failing test

* XRPLF/ximinez/lending-refactoring-2:
  refactor: Update rocksdb (#5568)
  Switch instrumentation workflow to use dependencies (#5607)
  chore: Rename conan profile to `default` (#5599)
  Include `network_id` in validations and subscription stream responses (#5579)
  Add support for `DomainID` in `MPTokenIssuance` transactions (#5509)
  chore: Remove unused code after flow cross retirement (#5575)
  Remove obsolete owner pays fee feature and XRPL_ABANDON stanza (#5550)
  refactor: Makes HashRouter flags more type-safe (#5371)
  Fix clang-format CI job (#5598)

.github/actions/dependencies/action.yml

@@ -6,36 +6,29 @@ inputs:
 runs:
   using: composite
   steps:
-    - name: unlock Conan
-      shell: bash
-      run: conan remove --locks
     - name: export custom recipes
       shell: bash
       run: |
-        conan config set general.revisions_enabled=1
-        conan export external/snappy snappy/1.1.10@
-        conan export external/rocksdb rocksdb/9.7.3@
-        conan export external/soci soci/4.0.3@
-        conan export external/nudb nudb/2.0.8@
+        conan export --version 1.1.10 external/snappy
+        conan export --version 4.0.3 external/soci
     - name: add Ripple Conan remote
+      if: env.CONAN_URL != ''
       shell: bash
       run: |
-        conan remote list
-        conan remote remove ripple || true
-        # Do not quote the URL. An empty string will be accepted (with
-        # a non-fatal warning), but a missing argument will not.
-        conan remote add ripple ${{ env.CONAN_URL }} --insert 0
+        if conan remote list | grep -q "ripple"; then
+            conan remote remove ripple
+            echo "Removed conan remote ripple"
+        fi
+        conan remote add --index 0 ripple "${CONAN_URL}"
+        echo "Added conan remote ripple at ${CONAN_URL}"
     - name: try to authenticate to Ripple Conan remote
+      if: env.CONAN_LOGIN_USERNAME_RIPPLE != '' && env.CONAN_PASSWORD_RIPPLE != ''
       id: remote
       shell: bash
       run: |
-        # `conan user` implicitly uses the environment variables
-        # CONAN_LOGIN_USERNAME_<REMOTE> and CONAN_PASSWORD_<REMOTE>.
-        # https://docs.conan.io/1/reference/commands/misc/user.html#using-environment-variables
-        # https://docs.conan.io/1/reference/env_vars.html#conan-login-username-conan-login-username-remote-name
-        # https://docs.conan.io/1/reference/env_vars.html#conan-password-conan-password-remote-name
-        echo outcome=$(conan user --remote ripple --password >&2 \
-          && echo success || echo failure) | tee ${GITHUB_OUTPUT}
+        echo "Authenticating to ripple remote..."
+        conan remote auth ripple --force
+        conan remote list-users
     - name: list missing binaries
       id: binaries
       shell: bash
@@ -51,7 +44,7 @@ runs:
         conan install \
           --output-folder . \
           --build missing \
-          --options tests=True \
-          --options xrpld=True \
-          --settings build_type=${{ inputs.configuration }} \
+          --options:host "&:tests=True" \
+          --options:host "&:xrpld=True" \
+          --settings:all build_type=${{ inputs.configuration }} \
           ..

.github/workflows/clang-format.yml

@@ -9,24 +9,25 @@ jobs:
   check:
     if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
     runs-on: ubuntu-24.04
-    env:
-      CLANG_VERSION: 18
+    container: ghcr.io/xrplf/ci/tools-rippled-clang-format
     steps:
+      # For jobs running in containers, $GITHUB_WORKSPACE and ${{ github.workspace }} might not be the
+      # same directory. The actions/checkout step is *supposed* to checkout into $GITHUB_WORKSPACE and
+      # then add it to safe.directory (see instructions at https://github.com/actions/checkout)
+      # but that's apparently not happening for some container images. We can't be sure what is actually
+      # happening, so let's pre-emptively add both directories to safe.directory. There's a
+      # Github issue opened in 2022 and not resolved in 2025 https://github.com/actions/runner/issues/2058 ¯\_(ツ)_/¯
+      - run: |
+          git config --global --add safe.directory $GITHUB_WORKSPACE
+          git config --global --add safe.directory ${{ github.workspace }}
       - uses: actions/checkout@v4
-      - name: Install clang-format
-        run: |
-          codename=$( lsb_release --codename --short )
-          sudo tee /etc/apt/sources.list.d/llvm.list >/dev/null <<EOF
-          deb http://apt.llvm.org/${codename}/ llvm-toolchain-${codename}-${CLANG_VERSION} main
-          deb-src http://apt.llvm.org/${codename}/ llvm-toolchain-${codename}-${CLANG_VERSION} main
-          EOF
-          wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add
-          sudo apt-get update
-          sudo apt-get install clang-format-${CLANG_VERSION}
       - name: Format first-party sources
-        run: find include src tests -type f \( -name '*.cpp' -o -name '*.hpp' -o -name '*.h' -o -name '*.ipp' \) -exec clang-format-${CLANG_VERSION} -i {} +
+        run: |
+          clang-format --version
+          find include src tests -type f \( -name '*.cpp' -o -name '*.hpp' -o -name '*.h' -o -name '*.ipp' \) -exec clang-format -i {} +
       - name: Check for differences
         id: assert
+        shell: bash
         run: |
           set -o pipefail
           git diff --exit-code | tee "clang-format.patch"
@@ -58,6 +59,6 @@ jobs:
                in your repo, commit, and push.
         run: |
           echo "${PREAMBLE}"
-          clang-format-${CLANG_VERSION} --version
+          clang-format --version
           echo "${SUGGESTION}"
           exit 1

.github/workflows/libxrpl.yml

@@ -1,6 +1,6 @@
 name: Check libXRPL compatibility with Clio
 env:
-  CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
+  CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/dev
   CONAN_LOGIN_USERNAME_RIPPLE: ${{ secrets.CONAN_USERNAME }}
   CONAN_PASSWORD_RIPPLE: ${{ secrets.CONAN_TOKEN }}
 on:

.github/workflows/macos.yml

@@ -15,6 +15,18 @@ on:
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
+# This part of Conan configuration is specific to this workflow only; we do not want
+# to pollute conan/profiles directory with settings which might not work for others
+env:
+  CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/dev
+  CONAN_LOGIN_USERNAME_RIPPLE: ${{ secrets.CONAN_USERNAME }}
+  CONAN_PASSWORD_RIPPLE: ${{ secrets.CONAN_TOKEN }}
+  CONAN_GLOBAL_CONF: |
+    core.download:parallel={{os.cpu_count()}}
+    core.upload:parallel={{os.cpu_count()}}
+    tools.build:jobs={{ (os.cpu_count() * 4/5) | int }}
+    tools.build:verbosity=verbose
+    tools.compilation:verbosity=verbose
 
 jobs:
 
@@ -28,23 +40,22 @@ jobs:
           - Ninja
         configuration:
           - Release
-    runs-on: [self-hosted, macOS]
+    runs-on: [self-hosted, macOS, mac-runner-m1]
     env:
       # The `build` action requires these variables.
       build_dir: .build
       NUM_PROCESSORS: 12
     steps:
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: install Conan
         run: |
-          brew install conan@1
-          echo '/opt/homebrew/opt/conan@1/bin' >> $GITHUB_PATH
+          brew install conan
       - name: install Ninja
         if: matrix.generator == 'Ninja'
         run: brew install ninja
       - name: install python
-        run: | 
+        run: |
           if which python > /dev/null 2>&1; then
               echo "Python executable exists"
           else
@@ -76,14 +87,26 @@ jobs:
           clang --version
       - name: configure Conan
         run : |
-          conan profile new default --detect || true
-          conan profile update settings.compiler.cppstd=20 default
+          echo "${CONAN_GLOBAL_CONF}" >> $(conan config home)/global.conf
+          conan config install conan/profiles/ -tf $(conan config home)/profiles/
+          conan profile show
+      - name: export custom recipes
+        shell: bash
+        run: |
+          conan export --version 1.1.10 external/snappy
+          conan export --version 4.0.3 external/soci
+      - name: add Ripple Conan remote
+        if: env.CONAN_URL != ''
+        shell: bash
+        run: |
+          if conan remote list | grep -q "ripple"; then
+              conan remote remove ripple
+              echo "Removed conan remote ripple"
+          fi
+          conan remote add --index 0 ripple "${CONAN_URL}"
+          echo "Added conan remote ripple at ${CONAN_URL}"
       - name: build dependencies
         uses: ./.github/actions/dependencies
-        env:
-          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
-          CONAN_LOGIN_USERNAME_RIPPLE: ${{ secrets.CONAN_USERNAME }}
-          CONAN_PASSWORD_RIPPLE: ${{ secrets.CONAN_TOKEN }}
         with:
           configuration: ${{ matrix.configuration }}
       - name: build
@@ -96,4 +119,7 @@ jobs:
         run: |
           n=$(nproc)
           echo "Using $n test jobs"
-          ${build_dir}/rippled --unittest --unittest-jobs $n
+
+          cd ${build_dir}
+          ./rippled --unittest --unittest-jobs $n
+          ctest -j $n --output-on-failure

.github/workflows/nix.yml

@@ -16,6 +16,19 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
+# This part of Conan configuration is specific to this workflow only; we do not want
+# to pollute conan/profiles directory with settings which might not work for others
+env:
+  CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/dev
+  CONAN_LOGIN_USERNAME_RIPPLE: ${{ secrets.CONAN_USERNAME }}
+  CONAN_PASSWORD_RIPPLE: ${{ secrets.CONAN_TOKEN }}
+  CONAN_GLOBAL_CONF: |
+    core.download:parallel={{ os.cpu_count() }}
+    core.upload:parallel={{ os.cpu_count() }}
+    tools.build:jobs={{ (os.cpu_count() * 4/5) | int }}
+    tools.build:verbosity=verbose
+    tools.compilation:verbosity=verbose
+
 # This workflow has multiple job matrixes.
 # They can be considered phases because most of the matrices ("test",
 # "coverage", "conan", ) depend on the first ("dependencies").
@@ -54,59 +67,45 @@ jobs:
           - Release
         include:
           - compiler: gcc
-            profile:
-              version: 11
-              cc: /usr/bin/gcc
-              cxx: /usr/bin/g++
+            compiler_version: 12
+            distro: ubuntu
+            codename: jammy
           - compiler: clang
-            profile:
-              version: 14
-              cc: /usr/bin/clang-14
-              cxx: /usr/bin/clang++-14
+            compiler_version: 16
+            distro: debian
+            codename: bookworm
     runs-on: [self-hosted, heavy]
-    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/ci/${{ matrix.distro }}-${{ matrix.codename }}:${{ matrix.compiler }}-${{ matrix.compiler_version }}
     env:
       build_dir: .build
     steps:
-      - name: upgrade conan
-        run: |
-          pip install --upgrade "conan<2"
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: check environment
         run: |
           echo ${PATH} | tr ':' '\n'
           lsb_release -a || true
-          ${{ matrix.profile.cc }} --version
+          ${{ matrix.compiler }}-${{ matrix.compiler_version }} --version
           conan --version
           cmake --version
           env | sort
       - name: configure Conan
         run: |
-          conan profile new default --detect
-          conan profile update settings.compiler.cppstd=20 default
-          conan profile update settings.compiler=${{ matrix.compiler }} default
-          conan profile update settings.compiler.version=${{ matrix.profile.version }} default
-          conan profile update settings.compiler.libcxx=libstdc++11 default
-          conan profile update env.CC=${{ matrix.profile.cc }} default
-          conan profile update env.CXX=${{ matrix.profile.cxx }} default
-          conan profile update conf.tools.build:compiler_executables='{"c": "${{ matrix.profile.cc }}", "cpp": "${{ matrix.profile.cxx }}"}' default
+          echo "${CONAN_GLOBAL_CONF}" >> $(conan config home)/global.conf
+          conan config install conan/profiles/ -tf $(conan config home)/profiles/
+          conan profile show
       - name: archive profile
         # Create this archive before dependencies are added to the local cache.
-        run: tar -czf conan.tar -C ~/.conan .
+        run: tar -czf conan.tar.gz -C ${CONAN_HOME} .
       - name: build dependencies
         uses: ./.github/actions/dependencies
-        env:
-          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
-          CONAN_LOGIN_USERNAME_RIPPLE: ${{ secrets.CONAN_USERNAME }}
-          CONAN_PASSWORD_RIPPLE: ${{ secrets.CONAN_TOKEN }}
         with:
           configuration: ${{ matrix.configuration }}
       - name: upload archive
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
         with:
           name: ${{ matrix.platform }}-${{ matrix.compiler }}-${{ matrix.configuration }}
-          path: conan.tar
+          path: conan.tar.gz
           if-no-files-found: error
 
   test:
@@ -121,26 +120,32 @@ jobs:
         configuration:
           - Debug
           - Release
+        include:
+          - compiler: gcc
+            compiler_version: 12
+            distro: ubuntu
+            codename: jammy
+          - compiler: clang
+            compiler_version: 16
+            distro: debian
+            codename: bookworm
         cmake-args:
           -
           - "-Dunity=ON"
     needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/ci/${{ matrix.distro }}-${{ matrix.codename }}:${{ matrix.compiler }}-${{ matrix.compiler_version }}
     env:
       build_dir: .build
     steps:
-      - name: upgrade conan
-        run: |
-          pip install --upgrade "conan<2"
       - name: download cache
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
         with:
           name: ${{ matrix.platform }}-${{ matrix.compiler }}-${{ matrix.configuration }}
       - name: extract cache
         run: |
-          mkdir -p ~/.conan
-          tar -xzf conan.tar -C ~/.conan
+          mkdir -p ${CONAN_HOME}
+          tar -xzf conan.tar.gz -C ${CONAN_HOME}
       - name: check environment
         run: |
           env | sort
@@ -148,11 +153,9 @@ jobs:
           conan --version
           cmake --version
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: dependencies
         uses: ./.github/actions/dependencies
-        env:
-          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
         with:
           configuration: ${{ matrix.configuration }}
       - name: build
@@ -161,9 +164,21 @@ jobs:
           generator: Ninja
           configuration: ${{ matrix.configuration }}
           cmake-args: "-Dassert=TRUE -Dwerr=TRUE ${{ matrix.cmake-args }}"
+      - name: check linking
+        run: |
+          cd ${build_dir}
+          ldd ./rippled
+          if [ "$(ldd ./rippled | grep -E '(libstdc\+\+|libgcc)' | wc -l)" -eq 0 ]; then
+            echo 'The binary is statically linked.'
+          else
+            echo 'The binary is dynamically linked.'
+            exit 1
+          fi
       - name: test
         run: |
-          ${build_dir}/rippled --unittest --unittest-jobs $(nproc)
+          cd ${build_dir}
+          ./rippled --unittest --unittest-jobs $(nproc)
+          ctest -j $(nproc) --output-on-failure
 
   reference-fee-test:
     strategy:
@@ -180,21 +195,18 @@ jobs:
           - "-DUNIT_TEST_REFERENCE_FEE=1000"
     needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/ci/ubuntu-jammy:gcc-12
     env:
       build_dir: .build
     steps:
-      - name: upgrade conan
-        run: |
-          pip install --upgrade "conan<2"
       - name: download cache
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
         with:
           name: ${{ matrix.platform }}-${{ matrix.compiler }}-${{ matrix.configuration }}
       - name: extract cache
         run: |
-          mkdir -p ~/.conan
-          tar -xzf conan.tar -C ~/.conan
+          mkdir -p ${CONAN_HOME}
+          tar -xzf conan.tar.gz -C ${CONAN_HOME}
       - name: check environment
         run: |
           env | sort
@@ -202,11 +214,9 @@ jobs:
           conan --version
           cmake --version
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: dependencies
         uses: ./.github/actions/dependencies
-        env:
-          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
         with:
           configuration: ${{ matrix.configuration }}
       - name: build
@@ -217,7 +227,9 @@ jobs:
           cmake-args: "-Dassert=TRUE -Dwerr=TRUE ${{ matrix.cmake-args }}"
       - name: test
         run: |
-          ${build_dir}/rippled --unittest --unittest-jobs $(nproc)
+          cd ${build_dir}
+          ./rippled --unittest --unittest-jobs $(nproc)
+          ctest -j $(nproc) --output-on-failure
 
   coverage:
     strategy:
@@ -231,23 +243,18 @@ jobs:
           - Debug
     needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
+    container: ghcr.io/xrplf/ci/ubuntu-jammy:gcc-12
     env:
       build_dir: .build
     steps:
-      - name: upgrade conan
-        run: |
-          pip install --upgrade "conan<2"
       - name: download cache
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
         with:
           name: ${{ matrix.platform }}-${{ matrix.compiler }}-${{ matrix.configuration }}
       - name: extract cache
         run: |
-          mkdir -p ~/.conan
-          tar -xzf conan.tar -C ~/.conan
-      - name: install gcovr
-        run: pip install "gcovr>=7,<9"
+          mkdir -p ${CONAN_HOME}
+          tar -xzf conan.tar.gz -C ${CONAN_HOME}
       - name: check environment
         run: |
           echo ${PATH} | tr ':' '\n'
@@ -255,13 +262,11 @@ jobs:
           cmake --version
           gcovr --version
           env | sort
-          ls ~/.conan
+          ls ${CONAN_HOME}
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: dependencies
         uses: ./.github/actions/dependencies
-        env:
-          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
         with:
           configuration: ${{ matrix.configuration }}
       - name: build
@@ -283,7 +288,7 @@ jobs:
         run: |
           mv "${build_dir}/coverage.xml" ./
       - name: archive coverage report
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
         with:
           name: coverage.xml
           path: coverage.xml
@@ -305,22 +310,23 @@ jobs:
   conan:
     needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: ghcr.io/xrplf/rippled-build-ubuntu:aaf5e3e
+    container:
+      image: ghcr.io/xrplf/ci/ubuntu-jammy:gcc-12
     env:
       build_dir: .build
+      platform: linux
+      compiler: gcc
+      compiler_version: 12
       configuration: Release
     steps:
-      - name: upgrade conan
-        run: |
-          pip install --upgrade "conan<2"
       - name: download cache
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
         with:
-          name: linux-gcc-${{ env.configuration }}
+          name: ${{ env.platform }}-${{ env.compiler }}-${{ env.configuration }}
       - name: extract cache
         run: |
-          mkdir -p ~/.conan
-          tar -xzf conan.tar -C ~/.conan
+          mkdir -p ${CONAN_HOME}
+          tar -xzf conan.tar.gz -C ${CONAN_HOME}
       - name: check environment
         run: |
           env | sort
@@ -328,95 +334,66 @@ jobs:
           conan --version
           cmake --version
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: dependencies
         uses: ./.github/actions/dependencies
-        env:
-          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
         with:
           configuration: ${{ env.configuration }}
       - name: export
         run: |
-          version=$(conan inspect --raw version .)
-          reference="xrpl/${version}@local/test"
-          conan remove -f ${reference} || true
-          conan export . local/test
-          echo "reference=${reference}" >> "${GITHUB_ENV}"
+          conan export . --version head
       - name: build
         run: |
           cd tests/conan
-          mkdir ${build_dir}
-          cd ${build_dir}
-          conan install .. --output-folder . \
-            --require-override ${reference} --build missing
+          mkdir ${build_dir} && cd ${build_dir}
+          conan install .. \
+            --settings:all build_type=${configuration} \
+            --output-folder . \
+            --build missing
           cmake .. \
             -DCMAKE_TOOLCHAIN_FILE:FILEPATH=./build/${configuration}/generators/conan_toolchain.cmake \
             -DCMAKE_BUILD_TYPE=${configuration}
           cmake --build .
           ./example | grep '^[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]]\+'
 
-  # NOTE we are not using dependencies built above because it lags with
-  # compiler versions. Instrumentation requires clang version 16 or
-  # later
-
   instrumentation-build:
-    if: ${{ github.event_name == 'push' || github.event.pull_request.draft != true || contains(github.event.pull_request.labels.*.name, 'DraftRunCI') }}
-    env:
-      CLANG_RELEASE: 16
-    strategy:
-      fail-fast: false
+    needs: dependencies
     runs-on: [self-hosted, heavy]
-    container: debian:bookworm
+    container: ghcr.io/xrplf/ci/debian-bookworm:clang-16
+    env:
+      build_dir: .build
     steps:
-        - name: install prerequisites
-          env:
-            DEBIAN_FRONTEND: noninteractive
+        - name: download cache
+          uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093
+          with:
+            name: linux-clang-Debug
+
+        - name: extract cache
           run: |
-            apt-get update
-            apt-get install --yes --no-install-recommends \
-              clang-${CLANG_RELEASE} clang++-${CLANG_RELEASE} \
-              python3-pip python-is-python3 make cmake git wget
-            apt-get clean
-            update-alternatives --install \
-              /usr/bin/clang clang /usr/bin/clang-${CLANG_RELEASE} 100 \
-              --slave /usr/bin/clang++ clang++ /usr/bin/clang++-${CLANG_RELEASE}
-            update-alternatives --auto clang
-            pip install --no-cache --break-system-packages "conan<2"
+            mkdir -p ${CONAN_HOME}
+            tar -xzf conan.tar.gz -C ${CONAN_HOME}
+
+        - name: check environment
+          run: |
+            echo ${PATH} | tr ':' '\n'
+            conan --version
+            cmake --version
+            env | sort
+            ls ${CONAN_HOME}
 
         - name: checkout
-          uses: actions/checkout@v4
+          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+
+        - name: dependencies
+          uses: ./.github/actions/dependencies
+          with:
+            configuration: Debug
 
         - name: prepare environment
           run: |
-            mkdir ${GITHUB_WORKSPACE}/.build
-            echo "SOURCE_DIR=$GITHUB_WORKSPACE" >> $GITHUB_ENV
-            echo "BUILD_DIR=$GITHUB_WORKSPACE/.build" >> $GITHUB_ENV
-            echo "CC=/usr/bin/clang" >> $GITHUB_ENV
-            echo "CXX=/usr/bin/clang++" >> $GITHUB_ENV
-
-        - name: configure Conan
-          run: |
-            conan profile new --detect default
-            conan profile update settings.compiler=clang default
-            conan profile update settings.compiler.version=${CLANG_RELEASE} default
-            conan profile update settings.compiler.libcxx=libstdc++11 default
-            conan profile update settings.compiler.cppstd=20 default
-            conan profile update options.rocksdb=False default
-            conan profile update \
-              'conf.tools.build:compiler_executables={"c": "/usr/bin/clang", "cpp": "/usr/bin/clang++"}' default
-            conan profile update 'env.CXXFLAGS="-DBOOST_ASIO_DISABLE_CONCEPTS"' default
-            conan profile update 'conf.tools.build:cxxflags+=["-DBOOST_ASIO_DISABLE_CONCEPTS"]' default
-            conan export external/snappy snappy/1.1.10@
-            conan export external/soci soci/4.0.3@
-
-        - name: build dependencies
-          run: |
-            cd ${BUILD_DIR}
-            conan install ${SOURCE_DIR} \
-              --output-folder ${BUILD_DIR} \
-              --install-folder ${BUILD_DIR} \
-              --build missing \
-              --settings build_type=Debug
+            mkdir -p ${build_dir}
+            echo "SOURCE_DIR=$(pwd)" >> $GITHUB_ENV
+            echo "BUILD_DIR=$(pwd)/${build_dir}" >> $GITHUB_ENV
 
