PR comments

- systemd oneshot service + timer replaces cron job
- randomized scheduling and persistent timers
- journald logging with SyslogIdentifier
- flock-based concurrency control
- remove legacy update.log file

.github/scripts/levelization/results/ordering.txt

@@ -188,10 +188,16 @@ test.toplevel > xrpl.json
 test.unit_test > xrpl.basics
 test.unit_test > xrpl.protocol
 tests.libxrpl > xrpl.basics
+tests.libxrpl > xrpl.core
 tests.libxrpl > xrpl.json
+tests.libxrpl > xrpl.ledger
 tests.libxrpl > xrpl.net
+tests.libxrpl > xrpl.nodestore
 tests.libxrpl > xrpl.protocol
 tests.libxrpl > xrpl.protocol_autogen
+tests.libxrpl > xrpl.server
+tests.libxrpl > xrpl.shamap
+tests.libxrpl > xrpl.tx
 xrpl.conditions > xrpl.basics
 xrpl.conditions > xrpl.protocol
 xrpl.core > xrpl.basics

.github/scripts/strategy-matrix/generate.py

@@ -4,14 +4,15 @@ import itertools
 import json
 from dataclasses import dataclass
 from pathlib import Path
+from typing import Any
 
 THIS_DIR = Path(__file__).parent.resolve()
 
 
 @dataclass
 class Config:
-    architecture: list[dict]
-    os: list[dict]
+    architecture: list[dict[str, Any]]
+    os: list[dict[str, Any]]
     build_type: list[str]
     cmake_args: list[str]
 
@@ -32,7 +33,52 @@ We will further set additional CMake arguments as follows:
 """
 
 
-def generate_strategy_matrix(all: bool, config: Config) -> list:
+def build_config_name(
+    os_entry: dict[str, Any], architecture: dict[str, Any], build_type: str
+) -> str:
+    parts = [os_entry["distro_name"]]
+    for key in ("distro_version", "compiler_name", "compiler_version"):
+        if value := os_entry[key]:
+            parts.append(value)
+    platform = architecture["platform"]
+    parts.append(platform[platform.find("/") + 1 :])
+    parts.append(build_type.lower())
+    return "-".join(parts)
+
+
+def build_container_image(os_entry: dict[str, Any]) -> str:
+    image = f"ghcr.io/xrplf/ci/{os_entry['distro_name']}-{os_entry['distro_version']}"
+    tag = f"{os_entry['compiler_name']}-{os_entry['compiler_version']}-sha-{os_entry['image_sha']}"
+    return f"{image}:{tag}"
+
+
+def generate_packaging_matrix(config: Config) -> list[dict[str, str]]:
+    """Emit packaging entries for each os entry with `package: true`.
+    Packaging always uses Release build on linux/amd64. The package format
+    (deb or rpm) is inferred at runtime from the container's package manager.
+    """
+    architecture = next(
+        (a for a in config.architecture if a["platform"] == "linux/amd64"),
+        None,
+    )
+    if architecture is None:
+        raise Exception("linux/amd64 architecture required for packaging")
+
+    entries = []
+    for os_entry in config.os:
+        if not os_entry.get("package", False):
+            continue
+        config_name = build_config_name(os_entry, architecture, "Release")
+        entries.append(
+            {
+                "artifact_name": f"xrpld-{config_name}",
+                "container_image": build_container_image(os_entry),
+            }
+        )
+    return entries
+
+
+def generate_strategy_matrix(all: bool, config: Config) -> list[dict[str, Any]]:
     configurations = []
     for architecture, os, build_type, cmake_args in itertools.product(
         config.architecture, config.os, config.build_type, config.cmake_args
@@ -51,20 +97,21 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         # Only generate a subset of configurations in PRs.
         if not all:
             # Debian:
-            # - Bookworm using GCC 13: Release on linux/amd64, set the reference
-            #   fee to 500.
-            # - Bookworm using GCC 15: Debug on linux/amd64, enable code
-            #   coverage (which will be done below).
+            # - Bookworm using GCC 13: Debug on linux/amd64, set the reference
+            #   fee to 500 and enable code coverage (which will be done below).
+            # - Bookworm using GCC 15: Debug on linux/amd64, enable Address and
+            #   UB sanitizers (which will be done below).
             # - Bookworm using Clang 16: Debug on linux/amd64, enable voidstar.
             # - Bookworm using Clang 17: Release on linux/amd64, set the
             #   reference fee to 1000.
-            # - Bookworm using Clang 20: Debug on linux/amd64.
+            # - Bookworm using Clang 20: Debug on linux/amd64, enable Address
+            #   and UB sanitizers (which will be done below).
             if os["distro_name"] == "debian":
                 skip = True
                 if os["distro_version"] == "bookworm":
                     if (
                         f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-13"
-                        and build_type == "Release"
+                        and build_type == "Debug"
                         and architecture["platform"] == "linux/amd64"
                     ):
                         cmake_args = f"-DUNIT_TEST_REFERENCE_FEE=500 {cmake_args}"
@@ -99,14 +146,15 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                     continue
 
             # RHEL:
-            # - 9 using GCC 12: Debug on linux/amd64.
+            # - 9 using GCC 12: Debug and Release on linux/amd64
+            #   (Release is required for RPM packaging).
             # - 10 using Clang: Release on linux/amd64.
             if os["distro_name"] == "rhel":
                 skip = True
                 if os["distro_version"] == "9":
                     if (
                         f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-12"
-                        and build_type == "Debug"
+                        and build_type in ["Debug", "Release"]
                         and architecture["platform"] == "linux/amd64"
                     ):
                         skip = False
@@ -121,7 +169,8 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                     continue
 
             # Ubuntu:
-            # - Jammy using GCC 12: Debug on linux/arm64.
+            # - Jammy using GCC 12: Debug on linux/arm64, Release on
+            #   linux/amd64 (Release is required for DEB packaging).
             # - Noble using GCC 14: Release on linux/amd64.
             # - Noble using Clang 18: Debug on linux/amd64.
             # - Noble using Clang 19: Release on linux/arm64.
@@ -134,6 +183,12 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                         and architecture["platform"] == "linux/arm64"
                     ):
                         skip = False
+                    if (
+                        f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-12"
+                        and build_type == "Release"
+                        and architecture["platform"] == "linux/amd64"
+                    ):
+                        skip = False
                 elif os["distro_version"] == "noble":
                     if (
                         f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-14"
@@ -193,11 +248,11 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         ):
             continue
 
-        # Enable code coverage for Debian Bookworm using GCC 15 in Debug on
-        # linux/amd64
+        # Enable code coverage for Debian Bookworm using GCC 13 in Debug on
+        # linux/amd64.
         if (
             f"{os['distro_name']}-{os['distro_version']}" == "debian-bookworm"
-            and f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-15"
+            and f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-13"
             and build_type == "Debug"
             and architecture["platform"] == "linux/amd64"
         ):
@@ -215,17 +270,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
 
         # Generate a unique name for the configuration, e.g. macos-arm64-debug
         # or debian-bookworm-gcc-12-amd64-release.
-        config_name = os["distro_name"]
-        if (n := os["distro_version"]) != "":
-            config_name += f"-{n}"
-        if (n := os["compiler_name"]) != "":
-            config_name += f"-{n}"
-        if (n := os["compiler_version"]) != "":
-            config_name += f"-{n}"
-        config_name += (
-            f"-{architecture['platform'][architecture['platform'].find('/')+1:]}"
-        )
-        config_name += f"-{build_type.lower()}"
+        config_name = build_config_name(os, architecture, build_type)
         if "-Dcoverage=ON" in cmake_args:
             config_name += "-coverage"
         if "-Dunity=ON" in cmake_args:
@@ -234,23 +279,39 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         # Add the configuration to the list, with the most unique fields first,
         # so that they are easier to identify in the GitHub Actions UI, as long
         # names get truncated.
-        # Add Address and Thread (both coupled with UB) sanitizers for specific bookworm distros.
+        # Add Address and UB sanitizers as separate configurations for specific
+        # bookworm distros. Thread sanitizer is currently disabled (see below).
         # GCC-Asan xrpld-embedded tests are failing because of https://github.com/google/sanitizers/issues/856
-        if (
-            os["distro_version"] == "bookworm"
-            and f"{os['compiler_name']}-{os['compiler_version']}" == "clang-20"
-        ):
-            # Add ASAN + UBSAN configuration.
+        if os[
+            "distro_version"
+        ] == "bookworm" and f"{os['compiler_name']}-{os['compiler_version']}" in [
+            "gcc-15",
+            "clang-20",
+        ]:
+            # Add ASAN configuration.
             configurations.append(
                 {
-                    "config_name": config_name + "-asan-ubsan",
+                    "config_name": config_name + "-asan",
                     "cmake_args": cmake_args,
                     "cmake_target": cmake_target,
                     "build_only": build_only,
                     "build_type": build_type,
                     "os": os,
                     "architecture": architecture,
-                    "sanitizers": "address,undefinedbehavior",
+                    "sanitizers": "address",
+                }
+            )
+            # Add UBSAN configuration.
+            configurations.append(
+                {
+                    "config_name": config_name + "-ubsan",
+                    "cmake_args": cmake_args,
+                    "cmake_target": cmake_target,
+                    "build_only": build_only,
+                    "build_type": build_type,
+                    "os": os,
+                    "architecture": architecture,
+                    "sanitizers": "undefinedbehavior",
                 }
             )
             # TSAN is deactivated due to seg faults with latest compilers.
@@ -313,10 +374,19 @@ if __name__ == "__main__":
         required=False,
         type=Path,
     )
+    parser.add_argument(
+        "-p",
+        "--packaging",
+        help="Emit the packaging matrix (derived from the 'package' field on os entries) instead of the build/test matrix.",
+        action="store_true",
+    )
     args = parser.parse_args()
 
     matrix = []
-    if args.config is None or args.config == "":
+    if args.packaging:
+        config_path = args.config if args.config else THIS_DIR / "linux.json"
+        matrix += generate_packaging_matrix(read_config(config_path))
+    elif args.config is None or args.config == "":
         matrix += generate_strategy_matrix(
             args.all, read_config(THIS_DIR / "linux.json")
         )

.github/scripts/strategy-matrix/linux.json

@@ -120,7 +120,8 @@
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "ab4d1f0"
+      "image_sha": "ab4d1f0",
+      "package": true
     },
     {
       "distro_name": "rhel",
@@ -162,7 +163,8 @@
       "distro_version": "jammy",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "ab4d1f0"
+      "image_sha": "ab4d1f0",
+      "package": true
     },
     {
       "distro_name": "ubuntu",

.github/workflows/on-pr.yml

@@ -67,6 +67,7 @@ jobs:
             .github/workflows/reusable-build-test.yml
             .github/workflows/reusable-clang-tidy.yml
             .github/workflows/reusable-clang-tidy-files.yml
+            .github/workflows/reusable-package.yml
             .github/workflows/reusable-strategy-matrix.yml
             .github/workflows/reusable-test.yml
             .github/workflows/reusable-upload-recipe.yml
@@ -81,6 +82,8 @@ jobs:
             CMakeLists.txt
             conanfile.py
             conan.lock
+            package/**
+
       - name: Check whether to run
         # This step determines whether the rest of the workflow should
         # run. The rest of the workflow will run if this job runs AND at
@@ -137,6 +140,30 @@ jobs:
     secrets:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
+  generate-version:
+    needs: should-run
+    if: ${{ needs.should-run.outputs.go == 'true' }}
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          sparse-checkout: |
+            .github/actions/generate-version
+            src/libxrpl/protocol/BuildInfo.cpp
+      - name: Generate version
+        id: version
+        uses: ./.github/actions/generate-version
+
+  package:
+    needs: [should-run, build-test, generate-version]
+    if: ${{ needs.should-run.outputs.go == 'true' }}
+    uses: ./.github/workflows/reusable-package.yml
+    with:
+      version: ${{ needs.generate-version.outputs.version }}
+
   upload-recipe:
     needs:
       - should-run

