Create a shared intrusive pointer.
+
+    Note: unlike std::shared_ptr, where there is an advantage of allocating
+    the pointer and control block together, there is no benefit for intrusive
+    pointers.
+*/
+template <class TT, class... Args>
+SharedIntrusive<TT>
+make_SharedIntrusive(Args&&... args)
+{
+    auto p = new TT(std::forward<Args>(args)...);
+
+    static_assert(
+        noexcept(SharedIntrusive<TT>(
+            std::declval<TT*>(),
+            std::declval<SharedIntrusiveAdoptNoIncrementTag>())),
+        "SharedIntrusive constructor should not throw or this can leak "
+        "memory");
+
+    return SharedIntrusive<TT>(p, SharedIntrusiveAdoptNoIncrementTag{});
+}
+
+//------------------------------------------------------------------------------
+
+namespace intr_ptr {
+template <class T>
+using SharedPtr = SharedIntrusive<T>;
+
+template <class T>
+using WeakPtr = WeakIntrusive<T>;
+
+template <class T>
+using SharedWeakUnionPtr = SharedWeakUnion<T>;
+
+template <class T, class... A>
+SharedPtr<T>
+make_shared(A&&... args)
+{
+    return make_SharedIntrusive<T>(std::forward<A>(args)...);
+}
+
+template <class T, class TT>
+SharedPtr<T>
+static_pointer_cast(TT const& v)
+{
+    return SharedPtr<T>(StaticCastTagSharedIntrusive{}, v);
+}
+
+template <class T, class TT>
+SharedPtr<T>
+dynamic_pointer_cast(TT const& v)
+{
+    return SharedPtr<T>(DynamicCastTagSharedIntrusive{}, v);
+}
+}  // namespace intr_ptr
+}  // namespace ripple
+#endif

include/xrpl/basics/IntrusivePointer.ipp

@@ -0,0 +1,740 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2023 Ripple Labs Inc.
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#ifndef RIPPLE_BASICS_INTRUSIVEPOINTER_IPP_INCLUDED
+#define RIPPLE_BASICS_INTRUSIVEPOINTER_IPP_INCLUDED
+
+#include <xrpl/basics/IntrusivePointer.h>
+#include <xrpl/basics/IntrusiveRefCounts.h>
+
+#include <utility>
+
+namespace ripple {
+
+template <class T>
+template <CAdoptTag TAdoptTag>
+SharedIntrusive<T>::SharedIntrusive(T* p, TAdoptTag) noexcept : ptr_{p}
+{
+    if constexpr (std::is_same_v<
+                      TAdoptTag,
+                      SharedIntrusiveAdoptIncrementStrongTag>)
+    {
+        if (p)
+            p->addStrongRef();
+    }
+}
+
+template <class T>
+SharedIntrusive<T>::SharedIntrusive(SharedIntrusive const& rhs)
+    : ptr_{[&] {
+        auto p = rhs.unsafeGetRawPtr();
+        if (p)
+            p->addStrongRef();
+        return p;
+    }()}
+{
+}
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedIntrusive<T>::SharedIntrusive(SharedIntrusive<TT> const& rhs)
+    : ptr_{[&] {
+        auto p = rhs.unsafeGetRawPtr();
+        if (p)
+            p->addStrongRef();
+        return p;
+    }()}
+{
+}
+
+template <class T>
+SharedIntrusive<T>::SharedIntrusive(SharedIntrusive&& rhs)
+    : ptr_{rhs.unsafeExchange(nullptr)}
+{
+}
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedIntrusive<T>::SharedIntrusive(SharedIntrusive<TT>&& rhs)
+    : ptr_{rhs.unsafeExchange(nullptr)}
+{
+}
+template <class T>
+SharedIntrusive<T>&
+SharedIntrusive<T>::operator=(SharedIntrusive const& rhs)
+{
+    if (this == &rhs)
+        return *this;
+    auto p = rhs.unsafeGetRawPtr();
+    if (p)
+        p->addStrongRef();
+    unsafeReleaseAndStore(p);
+    return *this;
+}
+
+template <class T>
+template <class TT>
+// clang-format off
+requires std::convertible_to<TT*, T*>
+// clang-format on
+SharedIntrusive<T>&
+SharedIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
+{
+    if constexpr (std::is_same_v<T, TT>)
+    {
+        // This case should never be hit. The operator above will run instead.
+        // (The normal operator= is needed or it will be marked `deleted`)
+        if (this == &rhs)
+            return *this;
+    }
+    auto p = rhs.unsafeGetRawPtr();
+    if (p)
+        p->addStrongRef();
+    unsafeReleaseAndStore(p);
+    return *this;
+}
+
+template <class T>
+SharedIntrusive<T>&
+SharedIntrusive<T>::operator=(SharedIntrusive&& rhs)
+{
+    if (this == &rhs)
+        return *this;
+
+    unsafeReleaseAndStore(rhs.unsafeExchange(nullptr));
+    return *this;
+}
+
+template <class T>
+template <class TT>
+// clang-format off
+requires std::convertible_to<TT*, T*>
+// clang-format on
+SharedIntrusive<T>&
+SharedIntrusive<T>::operator=(SharedIntrusive<TT>&& rhs)
+{
+    static_assert(
+        !std::is_same_v<T, TT>,
+        "This overload should not be instantiated for T == TT");
+
+    unsafeReleaseAndStore(rhs.unsafeExchange(nullptr));
+    return *this;
+}
+
+template <class T>
+bool
+SharedIntrusive<T>::operator!=(std::nullptr_t) const
+{
+    return this->get() != nullptr;
+}
+
+template <class T>
+bool
+SharedIntrusive<T>::operator==(std::nullptr_t) const
+{
+    return this->get() == nullptr;
+}
+
+template <class T>
+template <CAdoptTag TAdoptTag>
+void
+SharedIntrusive<T>::adopt(T* p)
+{
+    if constexpr (std::is_same_v<
+                      TAdoptTag,
+                      SharedIntrusiveAdoptIncrementStrongTag>)
+    {
+        if (p)
+            p->addStrongRef();
+    }
+    unsafeReleaseAndStore(p);
+}
+
+template <class T>
+SharedIntrusive<T>::~SharedIntrusive()
+{
+    unsafeReleaseAndStore(nullptr);
+};
+
+template <class T>
+template <class TT>
+SharedIntrusive<T>::SharedIntrusive(
+    StaticCastTagSharedIntrusive,
+    SharedIntrusive<TT> const& rhs)
+    : ptr_{[&] {
+        auto p = static_cast<T*>(rhs.unsafeGetRawPtr());
+        if (p)
+            p->addStrongRef();
+        return p;
+    }()}
+{
+}
+
+template <class T>
+template <class TT>
+SharedIntrusive<T>::SharedIntrusive(
+    StaticCastTagSharedIntrusive,
+    SharedIntrusive<TT>&& rhs)
+    : ptr_{static_cast<T*>(rhs.unsafeExchange(nullptr))}
+{
+}
+
+template <class T>
+template <class TT>
+SharedIntrusive<T>::SharedIntrusive(
+    DynamicCastTagSharedIntrusive,
+    SharedIntrusive<TT> const& rhs)
+    : ptr_{[&] {
+        auto p = dynamic_cast<T*>(rhs.unsafeGetRawPtr());
+        if (p)
+            p->addStrongRef();
+        return p;
+    }()}
+{
+}
+
+template <class T>
+template <class TT>
+SharedIntrusive<T>::SharedIntrusive(
+    DynamicCastTagSharedIntrusive,
+    SharedIntrusive<TT>&& rhs)
+{
+    // This can be simplified without the `exchange`, but the `exchange` is kept
+    // in anticipation of supporting atomic operations.
+    auto toSet = rhs.unsafeExchange(nullptr);
+    if (toSet)
+    {
+        ptr_ = dynamic_cast<T*>(toSet);
+        if (!ptr_)
+            // need to set the pointer back or will leak
+            rhs.unsafeExchange(toSet);
+    }
+}
+
+template <class T>
+T&
+SharedIntrusive<T>::operator*() const noexcept
+{
+    return *unsafeGetRawPtr();
+}
+
+template <class T>
+T*
+SharedIntrusive<T>::operator->() const noexcept
+{
+    return unsafeGetRawPtr();
+}
+
+template <class T>
+SharedIntrusive<T>::operator bool() const noexcept
+{
+    return bool(unsafeGetRawPtr());
+}
+
+template <class T>
+void
+SharedIntrusive<T>::reset()
+{
+    unsafeReleaseAndStore(nullptr);
+}
+
+template <class T>
+T*
+SharedIntrusive<T>::get() const
+{
+    return unsafeGetRawPtr();
+}
+
+template <class T>
+std::size_t
+SharedIntrusive<T>::use_count() const
+{
+    if (auto p = unsafeGetRawPtr())
+        return p->use_count();
+    return 0;
+}
+
+template <class T>
+T*
+SharedIntrusive<T>::unsafeGetRawPtr() const
+{
+    return ptr_;
+}
+
+template <class T>
+void
+SharedIntrusive<T>::unsafeSetRawPtr(T* p)
+{
+    ptr_ = p;
+}
+
+template <class T>
+T*
+SharedIntrusive<T>::unsafeExchange(T* p)
+{
+    return std::exchange(ptr_, p);
+}
+
+template <class T>
+void
+SharedIntrusive<T>::unsafeReleaseAndStore(T* next)
+{
+    auto prev = unsafeExchange(next);
+    if (!prev)
+        return;
+
+    using enum ReleaseStrongRefAction;
+    auto action = prev->releaseStrongRef();
+    switch (action)
+    {
+        case noop:
+            break;
+        case destroy:
+            delete prev;
+            break;
+        case partialDestroy:
+            prev->partialDestructor();
+            partialDestructorFinished(&prev);
+            // prev is null and may no longer be used
+            break;
+    }
+}
+
+//------------------------------------------------------------------------------
+
+template <class T>
+WeakIntrusive<T>::WeakIntrusive(WeakIntrusive const& rhs) : ptr_{rhs.ptr_}
+{
+    if (ptr_)
+        ptr_->addWeakRef();
+}
+
+template <class T>
+WeakIntrusive<T>::WeakIntrusive(WeakIntrusive&& rhs) : ptr_{rhs.ptr_}
+{
+    rhs.ptr_ = nullptr;
+}
+
+template <class T>
+WeakIntrusive<T>::WeakIntrusive(SharedIntrusive<T> const& rhs)