         - name: build with instrumentation
           run: |
@@ -441,3 +418,4 @@ jobs:
           run: |
             cd ${BUILD_DIR}
             ./rippled -u --unittest-jobs $(( $(nproc)/4 ))
+            ctest -j $(nproc) --output-on-failure

.github/workflows/windows.yml

@@ -18,6 +18,18 @@ on:
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
+# This part of Conan configuration is specific to this workflow only; we do not want
+# to pollute conan/profiles directory with settings which might not work for others
+env:
+  CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/dev
+  CONAN_LOGIN_USERNAME_RIPPLE: ${{ secrets.CONAN_USERNAME }}
+  CONAN_PASSWORD_RIPPLE: ${{ secrets.CONAN_TOKEN }}
+  CONAN_GLOBAL_CONF: |
+    core.download:parallel={{os.cpu_count()}}
+    core.upload:parallel={{os.cpu_count()}}
+    tools.build:jobs=24
+    tools.build:verbosity=verbose
+    tools.compilation:verbosity=verbose
 
 jobs:
 
@@ -42,11 +54,11 @@ jobs:
       build_dir: .build
     steps:
       - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
       - name: choose Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
         with:
-          python-version: 3.9
+          python-version: 3.13
       - name: learn Python cache directory
         id: pip-cache
         shell: bash
@@ -54,12 +66,12 @@ jobs:
           python -m pip install --upgrade pip
           echo "dir=$(pip cache dir)" | tee ${GITHUB_OUTPUT}
       - name: restore Python cache directory
-        uses: actions/cache@v4
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684
         with:
             path: ${{ steps.pip-cache.outputs.dir }}
             key: ${{ runner.os }}-${{ hashFiles('.github/workflows/windows.yml') }}
       - name: install Conan
-        run: pip install wheel 'conan<2'
+        run: pip install wheel conan
       - name: check environment
         run: |
           dir env:
@@ -70,17 +82,26 @@ jobs:
       - name: configure Conan
         shell: bash
         run: |
-          conan profile new default --detect
-          conan profile update settings.compiler.cppstd=20 default
-          conan profile update \
-            settings.compiler.runtime=MT${{ matrix.configuration.runtime }} \
-            default
+          echo "${CONAN_GLOBAL_CONF}" >> $(conan config home)/global.conf
+          conan config install conan/profiles/ -tf $(conan config home)/profiles/
+          conan profile show
+      - name: export custom recipes
+        shell: bash
+        run: |
+          conan export --version 1.1.10 external/snappy
+          conan export --version 4.0.3 external/soci
+      - name: add Ripple Conan remote
+        if: env.CONAN_URL != ''
+        shell: bash
+        run: |
+          if conan remote list | grep -q "ripple"; then
+              conan remote remove ripple
+              echo "Removed conan remote ripple"
+          fi
+          conan remote add --index 0 ripple "${CONAN_URL}"
+          echo "Added conan remote ripple at ${CONAN_URL}"
       - name: build dependencies
         uses: ./.github/actions/dependencies
-        env:
-          CONAN_URL: http://18.143.149.228:8081/artifactory/api/conan/conan-non-prod
-          CONAN_LOGIN_USERNAME_RIPPLE: ${{ secrets.CONAN_USERNAME }}
-          CONAN_PASSWORD_RIPPLE: ${{ secrets.CONAN_TOKEN }}
         with:
           configuration: ${{ matrix.configuration.type }}
       - name: build
@@ -95,5 +116,6 @@ jobs:
         shell: bash
         if: ${{ matrix.configuration.tests }}
         run: |
-          ${build_dir}/${{ matrix.configuration.type }}/rippled --unittest \
-              --unittest-jobs $(nproc)
+          cd ${build_dir}/${{ matrix.configuration.type }}
+          ./rippled --unittest --unittest-jobs $(nproc)
+          ctest -j $(nproc) --output-on-failure

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 # .pre-commit-config.yaml
 repos:
 - repo: https://github.com/pre-commit/mirrors-clang-format
-  rev: v18.1.3
+  rev: v18.1.8
   hooks:
   - id: clang-format

BUILD.md

@@ -167,43 +167,18 @@ It does not explicitly link the C++ standard library,
 which allows you to statically link it with GCC, if you want.
 
    ```
-   # Conan 1.x
-   conan export external/snappy snappy/1.1.10@
    # Conan 2.x
    conan export --version 1.1.10 external/snappy
    ```
 
-Export our [Conan recipe for RocksDB](./external/rocksdb).
-It does not override paths to dependencies when building with Visual Studio.
-
-   ```
-   # Conan 1.x
-   conan export external/rocksdb rocksdb/9.7.3@
-   # Conan 2.x
-   conan export --version 9.7.3 external/rocksdb
-   ```
-
 Export our [Conan recipe for SOCI](./external/soci).
 It patches their CMake to correctly import its dependencies.
 
    ```
-   # Conan 1.x
-   conan export external/soci soci/4.0.3@
    # Conan 2.x
    conan export --version 4.0.3 external/soci
    ```
 
-Export our [Conan recipe for NuDB](./external/nudb).
-It fixes some source files to add missing `#include`s.
-
-
-   ```
-   # Conan 1.x
-   conan export external/nudb nudb/2.0.8@
-   # Conan 2.x
-   conan export --version 2.0.8 external/nudb
-   ```
-
 ### Build and Test
 
 1. Create a build directory and move into it.

Builds/levelization/results/ordering.txt

@@ -132,6 +132,7 @@ test.shamap > xrpl.protocol
 test.toplevel > test.csf
 test.toplevel > xrpl.json
 test.unit_test > xrpl.basics
+tests.libxrpl > xrpl.basics
 xrpl.json > xrpl.basics
 xrpl.protocol > xrpl.basics
 xrpl.protocol > xrpl.json

CMakeLists.txt

@@ -90,6 +90,11 @@ set_target_properties(OpenSSL::SSL PROPERTIES
   INTERFACE_COMPILE_DEFINITIONS OPENSSL_NO_SSL2
 )
 set(SECP256K1_INSTALL TRUE)
+set(SECP256K1_BUILD_BENCHMARK FALSE)
+set(SECP256K1_BUILD_TESTS FALSE)
+set(SECP256K1_BUILD_EXHAUSTIVE_TESTS FALSE)
+set(SECP256K1_BUILD_CTIME_TESTS FALSE)
+set(SECP256K1_BUILD_EXAMPLES FALSE)
 add_subdirectory(external/secp256k1)
 add_library(secp256k1::secp256k1 ALIAS secp256k1)
 add_subdirectory(external/ed25519-donna)
@@ -144,3 +149,8 @@ set(PROJECT_EXPORT_SET RippleExports)
 include(RippledCore)
 include(RippledInstall)
 include(RippledValidatorKeys)
+
+if(tests)
+  include(CTest)
+  add_subdirectory(src/tests/libxrpl)
+endif()

cmake/RippledSettings.cmake

@@ -18,7 +18,7 @@ if(tests)
   endif()
 endif()
 
-option(unity "Creates a build using UNITY support in cmake. This is the default" ON)
+option(unity "Creates a build using UNITY support in cmake." OFF)
 if(unity)
   if(NOT is_ci)
     set(CMAKE_UNITY_BUILD_BATCH_SIZE 15 CACHE STRING "")

cmake/deps/Boost.cmake

@@ -2,7 +2,6 @@ find_package(Boost 1.82 REQUIRED
   COMPONENTS
     chrono
     container
-    context
     coroutine
     date_time
     filesystem
@@ -24,7 +23,7 @@ endif()
 
 target_link_libraries(ripple_boost
   INTERFACE
-    Boost::boost
+    Boost::headers
     Boost::chrono
     Boost::container
     Boost::coroutine

cmake/xrpl_add_test.cmake

@@ -0,0 +1,41 @@
+include(isolate_headers)
+
+function(xrpl_add_test name)
+  set(target ${PROJECT_NAME}.test.${name})
+
+  file(GLOB_RECURSE sources CONFIGURE_DEPENDS
+  "${CMAKE_CURRENT_SOURCE_DIR}/${name}/*.cpp"
+  "${CMAKE_CURRENT_SOURCE_DIR}/${name}.cpp"
+  )
+  add_executable(${target} EXCLUDE_FROM_ALL ${ARGN} ${sources})
+
+  isolate_headers(
+    ${target}
+    "${CMAKE_SOURCE_DIR}"
+    "${CMAKE_SOURCE_DIR}/tests/${name}"
+    PRIVATE
+  )
+
+  # Make sure the test isn't optimized away in unity builds
+  set_target_properties(${target} PROPERTIES
+    UNITY_BUILD_MODE GROUP
+    UNITY_BUILD_BATCH_SIZE 0)  # Adjust as needed
+
+  add_test(NAME ${target} COMMAND ${target})
+  set_tests_properties(
+    ${target} PROPERTIES
+    FIXTURES_REQUIRED ${target}_fixture
+  )
+
+  add_test(
+    NAME ${target}.build
+    COMMAND
+      ${CMAKE_COMMAND}
+      --build ${CMAKE_BINARY_DIR}
+      --config $<CONFIG>
+      --target ${target}
+  )
+  set_tests_properties(${target}.build PROPERTIES
+    FIXTURES_SETUP ${target}_fixture
+  )
+endfunction()

conan/profiles/default

@@ -0,0 +1,37 @@
+{% set os = detect_api.detect_os() %}
+{% set arch = detect_api.detect_arch() %}
+{% set compiler, version, compiler_exe = detect_api.detect_default_compiler() %}
+{% set compiler_version = version %}
+{% if os == "Linux" %}
+{% set compiler_version = detect_api.default_compiler_version(compiler, version) %}
+{% endif %}
+
+[settings]
+os={{ os }}
+arch={{ arch }}
+build_type=Debug
+compiler={{compiler}}
+compiler.version={{ compiler_version }}
+compiler.cppstd=20
+{% if os == "Windows" %}
+compiler.runtime=static
+{% else %}
+compiler.libcxx={{detect_api.detect_libcxx(compiler, version, compiler_exe)}}
+{% endif %}
+
+[conf]
+{% if compiler == "clang" and compiler_version >= 19 %}
+tools.build:cxxflags=['-Wno-missing-template-arg-list-after-template-kw']
+{% endif %}
+{% if compiler == "apple-clang" and compiler_version >= 17 %}
+tools.build:cxxflags=['-Wno-missing-template-arg-list-after-template-kw']
+{% endif %}
+{% if compiler == "clang" and compiler_version == 16 %}
+tools.build:cxxflags=['-DBOOST_ASIO_DISABLE_CONCEPTS']
+{% endif %}
+{% if compiler == "gcc" and compiler_version < 13 %}
+tools.build:cxxflags=['-Wno-restrict']
+{% endif %}
+
+[tool_requires]
+!cmake/*: cmake/[>=3 <4]

conanfile.py

@@ -25,15 +25,19 @@ class Xrpl(ConanFile):
 
     requires = [
         'grpc/1.50.1',
-        'libarchive/3.7.6',
-        'nudb/2.0.8',
-        'openssl/1.1.1v',
+        'libarchive/3.8.1',
+        'nudb/2.0.9',
+        'openssl/1.1.1w',
         'soci/4.0.3',
         'zlib/1.3.1',
     ]
 
+    test_requires = [
+        'doctest/2.4.11',
+    ]
+
     tool_requires = [
-        'protobuf/3.21.9',
+        'protobuf/3.21.12',
     ]
 
     default_options = {
@@ -85,12 +89,13 @@ class Xrpl(ConanFile):
     }
 
     def set_version(self):
-        path = f'{self.recipe_folder}/src/libxrpl/protocol/BuildInfo.cpp'
-        regex = r'versionString\s?=\s?\"(.*)\"'
-        with open(path, 'r') as file:
-            matches = (re.search(regex, line) for line in file)
-            match = next(m for m in matches if m)
-            self.version = match.group(1)
+        if self.version is None:
+            path = f'{self.recipe_folder}/src/libxrpl/protocol/BuildInfo.cpp'
+            regex = r'versionString\s?=\s?\"(.*)\"'
+            with open(path, encoding='utf-8') as file:
+                matches = (re.search(regex, line) for line in file)
+                match = next(m for m in matches if m)
+                self.version = match.group(1)
 
     def configure(self):
         if self.settings.compiler == 'apple-clang':
@@ -100,15 +105,15 @@ class Xrpl(ConanFile):
         # Conan 2 requires transitive headers to be specified
         transitive_headers_opt = {'transitive_headers': True} if conan_version.split('.')[0] == '2' else {}
         self.requires('boost/1.83.0', force=True, **transitive_headers_opt)
-        self.requires('date/3.0.3', **transitive_headers_opt)
+        self.requires('date/3.0.4', **transitive_headers_opt)
         self.requires('lz4/1.10.0', force=True)
-        self.requires('protobuf/3.21.9', force=True)
-        self.requires('sqlite3/3.47.0', force=True)
+        self.requires('protobuf/3.21.12', force=True)
+        self.requires('sqlite3/3.49.1', force=True)
         if self.options.jemalloc:
             self.requires('jemalloc/5.3.0')
         if self.options.rocksdb:
-            self.requires('rocksdb/9.7.3')
-        self.requires('xxhash/0.8.2', **transitive_headers_opt)
+            self.requires('rocksdb/10.0.1')
+        self.requires('xxhash/0.8.3', **transitive_headers_opt)
 
     exports_sources = (
         'CMakeLists.txt',
@@ -163,7 +168,17 @@ class Xrpl(ConanFile):
         # `include/`, not `include/ripple/proto/`.
         libxrpl.includedirs = ['include', 'include/ripple/proto']
         libxrpl.requires = [
-            'boost::boost',
+            'boost::headers',
+            'boost::chrono',
+            'boost::container',
+            'boost::coroutine',
+            'boost::date_time',
+            'boost::filesystem',
+            'boost::json',
+            'boost::program_options',
+            'boost::regex',
+            'boost::system',
+            'boost::thread',
             'date::date',
             'grpc::grpc++',
             'libarchive::libarchive',

external/antithesis-sdk/CMakeLists.txt

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.25)
+cmake_minimum_required(VERSION 3.18)
 
 # Note, version set explicitly by rippled project
 project(antithesis-sdk-cpp VERSION 0.4.4 LANGUAGES CXX)

external/nudb/conandata.yml

@@ -1,10 +0,0 @@
-sources:
-  "2.0.8":
-    url: "https://github.com/CPPAlliance/NuDB/archive/2.0.8.tar.gz"
-    sha256: "9b71903d8ba111cd893ab064b9a8b6ac4124ed8bd6b4f67250205bc43c7f13a8"
-patches:
-  "2.0.8":
-    - patch_file: "patches/2.0.8-0001-add-include-stdexcept-for-msvc.patch"
-      patch_description: "Fix build for MSVC by including stdexcept"
-      patch_type: "portability"
-      patch_source: "https://github.com/cppalliance/NuDB/pull/100/files"

external/nudb/conanfile.py

@@ -1,72 +0,0 @@
-import os
-
-from conan import ConanFile
-from conan.tools.build import check_min_cppstd
-from conan.tools.files import apply_conandata_patches, copy, export_conandata_patches, get
-from conan.tools.layout import basic_layout
-
-required_conan_version = ">=1.52.0"
-
-
-class NudbConan(ConanFile):
-    name = "nudb"
-    description = "A fast key/value insert-only database for SSD drives in C++11"
-    license = "BSL-1.0"
-    url = "https://github.com/conan-io/conan-center-index"
-    homepage = "https://github.com/CPPAlliance/NuDB"
-    topics = ("header-only", "KVS", "insert-only")
-
-    package_type = "header-library"
-    settings = "os", "arch", "compiler", "build_type"
-    no_copy_source = True
-
-    @property
-    def _min_cppstd(self):
-        return 11
-
-    def export_sources(self):
-        export_conandata_patches(self)
-
-    def layout(self):
-        basic_layout(self, src_folder="src")
-
-    def requirements(self):
-        self.requires("boost/1.83.0")
-
-    def package_id(self):
-        self.info.clear()
-
-    def validate(self):
-        if self.settings.compiler.cppstd:
-            check_min_cppstd(self, self._min_cppstd)
-
-    def source(self):
-        get(self, **self.conan_data["sources"][self.version], strip_root=True)
-
-    def build(self):
-        apply_conandata_patches(self)
-
-    def package(self):
-        copy(self, "LICENSE*",
-             dst=os.path.join(self.package_folder, "licenses"),
-             src=self.source_folder)
-        copy(self, "*",
-             dst=os.path.join(self.package_folder, "include"),
-             src=os.path.join(self.source_folder, "include"))
-
-    def package_info(self):
-        self.cpp_info.bindirs = []
-        self.cpp_info.libdirs = []
-
-        self.cpp_info.set_property("cmake_target_name", "NuDB")
-        self.cpp_info.set_property("cmake_target_aliases", ["NuDB::nudb"])
-        self.cpp_info.set_property("cmake_find_mode", "both")
-
-        self.cpp_info.components["core"].set_property("cmake_target_name", "nudb")
-        self.cpp_info.components["core"].names["cmake_find_package"] = "nudb"
-        self.cpp_info.components["core"].names["cmake_find_package_multi"] = "nudb"
-        self.cpp_info.components["core"].requires = ["boost::thread", "boost::system"]
-
-        # TODO: to remove in conan v2 once cmake_find_package_* generators removed
-        self.cpp_info.names["cmake_find_package"] = "NuDB"
-        self.cpp_info.names["cmake_find_package_multi"] = "NuDB"

external/nudb/patches/2.0.8-0001-add-include-stdexcept-for-msvc.patch

@@ -1,24 +0,0 @@
-diff --git a/include/nudb/detail/stream.hpp b/include/nudb/detail/stream.hpp
-index 6c07bf1..e0ce8ed 100644
---- a/include/nudb/detail/stream.hpp
-+++ b/include/nudb/detail/stream.hpp
-@@ -14,6 +14,7 @@
- #include <cstdint>
- #include <cstring>
- #include <memory>
-+#include <stdexcept>
- 
- namespace nudb {
- namespace detail {
-diff --git a/include/nudb/impl/context.ipp b/include/nudb/impl/context.ipp
-index beb7058..ffde0b3 100644
---- a/include/nudb/impl/context.ipp
-+++ b/include/nudb/impl/context.ipp
-@@ -9,6 +9,7 @@
- #define NUDB_IMPL_CONTEXT_IPP
- 
- #include <nudb/detail/store_base.hpp>
-+#include <stdexcept>
- 
- namespace nudb {
- 

external/rocksdb/conandata.yml

@@ -1,12 +0,0 @@
-sources:
-  "9.7.3":
-    url: "https://github.com/facebook/rocksdb/archive/refs/tags/v9.7.3.tar.gz"
-    sha256: "acfabb989cbfb5b5c4d23214819b059638193ec33dad2d88373c46448d16d38b"
-patches:
-  "9.7.3":
-    - patch_file: "patches/9.x.x-0001-exclude-thirdparty.patch"
-      patch_description: "Do not include thirdparty.inc"
-      patch_type: "portability"
-    - patch_file: "patches/9.7.3-0001-memory-leak.patch"
-      patch_description: "Fix a leak of obsolete blob files left open until DB::Close()"
-      patch_type: "portability"

