feat: Migrate coroutine tests from Boost.Coroutine to C++20 coroutines

Migrate Coroutine_test and JobQueue_test from Boost.Coroutine to
C++20 std::coroutine using CoroTask/CoroTaskRunner:

- Coroutine_test: Replace Coro-based coroutine tests with CoroTask
  equivalents using co_await runner->yieldAndPost().
- JobQueue_test: Replace Coro suspend/resume patterns with CoroTask
  equivalents, use pointer-by-value captures in coroutine lambdas
  to avoid dangling reference issues.

.clang-tidy

@@ -8,12 +8,14 @@ Checks: "-*,
   bugprone-chained-comparison,
   bugprone-compare-pointer-to-member-virtual-function,
   bugprone-copy-constructor-init,
+  bugprone-crtp-constructor-accessibility,
   bugprone-dangling-handle,
   bugprone-dynamic-static-initializers,
   bugprone-empty-catch,
   bugprone-fold-init-type,
   bugprone-forward-declaration-namespace,
   bugprone-inaccurate-erase,
+  bugprone-inc-dec-in-conditions,
   bugprone-incorrect-enable-if,
   bugprone-incorrect-roundings,
   bugprone-infinite-loop,
@@ -30,9 +32,12 @@ Checks: "-*,
   bugprone-multiple-statement-macro,
   bugprone-no-escape,
   bugprone-non-zero-enum-to-bool-conversion,
+  bugprone-optional-value-conversion,
   bugprone-parent-virtual-call,
+  bugprone-pointer-arithmetic-on-polymorphic-object,
   bugprone-posix-return,
   bugprone-redundant-branch-condition,
+  bugprone-reserved-identifier,
   bugprone-return-const-ref-from-parameter,
   bugprone-shared-ptr-array-mismatch,
   bugprone-signal-handler,
@@ -49,19 +54,35 @@ Checks: "-*,
   bugprone-suspicious-include,
   bugprone-suspicious-memory-comparison,
   bugprone-suspicious-memset-usage,
+  bugprone-suspicious-missing-comma,
   bugprone-suspicious-realloc-usage,
   bugprone-suspicious-semicolon,
   bugprone-suspicious-string-compare,
+  bugprone-suspicious-stringview-data-usage,
   bugprone-swapped-arguments,
+  bugprone-switch-missing-default-case,
   bugprone-terminating-continue,
   bugprone-throw-keyword-missing,
+  bugprone-too-small-loop-variable,
+  # bugprone-unchecked-optional-access, # see https://github.com/XRPLF/rippled/pull/6502
   bugprone-undefined-memory-manipulation,
   bugprone-undelegated-constructor,
   bugprone-unhandled-exception-at-new,
+  bugprone-unhandled-self-assignment,
   bugprone-unique-ptr-array-mismatch,
   bugprone-unsafe-functions,
+  bugprone-use-after-move,
+  bugprone-unused-raii,
+  bugprone-unused-return-value,
+  bugprone-unused-local-non-trivial-variable,
   bugprone-virtual-near-miss,
+  cppcoreguidelines-init-variables,
+  cppcoreguidelines-misleading-capture-default-by-value,
   cppcoreguidelines-no-suspend-with-lock,
+  cppcoreguidelines-pro-type-member-init,
+  cppcoreguidelines-pro-type-static-cast-downcast,
+  cppcoreguidelines-rvalue-reference-param-not-moved,
+  cppcoreguidelines-use-default-member-init,
   cppcoreguidelines-virtual-class-destructor,
   hicpp-ignored-remove-result,
   misc-definitions-in-headers,
@@ -71,72 +92,49 @@ Checks: "-*,
   misc-throw-by-value-catch-by-reference,
   misc-unused-alias-decls,
   misc-unused-using-decls,
-  readability-duplicate-include,
-  readability-enum-initial-value,
-  readability-misleading-indentation,
-  readability-non-const-parameter,
-  readability-redundant-declaration,
-  readability-reference-to-constructed-temporary,
   modernize-deprecated-headers,
   modernize-make-shared,
   modernize-make-unique,
   performance-implicit-conversion-in-loop,
   performance-move-constructor-init,
-  performance-trivially-destructible
+  performance-trivially-destructible,
+  readability-avoid-nested-conditional-operator,
+  readability-avoid-return-with-void-value,
+  readability-braces-around-statements,
+  readability-const-return-type,
+  readability-container-contains,
+  readability-container-size-empty,
+  readability-convert-member-functions-to-static,
+  readability-duplicate-include,
+  readability-else-after-return,
+  readability-enum-initial-value,
+  readability-implicit-bool-conversion,
+  readability-make-member-function-const,
+  readability-math-missing-parentheses,
+  readability-misleading-indentation,
+  readability-non-const-parameter,
+  readability-redundant-casting,
+  readability-redundant-declaration,
+  readability-redundant-inline-specifier,
+  readability-redundant-member-init,
+  readability-redundant-string-init,
+  readability-reference-to-constructed-temporary,
+  readability-simplify-boolean-expr,
+  readability-static-definition-in-anonymous-namespace,
+  readability-suspicious-call-argument,
+  readability-use-std-min-max
   "
 # ---
-# more checks that have some issues that need to be resolved:
-#
-# bugprone-crtp-constructor-accessibility,
-# bugprone-inc-dec-in-conditions,
-# bugprone-reserved-identifier,
-# bugprone-move-forwarding-reference,
-# bugprone-unused-local-non-trivial-variable,
-# bugprone-switch-missing-default-case,
-# bugprone-suspicious-stringview-data-usage,
-# bugprone-suspicious-missing-comma,
-# bugprone-pointer-arithmetic-on-polymorphic-object,
-# bugprone-optional-value-conversion,
-# bugprone-too-small-loop-variable,
-# bugprone-unused-return-value,
-# bugprone-use-after-move,
-# bugprone-unhandled-self-assignment,
-# bugprone-unused-raii,
-#
-# cppcoreguidelines-misleading-capture-default-by-value,
-# cppcoreguidelines-init-variables,
-# cppcoreguidelines-pro-type-member-init,
-# cppcoreguidelines-pro-type-static-cast-downcast,
-# cppcoreguidelines-use-default-member-init,
-# cppcoreguidelines-rvalue-reference-param-not-moved,
+# checks that have some issues that need to be resolved:
 #
 # llvm-namespace-comment,
 # misc-const-correctness,
 # misc-include-cleaner,
 # misc-redundant-expression,
 #
-# readability-avoid-nested-conditional-operator,
-# readability-avoid-return-with-void-value,
-# readability-braces-around-statements,
-# readability-container-contains,
-# readability-container-size-empty,
-# readability-convert-member-functions-to-static,
-# readability-const-return-type,
-# readability-else-after-return,
-# readability-implicit-bool-conversion,
-# readability-inconsistent-declaration-parameter-name,
+# readability-inconsistent-declaration-parameter-name, # in this codebase this check will break a lot of arg names
+# readability-static-accessed-through-instance,        # this check is probably unnecessary. it makes the code less readable
 # readability-identifier-naming,
-# readability-make-member-function-const,
-# readability-math-missing-parentheses,
-# readability-redundant-inline-specifier,
-# readability-redundant-member-init,
-# readability-redundant-casting,
-# readability-redundant-string-init,
-# readability-simplify-boolean-expr,
-# readability-static-definition-in-anonymous-namespace,
-# readability-suspicious-call-argument,
-# readability-use-std-min-max,
-# readability-static-accessed-through-instance,
 #
 # modernize-concat-nested-namespaces,
 # modernize-pass-by-value,
@@ -159,7 +157,7 @@ Checks: "-*,
 # ---
 #
 CheckOptions:
-  #   readability-braces-around-statements.ShortStatementLines: 2
+  readability-braces-around-statements.ShortStatementLines: 2
   #   readability-identifier-naming.MacroDefinitionCase: UPPER_CASE
   #   readability-identifier-naming.ClassCase: CamelCase
   #   readability-identifier-naming.StructCase: CamelCase
@@ -194,7 +192,7 @@ CheckOptions:
   #   readability-identifier-naming.PublicMemberSuffix: ""
   #   readability-identifier-naming.FunctionIgnoredRegexp: ".*tag_invoke.*"
   bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
-#   bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
+  bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
 #   misc-include-cleaner.IgnoreHeaders: '.*/(detail|impl)/.*;.*(expected|unexpected).*;.*ranges_lower_bound\.h;time.h;stdlib.h;__chrono/.*;fmt/chrono.h;boost/uuid/uuid_hash.hpp'
 #
 # HeaderFilterRegex: '^.*/(src|tests)/.*\.(h|hpp)$'

.gersemi/definitions.cmake

@@ -51,6 +51,9 @@ endfunction()
 function(add_module parent name)
 endfunction()
 
+function(setup_protocol_autogen)
+endfunction()
+
 function(target_link_modules parent scope)
 endfunction()
 

.git-blame-ignore-revs

@@ -1,16 +1,79 @@
 # This feature requires Git >= 2.24
 # To use it by default in git blame:
 # git config blame.ignoreRevsFile .git-blame-ignore-revs
-50760c693510894ca368e90369b0cc2dabfd07f3
-e2384885f5f630c8f0ffe4bf21a169b433a16858
-241b9ddde9e11beb7480600fd5ed90e1ef109b21
-760f16f56835663d9286bd29294d074de26a7ba6
-0eebe6a5f4246fced516d52b83ec4e7f47373edd
-2189cc950c0cebb89e4e2fa3b2d8817205bf7cef
-b9d007813378ad0ff45660dc07285b823c7e9855
-fe9a5365b8a52d4acc42eb27369247e6f238a4f9
-9a93577314e6a8d4b4a8368cc9d2b15a5d8303e8
-552377c76f55b403a1c876df873a23d780fcc81c
-97f0747e103f13e26e45b731731059b32f7679ac
-b13370ac0d207217354f1fc1c29aef87769fb8a1
+
+# This file is sorted in reverse chronological order, with the most recent commits at the top.
+# The commits listed here are ignored by git blame, which is useful for formatting-only commits that would otherwise obscure the history of changes to a file.
+
+# refactor: Enable remaining clang-tidy `cppcoreguidelines` checks (#6538)
+72f4cb097f626b08b02fc3efcb4aa11cb2e7adb8
+# refactor: Rename system name from 'ripple' to 'xrpld' (#6347)
+ffea3977f0b771fe8e43a8f74e4d393d63a7afd8
+# refactor: Update transaction folder structure (#6483)
+5865bd017f777491b4a956f9210be0c4161f5442
+# chore: Use gersemi instead of ancient cmake-format (#6486)
+0c74270b055133a57a497b5c9fc5a75f7647b1f4
+# chore: Apply clang-format width 100 (#6387)
+2c1fad102353e11293e3edde1c043224e7d3e983
+# chore: Set clang-format width to 100 in config file (#6387)
+25cca465538a56cce501477f9e5e2c1c7ea2d84c
+# chore: Set cmake-format width to 100 (#6386)
+469ce9f291a4480c38d4ee3baca5136b2f053cd0
+# refactor: Modularize app/tx (#6228)
+0976b2b68b64972af8e6e7c497900b5bce9fe22f
+# chore: Update clang-format to 21.1.8 (#6352)
+958d8f375453d80bb1aa4c293b5102c045a3e4b4
+# refactor: Replace include guards by '#pragma once' (#6322)
+34ef577604782ca8d6e1c17df8bd7470990a52ff
+# chore: Format all cmake files without comments (#6294)
+fe9c8d568fcf6ac21483024e01f58962dd5c8260
+# chore: Add cmake-format pre-commit hook (#6279)
+a0e09187b9370805d027c611a7e9ff5a0125282a
+# chore: Set ColumnLimit to 120 in clang-format (#6288)
+5f638f55536def0d88b970d1018a465a238e55f4
+# refactor: Fix typos in comments, configure cspell (#6164)
+3c9f5b62525cb1d6ca1153eeb10433db7d7379fd
+# refactor: Rename `rippled.cfg` to `xrpld.cfg` (#6098)
+3d1b3a49b3601a0a7037fa0b19d5df7b5e0e2fc1
+# refactor: Rename `ripple` namespace to `xrpl` (#5982)
+1eb0fdac6543706b4b9ddca57fd4102928a1f871
+# refactor: Rename `rippled` binary to `xrpld` (#5983)
+9eb84a561ef8bb066d89f098bd9b4ac71baed67c
+# refactor: Replaces secp256k1 source by Conan package (#6089)
+813bc4d9491b078bb950f8255f93b02f71320478
+# refactor: Remove unnecessary copyright notices already covered by LICENSE.md (#5929)
+1d42c4f6de6bf01d1286fc7459b17a37a5189e88
+# refactor: Rename `RIPPLE_` and `RIPPLED_` definitions to `XRPL_` (#5821)
+ada83564d894829424b0f4d922b0e737e07abbf7
+# refactor: Modularize shamap and nodestore (#5668)
+8eb233c2ea8ad5a159be73b77f0f5e1496d547ac
+# refactor: Modularise ledger (#5493)
+dc8b37a52448b005153c13a7f046ad494128cf94
+# chore: Update clang-format and prettier with pre-commit (#5709)
+c14ce956adeabe476ad73c18d73103f347c9c613
+# chore: Fix file formatting (#5718)
 896b8c3b54a22b0497cb0d1ce95e1095f9a227ce
+# chore: Reverts formatting changes to external files, adds formatting changes to proto files (#5711)
+b13370ac0d207217354f1fc1c29aef87769fb8a1
+# chore: Run prettier on all files (#5657)
+97f0747e103f13e26e45b731731059b32f7679ac
+# Reformat code with clang-format-18
+552377c76f55b403a1c876df873a23d780fcc81c
+# Recompute loops (#4997)
+d028005aa6319338b0adae1aebf8abe113162960
+# Rewrite includes (#4997)
+1d23148e6dd53957fcb6205c07a5c6cd7b64d50c
+# Rearrange sources (#4997)
+e416ee72ca26fa0c09d2aee1b68bdfb2b7046eed
+# Move CMake directory (#4997)
+2e902dee53aab2a8f27f32971047bb81e022f94f
+# Rewrite includes
+0eebe6a5f4246fced516d52b83ec4e7f47373edd
+# Format formerly .hpp files
+760f16f56835663d9286bd29294d074de26a7ba6
+# Rename .hpp to .h
+241b9ddde9e11beb7480600fd5ed90e1ef109b21
+# Consolidate external libraries
+e2384885f5f630c8f0ffe4bf21a169b433a16858
+# Format first-party source according to .clang-format
+50760c693510894ca368e90369b0cc2dabfd07f3

.github/actions/generate-version/action.yml

@@ -11,7 +11,7 @@ runs:
   steps:
     # When a tag is pushed, the version is used as-is.
     - name: Generate version for tag event
-      if: ${{ github.event_name == 'tag' }}
+      if: ${{ startsWith(github.ref, 'refs/tags/') }}
       shell: bash
       env:
         VERSION: ${{ github.ref_name }}
@@ -22,7 +22,7 @@ runs:
     # We use a plus sign instead of a hyphen because Conan recipe versions do
     # not support two hyphens.
     - name: Generate version for non-tag event
-      if: ${{ github.event_name != 'tag' }}
+      if: ${{ !startsWith(github.ref, 'refs/tags/') }}
       shell: bash
       run: |
         echo 'Extracting version from BuildInfo.cpp.'

.github/pull_request_template.md

@@ -29,22 +29,6 @@ If a refactor, how is this better than the previous implementation?
 If there is a spec or design document for this feature, please link it here.
 -->
 
-### Type of Change
-
-<!--
-Please check [x] relevant options, delete irrelevant ones.
--->
-
-- [ ] Bug fix (non-breaking change which fixes an issue)
-- [ ] New feature (non-breaking change which adds functionality)
-- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
-- [ ] Refactor (non-breaking change that only restructures code)
-- [ ] Performance (increase or change in throughput and/or latency)
-- [ ] Tests (you added tests for code that already exists, or your new feature included in this PR)
-- [ ] Documentation update
-- [ ] Chore (no impact to binary, e.g. `.gitignore`, formatting, dropping support for older tooling)
-- [ ] Release
-
 ### API Impact
 
 <!--

.github/scripts/levelization/README.md

@@ -70,7 +70,7 @@ that `test` code should _never_ be included in `xrpl` or `xrpld` code.)
 
 ## Validation
 
-The [levelization](generate.sh) script takes no parameters,
+The [levelization](generate.py) script takes no parameters,
 reads no environment variables, and can be run from any directory,
 as long as it is in the expected location in the rippled repo.
 It can be run at any time from within a checked out repo, and will
@@ -104,7 +104,7 @@ It generates many files of [results](results):
   Github Actions workflow to test that levelization loops haven't
   changed. Unfortunately, if changes are detected, it can't tell if
   they are improvements or not, so if you have resolved any issues or
-  done anything else to improve levelization, run `levelization.sh`,
+  done anything else to improve levelization, run `generate.py`,
   and commit the updated results.
 
 The `loops.txt` and `ordering.txt` files relate the modules
@@ -128,7 +128,7 @@ The committed files hide the detailed values intentionally, to
 prevent false alarms and merging issues, and because it's easy to
 get those details locally.
 
-1. Run `levelization.sh`
+1. Run `generate.py`
 2. Grep the modules in `paths.txt`.
    - For example, if a cycle is found `A ~= B`, simply `grep -w
 A .github/scripts/levelization/results/paths.txt | grep -w B`

.github/scripts/levelization/generate.py

@@ -0,0 +1,335 @@
+#!/usr/bin/env python3
+
+"""
+Usage: generate.py
+This script takes no parameters, and can be called from any directory in the file system.
+"""
+
+import os
+import re
+import subprocess
+import sys
+from collections import defaultdict
+from pathlib import Path
+from typing import Dict, List, Tuple, Set, Optional
+
+# Compile regex patterns once at module level
+INCLUDE_PATTERN = re.compile(r"^\s*#include.*/.*\.h")
+INCLUDE_PATH_PATTERN = re.compile(r'[<"]([^>"]+)[>"]')
+
+
+def dictionary_sort_key(s: str) -> str:
+    """
+    Create a sort key that mimics 'sort -d' (dictionary order).
+    Dictionary order only considers blanks and alphanumeric characters.
+    This means punctuation like '.' is ignored during sorting.
+    """
+    # Keep only alphanumeric characters and spaces
+    return "".join(c for c in s if c.isalnum() or c.isspace())
+
+
+def get_level(file_path: str) -> str:
+    """
+    Extract the level from a file path (second and third directory components).
+    Equivalent to bash: cut -d/ -f 2,3
+
+    Examples:
+        src/xrpld/app/main.cpp -> xrpld.app
+        src/libxrpl/protocol/STObject.cpp -> libxrpl.protocol
+        include/xrpl/basics/base_uint.h -> xrpl.basics
+    """
+    parts = file_path.split("/")
+
+    # Get fields 2 and 3 (indices 1 and 2 in 0-based indexing)
+    if len(parts) >= 3:
+        level = f"{parts[1]}/{parts[2]}"
+    elif len(parts) >= 2:
+        level = f"{parts[1]}/toplevel"
+    else:
+        level = file_path
+
+    # If the "level" indicates a file, cut off the filename
+    if "." in level.split("/")[-1]:  # Avoid Path object creation
+        # Use the "toplevel" label as a workaround for `sort`
+        # inconsistencies between different utility versions
+        level = level.rsplit("/", 1)[0] + "/toplevel"
+
+    return level.replace("/", ".")
+
+
+def extract_include_level(include_line: str) -> Optional[str]:
+    """
+    Extract the include path from an #include directive.
+    Gets the first two directory components from the include path.
+    Equivalent to bash: cut -d/ -f 1,2
+
+    Examples:
+        #include <xrpl/basics/base_uint.h> -> xrpl.basics
+        #include "xrpld/app/main/Application.h" -> xrpld.app
+    """
+    # Remove everything before the quote or angle bracket
+    match = INCLUDE_PATH_PATTERN.search(include_line)
+    if not match:
+        return None
+
+    include_path = match.group(1)
+    parts = include_path.split("/")
+
+    # Get first two fields (indices 0 and 1)
+    if len(parts) >= 2:
+        include_level = f"{parts[0]}/{parts[1]}"
+    else:
+        include_level = include_path
+
+    # If the "includelevel" indicates a file, cut off the filename
+    if "." in include_level.split("/")[-1]:  # Avoid Path object creation
+        include_level = include_level.rsplit("/", 1)[0] + "/toplevel"
+
+    return include_level.replace("/", ".")
+
+
+def find_repository_directories(
+    start_path: Path, depth_limit: int = 10
+) -> Tuple[Path, List[Path]]:
+    """
+    Find the repository root by looking for src or include folders.
+    Walks up the directory tree from the start path.
+    """
+    current = start_path.resolve()
+
+    # Walk up the directory tree
+    for _ in range(depth_limit):  # Limit search depth to prevent infinite loops
+        src_path = current / "src"
+        include_path = current / "include"
+        # Check if this directory has src or include folders
+        has_src = src_path.exists()
+        has_include = include_path.exists()
+
+        if has_src or has_include:
+            return current, [src_path, include_path]
+
+        # Move up one level
+        parent = current.parent
+        if parent == current:  # Reached filesystem root
+            break
+        current = parent
+
+    # If we couldn't find it, raise an error
+    raise RuntimeError(
+        "Could not find repository root. "
+        "Expected to find a directory containing 'src' and/or 'include' folders."
+    )
+
+
+def main():
+    # Change to the script's directory
+    script_dir = Path(__file__).parent.resolve()
+    os.chdir(script_dir)
+
+    # Clean up and create results directory.
+    results_dir = script_dir / "results"
+    if results_dir.exists():
+        import shutil
+
+        shutil.rmtree(results_dir)
+    results_dir.mkdir()
+
+    # Find the repository root by searching for src and include directories.
+    try:
+        repo_root, scan_dirs = find_repository_directories(script_dir)
+
+        print(f"Found repository root: {repo_root}")
+        print(f"Scanning directories:")
+        for scan_dir in scan_dirs:
+            print(f"  - {scan_dir.relative_to(repo_root)}")
+    except RuntimeError as e:
+        print(f"Error: {e}", file=sys.stderr)
+        sys.exit(1)
+
+    print("\nScanning for raw includes...")
+    # Find all #include directives
+    raw_includes: List[Tuple[str, str]] = []
+    rawincludes_file = results_dir / "rawincludes.txt"
+
+    # Write to file as we go to avoid storing everything in memory.
+    with open(rawincludes_file, "w", buffering=8192) as raw_f:
+        for dir_path in scan_dirs:
+            print(f"  Scanning {dir_path.relative_to(repo_root)}...")
+
+            for file_path in dir_path.rglob("*"):
+                if not file_path.is_file():
+                    continue
+
+                try:
+                    rel_path_str = str(file_path.relative_to(repo_root))
+
+                    # Read file with a large buffer for performance.
+                    with open(
+                        file_path,
+                        "r",
+                        encoding="utf-8",
+                        errors="ignore",
+                        buffering=8192,
+                    ) as f:
+                        for line in f:
+                            # Quick check before regex
+                            if "#include" not in line or "boost" in line:
+                                continue
+
+                            if INCLUDE_PATTERN.match(line):
+                                line_stripped = line.strip()
+                                entry = f"{rel_path_str}:{line_stripped}\n"
+                                print(entry, end="")
+                                raw_f.write(entry)
+                                raw_includes.append((rel_path_str, line_stripped))
+                except Exception as e:
+                    print(f"Error reading {file_path}: {e}", file=sys.stderr)
+
+    # Build levelization paths and count directly (no need to sort first).
+    print("Build levelization paths")
+    path_counts: Dict[Tuple[str, str], int] = defaultdict(int)
+
+    for file_path, include_line in raw_includes:
+        include_level = extract_include_level(include_line)
+        if not include_level:
+            continue
+
+        level = get_level(file_path)
+        if level != include_level:
+            path_counts[(level, include_level)] += 1
+
+    # Sort and deduplicate paths (using dictionary order like bash 'sort -d').
+    print("Sort and deduplicate paths")
+
+    paths_file = results_dir / "paths.txt"
+    with open(paths_file, "w") as f:
+        # Sort using dictionary order: only alphanumeric and spaces matter
+        sorted_items = sorted(
+            path_counts.items(),
+            key=lambda x: (dictionary_sort_key(x[0][0]), dictionary_sort_key(x[0][1])),
+        )
+        for (level, include_level), count in sorted_items:
+            line = f"{count:7} {level} {include_level}\n"
+            print(line.rstrip())
+            f.write(line)
+
+    # Split into flat-file database
+    print("Split into flat-file database")
+    includes_dir = results_dir / "includes"
+    included_by_dir = results_dir / "included_by"
+    includes_dir.mkdir()
+    included_by_dir.mkdir()
+
+    # Batch writes by grouping data first to avoid repeated file opens.
+    includes_data: Dict[str, List[Tuple[str, int]]] = defaultdict(list)
+    included_by_data: Dict[str, List[Tuple[str, int]]] = defaultdict(list)
+
+    # Process in sorted order to match bash script behaviour (dictionary order).
+    sorted_items = sorted(
+        path_counts.items(),
+        key=lambda x: (dictionary_sort_key(x[0][0]), dictionary_sort_key(x[0][1])),
+    )
+    for (level, include_level), count in sorted_items:
+        includes_data[level].append((include_level, count))
+        included_by_data[include_level].append((level, count))
+
+    # Write all includes files in sorted order (dictionary order).
+    for level in sorted(includes_data.keys(), key=dictionary_sort_key):
+        entries = includes_data[level]
+        with open(includes_dir / level, "w") as f:
+            for include_level, count in entries:
+                line = f"{include_level} {count}\n"
+                print(line.rstrip())
+                f.write(line)
+
+    # Write all included_by files in sorted order (dictionary order).
+    for include_level in sorted(included_by_data.keys(), key=dictionary_sort_key):
+        entries = included_by_data[include_level]
+        with open(included_by_dir / include_level, "w") as f:
+            for level, count in entries:
+                line = f"{level} {count}\n"
+                print(line.rstrip())
+                f.write(line)
+
+    # Search for loops
+    print("Search for loops")
+    loops_file = results_dir / "loops.txt"
+    ordering_file = results_dir / "ordering.txt"
+
+    loops_found: Set[Tuple[str, str]] = set()
+
+    # Pre-load all include files into memory to avoid repeated I/O.
+    # This is the biggest optimisation - we were reading files repeatedly in nested loops.
+    # Use list of tuples to preserve file order.
+    includes_cache: Dict[str, List[Tuple[str, int]]] = {}
+    includes_lookup: Dict[str, Dict[str, int]] = {}  # For fast lookup
+
+    # Note: bash script uses 'for source in *' which uses standard glob sorting,
+    # NOT dictionary order. So we use standard sorted() here, not dictionary_sort_key.
+    for include_file in sorted(includes_dir.iterdir(), key=lambda p: p.name):
+        if not include_file.is_file():
+            continue
+
+        includes_cache[include_file.name] = []
+        includes_lookup[include_file.name] = {}
+        with open(include_file, "r") as f:
+            for line in f:
+                parts = line.strip().split()
+                if len(parts) >= 2:
+                    include_name = parts[0]
+                    include_count = int(parts[1])
+                    includes_cache[include_file.name].append(
+                        (include_name, include_count)
+                    )
+                    includes_lookup[include_file.name][include_name] = include_count
+
+    with open(loops_file, "w", buffering=8192) as loops_f, open(
+        ordering_file, "w", buffering=8192
+    ) as ordering_f:
+
+        # Use standard sorting to match bash glob expansion 'for source in *'.
+        for source in sorted(includes_cache.keys()):
+            source_includes = includes_cache[source]
+
+            for include, include_freq in source_includes:
+                # Check if include file exists and references source
+                if include not in includes_lookup:
+                    continue
+
+                source_freq = includes_lookup[include].get(source)
+
+                if source_freq is not None:
+                    # Found a loop
+                    loop_key = tuple(sorted([source, include]))
+                    if loop_key in loops_found:
+                        continue
+                    loops_found.add(loop_key)
+
+                    loops_f.write(f"Loop: {source} {include}\n")
+
+                    # If the counts are close, indicate that the two modules are
+                    # on the same level, though they shouldn't be.
+                    diff = include_freq - source_freq
+                    if diff > 3:
+                        loops_f.write(f"  {source} > {include}\n\n")
+                    elif diff < -3:
+                        loops_f.write(f"  {include} > {source}\n\n")
+                    elif source_freq == include_freq:
+                        loops_f.write(f"  {include} == {source}\n\n")
+                    else:
+                        loops_f.write(f"  {include} ~= {source}\n\n")
+                else:
+                    ordering_f.write(f"{source} > {include}\n")
+
+    # Print results
+    print("\nOrdering:")
+    with open(ordering_file, "r") as f:
+        print(f.read(), end="")
+
+    print("\nLoops:")
+    with open(loops_file, "r") as f:
+        print(f.read(), end="")
+
+
+if __name__ == "__main__":
+    main()

.github/scripts/levelization/generate.sh

@@ -1,130 +0,0 @@
-#!/bin/bash
-
-# Usage: generate.sh
-# This script takes no parameters, reads no environment variables,
-# and can be run from any directory, as long as it is in the expected
-# location in the repo.
-
-pushd $( dirname $0 )
-
-if [ -v PS1 ]
-then
-  # if the shell is interactive, clean up any flotsam before analyzing
-  git clean -ix
-fi
-
-# Ensure all sorting is ASCII-order consistently across platforms.
-export LANG=C
-
-rm -rfv results
-mkdir results
-includes="$( pwd )/results/rawincludes.txt"
-pushd ../../..
-echo Raw includes:
-grep -r '^[ ]*#include.*/.*\.h' include src | \
-    grep -v boost | tee ${includes}
-popd
-pushd results
-
-oldifs=${IFS}
-IFS=:
-mkdir includes
-mkdir included_by
-echo Build levelization paths
-exec 3< ${includes} # open rawincludes.txt for input
-while read -r -u 3 file include
-do
-    level=$( echo ${file} | cut -d/ -f 2,3 )
-    # If the "level" indicates a file, cut off the filename
-    if [[ "${level##*.}" != "${level}" ]]
-    then
-        # Use the "toplevel" label as a workaround for `sort`
-        # inconsistencies between different utility versions
-        level="$( dirname ${level} )/toplevel"
-    fi
-    level=$( echo ${level} | tr '/' '.' )
-
-    includelevel=$( echo ${include} | sed 's/.*["<]//; s/[">].*//' | \
-        cut -d/ -f 1,2 )
-    if [[ "${includelevel##*.}" != "${includelevel}" ]]
-    then
-        # Use the "toplevel" label as a workaround for `sort`
-        # inconsistencies between different utility versions
-        includelevel="$( dirname ${includelevel} )/toplevel"
-    fi
-    includelevel=$( echo ${includelevel} | tr '/' '.' )
-
-    if [[ "$level" != "$includelevel" ]]
-    then
-        echo $level $includelevel | tee -a paths.txt
-    fi
-done
-echo Sort and deduplicate paths
-sort -ds paths.txt | uniq -c | tee sortedpaths.txt
-mv sortedpaths.txt paths.txt
-exec 3>&- #close fd 3
-IFS=${oldifs}
-unset oldifs
-
-echo Split into flat-file database
-exec 4<paths.txt # open paths.txt for input
-while read -r -u 4 count level include
-do
-    echo ${include} ${count} | tee -a includes/${level}
-    echo ${level} ${count} | tee -a included_by/${include}
-done
-exec 4>&- #close fd 4
-
-loops="$( pwd )/loops.txt"
-ordering="$( pwd )/ordering.txt"
-pushd includes
-echo Search for loops
-# Redirect stdout to a file
-exec 4>&1
-exec 1>"${loops}"
-for source in *
-do
-  if [[ -f "$source" ]]
-  then
-    exec 5<"${source}" # open for input
-    while read -r -u 5 include includefreq
-    do
-      if [[ -f $include ]]
-      then
-        if grep -q -w $source $include
-        then
-          if grep -q -w "Loop: $include $source" "${loops}"
-          then
-            continue
-          fi
-          sourcefreq=$( grep -w $source $include | cut -d\  -f2 )
-          echo "Loop: $source $include"
-          # If the counts are close, indicate that the two modules are
-          # on the same level, though they shouldn't be
-          if [[ $(( $includefreq - $sourcefreq )) -gt 3 ]]
-          then
-              echo -e "  $source > $include\n"
-          elif [[ $(( $sourcefreq - $includefreq )) -gt 3 ]]
-          then
-              echo -e "  $include > $source\n"
-          elif [[ $sourcefreq -eq $includefreq ]]
-          then
-              echo -e "  $include == $source\n"
-          else
-              echo -e "  $include ~= $source\n"
-          fi
-        else
-          echo "$source > $include" >> "${ordering}"
-        fi
-      fi
-    done
-    exec 5>&- #close fd 5
-  fi
-done
-exec 1>&4 #close fd 1
-exec 4>&- #close fd 4
-cat "${ordering}"
-cat "${loops}"
-popd
-popd
-popd

.github/scripts/levelization/results/ordering.txt

@@ -19,6 +19,7 @@ libxrpl.nodestore > xrpl.protocol
 libxrpl.protocol > xrpl.basics
 libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
+libxrpl.protocol_autogen > xrpl.protocol_autogen
 libxrpl.rdb > xrpl.basics
 libxrpl.rdb > xrpl.rdb
 libxrpl.resource > xrpl.basics
@@ -134,6 +135,7 @@ test.peerfinder > xrpld.core
 test.peerfinder > xrpld.peerfinder
 test.peerfinder > xrpl.protocol
 test.protocol > test.toplevel
+test.protocol > test.unit_test
 test.protocol > xrpl.basics
 test.protocol > xrpl.json
 test.protocol > xrpl.protocol
@@ -171,9 +173,12 @@ test.shamap > xrpl.shamap
 test.toplevel > test.csf
 test.toplevel > xrpl.json
 test.unit_test > xrpl.basics
+test.unit_test > xrpl.protocol
 tests.libxrpl > xrpl.basics
 tests.libxrpl > xrpl.json
 tests.libxrpl > xrpl.net
+tests.libxrpl > xrpl.protocol
+tests.libxrpl > xrpl.protocol_autogen
 xrpl.conditions > xrpl.basics
 xrpl.conditions > xrpl.protocol
 xrpl.core > xrpl.basics
@@ -190,6 +195,8 @@ xrpl.nodestore > xrpl.basics
 xrpl.nodestore > xrpl.protocol
 xrpl.protocol > xrpl.basics
 xrpl.protocol > xrpl.json
+xrpl.protocol_autogen > xrpl.json
+xrpl.protocol_autogen > xrpl.protocol
 xrpl.rdb > xrpl.basics
 xrpl.rdb > xrpl.core
 xrpl.rdb > xrpl.protocol

.github/scripts/strategy-matrix/generate.py

@@ -55,7 +55,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
             #   fee to 500.
             # - Bookworm using GCC 15: Debug on linux/amd64, enable code
             #   coverage (which will be done below).
-            # - Bookworm using Clang 16: Debug on linux/arm64, enable voidstar.
+            # - Bookworm using Clang 16: Debug on linux/amd64, enable voidstar.
             # - Bookworm using Clang 17: Release on linux/amd64, set the
             #   reference fee to 1000.
             # - Bookworm using Clang 20: Debug on linux/amd64.
@@ -78,7 +78,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                     if (
                         f"{os['compiler_name']}-{os['compiler_version']}" == "clang-16"
                         and build_type == "Debug"
-                        and architecture["platform"] == "linux/arm64"
+                        and architecture["platform"] == "linux/amd64"
                     ):
                         cmake_args = f"-Dvoidstar=ON {cmake_args}"
                         skip = False

.github/workflows/check-pr-commits.yml

@@ -0,0 +1,13 @@
+name: Check PR commits
+
+on:
+  pull_request:
+
+# The action needs to have write permissions to post comments on the PR.
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  check_commits:
+    uses: XRPLF/actions/.github/workflows/check-pr-commits.yml@481048b78b94ac3343d1292b4ef125a813879f2b

.github/workflows/check-pr-title.yml

@@ -0,0 +1,14 @@
+name: Check PR title
+
+on:
+  merge_group:
+    types:
+      - checks_requested
+  pull_request:
+    types: [opened, edited, reopened, synchronize, ready_for_review]
+    branches: [develop]
+
+jobs:
+  check_title:
+    if: ${{ github.event.pull_request.draft != true }}
+    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@e2c7f400d1e85ae65dad552fd425169fbacca4a3

.github/workflows/on-pr.yml

@@ -46,7 +46,7 @@ jobs:
         # that Github considers any skipped jobs to have passed, and in
         # turn the required checks as well.
         id: changes
-        uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
+        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
         with:
           files: |
             # These paths are unique to `on-pr.yml`.
@@ -141,9 +141,8 @@ jobs:
     needs:
       - should-run
       - build-test
-    # Only run when committing to a PR that targets a release branch in the
-    # XRPLF repository.
-    if: ${{ github.repository_owner == 'XRPLF' && needs.should-run.outputs.go == 'true' && startsWith(github.ref, 'refs/heads/release') }}
+    # Only run when committing to a PR that targets a release branch.
+    if: ${{ github.repository == 'XRPLF/rippled' && needs.should-run.outputs.go == 'true' && github.event_name == 'pull_request' && startsWith(github.event.pull_request.base.ref, 'release') }}
     uses: ./.github/workflows/reusable-upload-recipe.yml
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}

.github/workflows/on-tag.yml

@@ -5,7 +5,7 @@ name: Tag
 on:
   push:
     tags:
-      - "v*"
+      - "[0-9]+.[0-9]+.[0-9]*"
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -17,8 +17,7 @@ defaults:
 
 jobs:
   upload-recipe:
-    # Only run when a tag is pushed to the XRPLF repository.
-    if: ${{ github.repository_owner == 'XRPLF' }}
+    if: ${{ github.repository == 'XRPLF/rippled' }}
     uses: ./.github/workflows/reusable-upload-recipe.yml
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}

.github/workflows/on-trigger.yml

@@ -92,8 +92,8 @@ jobs:
 
   upload-recipe:
     needs: build-test
-    # Only run when pushing to the develop branch in the XRPLF repository.
-    if: ${{ github.repository_owner == 'XRPLF' && github.event_name == 'push' && github.ref == 'refs/heads/develop' }}
+    # Only run when pushing to the develop branch.
+    if: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' && github.ref == 'refs/heads/develop' }}
     uses: ./.github/workflows/reusable-upload-recipe.yml
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}

.github/workflows/pre-commit.yml

@@ -1,6 +1,9 @@
 name: Run pre-commit hooks
 
 on:
+  merge_group:
+    types:
+      - checks_requested
   pull_request:
   push:
     branches:
@@ -11,7 +14,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@56de1bdf19639e009639a50b8d17c28ca954f267
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@e7896f15cc60d0da1a272c77ee5c4026b424f9c7
     with:
       runs_on: ubuntu-latest
       container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-41ec7c1" }'

.github/workflows/publish-docs.yml

@@ -48,7 +48,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: false
 

.github/workflows/reusable-build-test-config.yml

@@ -76,7 +76,7 @@ jobs:
     name: ${{ inputs.config_name }}
     runs-on: ${{ fromJSON(inputs.runs_on) }}
     container: ${{ inputs.image != '' && inputs.image || null }}
-    timeout-minutes: 60
+    timeout-minutes: ${{ inputs.sanitizers != '' && 360 || 60 }}
     env:
       # Use a namespace to keep the objects separate for each configuration.
       CCACHE_NAMESPACE: ${{ inputs.config_name }}
@@ -107,7 +107,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: ${{ inputs.ccache_enabled }}
 
@@ -166,6 +166,29 @@ jobs:
             --parallel "${BUILD_NPROC}" \
             --target "${CMAKE_TARGET}"
 
+      - name: Check protocol autogen files are up-to-date
+        env:
+          MESSAGE: |
+
+            The generated protocol wrapper classes are out of date.
+
+            This typically happens when your branch is behind develop and
+            the macro files or generator scripts have changed.
+
+            To fix this:
+              1. Update your branch from develop (merge or rebase)
+              2. Build with code generation enabled (XRPL_NO_CODEGEN=OFF)
+              3. Commit and push the regenerated files
+        run: |
+          set -e
+          DIFF=$(git status --porcelain -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen)
+          if [ -n "${DIFF}" ]; then
+            echo "::error::Generated protocol files are out of date"
+            git diff -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen
+            echo "${MESSAGE}"
+            exit 1
+          fi
+
       - name: Show ccache statistics
         if: ${{ inputs.ccache_enabled }}
         run: |
@@ -176,7 +199,7 @@ jobs:
           fi
 
       - name: Upload the binary (Linux)
-        if: ${{ github.repository_owner == 'XRPLF' && runner.os == 'Linux' }}
+        if: ${{ github.repository == 'XRPLF/rippled' && runner.os == 'Linux' }}
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: xrpld-${{ inputs.config_name }}
@@ -204,11 +227,17 @@ jobs:
 
       - name: Set sanitizer options
         if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
+        env:
+          CONFIG_NAME: ${{ inputs.config_name }}
         run: |
-          echo "ASAN_OPTIONS=print_stacktrace=1:detect_container_overflow=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp" >> ${GITHUB_ENV}
-          echo "TSAN_OPTIONS=second_deadlock_stack=1:halt_on_error=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
-          echo "UBSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
-          echo "LSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
+          ASAN_OPTS="include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-asan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp"
+          if [[ "${CONFIG_NAME}" == *gcc* ]]; then
+            ASAN_OPTS="${ASAN_OPTS}:alloc_dealloc_mismatch=0"
+          fi
+          echo "ASAN_OPTIONS=${ASAN_OPTS}" >> ${GITHUB_ENV}
+          echo "TSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-tsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
+          echo "UBSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
+          echo "LSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-lsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
 
       - name: Run the separate tests
         if: ${{ !inputs.build_only }}
@@ -230,6 +259,8 @@ jobs:
           BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
         run: |
           set -o pipefail
+          # Coverage builds are slower due to instrumentation; use fewer parallel jobs to avoid flakiness
+          [ "$COVERAGE_ENABLED" = "true" ] && BUILD_NPROC=$(( BUILD_NPROC - 2 ))
           ./xrpld --unittest --unittest-jobs "${BUILD_NPROC}" 2>&1 | tee unittest.log
 
       - name: Show test failure summary
@@ -266,8 +297,8 @@ jobs:
             --target coverage
 
       - name: Upload coverage report
-        if: ${{ github.repository_owner == 'XRPLF' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
+        if: ${{ github.repository == 'XRPLF/rippled' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
+        uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5.5.3
         with:
           disable_search: true
           disable_telem: true

.github/workflows/reusable-check-levelization.yml

@@ -20,7 +20,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Check levelization
-        run: .github/scripts/levelization/generate.sh
+        run: python .github/scripts/levelization/generate.py
       - name: Check for differences
         env:
           MESSAGE: |
@@ -32,7 +32,7 @@ jobs:
             removed from loops.txt, it's probably an improvement, while if
             something was added, it's probably a regression.
 