+    : ptr_{rhs.unsafeGetRawPtr()}
+{
+    if (ptr_)
+        ptr_->addWeakRef();
+}
+
+template <class T>
+template <class TT>
+// clang-format off
+requires std::convertible_to<TT*, T*>
+// clang-format on
+WeakIntrusive<T>&
+WeakIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
+{
+    unsafeReleaseNoStore();
+    auto p = rhs.unsafeGetRawPtr();
+    if (p)
+        p->addWeakRef();
+    return *this;
+}
+
+template <class T>
+void
+WeakIntrusive<T>::adopt(T* ptr)
+{
+    unsafeReleaseNoStore();
+    if (ptr)
+        ptr->addWeakRef();
+    ptr_ = ptr;
+}
+
+template <class T>
+WeakIntrusive<T>::~WeakIntrusive()
+{
+    unsafeReleaseNoStore();
+}
+
+template <class T>
+SharedIntrusive<T>
+WeakIntrusive<T>::lock() const
+{
+    if (ptr_ && ptr_->checkoutStrongRefFromWeak())
+    {
+        return SharedIntrusive<T>{ptr_, SharedIntrusiveAdoptNoIncrementTag{}};
+    }
+    return {};
+}
+
+template <class T>
+bool
+WeakIntrusive<T>::expired() const
+{
+    return (!ptr_ || ptr_->expired());
+}
+
+template <class T>
+void
+WeakIntrusive<T>::reset()
+{
+    unsafeReleaseNoStore();
+    ptr_ = nullptr;
+}
+
+template <class T>
+void
+WeakIntrusive<T>::unsafeReleaseNoStore()
+{
+    if (!ptr_)
+        return;
+
+    using enum ReleaseWeakRefAction;
+    auto action = ptr_->releaseWeakRef();
+    switch (action)
+    {
+        case noop:
+            break;
+        case destroy:
+            delete ptr_;
+            break;
+    }
+}
+
+//------------------------------------------------------------------------------
+
+template <class T>
+SharedWeakUnion<T>::SharedWeakUnion(SharedWeakUnion const& rhs) : tp_{rhs.tp_}
+{
+    auto p = rhs.unsafeGetRawPtr();
+    if (!p)
+        return;
+
+    if (rhs.isStrong())
+        p->addStrongRef();
+    else
+        p->addWeakRef();
+}
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedWeakUnion<T>::SharedWeakUnion(SharedIntrusive<TT> const& rhs)
+{
+    auto p = rhs.unsafeGetRawPtr();
+    if (p)
+        p->addStrongRef();
+    unsafeSetRawPtr(p, RefStrength::strong);
+}
+
+template <class T>
+SharedWeakUnion<T>::SharedWeakUnion(SharedWeakUnion&& rhs) : tp_{rhs.tp_}
+{
+    rhs.unsafeSetRawPtr(nullptr);
+}
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedWeakUnion<T>::SharedWeakUnion(SharedIntrusive<TT>&& rhs)
+{
+    auto p = rhs.unsafeGetRawPtr();
+    if (p)
+        unsafeSetRawPtr(p, RefStrength::strong);
+    rhs.unsafeSetRawPtr(nullptr);
+}
+
+template <class T>
+SharedWeakUnion<T>&
+SharedWeakUnion<T>::operator=(SharedWeakUnion const& rhs)
+{
+    if (this == &rhs)
+        return *this;
+    unsafeReleaseNoStore();
+
+    if (auto p = rhs.unsafeGetRawPtr())
+    {
+        if (rhs.isStrong())
+        {
+            p->addStrongRef();
+            unsafeSetRawPtr(p, RefStrength::strong);
+        }
+        else
+        {
+            p->addWeakRef();
+            unsafeSetRawPtr(p, RefStrength::weak);
+        }
+    }
+    else
+    {
+        unsafeSetRawPtr(nullptr);
+    }
+    return *this;
+}
+
+template <class T>
+template <class TT>
+// clang-format off
+requires std::convertible_to<TT*, T*>
+// clang-format on
+SharedWeakUnion<T>&
+SharedWeakUnion<T>::operator=(SharedIntrusive<TT> const& rhs)
+{
+    unsafeReleaseNoStore();
+    auto p = rhs.unsafeGetRawPtr();
+    if (p)
+        p->addStrongRef();
+    unsafeSetRawPtr(p, RefStrength::strong);
+    return *this;
+}
+
+template <class T>
+template <class TT>
+// clang-format off
+requires std::convertible_to<TT*, T*>
+// clang-format on
+SharedWeakUnion<T>&
+SharedWeakUnion<T>::operator=(SharedIntrusive<TT>&& rhs)
+{
+    unsafeReleaseNoStore();
+    unsafeSetRawPtr(rhs.unsafeGetRawPtr(), RefStrength::strong);
+    rhs.unsafeSetRawPtr(nullptr);
+    return *this;
+}
+
+template <class T>
+SharedWeakUnion<T>::~SharedWeakUnion()
+{
+    unsafeReleaseNoStore();
+};
+
+// Return a strong pointer if this is already a strong pointer (i.e. don't
+// lock the weak pointer. Use the `lock` method if that's what's needed)
+template <class T>
+SharedIntrusive<T>
+SharedWeakUnion<T>::getStrong() const
+{
+    SharedIntrusive<T> result;
+    auto p = unsafeGetRawPtr();
+    if (p && isStrong())
+    {
+        result.template adopt<SharedIntrusiveAdoptIncrementStrongTag>(p);
+    }
+    return result;
+}
+
+template <class T>
+SharedWeakUnion<T>::operator bool() const noexcept
+{
+    return bool(get());
+}
+
+template <class T>
+void
+SharedWeakUnion<T>::reset()
+{
+    unsafeReleaseNoStore();
+    unsafeSetRawPtr(nullptr);
+}
+
+template <class T>
+T*
+SharedWeakUnion<T>::get() const
+{
+    return isStrong() ? unsafeGetRawPtr() : nullptr;
+}
+
+template <class T>
+std::size_t
+SharedWeakUnion<T>::use_count() const
+{
+    if (auto p = get())
+        return p->use_count();
+    return 0;
+}
+
+template <class T>
+bool
+SharedWeakUnion<T>::expired() const
+{
+    auto p = unsafeGetRawPtr();
+    return (!p || p->expired());
+}
+
+template <class T>
+SharedIntrusive<T>
+SharedWeakUnion<T>::lock() const
+{
+    SharedIntrusive<T> result;
+    auto p = unsafeGetRawPtr();
+    if (!p)
+        return result;
+
+    if (isStrong())
+    {
+        result.template adopt<SharedIntrusiveAdoptIncrementStrongTag>(p);
+        return result;
+    }
+
+    if (p->checkoutStrongRefFromWeak())
+    {
+        result.template adopt<SharedIntrusiveAdoptNoIncrementTag>(p);
+        return result;
+    }
+    return result;
+}
+
+template <class T>
+bool
+SharedWeakUnion<T>::isStrong() const
+{
+    return !(tp_ & tagMask);
+}
+
+template <class T>
+bool
+SharedWeakUnion<T>::isWeak() const
+{
+    return tp_ & tagMask;
+}
+
+template <class T>
+bool
+SharedWeakUnion<T>::convertToStrong()
+{
+    if (isStrong())
+        return true;
+
+    auto p = unsafeGetRawPtr();
+    if (p && p->checkoutStrongRefFromWeak())
+    {
+        [[maybe_unused]] auto action = p->releaseWeakRef();
+        XRPL_ASSERT(
+            (action == ReleaseWeakRefAction::noop),
+            "ripple::SharedWeakUnion::convertToStrong : "
+            "action is noop");
+        unsafeSetRawPtr(p, RefStrength::strong);
+        return true;
+    }
+    return false;
+}
+
+template <class T>
+bool
+SharedWeakUnion<T>::convertToWeak()
+{
+    if (isWeak())
+        return true;
+
+    auto p = unsafeGetRawPtr();
+    if (!p)
+        return false;
+
+    using enum ReleaseStrongRefAction;
+    auto action = p->addWeakReleaseStrongRef();
+    switch (action)
+    {
+        case noop:
+            break;
+        case destroy:
+            // We just added a weak ref. How could we destroy?
+            UNREACHABLE(
+                "ripple::SharedWeakUnion::convertToWeak : destroying freshly "
+                "added ref");
+            delete p;
+            unsafeSetRawPtr(nullptr);
+            return true;  // Should never happen
+        case partialDestroy:
+            // This is a weird case. We just converted the last strong
+            // pointer to a weak pointer.
+            p->partialDestructor();
+            partialDestructorFinished(&p);
+            // p is null and may no longer be used
+            break;
+    }
+    unsafeSetRawPtr(p, RefStrength::weak);
+    return true;
+}
+
+template <class T>
+T*
+SharedWeakUnion<T>::unsafeGetRawPtr() const
+{
+    return reinterpret_cast<T*>(tp_ & ptrMask);
+}
+
+template <class T>
+void
+SharedWeakUnion<T>::unsafeSetRawPtr(T* p, RefStrength rs)
+{
+    tp_ = reinterpret_cast<std::uintptr_t>(p);
+    if (tp_ && rs == RefStrength::weak)
+        tp_ |= tagMask;
+}
+
+template <class T>
+void
+SharedWeakUnion<T>::unsafeSetRawPtr(std::nullptr_t)
+{
+    tp_ = 0;
+}
+
+template <class T>
+void
+SharedWeakUnion<T>::unsafeReleaseNoStore()
+{
+    auto p = unsafeGetRawPtr();
+    if (!p)
+        return;
+
+    if (isStrong())
+    {
+        using enum ReleaseStrongRefAction;
+        auto strongAction = p->releaseStrongRef();
+        switch (strongAction)
+        {
+            case noop:
+                break;
+            case destroy:
+                delete p;
+                break;
+            case partialDestroy:
+                p->partialDestructor();
+                partialDestructorFinished(&p);
+                // p is null and may no longer be used
+                break;
+        }
+    }
+    else
+    {
+        using enum ReleaseWeakRefAction;
+        auto weakAction = p->releaseWeakRef();
+        switch (weakAction)
+        {
+            case noop:
+                break;
+            case destroy:
+                delete p;
+                break;
+        }
+    }
+}
+
+}  // namespace ripple
+#endif

