feat: Move VaultDelete invariants from ValidVault to VaultDelete

Introduce VaultInvariantData to collect vault and MPTokenIssuance
snapshots during visitInvariantEntry, then implement the six
ttVAULT_CREATE-specific post-conditions in VaultCreate::finalizeInvariants
(empty vault, pseudo-account linkage). ValidVault now passes through
ttVAULT_CREATE in its switch, keeping only the universal vault checks and
the cross-transaction sentinel that guards against other tx types creating
vaults.

.github/scripts/strategy-matrix/linux.json

@@ -1,5 +1,5 @@
 {
-  "image_tag": "sha-8abe82e",
+  "image_tag": "sha-63ffdc3",
   "configs": {
     "ubuntu": [
       {
@@ -67,7 +67,7 @@
         "compiler": ["gcc"],
         "build_type": ["Release"],
         "arch": ["amd64"],
-        "image": "debian:bookworm"
+        "image": "ghcr.io/xrplf/xrpld/packaging-debian:sha-63ffdc3"
       }
     ],
 
@@ -76,7 +76,7 @@
         "compiler": ["gcc"],
         "build_type": ["Release"],
         "arch": ["amd64"],
-        "image": "registry.access.redhat.com/ubi9/ubi:latest"
+        "image": "ghcr.io/xrplf/xrpld/packaging-rhel:sha-63ffdc3"
       }
     ]
   }

.github/workflows/build-nix-images.yml

@@ -6,23 +6,20 @@ on:
       - develop
     paths:
       - ".github/workflows/build-nix-images.yml"
-      - ".github/workflows/reusable-build-docker-image.yml"
-      - ".github/workflows/reusable-build-merge-docker-images.yml"
       - "flake.nix"
       - "flake.lock"
       - "nix/**"
   pull_request:
     paths:
       - ".github/workflows/build-nix-images.yml"
-      - ".github/workflows/reusable-build-docker-image.yml"
-      - ".github/workflows/reusable-build-merge-docker-images.yml"
       - "flake.nix"
       - "flake.lock"
       - "nix/**"
   workflow_dispatch:
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
+  # Read `on-trigger.yml` for the rationale behind this concurrency group name.
+  group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.ref == 'refs/heads/develop' && github.sha || github.ref }}
   cancel-in-progress: true
 
 defaults:
@@ -49,8 +46,9 @@ jobs:
             base_image: debian:bookworm
           - name: rhel
             base_image: registry.access.redhat.com/ubi9/ubi:latest
-    uses: ./.github/workflows/reusable-build-merge-docker-images.yml
+    uses: XRPLF/actions/.github/workflows/build-multiarch-image.yml@c1b480188519e0cad040e6aa70db1cbc5a797e07
     with:
       image_name: ghcr.io/xrplf/xrpld/nix-${{ matrix.distro.name }}
       dockerfile: nix/docker/Dockerfile
       base_image: ${{ matrix.distro.base_image }}
+      push: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}

.github/workflows/build-packaging-images.yml

@@ -6,21 +6,18 @@ on:
       - develop
     paths:
       - ".github/workflows/build-packaging-images.yml"
-      - ".github/workflows/reusable-build-docker-image.yml"
-      - ".github/workflows/reusable-build-merge-docker-images.yml"
       - "package/Dockerfile"
       - "package/install-packaging-tools.sh"
   pull_request:
     paths:
       - ".github/workflows/build-packaging-images.yml"
-      - ".github/workflows/reusable-build-docker-image.yml"
-      - ".github/workflows/reusable-build-merge-docker-images.yml"
       - "package/Dockerfile"
       - "package/install-packaging-tools.sh"
   workflow_dispatch:
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
+  # Read `on-trigger.yml` for the rationale behind this concurrency group name.
+  group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.ref == 'refs/heads/develop' && github.sha || github.ref }}
   cancel-in-progress: true
 
 defaults:
@@ -41,8 +38,9 @@ jobs:
             base_image: debian:bookworm
           - name: rhel
             base_image: registry.access.redhat.com/ubi9/ubi:latest
-    uses: ./.github/workflows/reusable-build-merge-docker-images.yml
+    uses: XRPLF/actions/.github/workflows/build-multiarch-image.yml@c1b480188519e0cad040e6aa70db1cbc5a797e07
     with:
       image_name: ghcr.io/xrplf/xrpld/packaging-${{ matrix.distro.name }}
       dockerfile: package/Dockerfile
       base_image: ${{ matrix.distro.base_image }}
+      push: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}

.github/workflows/pre-commit.yml

@@ -14,7 +14,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@cba1f0891650baf1a9c88624dc2d72573be2eb81
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@312aaab296060ff89d7f798dcab59f019bea6e02
     with:
       runs_on: ubuntu-latest
       container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-41ec7c1" }'

.github/workflows/publish-docs.yml

@@ -41,13 +41,13 @@ env:
 jobs:
   build:
     runs-on: ubuntu-latest
-    container: ghcr.io/xrplf/xrpld/nix-ubuntu:sha-8abe82e
+    container: ghcr.io/xrplf/xrpld/nix-ubuntu:sha-63ffdc3
     steps:
       - name: Checkout repository
         uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
+        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
         with:
           enable_ccache: false
 

.github/workflows/reusable-build-docker-image.yml

@@ -1,89 +0,0 @@
-# Build a single-platform Docker image. On push, the image is pushed to
-# GHCR with arch-suffixed tags (e.g. `:latest-amd64`, `:sha-abc-amd64`)
-# so the calling workflow can stitch per-arch builds into a multi-arch
-# manifest without needing to pass digests around.
-name: Reusable build Docker image (single platform)
-
-on:
-  workflow_call:
-    inputs:
-      image_name:
-        description: "Full image name without tag (e.g. 'ghcr.io/xrplf/xrpld/nix-ubuntu')"
-        required: true
-        type: string
-      dockerfile:
-        description: "Path to the Dockerfile, relative to the repository root"
-        required: true
-        type: string
-      base_image:
-        description: "Value passed to the Dockerfile as the BASE_IMAGE build arg"
-        required: true
-        type: string
-      platform:
-        description: "Docker platform string, e.g. linux/amd64"
-        required: true
-        type: string
-      runner:
-        description: "GitHub Actions runner label to build on"
-        required: true
-        type: string
-      push:
-        description: "Whether to push the image to GHCR"
-        required: true
-        type: boolean
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  build:
-    name: Build ${{ inputs.platform }}
-    runs-on: ${{ inputs.runner }}
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-
-      - name: Determine arch
-        id: vars
-        env:
-          PLATFORM: ${{ inputs.platform }}
-        run: |
-          echo "arch=${PLATFORM##*/}" >>$GITHUB_OUTPUT
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0
-
-      - name: Login to GitHub Container Registry
-        if: inputs.push
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Docker metadata
-        id: meta
-        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
-        with:
-          images: ${{ inputs.image_name }}
-          tags: |
-            type=sha,prefix=sha-,format=short
-            type=raw,value=latest
-          flavor: |
-            suffix=-${{ steps.vars.outputs.arch }},onlatest=true
-
-      - name: Build and push
-        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
-        with:
-          context: .
-          file: ${{ inputs.dockerfile }}
-          platforms: ${{ inputs.platform }}
-          push: ${{ inputs.push }}
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          build-args: BASE_IMAGE=${{ inputs.base_image }}

.github/workflows/reusable-build-merge-docker-images.yml

@@ -1,89 +0,0 @@
-name: Reusable build and merge Docker image (multi-arch)
-
-on:
-  workflow_call:
-    inputs:
-      image_name:
-        description: "Full image name without tag (e.g. 'ghcr.io/xrplf/xrpld/nix-ubuntu')"
-        required: true
-        type: string
-      dockerfile:
-        description: "Path to the Dockerfile, relative to the repository root"
-        required: true
-        type: string
-      base_image:
-        description: "Value passed to the Dockerfile as the BASE_IMAGE build arg"
-        required: true
-        type: string
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  build:
-    name: Build ${{ inputs.image_name }}
-    permissions:
-      contents: read
-      packages: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        target:
-          - platform: linux/amd64
-            runner: ubuntu-latest
-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
-
-    uses: ./.github/workflows/reusable-build-docker-image.yml
-    with:
-      image_name: ${{ inputs.image_name }}
-      dockerfile: ${{ inputs.dockerfile }}
-      base_image: ${{ inputs.base_image }}
-      platform: ${{ matrix.target.platform }}
-      runner: ${{ matrix.target.runner }}
-      push: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}
-
-  merge:
-    name: Merge ${{ inputs.image_name }}
-    needs: build
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0
-
-      - name: Docker metadata
-        id: meta
-        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
-        with:
-          images: ${{ inputs.image_name }}
-          tags: |
-            type=sha,prefix=sha-,format=short
-            type=raw,value=latest
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Create multi-arch manifests
-        if: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}
-        run: |
-          for tag in $(jq -cr '.tags[]' <<<"$DOCKER_METADATA_OUTPUT_JSON"); do
-              docker buildx imagetools create -t "$tag" "${tag}-amd64" "${tag}-arm64"
-          done
-
-      - name: Inspect image
-        if: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}
-        env:
-          IMAGE_NAME: ${{ inputs.image_name }}
-          IMAGE_VERSION: ${{ steps.meta.outputs.version }}
-        run: |
-          docker buildx imagetools inspect "${IMAGE_NAME}:${IMAGE_VERSION}"

.github/workflows/reusable-build-test-config.yml

@@ -113,7 +113,7 @@ jobs:
         uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
+        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
         with:
           enable_ccache: ${{ inputs.ccache_enabled }}
 
@@ -370,7 +370,7 @@ jobs:
 
       - name: Upload coverage report
         if: ${{ github.repository == 'XRPLF/rippled' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
+        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
         with:
           disable_search: true
           disable_telem: true

.github/workflows/reusable-clang-tidy.yml

@@ -29,14 +29,14 @@ jobs:
     if: ${{ inputs.check_only_changed }}
     permissions:
       contents: read
-    uses: XRPLF/actions/.github/workflows/determine-tidy-files.yml@224f3c48d3014d082a1129237b8291ff0b0a331f
+    uses: XRPLF/actions/.github/workflows/determine-tidy-files.yml@312aaab296060ff89d7f798dcab59f019bea6e02
 
   run-clang-tidy:
     name: Run clang tidy
     needs: [determine-files]
     if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.cpp_changed_files != '' || needs.determine-files.outputs.clang_tidy_config_changed == 'true') }}
     runs-on: ["self-hosted", "Linux", "X64", "heavy"]
-    container: "ghcr.io/xrplf/xrpld/nix-debian:sha-8abe82e"
+    container: "ghcr.io/xrplf/xrpld/nix-debian:sha-63ffdc3"
     permissions:
       contents: read
       issues: write
@@ -45,7 +45,7 @@ jobs:
         uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
+        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
         with:
           enable_ccache: false
 

.github/workflows/reusable-package.yml

@@ -68,31 +68,6 @@ jobs:
     timeout-minutes: 30
 
     steps:
-      # Packaging runs in a vanilla distro image, so the tooling has to come
-      # from the distro's archive: debhelper for deb, rpm-build (and the
-      # systemd / find-debuginfo macros it depends on) for rpm. Run this
-      # before actions/checkout so the latter can use git (real history) for
-      # build_pkg.sh's SOURCE_DATE_EPOCH; otherwise it falls back to a tarball
-      # download and the timestamp comes from wall-clock time.
-      - name: Install packaging tooling (deb)
-        if: ${{ matrix.distro == 'debian' }}
-        run: |
-          export DEBIAN_FRONTEND=noninteractive
-          apt-get update
-          apt-get install -y --no-install-recommends \
-              ca-certificates \
-              debhelper \
-              git
-
-      - name: Install packaging tooling (rpm)
-        if: ${{ matrix.distro == 'rhel' }}
-        run: |
-          dnf install -y --setopt=install_weak_deps=False \
-              git \
-              rpm-build \
-              redhat-rpm-config \
-              systemd-rpm-macros
-
       - name: Checkout repository
         uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
 