external/rocksdb/conanfile.py

@@ -1,235 +0,0 @@
-import os
-import glob
-import shutil
-
-from conan import ConanFile
-from conan.errors import ConanInvalidConfiguration
-from conan.tools.build import check_min_cppstd
-from conan.tools.cmake import CMake, CMakeDeps, CMakeToolchain, cmake_layout
-from conan.tools.files import apply_conandata_patches, collect_libs, copy, export_conandata_patches, get, rm, rmdir
-from conan.tools.microsoft import check_min_vs, is_msvc, is_msvc_static_runtime
-from conan.tools.scm import Version
-
-required_conan_version = ">=1.53.0"
-
-
-class RocksDBConan(ConanFile):
-    name = "rocksdb"
-    description = "A library that provides an embeddable, persistent key-value store for fast storage"
-    license = ("GPL-2.0-only", "Apache-2.0")
-    url = "https://github.com/conan-io/conan-center-index"
-    homepage = "https://github.com/facebook/rocksdb"
-    topics = ("database", "leveldb", "facebook", "key-value")
-    package_type = "library"
-    settings = "os", "arch", "compiler", "build_type"
-    options = {
-        "shared": [True, False],
-        "fPIC": [True, False],
-        "lite": [True, False],
-        "with_gflags": [True, False],
-        "with_snappy": [True, False],
-        "with_lz4": [True, False],
-        "with_zlib": [True, False],
-        "with_zstd": [True, False],
-        "with_tbb": [True, False],
-        "with_jemalloc": [True, False],
-        "enable_sse": [False, "sse42", "avx2"],
-        "use_rtti": [True, False],
-    }
-    default_options = {
-        "shared": False,
-        "fPIC": True,
-        "lite": False,
-        "with_snappy": False,
-        "with_lz4": False,
-        "with_zlib": False,
-        "with_zstd": False,
-        "with_gflags": False,
-        "with_tbb": False,
-        "with_jemalloc": False,
-        "enable_sse": False,
-        "use_rtti": False,
-    }
-
-    @property
-    def _min_cppstd(self):
-        return "11" if Version(self.version) < "8.8.1" else "17"
-
-    @property
-    def _compilers_minimum_version(self):
-        return {} if self._min_cppstd == "11" else {
-            "apple-clang": "10",
-            "clang": "7",
-            "gcc": "7",
-            "msvc": "191",
-            "Visual Studio": "15",
-        }
-
-    def export_sources(self):
-        export_conandata_patches(self)
-
-    def config_options(self):
-        if self.settings.os == "Windows":
-            del self.options.fPIC
-        if self.settings.arch != "x86_64":
-            del self.options.with_tbb
-        if self.settings.build_type == "Debug":
-            self.options.use_rtti = True  # Rtti are used in asserts for debug mode...
-
-    def configure(self):
-        if self.options.shared:
-            self.options.rm_safe("fPIC")
-
-    def layout(self):
-        cmake_layout(self, src_folder="src")
-
-    def requirements(self):
-        if self.options.with_gflags:
-            self.requires("gflags/2.2.2")
-        if self.options.with_snappy:
-            self.requires("snappy/1.1.10")
-        if self.options.with_lz4:
-            self.requires("lz4/1.10.0")
-        if self.options.with_zlib:
-            self.requires("zlib/[>=1.2.11 <2]")
-        if self.options.with_zstd:
-            self.requires("zstd/1.5.6")
-        if self.options.get_safe("with_tbb"):
-            self.requires("onetbb/2021.12.0")
-        if self.options.with_jemalloc:
-            self.requires("jemalloc/5.3.0")
-
-    def validate(self):
-        if self.settings.compiler.get_safe("cppstd"):
-            check_min_cppstd(self, self._min_cppstd)
-
-        minimum_version = self._compilers_minimum_version.get(str(self.settings.compiler), False)
-        if minimum_version and Version(self.settings.compiler.version) < minimum_version:
-            raise ConanInvalidConfiguration(
-                f"{self.ref} requires C++{self._min_cppstd}, which your compiler does not support."
-            )
-
-        if self.settings.arch not in ["x86_64", "ppc64le", "ppc64", "mips64", "armv8"]:
-            raise ConanInvalidConfiguration("Rocksdb requires 64 bits")
-
-        check_min_vs(self, "191")
-
-        if self.version == "6.20.3" and \
-                self.settings.os == "Linux" and \
-                self.settings.compiler == "gcc" and \
-                Version(self.settings.compiler.version) < "5":
-            raise ConanInvalidConfiguration("Rocksdb 6.20.3 is not compilable with gcc <5.") # See https://github.com/facebook/rocksdb/issues/3522
-
-    def source(self):
-        get(self, **self.conan_data["sources"][self.version], strip_root=True)
-
-    def generate(self):
-        tc = CMakeToolchain(self)
-        tc.variables["FAIL_ON_WARNINGS"] = False
-        tc.variables["WITH_TESTS"] = False
-        tc.variables["WITH_TOOLS"] = False
-        tc.variables["WITH_CORE_TOOLS"] = False
-        tc.variables["WITH_BENCHMARK_TOOLS"] = False
-        tc.variables["WITH_FOLLY_DISTRIBUTED_MUTEX"] = False
-        if is_msvc(self):
-            tc.variables["WITH_MD_LIBRARY"] = not is_msvc_static_runtime(self)
-        tc.variables["ROCKSDB_INSTALL_ON_WINDOWS"] = self.settings.os == "Windows"
-        tc.variables["ROCKSDB_LITE"] = self.options.lite
-        tc.variables["WITH_GFLAGS"] = self.options.with_gflags
-        tc.variables["WITH_SNAPPY"] = self.options.with_snappy
-        tc.variables["WITH_LZ4"] = self.options.with_lz4
-        tc.variables["WITH_ZLIB"] = self.options.with_zlib
-        tc.variables["WITH_ZSTD"] = self.options.with_zstd
-        tc.variables["WITH_TBB"] = self.options.get_safe("with_tbb", False)
-        tc.variables["WITH_JEMALLOC"] = self.options.with_jemalloc
-        tc.variables["ROCKSDB_BUILD_SHARED"] = self.options.shared
-        tc.variables["ROCKSDB_LIBRARY_EXPORTS"] = self.settings.os == "Windows" and self.options.shared
-        tc.variables["ROCKSDB_DLL" ] = self.settings.os == "Windows" and self.options.shared
-        tc.variables["USE_RTTI"] = self.options.use_rtti
-        if not bool(self.options.enable_sse):
-            tc.variables["PORTABLE"] = True
-            tc.variables["FORCE_SSE42"] = False
-        elif self.options.enable_sse == "sse42":
-            tc.variables["PORTABLE"] = True
-            tc.variables["FORCE_SSE42"] = True
-        elif self.options.enable_sse == "avx2":
-            tc.variables["PORTABLE"] = False
-            tc.variables["FORCE_SSE42"] = False
-        # not available yet in CCI
-        tc.variables["WITH_NUMA"] = False
-        tc.generate()
-
-        deps = CMakeDeps(self)
-        if self.options.with_jemalloc:
-            deps.set_property("jemalloc", "cmake_file_name", "JeMalloc")
-            deps.set_property("jemalloc", "cmake_target_name", "JeMalloc::JeMalloc")
-        if self.options.with_zstd:
-            deps.set_property("zstd", "cmake_target_name", "zstd::zstd")
-        deps.generate()
-
-    def build(self):
-        apply_conandata_patches(self)
-        cmake = CMake(self)
-        cmake.configure()
-        cmake.build()
-
-    def _remove_static_libraries(self):
-        rm(self, "rocksdb.lib", os.path.join(self.package_folder, "lib"))
-        for lib in glob.glob(os.path.join(self.package_folder, "lib", "*.a")):
-            if not lib.endswith(".dll.a"):
-                os.remove(lib)
-
-    def _remove_cpp_headers(self):
-        for path in glob.glob(os.path.join(self.package_folder, "include", "rocksdb", "*")):
-            if path != os.path.join(self.package_folder, "include", "rocksdb", "c.h"):
-                if os.path.isfile(path):
-                    os.remove(path)
-                else:
-                    shutil.rmtree(path)
-
-    def package(self):
-        copy(self, "COPYING", src=self.source_folder, dst=os.path.join(self.package_folder, "licenses"))
-        copy(self, "LICENSE*", src=self.source_folder, dst=os.path.join(self.package_folder, "licenses"))
-        cmake = CMake(self)
-        cmake.install()
-        if self.options.shared:
-            self._remove_static_libraries()
-            self._remove_cpp_headers() # Force stable ABI for shared libraries
-        rmdir(self, os.path.join(self.package_folder, "lib", "cmake"))
-        rmdir(self, os.path.join(self.package_folder, "lib", "pkgconfig"))
-
-    def package_info(self):
-        cmake_target = "rocksdb-shared" if self.options.shared else "rocksdb"
-        self.cpp_info.set_property("cmake_file_name", "RocksDB")
-        self.cpp_info.set_property("cmake_target_name", f"RocksDB::{cmake_target}")
-        # TODO: back to global scope in conan v2 once cmake_find_package* generators removed
-        self.cpp_info.components["librocksdb"].libs = collect_libs(self)
-        if self.settings.os == "Windows":
-            self.cpp_info.components["librocksdb"].system_libs = ["shlwapi", "rpcrt4"]
-            if self.options.shared:
-                self.cpp_info.components["librocksdb"].defines = ["ROCKSDB_DLL"]
-        elif self.settings.os in ["Linux", "FreeBSD"]:
-            self.cpp_info.components["librocksdb"].system_libs = ["pthread", "m"]
-        if self.options.lite:
-            self.cpp_info.components["librocksdb"].defines.append("ROCKSDB_LITE")
-
-        # TODO: to remove in conan v2 once cmake_find_package* generators removed
-        self.cpp_info.names["cmake_find_package"] = "RocksDB"
-        self.cpp_info.names["cmake_find_package_multi"] = "RocksDB"
-        self.cpp_info.components["librocksdb"].names["cmake_find_package"] = cmake_target
-        self.cpp_info.components["librocksdb"].names["cmake_find_package_multi"] = cmake_target
-        self.cpp_info.components["librocksdb"].set_property("cmake_target_name", f"RocksDB::{cmake_target}")
-        if self.options.with_gflags:
-            self.cpp_info.components["librocksdb"].requires.append("gflags::gflags")
-        if self.options.with_snappy:
-            self.cpp_info.components["librocksdb"].requires.append("snappy::snappy")
-        if self.options.with_lz4:
-            self.cpp_info.components["librocksdb"].requires.append("lz4::lz4")
-        if self.options.with_zlib:
-            self.cpp_info.components["librocksdb"].requires.append("zlib::zlib")
-        if self.options.with_zstd:
-            self.cpp_info.components["librocksdb"].requires.append("zstd::zstd")
-        if self.options.get_safe("with_tbb"):
-            self.cpp_info.components["librocksdb"].requires.append("onetbb::onetbb")
-        if self.options.with_jemalloc:
-            self.cpp_info.components["librocksdb"].requires.append("jemalloc::jemalloc")

external/rocksdb/patches/9.7.3-0001-memory-leak.patch

@@ -1,319 +0,0 @@
-diff --git a/HISTORY.md b/HISTORY.md
-index 36d472229..05ad1a202 100644
---- a/HISTORY.md
-+++ b/HISTORY.md
-@@ -1,6 +1,10 @@
- # Rocksdb Change Log
- > NOTE: Entries for next release do not go here. Follow instructions in `unreleased_history/README.txt`
- 
-+## 9.7.4 (10/31/2024)
-+### Bug Fixes
-+* Fix a leak of obsolete blob files left open until DB::Close(). This bug was introduced in version 9.4.0.
-+
- ## 9.7.3 (10/16/2024)
- ### Behavior Changes
- * OPTIONS file to be loaded by remote worker is now preserved so that it does not get purged by the primary host. A similar technique as how we are preserving new SST files from getting purged is used for this. min_options_file_numbers_ is tracked like pending_outputs_ is tracked.
-diff --git a/db/blob/blob_file_cache.cc b/db/blob/blob_file_cache.cc
-index 5f340aadf..1b9faa238 100644
---- a/db/blob/blob_file_cache.cc
-+++ b/db/blob/blob_file_cache.cc
-@@ -42,6 +42,7 @@ Status BlobFileCache::GetBlobFileReader(
-   assert(blob_file_reader);
-   assert(blob_file_reader->IsEmpty());
- 
-+  // NOTE: sharing same Cache with table_cache
-   const Slice key = GetSliceForKey(&blob_file_number);
- 
-   assert(cache_);
-@@ -98,4 +99,13 @@ Status BlobFileCache::GetBlobFileReader(
-   return Status::OK();
- }
- 
-+void BlobFileCache::Evict(uint64_t blob_file_number) {
-+  // NOTE: sharing same Cache with table_cache
-+  const Slice key = GetSliceForKey(&blob_file_number);
-+
-+  assert(cache_);
-+
-+  cache_.get()->Erase(key);
-+}
-+
- }  // namespace ROCKSDB_NAMESPACE
-diff --git a/db/blob/blob_file_cache.h b/db/blob/blob_file_cache.h
-index 740e67ada..6858d012b 100644
---- a/db/blob/blob_file_cache.h
-+++ b/db/blob/blob_file_cache.h
-@@ -36,6 +36,15 @@ class BlobFileCache {
-                            uint64_t blob_file_number,
-                            CacheHandleGuard<BlobFileReader>* blob_file_reader);
- 
-+  // Called when a blob file is obsolete to ensure it is removed from the cache
-+  // to avoid effectively leaking the open file and assicated memory
-+  void Evict(uint64_t blob_file_number);
-+
-+  // Used to identify cache entries for blob files (not normally useful)
-+  static const Cache::CacheItemHelper* GetHelper() {
-+    return CacheInterface::GetBasicHelper();
-+  }
-+
-  private:
-   using CacheInterface =
-       BasicTypedCacheInterface<BlobFileReader, CacheEntryRole::kMisc>;
-diff --git a/db/column_family.h b/db/column_family.h
-index e4b7adde8..86637736a 100644
---- a/db/column_family.h
-+++ b/db/column_family.h
-@@ -401,6 +401,7 @@ class ColumnFamilyData {
-                          SequenceNumber earliest_seq);
- 
-   TableCache* table_cache() const { return table_cache_.get(); }
-+  BlobFileCache* blob_file_cache() const { return blob_file_cache_.get(); }
-   BlobSource* blob_source() const { return blob_source_.get(); }
- 
-   // See documentation in compaction_picker.h
-diff --git a/db/db_impl/db_impl.cc b/db/db_impl/db_impl.cc
-index 261593423..06573ac2e 100644
---- a/db/db_impl/db_impl.cc
-+++ b/db/db_impl/db_impl.cc
-@@ -659,8 +659,9 @@ Status DBImpl::CloseHelper() {
-   // We need to release them before the block cache is destroyed. The block
-   // cache may be destroyed inside versions_.reset(), when column family data
-   // list is destroyed, so leaving handles in table cache after
--  // versions_.reset() may cause issues.
--  // Here we clean all unreferenced handles in table cache.
-+  // versions_.reset() may cause issues. Here we clean all unreferenced handles
-+  // in table cache, and (for certain builds/conditions) assert that no obsolete
-+  // files are hanging around unreferenced (leak) in the table/blob file cache.
-   // Now we assume all user queries have finished, so only version set itself
-   // can possibly hold the blocks from block cache. After releasing unreferenced
-   // handles here, only handles held by version set left and inside
-@@ -668,6 +669,9 @@ Status DBImpl::CloseHelper() {
-   // time a handle is released, we erase it from the cache too. By doing that,
-   // we can guarantee that after versions_.reset(), table cache is empty
-   // so the cache can be safely destroyed.
-+#ifndef NDEBUG
-+  TEST_VerifyNoObsoleteFilesCached(/*db_mutex_already_held=*/true);
-+#endif  // !NDEBUG
-   table_cache_->EraseUnRefEntries();
- 
-   for (auto& txn_entry : recovered_transactions_) {
-@@ -3227,6 +3231,8 @@ Status DBImpl::MultiGetImpl(
-       s = Status::Aborted();
-       break;
-     }
-+    // This could be a long-running operation
-+    ROCKSDB_THREAD_YIELD_HOOK();
-   }
- 
-   // Post processing (decrement reference counts and record statistics)
-diff --git a/db/db_impl/db_impl.h b/db/db_impl/db_impl.h
-index 5e4fa310b..ccc0abfa7 100644
---- a/db/db_impl/db_impl.h
-+++ b/db/db_impl/db_impl.h
-@@ -1241,9 +1241,14 @@ class DBImpl : public DB {
-   static Status TEST_ValidateOptions(const DBOptions& db_options) {
-     return ValidateOptions(db_options);
-   }
--
- #endif  // NDEBUG
- 
-+  // In certain configurations, verify that the table/blob file cache only
-+  // contains entries for live files, to check for effective leaks of open
-+  // files. This can only be called when purging of obsolete files has
-+  // "settled," such as during parts of DB Close().
-+  void TEST_VerifyNoObsoleteFilesCached(bool db_mutex_already_held) const;
-+
-   // persist stats to column family "_persistent_stats"
-   void PersistStats();
- 
-diff --git a/db/db_impl/db_impl_debug.cc b/db/db_impl/db_impl_debug.cc
-index 790a50d7a..67f5b4aaf 100644
---- a/db/db_impl/db_impl_debug.cc
-+++ b/db/db_impl/db_impl_debug.cc
-@@ -9,6 +9,7 @@
- 
- #ifndef NDEBUG
- 
-+#include "db/blob/blob_file_cache.h"
- #include "db/column_family.h"
- #include "db/db_impl/db_impl.h"
- #include "db/error_handler.h"
-@@ -328,5 +329,49 @@ size_t DBImpl::TEST_EstimateInMemoryStatsHistorySize() const {
-   InstrumentedMutexLock l(&const_cast<DBImpl*>(this)->stats_history_mutex_);
-   return EstimateInMemoryStatsHistorySize();
- }
-+
-+void DBImpl::TEST_VerifyNoObsoleteFilesCached(
-+    bool db_mutex_already_held) const {
-+  // This check is somewhat expensive and obscure to make a part of every
-+  // unit test in every build variety. Thus, we only enable it for ASAN builds.
-+  if (!kMustFreeHeapAllocations) {
-+    return;
-+  }
-+
-+  std::optional<InstrumentedMutexLock> l;
-+  if (db_mutex_already_held) {
-+    mutex_.AssertHeld();
-+  } else {
-+    l.emplace(&mutex_);
-+  }
-+
-+  std::vector<uint64_t> live_files;
-+  for (auto cfd : *versions_->GetColumnFamilySet()) {
-+    if (cfd->IsDropped()) {
-+      continue;
-+    }
-+    // Sneakily add both SST and blob files to the same list
-+    cfd->current()->AddLiveFiles(&live_files, &live_files);
-+  }
-+  std::sort(live_files.begin(), live_files.end());
-+
-+  auto fn = [&live_files](const Slice& key, Cache::ObjectPtr, size_t,
-+                          const Cache::CacheItemHelper* helper) {
-+    if (helper != BlobFileCache::GetHelper()) {
-+      // Skip non-blob files for now
-+      // FIXME: diagnose and fix the leaks of obsolete SST files revealed in
-+      // unit tests.
-+      return;
-+    }
-+    // See TableCache and BlobFileCache
-+    assert(key.size() == sizeof(uint64_t));
-+    uint64_t file_number;
-+    GetUnaligned(reinterpret_cast<const uint64_t*>(key.data()), &file_number);
-+    // Assert file is in sorted live_files
-+    assert(
-+        std::binary_search(live_files.begin(), live_files.end(), file_number));
-+  };
-+  table_cache_->ApplyToAllEntries(fn, {});
-+}
- }  // namespace ROCKSDB_NAMESPACE
- #endif  // NDEBUG
-diff --git a/db/db_iter.cc b/db/db_iter.cc
-index e02586377..bf4749eb9 100644
---- a/db/db_iter.cc
-+++ b/db/db_iter.cc
-@@ -540,6 +540,8 @@ bool DBIter::FindNextUserEntryInternal(bool skipping_saved_key,
-     } else {
-       iter_.Next();
-     }
-+    // This could be a long-running operation due to tombstones, etc.
-+    ROCKSDB_THREAD_YIELD_HOOK();
-   } while (iter_.Valid());
- 
-   valid_ = false;
-diff --git a/db/table_cache.cc b/db/table_cache.cc
-index 71fc29c32..8a5be75e8 100644
---- a/db/table_cache.cc
-+++ b/db/table_cache.cc
-@@ -164,6 +164,7 @@ Status TableCache::GetTableReader(
- }
- 
- Cache::Handle* TableCache::Lookup(Cache* cache, uint64_t file_number) {
-+  // NOTE: sharing same Cache with BlobFileCache
-   Slice key = GetSliceForFileNumber(&file_number);
-   return cache->Lookup(key);
- }
-@@ -179,6 +180,7 @@ Status TableCache::FindTable(
-     size_t max_file_size_for_l0_meta_pin, Temperature file_temperature) {
-   PERF_TIMER_GUARD_WITH_CLOCK(find_table_nanos, ioptions_.clock);
-   uint64_t number = file_meta.fd.GetNumber();
-+  // NOTE: sharing same Cache with BlobFileCache
-   Slice key = GetSliceForFileNumber(&number);
-   *handle = cache_.Lookup(key);
-   TEST_SYNC_POINT_CALLBACK("TableCache::FindTable:0",
-diff --git a/db/version_builder.cc b/db/version_builder.cc
-index ed8ab8214..c98f53f42 100644
---- a/db/version_builder.cc
-+++ b/db/version_builder.cc
-@@ -24,6 +24,7 @@
- #include <vector>
- 
- #include "cache/cache_reservation_manager.h"
-+#include "db/blob/blob_file_cache.h"
- #include "db/blob/blob_file_meta.h"
- #include "db/dbformat.h"
- #include "db/internal_stats.h"
-@@ -744,12 +745,9 @@ class VersionBuilder::Rep {
-       return Status::Corruption("VersionBuilder", oss.str());
-     }
- 
--    // Note: we use C++11 for now but in C++14, this could be done in a more
--    // elegant way using generalized lambda capture.
--    VersionSet* const vs = version_set_;
--    const ImmutableCFOptions* const ioptions = ioptions_;
--
--    auto deleter = [vs, ioptions](SharedBlobFileMetaData* shared_meta) {
-+    auto deleter = [vs = version_set_, ioptions = ioptions_,
-+                    bc = cfd_ ? cfd_->blob_file_cache()
-+                              : nullptr](SharedBlobFileMetaData* shared_meta) {
-       if (vs) {
-         assert(ioptions);
-         assert(!ioptions->cf_paths.empty());
-@@ -758,6 +756,9 @@ class VersionBuilder::Rep {
-         vs->AddObsoleteBlobFile(shared_meta->GetBlobFileNumber(),
-                                 ioptions->cf_paths.front().path);
-       }
-+      if (bc) {
-+        bc->Evict(shared_meta->GetBlobFileNumber());
-+      }
- 
-       delete shared_meta;
-     };
-@@ -766,7 +767,7 @@ class VersionBuilder::Rep {
-         blob_file_number, blob_file_addition.GetTotalBlobCount(),
-         blob_file_addition.GetTotalBlobBytes(),
-         blob_file_addition.GetChecksumMethod(),
--        blob_file_addition.GetChecksumValue(), deleter);
-+        blob_file_addition.GetChecksumValue(), std::move(deleter));
- 
-     mutable_blob_file_metas_.emplace(
-         blob_file_number, MutableBlobFileMetaData(std::move(shared_meta)));
-diff --git a/db/version_set.h b/db/version_set.h
-index 9336782b1..024f869e7 100644
---- a/db/version_set.h
-+++ b/db/version_set.h
-@@ -1514,7 +1514,6 @@ class VersionSet {
-   void GetLiveFilesMetaData(std::vector<LiveFileMetaData>* metadata);
- 
-   void AddObsoleteBlobFile(uint64_t blob_file_number, std::string path) {
--    // TODO: Erase file from BlobFileCache?
-     obsolete_blob_files_.emplace_back(blob_file_number, std::move(path));
-   }
- 
-diff --git a/include/rocksdb/version.h b/include/rocksdb/version.h
-index 2a19796b8..0afa2cab1 100644
---- a/include/rocksdb/version.h
-+++ b/include/rocksdb/version.h
-@@ -13,7 +13,7 @@
- // minor or major version number planned for release.
- #define ROCKSDB_MAJOR 9
- #define ROCKSDB_MINOR 7
--#define ROCKSDB_PATCH 3
-+#define ROCKSDB_PATCH 4
- 
- // Do not use these. We made the mistake of declaring macros starting with
- // double underscore. Now we have to live with our choice. We'll deprecate these
-diff --git a/port/port.h b/port/port.h
-index 13aa56d47..141716e5b 100644
---- a/port/port.h
-+++ b/port/port.h
-@@ -19,3 +19,19 @@
- #elif defined(OS_WIN)
- #include "port/win/port_win.h"
- #endif
-+
-+#ifdef OS_LINUX
-+// A temporary hook into long-running RocksDB threads to support modifying their
-+// priority etc. This should become a public API hook once the requirements
-+// are better understood.
-+extern "C" void RocksDbThreadYield() __attribute__((__weak__));
-+#define ROCKSDB_THREAD_YIELD_HOOK() \
-+  {                                 \
-+    if (RocksDbThreadYield) {       \
-+      RocksDbThreadYield();         \
-+    }                               \
-+  }
-+#else
-+#define ROCKSDB_THREAD_YIELD_HOOK() \
-+  {}
-+#endif

external/rocksdb/patches/9.x.x-0001-exclude-thirdparty.patch

@@ -1,30 +0,0 @@
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 93b884d..b715cb6 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -106,14 +106,9 @@ endif()
- include(CMakeDependentOption)
-
- if(MSVC)
--  option(WITH_GFLAGS "build with GFlags" OFF)
-   option(WITH_XPRESS "build with windows built in compression" OFF)
--  option(ROCKSDB_SKIP_THIRDPARTY "skip thirdparty.inc" OFF)
--
--  if(NOT ROCKSDB_SKIP_THIRDPARTY)
--    include(${CMAKE_CURRENT_SOURCE_DIR}/thirdparty.inc)
--  endif()
--else()
-+endif()
-+if(TRUE)
-   if(CMAKE_SYSTEM_NAME MATCHES "FreeBSD" AND NOT CMAKE_SYSTEM_NAME MATCHES "kFreeBSD")
-     # FreeBSD has jemalloc as default malloc
-     # but it does not have all the jemalloc files in include/...
-@@ -126,7 +121,7 @@ else()
-     endif()
-   endif()
-
--  if(MINGW)
-+  if(MSVC OR MINGW)
-     option(WITH_GFLAGS "build with GFlags" OFF)
-   else()
-     option(WITH_GFLAGS "build with GFlags" ON)

include/xrpl/basics/Buffer.h

@@ -25,6 +25,7 @@
 
 #include <cstdint>
 #include <cstring>
+#include <memory>
 
 namespace ripple {
 

include/xrpl/basics/Expected.h

@@ -22,8 +22,18 @@
 
 #include <xrpl/basics/contract.h>
 
+#if defined(__clang__)
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wdeprecated"
+#pragma clang diagnostic ignored "-Wdeprecated-declarations"
+#endif
+
 #include <boost/outcome.hpp>
 