include/xrpl/basics/IntrusiveRefCounts.h

@@ -0,0 +1,502 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2023 Ripple Labs Inc.
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#ifndef RIPPLE_BASICS_INTRUSIVEREFCOUNTS_H_INCLUDED
+#define RIPPLE_BASICS_INTRUSIVEREFCOUNTS_H_INCLUDED
+
+#include <xrpl/beast/utility/instrumentation.h>
+
+#include <atomic>
+#include <cstdint>
+
+namespace ripple {
+
+/** Action to perform when releasing a strong pointer.
+
+    noop: Do nothing. For example, a `noop` action will occur when a count is
+    decremented to a non-zero value.
+
+    partialDestroy: Run the `partialDestructor`. This action will happen when a
+    strong count is decremented to zero and the weak count is non-zero.
+
+    destroy: Run the destructor. This action will occur when either the strong
+    count or weak count is decremented and the other count is also zero.
+ */
+enum class ReleaseStrongRefAction { noop, partialDestroy, destroy };
+
+/** Action to perform when releasing a weak pointer.
+
+    noop: Do nothing. For example, a `noop` action will occur when a count is
+    decremented to a non-zero value.
+
+    destroy: Run the destructor. This action will occur when either the strong
+    count or weak count is decremented and the other count is also zero.
+ */
+enum class ReleaseWeakRefAction { noop, destroy };
+
+/** Implement the strong count, weak count, and bit flags for an intrusive
+    pointer.
+
+    A class can satisfy the requirements of a ripple::IntrusivePointer by
+    inheriting from this class.
+  */
+struct IntrusiveRefCounts
+{
+    virtual ~IntrusiveRefCounts() noexcept;
+
+    // This must be `noexcept` or the make_SharedIntrusive function could leak
+    // memory.
+    void
+    addStrongRef() const noexcept;
+
+    void
+    addWeakRef() const noexcept;
+
+    ReleaseStrongRefAction
+    releaseStrongRef() const;
+
+    // Same as:
+    // {
+    //   addWeakRef();
+    //   return releaseStrongRef;
+    // }
+    // done as one atomic operation
+    ReleaseStrongRefAction
+    addWeakReleaseStrongRef() const;
+
+    ReleaseWeakRefAction
+    releaseWeakRef() const;
+
+    // Returns true is able to checkout a strong ref. False otherwise
+    bool
+    checkoutStrongRefFromWeak() const noexcept;
+
+    bool
+    expired() const noexcept;
+
+    std::size_t
+    use_count() const noexcept;
+
+    // This function MUST be called after a partial destructor finishes running.
+    // Calling this function may cause other threads to delete the object
+    // pointed to by `o`, so `o` should never be used after calling this
+    // function. The parameter will be set to a `nullptr` after calling this
+    // function to emphasize that it should not be used.
+    // Note: This is intentionally NOT called at the end of `partialDestructor`.
+    // The reason for this is if new classes are written to support this smart
+    // pointer class, they need to write their own `partialDestructor` function
+    // and ensure `partialDestructorFinished` is called at the end. Putting this
+    // call inside the smart pointer class itself is expected to be less error
+    // prone.
+    // Note: The "two-star" programming is intentional. It emphasizes that `o`
+    // may be deleted and the unergonomic API is meant to signal the special
+    // nature of this function call to callers.
+    // Note: This is a template to support incompletely defined classes.
+    template <class T>
+    friend void
+    partialDestructorFinished(T** o);
+
+private:
+    // TODO: We may need to use a uint64_t for both counts. This will reduce the
+    // memory savings. We need to audit the code to make sure 16 bit counts are
+    // enough for strong pointers and 14 bit counts are enough for weak
+    // pointers. Use type aliases to make it easy to switch types.
+    using CountType = std::uint16_t;
+    static constexpr size_t StrongCountNumBits = sizeof(CountType) * 8;
+    static constexpr size_t WeakCountNumBits = StrongCountNumBits - 2;
+    using FieldType = std::uint32_t;
+    static constexpr size_t FieldTypeBits = sizeof(FieldType) * 8;
+    static constexpr FieldType one = 1;
+
+    /** `refCounts` consists of four fields that are treated atomically:
+
+         1. Strong count. This is a count of the number of shared pointers that
+         hold a reference to this object. When the strong counts goes to zero,
+         if the weak count is zero, the destructor is run. If the weak count is
+         non-zero when the strong count goes to zero then the partialDestructor
+         is run.
+
+         2. Weak count. This is a count of the number of weak pointer that hold
+         a reference to this object. When the weak count goes to zero and the
+         strong count is also zero, then the destructor is run.
+
+         3. Partial destroy started bit. This bit is set if the
+         `partialDestructor` function has been started (or is about to be
+         started). This is used to prevent the destructor from running
+         concurrently with the partial destructor. This can easily happen when
+         the last strong pointer release its reference in one thread and starts
+         the partialDestructor, while in another thread the last weak pointer
+         goes out of scope and starts the destructor while the partialDestructor
+         is still running. Both a start and finished bit is needed to handle a
+         corner-case where the last strong pointer goes out of scope, then then
+         last `weakPointer` goes out of scope, but this happens before the
+         `partialDestructor` bit is set. It would be possible to use a single
+         bit if it could also be set atomically when the strong count goes to
+         zero and the weak count is non-zero, but that would add complexity (and
+         likely slow down common cases as well).
+
+         4. Partial destroy finished bit. This bit is set when the
+         `partialDestructor` has finished running. See (3) above for more
+         information.
+
+         */
+
+    mutable std::atomic<FieldType> refCounts{strongDelta};
+
+    /**  Amount to change the strong count when adding or releasing a reference
+
+         Note: The strong count is stored in the low `StrongCountNumBits` bits
+       of refCounts
+      */
+    static constexpr FieldType strongDelta = 1;
+
+    /**  Amount to change the weak count when adding or releasing a reference
+
+         Note: The weak count is stored in the high `WeakCountNumBits` bits of
+         refCounts
+      */
+    static constexpr FieldType weakDelta = (one << StrongCountNumBits);
+
+    /**  Flag that is set when the partialDestroy function has started running
+         (or is about to start running).
+
+         See description of the `refCounts` field for a fuller description of
+         this field.
+      */
+    static constexpr FieldType partialDestroyStartedMask =
+        (one << (FieldTypeBits - 1));
+
+    /**  Flag that is set when the partialDestroy function has finished running
+
+         See description of the `refCounts` field for a fuller description of
+         this field.
+      */
+    static constexpr FieldType partialDestroyFinishedMask =
+        (one << (FieldTypeBits - 2));
+
+    /** Mask that will zero out all the `count` bits and leave the tag bits
+        unchanged.
+      */
+    static constexpr FieldType tagMask =
+        partialDestroyStartedMask | partialDestroyFinishedMask;
+
+    /** Mask that will zero out the `tag` bits and leave the count bits
+        unchanged.
+      */
+    static constexpr FieldType valueMask = ~tagMask;
+
+    /** Mask that will zero out everything except the strong count.
+     */
+    static constexpr FieldType strongMask =
+        ((one << StrongCountNumBits) - 1) & valueMask;
+
+    /** Mask that will zero out everything except the weak count.
+     */
+    static constexpr FieldType weakMask =
+        (((one << WeakCountNumBits) - 1) << StrongCountNumBits) & valueMask;
+
+    /** Unpack the count and tag fields from the packed atomic integer form. */
+    struct RefCountPair
+    {
+        CountType strong;
+        CountType weak;
+        /**  The `partialDestroyStartedBit` is set to on when the partial
+             destroy function is started. It is not a boolean; it is a uint32
+             with all bits zero with the possible exception of the
+             `partialDestroyStartedMask` bit. This is done so it can be directly
+             masked into the `combinedValue`.
+         */
+        FieldType partialDestroyStartedBit{0};
+        /**  The `partialDestroyFinishedBit` is set to on when the partial
+             destroy function has finished.
+         */
+        FieldType partialDestroyFinishedBit{0};
+        RefCountPair(FieldType v) noexcept;
+        RefCountPair(CountType s, CountType w) noexcept;
+
+        /** Convert back to the packed integer form. */
+        FieldType
+        combinedValue() const noexcept;
+
+        static constexpr CountType maxStrongValue =
+            static_cast<CountType>((one << StrongCountNumBits) - 1);
+        static constexpr CountType maxWeakValue =
+            static_cast<CountType>((one << WeakCountNumBits) - 1);
+        /**  Put an extra margin to detect when running up against limits.
+             This is only used in debug code, and is useful if we reduce the
+             number of bits in the strong and weak counts (to 16 and 14 bits).
+         */
+        static constexpr CountType checkStrongMaxValue = maxStrongValue - 32;
+        static constexpr CountType checkWeakMaxValue = maxWeakValue - 32;
+    };
+};
+
+inline void
+IntrusiveRefCounts::addStrongRef() const noexcept
+{
+    refCounts.fetch_add(strongDelta, std::memory_order_acq_rel);
+}
+
+inline void
+IntrusiveRefCounts::addWeakRef() const noexcept
+{
+    refCounts.fetch_add(weakDelta, std::memory_order_acq_rel);
+}
+
+inline ReleaseStrongRefAction
+IntrusiveRefCounts::releaseStrongRef() const
+{
+    // Subtract `strongDelta` from refCounts. If this releases the last strong
+    // ref, set the `partialDestroyStarted` bit. It is important that the ref
+    // count and the `partialDestroyStartedBit` are changed atomically (hence
+    // the loop and `compare_exchange` op). If this didn't need to be done
+    // atomically, the loop could be replaced with a `fetch_sub` and a
+    // conditional `fetch_or`. This loop will almost always run once.
+
+    using enum ReleaseStrongRefAction;
+    auto prevIntVal = refCounts.load(std::memory_order_acquire);
+    while (1)
+    {
+        RefCountPair const prevVal{prevIntVal};
+        XRPL_ASSERT(
+            (prevVal.strong >= strongDelta),
+            "ripple::IntrusiveRefCounts::releaseStrongRef : previous ref "
+            "higher than new");
+        auto nextIntVal = prevIntVal - strongDelta;
+        ReleaseStrongRefAction action = noop;
+        if (prevVal.strong == 1)
+        {
+            if (prevVal.weak == 0)
+            {
+                action = destroy;
+            }
+            else
+            {
+                nextIntVal |= partialDestroyStartedMask;
+                action = partialDestroy;
+            }
+        }
+
+        if (refCounts.compare_exchange_weak(
+                prevIntVal, nextIntVal, std::memory_order_acq_rel))
+        {
+            // Can't be in partial destroy because only decrementing the strong
+            // count to zero can start a partial destroy, and that can't happen
+            // twice.
+            XRPL_ASSERT(
+                (action == noop) || !(prevIntVal & partialDestroyStartedMask),
+                "ripple::IntrusiveRefCounts::releaseStrongRef : not in partial "
+                "destroy");
+            return action;
+        }
+    }
+}
+
+inline ReleaseStrongRefAction
+IntrusiveRefCounts::addWeakReleaseStrongRef() const
+{
+    using enum ReleaseStrongRefAction;
+
+    static_assert(weakDelta > strongDelta);
+    auto constexpr delta = weakDelta - strongDelta;
+    auto prevIntVal = refCounts.load(std::memory_order_acquire);
+    // This loop will almost always run once. The loop is needed to atomically
+    // change the counts and flags (the count could be atomically changed, but
+    // the flags depend on the current value of the counts).
+    //
+    // Note: If this becomes a perf bottleneck, the `partialDestoryStartedMask`
+    // may be able to be set non-atomically. But it is easier to reason about
+    // the code if the flag is set atomically.
+    while (1)
+    {
+        RefCountPair const prevVal{prevIntVal};
+        // Converted the last strong pointer to a weak pointer.
+        //
+        // Can't be in partial destroy because only decrementing the
+        // strong count to zero can start a partial destroy, and that
+        // can't happen twice.
+        XRPL_ASSERT(
+            (!prevVal.partialDestroyStartedBit),
+            "ripple::IntrusiveRefCounts::addWeakReleaseStrongRef : not in "
+            "partial destroy");
+
+        auto nextIntVal = prevIntVal + delta;
+        ReleaseStrongRefAction action = noop;
+        if (prevVal.strong == 1)
+        {
+            if (prevVal.weak == 0)
+            {
+                action = noop;
+            }
+            else
+            {
+                nextIntVal |= partialDestroyStartedMask;
+                action = partialDestroy;
+            }
+        }
+        if (refCounts.compare_exchange_weak(
+                prevIntVal, nextIntVal, std::memory_order_acq_rel))
+        {
+            XRPL_ASSERT(
+                (!(prevIntVal & partialDestroyStartedMask)),
+                "ripple::IntrusiveRefCounts::addWeakReleaseStrongRef : not "
+                "started partial destroy");
+            return action;
+        }
+    }
+}
+
+inline ReleaseWeakRefAction
+IntrusiveRefCounts::releaseWeakRef() const
+{
+    auto prevIntVal = refCounts.fetch_sub(weakDelta, std::memory_order_acq_rel);
+    RefCountPair prev = prevIntVal;
+    if (prev.weak == 1 && prev.strong == 0)
+    {
+        if (!prev.partialDestroyStartedBit)
+        {
+            // This case should only be hit if the partialDestroyStartedBit is
+            // set non-atomically (and even then very rarely). The code is kept
+            // in case we need to set the flag non-atomically for perf reasons.
+            refCounts.wait(prevIntVal, std::memory_order_acquire);
+            prevIntVal = refCounts.load(std::memory_order_acquire);
+            prev = RefCountPair{prevIntVal};
+        }
+        if (!prev.partialDestroyFinishedBit)
+        {
+            // partial destroy MUST finish before running a full destroy (when
+            // using weak pointers)
+            refCounts.wait(prevIntVal - weakDelta, std::memory_order_acquire);
+        }
+        return ReleaseWeakRefAction::destroy;
+    }
+    return ReleaseWeakRefAction::noop;
+}
+
+inline bool
+IntrusiveRefCounts::checkoutStrongRefFromWeak() const noexcept
+{
+    auto curValue = RefCountPair{1, 1}.combinedValue();
+    auto desiredValue = RefCountPair{2, 1}.combinedValue();
+
+    while (!refCounts.compare_exchange_weak(
+        curValue, desiredValue, std::memory_order_acq_rel))
+    {
+        RefCountPair const prev{curValue};
+        if (!prev.strong)
+            return false;
+
+        desiredValue = curValue + strongDelta;
+    }
+    return true;
+}
+
+inline bool
+IntrusiveRefCounts::expired() const noexcept
+{
+    RefCountPair const val = refCounts.load(std::memory_order_acquire);
+    return val.strong == 0;
+}
+
+inline std::size_t
+IntrusiveRefCounts::use_count() const noexcept
+{
+    RefCountPair const val = refCounts.load(std::memory_order_acquire);
+    return val.strong;
+}
+
+inline IntrusiveRefCounts::~IntrusiveRefCounts() noexcept
+{
+#ifndef NDEBUG
+    auto v = refCounts.load(std::memory_order_acquire);
+    XRPL_ASSERT(
+        (!(v & valueMask)),
+        "ripple::IntrusiveRefCounts::~IntrusiveRefCounts : count must be zero");
+    auto t = v & tagMask;
+    XRPL_ASSERT(
+        (!t || t == tagMask),
+        "ripple::IntrusiveRefCounts::~IntrusiveRefCounts : valid tag");
+#endif
+}
+
+//------------------------------------------------------------------------------
+
+inline IntrusiveRefCounts::RefCountPair::RefCountPair(
+    IntrusiveRefCounts::FieldType v) noexcept
+    : strong{static_cast<CountType>(v & strongMask)}
+    , weak{static_cast<CountType>((v & weakMask) >> StrongCountNumBits)}
+    , partialDestroyStartedBit{v & partialDestroyStartedMask}
+    , partialDestroyFinishedBit{v & partialDestroyFinishedMask}
+{
+    XRPL_ASSERT(
+        (strong < checkStrongMaxValue && weak < checkWeakMaxValue),
+        "ripple::IntrusiveRefCounts::RefCountPair(FieldType) : inputs inside "
+        "range");
+}
+
+inline IntrusiveRefCounts::RefCountPair::RefCountPair(
+    IntrusiveRefCounts::CountType s,
+    IntrusiveRefCounts::CountType w) noexcept
+    : strong{s}, weak{w}
+{
+    XRPL_ASSERT(
+        (strong < checkStrongMaxValue && weak < checkWeakMaxValue),
+        "ripple::IntrusiveRefCounts::RefCountPair(CountType, CountType) : "
+        "inputs inside range");
+}
+
+inline IntrusiveRefCounts::FieldType
+IntrusiveRefCounts::RefCountPair::combinedValue() const noexcept
+{
+    XRPL_ASSERT(
+        (strong < checkStrongMaxValue && weak < checkWeakMaxValue),
+        "ripple::IntrusiveRefCounts::RefCountPair::combinedValue : inputs "
+        "inside range");
+    return (static_cast<IntrusiveRefCounts::FieldType>(weak)
+            << IntrusiveRefCounts::StrongCountNumBits) |
+        static_cast<IntrusiveRefCounts::FieldType>(strong) |
+        partialDestroyStartedBit | partialDestroyFinishedBit;
+}
+
+template <class T>
+inline void
+partialDestructorFinished(T** o)
+{
+    T& self = **o;
+    IntrusiveRefCounts::RefCountPair p =
+        self.refCounts.fetch_or(IntrusiveRefCounts::partialDestroyFinishedMask);
+    XRPL_ASSERT(
+        (!p.partialDestroyFinishedBit && p.partialDestroyStartedBit &&
+         !p.strong),
+        "ripple::partialDestructorFinished : not a weak ref");
+    if (!p.weak)
+    {
+        // There was a weak count before the partial destructor ran (or we would
+        // have run the full destructor) and now there isn't a weak count. Some
+        // thread is waiting to run the destructor.
+        self.refCounts.notify_one();
+    }
+    // Set the pointer to null to emphasize that the object shouldn't be used
+    // after calling this function as it may be destroyed in another thread.
+    *o = nullptr;
+}
+//------------------------------------------------------------------------------
+
+}  // namespace ripple
+#endif