-            Run '.github/scripts/levelization/generate.sh' in your repo, commit
+            Run '.github/scripts/levelization/generate.py' in your repo, commit
             and push the changes. See .github/scripts/levelization/README.md for
             more info.
         run: |

.github/workflows/reusable-clang-tidy-files.yml

@@ -35,7 +35,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: false
 

.github/workflows/reusable-clang-tidy.yml

@@ -31,7 +31,7 @@ jobs:
 
       - name: Get changed C++ files
         id: changed_files
-        uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
+        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
         with:
           files: |
             **/*.cpp
@@ -41,7 +41,7 @@ jobs:
 
       - name: Get changed clang-tidy configuration
         id: changed_clang_tidy
-        uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
+        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
         with:
           files: |
             .clang-tidy
@@ -51,5 +51,5 @@ jobs:
     if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.any_cpp_changed == 'true' || needs.determine-files.outputs.clang_tidy_config_changed == 'true') }}
     uses: ./.github/workflows/reusable-clang-tidy-files.yml
     with:
-      files: ${{ (needs.determine-files.outputs.clang_tidy_config_changed == 'true' && '') || (inputs.check_only_changed && needs.determine-files.outputs.all_changed_files || '') }}
+      files: ${{ (needs.determine-files.outputs.clang_tidy_config_changed != 'true' && inputs.check_only_changed) && needs.determine-files.outputs.all_changed_files || '' }}
       create_issue_on_failure: ${{ inputs.create_issue_on_failure }}

.github/workflows/reusable-upload-recipe.yml

@@ -69,24 +69,30 @@ jobs:
           conan export . --version=${{ steps.version.outputs.version }}
           conan upload --confirm --check --remote="${REMOTE_NAME}" xrpl/${{ steps.version.outputs.version }}
 
+      # When this workflow is triggered by a push event, it will always be when merging into the
+      # 'develop' branch, see on-trigger.yml.
       - name: Upload Conan recipe (develop)
-        if: ${{ github.ref == 'refs/heads/develop' }}
+        if: ${{ github.event_name == 'push' }}
         env:
           REMOTE_NAME: ${{ inputs.remote_name }}
         run: |
           conan export . --version=develop
           conan upload --confirm --check --remote="${REMOTE_NAME}" xrpl/develop
 
+      # When this workflow is triggered by a pull request event, it will always be when merging into
+      # one of the 'release' branches, see on-pr.yml.
       - name: Upload Conan recipe (rc)
-        if: ${{ startsWith(github.ref, 'refs/heads/release') }}
+        if: ${{ github.event_name == 'pull_request' }}
         env:
           REMOTE_NAME: ${{ inputs.remote_name }}
         run: |
           conan export . --version=rc
           conan upload --confirm --check --remote="${REMOTE_NAME}" xrpl/rc
 
+      # When this workflow is triggered by a push event, it will always be when tagging a final
+      # release, see on-tag.yml.
       - name: Upload Conan recipe (release)
-        if: ${{ github.event_name == 'tag' }}
+        if: ${{ startsWith(github.ref, 'refs/tags/') }}
         env:
           REMOTE_NAME: ${{ inputs.remote_name }}
         run: |

.github/workflows/upload-conan-deps.yml

@@ -70,7 +70,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: false
 
@@ -103,11 +103,11 @@ jobs:
           sanitizers: ${{ matrix.sanitizers }}
 
       - name: Log into Conan remote
-        if: ${{ github.repository_owner == 'XRPLF' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
+        if: ${{ github.repository == 'XRPLF/rippled' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
         run: conan remote login "${CONAN_REMOTE_NAME}" "${{ secrets.CONAN_REMOTE_USERNAME }}" --password "${{ secrets.CONAN_REMOTE_PASSWORD }}"
 
       - name: Upload Conan packages
-        if: ${{ github.repository_owner == 'XRPLF' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
+        if: ${{ github.repository == 'XRPLF/rippled' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
         env:
           FORCE_OPTION: ${{ github.event.inputs.force_upload == 'true' && '--force' || '' }}
         run: conan upload "*" --remote="${CONAN_REMOTE_NAME}" --confirm ${FORCE_OPTION}

.gitignore

@@ -75,6 +75,9 @@ DerivedData
 /.claude
 /CLAUDE.md
 
+# Python
+__pycache__
+
 # Direnv's directory
 /.direnv
 

.pre-commit-config.yaml

@@ -13,6 +13,8 @@ repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: 3e8a8703264a2f4a69428a0aa4dcb512790b2c8c # frozen: v6.0.0
     hooks:
+      - id: check-added-large-files
+        args: [--maxkb=400, --enforce-all]
       - id: trailing-whitespace
       - id: end-of-file-fixer
       - id: mixed-line-ending
@@ -25,6 +27,7 @@ repos:
       - id: clang-format
         args: [--style=file]
         "types_or": [c++, c, proto]
+        exclude: ^include/xrpl/protocol_autogen/(transactions|ledger_entries)/
 
   - repo: https://github.com/BlankSpruce/gersemi
     rev: 0.26.0
@@ -45,7 +48,7 @@ repos:
     rev: a42085ade523f591dca134379a595e7859986445 # frozen: v9.7.0
     hooks:
       - id: cspell # Spell check changed files
-        exclude: .config/cspell.config.yaml
+        exclude: (.config/cspell.config.yaml|^include/xrpl/protocol_autogen/(transactions|ledger_entries)/)
       - id: cspell # Spell check the commit message
         name: check commit message spelling
         args:
@@ -77,5 +80,6 @@ repos:
 exclude: |
   (?x)^(
       external/.*|
-      .github/scripts/levelization/results/.*\.txt
+      .github/scripts/levelization/results/.*\.txt|
+      src/tests/libxrpl/protocol_autogen/(transactions|ledger_entries)/.*
   )$

API-CHANGELOG.md

@@ -35,6 +35,10 @@ This section contains changes targeting a future version.
   - `LEDGER_ENTRY_FLAGS`: Maps ledger entry type names to their flags and flag values.
   - `ACCOUNT_SET_FLAGS`: Maps AccountSet flag names (asf flags) to their numeric values.
 
+### Bugfixes
+
+- Peer Crawler: The `port` field in `overlay.active[]` now consistently returns an integer instead of a string for outbound peers. [#6318](https://github.com/XRPLF/rippled/pull/6318)
+
 ## XRP Ledger server version 3.1.0
 
 [Version 3.1.0](https://github.com/XRPLF/rippled/releases/tag/3.1.0) was released on Jan 27, 2026.

BUILD.md

@@ -125,9 +125,9 @@ default profile.
 
 ### Patched recipes
 
-The recipes in Conan Center occasionally need to be patched for compatibility
-with the latest version of `xrpld`. We maintain a fork of the Conan Center
-[here](https://github.com/XRPLF/conan-center-index/) containing the patches.
+Occasionally, we need patched recipes or recipes not present in Conan Center.
+We maintain a fork of the Conan Center Index
+[here](https://github.com/XRPLF/conan-center-index/) containing the modified and newly added recipes.
 
 To ensure our patched recipes are used, you must add our Conan remote at a
 higher index than the default Conan Center remote, so it is consulted first. You
@@ -137,19 +137,11 @@ can do this by running:
 conan remote add --index 0 xrplf https://conan.ripplex.io
 ```
 
-Alternatively, you can pull the patched recipes into the repository and use them
-locally:
+Alternatively, you can pull our recipes from the repository and export them locally:
 
 ```bash
-# Extract the version number from the lockfile.
-function extract_version {
-  version=$(cat conan.lock | sed -nE "s@.+${1}/(.+)#.+@\1@p" | head -n1)
-  echo ${version}
-}
-
 # Define which recipes to export.
-recipes=('ed25519' 'grpc' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci')
-folders=('all'     'all'  'all'  '3.x.x'   'all'       'all'    'all')
+recipes=('abseil' 'ed25519' 'grpc' 'm4' 'mpt-crypto' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')
 
 # Selectively check out the recipes from our CCI fork.
 cd external
@@ -158,29 +150,19 @@ cd conan-center-index
 git init
 git remote add origin git@github.com:XRPLF/conan-center-index.git
 git sparse-checkout init
-for ((index = 1; index <= ${#recipes[@]}; index++)); do
-  recipe=${recipes[index]}
-  folder=${folders[index]}
-  echo "Checking out recipe '${recipe}' from folder '${folder}'..."
-  git sparse-checkout add recipes/${recipe}/${folder}
+for recipe in "${recipes[@]}"; do
+  echo "Checking out recipe '${recipe}'..."
+  git sparse-checkout add recipes/${recipe}
 done
 git fetch origin master
 git checkout master
-cd ../..
 
-# Export the recipes into the local cache.
-for ((index = 1; index <= ${#recipes[@]}; index++)); do
-  recipe=${recipes[index]}
-  folder=${folders[index]}
-  version=$(extract_version ${recipe})
-  echo "Exporting '${recipe}/${version}' from '${recipe}/${folder}'..."
-  conan export --version $(extract_version ${recipe}) \
-    external/conan-center-index/recipes/${recipe}/${folder}
-done
+./export_all.sh
+cd ../../
 ```
 
 In the case we switch to a newer version of a dependency that still requires a
-patch, it will be necessary for you to pull in the changes and re-export the
+patch or add a new dependency, it will be necessary for you to pull in the changes and re-export the
 updated dependencies with the newer version. However, if we switch to a newer
 version that no longer requires a patch, no action is required on your part, as
 the new recipe will be automatically pulled from the official Conan Center.
@@ -189,6 +171,8 @@ the new recipe will be automatically pulled from the official Conan Center.
 > You might need to add `--lockfile=""` to your `conan install` command
 > to avoid automatic use of the existing `conan.lock` file when you run
 > `conan export` manually on your machine
+>
+> This is not recommended though, as you might end up using different revisions of recipes.
 
 ### Conan profile tweaks
 
@@ -204,39 +188,14 @@ Possible values are ['5.0', '5.1', '6.0', '6.1', '7.0', '7.3', '8.0', '8.1',
 Read "http://docs.conan.io/2/knowledge/faq.html#error-invalid-setting"
 ```
 
-you need to amend the list of compiler versions in
-`$(conan config home)/settings.yml`, by appending the required version number(s)
+you need to add your compiler to the list of compiler versions in
+`$(conan config home)/settings_user.yml`, by adding the required version number(s)
 to the `version` array specific for your compiler. For example:
 
 ```yaml
-apple-clang:
-  version:
-    [
-      "5.0",
-      "5.1",
-      "6.0",
-      "6.1",
-      "7.0",
-      "7.3",
-      "8.0",
-      "8.1",
-      "9.0",
-      "9.1",
-      "10.0",
-      "11.0",
-      "12.0",
-      "13",
-      "13.0",
-      "13.1",
-      "14",
-      "14.0",
-      "15",
-      "15.0",
-      "16",
-      "16.0",
-      "17",
-      "17.0",
-    ]
+compiler:
+  apple-clang:
+    version: ["17.0"]
 ```
 
 #### Multiple compilers

BoostToStdCoroutineTaskList.md

@@ -0,0 +1,142 @@
+# Boost.Coroutine to C++20 Migration — Task List
+
+> Parent document: [BoostToStdCoroutineSwitchPlan.md](BoostToStdCoroutineSwitchPlan.md)
+
+---
+
+## Milestone 1: New Coroutine Primitives
+
+- [ ] **1.1** Design `CoroTask<T>` class with `promise_type`
+  - Define `promise_type` with `initial_suspend`, `final_suspend`, `unhandled_exception`, `return_value`/`return_void`
+  - Implement `FinalAwaiter` for continuation support
+  - Implement move-only RAII handle wrapper
+  - Support both `CoroTask<T>` and `CoroTask<void>`
+
+- [ ] **1.2** Design and implement `JobQueueAwaiter`
+  - `await_suspend()` calls `jq_.addJob(type, name, [h]{ h.resume(); })`
+  - Handle `addJob()` failure (shutdown) — resume with error flag or throw
+  - Integrate `nSuspend_` counter increment/decrement
+
+- [ ] **1.3** Implement `LocalValues` swap in new coroutine resume path
+  - Before `handle.resume()`: save thread-local, install coroutine-local
+  - After `handle.resume()` returns: restore thread-local
+  - Ensure this works when coroutine migrates between threads
+
+- [ ] **1.4** Add `postCoroTask()` template to `JobQueue`
+  - Accept callable returning `CoroTask<void>`
+  - Schedule initial execution on JobQueue (mirror `postCoro()` behavior)
+  - Return a handle/shared_ptr for join/cancel
+
+- [ ] **1.5** Write unit tests (`src/test/core/CoroTask_test.cpp`)
+  - Test `CoroTask<void>` runs to completion
+  - Test `CoroTask<int>` returns value
+  - Test exception propagation across co_await
+  - Test coroutine destruction before completion
+  - Test `JobQueueAwaiter` schedules on correct thread
+  - Test `LocalValue` isolation across 4+ coroutines
+  - Test shutdown rejection (addJob returns false)
+  - Test `correct_order` equivalent (yield → join → post → complete)
+  - Test `incorrect_order` equivalent (post → yield → complete)
+  - Test multiple sequential co_await points
+
+- [ ] **1.6** Verify build on GCC 12+, Clang 16+
+- [ ] **1.7** Run ASAN + TSAN on new tests
+- [ ] **1.8** Run full `--unittest` suite (no regressions)
+- [ ] **1.9** Self-review and create PR #1
+
+---
+
+## Milestone 2: Entry Point Migration
+
+- [ ] **2.1** Migrate `ServerHandler::onRequest()` (`ServerHandler.cpp:287`)
+  - Replace `m_jobQueue.postCoro(jtCLIENT_RPC, ...)` with `postCoroTask()`
+  - Update lambda to return `CoroTask<void>` (add `co_return`)
+  - Update `processSession` to accept new coroutine type
+
+- [ ] **2.2** Migrate `ServerHandler::onWSMessage()` (`ServerHandler.cpp:325`)
+  - Replace `m_jobQueue.postCoro(jtCLIENT_WEBSOCKET, ...)` with `postCoroTask()`
+  - Update lambda signature
+
+- [ ] **2.3** Migrate `GRPCServer::CallData::process()` (`GRPCServer.cpp:102`)
+  - Replace `app_.getJobQueue().postCoro(JobType::jtRPC, ...)` with `postCoroTask()`
+  - Update `process(shared_ptr<Coro> coro)` overload signature
+
+- [ ] **2.4** Update `RPC::Context` (`Context.h:27`)
+  - Replace `std::shared_ptr<JobQueue::Coro> coro{}` with new coroutine wrapper type
+  - Ensure all code that accesses `context.coro` compiles
+
+- [ ] **2.5** Update `ServerHandler.h` signatures
+  - `processSession()` and `processRequest()` parameter types
+
+- [ ] **2.6** Update `GRPCServer.h` signatures
+  - `process()` method parameter types
+
+- [ ] **2.7** Run full `--unittest` suite
+- [ ] **2.8** Manual smoke test: HTTP + WS + gRPC RPC requests
+- [ ] **2.9** Run ASAN + TSAN
+- [ ] **2.10** Self-review and create PR #2
+
+---
+
+## Milestone 3: Handler Migration
+
+- [ ] **3.1** Migrate `doRipplePathFind()` (`RipplePathFind.cpp`)
+  - Replace `context.coro->yield()` with `co_await PathFindAwaiter{...}`
+  - Replace continuation lambda's `coro->post()` / `coro->resume()` with awaiter scheduling
+  - Handle shutdown case (post failure) in awaiter
+
+- [ ] **3.2** Create `PathFindAwaiter` (or use generic `JobQueueAwaiter`)
+  - Encapsulate the continuation + yield pattern from `RipplePathFind.cpp` lines 108-132
+
+- [ ] **3.3** Update `Path_test.cpp`
+  - Replace `postCoro` usage with `postCoroTask`
+  - Ensure `context.coro` usage matches new type
+
+- [ ] **3.4** Update `AMMTest.cpp`
+  - Replace `postCoro` usage with `postCoroTask`
+
+- [ ] **3.5** Rewrite `Coroutine_test.cpp` for new API
+  - `correct_order`: postCoroTask → co_await → join → resume → complete
+  - `incorrect_order`: post before yield equivalent
+  - `thread_specific_storage`: 4 coroutines with LocalValue isolation
+
+- [ ] **3.6** Update `JobQueue_test.cpp` `testPostCoro`
+  - Migrate to `postCoroTask` API
+
+- [ ] **3.7** Verify `ripple_path_find` works end-to-end with new coroutines
+- [ ] **3.8** Test shutdown-during-pathfind scenario
+- [ ] **3.9** Run full `--unittest` suite
+- [ ] **3.10** Run ASAN + TSAN
+- [ ] **3.11** Self-review and create PR #3
+
+---
+
+## Milestone 4: Cleanup & Validation
+
+- [ ] **4.1** Delete `include/xrpl/core/Coro.ipp`
+- [ ] **4.2** Remove from `JobQueue.h`:
+  - `#include <boost/coroutine2/all.hpp>`
+  - `struct Coro_create_t`
+  - `class Coro` (entire class)
+  - `postCoro()` template
+  - Comment block (lines 322-377) describing old race condition
+- [ ] **4.3** Update `cmake/deps/Boost.cmake`:
+  - Remove `coroutine` from `find_package(Boost REQUIRED COMPONENTS ...)`
+  - Remove `Boost::coroutine` from `target_link_libraries`
+- [ ] **4.4** Update `cmake/XrplInterface.cmake`:
+  - Remove `BOOST_COROUTINES2_NO_DEPRECATION_WARNING`
+- [ ] **4.5** Run memory benchmark
+  - Create N=1000 coroutines, compare RSS: before vs after
+  - Document results
+- [ ] **4.6** Run context switch benchmark
+  - 100K yield/resume cycles, compare latency: before vs after
+  - Document results
+- [ ] **4.7** Run RPC throughput benchmark
+  - Concurrent `ripple_path_find` requests, compare throughput
+  - Document results
+- [ ] **4.8** Run full `--unittest` suite
+- [ ] **4.9** Run ASAN, TSAN, UBSan
+  - Confirm `__asan_handle_no_return` warnings are gone
+- [ ] **4.10** Verify build on all supported compilers
+- [ ] **4.11** Self-review and create PR #4
+- [ ] **4.12** Document final benchmark results in PR description

CMakeLists.txt

@@ -131,7 +131,6 @@ if(coverage)
     include(XrplCov)
 endif()
 
-set(PROJECT_EXPORT_SET XrplExports)
 include(XrplCore)
 include(XrplInstall)
 include(XrplValidatorKeys)

CONTRIBUTING.md

@@ -127,26 +127,6 @@ tl;dr
 > 6. Wrap the body at 72 characters.
 > 7. Use the body to explain what and why vs. how.
 
-In addition to those guidelines, please add one of the following
-prefixes to the subject line if appropriate.
-
-- `fix:` - The primary purpose is to fix an existing bug.
-- `perf:` - The primary purpose is performance improvements.
-- `refactor:` - The changes refactor code without affecting
-  functionality.
-- `test:` - The changes _only_ affect unit tests.
-- `docs:` - The changes _only_ affect documentation. This can
-  include code comments in addition to `.md` files like this one.
-- `build:` - The changes _only_ affect the build process,
-  including CMake and/or Conan settings.
-- `chore:` - Other tasks that don't affect the binary, but don't fit
-  any of the other cases. e.g. formatting, git settings, updating
-  Github Actions jobs.
-
-Whenever possible, when updating commits after the PR is open, please
-add the PR number to the end of the subject line. e.g. `test: Add
-unit tests for Feature X (#1234)`.
-
 ## Pull requests
 
 In general, pull requests use `develop` as the base branch.
@@ -180,6 +160,23 @@ credibility of the existing approvals is insufficient.
 Pull requests must be merged by [squash-and-merge][squash]
 to preserve a linear history for the `develop` branch.
 
+### Type of Change
+
+In addition to those guidelines, please start your PR title with one of the following:
+
+- `build:` - The changes _only_ affect the build process, including CMake and/or Conan settings.
+- `feat`: New feature (change which adds functionality).
+- `fix:` - The primary purpose is to fix an existing bug.
+- `docs:` - The changes _only_ affect documentation.
+- `test:` - The changes _only_ affect unit tests.
+- `ci`: Continuous Integration (changes to our CI configuration files and scripts).
+- `style`: Code style (formatting).
+- `refactor:` - The changes refactor code without affecting functionality.
+- `perf:` - The primary purpose is performance improvements.
+- `chore:` - Other tasks that don't affect the binary, but don't fit any of the other cases. e.g. `git` settings, `clang-tidy`, removing dead code, dropping support for older tooling.
+
+First letter after the type prefix should be capitalized, and the type prefix should be followed by a colon and a space. e.g. `feat: Add support for Borrowing Protocol`.
+
 ### "Ready to merge"
 
 A pull request should only have the "Ready to merge" label added when it
@@ -262,6 +259,10 @@ There is a Continuous Integration job that runs clang-tidy on pull requests. The
 
 This ensures that configuration changes don't introduce new warnings across the codebase.
 
+### Installing clang-tidy
+
+See the [environment setup guide](./docs/build/environment.md#clang-tidy) for platform-specific installation instructions.
+
 ### Running clang-tidy locally
 
 Before running clang-tidy, you must build the project to generate required files (particularly protobuf headers). Refer to [`BUILD.md`](./BUILD.md) for build instructions.
@@ -269,10 +270,15 @@ Before running clang-tidy, you must build the project to generate required files
 Then run clang-tidy on your local changes:
 
 ```
-run-clang-tidy -p build src tests
+run-clang-tidy -p build src include tests
 ```
 
-This will check all source files in the `src` and `tests` directories using the compile commands from your `build` directory.
+This will check all source files in the `src`, `include` and `tests` directories using the compile commands from your `build` directory.
+If you wish to automatically fix whatever clang-tidy finds _and_ is capable of fixing, add `-fix` to the above command:
+
+```
+run-clang-tidy -p build -fix src include tests
+```
 
 ## Contracts and instrumentation
 

LICENSE.md

@@ -1,7 +1,7 @@
 ISC License
 
 Copyright (c) 2011, Arthur Britto, David Schwartz, Jed McCaleb, Vinnie Falco, Bob Way, Eric Lombrozo, Nikolaos D. Bougalis, Howard Hinnant.
-Copyright (c) 2012-2025, the XRP Ledger developers.
+Copyright (c) 2012-present, the XRP Ledger developers.
 
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above

cmake/XrplCompiler.cmake

@@ -118,7 +118,7 @@ if(MSVC)
             NOMINMAX
             # TODO: Resolve these warnings, don't just silence them
             _SILENCE_ALL_CXX17_DEPRECATION_WARNINGS
-            $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>>:_CRTDBG_MAP_ALLOC>
+            $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>,$<NOT:$<BOOL:${is_ci}>>>:_CRTDBG_MAP_ALLOC>
     )
     target_link_libraries(common INTERFACE -errorreport:none -machine:X64)
 else()

cmake/XrplConfig.cmake

@@ -1,60 +0,0 @@
-include(CMakeFindDependencyMacro)
-# need to represent system dependencies of the lib here
-#[=========================================================[
-  Boost
-#]=========================================================]
-if(static OR APPLE OR MSVC)
-    set(Boost_USE_STATIC_LIBS ON)
-endif()
-set(Boost_USE_MULTITHREADED ON)
-if(static OR MSVC)
-    set(Boost_USE_STATIC_RUNTIME ON)
-else()
-    set(Boost_USE_STATIC_RUNTIME OFF)
-endif()
-find_dependency(
-    Boost
-    COMPONENTS
-    chrono
-    container
-    context
-    coroutine
-    date_time
-    filesystem
-    program_options
-    regex
-    system
-    thread
-)
-#[=========================================================[
-  OpenSSL
-#]=========================================================]
-if(NOT DEFINED OPENSSL_ROOT_DIR)
-    if(DEFINED ENV{OPENSSL_ROOT})
-        set(OPENSSL_ROOT_DIR $ENV{OPENSSL_ROOT})
-    elseif(APPLE)
-        find_program(homebrew brew)
-        if(homebrew)
-            execute_process(
-                COMMAND ${homebrew} --prefix openssl
-                OUTPUT_VARIABLE OPENSSL_ROOT_DIR
-                OUTPUT_STRIP_TRAILING_WHITESPACE
-            )
-        endif()
-    endif()
-    file(TO_CMAKE_PATH "${OPENSSL_ROOT_DIR}" OPENSSL_ROOT_DIR)
-endif()
-
-if(static OR APPLE OR MSVC)
-    set(OPENSSL_USE_STATIC_LIBS ON)
-endif()
-set(OPENSSL_MSVC_STATIC_RT ON)
-find_dependency(OpenSSL REQUIRED)
-find_dependency(ZLIB)
-find_dependency(date)
-if(TARGET ZLIB::ZLIB)
-    set_target_properties(
-        OpenSSL::Crypto
-        PROPERTIES INTERFACE_LINK_LIBRARIES ZLIB::ZLIB
-    )
-endif()

cmake/XrplCore.cmake

@@ -108,17 +108,40 @@ target_link_libraries(
 )
 
 # Level 05
+## Set up code generation for protocol_autogen module
+include(XrplProtocolAutogen)
+# Must call setup_protocol_autogen before add_module so that:
+# 1. Stale generated files are cleared before GLOB runs
+# 2. Output file list is known for custom commands
+setup_protocol_autogen()
+
+add_module(xrpl protocol_autogen)
+target_link_libraries(
+    xrpl.libxrpl.protocol_autogen
+    PUBLIC xrpl.libxrpl.protocol
+)
+
+# Ensure code generation runs before compiling protocol_autogen
+if(TARGET protocol_autogen_generate)
+    add_dependencies(xrpl.libxrpl.protocol_autogen protocol_autogen_generate)
+endif()
+
+# Level 06
 add_module(xrpl core)
 target_link_libraries(
     xrpl.libxrpl.core
-    PUBLIC xrpl.libxrpl.basics xrpl.libxrpl.json xrpl.libxrpl.protocol
+    PUBLIC
+        xrpl.libxrpl.basics
+        xrpl.libxrpl.json
+        xrpl.libxrpl.protocol
+        xrpl.libxrpl.protocol_autogen
 )
 
-# Level 06
+# Level 07
 add_module(xrpl resource)
 target_link_libraries(xrpl.libxrpl.resource PUBLIC xrpl.libxrpl.protocol)
 
-# Level 07
+# Level 08
 add_module(xrpl net)
 target_link_libraries(
     xrpl.libxrpl.net
@@ -171,6 +194,7 @@ target_link_libraries(
         xrpl.libxrpl.basics
         xrpl.libxrpl.json
         xrpl.libxrpl.protocol
+        xrpl.libxrpl.protocol_autogen
         xrpl.libxrpl.rdb
         xrpl.libxrpl.server
         xrpl.libxrpl.shamap
@@ -206,6 +230,7 @@ target_link_modules(
     net
     nodestore
     protocol
+    protocol_autogen
     rdb
     resource
     server

cmake/XrplInstall.cmake

@@ -2,100 +2,38 @@
    install stuff
 #]===================================================================]
 
-include(create_symbolic_link)
+include(GNUInstallDirs)
 
-# If no suffix is defined for executables (e.g. Windows uses .exe but Linux
-# and macOS use none), then explicitly set it to the empty string.
-if(NOT DEFINED suffix)
-    set(suffix "")
+if(is_root_project AND TARGET xrpld)
+    install(
+        TARGETS xrpld
+        RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" COMPONENT runtime
+    )
+
+    install(
+        FILES "${CMAKE_CURRENT_SOURCE_DIR}/cfg/xrpld-example.cfg"
+        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}/xrpld"
+        RENAME xrpld.cfg
+        COMPONENT runtime
+    )
+
+    install(
+        FILES "${CMAKE_CURRENT_SOURCE_DIR}/cfg/validators-example.txt"
+        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}/xrpld"
+        RENAME validators.txt
+        COMPONENT runtime
+    )
 endif()
 
 install(
-    TARGETS
-        common
-        opts
-        xrpl_boost
-        xrpl_libs
-        xrpl_syslibs
-        xrpl.imports.main
-        xrpl.libpb
-        xrpl.libxrpl
-        xrpl.libxrpl.basics
-        xrpl.libxrpl.beast
-        xrpl.libxrpl.conditions
-        xrpl.libxrpl.core
-        xrpl.libxrpl.crypto
-        xrpl.libxrpl.git
-        xrpl.libxrpl.json
-        xrpl.libxrpl.rdb
-        xrpl.libxrpl.ledger
-        xrpl.libxrpl.net
-        xrpl.libxrpl.nodestore
-        xrpl.libxrpl.protocol
-        xrpl.libxrpl.resource
-        xrpl.libxrpl.server
-        xrpl.libxrpl.shamap
-        xrpl.libxrpl.tx
-        antithesis-sdk-cpp
-    EXPORT XrplExports
-    LIBRARY DESTINATION lib
-    ARCHIVE DESTINATION lib
-    RUNTIME DESTINATION bin
-    INCLUDES DESTINATION include
+    TARGETS xrpl.libpb xrpl.libxrpl
+    LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}" COMPONENT development
+    ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}" COMPONENT development
+    RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" COMPONENT development
 )
 
 install(
     DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl"
     DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}"
-)
-
-install(
-    EXPORT XrplExports
-    FILE XrplTargets.cmake
-    NAMESPACE Xrpl::
-    DESTINATION lib/cmake/xrpl
-)
-include(CMakePackageConfigHelpers)
-write_basic_package_version_file(
-    XrplConfigVersion.cmake
-    VERSION ${xrpld_version}
-    COMPATIBILITY SameMajorVersion
-)
-
-if(is_root_project AND TARGET xrpld)
-    install(TARGETS xrpld RUNTIME DESTINATION bin)
-    set_target_properties(xrpld PROPERTIES INSTALL_RPATH_USE_LINK_PATH ON)
-    # sample configs should not overwrite existing files
-    # install if-not-exists workaround as suggested by
-    # https://cmake.org/Bug/view.php?id=12646
-    install(
-        CODE
-            "
-    macro (copy_if_not_exists SRC DEST NEWNAME)
-      if (NOT EXISTS \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/\${DEST}/\${NEWNAME}\")
-        file (INSTALL FILE_PERMISSIONS OWNER_READ OWNER_WRITE DESTINATION \"\${CMAKE_INSTALL_PREFIX}/\${DEST}\" FILES \"\${SRC}\" RENAME \"\${NEWNAME}\")
-      else ()
-        message (\"-- Skipping : \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/\${DEST}/\${NEWNAME}\")
-      endif ()
-    endmacro()
-    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/xrpld-example.cfg\" etc xrpld.cfg)
-    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/validators-example.txt\" etc validators.txt)
-  "
-    )
-    install(
-        CODE
-            "
-    set(CMAKE_MODULE_PATH \"${CMAKE_MODULE_PATH}\")
-    include(create_symbolic_link)
-    create_symbolic_link(xrpld${suffix} \
-       \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}/rippled${suffix})
-  "
-    )
-endif()
-
-install(
-    FILES
-        ${CMAKE_CURRENT_SOURCE_DIR}/cmake/XrplConfig.cmake
-        ${CMAKE_CURRENT_BINARY_DIR}/XrplConfigVersion.cmake
-    DESTINATION lib/cmake/xrpl
+    COMPONENT development
 )

cmake/XrplInterface.cmake

@@ -23,7 +23,7 @@ target_compile_definitions(
         BOOST_FILESYSTEM_NO_DEPRECATED
         >
         $<$<NOT:$<BOOL:${boost_show_deprecated}>>:
-        BOOST_COROUTINES_NO_DEPRECATION_WARNING
+        BOOST_COROUTINES2_NO_DEPRECATION_WARNING
         BOOST_BEAST_ALLOW_DEPRECATED
         BOOST_FILESYSTEM_DEPRECATED
         >

cmake/XrplProtocolAutogen.cmake

@@ -0,0 +1,287 @@
+#[===================================================================[
+   Protocol Autogen - Code generation for protocol wrapper classes
+#]===================================================================]
+
+# Options for code generation
+option(
+    XRPL_NO_CODEGEN
+    "Disable code generation (use pre-generated files from repository)"
+    OFF
+)
+set(CODEGEN_VENV_DIR
+    ""
+    CACHE PATH
+    "Path to Python virtual environment for code generation. If provided, automatic venv setup is skipped."
+)
+
+# Function to set up code generation for protocol_autogen module
+# This runs at configure time to generate C++ wrapper classes from macro files
+function(setup_protocol_autogen)
+    # Directory paths
+    set(MACRO_DIR "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol/detail")
+    set(AUTOGEN_HEADER_DIR
+        "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol_autogen"
+    )
+    set(AUTOGEN_TEST_DIR
+        "${CMAKE_CURRENT_SOURCE_DIR}/src/tests/libxrpl/protocol_autogen"
+    )
+    set(SCRIPTS_DIR "${CMAKE_CURRENT_SOURCE_DIR}/scripts")
+
+    # Input macro files
+    set(TRANSACTIONS_MACRO "${MACRO_DIR}/transactions.macro")
+    set(LEDGER_ENTRIES_MACRO "${MACRO_DIR}/ledger_entries.macro")
+    set(SFIELDS_MACRO "${MACRO_DIR}/sfields.macro")
+
+    # Python scripts and templates
+    set(GENERATE_TX_SCRIPT "${SCRIPTS_DIR}/generate_tx_classes.py")
+    set(GENERATE_LEDGER_SCRIPT "${SCRIPTS_DIR}/generate_ledger_classes.py")
+    set(REQUIREMENTS_FILE "${SCRIPTS_DIR}/requirements.txt")
+    set(MACRO_PARSER_COMMON "${SCRIPTS_DIR}/macro_parser_common.py")
+    set(TX_TEMPLATE "${SCRIPTS_DIR}/templates/Transaction.h.mako")
+    set(TX_TEST_TEMPLATE "${SCRIPTS_DIR}/templates/TransactionTests.cpp.mako")
+    set(LEDGER_TEMPLATE "${SCRIPTS_DIR}/templates/LedgerEntry.h.mako")
+    set(LEDGER_TEST_TEMPLATE
+        "${SCRIPTS_DIR}/templates/LedgerEntryTests.cpp.mako"
+    )
+
+    # Check if code generation is disabled
+    if(XRPL_NO_CODEGEN)
+        message(
+            WARNING
+            "Protocol autogen: Code generation is disabled (XRPL_NO_CODEGEN=ON). "
+            "Generated files may be out of date."
+        )
+        return()
+    endif()
+
+    # Create output directories
+    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/transactions")
+    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/ledger_entries")
+    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/ledger_entries")
+    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/transactions")
+
+    # Find Python3 - check if already found by Conan or find it ourselves
+    if(NOT Python3_EXECUTABLE)
+        find_package(Python3 COMPONENTS Interpreter QUIET)
+    endif()
+
+    if(NOT Python3_EXECUTABLE)
+        # Try finding python3 executable directly
+        find_program(Python3_EXECUTABLE NAMES python3 python)
+    endif()
+
+    if(NOT Python3_EXECUTABLE)
+        message(
+            FATAL_ERROR
+            "Python3 not found. Code generation cannot proceed.\n"
+            "Please install Python 3, or set -DXRPL_NO_CODEGEN=ON to use existing generated files."
+        )
+        return()
+    endif()
+
+    message(STATUS "Using Python3 for code generation: ${Python3_EXECUTABLE}")
+
+    # Set up Python virtual environment for code generation
+    if(CODEGEN_VENV_DIR)
+        # User-provided venv - skip automatic setup
+        set(VENV_DIR "${CODEGEN_VENV_DIR}")
+        message(STATUS "Using user-provided Python venv: ${VENV_DIR}")
+    else()
+        # Use default venv in build directory
+        set(VENV_DIR "${CMAKE_CURRENT_BINARY_DIR}/codegen_venv")
+    endif()
+
+    # Determine the Python executable path in the venv
+    if(WIN32)
+        set(VENV_PYTHON "${VENV_DIR}/Scripts/python.exe")
+        set(VENV_PIP "${VENV_DIR}/Scripts/pip.exe")
+    else()
+        set(VENV_PYTHON "${VENV_DIR}/bin/python")
+        set(VENV_PIP "${VENV_DIR}/bin/pip")
+    endif()
+
+    # Only auto-setup venv if not user-provided
+    if(NOT CODEGEN_VENV_DIR)
+        # Check if venv needs to be created or updated
+        set(VENV_NEEDS_UPDATE FALSE)
+        if(NOT EXISTS "${VENV_PYTHON}")
+            set(VENV_NEEDS_UPDATE TRUE)
+            message(
+                STATUS
+                "Creating Python virtual environment for code generation..."
+            )
+        elseif(
+            "${REQUIREMENTS_FILE}"
+                IS_NEWER_THAN
+                "${VENV_DIR}/.requirements_installed"
+        )
+            set(VENV_NEEDS_UPDATE TRUE)
+            message(
+                STATUS
+                "Updating Python virtual environment (requirements changed)..."
+            )
+        endif()
+
+        # Create/update virtual environment if needed
+        if(VENV_NEEDS_UPDATE)
+            message(
+                STATUS
+                "Setting up Python virtual environment at ${VENV_DIR}"
+            )
+            execute_process(
+                COMMAND ${Python3_EXECUTABLE} -m venv "${VENV_DIR}"
+                RESULT_VARIABLE VENV_RESULT
+                ERROR_VARIABLE VENV_ERROR
+            )
+            if(NOT VENV_RESULT EQUAL 0)
+                message(
+                    FATAL_ERROR
+                    "Failed to create virtual environment: ${VENV_ERROR}"
+                )
+            endif()
+
+            message(STATUS "Installing Python dependencies...")
+            execute_process(
+                COMMAND ${VENV_PIP} install --upgrade pip
+                RESULT_VARIABLE PIP_UPGRADE_RESULT
+                OUTPUT_QUIET
+                ERROR_VARIABLE PIP_UPGRADE_ERROR
+            )
+            if(NOT PIP_UPGRADE_RESULT EQUAL 0)
+                message(WARNING "Failed to upgrade pip: ${PIP_UPGRADE_ERROR}")
+            endif()
+
+            execute_process(
+                COMMAND ${VENV_PIP} install -r "${REQUIREMENTS_FILE}"
+                RESULT_VARIABLE PIP_INSTALL_RESULT
+                ERROR_VARIABLE PIP_INSTALL_ERROR
+            )
+            if(NOT PIP_INSTALL_RESULT EQUAL 0)
+                message(
+                    FATAL_ERROR
+                    "Failed to install Python dependencies: ${PIP_INSTALL_ERROR}"
+                )
+            endif()
+
+            # Mark requirements as installed
+            file(TOUCH "${VENV_DIR}/.requirements_installed")
+            message(STATUS "Python virtual environment ready")
+        endif()
+    endif()
+
+    # At configure time - get list of output files for transactions
+    execute_process(
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
+            "${AUTOGEN_TEST_DIR}/transactions" --list-outputs
+        OUTPUT_VARIABLE TX_OUTPUT_FILES
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+        RESULT_VARIABLE TX_LIST_RESULT
+        ERROR_VARIABLE TX_LIST_ERROR
+    )
+    if(NOT TX_LIST_RESULT EQUAL 0)
+        message(
+            FATAL_ERROR
+            "Failed to list transaction output files:\n${TX_LIST_ERROR}"
+        )
+    endif()
+    # Convert newline-separated list to CMake list
+    string(REPLACE "\\" "/" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
+    string(REPLACE "\n" ";" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
+
+    # At configure time - get list of output files for ledger entries
+    execute_process(
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
+            "${AUTOGEN_TEST_DIR}/ledger_entries" --list-outputs
+        OUTPUT_VARIABLE LEDGER_OUTPUT_FILES
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+        RESULT_VARIABLE LEDGER_LIST_RESULT
+        ERROR_VARIABLE LEDGER_LIST_ERROR
+    )
+    if(NOT LEDGER_LIST_RESULT EQUAL 0)
+        message(
+            FATAL_ERROR
+            "Failed to list ledger entry output files:\n${LEDGER_LIST_ERROR}"
+        )
+    endif()
+    # Convert newline-separated list to CMake list
+    string(REPLACE "\\" "/" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
+    string(REPLACE "\n" ";" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
+
+    # Custom command to generate transaction classes at build time
+    add_custom_command(
+        OUTPUT ${TX_OUTPUT_FILES}
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
+            "${AUTOGEN_TEST_DIR}/transactions" --sfields-macro
+            "${SFIELDS_MACRO}"
+        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+        DEPENDS
+            "${TRANSACTIONS_MACRO}"
+            "${SFIELDS_MACRO}"
+            "${GENERATE_TX_SCRIPT}"
+            "${MACRO_PARSER_COMMON}"
+            "${TX_TEMPLATE}"
+            "${TX_TEST_TEMPLATE}"
+            "${REQUIREMENTS_FILE}"
+        COMMENT "Generating transaction classes from transactions.macro..."
+        VERBATIM
+    )
+
+    # Custom command to generate ledger entry classes at build time
+    add_custom_command(
+        OUTPUT ${LEDGER_OUTPUT_FILES}
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
+            "${AUTOGEN_TEST_DIR}/ledger_entries" --sfields-macro
+            "${SFIELDS_MACRO}"
+        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+        DEPENDS
+            "${LEDGER_ENTRIES_MACRO}"
+            "${SFIELDS_MACRO}"
+            "${GENERATE_LEDGER_SCRIPT}"
+            "${MACRO_PARSER_COMMON}"
+            "${LEDGER_TEMPLATE}"
+            "${LEDGER_TEST_TEMPLATE}"
+            "${REQUIREMENTS_FILE}"
+        COMMENT "Generating ledger entry classes from ledger_entries.macro..."
+        VERBATIM
+    )
+
+    # Create a custom target that depends on all generated files
+    add_custom_target(
+        protocol_autogen_generate
+        DEPENDS ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES}
+        COMMENT "Protocol autogen code generation"
+    )
+
+    # Extract test files from output lists (files ending in Tests.cpp)
+    set(PROTOCOL_AUTOGEN_TEST_SOURCES "")
+    foreach(FILE ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES})
+        if(FILE MATCHES "Tests\\.cpp$")
+            list(APPEND PROTOCOL_AUTOGEN_TEST_SOURCES "${FILE}")
+        endif()
+    endforeach()
+    # Export test sources to parent scope for use in test CMakeLists.txt
+    set(PROTOCOL_AUTOGEN_TEST_SOURCES
+        "${PROTOCOL_AUTOGEN_TEST_SOURCES}"
+        CACHE INTERNAL
+        "Generated protocol_autogen test sources"
+    )
+
+    # Register dependencies so CMake reconfigures when macro files change
+    # (to update the list of output files)
+    set_property(
+        DIRECTORY
+        APPEND
+        PROPERTY
+            CMAKE_CONFIGURE_DEPENDS
+                "${TRANSACTIONS_MACRO}"
+                "${LEDGER_ENTRIES_MACRO}"
+    )
+endfunction()

cmake/XrplSanity.cmake

@@ -50,6 +50,13 @@ if(MSVC AND CMAKE_GENERATOR_PLATFORM STREQUAL "Win32")
     message(FATAL_ERROR "Visual Studio 32-bit build is not supported.")
 endif()
 