+#if defined(__clang__)
+#pragma clang diagnostic pop
+#endif
+
 #include <stdexcept>
 
 namespace ripple {

include/xrpl/basics/StringUtilities.h

@@ -29,7 +29,6 @@
 #include <array>
 #include <cstdint>
 #include <optional>
-#include <sstream>
 #include <string>
 
 namespace ripple {

include/xrpl/basics/algorithm.h

@@ -20,7 +20,6 @@
 #ifndef RIPPLE_ALGORITHM_H_INCLUDED
 #define RIPPLE_ALGORITHM_H_INCLUDED
 
-#include <iterator>
 #include <utility>
 
 namespace ripple {

include/xrpl/basics/base_uint.h

@@ -632,6 +632,13 @@ to_string(base_uint<Bits, Tag> const& a)
     return strHex(a.cbegin(), a.cend());
 }
 
+template <std::size_t Bits, class Tag>
+inline std::string
+to_short_string(base_uint<Bits, Tag> const& a)
+{
+    return to_string(a).substr(0, 8) + "...";
+}
+
 template <std::size_t Bits, class Tag>
 inline std::ostream&
 operator<<(std::ostream& out, base_uint<Bits, Tag> const& u)

include/xrpl/basics/hardened_hash.h

@@ -24,12 +24,8 @@
 #include <xrpl/beast/hash/xxhasher.h>
 
 #include <cstdint>
-#include <functional>
 #include <mutex>
 #include <random>
-#include <type_traits>
-#include <unordered_map>
-#include <unordered_set>
 #include <utility>
 
 namespace ripple {

include/xrpl/basics/mulDiv.h

@@ -23,7 +23,6 @@
 #include <cstdint>
 #include <limits>
 #include <optional>
-#include <utility>
 
 namespace ripple {
 auto constexpr muldiv_max = std::numeric_limits<std::uint64_t>::max();

include/xrpl/basics/tagged_integer.h

@@ -24,10 +24,8 @@
 
 #include <boost/operators.hpp>
 
-#include <functional>
 #include <iostream>
 #include <type_traits>
-#include <utility>
 
 namespace ripple {
 

include/xrpl/beast/clock/abstract_clock.h

@@ -20,9 +20,6 @@
 #ifndef BEAST_CHRONO_ABSTRACT_CLOCK_H_INCLUDED
 #define BEAST_CHRONO_ABSTRACT_CLOCK_H_INCLUDED
 
-#include <chrono>
-#include <string>
-
 namespace beast {
 
 /** Abstract interface to a clock.

include/xrpl/beast/clock/manual_clock.h

@@ -23,6 +23,8 @@
 #include <xrpl/beast/clock/abstract_clock.h>
 #include <xrpl/beast/utility/instrumentation.h>
 
+#include <chrono>
+
 namespace beast {
 
 /** Manual clock implementation.

include/xrpl/beast/container/aged_container_utility.h

@@ -22,6 +22,7 @@
 
 #include <xrpl/beast/container/aged_container.h>
 
+#include <chrono>
 #include <type_traits>
 
 namespace beast {

include/xrpl/beast/container/detail/aged_associative_container.h

@@ -20,8 +20,6 @@
 #ifndef BEAST_CONTAINER_DETAIL_AGED_ASSOCIATIVE_CONTAINER_H_INCLUDED
 #define BEAST_CONTAINER_DETAIL_AGED_ASSOCIATIVE_CONTAINER_H_INCLUDED
 
-#include <type_traits>
-
 namespace beast {
 namespace detail {
 

include/xrpl/beast/container/detail/aged_ordered_container.h

@@ -33,7 +33,6 @@
 #include <algorithm>
 #include <functional>
 #include <initializer_list>
-#include <iterator>
 #include <memory>
 #include <type_traits>
 #include <utility>

include/xrpl/beast/core/LexicalCast.h

@@ -29,11 +29,9 @@
 #include <charconv>
 #include <cstdlib>
 #include <iterator>
-#include <limits>
 #include <string>
 #include <type_traits>
 #include <typeinfo>
-#include <utility>
 
 namespace beast {
 

include/xrpl/beast/hash/hash_append.h

@@ -24,14 +24,36 @@
 #include <boost/container/flat_set.hpp>
 #include <boost/endian/conversion.hpp>
 
+/*
+
+Workaround for overzealous clang warning, which trips on libstdc++ headers
+
+  In file included from
+  /usr/lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_algo.h:61:
+  /usr/lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/stl_tempbuf.h:263:8:
+  error: 'get_temporary_buffer<std::pair<ripple::Quality, const
+  std::vector<std::unique_ptr<ripple::Step>> *>>' is deprecated
+  [-Werror,-Wdeprecated-declarations] 263 |
+  std::get_temporary_buffer<value_type>(_M_original_len));
+       ^
+*/
+
+#if defined(__clang__)
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wdeprecated"
+#pragma clang diagnostic ignored "-Wdeprecated-declarations"
+#endif
+
+#include <functional>
+
+#if defined(__clang__)
+#pragma clang diagnostic pop
+#endif
+
 #include <array>
 #include <chrono>
-#include <cstdint>
 #include <cstring>
-#include <functional>
-#include <map>
 #include <memory>
-#include <set>
 #include <string>
 #include <system_error>
 #include <tuple>

include/xrpl/beast/net/IPAddress.h

@@ -29,11 +29,7 @@
 #include <boost/asio/ip/address.hpp>
 #include <boost/functional/hash.hpp>
 
-#include <cstdint>
-#include <ios>
-#include <sstream>
 #include <string>
-#include <typeinfo>
 
 //------------------------------------------------------------------------------
 

include/xrpl/beast/net/IPAddressV4.h

@@ -24,12 +24,6 @@
 
 #include <boost/asio/ip/address_v4.hpp>
 
-#include <cstdint>
-#include <functional>
-#include <ios>
-#include <string>
-#include <utility>
-
 namespace beast {
 namespace IP {
 

include/xrpl/beast/net/IPAddressV6.h

@@ -24,12 +24,6 @@
 
 #include <boost/asio/ip/address_v6.hpp>
 
-#include <cstdint>
-#include <functional>
-#include <ios>
-#include <string>
-#include <utility>
-
 namespace beast {
 namespace IP {
 

include/xrpl/beast/net/IPEndpoint.h

@@ -25,7 +25,6 @@
 #include <xrpl/beast/net/IPAddress.h>
 
 #include <cstdint>
-#include <ios>
 #include <optional>
 #include <string>
 

include/xrpl/beast/rfc2616.h

@@ -28,10 +28,8 @@
 
 #include <algorithm>
 #include <cctype>
-#include <cstdint>
 #include <iterator>
 #include <string>
-#include <utility>
 #include <vector>
 
 namespace beast {

include/xrpl/beast/test/yield_to.h

@@ -13,7 +13,6 @@
 #include <boost/optional.hpp>
 
 #include <condition_variable>
-#include <functional>
 #include <mutex>
 #include <thread>
 #include <vector>

include/xrpl/beast/unit_test/reporter.h

@@ -16,7 +16,6 @@
 
 #include <algorithm>
 #include <chrono>
-#include <functional>
 #include <iomanip>
 #include <iostream>
 #include <sstream>

include/xrpl/beast/unit_test/runner.h

@@ -13,7 +13,6 @@
 #include <boost/assert.hpp>
 
 #include <mutex>
-#include <ostream>
 #include <string>
 
 namespace beast {

include/xrpl/beast/utility/instrumentation.h

@@ -39,11 +39,16 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 #endif
 
 #define XRPL_ASSERT ALWAYS_OR_UNREACHABLE
+#define XRPL_ASSERT_PARTS(cond, function, description, ...) \
+    XRPL_ASSERT(cond, function " : " description)
 
 // How to use the instrumentation macros:
 //
 // * XRPL_ASSERT if cond must be true but the line might not be reached during
 //   fuzzing. Same like `assert` in normal use.
+// * XRPL_ASSERT_PARTS is for convenience, and works like XRPL_ASSERT, but
+//   splits the message param into "function" and "description", then joins
+//   them with " : " before passing to XRPL_ASSERT.
 // * ALWAYS if cond must be true _and_ the line must be reached during fuzzing.
 //   Same like `assert` in normal use.
 // * REACHABLE if the line must be reached during fuzzing

include/xrpl/beast/utility/rngfill.h

@@ -31,36 +31,28 @@ namespace beast {
 
 template <class Generator>
 void
-rngfill(void* buffer, std::size_t bytes, Generator& g)
+rngfill(void* const buffer, std::size_t const bytes, Generator& g)
 {
     using result_type = typename Generator::result_type;
+    constexpr std::size_t result_size = sizeof(result_type);
 
-    while (bytes >= sizeof(result_type))
+    std::uint8_t* const buffer_start = static_cast<std::uint8_t*>(buffer);
+    std::size_t const complete_iterations = bytes / result_size;
+    std::size_t const bytes_remaining = bytes % result_size;
+
+    for (std::size_t count = 0; count < complete_iterations; ++count)
     {
-        auto const v = g();
-        std::memcpy(buffer, &v, sizeof(v));
-        buffer = reinterpret_cast<std::uint8_t*>(buffer) + sizeof(v);
-        bytes -= sizeof(v);
+        result_type const v = g();
+        std::size_t const offset = count * result_size;
+        std::memcpy(buffer_start + offset, &v, result_size);
     }
 
-    XRPL_ASSERT(
-        bytes < sizeof(result_type), "beast::rngfill(void*) : maximum bytes");
-
-#ifdef __GNUC__
-    // gcc 11.1 (falsely) warns about an array-bounds overflow in release mode.
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Warray-bounds"
-#endif
-
-    if (bytes > 0)
+    if (bytes_remaining > 0)
     {
-        auto const v = g();
-        std::memcpy(buffer, &v, bytes);
+        result_type const v = g();
+        std::size_t const offset = complete_iterations * result_size;
+        std::memcpy(buffer_start + offset, &v, bytes_remaining);
     }
-
-#ifdef __GNUC__
-#pragma GCC diagnostic pop
-#endif
 }
 
 template <

include/xrpl/json/json_value.h

@@ -26,7 +26,6 @@
 #include <cstring>
 #include <map>
 #include <string>
-#include <utility>
 #include <vector>
 
 /** \brief JSON (JavaScript Object Notation).

include/xrpl/protocol/AccountID.h

@@ -29,7 +29,6 @@
 #include <xrpl/protocol/json_get_or_throw.h>
 
 #include <cstddef>
-#include <mutex>
 #include <optional>
 #include <string>
 

include/xrpl/protocol/ApiVersion.h

@@ -20,7 +20,6 @@
 #ifndef RIPPLE_PROTOCOL_APIVERSION_H_INCLUDED
 #define RIPPLE_PROTOCOL_APIVERSION_H_INCLUDED
 
-#include <functional>
 #include <type_traits>
 #include <utility>
 

include/xrpl/protocol/ErrorCodes.h

@@ -169,6 +169,8 @@ enum warning_code_i {
     warnRPC_AMENDMENT_BLOCKED = 1002,
     warnRPC_EXPIRED_VALIDATOR_LIST = 1003,
     // unused = 1004
+    warnRPC_FIELDS_DEPRECATED = 2004,  // rippled needs to maintain
+                                       // compatibility with Clio on this code.
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/Feature.h

@@ -24,7 +24,6 @@
 
 #include <boost/container/flat_map.hpp>
 
-#include <array>
 #include <bitset>
 #include <map>
 #include <optional>
@@ -54,6 +53,18 @@
  *    then change the macro parameter in features.macro to
  *    `VoteBehavior::DefaultYes`. The communication process is beyond
  *    the scope of these instructions.
+
+ * 5) If a supported feature (`Supported::yes`) was _ever_ in a released
+ *     version, it can never be changed back to `Supported::no`, because
+ *     it _may_ still become enabled at any time. This would cause newer
+ *     versions of `rippled` to become amendment blocked.
+ *     Instead, to prevent newer versions from voting on the feature, use
+ *     `VoteBehavior::Obsolete`. Obsolete features can not be voted for
+ *     by any versions of `rippled` built with that setting, but will still
+ *     work correctly if they get enabled. If a feature remains obsolete
+ *     for long enough that _all_ clients that could vote for it are
+ *     amendment blocked, the feature can be removed from the code
+ *     as if it was unsupported.
  *
  *
  * When a feature has been enabled for several years, the conditional code

include/xrpl/protocol/Indexes.h

@@ -32,6 +32,7 @@
 #include <xrpl/protocol/jss.h>
 
 #include <cstdint>
+#include <set>
 
 namespace ripple {
 
@@ -343,6 +344,24 @@ vault(uint256 const& vaultKey)
     return {ltVAULT, vaultKey};
 }
 
+Keylet
+loanbroker(AccountID const& owner, std::uint32_t seq) noexcept;
+
+inline Keylet
+loanbroker(uint256 const& vaultKey)
+{
+    return {ltLOAN_BROKER, vaultKey};
+}
+
+Keylet
+loan(uint256 const& loanBrokerID, std::uint32_t loanSeq) noexcept;
+
+inline Keylet
+loan(uint256 const& vaultKey)
+{
+    return {ltLOAN, vaultKey};
+}
+
 Keylet
 permissionedDomain(AccountID const& account, std::uint32_t seq) noexcept;
 

include/xrpl/protocol/Issue.h

@@ -24,9 +24,6 @@
 #include <xrpl/json/json_value.h>
 #include <xrpl/protocol/UintTypes.h>
 
-#include <functional>
-#include <type_traits>
-
 namespace ripple {
 
 /** A currency issued by an account.

include/xrpl/protocol/LedgerFormats.h

@@ -196,6 +196,11 @@ enum LedgerSpecificFlags {
 
     // ltVAULT
     lsfVaultPrivate = 0x00010000,
+
+    // ltLOAN
+    lsfLoanDefault = 0x00010000,
+    lsfLoanImpaired = 0x00020000,
+    lsfLoanOverpayment = 0x00040000, // True, loan allows overpayments
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/MultiApiJson.h

@@ -28,7 +28,6 @@
 #include <concepts>
 #include <cstdlib>
 #include <functional>
-#include <limits>
 #include <type_traits>
 #include <utility>
 

include/xrpl/protocol/NFTSyntheticSerializer.h

@@ -28,6 +28,8 @@
 
 namespace ripple {
 
+namespace RPC {
+
 /**
    Adds common synthetic fields to transaction-related JSON responses
 
@@ -40,6 +42,7 @@ insertNFTSyntheticInJson(
     TxMeta const&);
 /** @} */
 
+}  // namespace RPC
 }  // namespace ripple
 
 #endif

include/xrpl/protocol/Permissions.h

@@ -25,7 +25,6 @@
 #include <optional>
 #include <string>
 #include <unordered_map>
-#include <unordered_set>
 
 namespace ripple {
 /**

include/xrpl/protocol/Protocol.h

@@ -23,6 +23,8 @@
 #include <xrpl/basics/ByteUtilities.h>
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/basics/partitioned_unordered_map.h>
+#include <xrpl/basics/safe_cast.h>
+#include <xrpl/protocol/Units.h>
 
 #include <cstdint>
 
@@ -82,6 +84,90 @@ std::size_t constexpr maxDeletableTokenOfferEntries = 500;
  */
 std::uint16_t constexpr maxTransferFee = 50000;
 
+/** There are 10,000 basis points (bips) in 100%.
+ *
+ * Basis points represent 0.01%.
+ *
+ * Given a value X, to find the amount for B bps,
+ * use X * B / bipsPerUnity
+ *
+ * Example: If a loan broker has 999 XRP of debt, and must maintain 1,000 bps of
+ * that debt as cover (10%), then the minimum cover amount is 999,000,000 drops
+ * * 1000 / bipsPerUnity = 99,900,00 drops or 99.9 XRP.
+ *
+ * Given a percentage P, to find the number of bps that percentage represents,
+ * use P * bipsPerUnity.
+ *
+ * Example: 50% is 0.50 * bipsPerUnity = 5,000 bps.
+ */
+Bips32 constexpr bipsPerUnity(100 * 100);
+TenthBips32 constexpr tenthBipsPerUnity(bipsPerUnity.value() * 10);
+
+constexpr Bips32
+percentageToBips(std::uint32_t percentage)
+{
+    return Bips32(percentage * bipsPerUnity.value() / 100);
+}
+constexpr TenthBips32
+percentageToTenthBips(std::uint32_t percentage)
+{
+    return TenthBips32(percentage * tenthBipsPerUnity.value() / 100);
+}
+template <typename T, class TBips>
+constexpr T
+bipsOfValue(T value, Bips<TBips> bips)
+{
+    return value * bips.value() / bipsPerUnity.value();
+}
+template <typename T, class TBips>
+constexpr T
+tenthBipsOfValue(T value, TenthBips<TBips> bips)
+{
+    return value * bips.value() / tenthBipsPerUnity.value();
+}
+
+/** The maximum management fee rate allowed by a loan broker in 1/10 bips.
+
+    Valid values are between 0 and 10% inclusive.
+*/
+TenthBips16 constexpr maxManagementFeeRate(
+    unsafe_cast<std::uint16_t>(percentageToTenthBips(10).value()));
+static_assert(maxManagementFeeRate == TenthBips16(std::uint16_t(10'000u)));
+
+/** The maximum coverage rate required of a loan broker in 1/10 bips.
+
+    Valid values are between 0 and 100% inclusive.
+*/
+TenthBips32 constexpr maxCoverRate = percentageToTenthBips(100);
+static_assert(maxCoverRate == TenthBips32(100'000u));
+
+/** The maximum overpayment fee on a loan in 1/10 bips.
+*
+    Valid values are between 0 and 100% inclusive.
+*/
+TenthBips32 constexpr maxOverpaymentFee = percentageToTenthBips(100);
+
+/** The maximum premium added to the interest rate for late payments on a loan
+ * in 1/10 bips.
+ *
+ * Valid values are between 0 and 100% inclusive.
+ */
+TenthBips32 constexpr maxLateInterestRate = percentageToTenthBips(100);
+
+/** The maximum close interest rate charged for repaying a loan early in 1/10
+ * bips.
+ *
+ * Valid values are between 0 and 100% inclusive.
+ */
+TenthBips32 constexpr maxCloseInterestRate = percentageToTenthBips(100);
+
+/** The maximum overpayment interest rate charged on loan overpayments in 1/10
+ * bips.
+ *
+ * Valid values are between 0 and 100% inclusive.
+ */
+TenthBips32 constexpr maxOverpaymentInterestRate = percentageToTenthBips(100);
+
 /** The maximum length of a URI inside an NFT */
 std::size_t constexpr maxTokenURILength = 256;
 

include/xrpl/protocol/PublicKey.h

@@ -32,7 +32,6 @@
 #include <cstring>
 #include <optional>
 #include <ostream>
-#include <utility>
 
 namespace ripple {
 

include/xrpl/protocol/SField.h

@@ -22,6 +22,7 @@
 
 #include <xrpl/basics/safe_cast.h>
 #include <xrpl/json/json_value.h>
+#include <xrpl/protocol/Units.h>
 
 #include <cstdint>
 #include <map>
@@ -136,8 +137,8 @@ field_code(int id, int index)
     SFields are created at compile time.
 