.github/workflows/reusable-upload-recipe.yml

@@ -40,7 +40,7 @@ defaults:
 jobs:
   upload:
     runs-on: ubuntu-latest
-    container: ghcr.io/xrplf/xrpld/nix-ubuntu:sha-8abe82e
+    container: ghcr.io/xrplf/xrpld/nix-ubuntu:sha-63ffdc3
     steps:
       - name: Checkout repository
         uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3

.github/workflows/upload-conan-deps.yml

@@ -67,7 +67,7 @@ jobs:
         uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
+        uses: XRPLF/actions/prepare-runner@c47daebb2f9db64ffbac71b47d68a661498d5ce8
         with:
           enable_ccache: false
 

include/xrpl/basics/Slice.h

@@ -11,7 +11,6 @@
 #include <limits>
 #include <stdexcept>
 #include <string>
-#include <string_view>
 #include <type_traits>
 #include <vector>
 
@@ -232,11 +231,4 @@ makeSlice(std::basic_string<char, Traits, Alloc> const& s)
     return Slice(s.data(), s.size());
 }
 
-template <class Traits>
-Slice
-makeSlice(std::basic_string_view<char, Traits> s)
-{
-    return Slice(s.data(), s.size());
-}
-
 }  // namespace xrpl

include/xrpl/proto/xrpl.proto

@@ -246,15 +246,7 @@ message TMGetObjectByHash {
 
 message TMLedgerNode {
   required bytes nodedata = 1;
-
-  // Used when protocol version <2.3. Not set for ledger base data.
-  optional bytes nodeid = 2;
-
-  // Used when protocol version >=2.3. Neither value is set for ledger base data.
-  oneof reference {
-    bytes id = 3;      // Set for inner nodes.
-    uint32 depth = 4;  // Set for leaf nodes.
-  }
+  optional bytes nodeid = 2;  // missing for ledger base data
 }
 
 enum TMLedgerInfoType {

include/xrpl/shamap/SHAMap.h

@@ -16,7 +16,6 @@
 
 #include <set>
 #include <stack>
-#include <tuple>
 #include <vector>
 
 namespace xrpl {
@@ -74,17 +73,6 @@ enum class SHAMapState {
 
     See https://en.wikipedia.org/wiki/Merkle_tree
  */
-
-/** Holds a SHAMap node's identity, serialized data, and leaf status.
-    Used by getNodeFat to return node data for peer synchronization.
-*/
-struct SHAMapNodeData
-{
-    SHAMapNodeID nodeID;
-    bool isLeaf;
-    Blob data;  // Placed last, so `isLeaf` can fit into the alignment padding of `nodeID`.
-};
-
 class SHAMap
 {
 private:
@@ -262,10 +250,10 @@ public:
     std::vector<std::pair<SHAMapNodeID, uint256>>
     getMissingNodes(int maxNodes, SHAMapSyncFilter* filter);
 
-    [[nodiscard]] bool
+    bool
     getNodeFat(
         SHAMapNodeID const& wanted,
-        std::vector<SHAMapNodeData>& data,
+        std::vector<std::pair<SHAMapNodeID, Blob>>& data,
         bool fatLeaves,
         std::uint32_t depth) const;
 
@@ -292,43 +280,10 @@ public:
     void
     serializeRoot(Serializer& s) const;
 
-    /** Add a root node to the SHAMap during synchronization.
-     *
-     * This function is used when receiving the root node of a SHAMap from a peer during ledger
-     * synchronization. The node must already have been deserialized.
-     *
-     * @param hash The expected hash of the root node.
-     * @param rootNode A deserialized root node to add.
-     * @param filter Optional sync filter to track received nodes.
-     * @return Status indicating whether the node was useful, duplicate, or invalid.
-     *
-     * @note This function expects the rootNode to be a valid, deserialized SHAMapTreeNode. The
-     *       caller is responsible for deserialization and basic validation before calling this
-     *       function.
-     */
     SHAMapAddNode
-    addRootNode(SHAMapHash const& hash, SHAMapTreeNodePtr rootNode, SHAMapSyncFilter const* filter);
-
-    /** Add a known node at a specific position in the SHAMap during synchronization.
-     *
-     * This function is used when receiving nodes from peers during ledger synchronization. The node
-     * is inserted at the position specified by nodeID. The node must already have been
-     * deserialized.
-     *
-     * @param nodeID The position in the tree where this node belongs.
-     * @param treeNode A deserialized tree node to add.
-     * @param filter Optional sync filter to track received nodes.
-     * @return Status indicating whether the node was useful, duplicate, or invalid.
-     *
-     * @note This function expects the treeNode to be a valid, deserialized SHAMapTreeNode. The
-     *       caller is responsible for deserialization and basic validation before calling this
-     *       function. This also means that the nodeID must be consistent with the node's content.
-     */
+    addRootNode(SHAMapHash const& hash, Slice const& rootNode, SHAMapSyncFilter* filter);
     SHAMapAddNode
-    addKnownNode(
-        SHAMapNodeID const& nodeID,
-        SHAMapTreeNodePtr treeNode,
-        SHAMapSyncFilter const* filter);
+    addKnownNode(SHAMapNodeID const& nodeID, Slice const& rawNode, SHAMapSyncFilter* filter);
 
     // status functions
     void
@@ -388,11 +343,11 @@ private:
     SHAMapTreeNodePtr
     fetchNodeNT(SHAMapHash const& hash) const;
     SHAMapTreeNodePtr
-    fetchNodeNT(SHAMapHash const& hash, SHAMapSyncFilter const* filter) const;
+    fetchNodeNT(SHAMapHash const& hash, SHAMapSyncFilter* filter) const;
     SHAMapTreeNodePtr
     fetchNode(SHAMapHash const& hash) const;
     SHAMapTreeNodePtr
-    checkFilter(SHAMapHash const& hash, SHAMapSyncFilter const* filter) const;
+    checkFilter(SHAMapHash const& hash, SHAMapSyncFilter* filter) const;
 
     /** Update hashes up to the root */
     void
@@ -456,7 +411,7 @@ private:
     descendAsync(
         SHAMapInnerNode* parent,
         int branch,
-        SHAMapSyncFilter const* filter,
+        SHAMapSyncFilter* filter,
         bool& pending,
         descendCallback&&) const;
 
@@ -465,7 +420,7 @@ private:
         SHAMapInnerNode* parent,
         SHAMapNodeID const& parentID,
         int branch,
-        SHAMapSyncFilter const* filter) const;
+        SHAMapSyncFilter* filter) const;
 
     // Non-storing
     // Does not hook the returned node to its parent

include/xrpl/tx/invariants/VaultInvariantData.h

@@ -0,0 +1,81 @@
+#pragma once
+
+#include <xrpl/basics/Number.h>
+#include <xrpl/basics/base_uint.h>
+#include <xrpl/protocol/AccountID.h>
+#include <xrpl/protocol/Asset.h>
+#include <xrpl/protocol/MPTIssue.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+
+#include <optional>
+#include <vector>
+
+namespace xrpl {
+
+/**
+ * @brief Collects vault and share-issuance snapshots from ledger entry visits.
+ *
+ * Used by per-transaction invariant checks (e.g. VaultCreate) that need
+ * vault and MPTokenIssuance state without the full balance-delta tracking
+ * that ValidVault maintains.
+ */
+class VaultInvariantData
+{
+public:
+    struct Vault
+    {
+        uint256 key = beast::kZero;
+        Asset asset;
+        AccountID pseudoId;
+        AccountID owner;
+        uint192 shareMPTID = beast::kZero;
+        Number assetsTotal = 0;
+        Number assetsAvailable = 0;
+        Number assetsMaximum = 0;
+        Number lossUnrealized = 0;
+
+        static Vault
+        make(SLE const&);
+    };
+
+    struct Shares
+    {
+        MPTIssue share;
+        std::uint64_t sharesTotal = 0;
+        std::uint64_t sharesMaximum = 0;
+
+        static Shares
+        make(SLE const&);
+    };
+
+    void
+    visitEntry(bool isDelete, SLE::const_ref before, SLE::const_ref after);
+
+    [[nodiscard]] std::vector<Vault> const&
+    afterVaults() const
+    {
+        return afterVault_;
+    }
+
+    [[nodiscard]] std::vector<Vault> const&
+    beforeVaults() const
+    {
+        return beforeVault_;
+    }
+
+    /** Find shares in afterMPTs_ whose mptID matches. */
+    [[nodiscard]] std::optional<Shares>
+    findShares(uint192 const& mptID) const;
+
+    /** Find deleted shares in beforeMPTs_ whose mptID matches. */
+    [[nodiscard]] std::optional<Shares>
+    findDeletedShares(uint192 const& mptID) const;
+
+private:
+    std::vector<Vault> afterVault_;
+    std::vector<Vault> beforeVault_;
+    std::vector<Shares> afterMPTs_;
+    std::vector<Shares> beforeMPTs_;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/vault/VaultCreate.h

@@ -1,6 +1,7 @@
 #pragma once
 
 #include <xrpl/tx/Transactor.h>
+#include <xrpl/tx/invariants/VaultInvariantData.h>
 
 namespace xrpl {
 
@@ -38,6 +39,9 @@ public:
         XRPAmount fee,
         ReadView const& view,
         beast::Journal const& j) override;
+
+private:
+    VaultInvariantData data_;
 };
 
 }  // namespace xrpl

include/xrpl/tx/transactors/vault/VaultDelete.h

@@ -1,6 +1,7 @@
 #pragma once
 
 #include <xrpl/tx/Transactor.h>
+#include <xrpl/tx/invariants/VaultInvariantData.h>
 
 namespace xrpl {
 
@@ -32,6 +33,9 @@ public:
         XRPAmount fee,
         ReadView const& view,
         beast::Journal const& j) override;
+
+private:
+    VaultInvariantData data_;
 };
 
 }  // namespace xrpl

nix/docker/check-tools.sh

@@ -15,6 +15,7 @@ gcc --version
 gcov --version
 gcovr --version
 git --version
+git-cliff --version
 gpg --version
 less --version
 make --version

nix/packages.nix

@@ -15,6 +15,7 @@ in
     doxygen
     gcovr
     git
+    git-cliff
     gnumake
     gnupg # needed for signing commits & codecov/codecov-action
     llvmPackages_22.clang-tools

src/libxrpl/shamap/SHAMap.cpp

@@ -206,7 +206,7 @@ SHAMap::finishFetch(SHAMapHash const& hash, std::shared_ptr<NodeObject> const& o
 