+if(voidstar AND NOT is_amd64)
+    message(
+        FATAL_ERROR
+        "The voidstar library only supported on amd64/x86_64. Detected archictecture was: ${CMAKE_SYSTEM_PROCESSOR}"
+    )
+endif()
+
 if(APPLE AND NOT HOMEBREW)
     find_program(HOMEBREW brew)
 endif()

cmake/deps/Boost.cmake

@@ -7,7 +7,7 @@ find_package(
     COMPONENTS
         chrono
         container
-        coroutine
+        context
         date_time
         filesystem
         json
@@ -26,7 +26,7 @@ target_link_libraries(
         Boost::headers
         Boost::chrono
         Boost::container
-        Boost::coroutine
+        Boost::context
         Boost::date_time
         Boost::filesystem
         Boost::json
@@ -38,23 +38,26 @@ target_link_libraries(
 if(Boost_COMPILER)
     target_link_libraries(xrpl_boost INTERFACE Boost::disable_autolinking)
 endif()
-if(SANITIZERS_ENABLED AND is_clang)
-    # TODO: gcc does not support -fsanitize-blacklist...can we do something else for gcc ?
-    if(NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)
-        get_target_property(
-            Boost_INCLUDE_DIRS
-            Boost::headers
-            INTERFACE_INCLUDE_DIRECTORIES
-        )
-    endif()
-    message(STATUS "Adding [${Boost_INCLUDE_DIRS}] to sanitizer blacklist")
-    file(
-        WRITE ${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt
-        "src:${Boost_INCLUDE_DIRS}/*"
-    )
-    target_compile_options(
-        opts
-        INTERFACE # ignore boost headers for sanitizing
-            -fsanitize-blacklist=${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt
+
+# GCC 14+ has a false positive -Wuninitialized warning in Boost.Coroutine2's
+# state.hpp when compiled with -O3. This is due to GCC's intentional behavior
+# change (Bug #98871, #119388) where warnings from inlined system header code
+# are no longer suppressed by -isystem. The warning occurs in operator|= in
+# boost/coroutine2/detail/state.hpp when inlined from push_control_block::destroy().
+# See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119388
+if(is_gcc AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 14)
+    target_compile_options(xrpl_boost INTERFACE -Wno-uninitialized)
+endif()
+
+# Boost.Context's ucontext backend has ASAN fiber-switching annotations
+# (start/finish_switch_fiber) that are compiled in when BOOST_USE_ASAN is defined.
+# This tells ASAN about coroutine stack switches, preventing false positive
+# stack-use-after-scope errors. BOOST_USE_UCONTEXT ensures the ucontext backend
+# is selected (fcontext does not support ASAN annotations).
+# These defines must match what Boost was compiled with (see conan/profiles/sanitizers).
+if(enable_asan)
+    target_compile_definitions(
+        xrpl_boost
+        INTERFACE BOOST_USE_ASAN BOOST_USE_UCONTEXT
     )
 endif()

conan.lock

@@ -1,16 +1,16 @@
 {
     "version": "0.5",
     "requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1765284699.337",
         "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
         "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1765850149.926",
         "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1765850149.46",
         "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
-        "secp256k1/0.7.1#3a61e95e220062ef32c48d019e9c81f7%1770306721.686",
+        "secp256k1/0.7.1#481881709eb0bdd0185a12b912bbe8ad%1770910500.329",
         "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
-        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1765850148.103",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
-        "openssl/3.5.5#05a4ac5b7323f7a329b2db1391d9941f%1769599205.414",
+        "re2/20251105#8579cfd0bda4daf0683f9e3898f964b4%1772560729.95",
+        "protobuf/6.32.1#b54f00da2e0f61d821330b5b638b0f80%1768401317.762",
+        "openssl/3.5.5#e6399de266349245a4542fc5f6c71552%1774367199.56",
         "nudb/2.0.9#0432758a24204da08fee953ec9ea03cb%1769436073.32",
         "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
         "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
@@ -18,27 +18,27 @@
         "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
         "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
         "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
-        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1765850193.734",
+        "grpc/1.72.0#aaade9421980b2d926dbfb613d56c38a%1774376249.106",
         "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
         "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
-        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1765850144.336",
+        "c-ares/1.34.6#545240bb1c40e2cacd4362d6b8967650%1766500685.317",
         "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1765850143.837",
         "boost/1.90.0#d5e8defe7355494953be18524a7f135b%1769454080.269",
-        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
+        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
     ],
     "build_requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
-        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1765850165.196",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1765284699.337",
+        "strawberryperl/5.32.1.1#8d114504d172cfea8ea1662d09b6333e%1751971032.423",
+        "protobuf/6.32.1#b54f00da2e0f61d821330b5b638b0f80%1768401317.762",
         "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
-        "msys2/cci.latest#eea83308ad7e9023f7318c60d5a9e6cb%1770199879.083",
-        "m4/1.4.19#70dc8bbb33e981d119d2acc0175cf381%1763158052.846",
-        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1765850153.937",
-        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
-        "b2/5.3.3#107c15377719889654eb9a162a673975%1765850144.355",
+        "msys2/cci.latest#d22fe7b2808f5fd34d0a7923ace9c54f%1770657326.649",
+        "m4/1.4.19#5d7a4994e5875d76faf7acf3ed056036%1774365463.87",
+        "cmake/4.3.0#b939a42e98f593fb34d3a8c5cc860359%1773780142.26",
+        "cmake/3.31.11#f325c933f618a1fcebc1e1c0babfd1ba%1769622857.944",
+        "b2/5.4.2#ffd6084a119587e70f11cd45d1a386e2%1766594659.866",
         "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
         "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
-        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
+        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
     ],
     "python_requires": [],
     "overrides": {
@@ -46,13 +46,13 @@
             null,
             "boost/1.90.0"
         ],
-        "protobuf/5.27.0": [
+        "protobuf/[>=5.27.0 <7]": [
             "protobuf/6.32.1"
         ],
         "lz4/1.9.4": [
             "lz4/1.10.0"
         ],
-        "sqlite3/3.44.2": [
+        "sqlite3/[>=3.44 <4]": [
             "sqlite3/3.49.1"
         ],
         "boost/1.83.0": [

conan/profiles/sanitizers

@@ -7,16 +7,21 @@ include(default)
     {% if compiler == "gcc" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
+            {% set defines = [] %}
             {% set model_code = "" %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1", "-Wno-stringop-overflow"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
                 {% set model_code = "-mcmodel=large" %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
                 {% set model_code = "-mcmodel=medium" %}
                 {% set _ = extra_cxxflags.append("-Wno-tsan") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -29,16 +34,22 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
         {% endif %}
     {% elif compiler == "apple-clang" or compiler == "clang" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
+            {% set defines = [] %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -52,8 +63,24 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
         {% endif %}
     {% endif %}
 {% endif %}
 
-tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags"]
+tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags", "tools.build:defines"]
+
+[options]
+{% if sanitizers %}
+    {% if "address" in sanitizers %}
+        # Build Boost.Context with ucontext backend (not fcontext) so that
+        # ASAN fiber-switching annotations (__sanitizer_start/finish_switch_fiber)
+        # are compiled into the library. fcontext (assembly) has no ASAN support.
+        # define=BOOST_USE_ASAN=1 is critical: it must be defined when building
+        # Boost.Context itself so the ucontext backend compiles in the ASAN annotations.
+        boost/*:extra_b2_flags=context-impl=ucontext address-sanitizer=on define=BOOST_USE_ASAN=1
+        boost/*:without_context=False
+        # Boost stacktrace fails to build with some sanitizers
+        boost/*:without_stacktrace=True
+    {% endif %}
+{% endif %}

conanfile.py

@@ -1,3 +1,4 @@
+import os
 import re
 
 from conan.tools.cmake import CMake, CMakeToolchain, cmake_layout
@@ -57,6 +58,9 @@ class Xrpl(ConanFile):
         "tests": False,
         "unity": False,
         "xrpld": False,
+        "boost/*:without_context": False,
+        "boost/*:without_coroutine": True,
+        "boost/*:without_coroutine2": False,
         "date/*:header_only": True,
         "ed25519/*:shared": False,
         "grpc/*:shared": False,
@@ -126,6 +130,12 @@ class Xrpl(ConanFile):
         if self.settings.compiler in ["clang", "gcc"]:
             self.options["boost"].without_cobalt = True
 
+        # Check if environment variable exists
+        if "SANITIZERS" in os.environ:
+            sanitizers = os.environ["SANITIZERS"]
+            if "address" in sanitizers.lower():
+                self.default_options["fPIC"] = False
+
     def requirements(self):
         # Conan 2 requires transitive headers to be specified
         transitive_headers_opt = (
@@ -196,7 +206,7 @@ class Xrpl(ConanFile):
             "boost::headers",
             "boost::chrono",
             "boost::container",
-            "boost::coroutine",
+            "boost::context",
             "boost::date_time",
             "boost::filesystem",
             "boost::json",

cspell.config.yaml

@@ -70,6 +70,7 @@ words:
   - coeffs
   - coldwallet
   - compr
+  - cppcoro
   - conanfile
   - conanrun
   - confs
@@ -99,11 +100,13 @@ words:
   - endmacro
   - exceptioned
   - Falco
+  - fcontext
   - finalizers
   - firewalled
   - fmtdur
   - fsanitize
   - funclets
+  - gantt
   - gcov
   - gcovr
   - ghead
@@ -111,6 +114,7 @@ words:
   - gpgcheck
   - gpgkey
   - hotwallet
+  - hwaddress
   - hwrap
   - ifndef
   - inequation
@@ -146,6 +150,7 @@ words:
   - ltype
   - mcmodel
   - MEMORYSTATUSEX
+  - Mankawde
   - Merkle
   - Metafuncton
   - misprediction
@@ -194,6 +199,7 @@ words:
   - permissioned
   - pointee
   - populator
+  - pratik
   - preauth
   - preauthorization
   - preauthorize
@@ -202,18 +208,23 @@ words:
   - protobuf
   - protos
   - ptrs
+  - Pratik
   - pushd
   - pyenv
+  - pyparsing
   - qalloc
   - queuable
   - Raphson
   - replayer
+  - repost
+  - reposts
   - rerere
   - retriable
   - RIPD
   - ripdtop
   - rippleci
   - rippled
+  - ripplerpc
   - rippletest
   - RLUSD
   - rngfill
@@ -228,6 +239,7 @@ words:
   - seqit
   - sf
   - SFIELD
+  - sfields
   - shamap
   - shamapitem
   - sidechain
@@ -237,6 +249,7 @@ words:
   - soci
   - socidb
   - sslws
+  - stackful
   - statsd
   - STATSDCOLLECTOR
   - stissue
@@ -292,6 +305,7 @@ words:
   - venv
   - vfalco
   - vinnie
+  - wasmi
   - wextra
   - wptr
   - writeme

docs/build/environment.md

@@ -109,3 +109,32 @@ Install CMake with Homebrew too:
 ```
 brew install cmake
 ```
+
+## Clang-tidy
+
+Clang-tidy is required to run static analysis checks locally (see [CONTRIBUTING.md](../../CONTRIBUTING.md)).
+It is not required to build the project. Currently this project uses clang-tidy version 21.
+
+### Linux
+
+LLVM 21 is not available in the default Debian 12 (Bookworm) repositories.
+Install it using the official LLVM apt installer:
+
+```
+wget https://apt.llvm.org/llvm.sh
+chmod +x llvm.sh
+sudo ./llvm.sh 21
+sudo apt install --yes clang-tidy-21
+```
+
+Then use `run-clang-tidy-21` when running clang-tidy locally.
+
+### macOS
+
+Install LLVM 21 via Homebrew:
+
+```
+brew install llvm@21
+```
+
+Then use `run-clang-tidy` from the LLVM 21 Homebrew prefix when running clang-tidy locally.

docs/build/sanitizers.md

@@ -89,8 +89,8 @@ cmake --build . --parallel 4
 **IMPORTANT**: ASAN with Boost produces many false positives. Use these options:
 
 ```bash
-export ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=path/to/asan.supp:halt_on_error=0:log_path=asan.log"
-export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsan.log"
+export ASAN_OPTIONS="include=sanitizers/suppressions/runtime-asan-options.txt:suppressions=sanitizers/suppressions/asan.supp"
+export LSAN_OPTIONS="include=sanitizers/suppressions/runtime-lsan-options.txt:suppressions=sanitizers/suppressions/lsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -108,7 +108,7 @@ export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsa
 ### ThreadSanitizer (TSan)
 