     Each SField, once constructed, lives until program termination, and there
-    is only one instance per fieldType/fieldValue pair which serves the entire
-    application.
+    is only one instance per fieldType/fieldValue pair which serves the
+    entire application.
 */
 class SField
 {
@@ -148,8 +149,10 @@ public:
         sMD_ChangeNew = 0x02,    // new value when it changes
         sMD_DeleteFinal = 0x04,  // final value when it is deleted
         sMD_Create = 0x08,       // value when it's created
-        sMD_Always = 0x10,  // value when node containing it is affected at all
-        sMD_BaseTen = 0x20,
+        sMD_Always = 0x10,   // value when node containing it is affected at all
+        sMD_BaseTen = 0x20,  // value is treated as base 10, overriding behavior
+        sMD_PseudoAccount = 0x40,  // if this field is set in an ACCOUNT_ROOT
+        // _only_, then it is a pseudo-account
         sMD_Default =
             sMD_ChangeOrig | sMD_ChangeNew | sMD_DeleteFinal | sMD_Create
     };
@@ -306,6 +309,7 @@ public:
 private:
     static int num;
     static std::map<int, SField const*> knownCodeToField;
+    static std::map<std::string, SField const*> knownNameToField;
 };
 
 /** A field with a type known at compile time. */

include/xrpl/protocol/SOTemplate.h

@@ -25,7 +25,6 @@
 
 #include <functional>
 #include <initializer_list>
-#include <memory>
 #include <stdexcept>
 
 namespace ripple {

include/xrpl/protocol/STAmount.h

@@ -695,6 +695,36 @@ divRoundStrict(
 std::uint64_t
 getRate(STAmount const& offerOut, STAmount const& offerIn);
 
+STAmount
+roundToReference(
+    STAmount const value,
+    STAmount referenceValue,
+    Number::rounding_mode rounding = Number::getround());
+
+/** Round an arbitrary precision Number to the precision of a given Asset.
+ *
+ * @param asset The relevant asset
+ * @param value The value to be rounded
+ * @param referenceValue Only relevant to IOU assets. A reference value to
+ *     establish the precision limit of `value`. Should be larger than
+ * `value`.
+ * @param rounding Optional Number rounding mode
+ */
+template <AssetType A>
+Number
+roundToAsset(
+    A const& asset,
+    Number const& value,
+    Number const& referenceValue,
+    Number::rounding_mode rounding = Number::getround())
+{
+    NumberRoundModeGuard mg(rounding);
+    STAmount const ret{asset, value};
+    if (ret.asset().native() || !ret.asset().holds<Issue>())
+        return ret;
+    return roundToReference(ret, STAmount{asset, referenceValue});
+}
+
 //------------------------------------------------------------------------------
 
 inline bool
@@ -709,10 +739,10 @@ canAdd(STAmount const& amt1, STAmount const& amt2);
 bool
 canSubtract(STAmount const& amt1, STAmount const& amt2);
 
-// Since `canonicalize` does not have access to a ledger, this is needed to put
-// the low-level routine stAmountCanonicalize on an amendment switch. Only
-// transactions need to use this switchover. Outside of a transaction it's safe
-// to unconditionally use the new behavior.
+// Since `canonicalize` does not have access to a ledger, this is needed to
+// put the low-level routine stAmountCanonicalize on an amendment switch.
+// Only transactions need to use this switchover. Outside of a transaction
+// it's safe to unconditionally use the new behavior.
 
 bool
 getSTAmountCanonicalizeSwitchover();

include/xrpl/protocol/STBase.h

@@ -24,7 +24,6 @@
 #include <xrpl/protocol/SField.h>
 #include <xrpl/protocol/Serializer.h>
 
-#include <memory>
 #include <ostream>
 #include <string>
 #include <type_traits>

include/xrpl/protocol/STBlob.h

@@ -27,7 +27,6 @@
 #include <xrpl/protocol/STBase.h>
 
 #include <cstring>
-#include <memory>
 
 namespace ripple {
 

include/xrpl/protocol/STLedgerEntry.h

@@ -26,7 +26,9 @@
 namespace ripple {
 
 class Rules;
+namespace test {
 class Invariants_test;
+}
 
 class STLedgerEntry final : public STObject, public CountedObject<STLedgerEntry>
 {
@@ -36,6 +38,8 @@ class STLedgerEntry final : public STObject, public CountedObject<STLedgerEntry>
 public:
     using pointer = std::shared_ptr<STLedgerEntry>;
     using ref = std::shared_ptr<STLedgerEntry> const&;
+    using const_pointer = std::shared_ptr<STLedgerEntry const>;
+    using const_ref = std::shared_ptr<STLedgerEntry const> const&;
 
     /** Create an empty object with the given key and type. */
     explicit STLedgerEntry(Keylet const& k);
@@ -54,7 +58,7 @@ public:
     getText() const override;
 
     Json::Value
-    getJson(JsonOptions options) const override;
+    getJson(JsonOptions options = JsonOptions::none) const override;
 
     /** Returns the 'key' (or 'index') of this item.
         The key identifies this entry's position in
@@ -84,7 +88,8 @@ private:
     void
     setSLEType();
 
-    friend Invariants_test;  // this test wants access to the private type_
+    friend test::Invariants_test;  // this test wants access to the private
+                                   // type_
 
     STBase*
     copy(std::size_t n, void* buf) const override;

include/xrpl/protocol/STObject.h

@@ -25,7 +25,6 @@
 #include <xrpl/basics/chrono.h>
 #include <xrpl/basics/contract.h>
 #include <xrpl/beast/utility/instrumentation.h>
-#include <xrpl/protocol/FeeUnits.h>
 #include <xrpl/protocol/HashPrefix.h>
 #include <xrpl/protocol/SOTemplate.h>
 #include <xrpl/protocol/STAmount.h>
@@ -34,6 +33,7 @@
 #include <xrpl/protocol/STIssue.h>
 #include <xrpl/protocol/STPathSet.h>
 #include <xrpl/protocol/STVector256.h>
+#include <xrpl/protocol/Units.h>
 #include <xrpl/protocol/detail/STVar.h>
 
 #include <boost/iterator/transform_iterator.hpp>
@@ -242,6 +242,9 @@ public:
     getFieldPathSet(SField const& field) const;
     STVector256 const&
     getFieldV256(SField const& field) const;
+    // If not found, returns an object constructed with the given field
+    STObject
+    getFieldObject(SField const& field) const;
     STArray const&
     getFieldArray(SField const& field) const;
     STCurrency const&
@@ -515,7 +518,26 @@ protected:
 // Constraint += and -= ValueProxy operators
 // to value types that support arithmetic operations
 template <typename U>
-concept IsArithmetic = std::is_arithmetic_v<U> || std::is_same_v<U, STAmount>;
+concept IsArithmeticNumber = std::is_arithmetic_v<U> ||
+    std::is_same_v<U, Number> || std::is_same_v<U, STAmount>;
+template <
+    typename U,
+    typename Value = typename U::value_type,
+    typename Unit = typename U::unit_type>
+concept IsArithmeticValueUnit =
+    std::is_same_v<U, unit::ValueUnit<Unit, Value>> &&
+    IsArithmeticNumber<Value> && std::is_class_v<Unit>;
+template <typename U, typename Value = typename U::value_type>
+concept IsArithmeticST = !IsArithmeticValueUnit<U> && IsArithmeticNumber<Value>;
+template <typename U>
+concept IsArithmetic =
+    IsArithmeticNumber<U> || IsArithmeticST<U> || IsArithmeticValueUnit<U>;
+
+template <class T, class U>
+concept Addable = requires(T t, U u) { t = t + u; };
+template <typename T, typename U>
+concept IsArithmeticCompatible =
+    IsArithmetic<typename T::value_type> && Addable<typename T::value_type, U>;
 
 template <class T>
 class STObject::ValueProxy : public Proxy<T>
@@ -535,10 +557,12 @@ public:
     // Convenience operators for value types supporting
     // arithmetic operations
     template <IsArithmetic U>
+        requires IsArithmeticCompatible<T, U>
     ValueProxy&
     operator+=(U const& u);
 
     template <IsArithmetic U>
+        requires IsArithmeticCompatible<T, U>
     ValueProxy&
     operator-=(U const& u);
 
@@ -774,6 +798,7 @@ STObject::ValueProxy<T>::operator=(U&& u)
 
 template <typename T>
 template <IsArithmetic U>
+    requires IsArithmeticCompatible<T, U>
 STObject::ValueProxy<T>&
 STObject::ValueProxy<T>::operator+=(U const& u)
 {
@@ -783,6 +808,7 @@ STObject::ValueProxy<T>::operator+=(U const& u)
 
 template <class T>
 template <IsArithmetic U>
+    requires IsArithmeticCompatible<T, U>
 STObject::ValueProxy<T>&
 STObject::ValueProxy<T>::operator-=(U const& u)
 {

include/xrpl/protocol/STTx.h

@@ -88,7 +88,13 @@ public:
 
     // Outer transaction functions / signature functions.
     Blob
-    getSignature() const;
+    getSignature(STObject const& sigObject) const;
+
+    Blob
+    getSignature() const
+    {
+        return getSignature(*this);
+    }
 
     uint256
     getSigningHash() const;
@@ -121,11 +127,28 @@ public:
     void
     sign(PublicKey const& publicKey, SecretKey const& secretKey);
 
-    /** Check the signature.
-        @return `true` if valid signature. If invalid, the error message string.
-    */
     enum class RequireFullyCanonicalSig : bool { no, yes };
 
+    /** Check the signature.
+        @param requireCanonicalSig If `true`, check that the signature is fully
+            canonical. If `false`, only check that the signature is valid.
+        @param rules The current ledger rules.
+        @param pSig Pointer to object that contains the signature fields, if not
+            using "this". Will most often be null
+        @return `true` if valid signature. If invalid, the error message string.
+    */
+    Expected<void, std::string>
+    checkSign(
+        RequireFullyCanonicalSig requireCanonicalSig,
+        Rules const& rules,
+        STObject const* pSig) const;
+
+    /** Check the signature.
+        @param requireCanonicalSig If `true`, check that the signature is fully
+            canonical. If `false`, only check that the signature is valid.
+        @param rules The current ledger rules.
+        @return `true` if valid signature. If invalid, the error message string.
+    */
     Expected<void, std::string>
     checkSign(RequireFullyCanonicalSig requireCanonicalSig, Rules const& rules)
         const;
@@ -155,12 +178,15 @@ public:
 
 private:
     Expected<void, std::string>
-    checkSingleSign(RequireFullyCanonicalSig requireCanonicalSig) const;
+    checkSingleSign(
+        RequireFullyCanonicalSig requireCanonicalSig,
+        STObject const* pSig) const;
 
     Expected<void, std::string>
     checkMultiSign(
         RequireFullyCanonicalSig requireCanonicalSig,
-        Rules const& rules) const;
+        Rules const& rules,
+        STObject const* pSig) const;
 
     Expected<void, std::string>
     checkBatchSingleSign(

include/xrpl/protocol/STValidation.h

@@ -22,14 +22,12 @@
 
 #include <xrpl/basics/Log.h>
 #include <xrpl/beast/utility/instrumentation.h>
-#include <xrpl/protocol/FeeUnits.h>
 #include <xrpl/protocol/PublicKey.h>
 #include <xrpl/protocol/STObject.h>
 #include <xrpl/protocol/SecretKey.h>
+#include <xrpl/protocol/Units.h>
 
 #include <cstdint>
-#include <functional>
-#include <memory>
 #include <optional>
 #include <sstream>
 

include/xrpl/protocol/Serializer.h

@@ -33,7 +33,6 @@
 
 #include <cstdint>
 #include <cstring>
-#include <iomanip>
 #include <type_traits>
 
 namespace ripple {

include/xrpl/protocol/Sign.h

@@ -25,8 +25,6 @@
 #include <xrpl/protocol/STObject.h>
 #include <xrpl/protocol/SecretKey.h>
 
-#include <utility>
-
 namespace ripple {
 
 /** Sign an STObject

include/xrpl/protocol/TxFlags.h

@@ -127,6 +127,8 @@ constexpr std::uint32_t tfTrustSetPermissionMask = ~(tfUniversal | tfSetfAuth |
 // EnableAmendment flags:
 constexpr std::uint32_t tfGotMajority                      = 0x00010000;
 constexpr std::uint32_t tfLostMajority                     = 0x00020000;
+constexpr std::uint32_t tfChangeMask =
+    ~( tfUniversal | tfGotMajority | tfLostMajority);
 
 // PaymentChannelClaim flags:
 constexpr std::uint32_t tfRenew                            = 0x00010000;
@@ -141,7 +143,8 @@ constexpr std::uint32_t const tfTransferable               = 0x00000008;
 constexpr std::uint32_t const tfMutable                    = 0x00000010;
 
 // MPTokenIssuanceCreate flags:
-// NOTE - there is intentionally no flag here for lsfMPTLocked, which this transaction cannot mutate. 
+// NOTE - there is intentionally no flag here for lsfMPTLocked, which
+// this transaction cannot mutate.
 constexpr std::uint32_t const tfMPTCanLock                 = lsfMPTCanLock;
 constexpr std::uint32_t const tfMPTRequireAuth             = lsfMPTRequireAuth;
 constexpr std::uint32_t const tfMPTCanEscrow               = lsfMPTCanEscrow;
@@ -249,6 +252,17 @@ constexpr std::uint32_t tfIndependent                  = 0x00080000;
 constexpr std::uint32_t const tfBatchMask =
     ~(tfUniversal | tfAllOrNothing | tfOnlyOne | tfUntilFailure | tfIndependent) | tfInnerBatchTxn;
 
+// LoanSet flags:
+// True, indicates the loan supports overpayments
+constexpr std::uint32_t const tfLoanOverpayment = 0x00010000;
+constexpr std::uint32_t const tfLoanSetMask = ~(tfUniversal | tfLoanOverpayment);
+
+// LoanManage flags:
+constexpr std::uint32_t const tfLoanDefault = 0x00010000;
+constexpr std::uint32_t const tfLoanImpair = 0x00020000;
+constexpr std::uint32_t const tfLoanUnimpair = 0x00040000;
+constexpr std::uint32_t const tfLoanManageMask = ~(tfUniversal | tfLoanDefault | tfLoanImpair | tfLoanUnimpair);
+
 // clang-format on
 
 }  // namespace ripple

include/xrpl/protocol/TxFormats.h

@@ -59,7 +59,8 @@ enum TxType : std::uint16_t
 #pragma push_macro("TRANSACTION")
 #undef TRANSACTION
 
-#define TRANSACTION(tag, value, name, delegatable, fields) tag = value,
+#define TRANSACTION(tag, value, ...) \
+    tag = value,
 
 #include <xrpl/protocol/detail/transactions.macro>
 

include/xrpl/protocol/Units.h

@@ -16,8 +16,8 @@
     OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
 
-#ifndef BASICS_FEES_H_INCLUDED
-#define BASICS_FEES_H_INCLUDED
+#ifndef PROTOCOL_UNITS_H_INCLUDED
+#define PROTOCOL_UNITS_H_INCLUDED
 
 #include <xrpl/basics/safe_cast.h>
 #include <xrpl/beast/utility/Zero.h>
@@ -27,34 +27,29 @@
 #include <boost/multiprecision/cpp_int.hpp>
 #include <boost/operators.hpp>
 
-#include <cmath>
-#include <ios>
 #include <iosfwd>
 #include <limits>
 #include <optional>
-#include <sstream>
-#include <string>
-#include <utility>
 
 namespace ripple {
 
-namespace feeunit {
+namespace unit {
 
 /** "drops" are the smallest divisible amount of XRP. This is what most
     of the code uses. */
 struct dropTag;
-/** "fee units" calculations are a not-really-unitless value that is used
-    to express the cost of a given transaction vs. a reference transaction.
-    They are primarily used by the Transactor classes. */
-struct feeunitTag;
 /** "fee levels" are used by the transaction queue to compare the relative
     cost of transactions that require different levels of effort to process.
     See also: src/ripple/app/misc/FeeEscalation.md#fee-level */
 struct feelevelTag;
-/** unitless values are plain scalars wrapped in a TaggedFee. They are
+/** unitless values are plain scalars wrapped in a ValueUnit. They are
     used for calculations in this header. */
 struct unitlessTag;
 
+/** Units to represent basis points (bips) and 1/10 basis points */
+class BipsTag;
+class TenthBipsTag;
+
 template <class T>
 using enable_if_unit_t = typename std::enable_if_t<
     std::is_class_v<T> && std::is_object_v<typename T::unit_type> &&
@@ -62,32 +57,33 @@ using enable_if_unit_t = typename std::enable_if_t<
 
 /** `is_usable_unit_v` is checked to ensure that only values with
     known valid type tags can be used (sometimes transparently) in
-    non-fee contexts. At the time of implementation, this includes
+    non-unit contexts. At the time of implementation, this includes
     all known tags, but more may be added in the future, and they
     should not be added automatically unless determined to be
     appropriate.
 */
 template <class T, class = enable_if_unit_t<T>>
 constexpr bool is_usable_unit_v =
-    std::is_same_v<typename T::unit_type, feeunitTag> ||
     std::is_same_v<typename T::unit_type, feelevelTag> ||
     std::is_same_v<typename T::unit_type, unitlessTag> ||
-    std::is_same_v<typename T::unit_type, dropTag>;
+    std::is_same_v<typename T::unit_type, dropTag> ||
+    std::is_same_v<typename T::unit_type, BipsTag> ||
+    std::is_same_v<typename T::unit_type, TenthBipsTag>;
 
 template <class UnitTag, class T>
-class TaggedFee : private boost::totally_ordered<TaggedFee<UnitTag, T>>,
-                  private boost::additive<TaggedFee<UnitTag, T>>,
-                  private boost::equality_comparable<TaggedFee<UnitTag, T>, T>,
-                  private boost::dividable<TaggedFee<UnitTag, T>, T>,
-                  private boost::modable<TaggedFee<UnitTag, T>, T>,
-                  private boost::unit_steppable<TaggedFee<UnitTag, T>>
+class ValueUnit : private boost::totally_ordered<ValueUnit<UnitTag, T>>,
+                  private boost::additive<ValueUnit<UnitTag, T>>,
+                  private boost::equality_comparable<ValueUnit<UnitTag, T>, T>,
+                  private boost::dividable<ValueUnit<UnitTag, T>, T>,
+                  private boost::modable<ValueUnit<UnitTag, T>, T>,
+                  private boost::unit_steppable<ValueUnit<UnitTag, T>>
 {
 public:
     using unit_type = UnitTag;
     using value_type = T;
 
 private:
-    value_type fee_;
+    value_type value_;
 
 protected:
     template <class Other>
@@ -95,44 +91,44 @@ protected:
         std::is_arithmetic_v<Other> && std::is_arithmetic_v<value_type> &&
         std::is_convertible_v<Other, value_type>;
 
-    template <class OtherFee, class = enable_if_unit_t<OtherFee>>
-    static constexpr bool is_compatiblefee_v =
-        is_compatible_v<typename OtherFee::value_type> &&
-        std::is_same_v<UnitTag, typename OtherFee::unit_type>;
+    template <class OtherValue, class = enable_if_unit_t<OtherValue>>
+    static constexpr bool is_compatiblevalue_v =
+        is_compatible_v<typename OtherValue::value_type> &&
+        std::is_same_v<UnitTag, typename OtherValue::unit_type>;
 
     template <class Other>
     using enable_if_compatible_t =
         typename std::enable_if_t<is_compatible_v<Other>>;
 
-    template <class OtherFee>
-    using enable_if_compatiblefee_t =
-        typename std::enable_if_t<is_compatiblefee_v<OtherFee>>;
+    template <class OtherValue>
+    using enable_if_compatiblevalue_t =
+        typename std::enable_if_t<is_compatiblevalue_v<OtherValue>>;
 
 public:
-    TaggedFee() = default;
-    constexpr TaggedFee(TaggedFee const& other) = default;
-    constexpr TaggedFee&
-    operator=(TaggedFee const& other) = default;
+    ValueUnit() = default;
+    constexpr ValueUnit(ValueUnit const& other) = default;
+    constexpr ValueUnit&
+    operator=(ValueUnit const& other) = default;
 
-    constexpr explicit TaggedFee(beast::Zero) : fee_(0)
+    constexpr explicit ValueUnit(beast::Zero) : value_(0)
     {
     }
 
-    constexpr TaggedFee&
+    constexpr ValueUnit&
     operator=(beast::Zero)
     {
-        fee_ = 0;
+        value_ = 0;
         return *this;
     }
 
-    constexpr explicit TaggedFee(value_type fee) : fee_(fee)
+    constexpr explicit ValueUnit(value_type value) : value_(value)
     {
     }
 
-    TaggedFee&
-    operator=(value_type fee)
+    constexpr ValueUnit&
+    operator=(value_type value)
     {
-        fee_ = fee;
+        value_ = value;
         return *this;
     }
 
@@ -144,153 +140,181 @@ public:
         class = std::enable_if_t<
             is_compatible_v<Other> &&
             is_safetocasttovalue_v<value_type, Other>>>
-    constexpr TaggedFee(TaggedFee<unit_type, Other> const& fee)
-        : TaggedFee(safe_cast<value_type>(fee.fee()))
+    constexpr ValueUnit(ValueUnit<unit_type, Other> const& value)
+        : ValueUnit(safe_cast<value_type>(value.value()))
     {
     }
 
-    constexpr TaggedFee
+    constexpr ValueUnit
+    operator+(value_type const& rhs) const
+    {
+        return ValueUnit{value_ + rhs};
+    }
+
+    friend constexpr ValueUnit
+    operator+(value_type lhs, ValueUnit const& rhs)
+    {
+        // addition is commutative
+        return rhs + lhs;
+    }
+
+    constexpr ValueUnit
+    operator-(value_type const& rhs) const
+    {
+        return ValueUnit{value_ - rhs};
+    }
+
+    friend constexpr ValueUnit
+    operator-(value_type lhs, ValueUnit const& rhs)
+    {
+        // subtraction is NOT commutative, but (lhs + (-rhs)) is addition, which
+        // is
+        return -rhs + lhs;
+    }
+
+    constexpr ValueUnit
     operator*(value_type const& rhs) const
     {
-        return TaggedFee{fee_ * rhs};
+        return ValueUnit{value_ * rhs};
     }
 
-    friend constexpr TaggedFee
-    operator*(value_type lhs, TaggedFee const& rhs)
+    friend constexpr ValueUnit
+    operator*(value_type lhs, ValueUnit const& rhs)
     {
         // multiplication is commutative
         return rhs * lhs;
     }
 
     constexpr value_type
-    operator/(TaggedFee const& rhs) const
+    operator/(ValueUnit const& rhs) const
     {
-        return fee_ / rhs.fee_;
+        return value_ / rhs.value_;
     }
 
-    TaggedFee&
-    operator+=(TaggedFee const& other)
+    ValueUnit&
+    operator+=(ValueUnit const& other)
     {
-        fee_ += other.fee();
+        value_ += other.value();
         return *this;
     }
 
-    TaggedFee&
-    operator-=(TaggedFee const& other)
+    ValueUnit&
+    operator-=(ValueUnit const& other)
     {
-        fee_ -= other.fee();
+        value_ -= other.value();
         return *this;
     }
 
-    TaggedFee&
+    ValueUnit&
     operator++()
     {
-        ++fee_;
+        ++value_;
         return *this;
     }
 
-    TaggedFee&
+    ValueUnit&
     operator--()
     {
-        --fee_;
+        --value_;
         return *this;
     }
 
-    TaggedFee&
+    ValueUnit&
     operator*=(value_type const& rhs)
     {
-        fee_ *= rhs;
+        value_ *= rhs;
         return *this;
     }
 
-    TaggedFee&
+    ValueUnit&
     operator/=(value_type const& rhs)
     {
-        fee_ /= rhs;
+        value_ /= rhs;
         return *this;
     }
 
     template <class transparent = value_type>
-    std::enable_if_t<std::is_integral_v<transparent>, TaggedFee&>
+    std::enable_if_t<std::is_integral_v<transparent>, ValueUnit&>
     operator%=(value_type const& rhs)
     {
-        fee_ %= rhs;
+        value_ %= rhs;
         return *this;
     }
 
-    TaggedFee
+    ValueUnit
     operator-() const
     {
         static_assert(
-            std::is_signed_v<T>, "- operator illegal on unsigned fee types");
-        return TaggedFee{-fee_};
+            std::is_signed_v<T>, "- operator illegal on unsigned value types");
+        return ValueUnit{-value_};
     }
 
-    bool
-    operator==(TaggedFee const& other) const
+    constexpr bool
+    operator==(ValueUnit const& other) const
     {
-        return fee_ == other.fee_;
+        return value_ == other.value_;
     }
 
     template <class Other, class = enable_if_compatible_t<Other>>
-    bool
-    operator==(TaggedFee<unit_type, Other> const& other) const
+    constexpr bool
+    operator==(ValueUnit<unit_type, Other> const& other) const
     {
-        return fee_ == other.fee();
+        return value_ == other.value();
     }
 
-    bool
+    constexpr bool
     operator==(value_type other) const
     {
-        return fee_ == other;
+        return value_ == other;
     }
 
     template <class Other, class = enable_if_compatible_t<Other>>
-    bool
-    operator!=(TaggedFee<unit_type, Other> const& other) const
+    constexpr bool
+    operator!=(ValueUnit<unit_type, Other> const& other) const
     {
         return !operator==(other);
     }
 
-    bool
-    operator<(TaggedFee const& other) const
+    constexpr bool
+    operator<(ValueUnit const& other) const
     {
-        return fee_ < other.fee_;
+        return value_ < other.value_;
     }
 
     /** Returns true if the amount is not zero */
     explicit constexpr
     operator bool() const noexcept
     {
-        return fee_ != 0;
+        return value_ != 0;
     }
 