include/xrpl/basics/LocalValue.h

@@ -21,6 +21,7 @@
 #define RIPPLE_BASICS_LOCALVALUE_H_INCLUDED
 
 #include <boost/thread/tss.hpp>
+
 #include <memory>
 #include <unordered_map>
 

include/xrpl/basics/Log.h

@@ -22,8 +22,10 @@
 
 #include <xrpl/basics/UnorderedContainers.h>
 #include <xrpl/beast/utility/Journal.h>
+
 #include <boost/beast/core/string.hpp>
 #include <boost/filesystem.hpp>
+
 #include <map>
 #include <memory>
 #include <mutex>
@@ -67,6 +69,10 @@ private:
         void
         write(beast::severities::Severity level, std::string const& text)
             override;
+
+        void
+        writeAlways(beast::severities::Severity level, std::string const& text)
+            override;
     };
 
     /** Manages a system file containing logged output.
@@ -256,6 +262,14 @@ private:
         x
 #endif
 
+#ifndef CLOG
+#define CLOG(ss) \
+    if (!ss)     \
+        ;        \
+    else         \
+        *ss
+#endif
+
 //------------------------------------------------------------------------------
 // Debug logging:
 

include/xrpl/basics/Resolver.h

@@ -20,11 +20,11 @@
 #ifndef RIPPLE_BASICS_RESOLVER_H_INCLUDED
 #define RIPPLE_BASICS_RESOLVER_H_INCLUDED
 
+#include <xrpl/beast/net/IPEndpoint.h>
+
 #include <functional>
 #include <vector>
 
-#include <xrpl/beast/net/IPEndpoint.h>
-
 namespace ripple {
 
 class Resolver

include/xrpl/basics/ResolverAsio.h

@@ -22,6 +22,7 @@
 
 #include <xrpl/basics/Resolver.h>
 #include <xrpl/beast/utility/Journal.h>
+
 #include <boost/asio/io_service.hpp>
 
 namespace ripple {

include/xrpl/basics/SharedWeakCachePointer.h

@@ -0,0 +1,135 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2023 Ripple Labs Inc.
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#ifndef RIPPLE_BASICS_SHAREDWEAKCACHEPOINTER_H_INCLUDED
+#define RIPPLE_BASICS_SHAREDWEAKCACHEPOINTER_H_INCLUDED
+
+#include <memory>
+#include <variant>
+
+namespace ripple {
+
+/** A combination of a std::shared_ptr and a std::weak_pointer.
+
+
+This class is a wrapper to a `std::variant<std::shared_ptr,std::weak_ptr>`
+This class is useful for storing intrusive pointers in tagged caches using less
+memory than storing both pointers directly.
+*/
+
+template <class T>
+class SharedWeakCachePointer
+{
+public:
+    SharedWeakCachePointer() = default;
+
+    SharedWeakCachePointer(SharedWeakCachePointer const& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakCachePointer(std::shared_ptr<TT> const& rhs);
+
+    SharedWeakCachePointer(SharedWeakCachePointer&& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakCachePointer(std::shared_ptr<TT>&& rhs);
+
+    SharedWeakCachePointer&
+    operator=(SharedWeakCachePointer const& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakCachePointer&
+    operator=(std::shared_ptr<TT> const& rhs);
+
+    template <class TT>
+        requires std::convertible_to<TT*, T*>
+    SharedWeakCachePointer&
+    operator=(std::shared_ptr<TT>&& rhs);
+
+    ~SharedWeakCachePointer();
+
+    /** Return a strong pointer if this is already a strong pointer (i.e. don't
+        lock the weak pointer. Use the `lock` method if that's what's needed)
+     */
+    std::shared_ptr<T> const&
+    getStrong() const;
+
+    /** Return true if this is a strong pointer and the strong pointer is
+        seated.
+     */
+    explicit
+    operator bool() const noexcept;
+
+    /** Set the pointer to null, decrement the appropriate ref count, and run
+        the appropriate release action.
+     */
+    void
+    reset();
+
+    /** If this is a strong pointer, return the raw pointer. Otherwise return
+        null.
+     */
+    T*
+    get() const;
+
+    /** If this is a strong pointer, return the strong count. Otherwise return 0
+     */
+    std::size_t
+    use_count() const;
+
+    /** Return true if there is a non-zero strong count. */
+    bool
+    expired() const;
+
+    /** If this is a strong pointer, return the strong pointer. Otherwise
+        attempt to lock the weak pointer.
+     */
+    std::shared_ptr<T>
+    lock() const;
+
+    /** Return true is this represents a strong pointer. */
+    bool
+    isStrong() const;
+
+    /** Return true is this represents a weak pointer. */
+    bool
+    isWeak() const;
+
+    /** If this is a weak pointer, attempt to convert it to a strong pointer.
+
+        @return true if successfully converted to a strong pointer (or was
+                already a strong pointer). Otherwise false.
+      */
+    bool
+    convertToStrong();
+
+    /** If this is a strong pointer, attempt to convert it to a weak pointer.
+
+        @return false if the pointer is null. Otherwise return true.
+      */
+    bool
+    convertToWeak();
+
+private:
+    std::variant<std::shared_ptr<T>, std::weak_ptr<T>> combo_;
+};
+}  // namespace ripple
+#endif

include/xrpl/basics/SharedWeakCachePointer.ipp

@@ -0,0 +1,192 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2023 Ripple Labs Inc.
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#ifndef RIPPLE_BASICS_SHAREDWEAKCACHEPOINTER_IPP_INCLUDED
+#define RIPPLE_BASICS_SHAREDWEAKCACHEPOINTER_IPP_INCLUDED
+
+#include <xrpl/basics/SharedWeakCachePointer.h>
+
+namespace ripple {
+template <class T>
+SharedWeakCachePointer<T>::SharedWeakCachePointer(
+    SharedWeakCachePointer const& rhs) = default;
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedWeakCachePointer<T>::SharedWeakCachePointer(
+    std::shared_ptr<TT> const& rhs)
+    : combo_{rhs}
+{
+}
+
+template <class T>
+SharedWeakCachePointer<T>::SharedWeakCachePointer(
+    SharedWeakCachePointer&& rhs) = default;
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedWeakCachePointer<T>::SharedWeakCachePointer(std::shared_ptr<TT>&& rhs)
+    : combo_{std::move(rhs)}
+{
+}
+
+template <class T>
+SharedWeakCachePointer<T>&
+SharedWeakCachePointer<T>::operator=(SharedWeakCachePointer const& rhs) =
+    default;
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedWeakCachePointer<T>&
+SharedWeakCachePointer<T>::operator=(std::shared_ptr<TT> const& rhs)
+{
+    combo_ = rhs;
+    return *this;
+}
+
+template <class T>
+template <class TT>
+    requires std::convertible_to<TT*, T*>
+SharedWeakCachePointer<T>&
+SharedWeakCachePointer<T>::operator=(std::shared_ptr<TT>&& rhs)
+{
+    combo_ = std::move(rhs);
+    return *this;
+}
+
+template <class T>
+SharedWeakCachePointer<T>::~SharedWeakCachePointer() = default;
+
+// Return a strong pointer if this is already a strong pointer (i.e. don't
+// lock the weak pointer. Use the `lock` method if that's what's needed)
+template <class T>
+std::shared_ptr<T> const&
+SharedWeakCachePointer<T>::getStrong() const
+{
+    static std::shared_ptr<T> const empty;
+    if (auto p = std::get_if<std::shared_ptr<T>>(&combo_))
+        return *p;
+    return empty;
+}
+
+template <class T>
+SharedWeakCachePointer<T>::operator bool() const noexcept
+{
+    return !!std::get_if<std::shared_ptr<T>>(&combo_);
+}
+
+template <class T>
+void
+SharedWeakCachePointer<T>::reset()
+{
+    combo_ = std::shared_ptr<T>{};
+}
+
+template <class T>
+T*
+SharedWeakCachePointer<T>::get() const
+{
+    return std::get_if<std::shared_ptr<T>>(&combo_).get();
+}
+
+template <class T>
+std::size_t
+SharedWeakCachePointer<T>::use_count() const
+{
+    if (auto p = std::get_if<std::shared_ptr<T>>(&combo_))
+        return p->use_count();
+    return 0;
+}
+
+template <class T>
+bool
+SharedWeakCachePointer<T>::expired() const
+{
+    if (auto p = std::get_if<std::weak_ptr<T>>(&combo_))
+        return p->expired();
+    return !std::get_if<std::shared_ptr<T>>(&combo_);
+}
+
+template <class T>
+std::shared_ptr<T>
+SharedWeakCachePointer<T>::lock() const
+{
+    if (auto p = std::get_if<std::shared_ptr<T>>(&combo_))
+        return *p;
+
+    if (auto p = std::get_if<std::weak_ptr<T>>(&combo_))
+        return p->lock();
+
+    return {};
+}
+
+template <class T>
+bool
+SharedWeakCachePointer<T>::isStrong() const
+{
+    if (auto p = std::get_if<std::shared_ptr<T>>(&combo_))
+        return !!p->get();
+    return false;
+}
+
+template <class T>
+bool
+SharedWeakCachePointer<T>::isWeak() const
+{
+    return !isStrong();
+}
+
+template <class T>
+bool
+SharedWeakCachePointer<T>::convertToStrong()
+{
+    if (isStrong())
+        return true;
+
+    if (auto p = std::get_if<std::weak_ptr<T>>(&combo_))
+    {
+        if (auto s = p->lock())
+        {
+            combo_ = std::move(s);
+            return true;
+        }
+    }
+    return false;
+}
+
+template <class T>
+bool
+SharedWeakCachePointer<T>::convertToWeak()
+{
+    if (isWeak())
+        return true;
+
+    if (auto p = std::get_if<std::shared_ptr<T>>(&combo_))
+    {
+        combo_ = std::weak_ptr<T>(*p);
+        return true;
+    }
+
+    return false;
+}
+}  // namespace ripple
+#endif