.github/workflows/on-tag.yml

@@ -1,5 +1,5 @@
-# This workflow uploads the libxrpl recipe to the Conan remote when a versioned
-# tag is pushed.
+# This workflow uploads the libxrpl recipe to the Conan remote and builds
+# release packages when a versioned tag is pushed.
 name: Tag
 
 on:
@@ -22,3 +22,39 @@ jobs:
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}
       remote_password: ${{ secrets.CONAN_REMOTE_PASSWORD }}
+
+  build-test:
+    if: ${{ github.repository == 'XRPLF/rippled' }}
+    uses: ./.github/workflows/reusable-build-test.yml
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [linux]
+    with:
+      ccache_enabled: false
+      os: ${{ matrix.os }}
+      strategy_matrix: minimal
+    secrets:
+      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+
+  generate-version:
+    if: ${{ github.repository == 'XRPLF/rippled' }}
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          sparse-checkout: |
+            .github/actions/generate-version
+            src/libxrpl/protocol/BuildInfo.cpp
+      - name: Generate version
+        id: version
+        uses: ./.github/actions/generate-version
+
+  package:
+    needs: [build-test, generate-version]
+    uses: ./.github/workflows/reusable-package.yml
+    with:
+      version: ${{ needs.generate-version.outputs.version }}

.github/workflows/on-trigger.yml

@@ -24,6 +24,7 @@ on:
       - ".github/workflows/reusable-build-test.yml"
       - ".github/workflows/reusable-clang-tidy.yml"
       - ".github/workflows/reusable-clang-tidy-files.yml"
+      - ".github/workflows/reusable-package.yml"
       - ".github/workflows/reusable-strategy-matrix.yml"
       - ".github/workflows/reusable-test.yml"
       - ".github/workflows/reusable-upload-recipe.yml"
@@ -38,6 +39,7 @@ on:
       - "CMakeLists.txt"
       - "conanfile.py"
       - "conan.lock"
+      - "package/**"
 
   # Run at 06:32 UTC on every day of the week from Monday through Friday. This
   # will force all dependencies to be rebuilt, which is useful to verify that
@@ -98,3 +100,24 @@ jobs:
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}
       remote_password: ${{ secrets.CONAN_REMOTE_PASSWORD }}
+
+  generate-version:
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          sparse-checkout: |
+            .github/actions/generate-version
+            src/libxrpl/protocol/BuildInfo.cpp
+      - name: Generate version
+        id: version
+        uses: ./.github/actions/generate-version
+
+  package:
+    needs: [build-test, generate-version]
+    uses: ./.github/workflows/reusable-package.yml
+    with:
+      version: ${{ needs.generate-version.outputs.version }}

.github/workflows/reusable-package.yml

@@ -0,0 +1,91 @@
+# Build Linux packages (DEB and RPM) from pre-built binary artifacts.
+# Discovers which configurations to package from linux.json (entries with
+# "package": true) and fans out one job per entry.
+name: Package
+
+on:
+  workflow_call:
+    inputs:
+      pkg_release:
+        description: "Package release number. Increment when repackaging the same executable."
+        required: false
+        type: string
+        default: "1"
+      version:
+        description: "Version string used for naming the output artifact."
+        required: true
+        type: string
+
+defaults:
+  run:
+    shell: bash
+
+env:
+  BUILD_DIR: build
+
+jobs:
+  generate-matrix:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.generate.outputs.matrix }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Set up Python
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        with:
+          python-version: 3.13
+
+      - name: Generate packaging matrix
+        id: generate
+        working-directory: .github/scripts/strategy-matrix
+        run: |
+          ./generate.py --packaging --config=linux.json >> "${GITHUB_OUTPUT}"
+
+  package:
+    needs: generate-matrix
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
+    name: "${{ matrix.artifact_name }}"
+    permissions:
+      contents: read
+    runs-on: ["self-hosted", "Linux", "X64", "heavy"]
+    container: ${{ matrix.container_image }}
+    timeout-minutes: 30
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Set source date epoch
+        run: |
+          echo "SOURCE_DATE_EPOCH=$(git log -1 --format=%ct "$GITHUB_SHA")" >> "$GITHUB_ENV"
+
+      - name: Download pre-built binary
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        with:
+          name: ${{ matrix.artifact_name }}
+          path: ${{ env.BUILD_DIR }}
+
+      - name: Make binary executable
+        run: chmod +x "${BUILD_DIR}/xrpld"
+
+      - name: Build package
+        env:
+          PKG_VERSION: ${{ inputs.version }}
+          PKG_RELEASE: ${{ inputs.pkg_release }}
+          SOURCE_DATE_EPOCH: ${{ env.SOURCE_DATE_EPOCH }}
+        run: |
+          ./package/build_pkg.sh . "$BUILD_DIR" "$PKG_VERSION" "$PKG_RELEASE"
+
+      - name: Upload package artifact
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        with:
+          name: ${{ matrix.artifact_name }}-pkg-${{ inputs.version }}
+          path: |
+            ${{ env.BUILD_DIR }}/debbuild/*.deb
+            ${{ env.BUILD_DIR }}/debbuild/*.ddeb
+            ${{ env.BUILD_DIR }}/rpmbuild/RPMS/**/*.rpm
+          if-no-files-found: error

.github/workflows/reusable-strategy-matrix.yml

@@ -39,7 +39,8 @@ jobs:
       - name: Generate strategy matrix
         working-directory: .github/scripts/strategy-matrix
         id: generate
-        env:
-          GENERATE_CONFIG: ${{ inputs.os != '' && format('--config={0}.json', inputs.os) || '' }}
-          GENERATE_OPTION: ${{ inputs.strategy_matrix == 'all' && '--all' || '' }}
-        run: ./generate.py ${GENERATE_OPTION} ${GENERATE_CONFIG} >> "${GITHUB_OUTPUT}"
+        run: |
+          ./generate.py \
+            ${{ inputs.strategy_matrix == 'all' && '--all' || '' }} \
+            ${{ inputs.os != '' && format('--config={0}.json', inputs.os) || '' }} \
+            >> "${GITHUB_OUTPUT}"

CMakeLists.txt

@@ -134,6 +134,7 @@ endif()
 include(XrplCore)
 include(XrplProtocolAutogen)
 include(XrplInstall)
+include(XrplPackaging)
 include(XrplValidatorKeys)
 
 if(tests)

cmake/XrplInstall.cmake

@@ -12,14 +12,14 @@ if(is_root_project AND TARGET xrpld)
 
     install(
         FILES "${CMAKE_CURRENT_SOURCE_DIR}/cfg/xrpld-example.cfg"
-        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}/xrpld"
+        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}"
         RENAME xrpld.cfg
         COMPONENT runtime
     )
 
     install(
         FILES "${CMAKE_CURRENT_SOURCE_DIR}/cfg/validators-example.txt"
-        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}/xrpld"
+        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}"
         RENAME validators.txt
         COMPONENT runtime
     )

cmake/XrplPackaging.cmake

@@ -0,0 +1,136 @@
+#[===================================================================[
+   Linux packaging support: RPM and Debian targets + install tests
+#]===================================================================]
+
+if(NOT CMAKE_INSTALL_PREFIX STREQUAL "/opt/xrpld")
+    message(
+        STATUS
+        "Packaging targets require -DCMAKE_INSTALL_PREFIX=/opt/xrpld "
+        "(current: '${CMAKE_INSTALL_PREFIX}'); skipping."
+    )
+    return()
+endif()
+
+if(NOT DEFINED pkg_release)
+    set(pkg_release 1)
+endif()
+
+find_program(RPMBUILD_EXECUTABLE rpmbuild)
+find_program(DPKG_BUILDPACKAGE_EXECUTABLE dpkg-buildpackage)
+if(RPMBUILD_EXECUTABLE OR DPKG_BUILDPACKAGE_EXECUTABLE)
+    add_custom_target(
+        package
+        COMMAND
+            ${CMAKE_SOURCE_DIR}/package/build_pkg.sh ${CMAKE_SOURCE_DIR}
+            ${CMAKE_BINARY_DIR} "${xrpld_version}" ${pkg_release}
+        WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
+        DEPENDS xrpld
+        COMMENT "Building Linux package (deb/rpm inferred from host tooling)"
+        VERBATIM
+    )
+else()
+    message(
+        STATUS
+        "Neither rpmbuild nor dpkg-buildpackage found; 'package' target not available"
+    )
+endif()
+
+#[===================================================================[
+   CTest fixtures for package install verification (requires docker)
+#]===================================================================]
+
+find_program(DOCKER_EXECUTABLE docker)
+if(NOT DOCKER_EXECUTABLE)
+    message(STATUS "docker not found; package install tests not available")
+    return()
+endif()
+
+set(DEB_TEST_IMAGE
+    "geerlingguy/docker-ubuntu2204-ansible@sha256:bbe4c56c16c57c902554b9a47833590926b7a7d4440aef3d9851473b9f7be9d4"
+)
+set(RPM_TEST_IMAGE
+    "geerlingguy/docker-rockylinux9-ansible@sha256:790c2db9add93c0daa903ace816f352c9c04abb046ecfa12c581e8d4c59f41d6"
+)
+
+# Only register install-test fixtures for package formats the host can build,
+# since the smoketest needs a corresponding .deb/.rpm artifact in build/.
+set(PKG_TYPES "")
+if(DPKG_BUILDPACKAGE_EXECUTABLE)
+    list(APPEND PKG_TYPES deb)
+endif()
+if(RPMBUILD_EXECUTABLE)
+    list(APPEND PKG_TYPES rpm)
+endif()
+
+foreach(PKG IN LISTS PKG_TYPES)
+    if(PKG STREQUAL "deb")
+        set(IMAGE ${DEB_TEST_IMAGE})
+    else()
+        set(IMAGE ${RPM_TEST_IMAGE})
+    endif()
+
+    # This image runs systemd for full testing xrpld.service
+    add_test(
+        NAME ${PKG}_container_start
+        COMMAND
+            sh -c
+            "docker rm -f xrpld_${PKG}_install_test 2>/dev/null || true && \
+            docker run -d \
+            --name xrpld_${PKG}_install_test \
+            --cgroupns host \
+            --volume '${CMAKE_SOURCE_DIR}:/root:ro' \
+            --volume /sys/fs/cgroup:/sys/fs/cgroup:rw \
+            --tmpfs /run/lock \
+            ${IMAGE}"
+    )
+    set_tests_properties(
+        ${PKG}_container_start
+        PROPERTIES FIXTURES_SETUP ${PKG}_container LABELS packaging
+    )
+
+    # On CI: always stop. Locally: leave running on failure for diagnosis.
+    add_test(
+        NAME ${PKG}_container_stop
+        COMMAND
+            sh -c
+            "if [ -n \"$CI\" ] || ! docker exec xrpld_${PKG}_install_test test -f /tmp/test_failed 2>/dev/null; then \
+            docker rm -f xrpld_${PKG}_install_test; \
+        else \
+            echo 'Tests failed — leaving xrpld_${PKG}_install_test running for diagnosis'; \
+            echo 'Clean up with: docker rm -f xrpld_${PKG}_install_test'; \
+        fi"
+    )
+    set_tests_properties(
+        ${PKG}_container_stop
+        PROPERTIES FIXTURES_CLEANUP ${PKG}_container LABELS packaging
+    )
+
+    add_test(
+        NAME ${PKG}_install
+        COMMAND
+            docker exec -w /root xrpld_${PKG}_install_test bash
+            /root/package/test/smoketest.sh local
+    )
+    set_tests_properties(
+        ${PKG}_install
+        PROPERTIES
+            FIXTURES_REQUIRED ${PKG}_container
+            FIXTURES_SETUP ${PKG}_installed
+            LABELS packaging
+            TIMEOUT 600
+    )
+
+    add_test(
+        NAME ${PKG}_install_paths
+        COMMAND
+            docker exec -w /root xrpld_${PKG}_install_test sh
+            /root/package/test/check_install_paths.sh
+    )
+    set_tests_properties(
+        ${PKG}_install_paths
+        PROPERTIES
+            FIXTURES_REQUIRED "${PKG}_container;${PKG}_installed"
+            LABELS packaging
+            TIMEOUT 60
+    )
+endforeach()

cspell.config.yaml

@@ -97,12 +97,15 @@ words:
   - desync
   - desynced
   - determ
+  - disablerepo
   - distro
   - doxyfile
   - dxrpl
   - enabled
+  - enablerepo
   - endmacro
   - exceptioned
+  - EXPECT_STREQ
   - Falco
   - fcontext
   - finalizers
@@ -158,6 +161,7 @@ words:
   - Merkle
   - Metafuncton
   - misprediction
+  - missingok
   - mptbalance
   - MPTDEX
   - mptflags
@@ -189,7 +193,9 @@ words:
   - NOLINT
   - NOLINTNEXTLINE
   - nonxrp
+  - noreplace
   - noripple
+  - notifempty
   - nudb
   - nullptr
   - nunl
@@ -209,6 +215,7 @@ words:
   - preauthorize
   - preauthorizes
   - preclaim
+  - preun
   - protobuf
   - protos
   - ptrs
@@ -243,12 +250,14 @@ words:
   - sfields
   - shamap
   - shamapitem
+  - shlibs
   - sidechain
   - SIGGOOD
   - sle
   - sles
   - soci
   - socidb
+  - SRPMS
   - sslws
   - statsd
   - STATSDCOLLECTOR
@@ -276,8 +285,8 @@ words:
   - txn
   - txns
   - txs
-  - UBSAN
   - ubsan
+  - UBSAN
   - umant
   - unacquired
   - unambiguity
@@ -314,7 +323,6 @@ words:
   - xbridge
   - xchain
   - ximinez
-  - EXPECT_STREQ
   - XMACRO
   - xrpkuwait
   - xrpl

include/xrpl/basics/Archive.h

@@ -1,6 +1,6 @@
 #pragma once
 
-#include <filesystem>
+#include <boost/filesystem.hpp>
 
 namespace xrpl {
 
@@ -12,6 +12,6 @@ namespace xrpl {
     @throws runtime_error
 */
 void
-extractTarLz4(std::filesystem::path const& src, std::filesystem::path const& dst);
+extractTarLz4(boost::filesystem::path const& src, boost::filesystem::path const& dst);
 