 // See if a sync filter has a node
 SHAMapTreeNodePtr
-SHAMap::checkFilter(SHAMapHash const& hash, SHAMapSyncFilter const* filter) const
+SHAMap::checkFilter(SHAMapHash const& hash, SHAMapSyncFilter* filter) const
 {
     if (auto nodeData = filter->getNode(hash))
     {
@@ -232,7 +232,7 @@ SHAMap::checkFilter(SHAMapHash const& hash, SHAMapSyncFilter const* filter) cons
 // Get a node without throwing
 // Used on maps where missing nodes are expected
 SHAMapTreeNodePtr
-SHAMap::fetchNodeNT(SHAMapHash const& hash, SHAMapSyncFilter const* filter) const
+SHAMap::fetchNodeNT(SHAMapHash const& hash, SHAMapSyncFilter* filter) const
 {
     auto node = cacheLookup(hash);
     if (node)
@@ -345,7 +345,7 @@ SHAMap::descend(
     SHAMapInnerNode* parent,
     SHAMapNodeID const& parentID,
     int branch,
-    SHAMapSyncFilter const* filter) const
+    SHAMapSyncFilter* filter) const
 {
     XRPL_ASSERT(parent->isInner(), "xrpl::SHAMap::descend : valid parent input");
     XRPL_ASSERT(
@@ -374,7 +374,7 @@ SHAMapTreeNode*
 SHAMap::descendAsync(
     SHAMapInnerNode* parent,
     int branch,
-    SHAMapSyncFilter const* filter,
+    SHAMapSyncFilter* filter,
     bool& pending,
     descendCallback&& callback) const
 {

src/libxrpl/shamap/SHAMapNodeID.cpp

@@ -129,8 +129,7 @@ selectBranch(SHAMapNodeID const& id, uint256 const& hash)
 SHAMapNodeID
 SHAMapNodeID::createID(int depth, uint256 const& key)
 {
-    XRPL_ASSERT(
-        depth >= 0 && depth <= SHAMap::kLeafDepth, "xrpl::SHAMapNodeID::createID : valid depth");
+    XRPL_ASSERT((depth >= 0) && (depth < 65), "xrpl::SHAMapNodeID::createID : valid branch input");
     return SHAMapNodeID(depth, key & depthMask(depth));
 }
 

src/libxrpl/shamap/SHAMapSync.cpp

@@ -413,7 +413,7 @@ SHAMap::getMissingNodes(int max, SHAMapSyncFilter* filter)
 bool
 SHAMap::getNodeFat(
     SHAMapNodeID const& wanted,
-    std::vector<SHAMapNodeData>& data,
+    std::vector<std::pair<SHAMapNodeID, Blob>>& data,
     bool fatLeaves,
     std::uint32_t depth) const
 {
@@ -449,16 +449,17 @@ SHAMap::getNodeFat(
     std::stack<std::tuple<SHAMapTreeNode*, SHAMapNodeID, int>> stack;
     stack.emplace(node, nodeID, depth);
 
+    Serializer s(8192);
+
     while (!stack.empty())
     {
         std::tie(node, nodeID, depth) = stack.top();
         stack.pop();
 
-        // Use a fresh Serializer per node and move its buffer into `data` rather than copying it
-        // via Serializer::getData(): the move is O(1) whereas the copy was O(node size).
-        Serializer s(256);
+        // Add this node to the reply
+        s.erase();
         node->serializeForWire(s);
-        data.emplace_back(nodeID, node->isLeaf(), std::move(s.modData()));
+        data.emplace_back(nodeID, s.getData());
 
         if (node->isInner())
         {
@@ -486,10 +487,9 @@ SHAMap::getNodeFat(
                         else if (childNode->isInner() || fatLeaves)
                         {
                             // Just include this node
-                            Serializer cs(256);
-                            childNode->serializeForWire(cs);
-                            data.emplace_back(
-                                childID, childNode->isLeaf(), std::move(cs.modData()));
+                            s.erase();
+                            childNode->serializeForWire(s);
+                            data.emplace_back(childID, s.getData());
                         }
                     }
                 }
@@ -507,32 +507,25 @@ SHAMap::serializeRoot(Serializer& s) const
 }
 
 SHAMapAddNode
-SHAMap::addRootNode(
-    SHAMapHash const& hash,
-    SHAMapTreeNodePtr rootNode,
-    SHAMapSyncFilter const* filter)
+SHAMap::addRootNode(SHAMapHash const& hash, Slice const& rootNode, SHAMapSyncFilter* filter)
 {
-    XRPL_ASSERT(cowid_ >= 1, "xrpl::SHAMap::addRootNode : valid cowid");
-    XRPL_ASSERT(rootNode, "xrpl::SHAMap::addRootNode : non-null root node");
-
     // we already have a root_ node
     if (root_->getHash().isNonZero())
     {
-        JLOG(journal_.trace()) << "Got root node, already have one";
-        XRPL_ASSERT(root_->getHash() == hash, "xrpl::SHAMap::addRootNode : valid hash");
+        JLOG(journal_.trace()) << "got root node, already have one";
+        XRPL_ASSERT(root_->getHash() == hash, "xrpl::SHAMap::addRootNode : valid hash input");
         return SHAMapAddNode::duplicate();
     }
 
-    if (rootNode->getHash() != hash)
-    {
-        JLOG(journal_.warn()) << "Corrupt node received";
+    XRPL_ASSERT(cowid_ >= 1, "xrpl::SHAMap::addRootNode : valid cowid");
+    auto node = SHAMapTreeNode::makeFromWire(rootNode);
+    if (!node || node->getHash() != hash)
         return SHAMapAddNode::invalid();
-    }
 
     if (backed_)
-        canonicalize(hash, rootNode);
+        canonicalize(hash, node);
 
-    root_ = std::move(rootNode);
+    root_ = node;
 
     if (root_->isLeaf())
         clearSynching();
@@ -549,20 +542,9 @@ SHAMap::addRootNode(
 }
 
 SHAMapAddNode
-SHAMap::addKnownNode(
-    SHAMapNodeID const& nodeID,
-    SHAMapTreeNodePtr treeNode,
-    SHAMapSyncFilter const* filter)
+SHAMap::addKnownNode(SHAMapNodeID const& node, Slice const& rawNode, SHAMapSyncFilter* filter)
 {
-    XRPL_ASSERT(!nodeID.isRoot(), "xrpl::SHAMap::addKnownNode : valid node");
-    XRPL_ASSERT(treeNode, "xrpl::SHAMap::addKnownNode : non-null tree node");
-    XRPL_ASSERT(
-        !treeNode->isLeaf() ||
-            SHAMapNodeID::createID(
-                nodeID.getDepth(),
-                safeDowncast<SHAMapLeafNode const*>(treeNode.get())->peekItem()->key())
-                    .getNodeID() == nodeID.getNodeID(),
-        "xrpl::SHAMap::addKnownNode : leaf position consistent with node ID");
+    XRPL_ASSERT(!node.isRoot(), "xrpl::SHAMap::addKnownNode : valid node input");
 
     if (!isSynching())
     {
@@ -576,14 +558,14 @@ SHAMap::addKnownNode(
 
     while (currNode->isInner() &&
            !safeDowncast<SHAMapInnerNode*>(currNode)->isFullBelow(generation) &&
-           (currNodeID.getDepth() < nodeID.getDepth()))
+           (currNodeID.getDepth() < node.getDepth()))
     {
-        int const branch = selectBranch(currNodeID, nodeID.getNodeID());
+        int const branch = selectBranch(currNodeID, node.getNodeID());
         XRPL_ASSERT(branch >= 0, "xrpl::SHAMap::addKnownNode : valid branch");
         auto inner = safeDowncast<SHAMapInnerNode*>(currNode);
         if (inner->isEmptyBranch(branch))
         {
-            JLOG(journal_.warn()) << "Add known node for empty branch" << nodeID;
+            JLOG(journal_.warn()) << "Add known node for empty branch" << node;
             return SHAMapAddNode::invalid();
         }
 
@@ -599,44 +581,67 @@ SHAMap::addKnownNode(
         if (currNode != nullptr)
             continue;
 
-        if (childHash != treeNode->getHash())
+        auto newNode = SHAMapTreeNode::makeFromWire(rawNode);
+
+        if (!newNode || childHash != newNode->getHash())
         {
             JLOG(journal_.warn()) << "Corrupt node received";
             return SHAMapAddNode::invalid();
         }
 
+        // In rare cases, a node can still be corrupt even after hash
+        // validation. For leaf nodes, we perform an additional check to
+        // ensure the node's position in the tree is consistent with its
+        // content to prevent inconsistencies that could
+        // propagate further down the line.
+        if (newNode->isLeaf())
+        {
+            auto const& actualKey =
+                safeDowncast<SHAMapLeafNode const*>(newNode.get())->peekItem()->key();
+
+            // Validate that this leaf belongs at the target position
+            auto const expectedNodeID = SHAMapNodeID::createID(node.getDepth(), actualKey);
+            if (expectedNodeID.getNodeID() != node.getNodeID())
+            {
+                JLOG(journal_.debug())
+                    << "Leaf node position mismatch: "
+                    << "expected=" << expectedNodeID.getNodeID() << ", actual=" << node.getNodeID();
+                return SHAMapAddNode::invalid();
+            }
+        }
+
         // Inner nodes must be at a level strictly less than 64
         // but leaf nodes (while notionally at level 64) can be
         // at any depth up to and including 64:
         if ((currNodeID.getDepth() > kLeafDepth) ||
-            (treeNode->isInner() && currNodeID.getDepth() == kLeafDepth))
+            (newNode->isInner() && currNodeID.getDepth() == kLeafDepth))
         {
             // Map is provably invalid
             state_ = SHAMapState::Invalid;
             return SHAMapAddNode::useful();
         }
 
-        if (currNodeID != nodeID)
+        if (currNodeID != node)
         {
             // Either this node is broken or we didn't request it (yet)
-            JLOG(journal_.warn()) << "unable to hook node " << nodeID;
+            JLOG(journal_.warn()) << "unable to hook node " << node;
             JLOG(journal_.info()) << " stuck at " << currNodeID;
-            JLOG(journal_.info()) << "got depth=" << nodeID.getDepth()
+            JLOG(journal_.info()) << "got depth=" << node.getDepth()
                                   << ", walked to= " << currNodeID.getDepth();
             return SHAMapAddNode::useful();
         }
 
         if (backed_)
-            canonicalize(childHash, treeNode);
+            canonicalize(childHash, newNode);
 
-        treeNode = prevNode->canonicalizeChild(branch, std::move(treeNode));
+        newNode = prevNode->canonicalizeChild(branch, std::move(newNode));
 
         if (filter != nullptr)
         {
             Serializer s;
-            treeNode->serializeWithPrefix(s);
+            newNode->serializeWithPrefix(s);
             filter->gotNode(
-                false, childHash, ledgerSeq_, std::move(s.modData()), treeNode->getType());
+                false, childHash, ledgerSeq_, std::move(s.modData()), newNode->getType());
         }
 
         return SHAMapAddNode::useful();

src/libxrpl/tx/invariants/VaultInvariant.cpp

@@ -5,7 +5,6 @@
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/beast/utility/instrumentation.h>
 #include <xrpl/ledger/ReadView.h>
-#include <xrpl/ledger/helpers/AccountRootHelpers.h>
 #include <xrpl/protocol/Feature.h>
 #include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/Issue.h>
@@ -339,51 +338,8 @@ ValidVault::finalize(
             return !enforce;  // That's all we can do here
         }
 