include/xrpl/basics/Slice.h

@@ -23,6 +23,7 @@
 #include <xrpl/basics/contract.h>
 #include <xrpl/basics/strHex.h>
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <algorithm>
 #include <array>
 #include <cstdint>

include/xrpl/basics/TaggedCache.h

@@ -20,11 +20,14 @@
 #ifndef RIPPLE_BASICS_TAGGEDCACHE_H_INCLUDED
 #define RIPPLE_BASICS_TAGGEDCACHE_H_INCLUDED
 
+#include <xrpl/basics/IntrusivePointer.h>
 #include <xrpl/basics/Log.h>
+#include <xrpl/basics/SharedWeakCachePointer.ipp>
 #include <xrpl/basics/UnorderedContainers.h>
 #include <xrpl/basics/hardened_hash.h>
 #include <xrpl/beast/clock/abstract_clock.h>
 #include <xrpl/beast/insight/Insight.h>
+
 #include <atomic>
 #include <functional>
 #include <mutex>
@@ -50,6 +53,8 @@ template <
     class Key,
     class T,
     bool IsKeyCache = false,
+    class SharedWeakUnionPointerType = SharedWeakCachePointer<T>,
+    class SharedPointerType = std::shared_ptr<T>,
     class Hash = hardened_hash<>,
     class KeyEqual = std::equal_to<Key>,
     class Mutex = std::recursive_mutex>
@@ -60,6 +65,8 @@ public:
     using key_type = Key;
     using mapped_type = T;
     using clock_type = beast::abstract_clock<std::chrono::steady_clock>;
+    using shared_weak_combo_pointer_type = SharedWeakUnionPointerType;
+    using shared_pointer_type = SharedPointerType;
 
 public:
     TaggedCache(
@@ -69,231 +76,48 @@ public:
         clock_type& clock,
         beast::Journal journal,
         beast::insight::Collector::ptr const& collector =
-            beast::insight::NullCollector::New())
-        : m_journal(journal)
-        , m_clock(clock)
-        , m_stats(
-              name,
-              std::bind(&TaggedCache::collect_metrics, this),
-              collector)
-        , m_name(name)
-        , m_target_size(size)
-        , m_target_age(expiration)
-        , m_cache_count(0)
-        , m_hits(0)
-        , m_misses(0)
-    {
-    }
+            beast::insight::NullCollector::New());
 
 public:
     /** Return the clock associated with the cache. */
     clock_type&
-    clock()
-    {
-        return m_clock;
-    }
+    clock();
 
     /** Returns the number of items in the container. */
     std::size_t
-    size() const
-    {
-        std::lock_guard lock(m_mutex);
-        return m_cache.size();
-    }
-
-    void
-    setTargetSize(int s)
-    {
-        std::lock_guard lock(m_mutex);
-        m_target_size = s;
-
-        if (s > 0)
-        {
-            for (auto& partition : m_cache.map())
-            {
-                partition.rehash(static_cast<std::size_t>(
-                    (s + (s >> 2)) /
-                        (partition.max_load_factor() * m_cache.partitions()) +
-                    1));
-            }
-        }
-
-        JLOG(m_journal.debug()) << m_name << " target size set to " << s;
-    }
-
-    clock_type::duration
-    getTargetAge() const
-    {
-        std::lock_guard lock(m_mutex);
-        return m_target_age;
-    }
-
-    void
-    setTargetAge(clock_type::duration s)
-    {
-        std::lock_guard lock(m_mutex);
-        m_target_age = s;
-        JLOG(m_journal.debug())
-            << m_name << " target age set to " << m_target_age.count();
-    }
+    size() const;
 
     int
-    getCacheSize() const
-    {
-        std::lock_guard lock(m_mutex);
-        return m_cache_count;
-    }
+    getCacheSize() const;
 
     int
-    getTrackSize() const
-    {
-        std::lock_guard lock(m_mutex);
-        return m_cache.size();
-    }
+    getTrackSize() const;
 
     float
-    getHitRate()
-    {
-        std::lock_guard lock(m_mutex);
-        auto const total = static_cast<float>(m_hits + m_misses);
-        return m_hits * (100.0f / std::max(1.0f, total));
-    }
+    getHitRate();
 
     void
-    clear()
-    {
-        std::lock_guard lock(m_mutex);
-        m_cache.clear();
-        m_cache_count = 0;
-    }
+    clear();
 
     void
-    reset()
-    {
-        std::lock_guard lock(m_mutex);
-        m_cache.clear();
-        m_cache_count = 0;
-        m_hits = 0;
-        m_misses = 0;
-    }
+    reset();
 
     /** Refresh the last access time on a key if present.
         @return `true` If the key was found.
     */
     template <class KeyComparable>
     bool
-    touch_if_exists(KeyComparable const& key)
-    {
-        std::lock_guard lock(m_mutex);
-        auto const iter(m_cache.find(key));
-        if (iter == m_cache.end())
-        {
-            ++m_stats.misses;
-            return false;
-        }
-        iter->second.touch(m_clock.now());
-        ++m_stats.hits;
-        return true;
-    }
+    touch_if_exists(KeyComparable const& key);
 
-    using SweptPointersVector = std::pair<
-        std::vector<std::shared_ptr<mapped_type>>,
-        std::vector<std::weak_ptr<mapped_type>>>;
+    using SweptPointersVector = std::vector<SharedWeakUnionPointerType>;
 
     void
-    sweep()
-    {
-        // Keep references to all the stuff we sweep
-        // For performance, each worker thread should exit before the swept data
-        // is destroyed but still within the main cache lock.
-        std::vector<SweptPointersVector> allStuffToSweep(m_cache.partitions());
-
-        clock_type::time_point const now(m_clock.now());
-        clock_type::time_point when_expire;
-
-        auto const start = std::chrono::steady_clock::now();
-        {
-            std::lock_guard lock(m_mutex);
-
-            if (m_target_size == 0 ||
-                (static_cast<int>(m_cache.size()) <= m_target_size))
-            {
-                when_expire = now - m_target_age;
-            }
-            else
-            {
-                when_expire =
-                    now - m_target_age * m_target_size / m_cache.size();
-
-                clock_type::duration const minimumAge(std::chrono::seconds(1));
-                if (when_expire > (now - minimumAge))
-                    when_expire = now - minimumAge;
-
-                JLOG(m_journal.trace())
-                    << m_name << " is growing fast " << m_cache.size() << " of "
-                    << m_target_size << " aging at "
-                    << (now - when_expire).count() << " of "
-                    << m_target_age.count();
-            }
-
-            std::vector<std::thread> workers;
-            workers.reserve(m_cache.partitions());
-            std::atomic<int> allRemovals = 0;
-
-            for (std::size_t p = 0; p < m_cache.partitions(); ++p)
-            {
-                workers.push_back(sweepHelper(
-                    when_expire,
-                    now,
-                    m_cache.map()[p],
-                    allStuffToSweep[p],
-                    allRemovals,
-                    lock));
-            }
-            for (std::thread& worker : workers)
-                worker.join();
-
-            m_cache_count -= allRemovals;
-        }
-        // At this point allStuffToSweep will go out of scope outside the lock
-        // and decrement the reference count on each strong pointer.
-        JLOG(m_journal.debug())
-            << m_name << " TaggedCache sweep lock duration "
-            << std::chrono::duration_cast<std::chrono::milliseconds>(
-                   std::chrono::steady_clock::now() - start)
-                   .count()
-            << "ms";
-    }
+    sweep();
 
     bool
-    del(const key_type& key, bool valid)
-    {
-        // Remove from cache, if !valid, remove from map too. Returns true if
-        // removed from cache
-        std::lock_guard lock(m_mutex);
-
-        auto cit = m_cache.find(key);
-
-        if (cit == m_cache.end())
-            return false;
-
-        Entry& entry = cit->second;
-
-        bool ret = false;
-
-        if (entry.isCached())
-        {
-            --m_cache_count;
-            entry.ptr.reset();
-            ret = true;
-        }
-
-        if (!valid || entry.isExpired())
-            m_cache.erase(cit);
-
-        return ret;
-    }
+    del(const key_type& key, bool valid);
 
+public:
     /** Replace aliased objects with originals.
 
         Due to concurrency it is possible for two separate objects with
@@ -307,100 +131,23 @@ public:
 
         @return `true` If the key already existed.
     */
-public:
+    template <class R>
     bool
     canonicalize(
         const key_type& key,
-        std::shared_ptr<T>& data,
-        std::function<bool(std::shared_ptr<T> const&)>&& replace)
-    {
-        // Return canonical value, store if needed, refresh in cache
-        // Return values: true=we had the data already
-        std::lock_guard lock(m_mutex);
-
-        auto cit = m_cache.find(key);
-
-        if (cit == m_cache.end())
-        {
-            m_cache.emplace(
-                std::piecewise_construct,
-                std::forward_as_tuple(key),
-                std::forward_as_tuple(m_clock.now(), data));
-            ++m_cache_count;
-            return false;
-        }
-
-        Entry& entry = cit->second;
-        entry.touch(m_clock.now());
-
-        if (entry.isCached())
-        {
-            if (replace(entry.ptr))
-            {
-                entry.ptr = data;
-                entry.weak_ptr = data;
-            }
-            else
-            {
-                data = entry.ptr;
-            }
-
-            return true;
-        }
-
-        auto cachedData = entry.lock();
-
-        if (cachedData)
-        {
-            if (replace(entry.ptr))
-            {
-                entry.ptr = data;
-                entry.weak_ptr = data;
-            }
-            else
-            {
-                entry.ptr = cachedData;
-                data = cachedData;
-            }
-
-            ++m_cache_count;
-            return true;
-        }
-
-        entry.ptr = data;
-        entry.weak_ptr = data;
-        ++m_cache_count;
-
-        return false;
-    }
+        SharedPointerType& data,
+        R&& replaceCallback);
 
     bool
     canonicalize_replace_cache(
         const key_type& key,
-        std::shared_ptr<T> const& data)
-    {
-        return canonicalize(
-            key,
-            const_cast<std::shared_ptr<T>&>(data),
-            [](std::shared_ptr<T> const&) { return true; });
-    }
+        SharedPointerType const& data);
 
     bool
-    canonicalize_replace_client(const key_type& key, std::shared_ptr<T>& data)
-    {
-        return canonicalize(
-            key, data, [](std::shared_ptr<T> const&) { return false; });
-    }
+    canonicalize_replace_client(const key_type& key, SharedPointerType& data);
 