 ```bash
-export TSAN_OPTIONS="suppressions=path/to/tsan.supp halt_on_error=0 log_path=tsan.log"
+export TSAN_OPTIONS="include=sanitizers/suppressions/runtime-tsan-options.txt:suppressions=sanitizers/suppressions/tsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -129,7 +129,7 @@ More details [here](https://github.com/google/sanitizers/wiki/AddressSanitizerLe
 ### UndefinedBehaviorSanitizer (UBSan)
 
 ```bash
-export UBSAN_OPTIONS="suppressions=path/to/ubsan.supp:print_stacktrace=1:halt_on_error=0:log_path=ubsan.log"
+export UBSAN_OPTIONS="include=sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=sanitizers/suppressions/ubsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5

include/xrpl/basics/Mutex.hpp

@@ -0,0 +1,155 @@
+/*
+    This file is part of clio: https://github.com/XRPLF/clio
+    Copyright (c) 2024, the clio developers.
+
+    Permission to use, copy, modify, and distribute this software for any
+    purpose with or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+*/
+
+#pragma once
+
+#include <mutex>
+#include <type_traits>
+
+namespace xrpl {
+
+template <typename ProtectedDataType, typename MutexType>
+class Mutex;
+
+/**
+ * @brief A lock on a mutex that provides access to the protected data.
+ *
+ * @tparam ProtectedDataType data type to hold
+ * @tparam LockType type of lock
+ * @tparam MutexType type of mutex
+ */
+template <typename ProtectedDataType, template <typename...> typename LockType, typename MutexType>
+class Lock
+{
+    LockType<MutexType> lock_;
+    ProtectedDataType& data_;
+
+public:
+    /** @cond */
+    ProtectedDataType const&
+    operator*() const
+    {
+        return data_;
+    }
+
+    ProtectedDataType&
+    operator*()
+    {
+        return data_;
+    }
+
+    ProtectedDataType const&
+    get() const
+    {
+        return data_;
+    }
+
+    ProtectedDataType&
+    get()
+    {
+        return data_;
+    }
+
+    ProtectedDataType const*
+    operator->() const
+    {
+        return &data_;
+    }
+
+    ProtectedDataType*
+    operator->()
+    {
+        return &data_;
+    }
+
+    operator LockType<MutexType>&() &
+    {
+        return lock_;
+    }
+
+    operator LockType<MutexType> const&() const&
+    {
+        return lock_;
+    }
+    /** @endcond */
+
+private:
+    friend class Mutex<std::remove_const_t<ProtectedDataType>, MutexType>;
+
+    Lock(MutexType& mutex, ProtectedDataType& data) : lock_(mutex), data_(data)
+    {
+    }
+};
+
+/**
+ * @brief A container for data that is protected by a mutex. Inspired by Mutex in Rust.
+ *
+ * @tparam ProtectedDataType data type to hold
+ * @tparam MutexType type of mutex
+ */
+template <typename ProtectedDataType, typename MutexType = std::mutex>
+class Mutex
+{
+    mutable MutexType mutex_;
+    ProtectedDataType data_{};
+
+public:
+    Mutex() = default;
+
+    /**
+     * @brief Construct a new Mutex object with the given data
+     *
+     * @param data The data to protect
+     */
+    explicit Mutex(ProtectedDataType data) : data_(std::move(data))
+    {
+    }
+
+    /**
+     * @brief Make a new Mutex object with the given data
+     *
+     * @tparam Args The types of the arguments to forward to the constructor of the protected data
+     * @param args The arguments to forward to the constructor of the protected data
+     * @return The Mutex object that protects the given data
+     */
+    template <typename... Args>
+    static Mutex
+    make(Args&&... args)
+    {
+        return Mutex{ProtectedDataType{std::forward<Args>(args)...}};
+    }
+
+    /**
+     * @brief Lock the mutex and get a lock object allowing access to the protected data
+     *
+     * @tparam LockType The type of lock to use
+     * @return A lock on the mutex and a reference to the protected data
+     */
+    template <template <typename...> typename LockType = std::lock_guard>
+    Lock<ProtectedDataType const, LockType, MutexType>
+    lock() const
+    {
+        return {mutex_, data_};
+    }
+
+    /**
+     * @brief Lock the mutex and get a lock object allowing access to the protected data
+     *
+     * @tparam LockType The type of lock to use
+     * @return A lock on the mutex and a reference to the protected data
+     */
+    template <template <typename...> typename LockType = std::lock_guard>
+    Lock<ProtectedDataType, LockType, MutexType>
+    lock()
+    {
+        return {mutex_, data_};
+    }
+};
+
+}  // namespace xrpl

include/xrpl/basics/contract.h

@@ -1,5 +1,6 @@
 #pragma once
 
+#include <xrpl/basics/sanitizers.h>
 #include <xrpl/beast/type_name.h>
 
 #include <exception>
@@ -23,16 +24,28 @@ LogThrow(std::string const& title);
     When called from within a catch block, it will pass
     control to the next matching exception handler, if any.
     Otherwise, std::terminate will be called.
+
+    ASAN can't handle sudden jumps in control flow very well. This
+    function is marked as XRPL_NO_SANITIZE_ADDRESS to prevent it from
+    triggering false positives, since it throws.
 */
-[[noreturn]] inline void
+[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
 Rethrow()
 {
     LogThrow("Re-throwing exception");
     throw;
 }
 
+/*
+    Logs and throws an exception of type E.
+
+    ASAN can't handle sudden jumps in control flow very well. This
+    function is marked as XRPL_NO_SANITIZE_ADDRESS to prevent it from
+    triggering false positives, since it throws.
+*/
+
 template <class E, class... Args>
-[[noreturn]] inline void
+[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
 Throw(Args&&... args)
 {
     static_assert(

include/xrpl/basics/safe_cast.h

@@ -1,5 +1,7 @@
 #pragma once
 
+#include <xrpl/beast/utility/instrumentation.h>
+
 #include <type_traits>
 
 namespace xrpl {
@@ -70,4 +72,31 @@ unsafe_cast(Src s) noexcept
     return unsafe_cast<Dest>(static_cast<std::underlying_type_t<Src>>(s));
 }
 
+template <class Dest, class Src>
+    requires std::is_pointer_v<Dest>
+inline Dest
+safe_downcast(Src* s) noexcept
+{
+#ifdef NDEBUG
+    return static_cast<Dest>(s);  // NOLINT(cppcoreguidelines-pro-type-static-cast-downcast)
+#else
+    auto* result = dynamic_cast<Dest>(s);
+    XRPL_ASSERT(result != nullptr, "xrpl::safe_downcast : pointer downcast is valid");
+    return result;
+#endif
+}
+
+template <class Dest, class Src>
+    requires std::is_lvalue_reference_v<Dest>
+inline Dest
+safe_downcast(Src& s) noexcept
+{
+#ifndef NDEBUG
+    XRPL_ASSERT(
+        dynamic_cast<std::add_pointer_t<std::remove_reference_t<Dest>>>(&s) != nullptr,
+        "xrpl::safe_downcast : reference downcast is valid");
+#endif
+    return static_cast<Dest>(s);  // NOLINT(cppcoreguidelines-pro-type-static-cast-downcast)
+}
+
 }  // namespace xrpl

include/xrpl/basics/sanitizers.h

@@ -0,0 +1,13 @@
+#pragma once
+
+// Helper to disable ASan/HwASan for specific functions
+/*
+ ASAN flags some false positives with sudden jumps in control flow, like
+ exceptions, or when encountering coroutine stack switches. This macro can be used to disable ASAN
+ intrumentation for specific functions.
+*/
+#if defined(__GNUC__) || defined(__clang__)
+#define XRPL_NO_SANITIZE_ADDRESS __attribute__((no_sanitize("address", "hwaddress")))
+#else
+#define XRPL_NO_SANITIZE_ADDRESS
+#endif

include/xrpl/beast/core/List.h

@@ -43,8 +43,8 @@ private:
     template <typename>
     friend class ListIterator;
 
-    ListNode* m_next;
-    ListNode* m_prev;
+    ListNode* m_next = nullptr;
+    ListNode* m_prev = nullptr;
 };
 
 //------------------------------------------------------------------------------
@@ -567,7 +567,7 @@ private:
     }
 
 private:
-    size_type m_size;
+    size_type m_size = 0u;
     Node m_head;
     Node m_tail;
 };

include/xrpl/beast/utility/instrumentation.h

@@ -15,7 +15,7 @@
 #define ALWAYS_OR_UNREACHABLE(cond, message) assert((message) && (cond))
 #define SOMETIMES(cond, message, ...)
 #define REACHABLE(message, ...)
-#define UNREACHABLE(message, ...) assert((message) && false)
+#define UNREACHABLE(message, ...) assert((message) && false)  // NOLINT(misc-static-assert)
 #endif
 
 #define XRPL_ASSERT ALWAYS_OR_UNREACHABLE

include/xrpl/core/Coro.ipp

@@ -1,7 +1,5 @@
 #pragma once
 
-#include <xrpl/basics/ByteUtilities.h>
-
 namespace xrpl {
 
 template <class F>
@@ -11,16 +9,18 @@ JobQueue::Coro::Coro(Coro_create_t, JobQueue& jq, JobType type, std::string cons
     , name_(name)
     , running_(false)
     , coro_(
+          // Stack size of 1MB wasn't sufficient for deep calls. ASAN tests flagged the issue. Hence
+          // increasing the size to 1.5MB.
+          boost::context::protected_fixedsize_stack(1536 * 1024),
           [this, fn = std::forward<F>(f)](
-              boost::coroutines::asymmetric_coroutine<void>::push_type& do_yield) {
+              boost::coroutines2::asymmetric_coroutine<void>::push_type& do_yield) {
               yield_ = &do_yield;
               yield();
               fn(shared_from_this());
 #ifndef NDEBUG
               finished_ = true;
 #endif
-          },
-          boost::coroutines::attributes(megabytes(1)))
+          })
 {
 }
 

include/xrpl/core/CoroTask.h

@@ -0,0 +1,699 @@
+#pragma once
+
+#include <xrpl/beast/utility/instrumentation.h>
+
+#include <coroutine>
+#include <exception>
+#include <type_traits>
+#include <utility>
+#include <variant>
+
+namespace xrpl {
+
+template <typename T = void>
+class CoroTask;
+
+/**
+ * CoroTask<void> -- coroutine return type for void-returning coroutines.
+ *
+ * Class / Dependency Diagram
+ * ==========================
+ *
+ *   CoroTask<void>
+ *   +-----------------------------------------------+
+ *   | - handle_ : Handle (coroutine_handle<promise>) |
+ *   +-----------------------------------------------+
+ *   | + handle(), done()                             |
+ *   | + await_ready/suspend/resume  (Awaiter iface)  |
+ *   +-----------------------------------------------+
+ *            |  owns
+ *            v
+ *   promise_type
+ *   +-----------------------------------------------+
+ *   | - exception_    : std::exception_ptr           |
+ *   | - continuation_ : std::coroutine_handle<>      |
+ *   +-----------------------------------------------+
+ *   | + get_return_object() -> CoroTask              |
+ *   | + initial_suspend()   -> suspend_always (lazy) |
+ *   | + final_suspend()     -> FinalAwaiter          |
+ *   | + return_void()                                |
+ *   | + unhandled_exception()                        |
+ *   +-----------------------------------------------+
+ *            |  returns at final_suspend
+ *            v
+ *   FinalAwaiter
+ *   +-----------------------------------------------+
+ *   | await_suspend(h):                              |
+ *   |   if continuation_ set -> symmetric transfer   |
+ *   |   else                 -> noop_coroutine        |
+ *   +-----------------------------------------------+
+ *
+ * Design Notes
+ * ------------
+ * - Lazy start: initial_suspend returns suspend_always, so the coroutine
+ *   body does not execute until the handle is explicitly resumed.
+ * - Symmetric transfer: await_suspend returns a coroutine_handle instead
+ *   of void/bool, allowing the scheduler to jump directly to the next
+ *   coroutine without growing the call stack.
+ * - Continuation chaining: when one CoroTask is co_await-ed inside
+ *   another, the caller's handle is stored as continuation_ so
+ *   FinalAwaiter can resume it when this task finishes.
+ * - Move-only: the handle is exclusively owned; copy is deleted.
+ *
+ * Usage Examples
+ * ==============
+ *
+ * 1. Basic void coroutine (the most common case in rippled):
+ *
+ *      CoroTask<void> doWork(std::shared_ptr<CoroTaskRunner> runner) {
+ *          // do something
+ *          co_await runner->suspend();   // yield control
+ *          // resumed later via runner->post() or runner->resume()
+ *          co_return;
+ *      }
+ *
+ * 2. co_await-ing one CoroTask<void> from another (chaining):
+ *
+ *      CoroTask<void> inner() {
+ *          // ...
+ *          co_return;
+ *      }
+ *      CoroTask<void> outer() {
+ *          co_await inner();   // continuation_ links outer -> inner
+ *          co_return;          // FinalAwaiter resumes outer
+ *      }
+ *
+ * 3. Exceptions propagate through co_await:
+ *
+ *      CoroTask<void> failing() {
+ *          throw std::runtime_error("oops");
+ *          co_return;
+ *      }
+ *      CoroTask<void> caller() {
+ *          try { co_await failing(); }
+ *          catch (std::runtime_error const&) { // caught here }
+ *      }
+ *
+ * Caveats / Pitfalls
+ * ==================
+ *
+ * BUG-RISK: Dangling references in coroutine parameters.
+ *   Coroutine parameters are copied into the frame, but references
+ *   are NOT -- they are stored as-is. If the referent goes out of scope
+ *   before the coroutine finishes, you get use-after-free.
+ *
+ *      // BROKEN -- local dies before coroutine runs:
+ *      CoroTask<void> bad(int& ref) { co_return; }
+ *      void launch() {
+ *          int local = 42;
+ *          auto task = bad(local);  // frame stores &local
+ *      }  // local destroyed; frame holds dangling ref
+ *
+ *      // FIX -- pass by value, or ensure lifetime via shared_ptr.
+ *
+ * BUG-RISK: GCC 14 corrupts reference captures in coroutine lambdas.
+ *   When a lambda that returns CoroTask captures by reference ([&]),
+ *   GCC 14 may generate a corrupted coroutine frame. Always capture
+ *   by explicit pointer-to-value instead:
+ *
+ *      // BROKEN on GCC 14:
+ *      jq.postCoroTask(t, n, [&](auto) -> CoroTask<void> { ... });
+ *
+ *      // FIX -- capture pointers explicitly:
+ *      jq.postCoroTask(t, n, [ptr = &val](auto) -> CoroTask<void> { ... });
+ *
+ * BUG-RISK: Resuming a destroyed or completed CoroTask.
+ *   Calling handle().resume() after the coroutine has already run to
+ *   completion (done() == true) is undefined behavior. The CoroTaskRunner
+ *   guards against this with an XRPL_ASSERT, but standalone usage of
+ *   CoroTask must check done() before resuming.
+ *
+ * BUG-RISK: Moving a CoroTask that is being awaited.
+ *   If task A is co_await-ed by task B (so A.continuation_ == B), moving
+ *   or destroying A will invalidate the continuation link. Never move
+ *   or reassign a CoroTask while it is mid-execution or being awaited.
+ *
+ * LIMITATION: CoroTask is fire-and-forget for the top-level owner.
+ *   There is no built-in notification when the coroutine finishes.
+ *   The caller must use external synchronization (e.g. CoroTaskRunner::join
+ *   or a gate/condition_variable) to know when it is done.
+ *
+ * LIMITATION: No cancellation token.
+ *   There is no way to cancel a suspended CoroTask from outside. The
+ *   coroutine body must cooperatively check a flag (e.g. jq_.isStopping())
+ *   after each co_await and co_return early if needed.
+ *
+ * LIMITATION: Stackless -- cannot suspend from nested non-coroutine calls.
+ *   If a coroutine calls a regular function that wants to "yield", it
+ *   cannot. Only the immediate coroutine body can use co_await.
+ *   This is acceptable for rippled because all yield() sites are shallow.
+ */
+template <>
+class CoroTask<void>
+{
+public:
+    struct promise_type;
+    using Handle = std::coroutine_handle<promise_type>;
+
+    /**
+     * Coroutine promise. Compiler uses this to manage coroutine state.
+     * Stores the exception (if any) and the continuation handle for
+     * symmetric transfer back to the awaiting coroutine.
+     */
+    struct promise_type
+    {
+        // Captured exception from the coroutine body, rethrown in
+        // await_resume() when this task is co_await-ed by a caller.
+        std::exception_ptr exception_;
+
+        // Handle to the coroutine that is co_await-ing this task.
+        // Set by await_suspend(). FinalAwaiter uses it for symmetric
+        // transfer back to the caller. Null if this is a top-level task.
+        std::coroutine_handle<> continuation_;
+
+        /**
+         * Create the CoroTask return object.
+         * Called by the compiler at coroutine creation.
+         */
+        CoroTask
+        get_return_object()
+        {
+            return CoroTask{Handle::from_promise(*this)};
+        }
+
+        /**
+         * Lazy start. The coroutine body does not execute until the
+         * handle is explicitly resumed (e.g. by CoroTaskRunner::resume).
+         */
+        std::suspend_always
+        initial_suspend() noexcept
+        {
+            return {};
+        }
+
+        /**
+         * Awaiter returned by final_suspend(). Uses symmetric transfer:
+         * if a continuation exists, transfers control directly to it
+         * (tail-call, no stack growth). Otherwise returns noop_coroutine
+         * so the coroutine frame stays alive for the owner to destroy.
+         */
+        struct FinalAwaiter
+        {
+            /**
+             * Always false. We need await_suspend to run for
+             * symmetric transfer.
+             */
+            bool
+            await_ready() noexcept
+            {
+                return false;
+            }
+
+            /**
+             * Symmetric transfer: returns the continuation handle so
+             * the compiler emits a tail-call instead of a nested resume.
+             * If no continuation is set, returns noop_coroutine to
+             * suspend at final_suspend without destroying the frame.
+             *
+             * @param h Handle to this completing coroutine
+             *
+             * @return Continuation handle, or noop_coroutine
+             */
+            std::coroutine_handle<>
+            await_suspend(Handle h) noexcept
+            {
+                if (auto cont = h.promise().continuation_)
+                    return cont;
+                return std::noop_coroutine();
+            }
+
+            void
+            await_resume() noexcept
+            {
+            }
+        };
+
+        /**
+         * Returns FinalAwaiter for symmetric transfer at coroutine end.
+         */
+        FinalAwaiter
+        final_suspend() noexcept
+        {
+            return {};
+        }
+
+        /**
+         * Called by the compiler for `co_return;` (void coroutine).
+         */
+        void
+        return_void()
+        {
+        }
+
+        /**
+         * Called by the compiler when an exception escapes the coroutine
+         * body. Captures it for later rethrowing in await_resume().
+         */
+        void
+        unhandled_exception()
+        {
+            exception_ = std::current_exception();
+        }
+    };
+
+    /**
+     * Default constructor. Creates an empty (null handle) task.
+     */
+    CoroTask() = default;
+
+    /**
+     * Takes ownership of a compiler-generated coroutine handle.
+     *
+     * @param h Coroutine handle to own
+     */
+    explicit CoroTask(Handle h) : handle_(h)
+    {
+    }
+
+    /**
+     * Destroys the coroutine frame if this task owns one.
+     */
+    ~CoroTask()
+    {
+        if (handle_)
+            handle_.destroy();
+    }
+
+    /**
+     * Move constructor. Transfers handle ownership, leaves other empty.
+     */
+    CoroTask(CoroTask&& other) noexcept : handle_(std::exchange(other.handle_, {}))
+    {
+    }
+
+    /**
+     * Move assignment. Destroys current frame (if any), takes other's.
+     */
+    CoroTask&
+    operator=(CoroTask&& other) noexcept
+    {
+        if (this != &other)
+        {
+            if (handle_)
+                handle_.destroy();
+            handle_ = std::exchange(other.handle_, {});
+        }
+        return *this;
+    }
+
+    CoroTask(CoroTask const&) = delete;
+    CoroTask&
+    operator=(CoroTask const&) = delete;
+
+    /**
+     * @return The underlying coroutine_handle
+     */
+    Handle
+    handle() const
+    {
+        return handle_;
+    }
+
+    /**
+     * @return true if the coroutine has run to completion (or thrown)
+     */
+    bool
+    done() const
+    {
+        return handle_ && handle_.done();
+    }
+
+    // -- Awaiter interface: allows `co_await someCoroTask;` --
+
+    /**
+     * Always false. This task is lazy, so co_await always suspends
+     * the caller to set up the continuation link.
+     */
+    bool
+    await_ready() const noexcept
+    {
+        return false;
+    }
+
+    /**
+     * Stores the caller's handle as our continuation, then returns
+     * our handle for symmetric transfer (caller suspends, we resume).
+     *
+     * @param caller Handle of the coroutine doing co_await on us
+     *
+     * @return Our handle for symmetric transfer
+     */
+    std::coroutine_handle<>
+    await_suspend(std::coroutine_handle<> caller) noexcept
+    {
+        XRPL_ASSERT(handle_, "xrpl::CoroTask<void>::await_suspend : handle is valid");
+        handle_.promise().continuation_ = caller;
+        return handle_;  // Symmetric transfer
+    }
+
+    /**
+     * Called in the awaiting coroutine's context after this task
+     * completes. Rethrows any exception captured by
+     * unhandled_exception().
+     */
+    void
+    await_resume()
+    {
+        XRPL_ASSERT(handle_, "xrpl::CoroTask<void>::await_resume : handle is valid");
+        if (auto& ep = handle_.promise().exception_)
+            std::rethrow_exception(ep);
+    }
+
+private:
+    // Exclusively-owned coroutine handle. Null after move or default
+    // construction. Destroyed in the destructor.
+    Handle handle_;
+};
+
+/**
+ * CoroTask<T> -- coroutine return type for value-returning coroutines.
+ *
+ * Class / Dependency Diagram
+ * ==========================
+ *
+ *   CoroTask<T>
+ *   +-----------------------------------------------+
+ *   | - handle_ : Handle (coroutine_handle<promise>) |
+ *   +-----------------------------------------------+
+ *   | + handle(), done()                             |
+ *   | + await_ready/suspend/resume  (Awaiter iface)  |
+ *   +-----------------------------------------------+
+ *            |  owns
+ *            v
+ *   promise_type
+ *   +-----------------------------------------------+
+ *   | - result_       : variant<monostate, T,        |
+ *   |                           exception_ptr>       |
+ *   | - continuation_ : std::coroutine_handle<>      |
+ *   +-----------------------------------------------+
+ *   | + get_return_object() -> CoroTask              |
+ *   | + initial_suspend()   -> suspend_always (lazy) |
+ *   | + final_suspend()     -> FinalAwaiter          |
+ *   | + return_value(T)     -> stores in result_[1]  |
+ *   | + unhandled_exception -> stores in result_[2]  |
+ *   +-----------------------------------------------+
+ *            |  returns at final_suspend
+ *            v
+ *   FinalAwaiter  (same symmetric-transfer pattern as CoroTask<void>)
+ *
+ * Value Extraction
+ * ----------------
+ * await_resume() inspects the variant:
+ *   - index 2 (exception_ptr) -> rethrow
+ *   - index 1 (T)             -> return value via move
+ *
+ * Usage Examples
+ * ==============
+ *
+ * 1. Simple value return:
+ *
+ *      CoroTask<int> computeAnswer() { co_return 42; }
+ *
+ *      CoroTask<void> caller() {
+ *          int v = co_await computeAnswer();  // v == 42
+ *      }
+ *
+ * 2. Chaining value-returning coroutines:
+ *
+ *      CoroTask<int> add(int a, int b) { co_return a + b; }
+ *      CoroTask<int> doubleSum(int a, int b) {
+ *          int s = co_await add(a, b);
+ *          co_return s * 2;
+ *      }
+ *
+ * 3. Exception propagation from inner to outer:
+ *
+ *      CoroTask<int> failing() {
+ *          throw std::runtime_error("bad");
+ *          co_return 0;  // never reached
+ *      }
+ *      CoroTask<void> caller() {
+ *          try {
+ *              int v = co_await failing();  // throws here
+ *          } catch (std::runtime_error const& e) {
+ *              // e.what() == "bad"
+ *          }
+ *      }
+ *
+ * Caveats / Pitfalls (in addition to CoroTask<void> caveats above)
+ * ================================================================
+ *
+ * BUG-RISK: await_resume() moves the value out of the variant.
+ *   Calling co_await on the same CoroTask<T> instance twice is undefined
+ *   behavior -- the second call will see a moved-from T. CoroTask is
+ *   single-shot: one co_return, one co_await.
+ *
+ * BUG-RISK: T must be move-constructible.
+ *   return_value(T) takes by value and moves into the variant.
+ *   Types that are not movable cannot be used as T.
+ *
+ * LIMITATION: No co_yield support.
+ *   CoroTask<T> only supports a single co_return. It does not implement
+ *   yield_value(), so using co_yield inside a CoroTask<T> coroutine is a
+ *   compile error. For streaming values, a different return type
+ *   (e.g. Generator<T>) would be needed.
+ *
+ * LIMITATION: Result is only accessible via co_await.
+ *   There is no .get() or .result() method. The value can only be
+ *   extracted by co_await-ing the CoroTask<T> from inside another
+ *   coroutine. For extracting results in non-coroutine code, pass a
+ *   pointer to the caller and write through it (as the tests do).
+ */
+template <typename T>
+class CoroTask
+{
+    static_assert(
+        std::is_move_constructible_v<T>,
+        "CoroTask<T> requires T to be move-constructible");
+
+public:
+    struct promise_type;
+    using Handle = std::coroutine_handle<promise_type>;
+
+    /**
+     * Coroutine promise for value-returning coroutines.
+     * Stores the result as a variant: monostate (not yet set),
+     * T (co_return value), or exception_ptr (unhandled exception).
+     */
+    struct promise_type
+    {
+        // Tri-state result:
+        //   index 0 (monostate) -- coroutine has not yet completed
+        //   index 1 (T)         -- co_return value stored here
+        //   index 2 (exception) -- unhandled exception captured here
+        std::variant<std::monostate, T, std::exception_ptr> result_;
+
+        // Handle to the coroutine co_await-ing this task. Used by
+        // FinalAwaiter for symmetric transfer. Null for top-level tasks.
+        std::coroutine_handle<> continuation_;
+
+        /**
+         * Create the CoroTask return object.
+         * Called by the compiler at coroutine creation.
+         */
+        CoroTask
+        get_return_object()
+        {
+            return CoroTask{Handle::from_promise(*this)};
+        }
+
+        /**
+         * Lazy start. Coroutine body does not run until explicitly resumed.
+         */
+        std::suspend_always
+        initial_suspend() noexcept
+        {
+            return {};
+        }
+
+        /**
+         * Symmetric-transfer awaiter at coroutine completion.
+         * Same pattern as CoroTask<void>::FinalAwaiter.
+         */
+        struct FinalAwaiter
+        {
+            bool
+            await_ready() noexcept
+            {
+                return false;
+            }
+
+            /**
+             * Returns continuation for symmetric transfer, or
+             * noop_coroutine if this is a top-level task.
+             *
+             * @param h Handle to this completing coroutine
+             *
+             * @return Continuation handle, or noop_coroutine
+             */
+            std::coroutine_handle<>
+            await_suspend(Handle h) noexcept
+            {
+                if (auto cont = h.promise().continuation_)
+                    return cont;
+                return std::noop_coroutine();
+            }
+
+            void
+            await_resume() noexcept
+            {
+            }
+        };
+
+        FinalAwaiter
+        final_suspend() noexcept
+        {
+            return {};
+        }
+
+        /**
+         * Called by the compiler for `co_return value;`.
+         * Moves the value into result_ at index 1.
+         *
+         * @param value The value to store
+         */
+        void
+        return_value(T value)
+        {
+            result_.template emplace<1>(std::move(value));
+        }
+
+        /**
+         * Captures unhandled exceptions at index 2 of result_.
+         * Rethrown later in await_resume().
+         */
+        void
+        unhandled_exception()
+        {
+            result_.template emplace<2>(std::current_exception());
+        }
+    };
+
+    /**
+     * Default constructor. Creates an empty (null handle) task.
+     */
+    CoroTask() = default;
+
+    /**
+     * Takes ownership of a compiler-generated coroutine handle.
+     *
+     * @param h Coroutine handle to own
+     */
+    explicit CoroTask(Handle h) : handle_(h)
+    {
+    }
+
+    /**
+     * Destroys the coroutine frame if this task owns one.
+     */
+    ~CoroTask()
+    {
+        if (handle_)
+            handle_.destroy();
+    }
+
+    /**
+     * Move constructor. Transfers handle ownership, leaves other empty.
+     */
+    CoroTask(CoroTask&& other) noexcept : handle_(std::exchange(other.handle_, {}))
+    {
+    }
+
+    /**
+     * Move assignment. Destroys current frame (if any), takes other's.
+     */
+    CoroTask&
+    operator=(CoroTask&& other) noexcept
+    {
+        if (this != &other)
+        {
+            if (handle_)
+                handle_.destroy();
+            handle_ = std::exchange(other.handle_, {});
+        }
+        return *this;
+    }
+
+    CoroTask(CoroTask const&) = delete;
+    CoroTask&
+    operator=(CoroTask const&) = delete;
+
+    /**
+     * @return The underlying coroutine_handle
+     */
+    Handle
+    handle() const
+    {
+        return handle_;
+    }
+
+    /**
+     * @return true if the coroutine has run to completion (or thrown)
+     */
+    bool
+    done() const
+    {
+        return handle_ && handle_.done();
+    }
+
+    // -- Awaiter interface: allows `T val = co_await someCoroTask;` --
+
+    /**
+     * Always false. co_await always suspends to set up continuation.
+     */
+    bool
+    await_ready() const noexcept
+    {
+        return false;
+    }
+
+    /**
+     * Stores caller as continuation, returns our handle for
+     * symmetric transfer.
+     *
+     * @param caller Handle of the coroutine doing co_await on us
+     *
+     * @return Our handle for symmetric transfer
+     */
+    std::coroutine_handle<>
+    await_suspend(std::coroutine_handle<> caller) noexcept
+    {
+        XRPL_ASSERT(handle_, "xrpl::CoroTask<T>::await_suspend : handle is valid");
+        handle_.promise().continuation_ = caller;
+        return handle_;
+    }
+
+    /**
+     * Extracts the result: rethrows if exception, otherwise moves
+     * the T value out of the variant. Single-shot: calling twice
+     * on the same task is undefined (moved-from T).
+     *
+     * @return The co_return-ed value
+     */
+    T
+    await_resume()
+    {
+        XRPL_ASSERT(handle_, "xrpl::CoroTask<T>::await_resume : handle is valid");
+        auto& result = handle_.promise().result_;
+        if (auto* ep = std::get_if<2>(&result))
+            std::rethrow_exception(*ep);
+        return std::get<1>(std::move(result));
+    }
+
+private:
+    // Exclusively-owned coroutine handle. Null after move or default
+    // construction. Destroyed in the destructor.
+    Handle handle_;
+};
+
+}  // namespace xrpl

include/xrpl/core/CoroTaskRunner.ipp

@@ -0,0 +1,374 @@
+#pragma once
+
+/**
+ * @file CoroTaskRunner.ipp
+ *
+ * CoroTaskRunner inline implementation.
+ *
+ * This file contains the business logic for managing C++20 coroutines
+ * on the JobQueue. It is included at the bottom of JobQueue.h.
+ *
+ * Data Flow: suspend / post / resume cycle
+ * =========================================
+ *
+ *         coroutine body                 CoroTaskRunner              JobQueue
+ *         --------------                 --------------              --------
+ *              |
+ *    co_await runner->suspend()
+ *              |
+ *              +--- await_suspend ------> onSuspend()
+ *              |                            ++nSuspend_ ------------> nSuspend_
+ *              |                          [coroutine is now suspended]
+ *              |
+ *              .    (externally or by yieldAndPost())
+ *              .
+ *              +--- (caller calls) -----> post()
+ *              |                            ++runCount_
+ *              |                            addJob(resume) ----------> job enqueued
+ *              |                                                        |
+ *              |                                                      [worker picks up]
+ *              |                                                        |
+ *              +--- <----- resume() <-----------------------------------+
+ *              |             --nSuspend_ ------> nSuspend_
+ *              |             swap in LocalValues (lvs_)
+ *              |             task_.handle().resume()
+ *              |                |
+ *              |    [coroutine body continues here]
+ *              |                |
+ *              |             swap out LocalValues
+ *              |             --runCount_
+ *              |             cv_.notify_all()
+ *              v
+ *
+ * Thread Safety
+ * =============
+ * - mutex_     : guards task_.handle().resume() so that post()-before-suspend
+ *                races cannot resume the coroutine while it is still running.
+ *                (See the race condition discussion in JobQueue.h)
+ * - mutex_run_ : guards runCount_ counter; used by join() to wait until
+ *                all in-flight resume operations complete.
+ * - jq_.m_mutex: guards nSuspend_ increments/decrements.
+ *
+ * Common Mistakes When Modifying This File
+ * =========================================
+ *
+ * 1. Changing lock ordering.
+ *    resume() acquires locks sequentially (never held simultaneously):
+ *    jq_.m_mutex (released immediately), then mutex_ (held across resume),
+ *    then mutex_run_ (released after decrement). post() acquires only
+ *    mutex_run_. Any new code path must follow the same order.
+ *
+ * 2. Removing the shared_from_this() capture in post().
+ *    The lambda passed to addJob captures [this, sp = shared_from_this()].
+ *    If you remove sp, 'this' can be destroyed before the job runs,
+ *    causing use-after-free. The sp capture is load-bearing.
+ *
+ * 3. Forgetting to decrement nSuspend_ on a new code path.
+ *    Every ++nSuspend_ must have a matching --nSuspend_. If you add a new
+ *    suspension path (e.g. a new awaiter) and forget to decrement on resume
+ *    or on failure, JobQueue::stop() will hang.
+ *
+ * 4. Calling task_.handle().resume() without holding mutex_.
+ *    This allows a race where the coroutine runs on two threads
+ *    simultaneously. Always hold mutex_ around resume().
+ *
+ * 5. Swapping LocalValues outside of the mutex_ critical section.
+ *    The swap-in and swap-out of LocalValues must bracket the resume()
+ *    call. If you move the swap-out before the lock_guard(mutex_) is
+ *    released, you break LocalValue isolation for any code that runs
+ *    after the coroutine suspends but before the lock is dropped.
+ */
+
+namespace xrpl {
+
+/**
+ * Construct a CoroTaskRunner. Sets runCount_ to 0; does not
+ * create the coroutine. Call init() afterwards.
+ *
+ * @param jq   The JobQueue this coroutine will run on
+ * @param type Job type for scheduling priority
+ * @param name Human-readable name for logging
+ */
+inline JobQueue::CoroTaskRunner::CoroTaskRunner(
+    create_t,
+    JobQueue& jq,
+    JobType type,
+    std::string const& name)
+    : jq_(jq), type_(type), name_(name), runCount_(0)
+{
+}
+
+/**
+ * Initialize with a coroutine-returning callable.
+ * Stores the callable on the heap (FuncStore) so it outlives the
+ * coroutine frame. Coroutine frames store a reference to the
+ * callable's implicit object parameter (the lambda). If the callable
+ * is a temporary, that reference dangles after the caller returns.
+ * Keeping the callable alive here ensures the coroutine's captures
+ * remain valid.
+ *
+ * @param f Callable: CoroTask<void>(shared_ptr<CoroTaskRunner>)
+ */
+template <class F>
+void
+JobQueue::CoroTaskRunner::init(F&& f)
+{
+    using Fn = std::decay_t<F>;
+    auto store = std::make_unique<FuncStore<Fn>>(std::forward<F>(f));
+    task_ = store->func(shared_from_this());
+    storedFunc_ = std::move(store);
+}
+
+/**
+ * Destructor. Waits for any in-flight resume() to complete, then
+ * asserts (debug) that the coroutine has finished or
+ * expectEarlyExit() was called.
+ *
+ * The join() call is necessary because with async dispatch the
+ * coroutine runs on a worker thread. The gate signal (which wakes
+ * the test thread) can arrive before resume() has set finished_.
+ * join() synchronizes via mutex_run_, establishing a happens-before
+ * edge: finished_ = true -> unlock(mutex_run_) in resume() ->
+ * lock(mutex_run_) in join() -> read finished_.
+ */
+inline JobQueue::CoroTaskRunner::~CoroTaskRunner()
+{
+#ifndef NDEBUG
+    join();
+    XRPL_ASSERT(finished_, "xrpl::JobQueue::CoroTaskRunner::~CoroTaskRunner : is finished");
+#endif
+}
+
+/**
+ * Increment the JobQueue's suspended-coroutine count (nSuspend_).
+ */
+inline void
+JobQueue::CoroTaskRunner::onSuspend()
+{
+    std::lock_guard lock(jq_.m_mutex);
+    ++jq_.nSuspend_;
+}
+
+/**
+ * Decrement nSuspend_ without resuming.
+ */
+inline void
+JobQueue::CoroTaskRunner::onUndoSuspend()
+{
+    std::lock_guard lock(jq_.m_mutex);
+    --jq_.nSuspend_;
+}
+
+/**
+ * Return a SuspendAwaiter whose await_suspend() increments nSuspend_
+ * before the coroutine actually suspends. The caller must later call
+ * post() or resume() to continue execution.
+ *
+ * @return Awaiter for use with `co_await runner->suspend()`
+ */
+inline auto
+JobQueue::CoroTaskRunner::suspend()
+{
+    /**
+     * Custom awaiter for suspend(). Always suspends (await_ready
+     * returns false) and increments nSuspend_ in await_suspend().
+     */
+    struct SuspendAwaiter
+    {
+        CoroTaskRunner& runner_;  // The runner that owns this coroutine.
+
+        /**
+         * Always returns false so the coroutine suspends.
+         */
+        bool
+        await_ready() const noexcept
+        {
+            return false;
+        }
+
+        /**
+         * Called when the coroutine suspends. Increments nSuspend_
+         * so the JobQueue knows a coroutine is waiting.
+         */
+        void
+        await_suspend(std::coroutine_handle<>) const
+        {
+            runner_.onSuspend();
+        }
+
+        void
+        await_resume() const noexcept
+        {
+        }
+    };
+    return SuspendAwaiter{*this};
+}
+
+/**
+ * Suspend and immediately repost on the JobQueue. Equivalent to
+ * `co_await JobQueueAwaiter{runner}` but uses an inline struct
+ * to work around a GCC-12 codegen bug (see declaration in JobQueue.h).
+ *
+ * If the JobQueue is stopping (post fails), the suspend count is
+ * undone and the coroutine is resumed immediately via h.resume().
+ *
+ * @return An inline YieldPostAwaiter
+ */
+inline auto
+JobQueue::CoroTaskRunner::yieldAndPost()
+{
+    struct YieldPostAwaiter
+    {
+        CoroTaskRunner& runner_;
+
+        bool
+        await_ready() const noexcept
+        {
+            return false;
+        }
+
+        void
+        await_suspend(std::coroutine_handle<> h)
+        {
+            runner_.onSuspend();
+            if (!runner_.post())
+            {
+                runner_.onUndoSuspend();
+                h.resume();
+            }
+        }
+
+        void
+        await_resume() const noexcept
+        {
+        }
+    };
+    return YieldPostAwaiter{*this};
+}
+
+/**
+ * Schedule coroutine resumption as a job on the JobQueue.
+ * A shared_ptr capture (sp) prevents this CoroTaskRunner from being
+ * destroyed while the job is queued but not yet executed.
+ *
+ * @return false if the JobQueue rejected the job (shutting down)
+ */
+inline bool
+JobQueue::CoroTaskRunner::post()
+{
+    {
+        std::lock_guard lk(mutex_run_);
+        ++runCount_;
+    }
+
+    // sp prevents 'this' from being destroyed while the job is pending
+    if (jq_.addJob(type_, name_, [this, sp = shared_from_this()]() { resume(); }))
+    {
+        return true;
+    }
+
+    // The coroutine will not run. Undo the runCount_ increment.
+    std::lock_guard lk(mutex_run_);
+    --runCount_;
+    cv_.notify_all();
+    return false;
+}
+
+/**
+ * Resume the coroutine on the current thread.
+ *
+ * Steps:
+ *   1. Decrement nSuspend_ (under jq_.m_mutex)
+ *   2. Swap in this coroutine's LocalValues for thread-local isolation
+ *   3. Resume the coroutine handle (under mutex_)
+ *   4. Swap out LocalValues, restoring the thread's previous state
+ *   5. Decrement runCount_ and notify join() waiters
+ *
+ * @pre post() must have been called before resume(). Direct calls
+ *      without a prior post() will corrupt runCount_ and break join().
+ * Note: runCount_ is NOT incremented here — post() already did that.
+ * This ensures join() stays blocked for the entire post->resume lifetime.
+ */
+inline void
+JobQueue::CoroTaskRunner::resume()
+{
+    {
+        std::lock_guard lock(jq_.m_mutex);
+        --jq_.nSuspend_;
+    }
+    auto saved = detail::getLocalValues().release();
+    detail::getLocalValues().reset(&lvs_);
+    std::lock_guard lock(mutex_);
+    XRPL_ASSERT(
+        task_.handle() && !task_.done(),
+        "xrpl::JobQueue::CoroTaskRunner::resume : task handle is valid and not done");
+    task_.handle().resume();
+    detail::getLocalValues().release();
+    detail::getLocalValues().reset(saved);
+    if (task_.done())
+    {
+        finished_ = true;
+        // Break the shared_ptr cycle: frame -> shared_ptr<runner> -> this.
+        // Use std::move (not task_ = {}) so task_.handle_ is null BEFORE the
+        // frame is destroyed. operator= would destroy the frame while handle_
+        // still holds the old value -- a re-entrancy hazard on GCC-12 if
+        // frame destruction triggers runner cleanup.
+        [[maybe_unused]] auto completed = std::move(task_);
+    }
+    std::lock_guard lk(mutex_run_);
+    --runCount_;
+    cv_.notify_all();
+}
+
+/**
+ * @return true if the coroutine has not yet run to completion
+ */
+inline bool
+JobQueue::CoroTaskRunner::runnable() const
+{
+    // After normal completion, task_ is reset to break the shared_ptr cycle
+    // (handle_ becomes null). A null handle means the coroutine is done.
+    return task_.handle() && !task_.done();
+}
+
+/**
+ * Handle early termination when the coroutine never ran (e.g. JobQueue
+ * is stopping). Decrements nSuspend_ and destroys the coroutine frame
+ * to break the shared_ptr cycle: frame -> lambda -> runner -> frame.
+ */
+inline void
+JobQueue::CoroTaskRunner::expectEarlyExit()
+{
+    if (!finished_)
+    {
+        std::lock_guard lock(jq_.m_mutex);
+        --jq_.nSuspend_;
+        finished_ = true;
+    }
+    // Break the shared_ptr cycle: frame -> shared_ptr<runner> -> this.
+    // The coroutine is at initial_suspend and never ran user code, so
+    // destroying it is safe. Use std::move (not task_ = {}) so
+    // task_.handle_ is null before the frame is destroyed.
+    {
+        [[maybe_unused]] auto completed = std::move(task_);
+    }
+    storedFunc_.reset();
+}
+
+/**
+ * Block until all pending/active resume operations complete.
+ * Uses cv_ + mutex_run_ to wait until runCount_ reaches 0 or
+ * finished_ becomes true. The finished_ check handles the case
+ * where resume() is called directly (without post()), which
+ * decrements runCount_ below zero. In that scenario runCount_
+ * never returns to 0, but finished_ becoming true guarantees
+ * the coroutine is done and no more resumes will occur.
+ */
+inline void
+JobQueue::CoroTaskRunner::join()
+{
+    std::unique_lock<std::mutex> lk(mutex_run_);
+    cv_.wait(lk, [this]() { return runCount_ == 0 || finished_; });
+}
+
+}  // namespace xrpl

include/xrpl/core/JobQueue.h

@@ -2,13 +2,16 @@
 
 #include <xrpl/basics/LocalValue.h>
 #include <xrpl/core/ClosureCounter.h>
+#include <xrpl/core/CoroTask.h>
 #include <xrpl/core/JobTypeData.h>
 #include <xrpl/core/JobTypes.h>
 #include <xrpl/core/detail/Workers.h>
 #include <xrpl/json/json_value.h>
 
-#include <boost/coroutine/all.hpp>
+#include <boost/context/protected_fixedsize_stack.hpp>
+#include <boost/coroutine2/all.hpp>
 
+#include <coroutine>
 #include <set>
 
 namespace xrpl {
@@ -48,8 +51,8 @@ public:
         std::mutex mutex_;
         std::mutex mutex_run_;
         std::condition_variable cv_;
-        boost::coroutines::asymmetric_coroutine<void>::pull_type coro_;
-        boost::coroutines::asymmetric_coroutine<void>::push_type* yield_;
+        boost::coroutines2::coroutine<void>::pull_type coro_;
+        boost::coroutines2::coroutine<void>::push_type* yield_;
 #ifndef NDEBUG
         bool finished_ = false;
 #endif
@@ -119,6 +122,419 @@ public:
         join();
     };
 
+    /** C++20 coroutine lifecycle manager. Replaces Coro for new code.
+     *
+     *  Class / Inheritance / Dependency Diagram
+     *  =========================================
+     *
+     *  std::enable_shared_from_this<CoroTaskRunner>
+     *            ^
+     *            | (public inheritance)
+     *            |
+     *  CoroTaskRunner
+     *  +---------------------------------------------------+
+     *  | - lvs_         : detail::LocalValues               |
+     *  | - jq_          : JobQueue&                         |
+     *  | - type_        : JobType                           |
+     *  | - name_        : std::string                       |
+     *  | - runCount_    : int         (in-flight resumes)    |
+     *  | - mutex_       : std::mutex      (coroutine guard) |
+     *  | - mutex_run_   : std::mutex      (join guard)      |
+     *  | - cv_          : condition_variable                 |
+     *  | - task_        : CoroTask<void>                    |
+     *  | - storedFunc_  : unique_ptr<FuncBase> (type-erased)|
+     *  +---------------------------------------------------+
+     *  | + init(F&&)         : set up coroutine callable    |
+     *  | + onSuspend()       : ++jq_.nSuspend_              |
+     *  | + onUndoSuspend()   : --jq_.nSuspend_              |
+     *  | + suspend()         : returns SuspendAwaiter       |
+     *  | + post()            : schedule resume on JobQueue  |
+     *  | + resume()          : resume coroutine on caller   |
+     *  | + runnable()        : !task_.done()                |
+     *  | + expectEarlyExit() : teardown for failed post     |
+     *  | + join()            : block until not running       |
+     *  +---------------------------------------------------+
+     *          |                          |
+     *          | owns                     | references
+     *          v                          v
+     *    CoroTask<void>             JobQueue
+     *    (coroutine frame)          (thread pool + nSuspend_)
+     *
+     *    FuncBase / FuncStore<F>    (type-erased heap storage
+     *                                for the coroutine lambda)
+     *
+     *  Coroutine Lifecycle (Control Flow)
+     *  ===================================
+     *
+     *  Caller thread              JobQueue worker thread
+     *  -------------              ----------------------
+     *  postCoroTask(f)
+     *    |
+     *    +-- check stopping_ (reject if JQ shutting down)
+     *    +-- ++nSuspend_  (lazy start counts as suspended)
+     *    +-- make_shared<CoroTaskRunner>
+     *    +-- init(f)
+     *    |     +-- store lambda on heap (FuncStore)
+     *    |     +-- task_ = f(shared_from_this())
+     *    |           [coroutine created, suspended at initial_suspend]
+     *    +-- post()
+     *    |     +-- ++runCount_
+     *    |     +-- addJob(type_, [resume]{})
+     *    |                                    resume()
+     *    |                                      |
+     *    |                                      +-- --nSuspend_
+     *    |                                      +-- swap in LocalValues
+     *    |                                      +-- task_.handle().resume()
+     *    |                                      |     [coroutine body runs]
+     *    |                                      |     ...
+     *    |                                      |     co_await suspend()
+     *    |                                      |       +-- ++nSuspend_
+     *    |                                      |       [coroutine suspends]
+     *    |                                      +-- swap out LocalValues
+     *    |                                      +-- --runCount_
+     *    |                                      +-- cv_.notify_all()
+     *    |
+     *  post()  <-- called externally or by yieldAndPost()
+     *    +-- ++runCount_
+     *    +-- addJob(type_, [resume]{})
+     *                                         resume()
+     *                                           |
+     *                                           +-- [coroutine body continues]
+     *                                           +-- co_return
+     *                                           +-- --runCount_
+     *                                           +-- cv_.notify_all()
+     *  join()
+     *    +-- cv_.wait([]{runCount_ == 0})
+     *    +-- [done]
+     *
+     *  Usage Examples
+     *  ==============
+     *
+     *  1. Fire-and-forget coroutine (most common pattern):
+     *
+     *      jq.postCoroTask(jtCLIENT, "MyWork",
+     *          [](auto runner) -> CoroTask<void> {
+     *              doSomeWork();
+     *              co_await runner->suspend();  // yield to other jobs
+     *              doMoreWork();
+     *              co_return;
+     *          });
+     *
+     *  2. Manually controlling suspend / resume (external trigger):
+     *
+     *      auto runner = jq.postCoroTask(jtCLIENT, "ExtTrigger",
+     *          [&result](auto runner) -> CoroTask<void> {
+     *              startAsyncOperation(callback);
+     *              co_await runner->suspend();