     /** Return the sign of the amount */
     constexpr int
     signum() const noexcept
     {
-        return (fee_ < 0) ? -1 : (fee_ ? 1 : 0);
+        return (value_ < 0) ? -1 : (value_ ? 1 : 0);
     }
 
     /** Returns the number of drops */
+    // TODO: Move this to a new class, maybe with the old "TaggedFee" name
     constexpr value_type
     fee() const
     {
-        return fee_;
+        return value_;
     }
 
     template <class Other>
     constexpr double
-    decimalFromReference(TaggedFee<unit_type, Other> reference) const
+    decimalFromReference(ValueUnit<unit_type, Other> reference) const
     {
-        return static_cast<double>(fee_) / reference.fee();
+        return static_cast<double>(value_) / reference.value();
     }
 
     // `is_usable_unit_v` is checked to ensure that only values with
     // known valid type tags can be converted to JSON. At the time
     // of implementation, that includes all known tags, but more may
     // be added in the future.
-    std::enable_if_t<is_usable_unit_v<TaggedFee>, Json::Value>
+    std::enable_if_t<is_usable_unit_v<ValueUnit>, Json::Value>
     jsonClipped() const
     {
         if constexpr (std::is_integral_v<value_type>)
@@ -303,15 +327,15 @@ public:
             constexpr auto min = std::numeric_limits<jsontype>::min();
             constexpr auto max = std::numeric_limits<jsontype>::max();
 
-            if (fee_ < min)
+            if (value_ < min)
                 return min;
-            if (fee_ > max)
+            if (value_ > max)
                 return max;
-            return static_cast<jsontype>(fee_);
+            return static_cast<jsontype>(value_);
         }
         else
         {
-            return fee_;
+            return value_;
         }
     }
 
@@ -322,30 +346,30 @@ public:
     constexpr value_type
     value() const
     {
-        return fee_;
+        return value_;
     }
 
     friend std::istream&
-    operator>>(std::istream& s, TaggedFee& val)
+    operator>>(std::istream& s, ValueUnit& val)
     {
-        s >> val.fee_;
+        s >> val.value_;
         return s;
     }
 };
 
-// Output Fees as just their numeric value.
+// Output Values as just their numeric value.
 template <class Char, class Traits, class UnitTag, class T>
 std::basic_ostream<Char, Traits>&
-operator<<(std::basic_ostream<Char, Traits>& os, TaggedFee<UnitTag, T> const& q)
+operator<<(std::basic_ostream<Char, Traits>& os, ValueUnit<UnitTag, T> const& q)
 {
     return os << q.value();
 }
 
 template <class UnitTag, class T>
 std::string
-to_string(TaggedFee<UnitTag, T> const& amount)
+to_string(ValueUnit<UnitTag, T> const& amount)
 {
-    return std::to_string(amount.fee());
+    return std::to_string(amount.value());
 }
 
 template <class Source, class = enable_if_unit_t<Source>>
@@ -408,10 +432,10 @@ using enable_muldiv_commute_t =
     typename std::enable_if_t<can_muldiv_commute_v<Source1, Source2, Dest>>;
 
 template <class T>
-TaggedFee<unitlessTag, T>
+ValueUnit<unitlessTag, T>
 scalar(T value)
 {
-    return TaggedFee<unitlessTag, T>{value};
+    return ValueUnit<unitlessTag, T>{value};
 }
 
 template <
@@ -422,18 +446,17 @@ template <
 std::optional<Dest>
 mulDivU(Source1 value, Dest mul, Source2 div)
 {
-    // Fees can never be negative in any context.
+    // values can never be negative in any context.
     if (value.value() < 0 || mul.value() < 0 || div.value() < 0)
     {
         // split the asserts so if one hits, the user can tell which
         // without a debugger.
         XRPL_ASSERT(
-            value.value() >= 0,
-            "ripple::feeunit::mulDivU : minimum value input");
+            value.value() >= 0, "ripple::unit::mulDivU : minimum value input");
         XRPL_ASSERT(
-            mul.value() >= 0, "ripple::feeunit::mulDivU : minimum mul input");
+            mul.value() >= 0, "ripple::unit::mulDivU : minimum mul input");
         XRPL_ASSERT(
-            div.value() >= 0, "ripple::feeunit::mulDivU : minimum div input");
+            div.value() >= 0, "ripple::unit::mulDivU : minimum div input");
         return std::nullopt;
     }
 
@@ -466,46 +489,57 @@ mulDivU(Source1 value, Dest mul, Source2 div)
     return Dest{static_cast<desttype>(quotient)};
 }
 
-}  // namespace feeunit
+}  // namespace unit
 
+// Fee Levels
 template <class T>
-using FeeLevel = feeunit::TaggedFee<feeunit::feelevelTag, T>;
+using FeeLevel = unit::ValueUnit<unit::feelevelTag, T>;
 using FeeLevel64 = FeeLevel<std::uint64_t>;
 using FeeLevelDouble = FeeLevel<double>;
 
+// Basis points (Bips)
+template <class T>
+using Bips = unit::ValueUnit<unit::BipsTag, T>;
+using Bips16 = Bips<std::uint16_t>;
+using Bips32 = Bips<std::uint32_t>;
+template <class T>
+using TenthBips = unit::ValueUnit<unit::TenthBipsTag, T>;
+using TenthBips16 = TenthBips<std::uint16_t>;
+using TenthBips32 = TenthBips<std::uint32_t>;
+
 template <
     class Source1,
     class Source2,
     class Dest,
-    class = feeunit::enable_muldiv_t<Source1, Source2, Dest>>
+    class = unit::enable_muldiv_t<Source1, Source2, Dest>>
 std::optional<Dest>
 mulDiv(Source1 value, Dest mul, Source2 div)
 {
-    return feeunit::mulDivU(value, mul, div);
+    return unit::mulDivU(value, mul, div);
 }
 
 template <
     class Source1,
     class Source2,
     class Dest,
-    class = feeunit::enable_muldiv_commute_t<Source1, Source2, Dest>>
+    class = unit::enable_muldiv_commute_t<Source1, Source2, Dest>>
 std::optional<Dest>
 mulDiv(Dest value, Source1 mul, Source2 div)
 {
     // Multiplication is commutative
-    return feeunit::mulDivU(mul, value, div);
+    return unit::mulDivU(mul, value, div);
 }
 
-template <class Dest, class = feeunit::enable_muldiv_dest_t<Dest>>
+template <class Dest, class = unit::enable_muldiv_dest_t<Dest>>
 std::optional<Dest>
 mulDiv(std::uint64_t value, Dest mul, std::uint64_t div)
 {
     // Give the scalars a non-tag so the
     // unit-handling version gets called.
-    return feeunit::mulDivU(feeunit::scalar(value), mul, feeunit::scalar(div));
+    return unit::mulDivU(unit::scalar(value), mul, unit::scalar(div));
 }
 
-template <class Dest, class = feeunit::enable_muldiv_dest_t<Dest>>
+template <class Dest, class = unit::enable_muldiv_dest_t<Dest>>
 std::optional<Dest>
 mulDiv(Dest value, std::uint64_t mul, std::uint64_t div)
 {
@@ -516,13 +550,13 @@ mulDiv(Dest value, std::uint64_t mul, std::uint64_t div)
 template <
     class Source1,
     class Source2,
-    class = feeunit::enable_muldiv_sources_t<Source1, Source2>>
+    class = unit::enable_muldiv_sources_t<Source1, Source2>>
 std::optional<std::uint64_t>
 mulDiv(Source1 value, std::uint64_t mul, Source2 div)
 {
     // Give the scalars a dimensionless unit so the
     // unit-handling version gets called.
-    auto unitresult = feeunit::mulDivU(value, feeunit::scalar(mul), div);
+    auto unitresult = unit::mulDivU(value, unit::scalar(mul), div);
 
     if (!unitresult)
         return std::nullopt;
@@ -533,7 +567,7 @@ mulDiv(Source1 value, std::uint64_t mul, Source2 div)
 template <
     class Source1,
     class Source2,
-    class = feeunit::enable_muldiv_sources_t<Source1, Source2>>
+    class = unit::enable_muldiv_sources_t<Source1, Source2>>
 std::optional<std::uint64_t>
 mulDiv(std::uint64_t value, Source1 mul, Source2 div)
 {
@@ -553,6 +587,16 @@ safe_cast(Src s) noexcept
     return Dest{safe_cast<typename Dest::value_type>(s.value())};
 }
 
+template <class Dest, class Src>
+constexpr std::enable_if_t<
+    std::is_integral_v<typename Dest::value_type> && std::is_integral_v<Src>,
+    Dest>
+safe_cast(Src s) noexcept
+{
+    // Dest may not have an explicit value constructor
+    return Dest{safe_cast<typename Dest::value_type>(s)};
+}
+
 template <class Dest, class Src>
 constexpr std::enable_if_t<
     std::is_same_v<typename Dest::unit_type, typename Src::unit_type> &&
@@ -565,6 +609,16 @@ unsafe_cast(Src s) noexcept
     return Dest{unsafe_cast<typename Dest::value_type>(s.value())};
 }
 
+template <class Dest, class Src>
+constexpr std::enable_if_t<
+    std::is_integral_v<typename Dest::value_type> && std::is_integral_v<Src>,
+    Dest>
+unsafe_cast(Src s) noexcept
+{
+    // Dest may not have an explicit value constructor
+    return Dest{unsafe_cast<typename Dest::value_type>(s)};
+}
+
 }  // namespace ripple
 
-#endif  // BASICS_FEES_H_INCLUDED
+#endif  // PROTOCOL_UNITS_H_INCLUDED

include/xrpl/protocol/XChainAttestations.h

@@ -35,8 +35,6 @@
 #include <boost/container/vector.hpp>
 
 #include <cstddef>
-#include <type_traits>
-#include <unordered_map>
 #include <vector>
 
 namespace ripple {

include/xrpl/protocol/XRPAmount.h

@@ -24,7 +24,7 @@
 #include <xrpl/basics/contract.h>
 #include <xrpl/beast/utility/Zero.h>
 #include <xrpl/json/json_value.h>
-#include <xrpl/protocol/FeeUnits.h>
+#include <xrpl/protocol/Units.h>
 
 #include <boost/multiprecision/cpp_int.hpp>
 #include <boost/operators.hpp>
@@ -42,7 +42,7 @@ class XRPAmount : private boost::totally_ordered<XRPAmount>,
                   private boost::additive<XRPAmount, std::int64_t>
 {
 public:
-    using unit_type = feeunit::dropTag;
+    using unit_type = unit::dropTag;
     using value_type = std::int64_t;
 
 private:

include/xrpl/protocol/detail/b58_utils.h

@@ -27,7 +27,6 @@
 #include <boost/outcome.hpp>
 #include <boost/outcome/result.hpp>
 
-#include <cinttypes>
 #include <span>
 #include <system_error>
 #include <tuple>

include/xrpl/protocol/detail/features.macro

@@ -27,11 +27,13 @@
 #error "undefined macro: XRPL_RETIRE"
 #endif
 
+// clang-format off
+
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
-// If you add an amendment here, then do not forget to increment `numFeatures`
-// in include/xrpl/protocol/Feature.h.
 
+XRPL_FEATURE(LendingProtocol,            Supported::no, VoteBehavior::DefaultNo)
+XRPL_FIX    (AMMClawbackRounding,        Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FEATURE(TokenEscrow,                Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (EnforceNFTokenTrustlineV2,  Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (AMMv1_3,                    Supported::yes, VoteBehavior::DefaultNo)
@@ -94,7 +96,6 @@ XRPL_FEATURE(HardenedValidations,        Supported::yes, VoteBehavior::DefaultYe
 // fix1781: XRPEndpointSteps should be included in the circular payment check
 XRPL_FIX    (1781,                       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(RequireFullyCanonicalSig,   Supported::yes, VoteBehavior::DefaultYes)
-// fixQualityUpperBound should be activated before FlowCross
 XRPL_FIX    (QualityUpperBound,          Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(DeletableAccounts,          Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FIX    (PayChanRecipientOwnerDir,   Supported::yes, VoteBehavior::DefaultYes)
@@ -112,9 +113,7 @@ XRPL_FIX    (1571,                       Supported::yes, VoteBehavior::DefaultYe
 XRPL_FEATURE(Checks,                     Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(DepositAuth,                Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FIX    (1513,                       Supported::yes, VoteBehavior::DefaultYes)
-XRPL_FEATURE(FlowCross,                  Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(Flow,                       Supported::yes, VoteBehavior::DefaultYes)
-XRPL_FEATURE(OwnerPaysFee,               Supported::no,  VoteBehavior::DefaultNo)
 
 // The following amendments are obsolete, but must remain supported
 // because they could potentially get enabled.
@@ -151,3 +150,6 @@ XRPL_RETIRE(fix1201)
 XRPL_RETIRE(fix1512)
 XRPL_RETIRE(fix1523)
 XRPL_RETIRE(fix1528)
+XRPL_RETIRE(FlowCross)
+
+// clang-format on

include/xrpl/protocol/detail/ledger_entries.macro

@@ -167,6 +167,7 @@ LEDGER_ENTRY(ltACCOUNT_ROOT, 0x0061, AccountRoot, account, ({
     {sfFirstNFTokenSequence, soeOPTIONAL},
     {sfAMMID,                soeOPTIONAL}, // pseudo-account designator
     {sfVaultID,              soeOPTIONAL}, // pseudo-account designator
+    {sfLoanBrokerID,         soeOPTIONAL}, // pseudo-account designator
 }))
 
 /** A ledger object which contains a list of object identifiers.
@@ -482,8 +483,7 @@ LEDGER_ENTRY(ltDELEGATE, 0x0083, Delegate, delegate, ({
 }))
 
 /** A ledger object representing a single asset vault.
-
-    \sa keylet::mptoken
+    \sa keylet::vault
  */
 LEDGER_ENTRY(ltVAULT, 0x0084, Vault, vault, ({
     {sfPreviousTxnID,        soeREQUIRED},
@@ -504,6 +504,66 @@ LEDGER_ENTRY(ltVAULT, 0x0084, Vault, vault, ({
     // no PermissionedDomainID ever (use MPTIssuance.sfDomainID)
 }))
 
+/** Reserve 0x0084-0x0087 for future Vault-related objects. */
+
+/** A ledger object representing a loan broker
+
+    \sa keylet::loanbroker
+ */
+LEDGER_ENTRY(ltLOAN_BROKER, 0x0088, LoanBroker, loan_broker, ({
+    {sfPreviousTxnID,        soeREQUIRED},
+    {sfPreviousTxnLgrSeq,    soeREQUIRED},
+    {sfSequence,             soeREQUIRED},
+    {sfOwnerNode,            soeREQUIRED},
+    {sfVaultNode,            soeREQUIRED},
+    {sfVaultID,              soeREQUIRED},
+    {sfAccount,              soeREQUIRED},
+    {sfOwner,                soeREQUIRED},
+    {sfLoanSequence,         soeREQUIRED},
+    {sfData,                 soeDEFAULT},
+    {sfManagementFeeRate,    soeDEFAULT},
+    {sfOwnerCount,           soeDEFAULT},
+    {sfDebtTotal,            soeDEFAULT},
+    {sfDebtMaximum,          soeDEFAULT},
+    {sfCoverAvailable,       soeDEFAULT},
+    {sfCoverRateMinimum,     soeDEFAULT},
+    {sfCoverRateLiquidation, soeDEFAULT},
+}))
+
+/** A ledger object representing a loan between a Borrower and a Loan Broker
+
+    \sa keylet::loan
+ */
+LEDGER_ENTRY(ltLOAN, 0x0089, Loan, loan, ({
+    {sfPreviousTxnID,        soeREQUIRED},
+    {sfPreviousTxnLgrSeq,    soeREQUIRED},
+    {sfOwnerNode,            soeREQUIRED},
+    {sfLoanBrokerNode,       soeREQUIRED},
+    {sfLoanBrokerID,         soeREQUIRED},
+    {sfLoanSequence,         soeREQUIRED},
+    {sfBorrower,             soeREQUIRED},
+    {sfLoanOriginationFee,   soeREQUIRED},
+    {sfLoanServiceFee,       soeREQUIRED},
+    {sfLatePaymentFee,       soeREQUIRED},
+    {sfClosePaymentFee,      soeREQUIRED},
+    {sfOverpaymentFee,       soeREQUIRED},
+    {sfInterestRate,         soeREQUIRED},
+    {sfLateInterestRate,     soeREQUIRED},
+    {sfCloseInterestRate,    soeREQUIRED},
+    {sfOverpaymentInterestRate, soeREQUIRED},
+    {sfStartDate,            soeREQUIRED},
+    {sfPaymentInterval,      soeREQUIRED},
+    {sfGracePeriod,          soeREQUIRED},
+    {sfPreviousPaymentDate,  soeREQUIRED},
+    {sfNextPaymentDueDate,   soeREQUIRED},
+    {sfPaymentRemaining,     soeREQUIRED},
+    {sfAssetsAvailable,      soeREQUIRED},
+    {sfPrincipalOutstanding, soeREQUIRED},
+    // Save the original request amount for rounding / scaling of
+    // other computations, particularly for IOUs
+    {sfPrincipalRequested,   soeREQUIRED},
+}))
+
 #undef EXPAND
 #undef LEDGER_ENTRY_DUPLICATE
 

include/xrpl/protocol/detail/sfields.macro

@@ -24,6 +24,8 @@
 #error "undefined macro: TYPED_SFIELD"
 #endif
 
+// clang-format off
+
 // untyped
 UNTYPED_SFIELD(sfLedgerEntry,            LEDGERENTRY, 257)
 UNTYPED_SFIELD(sfTransaction,            TRANSACTION, 257)
@@ -59,6 +61,7 @@ TYPED_SFIELD(sfHookEmitCount,            UINT16,    18)
 TYPED_SFIELD(sfHookExecutionIndex,       UINT16,    19)
 TYPED_SFIELD(sfHookApiVersion,           UINT16,    20)
 TYPED_SFIELD(sfLedgerFixType,            UINT16,    21)
+TYPED_SFIELD(sfManagementFeeRate,        UINT16,    22) // 1/10 basis points (bips)
 
 // 32-bit integers (common)
 TYPED_SFIELD(sfNetworkID,                UINT32,     1)
@@ -114,6 +117,21 @@ TYPED_SFIELD(sfVoteWeight,               UINT32,    48)
 TYPED_SFIELD(sfFirstNFTokenSequence,     UINT32,    50)
 TYPED_SFIELD(sfOracleDocumentID,         UINT32,    51)
 TYPED_SFIELD(sfPermissionValue,          UINT32,    52)
+TYPED_SFIELD(sfStartDate,                UINT32,    53)
+TYPED_SFIELD(sfPaymentInterval,          UINT32,    54)
+TYPED_SFIELD(sfGracePeriod,              UINT32,    55)
+TYPED_SFIELD(sfPreviousPaymentDate,      UINT32,    56)
+TYPED_SFIELD(sfNextPaymentDueDate,       UINT32,    57)
+TYPED_SFIELD(sfPaymentRemaining,         UINT32,    58)
+TYPED_SFIELD(sfPaymentTotal,             UINT32,    59)
+TYPED_SFIELD(sfLoanSequence,             UINT32,    60)
+TYPED_SFIELD(sfCoverRateMinimum,         UINT32,    61) // 1/10 basis points (bips)
+TYPED_SFIELD(sfCoverRateLiquidation,     UINT32,    62) // 1/10 basis points (bips)
+TYPED_SFIELD(sfOverpaymentFee,           UINT32,    63) // 1/10 basis points (bips)
+TYPED_SFIELD(sfInterestRate,             UINT32,    64) // 1/10 basis points (bips)
+TYPED_SFIELD(sfLateInterestRate,         UINT32,    65) // 1/10 basis points (bips)
+TYPED_SFIELD(sfCloseInterestRate,        UINT32,    66) // 1/10 basis points (bips)
+TYPED_SFIELD(sfOverpaymentInterestRate,  UINT32,    67) // 1/10 basis points (bips)
 
 // 64-bit integers (common)
 TYPED_SFIELD(sfIndexNext,                UINT64,     1)
@@ -145,6 +163,8 @@ TYPED_SFIELD(sfMPTAmount,                UINT64,    26, SField::sMD_BaseTen|SFie
 TYPED_SFIELD(sfIssuerNode,               UINT64,    27)
 TYPED_SFIELD(sfSubjectNode,              UINT64,    28)
 TYPED_SFIELD(sfLockedAmount,             UINT64,    29, SField::sMD_BaseTen|SField::sMD_Default)
+TYPED_SFIELD(sfVaultNode,                UINT64,    30)
+TYPED_SFIELD(sfLoanBrokerNode,           UINT64,    31)
 
 // 128-bit
 TYPED_SFIELD(sfEmailHash,                UINT128,    1)
@@ -173,7 +193,8 @@ TYPED_SFIELD(sfNFTokenID,                UINT256,   10)
 TYPED_SFIELD(sfEmitParentTxnID,          UINT256,   11)
 TYPED_SFIELD(sfEmitNonce,                UINT256,   12)
 TYPED_SFIELD(sfEmitHookHash,             UINT256,   13)
-TYPED_SFIELD(sfAMMID,                    UINT256,   14)
+TYPED_SFIELD(sfAMMID,                    UINT256,   14,
+    SField::sMD_PseudoAccount | SField::sMD_Default)
 
 // 256-bit (uncommon)
 TYPED_SFIELD(sfBookDirectory,            UINT256,   16)
@@ -195,8 +216,12 @@ TYPED_SFIELD(sfHookHash,                 UINT256,   31)
 TYPED_SFIELD(sfHookNamespace,            UINT256,   32)
 TYPED_SFIELD(sfHookSetTxnID,             UINT256,   33)
 TYPED_SFIELD(sfDomainID,                 UINT256,   34)
-TYPED_SFIELD(sfVaultID,                  UINT256,   35)
+TYPED_SFIELD(sfVaultID,                  UINT256,   35,
+    SField::sMD_PseudoAccount | SField::sMD_Default)
 TYPED_SFIELD(sfParentBatchID,            UINT256,   36)
+TYPED_SFIELD(sfLoanBrokerID,             UINT256,   37,
+    SField::sMD_PseudoAccount | SField::sMD_Default)
+TYPED_SFIELD(sfLoanID,                   UINT256,   38)
 
 // number (common)
 TYPED_SFIELD(sfNumber,                   NUMBER,     1)
@@ -204,6 +229,15 @@ TYPED_SFIELD(sfAssetsAvailable,          NUMBER,     2)
 TYPED_SFIELD(sfAssetsMaximum,            NUMBER,     3)
 TYPED_SFIELD(sfAssetsTotal,              NUMBER,     4)
 TYPED_SFIELD(sfLossUnrealized,           NUMBER,     5)
+TYPED_SFIELD(sfDebtTotal,                NUMBER,     6)
+TYPED_SFIELD(sfDebtMaximum,              NUMBER,     7)
+TYPED_SFIELD(sfCoverAvailable,           NUMBER,     8)
+TYPED_SFIELD(sfLoanOriginationFee,       NUMBER,     9)
+TYPED_SFIELD(sfLoanServiceFee,           NUMBER,     10)
+TYPED_SFIELD(sfLatePaymentFee,           NUMBER,     11)
+TYPED_SFIELD(sfClosePaymentFee,          NUMBER,     12)
+TYPED_SFIELD(sfPrincipalOutstanding,     NUMBER,     13)
+TYPED_SFIELD(sfPrincipalRequested,       NUMBER,     14)
 