-    std::shared_ptr<T>
-    fetch(const key_type& key)
-    {
-        std::lock_guard<mutex_type> l(m_mutex);
-        auto ret = initialFetch(key, l);
-        if (!ret)
-            ++m_misses;
-        return ret;
-    }
+    SharedPointerType
+    fetch(const key_type& key);
 
     /** Insert the element into the container.
         If the key already exists, nothing happens.
@@ -409,26 +156,11 @@ public:
     template <class ReturnType = bool>
     auto
     insert(key_type const& key, T const& value)
-        -> std::enable_if_t<!IsKeyCache, ReturnType>
-    {
-        auto p = std::make_shared<T>(std::cref(value));
-        return canonicalize_replace_client(key, p);
-    }
+        -> std::enable_if_t<!IsKeyCache, ReturnType>;
 
     template <class ReturnType = bool>
     auto
-    insert(key_type const& key) -> std::enable_if_t<IsKeyCache, ReturnType>
-    {
-        std::lock_guard lock(m_mutex);
-        clock_type::time_point const now(m_clock.now());
-        auto [it, inserted] = m_cache.emplace(
-            std::piecewise_construct,
-            std::forward_as_tuple(key),
-            std::forward_as_tuple(now));
-        if (!inserted)
-            it->second.last_access = now;
-        return inserted;
-    }
+    insert(key_type const& key) -> std::enable_if_t<IsKeyCache, ReturnType>;
 
     // VFALCO NOTE It looks like this returns a copy of the data in
     //             the output parameter 'data'. This could be expensive.
@@ -436,50 +168,18 @@ public:
     //             simply return an iterator.
     //
     bool
-    retrieve(const key_type& key, T& data)
-    {
-        // retrieve the value of the stored data
-        auto entry = fetch(key);
-
-        if (!entry)
-            return false;
-
-        data = *entry;
-        return true;
-    }
+    retrieve(const key_type& key, T& data);
 
     mutex_type&
-    peekMutex()
-    {
-        return m_mutex;
-    }
+    peekMutex();
 
     std::vector<key_type>
-    getKeys() const
-    {
-        std::vector<key_type> v;
-
-        {
-            std::lock_guard lock(m_mutex);
-            v.reserve(m_cache.size());
-            for (auto const& _ : m_cache)
-                v.push_back(_.first);
-        }
-
-        return v;
-    }
+    getKeys() const;
 
     // CachedSLEs functions.
     /** Returns the fraction of cache hits. */
     double
-    rate() const
-    {
-        std::lock_guard lock(m_mutex);
-        auto const tot = m_hits + m_misses;
-        if (tot == 0)
-            return 0;
-        return double(m_hits) / tot;
-    }
+    rate() const;
 
     /** Fetch an item from the cache.
         If the digest was not found, Handler
@@ -487,73 +187,16 @@ public:
             std::shared_ptr<SLE const>(void)
     */
     template <class Handler>
-    std::shared_ptr<T>
-    fetch(key_type const& digest, Handler const& h)
-    {
-        {
-            std::lock_guard l(m_mutex);
-            if (auto ret = initialFetch(digest, l))
-                return ret;
-        }
-
-        auto sle = h();
-        if (!sle)
-            return {};
-
-        std::lock_guard l(m_mutex);
-        ++m_misses;
-        auto const [it, inserted] =
-            m_cache.emplace(digest, Entry(m_clock.now(), std::move(sle)));
-        if (!inserted)
-            it->second.touch(m_clock.now());
-        return it->second.ptr;
-    }
+    SharedPointerType
+    fetch(key_type const& digest, Handler const& h);
     // End CachedSLEs functions.
 
 private:
-    std::shared_ptr<T>
-    initialFetch(key_type const& key, std::lock_guard<mutex_type> const& l)
-    {
-        auto cit = m_cache.find(key);
-        if (cit == m_cache.end())
-            return {};
-
-        Entry& entry = cit->second;
-        if (entry.isCached())
-        {
-            ++m_hits;
-            entry.touch(m_clock.now());
-            return entry.ptr;
-        }
-        entry.ptr = entry.lock();
-        if (entry.isCached())
-        {
-            // independent of cache size, so not counted as a hit
-            ++m_cache_count;
-            entry.touch(m_clock.now());
-            return entry.ptr;
-        }
-
-        m_cache.erase(cit);
-        return {};
-    }
+    SharedPointerType
+    initialFetch(key_type const& key, std::lock_guard<mutex_type> const& l);
 
     void
-    collect_metrics()
-    {
-        m_stats.size.set(getCacheSize());
-
-        {
-            beast::insight::Gauge::value_type hit_rate(0);
-            {
-                std::lock_guard lock(m_mutex);
-                auto const total(m_hits + m_misses);
-                if (total != 0)
-                    hit_rate = (m_hits * 100) / total;
-            }
-            m_stats.hit_rate.set(hit_rate);
-        }
-    }
+    collect_metrics();
 
 private:
     struct Stats
@@ -599,36 +242,37 @@ private:
     class ValueEntry
     {
     public:
-        std::shared_ptr<mapped_type> ptr;
-        std::weak_ptr<mapped_type> weak_ptr;
+        shared_weak_combo_pointer_type ptr;
         clock_type::time_point last_access;
 
         ValueEntry(
             clock_type::time_point const& last_access_,
-            std::shared_ptr<mapped_type> const& ptr_)
-            : ptr(ptr_), weak_ptr(ptr_), last_access(last_access_)
+            shared_pointer_type const& ptr_)
+            : ptr(ptr_), last_access(last_access_)
         {
         }
 
         bool
         isWeak() const
         {
-            return ptr == nullptr;
+            if (!ptr)
+                return true;
+            return ptr.isWeak();
         }
         bool
         isCached() const
         {
-            return ptr != nullptr;
+            return ptr && ptr.isStrong();
         }
         bool
         isExpired() const
         {
-            return weak_ptr.expired();
+            return ptr.expired();
         }
-        std::shared_ptr<mapped_type>
+        SharedPointerType
         lock()
         {
-            return weak_ptr.lock();
+            return ptr.lock();
         }
         void
         touch(clock_type::time_point const& now)
@@ -657,72 +301,7 @@ private:
         typename KeyValueCacheType::map_type& partition,
         SweptPointersVector& stuffToSweep,
         std::atomic<int>& allRemovals,
-        std::lock_guard<std::recursive_mutex> const&)
-    {
-        return std::thread([&, this]() {
-            int cacheRemovals = 0;
-            int mapRemovals = 0;
-
-            // Keep references to all the stuff we sweep
-            // so that we can destroy them outside the lock.
-            stuffToSweep.first.reserve(partition.size());
-            stuffToSweep.second.reserve(partition.size());
-            {
-                auto cit = partition.begin();
-                while (cit != partition.end())
-                {
-                    if (cit->second.isWeak())
-                    {
-                        // weak
-                        if (cit->second.isExpired())
-                        {
-                            stuffToSweep.second.push_back(
-                                std::move(cit->second.weak_ptr));
-                            ++mapRemovals;
-                            cit = partition.erase(cit);
-                        }
-                        else
-                        {
-                            ++cit;
-                        }
-                    }
-                    else if (cit->second.last_access <= when_expire)
-                    {
-                        // strong, expired
-                        ++cacheRemovals;
-                        if (cit->second.ptr.use_count() == 1)
-                        {
-                            stuffToSweep.first.push_back(
-                                std::move(cit->second.ptr));
-                            ++mapRemovals;
-                            cit = partition.erase(cit);
-                        }
-                        else
-                        {
-                            // remains weakly cached
-                            cit->second.ptr.reset();
-                            ++cit;
-                        }
-                    }
-                    else
-                    {
-                        // strong, not expired
-                        ++cit;
-                    }
-                }
-            }
-
-            if (mapRemovals || cacheRemovals)
-            {
-                JLOG(m_journal.debug())
-                    << "TaggedCache partition sweep " << m_name
-                    << ": cache = " << partition.size() << "-" << cacheRemovals
-                    << ", map-=" << mapRemovals;
-            }
-
-            allRemovals += cacheRemovals;
-        });
-    }
+        std::lock_guard<std::recursive_mutex> const&);
 
     [[nodiscard]] std::thread
     sweepHelper(
@@ -731,45 +310,7 @@ private:
         typename KeyOnlyCacheType::map_type& partition,
         SweptPointersVector&,
         std::atomic<int>& allRemovals,
-        std::lock_guard<std::recursive_mutex> const&)
-    {
-        return std::thread([&, this]() {
-            int cacheRemovals = 0;
-            int mapRemovals = 0;
-
-            // Keep references to all the stuff we sweep
-            // so that we can destroy them outside the lock.
-            {
-                auto cit = partition.begin();
-                while (cit != partition.end())
-                {
-                    if (cit->second.last_access > now)
-                    {
-                        cit->second.last_access = now;
-                        ++cit;
-                    }
-                    else if (cit->second.last_access <= when_expire)
-                    {
-                        cit = partition.erase(cit);
-                    }
-                    else
-                    {
-                        ++cit;
-                    }
-                }
-            }
-
-            if (mapRemovals || cacheRemovals)
-            {
-                JLOG(m_journal.debug())
-                    << "TaggedCache partition sweep " << m_name
-                    << ": cache = " << partition.size() << "-" << cacheRemovals
-                    << ", map-=" << mapRemovals;
-            }
-
-            allRemovals += cacheRemovals;
-        });
-    };
+        std::lock_guard<std::recursive_mutex> const&);
 
     beast::Journal m_journal;
     clock_type& m_clock;
@@ -781,10 +322,10 @@ private:
     std::string m_name;
 
     // Desired number of cache entries (0 = ignore)
-    int m_target_size;
+    const int m_target_size;
 
     // Desired maximum cache age
-    clock_type::duration m_target_age;
+    const clock_type::duration m_target_age;
 
     // Number of items cached
     int m_cache_count;

include/xrpl/basics/UnorderedContainers.h

@@ -25,6 +25,7 @@
 #include <xrpl/beast/hash/hash_append.h>
 #include <xrpl/beast/hash/uhash.h>
 #include <xrpl/beast/hash/xxhasher.h>
+
 #include <unordered_map>
 #include <unordered_set>
 

include/xrpl/basics/base_uint.h

@@ -33,12 +33,13 @@
 #include <xrpl/basics/strHex.h>
 #include <xrpl/beast/utility/Zero.h>
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <boost/endian/conversion.hpp>
 #include <boost/functional/hash.hpp>
+
 #include <algorithm>
 #include <array>
 #include <cstring>
-#include <functional>
 #include <type_traits>
 
 namespace ripple {
@@ -631,6 +632,13 @@ to_string(base_uint<Bits, Tag> const& a)
     return strHex(a.cbegin(), a.cend());
 }
 
+template <std::size_t Bits, class Tag>
+inline std::string
+to_short_string(base_uint<Bits, Tag> const& a)
+{
+    return to_string(a).substr(0, 8) + "...";
+}
+
 template <std::size_t Bits, class Tag>
 inline std::ostream&
 operator<<(std::ostream& out, base_uint<Bits, Tag> const& u)

include/xrpl/basics/chrono.h

@@ -20,17 +20,16 @@
 #ifndef RIPPLE_BASICS_CHRONO_H_INCLUDED
 #define RIPPLE_BASICS_CHRONO_H_INCLUDED
 
-#include <date/date.h>
-
 #include <xrpl/beast/clock/abstract_clock.h>
 #include <xrpl/beast/clock/basic_seconds_clock.h>
 #include <xrpl/beast/clock/manual_clock.h>
 