+     *              // callback called runner->post() to get here
+     *              result = collectResult();
+     *              co_return;
+     *          });
+     *      // ... later, from the callback:
+     *      runner->post();   // reschedule the coroutine on the JobQueue
+     *
+     *  3. Using yieldAndPost() for automatic suspend + repost:
+     *
+     *      jq.postCoroTask(jtCLIENT, "AutoRepost",
+     *          [](auto runner) -> CoroTask<void> {
+     *              step1();
+     *              co_await runner->yieldAndPost();  // yield + auto-repost
+     *              step2();
+     *              co_await runner->yieldAndPost();
+     *              step3();
+     *              co_return;
+     *          });
+     *
+     *  4. Checking shutdown after co_await (cooperative cancellation):
+     *
+     *      jq.postCoroTask(jtCLIENT, "Cancellable",
+     *          [&jq](auto runner) -> CoroTask<void> {
+     *              while (moreWork()) {
+     *                  co_await runner->yieldAndPost();
+     *                  if (jq.isStopping())
+     *                      co_return;  // bail out cleanly
+     *                  processNextItem();
+     *              }
+     *              co_return;
+     *          });
+     *
+     *  Caveats / Pitfalls
+     *  ==================
+     *
+     *  BUG-RISK: Calling suspend() without a matching post()/resume().
+     *    After co_await runner->suspend(), the coroutine is parked and
+     *    nSuspend_ is incremented.  If nothing ever calls post() or
+     *    resume(), the coroutine is leaked and JobQueue::stop() will
+     *    hang forever waiting for nSuspend_ to reach zero.
+     *
+     *  BUG-RISK: Calling post() on an already-running coroutine.
+     *    post() schedules a resume() job.  If the coroutine has not
+     *    actually suspended yet (no co_await executed), the resume job
+     *    will try to call handle().resume() while the coroutine is still
+     *    running on another thread.  This is UB.  The mutex_ prevents
+     *    data corruption but the logic is wrong — always co_await
+     *    suspend() before calling post().  (The test incorrect_order()
+     *    shows this works only because mutex_ serializes the calls.)
+     *
+     *  BUG-RISK: Dropping the shared_ptr<CoroTaskRunner> before join().
+     *    The CoroTaskRunner destructor asserts that finished_ is true
+     *    (the coroutine completed). If you let the last shared_ptr die
+     *    while the coroutine is still running or suspended, you get an
+     *    assertion failure in debug and UB in release.  Always call
+     *    join() or expectEarlyExit() first.
+     *
+     *  BUG-RISK: Lambda captures outliving the coroutine frame.
+     *    The lambda passed to postCoroTask is heap-allocated (FuncStore)
+     *    to prevent dangling.  But objects captured by pointer still need
+     *    their own lifetime management.  If you capture a raw pointer to
+     *    a stack variable, and the stack frame exits before the coroutine
+     *    finishes, the pointer dangles.  Use shared_ptr or ensure the
+     *    pointed-to object outlives the coroutine.
+     *
+     *  BUG-RISK: Forgetting co_return in a void coroutine.
+     *    If the coroutine body falls off the end without co_return,
+     *    the compiler may silently treat it as co_return (per standard),
+     *    but some compilers warn.  Always write explicit co_return.
+     *
+     *  LIMITATION: CoroTaskRunner only supports CoroTask<void>.
+     *    The task_ member is CoroTask<void>.  To return values from
+     *    the top-level coroutine, write through a captured pointer
+     *    (as the tests demonstrate), or co_await inner CoroTask<T>
+     *    coroutines that return values.
+     *
+     *  LIMITATION: One coroutine per CoroTaskRunner.
+     *    init() must be called exactly once.  You cannot reuse a
+     *    CoroTaskRunner to run a second coroutine.  Create a new one
+     *    via postCoroTask() instead.
+     *
+     *  LIMITATION: No timeout on join().
+     *    join() blocks indefinitely.  If the coroutine is suspended
+     *    and never posted, join() will deadlock.  Use timed waits
+     *    on the gate pattern (condition_variable + wait_for) in tests.
+     */
+    class CoroTaskRunner : public std::enable_shared_from_this<CoroTaskRunner>
+    {
+    private:
+        // Per-coroutine thread-local storage. Swapped in before resume()
+        // and swapped out after, so each coroutine sees its own LocalValue
+        // state regardless of which worker thread executes it.
+        detail::LocalValues lvs_;
+
+        // Back-reference to the owning JobQueue. Used to post jobs,
+        // increment/decrement nSuspend_, and acquire jq_.m_mutex.
+        JobQueue& jq_;
+
+        // Job type passed to addJob() when posting this coroutine.
+        JobType type_;
+
+        // Human-readable name for this coroutine job (for logging).
+        std::string name_;
+
+        // Number of in-flight resume operations (pending + active).
+        // Incremented by post(), decremented when resume() finishes.
+        // Guarded by mutex_run_. join() blocks until this reaches 0.
+        //
+        // A counter (not a bool) is needed because post() can be called
+        // from within the coroutine body (e.g. via yieldAndPost()),
+        // enqueuing a second resume while the first is still running.
+        // A bool would be clobbered: R2.post() sets true, then R1's
+        // cleanup sets false — losing the fact that R2 is still pending.
+        int runCount_;
+
+        // Serializes all coroutine resume() calls, preventing concurrent
+        // execution of the coroutine body on multiple threads. Handles the
+        // race where post() enqueues a resume before the coroutine has
+        // actually suspended (post-before-suspend pattern).
+        std::mutex mutex_;
+
+        // Guards runCount_. Used with cv_ for join() to wait
+        // until all pending/active resume operations complete.
+        std::mutex mutex_run_;
+
+        // Notified when runCount_ reaches zero, allowing
+        // join() waiters to wake up.
+        std::condition_variable cv_;
+
+        // The coroutine handle wrapper. Owns the coroutine frame.
+        // Set by init(). Reset to empty in resume() upon coroutine
+        // completion (to break the shared_ptr cycle) or in
+        // expectEarlyExit() on early termination.
+        CoroTask<void> task_;
+
+        /**
+         * Type-erased base for heap-stored callables.
+         * Prevents the coroutine lambda from being destroyed before
+         * the coroutine frame is done with it.
+         *
+         * @see FuncStore
+         */
+        struct FuncBase
+        {
+            virtual ~FuncBase() = default;
+        };
+
+        /**
+         * Concrete type-erased storage for a callable of type F.
+         * The coroutine frame stores a reference to the lambda's implicit
+         * object parameter. If the lambda is a temporary, that reference
+         * dangles after the call returns. FuncStore keeps it alive on
+         * the heap for the lifetime of the CoroTaskRunner.
+         */
+        template <class F>
+        struct FuncStore : FuncBase
+        {
+            F func;  // The stored callable (coroutine lambda).
+            explicit FuncStore(F&& f) : func(std::move(f))
+            {
+            }
+        };
+
+        // Heap-allocated callable storage. Set by init(), ensures the
+        // lambda outlives the coroutine frame that references it.
+        std::unique_ptr<FuncBase> storedFunc_;
+
+        // True once the coroutine has completed or expectEarlyExit() was
+        // called. Asserted in the destructor (debug) to catch leaked
+        // runners. Available in all builds to guard expectEarlyExit()
+        // against double-decrementing nSuspend_.
+        bool finished_ = false;
+
+    public:
+        /**
+         * Tag type for private construction. Prevents external code
+         * from constructing CoroTaskRunner directly. Use postCoroTask().
+         */
+        struct create_t
+        {
+            explicit create_t() = default;
+        };
+
+        /**
+         * Construct a CoroTaskRunner. Private by convention (create_t tag).
+         *
+         * @param jq   The JobQueue this coroutine will run on
+         * @param type Job type for scheduling priority
+         * @param name Human-readable name for logging
+         */
+        CoroTaskRunner(create_t, JobQueue&, JobType, std::string const&);
+
+        CoroTaskRunner(CoroTaskRunner const&) = delete;
+        CoroTaskRunner&
+        operator=(CoroTaskRunner const&) = delete;
+
+        /**
+         * Destructor. Asserts (debug) that the coroutine has finished
+         * or expectEarlyExit() was called.
+         */
+        ~CoroTaskRunner();
+
+        /**
+         * Initialize with a coroutine-returning callable.
+         * Must be called exactly once, after the object is managed by
+         * shared_ptr (because init uses shared_from_this internally).
+         * This is handled automatically by postCoroTask().
+         *
+         * @param f Callable: CoroTask<void>(shared_ptr<CoroTaskRunner>)
+         */
+        template <class F>
+        void
+        init(F&& f);
+
+        /**
+         * Increment the JobQueue's suspended-coroutine count (nSuspend_).
+         * Called when the coroutine is about to suspend. Every call
+         * must be balanced by a corresponding decrement (via resume()
+         * or onUndoSuspend()), or JobQueue::stop() will hang.
+         */
+        void
+        onSuspend();
+
+        /**
+         * Decrement nSuspend_ without resuming.
+         * Used to undo onSuspend() when a scheduled post() fails
+         * (e.g. JobQueue is stopping).
+         */
+        void
+        onUndoSuspend();
+
+        /**
+         * Suspend the coroutine.
+         * The awaiter's await_suspend() increments nSuspend_ before the
+         * coroutine actually suspends. The caller must later call post()
+         * or resume() to continue execution.
+         *
+         * @return An awaiter for use with `co_await runner->suspend()`
+         */
+        auto
+        suspend();
+
+        /**
+         * Suspend the coroutine and immediately repost it on the
+         * JobQueue. Combines suspend() + post() atomically inside
+         * await_suspend, so there is no window where an external
+         * event could race between the two.
+         *
+         * Equivalent to JobQueueAwaiter but defined as an inline
+         * awaiter returned from a member function. This avoids a
+         * GCC-12 coroutine codegen bug where an external awaiter
+         * struct (JobQueueAwaiter) used at multiple co_await points
+         * corrupts the coroutine state machine's resume index,
+         * causing the coroutine to hang on the third resumption.
+         *
+         * @return An awaiter for use with `co_await runner->yieldAndPost()`
+         */
+        auto
+        yieldAndPost();
+
+        /**
+         * Schedule coroutine resumption as a job on the JobQueue.
+         * Captures shared_from_this() to prevent this runner from being
+         * destroyed while the job is queued.
+         *
+         * @return true if the job was accepted; false if the JobQueue
+         *         is stopping (caller must handle cleanup)
+         */
+        bool
+        post();
+
+        /**
+         * Resume the coroutine on the current thread.
+         * Decrements nSuspend_, swaps in LocalValues, resumes the
+         * coroutine handle, swaps out LocalValues, and notifies join()
+         * waiters. Lock ordering (sequential, non-overlapping):
+         * jq_.m_mutex -> mutex_ -> mutex_run_.
+         *
+         * @pre post() must have been called before resume(). Direct
+         *      calls without a prior post() will corrupt runCount_
+         *      and break join().
+         */
+        void
+        resume();
+
+        /**
+         * @return true if the coroutine has not yet run to completion
+         */
+        bool
+        runnable() const;
+
+        /**
+         * Handle early termination when the coroutine never ran.
+         * Decrements nSuspend_ and destroys the coroutine frame to
+         * break the shared_ptr cycle (frame -> lambda -> runner -> frame).
+         * Called by postCoroTask() when post() fails.
+         */
+        void
+        expectEarlyExit();
+
+        /**
+         * Block until all pending/active resume operations complete.
+         * Uses cv_ + mutex_run_ to wait until runCount_ reaches 0.
+         * Warning: deadlocks if the coroutine is suspended and never posted.
+         */
+        void
+        join();
+    };
+
     using JobFunction = std::function<void()>;
 
     JobQueue(
@@ -165,6 +581,19 @@ public:
     std::shared_ptr<Coro>
     postCoro(JobType t, std::string const& name, F&& f);
 
+    /** Creates a C++20 coroutine and adds a job to the queue to run it.
+
+        @param t The type of job.
+        @param name Name of the job.
+        @param f Callable with signature
+            CoroTask<void>(std::shared_ptr<CoroTaskRunner>).
+
+        @return shared_ptr to posted CoroTaskRunner. nullptr if not successful.
+    */
+    template <class F>
+    std::shared_ptr<CoroTaskRunner>
+    postCoroTask(JobType t, std::string const& name, F&& f);
+
     /** Jobs waiting at this priority.
      */
     int
@@ -315,7 +744,7 @@ private:
     // Returns the limit of running jobs for the given job type.
     // For jobs with no limit, we return the largest int. Hopefully that
     // will be enough.
-    int
+    static int
     getJobLimit(JobType type);
 };
 
@@ -379,6 +808,7 @@ private:
 }  // namespace xrpl
 
 #include <xrpl/core/Coro.ipp>
+#include <xrpl/core/CoroTaskRunner.ipp>
 
 namespace xrpl {
 
@@ -401,4 +831,69 @@ JobQueue::postCoro(JobType t, std::string const& name, F&& f)
     return coro;
 }
 
+// postCoroTask — entry point for launching a C++20 coroutine on the JobQueue.
+//
+// Control Flow
+// ============
+//
+//   postCoroTask(t, name, f)
+//     |
+//     +-- 1. Check stopping_ — reject if JQ shutting down
+//     |
+//     +-- 2. ++nSuspend_   (mirrors Boost Coro ctor's implicit yield)
+//     |        The coroutine is "suspended" from the JobQueue's perspective
+//     |        even though it hasn't run yet — this keeps the JQ shutdown
+//     |        logic correct (it waits for nSuspend_ to reach 0).
+//     |
+//     +-- 3. Create CoroTaskRunner (shared_ptr, ref-counted)
+//     |
+//     +-- 4. runner->init(f)
+//     |        +-- Heap-allocate the lambda (FuncStore) to prevent
+//     |        |   dangling captures in the coroutine frame
+//     |        +-- task_ = f(shared_from_this())
+//     |              [coroutine created but NOT started — lazy initial_suspend]
+//     |
+//     +-- 5. runner->post()
+//     |        +-- addJob(type_, [resume]{})   → resume on worker thread
+//     |        +-- failure (JQ stopping):
+//     |              +-- runner->expectEarlyExit()
+//     |              |     --nSuspend_, destroy coroutine frame
+//     |              +-- return nullptr
+//
+// Why async post() instead of synchronous resume()?
+// ==================================================
+// The initial dispatch MUST use async post() so the coroutine body runs on
+// a JobQueue worker thread, not the caller's thread.  resume() swaps the
+// caller's thread-local LocalValues with the coroutine's private copy.
+// If the coroutine mutates LocalValues (e.g. thread_specific_storage test),
+// those mutations bleed back into the caller's thread-local state after the
+// swap-out, corrupting subsequent tests that share the same thread pool.
+// Async post() avoids this by running the coroutine on a worker thread whose
+// LocalValues are managed by the thread pool, not by the caller.
+//
+template <class F>
+std::shared_ptr<JobQueue::CoroTaskRunner>
+JobQueue::postCoroTask(JobType t, std::string const& name, F&& f)
+{
+    // Reject if the JQ is shutting down — matches addJob()'s stopping_ check.
+    // Must check before incrementing nSuspend_ to avoid leaving an orphan
+    // count that would cause stop() to hang.
+    if (stopping_)
+        return nullptr;
+
+    {
+        std::lock_guard lock(m_mutex);
+        ++nSuspend_;
+    }
+
+    auto runner = std::make_shared<CoroTaskRunner>(CoroTaskRunner::create_t{}, *this, t, name);
+    runner->init(std::forward<F>(f));
+    if (!runner->post())
+    {
+        runner->expectEarlyExit();
+        runner.reset();
+    }
+    return runner;
+}
+
 }  // namespace xrpl

include/xrpl/core/JobQueueAwaiter.h

@@ -0,0 +1,206 @@
+#pragma once
+
+#include <xrpl/core/JobQueue.h>
+
+#include <coroutine>
+#include <memory>
+
+namespace xrpl {
+
+/**
+ * Awaiter that suspends and immediately reschedules on the JobQueue.
+ * Equivalent to calling yield() followed by post() in the old Coro API.
+ *
+ * Usage:
+ *     co_await JobQueueAwaiter{runner};
+ *
+ * What it waits for: The coroutine is re-queued as a job and resumes
+ * when a worker thread picks it up.
+ *
+ * Which thread resumes: A JobQueue worker thread.
+ *
+ * What await_resume() returns: void.
+ *
+ * Dependency Diagram
+ * ==================
+ *
+ *   JobQueueAwaiter
+ *   +----------------------------------------------+
+ *   | + runner : shared_ptr<CoroTaskRunner>         |
+ *   +----------------------------------------------+
+ *   | + await_ready()   -> false (always suspend)   |
+ *   | + await_suspend() -> bool (suspend or cancel) |
+ *   | + await_resume()  -> void                     |
+ *   +----------------------------------------------+
+ *          |                         |
+ *          | uses                    | uses
+ *          v                         v
+ *   CoroTaskRunner              JobQueue
+ *   .onSuspend()                (via runner->post() -> addJob)
+ *   .onUndoSuspend()
+ *   .post()
+ *
+ * Control Flow (await_suspend)
+ * ============================
+ *
+ *   co_await JobQueueAwaiter{runner}
+ *     |
+ *     +-- await_ready() -> false
+ *     +-- await_suspend(handle)
+ *           |
+ *           +-- runner->onSuspend()     // ++nSuspend_
+ *           +-- runner->post()          // addJob to JobQueue
+ *           |     |
+ *           |     +-- success? return noop_coroutine()
+ *           |     |     // coroutine stays suspended;
+ *           |     |     // worker thread will call resume()
+ *           |     +-- failure? (JQ stopping)
+ *           |           +-- runner->onUndoSuspend()  // --nSuspend_
+ *           |           +-- return handle  // symmetric transfer back
+ *           |                              // coroutine continues immediately
+ *           |                              // so it can clean up and co_return
+ *
+ * DEPRECATED — prefer `co_await runner->yieldAndPost()`
+ * =====================================================
+ *
+ * GCC-12 has a coroutine codegen bug where using this external awaiter
+ * struct at multiple co_await points in the same coroutine corrupts the
+ * state machine's resume index. After the second co_await, the third
+ * resumption enters handle().resume() but never reaches await_resume()
+ * or any subsequent user code — the coroutine hangs indefinitely.
+ *
+ * The fix is `co_await runner->yieldAndPost()`, which defines the
+ * awaiter as an inline struct inside a CoroTaskRunner member function.
+ * GCC-12 handles inline awaiters correctly at multiple co_await points.
+ *
+ * This struct is retained for single-use scenarios and documentation
+ * purposes. For any code that may use co_await in a loop or at
+ * multiple points, always use `runner->yieldAndPost()`.
+ *
+ * Usage Examples
+ * ==============
+ *
+ * 1. Yield and auto-repost (preferred — works on all compilers):
+ *
+ *     CoroTask<void> handler(auto runner) {
+ *         doPartA();
+ *         co_await runner->yieldAndPost();   // yield + repost
+ *         doPartB();                         // runs on a worker thread
+ *         co_return;
+ *     }
+ *
+ * 2. Multiple yield points in a loop:
+ *
+ *     CoroTask<void> batchProcessor(auto runner) {
+ *         for (auto& item : items) {
+ *             process(item);
+ *             co_await runner->yieldAndPost();  // let other jobs run
+ *         }
+ *         co_return;
+ *     }
+ *
+ * 3. Graceful shutdown — checking after resume:
+ *
+ *     CoroTask<void> longTask(auto runner, JobQueue& jq) {
+ *         while (hasWork()) {
+ *             co_await runner->yieldAndPost();
+ *             // If JQ is stopping, await_suspend resumes the coroutine
+ *             // immediately without re-queuing. Always check
+ *             // isStopping() to decide whether to proceed:
+ *             if (jq.isStopping())
+ *                 co_return;
+ *             doNextChunk();
+ *         }
+ *         co_return;
+ *     }
+ *
+ * Caveats / Pitfalls
+ * ==================
+ *
+ * BUG-RISK: Using a stale or null runner.
+ *   The runner shared_ptr must be valid and point to the CoroTaskRunner
+ *   that owns the coroutine currently executing. Passing a runner from
+ *   a different coroutine, or a default-constructed shared_ptr, is UB.
+ *
+ * BUG-RISK: Assuming resume happens on the same thread.
+ *   After co_await, the coroutine resumes on whatever worker thread
+ *   picks up the job. Do not rely on thread-local state unless it is
+ *   managed through LocalValue (which CoroTaskRunner automatically
+ *   swaps in/out).
+ *
+ * BUG-RISK: Ignoring the shutdown path.
+ *   When the JobQueue is stopping, post() fails and await_suspend()
+ *   resumes the coroutine immediately (symmetric transfer back to h).
+ *   The coroutine body continues on the same thread. If your code
+ *   after co_await assumes it was re-queued and is running on a worker
+ *   thread, that assumption breaks during shutdown. Always handle the
+ *   "JQ is stopping" case, either by checking jq.isStopping() or by
+ *   letting the coroutine fall through to co_return naturally.
+ *
+ * DIFFERENCE from runner->suspend() + runner->post():
+ *   Both JobQueueAwaiter and yieldAndPost() combine suspend + post
+ *   in one atomic operation. With the manual suspend()/post() pattern,
+ *   there is a window between the two calls where an external event
+ *   could race. The atomic awaiters remove that window — onSuspend()
+ *   and post() happen within the same await_suspend() call while the
+ *   coroutine is guaranteed to be suspended. Use yieldAndPost() unless
+ *   you need an external party to decide *when* to call post().
+ */
+struct JobQueueAwaiter
+{
+    // The CoroTaskRunner that owns the currently executing coroutine.
+    std::shared_ptr<JobQueue::CoroTaskRunner> runner;
+
+    /**
+     * Always returns false so the coroutine suspends.
+     */
+    bool
+    await_ready() const noexcept
+    {
+        return false;
+    }
+
+    /**
+     * Increment nSuspend (equivalent to yield()) and schedule resume
+     * on the JobQueue (equivalent to post()). If the JobQueue is
+     * stopping, undoes the suspend count and transfers back to the
+     * coroutine so it can clean up and co_return.
+     *
+     * Returns a coroutine_handle<> (symmetric transfer) instead of
+     * bool to work around a GCC-12 codegen bug where bool-returning
+     * await_suspend leaves the coroutine in an invalid state —
+     * neither properly suspended nor resumed — causing a hang.
+     *
+     * WARNING: GCC-12 has an additional codegen bug where using this
+     * external awaiter struct at multiple co_await points in the same
+     * coroutine corrupts the state machine's resume index, causing the
+     * coroutine to hang on the third resumption. Prefer
+     * `co_await runner->yieldAndPost()` which uses an inline awaiter
+     * that GCC-12 handles correctly.
+     *
+     * @return noop_coroutine() to stay suspended (job posted);
+     *         the caller's handle to resume immediately (JQ stopping)
+     */
+    std::coroutine_handle<>
+    await_suspend(std::coroutine_handle<> h)
+    {
+        XRPL_ASSERT(runner, "xrpl::JobQueueAwaiter::await_suspend : runner is valid");
+        runner->onSuspend();
+        if (!runner->post())
+        {
+            // JobQueue is stopping. Undo the suspend count and
+            // transfer back to the coroutine so it can clean up
+            // and co_return.
+            runner->onUndoSuspend();
+            return h;
+        }
+        return std::noop_coroutine();
+    }
+
+    void
+    await_resume() const noexcept
+    {
+    }
+};
+
+}  // namespace xrpl

include/xrpl/json/json_value.h

@@ -421,7 +421,7 @@ private:
         ObjectValues* map_{nullptr};
     } value_;
     ValueType type_ : 8;
-    int allocated_ : 1;  // Notes: if declared as bool, bitfield is useless.
+    int allocated_ : 1 {};  // Notes: if declared as bool, bitfield is useless.
 };
 
 inline Value

include/xrpl/json/json_writer.h

@@ -108,7 +108,7 @@ private:
     std::string indentString_;
     int rightMargin_;
     int indentSize_;
-    bool addChildValues_;
+    bool addChildValues_{};
 };
 
 /** \brief Writes a Value in <a HREF="http://www.json.org">JSON</a> format in a
@@ -175,7 +175,7 @@ private:
     std::string indentString_;
     int rightMargin_;
     std::string indentation_;
-    bool addChildValues_;
+    bool addChildValues_{};
 };
 
 std::string

include/xrpl/ledger/Credit.h

@@ -1,43 +0,0 @@
-#pragma once
-
-#include <xrpl/ledger/View.h>
-#include <xrpl/protocol/IOUAmount.h>
-#include <xrpl/protocol/STAmount.h>
-
-namespace xrpl {
-
-/** Calculate the maximum amount of IOUs that an account can hold
-    @param ledger the ledger to check against.
-    @param account the account of interest.
-    @param issuer the issuer of the IOU.
-    @param currency the IOU to check.
-    @return The maximum amount that can be held.
-*/
-/** @{ */
-STAmount
-creditLimit(
-    ReadView const& view,
-    AccountID const& account,
-    AccountID const& issuer,
-    Currency const& currency);
-
-IOUAmount
-creditLimit2(ReadView const& v, AccountID const& acc, AccountID const& iss, Currency const& cur);
-/** @} */
-
-/** Returns the amount of IOUs issued by issuer that are held by an account
-    @param ledger the ledger to check against.
-    @param account the account of interest.
-    @param issuer the issuer of the IOU.
-    @param currency the IOU to check.
-*/
-/** @{ */
-STAmount
-creditBalance(
-    ReadView const& view,
-    AccountID const& account,
-    AccountID const& issuer,
-    Currency const& currency);
-/** @} */
-
-}  // namespace xrpl

include/xrpl/ledger/View.h

@@ -2,26 +2,23 @@
 
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/OpenView.h>
 #include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/Asset.h>
-#include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/MPTIssue.h>
 #include <xrpl/protocol/Protocol.h>
-#include <xrpl/protocol/Rate.h>
 #include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STObject.h>
-#include <xrpl/protocol/Serializer.h>
+#include <xrpl/protocol/STTx.h>
 #include <xrpl/protocol/TER.h>
 
+#include <cstdint>
 #include <functional>
-#include <initializer_list>
 #include <map>
+#include <memory>
+#include <optional>
+#include <set>
 #include <utility>
 
 namespace xrpl {
 
-enum class WaiveTransferFee : bool { No = false, Yes };
 enum class SkipEntry : bool { No = false, Yes };
 
 //------------------------------------------------------------------------------
@@ -54,24 +51,6 @@ enum class SkipEntry : bool { No = false, Yes };
 [[nodiscard]] bool
 hasExpired(ReadView const& view, std::optional<std::uint32_t> const& exp);
 
-/** Controls the treatment of frozen account balances */
-enum FreezeHandling { fhIGNORE_FREEZE, fhZERO_IF_FROZEN };
-
-/** Controls the treatment of unauthorized MPT balances */
-enum AuthHandling { ahIGNORE_AUTH, ahZERO_IF_UNAUTHORIZED };
-
-/** Controls whether to include the account's full spendable balance */
-enum SpendableHandling { shSIMPLE_BALANCE, shFULL_BALANCE };
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, AccountID const& issuer);
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, MPTIssue const& mptIssue);
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, Asset const& asset);
-
 // Note, depth parameter is used to limit the recursion depth
 [[nodiscard]] bool
 isVaultPseudoAccountFrozen(
@@ -80,175 +59,6 @@ isVaultPseudoAccountFrozen(
     MPTIssue const& mptShare,
     int depth);
 
-[[nodiscard]] bool
-isIndividualFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isIndividualFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
-
-[[nodiscard]] inline bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
-{
-    return std::visit(
-        [&](auto const& issue) { return isIndividualFrozen(view, account, issue); }, asset.value());
-}
-
-[[nodiscard]] bool
-isFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isFrozen(ReadView const& view, AccountID const& account, Issue const& issue, int = 0 /*ignored*/)
-{
-    return isFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] bool
-isFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue, int depth = 0);
-
-/**
- *   isFrozen check is recursive for MPT shares in a vault, descending to
- *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- *   purely defensive, as we currently do not allow such vaults to be created.
- */
-[[nodiscard]] inline bool
-isFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0)
-{
-    return std::visit(
-        [&](auto const& issue) { return isFrozen(view, account, issue, depth); }, asset.value());
-}
-
-[[nodiscard]] inline TER
-checkFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue)
-{
-    return isFrozen(view, account, mptIssue) ? (TER)tecLOCKED : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
-{
-    return std::visit(
-        [&](auto const& issue) { return checkFrozen(view, account, issue); }, asset.value());
-}
-
-[[nodiscard]] bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    MPTIssue const& mptIssue,
-    int depth = 0);
-
-[[nodiscard]] inline bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    Issue const& issue)
-{
-    for (auto const& account : accounts)
-    {
-        if (isFrozen(view, account, issue.currency, issue.account))
-            return true;
-    }
-    return false;
-}
-
-[[nodiscard]] inline bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    Asset const& asset,
-    int depth = 0)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) {
-            if constexpr (std::is_same_v<TIss, Issue>)
-                return isAnyFrozen(view, accounts, issue);
-            else
-                return isAnyFrozen(view, accounts, issue, depth);
-        },
-        asset.value());
-}
-
-[[nodiscard]] bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    int = 0 /*ignored*/)
-{
-    return isDeepFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] inline bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    int depth = 0)
-{
-    // Unlike IOUs, frozen / locked MPTs are not allowed to send or receive
-    // funds, so checking "deep frozen" is the same as checking "frozen".
-    return isFrozen(view, account, mptIssue, depth);
-}
-
-/**
- *   isFrozen check is recursive for MPT shares in a vault, descending to
- *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- *   purely defensive, as we currently do not allow such vaults to be created.
- */
-[[nodiscard]] inline bool
-isDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0)
-{
-    return std::visit(
-        [&](auto const& issue) { return isDeepFrozen(view, account, issue, depth); },
-        asset.value());
-}
-
-[[nodiscard]] inline TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isDeepFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue)
-{
-    return isDeepFrozen(view, account, mptIssue) ? (TER)tecLOCKED : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
-{
-    return std::visit(
-        [&](auto const& issue) { return checkDeepFrozen(view, account, issue); }, asset.value());
-}
-
 [[nodiscard]] bool
 isLPTokenFrozen(
     ReadView const& view,
@@ -256,159 +66,6 @@ isLPTokenFrozen(
     Issue const& asset,
     Issue const& asset2);
 
-// Returns the amount an account can spend.
-//
-// If shSIMPLE_BALANCE is specified, this is the amount the account can spend
-// without going into debt.
-//
-// If shFULL_BALANCE is specified, this is the amount the account can spend
-// total. Specifically:
-// * The account can go into debt if using a trust line, and the other side has
-// a non-zero limit.
-// * If the account is the asset issuer the limit is defined by the asset /
-//   issuance.
-//
-// <-- saAmount: amount of currency held by account. May be negative.
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Asset const& asset,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-// Returns the amount an account can spend of the currency type saDefault, or
-// returns saDefault if this account is the issuer of the currency in
-// question. Should be used in favor of accountHolds when questioning how much
-// an account can spend while also allowing currency issuers to spend
-// unlimited amounts of their own currency (since they can always issue more).
-[[nodiscard]] STAmount
-accountFunds(
-    ReadView const& view,
-    AccountID const& id,
-    STAmount const& saDefault,
-    FreezeHandling freezeHandling,
-    beast::Journal j);
-
-// Return the account's liquid (not reserved) XRP.  Generally prefer
-// calling accountHolds() over this interface.  However, this interface
-// allows the caller to temporarily adjust the owner count should that be
-// necessary.
-//
-// @param ownerCountAdj positive to add to count, negative to reduce count.
-[[nodiscard]] XRPAmount
-xrpLiquid(ReadView const& view, AccountID const& id, std::int32_t ownerCountAdj, beast::Journal j);
-
-/** Iterate all items in the given directory. */
-void
-forEachItem(
-    ReadView const& view,
-    Keylet const& root,
-    std::function<void(std::shared_ptr<SLE const> const&)> const& f);
-
-/** Iterate all items after an item in the given directory.
-    @param after The key of the item to start after
-    @param hint The directory page containing `after`
-    @param limit The maximum number of items to return
-    @return `false` if the iteration failed
-*/
-bool
-forEachItemAfter(
-    ReadView const& view,
-    Keylet const& root,
-    uint256 const& after,
-    std::uint64_t const hint,
-    unsigned int limit,
-    std::function<bool(std::shared_ptr<SLE const> const&)> const& f);
-
-/** Iterate all items in an account's owner directory. */
-inline void
-forEachItem(
-    ReadView const& view,
-    AccountID const& id,
-    std::function<void(std::shared_ptr<SLE const> const&)> const& f)
-{
-    return forEachItem(view, keylet::ownerDir(id), f);
-}
-
-/** Iterate all items after an item in an owner directory.
-    @param after The key of the item to start after
-    @param hint The directory page containing `after`
-    @param limit The maximum number of items to return
-    @return `false` if the iteration failed
-*/
-inline bool
-forEachItemAfter(
-    ReadView const& view,
-    AccountID const& id,
-    uint256 const& after,
-    std::uint64_t const hint,
-    unsigned int limit,
-    std::function<bool(std::shared_ptr<SLE const> const&)> const& f)
-{
-    return forEachItemAfter(view, keylet::ownerDir(id), after, hint, limit, f);
-}
-
-/** Returns IOU issuer transfer fee as Rate. Rate specifies
- * the fee as fractions of 1 billion. For example, 1% transfer rate
- * is represented as 1,010,000,000.
- * @param issuer The IOU issuer
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, AccountID const& issuer);
-
-/** Returns MPT transfer fee as Rate. Rate specifies
- * the fee as fractions of 1 billion. For example, 1% transfer rate
- * is represented as 1,010,000,000.
- * @param issuanceID MPTokenIssuanceID of MPTTokenIssuance object
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, MPTID const& issuanceID);
-
-/** Returns the transfer fee as Rate based on the type of token
- * @param view The ledger view
- * @param amount The amount to transfer
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, STAmount const& amount);
-
-/** Returns `true` if the directory is empty
-    @param key The key of the directory
-*/
-[[nodiscard]] bool
-dirIsEmpty(ReadView const& view, Keylet const& k);
-
 // Return the list of enabled amendments
 [[nodiscard]] std::set<uint256>
 getEnabledAmendments(ReadView const& view);
@@ -474,81 +131,6 @@ areCompatible(
 //
 //------------------------------------------------------------------------------
 
-/** Adjust the owner count up or down. */
-void
-adjustOwnerCount(
-    ApplyView& view,
-    std::shared_ptr<SLE> const& sle,
-    std::int32_t amount,
-    beast::Journal j);
-
-/** @{ */
-/** Returns the first entry in the directory, advancing the index
-
-    @deprecated These are legacy function that are considered deprecated
-                and will soon be replaced with an iterator-based model
-                that is easier to use. You should not use them in new code.
-
-    @param view The view against which to operate
-    @param root The root (i.e. first page) of the directory to iterate
-    @param page The current page
-    @param index The index inside the current page
-    @param entry The entry at the current index
-
-    @return true if the directory isn't empty; false otherwise
- */
-bool
-cdirFirst(
-    ReadView const& view,
-    uint256 const& root,
-    std::shared_ptr<SLE const>& page,
-    unsigned int& index,
-    uint256& entry);
-
-bool
-dirFirst(
-    ApplyView& view,
-    uint256 const& root,
-    std::shared_ptr<SLE>& page,
-    unsigned int& index,
-    uint256& entry);
-/** @} */
-
-/** @{ */
-/** Returns the next entry in the directory, advancing the index
-
-    @deprecated These are legacy function that are considered deprecated
-                and will soon be replaced with an iterator-based model
-                that is easier to use. You should not use them in new code.
-
-    @param view The view against which to operate
-    @param root The root (i.e. first page) of the directory to iterate
-    @param page The current page
-    @param index The index inside the current page
-    @param entry The entry at the current index
-
-    @return true if the directory isn't empty; false otherwise
- */
-bool
-cdirNext(
-    ReadView const& view,
-    uint256 const& root,
-    std::shared_ptr<SLE const>& page,
-    unsigned int& index,
-    uint256& entry);
-
-bool
-dirNext(
-    ApplyView& view,
-    uint256 const& root,
-    std::shared_ptr<SLE>& page,
-    unsigned int& index,
-    uint256& entry);
-/** @} */
-
-[[nodiscard]] std::function<void(SLE::ref)>
-describeOwnerDir(AccountID const& account);
-
 [[nodiscard]] TER
 dirLink(
     ApplyView& view,
@@ -556,63 +138,6 @@ dirLink(
     std::shared_ptr<SLE>& object,
     SF_UINT64 const& node = sfOwnerNode);
 
-AccountID
-pseudoAccountAddress(ReadView const& view, uint256 const& pseudoOwnerKey);
-
-/**
- *
- * Create pseudo-account, storing pseudoOwnerKey into ownerField.
- *
- * The list of valid ownerField is maintained in View.cpp and the caller to
- * this function must perform necessary amendment check(s) before using a
- * field. The amendment check is **not** performed in createPseudoAccount.
- */
-[[nodiscard]] Expected<std::shared_ptr<SLE>, TER>
-createPseudoAccount(ApplyView& view, uint256 const& pseudoOwnerKey, SField const& ownerField);
-
-// Returns true if and only if sleAcct is a pseudo-account or specific
-// pseudo-accounts in pseudoFieldFilter.
-//
-// Returns false if sleAcct is
-// * NOT a pseudo-account OR
-// * NOT a ltACCOUNT_ROOT OR
-// * null pointer
-[[nodiscard]] bool
-isPseudoAccount(
-    std::shared_ptr<SLE const> sleAcct,
-    std::set<SField const*> const& pseudoFieldFilter = {});
-
-// Returns the list of fields that define an ACCOUNT_ROOT as a pseudo-account if
-// set
-// Pseudo-account designator fields MUST be maintained by including the
-// SField::sMD_PseudoAccount flag in the SField definition. (Don't forget to
-// "| SField::sMD_Default"!) The fields do NOT need to be amendment-gated,
-// since a non-active amendment will not set any field, by definition.
-// Specific properties of a pseudo-account are NOT checked here, that's what
-// InvariantCheck is for.
-[[nodiscard]] std::vector<SField const*> const&
-getPseudoAccountFields();
-
-[[nodiscard]] inline bool
-isPseudoAccount(
-    ReadView const& view,
-    AccountID const& accountId,
-    std::set<SField const*> const& pseudoFieldFilter = {})
-{
-    return isPseudoAccount(view.read(keylet::account(accountId)), pseudoFieldFilter);
-}
-
-[[nodiscard]] TER
-canAddHolding(ReadView const& view, Asset const& asset);
-
-/** Validates that the destination SLE and tag are valid
-
-   - Checks that the SLE is not null.
-   - If the SLE requires a destination tag, checks that there is a tag.
-*/
-[[nodiscard]] TER
-checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
-
 /** Checks that can withdraw funds from an object to itself or a destination.
  *
  * The receiver may be either the submitting account (sfAccount) or a different
@@ -686,351 +211,6 @@ doWithdraw(
     STAmount const& amount,
     beast::Journal j);
 
-/// Any transactors that call addEmptyHolding() in doApply must call
-/// canAddHolding() in preflight with the same View and Asset
-[[nodiscard]] TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    Issue const& issue,
-    beast::Journal journal);
-
-[[nodiscard]] TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    MPTIssue const& mptIssue,
-    beast::Journal journal);
-
-[[nodiscard]] inline TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    Asset const& asset,
-    beast::Journal journal)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
-            return addEmptyHolding(view, accountID, priorBalance, issue, journal);
-        },
-        asset.value());
-}
-
-[[nodiscard]] TER
-authorizeMPToken(
-    ApplyView& view,
-    XRPAmount const& priorBalance,
-    MPTID const& mptIssuanceID,
-    AccountID const& account,
-    beast::Journal journal,
-    std::uint32_t flags = 0,
-    std::optional<AccountID> holderID = std::nullopt);
-
-// VFALCO NOTE Both STAmount parameters should just
-//             be "Amount", a unit-less number.
-//
-/** Create a trust line
-
-    This can set an initial balance.
-*/
-[[nodiscard]] TER
-trustCreate(
-    ApplyView& view,
-    bool const bSrcHigh,
-    AccountID const& uSrcAccountID,
-    AccountID const& uDstAccountID,
-    uint256 const& uIndex,      // --> ripple state entry
-    SLE::ref sleAccount,        // --> the account being set.
-    bool const bAuth,           // --> authorize account.
-    bool const bNoRipple,       // --> others cannot ripple through
-    bool const bFreeze,         // --> funds cannot leave
-    bool bDeepFreeze,           // --> can neither receive nor send funds
-    STAmount const& saBalance,  // --> balance of account being set.
-                                // Issuer should be noAccount()
-    STAmount const& saLimit,    // --> limit for account being set.
-                                // Issuer should be the account being set.
-    std::uint32_t uSrcQualityIn,
-    std::uint32_t uSrcQualityOut,
-    beast::Journal j);
-
-[[nodiscard]] TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    Issue const& issue,
-    beast::Journal journal);
-
-[[nodiscard]] TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    MPTIssue const& mptIssue,
-    beast::Journal journal);
-
-[[nodiscard]] inline TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    Asset const& asset,
-    beast::Journal journal)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
-            return removeEmptyHolding(view, accountID, issue, journal);
-        },
-        asset.value());
-}
-
-[[nodiscard]] TER
-trustDelete(
-    ApplyView& view,
-    std::shared_ptr<SLE> const& sleRippleState,
-    AccountID const& uLowAccountID,
-    AccountID const& uHighAccountID,
-    beast::Journal j);
-
-/** Delete an offer.
-
-    Requirements:
-        The passed `sle` be obtained from a prior
-        call to view.peek()
-*/
-// [[nodiscard]] // nodiscard commented out so Flow, BookTip and others compile.
-TER
-offerDelete(ApplyView& view, std::shared_ptr<SLE> const& sle, beast::Journal j);
-
-//------------------------------------------------------------------------------
-
-//
-// Money Transfers
-//
-
-// Direct send w/o fees:
-// - Redeeming IOUs and/or sending sender's own IOUs.
-// - Create trust line of needed.
-// --> bCheckIssuer : normally require issuer to be involved.
-// [[nodiscard]] // nodiscard commented out so DirectStep.cpp compiles.
-
-/** Calls static rippleCreditIOU if saAmount represents Issue.
- * Calls static rippleCreditMPT if saAmount represents MPTIssue.
- */
-TER
-rippleCredit(
-    ApplyView& view,
-    AccountID const& uSenderID,
-    AccountID const& uReceiverID,
-    STAmount const& saAmount,
-    bool bCheckIssuer,
-    beast::Journal j);
-
-TER
-rippleLockEscrowMPT(
-    ApplyView& view,
-    AccountID const& uGrantorID,
-    STAmount const& saAmount,
-    beast::Journal j);
-
-TER
-rippleUnlockEscrowMPT(
-    ApplyView& view,
-    AccountID const& uGrantorID,
-    AccountID const& uGranteeID,
-    STAmount const& netAmount,
-    STAmount const& grossAmount,
-    beast::Journal j);
-
-/** Calls static accountSendIOU if saAmount represents Issue.
- * Calls static accountSendMPT if saAmount represents MPTIssue.
- */
-[[nodiscard]] TER
-accountSend(
-    ApplyView& view,
-    AccountID const& from,
-    AccountID const& to,
-    STAmount const& saAmount,
-    beast::Journal j,
-    WaiveTransferFee waiveFee = WaiveTransferFee::No);
-
-using MultiplePaymentDestinations = std::vector<std::pair<AccountID, Number>>;
-/** Like accountSend, except one account is sending multiple payments (with the
- *  same asset!) simultaneously
- *
- * Calls static accountSendMultiIOU if saAmount represents Issue.
- * Calls static accountSendMultiMPT if saAmount represents MPTIssue.
- */
-[[nodiscard]] TER
-accountSendMulti(
-    ApplyView& view,
-    AccountID const& senderID,
-    Asset const& asset,
-    MultiplePaymentDestinations const& receivers,
-    beast::Journal j,
-    WaiveTransferFee waiveFee = WaiveTransferFee::No);
-
-[[nodiscard]] TER
-issueIOU(
-    ApplyView& view,
-    AccountID const& account,
-    STAmount const& amount,
-    Issue const& issue,
-    beast::Journal j);
-
-[[nodiscard]] TER
-redeemIOU(
-    ApplyView& view,
-    AccountID const& account,
-    STAmount const& amount,
-    Issue const& issue,
-    beast::Journal j);
-
-[[nodiscard]] TER
-transferXRP(
-    ApplyView& view,
-    AccountID const& from,
-    AccountID const& to,
-    STAmount const& amount,
-    beast::Journal j);
-
-/* Check if MPToken (for MPT) or trust line (for IOU) exists:
- * - StrongAuth - before checking if authorization is required
- * - WeakAuth
- *    for MPT - after checking lsfMPTRequireAuth flag
- *    for IOU - do not check if trust line exists
- * - Legacy
- *    for MPT - before checking lsfMPTRequireAuth flag i.e. same as StrongAuth
- *    for IOU - do not check if trust line exists i.e. same as WeakAuth
- */
-enum class AuthType { StrongAuth, WeakAuth, Legacy };
-
-/** Check if the account lacks required authorization.
- *
- * Return tecNO_AUTH or tecNO_LINE if it does
- * and tesSUCCESS otherwise.
- *
- * If StrongAuth then return tecNO_LINE if the RippleState doesn't exist. Return
- * tecNO_AUTH if lsfRequireAuth is set on the issuer's AccountRoot, and the
- * RippleState does exist, and the RippleState is not authorized.
- *
- * If WeakAuth then return tecNO_AUTH if lsfRequireAuth is set, and the
- * RippleState exists, and is not authorized. Return tecNO_LINE if
- * lsfRequireAuth is set and the RippleState doesn't exist. Consequently, if
- * WeakAuth and lsfRequireAuth is *not* set, this function will return
- * tesSUCCESS even if RippleState does *not* exist.
- *
- * The default "Legacy" auth type is equivalent to WeakAuth.
- */
-[[nodiscard]] TER
-requireAuth(
-    ReadView const& view,
-    Issue const& issue,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy);
-
-/** Check if the account lacks required authorization.
- *
- * This will also check for expired credentials. If it is called directly
- * from preclaim, the user should convert result tecEXPIRED to tesSUCCESS and
- * proceed to also check permissions with enforceMPTokenAuthorization inside
- * doApply. This will ensure that any expired credentials are deleted.
- *
- * requireAuth check is recursive for MPT shares in a vault, descending to
- * assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- * purely defensive, as we currently do not allow such vaults to be created.
- *
- * If StrongAuth then return tecNO_AUTH if MPToken doesn't exist or
- * lsfMPTRequireAuth is set and MPToken is not authorized. Vault and LoanBroker
- * pseudo-accounts are implicitly authorized.
- *
- * If WeakAuth then return tecNO_AUTH if lsfMPTRequireAuth is set and MPToken
- * doesn't exist or is not authorized (explicitly or via credentials, if
- * DomainID is set in MPTokenIssuance). Consequently, if WeakAuth and
- * lsfMPTRequireAuth is *not* set, this function will return true even if
- * MPToken does *not* exist.
- *
- * The default "Legacy" auth type is equivalent to StrongAuth.
- */
-[[nodiscard]] TER
-requireAuth(
-    ReadView const& view,
-    MPTIssue const& mptIssue,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy,
-    int depth = 0);
-
-[[nodiscard]] TER inline requireAuth(
-    ReadView const& view,
-    Asset const& asset,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue_) {