 }  // namespace xrpl

include/xrpl/basics/DecayingSample.h

@@ -67,8 +67,10 @@ private:
             }
             else
             {
-                while ((elapsed--) != 0u)
+                for (; elapsed > 0; --elapsed)
+                {
                     m_value -= (m_value + Window - 1) / Window;
+                }
             }
         }
 

include/xrpl/basics/FileUtilities.h

@@ -1,22 +1,22 @@
 #pragma once
 
-#include <filesystem>
+#include <boost/filesystem.hpp>
+#include <boost/system/error_code.hpp>
+
 #include <optional>
-#include <string>
-#include <system_error>
 
 namespace xrpl {
 
 std::string
 getFileContents(
-    std::error_code& ec,
-    std::filesystem::path const& sourcePath,
+    boost::system::error_code& ec,
+    boost::filesystem::path const& sourcePath,
     std::optional<std::size_t> maxSize = std::nullopt);
 
 void
 writeFileContents(
-    std::error_code& ec,
-    std::filesystem::path const& destPath,
+    boost::system::error_code& ec,
+    boost::filesystem::path const& destPath,
     std::string const& contents);
 
 }  // namespace xrpl

include/xrpl/basics/Log.h

@@ -4,8 +4,8 @@
 #include <xrpl/beast/utility/Journal.h>
 
 #include <boost/beast/core/string.hpp>
+#include <boost/filesystem.hpp>
 
-#include <filesystem>
 #include <fstream>
 #include <map>
 #include <memory>
@@ -88,7 +88,7 @@ private:
             @return `true` if the file was opened.
         */
         bool
-        open(std::filesystem::path const& path);
+        open(boost::filesystem::path const& path);
 
         /** Close and re-open the system file associated with the log
             This assists in interoperating with external log management tools.
@@ -130,7 +130,7 @@ private:
 
     private:
         std::unique_ptr<std::ofstream> m_stream;
-        std::filesystem::path m_path;
+        boost::filesystem::path m_path;
     };
 
     std::mutex mutable mutex_;
@@ -149,7 +149,7 @@ public:
     virtual ~Logs() = default;
 
     bool
-    open(std::filesystem::path const& pathToLogFile);
+    open(boost::filesystem::path const& pathToLogFile);
 
     beast::Journal::Sink&
     get(std::string const& name);

include/xrpl/beast/test/yield_to.h

@@ -43,8 +43,10 @@ public:
         : work_(boost::asio::make_work_guard(ios_))
     {
         threads_.reserve(concurrency);
-        while ((concurrency--) != 0u)
+        for (std::size_t i = 0; i < concurrency; ++i)
+        {
             threads_.emplace_back([&] { ios_.run(); });
+        }
     }
 
     ~enable_yield_to()

include/xrpl/beast/unit_test/suite.h

@@ -6,10 +6,10 @@
 
 #include <xrpl/beast/unit_test/runner.h>
 
+#include <boost/filesystem.hpp>
 #include <boost/lexical_cast.hpp>
 #include <boost/throw_exception.hpp>
 
-#include <filesystem>
 #include <ostream>
 #include <sstream>
 #include <string>
@@ -25,7 +25,7 @@ make_reason(String const& reason, char const* file, int line)
     std::string s(reason);
     if (!s.empty())
         s.append(": ");
-    namespace fs = std::filesystem;
+    namespace fs = boost::filesystem;
     s.append(fs::path{file}.filename().string());
     s.append("(");
     s.append(boost::lexical_cast<std::string>(line));

include/xrpl/beast/utility/temp_dir.h

@@ -1,11 +1,8 @@
 #pragma once
 
-#include <filesystem>
-#include <iomanip>
-#include <random>
-#include <sstream>
+#include <boost/filesystem.hpp>
+
 #include <string>
-#include <system_error>
 
 namespace beast {
 
@@ -16,7 +13,7 @@ namespace beast {
 */
 class temp_dir
 {
-    std::filesystem::path path_;
+    boost::filesystem::path path_;
 
 public:
 #if !GENERATING_DOCS
@@ -28,30 +25,20 @@ public:
     /// Construct a temporary directory.
     temp_dir()
     {
-        auto const dir = std::filesystem::temp_directory_path();
-        std::random_device rd;
-        constexpr std::size_t maxAttempts = 100;
-        for (std::size_t attempt = 0; attempt < maxAttempts; ++attempt)
+        auto const dir = boost::filesystem::temp_directory_path();
+        do
         {
-            std::error_code ec;
-            std::ostringstream oss;
-            oss << std::hex << std::setfill('0') << std::setw(8) << rd() << std::setw(8) << rd();
-            path_ = dir / oss.str();
-            if (!std::filesystem::exists(path_, ec) && !ec)
-                break;
-            path_.clear();
-        }
-        if (path_.empty())
-            throw std::runtime_error("Unable to generate a unique temporary directory path");
-        std::filesystem::create_directory(path_);
+            path_ = dir / boost::filesystem::unique_path();
+        } while (boost::filesystem::exists(path_));
+        boost::filesystem::create_directory(path_);
     }
 
     /// Destroy a temporary directory.
     ~temp_dir()
     {
         // use non-throwing calls in the destructor
-        std::error_code ec;
-        std::filesystem::remove_all(path_, ec);
+        boost::system::error_code ec;
+        boost::filesystem::remove_all(path_, ec);
         // TODO: warn/notify if ec set ?
     }
 

include/xrpl/core/PerfLog.h

@@ -4,9 +4,10 @@
 #include <xrpl/core/JobTypes.h>
 #include <xrpl/json/json_value.h>
 
+#include <boost/filesystem.hpp>
+
 #include <chrono>
 #include <cstdint>
-#include <filesystem>
 #include <functional>
 #include <memory>
 #include <string>
@@ -42,7 +43,7 @@ public:
      */
     struct Setup
     {
-        std::filesystem::path perfLog;
+        boost::filesystem::path perfLog;
         // log_interval is in milliseconds to support faster testing.
         milliseconds logInterval{seconds(1)};
     };
@@ -147,7 +148,7 @@ public:
 };
 
 PerfLog::Setup
-setup_PerfLog(Section const& section, std::filesystem::path const& configDir);
+setup_PerfLog(Section const& section, boost::filesystem::path const& configDir);
 
 std::unique_ptr<PerfLog>
 make_PerfLog(

include/xrpl/nodestore/detail/varint.h

@@ -54,8 +54,9 @@ read_varint(void const* buf, std::size_t buflen, std::size_t& t)
         return 1;
     }
     auto const used = n;
-    while (n--)
+    while (n > 0)
     {
+        --n;
         auto const d = p[n];
         auto const t0 = t;
         t *= 127;

include/xrpl/protocol/detail/features.macro

@@ -15,6 +15,7 @@
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
 
+XRPL_FIX    (Cleanup3_2_0,                Supported::no, VoteBehavior::DefaultNo)
 XRPL_FEATURE(MPTokensV2,                  Supported::no, VoteBehavior::DefaultNo)
 XRPL_FIX    (Security3_1_3,               Supported::no, VoteBehavior::DefaultNo)
 XRPL_FIX    (PermissionedDomainInvariant, Supported::yes, VoteBehavior::DefaultNo)

include/xrpl/protocol_autogen/LedgerEntryBase.h

@@ -130,6 +130,19 @@ public:
         return sle_->at(sfFlags);
     }
 
+    /**
+     * @brief Check if a specific flag is set.
+     *
+     * @param f The flag bitmask to check
+     * @return true if all bits in f are set in the flags field
+     */
+    [[nodiscard]]
+    bool
+    isFlag(std::uint32_t f) const
+    {
+        return sle_->isFlag(f);
+    }
+
     /**
      * @brief Get the underlying SLE object.
      *

include/xrpl/rdb/DatabaseCon.h

@@ -6,7 +6,8 @@
 #include <xrpl/rdb/DBInit.h>
 #include <xrpl/rdb/SociDB.h>
 
-#include <filesystem>
+#include <boost/filesystem/path.hpp>
+
 #include <mutex>
 #include <optional>
 #include <string>
@@ -71,7 +72,7 @@ public:
 
         StartUpType startUp = StartUpType::Normal;
         bool standAlone = false;
-        std::filesystem::path dataDir;
+        boost::filesystem::path dataDir;
         // Indicates whether or not to return the `globalPragma`
         // from commonPragma()
         bool useGlobalPragma = false;
@@ -134,7 +135,7 @@ public:
 
     template <std::size_t N, std::size_t M>
     DatabaseCon(
-        std::filesystem::path const& dataDir,
+        boost::filesystem::path const& dataDir,
         std::string const& dbName,
         std::array<std::string, N> const& pragma,
         std::array<char const*, M> const& initSQL,
@@ -146,7 +147,7 @@ public:
     // Use this constructor to setup checkpointing
     template <std::size_t N, std::size_t M>
     DatabaseCon(
-        std::filesystem::path const& dataDir,
+        boost::filesystem::path const& dataDir,
         std::string const& dbName,
         std::array<std::string, N> const& pragma,
         std::array<char const*, M> const& initSQL,
@@ -181,7 +182,7 @@ private:
 
     template <std::size_t N, std::size_t M>
     DatabaseCon(
-        std::filesystem::path const& pPath,
+        boost::filesystem::path const& pPath,
         std::vector<std::string> const* commonPragma,
         std::array<std::string, N> const& pragma,
         std::array<char const*, M> const& initSQL,

include/xrpl/rdb/RelationalDatabase.h

@@ -10,6 +10,7 @@
 #include <xrpl/protocol/TxSearched.h>
 #include <xrpl/rdb/DatabaseCon.h>
 
+#include <boost/filesystem.hpp>
 #include <boost/variant.hpp>
 
 namespace xrpl {

include/xrpl/server/State.h

@@ -4,6 +4,8 @@
 #include <xrpl/rdb/DatabaseCon.h>
 #include <xrpl/server/Manifest.h>
 