+#include <date/date.h>
+
 #include <chrono>
 #include <cstdint>
 #include <ratio>
 #include <string>
-#include <type_traits>
 
 namespace ripple {
 

include/xrpl/basics/contract.h

@@ -21,9 +21,9 @@
 #define RIPPLE_BASICS_CONTRACT_H_INCLUDED
 
 #include <xrpl/beast/type_name.h>
+
 #include <exception>
 #include <string>
-#include <typeinfo>
 #include <utility>
 
 namespace ripple {

include/xrpl/basics/make_SSLContext.h

@@ -21,6 +21,7 @@
 #define RIPPLE_BASICS_MAKE_SSLCONTEXT_H_INCLUDED
 
 #include <boost/asio/ssl/context.hpp>
+
 #include <string>
 
 namespace ripple {

include/xrpl/basics/partitioned_unordered_map.h

@@ -22,6 +22,7 @@
 
 #include <xrpl/beast/hash/uhash.h>
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <functional>
 #include <optional>
 #include <string>

include/xrpl/basics/random.h

@@ -22,9 +22,9 @@
 
 #include <xrpl/beast/utility/instrumentation.h>
 #include <xrpl/beast/xor_shift_engine.h>
+
 #include <cstddef>
 #include <cstdint>
-#include <cstring>
 #include <limits>
 #include <mutex>
 #include <random>

include/xrpl/basics/spinlock.h

@@ -19,6 +19,7 @@
 #define RIPPLE_BASICS_SPINLOCK_H_INCLUDED
 
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <atomic>
 #include <limits>
 #include <type_traits>

include/xrpl/basics/tagged_integer.h

@@ -21,7 +21,9 @@
 #define BEAST_UTILITY_TAGGED_INTEGER_H_INCLUDED
 
 #include <xrpl/beast/hash/hash_append.h>
+
 #include <boost/operators.hpp>
+
 #include <functional>
 #include <iostream>
 #include <type_traits>

include/xrpl/beast/asio/io_latency_probe.h

@@ -21,6 +21,7 @@
 #define BEAST_ASIO_IO_LATENCY_PROBE_H_INCLUDED
 
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <boost/asio/basic_waitable_timer.hpp>
 #include <boost/asio/io_service.hpp>
 

include/xrpl/beast/container/detail/aged_ordered_container.h

@@ -25,9 +25,11 @@
 #include <xrpl/beast/container/detail/aged_associative_container.h>
 #include <xrpl/beast/container/detail/aged_container_iterator.h>
 #include <xrpl/beast/container/detail/empty_base_optimization.h>
+
 #include <boost/intrusive/list.hpp>
 #include <boost/intrusive/set.hpp>
 #include <boost/version.hpp>
+
 #include <algorithm>
 #include <functional>
 #include <initializer_list>

include/xrpl/beast/container/detail/aged_unordered_container.h

@@ -25,8 +25,10 @@
 #include <xrpl/beast/container/detail/aged_associative_container.h>
 #include <xrpl/beast/container/detail/aged_container_iterator.h>
 #include <xrpl/beast/container/detail/empty_base_optimization.h>
+
 #include <boost/intrusive/list.hpp>
 #include <boost/intrusive/unordered_set.hpp>
+
 #include <algorithm>
 #include <cmath>
 #include <functional>

include/xrpl/beast/container/detail/empty_base_optimization.h

@@ -11,6 +11,7 @@
 #define BEAST_CONTAINER_DETAIL_EMPTY_BASE_OPTIMIZATION_H_INCLUDED
 
 #include <boost/type_traits/is_final.hpp>
+
 #include <type_traits>
 #include <utility>
 

include/xrpl/beast/core/LexicalCast.h

@@ -23,6 +23,7 @@
 #include <xrpl/beast/utility/instrumentation.h>
 
 #include <boost/core/detail/string_view.hpp>
+
 #include <algorithm>
 #include <cerrno>
 #include <charconv>

include/xrpl/beast/core/List.h

@@ -21,7 +21,6 @@
 #define BEAST_INTRUSIVE_LIST_H_INCLUDED
 
 #include <iterator>
-#include <type_traits>
 
 namespace beast {
 

include/xrpl/beast/hash/hash_append.h

@@ -23,6 +23,7 @@
 
 #include <boost/container/flat_set.hpp>
 #include <boost/endian/conversion.hpp>
+
 #include <array>
 #include <chrono>
 #include <cstdint>

include/xrpl/beast/hash/xxhasher.h

@@ -21,6 +21,7 @@
 #define BEAST_HASH_XXHASHER_H_INCLUDED
 
 #include <boost/endian/conversion.hpp>
+
 #include <xxhash.h>
 
 #include <cstddef>

include/xrpl/beast/insight/Meter.h

@@ -20,10 +20,10 @@
 #ifndef BEAST_INSIGHT_METER_H_INCLUDED
 #define BEAST_INSIGHT_METER_H_INCLUDED
 
-#include <memory>
-
 #include <xrpl/beast/insight/MeterImpl.h>
 
+#include <memory>
+
 namespace beast {
 namespace insight {
 

include/xrpl/beast/insight/StatsDCollector.h

@@ -21,7 +21,6 @@
 #define BEAST_INSIGHT_STATSDCOLLECTOR_H_INCLUDED
 
 #include <xrpl/beast/insight/Collector.h>
-
 #include <xrpl/beast/net/IPEndpoint.h>
 #include <xrpl/beast/utility/Journal.h>
 

include/xrpl/beast/net/IPAddress.h

@@ -25,8 +25,10 @@
 #include <xrpl/beast/net/IPAddressV4.h>
 #include <xrpl/beast/net/IPAddressV6.h>
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <boost/asio/ip/address.hpp>
 #include <boost/functional/hash.hpp>
+
 #include <cstdint>
 #include <ios>
 #include <sstream>

include/xrpl/beast/net/IPAddressConversion.h

@@ -22,8 +22,6 @@
 
 #include <xrpl/beast/net/IPEndpoint.h>
 
-#include <sstream>
-
 #include <boost/asio.hpp>
 
 namespace beast {

include/xrpl/beast/net/IPAddressV4.h

@@ -21,7 +21,9 @@
 #define BEAST_NET_IPADDRESSV4_H_INCLUDED
 
 #include <xrpl/beast/hash/hash_append.h>
+
 #include <boost/asio/ip/address_v4.hpp>
+
 #include <cstdint>
 #include <functional>
 #include <ios>

include/xrpl/beast/net/IPAddressV6.h

@@ -21,7 +21,9 @@
 #define BEAST_NET_IPADDRESSV6_H_INCLUDED
 
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <boost/asio/ip/address_v6.hpp>
+
 #include <cstdint>
 #include <functional>
 #include <ios>

include/xrpl/beast/rfc2616.h

@@ -20,10 +20,6 @@
 #ifndef BEAST_RFC2616_HPP
 #define BEAST_RFC2616_HPP
 
-// TODO: This include <cstdint> is a workaround for beast compilation bug.
-// Remove when fix https://github.com/boostorg/beast/pull/2682/ is available.
-#include <cstdint>
-
 #include <boost/beast/http/message.hpp>
 #include <boost/beast/http/rfc7230.hpp>
 #include <boost/range/algorithm/equal.hpp>
@@ -32,6 +28,7 @@
 
 #include <algorithm>
 #include <cctype>
+#include <cstdint>
 #include <iterator>
 #include <string>
 #include <utility>

include/xrpl/beast/test/yield_to.h

@@ -11,6 +11,7 @@
 #include <boost/asio/io_service.hpp>
 #include <boost/asio/spawn.hpp>
 #include <boost/optional.hpp>
+
 #include <condition_variable>
 #include <functional>
 #include <mutex>

include/xrpl/beast/unit_test/match.h

@@ -9,6 +9,7 @@
 #define BEAST_UNIT_TEST_MATCH_HPP
 
 #include <xrpl/beast/unit_test/suite_info.h>
+
 #include <string>
 
 namespace beast {

include/xrpl/beast/unit_test/reporter.h

@@ -10,8 +10,10 @@
 
 #include <xrpl/beast/unit_test/amount.h>
 #include <xrpl/beast/unit_test/recorder.h>
+
 #include <boost/lexical_cast.hpp>
 #include <boost/optional.hpp>
+
 #include <algorithm>
 #include <chrono>
 #include <functional>

include/xrpl/beast/unit_test/runner.h

@@ -9,7 +9,9 @@
 #define BEAST_UNIT_TEST_RUNNER_H_INCLUDED
 
 #include <xrpl/beast/unit_test/suite_info.h>
+
 #include <boost/assert.hpp>
+
 #include <mutex>
 #include <ostream>
 #include <string>

include/xrpl/beast/unit_test/suite.h

@@ -9,9 +9,11 @@
 #define BEAST_UNIT_TEST_SUITE_HPP
 
 #include <xrpl/beast/unit_test/runner.h>
+
 #include <boost/filesystem.hpp>
 #include <boost/lexical_cast.hpp>
 #include <boost/throw_exception.hpp>
+
 #include <ostream>
 #include <sstream>
 #include <string>

include/xrpl/beast/unit_test/suite_list.h

@@ -10,7 +10,9 @@
 
 #include <xrpl/beast/unit_test/detail/const_container.h>
 #include <xrpl/beast/unit_test/suite_info.h>
+
 #include <boost/assert.hpp>
+
 #include <set>
 #include <typeindex>
 #include <unordered_set>

include/xrpl/beast/unit_test/thread.h

@@ -9,6 +9,7 @@
 #define BEAST_UNIT_TEST_THREAD_HPP
 
 #include <xrpl/beast/unit_test/suite.h>
+
 #include <functional>
 #include <thread>
 #include <utility>

include/xrpl/beast/utility/Journal.h

@@ -21,6 +21,7 @@
 #define BEAST_UTILITY_JOURNAL_H_INCLUDED
 
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <sstream>
 
 namespace beast {
@@ -112,6 +113,16 @@ public:
         virtual void
         write(Severity level, std::string const& text) = 0;
 
+        /** Bypass filter and write text to the sink at the specified severity.
+         * Always write the message, but maintain the same formatting as if
+         * it passed through a level filter.
+         *
+         * @param level Level to display in message.
+         * @param text Text to write to sink.
+         */
+        virtual void
+        writeAlways(Severity level, std::string const& text) = 0;
+
     private:
         Severity thresh_;
         bool m_console;

include/xrpl/beast/utility/PropertyStream.h

@@ -22,11 +22,9 @@
 
 #include <xrpl/beast/core/List.h>
 
-#include <cstdint>
 #include <mutex>
 #include <sstream>
 #include <string>
-#include <utility>
 
 namespace beast {
 

include/xrpl/beast/utility/WrappedSink.h

@@ -93,6 +93,13 @@ public:
         using beast::Journal;
         sink_.write(level, prefix_ + text);
     }
+
+    void
+    writeAlways(severities::Severity level, std::string const& text) override
+    {
+        using beast::Journal;
+        sink_.writeAlways(level, prefix_ + text);
+    }
 };
 
 }  // namespace beast

include/xrpl/beast/utility/instrumentation.h

@@ -39,6 +39,8 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 #endif
 
 #define XRPL_ASSERT ALWAYS_OR_UNREACHABLE
+#define XRPL_ASSERT2(cond, location, message, ...) \
+    XRPL_ASSERT(cond, std::string(location) + " : " + message)
 