 // currency amount (common)
 TYPED_SFIELD(sfAmount,                   AMOUNT,     1)
@@ -299,6 +333,8 @@ TYPED_SFIELD(sfAttestationRewardAccount, ACCOUNT,   21)
 TYPED_SFIELD(sfLockingChainDoor,         ACCOUNT,   22)
 TYPED_SFIELD(sfIssuingChainDoor,         ACCOUNT,   23)
 TYPED_SFIELD(sfSubject,                  ACCOUNT,   24)
+TYPED_SFIELD(sfBorrower,                 ACCOUNT,   25)
+TYPED_SFIELD(sfCounterparty,             ACCOUNT,   26)
 
 // vector of 256-bit
 TYPED_SFIELD(sfIndexes,                  VECTOR256,  1, SField::sMD_Never)
@@ -362,6 +398,7 @@ UNTYPED_SFIELD(sfCredential,             OBJECT,    33)
 UNTYPED_SFIELD(sfRawTransaction,         OBJECT,    34)
 UNTYPED_SFIELD(sfBatchSigner,            OBJECT,    35)
 UNTYPED_SFIELD(sfBook,                   OBJECT,    36)
+UNTYPED_SFIELD(sfCounterpartySignature,  OBJECT,    37, SField::sMD_Default, SField::notSigning)
 
 // array of objects (common)
 // ARRAY/1 is reserved for end of array
@@ -396,3 +433,5 @@ UNTYPED_SFIELD(sfAcceptedCredentials,    ARRAY,     28)
 UNTYPED_SFIELD(sfPermissions,            ARRAY,     29)
 UNTYPED_SFIELD(sfRawTransactions,        ARRAY,     30)
 UNTYPED_SFIELD(sfBatchSigners,           ARRAY,     31, SField::sMD_Default, SField::notSigning)
+
+// clang-format on

include/xrpl/protocol/detail/transactions.macro

@@ -22,14 +22,47 @@
 #endif
 
 /**
- * TRANSACTION(tag, value, name, delegatable, fields)
+ * TRANSACTION(tag, value, name, delegatable, privileges, fields)
+ *
+ * To ease maintenance, you may replace any unneeded values with "..."
+ * e.g. #define TRANSACTION(tag, value, name, ...)
  *
  * You must define a transactor class in the `ripple` namespace named `name`,
- * and include its header in `src/xrpld/app/tx/detail/applySteps.cpp`.
+ * and include its header alongside the TRANSACTOR definition using this
+ * format:
+ * #if TRANSACTION_INCLUDE
+ * #   include <xrpld/app/tx/detail/HEADER.h>
+ * #endif
+ *
+ * The `privileges` parameter of the TRANSACTION macro is a bitfield
+ * defining which operations the transaction can perform.
+ *
+ * The values are only used in InvariantCheck.cpp
+ * Valid values are
+    noPriv - The transaction can not do any of the enumerated operations
+    createAcct - The transaction can create a new ACCOUNT_ROOT object.
+    createPseudoAcct - The transaction can create a pseudo account,
+        which implies createAcct
+    mustDeleteAcct - The transaction must delete an ACCOUNT_ROOT object
+    mayDeleteAcct - The transaction may delete an ACCOUNT_ROOT object,
+        but does not have to
+    overrideFreeze - The transaction can override some freeze rules
+    changeNFTCounts - The transaction can mint or burn an NFT
+    createMPTIssuance - The transaction can create a new MPT issuance
+    destroyMPTIssuance - The transaction can destroy an MPT issuance
+    mustAuthorizeMPT - The transaction MUST create or delete an MPT
+        object (except by issuer)
+    mayAuthorizeMPT - The transaction MAY create or delete an MPT
+        object (except by issuer)
  */
 
 /** This transaction type executes a payment. */
-TRANSACTION(ttPAYMENT, 0, Payment, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/Payment.h>
+#endif
+TRANSACTION(ttPAYMENT, 0, Payment,
+    Delegation::delegatable,
+    createAcct, ({
     {sfDestination, soeREQUIRED},
     {sfAmount, soeREQUIRED, soeMPTSupported},
     {sfSendMax, soeOPTIONAL, soeMPTSupported},
@@ -42,7 +75,12 @@ TRANSACTION(ttPAYMENT, 0, Payment, Delegation::delegatable, ({
 }))
 
 /** This transaction type creates an escrow object. */
-TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/Escrow.h>
+#endif
+TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
+    Delegation::delegatable,
+    noPriv, ({
     {sfDestination, soeREQUIRED},
     {sfAmount, soeREQUIRED, soeMPTSupported},
     {sfCondition, soeOPTIONAL},
@@ -52,7 +90,9 @@ TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate, Delegation::delegatable, ({
 }))
 
 /** This transaction type completes an existing escrow. */
-TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish, Delegation::delegatable, ({
+TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
+    Delegation::delegatable,
+    noPriv, ({
     {sfOwner, soeREQUIRED},
     {sfOfferSequence, soeREQUIRED},
     {sfFulfillment, soeOPTIONAL},
@@ -62,7 +102,12 @@ TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish, Delegation::delegatable, ({
 
 
 /** This transaction type adjusts various account settings. */
-TRANSACTION(ttACCOUNT_SET, 3, AccountSet, Delegation::notDelegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/SetAccount.h>
+#endif
+TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfEmailHash, soeOPTIONAL},
     {sfWalletLocator, soeOPTIONAL},
     {sfWalletSize, soeOPTIONAL},
@@ -76,20 +121,35 @@ TRANSACTION(ttACCOUNT_SET, 3, AccountSet, Delegation::notDelegatable, ({
 }))
 
 /** This transaction type cancels an existing escrow. */
-TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/Escrow.h>
+#endif
+TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
+    Delegation::delegatable,
+    noPriv, ({
     {sfOwner, soeREQUIRED},
     {sfOfferSequence, soeREQUIRED},
 }))
 
 /** This transaction type sets or clears an account's "regular key". */
-TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey, Delegation::notDelegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/SetRegularKey.h>
+#endif
+TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfRegularKey, soeOPTIONAL},
 }))
 
 // 6 deprecated
 
 /** This transaction type creates an offer to trade one asset for another. */
-TRANSACTION(ttOFFER_CREATE, 7, OfferCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/CreateOffer.h>
+#endif
+TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
+    Delegation::delegatable,
+    noPriv, ({
     {sfTakerPays, soeREQUIRED},
     {sfTakerGets, soeREQUIRED},
     {sfExpiration, soeOPTIONAL},
@@ -98,14 +158,24 @@ TRANSACTION(ttOFFER_CREATE, 7, OfferCreate, Delegation::delegatable, ({
 }))
 
 /** This transaction type cancels existing offers to trade one asset for another. */
-TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/CancelOffer.h>
+#endif
+TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
+    Delegation::delegatable,
+    noPriv, ({
     {sfOfferSequence, soeREQUIRED},
 }))
 
 // 9 deprecated
 
 /** This transaction type creates a new set of tickets. */
-TRANSACTION(ttTICKET_CREATE, 10, TicketCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/CreateTicket.h>
+#endif
+TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
+    Delegation::delegatable,
+    noPriv, ({
     {sfTicketCount, soeREQUIRED},
 }))
 
@@ -114,13 +184,23 @@ TRANSACTION(ttTICKET_CREATE, 10, TicketCreate, Delegation::delegatable, ({
 /** This transaction type modifies the signer list associated with an account. */
 // The SignerEntries are optional because a SignerList is deleted by
 // setting the SignerQuorum to zero and omitting SignerEntries.
-TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet, Delegation::notDelegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/SetSignerList.h>
+#endif
+TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfSignerQuorum, soeREQUIRED},
     {sfSignerEntries, soeOPTIONAL},
 }))
 
 /** This transaction type creates a new unidirectional XRP payment channel. */
-TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/PayChan.h>
+#endif
+TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
+    Delegation::delegatable,
+    noPriv, ({
     {sfDestination, soeREQUIRED},
     {sfAmount, soeREQUIRED},
     {sfSettleDelay, soeREQUIRED},
@@ -130,14 +210,18 @@ TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate, Delegation::delegatable,
 }))
 
 /** This transaction type funds an existing unidirectional XRP payment channel. */
-TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund, Delegation::delegatable, ({
+TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
+    Delegation::delegatable,
+    noPriv, ({
     {sfChannel, soeREQUIRED},
     {sfAmount, soeREQUIRED},
     {sfExpiration, soeOPTIONAL},
 }))
 
 /** This transaction type submits a claim against an existing unidirectional payment channel. */
-TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim, Delegation::delegatable, ({
+TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
+    Delegation::delegatable,
+    noPriv, ({
     {sfChannel, soeREQUIRED},
     {sfAmount, soeOPTIONAL},
     {sfBalance, soeOPTIONAL},
@@ -147,7 +231,12 @@ TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim, Delegation::delegatable, (
 }))
 
 /** This transaction type creates a new check. */
-TRANSACTION(ttCHECK_CREATE, 16, CheckCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/CreateCheck.h>
+#endif
+TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
+    Delegation::delegatable,
+    noPriv, ({
     {sfDestination, soeREQUIRED},
     {sfSendMax, soeREQUIRED},
     {sfExpiration, soeOPTIONAL},
@@ -156,19 +245,34 @@ TRANSACTION(ttCHECK_CREATE, 16, CheckCreate, Delegation::delegatable, ({
 }))
 
 /** This transaction type cashes an existing check. */
-TRANSACTION(ttCHECK_CASH, 17, CheckCash, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/CashCheck.h>
+#endif
+TRANSACTION(ttCHECK_CASH, 17, CheckCash,
+    Delegation::delegatable,
+    noPriv, ({
     {sfCheckID, soeREQUIRED},
     {sfAmount, soeOPTIONAL},
     {sfDeliverMin, soeOPTIONAL},
 }))
 
 /** This transaction type cancels an existing check. */
-TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/CancelCheck.h>
+#endif
+TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
+    Delegation::delegatable,
+    noPriv, ({
     {sfCheckID, soeREQUIRED},
 }))
 
 /** This transaction type grants or revokes authorization to transfer funds. */
-TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/DepositPreauth.h>
+#endif
+TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
+    Delegation::delegatable,
+    noPriv, ({
     {sfAuthorize, soeOPTIONAL},
     {sfUnauthorize, soeOPTIONAL},
     {sfAuthorizeCredentials, soeOPTIONAL},
@@ -176,14 +280,24 @@ TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth, Delegation::delegatable, ({
 }))
 
 /** This transaction type modifies a trustline between two accounts. */
-TRANSACTION(ttTRUST_SET, 20, TrustSet, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/SetTrust.h>
+#endif
+TRANSACTION(ttTRUST_SET, 20, TrustSet,
+    Delegation::delegatable,
+    noPriv, ({
     {sfLimitAmount, soeOPTIONAL},
     {sfQualityIn, soeOPTIONAL},
     {sfQualityOut, soeOPTIONAL},
 }))
 
 /** This transaction type deletes an existing account. */
-TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete, Delegation::notDelegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/DeleteAccount.h>
+#endif
+TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
+    Delegation::notDelegatable,
+    mustDeleteAcct, ({
     {sfDestination, soeREQUIRED},
     {sfDestinationTag, soeOPTIONAL},
     {sfCredentialIDs, soeOPTIONAL},
@@ -192,7 +306,12 @@ TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete, Delegation::notDelegatable, ({
 // 22 reserved
 
 /** This transaction mints a new NFT. */
-TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/NFTokenMint.h>
+#endif
+TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
+    Delegation::delegatable,
+    changeNFTCounts, ({
     {sfNFTokenTaxon, soeREQUIRED},
     {sfTransferFee, soeOPTIONAL},
     {sfIssuer, soeOPTIONAL},
@@ -203,13 +322,23 @@ TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint, Delegation::delegatable, ({
 }))
 
 /** This transaction burns (i.e. destroys) an existing NFT. */
-TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/NFTokenBurn.h>
+#endif
+TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
+    Delegation::delegatable,
+    changeNFTCounts, ({
     {sfNFTokenID, soeREQUIRED},
     {sfOwner, soeOPTIONAL},
 }))
 
 /** This transaction creates a new offer to buy or sell an NFT. */
-TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/NFTokenCreateOffer.h>
+#endif
+TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
+    Delegation::delegatable,
+    noPriv, ({
     {sfNFTokenID, soeREQUIRED},
     {sfAmount, soeREQUIRED},
     {sfDestination, soeOPTIONAL},
@@ -218,25 +347,45 @@ TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer, Delegation::delegata
 }))
 
 /** This transaction cancels an existing offer to buy or sell an existing NFT. */
-TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/NFTokenCancelOffer.h>
+#endif
+TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
+    Delegation::delegatable,
+    noPriv, ({
     {sfNFTokenOffers, soeREQUIRED},
 }))
 
 /** This transaction accepts an existing offer to buy or sell an existing  NFT. */
-TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/NFTokenAcceptOffer.h>
+#endif
+TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
+    Delegation::delegatable,
+    noPriv, ({
     {sfNFTokenBuyOffer, soeOPTIONAL},
     {sfNFTokenSellOffer, soeOPTIONAL},
     {sfNFTokenBrokerFee, soeOPTIONAL},
 }))
 
 /** This transaction claws back issued tokens. */
-TRANSACTION(ttCLAWBACK, 30, Clawback, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/Clawback.h>
+#endif
+TRANSACTION(ttCLAWBACK, 30, Clawback,
+    Delegation::delegatable,
+    noPriv, ({
     {sfAmount, soeREQUIRED, soeMPTSupported},
     {sfHolder, soeOPTIONAL},
 }))
 
 /** This transaction claws back tokens from an AMM pool. */
-TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/AMMClawback.h>
+#endif
+TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback,
+    Delegation::delegatable,
+    mayDeleteAcct | overrideFreeze, ({
     {sfHolder, soeREQUIRED},
     {sfAsset, soeREQUIRED},
     {sfAsset2, soeREQUIRED},
@@ -244,14 +393,24 @@ TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback, Delegation::delegatable, ({
 }))
 
 /** This transaction type creates an AMM instance */
-TRANSACTION(ttAMM_CREATE, 35, AMMCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/AMMCreate.h>
+#endif
+TRANSACTION(ttAMM_CREATE, 35, AMMCreate,
+    Delegation::delegatable,
+    createPseudoAcct, ({
     {sfAmount, soeREQUIRED},
     {sfAmount2, soeREQUIRED},
     {sfTradingFee, soeREQUIRED},
 }))
 
 /** This transaction type deposits into an AMM instance */
-TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/AMMDeposit.h>
+#endif
+TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit,
+    Delegation::delegatable,
+    noPriv, ({
     {sfAsset, soeREQUIRED},
     {sfAsset2, soeREQUIRED},
     {sfAmount, soeOPTIONAL},
@@ -262,7 +421,12 @@ TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit, Delegation::delegatable, ({
 }))
 
 /** This transaction type withdraws from an AMM instance */
-TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/AMMWithdraw.h>
+#endif
+TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw,
+    Delegation::delegatable,
+    mayDeleteAcct, ({
     {sfAsset, soeREQUIRED},
     {sfAsset2, soeREQUIRED},
     {sfAmount, soeOPTIONAL},
@@ -272,14 +436,24 @@ TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw, Delegation::delegatable, ({
 }))
 
 /** This transaction type votes for the trading fee */
-TRANSACTION(ttAMM_VOTE, 38, AMMVote, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/AMMVote.h>
+#endif
+TRANSACTION(ttAMM_VOTE, 38, AMMVote,
+    Delegation::delegatable,
+    noPriv, ({
     {sfAsset, soeREQUIRED},
     {sfAsset2, soeREQUIRED},
     {sfTradingFee, soeREQUIRED},
 }))
 
 /** This transaction type bids for the auction slot */
-TRANSACTION(ttAMM_BID, 39, AMMBid, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/AMMBid.h>
+#endif
+TRANSACTION(ttAMM_BID, 39, AMMBid,
+    Delegation::delegatable,
+    noPriv, ({
     {sfAsset, soeREQUIRED},
     {sfAsset2, soeREQUIRED},
     {sfBidMin, soeOPTIONAL},
@@ -288,20 +462,32 @@ TRANSACTION(ttAMM_BID, 39, AMMBid, Delegation::delegatable, ({
 }))
 
 /** This transaction type deletes AMM in the empty state */
-TRANSACTION(ttAMM_DELETE, 40, AMMDelete, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/AMMDelete.h>
+#endif
+TRANSACTION(ttAMM_DELETE, 40, AMMDelete,
+    Delegation::delegatable,
+    mustDeleteAcct, ({
     {sfAsset, soeREQUIRED},
     {sfAsset2, soeREQUIRED},
 }))
 
 /** This transactions creates a crosschain sequence number */
-TRANSACTION(ttXCHAIN_CREATE_CLAIM_ID, 41, XChainCreateClaimID, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/XChainBridge.h>
+#endif
+TRANSACTION(ttXCHAIN_CREATE_CLAIM_ID, 41, XChainCreateClaimID,
+    Delegation::delegatable,
+    noPriv, ({
     {sfXChainBridge, soeREQUIRED},
     {sfSignatureReward, soeREQUIRED},
     {sfOtherChainSource, soeREQUIRED},
 }))
 
 /** This transactions initiates a crosschain transaction */
-TRANSACTION(ttXCHAIN_COMMIT, 42, XChainCommit, Delegation::delegatable, ({
+TRANSACTION(ttXCHAIN_COMMIT, 42, XChainCommit,
+    Delegation::delegatable,
+    noPriv, ({
     {sfXChainBridge, soeREQUIRED},
     {sfXChainClaimID, soeREQUIRED},
     {sfAmount, soeREQUIRED},
@@ -309,7 +495,9 @@ TRANSACTION(ttXCHAIN_COMMIT, 42, XChainCommit, Delegation::delegatable, ({
 }))
 
 /** This transaction completes a crosschain transaction */
-TRANSACTION(ttXCHAIN_CLAIM, 43, XChainClaim, Delegation::delegatable, ({
+TRANSACTION(ttXCHAIN_CLAIM, 43, XChainClaim,
+    Delegation::delegatable,
+    noPriv, ({
     {sfXChainBridge, soeREQUIRED},
     {sfXChainClaimID, soeREQUIRED},
     {sfDestination, soeREQUIRED},
@@ -318,7 +506,9 @@ TRANSACTION(ttXCHAIN_CLAIM, 43, XChainClaim, Delegation::delegatable, ({
 }))
 
 /** This transaction initiates a crosschain account create transaction */
-TRANSACTION(ttXCHAIN_ACCOUNT_CREATE_COMMIT, 44, XChainAccountCreateCommit, Delegation::delegatable, ({
+TRANSACTION(ttXCHAIN_ACCOUNT_CREATE_COMMIT, 44, XChainAccountCreateCommit,
+    Delegation::delegatable,
+    noPriv, ({
     {sfXChainBridge, soeREQUIRED},
     {sfDestination, soeREQUIRED},
     {sfAmount, soeREQUIRED},
@@ -326,7 +516,9 @@ TRANSACTION(ttXCHAIN_ACCOUNT_CREATE_COMMIT, 44, XChainAccountCreateCommit, Deleg
 }))
 
 /** This transaction adds an attestation to a claim */
-TRANSACTION(ttXCHAIN_ADD_CLAIM_ATTESTATION, 45, XChainAddClaimAttestation, Delegation::delegatable, ({
+TRANSACTION(ttXCHAIN_ADD_CLAIM_ATTESTATION, 45, XChainAddClaimAttestation,
+    Delegation::delegatable,
+    createAcct, ({
     {sfXChainBridge, soeREQUIRED},
 
     {sfAttestationSignerAccount, soeREQUIRED},
@@ -342,7 +534,10 @@ TRANSACTION(ttXCHAIN_ADD_CLAIM_ATTESTATION, 45, XChainAddClaimAttestation, Deleg
 }))
 
 /** This transaction adds an attestation to an account */
-TRANSACTION(ttXCHAIN_ADD_ACCOUNT_CREATE_ATTESTATION, 46, XChainAddAccountCreateAttestation, Delegation::delegatable, ({
+TRANSACTION(ttXCHAIN_ADD_ACCOUNT_CREATE_ATTESTATION, 46,
+    XChainAddAccountCreateAttestation,
+    Delegation::delegatable,
+    createAcct, ({
     {sfXChainBridge, soeREQUIRED},
 
     {sfAttestationSignerAccount, soeREQUIRED},
@@ -359,31 +554,47 @@ TRANSACTION(ttXCHAIN_ADD_ACCOUNT_CREATE_ATTESTATION, 46, XChainAddAccountCreateA
 }))
 
 /** This transaction modifies a sidechain */
-TRANSACTION(ttXCHAIN_MODIFY_BRIDGE, 47, XChainModifyBridge, Delegation::delegatable, ({
+TRANSACTION(ttXCHAIN_MODIFY_BRIDGE, 47, XChainModifyBridge,
+    Delegation::delegatable,
+    noPriv, ({
     {sfXChainBridge, soeREQUIRED},
     {sfSignatureReward, soeOPTIONAL},
     {sfMinAccountCreateAmount, soeOPTIONAL},
 }))
 
 /** This transactions creates a sidechain */
-TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge, Delegation::delegatable, ({
+TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
+    Delegation::delegatable,
+    noPriv, ({
     {sfXChainBridge, soeREQUIRED},
     {sfSignatureReward, soeREQUIRED},
     {sfMinAccountCreateAmount, soeOPTIONAL},
 }))
 
 /** This transaction type creates or updates a DID */
-TRANSACTION(ttDID_SET, 49, DIDSet, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/DID.h>
+#endif
+TRANSACTION(ttDID_SET, 49, DIDSet,
+    Delegation::delegatable,
+    noPriv, ({
     {sfDIDDocument, soeOPTIONAL},
     {sfURI, soeOPTIONAL},
     {sfData, soeOPTIONAL},
 }))
 
 /** This transaction type deletes a DID */
-TRANSACTION(ttDID_DELETE, 50, DIDDelete, Delegation::delegatable, ({}))
+TRANSACTION(ttDID_DELETE, 50, DIDDelete,
+    Delegation::delegatable,
+    noPriv, ({}))
 
 /** This transaction type creates an Oracle instance */
-TRANSACTION(ttORACLE_SET, 51, OracleSet, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/SetOracle.h>
+#endif
+TRANSACTION(ttORACLE_SET, 51, OracleSet,
+    Delegation::delegatable,
+    noPriv, ({
     {sfOracleDocumentID, soeREQUIRED},
     {sfProvider, soeOPTIONAL},
     {sfURI, soeOPTIONAL},
@@ -393,43 +604,80 @@ TRANSACTION(ttORACLE_SET, 51, OracleSet, Delegation::delegatable, ({
 }))
 