+#include <boost/filesystem.hpp>
+
 namespace xrpl {
 
 struct SavedState

package/README.md

@@ -0,0 +1,160 @@
+# Linux Packaging
+
+This directory contains all files needed to build RPM and Debian packages for `xrpld`.
+
+## Directory layout
+
+```
+package/
+  build_pkg.sh      Staging and build script (called by CMake targets and CI)
+  rpm/
+    xrpld.spec      RPM spec (xrpld_version/pkg_release passed via rpmbuild --define)
+  debian/           Debian control files (control, rules, install, links, conffiles, ...)
+  shared/
+    xrpld.service       systemd unit file (used by both RPM and DEB)
+    xrpld.sysusers      sysusers.d config (used by both RPM and DEB)
+    xrpld.tmpfiles      tmpfiles.d config (used by both RPM and DEB)
+    xrpld.logrotate     logrotate config (installed to /opt/xrpld/bin/, user activates)
+    update-xrpld.sh     auto-update script (installed to /opt/xrpld/bin/)
+    update-xrpld-cron   cron entry for auto-update (installed to /opt/xrpld/bin/)
+  test/
+    smoketest.sh            Package install smoke test
+    check_install_paths.sh  Verify install paths and compat symlinks
+```
+
+## Prerequisites
+
+Packaging targets and their container images are declared in
+[`.github/scripts/strategy-matrix/linux.json`](../.github/scripts/strategy-matrix/linux.json)
+via a `"package": true` field on specific os entries. The package format
+(deb or rpm) is inferred at build time from the container's package manager
+(`apt-get` -> deb, `dnf`/`yum` -> rpm). The image tag is composed as
+`ghcr.io/xrplf/ci/{distro}-{version}:{compiler}-{cver}-sha-{image_sha}` —
+the same scheme used by `reusable-build-test.yml`. Bump `image_sha` in
+`linux.json` and both CI and local builds pick up the new image with no
+workflow edits.
+
+| Package type | Image (derived from `linux.json`)                    | Tool required                                                   |
+| ------------ | ---------------------------------------------------- | --------------------------------------------------------------- |
+| RPM          | `ghcr.io/xrplf/ci/rhel-9:gcc-12-sha-<git_sha>`       | `rpmbuild`                                                      |
+| DEB          | `ghcr.io/xrplf/ci/ubuntu-jammy:gcc-12-sha-<git_sha>` | `dpkg-buildpackage`, `debhelper (>= 13)`, `dh-sequence-systemd` |
+
+To print the exact image tags for the current `linux.json`:
+
+```bash
+./.github/scripts/strategy-matrix/generate.py --packaging --config=.github/scripts/strategy-matrix/linux.json
+```
+
+## Building packages
+
+### Via CI
+
+Caller workflows (`on-pr.yml`, `on-tag.yml`, `on-trigger.yml`) call
+`reusable-strategy-matrix.yml` with `mode: packaging` to generate the matrix of
+`{artifact_name, container_image}` entries, then fan out to
+`reusable-package.yml` per entry. That workflow downloads the pre-built `xrpld`
+binary artifact, detects the package format from the container, and calls
+`build_pkg.sh` directly — no CMake configure or build step is needed inside
+the packaging job.
+
+### Locally (mirrors CI)
+
+With an `xrpld` binary already built at `build/xrpld`, run the packaging step
+inside the same container CI uses. The image tag is derived from `linux.json`
+so you don't need to hardcode a SHA.
+
+```bash
+# From the repo root. Pick any image flagged with `"package": true` in
+# linux.json; the package format is inferred from the container's package
+# manager. Example for the rpm-producing image:
+IMAGE=$(jq -r '
+  .os | map(select(.package == true))[0] |
+  "ghcr.io/xrplf/ci/\(.distro_name)-\(.distro_version):\(.compiler_name)-\(.compiler_version)-sha-\(.image_sha)"
+' .github/scripts/strategy-matrix/linux.json)
+
+VERSION=2.4.0-local
+PKG_RELEASE=1
+
+docker run --rm \
+  -v "$(pwd):/src" \
+  -w /src \
+  "$IMAGE" \
+  ./package/build_pkg.sh . build "$VERSION" "$PKG_RELEASE"
+
+# Output:
+#   build/debbuild/*.deb         (DEB + dbgsym .ddeb)
+#   build/rpmbuild/RPMS/x86_64/*.rpm
+```
+
+### Via CMake (host-side target)
+
+If you run CMake configure on a host that has `rpmbuild` or `dpkg-buildpackage`
+installed natively, you can use the CMake target directly — no container
+needed, but the host toolchain replaces the pinned CI image:
+
+```bash
+cmake \
+  -DCMAKE_INSTALL_PREFIX=/opt/xrpld \
+  -Dxrpld=ON \
+  -Dxrpld_version=2.4.0-local \
+  -Dtests=OFF \
+  ..
+
+cmake --build . --target package       # deb on Debian/Ubuntu, rpm on RHEL
+```
+
+The `cmake/XrplPackaging.cmake` module defines the target only if at least one
+of `rpmbuild` / `dpkg-buildpackage` is present; `build_pkg.sh` then infers the
+package format from the host's package manager. `CMAKE_INSTALL_PREFIX` must
+be `/opt/xrpld`; if it is not, both targets are skipped with a `STATUS`
+message.
+
+## How `build_pkg.sh` works
+
+`build_pkg.sh <src_dir> <build_dir> [version] [pkg_release]` stages
+all files and invokes the platform build tool. It resolves `src_dir` and
+`build_dir` to absolute paths, then calls `stage_common()` to copy the binary,
+config files, and shared support files into the staging area. The package
+format is taken from the `PKG_TYPE` env var if set; otherwise it is inferred
+from the available package manager (`apt-get` -> deb, `dnf`/`yum` -> rpm).
+
+### RPM
+
+1. Creates the standard `rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}` tree inside the build directory.
+2. Copies `xrpld.spec` and all source files (binary, configs, service files) into `SOURCES/`.
+3. Runs `rpmbuild -bb --define "xrpld_version ..." --define "pkg_release ..."`. The spec uses manual `install` commands to place files.
+4. Output: `rpmbuild/RPMS/x86_64/xrpld-*.rpm`
+
+### DEB
+
+1. Creates a staging source tree at `debbuild/source/` inside the build directory.
+2. Stages the binary, configs, `README.md`, and `LICENSE.md`.
+3. Copies `package/deb/debian/` control files into `debbuild/source/debian/`.
+4. Copies shared service/sysusers/tmpfiles into `debian/` where `dh_installsystemd`, `dh_installsysusers`, and `dh_installtmpfiles` pick them up automatically.
+5. Generates a minimal `debian/changelog` (pre-release versions use `~` instead of `-`).
+6. Runs `dpkg-buildpackage -b --no-sign`. `debian/rules` uses manual `install` commands.
+7. Output: `debbuild/*.deb` and `debbuild/*.ddeb` (dbgsym package)
+
+## Post-build verification
+
+```bash
+# DEB
+dpkg-deb -c debbuild/*.deb | grep -E 'systemd|sysusers|tmpfiles'
+lintian -I debbuild/*.deb
+
+# RPM
+rpm -qlp rpmbuild/RPMS/x86_64/*.rpm
+```
+
+## Reproducibility
+
+The following environment variables improve build reproducibility. They are not
+set automatically by `build_pkg.sh`; set them manually if needed:
+
+```bash
+export SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)
+export TZ=UTC
+export LC_ALL=C.UTF-8
+export GZIP=-n
+export DEB_BUILD_OPTIONS="noautodbgsym reproducible=+fixfilepath"
+```

package/build_pkg.sh

@@ -0,0 +1,134 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Build an RPM or Debian package from a pre-built xrpld binary.
+#
+# Usage: build_pkg.sh <src_dir> <build_dir> [version] [pkg_release]
+#   src_dir     : path to repository root
+#   build_dir   : directory containing the pre-built xrpld binary
+#   version     : package version string (e.g. 3.2.0-b1)
+#   pkg_release : package release number (default: 1)
+#
+# The package format is taken from the PKG_TYPE env var if set; otherwise it
+# is inferred from the available package manager (apt-get -> deb, dnf/yum -> rpm).
+
+SRC_DIR="$(cd "${1:?src_dir required}" && pwd)"
+BUILD_DIR="$(cd "${2:?build_dir required}" && pwd)"
+VERSION="${3:-$("${BUILD_DIR}/xrpld" --version | awk 'NR==1 {print $3}')}"
+PKG_RELEASE="${4:-1}"
+
+if [[ -z "${PKG_TYPE:-}" ]]; then
+    if command -v apt-get >/dev/null 2>&1; then
+        PKG_TYPE=deb
+    elif command -v dnf >/dev/null 2>&1 || command -v yum >/dev/null 2>&1; then
+        PKG_TYPE=rpm
+    else
+        echo "Cannot infer PKG_TYPE: no apt-get, dnf, or yum on PATH." >&2
+        exit 1
+    fi
+fi
+
+if [[ -z "${SOURCE_DATE_EPOCH:-}" ]]; then
+    if git -C "$SRC_DIR" rev-parse --is-inside-work-tree >/dev/null 2>&1; then
+        SOURCE_DATE_EPOCH="$(git -C "$SRC_DIR" log -1 --format=%ct)"
+    else
+        SOURCE_DATE_EPOCH="$(date +%s)"
+    fi
+fi
+export SOURCE_DATE_EPOCH
+CHANGELOG_DATE="$(date -u -R -d "@$SOURCE_DATE_EPOCH")"
+
+# Split VERSION at the first '-' into base and optional pre-release suffix.
+# Examples: "3.2.0" -> ("3.2.0", ""); "3.2.0-b1" -> ("3.2.0", "b1").
+VER_BASE="${VERSION%%-*}"
+VER_SUFFIX="${VERSION#*-}"
+[[ "${VER_SUFFIX}" == "${VERSION}" ]] && VER_SUFFIX=""
+
+SHARED="${SRC_DIR}/package/shared"
+DEBIAN_DIR="${SRC_DIR}/package/debian"
+
+# Stage files that both packaging systems consume using the same filenames.
+stage_common() {
+    local dest="$1"
+    mkdir -p "${dest}"
+
+    cp "${BUILD_DIR}/xrpld"                       "${dest}/xrpld"
+    cp "${SRC_DIR}/cfg/xrpld-example.cfg"         "${dest}/xrpld.cfg"
+    cp "${SRC_DIR}/cfg/validators-example.txt"    "${dest}/validators.txt"
+    cp "${SRC_DIR}/LICENSE.md"                    "${dest}/LICENSE.md"
+    cp "${SRC_DIR}/README.md"                     "${dest}/README.md"
+
+    cp "${SHARED}/xrpld.service"                  "${dest}/xrpld.service"
+    cp "${SHARED}/xrpld.sysusers"                 "${dest}/xrpld.sysusers"
+    cp "${SHARED}/xrpld.tmpfiles"                 "${dest}/xrpld.tmpfiles"
+    cp "${SHARED}/xrpld.logrotate"                "${dest}/xrpld.logrotate"
+    cp "${SHARED}/update-xrpld.sh"                "${dest}/update-xrpld.sh"
+    cp "${SHARED}/update-xrpld-cron"              "${dest}/update-xrpld-cron"
+    cp "${SHARED}/update-xrpld.service"           "${dest}/update-xrpld.service"
+    cp "${SHARED}/update-xrpld.timer"             "${dest}/update-xrpld.timer"
+    cp "${SHARED}/50-xrpld.preset"                "${dest}/50-xrpld.preset"
+}
+
+build_rpm() {
+    local topdir="${BUILD_DIR}/rpmbuild"
+    rm -rf "${topdir}"
+    mkdir -p "${topdir}"/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
+
+    cp "${SRC_DIR}/package/rpm/xrpld.spec" "${topdir}/SPECS/xrpld.spec"
+    stage_common "${topdir}/SOURCES"
+
+    # RPM Version can't contain '-'. A pre-release goes in Release with a
+    # leading "0." so 3.2.0-b1 sorts before the final 3.2.0-<pkg_release>.
+    local rpm_release="${PKG_RELEASE}"
+    [[ -n "${VER_SUFFIX}" ]] && rpm_release="0.${VER_SUFFIX}.${PKG_RELEASE}"
+
+    set -x
+    rpmbuild -bb \
+        --define "_topdir ${topdir}" \
+        --define "xrpld_version ${VER_BASE}" \
+        --define "xrpld_release ${rpm_release}" \
+        "${topdir}/SPECS/xrpld.spec"
+}
+
+build_deb() {
+    local staging="${BUILD_DIR}/debbuild/source"
+    rm -rf "${staging}"
+    mkdir -p "${staging}"
+
+    stage_common "${staging}"
+    cp -r "${DEBIAN_DIR}" "${staging}/debian"
+
+    # Debhelper auto-discovers these only from debian/.
+    cp "${staging}/xrpld.service"        "${staging}/debian/xrpld.service"
+    cp "${staging}/xrpld.sysusers"       "${staging}/debian/xrpld.sysusers"
+    cp "${staging}/xrpld.tmpfiles"       "${staging}/debian/xrpld.tmpfiles"
+    cp "${staging}/update-xrpld.service" "${staging}/debian/xrpld.update-xrpld.service"
+    cp "${staging}/update-xrpld.timer"   "${staging}/debian/xrpld.update-xrpld.timer"
+    # Debian '~' marks a pre-release; 3.2.0~b1 sorts before 3.2.0.
+    local deb_full_version="${VER_BASE}${VER_SUFFIX:+~${VER_SUFFIX}}-${PKG_RELEASE}"
+
+    # Derive release channel from the version suffix:
+    #   (none)      -> stable    (tagged release)
+    #   b0          -> develop   (develop-branch build)
+    #   b<N>, rc<N> -> unstable  (pre-release)
+    local deb_distribution
+    case "${VER_SUFFIX}" in
+        "")   deb_distribution="stable" ;;
+        b0)   deb_distribution="develop" ;;
+        *)    deb_distribution="unstable" ;;
+    esac
+
+    cat > "${staging}/debian/changelog" <<EOF
+xrpld (${deb_full_version}) ${deb_distribution}; urgency=medium
+  * Release ${VERSION}.
+
+ -- XRPL Foundation <contact@xrplf.org>  ${CHANGELOG_DATE}
+EOF
+
+    chmod +x "${staging}/debian/rules"
+
+    set -x
+    ( cd "${staging}" && dpkg-buildpackage -b --no-sign -d )
+}
+
+"build_${PKG_TYPE}"