-            return requireAuth(view, issue_, account, authType);
-        },
-        asset.value());
-}
-
-/** Enforce account has MPToken to match its authorization.
- *
- *   Called from doApply - it will check for expired (and delete if found any)
- *   credentials matching DomainID set in MPTokenIssuance. Must be called if
- *   requireAuth(...MPTIssue...) returned tesSUCCESS or tecEXPIRED in preclaim,
- *   which implies that preclaim should replace `tecEXPIRED` with `tesSUCCESS`
- *   in order for the transactor to proceed to doApply.
- *
- *   This function will create MPToken (if needed) on the basis of any
- *   non-expired credentials and will delete any expired credentials, indirectly
- *   via verifyValidDomain, as per DomainID (if set in MPTokenIssuance).
- *
- *   The caller does NOT need to ensure that DomainID is actually set - this
- *   function handles gracefully both cases when DomainID is set and when not.
- *
- *   The caller does NOT need to look for existing MPToken to match
- *   mptIssue/account - this function checks lsfMPTAuthorized of an existing
- *   MPToken iff DomainID is not set.
- *
- *   Do not use for accounts which hold implied permission e.g. object owners or
- *   if MPTokenIssuance does not require authorization. In both cases use
- *   MPTokenAuthorize::authorize if MPToken does not yet exist.
- */
-[[nodiscard]] TER
-enforceMPTokenAuthorization(
-    ApplyView& view,
-    MPTID const& mptIssuanceID,
-    AccountID const& account,
-    XRPAmount const& priorBalance,
-    beast::Journal j);
-
-/** Check if the destination account is allowed
- *  to receive MPT. Return tecNO_AUTH if it doesn't
- *  and tesSUCCESS otherwise.
- */
-[[nodiscard]] TER
-canTransfer(
-    ReadView const& view,
-    MPTIssue const& mptIssue,
-    AccountID const& from,
-    AccountID const& to);
-
-[[nodiscard]] TER
-canTransfer(ReadView const& view, Issue const& issue, AccountID const& from, AccountID const& to);
-
-[[nodiscard]] TER inline canTransfer(
-    ReadView const& view,
-    Asset const& asset,
-    AccountID const& from,
-    AccountID const& to)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
-            return canTransfer(view, issue, from, to);
-        },
-        asset.value());
-}
-
 /** Deleter function prototype. Returns the status of the entry deletion
  * (if should not be skipped) and if the entry should be skipped. The status
  * is always tesSUCCESS if the entry should be skipped.
@@ -1052,57 +232,6 @@ cleanupOnAccountDelete(
     beast::Journal j,
     std::optional<std::uint16_t> maxNodesToDelete = std::nullopt);
 
-/** Delete trustline to AMM. The passed `sle` must be obtained from a prior
- * call to view.peek(). Fail if neither side of the trustline is AMM or
- * if ammAccountID is seated and is not one of the trustline's side.
- */
-[[nodiscard]] TER
-deleteAMMTrustLine(
-    ApplyView& view,
-    std::shared_ptr<SLE> sleState,
-    std::optional<AccountID> const& ammAccountID,
-    beast::Journal j);
-
-// From the perspective of a vault, return the number of shares to give the
-// depositor when they deposit a fixed amount of assets. Since shares are MPT
-// this number is integral and always truncated in this calculation.
-[[nodiscard]] std::optional<STAmount>
-assetsToSharesDeposit(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& assets);
-
-// From the perspective of a vault, return the number of assets to take from
-// depositor when they receive a fixed amount of shares. Note, since shares are
-// MPT, they are always an integral number.
-[[nodiscard]] std::optional<STAmount>
-sharesToAssetsDeposit(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& shares);
-
-enum class TruncateShares : bool { no = false, yes = true };
-
-// From the perspective of a vault, return the number of shares to demand from
-// the depositor when they ask to withdraw a fixed amount of assets. Since
-// shares are MPT this number is integral, and it will be rounded to nearest
-// unless explicitly requested to be truncated instead.
-[[nodiscard]] std::optional<STAmount>
-assetsToSharesWithdraw(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& assets,
-    TruncateShares truncate = TruncateShares::no);
-
-// From the perspective of a vault, return the number of assets to give the
-// depositor when they redeem a fixed amount of shares. Note, since shares are
-// MPT, they are always an integral number.
-[[nodiscard]] std::optional<STAmount>
-sharesToAssetsWithdraw(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& shares);
-
 /** Has the specified time passed?
 
     @param now  the current time

include/xrpl/ledger/helpers/AccountRootHelpers.h

@@ -0,0 +1,112 @@
+#pragma once
+
+#include <xrpl/basics/Expected.h>
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/Rate.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/TER.h>
+
+#include <memory>
+#include <set>
+#include <vector>
+
+namespace xrpl {
+
+/** Check if the issuer has the global freeze flag set.
+    @param issuer The account to check
+    @return true if the account has global freeze set
+*/
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, AccountID const& issuer);
+
+// Calculate liquid XRP balance for an account.
+// This function may be used to calculate the amount of XRP that
+// the holder is able to freely spend. It subtracts reserve requirements.
+//
+// ownerCountAdj adjusts the owner count in case the caller calculates
+// before ledger entries are added or removed. Positive to add, negative
+// to subtract.
+//
+// @param ownerCountAdj positive to add to count, negative to reduce count.
+[[nodiscard]] XRPAmount
+xrpLiquid(ReadView const& view, AccountID const& id, std::int32_t ownerCountAdj, beast::Journal j);
+
+/** Adjust the owner count up or down. */
+void
+adjustOwnerCount(
+    ApplyView& view,
+    std::shared_ptr<SLE> const& sle,
+    std::int32_t amount,
+    beast::Journal j);
+
+/** Returns IOU issuer transfer fee as Rate. Rate specifies
+ * the fee as fractions of 1 billion. For example, 1% transfer rate
+ * is represented as 1,010,000,000.
+ * @param issuer The IOU issuer
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, AccountID const& issuer);
+
+/** Generate a pseudo-account address from a pseudo owner key.
+    @param pseudoOwnerKey The key to generate the address from
+    @return The generated account ID
+*/
+AccountID
+pseudoAccountAddress(ReadView const& view, uint256 const& pseudoOwnerKey);
+
+/** Returns the list of fields that define an ACCOUNT_ROOT as a pseudo-account
+    if set.
+
+    The list is constructed during initialization and is const after that.
+    Pseudo-account designator fields MUST be maintained by including the
+    SField::sMD_PseudoAccount flag in the SField definition.
+*/
+[[nodiscard]] std::vector<SField const*> const&
+getPseudoAccountFields();
+
+/** Returns true if and only if sleAcct is a pseudo-account or specific
+    pseudo-accounts in pseudoFieldFilter.
+
+    Returns false if sleAcct is:
+    - NOT a pseudo-account OR
+    - NOT a ltACCOUNT_ROOT OR
+    - null pointer
+*/
+[[nodiscard]] bool
+isPseudoAccount(
+    std::shared_ptr<SLE const> sleAcct,
+    std::set<SField const*> const& pseudoFieldFilter = {});
+
+/** Convenience overload that reads the account from the view. */
+[[nodiscard]] inline bool
+isPseudoAccount(
+    ReadView const& view,
+    AccountID const& accountId,
+    std::set<SField const*> const& pseudoFieldFilter = {})
+{
+    return isPseudoAccount(view.read(keylet::account(accountId)), pseudoFieldFilter);
+}
+
+/**
+ * Create pseudo-account, storing pseudoOwnerKey into ownerField.
+ *
+ * The list of valid ownerField is maintained in AccountRootHelpers.cpp and
+ * the caller to this function must perform necessary amendment check(s)
+ * before using a field. The amendment check is **not** performed in
+ * createPseudoAccount.
+ */
+[[nodiscard]] Expected<std::shared_ptr<SLE>, TER>
+createPseudoAccount(ApplyView& view, uint256 const& pseudoOwnerKey, SField const& ownerField);
+
+/** Checks the destination and tag.
+
+   - Checks that the SLE is not null.
+   - If the SLE requires a destination tag, checks that there is a tag.
+*/
+[[nodiscard]] TER
+checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/CredentialHelpers.h

@@ -49,7 +49,7 @@ validDomain(ReadView const& view, uint256 domainID, AccountID const& subject);
 // This function is only called when we about to return tecNO_PERMISSION
 // because all the checks for the DepositPreauth authorization failed.
 TER
-authorizedDepositPreauth(ApplyView const& view, STVector256 const& ctx, AccountID const& dst);
+authorizedDepositPreauth(ReadView const& view, STVector256 const& ctx, AccountID const& dst);
 
 // Sort credentials array, return empty set if there are duplicates
 std::set<std::pair<AccountID, Slice>>
@@ -74,7 +74,7 @@ verifyDepositPreauth(
     ApplyView& view,
     AccountID const& src,
     AccountID const& dst,
-    std::shared_ptr<SLE> const& sleDst,
+    std::shared_ptr<SLE const> const& sleDst,
     beast::Journal j);
 
 }  // namespace xrpl

include/xrpl/ledger/helpers/DirectoryHelpers.h

@@ -0,0 +1,223 @@
+#pragma once
+
+#include <xrpl/beast/utility/instrumentation.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/TER.h>
+
+#include <functional>
+#include <memory>
+#include <type_traits>
+
+namespace xrpl {
+
+namespace detail {
+
+template <
+    class V,
+    class N,
+    class = std::enable_if_t<
+        std::is_same_v<std::remove_cv_t<N>, SLE> && std::is_base_of_v<ReadView, V>>>
+bool
+internalDirNext(
+    V& view,
+    uint256 const& root,
+    std::shared_ptr<N>& page,
+    unsigned int& index,
+    uint256& entry)
+{
+    auto const& svIndexes = page->getFieldV256(sfIndexes);
+    XRPL_ASSERT(index <= svIndexes.size(), "xrpl::detail::internalDirNext : index inside range");
+
+    if (index >= svIndexes.size())
+    {
+        auto const next = page->getFieldU64(sfIndexNext);
+
+        if (!next)
+        {
+            entry.zero();
+            return false;
+        }
+
+        if constexpr (std::is_const_v<N>)
+        {
+            page = view.read(keylet::page(root, next));
+        }
+        else
+        {
+            page = view.peek(keylet::page(root, next));
+        }
+
+        XRPL_ASSERT(page, "xrpl::detail::internalDirNext : non-null root");
+
+        if (!page)
+            return false;
+
+        index = 0;
+
+        return internalDirNext(view, root, page, index, entry);
+    }
+
+    entry = svIndexes[index++];
+    return true;
+}
+
+template <
+    class V,
+    class N,
+    class = std::enable_if_t<
+        std::is_same_v<std::remove_cv_t<N>, SLE> && std::is_base_of_v<ReadView, V>>>
+bool
+internalDirFirst(
+    V& view,
+    uint256 const& root,
+    std::shared_ptr<N>& page,
+    unsigned int& index,
+    uint256& entry)
+{
+    if constexpr (std::is_const_v<N>)
+    {
+        page = view.read(keylet::page(root));
+    }
+    else
+    {
+        page = view.peek(keylet::page(root));
+    }
+
+    if (!page)
+        return false;
+
+    index = 0;
+
+    return internalDirNext(view, root, page, index, entry);
+}
+
+}  // namespace detail
+
+/** @{ */
+/** Returns the first entry in the directory, advancing the index
+
+    @deprecated These are legacy function that are considered deprecated
+                and will soon be replaced with an iterator-based model
+                that is easier to use. You should not use them in new code.
+
+    @param view The view against which to operate
+    @param root The root (i.e. first page) of the directory to iterate
+    @param page The current page
+    @param index The index inside the current page
+    @param entry The entry at the current index
+
+    @return true if the directory isn't empty; false otherwise
+ */
+bool
+cdirFirst(
+    ReadView const& view,
+    uint256 const& root,
+    std::shared_ptr<SLE const>& page,
+    unsigned int& index,
+    uint256& entry);
+
+bool
+dirFirst(
+    ApplyView& view,
+    uint256 const& root,
+    std::shared_ptr<SLE>& page,
+    unsigned int& index,
+    uint256& entry);
+/** @} */
+
+/** @{ */
+/** Returns the next entry in the directory, advancing the index
+
+    @deprecated These are legacy function that are considered deprecated
+                and will soon be replaced with an iterator-based model
+                that is easier to use. You should not use them in new code.
+
+    @param view The view against which to operate
+    @param root The root (i.e. first page) of the directory to iterate
+    @param page The current page
+    @param index The index inside the current page
+    @param entry The entry at the current index
+
+    @return true if the directory isn't empty; false otherwise
+ */
+bool
+cdirNext(
+    ReadView const& view,
+    uint256 const& root,
+    std::shared_ptr<SLE const>& page,
+    unsigned int& index,
+    uint256& entry);
+
+bool
+dirNext(
+    ApplyView& view,
+    uint256 const& root,
+    std::shared_ptr<SLE>& page,
+    unsigned int& index,
+    uint256& entry);
+/** @} */
+
+/** Iterate all items in the given directory. */
+void
+forEachItem(
+    ReadView const& view,
+    Keylet const& root,
+    std::function<void(std::shared_ptr<SLE const> const&)> const& f);
+
+/** Iterate all items after an item in the given directory.
+    @param after The key of the item to start after
+    @param hint The directory page containing `after`
+    @param limit The maximum number of items to return
+    @return `false` if the iteration failed
+*/
+bool
+forEachItemAfter(
+    ReadView const& view,
+    Keylet const& root,
+    uint256 const& after,
+    std::uint64_t const hint,
+    unsigned int limit,
+    std::function<bool(std::shared_ptr<SLE const> const&)> const& f);
+
+/** Iterate all items in an account's owner directory. */
+inline void
+forEachItem(
+    ReadView const& view,
+    AccountID const& id,
+    std::function<void(std::shared_ptr<SLE const> const&)> const& f)
+{
+    return forEachItem(view, keylet::ownerDir(id), f);
+}
+
+/** Iterate all items after an item in an owner directory.
+    @param after The key of the item to start after
+    @param hint The directory page containing `after`
+    @param limit The maximum number of items to return
+    @return `false` if the iteration failed
+*/
+inline bool
+forEachItemAfter(
+    ReadView const& view,
+    AccountID const& id,
+    uint256 const& after,
+    std::uint64_t const hint,
+    unsigned int limit,
+    std::function<bool(std::shared_ptr<SLE const> const&)> const& f)
+{
+    return forEachItemAfter(view, keylet::ownerDir(id), after, hint, limit, f);
+}
+
+/** Returns `true` if the directory is empty
+    @param key The key of the directory
+*/
+[[nodiscard]] bool
+dirIsEmpty(ReadView const& view, Keylet const& k);
+
+/** Returns a function that sets the owner on a directory SLE */
+[[nodiscard]] std::function<void(SLE::ref)>
+describeOwnerDir(AccountID const& account);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/MPTokenHelpers.h

@@ -0,0 +1,160 @@
+#pragma once
+
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/ledger/helpers/TokenHelpers.h>
+#include <xrpl/protocol/MPTIssue.h>
+#include <xrpl/protocol/Rate.h>
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/TER.h>
+
+#include <initializer_list>
+#include <optional>
+
+namespace xrpl {
+
+//------------------------------------------------------------------------------
+//
+// Freeze checking (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, MPTIssue const& mptIssue);
+
+[[nodiscard]] bool
+isIndividualFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
+
+[[nodiscard]] bool
+isFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue, int depth = 0);
+
+[[nodiscard]] bool
+isAnyFrozen(
+    ReadView const& view,
+    std::initializer_list<AccountID> const& accounts,
+    MPTIssue const& mptIssue,
+    int depth = 0);
+
+//------------------------------------------------------------------------------
+//
+// Transfer rate (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+/** Returns MPT transfer fee as Rate. Rate specifies
+ * the fee as fractions of 1 billion. For example, 1% transfer rate
+ * is represented as 1,010,000,000.
+ * @param issuanceID MPTokenIssuanceID of MPTTokenIssuance object
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, MPTID const& issuanceID);
+
+//------------------------------------------------------------------------------
+//
+// Holding checks (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+canAddHolding(ReadView const& view, MPTIssue const& mptIssue);
+
+//------------------------------------------------------------------------------
+//
+// Authorization (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+authorizeMPToken(
+    ApplyView& view,
+    XRPAmount const& priorBalance,
+    MPTID const& mptIssuanceID,
+    AccountID const& account,
+    beast::Journal journal,
+    std::uint32_t flags = 0,
+    std::optional<AccountID> holderID = std::nullopt);
+
+/** Check if the account lacks required authorization for MPT.
+ *
+ * requireAuth check is recursive for MPT shares in a vault, descending to
+ * assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ * purely defensive, as we currently do not allow such vaults to be created.
+ */
+[[nodiscard]] TER
+requireAuth(
+    ReadView const& view,
+    MPTIssue const& mptIssue,
+    AccountID const& account,
+    AuthType authType = AuthType::Legacy,
+    int depth = 0);
+
+/** Enforce account has MPToken to match its authorization.
+ *
+ *   Called from doApply - it will check for expired (and delete if found any)
+ *   credentials matching DomainID set in MPTokenIssuance. Must be called if
+ *   requireAuth(...MPTIssue...) returned tesSUCCESS or tecEXPIRED in preclaim.
+ */
+[[nodiscard]] TER
+enforceMPTokenAuthorization(
+    ApplyView& view,
+    MPTID const& mptIssuanceID,
+    AccountID const& account,
+    XRPAmount const& priorBalance,
+    beast::Journal j);
+
+/** Check if the destination account is allowed
+ *  to receive MPT. Return tecNO_AUTH if it doesn't
+ *  and tesSUCCESS otherwise.
+ */
+[[nodiscard]] TER
+canTransfer(
+    ReadView const& view,
+    MPTIssue const& mptIssue,
+    AccountID const& from,
+    AccountID const& to);
+
+//------------------------------------------------------------------------------
+//
+// Empty holding operations (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+addEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    XRPAmount priorBalance,
+    MPTIssue const& mptIssue,
+    beast::Journal journal);
+
+[[nodiscard]] TER
+removeEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    MPTIssue const& mptIssue,
+    beast::Journal journal);
+
+//------------------------------------------------------------------------------
+//
+// Escrow operations (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+TER
+rippleLockEscrowMPT(
+    ApplyView& view,
+    AccountID const& uGrantorID,
+    STAmount const& saAmount,
+    beast::Journal j);
+
+TER
+rippleUnlockEscrowMPT(
+    ApplyView& view,
+    AccountID const& uGrantorID,
+    AccountID const& uGranteeID,
+    STAmount const& netAmount,
+    STAmount const& grossAmount,
+    beast::Journal j);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/OfferHelpers.h

@@ -0,0 +1,28 @@
+#pragma once
+
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/TER.h>
+
+#include <memory>
+
+namespace xrpl {
+
+/** Delete an offer.
+
+    Requirements:
+        The offer must exist.
+        The caller must have already checked permissions.
+
+    @param view The ApplyView to modify.
+    @param sle The offer to delete.
+    @param j Journal for logging.
+
+    @return tesSUCCESS on success, otherwise an error code.
+*/
+// [[nodiscard]] // nodiscard commented out so Flow, BookTip and others compile.
+TER
+offerDelete(ApplyView& view, std::shared_ptr<SLE> const& sle, beast::Journal j);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/RippleStateHelpers.h

@@ -0,0 +1,255 @@
+#pragma once
+
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/ledger/helpers/TokenHelpers.h>
+#include <xrpl/protocol/IOUAmount.h>
+#include <xrpl/protocol/Issue.h>
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/TER.h>
+
+//------------------------------------------------------------------------------
+//
+// RippleState (Trustline) helpers
+//
+//------------------------------------------------------------------------------
+
+namespace xrpl {
+
+//------------------------------------------------------------------------------
+//
+// Credit functions (from Credit.h)
+//
+//------------------------------------------------------------------------------
+
+/** Calculate the maximum amount of IOUs that an account can hold
+    @param view the ledger to check against.
+    @param account the account of interest.
+    @param issuer the issuer of the IOU.
+    @param currency the IOU to check.
+    @return The maximum amount that can be held.
+*/
+/** @{ */
+STAmount
+creditLimit(
+    ReadView const& view,
+    AccountID const& account,
+    AccountID const& issuer,
+    Currency const& currency);
+
+IOUAmount
+creditLimit2(ReadView const& v, AccountID const& acc, AccountID const& iss, Currency const& cur);
+/** @} */
+
+/** Returns the amount of IOUs issued by issuer that are held by an account
+    @param view the ledger to check against.
+    @param account the account of interest.
+    @param issuer the issuer of the IOU.
+    @param currency the IOU to check.
+*/
+/** @{ */
+STAmount
+creditBalance(
+    ReadView const& view,
+    AccountID const& account,
+    AccountID const& issuer,
+    Currency const& currency);
+/** @} */
+
+//------------------------------------------------------------------------------
+//
+// Freeze checking (IOU-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] bool
+isIndividualFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer);
+
+[[nodiscard]] inline bool
+isIndividualFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
+{
+    return isIndividualFrozen(view, account, issue.currency, issue.account);
+}
+
+[[nodiscard]] bool
+isFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer);
+
+[[nodiscard]] inline bool
+isFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
+{
+    return isFrozen(view, account, issue.currency, issue.account);
+}
+
+// Overload with depth parameter for uniformity with MPTIssue version.
+// The depth parameter is ignored for IOUs since they don't have vault recursion.
+[[nodiscard]] inline bool
+isFrozen(ReadView const& view, AccountID const& account, Issue const& issue, int /*depth*/)
+{
+    return isFrozen(view, account, issue);
+}
+
+[[nodiscard]] bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer);
+
+[[nodiscard]] inline bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Issue const& issue,
+    int = 0 /*ignored*/)
+{
+    return isDeepFrozen(view, account, issue.currency, issue.account);
+}
+
+[[nodiscard]] inline TER
+checkDeepFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
+{
+    return isDeepFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
+}
+
+//------------------------------------------------------------------------------
+//
+// Trust line operations
+//
+//------------------------------------------------------------------------------
+
+/** Create a trust line
+
+    This can set an initial balance.
+*/
+[[nodiscard]] TER
+trustCreate(
+    ApplyView& view,
+    bool const bSrcHigh,
+    AccountID const& uSrcAccountID,
+    AccountID const& uDstAccountID,
+    uint256 const& uIndex,      // --> ripple state entry
+    SLE::ref sleAccount,        // --> the account being set.
+    bool const bAuth,           // --> authorize account.
+    bool const bNoRipple,       // --> others cannot ripple through
+    bool const bFreeze,         // --> funds cannot leave
+    bool bDeepFreeze,           // --> can neither receive nor send funds
+    STAmount const& saBalance,  // --> balance of account being set.
+                                // Issuer should be noAccount()
+    STAmount const& saLimit,    // --> limit for account being set.
+                                // Issuer should be the account being set.
+    std::uint32_t uQualityIn,
+    std::uint32_t uQualityOut,
+    beast::Journal j);
+
+[[nodiscard]] TER
+trustDelete(
+    ApplyView& view,
+    std::shared_ptr<SLE> const& sleRippleState,
+    AccountID const& uLowAccountID,
+    AccountID const& uHighAccountID,
+    beast::Journal j);
+
+//------------------------------------------------------------------------------
+//
+// IOU issuance/redemption
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+issueIOU(
+    ApplyView& view,
+    AccountID const& account,
+    STAmount const& amount,
+    Issue const& issue,
+    beast::Journal j);
+
+[[nodiscard]] TER
+redeemIOU(
+    ApplyView& view,
+    AccountID const& account,
+    STAmount const& amount,
+    Issue const& issue,
+    beast::Journal j);
+
+//------------------------------------------------------------------------------
+//
+// Authorization and transfer checks (IOU-specific)
+//
+//------------------------------------------------------------------------------
+
+/** Check if the account lacks required authorization.
+ *
+ * Return tecNO_AUTH or tecNO_LINE if it does
+ * and tesSUCCESS otherwise.
+ *
+ * If StrongAuth then return tecNO_LINE if the RippleState doesn't exist. Return
+ * tecNO_AUTH if lsfRequireAuth is set on the issuer's AccountRoot, and the
+ * RippleState does exist, and the RippleState is not authorized.
+ *
+ * If WeakAuth then return tecNO_AUTH if lsfRequireAuth is set, and the
+ * RippleState exists, and is not authorized. Return tecNO_LINE if
+ * lsfRequireAuth is set and the RippleState doesn't exist. Consequently, if
+ * WeakAuth and lsfRequireAuth is *not* set, this function will return
+ * tesSUCCESS even if RippleState does *not* exist.
+ *
+ * The default "Legacy" auth type is equivalent to WeakAuth.
+ */
+[[nodiscard]] TER
+requireAuth(
+    ReadView const& view,
+    Issue const& issue,
+    AccountID const& account,
+    AuthType authType = AuthType::Legacy);
+
+/** Check if the destination account is allowed
+ *  to receive IOU. Return terNO_RIPPLE if rippling is
+ *  disabled on both sides and tesSUCCESS otherwise.
+ */
+[[nodiscard]] TER
+canTransfer(ReadView const& view, Issue const& issue, AccountID const& from, AccountID const& to);
+
+//------------------------------------------------------------------------------
+//
+// Empty holding operations (IOU-specific)
+//
+//------------------------------------------------------------------------------
+
+/// Any transactors that call addEmptyHolding() in doApply must call
+/// canAddHolding() in preflight with the same View and Asset
+[[nodiscard]] TER
+addEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    XRPAmount priorBalance,
+    Issue const& issue,
+    beast::Journal journal);
+
+[[nodiscard]] TER
+removeEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    Issue const& issue,
+    beast::Journal journal);
+
+/** Delete trustline to AMM. The passed `sle` must be obtained from a prior
+ * call to view.peek(). Fail if neither side of the trustline is AMM or
+ * if ammAccountID is seated and is not one of the trustline's side.
+ */
+[[nodiscard]] TER
+deleteAMMTrustLine(
+    ApplyView& view,
+    std::shared_ptr<SLE> sleState,
+    std::optional<AccountID> const& ammAccountID,
+    beast::Journal j);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/TokenHelpers.h

@@ -0,0 +1,286 @@
+#pragma once
+
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/Asset.h>
+#include <xrpl/protocol/MPTIssue.h>
+#include <xrpl/protocol/Rate.h>
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/TER.h>
+
+#include <initializer_list>
+#include <vector>
+
+namespace xrpl {
+
+//------------------------------------------------------------------------------
+//
+// Enums for token handling
+//
+//------------------------------------------------------------------------------
+
+/** Controls the treatment of frozen account balances */
+enum FreezeHandling { fhIGNORE_FREEZE, fhZERO_IF_FROZEN };
+
+/** Controls the treatment of unauthorized MPT balances */
+enum AuthHandling { ahIGNORE_AUTH, ahZERO_IF_UNAUTHORIZED };
+
+/** Controls whether to include the account's full spendable balance */
+enum SpendableHandling { shSIMPLE_BALANCE, shFULL_BALANCE };
+
+enum class WaiveTransferFee : bool { No = false, Yes };
+
+/* Check if MPToken (for MPT) or trust line (for IOU) exists:
+ * - StrongAuth - before checking if authorization is required
+ * - WeakAuth
+ *    for MPT - after checking lsfMPTRequireAuth flag
+ *    for IOU - do not check if trust line exists
+ * - Legacy
+ *    for MPT - before checking lsfMPTRequireAuth flag i.e. same as StrongAuth
+ *    for IOU - do not check if trust line exists i.e. same as WeakAuth
+ */
+enum class AuthType { StrongAuth, WeakAuth, Legacy };
+
+//------------------------------------------------------------------------------
+//
+// Freeze checking (Asset-based dispatchers)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, Asset const& asset);
+
+[[nodiscard]] bool
+isIndividualFrozen(ReadView const& view, AccountID const& account, Asset const& asset);
+
+/**
+ *   isFrozen check is recursive for MPT shares in a vault, descending to
+ *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ *   purely defensive, as we currently do not allow such vaults to be created.
+ */
+[[nodiscard]] bool
+isFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0);
+
+[[nodiscard]] TER
+checkFrozen(ReadView const& view, AccountID const& account, Issue const& issue);
+
+[[nodiscard]] TER
+checkFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
+
+[[nodiscard]] TER
+checkFrozen(ReadView const& view, AccountID const& account, Asset const& asset);
+
+[[nodiscard]] bool
+isAnyFrozen(
+    ReadView const& view,
+    std::initializer_list<AccountID> const& accounts,
+    Issue const& issue);
+
+[[nodiscard]] bool
+isAnyFrozen(
+    ReadView const& view,
+    std::initializer_list<AccountID> const& accounts,
+    Asset const& asset,
+    int depth = 0);
+
+[[nodiscard]] bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    MPTIssue const& mptIssue,
+    int depth = 0);
+
+/**
+ *   isFrozen check is recursive for MPT shares in a vault, descending to
+ *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ *   purely defensive, as we currently do not allow such vaults to be created.
+ */
+[[nodiscard]] bool
+isDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0);
+
+[[nodiscard]] TER
+checkDeepFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
+
+[[nodiscard]] TER
+checkDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset);
+
+//------------------------------------------------------------------------------
+//
+// Account balance functions (Asset-based dispatchers)
+//
+//------------------------------------------------------------------------------
+
+// Returns the amount an account can spend.
+//
+// If shSIMPLE_BALANCE is specified, this is the amount the account can spend
+// without going into debt.
+//
+// If shFULL_BALANCE is specified, this is the amount the account can spend
+// total. Specifically:
+// * The account can go into debt if using a trust line, and the other side has
+// a non-zero limit.
+// * If the account is the asset issuer the limit is defined by the asset /
+//   issuance.
+//
+// <-- saAmount: amount of currency held by account. May be negative.
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer,
+    FreezeHandling zeroIfFrozen,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    Issue const& issue,
+    FreezeHandling zeroIfFrozen,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    MPTIssue const& mptIssue,
+    FreezeHandling zeroIfFrozen,
+    AuthHandling zeroIfUnauthorized,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    Asset const& asset,
+    FreezeHandling zeroIfFrozen,
+    AuthHandling zeroIfUnauthorized,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+// Returns the amount an account can spend of the currency type saDefault, or
+// returns saDefault if this account is the issuer of the currency in
+// question. Should be used in favor of accountHolds when questioning how much
+// an account can spend while also allowing currency issuers to spend
+// unlimited amounts of their own currency (since they can always issue more).
+[[nodiscard]] STAmount
+accountFunds(
+    ReadView const& view,
+    AccountID const& id,
+    STAmount const& saDefault,
+    FreezeHandling freezeHandling,
+    beast::Journal j);
+
+/** Returns the transfer fee as Rate based on the type of token
+ * @param view The ledger view
+ * @param amount The amount to transfer
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, STAmount const& amount);
+
+//------------------------------------------------------------------------------
+//
+// Holding operations (Asset-based dispatchers)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+canAddHolding(ReadView const& view, Asset const& asset);
+
+[[nodiscard]] TER
+addEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    XRPAmount priorBalance,
+    Asset const& asset,
+    beast::Journal journal);
+
+[[nodiscard]] TER
+removeEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    Asset const& asset,
+    beast::Journal journal);
+
+//------------------------------------------------------------------------------
+//
+// Authorization and transfer checks (Asset-based dispatchers)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+requireAuth(
+    ReadView const& view,
+    Asset const& asset,
+    AccountID const& account,
+    AuthType authType = AuthType::Legacy);
+
+[[nodiscard]] TER
+canTransfer(ReadView const& view, Asset const& asset, AccountID const& from, AccountID const& to);
+
+//------------------------------------------------------------------------------
+//
+// Money Transfers (Asset-based dispatchers)
+//
+//------------------------------------------------------------------------------
+
+// Direct send w/o fees:
+// - Redeeming IOUs and/or sending sender's own IOUs.
+// - Create trust line of needed.
+// --> bCheckIssuer : normally require issuer to be involved.
+// [[nodiscard]] // nodiscard commented out so DirectStep.cpp compiles.
+
+/** Calls static rippleCreditIOU if saAmount represents Issue.
+ * Calls static rippleCreditMPT if saAmount represents MPTIssue.
+ */
+TER
+rippleCredit(
+    ApplyView& view,
+    AccountID const& uSenderID,
+    AccountID const& uReceiverID,
+    STAmount const& saAmount,
+    bool bCheckIssuer,
+    beast::Journal j);
+
+/** Calls static accountSendIOU if saAmount represents Issue.
+ * Calls static accountSendMPT if saAmount represents MPTIssue.
+ */
+[[nodiscard]] TER
+accountSend(
+    ApplyView& view,
+    AccountID const& from,
+    AccountID const& to,
+    STAmount const& saAmount,
+    beast::Journal j,
+    WaiveTransferFee waiveFee = WaiveTransferFee::No);
+
+using MultiplePaymentDestinations = std::vector<std::pair<AccountID, Number>>;
+/** Like accountSend, except one account is sending multiple payments (with the
+ *  same asset!) simultaneously
+ *
+ * Calls static accountSendMultiIOU if saAmount represents Issue.
+ * Calls static accountSendMultiMPT if saAmount represents MPTIssue.
+ */
+[[nodiscard]] TER
+accountSendMulti(
+    ApplyView& view,
+    AccountID const& senderID,
+    Asset const& asset,
+    MultiplePaymentDestinations const& receivers,
+    beast::Journal j,
+    WaiveTransferFee waiveFee = WaiveTransferFee::No);
+
+[[nodiscard]] TER
+transferXRP(
+    ApplyView& view,
+    AccountID const& from,
+    AccountID const& to,
+    STAmount const& amount,
+    beast::Journal j);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/VaultHelpers.h

@@ -0,0 +1,81 @@
+#pragma once
+
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+
+#include <memory>
+#include <optional>
+
+namespace xrpl {
+
+/** From the perspective of a vault, return the number of shares to give
+    depositor when they offer a fixed amount of assets. Note, since shares are
+    MPT, this number is integral and always truncated in this calculation.
+
+    @param vault The vault SLE.
+    @param issuance The MPTokenIssuance SLE for the vault's shares.
+    @param assets The amount of assets to convert.
+
+    @return The number of shares, or nullopt on error.
+*/
+[[nodiscard]] std::optional<STAmount>
+assetsToSharesDeposit(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& assets);
+
+/** From the perspective of a vault, return the number of assets to take from
+    depositor when they receive a fixed amount of shares. Note, since shares are
+    MPT, they are always an integral number.
+
+    @param vault The vault SLE.
+    @param issuance The MPTokenIssuance SLE for the vault's shares.
+    @param shares The amount of shares to convert.
+
+    @return The number of assets, or nullopt on error.
+*/
+[[nodiscard]] std::optional<STAmount>
+sharesToAssetsDeposit(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& shares);
+
+/** Controls whether to truncate shares instead of rounding. */
+enum class TruncateShares : bool { no = false, yes = true };
+
+/** From the perspective of a vault, return the number of shares to demand from
+    the depositor when they ask to withdraw a fixed amount of assets. Since
+    shares are MPT this number is integral, and it will be rounded to nearest
+    unless explicitly requested to be truncated instead.
+
+    @param vault The vault SLE.
+    @param issuance The MPTokenIssuance SLE for the vault's shares.
+    @param assets The amount of assets to convert.
+    @param truncate Whether to truncate instead of rounding.
+
+    @return The number of shares, or nullopt on error.
+*/
+[[nodiscard]] std::optional<STAmount>
+assetsToSharesWithdraw(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& assets,
+    TruncateShares truncate = TruncateShares::no);
+
+/** From the perspective of a vault, return the number of assets to give the
+    depositor when they redeem a fixed amount of shares. Note, since shares are
+    MPT, they are always an integral number.
+
+    @param vault The vault SLE.
+    @param issuance The MPTokenIssuance SLE for the vault's shares.
+    @param shares The amount of shares to convert.
+
+    @return The number of assets, or nullopt on error.
+*/
+[[nodiscard]] std::optional<STAmount>
+sharesToAssetsWithdraw(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& shares);
+
+}  // namespace xrpl

include/xrpl/net/HTTPClient.h

@@ -29,6 +29,18 @@ public:
         bool sslVerify,
         beast::Journal j);
 
+    /** Destroys the global SSL context created by initializeSSLContext().
+     *
+     *  This releases the underlying boost::asio::ssl::context and any
+     *  associated OpenSSL resources. Must not be called while any
+     *  HTTPClient requests are in flight.
+     *
+     *  @note Currently only called from tests during teardown. In production,
+     *        the SSL context lives for the lifetime of the process.
+     */
+    static void
+    cleanupSSLContext();
+
     static void
     get(bool bSSL,
         boost::asio::io_context& io_context,

include/xrpl/protocol/Feature.h

@@ -64,6 +64,49 @@
 
 namespace xrpl {
 
+// Feature names must not exceed this length (in characters, excluding the null terminator).
+static constexpr std::size_t maxFeatureNameSize = 63;
+// Reserve this exact feature-name length (in characters/bytes, excluding the null terminator)
+// so that a 32-byte uint256 (for example, in WASM or other interop contexts) can be used
+// as a compact, fixed-size feature selector without conflicting with human-readable names.
+static constexpr std::size_t reservedFeatureNameSize = 32;
+
+// Both validFeatureNameSize and validFeatureName are consteval functions that can be used in
+// static_asserts to validate feature names at compile time. They are only used inside
+// enforceValidFeatureName in Feature.cpp, but are exposed here for testing. The expected
+// parameter `auto fn` is a constexpr lambda which returns a const char*, making it available
+// for compile-time evaluation. Read more in https://accu.org/journals/overload/30/172/wu/
+consteval auto
+validFeatureNameSize(auto fn) -> bool
+{
+    constexpr char const* n = fn();
+    // Note, std::strlen is not constexpr, we need to implement our own here.
+    constexpr std::size_t N = [](auto n) {
+        std::size_t ret = 0;
+        for (auto ptr = n; *ptr != '\0'; ret++, ++ptr)
+            ;
+        return ret;
+    }(n);
+    return N != reservedFeatureNameSize &&  //
+        N <= maxFeatureNameSize;
+}
+
+consteval auto
+validFeatureName(auto fn) -> bool
+{
+    constexpr char const* n = fn();
+    // Prevent the use of visually confusable characters and enforce that feature names
+    // are always valid ASCII. This is needed because C++ allows Unicode identifiers.
+    // Characters below 0x20 are nonprintable control characters, and characters with the 0x80 bit
+    // set are non-ASCII (e.g. UTF-8 encoding of Unicode), so both are disallowed.
+    for (auto ptr = n; *ptr != '\0'; ++ptr)
+    {
+        if (*ptr & 0x80 || *ptr < 0x20)
+            return false;
+    }
+    return true;
+}
+
 enum class VoteBehavior : int { Obsolete = -1, DefaultNo = 0, DefaultYes };
 enum class AmendmentSupport : int { Retired = -1, Supported = 0, Unsupported };
 

include/xrpl/protocol/Permissions.h

@@ -65,19 +65,19 @@ public:
     std::optional<TxType>
     getGranularTxType(GranularPermissionType const& gpType) const;
 
-    std::optional<std::reference_wrapper<uint256 const>> const
+    std::optional<std::reference_wrapper<uint256 const>>
     getTxFeature(TxType txType) const;
 
     bool
     isDelegable(std::uint32_t const& permissionValue, Rules const& rules) const;
 
     // for tx level permission, permission value is equal to tx type plus one
-    uint32_t
-    txToPermissionType(TxType const& type) const;
+    static uint32_t
+    txToPermissionType(TxType const& type);
 
     // tx type value is permission value minus one
-    TxType
-    permissionToTxType(uint32_t const& value) const;
+    static TxType
+    permissionToTxType(uint32_t const& value);
 };
 
 }  // namespace xrpl

include/xrpl/protocol/Protocol.h

@@ -209,7 +209,7 @@ std::size_t constexpr maxDIDDocumentLength = 256;
 std::size_t constexpr maxDIDURILength = 256;
 
 /** The maximum length of an Attestation inside a DID */
-std::size_t constexpr maxDIDAttestationLength = 256;
+std::size_t constexpr maxDIDDataLength = 256;
 
 /** The maximum length of a domain */
 std::size_t constexpr maxDomainLength = 256;

include/xrpl/protocol/PublicKey.h

@@ -44,7 +44,7 @@ protected:
     // All the constructed public keys are valid, non-empty and contain 33
     // bytes of data.
     static constexpr std::size_t size_ = 33;
-    std::uint8_t buf_[size_];  // should be large enough
+    std::uint8_t buf_[size_]{};  // should be large enough
 
 public:
     using const_iterator = std::uint8_t const*;

include/xrpl/protocol/STAccount.h

@@ -24,7 +24,7 @@ public:
     STAccount();
 
     STAccount(SField const& n);
-    STAccount(SField const& n, Buffer&& v);
+    STAccount(SField const& n, Buffer const& v);
     STAccount(SerialIter& sit, SField const& name);
     STAccount(SField const& n, AccountID const& v);
 

include/xrpl/protocol/STObject.h

@@ -57,7 +57,7 @@ class STObject : public STBase, public CountedObject<STObject>
     using list_type = std::vector<detail::STVar>;
 
     list_type v_;
-    SOTemplate const* mType;
+    SOTemplate const* mType{};
 
 public:
     using iterator = boost::transform_iterator<Transform, STObject::list_type::const_iterator>;
@@ -401,7 +401,7 @@ public:
     getStyle(SField const& field) const;
 
     bool
-    hasMatchingEntry(STBase const&);
+    hasMatchingEntry(STBase const&) const;
 
     bool
     operator==(STObject const& o) const;

include/xrpl/protocol/STTx.h

@@ -15,7 +15,7 @@
 
 namespace xrpl {
 
-enum TxnSql : char {
+enum class TxnSql : char {
     txnSqlNew = 'N',
     txnSqlConflict = 'C',
     txnSqlHeld = 'H',
@@ -83,6 +83,9 @@ public:
     std::uint32_t
     getSeqValue() const;
 
+    AccountID
+    getFeePayer() const;
+
     boost::container::flat_set<AccountID>
     getMentionedAccounts() const;
 
@@ -122,7 +125,7 @@ public:
     getMetaSQL(
         Serializer rawTxn,
         std::uint32_t inLedger,
-        char status,
+        TxnSql status,
         std::string const& escapedMetaData) const;
 
     std::vector<uint256> const&

include/xrpl/protocol/SecretKey.h

@@ -16,8 +16,11 @@ namespace xrpl {
 /** A secret key. */
 class SecretKey
 {
+public:
+    static constexpr std::size_t size_ = 32;
+
 private:
-    std::uint8_t buf_[32];
+    std::uint8_t buf_[size_]{};
 
 public:
     using const_iterator = std::uint8_t const*;
@@ -27,9 +30,14 @@ public:
     SecretKey&
     operator=(SecretKey const&) = default;
 
+    bool
+    operator==(SecretKey const&) = delete;
+    bool
+    operator!=(SecretKey const&) = delete;
+
     ~SecretKey();
 
-    SecretKey(std::array<std::uint8_t, 32> const& data);
+    SecretKey(std::array<std::uint8_t, size_> const& data);
     SecretKey(Slice const& slice);
 
     std::uint8_t const*
@@ -78,16 +86,10 @@ public:
 };
 
 inline bool
-operator==(SecretKey const& lhs, SecretKey const& rhs)
-{
-    return lhs.size() == rhs.size() && std::memcmp(lhs.data(), rhs.data(), rhs.size()) == 0;
-}
+operator==(SecretKey const& lhs, SecretKey const& rhs) = delete;
 
 inline bool
-operator!=(SecretKey const& lhs, SecretKey const& rhs)
-{
-    return !(lhs == rhs);
-}
+operator!=(SecretKey const& lhs, SecretKey const& rhs) = delete;
 
 //------------------------------------------------------------------------------
 

include/xrpl/protocol/Seed.h

@@ -13,7 +13,7 @@ namespace xrpl {
 class Seed
 {
 private:
-    std::array<uint8_t, 16> buf_;
+    std::array<uint8_t, 16> buf_{};
 
 public:
     using const_iterator = std::array<uint8_t, 16>::const_iterator;

include/xrpl/protocol/Serializer.h

@@ -336,7 +336,7 @@ public:
         static_assert(N > 0, "");
     }
 
-    std::size_t
+    [[nodiscard]] bool
     empty() const noexcept
     {
         return remain_ == 0;

include/xrpl/protocol/SystemParameters.h

@@ -14,7 +14,7 @@ namespace xrpl {
 static inline std::string const&
 systemName()
 {
-    static std::string const name = "ripple";
+    static std::string const name = "xrpld";
     return name;
 }
 

include/xrpl/protocol/detail/STVar.h

@@ -44,7 +44,7 @@ private:
     // The largest "small object" we can accommodate
     static std::size_t constexpr max_size = 72;
 
-    std::aligned_storage<max_size>::type d_;
+    std::aligned_storage<max_size>::type d_ = {};
     STBase* p_ = nullptr;
 
 public:

include/xrpl/protocol/detail/transactions.macro

@@ -42,7 +42,7 @@ TRANSACTION(ttPAYMENT, 0, Payment,
 
 /** This transaction type creates an escrow object. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/Escrow.h>
+#   include <xrpl/tx/transactors/escrow/EscrowCreate.h>
 #endif
 TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
     Delegation::delegable,
@@ -58,6 +58,9 @@ TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
 }))
 
 /** This transaction type completes an existing escrow. */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/escrow/EscrowFinish.h>
+#endif
 TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
     Delegation::delegable,
     uint256{},
@@ -73,7 +76,7 @@ TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
 
 /** This transaction type adjusts various account settings. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/SetAccount.h>
+#   include <xrpl/tx/transactors/account/AccountSet.h>
 #endif
 TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
     Delegation::notDelegable,
@@ -94,7 +97,7 @@ TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
 
 /** This transaction type cancels an existing escrow. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/Escrow.h>
+#   include <xrpl/tx/transactors/escrow/EscrowCancel.h>
 #endif
 TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
     Delegation::delegable,
@@ -121,7 +124,7 @@ TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
 
 /** This transaction type creates an offer to trade one asset for another. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/CreateOffer.h>
+#   include <xrpl/tx/transactors/dex/OfferCreate.h>
 #endif
 TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
     Delegation::delegable,
@@ -137,7 +140,7 @@ TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
 
 /** This transaction type cancels existing offers to trade one asset for another. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/CancelOffer.h>
+#   include <xrpl/tx/transactors/dex/OfferCancel.h>
 #endif
 TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
     Delegation::delegable,
@@ -151,7 +154,7 @@ TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
 
 /** This transaction type creates a new set of tickets. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/system/CreateTicket.h>
+#   include <xrpl/tx/transactors/system/TicketCreate.h>
 #endif
 TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
     Delegation::delegable,
@@ -167,7 +170,7 @@ TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
 // The SignerEntries are optional because a SignerList is deleted by
 // setting the SignerQuorum to zero and omitting SignerEntries.
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/SetSignerList.h>
+#   include <xrpl/tx/transactors/account/SignerListSet.h>
 #endif
 TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
     Delegation::notDelegable,
@@ -180,7 +183,7 @@ TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
 
 /** This transaction type creates a new unidirectional XRP payment channel. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment_channel/PayChan.h>