 /** This transaction type deletes an Oracle instance */
-TRANSACTION(ttORACLE_DELETE, 52, OracleDelete, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/DeleteOracle.h>
+#endif
+TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
+    Delegation::delegatable,
+    noPriv, ({
     {sfOracleDocumentID, soeREQUIRED},
 }))
 
 /** This transaction type fixes a problem in the ledger state */
-TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LedgerStateFix.h>
+#endif
+TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix,
+    Delegation::delegatable,
+    noPriv, ({
     {sfLedgerFixType, soeREQUIRED},
     {sfOwner, soeOPTIONAL},
 }))
 
 /** This transaction type creates a MPTokensIssuance instance */
-TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/MPTokenIssuanceCreate.h>
+#endif
+TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate,
+    Delegation::delegatable,
+    createMPTIssuance, ({
     {sfAssetScale, soeOPTIONAL},
     {sfTransferFee, soeOPTIONAL},
     {sfMaximumAmount, soeOPTIONAL},
     {sfMPTokenMetadata, soeOPTIONAL},
+    {sfDomainID, soeOPTIONAL},
 }))
 
 /** This transaction type destroys a MPTokensIssuance instance */
-TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/MPTokenIssuanceDestroy.h>
+#endif
+TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy,
+    Delegation::delegatable,
+    destroyMPTIssuance, ({
     {sfMPTokenIssuanceID, soeREQUIRED},
 }))
 
 /** This transaction type sets flags on a MPTokensIssuance or MPToken instance */
-TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/MPTokenIssuanceSet.h>
+#endif
+TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
+    Delegation::delegatable,
+    noPriv, ({
     {sfMPTokenIssuanceID, soeREQUIRED},
     {sfHolder, soeOPTIONAL},
+    {sfDomainID, soeOPTIONAL},
 }))
 
 /** This transaction type authorizes a MPToken instance */
-TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/MPTokenAuthorize.h>
+#endif
+TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
+    Delegation::delegatable,
+    mustAuthorizeMPT, ({
     {sfMPTokenIssuanceID, soeREQUIRED},
     {sfHolder, soeOPTIONAL},
 }))
 
 /** This transaction type create an Credential instance */
-TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/Credentials.h>
+#endif
+TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
+    Delegation::delegatable,
+    noPriv, ({
     {sfSubject, soeREQUIRED},
     {sfCredentialType, soeREQUIRED},
     {sfExpiration, soeOPTIONAL},
@@ -437,96 +685,294 @@ TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate, Delegation::delegatable,
 }))
 
 /** This transaction type accept an Credential object */
-TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept, Delegation::delegatable, ({
+TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
+    Delegation::delegatable,
+    noPriv, ({
     {sfIssuer, soeREQUIRED},
     {sfCredentialType, soeREQUIRED},
 }))
 
 /** This transaction type delete an Credential object */
-TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete, Delegation::delegatable, ({
+TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
+    Delegation::delegatable,
+    noPriv, ({
     {sfSubject, soeOPTIONAL},
     {sfIssuer, soeOPTIONAL},
     {sfCredentialType, soeREQUIRED},
 }))
 
 /** This transaction type modify a NFToken */
-TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/NFTokenModify.h>
+#endif
+TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify,
+    Delegation::delegatable,
+    noPriv, ({
     {sfNFTokenID, soeREQUIRED},
     {sfOwner, soeOPTIONAL},
     {sfURI, soeOPTIONAL},
 }))
 
 /** This transaction type creates or modifies a Permissioned Domain */
-TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/PermissionedDomainSet.h>
+#endif
+TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet,
+    Delegation::delegatable,
+    noPriv, ({
     {sfDomainID, soeOPTIONAL},
     {sfAcceptedCredentials, soeREQUIRED},
 }))
 
 /** This transaction type deletes a Permissioned Domain */
-TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/PermissionedDomainDelete.h>
+#endif
+TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
+    Delegation::delegatable,
+    noPriv, ({
     {sfDomainID, soeREQUIRED},
 }))
 
 /** This transaction type delegates authorized account specified permissions */
-TRANSACTION(ttDELEGATE_SET, 64, DelegateSet, Delegation::notDelegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/DelegateSet.h>
+#endif
+TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfAuthorize, soeREQUIRED},
     {sfPermissions, soeREQUIRED},
 }))
 
 /** This transaction creates a single asset vault. */
-TRANSACTION(ttVAULT_CREATE, 65, VaultCreate, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/VaultCreate.h>
+#endif
+TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
+    Delegation::delegatable,
+    createPseudoAcct | createMPTIssuance, ({
     {sfAsset, soeREQUIRED, soeMPTSupported},
     {sfAssetsMaximum, soeOPTIONAL},
     {sfMPTokenMetadata, soeOPTIONAL},
-    {sfDomainID, soeOPTIONAL}, // PermissionedDomainID
+    {sfDomainID, soeOPTIONAL},
     {sfWithdrawalPolicy, soeOPTIONAL},
     {sfData, soeOPTIONAL},
 }))
 
 /** This transaction updates a single asset vault. */
-TRANSACTION(ttVAULT_SET, 66, VaultSet, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/VaultSet.h>
+#endif
+TRANSACTION(ttVAULT_SET, 66, VaultSet,
+    Delegation::delegatable,
+    noPriv, ({
     {sfVaultID, soeREQUIRED},
     {sfAssetsMaximum, soeOPTIONAL},
-    {sfDomainID, soeOPTIONAL}, // PermissionedDomainID
+    {sfDomainID, soeOPTIONAL},
     {sfData, soeOPTIONAL},
 }))
 
 /** This transaction deletes a single asset vault. */
-TRANSACTION(ttVAULT_DELETE, 67, VaultDelete, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/VaultDelete.h>
+#endif
+TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
+    Delegation::delegatable,
+    mustDeleteAcct | destroyMPTIssuance, ({
     {sfVaultID, soeREQUIRED},
 }))
 
 /** This transaction trades assets for shares with a vault. */
-TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/VaultDeposit.h>
+#endif
+TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
+    Delegation::delegatable,
+    mayAuthorizeMPT, ({
     {sfVaultID, soeREQUIRED},
     {sfAmount, soeREQUIRED, soeMPTSupported},
 }))
 
 /** This transaction trades shares for assets with a vault. */
-TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/VaultWithdraw.h>
+#endif
+TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
+    Delegation::delegatable,
+    noPriv, ({
     {sfVaultID, soeREQUIRED},
     {sfAmount, soeREQUIRED, soeMPTSupported},
     {sfDestination, soeOPTIONAL},
+    {sfDestinationTag, soeOPTIONAL},
 }))
 
 /** This transaction claws back tokens from a vault. */
-TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback, Delegation::delegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/VaultClawback.h>
+#endif
+TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
+    Delegation::delegatable,
+    noPriv, ({
     {sfVaultID, soeREQUIRED},
     {sfHolder, soeREQUIRED},
     {sfAmount, soeOPTIONAL, soeMPTSupported},
 }))
 
 /** This transaction type batches together transactions. */
-TRANSACTION(ttBATCH, 71, Batch, Delegation::notDelegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/Batch.h>
+#endif
+TRANSACTION(ttBATCH, 71, Batch,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfRawTransactions, soeREQUIRED},
     {sfBatchSigners, soeOPTIONAL},
 }))
 
+/** Reserve 72-73 for future Vault-related transactions */
+
+/** This transaction creates and updates a Loan Broker */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanBrokerSet.h>
+#endif
+TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
+    Delegation::delegatable,
+    createPseudoAcct | mayAuthorizeMPT, ({
+    {sfVaultID, soeREQUIRED},
+    {sfLoanBrokerID, soeOPTIONAL},
+    {sfData, soeOPTIONAL},
+    {sfManagementFeeRate, soeOPTIONAL},
+    {sfDebtMaximum, soeOPTIONAL},
+    {sfCoverRateMinimum, soeOPTIONAL},
+    {sfCoverRateLiquidation, soeOPTIONAL},
+}))
+
+/** This transaction deletes a Loan Broker */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanBrokerDelete.h>
+#endif
+TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
+    Delegation::delegatable,
+    mustDeleteAcct | mayAuthorizeMPT, ({
+    {sfLoanBrokerID, soeREQUIRED},
+}))
+
+/** This transaction deposits First Loss Capital into a Loan Broker */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanBrokerCoverDeposit.h>
+#endif
+TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanBrokerID, soeREQUIRED},
+    {sfAmount, soeREQUIRED, soeMPTSupported},
+}))
+
+/** This transaction withdraws First Loss Capital from a Loan Broker */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanBrokerCoverWithdraw.h>
+#endif
+TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanBrokerID, soeREQUIRED},
+    {sfAmount, soeREQUIRED, soeMPTSupported},
+    {sfDestination, soeOPTIONAL},
+    {sfDestinationTag, soeOPTIONAL},
+}))
+
+/** This transaction claws back First Loss Capital from a Loan Broker to
+    the issuer of the capital */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanBrokerCoverClawback.h>
+#endif
+TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanBrokerID, soeOPTIONAL},
+    {sfAmount, soeOPTIONAL, soeMPTSupported},
+}))
+
+/** This transaction creates a Loan */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanSet.h>
+#endif
+TRANSACTION(ttLOAN_SET, 80, LoanSet,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanBrokerID, soeREQUIRED},
+    {sfData, soeOPTIONAL},
+    {sfCounterparty, soeOPTIONAL},
+    {sfCounterpartySignature, soeREQUIRED},
+    {sfLoanOriginationFee, soeOPTIONAL},
+    {sfLoanServiceFee, soeOPTIONAL},
+    {sfLatePaymentFee, soeOPTIONAL},
+    {sfClosePaymentFee, soeOPTIONAL},
+    {sfOverpaymentFee, soeOPTIONAL},
+    {sfInterestRate, soeOPTIONAL},
+    {sfLateInterestRate, soeOPTIONAL},
+    {sfCloseInterestRate, soeOPTIONAL},
+    {sfOverpaymentInterestRate, soeOPTIONAL},
+    {sfPrincipalRequested, soeREQUIRED},
+    {sfStartDate, soeREQUIRED},
+    {sfPaymentTotal, soeOPTIONAL},
+    {sfPaymentInterval, soeOPTIONAL},
+    {sfGracePeriod, soeOPTIONAL},
+}))
+
+/** This transaction deletes an existing Loan */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanDelete.h>
+#endif
+TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanID, soeREQUIRED},
+}))
+
+/** This transaction is used to change the delinquency status of an existing Loan */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanManage.h>
+#endif
+TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanID, soeREQUIRED},
+}))
+
+/** The Borrower uses this transaction to draws funds from the Loan. */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanDraw.h>
+#endif
+TRANSACTION(ttLOAN_DRAW, 83, LoanDraw,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanID, soeREQUIRED},
+    {sfAmount, soeREQUIRED, soeMPTSupported},
+}))
+
+/** The Borrower uses this transaction to make a Payment on the Loan. */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanPay.h>
+#endif
+TRANSACTION(ttLOAN_PAY, 84, LoanPay,
+    Delegation::delegatable,
+    noPriv, ({
+    {sfLoanID, soeREQUIRED},
+    {sfAmount, soeREQUIRED, soeMPTSupported},
+}))
+
 /** This system-generated transaction type is used to update the status of the various amendments.
 
     For details, see: https://xrpl.org/amendments.html
  */
-TRANSACTION(ttAMENDMENT, 100, EnableAmendment, Delegation::notDelegatable, ({
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/Change.h>
+#endif
+TRANSACTION(ttAMENDMENT, 100, EnableAmendment,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfLedgerSequence, soeREQUIRED},
     {sfAmendment, soeREQUIRED},
 }))
@@ -534,7 +980,9 @@ TRANSACTION(ttAMENDMENT, 100, EnableAmendment, Delegation::notDelegatable, ({
 /** This system-generated transaction type is used to update the network's fee settings.
     For details, see: https://xrpl.org/fee-voting.html
  */
-TRANSACTION(ttFEE, 101, SetFee, Delegation::notDelegatable, ({
+TRANSACTION(ttFEE, 101, SetFee,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfLedgerSequence, soeOPTIONAL},
     // Old version uses raw numbers
     {sfBaseFee, soeOPTIONAL},
@@ -551,7 +999,9 @@ TRANSACTION(ttFEE, 101, SetFee, Delegation::notDelegatable, ({
 
     For details, see: https://xrpl.org/negative-unl.html
  */
-TRANSACTION(ttUNL_MODIFY, 102, UNLModify, Delegation::notDelegatable, ({
+TRANSACTION(ttUNL_MODIFY, 102, UNLModify,
+    Delegation::notDelegatable,
+    noPriv, ({
     {sfUNLModifyDisabling, soeREQUIRED},
     {sfLedgerSequence, soeREQUIRED},
     {sfUNLModifyValidator, soeREQUIRED},

include/xrpl/protocol/digest.h

@@ -25,7 +25,6 @@
 
 #include <boost/endian/conversion.hpp>
 
-#include <algorithm>
 #include <array>
 
 namespace ripple {

include/xrpl/protocol/json_get_or_throw.h

@@ -10,7 +10,6 @@
 #include <charconv>
 #include <exception>
 #include <optional>
-#include <string>
 
 namespace Json {
 struct JsonMissingKeyError : std::exception

include/xrpl/protocol/jss.h

@@ -500,6 +500,7 @@ JSS(propose_seq);             // out: LedgerPropose
 JSS(proposers);               // out: NetworkOPs, LedgerConsensus
 JSS(protocol);                // out: NetworkOPs, PeerImp
 JSS(proxied);                 // out: RPC ping
+JSS(pseudo_account);          // out: AccountInfo
 JSS(pubkey_node);             // out: NetworkOPs
 JSS(pubkey_publisher);        // out: ValidatorList
 JSS(pubkey_validator);        // out: NetworkOPs, ValidatorList
@@ -706,7 +707,7 @@ JSS(write_load);              // out: GetCounts
 #pragma push_macro("TRANSACTION")
 #undef TRANSACTION
 
-#define TRANSACTION(tag, value, name, delegatable, fields) JSS(name);
+#define TRANSACTION(tag, value, name, ...) JSS(name);
 
 #include <xrpl/protocol/detail/transactions.macro>
 

include/xrpl/resource/Charge.h

@@ -20,7 +20,6 @@
 #ifndef RIPPLE_RESOURCE_CHARGE_H_INCLUDED
 #define RIPPLE_RESOURCE_CHARGE_H_INCLUDED
 
-#include <ios>
 #include <string>
 
 namespace ripple {

include/xrpl/resource/Gossip.h

@@ -22,6 +22,8 @@
 
 #include <xrpl/beast/net/IPEndpoint.h>
 
+#include <vector>
+
 namespace ripple {
 namespace Resource {
 

include/xrpl/server/detail/BaseHTTPPeer.h

@@ -41,7 +41,6 @@
 #include <functional>
 #include <memory>
 #include <mutex>
-#include <type_traits>
 #include <vector>
 
 namespace ripple {

include/xrpl/server/detail/Door.h

@@ -37,10 +37,8 @@
 #include <boost/container/flat_map.hpp>
 
 #include <chrono>
-#include <condition_variable>
 #include <functional>
 #include <memory>
-#include <mutex>
 
 namespace ripple {
 

include/xrpl/server/detail/io_list.h

@@ -26,7 +26,6 @@
 #include <functional>
 #include <memory>
 #include <mutex>
-#include <stdexcept>
 #include <type_traits>
 #include <utility>
 

src/libxrpl/basics/Number.cpp

@@ -20,6 +20,8 @@
 #include <xrpl/basics/Number.h>
 #include <xrpl/beast/utility/instrumentation.h>
 
+#include <boost/predef.h>
+
 #include <algorithm>
 #include <cstddef>
 #include <cstdint>

src/libxrpl/protocol/BuildInfo.cpp

@@ -36,7 +36,7 @@ namespace BuildInfo {
 //  and follow the format described at http://semver.org/
 //------------------------------------------------------------------------------
 // clang-format off
-char const* const versionString = "2.5.0-rc2"
+char const* const versionString = "2.5.0"
 // clang-format on
 
 #if defined(DEBUG) || defined(SANITIZER)

src/libxrpl/protocol/Indexes.cpp

@@ -96,6 +96,8 @@ enum class LedgerNameSpace : std::uint16_t {
     PERMISSIONED_DOMAIN = 'm',
     DELEGATE = 'E',
     VAULT = 'V',
+    LOAN_BROKER = 'l',  // lower-case L
+    LOAN = 'L',
 
     // No longer used or supported. Left here to reserve the space
     // to avoid accidental reuse.
@@ -566,6 +568,18 @@ vault(AccountID const& owner, std::uint32_t seq) noexcept
     return vault(indexHash(LedgerNameSpace::VAULT, owner, seq));
 }
 
+Keylet
+loanbroker(AccountID const& owner, std::uint32_t seq) noexcept
+{
+    return loanbroker(indexHash(LedgerNameSpace::LOAN_BROKER, owner, seq));
+}
+
+Keylet
+loan(uint256 const& loanBrokerID, std::uint32_t loanSeq) noexcept
+{
+    return loan(indexHash(LedgerNameSpace::LOAN, loanBrokerID, loanSeq));
+}
+
 Keylet
 permissionedDomain(AccountID const& account, std::uint32_t seq) noexcept
 {

src/libxrpl/protocol/InnerObjectFormats.cpp

@@ -172,6 +172,14 @@ InnerObjectFormats::InnerObjectFormats()
             {sfBookDirectory, soeREQUIRED},
             {sfBookNode, soeREQUIRED},
         });
+
+    add(sfCounterpartySignature.jsonName,
+        sfCounterpartySignature.getCode(),
+        {
+            {sfSigningPubKey, soeOPTIONAL},
+            {sfTxnSignature, soeOPTIONAL},
+            {sfSigners, soeOPTIONAL},
+        });
 }
 
 InnerObjectFormats const&

src/libxrpl/protocol/NFTSyntheticSerializer.cpp

@@ -28,6 +28,7 @@
 #include <memory>
 
 namespace ripple {
+namespace RPC {
 
 void
 insertNFTSyntheticInJson(
@@ -39,4 +40,5 @@ insertNFTSyntheticInJson(
     insertNFTokenOfferID(response[jss::meta], transaction, transactionMeta);
 }
 
+}  // namespace RPC
 }  // namespace ripple

src/libxrpl/protocol/Permissions.cpp

@@ -29,7 +29,7 @@ Permission::Permission()
 #pragma push_macro("TRANSACTION")
 #undef TRANSACTION
 
-#define TRANSACTION(tag, value, name, delegatable, fields) {value, delegatable},
+#define TRANSACTION(tag, value, name, delegatable, ...) {value, delegatable},
 
 #include <xrpl/protocol/detail/transactions.macro>
 
@@ -145,4 +145,4 @@ Permission::permissionToTxType(uint32_t const& value) const
     return static_cast<TxType>(value - 1);
 }
 
-}  // namespace ripple
+}  // namespace ripple

src/libxrpl/protocol/SField.cpp

@@ -17,6 +17,7 @@
 */
 //==============================================================================
 
+#include <xrpl/beast/utility/instrumentation.h>
 #include <xrpl/protocol/SField.h>
 
 #include <map>
@@ -28,6 +29,7 @@ namespace ripple {
 SField::IsSigning const SField::notSigning;
 int SField::num = 0;
 std::map<int, SField const*> SField::knownCodeToField;
+std::map<std::string, SField const*> SField::knownNameToField;
 
 // Give only this translation unit permission to construct SFields
 struct SField::private_access_tag_t
@@ -45,7 +47,7 @@ TypedField<T>::TypedField(private_access_tag_t pat, Args&&... args)
 }
 
 // Construct all compile-time SFields, and register them in the knownCodeToField
-// database:
+// and knownNameToField databases:
 
 // Use macros for most SField construction to enforce naming conventions.
 #pragma push_macro("UNTYPED_SFIELD")
@@ -99,7 +101,14 @@ SField::SField(
     , signingField(signing)
     , jsonName(fieldName.c_str())
 {
+    XRPL_ASSERT(
+        !knownCodeToField.contains(fieldCode),
+        "ripple::SField::SField(tid,fv,fn,meta,signing) : fieldCode is unique");
+    XRPL_ASSERT(
+        !knownNameToField.contains(fieldName),
+        "ripple::SField::SField(tid,fv,fn,meta,signing) : fieldName is unique");
     knownCodeToField[fieldCode] = this;
+    knownNameToField[fieldName] = this;
 }
 
 SField::SField(private_access_tag_t, int fc)
@@ -111,6 +120,9 @@ SField::SField(private_access_tag_t, int fc)
     , signingField(IsSigning::yes)
     , jsonName(fieldName.c_str())
 {
+    XRPL_ASSERT(
+        !knownCodeToField.contains(fieldCode),
+        "ripple::SField::SField(fc) : fieldCode is unique");
     knownCodeToField[fieldCode] = this;
 }
 
@@ -145,11 +157,11 @@ SField::compare(SField const& f1, SField const& f2)
 SField const&
 SField::getField(std::string const& fieldName)
 {
-    for (auto const& [_, f] : knownCodeToField)
+    auto it = knownNameToField.find(fieldName);
+
+    if (it != knownNameToField.end())
     {
-        (void)_;
-        if (f->fieldName == fieldName)
-            return *f;
+        return *(it->second);
     }
     return sfInvalid;
 }

src/libxrpl/protocol/STAmount.cpp

@@ -1509,6 +1509,30 @@ canonicalizeRoundStrict(
     }
 }
 
+STAmount
+roundToReference(
+    STAmount const value,
+    STAmount referenceValue,
+    Number::rounding_mode rounding)
+{
+    if (value.asset().native() || !value.asset().holds<Issue>())
+        return value;
+
+    NumberRoundModeGuard mg(rounding);
+    if (referenceValue.negative() != value.negative())
+        referenceValue.negate();
+
+    if (value.exponent() > referenceValue.exponent() &&
+        (value.exponent() == referenceValue.exponent() &&
+         value.mantissa() >= referenceValue.mantissa()))
+        return value;
+    // With an IOU, the total will be truncated to the precision of the
+    // larger value: referenceValue
+    STAmount const total = referenceValue + value;
+    STAmount const result = total - referenceValue;
+    return result;
+}
+
 namespace {
 
 // We need a class that has an interface similar to NumberRoundModeGuard

src/libxrpl/protocol/STObject.cpp

@@ -682,6 +682,16 @@ STObject::getFieldV256(SField const& field) const
     return getFieldByConstRef<STVector256>(field, empty);
 }
 
+STObject
+STObject::getFieldObject(SField const& field) const
+{
+    STObject const empty{field};
+    auto ret = getFieldByConstRef<STObject>(field, empty);
+    if (ret != empty)
+        ret.applyTemplateFromSField(field);
+    return ret;
+}
+
 STArray const&
 STObject::getFieldArray(SField const& field) const
 {