package/debian/control

@@ -0,0 +1,23 @@
+Source: xrpld
+Section: net
+Priority: optional
+Maintainer: XRPL Foundation <contact@xrplf.org>
+Rules-Requires-Root: no
+Build-Depends:
+ debhelper-compat (= 13)
+Standards-Version: 4.7.0
+Homepage: https://github.com/XRPLF/rippled
+Vcs-Git: https://github.com/XRPLF/rippled.git
+Vcs-Browser: https://github.com/XRPLF/rippled
+
+Package: xrpld
+Section: net
+Priority: optional
+Architecture: any
+Depends:
+ ${shlibs:Depends},
+ ${misc:Depends}
+Description: XRP Ledger daemon
+ Reference implementation of the XRP Ledger protocol. Participates
+ in the peer-to-peer network, processes transactions, and maintains
+ a local ledger copy.

package/debian/copyright

@@ -0,0 +1,20 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: rippled
+Source: https://github.com/XRPLF/rippled
+
+Files: *
+Copyright: 2012-2026 Ripple Labs Inc.
+License: ISC
+
+License: ISC
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/debian/rules

@@ -0,0 +1,34 @@
+#!/usr/bin/make -f
+
+export DH_VERBOSE = 1
+export DH_OPTIONS = -v
+
+%:
+	dh $@
+
+override_dh_auto_configure override_dh_auto_build override_dh_auto_test:
+	@:
+
+override_dh_auto_install:
+	install -Dm0755 xrpld              debian/tmp/opt/xrpld/bin/xrpld
+	install -Dm0644 xrpld.cfg          debian/tmp/opt/xrpld/etc/xrpld.cfg
+	install -Dm0644 validators.txt     debian/tmp/opt/xrpld/etc/validators.txt
+	install -Dm0644 xrpld.logrotate    debian/tmp/opt/xrpld/bin/xrpld.logrotate
+	install -Dm0755 update-xrpld.sh    debian/tmp/opt/xrpld/bin/update-xrpld.sh
+	install -Dm0644 update-xrpld-cron  debian/tmp/opt/xrpld/bin/update-xrpld-cron
+	install -Dm0644 README.md          debian/tmp/usr/share/doc/xrpld/README.md
+	install -Dm0644 LICENSE.md         debian/tmp/usr/share/doc/xrpld/LICENSE.md
+
+# update-xrpld.service is a Type=oneshot fired by update-xrpld.timer; installing
+# it without --no-start would run the update on package install.
+override_dh_installsystemd:
+	dh_installsystemd xrpld.service
+	dh_installsystemd --name=update-xrpld --no-enable --no-start update-xrpld.service update-xrpld.timer
+
+execute_before_dh_installtmpfiles:
+	dh_installsysusers
+
+override_dh_installsysusers:
+
+override_dh_dwz:
+	@:

package/debian/source/format

@@ -0,0 +1 @@
+3.0 (quilt)

package/debian/xrpld.conffiles

@@ -0,0 +1,2 @@
+/opt/xrpld/etc/xrpld.cfg
+/opt/xrpld/etc/validators.txt

package/debian/xrpld.install

@@ -0,0 +1,10 @@
+opt/xrpld/bin/xrpld
+opt/xrpld/bin/xrpld.logrotate
+opt/xrpld/bin/update-xrpld.sh
+opt/xrpld/bin/update-xrpld-cron
+
+opt/xrpld/etc/xrpld.cfg
+opt/xrpld/etc/validators.txt
+
+usr/share/doc/xrpld/README.md
+usr/share/doc/xrpld/LICENSE.md

package/debian/xrpld.links

@@ -0,0 +1,10 @@
+opt/xrpld/etc etc/opt/xrpld
+
+opt/xrpld/bin/xrpld usr/bin/xrpld
+
+# remove when "rippled" deprecated
+opt/xrpld/bin/xrpld opt/xrpld/bin/rippled
+opt/xrpld/bin/xrpld usr/local/bin/rippled
+opt/xrpld/etc/xrpld.cfg opt/xrpld/etc/rippled.cfg
+opt/xrpld opt/ripple
+etc/opt/xrpld etc/opt/ripple

package/rpm/xrpld.spec

@@ -0,0 +1,111 @@
+Name:     xrpld
+Version:  %{xrpld_version}
+Release:  %{xrpld_release}%{?dist}
+Summary:  XRP Ledger daemon
+
+License:  ISC
+URL:      https://github.com/XRPLF/rippled
+
+ExclusiveArch: x86_64 aarch64
+BuildRequires: systemd-rpm-macros
+
+%undefine _debugsource_packages
+%debug_package
+
+%build_mtime_policy clamp_to_source_date_epoch
+
+%{?systemd_requires}
+%{?sysusers_requires_compat}
+
+%description
+xrpld is the reference implementation of the XRP Ledger protocol. It
+participates in the peer-to-peer XRP Ledger network, processes
+transactions, and maintains the ledger database.
+
+%prep
+:
+
+%install
+rm -rf %{buildroot}
+
+SRC=%{_sourcedir}
+
+install -Dm0755 ${SRC}/xrpld           %{buildroot}/opt/xrpld/bin/xrpld
+install -Dm0644 ${SRC}/xrpld.cfg       %{buildroot}/opt/xrpld/etc/xrpld.cfg
+install -Dm0644 ${SRC}/validators.txt  %{buildroot}/opt/xrpld/etc/validators.txt
+
+mkdir -p %{buildroot}/etc/opt  %{buildroot}/usr/bin %{buildroot}/usr/local/bin
+ln -s /opt/xrpld/etc           %{buildroot}/etc/opt/xrpld
+ln -s /opt/xrpld/bin/xrpld     %{buildroot}/usr/bin/xrpld
+
+# TODO: remove when rippled deprecated
+ln -s xrpld                 %{buildroot}/opt/xrpld/bin/rippled
+ln -s /opt/xrpld/bin/xrpld  %{buildroot}/usr/local/bin/rippled
+ln -s xrpld.cfg             %{buildroot}/opt/xrpld/etc/rippled.cfg
+ln -s /opt/xrpld            %{buildroot}/opt/ripple
+ln -s /etc/opt/xrpld        %{buildroot}/etc/opt/ripple
+
+install -Dm0644 ${SRC}/xrpld.service        %{buildroot}%{_unitdir}/xrpld.service
+install -Dm0644 ${SRC}/update-xrpld.service %{buildroot}%{_unitdir}/update-xrpld.service
+install -Dm0644 ${SRC}/update-xrpld.timer   %{buildroot}%{_unitdir}/update-xrpld.timer
+
+install -Dm0644 ${SRC}/xrpld.sysusers %{buildroot}%{_sysusersdir}/xrpld.conf
+install -Dm0644 ${SRC}/xrpld.tmpfiles %{buildroot}%{_tmpfilesdir}/xrpld.conf
+
+install -Dm0644 ${SRC}/50-xrpld.preset %{buildroot}%{_presetdir}/50-xrpld.preset
+
+install -Dm0755 ${SRC}/update-xrpld.sh    %{buildroot}/opt/xrpld/bin/update-xrpld.sh
+install -Dm0644 ${SRC}/update-xrpld-cron  %{buildroot}/opt/xrpld/bin/update-xrpld-cron
+install -Dm0644 ${SRC}/xrpld.logrotate    %{buildroot}/opt/xrpld/bin/xrpld.logrotate
+
+install -Dm0644 ${SRC}/LICENSE.md %{buildroot}/opt/xrpld/share/LICENSE.md
+install -Dm0644 ${SRC}/README.md  %{buildroot}/opt/xrpld/share/README.md
+
+%pre
+%sysusers_create_package xrpld %{_sourcedir}/xrpld.sysusers
+
+%post
+systemd-tmpfiles --create %{_tmpfilesdir}/xrpld.conf || :
+%systemd_post xrpld.service update-xrpld.timer
+
+%preun
+%systemd_preun xrpld.service update-xrpld.timer
+
+%postun
+%systemd_postun_with_restart xrpld.service
+
+%files
+%license /opt/xrpld/share/LICENSE.md
+%doc /opt/xrpld/share/README.md
+
+%dir /opt/xrpld
+%dir /opt/xrpld/bin
+%dir /opt/xrpld/etc
+
+/opt/xrpld/bin/xrpld
+/opt/xrpld/bin/xrpld.logrotate
+/opt/xrpld/bin/update-xrpld.sh
+/opt/xrpld/bin/update-xrpld-cron
+
+/usr/bin/xrpld
+/etc/opt/xrpld
+
+%config(noreplace) /opt/xrpld/etc/xrpld.cfg
+%config(noreplace) /opt/xrpld/etc/validators.txt
+
+%{_unitdir}/xrpld.service
+%{_unitdir}/update-xrpld.service
+%{_unitdir}/update-xrpld.timer
+%{_presetdir}/50-xrpld.preset
+%{_sysusersdir}/xrpld.conf
+%{_tmpfilesdir}/xrpld.conf
+
+%ghost %dir /var/lib/xrpld
+%ghost %dir /var/log/xrpld
+
+# TODO: remove when rippled deprecated
+/opt/xrpld/bin/rippled
+/usr/local/bin/rippled
+/opt/xrpld/etc/rippled.cfg
+/etc/opt/ripple
+/opt/ripple

package/shared/50-xrpld.preset

@@ -0,0 +1,4 @@
+# /usr/lib/systemd/system-preset/50-xrpld.preset
+enable xrpld.service
+# Don't enable automatic updates
+disable update-xrpld.timer

package/shared/update-xrpld-cron

@@ -0,0 +1,9 @@
+# For automatic updates, symlink this file to /etc/cron.d/
+# Do not remove the newline at the end of this cron script
+
+# bash required for use of RANDOM below.
+SHELL=/bin/bash
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+# invoke check/update script with random delay up to 59 mins
+0 * * * * root sleep $((RANDOM*3540/32768)) && /opt/xrpld/bin/update-xrpld.sh

package/shared/update-xrpld.service

@@ -0,0 +1,16 @@
+[Unit]
+Description=Check for and install xrpld package updates
+Documentation=man:systemd.service(5)
+Wants=network-online.target
+After=network-online.target
+ConditionPathExists=/opt/xrpld/bin/update-xrpld.sh
+ConditionPathExists=/opt/xrpld/bin/xrpld
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/flock -n /run/lock/xrpld-update.lock /opt/xrpld/bin/update-xrpld.sh
+StandardOutput=journal
+StandardError=journal
+SyslogIdentifier=update-xrpld
+TimeoutStartSec=30min
+PrivateTmp=true