 // How to use the instrumentation macros:
 //

include/xrpl/beast/utility/rngfill.h

@@ -21,6 +21,7 @@
 #define BEAST_RANDOM_RNGFILL_H_INCLUDED
 
 #include <xrpl/beast/utility/instrumentation.h>
+
 #include <array>
 #include <cstdint>
 #include <cstring>

include/xrpl/beast/utility/temp_dir.h

@@ -21,6 +21,7 @@
 #define BEAST_UTILITY_TEMP_DIR_H_INCLUDED
 
 #include <boost/filesystem.hpp>
+
 #include <string>
 
 namespace beast {

include/xrpl/crypto/csprng.h

@@ -21,8 +21,6 @@
 #define RIPPLE_CRYPTO_RANDOM_H_INCLUDED
 
 #include <mutex>
-#include <string>
-#include <type_traits>
 
 namespace ripple {
 

include/xrpl/json/Object.h

@@ -21,6 +21,7 @@
 #define RIPPLE_JSON_OBJECT_H_INCLUDED
 
 #include <xrpl/json/Writer.h>
+
 #include <memory>
 
 namespace Json {

include/xrpl/json/Output.h

@@ -21,6 +21,7 @@
 #define RIPPLE_JSON_OUTPUT_H_INCLUDED
 
 #include <boost/beast/core/string.hpp>
+
 #include <functional>
 #include <string>
 

include/xrpl/json/Writer.h

@@ -24,6 +24,7 @@
 #include <xrpl/basics/contract.h>
 #include <xrpl/json/Output.h>
 #include <xrpl/json/json_value.h>
+
 #include <memory>
 
 namespace Json {

include/xrpl/json/detail/json_assert.h

@@ -20,6 +20,7 @@
 #ifndef RIPPLE_JSON_JSON_ASSERT_H_INCLUDED
 #define RIPPLE_JSON_JSON_ASSERT_H_INCLUDED
 
+#include <xrpl/basics/contract.h>
 #include <xrpl/json/json_errors.h>
 
 #define JSON_ASSERT_MESSAGE(condition, message) \

include/xrpl/json/json_reader.h

@@ -24,7 +24,9 @@
 
 #include <xrpl/json/json_forwards.h>
 #include <xrpl/json/json_value.h>
+
 #include <boost/asio/buffer.hpp>
+
 #include <stack>
 
 namespace Json {

include/xrpl/json/json_value.h

@@ -20,10 +20,13 @@
 #ifndef RIPPLE_JSON_JSON_VALUE_H_INCLUDED
 #define RIPPLE_JSON_JSON_VALUE_H_INCLUDED
 
+#include <xrpl/basics/Number.h>
 #include <xrpl/json/json_forwards.h>
+
 #include <cstring>
 #include <map>
 #include <string>
+#include <utility>
 #include <vector>
 
 /** \brief JSON (JavaScript Object Notation).
@@ -215,6 +218,7 @@ public:
     Value(UInt value);
     Value(double value);
     Value(const char* value);
+    Value(ripple::Number const& value);
     /** \brief Constructs a value from a static string.
 
      * Like other value string constructor but do not duplicate the string for
@@ -364,6 +368,8 @@ public:
      */
     Value&
     operator[](const StaticString& key);
+    Value const&
+    operator[](const StaticString& key) const;
 
     /// Return the member named key if it exist, defaultValue otherwise.
     Value
@@ -435,6 +441,12 @@ private:
     int allocated_ : 1;  // Notes: if declared as bool, bitfield is useless.
 };
 
+inline Value
+to_json(ripple::Number const& number)
+{
+    return to_string(number);
+}
+
 bool
 operator==(const Value&, const Value&);
 

include/xrpl/json/json_writer.h

@@ -22,6 +22,7 @@
 
 #include <xrpl/json/json_forwards.h>
 #include <xrpl/json/json_value.h>
+
 #include <ostream>
 #include <vector>
 

include/xrpl/protocol/AMMCore.h

@@ -48,14 +48,6 @@ class STObject;
 class STAmount;
 class Rules;
 
-/** Calculate AMM account ID.
- */
-AccountID
-ammAccountID(
-    std::uint16_t prefix,
-    uint256 const& parentHash,
-    uint256 const& ammID);
-
 /** Calculate Liquidity Provider Token (LPT) Currency.
  */
 Currency

include/xrpl/protocol/AccountID.h

@@ -114,7 +114,7 @@ operator<<(std::ostream& os, AccountID const& x)
     is expensive (it requires a SHA-256 operation) in most cases the overhead
     of the cache is worth the benefit.
 
-    @param count The number of entries the cache should accomodate. Zero will
+    @param count The number of entries the cache should accommodate. Zero will
                  disable the cache, releasing any memory associated with it.
 
     @note The function will only initialize the cache the first time it is

include/xrpl/protocol/Asset.h

@@ -20,6 +20,7 @@
 #ifndef RIPPLE_PROTOCOL_ASSET_H_INCLUDED
 #define RIPPLE_PROTOCOL_ASSET_H_INCLUDED
 
+#include <xrpl/basics/Number.h>
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/protocol/Issue.h>
 #include <xrpl/protocol/MPTIssue.h>
@@ -27,6 +28,7 @@
 namespace ripple {
 
 class Asset;
+class STAmount;
 
 template <typename TIss>
 concept ValidIssueType =
@@ -92,6 +94,9 @@ public:
     void
     setJson(Json::Value& jv) const;
 
+    STAmount
+    operator()(Number const&) const;
+
     bool
     native() const
     {
@@ -114,6 +119,14 @@ public:
     equalTokens(Asset const& lhs, Asset const& rhs);
 };
 
+inline Json::Value
+to_json(Asset const& asset)
+{
+    Json::Value jv;
+    asset.setJson(jv);
+    return jv;
+}
+
 template <ValidIssueType TIss>
 constexpr bool
 Asset::holds() const
@@ -219,9 +232,6 @@ validJSONAsset(Json::Value const& jv);
 Asset
 assetFromJson(Json::Value const& jv);
 
-Json::Value
-to_json(Asset const& asset);
-
 }  // namespace ripple
 
 #endif  // RIPPLE_PROTOCOL_ASSET_H_INCLUDED

include/xrpl/protocol/Book.h

@@ -22,6 +22,7 @@
 
 #include <xrpl/basics/CountedObject.h>
 #include <xrpl/protocol/Issue.h>
+
 #include <boost/utility/base_from_member.hpp>
 
 namespace ripple {

include/xrpl/protocol/Feature.h

@@ -21,7 +21,9 @@
 #define RIPPLE_PROTOCOL_FEATURE_H_INCLUDED
 
 #include <xrpl/basics/base_uint.h>
+
 #include <boost/container/flat_map.hpp>
+
 #include <array>
 #include <bitset>
 #include <map>
@@ -33,35 +35,39 @@
  *
  * Steps required to add new features to the code:
  *
- * 1) In this file, increment `numFeatures` and add a uint256 declaration
- *    for the feature at the bottom
- * 2) Add a uint256 definition for the feature to the corresponding source
- *    file (Feature.cpp). Use `registerFeature` to create the feature with
- *    the feature's name, `Supported::no`, and `VoteBehavior::DefaultNo`. This
- *    should be the only place the feature's name appears in code as a string.
- * 3) Use the uint256 as the parameter to `view.rules.enabled()` to
- *    control flow into new code that this feature limits.
- * 4) If the feature development is COMPLETE, and the feature is ready to be
- *    SUPPORTED, change the `registerFeature` parameter to Supported::yes.
- * 5) When the feature is ready to be ENABLED, change the `registerFeature`
- *    parameter to `VoteBehavior::DefaultYes`.
- * In general, any newly supported amendments (`Supported::yes`) should have
- * a `VoteBehavior::DefaultNo` for at least one full release cycle. High
- * priority bug fixes can be an exception to this rule of thumb.
+ * 1) Add the appropriate XRPL_FEATURE or XRPL_FIX macro definition for the
+ *    feature to features.macro with the feature's name, `Supported::no`, and
+ *    `VoteBehavior::DefaultNo`.
+ *
+ * 2) Use the generated variable name as the parameter to `view.rules.enabled()`
+ *    to control flow into new code that this feature limits. (featureName or
+ *    fixName)
+ *
+ * 3) If the feature development is COMPLETE, and the feature is ready to be
+ *    SUPPORTED, change the macro parameter in features.macro to Supported::yes.
+ *
+ * 4) In general, any newly supported amendments (`Supported::yes`) should have
+ *    a `VoteBehavior::DefaultNo` indefinitely so that external governance can
+ *    make the decision on when to activate it. High priority bug fixes can be
+ *    an exception to this rule. In such cases, ensure the fix has been
+ *    clearly communicated to the community using appropriate channels,
+ *    then change the macro parameter in features.macro to
+ *    `VoteBehavior::DefaultYes`. The communication process is beyond
+ *    the scope of these instructions.
+ *
  *
  * When a feature has been enabled for several years, the conditional code
  * may be removed, and the feature "retired". To retire a feature:
- * 1) Remove the uint256 declaration from this file.
- * 2) MOVE the uint256 definition in Feature.cpp to the "retired features"
- *    section at the end of the file.
- * 3) CHANGE the name of the variable to start with "retired".
- * 4) CHANGE the parameters of the `registerFeature` call to `Supported::yes`
- *    and `VoteBehavior::DefaultNo`.
+ *
+ * 1) MOVE the macro definition in features.macro to the "retired features"
+ *    section at the end of the file, and change the macro to XRPL_RETIRE.
+ *
  * The feature must remain registered and supported indefinitely because it
- * still exists in the ledger, but there is no need to vote for it because
- * there's nothing to vote for. If it is removed completely from the code, any
- * instances running that code will get amendment blocked. Removing the
- * feature from the ledger is beyond the scope of these instructions.
+ * may exist in the Amendments object on ledger. There is no need to vote
+ * for it because there's nothing to vote for. If the feature definition is
+ * removed completely from the code, any instances running that code will get
+ * amendment blocked. Removing the feature from the ledger is beyond the scope
+ * of these instructions.
  *
  */
 
@@ -76,11 +82,32 @@ allAmendments();
 
 namespace detail {
 
+#pragma push_macro("XRPL_FEATURE")
+#undef XRPL_FEATURE
+#pragma push_macro("XRPL_FIX")
+#undef XRPL_FIX
+#pragma push_macro("XRPL_RETIRE")
+#undef XRPL_RETIRE
+
+#define XRPL_FEATURE(name, supported, vote) +1
+#define XRPL_FIX(name, supported, vote) +1
+#define XRPL_RETIRE(name) +1
+
 // This value SHOULD be equal to the number of amendments registered in
 // Feature.cpp. Because it's only used to reserve storage, and determine how
 // large to make the FeatureBitset, it MAY be larger. It MUST NOT be less than
 // the actual number of amendments. A LogicError on startup will verify this.
-static constexpr std::size_t numFeatures = 85;
+static constexpr std::size_t numFeatures =
+    (0 +
+#include <xrpl/protocol/detail/features.macro>
+    );
+
+#undef XRPL_RETIRE
+#pragma pop_macro("XRPL_RETIRE")
+#undef XRPL_FIX
+#pragma pop_macro("XRPL_FIX")
+#undef XRPL_FEATURE
+#pragma pop_macro("XRPL_FEATURE")
 
 /** Amendments that this server supports and the default voting behavior.
    Whether they are enabled depends on the Rules defined in the validated
@@ -320,12 +347,17 @@ foreachFeature(FeatureBitset bs, F&& f)
 #undef XRPL_FEATURE
 #pragma push_macro("XRPL_FIX")
 #undef XRPL_FIX
+#pragma push_macro("XRPL_RETIRE")
+#undef XRPL_RETIRE
 
 #define XRPL_FEATURE(name, supported, vote) extern uint256 const feature##name;
 #define XRPL_FIX(name, supported, vote) extern uint256 const fix##name;
+#define XRPL_RETIRE(name)
 
 #include <xrpl/protocol/detail/features.macro>
 
+#undef XRPL_RETIRE
+#pragma pop_macro("XRPL_RETIRE")
 #undef XRPL_FIX
 #pragma pop_macro("XRPL_FIX")
 #undef XRPL_FEATURE

include/xrpl/protocol/HashPrefix.h

@@ -21,6 +21,7 @@
 #define RIPPLE_PROTOCOL_HASHPREFIX_H_INCLUDED
 
 #include <xrpl/beast/hash/hash_append.h>
+
 #include <cstdint>
 
 namespace ripple {