+#   include <xrpl/tx/transactors/payment_channel/PaymentChannelCreate.h>
 #endif
 TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
     Delegation::delegable,
@@ -196,6 +199,9 @@ TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
 }))
 
 /** This transaction type funds an existing unidirectional XRP payment channel. */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/payment_channel/PaymentChannelFund.h>
+#endif
 TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
     Delegation::delegable,
     uint256{},
@@ -207,6 +213,9 @@ TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
 }))
 
 /** This transaction type submits a claim against an existing unidirectional payment channel. */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/payment_channel/PaymentChannelClaim.h>
+#endif
 TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
     Delegation::delegable,
     uint256{},
@@ -222,7 +231,7 @@ TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
 
 /** This transaction type creates a new check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CreateCheck.h>
+#   include <xrpl/tx/transactors/check/CheckCreate.h>
 #endif
 TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
     Delegation::delegable,
@@ -238,7 +247,7 @@ TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
 
 /** This transaction type cashes an existing check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CashCheck.h>
+#   include <xrpl/tx/transactors/check/CheckCash.h>
 #endif
 TRANSACTION(ttCHECK_CASH, 17, CheckCash,
     Delegation::delegable,
@@ -252,7 +261,7 @@ TRANSACTION(ttCHECK_CASH, 17, CheckCash,
 
 /** This transaction type cancels an existing check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CancelCheck.h>
+#   include <xrpl/tx/transactors/check/CheckCancel.h>
 #endif
 TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
     Delegation::delegable,
@@ -279,7 +288,7 @@ TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
 
 /** This transaction type modifies a trustline between two accounts. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/SetTrust.h>
+#   include <xrpl/tx/transactors/token/TrustSet.h>
 #endif
 TRANSACTION(ttTRUST_SET, 20, TrustSet,
     Delegation::delegable,
@@ -293,7 +302,7 @@ TRANSACTION(ttTRUST_SET, 20, TrustSet,
 
 /** This transaction type deletes an existing account. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/DeleteAccount.h>
+#   include <xrpl/tx/transactors/account/AccountDelete.h>
 #endif
 TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
     Delegation::notDelegable,
@@ -617,7 +626,7 @@ TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
 
 /** This transaction type creates or updates a DID */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/did/DID.h>
+#   include <xrpl/tx/transactors/did/DIDSet.h>
 #endif
 TRANSACTION(ttDID_SET, 49, DIDSet,
     Delegation::delegable,
@@ -630,6 +639,9 @@ TRANSACTION(ttDID_SET, 49, DIDSet,
 }))
 
 /** This transaction type deletes a DID */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/did/DIDDelete.h>
+#endif
 TRANSACTION(ttDID_DELETE, 50, DIDDelete,
     Delegation::delegable,
     featureDID,
@@ -638,7 +650,7 @@ TRANSACTION(ttDID_DELETE, 50, DIDDelete,
 
 /** This transaction type creates an Oracle instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/oracle/SetOracle.h>
+#   include <xrpl/tx/transactors/oracle/OracleSet.h>
 #endif
 TRANSACTION(ttORACLE_SET, 51, OracleSet,
     Delegation::delegable,
@@ -655,7 +667,7 @@ TRANSACTION(ttORACLE_SET, 51, OracleSet,
 
 /** This transaction type deletes an Oracle instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/oracle/DeleteOracle.h>
+#   include <xrpl/tx/transactors/oracle/OracleDelete.h>
 #endif
 TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
     Delegation::delegable,
@@ -739,7 +751,7 @@ TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
 
 /** This transaction type create an Credential instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/credentials/Credentials.h>
+#   include <xrpl/tx/transactors/credentials/CredentialCreate.h>
 #endif
 TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
     Delegation::delegable,
@@ -753,6 +765,9 @@ TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
 }))
 
 /** This transaction type accept an Credential object */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/credentials/CredentialAccept.h>
+#endif
 TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
     Delegation::delegable,
     featureCredentials,
@@ -763,6 +778,9 @@ TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
 }))
 
 /** This transaction type delete an Credential object */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/credentials/CredentialDelete.h>
+#endif
 TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
     Delegation::delegable,
     featureCredentials,
@@ -830,7 +848,7 @@ TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
 #   include <xrpl/tx/transactors/vault/VaultCreate.h>
 #endif
 TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureSingleAssetVault,
     createPseudoAcct | createMPTIssuance | mustModifyVault,
     ({
@@ -848,7 +866,7 @@ TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
 #   include <xrpl/tx/transactors/vault/VaultSet.h>
 #endif
 TRANSACTION(ttVAULT_SET, 66, VaultSet,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureSingleAssetVault,
     mustModifyVault,
     ({
@@ -863,7 +881,7 @@ TRANSACTION(ttVAULT_SET, 66, VaultSet,
 #   include <xrpl/tx/transactors/vault/VaultDelete.h>
 #endif
 TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureSingleAssetVault,
     mustDeleteAcct | destroyMPTIssuance | mustModifyVault,
     ({
@@ -875,7 +893,7 @@ TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
 #   include <xrpl/tx/transactors/vault/VaultDeposit.h>
 #endif
 TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureSingleAssetVault,
     mayAuthorizeMPT | mustModifyVault,
     ({
@@ -888,7 +906,7 @@ TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
 #   include <xrpl/tx/transactors/vault/VaultWithdraw.h>
 #endif
 TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureSingleAssetVault,
     mayDeleteMPT | mayAuthorizeMPT | mustModifyVault,
     ({
@@ -903,7 +921,7 @@ TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
 #   include <xrpl/tx/transactors/vault/VaultClawback.h>
 #endif
 TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureSingleAssetVault,
     mayDeleteMPT | mustModifyVault,
     ({
@@ -932,7 +950,7 @@ TRANSACTION(ttBATCH, 71, Batch,
 #   include <xrpl/tx/transactors/lending/LoanBrokerSet.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     createPseudoAcct | mayAuthorizeMPT, ({
     {sfVaultID, soeREQUIRED},
@@ -949,7 +967,7 @@ TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
 #   include <xrpl/tx/transactors/lending/LoanBrokerDelete.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     mustDeleteAcct | mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -960,7 +978,7 @@ TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
 #   include <xrpl/tx/transactors/lending/LoanBrokerCoverDeposit.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -972,7 +990,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
 #   include <xrpl/tx/transactors/lending/LoanBrokerCoverWithdraw.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -987,7 +1005,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
 #   include <xrpl/tx/transactors/lending/LoanBrokerCoverClawback.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeOPTIONAL},
@@ -999,7 +1017,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
 #   include <xrpl/tx/transactors/lending/LoanSet.h>
 #endif
 TRANSACTION(ttLOAN_SET, 80, LoanSet,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -1026,7 +1044,7 @@ TRANSACTION(ttLOAN_SET, 80, LoanSet,
 #   include <xrpl/tx/transactors/lending/LoanDelete.h>
 #endif
 TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanID, soeREQUIRED},
@@ -1037,7 +1055,7 @@ TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
 #   include <xrpl/tx/transactors/lending/LoanManage.h>
 #endif
 TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     // All of the LoanManage options will modify the vault, but the
     // transaction can succeed without options, essentially making it
@@ -1051,7 +1069,7 @@ TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
 #   include <xrpl/tx/transactors/lending/LoanPay.h>
 #endif
 TRANSACTION(ttLOAN_PAY, 84, LoanPay,
-    Delegation::delegable,
+    Delegation::notDelegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanID, soeREQUIRED},

include/xrpl/protocol/digest.h

@@ -40,7 +40,7 @@ public:
     operator result_type() noexcept;
 
 private:
-    char ctx_[96];
+    char ctx_[96]{};
 };
 
 /** SHA-512 digest
@@ -63,7 +63,7 @@ public:
     operator result_type() noexcept;
 
 private:
-    char ctx_[216];
+    char ctx_[216]{};
 };
 
 /** SHA-256 digest
@@ -86,7 +86,7 @@ public:
     operator result_type() noexcept;
 
 private:
-    char ctx_[112];
+    char ctx_[112]{};
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/jss.h

@@ -112,6 +112,7 @@ JSS(accounts);                // in: LedgerEntry, Subscribe,
                               //     handlers/Ledger, Unsubscribe
 JSS(accounts_proposed);       // in: Subscribe, Unsubscribe
 JSS(action);
+JSS(active);                  // out: OverlayImpl
 JSS(acquiring);               // out: LedgerRequest
 JSS(address);                 // out: PeerImp
 JSS(affected);                // out: AcceptedLedgerTx
@@ -300,6 +301,7 @@ JSS(id);                      // websocket.
 JSS(ident);                   // in: AccountCurrencies, AccountInfo,
                               //     OwnerInfo
 JSS(ignore_default);          // in: AccountLines
+JSS(in);                      // out: OverlayImpl
 JSS(inLedger);                // out: tx/Transaction
 JSS(inbound);                 // out: PeerImp
 JSS(index);                   // in: LedgerEntry
@@ -464,6 +466,7 @@ JSS(open_ledger_level);       // out: TxQ
 JSS(optionality);             // out: server_definitions
 JSS(oracles);                 // in: get_aggregate_price
 JSS(oracle_document_id);      // in: get_aggregate_price
+JSS(out);                     // out: OverlayImpl
 JSS(owner);                   // in: LedgerEntry, out: NetworkOPs
 JSS(owner_funds);             // in/out: Ledger, NetworkOPs, AcceptedLedgerTx
 JSS(page_index);
@@ -531,6 +534,7 @@ JSS(response);                // websocket
 JSS(result);                  // RPC
 JSS(ripple_lines);            // out: NetworkOPs
 JSS(ripple_state);            // in: LedgerEntr
+JSS(ripplerpc);               // ripple RPC version
 JSS(role);                    // out: Ping.cpp
 JSS(rpc);
 JSS(rt_accounts);             // in: Subscribe, Unsubscribe

include/xrpl/protocol_autogen/LedgerEntryBase.h

@@ -0,0 +1,152 @@
+#pragma once
+
+#include <xrpl/protocol/LedgerFormats.h>
+#include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol_autogen/STObjectValidation.h>
+#include <xrpl/protocol_autogen/Utils.h>
+
+#include <optional>
+#include <string>
+
+namespace xrpl::ledger_entries {
+
+/**
+ * @brief Base class for type-safe ledger entry wrappers.
+ *
+ * This class provides common functionality for all ledger entry types,
+ * including access to common fields (sfLedgerIndex, sfLedgerEntryType, sfFlags).
+ *
+ * This is an immutable wrapper around SLE (Serialized Ledger Entry).
+ * Use the corresponding Builder classes to construct new ledger entries.
+ */
+class LedgerEntryBase
+{
+public:
+    /**
+     * @brief Construct a ledger entry wrapper from an existing SLE object.
+     * @param sle The underlying serialized ledger entry to wrap
+     */
+    explicit LedgerEntryBase(std::shared_ptr<SLE const> sle) : sle_(std::move(sle))
+    {
+    }
+
+    /**
+     * @brief Validate the ledger entry
+     * @return true if validation passes, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    validate() const
+    {
+        if (!sle_->isFieldPresent(sfLedgerEntryType))
+        {
+            return false;  // LCOV_EXCL_LINE
+        }
+        auto ledgerEntryType = static_cast<LedgerEntryType>(sle_->getFieldU16(sfLedgerEntryType));
+        return protocol_autogen::validateSTObject(
+            *sle_, LedgerFormats::getInstance().findByType(ledgerEntryType)->getSOTemplate());
+    }
+
+    /**
+     * @brief Get the ledger entry type.
+     * @return The type of this ledger entry
+     */
+    [[nodiscard]]
+    LedgerEntryType
+    getType() const
+    {
+        return sle_->getType();
+    }
+
+    /**
+     * @brief Get the key (index) of this ledger entry.
+     *
+     * The key uniquely identifies this ledger entry in the ledger state.
+     * @return A constant reference to the 256-bit key
+     */
+    [[nodiscard]]
+    uint256 const&
+    getKey() const
+    {
+        return sle_->key();
+    }
+
+    // Common field getters (from LedgerFormats.cpp commonFields)
+
+    /**
+     * @brief Get the ledger index (sfLedgerIndex).
+     *
+     * This field is OPTIONAL and represents the index of the ledger entry.
+     * @return The ledger index if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint256>
+    getLedgerIndex() const
+    {
+        if (sle_->isFieldPresent(sfLedgerIndex))
+        {
+            return sle_->at(sfLedgerIndex);
+        }
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the ledger entry has a ledger index.
+     * @return true if sfLedgerIndex is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasLedgerIndex() const
+    {
+        return sle_->isFieldPresent(sfLedgerIndex);
+    }
+
+    /**
+     * @brief Get the ledger entry type field (sfLedgerEntryType).
+     *
+     * This field is REQUIRED for all ledger entries and indicates the type
+     * of the ledger entry (e.g., AccountRoot, RippleState, Offer, etc.).
+     * @return The ledger entry type as a 16-bit unsigned integer
+     */
+    [[nodiscard]]
+    uint16_t
+    getLedgerEntryType() const
+    {
+        return sle_->at(sfLedgerEntryType);
+    }
+
+    /**
+     * @brief Get the flags field (sfFlags).
+     *
+     * This field is REQUIRED for all ledger entries and contains
+     * type-specific flags that modify the behavior of the ledger entry.
+     * @return The flags value as a 32-bit unsigned integer
+     */
+    [[nodiscard]]
+    std::uint32_t
+    getFlags() const
+    {
+        return sle_->at(sfFlags);
+    }
+
+    /**
+     * @brief Get the underlying SLE object.
+     *
+     * Provides direct access to the wrapped serialized ledger entry object
+     * for cases where the type-safe accessors are insufficient.
+     * @return A constant reference to the underlying SLE object
+     */
+    [[nodiscard]]
+    std::shared_ptr<SLE const>
+    getSle() const
+    {
+        return sle_;
+    }
+
+protected:
+    /** @brief The underlying serialized ledger entry being wrapped. */
+    std::shared_ptr<SLE const> sle_;
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/LedgerEntryBuilderBase.h

@@ -0,0 +1,84 @@
+#pragma once
+
+#include <xrpl/protocol/LedgerFormats.h>
+#include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/STAccount.h>
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/STBlob.h>
+#include <xrpl/protocol/STInteger.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STObject.h>
+#include <xrpl/protocol_autogen/STObjectValidation.h>
+
+namespace xrpl::ledger_entries {
+
+/**
+ * Base class for all ledger entry builders.
+ * Provides common field setters that are available for all ledger entry types.
+ */
+template <typename Derived>
+class LedgerEntryBuilderBase
+{
+public:
+    LedgerEntryBuilderBase() = default;
+
+    LedgerEntryBuilderBase(
+        SF_UINT16::type::value_type ledgerEntryType,
+        SF_UINT32::type::value_type flags = 0)
+    {
+        // Don't call object_.set(soTemplate) - keep object_ as a free object.
+        // This avoids creating STBase placeholders for soeDEFAULT fields,
+        // which would cause applyTemplate() to throw "may not be explicitly
+        // set to default" when building the SLE.
+        // The SLE constructor will call applyTemplate() which properly
+        // handles missing fields.
+        object_[sfLedgerEntryType] = ledgerEntryType;
+        object_[sfFlags] = flags;
+    }
+
+    /**
+     * @brief Validate the ledger entry
+     * @return true if validation passes, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    validate() const
+    {
+        if (!object_.isFieldPresent(sfLedgerEntryType))
+        {
+            return false;  // LCOV_EXCL_LINE
+        }
+        auto ledgerEntryType = static_cast<LedgerEntryType>(object_.getFieldU16(sfLedgerEntryType));
+        return protocol_autogen::validateSTObject(
+            object_, LedgerFormats::getInstance().findByType(ledgerEntryType)->getSOTemplate());
+    }
+
+    /**
+     * Set the ledger index.
+     * @param value Ledger index
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setLedgerIndex(uint256 const& value)
+    {
+        object_[sfLedgerIndex] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the flags.
+     * @param value Flags value
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setFlags(uint32_t value)
+    {
+        object_.setFieldU32(sfFlags, value);
+        return static_cast<Derived&>(*this);
+    }
+
+protected:
+    STObject object_{sfLedgerEntry};
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/README.md

@@ -0,0 +1,79 @@
+# Protocol Autogen
+
+This directory contains auto-generated C++ wrapper classes for XRP Ledger protocol types.
+
+## Generated Files
+
+The files in this directory are automatically generated at **CMake configure time** from macro definition files:
+
+- **Transaction classes** (in `transactions/`): Generated from `include/xrpl/protocol/detail/transactions.macro` by `scripts/generate_tx_classes.py`
+- **Ledger entry classes** (in `ledger_entries/`): Generated from `include/xrpl/protocol/detail/ledger_entries.macro` by `scripts/generate_ledger_classes.py`
+
+## Generation Process
+
+The generation happens automatically when you **configure** the project (not during build). When you run CMake, the system:
+
+1. Creates a Python virtual environment in the build directory (`codegen_venv`)
+2. Installs Python dependencies from `scripts/requirements.txt` into the venv (only if needed)
+3. Runs the Python generation scripts using the venv Python interpreter
+4. Parses the macro files to extract type definitions
+5. Generates type-safe C++ wrapper classes using Mako templates
+6. Places the generated headers in this directory
+
+### When Regeneration Happens
+
+The code is regenerated when:
+
+- You run CMake configure for the first time
+- The Python virtual environment doesn't exist
+- `scripts/requirements.txt` has been modified
+
+To force regeneration, delete the build directory and reconfigure.
+
+### Python Dependencies
+
+The code generation requires the following Python packages (automatically installed):
+
+- `pcpp` - C preprocessor for Python
+- `pyparsing` - Parser combinator library
+- `Mako` - Template engine
+
+These are isolated in a virtual environment and won't affect your system Python installation.
+
+## Version Control
+
+The generated `.h` files **are checked into version control**. This means:
+
+- Developers without Python 3 can still build the project using the committed files
+- CI/CD systems don't need to run code generation if files are up to date
+- Changes to generated files are visible in code review
+
+## Modifying Generated Code
+
+**Do not manually edit generated files.** Any changes will be overwritten the next time CMake configure runs.
+
+To modify the generated classes:
+
+- Edit the macro files in `include/xrpl/protocol/detail/`
+- Edit the Mako templates in `scripts/templates/`
+- Edit the generation scripts in `scripts/`
+- Update Python dependencies in `scripts/requirements.txt`
+- Run CMake configure to regenerate
+
+## Adding Common Fields
+
+If you add a new common field to `TxFormats.cpp` or `LedgerFormats.cpp`, you should also update the corresponding base classes and templates manually:
+
+Base classes:
+
+- `TransactionBase.h` - Add getters for new common transaction fields
+- `TransactionBuilderBase.h` - Add setters, and if the field is required, add it to the constructor parameters
+- `LedgerEntryBase.h` - Add getters for new common ledger entry fields
+- `LedgerEntryBuilderBase.h` - Add setters, and if the field is required, add it to the constructor parameters
+
+Templates (update to pass required common fields to base class constructors):
+
+- `scripts/templates/Transaction.h.mako`
+- `scripts/templates/LedgerEntry.h.mako`
+
+These files are **not auto-generated** and must be updated by hand.

include/xrpl/protocol_autogen/STObjectValidation.h

@@ -0,0 +1,43 @@
+#pragma once
+
+#include <xrpl/protocol/SOTemplate.h>
+#include <xrpl/protocol/STObject.h>
+
+namespace xrpl::protocol_autogen {
+
+[[nodiscard]]
+inline bool
+validateSTObject(STObject const& obj, SOTemplate const& format)
+{
+    for (auto const& field : format)
+    {
+        if (!obj.isFieldPresent(field.sField()) && field.style() == soeREQUIRED)
+        {
+            return false;  // LCOV_EXCL_LINE
+        }
+
+        if (field.supportMPT() == soeMPTNotSupported && obj.isFieldPresent(field.sField()))
+        {
+            if (field.sField().fieldType == STI_AMOUNT)
+            {
+                auto const& amount = obj.getFieldAmount(field.sField());
+
+                if (amount.asset().holds<MPTIssue>())
+                    return false;  // LCOV_EXCL_LINE
+            }
+            else if (field.sField().fieldType == STI_ISSUE)
+            {
+                auto issue = dynamic_cast<STIssue const*>(obj.peekAtPField(field.sField()));
+                if (!issue)
+                    return false;  // LCOV_EXCL_LINE
+
+                if (issue->holds<MPTIssue>())
+                    return false;  // LCOV_EXCL_LINE
+            }
+        }
+    }
+
+    return true;
+}
+
+}  // namespace xrpl::protocol_autogen

include/xrpl/protocol_autogen/TransactionBase.h

@@ -0,0 +1,457 @@
+#pragma once
+
+#include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/STAccount.h>
+#include <xrpl/protocol/STArray.h>
+#include <xrpl/protocol/STObject.h>
+#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/TxFormats.h>
+#include <xrpl/protocol_autogen/STObjectValidation.h>
+#include <xrpl/protocol_autogen/Utils.h>
+
+#include <optional>
+#include <string>
+
+namespace xrpl::transactions {
+
+/**
+ * @brief Base class for all transaction wrapper types.
+ *
+ * Provides type-safe read-only accessors for common transaction fields.
+ * This is an immutable wrapper around STTx. Use the corresponding Builder classes
+ * to construct new transactions.
+ */
+class TransactionBase
+{
+public:
+    /**
+     * @brief Construct a transaction wrapper from an existing STTx object.
+     * @param tx The underlying transaction object to wrap
+     */
+    explicit TransactionBase(std::shared_ptr<STTx const> tx) : tx_(std::move(tx))
+    {
+    }
+
+    /**
+     * @brief Validate the transaction
+     * @return true if validation passes, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    validate(std::string& reason) const
+    {
+        if (!protocol_autogen::validateSTObject(
+                *tx_, TxFormats::getInstance().findByType(tx_->getTxnType())->getSOTemplate()))
+        {
+            // LCOV_EXCL_START
+            reason = "Transaction failed schema validation";
+            return false;
+            // LCOV_EXCL_STOP
+        }
+
+        // Pseudo transactions are not submitted to the network
+        if (isPseudoTx(*tx_))
+        {
+            return true;
+        }
+        return passesLocalChecks(*tx_, reason);
+    }
+
+    /**
+     * @brief Get the transaction type.
+     * @return The type of this transaction
+     */
+    [[nodiscard]]
+    xrpl::TxType
+    getTransactionType() const
+    {
+        return tx_->getTxnType();
+    }
+
+    /**
+     * @brief Get the account initiating the transaction (sfAccount).
+     *
+     * This field is REQUIRED for all transactions.
+     * @return The account ID of the transaction sender
+     */
+    [[nodiscard]]
+    AccountID
+    getAccount() const
+    {
+        return tx_->at(sfAccount);
+    }
+
+    /**
+     * @brief Get the sequence number of the transaction (sfSequence).
+     *
+     * This field is REQUIRED for all transactions.
+     * @return The sequence number
+     */
+    [[nodiscard]]
+    std::uint32_t
+    getSequence() const
+    {
+        return tx_->at(sfSequence);
+    }
+
+    /**
+     * @brief Get the transaction fee (sfFee).
+     *
+     * This field is REQUIRED for all transactions.
+     * @return The fee amount
+     */
+    [[nodiscard]]
+    STAmount
+    getFee() const
+    {
+        return tx_->at(sfFee);
+    }
+
+    /**
+     * @brief Get the signing public key (sfSigningPubKey).
+     *
+     * This field is REQUIRED for all transactions.
+     * @return The public key used for signing as a blob
+     */
+    [[nodiscard]]
+    Blob
+    getSigningPubKey() const
+    {
+        return tx_->getFieldVL(sfSigningPubKey);
+    }
+
+    /**
+     * @brief Get the transaction flags (sfFlags).
+     *
+     * This field is OPTIONAL.
+     * @return The flags value if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint32_t>
+    getFlags() const
+    {
+        if (tx_->isFieldPresent(sfFlags))
+            return tx_->at(sfFlags);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has flags set.
+     * @return true if sfFlags is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasFlags() const
+    {
+        return tx_->isFieldPresent(sfFlags);
+    }
+
+    /**
+     * @brief Get the source tag (sfSourceTag).
+     *
+     * This field is OPTIONAL and used to identify the source of a payment.
+     * @return The source tag value if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint32_t>
+    getSourceTag() const
+    {
+        if (tx_->isFieldPresent(sfSourceTag))
+            return tx_->at(sfSourceTag);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has a source tag.
+     * @return true if sfSourceTag is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasSourceTag() const
+    {
+        return tx_->isFieldPresent(sfSourceTag);
+    }
+
+    /**
+     * @brief Get the previous transaction ID (sfPreviousTxnID).
+     *
+     * This field is OPTIONAL and used for transaction chaining.
+     * @return The previous transaction ID if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint256>
+    getPreviousTxnID() const
+    {
+        if (tx_->isFieldPresent(sfPreviousTxnID))
+            return tx_->at(sfPreviousTxnID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has a previous transaction ID.
+     * @return true if sfPreviousTxnID is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasPreviousTxnID() const
+    {
+        return tx_->isFieldPresent(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get the last ledger sequence (sfLastLedgerSequence).
+     *
+     * This field is OPTIONAL and specifies the latest ledger sequence
+     * in which this transaction can be included.
+     * @return The last ledger sequence if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint32_t>
+    getLastLedgerSequence() const
+    {
+        if (tx_->isFieldPresent(sfLastLedgerSequence))
+            return tx_->at(sfLastLedgerSequence);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has a last ledger sequence.
+     * @return true if sfLastLedgerSequence is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasLastLedgerSequence() const
+    {
+        return tx_->isFieldPresent(sfLastLedgerSequence);
+    }
+
+    /**
+     * @brief Get the account transaction ID (sfAccountTxnID).
+     *
+     * This field is OPTIONAL and used to track transaction sequences.
+     * @return The account transaction ID if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint256>
+    getAccountTxnID() const
+    {
+        if (tx_->isFieldPresent(sfAccountTxnID))
+            return tx_->at(sfAccountTxnID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has an account transaction ID.
+     * @return true if sfAccountTxnID is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasAccountTxnID() const
+    {
+        return tx_->isFieldPresent(sfAccountTxnID);
+    }
+
+    /**
+     * @brief Get the operation limit (sfOperationLimit).
+     *
+     * This field is OPTIONAL and limits the number of operations in a transaction.
+     * @return The operation limit if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint32_t>
+    getOperationLimit() const
+    {
+        if (tx_->isFieldPresent(sfOperationLimit))
+            return tx_->at(sfOperationLimit);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has an operation limit.
+     * @return true if sfOperationLimit is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasOperationLimit() const
+    {
+        return tx_->isFieldPresent(sfOperationLimit);
+    }
+
+    /**
+     * @brief Get the memos array (sfMemos).
+     *
+     * This field is OPTIONAL and contains arbitrary data attached to the transaction.
+     * @note This is an untyped field (STArray).
+     * @return A reference wrapper to the memos array if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<std::reference_wrapper<STArray const>>
+    getMemos() const
+    {
+        if (tx_->isFieldPresent(sfMemos))
+            return tx_->getFieldArray(sfMemos);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has memos.
+     * @return true if sfMemos is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasMemos() const
+    {
+        return tx_->isFieldPresent(sfMemos);
+    }
+
+    /**
+     * @brief Get the ticket sequence (sfTicketSequence).
+     *
+     * This field is OPTIONAL and used when consuming a ticket instead of a sequence number.
+     * @return The ticket sequence if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint32_t>
+    getTicketSequence() const
+    {
+        if (tx_->isFieldPresent(sfTicketSequence))
+            return tx_->at(sfTicketSequence);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has a ticket sequence.
+     * @return true if sfTicketSequence is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasTicketSequence() const
+    {
+        return tx_->isFieldPresent(sfTicketSequence);
+    }
+
+    /**
+     * @brief Get the transaction signature (sfTxnSignature).
+     *
+     * This field is OPTIONAL and contains the signature for single-signed transactions.
+     * @return The transaction signature as a blob if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<Blob>
+    getTxnSignature() const
+    {
+        if (tx_->isFieldPresent(sfTxnSignature))
+            return tx_->getFieldVL(sfTxnSignature);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has a transaction signature.
+     * @return true if sfTxnSignature is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasTxnSignature() const
+    {
+        return tx_->isFieldPresent(sfTxnSignature);
+    }
+
+    /**
+     * @brief Get the signers array (sfSigners).
+     *
+     * This field is OPTIONAL and contains the list of signers for multi-signed transactions.
+     * @note This is an untyped field (STArray).
+     * @return A reference wrapper to the signers array if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<std::reference_wrapper<STArray const>>
+    getSigners() const
+    {
+        if (tx_->isFieldPresent(sfSigners))
+            return tx_->getFieldArray(sfSigners);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has signers.
+     * @return true if sfSigners is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasSigners() const
+    {
+        return tx_->isFieldPresent(sfSigners);
+    }
+
+    /**
+     * @brief Get the network ID (sfNetworkID).
+     *
+     * This field is OPTIONAL and identifies the network this transaction is intended for.
+     * @return The network ID if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<uint32_t>
+    getNetworkID() const
+    {
+        if (tx_->isFieldPresent(sfNetworkID))
+            return tx_->at(sfNetworkID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has a network ID.
+     * @return true if sfNetworkID is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasNetworkID() const
+    {
+        return tx_->isFieldPresent(sfNetworkID);
+    }
+
+    /**
+     * @brief Get the delegate account (sfDelegate).
+     *
+     * This field is OPTIONAL and specifies a delegate account for the transaction.
+     * @return The delegate account ID if present, std::nullopt otherwise
+     */
+    [[nodiscard]]
+    std::optional<AccountID>
+    getDelegate() const
+    {
+        if (tx_->isFieldPresent(sfDelegate))
+            return tx_->at(sfDelegate);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if the transaction has a delegate account.
+     * @return true if sfDelegate is present, false otherwise
+     */
+    [[nodiscard]]
+    bool
+    hasDelegate() const
+    {
+        return tx_->isFieldPresent(sfDelegate);
+    }
+
+    /**
+     * @brief Get the underlying STTx object.
+     *
+     * Provides direct access to the wrapped transaction object for cases
+     * where the type-safe accessors are insufficient.
+     * @return A constant reference to the underlying STTx object
+     */
+    [[nodiscard]]
+    std::shared_ptr<STTx const>
+    getSTTx() const
+    {
+        return tx_;
+    }
+
+protected:
+    /** @brief The underlying transaction object being wrapped. */
+    std::shared_ptr<STTx const> tx_;
+};
+
+}  // namespace xrpl::transactions

include/xrpl/protocol_autogen/TransactionBuilderBase.h

@@ -0,0 +1,269 @@
+#pragma once
+
+#include <xrpl/protocol/HashPrefix.h>
+#include <xrpl/protocol/PublicKey.h>
+#include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/STAccount.h>
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/STArray.h>
+#include <xrpl/protocol/STBlob.h>
+#include <xrpl/protocol/STInteger.h>
+#include <xrpl/protocol/STObject.h>
+#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/STXChainBridge.h>
+#include <xrpl/protocol/SecretKey.h>
+#include <xrpl/protocol/Serializer.h>
+#include <xrpl/protocol/TxFormats.h>
+#include <xrpl/protocol/jss.h>
+
+namespace xrpl::transactions {
+
+/**
+ * Base class for all transaction builders.
+ * Provides common field setters that are available for all transaction types.
+ */
+template <typename Derived>
+class TransactionBuilderBase
+{
+public:
+    TransactionBuilderBase() = default;
+
+    TransactionBuilderBase(
+        SF_UINT16::type::value_type transactionType,
+        SF_ACCOUNT::type::value_type account,
+        std::optional<SF_UINT32::type::value_type> sequence,
+        std::optional<SF_AMOUNT::type::value_type> fee)
+    {
+        // Don't call object_.set(soTemplate) - keep object_ as a free object.
+        // This avoids creating STBase placeholders for soeDEFAULT fields,
+        // which would cause applyTemplate() to throw "may not be explicitly
+        // set to default" when building the STTx.
+        // The STTx constructor will call applyTemplate() which properly
+        // handles missing fields.
+        object_[sfTransactionType] = transactionType;
+        setAccount(account);
+
+        if (sequence)
+        {
+            setSequence(*sequence);
+        }
+        if (fee)
+        {
+            setFee(*fee);
+        }
+    }
+
+    /**
+     * Set the account that is sending the transaction.
+     * @param value Account address (typically as a string)
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setAccount(AccountID const& value)
+    {
+        object_[sfAccount] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the transaction fee.
+     * @param value Fee in drops (typically as a string or number)
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setFee(STAmount const& value)
+    {
+        object_[sfFee] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the sequence number.
+     * @param value Sequence number
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setSequence(std::uint32_t const& value)
+    {
+        object_[sfSequence] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the ticket sequence to use for this transaction.
+     * When using a ticket, the regular sequence number is set to 0.
+     * @param value Ticket sequence number
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setTicketSequence(std::uint32_t const& value)
+    {
+        object_[sfSequence] = 0u;
+        object_[sfTicketSequence] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set transaction flags.
+     * @param value Flags value
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setFlags(std::uint32_t const& value)
+    {
+        object_[sfFlags] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the source tag.
+     * @param value Source tag
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setSourceTag(std::uint32_t const& value)
+    {
+        object_[sfSourceTag] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the last ledger sequence.
+     * @param value Last ledger sequence number
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setLastLedgerSequence(std::uint32_t const& value)
+    {
+        object_[sfLastLedgerSequence] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the account transaction ID.
+     * @param value Account transaction ID (typically as a hex string)
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setAccountTxnID(uint256 const& value)
+    {
+        object_[sfAccountTxnID] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the previous transaction ID.
+     * Used for emulate027 compatibility.
+     * @param value Previous transaction ID
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setPreviousTxnID(uint256 const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the operation limit.
+     * @param value Operation limit
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setOperationLimit(std::uint32_t const& value)
+    {
+        object_[sfOperationLimit] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the memos array.
+     * @param value Array of memo objects
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setMemos(STArray const& value)
+    {
+        object_.setFieldArray(sfMemos, value);
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the signers array for multi-signing.
+     * @param value Array of signer objects
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setSigners(STArray const& value)
+    {
+        object_.setFieldArray(sfSigners, value);
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the network ID.
+     * @param value Network ID
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setNetworkID(std::uint32_t const& value)
+    {
+        object_[sfNetworkID] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Set the delegate account for delegated transactions.
+     * @param value Delegate account ID
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    setDelegate(AccountID const& value)
+    {
+        object_[sfDelegate] = value;
+        return static_cast<Derived&>(*this);
+    }
+
+    /**
+     * Get the underlying STObject.
+     * @return The STObject
+     */
+    STObject const&
+    getSTObject() const
+    {
+        return object_;
+    }
+
+protected:
+    /**
+     * Sign the transaction with the given keys.
+     *
+     * This sets the SigningPubKey field and computes the TxnSignature.
+     *
+     * @param publicKey The public key for signing
+     * @param secretKey The secret key for signing
+     * @return Reference to the derived builder for method chaining.
+     */
+    Derived&
+    sign(PublicKey const& publicKey, SecretKey const& secretKey)
+    {
+        // Set the signing public key
+        object_.setFieldVL(sfSigningPubKey, publicKey.slice());
+
+        // Build the signing data: HashPrefix::txSign + serialized object
+        // (without signing fields)
+        Serializer s;
+        s.add32(HashPrefix::txSign);
+        object_.addWithoutSigningFields(s);
+
+        // Sign and set the signature
+        auto const sig = xrpl::sign(publicKey, secretKey, s.slice());
+        object_.setFieldVL(sfTxnSignature, sig);
+
+        return static_cast<Derived&>(*this);
+    }
+
+    STObject object_{sfTransaction};
+};
+
+}  // namespace xrpl::transactions

include/xrpl/protocol_autogen/Utils.h

@@ -0,0 +1,14 @@
+#pragma once
+
+#include <optional>
+#include <type_traits>
+
+namespace xrpl::protocol_autogen {
+
+template <typename ValueType>
+using Optional = std::conditional_t<
+    std::is_reference_v<ValueType>,
+    std::optional<std::reference_wrapper<std::remove_reference_t<ValueType>>>,
+    std::optional<ValueType>>;
+
+}

include/xrpl/protocol_autogen/ledger_entries/AMM.h

@@ -0,0 +1,392 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class AMMBuilder;
+
+/**
+ * @brief Ledger Entry: AMM
+ *
+ * Type: ltAMM (0x0079)
+ * RPC Name: amm
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use AMMBuilder to construct new ledger entries.
+ */
+class AMM : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltAMM;
+
+    /**
+     * @brief Construct a AMM ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit AMM(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for AMM");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfAccount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getAccount() const
+    {
+        return this->sle_->at(sfAccount);
+    }
+
+    /**
+     * @brief Get sfTradingFee (soeDEFAULT)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT16::type::value_type>
+    getTradingFee() const
+    {
+        if (hasTradingFee())
+            return this->sle_->at(sfTradingFee);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfTradingFee is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasTradingFee() const
+    {
+        return this->sle_->isFieldPresent(sfTradingFee);
+    }
+
+    /**
+     * @brief Get sfVoteSlots (soeOPTIONAL)
+     * @note This is an untyped field (unknown).
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    std::optional<std::reference_wrapper<STArray const>>
+    getVoteSlots() const
+    {
+        if (this->sle_->isFieldPresent(sfVoteSlots))
+            return this->sle_->getFieldArray(sfVoteSlots);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfVoteSlots is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasVoteSlots() const
+    {
+        return this->sle_->isFieldPresent(sfVoteSlots);
+    }
+
+    /**
+     * @brief Get sfAuctionSlot (soeOPTIONAL)
+     * @note This is an untyped field (unknown).
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    std::optional<STObject>
+    getAuctionSlot() const
+    {
+        if (this->sle_->isFieldPresent(sfAuctionSlot))
+            return this->sle_->getFieldObject(sfAuctionSlot);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfAuctionSlot is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasAuctionSlot() const
+    {
+        return this->sle_->isFieldPresent(sfAuctionSlot);
+    }
+
+    /**
+     * @brief Get sfLPTokenBalance (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_AMOUNT::type::value_type
+    getLPTokenBalance() const
+    {
+        return this->sle_->at(sfLPTokenBalance);
+    }
+
+    /**
+     * @brief Get sfAsset (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ISSUE::type::value_type
+    getAsset() const
+    {
+        return this->sle_->at(sfAsset);
+    }
+
+    /**
+     * @brief Get sfAsset2 (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ISSUE::type::value_type
+    getAsset2() const
+    {
+        return this->sle_->at(sfAsset2);
+    }
+
+    /**
+     * @brief Get sfOwnerNode (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getOwnerNode() const
+    {
+        return this->sle_->at(sfOwnerNode);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getPreviousTxnID() const
+    {
+        if (hasPreviousTxnID())
+            return this->sle_->at(sfPreviousTxnID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfPreviousTxnID is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasPreviousTxnID() const
+    {
+        return this->sle_->isFieldPresent(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getPreviousTxnLgrSeq() const
+    {
+        if (hasPreviousTxnLgrSeq())
+            return this->sle_->at(sfPreviousTxnLgrSeq);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfPreviousTxnLgrSeq is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasPreviousTxnLgrSeq() const
+    {
+        return this->sle_->isFieldPresent(sfPreviousTxnLgrSeq);
+    }
+};
+
+/**
+ * @brief Builder for AMM ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class AMMBuilder : public LedgerEntryBuilderBase<AMMBuilder>
+{
+public:
+    /**
+     * @brief Construct a new AMMBuilder with required fields.
+     * @param account The sfAccount field value.
+     * @param lPTokenBalance The sfLPTokenBalance field value.
+     * @param asset The sfAsset field value.
+     * @param asset2 The sfAsset2 field value.
+     * @param ownerNode The sfOwnerNode field value.
+     */
+    AMMBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_AMOUNT::type::value_type> const& lPTokenBalance,std::decay_t<typename SF_ISSUE::type::value_type> const& asset,std::decay_t<typename SF_ISSUE::type::value_type> const& asset2,std::decay_t<typename SF_UINT64::type::value_type> const& ownerNode)
+        : LedgerEntryBuilderBase<AMMBuilder>(ltAMM)
+    {
+        setAccount(account);
+        setLPTokenBalance(lPTokenBalance);
+        setAsset(asset);
+        setAsset2(asset2);
+        setOwnerNode(ownerNode);
+    }
+
+    /**
+     * @brief Construct a AMMBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    AMMBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltAMM)
+        {
+            throw std::runtime_error("Invalid ledger entry type for AMM");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfAccount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfAccount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfTradingFee (soeDEFAULT)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setTradingFee(std::decay_t<typename SF_UINT16::type::value_type> const& value)
+    {
+        object_[sfTradingFee] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfVoteSlots (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setVoteSlots(STArray const& value)
+    {
+        object_.setFieldArray(sfVoteSlots, value);
+        return *this;
+    }
+
+    /**
+     * @brief Set sfAuctionSlot (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setAuctionSlot(STObject const& value)
+    {
+        object_.setFieldObject(sfAuctionSlot, value);
+        return *this;
+    }
+
+    /**
+     * @brief Set sfLPTokenBalance (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setLPTokenBalance(std::decay_t<typename SF_AMOUNT::type::value_type> const& value)
+    {
+        object_[sfLPTokenBalance] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfAsset (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setAsset(std::decay_t<typename SF_ISSUE::type::value_type> const& value)
+    {
+        object_[sfAsset] = STIssue(sfAsset, value);
+        return *this;
+    }
+
+    /**
+     * @brief Set sfAsset2 (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setAsset2(std::decay_t<typename SF_ISSUE::type::value_type> const& value)
+    {
+        object_[sfAsset2] = STIssue(sfAsset2, value);
+        return *this;
+    }
+
+    /**
+     * @brief Set sfOwnerNode (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setOwnerNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfOwnerNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AMMBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed AMM wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    AMM
+    build(uint256 const& index)
+    {
+        return AMM{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/AccountRoot.h

@@ -0,0 +1,834 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class AccountRootBuilder;
+
+/**
+ * @brief Ledger Entry: AccountRoot
+ *
+ * Type: ltACCOUNT_ROOT (0x0061)
+ * RPC Name: account
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use AccountRootBuilder to construct new ledger entries.
+ */
+class AccountRoot : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltACCOUNT_ROOT;
+
+    /**
+     * @brief Construct a AccountRoot ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit AccountRoot(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for AccountRoot");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfAccount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getAccount() const
+    {
+        return this->sle_->at(sfAccount);
+    }
+
+    /**
+     * @brief Get sfSequence (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getSequence() const
+    {
+        return this->sle_->at(sfSequence);
+    }
+
+    /**
+     * @brief Get sfBalance (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_AMOUNT::type::value_type
+    getBalance() const
+    {
+        return this->sle_->at(sfBalance);
+    }
+
+    /**
+     * @brief Get sfOwnerCount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getOwnerCount() const
+    {
+        return this->sle_->at(sfOwnerCount);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT256::type::value_type
+    getPreviousTxnID() const
+    {
+        return this->sle_->at(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getPreviousTxnLgrSeq() const
+    {
+        return this->sle_->at(sfPreviousTxnLgrSeq);
+    }
+
+    /**
+     * @brief Get sfAccountTxnID (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getAccountTxnID() const
+    {
+        if (hasAccountTxnID())