package/shared/update-xrpld.sh

@@ -0,0 +1,145 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Optional: also write logs to a legacy file in addition to journald.
+# By default, this script logs to systemd/journald, viewable via:
+#   journalctl -t update-xrpld
+#
+# Uncomment the line below if you need a flat file for compatibility with
+# external tooling, manual inspection, or environments where journald logs
+# are not persisted or easily accessible.
+#
+# Note: This duplicates all output (stdout/stderr) to both journald and the file.
+# It is generally not needed on modern systems and may cause log file growth
+# if left enabled long-term.
+#
+# Requires /var/log/xrpld/ to exist and be writable by the service (root).
+#
+# exec > >(tee -a /var/log/xrpld/update.log) 2>&1
+
+PATH=/usr/sbin:/usr/bin:/sbin:/bin
+
+PKG_NAME=${PKG_NAME:-xrpld}
+
+log() {
+# If running under systemd/journald, let it handle timestamps.
+    if [[ -n "${JOURNAL_STREAM:-}" ]]; then
+        printf '%s\n' "$*"
+    else
+        printf '%s %s\n' "$(date -u +'%Y-%m-%dT%H:%M:%SZ')" "$*"
+    fi
+}
+
+require_root() {
+    if [[ ${EUID:-$(id -u)} -ne 0 ]]; then
+        log "RESULT: failed reason=not-root"
+            exit 1
+    fi
+}
+
+get_installed_version() {
+    if command -v dpkg-query >/dev/null 2>&1; then
+        dpkg-query -W -f='${Version}' "$PKG_NAME" 2>/dev/null || printf 'unknown'
+    elif command -v rpm >/dev/null 2>&1; then
+        rpm -q --qf '%{VERSION}-%{RELEASE}' "$PKG_NAME" 2>/dev/null || printf 'unknown'
+    else
+        printf 'unknown'
+    fi
+}
+
+trap 'log "RESULT: failed reason=script-error exit_code=$?"' ERR
+
+apt_can_update() {
+    apt-get update -qq
+    apt-get -s --only-upgrade install "$PKG_NAME" 2>/dev/null | grep -q "^Inst ${PKG_NAME}\b"
+}
+
+apt_apply_update() {
+    DEBIAN_FRONTEND=noninteractive apt-get install -y -qq \
+        -o Dpkg::Options::="--force-confdef" \
+        -o Dpkg::Options::="--force-confold" \
+        "$PKG_NAME"
+}
+
+get_rpm_pm() {
+    if command -v dnf >/dev/null 2>&1; then
+        printf 'dnf\n'
+    elif command -v yum >/dev/null 2>&1; then
+        printf 'yum\n'
+    else
+        return 1
+    fi
+}
+
+rpm_refresh_metadata() {
+    local pm=$1
+    if [[ "$pm" == "dnf" ]]; then
+        dnf makecache --refresh -q >/dev/null
+    else
+        yum clean expire-cache -q >/dev/null
+    fi
+}
+
+rpm_can_update() {
+    local pm=$1
+
+    rpm_refresh_metadata "$pm"
+    local rc=0
+    set +e
+    "$pm" check-update -q "$PKG_NAME" >/dev/null 2>&1
+    rc=$?
+    set -e
+
+    if [[ $rc -eq 100 ]]; then
+        return 0
+    elif [[ $rc -eq 0 ]]; then
+        return 1
+    else
+        log "$pm check-update failed with exit code $rc"
+        exit 1
+    fi
+}
+
+rpm_apply_update() {
+    local pm=$1
+    "$pm" update -y "$PKG_NAME"
+}
+
+restart_service() {
+    systemctl restart "${PKG_NAME}.service"
+    log "${PKG_NAME} service restarted successfully"
+}
+
+main() {
+    require_root
+    if command -v apt-get >/dev/null 2>&1; then
+        log "Checking for ${PKG_NAME} updates via apt"
+        if apt_can_update; then
+            log "Update available; installing"
+            apt_apply_update
+            restart_service
+            log "RESULT: updated ${PKG_NAME}=$(get_installed_version)"
+        else
+            log "RESULT: no-update ${PKG_NAME}=$(get_installed_version)"
+        fi
+        return
+    fi
+
+    local rpm_pm=""
+    if rpm_pm="$(get_rpm_pm)"; then
+        log "Checking for ${PKG_NAME} updates via ${rpm_pm}"
+        if rpm_can_update "$rpm_pm"; then
+            log "Update available; installing"
+            rpm_apply_update "$rpm_pm"
+            restart_service
+            log "RESULT: updated ${PKG_NAME}=$(get_installed_version)"
+        else
+            log "RESULT: no-update ${PKG_NAME}=$(get_installed_version)"
+        fi
+        return
+    fi
+    log "RESULT: failed reason=no-package-manager"
+    exit 1
+}
+
+main "$@"

package/shared/update-xrpld.timer

@@ -0,0 +1,10 @@
+[Unit]
+Description=Daily xrpld update check
+
+[Timer]
+OnCalendar=*-*-* 00:00:00
+RandomizedDelaySec=1h
+Persistent=true
+
+[Install]
+WantedBy=timers.target

package/shared/xrpld.logrotate

@@ -0,0 +1,14 @@
+/var/log/xrpld/*.log {
+  daily
+  minsize 200M
+  rotate 7
+  nocreate
+  missingok
+  notifempty
+  compress
+  compresscmd /usr/bin/gzip
+  compressext .gz
+  postrotate
+    /opt/xrpld/bin/xrpld --conf /etc/opt/xrpld/xrpld.cfg logrotate
+  endscript
+}

package/shared/xrpld.service

@@ -0,0 +1,22 @@
+[Unit]
+Description=XRP Ledger Daemon
+After=network-online.target
+Wants=network-online.target
+StartLimitIntervalSec=300
+StartLimitBurst=5
+
+[Service]
+Type=simple
+ExecStart=/opt/xrpld/bin/xrpld --net --silent --conf /etc/opt/xrpld/xrpld.cfg
+Restart=always
+RestartSec=5s
+NoNewPrivileges=true
+ProtectSystem=full
+ProtectHome=true
+PrivateTmp=true
+User=xrpld
+Group=xrpld
+LimitNOFILE=65536
+
+[Install]
+WantedBy=multi-user.target

package/shared/xrpld.sysusers

@@ -0,0 +1 @@
+u xrpld - "XRP Ledger daemon" /var/lib/xrpld /sbin/nologin

package/shared/xrpld.tmpfiles

@@ -0,0 +1,2 @@
+d /var/lib/xrpld    0750 xrpld xrpld -
+d /var/log/xrpld    0750 xrpld xrpld -

package/test/check_install_paths.sh

@@ -0,0 +1,45 @@
+#!/usr/bin/env sh
+# Validate installed paths and compat symlinks for xrpld packages.
+
+set -e
+set -x
+trap 'test $? -ne 0 && touch /tmp/test_failed' EXIT
+
+check() { test $1 "$2" || { echo "FAIL: $1 $2"; exit 1; }; }
+check_resolves_to() {
+    actual=$(readlink -f "$1")
+    [ "$actual" = "$2" ] || { echo "FAIL: $1 resolves to $actual, expected $2"; exit 1; }
+}
+
+# compat directory symlinks — existence and resolved target
+check -L /opt/ripple
+check_resolves_to /opt/ripple /opt/xrpld
+
+check -L /etc/opt/xrpld
+check_resolves_to /etc/opt/xrpld /opt/xrpld/etc
+
+check -L /etc/opt/ripple
+check_resolves_to /etc/opt/ripple /opt/xrpld/etc
+
+# config accessible via all expected paths
+check -f /opt/xrpld/etc/xrpld.cfg
+check -f /opt/xrpld/etc/rippled.cfg
+check -f /etc/opt/xrpld/xrpld.cfg
+check -f /etc/opt/xrpld/rippled.cfg
+check -f /etc/opt/ripple/xrpld.cfg
+check -f /etc/opt/ripple/rippled.cfg
+
+if systemctl is-system-running >/dev/null 2>&1; then
+    # service file sanity check
+    SERVICE=$(systemctl cat xrpld)
+    echo "$SERVICE" | grep -q 'ExecStart=/opt/xrpld/bin/xrpld' || { echo "FAIL: ExecStart wrong"; echo "$SERVICE"; exit 1; }
+    echo "$SERVICE" | grep -q 'User=xrpld' || { echo "FAIL: User not xrpld"; echo "$SERVICE"; exit 1; }
+fi
+
+# binary accessible via all expected paths
+/opt/xrpld/bin/xrpld     --version
+/opt/xrpld/bin/rippled   --version
+/opt/ripple/bin/xrpld    --version
+/opt/ripple/bin/rippled  --version
+/usr/bin/xrpld           --version
+/usr/local/bin/rippled   --version

package/test/smoketest.sh

@@ -0,0 +1,91 @@
+#!/usr/bin/env bash
+# Install a locally-built package and run basic verification.
+#
+# Usage: smoketest.sh local
+#   Expects packages in build/{dpkg,rpm}/packages/ or build/debbuild/ / build/rpmbuild/RPMS/
+
+set -o pipefail
+set -x
+rm -f /tmp/test_failed /tmp/unittest_results
+trap 'test $? -ne 0 && touch /tmp/test_failed' EXIT
+
+install_from=$1
+
+. /etc/os-release
+case ${ID} in
+    ubuntu|debian)
+        pkgtype="dpkg"
+        ;;
+    fedora|centos|rhel|rocky|almalinux)
+        pkgtype="rpm"
+        ;;
+    *)
+        echo "unrecognized distro!"
+        exit 1
+        ;;
+esac
+
+if [ "${install_from}" != "local" ]; then
+    echo "only 'local' install mode is supported"
+    exit 1
+fi
+
+# Install the package
+if [ "${pkgtype}" = "dpkg" ] ; then
+    apt-get -y update
+    # Find .deb files — check both possible output locations
+    mapfile -t debs < <(find build/debbuild/ build/dpkg/packages/ -name '*.deb' ! -name '*dbgsym*' 2>/dev/null)
+    if [ ${#debs[@]} -eq 0 ]; then
+        echo "No .deb files found"
+        exit 1
+    fi
+    dpkg --no-debsig -i "${debs[@]}" || apt-get -y install -f || { echo "DEB install failed"; exit 1; }
+elif [ "${pkgtype}" = "rpm" ] ; then
+    # Find .rpm files — check both possible output locations
+    mapfile -t rpms < <(find build/rpmbuild/RPMS/ build/rpm/packages/ -name '*.rpm' \
+        ! -name '*debug*' ! -name '*devel*' ! -name '*.src.rpm' 2>/dev/null)
+    if [ ${#rpms[@]} -eq 0 ]; then
+        echo "No .rpm files found"
+        exit 1
+    fi
+    rpm -i "${rpms[@]}" || { echo "RPM install failed"; exit 1; }
+fi
+
+# Verify installed version
+if ! VERSION_OUTPUT=$(/opt/xrpld/bin/xrpld --version); then
+    echo "xrpld --version failed; binary not installed correctly"
+    exit 1
+fi
+INSTALLED=$(echo "$VERSION_OUTPUT" | head -1 | awk '{print $NF}')
+echo "Installed version: ${INSTALLED}"
+
+# Run unit tests
+if [ -n "${CI:-}" ]; then
+    unittest_jobs=$(nproc)
+else
+    unittest_jobs=16
+fi
+
+(
+    cd /tmp
+    /opt/xrpld/bin/xrpld --unittest --unittest-jobs "${unittest_jobs}" > /tmp/unittest_results || true
+)
+
+if [ ! -s /tmp/unittest_results ]; then
+    echo "Unit test results file is empty — xrpld may have crashed"
+    exit 1
+fi
+
+num_failures=$(tail /tmp/unittest_results -n1 | grep -oP '\d+(?= failures)')
+if [ -z "$num_failures" ]; then
+    echo "Could not parse unit test results — expected summary line not found"
+    exit 1
+fi
+if [ "${num_failures}" -ne 0 ]; then
+    echo "$num_failures unit test(s) failed:"
+    grep 'failed:' /tmp/unittest_results
+    exit 1
+fi
+
+# Compat path checks
+"$(dirname "${BASH_SOURCE[0]}")/check_install_paths.sh"

sanitizers/suppressions/ubsan.supp

@@ -11,7 +11,6 @@ float-cast-overflow:external
 float-divide-by-zero:external
 function:external
 implicit-integer-sign-change:external
-implicit-signed-integer-truncation::external
 implicit-signed-integer-truncation:external
 implicit-unsigned-integer-truncation:external
 integer-divide-by-zero:external
@@ -71,145 +70,15 @@ vla-bound:boost
 vptr_check:boost
 vptr:boost
 