-        // Note, if afterVault_ is empty then we know that beforeVault_ is not
-        // empty, as enforced at the top of this function
-        auto const& beforeVault = beforeVault_[0];
-
-        // At this moment we only know a vault is being deleted and there
-        // might be some MPTokenIssuance objects which are deleted in the
-        // same transaction. Find the one matching this vault.
-        auto const deletedShares = [&]() -> std::optional<Shares> {
-            for (auto const& e : beforeMPTs_)
-            {
-                if (e.share.getMptID() == beforeVault.shareMPTID)
-                    return e;
-            }
-            return std::nullopt;
-        }();
-
-        if (!deletedShares)
-        {
-            JLOG(j.fatal()) << "Invariant failed: deleted vault must also "
-                               "delete shares";
-            XRPL_ASSERT(enforce, "xrpl::ValidVault::finalize : shares deletion invariant");
-            return !enforce;  // That's all we can do here
-        }
-
-        bool result = true;
-        if (deletedShares->sharesTotal != 0)
-        {
-            JLOG(j.fatal()) << "Invariant failed: deleted vault must have no "
-                               "shares outstanding";
-            result = false;
-        }
-        if (beforeVault.assetsTotal != kZero)
-        {
-            JLOG(j.fatal()) << "Invariant failed: deleted vault must have no "
-                               "assets outstanding";
-            result = false;
-        }
-        if (beforeVault.assetsAvailable != kZero)
-        {
-            JLOG(j.fatal()) << "Invariant failed: deleted vault must have no "
-                               "assets available";
-            result = false;
-        }
-
-        return result;
+        // Delete-specific checks now live in VaultDelete::finalizeInvariants.
+        return true;
     }
     if (txnType == ttVAULT_DELETE)
     {
@@ -544,61 +500,13 @@ ValidVault::finalize(
     result &= [&]() {
         switch (txnType)
         {
-            case ttVAULT_CREATE: {
-                bool result = true;
-
-                if (!beforeVault_.empty())
-                {
-                    JLOG(j.fatal())  //
-                        << "Invariant failed: create operation must not have "
-                           "updated a vault";
-                    result = false;
-                }
-
-                if (afterVault.assetsAvailable != kZero || afterVault.assetsTotal != kZero ||
-                    afterVault.lossUnrealized != kZero || updatedShares->sharesTotal != 0)
-                {
-                    JLOG(j.fatal())  //
-                        << "Invariant failed: created vault must be empty";
-                    result = false;
-                }
-
-                if (afterVault.pseudoId != updatedShares->share.getIssuer())
-                {
-                    JLOG(j.fatal())  //
-                        << "Invariant failed: shares issuer and vault "
-                           "pseudo-account must be the same";
-                    result = false;
-                }
-
-                auto const sleSharesIssuer =
-                    view.read(keylet::account(updatedShares->share.getIssuer()));
-                if (!sleSharesIssuer)
-                {
-                    JLOG(j.fatal())  //
-                        << "Invariant failed: shares issuer must exist";
-                    return false;
-                }
-
-                if (!isPseudoAccount(sleSharesIssuer))
-                {
-                    JLOG(j.fatal())  //
-                        << "Invariant failed: shares issuer must be a "
-                           "pseudo-account";
-                    result = false;
-                }
-
-                if (auto const vaultId = (*sleSharesIssuer)[~sfVaultID];
-                    !vaultId || *vaultId != afterVault.key)
-                {
-                    JLOG(j.fatal())  //
-                        << "Invariant failed: shares issuer pseudo-account "
-                           "must point back to the vault";
-                    result = false;
-                }
-
-                return result;
-            }
+            case ttVAULT_CREATE:
+            case ttLOAN_SET:
+            case ttLOAN_MANAGE:
+            case ttLOAN_PAY:
+                // Create-specific checks live in VaultCreate::finalizeInvariants.
+                // Loan checks are TBD.
+                return true;
             case ttVAULT_SET: {
                 bool result = true;
 
@@ -1042,13 +950,6 @@ ValidVault::finalize(
                 return result;
             }
 
-            case ttLOAN_SET:
-            case ttLOAN_MANAGE:
-            case ttLOAN_PAY: {
-                // TBD
-                return true;
-            }
-
             default:
                 // LCOV_EXCL_START
                 UNREACHABLE("xrpl::ValidVault::finalize : unknown transaction type");

src/libxrpl/tx/invariants/VaultInvariantData.cpp

@@ -0,0 +1,97 @@
+#include <xrpl/tx/invariants/VaultInvariantData.h>
+
+#include <xrpl/beast/utility/instrumentation.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/LedgerFormats.h>
+#include <xrpl/protocol/Protocol.h>
+#include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STNumber.h>  // IWYU pragma: keep
+
+#include <optional>
+
+namespace xrpl {
+
+VaultInvariantData::Vault
+VaultInvariantData::Vault::make(SLE const& from)
+{
+    XRPL_ASSERT(from.getType() == ltVAULT, "VaultInvariantData::Vault::make : from Vault object");
+
+    Vault self;
+    self.key = from.key();
+    self.asset = from.at(sfAsset);
+    self.pseudoId = from.getAccountID(sfAccount);
+    self.owner = from.at(sfOwner);
+    self.shareMPTID = from.getFieldH192(sfShareMPTID);
+    self.assetsTotal = from.at(sfAssetsTotal);
+    self.assetsAvailable = from.at(sfAssetsAvailable);
+    self.assetsMaximum = from.at(sfAssetsMaximum);
+    self.lossUnrealized = from.at(sfLossUnrealized);
+    return self;
+}
+
+VaultInvariantData::Shares
+VaultInvariantData::Shares::make(SLE const& from)
+{
+    XRPL_ASSERT(
+        from.getType() == ltMPTOKEN_ISSUANCE,
+        "VaultInvariantData::Shares::make : from MPTokenIssuance object");
+
+    Shares self;
+    self.share = MPTIssue(makeMptID(from.getFieldU32(sfSequence), from.getAccountID(sfIssuer)));
+    self.sharesTotal = from.getFieldU64(sfOutstandingAmount);
+    self.sharesMaximum = from[~sfMaximumAmount].value_or(kMaxMpTokenAmount);
+    return self;
+}
+
+void
+VaultInvariantData::visitEntry(bool isDelete, SLE::const_ref before, SLE::const_ref after)
+{
+    XRPL_ASSERT(
+        after != nullptr && (before != nullptr || !isDelete),
+        "xrpl::VaultInvariantData::visitEntry : some object is available");
+
+    if (before && before->getType() == ltVAULT)
+        beforeVault_.push_back(Vault::make(*before));
+
+    if (before && before->getType() == ltMPTOKEN_ISSUANCE)
+        beforeMPTs_.push_back(Shares::make(*before));
+
+    if (!isDelete && after)
+    {
+        switch (after->getType())
+        {
+            case ltVAULT:
+                afterVault_.push_back(Vault::make(*after));
+                break;
+            case ltMPTOKEN_ISSUANCE:
+                afterMPTs_.push_back(Shares::make(*after));
+                break;
+            default:;
+        }
+    }
+}
+
+std::optional<VaultInvariantData::Shares>
+VaultInvariantData::findShares(uint192 const& mptID) const
+{
+    for (auto const& s : afterMPTs_)
+    {
+        if (s.share.getMptID() == mptID)
+            return s;
+    }
+    return std::nullopt;
+}
+
+std::optional<VaultInvariantData::Shares>
+VaultInvariantData::findDeletedShares(uint192 const& mptID) const
+{
+    for (auto const& s : beforeMPTs_)
+    {
+        if (s.share.getMptID() == mptID)
+            return s;
+    }
+    return std::nullopt;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/vault/VaultCreate.cpp

@@ -1,8 +1,10 @@
 #include <xrpl/tx/transactors/vault/VaultCreate.h>
 
+#include <xrpl/basics/Log.h>
 #include <xrpl/basics/Number.h>
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/beast/utility/Zero.h>
+#include <xrpl/beast/utility/instrumentation.h>
 #include <xrpl/core/ServiceRegistry.h>
 #include <xrpl/ledger/View.h>
 #include <xrpl/ledger/helpers/AccountRootHelpers.h>
@@ -263,15 +265,107 @@ VaultCreate::doApply()
 }
 
 void
-VaultCreate::visitInvariantEntry(bool, SLE::const_ref, SLE::const_ref)
+VaultCreate::visitInvariantEntry(bool isDelete, SLE::const_ref before, SLE::const_ref after)
 {
-    // No transaction-specific invariants yet (future work).
+    data_.visitEntry(isDelete, before, after);
 }
 
 bool
-VaultCreate::finalizeInvariants(STTx const&, TER, XRPAmount, ReadView const&, beast::Journal const&)
+VaultCreate::finalizeInvariants(
+    STTx const&,
+    TER result,
+    XRPAmount,
+    ReadView const& view,
+    beast::Journal const& j)
 {
-    // No transaction-specific invariants yet (future work).
+    bool const enforce = view.rules().enabled(featureSingleAssetVault);
+
+    if (!isTesSuccess(result))
+        return true;
+
+    auto const& afterVaults = data_.afterVaults();
+    if (afterVaults.empty())
+        return true;
+
+    auto const& afterVault = afterVaults[0];
+    bool checkResult = true;
+
+    if (!data_.beforeVaults().empty())
+    {
+        JLOG(j.fatal()) << "Invariant failed: create operation must not have updated a vault";
+        checkResult = false;
+    }
+
+    // The MPTokenIssuance may not be in the modified set (e.g. only the vault
+    // was touched in the test), so fall back to a view read if needed.
+    auto const updatedShares = [&]() -> std::optional<VaultInvariantData::Shares> {
+        if (auto found = data_.findShares(afterVault.shareMPTID))
+            return found;
+        auto const sleShares = view.read(keylet::mptIssuance(afterVault.shareMPTID));
+        return sleShares ? std::optional<VaultInvariantData::Shares>(
+                               VaultInvariantData::Shares::make(*sleShares))
+                         : std::nullopt;
+    }();
+
+    static constexpr Number kZero{};
+
+    if (afterVault.assetsAvailable != kZero || afterVault.assetsTotal != kZero ||
+        afterVault.lossUnrealized != kZero || (updatedShares && updatedShares->sharesTotal != 0))
+    {
+        JLOG(j.fatal()) << "Invariant failed: created vault must be empty";
+        checkResult = false;
+    }
+
+    if (!updatedShares)
+    {
+        JLOG(j.fatal()) << "Invariant failed: updated vault must have shares";
+        XRPL_ASSERT(enforce, "xrpl::VaultCreate::finalizeInvariants : vault has shares invariant");
+        if (!checkResult)
+        {
+            XRPL_ASSERT(enforce, "xrpl::VaultCreate::finalizeInvariants : vault create invariants");
+        }
+        return !enforce;
+    }
+
+    if (afterVault.pseudoId != updatedShares->share.getIssuer())
+    {
+        JLOG(j.fatal())
+            << "Invariant failed: shares issuer and vault pseudo-account must be the same";
+        checkResult = false;
+    }
+
+    auto const sleSharesIssuer = view.read(keylet::account(updatedShares->share.getIssuer()));
+    if (!sleSharesIssuer)
+    {
+        JLOG(j.fatal()) << "Invariant failed: shares issuer must exist";
+        XRPL_ASSERT(
+            enforce, "xrpl::VaultCreate::finalizeInvariants : shares issuer exists invariant");
+        if (!checkResult)
+        {
+            XRPL_ASSERT(enforce, "xrpl::VaultCreate::finalizeInvariants : vault create invariants");
+        }
+        return !enforce;
+    }
+
+    if (!isPseudoAccount(sleSharesIssuer))
+    {
+        JLOG(j.fatal()) << "Invariant failed: shares issuer must be a pseudo-account";
+        checkResult = false;
+    }
+
+    if (auto const vaultId = (*sleSharesIssuer)[~sfVaultID]; !vaultId || *vaultId != afterVault.key)
+    {
+        JLOG(j.fatal())
+            << "Invariant failed: shares issuer pseudo-account must point back to the vault";
+        checkResult = false;
+    }
+
+    if (!checkResult)
+    {
+        XRPL_ASSERT(enforce, "xrpl::VaultCreate::finalizeInvariants : vault create invariants");
+        return !enforce;
+    }
+
     return true;
 }
 

src/libxrpl/tx/transactors/vault/VaultDelete.cpp

@@ -1,12 +1,16 @@
 #include <xrpl/tx/transactors/vault/VaultDelete.h>
 
 #include <xrpl/basics/Log.h>
+#include <xrpl/basics/Number.h>
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/beast/utility/Zero.h>
+#include <xrpl/beast/utility/instrumentation.h>
+#include <xrpl/ledger/ReadView.h>
 #include <xrpl/ledger/helpers/AccountRootHelpers.h>
 #include <xrpl/ledger/helpers/MPTokenHelpers.h>
 #include <xrpl/ledger/helpers/TokenHelpers.h>
 #include <xrpl/protocol/AccountID.h>
+#include <xrpl/protocol/Feature.h>
 #include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/MPTIssue.h>
 #include <xrpl/protocol/SField.h>
@@ -211,15 +215,76 @@ VaultDelete::doApply()
 }
 
 void
-VaultDelete::visitInvariantEntry(bool, SLE::const_ref, SLE::const_ref)
+VaultDelete::visitInvariantEntry(bool isDelete, SLE::const_ref before, SLE::const_ref after)
 {
-    // No transaction-specific invariants yet (future work).
+    data_.visitEntry(isDelete, before, after);
 }
 