+            return this->sle_->at(sfAccountTxnID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfAccountTxnID is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasAccountTxnID() const
+    {
+        return this->sle_->isFieldPresent(sfAccountTxnID);
+    }
+
+    /**
+     * @brief Get sfRegularKey (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_ACCOUNT::type::value_type>
+    getRegularKey() const
+    {
+        if (hasRegularKey())
+            return this->sle_->at(sfRegularKey);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfRegularKey is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasRegularKey() const
+    {
+        return this->sle_->isFieldPresent(sfRegularKey);
+    }
+
+    /**
+     * @brief Get sfEmailHash (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT128::type::value_type>
+    getEmailHash() const
+    {
+        if (hasEmailHash())
+            return this->sle_->at(sfEmailHash);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfEmailHash is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasEmailHash() const
+    {
+        return this->sle_->isFieldPresent(sfEmailHash);
+    }
+
+    /**
+     * @brief Get sfWalletLocator (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getWalletLocator() const
+    {
+        if (hasWalletLocator())
+            return this->sle_->at(sfWalletLocator);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfWalletLocator is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasWalletLocator() const
+    {
+        return this->sle_->isFieldPresent(sfWalletLocator);
+    }
+
+    /**
+     * @brief Get sfWalletSize (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getWalletSize() const
+    {
+        if (hasWalletSize())
+            return this->sle_->at(sfWalletSize);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfWalletSize is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasWalletSize() const
+    {
+        return this->sle_->isFieldPresent(sfWalletSize);
+    }
+
+    /**
+     * @brief Get sfMessageKey (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_VL::type::value_type>
+    getMessageKey() const
+    {
+        if (hasMessageKey())
+            return this->sle_->at(sfMessageKey);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfMessageKey is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasMessageKey() const
+    {
+        return this->sle_->isFieldPresent(sfMessageKey);
+    }
+
+    /**
+     * @brief Get sfTransferRate (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getTransferRate() const
+    {
+        if (hasTransferRate())
+            return this->sle_->at(sfTransferRate);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfTransferRate is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasTransferRate() const
+    {
+        return this->sle_->isFieldPresent(sfTransferRate);
+    }
+
+    /**
+     * @brief Get sfDomain (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_VL::type::value_type>
+    getDomain() const
+    {
+        if (hasDomain())
+            return this->sle_->at(sfDomain);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfDomain is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasDomain() const
+    {
+        return this->sle_->isFieldPresent(sfDomain);
+    }
+
+    /**
+     * @brief Get sfTickSize (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT8::type::value_type>
+    getTickSize() const
+    {
+        if (hasTickSize())
+            return this->sle_->at(sfTickSize);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfTickSize is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasTickSize() const
+    {
+        return this->sle_->isFieldPresent(sfTickSize);
+    }
+
+    /**
+     * @brief Get sfTicketCount (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getTicketCount() const
+    {
+        if (hasTicketCount())
+            return this->sle_->at(sfTicketCount);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfTicketCount is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasTicketCount() const
+    {
+        return this->sle_->isFieldPresent(sfTicketCount);
+    }
+
+    /**
+     * @brief Get sfNFTokenMinter (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_ACCOUNT::type::value_type>
+    getNFTokenMinter() const
+    {
+        if (hasNFTokenMinter())
+            return this->sle_->at(sfNFTokenMinter);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfNFTokenMinter is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasNFTokenMinter() const
+    {
+        return this->sle_->isFieldPresent(sfNFTokenMinter);
+    }
+
+    /**
+     * @brief Get sfMintedNFTokens (soeDEFAULT)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getMintedNFTokens() const
+    {
+        if (hasMintedNFTokens())
+            return this->sle_->at(sfMintedNFTokens);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfMintedNFTokens is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasMintedNFTokens() const
+    {
+        return this->sle_->isFieldPresent(sfMintedNFTokens);
+    }
+
+    /**
+     * @brief Get sfBurnedNFTokens (soeDEFAULT)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getBurnedNFTokens() const
+    {
+        if (hasBurnedNFTokens())
+            return this->sle_->at(sfBurnedNFTokens);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfBurnedNFTokens is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasBurnedNFTokens() const
+    {
+        return this->sle_->isFieldPresent(sfBurnedNFTokens);
+    }
+
+    /**
+     * @brief Get sfFirstNFTokenSequence (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getFirstNFTokenSequence() const
+    {
+        if (hasFirstNFTokenSequence())
+            return this->sle_->at(sfFirstNFTokenSequence);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfFirstNFTokenSequence is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasFirstNFTokenSequence() const
+    {
+        return this->sle_->isFieldPresent(sfFirstNFTokenSequence);
+    }
+
+    /**
+     * @brief Get sfAMMID (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getAMMID() const
+    {
+        if (hasAMMID())
+            return this->sle_->at(sfAMMID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfAMMID is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasAMMID() const
+    {
+        return this->sle_->isFieldPresent(sfAMMID);
+    }
+
+    /**
+     * @brief Get sfVaultID (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getVaultID() const
+    {
+        if (hasVaultID())
+            return this->sle_->at(sfVaultID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfVaultID is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasVaultID() const
+    {
+        return this->sle_->isFieldPresent(sfVaultID);
+    }
+
+    /**
+     * @brief Get sfLoanBrokerID (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getLoanBrokerID() const
+    {
+        if (hasLoanBrokerID())
+            return this->sle_->at(sfLoanBrokerID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfLoanBrokerID is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasLoanBrokerID() const
+    {
+        return this->sle_->isFieldPresent(sfLoanBrokerID);
+    }
+};
+
+/**
+ * @brief Builder for AccountRoot ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class AccountRootBuilder : public LedgerEntryBuilderBase<AccountRootBuilder>
+{
+public:
+    /**
+     * @brief Construct a new AccountRootBuilder with required fields.
+     * @param account The sfAccount field value.
+     * @param sequence The sfSequence field value.
+     * @param balance The sfBalance field value.
+     * @param ownerCount The sfOwnerCount field value.
+     * @param previousTxnID The sfPreviousTxnID field value.
+     * @param previousTxnLgrSeq The sfPreviousTxnLgrSeq field value.
+     */
+    AccountRootBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_UINT32::type::value_type> const& sequence,std::decay_t<typename SF_AMOUNT::type::value_type> const& balance,std::decay_t<typename SF_UINT32::type::value_type> const& ownerCount,std::decay_t<typename SF_UINT256::type::value_type> const& previousTxnID,std::decay_t<typename SF_UINT32::type::value_type> const& previousTxnLgrSeq)
+        : LedgerEntryBuilderBase<AccountRootBuilder>(ltACCOUNT_ROOT)
+    {
+        setAccount(account);
+        setSequence(sequence);
+        setBalance(balance);
+        setOwnerCount(ownerCount);
+        setPreviousTxnID(previousTxnID);
+        setPreviousTxnLgrSeq(previousTxnLgrSeq);
+    }
+
+    /**
+     * @brief Construct a AccountRootBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    AccountRootBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltACCOUNT_ROOT)
+        {
+            throw std::runtime_error("Invalid ledger entry type for AccountRoot");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfAccount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfAccount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfSequence (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setSequence(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfSequence] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfBalance (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setBalance(std::decay_t<typename SF_AMOUNT::type::value_type> const& value)
+    {
+        object_[sfBalance] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfOwnerCount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setOwnerCount(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfOwnerCount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfAccountTxnID (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setAccountTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfAccountTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfRegularKey (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setRegularKey(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfRegularKey] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfEmailHash (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setEmailHash(std::decay_t<typename SF_UINT128::type::value_type> const& value)
+    {
+        object_[sfEmailHash] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfWalletLocator (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setWalletLocator(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfWalletLocator] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfWalletSize (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setWalletSize(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfWalletSize] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfMessageKey (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setMessageKey(std::decay_t<typename SF_VL::type::value_type> const& value)
+    {
+        object_[sfMessageKey] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfTransferRate (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setTransferRate(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfTransferRate] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfDomain (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setDomain(std::decay_t<typename SF_VL::type::value_type> const& value)
+    {
+        object_[sfDomain] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfTickSize (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setTickSize(std::decay_t<typename SF_UINT8::type::value_type> const& value)
+    {
+        object_[sfTickSize] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfTicketCount (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setTicketCount(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfTicketCount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfNFTokenMinter (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setNFTokenMinter(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfNFTokenMinter] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfMintedNFTokens (soeDEFAULT)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setMintedNFTokens(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfMintedNFTokens] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfBurnedNFTokens (soeDEFAULT)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setBurnedNFTokens(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfBurnedNFTokens] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfFirstNFTokenSequence (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setFirstNFTokenSequence(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfFirstNFTokenSequence] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfAMMID (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setAMMID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfAMMID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfVaultID (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setVaultID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfVaultID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfLoanBrokerID (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AccountRootBuilder&
+    setLoanBrokerID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfLoanBrokerID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed AccountRoot wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    AccountRoot
+    build(uint256 const& index)
+    {
+        return AccountRoot{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/Amendments.h

@@ -0,0 +1,236 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class AmendmentsBuilder;
+
+/**
+ * @brief Ledger Entry: Amendments
+ *
+ * Type: ltAMENDMENTS (0x0066)
+ * RPC Name: amendments
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use AmendmentsBuilder to construct new ledger entries.
+ */
+class Amendments : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltAMENDMENTS;
+
+    /**
+     * @brief Construct a Amendments ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit Amendments(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Amendments");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfAmendments (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_VECTOR256::type::value_type>
+    getAmendments() const
+    {
+        if (hasAmendments())
+            return this->sle_->at(sfAmendments);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfAmendments is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasAmendments() const
+    {
+        return this->sle_->isFieldPresent(sfAmendments);
+    }
+
+    /**
+     * @brief Get sfMajorities (soeOPTIONAL)
+     * @note This is an untyped field (unknown).
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    std::optional<std::reference_wrapper<STArray const>>
+    getMajorities() const
+    {
+        if (this->sle_->isFieldPresent(sfMajorities))
+            return this->sle_->getFieldArray(sfMajorities);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfMajorities is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasMajorities() const
+    {
+        return this->sle_->isFieldPresent(sfMajorities);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getPreviousTxnID() const
+    {
+        if (hasPreviousTxnID())
+            return this->sle_->at(sfPreviousTxnID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfPreviousTxnID is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasPreviousTxnID() const
+    {
+        return this->sle_->isFieldPresent(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getPreviousTxnLgrSeq() const
+    {
+        if (hasPreviousTxnLgrSeq())
+            return this->sle_->at(sfPreviousTxnLgrSeq);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfPreviousTxnLgrSeq is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasPreviousTxnLgrSeq() const
+    {
+        return this->sle_->isFieldPresent(sfPreviousTxnLgrSeq);
+    }
+};
+
+/**
+ * @brief Builder for Amendments ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class AmendmentsBuilder : public LedgerEntryBuilderBase<AmendmentsBuilder>
+{
+public:
+    /**
+     * @brief Construct a new AmendmentsBuilder with required fields.
+     */
+    AmendmentsBuilder()
+        : LedgerEntryBuilderBase<AmendmentsBuilder>(ltAMENDMENTS)
+    {
+    }
+
+    /**
+     * @brief Construct a AmendmentsBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    AmendmentsBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltAMENDMENTS)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Amendments");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfAmendments (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AmendmentsBuilder&
+    setAmendments(std::decay_t<typename SF_VECTOR256::type::value_type> const& value)
+    {
+        object_[sfAmendments] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfMajorities (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AmendmentsBuilder&
+    setMajorities(STArray const& value)
+    {
+        object_.setFieldArray(sfMajorities, value);
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AmendmentsBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    AmendmentsBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed Amendments wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    Amendments
+    build(uint256 const& index)
+    {
+        return Amendments{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/Bridge.h

@@ -0,0 +1,346 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class BridgeBuilder;
+
+/**
+ * @brief Ledger Entry: Bridge
+ *
+ * Type: ltBRIDGE (0x0069)
+ * RPC Name: bridge
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use BridgeBuilder to construct new ledger entries.
+ */
+class Bridge : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltBRIDGE;
+
+    /**
+     * @brief Construct a Bridge ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit Bridge(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Bridge");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfAccount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getAccount() const
+    {
+        return this->sle_->at(sfAccount);
+    }
+
+    /**
+     * @brief Get sfSignatureReward (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_AMOUNT::type::value_type
+    getSignatureReward() const
+    {
+        return this->sle_->at(sfSignatureReward);
+    }
+
+    /**
+     * @brief Get sfMinAccountCreateAmount (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_AMOUNT::type::value_type>
+    getMinAccountCreateAmount() const
+    {
+        if (hasMinAccountCreateAmount())
+            return this->sle_->at(sfMinAccountCreateAmount);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfMinAccountCreateAmount is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasMinAccountCreateAmount() const
+    {
+        return this->sle_->isFieldPresent(sfMinAccountCreateAmount);
+    }
+
+    /**
+     * @brief Get sfXChainBridge (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_XCHAIN_BRIDGE::type::value_type
+    getXChainBridge() const
+    {
+        return this->sle_->at(sfXChainBridge);
+    }
+
+    /**
+     * @brief Get sfXChainClaimID (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getXChainClaimID() const
+    {
+        return this->sle_->at(sfXChainClaimID);
+    }
+
+    /**
+     * @brief Get sfXChainAccountCreateCount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getXChainAccountCreateCount() const
+    {
+        return this->sle_->at(sfXChainAccountCreateCount);
+    }
+
+    /**
+     * @brief Get sfXChainAccountClaimCount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getXChainAccountClaimCount() const
+    {
+        return this->sle_->at(sfXChainAccountClaimCount);
+    }
+
+    /**
+     * @brief Get sfOwnerNode (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getOwnerNode() const
+    {
+        return this->sle_->at(sfOwnerNode);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT256::type::value_type
+    getPreviousTxnID() const
+    {
+        return this->sle_->at(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getPreviousTxnLgrSeq() const
+    {
+        return this->sle_->at(sfPreviousTxnLgrSeq);
+    }
+};
+
+/**
+ * @brief Builder for Bridge ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class BridgeBuilder : public LedgerEntryBuilderBase<BridgeBuilder>
+{
+public:
+    /**
+     * @brief Construct a new BridgeBuilder with required fields.
+     * @param account The sfAccount field value.
+     * @param signatureReward The sfSignatureReward field value.
+     * @param xChainBridge The sfXChainBridge field value.
+     * @param xChainClaimID The sfXChainClaimID field value.
+     * @param xChainAccountCreateCount The sfXChainAccountCreateCount field value.
+     * @param xChainAccountClaimCount The sfXChainAccountClaimCount field value.
+     * @param ownerNode The sfOwnerNode field value.
+     * @param previousTxnID The sfPreviousTxnID field value.
+     * @param previousTxnLgrSeq The sfPreviousTxnLgrSeq field value.
+     */
+    BridgeBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_AMOUNT::type::value_type> const& signatureReward,std::decay_t<typename SF_XCHAIN_BRIDGE::type::value_type> const& xChainBridge,std::decay_t<typename SF_UINT64::type::value_type> const& xChainClaimID,std::decay_t<typename SF_UINT64::type::value_type> const& xChainAccountCreateCount,std::decay_t<typename SF_UINT64::type::value_type> const& xChainAccountClaimCount,std::decay_t<typename SF_UINT64::type::value_type> const& ownerNode,std::decay_t<typename SF_UINT256::type::value_type> const& previousTxnID,std::decay_t<typename SF_UINT32::type::value_type> const& previousTxnLgrSeq)
+        : LedgerEntryBuilderBase<BridgeBuilder>(ltBRIDGE)
+    {
+        setAccount(account);
+        setSignatureReward(signatureReward);
+        setXChainBridge(xChainBridge);
+        setXChainClaimID(xChainClaimID);
+        setXChainAccountCreateCount(xChainAccountCreateCount);
+        setXChainAccountClaimCount(xChainAccountClaimCount);
+        setOwnerNode(ownerNode);
+        setPreviousTxnID(previousTxnID);
+        setPreviousTxnLgrSeq(previousTxnLgrSeq);
+    }
+
+    /**
+     * @brief Construct a BridgeBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    BridgeBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltBRIDGE)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Bridge");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfAccount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfAccount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfSignatureReward (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setSignatureReward(std::decay_t<typename SF_AMOUNT::type::value_type> const& value)
+    {
+        object_[sfSignatureReward] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfMinAccountCreateAmount (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setMinAccountCreateAmount(std::decay_t<typename SF_AMOUNT::type::value_type> const& value)
+    {
+        object_[sfMinAccountCreateAmount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfXChainBridge (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setXChainBridge(std::decay_t<typename SF_XCHAIN_BRIDGE::type::value_type> const& value)
+    {
+        object_[sfXChainBridge] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfXChainClaimID (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setXChainClaimID(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfXChainClaimID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfXChainAccountCreateCount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setXChainAccountCreateCount(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfXChainAccountCreateCount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfXChainAccountClaimCount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setXChainAccountClaimCount(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfXChainAccountClaimCount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfOwnerNode (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setOwnerNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfOwnerNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    BridgeBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed Bridge wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    Bridge
+    build(uint256 const& index)
+    {
+        return Bridge{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/Check.h

@@ -0,0 +1,427 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class CheckBuilder;
+
+/**
+ * @brief Ledger Entry: Check
+ *
+ * Type: ltCHECK (0x0043)
+ * RPC Name: check
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use CheckBuilder to construct new ledger entries.
+ */
+class Check : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltCHECK;
+
+    /**
+     * @brief Construct a Check ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit Check(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Check");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfAccount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getAccount() const
+    {
+        return this->sle_->at(sfAccount);
+    }
+
+    /**
+     * @brief Get sfDestination (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getDestination() const
+    {
+        return this->sle_->at(sfDestination);
+    }
+
+    /**
+     * @brief Get sfSendMax (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_AMOUNT::type::value_type
+    getSendMax() const
+    {
+        return this->sle_->at(sfSendMax);
+    }
+
+    /**
+     * @brief Get sfSequence (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getSequence() const
+    {
+        return this->sle_->at(sfSequence);
+    }
+
+    /**
+     * @brief Get sfOwnerNode (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getOwnerNode() const
+    {
+        return this->sle_->at(sfOwnerNode);
+    }
+
+    /**
+     * @brief Get sfDestinationNode (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getDestinationNode() const
+    {
+        return this->sle_->at(sfDestinationNode);
+    }
+
+    /**
+     * @brief Get sfExpiration (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getExpiration() const
+    {
+        if (hasExpiration())
+            return this->sle_->at(sfExpiration);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfExpiration is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasExpiration() const
+    {
+        return this->sle_->isFieldPresent(sfExpiration);
+    }
+
+    /**
+     * @brief Get sfInvoiceID (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT256::type::value_type>
+    getInvoiceID() const
+    {
+        if (hasInvoiceID())
+            return this->sle_->at(sfInvoiceID);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfInvoiceID is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasInvoiceID() const
+    {
+        return this->sle_->isFieldPresent(sfInvoiceID);
+    }
+
+    /**
+     * @brief Get sfSourceTag (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getSourceTag() const
+    {
+        if (hasSourceTag())
+            return this->sle_->at(sfSourceTag);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfSourceTag is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasSourceTag() const
+    {
+        return this->sle_->isFieldPresent(sfSourceTag);
+    }
+
+    /**
+     * @brief Get sfDestinationTag (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getDestinationTag() const
+    {
+        if (hasDestinationTag())
+            return this->sle_->at(sfDestinationTag);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfDestinationTag is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasDestinationTag() const
+    {
+        return this->sle_->isFieldPresent(sfDestinationTag);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT256::type::value_type
+    getPreviousTxnID() const
+    {
+        return this->sle_->at(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getPreviousTxnLgrSeq() const
+    {
+        return this->sle_->at(sfPreviousTxnLgrSeq);
+    }
+};
+
+/**
+ * @brief Builder for Check ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class CheckBuilder : public LedgerEntryBuilderBase<CheckBuilder>
+{
+public:
+    /**
+     * @brief Construct a new CheckBuilder with required fields.
+     * @param account The sfAccount field value.
+     * @param destination The sfDestination field value.
+     * @param sendMax The sfSendMax field value.
+     * @param sequence The sfSequence field value.
+     * @param ownerNode The sfOwnerNode field value.
+     * @param destinationNode The sfDestinationNode field value.
+     * @param previousTxnID The sfPreviousTxnID field value.
+     * @param previousTxnLgrSeq The sfPreviousTxnLgrSeq field value.
+     */
+    CheckBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_ACCOUNT::type::value_type> const& destination,std::decay_t<typename SF_AMOUNT::type::value_type> const& sendMax,std::decay_t<typename SF_UINT32::type::value_type> const& sequence,std::decay_t<typename SF_UINT64::type::value_type> const& ownerNode,std::decay_t<typename SF_UINT64::type::value_type> const& destinationNode,std::decay_t<typename SF_UINT256::type::value_type> const& previousTxnID,std::decay_t<typename SF_UINT32::type::value_type> const& previousTxnLgrSeq)
+        : LedgerEntryBuilderBase<CheckBuilder>(ltCHECK)
+    {
+        setAccount(account);
+        setDestination(destination);
+        setSendMax(sendMax);
+        setSequence(sequence);
+        setOwnerNode(ownerNode);
+        setDestinationNode(destinationNode);
+        setPreviousTxnID(previousTxnID);
+        setPreviousTxnLgrSeq(previousTxnLgrSeq);
+    }
+
+    /**
+     * @brief Construct a CheckBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    CheckBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltCHECK)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Check");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfAccount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfAccount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfDestination (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setDestination(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfDestination] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfSendMax (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setSendMax(std::decay_t<typename SF_AMOUNT::type::value_type> const& value)
+    {
+        object_[sfSendMax] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfSequence (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setSequence(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfSequence] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfOwnerNode (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setOwnerNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfOwnerNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfDestinationNode (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setDestinationNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfDestinationNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfExpiration (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setExpiration(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfExpiration] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfInvoiceID (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setInvoiceID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfInvoiceID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfSourceTag (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setSourceTag(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfSourceTag] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfDestinationTag (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setDestinationTag(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfDestinationTag] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CheckBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed Check wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    Check
+    build(uint256 const& index)
+    {
+        return Check{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/Credential.h

@@ -0,0 +1,344 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class CredentialBuilder;
+
+/**
+ * @brief Ledger Entry: Credential
+ *
+ * Type: ltCREDENTIAL (0x0081)
+ * RPC Name: credential
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use CredentialBuilder to construct new ledger entries.
+ */
+class Credential : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltCREDENTIAL;
+
+    /**
+     * @brief Construct a Credential ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit Credential(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Credential");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfSubject (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getSubject() const
+    {
+        return this->sle_->at(sfSubject);
+    }
+
+    /**
+     * @brief Get sfIssuer (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getIssuer() const
+    {
+        return this->sle_->at(sfIssuer);
+    }
+
+    /**
+     * @brief Get sfCredentialType (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_VL::type::value_type
+    getCredentialType() const
+    {
+        return this->sle_->at(sfCredentialType);
+    }
+
+    /**
+     * @brief Get sfExpiration (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT32::type::value_type>
+    getExpiration() const
+    {
+        if (hasExpiration())
+            return this->sle_->at(sfExpiration);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfExpiration is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasExpiration() const
+    {
+        return this->sle_->isFieldPresent(sfExpiration);
+    }
+
+    /**
+     * @brief Get sfURI (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_VL::type::value_type>
+    getURI() const
+    {
+        if (hasURI())
+            return this->sle_->at(sfURI);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfURI is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasURI() const
+    {
+        return this->sle_->isFieldPresent(sfURI);
+    }
+
+    /**
+     * @brief Get sfIssuerNode (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getIssuerNode() const
+    {
+        return this->sle_->at(sfIssuerNode);
+    }
+
+    /**
+     * @brief Get sfSubjectNode (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_UINT64::type::value_type>
+    getSubjectNode() const
+    {
+        if (hasSubjectNode())
+            return this->sle_->at(sfSubjectNode);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfSubjectNode is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasSubjectNode() const
+    {
+        return this->sle_->isFieldPresent(sfSubjectNode);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT256::type::value_type
+    getPreviousTxnID() const
+    {
+        return this->sle_->at(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getPreviousTxnLgrSeq() const
+    {
+        return this->sle_->at(sfPreviousTxnLgrSeq);
+    }
+};
+
+/**
+ * @brief Builder for Credential ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class CredentialBuilder : public LedgerEntryBuilderBase<CredentialBuilder>
+{
+public:
+    /**
+     * @brief Construct a new CredentialBuilder with required fields.
+     * @param subject The sfSubject field value.
+     * @param issuer The sfIssuer field value.
+     * @param credentialType The sfCredentialType field value.
+     * @param issuerNode The sfIssuerNode field value.
+     * @param previousTxnID The sfPreviousTxnID field value.
+     * @param previousTxnLgrSeq The sfPreviousTxnLgrSeq field value.
+     */
+    CredentialBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& subject,std::decay_t<typename SF_ACCOUNT::type::value_type> const& issuer,std::decay_t<typename SF_VL::type::value_type> const& credentialType,std::decay_t<typename SF_UINT64::type::value_type> const& issuerNode,std::decay_t<typename SF_UINT256::type::value_type> const& previousTxnID,std::decay_t<typename SF_UINT32::type::value_type> const& previousTxnLgrSeq)
+        : LedgerEntryBuilderBase<CredentialBuilder>(ltCREDENTIAL)
+    {
+        setSubject(subject);
+        setIssuer(issuer);
+        setCredentialType(credentialType);
+        setIssuerNode(issuerNode);
+        setPreviousTxnID(previousTxnID);
+        setPreviousTxnLgrSeq(previousTxnLgrSeq);
+    }
+
+    /**
+     * @brief Construct a CredentialBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    CredentialBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltCREDENTIAL)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Credential");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfSubject (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setSubject(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfSubject] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfIssuer (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setIssuer(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfIssuer] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfCredentialType (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setCredentialType(std::decay_t<typename SF_VL::type::value_type> const& value)
+    {
+        object_[sfCredentialType] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfExpiration (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setExpiration(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfExpiration] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfURI (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setURI(std::decay_t<typename SF_VL::type::value_type> const& value)
+    {
+        object_[sfURI] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfIssuerNode (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setIssuerNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfIssuerNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfSubjectNode (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setSubjectNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfSubjectNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    CredentialBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed Credential wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    Credential
+    build(uint256 const& index)
+    {
+        return Credential{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/DID.h

@@ -0,0 +1,296 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class DIDBuilder;
+
+/**
+ * @brief Ledger Entry: DID
+ *
+ * Type: ltDID (0x0049)
+ * RPC Name: did
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use DIDBuilder to construct new ledger entries.
+ */
+class DID : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltDID;
+
+    /**
+     * @brief Construct a DID ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit DID(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for DID");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfAccount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getAccount() const
+    {
+        return this->sle_->at(sfAccount);
+    }
+
+    /**
+     * @brief Get sfDIDDocument (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_VL::type::value_type>
+    getDIDDocument() const
+    {
+        if (hasDIDDocument())
+            return this->sle_->at(sfDIDDocument);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfDIDDocument is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasDIDDocument() const
+    {
+        return this->sle_->isFieldPresent(sfDIDDocument);
+    }
+
+    /**
+     * @brief Get sfURI (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_VL::type::value_type>
+    getURI() const
+    {
+        if (hasURI())
+            return this->sle_->at(sfURI);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfURI is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasURI() const
+    {
+        return this->sle_->isFieldPresent(sfURI);
+    }
+
+    /**
+     * @brief Get sfData (soeOPTIONAL)
+     * @return The field value, or std::nullopt if not present.
+     */
+    [[nodiscard]]
+    protocol_autogen::Optional<SF_VL::type::value_type>
+    getData() const
+    {
+        if (hasData())
+            return this->sle_->at(sfData);
+        return std::nullopt;
+    }
+
+    /**
+     * @brief Check if sfData is present.
+     * @return True if the field is present, false otherwise.
+     */
+    [[nodiscard]]
+    bool
+    hasData() const
+    {
+        return this->sle_->isFieldPresent(sfData);
+    }
+
+    /**
+     * @brief Get sfOwnerNode (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getOwnerNode() const
+    {
+        return this->sle_->at(sfOwnerNode);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT256::type::value_type
+    getPreviousTxnID() const
+    {
+        return this->sle_->at(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getPreviousTxnLgrSeq() const
+    {
+        return this->sle_->at(sfPreviousTxnLgrSeq);
+    }
+};
+
+/**
+ * @brief Builder for DID ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class DIDBuilder : public LedgerEntryBuilderBase<DIDBuilder>
+{
+public:
+    /**
+     * @brief Construct a new DIDBuilder with required fields.
+     * @param account The sfAccount field value.
+     * @param ownerNode The sfOwnerNode field value.
+     * @param previousTxnID The sfPreviousTxnID field value.
+     * @param previousTxnLgrSeq The sfPreviousTxnLgrSeq field value.
+     */
+    DIDBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_UINT64::type::value_type> const& ownerNode,std::decay_t<typename SF_UINT256::type::value_type> const& previousTxnID,std::decay_t<typename SF_UINT32::type::value_type> const& previousTxnLgrSeq)
+        : LedgerEntryBuilderBase<DIDBuilder>(ltDID)
+    {
+        setAccount(account);
+        setOwnerNode(ownerNode);
+        setPreviousTxnID(previousTxnID);
+        setPreviousTxnLgrSeq(previousTxnLgrSeq);
+    }
+
+    /**
+     * @brief Construct a DIDBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    DIDBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltDID)
+        {
+            throw std::runtime_error("Invalid ledger entry type for DID");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfAccount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DIDBuilder&
+    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfAccount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfDIDDocument (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    DIDBuilder&
+    setDIDDocument(std::decay_t<typename SF_VL::type::value_type> const& value)
+    {
+        object_[sfDIDDocument] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfURI (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    DIDBuilder&
+    setURI(std::decay_t<typename SF_VL::type::value_type> const& value)
+    {
+        object_[sfURI] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfData (soeOPTIONAL)
+     * @return Reference to this builder for method chaining.
+     */
+    DIDBuilder&
+    setData(std::decay_t<typename SF_VL::type::value_type> const& value)
+    {
+        object_[sfData] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfOwnerNode (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DIDBuilder&
+    setOwnerNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfOwnerNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DIDBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DIDBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed DID wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    DID
+    build(uint256 const& index)
+    {
+        return DID{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/Delegate.h

@@ -0,0 +1,240 @@
+// This file is auto-generated. Do not edit.
+#pragma once
+
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STParsedJSON.h>
+#include <xrpl/protocol/jss.h>
+#include <xrpl/protocol_autogen/LedgerEntryBase.h>
+#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
+#include <xrpl/json/json_value.h>
+
+#include <stdexcept>
+#include <optional>
+
+namespace xrpl::ledger_entries {
+
+class DelegateBuilder;
+
+/**
+ * @brief Ledger Entry: Delegate
+ *
+ * Type: ltDELEGATE (0x0083)
+ * RPC Name: delegate
+ *
+ * Immutable wrapper around SLE providing type-safe field access.
+ * Use DelegateBuilder to construct new ledger entries.
+ */
+class Delegate : public LedgerEntryBase
+{
+public:
+    static constexpr LedgerEntryType entryType = ltDELEGATE;
+
+    /**
+     * @brief Construct a Delegate ledger entry wrapper from an existing SLE object.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    explicit Delegate(std::shared_ptr<SLE const> sle)
+        : LedgerEntryBase(std::move(sle))
+    {
+        // Verify ledger entry type
+        if (sle_->getType() != entryType)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Delegate");
+        }
+    }
+
+    // Ledger entry-specific field getters
+
+    /**
+     * @brief Get sfAccount (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getAccount() const
+    {
+        return this->sle_->at(sfAccount);
+    }
+
+    /**
+     * @brief Get sfAuthorize (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_ACCOUNT::type::value_type
+    getAuthorize() const
+    {
+        return this->sle_->at(sfAuthorize);
+    }
+
+    /**
+     * @brief Get sfPermissions (soeREQUIRED)
+     * @note This is an untyped field (unknown).
+     * @return The field value.
+     */
+    [[nodiscard]]
+    STArray const&
+    getPermissions() const
+    {
+        return this->sle_->getFieldArray(sfPermissions);
+    }
+
+    /**
+     * @brief Get sfOwnerNode (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT64::type::value_type
+    getOwnerNode() const
+    {
+        return this->sle_->at(sfOwnerNode);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnID (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT256::type::value_type
+    getPreviousTxnID() const
+    {
+        return this->sle_->at(sfPreviousTxnID);
+    }
+
+    /**
+     * @brief Get sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return The field value.
+     */
+    [[nodiscard]]
+    SF_UINT32::type::value_type
+    getPreviousTxnLgrSeq() const
+    {
+        return this->sle_->at(sfPreviousTxnLgrSeq);
+    }
+};
+
+/**
+ * @brief Builder for Delegate ledger entries.
+ *
+ * Provides a fluent interface for constructing ledger entries with method chaining.
+ * Uses Json::Value internally for flexible ledger entry construction.
+ * Inherits common field setters from LedgerEntryBuilderBase.
+ */
+class DelegateBuilder : public LedgerEntryBuilderBase<DelegateBuilder>
+{
+public:
+    /**
+     * @brief Construct a new DelegateBuilder with required fields.
+     * @param account The sfAccount field value.
+     * @param authorize The sfAuthorize field value.
+     * @param permissions The sfPermissions field value.
+     * @param ownerNode The sfOwnerNode field value.
+     * @param previousTxnID The sfPreviousTxnID field value.
+     * @param previousTxnLgrSeq The sfPreviousTxnLgrSeq field value.
+     */
+    DelegateBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_ACCOUNT::type::value_type> const& authorize,STArray const& permissions,std::decay_t<typename SF_UINT64::type::value_type> const& ownerNode,std::decay_t<typename SF_UINT256::type::value_type> const& previousTxnID,std::decay_t<typename SF_UINT32::type::value_type> const& previousTxnLgrSeq)
+        : LedgerEntryBuilderBase<DelegateBuilder>(ltDELEGATE)
+    {
+        setAccount(account);
+        setAuthorize(authorize);
+        setPermissions(permissions);
+        setOwnerNode(ownerNode);
+        setPreviousTxnID(previousTxnID);
+        setPreviousTxnLgrSeq(previousTxnLgrSeq);
+    }
+
+    /**
+     * @brief Construct a DelegateBuilder from an existing SLE object.
+     * @param sle The existing ledger entry to copy from.
+     * @throws std::runtime_error if the ledger entry type doesn't match.
+     */
+    DelegateBuilder(std::shared_ptr<SLE const> sle)
+    {
+        if (sle->at(sfLedgerEntryType) != ltDELEGATE)
+        {
+            throw std::runtime_error("Invalid ledger entry type for Delegate");
+        }
+        object_ = *sle;
+    }
+
+    /** @brief Ledger entry-specific field setters */
+
+    /**
+     * @brief Set sfAccount (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DelegateBuilder&
+    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfAccount] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfAuthorize (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DelegateBuilder&
+    setAuthorize(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
+    {
+        object_[sfAuthorize] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPermissions (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DelegateBuilder&
+    setPermissions(STArray const& value)
+    {
+        object_.setFieldArray(sfPermissions, value);
+        return *this;
+    }
+
+    /**
+     * @brief Set sfOwnerNode (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DelegateBuilder&
+    setOwnerNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
+    {
+        object_[sfOwnerNode] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnID (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DelegateBuilder&
+    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnID] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Set sfPreviousTxnLgrSeq (soeREQUIRED)
+     * @return Reference to this builder for method chaining.
+     */
+    DelegateBuilder&
+    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
+    {
+        object_[sfPreviousTxnLgrSeq] = value;
+        return *this;
+    }
+
+    /**
+     * @brief Build and return the completed Delegate wrapper.
+     * @param index The ledger entry index.
+     * @return The constructed ledger entry wrapper.
+     */
+    Delegate
+    build(uint256 const& index)
+    {
+        return Delegate{std::make_shared<SLE>(std::move(object_), index)};
+    }
+};
+
+}  // namespace xrpl::ledger_entries