-# Google protobuf
+# Google protobuf - intentional overflows in hash functions
 undefined:protobuf
-
-# Suppress UBSan errors in xrpld code by source file path
-undefined:src/libxrpl/basics/base64.cpp
-undefined:src/libxrpl/basics/Number.cpp
-undefined:src/libxrpl/beast/utility/beast_Journal.cpp
-undefined:src/libxrpl/crypto/RFC1751.cpp
-undefined:src/libxrpl/ledger/ApplyView.cpp
-undefined:src/libxrpl/ledger/View.cpp
-undefined:src/libxrpl/protocol/Permissions.cpp
-undefined:src/libxrpl/protocol/STAmount.cpp
-undefined:src/libxrpl/protocol/STPathSet.cpp
-undefined:src/libxrpl/protocol/tokens.cpp
-undefined:src/libxrpl/shamap/SHAMap.cpp
-undefined:src/test/app/Batch_test.cpp
-undefined:src/test/app/Invariants_test.cpp
-undefined:src/test/app/NFToken_test.cpp
-undefined:src/test/app/Offer_test.cpp
-undefined:src/test/app/Path_test.cpp
-undefined:src/test/basics/XRPAmount_test.cpp
-undefined:src/test/beast/LexicalCast_test.cpp
-undefined:src/test/jtx/impl/acctdelete.cpp
-undefined:src/test/ledger/SkipList_test.cpp
-undefined:src/test/rpc/Subscribe_test.cpp
-undefined:src/tests/libxrpl/basics/RangeSet.cpp
-undefined:src/xrpld/app/main/BasicApp.cpp
-undefined:src/xrpld/app/main/BasicApp.cpp
-undefined:src/xrpld/app/misc/detail/AmendmentTable.cpp
-undefined:src/xrpld/app/misc/NetworkOPs.cpp
-undefined:src/libxrpl/json/json_value.cpp
-undefined:src/xrpld/app/paths/detail/StrandFlow.h
-undefined:src/xrpld/app/tx/detail/NFTokenMint.cpp
-undefined:src/xrpld/app/tx/detail/OracleSet.cpp
-undefined:src/xrpld/core/detail/JobQueue.cpp
-undefined:src/xrpld/core/detail/Workers.cpp
-undefined:src/xrpld/rpc/detail/Role.cpp
-undefined:src/xrpld/rpc/handlers/GetAggregatePrice.cpp
-undefined:xrpl/basics/base_uint.h
-undefined:xrpl/basics/DecayingSample.h
-undefined:xrpl/beast/test/yield_to.h
-undefined:xrpl/beast/xor_shift_engine.h
-undefined:xrpl/nodestore/detail/varint.h
-undefined:xrpl/peerfinder/detail/Counts.h
-undefined:xrpl/protocol/nft.h
-
-# basic_string.h:483:51: runtime error: unsigned integer overflow
-unsigned-integer-overflow:basic_string.h
-unsigned-integer-overflow:bits/chrono.h
-unsigned-integer-overflow:bits/random.h
-unsigned-integer-overflow:bits/random.tcc
-unsigned-integer-overflow:bits/stl_algobase.h
-unsigned-integer-overflow:bits/uniform_int_dist.h
-unsigned-integer-overflow:string_view
-
-# runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'std::size_t' (aka 'unsigned long')
-unsigned-integer-overflow:src/libxrpl/basics/base64.cpp
-unsigned-integer-overflow:src/libxrpl/basics/Number.cpp
-unsigned-integer-overflow:src/libxrpl/crypto/RFC1751.cpp
-unsigned-integer-overflow:rc/libxrpl/json/json_value.cpp
-unsigned-integer-overflow:src/libxrpl/ledger/ApplyView.cpp
-unsigned-integer-overflow:src/libxrpl/ledger/View.cpp
-unsigned-integer-overflow:src/libxrpl/protocol/Permissions.cpp
-unsigned-integer-overflow:src/libxrpl/protocol/STAmount.cpp
-unsigned-integer-overflow:src/libxrpl/protocol/STPathSet.cpp
-unsigned-integer-overflow:src/libxrpl/protocol/tokens.cpp
-unsigned-integer-overflow:src/libxrpl/shamap/SHAMap.cpp
-unsigned-integer-overflow:src/test/app/Batch_test.cpp
-unsigned-integer-overflow:src/test/app/Invariants_test.cpp
-unsigned-integer-overflow:src/test/app/NFToken_test.cpp
-unsigned-integer-overflow:src/test/app/Offer_test.cpp
-unsigned-integer-overflow:src/test/app/Path_test.cpp
-unsigned-integer-overflow:src/test/basics/XRPAmount_test.cpp
-unsigned-integer-overflow:src/test/beast/LexicalCast_test.cpp
-unsigned-integer-overflow:src/test/jtx/impl/acctdelete.cpp
-unsigned-integer-overflow:src/test/ledger/SkipList_test.cpp
-unsigned-integer-overflow:src/test/rpc/Subscribe_test.cpp
-unsigned-integer-overflow:src/tests/libxrpl/basics/RangeSet.cpp
-unsigned-integer-overflow:src/xrpld/app/main/BasicApp.cpp
-unsigned-integer-overflow:src/xrpld/app/misc/detail/AmendmentTable.cpp
-unsigned-integer-overflow:src/xrpld/app/misc/NetworkOPs.cpp
-unsigned-integer-overflow:src/xrpld/app/paths/detail/StrandFlow.h
-unsigned-integer-overflow:src/xrpld/app/tx/detail/NFTokenMint.cpp
-unsigned-integer-overflow:src/xrpld/app/tx/detail/OracleSet.cpp
-unsigned-integer-overflow:src/xrpld/rpc/detail/Role.cpp
-unsigned-integer-overflow:src/xrpld/rpc/handlers/GetAggregatePrice.cpp
-unsigned-integer-overflow:xrpl/basics/base_uint.h
-unsigned-integer-overflow:xrpl/basics/DecayingSample.h
-unsigned-integer-overflow:xrpl/beast/test/yield_to.h
-unsigned-integer-overflow:xrpl/beast/xor_shift_engine.h
-unsigned-integer-overflow:xrpl/nodestore/detail/varint.h
-unsigned-integer-overflow:xrpl/peerfinder/detail/Counts.h
-unsigned-integer-overflow:xrpl/protocol/nft.h
-
-# Xrpld intentional overflows and operations
-# STAmount uses intentional negation of INT64_MIN and overflow in arithmetic
-signed-integer-overflow:src/libxrpl/protocol/STAmount.cpp
-unsigned-integer-overflow:src/libxrpl/protocol/STAmount.cpp
-
-# XRPAmount test intentional overflows
-signed-integer-overflow:src/test/basics/XRPAmount_test.cpp
-
-# Peerfinder intentional overflow in counter arithmetic
-unsigned-integer-overflow:src/xrpld/peerfinder/detail/Counts.h
-
-# Signed integer overflow suppressions
-signed-integer-overflow:src/test/beast/LexicalCast_test.cpp
-
-# External library suppressions
-unsigned-integer-overflow:nudb/detail/xxhash.hpp
-
-# Loan_test.cpp intentional underflow in test arithmetic
-unsigned-integer-overflow:src/test/app/Loan_test.cpp
-undefined:src/test/app/Loan_test.cpp
-
-# Source tree restructured paths (libxrpl/tx/transactors/)
-# These duplicate the xrpld/app/tx/detail entries above for the new layout
-unsigned-integer-overflow:src/libxrpl/tx/transactors/oracle/OracleSet.cpp
-undefined:src/libxrpl/tx/transactors/oracle/OracleSet.cpp
-unsigned-integer-overflow:src/libxrpl/tx/transactors/nft/NFTokenMint.cpp
-undefined:src/libxrpl/tx/transactors/nft/NFTokenMint.cpp
-
-# Protobuf intentional overflows in hash functions
-# Protobuf uses intentional unsigned overflow for hash computation (stringpiece.h:393)
 unsigned-integer-overflow:google/protobuf/stubs/stringpiece.h
 
-# gRPC intentional overflows
-# gRPC uses intentional overflow in timer calculations
+# gRPC intentional overflows in timer calculations
 unsigned-integer-overflow:grpc
 unsigned-integer-overflow:timer_manager.cc
 
-# Standard library intentional overflows
-# These are intentional overflows in random number generation and character conversion
-unsigned-integer-overflow:__random/seed_seq.h
-unsigned-integer-overflow:__charconv/traits.h
-
-
-# Suppress errors in RocksDB
-# RocksDB uses intentional unsigned integer overflows in hash functions and CRC calculations
+# RocksDB intentional unsigned integer overflows in hash functions and CRC calculations
 unsigned-integer-overflow:rocks*/*/util/xxhash.h
 unsigned-integer-overflow:rocks*/*/util/xxph3.h
 unsigned-integer-overflow:rocks*/*/util/hash.cc
@@ -221,13 +90,14 @@ unsigned-integer-overflow:rocks*/*/table/format.cc
 unsigned-integer-overflow:rocks*/*/table/block_based/block_based_table_builder.cc
 unsigned-integer-overflow:rocks*/*/table/block_based/reader_common.cc
 unsigned-integer-overflow:rocks*/*/db/version_set.cc
-
-# RocksDB misaligned loads (intentional for performance on ARM64)
 alignment:rocks*/*/util/crc32c_arm64.cc
+undefined:rocks*/*/util/crc32c_arm64.cc
+undefined:rocks*/*/util/xxhash.h
 
 # nudb intentional overflows in hash functions
 unsigned-integer-overflow:nudb/detail/xxhash.hpp
 alignment:nudb/detail/xxhash.hpp
+undefined:nudb
 
 # Snappy compression library intentional overflows
 unsigned-integer-overflow:snappy.cc
@@ -239,10 +109,40 @@ unsigned-integer-overflow:absl/base/internal/low_level_alloc.cc
 unsigned-integer-overflow:absl/hash/internal/hash.h
 unsigned-integer-overflow:absl/container/internal/raw_hash_set.h
 
-# Standard library intentional overflows in chrono duration arithmetic
+# Standard library intentional overflows
+unsigned-integer-overflow:basic_string.h
+unsigned-integer-overflow:bits/chrono.h
+unsigned-integer-overflow:bits/random.h
+unsigned-integer-overflow:bits/random.tcc
+unsigned-integer-overflow:bits/stl_algobase.h
+unsigned-integer-overflow:bits/uniform_int_dist.h
+unsigned-integer-overflow:string_view
+unsigned-integer-overflow:__random/seed_seq.h
+unsigned-integer-overflow:__charconv/traits.h
 unsigned-integer-overflow:__chrono/duration.h
 
-# Suppress undefined errors in RocksDB and nudb
-undefined:rocks.*/*/util/crc32c_arm64.cc
-undefined:rocks.*/*/util/xxhash.h
-undefined:nudb
+# =============================================================================
+# Rippled code suppressions
+# =============================================================================
+
+# Signed integer negation (-value) in amount types.
+# INT64_MIN cannot occur in practice due to domain invariants (mantissa ranges
+# are well within int64_t bounds), but UBSan flags the pattern as potential
+# signed overflow. Narrowed to operator- to avoid suppressing unrelated
+# overflows anywhere in a stack trace containing these type names.
+signed-integer-overflow:operator-*IOUAmount*
+signed-integer-overflow:operator-*XRPAmount*
+signed-integer-overflow:operator-*MPTAmount*
+signed-integer-overflow:operator-*STAmount*
+
+# STAmount::operator+ signed addition — operands are bounded by total supply
+# (~10^17 for XRP, ~10^18 for MPT) so overflow cannot occur in practice.
+signed-integer-overflow:operator+*STAmount*
+
+# STAmount::getRate uses unsigned shift and addition
+unsigned-integer-overflow:*STAmount*getRate*
+# STAmount::serialize uses unsigned bitwise operations
+unsigned-integer-overflow:*STAmount*serialize*
+
+# nft::cipheredTaxon uses intentional uint32 wraparound (LCG permutation)
+unsigned-integer-overflow:cipheredTaxon

src/libxrpl/basics/Archive.cpp

@@ -2,18 +2,20 @@
 
 #include <xrpl/basics/contract.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
+
 #include <archive.h>
 #include <archive_entry.h>
 