 bool
-VaultDelete::finalizeInvariants(STTx const&, TER, XRPAmount, ReadView const&, beast::Journal const&)
+VaultDelete::finalizeInvariants(
+    STTx const&,
+    TER result,
+    XRPAmount,
+    ReadView const& view,
+    beast::Journal const& j)
 {
-    // No transaction-specific invariants yet (future work).
+    bool const enforce = view.rules().enabled(featureSingleAssetVault);
+
+    if (!isTesSuccess(result))
+        return true;
+
+    static constexpr Number kZero{};
+
+    // VaultDelete must have deleted the vault; if it still exists, something
+    // went wrong.
+    if (!data_.afterVaults().empty())
+    {
+        JLOG(j.fatal()) << "Invariant failed: vault not deleted by VaultDelete";
+        XRPL_ASSERT(enforce, "xrpl::VaultDelete::finalizeInvariants : vault not deleted invariant");
+        return !enforce;
+    }
+
+    // Nothing to check if the vault was never in the before-set (e.g. a
+    // test that omits the vault entry entirely).
+    if (data_.beforeVaults().empty())
+        return true;
+
+    auto const& beforeVault = data_.beforeVaults()[0];
+
+    auto const deletedShares = data_.findDeletedShares(beforeVault.shareMPTID);
+    if (!deletedShares)
+    {
+        JLOG(j.fatal()) << "Invariant failed: deleted vault must also delete shares";
+        XRPL_ASSERT(enforce, "xrpl::VaultDelete::finalizeInvariants : shares deletion invariant");
+        return !enforce;
+    }
+
+    bool result2 = true;
+
+    if (deletedShares->sharesTotal != 0)
+    {
+        JLOG(j.fatal()) << "Invariant failed: deleted vault must have no shares outstanding";
+        result2 = false;
+    }
+
+    if (beforeVault.assetsTotal != kZero)
+    {
+        JLOG(j.fatal()) << "Invariant failed: deleted vault must have no assets outstanding";
+        result2 = false;
+    }
+
+    if (beforeVault.assetsAvailable != kZero)
+    {
+        JLOG(j.fatal()) << "Invariant failed: deleted vault must have no assets available";
+        result2 = false;
+    }
+
+    if (!result2)
+    {
+        XRPL_ASSERT(enforce, "xrpl::VaultDelete::finalizeInvariants : vault delete invariants");
+        return !enforce;
+    }
+
     return true;
 }
 

src/test/app/LedgerNodeHelpers_test.cpp

@@ -1,261 +0,0 @@
-#include <xrpld/app/ledger/LedgerNodeHelpers.h>
-
-#include <xrpl/basics/IntrusivePointer.h>
-#include <xrpl/basics/base_uint.h>
-#include <xrpl/beast/unit_test/suite.h>
-#include <xrpl/protocol/Serializer.h>
-#include <xrpl/shamap/SHAMap.h>
-#include <xrpl/shamap/SHAMapAccountStateLeafNode.h>
-#include <xrpl/shamap/SHAMapInnerNode.h>
-#include <xrpl/shamap/SHAMapItem.h>
-#include <xrpl/shamap/SHAMapTreeNode.h>
-
-#include <boost/smart_ptr/intrusive_ptr.hpp>
-
-#include <xrpl.pb.h>
-
-#include <bit>
-#include <cstdint>
-#include <string>
-
-namespace xrpl::tests {
-
-class LedgerNodeHelpers_test : public beast::unit_test::Suite
-{
-    static boost::intrusive_ptr<SHAMapItem>
-    makeTestItem(std::uint32_t seed)
-    {
-        Serializer s;
-        s.add32(seed);
-        s.add32(seed + 1);
-        s.add32(seed + 2);
-        return makeShamapitem(s.getSHA512Half(), s.slice());
-    }
-
-    static std::string
-    serializeNode(SHAMapTreeNodePtr const& node)
-    {
-        Serializer s;
-        node->serializeForWire(s);
-        auto const slice = s.slice();
-        return std::string(std::bit_cast<char const*>(slice.data()), slice.size());
-    }
-
-    void
-    testGetTreeNode()
-    {
-        testcase("getTreeNode");
-
-        // Valid: inner node. It must have at least one child for `serializeNode` to work.
-        {
-            auto const innerNode = intr_ptr::makeShared<SHAMapInnerNode>(1);
-            auto const childNode = intr_ptr::makeShared<SHAMapInnerNode>(1);
-            innerNode->setChild(0, childNode);
-            auto const innerData = serializeNode(innerNode);
-            auto const result = getTreeNode(innerData);
-            BEAST_EXPECT(result && result->isInner());
-        }
-
-        // Valid: leaf node.
-        {
-            auto const leafItem = makeTestItem(12345);
-            auto const leafNode = intr_ptr::makeShared<SHAMapAccountStateLeafNode>(leafItem, 1);
-            auto const leafData = serializeNode(leafNode);
-            auto const result = getTreeNode(leafData);
-            BEAST_EXPECT(result && result->isLeaf());
-        }
-
-        // Invalid: empty data.
-        {
-            auto const result = getTreeNode("");
-            BEAST_EXPECT(!result);
-        }
-
-        // Invalid: garbage data.
-        {
-            auto const result = getTreeNode("invalid");
-            BEAST_EXPECT(!result);
-        }
-
-        // Invalid: truncated data.
-        {
-            auto const leafItem = makeTestItem(54321);
-            auto const leafNode = intr_ptr::makeShared<SHAMapAccountStateLeafNode>(leafItem, 1);
-            // Truncate the data to trigger an exception in SHAMapTreeNode::makeAccountState when
-            // the data is used to deserialize the node.
-            uint256 const tag;
-            auto const leafData = serializeNode(leafNode).substr(0, tag.kBytes - 1);
-            auto const result = getTreeNode(leafData);
-            BEAST_EXPECT(!result);
-        }
-    }
-
-    void
-    testGetSHAMapNodeID()
-    {
-        testcase("getSHAMapNodeID");
-
-        {
-            // Tests using inner nodes at various depths.
-            auto const innerNode = intr_ptr::makeShared<SHAMapInnerNode>(1);
-            auto const childNode = intr_ptr::makeShared<SHAMapInnerNode>(1);
-            innerNode->setChild(0, childNode);
-            auto const innerData = serializeNode(innerNode);
-
-            // Valid: legacy `nodeid` field at arbitrary depth.
-            {
-                auto const innerDepth = 3;
-                auto const innerID = SHAMapNodeID::createID(innerDepth, uint256{});
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(innerData);
-                ledgerNode.set_nodeid(innerID.getRawString());
-                auto const result = getSHAMapNodeID(ledgerNode, *innerNode);
-                BEAST_EXPECT(result == innerID);
-            }
-
-            // Valid: new `id` field at minimum depth.
-            {
-                auto const innerDepth = 0;
-                auto const innerID = SHAMapNodeID::createID(innerDepth, uint256{});
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(innerData);
-                ledgerNode.set_id(innerID.getRawString());
-                auto const result = getSHAMapNodeID(ledgerNode, *innerNode);
-                BEAST_EXPECT(result == innerID);
-            }
-
-            // Invalid: new `depth` field should not be used for inner nodes.
-            {
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(innerData);
-                ledgerNode.set_depth(10);
-                auto const result = getSHAMapNodeID(ledgerNode, *innerNode);
-                BEAST_EXPECT(!result);
-            }
-
-            // Invalid: both legacy `nodeid` and new `id` fields set for an inner node.
-            {
-                auto const innerDepth = 9;
-                auto const innerID = SHAMapNodeID::createID(innerDepth, uint256{});
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(innerData);
-                ledgerNode.set_nodeid(innerID.getRawString());
-                ledgerNode.set_id(innerID.getRawString());
-                auto const result = getSHAMapNodeID(ledgerNode, *innerNode);
-                BEAST_EXPECT(!result);
-            }
-        }
-
-        {
-            // Tests using leaf nodes at various depths.
-            auto const leafItem = makeTestItem(12345);
-            auto const leafNode = intr_ptr::makeShared<SHAMapAccountStateLeafNode>(leafItem, 1);
-            auto const leafData = serializeNode(leafNode);
-            auto const leafKey = leafItem->key();
-
-            // Valid: legacy `nodeid` field at arbitrary depth.
-            {
-                auto const kLeafDepth = 5;
-                auto const leafID = SHAMapNodeID::createID(kLeafDepth, leafKey);
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(leafData);
-                ledgerNode.set_nodeid(leafID.getRawString());
-                auto const result = getSHAMapNodeID(ledgerNode, *leafNode);
-                BEAST_EXPECT(result == leafID);
-            }
-
-            // Invalid: new `id` field should not be used for leaf nodes.
-            {
-                auto const kLeafDepth = 5;
-                auto const leafID = SHAMapNodeID::createID(kLeafDepth, leafKey);
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(leafData);
-                ledgerNode.set_id(leafID.getRawString());
-                auto const result = getSHAMapNodeID(ledgerNode, *leafNode);
-                BEAST_EXPECT(!result);
-            }
-
-            // Valid: new `depth` field at minimum depth.
-            {
-                auto const kLeafDepth = 0;
-                auto const leafID = SHAMapNodeID::createID(kLeafDepth, leafKey);
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(leafData);
-                ledgerNode.set_depth(kLeafDepth);
-                auto const result = getSHAMapNodeID(ledgerNode, *leafNode);
-                BEAST_EXPECT(result == leafID);
-            }
-
-            // Valid: new `depth` field at arbitrary depth between minimum and maximum.
-            {
-                auto const kLeafDepth = 10;
-                auto const leafID = SHAMapNodeID::createID(kLeafDepth, leafKey);
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(leafData);
-                ledgerNode.set_depth(kLeafDepth);
-                auto const result = getSHAMapNodeID(ledgerNode, *leafNode);
-                BEAST_EXPECT(result == leafID);
-            }
-
-            // Valid: new `depth` field at maximum depth.
-            // Note that we do not test a depth greater than the maximum depth, because the proto
-            // message is assumed to have been validated by the time the getSHAMapNodeID function is
-            // called.
-            {
-                auto const kLeafDepth = SHAMap::kLeafDepth;
-                auto const leafID = SHAMapNodeID::createID(kLeafDepth, leafKey);
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(leafData);
-                ledgerNode.set_depth(kLeafDepth);
-                auto const result = getSHAMapNodeID(ledgerNode, *leafNode);
-                BEAST_EXPECT(result == leafID);
-            }
-
-            // Invalid: legacy `nodeid` field where the node ID is inconsistent with the key.
-            {
-                auto const otherItem = makeTestItem(54321);
-                auto const otherNode =
-                    intr_ptr::makeShared<SHAMapAccountStateLeafNode>(otherItem, 1);
-                auto const otherData = serializeNode(otherNode);
-                auto const otherKey = otherItem->key();
-                auto const otherDepth = 1;
-                auto const otherID = SHAMapNodeID::createID(otherDepth, otherKey);
-
-                protocol::TMLedgerNode ledgerNode;
-                ledgerNode.set_nodedata(otherData);
-                ledgerNode.set_nodeid(otherID.getRawString());
-                auto const result = getSHAMapNodeID(ledgerNode, *leafNode);
-                BEAST_EXPECT(!result);
-            }
-        }
-
-        // Invalid: no field set.
-        {
-            auto const innerNode = intr_ptr::makeShared<SHAMapInnerNode>(1);
-            protocol::TMLedgerNode ledgerNode;
-            ledgerNode.set_nodedata("test_data");
-            auto const result = getSHAMapNodeID(ledgerNode, *innerNode);
-            BEAST_EXPECT(!result);
-        }
-    }
-
-public:
-    void
-    run() override
-    {
-        testGetTreeNode();
-        testGetSHAMapNodeID();
-    }
-};
-
-BEAST_DEFINE_TESTSUITE(LedgerNodeHelpers, app, xrpl);
-
-}  // namespace xrpl::tests

src/test/overlay/ProtocolVersion_test.cpp

@@ -63,8 +63,8 @@ public:
                 negotiateProtocolVersion("RTXP/1.2, XRPL/2.0, XRPL/2.1") == makeProtocol(2, 1));
             BEAST_EXPECT(negotiateProtocolVersion("XRPL/2.2") == makeProtocol(2, 2));
             BEAST_EXPECT(
-                negotiateProtocolVersion("RTXP/1.2, XRPL/2.3, XRPL/2.4, XRPL/999.999") ==
-                makeProtocol(2, 3));
+                negotiateProtocolVersion("RTXP/1.2, XRPL/2.2, XRPL/2.3, XRPL/999.999") ==
+                makeProtocol(2, 2));
             BEAST_EXPECT(negotiateProtocolVersion("XRPL/999.999, WebSocket/1.0") == std::nullopt);
             BEAST_EXPECT(negotiateProtocolVersion("") == std::nullopt);
         }

src/test/shamap/SHAMapSync_test.cpp

@@ -1,6 +1,7 @@
 #include <test/shamap/common.h>
 #include <test/unit_test/SuiteJournal.h>
 
+#include <xrpl/basics/Blob.h>
 #include <xrpl/basics/SHAMapHash.h>
 #include <xrpl/basics/Slice.h>
 #include <xrpl/basics/base_uint.h>
@@ -115,18 +116,14 @@ public:
         destination.setSynching();
 
         {
-            std::vector<SHAMapNodeData> a;
+            std::vector<std::pair<SHAMapNodeID, Blob>> a;
 
             BEAST_EXPECT(source.getNodeFat(SHAMapNodeID(), a, randBool(eng), randInt(eng, 2)));
 
             unexpected(a.empty(), "NodeSize");
 
-            auto node = SHAMapTreeNode::makeFromWire(makeSlice(a[0].data));
-            if (!node)
-                fail("", __FILE__, __LINE__);
-            BEAST_EXPECT(a[0].isLeaf == node->isLeaf());
-            BEAST_EXPECT(
-                destination.addRootNode(source.getHash(), std::move(node), nullptr).isGood());
+            BEAST_EXPECT(destination.addRootNode(source.getHash(), makeSlice(a[0].second), nullptr)
+                             .isGood());
         }
 
         do
@@ -140,7 +137,7 @@ public:
                 break;
 
             // get as many nodes as possible based on this information
-            std::vector<SHAMapNodeData> b;
+            std::vector<std::pair<SHAMapNodeID, Blob>> b;
 
             for (auto& it : nodesMissing)
             {
@@ -162,12 +159,8 @@ public:
                 // Don't use BEAST_EXPECT here b/c it will be called a
                 // non-deterministic number of times and the number of tests run
                 // should be deterministic
-                auto node = SHAMapTreeNode::makeFromWire(makeSlice(b[i].data));
-                if (!node)
-                    fail("", __FILE__, __LINE__);
-                if (b[i].isLeaf != node->isLeaf())
-                    fail("", __FILE__, __LINE__);
-                if (!destination.addKnownNode(b[i].nodeID, std::move(node), nullptr).isUseful())
+                if (!destination.addKnownNode(b[i].first, makeSlice(b[i].second), nullptr)
+                         .isUseful())
                     fail("", __FILE__, __LINE__);
             }
         } while (true);

src/tests/libxrpl/CMakeLists.txt

@@ -53,4 +53,4 @@ foreach(module IN LISTS test_modules)
     )
 endforeach()
 
-gtest_discover_tests(xrpl_tests)
+gtest_discover_tests(xrpl_tests DISCOVERY_TIMEOUT 60)

src/xrpld/app/ledger/InboundLedger.h

@@ -9,7 +9,6 @@
 
 #include <mutex>
 #include <set>
-#include <string_view>
 #include <utility>
 
 namespace xrpl {
@@ -132,19 +131,16 @@ private:
     processData(std::shared_ptr<Peer> peer, protocol::TMLedgerData& data);
 
     bool
-    takeHeader(std::string_view data);
+    takeHeader(std::string const& data);
 
     void
-    receiveNode(
-        std::shared_ptr<Peer> const& peer,
-        protocol::TMLedgerData& packet,
-        SHAMapAddNode& san);
+    receiveNode(protocol::TMLedgerData& packet, SHAMapAddNode&);
 
     bool
-    takeTxRootNode(std::string_view data, SHAMapAddNode& san);
+    takeTxRootNode(Slice const& data, SHAMapAddNode&);
 
     bool
-    takeAsRootNode(std::string_view data, SHAMapAddNode& san);
+    takeAsRootNode(Slice const& data, SHAMapAddNode&);
 
     std::vector<uint256>
     neededTxHashes(int max, SHAMapSyncFilter* filter) const;

src/xrpld/app/ledger/LedgerNodeHelpers.h

@@ -1,53 +0,0 @@
-#pragma once
-
-#include <xrpl/basics/IntrusivePointer.h>
-#include <xrpl/shamap/SHAMapNodeID.h>
-#include <xrpl/shamap/SHAMapTreeNode.h>
-
-#include <optional>
-#include <string_view>
-
-namespace protocol {
-class TMLedgerNode;
-}  // namespace protocol
-
-namespace xrpl {
-
-/**
- * @brief Deserializes a SHAMapTreeNode from wire format data.
- *
- * This function attempts to create a SHAMapTreeNode from the provided data string. If the data is
- * malformed or deserialization fails, the function returns a nullptr instead of throwing an
- * exception.
- *
- * @param data The serialized node data in wire format.
- * @return The deserialized tree node if successful, or a nullptr if deserialization fails.
- */
-[[nodiscard]] SHAMapTreeNodePtr
-getTreeNode(std::string_view data);
-
-/**
- * @brief Extracts or reconstructs the SHAMapNodeID from a ledger node proto message.
- *
- * This function retrieves the SHAMapNodeID for a tree node, with behavior that depends on which
- * field is set and the node type (inner vs. leaf).
- *
- * When the legacy `nodeid` field is set in the message:
- * - For all nodes: Deserializes the node ID from the field.
- * - For leaf nodes: Validates that the node ID is consistent with the leaf's key.
- *
- * When the new `id` or `depth` field is set in the message:
- * - For inner nodes: Deserializes the node ID from the `id` field.
- * - For leaf nodes: Reconstructs the node ID using both the depth from the `depth` field and the
- *   key from the leaf node's item.
- * Note that root nodes may be inner nodes or leaf nodes.
- *
- * @param ledgerNode The validated protocol message containing the ledger node data.
- * @param treeNode The deserialized tree node (inner or leaf node).
- * @return An optional containing the node ID if extraction/reconstruction succeeds, or std::nullopt
- *         if the required fields are missing or validation fails.
- */
-[[nodiscard]] std::optional<SHAMapNodeID>
-getSHAMapNodeID(protocol::TMLedgerNode const& ledgerNode, SHAMapTreeNode const& treeNode);
-
-}  // namespace xrpl

src/xrpld/app/ledger/detail/InboundLedger.cpp

@@ -3,7 +3,6 @@
 #include <xrpld/app/ledger/AccountStateSF.h>
 #include <xrpld/app/ledger/InboundLedgers.h>
 #include <xrpld/app/ledger/LedgerMaster.h>
-#include <xrpld/app/ledger/LedgerNodeHelpers.h>
 #include <xrpld/app/ledger/TransactionStateSF.h>
 #include <xrpld/app/ledger/detail/TimeoutCounter.h>
 #include <xrpld/app/main/Application.h>
@@ -45,8 +44,8 @@
 #include <mutex>
 #include <random>
 #include <sstream>
+#include <stdexcept>
 #include <string>
-#include <string_view>
 #include <tuple>
 #include <unordered_map>
 #include <utility>
@@ -776,7 +775,7 @@ InboundLedger::filterNodes(
 */
 // data must not have hash prefix
 bool
-InboundLedger::takeHeader(std::string_view data)
+InboundLedger::takeHeader(std::string const& data)
 {
     // Return value: true=normal, false=bad data
     JLOG(journal_.trace()) << "got header acquiring ledger " << hash_;
@@ -821,10 +820,7 @@ InboundLedger::takeHeader(std::string_view data)
     Call with a lock
 */
 void
-InboundLedger::receiveNode(
-    std::shared_ptr<Peer> const& peer,
-    protocol::TMLedgerData& packet,
-    SHAMapAddNode& san)
+InboundLedger::receiveNode(protocol::TMLedgerData& packet, SHAMapAddNode& san)
 {
     if (!haveHeader_)
     {
@@ -867,47 +863,32 @@ InboundLedger::receiveNode(
     {
         auto const f = filter.get();
 
-        for (auto const& ledgerNode : packet.nodes())
+        for (auto const& node : packet.nodes())
         {
-            auto treeNode = getTreeNode(ledgerNode.nodedata());
-            if (!treeNode)
-            {
-                JLOG(journal_.warn()) << "Got invalid node data";
-                peer->charge(Resource::kFeeInvalidData, "ledger_node.node_data invalid");
-                san.incInvalid();
-                return;
-            }
+            auto const nodeID = deserializeSHAMapNodeID(node.nodeid());
 
-            auto const nodeID = getSHAMapNodeID(ledgerNode, *treeNode);
             if (!nodeID)
-            {
-                JLOG(journal_.warn()) << "Got invalid node id";
-                peer->charge(Resource::kFeeInvalidData, "ledger_node.node_id invalid");
-                san.incInvalid();
-                return;
-            }
+                throw std::runtime_error("data does not properly deserialize");
 
             if (nodeID->isRoot())
             {
-                san += map.addRootNode(rootHash, std::move(treeNode), f);
+                san += map.addRootNode(rootHash, makeSlice(node.nodedata()), f);
             }
             else
             {
-                san += map.addKnownNode(*nodeID, std::move(treeNode), f);
+                san += map.addKnownNode(*nodeID, makeSlice(node.nodedata()), f);
             }
 
             if (!san.isGood())
             {
-                JLOG(journal_.warn()) << "Got invalid node";
-                peer->charge(Resource::kFeeInvalidData, "ledger_node invalid");
+                JLOG(journal_.warn()) << "Received bad node data";
                 return;
             }
         }
     }
     catch (std::exception const& e)
     {
-        // If we get here it is not necessarily because the node was bad, so don't charge the peer.
-        JLOG(journal_.error()) << "Could not process node: " << e.what();
+        JLOG(journal_.error()) << "Received bad node data: " << e.what();
         san.incInvalid();
         return;
     }
@@ -935,7 +916,7 @@ InboundLedger::receiveNode(
     Call with a lock
 */
 bool
-InboundLedger::takeAsRootNode(std::string_view data, SHAMapAddNode& san)
+InboundLedger::takeAsRootNode(Slice const& data, SHAMapAddNode& san)
 {
     if (failed_ || haveState_)
     {
@@ -951,17 +932,9 @@ InboundLedger::takeAsRootNode(std::string_view data, SHAMapAddNode& san)
         // LCOV_EXCL_STOP
     }
 
-    auto treeNode = getTreeNode(data);
-    if (!treeNode)
-    {
-        JLOG(journal_.warn()) << "Got invalid node data";
-        san.incInvalid();
-        return false;
-    }
-
     AccountStateSF filter(ledger_->stateMap().family().db(), app_.getLedgerMaster());
-    san += ledger_->stateMap().addRootNode(
-        SHAMapHash{ledger_->header().accountHash}, std::move(treeNode), &filter);
+    san +=
+        ledger_->stateMap().addRootNode(SHAMapHash{ledger_->header().accountHash}, data, &filter);
     return san.isGood();
 }
 
@@ -969,7 +942,7 @@ InboundLedger::takeAsRootNode(std::string_view data, SHAMapAddNode& san)
     Call with a lock
 */
 bool
-InboundLedger::takeTxRootNode(std::string_view data, SHAMapAddNode& san)
+InboundLedger::takeTxRootNode(Slice const& data, SHAMapAddNode& san)
 {
     if (failed_ || haveTransactions_)
     {
@@ -985,17 +958,8 @@ InboundLedger::takeTxRootNode(std::string_view data, SHAMapAddNode& san)
         // LCOV_EXCL_STOP
     }
 
-    auto treeNode = getTreeNode(data);
-    if (!treeNode)
-    {
-        JLOG(journal_.warn()) << "Got invalid node data";
-        san.incInvalid();
-        return false;
-    }
-
     TransactionStateSF filter(ledger_->txMap().family().db(), app_.getLedgerMaster());
-    san += ledger_->txMap().addRootNode(
-        SHAMapHash{ledger_->header().txHash}, std::move(treeNode), &filter);
+    san += ledger_->txMap().addRootNode(SHAMapHash{ledger_->header().txHash}, data, &filter);
     return san.isGood();
 }
 
@@ -1092,25 +1056,15 @@ InboundLedger::processData(std::shared_ptr<Peer> peer, protocol::TMLedgerData& p
             }
 
             if (!haveState_ && (packet.nodes().size() > 1) &&
-                !takeAsRootNode(packet.nodes(1).nodedata(), san))
+                !takeAsRootNode(makeSlice(packet.nodes(1).nodedata()), san))
             {
                 JLOG(journal_.warn()) << "Included AS root invalid";
-                if (san.isInvalid())
-                {
-                    peer->charge(Resource::kFeeInvalidData, "ledger_data invalid AS root");
-                    return -1;
-                }
             }
 
             if (!haveTransactions_ && (packet.nodes().size() > 2) &&
-                !takeTxRootNode(packet.nodes(2).nodedata(), san))
+                !takeTxRootNode(makeSlice(packet.nodes(2).nodedata()), san))
             {
                 JLOG(journal_.warn()) << "Included TX root invalid";
-                if (san.isInvalid())
-                {
-                    peer->charge(Resource::kFeeInvalidData, "ledger_data invalid TX root");
-                    return -1;
-                }
             }
         }
         catch (std::exception const& ex)
@@ -1139,18 +1093,24 @@ InboundLedger::processData(std::shared_ptr<Peer> peer, protocol::TMLedgerData& p
 
         ScopedLockType const sl(mtx_);
 
+        // Verify node IDs and data are complete
+        for (auto const& node : packet.nodes())
+        {
+            if (!node.has_nodeid() || !node.has_nodedata())
+            {
+                JLOG(journal_.warn()) << "Got bad node";
+                peer->charge(Resource::kFeeMalformedRequest, "ledger_data bad node");
+                return -1;
+            }
+        }
+
         SHAMapAddNode san;
-        receiveNode(peer, packet, san);
+        receiveNode(packet, san);
 
         JLOG(journal_.debug()) << "Ledger "
                                << ((packet.type() == protocol::liTX_NODE) ? "TX" : "AS")
                                << " node stats: " << san.get();
 
-        // Note: Peer charges for invalid/malformed data are issued from within receiveNode at the
-        // exact failure site, so the peer is only charged for problems they are responsible for.
-        if (san.isInvalid())
-            return -1;
-
         if (san.isUseful())
             progress_ = true;
 

src/xrpld/app/ledger/detail/InboundLedgers.cpp

@@ -2,13 +2,13 @@
 
 #include <xrpld/app/ledger/InboundLedger.h>
 #include <xrpld/app/ledger/LedgerMaster.h>
-#include <xrpld/app/ledger/LedgerNodeHelpers.h>
 #include <xrpld/app/main/Application.h>
 #include <xrpld/overlay/PeerSet.h>
 
 #include <xrpl/basics/Blob.h>
 #include <xrpl/basics/DecayingSample.h>
 #include <xrpl/basics/Log.h>
+#include <xrpl/basics/Slice.h>
 #include <xrpl/basics/UnorderedContainers.h>
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/basics/scope.h>
@@ -248,17 +248,23 @@ public:
         Serializer s;
         try
         {
-            for (auto const& ledgerNode : packetPtr->nodes())
+            for (int i = 0; i < packetPtr->nodes().size(); ++i)
             {
-                auto const treeNode = getTreeNode(ledgerNode.nodedata());
-                if (!treeNode)
+                auto const& node = packetPtr->nodes(i);
+
+                if (!node.has_nodeid() || !node.has_nodedata())
+                    return;
+
+                auto newNode = SHAMapTreeNode::makeFromWire(makeSlice(node.nodedata()));
+
+                if (!newNode)
                     return;
 
                 s.erase();
-                treeNode->serializeWithPrefix(s);
+                newNode->serializeWithPrefix(s);
 
                 app_.getLedgerMaster().addFetchPack(
-                    treeNode->getHash().asUInt256(), std::make_shared<Blob>(s.begin(), s.end()));
+                    newNode->getHash().asUInt256(), std::make_shared<Blob>(s.begin(), s.end()));
             }
         }
         catch (std::exception const&)  // NOLINT(bugprone-empty-catch)

src/xrpld/app/ledger/detail/InboundTransactions.cpp

@@ -1,11 +1,11 @@
 #include <xrpld/app/ledger/InboundTransactions.h>
 
-#include <xrpld/app/ledger/LedgerNodeHelpers.h>
 #include <xrpld/app/ledger/detail/TransactionAcquire.h>
 #include <xrpld/app/main/Application.h>
 #include <xrpld/overlay/PeerSet.h>
 
 #include <xrpl/basics/Log.h>
+#include <xrpl/basics/Slice.h>
 #include <xrpl/basics/UnorderedContainers.h>
 #include <xrpl/beast/insight/Collector.h>
 #include <xrpl/protocol/RippleLedgerHash.h>
@@ -14,7 +14,6 @@
 #include <xrpl/shamap/SHAMap.h>
 #include <xrpl/shamap/SHAMapMissingNode.h>
 #include <xrpl/shamap/SHAMapNodeID.h>
-#include <xrpl/shamap/SHAMapTreeNode.h>
 
 #include <xrpl.pb.h>
 
@@ -137,43 +136,34 @@ public:
 
         if (ta == nullptr)
         {
-            peer->charge(Resource::kFeeUselessData, "ledger_data useless");
+            peer->charge(Resource::kFeeUselessData, "ledger_data");
             return;
         }
 
-        std::vector<std::pair<SHAMapNodeID, SHAMapTreeNodePtr>> data;
+        std::vector<std::pair<SHAMapNodeID, Slice>> data;
         data.reserve(packet.nodes().size());
 
-        for (auto const& ledgerNode : packet.nodes())
+        for (auto const& node : packet.nodes())
         {
-            auto treeNode = getTreeNode(ledgerNode.nodedata());
-            if (!treeNode)
+            if (!node.has_nodeid() || !node.has_nodedata())
             {
-                JLOG(j_.warn()) << "Got invalid node data";
-                peer->charge(Resource::kFeeInvalidData, "ledger_node.node_data invalid");
+                peer->charge(Resource::kFeeMalformedRequest, "ledger_data");
                 return;
             }
 
-            auto const nodeID = getSHAMapNodeID(ledgerNode, *treeNode);
-            if (!nodeID)
+            auto const id = deserializeSHAMapNodeID(node.nodeid());
+
+            if (!id)
             {
-                JLOG(j_.warn()) << "Got invalid node id";
-                peer->charge(Resource::kFeeInvalidData, "ledger_node.node_id invalid");
+                peer->charge(Resource::kFeeInvalidData, "ledger_data");
                 return;
             }
 
-            data.emplace_back(*nodeID, std::move(treeNode));
+            data.emplace_back(*id, makeSlice(node.nodedata()));
         }
 
-        auto const san = ta->takeNodes(std::move(data), peer);
-        if (san.isInvalid())
-        {
-            peer->charge(Resource::kFeeInvalidData, "ledger_data invalid");
-        }
-        else if (!san.isUseful())
-        {
-            peer->charge(Resource::kFeeUselessData, "ledger_data useless");
-        }
+        if (!ta->takeNodes(data, peer).isUseful())
+            peer->charge(Resource::kFeeUselessData, "ledger_data not useful");
     }
 
     void

src/xrpld/app/ledger/detail/LedgerNodeHelpers.cpp

@@ -1,81 +0,0 @@
-#include <xrpld/app/ledger/LedgerNodeHelpers.h>
-
-#include <xrpl/basics/Slice.h>
-#include <xrpl/basics/safe_cast.h>
-#include <xrpl/beast/utility/instrumentation.h>
-#include <xrpl/shamap/SHAMap.h>
-#include <xrpl/shamap/SHAMapLeafNode.h>
-#include <xrpl/shamap/SHAMapNodeID.h>
-#include <xrpl/shamap/SHAMapTreeNode.h>
-
-#include <xrpl.pb.h>
-
-#include <exception>
-#include <optional>
-#include <string_view>
-
-namespace xrpl {
-
-SHAMapTreeNodePtr
-getTreeNode(std::string_view data)
-{
-    auto const slice = makeSlice(data);
-    try
-    {
-        return SHAMapTreeNode::makeFromWire(slice);
-    }
-    catch (std::exception const&)
-    {
-        return {};
-    }
-}
-
-std::optional<SHAMapNodeID>
-getSHAMapNodeID(protocol::TMLedgerNode const& ledgerNode, SHAMapTreeNode const& treeNode)
-{
-    if (ledgerNode.has_id() || ledgerNode.has_depth())
-    {
-        // Reject ambiguous messages that mix the legacy and new reference fields.
-        if (ledgerNode.has_nodeid())
-            return std::nullopt;
-
-        if (treeNode.isInner())
-        {
-            if (!ledgerNode.has_id())
-                return std::nullopt;
-
-            return deserializeSHAMapNodeID(ledgerNode.id());
-        }
-
-        if (treeNode.isLeaf())
-        {
-            if (!ledgerNode.has_depth() || ledgerNode.depth() > SHAMap::kLeafDepth)
-                return std::nullopt;
-
-            auto const key = safeDowncast<SHAMapLeafNode const*>(&treeNode)->peekItem()->key();
-            return SHAMapNodeID::createID(ledgerNode.depth(), key);
-        }
-
-        UNREACHABLE("xrpl::getSHAMapNodeID : tree node is neither inner nor leaf");
-        return std::nullopt;
-    }
-
-    if (!ledgerNode.has_nodeid())
-        return std::nullopt;
-
-    auto nodeID = deserializeSHAMapNodeID(ledgerNode.nodeid());
-    if (!nodeID.has_value())
-        return std::nullopt;
-
-    if (treeNode.isLeaf())
-    {
-        auto const key = safeDowncast<SHAMapLeafNode const*>(&treeNode)->peekItem()->key();
-        auto const expectedID = SHAMapNodeID::createID(static_cast<int>(nodeID->getDepth()), key);
-        if (nodeID->getNodeID() != expectedID.getNodeID())
-            return std::nullopt;
-    }
-
-    return nodeID;
-}
-
-}  // namespace xrpl

src/xrpld/app/ledger/detail/TransactionAcquire.cpp

@@ -7,13 +7,13 @@
 #include <xrpld/overlay/PeerSet.h>
 
 #include <xrpl/basics/Log.h>
+#include <xrpl/basics/Slice.h>
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/core/Job.h>
 #include <xrpl/server/NetworkOPs.h>
 #include <xrpl/shamap/SHAMap.h>
 #include <xrpl/shamap/SHAMapAddNode.h>
 #include <xrpl/shamap/SHAMapMissingNode.h>
-#include <xrpl/shamap/SHAMapTreeNode.h>
 
 #include <xrpl.pb.h>
 
@@ -171,7 +171,7 @@ TransactionAcquire::trigger(std::shared_ptr<Peer> const& peer)
 
 SHAMapAddNode
 TransactionAcquire::takeNodes(
-    std::vector<std::pair<SHAMapNodeID, SHAMapTreeNodePtr>> data,
+    std::vector<std::pair<SHAMapNodeID, Slice>> const& data,
     std::shared_ptr<Peer> const& peer)
 {
     ScopedLockType const sl(mtx_);
@@ -195,7 +195,7 @@ TransactionAcquire::takeNodes(
 
         ConsensusTransSetSF sf(app_, app_.getTempNodeCache());
 
-        for (auto& d : data)
+        for (auto const& d : data)
         {
             if (d.first.isRoot())
             {
@@ -203,8 +203,7 @@ TransactionAcquire::takeNodes(
                 {
                     JLOG(journal_.debug()) << "Got root TXS node, already have it";
                 }
-                else if (!map_->addRootNode(SHAMapHash{hash_}, std::move(d.second), nullptr)
-                              .isGood())
+                else if (!map_->addRootNode(SHAMapHash{hash_}, d.second, nullptr).isGood())
                 {
                     JLOG(journal_.warn()) << "TX acquire got bad root node";
                 }
@@ -213,7 +212,7 @@ TransactionAcquire::takeNodes(
                     haveRoot_ = true;
                 }
             }
-            else if (!map_->addKnownNode(d.first, std::move(d.second), &sf).isGood())
+            else if (!map_->addKnownNode(d.first, d.second, &sf).isGood())
             {
                 JLOG(journal_.warn()) << "TX acquire got bad non-root node";
                 return SHAMapAddNode::invalid();

src/xrpld/app/ledger/detail/TransactionAcquire.h

@@ -21,8 +21,8 @@ public:
 
     SHAMapAddNode
     takeNodes(
-        std::vector<std::pair<SHAMapNodeID, SHAMapTreeNodePtr>> data,
-        std::shared_ptr<Peer> const& peer);
+        std::vector<std::pair<SHAMapNodeID, Slice>> const& data,
+        std::shared_ptr<Peer> const&);
 
     void
     init(int startPeers);

src/xrpld/overlay/Peer.h

@@ -17,7 +17,6 @@ enum class ProtocolFeature {
     ValidatorListPropagation,
     ValidatorList2Propagation,
     LedgerReplay,
-    LedgerNodeDepth,
 };
 
 /** Represents a peer connection in the overlay. */

src/xrpld/overlay/detail/PeerImp.cpp

@@ -5,7 +5,6 @@
 #include <xrpld/app/ledger/InboundLedgers.h>
 #include <xrpld/app/ledger/InboundTransactions.h>
 #include <xrpld/app/ledger/LedgerMaster.h>
-#include <xrpld/app/ledger/LedgerNodeHelpers.h>
 #include <xrpld/app/ledger/TransactionMaster.h>
 #include <xrpld/app/misc/Transaction.h>
 #include <xrpld/app/misc/ValidatorList.h>
@@ -62,7 +61,6 @@
 #include <xrpl/server/Handoff.h>
 #include <xrpl/server/LoadFeeTrack.h>
 #include <xrpl/server/NetworkOPs.h>
-#include <xrpl/shamap/SHAMap.h>
 #include <xrpl/shamap/SHAMapNodeID.h>
 #include <xrpl/tx/apply.h>
 
@@ -551,8 +549,6 @@ PeerImp::supportsFeature(ProtocolFeature f) const
             return protocol_ >= makeProtocol(2, 1);
         case ProtocolFeature::ValidatorList2Propagation:
             return protocol_ >= makeProtocol(2, 2);
-        case ProtocolFeature::LedgerNodeDepth:
-            return protocol_ >= makeProtocol(2, 3);
         case ProtocolFeature::LedgerReplay:
             return ledgerReplayEnabled_;
     }
@@ -1497,12 +1493,23 @@ PeerImp::onMessage(std::shared_ptr<protocol::TMGetLedger> const& m)
         }
     }
 
-    // Cheap structural checks on node IDs; full parsing is deferred to the job
-    // so the IO thread is not burdened with SHAMapNodeID deserialization.
-    if (itype != protocol::liBASE && m->nodeids_size() <= 0)
+    // Verify ledger node IDs
+    if (itype != protocol::liBASE)
     {
-        badData("Invalid ledger node IDs");
-        return;
+        if (m->nodeids_size() <= 0)
+        {
+            badData("Invalid ledger node IDs");
+            return;
+        }
+
+        for (auto const& nodeId : m->nodeids())
+        {
+            if (deserializeSHAMapNodeID(nodeId) == std::nullopt)
+            {
+                badData("Invalid SHAMap node ID");
+                return;
+            }
+        }
     }
 
     // Verify query type
@@ -1522,32 +1529,11 @@ PeerImp::onMessage(std::shared_ptr<protocol::TMGetLedger> const& m)
         }
     }
 
-    // Queue a job to process the request. Full parsing of the node IDs is
-    // performed inside the job so the IO thread is not burdened with
-    // SHAMapNodeID deserialization for every TMGetLedger.
+    // Queue a job to process the request
     std::weak_ptr<PeerImp> const weak = shared_from_this();
-    app_.getJobQueue().addJob(JtLedgerReq, "RcvGetLedger", [weak, m, itype]() {
-        auto peer = weak.lock();
-        if (!peer)
-            return;
-
-        std::vector<SHAMapNodeID> nodeIDs;
-        if (itype != protocol::liBASE)
-        {
-            nodeIDs.reserve(m->nodeids_size());
-            for (auto const& nodeId : m->nodeids())
-            {
-                auto parsed = deserializeSHAMapNodeID(nodeId);
-                if (!parsed)
-                {
-                    peer->charge(Resource::kFeeInvalidData, "get_ledger invalid node ID");
-                    return;
-                }
-                nodeIDs.push_back(std::move(*parsed));
-            }
-        }
-
-        peer->processLedgerRequest(m, std::move(nodeIDs));
+    app_.getJobQueue().addJob(JtLedgerReq, "RcvGetLedger", [weak, m]() {
+        if (auto peer = weak.lock())
+            peer->processLedgerRequest(m);
     });
 }
 
@@ -1712,44 +1698,12 @@ PeerImp::onMessage(std::shared_ptr<protocol::TMLedgerData> const& m)
         return;
     }
 
-    // If there is a request cookie, attempt to relay the message.
+    // If there is a request cookie, attempt to relay the message
     if (m->has_requestcookie())
     {
         if (auto peer = overlay_.findPeerByShortID(m->requestcookie()))
         {
             m->clear_requestcookie();
-
-            // If the original requester doesn't support the new depth-based format, rewrite any
-            // nodes that use it back to the legacy nodeid format before relaying. Once all nodes
-            // have upgraded, the old protocol version and this code can be removed.
-            if (!peer->supportsFeature(ProtocolFeature::LedgerNodeDepth))
-            {
-                for (int i = 0; i < m->nodes_size(); ++i)
-                {
-                    auto* ledgerNode = m->mutable_nodes(i);
-                    if (ledgerNode->reference_case() != ledgerNode->REFERENCE_NOT_SET)
-                    {
-                        auto treeNode = getTreeNode(ledgerNode->nodedata());
-                        if (!treeNode)
-                        {
-                            JLOG(pJournal_.warn()) << "Unable to get tree node";
-                            return;
-                        }
-
-                        auto const nodeID = getSHAMapNodeID(*ledgerNode, *treeNode);
-                        if (!nodeID)
-                        {
-                            JLOG(pJournal_.warn()) << "Unable to get node ID";
-                            return;
-                        }
-
-                        ledgerNode->set_nodeid(nodeID->getRawString());
-                        ledgerNode->clear_id();
-                        ledgerNode->clear_depth();
-                    }
-                }
-            }
-
             peer->send(std::make_shared<Message>(*m, protocol::mtLEDGER_DATA));
         }
         else
@@ -3288,9 +3242,7 @@ PeerImp::getTxSet(std::shared_ptr<protocol::TMGetLedger> const& m) const
 }
 
 void
-PeerImp::processLedgerRequest(
-    std::shared_ptr<protocol::TMGetLedger> const& m,
-    std::vector<SHAMapNodeID> nodeIDs)
+PeerImp::processLedgerRequest(std::shared_ptr<protocol::TMGetLedger> const& m)
 {
     // Do not resource charge a peer responding to a relay
     if (!m->has_requestcookie())
@@ -3375,25 +3327,26 @@ PeerImp::processLedgerRequest(
     }
 
     // Add requested node data to reply
-    if (!nodeIDs.empty())
+    if (m->nodeids_size() > 0)
     {
         std::uint32_t const defaultDepth = isHighLatency() ? 2 : 1;
         auto const queryDepth{m->has_querydepth() ? m->querydepth() : defaultDepth};
 
-        std::vector<SHAMapNodeData> data;
-        data.reserve(Tuning::kSoftMaxReplyNodes);
-        auto const useLedgerNodeDepth = supportsFeature(ProtocolFeature::LedgerNodeDepth);
+        std::vector<std::pair<SHAMapNodeID, Blob>> data;
 
-        for (auto const& nodeID : nodeIDs)
+        for (int i = 0;
+             i < m->nodeids_size() && ledgerData.nodes_size() < Tuning::kSoftMaxReplyNodes;
+             ++i)
         {
-            if (ledgerData.nodes_size() >= Tuning::kSoftMaxReplyNodes)
-                break;
+            auto const shaMapNodeId{deserializeSHAMapNodeID(m->nodeids(i))};
 
             data.clear();
+            data.reserve(Tuning::kSoftMaxReplyNodes);
 
             try
             {
-                if (map->getNodeFat(nodeID, data, fatLeaves, queryDepth))
+                // NOLINTNEXTLINE(bugprone-unchecked-optional-access) nodeids checked in onGetLedger
+                if (map->getNodeFat(*shaMapNodeId, data, fatLeaves, queryDepth))
                 {
                     JLOG(pJournal_.trace())
                         << "processLedgerRequest: getNodeFat got " << data.size() << " nodes";
@@ -3402,26 +3355,9 @@ PeerImp::processLedgerRequest(
                     {
                         if (ledgerData.nodes_size() >= Tuning::kHardMaxReplyNodes)
                             break;
-
                         protocol::TMLedgerNode* node{ledgerData.add_nodes()};
-
-                        node->set_nodedata(d.data.data(), d.data.size());
-
-                        // When the LedgerNodeDepth protocol feature is not supported by the peer,
-                        // we always set the `nodeid` field. However, when it is supported then we
-                        // set the `id` field for inner nodes and the `depth` field for leaf nodes.
-                        if (!useLedgerNodeDepth)
-                        {
-                            node->set_nodeid(d.nodeID.getRawString());
-                        }
-                        else if (d.isLeaf)
-                        {
-                            node->set_depth(d.nodeID.getDepth());
-                        }
-                        else
-                        {
-                            node->set_id(d.nodeID.getRawString());
-                        }
+                        node->set_nodeid(d.first.getRawString());
+                        node->set_nodedata(d.second.data(), d.second.size());
                     }
                 }
                 else
@@ -3460,7 +3396,7 @@ PeerImp::processLedgerRequest(
                     info += ", no hash specified";
 
                 JLOG(pJournal_.warn())
-                    << "processLedgerRequest: getNodeFat with nodeId " << nodeID
+                    << "processLedgerRequest: getNodeFat with nodeId " << *shaMapNodeId
                     << " and ledger info type " << info << " throws exception: " << e.what();
             }
         }

src/xrpld/overlay/detail/PeerImp.h

@@ -14,7 +14,6 @@
 #include <xrpl/protocol/STTx.h>
 #include <xrpl/protocol/STValidation.h>
 #include <xrpl/resource/Fees.h>
-#include <xrpl/shamap/SHAMapNodeID.h>
 
 #include <boost/circular_buffer.hpp>
 #include <boost/endian/conversion.hpp>
@@ -624,9 +623,7 @@ private:
     getTxSet(std::shared_ptr<protocol::TMGetLedger> const& m) const;
 
     void
-    processLedgerRequest(
-        std::shared_ptr<protocol::TMGetLedger> const& m,
-        std::vector<SHAMapNodeID> nodeIDs);
+    processLedgerRequest(std::shared_ptr<protocol::TMGetLedger> const& m);
 };
 
 //------------------------------------------------------------------------------

src/xrpld/overlay/detail/ProtocolVersion.cpp

@@ -28,7 +28,6 @@ namespace xrpl {
 constexpr ProtocolVersion const kSupportedProtocolList[]{
     {2, 1},
     {2, 2},
-    {2, 3},
 };
 
 // This ugly construct ensures that supportedProtocolList is sorted in strictly