 #include <cstddef>
-#include <filesystem>
 #include <memory>
 #include <stdexcept>
 
 namespace xrpl {
 
 void
-extractTarLz4(std::filesystem::path const& src, std::filesystem::path const& dst)
+extractTarLz4(boost::filesystem::path const& src, boost::filesystem::path const& dst)
 {
     if (!is_regular_file(src))
         Throw<std::runtime_error>("Invalid source file");

src/libxrpl/basics/FileUtilities.cpp

@@ -1,24 +1,29 @@
 #include <xrpl/basics/FileUtilities.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
+#include <boost/system/detail/errc.hpp>
+#include <boost/system/detail/error_code.hpp>
+#include <boost/system/errc.hpp>
+
 #include <cerrno>
 #include <cstddef>
-#include <filesystem>
 #include <fstream>
 #include <ios>
 #include <iterator>
 #include <optional>
 #include <string>
-#include <system_error>
 
 namespace xrpl {
 
 std::string
 getFileContents(
-    std::error_code& ec,
-    std::filesystem::path const& sourcePath,
+    boost::system::error_code& ec,
+    boost::filesystem::path const& sourcePath,
     std::optional<std::size_t> maxSize)
 {
-    using namespace std::filesystem;
+    using namespace boost::filesystem;
+    using namespace boost::system::errc;
 
     path const fullPath{canonical(sourcePath, ec)};
     if (ec)
@@ -27,15 +32,15 @@ getFileContents(
     if (maxSize && (file_size(fullPath, ec) > *maxSize || ec))
     {
         if (!ec)
-            ec = make_error_code(std::errc::file_too_large);
+            ec = make_error_code(file_too_large);
         return {};
     }
 
-    std::ifstream fileStream(fullPath, std::ios::in);
+    std::ifstream fileStream(fullPath.string(), std::ios::in);
 
     if (!fileStream)
     {
-        ec.assign(errno, std::generic_category());
+        ec = make_error_code(static_cast<errc_t>(errno));
         return {};
     }
 
@@ -44,7 +49,7 @@ getFileContents(
 
     if (fileStream.bad())
     {
-        ec.assign(errno, std::generic_category());
+        ec = make_error_code(static_cast<errc_t>(errno));
         return {};
     }
 
@@ -53,15 +58,18 @@ getFileContents(
 
 void
 writeFileContents(
-    std::error_code& ec,
-    std::filesystem::path const& destPath,
+    boost::system::error_code& ec,
+    boost::filesystem::path const& destPath,
     std::string const& contents)
 {
-    std::ofstream fileStream(destPath, std::ios::out | std::ios::trunc);
+    using namespace boost::filesystem;
+    using namespace boost::system::errc;
+
+    std::ofstream fileStream(destPath.string(), std::ios::out | std::ios::trunc);
 
     if (!fileStream)
     {
-        ec.assign(errno, std::generic_category());
+        ec = make_error_code(static_cast<errc_t>(errno));
         return;
     }
 
@@ -69,7 +77,7 @@ writeFileContents(
 
     if (fileStream.bad())
     {
-        ec.assign(errno, std::generic_category());
+        ec = make_error_code(static_cast<errc_t>(errno));
         return;
     }
 }

src/libxrpl/basics/Log.cpp

@@ -5,10 +5,10 @@
 #include <xrpl/beast/utility/instrumentation.h>
 
 #include <boost/algorithm/string/predicate.hpp>
+#include <boost/filesystem/path.hpp>
 
 #include <chrono>
 #include <cstring>
-#include <filesystem>
 #include <fstream>
 #include <functional>
 #include <iostream>
@@ -53,7 +53,7 @@ Logs::File::isOpen() const noexcept
 }
 
 bool
-Logs::File::open(std::filesystem::path const& path)
+Logs::File::open(boost::filesystem::path const& path)
 {
     close();
 
@@ -112,7 +112,7 @@ Logs::Logs(beast::severities::Severity thresh) : thresh_(thresh)  // default sev
 }
 
 bool
-Logs::open(std::filesystem::path const& pathToLogFile)
+Logs::open(boost::filesystem::path const& pathToLogFile)
 {
     return file_.open(pathToLogFile);
 }

src/libxrpl/basics/base64.cpp

@@ -107,7 +107,7 @@ encode(void* dest, void const* src, std::size_t len)
     char const* in = static_cast<char const*>(src);
     auto const tab = base64::get_alphabet();
 
-    for (auto n = len / 3; n != 0u; --n)
+    for (auto n = len / 3; n > 0; --n)
     {
         *out++ = tab[(in[0] & 0xfc) >> 2];
         *out++ = tab[((in[0] & 0x03) << 4) + ((in[1] & 0xf0) >> 4)];

src/libxrpl/nodestore/backend/NuDBFactory.cpp

@@ -15,6 +15,8 @@
 #include <xrpl/nodestore/detail/EncodedBlob.h>
 #include <xrpl/nodestore/detail/codec.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
 #include <boost/system/detail/errc.hpp>
 
 #include <nudb/context.hpp>
@@ -33,14 +35,12 @@
 #include <cstdint>
 #include <cstdio>
 #include <exception>
-#include <filesystem>
 #include <functional>
 #include <memory>
 #include <optional>
 #include <sstream>
 #include <stdexcept>
 #include <string>
-#include <system_error>
 #include <utility>
 #include <vector>
 
@@ -131,7 +131,7 @@ public:
     void
     open(bool createIfMissing, uint64_t appType, uint64_t uid, uint64_t salt) override
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         if (db_.is_open())
         {
             // LCOV_EXCL_START
@@ -194,12 +194,11 @@ public:
 
             if (deletePath_)
             {
-                std::error_code fsec;
-                std::filesystem::remove_all(name_, fsec);
-                if (fsec)
+                boost::filesystem::remove_all(name_, ec);
+                if (ec)
                 {
-                    JLOG(j_.fatal()) << "Filesystem remove_all of " << name_
-                                     << " failed with: " << fsec.message();
+                    JLOG(j_.fatal())
+                        << "Filesystem remove_all of " << name_ << " failed with: " << ec.message();
                 }
             }
         }
@@ -375,7 +374,7 @@ private:
     static std::size_t
     parseBlockSize(std::string const& name, Section const& keyValues, beast::Journal journal)
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         auto const folder = path(name);
         auto const kp = (folder / "nudb.key").string();
 

src/libxrpl/nodestore/backend/RocksDBFactory.cpp

@@ -8,6 +8,9 @@
 #include <xrpl/nodestore/Scheduler.h>
 #include <xrpl/nodestore/Types.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
+
 #include <rocksdb/advanced_options.h>
 #include <rocksdb/cache.h>
 #include <rocksdb/compression_type.h>
@@ -23,7 +26,6 @@
 
 #include <bit>
 #include <cstddef>
-#include <filesystem>
 #include <functional>
 #include <stdexcept>
 #include <string>
@@ -263,8 +265,8 @@ public:
             m_db.reset();
             if (m_deletePath)
             {
-                std::filesystem::path const dir = m_name;
-                std::filesystem::remove_all(dir);
+                boost::filesystem::path const dir = m_name;
+                boost::filesystem::remove_all(dir);
             }
         }
     }

src/libxrpl/rdb/SociDB.cpp

@@ -4,11 +4,13 @@
 #include <xrpl/core/JobQueue.h>
 #include <xrpl/core/ServiceRegistry.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
+
 #include <soci/blob.h>
 
 #include <cstddef>
 #include <cstdint>
-#include <filesystem>
 #include <mutex>
 #include <stdexcept>
 #include <string>
@@ -42,8 +44,8 @@ getSociSqliteInit(std::string const& name, std::string const& dir, std::string c
         Throw<std::runtime_error>(
             "Sqlite databases must specify a dir and a name. Name: " + name + " Dir: " + dir);
     }
-    std::filesystem::path file(dir);
-    if (std::filesystem::is_directory(file))
+    boost::filesystem::path file(dir);
+    if (is_directory(file))
         file /= name + ext;
     return file.string();
 }

src/libxrpl/server/Vacuum.cpp

@@ -5,12 +5,13 @@
 #include <xrpl/rdb/DBInit.h>
 #include <xrpl/rdb/DatabaseCon.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
 #include <boost/format.hpp>  // IWYU pragma: keep
 
 #include <soci/into.h>
 
 #include <cstdint>
-#include <filesystem>
 #include <iostream>
 #include <memory>
 
@@ -19,7 +20,7 @@ namespace xrpl {
 bool
 doVacuumDB(DatabaseCon::Setup const& setup, beast::Journal j)
 {
-    std::filesystem::path const dbPath = setup.dataDir / TxDBName;
+    boost::filesystem::path const dbPath = setup.dataDir / TxDBName;
 
     uintmax_t const dbSize = file_size(dbPath);
     XRPL_ASSERT(dbSize != static_cast<uintmax_t>(-1), "xrpl::doVacuumDB : file_size succeeded");

src/test/app/GRPCServerTLS_test.cpp

@@ -7,6 +7,8 @@
 #include <xrpl/proto/org/xrpl/rpc/v1/get_ledger.pb.h>
 #include <xrpl/proto/org/xrpl/rpc/v1/xrp_ledger.grpc.pb.h>
 
+#include <boost/filesystem/operations.hpp>
+
 #include <grpcpp/client_context.h>
 #include <grpcpp/create_channel.h>
 #include <grpcpp/grpcpp.h>
@@ -14,14 +16,9 @@
 #include <grpcpp/support/status.h>
 
 #include <chrono>
-#include <cstddef>
 #include <filesystem>
 #include <fstream>
-#include <iomanip>
-#include <ios>
 #include <memory>
-#include <random>
-#include <sstream>
 #include <stdexcept>
 #include <string>
 #include <string_view>
@@ -259,23 +256,9 @@ public:
     TemporaryTLSCertificates()
     {
         auto tmpDir = std::filesystem::temp_directory_path();
-        std::random_device rd;
-        constexpr std::size_t maxAttempts = 100;
-        for (std::size_t attempt = 0; attempt < maxAttempts; ++attempt)
-        {
-            std::error_code ec;
-            std::ostringstream oss;
-            oss << kCERTS_DIR_PREFIX << std::hex << std::setfill('0') << std::setw(8) << rd();
-            tempDir_ = tmpDir / oss.str();
-            if (!std::filesystem::exists(tempDir_, ec) && !ec)
-                break;
-            tempDir_.clear();
-        }
-        if (tempDir_.empty())
-        {
-            throw std::runtime_error(
-                "Unable to generate a unique temporary TLS certificate directory");
-        }
+        auto uniqueDirName =
+            boost::filesystem::unique_path(std::string(kCERTS_DIR_PREFIX) + "%%%%%%%%");
+        tempDir_ = tmpDir / uniqueDirName.string();
         std::filesystem::create_directories(tempDir_);
 
         writeFile(tempDir_ / kCA_CERT_FILENAME, kCA_CERT_CONTENT);

src/test/app/LedgerLoad_test.cpp

@@ -18,16 +18,16 @@
 #include <xrpl/protocol/jss.h>
 
 #include <boost/algorithm/string/erase.hpp>
+#include <boost/filesystem/operations.hpp>
+#include <boost/system/detail/error_code.hpp>
 
 #include <cassert>
-#include <filesystem>
 #include <fstream>
 #include <ios>
 #include <memory>
 #include <optional>
 #include <stdexcept>
 #include <string>
-#include <system_error>
 
 namespace xrpl {
 
@@ -139,7 +139,7 @@ class LedgerLoad_test : public beast::unit_test::suite
     {
         testcase("Load ledger: Bad Files");
         using namespace test::jtx;
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
 
         // empty path
         except([&] {
@@ -161,8 +161,8 @@ class LedgerLoad_test : public beast::unit_test::suite
         });
 
         // make a corrupted version of the ledger file (last 10 bytes removed).
-        std::error_code ec;
-        auto ledgerFileCorrupt = std::filesystem::path{sd.dbPath} / "ledgerdata_bad.json";
+        boost::system::error_code ec;
+        auto ledgerFileCorrupt = boost::filesystem::path{sd.dbPath} / "ledgerdata_bad.json";
         copy_file(sd.ledgerFile, ledgerFileCorrupt, copy_options::overwrite_existing, ec);
         if (!BEAST_EXPECTS(!ec, ec.message()))
             return;

src/test/app/Manifest_test.cpp

@@ -21,12 +21,14 @@
 #include <xrpl/server/Manifest.h>
 #include <xrpl/server/Wallet.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
+
 #include <algorithm>
 #include <array>
 #include <cassert>
 #include <cstdint>
 #include <exception>
-#include <filesystem>
 #include <limits>
 #include <memory>
 #include <optional>
@@ -53,18 +55,18 @@ private:
     }
 
     static void
-    cleanupDatabaseDir(std::filesystem::path const& dbPath)
+    cleanupDatabaseDir(boost::filesystem::path const& dbPath)
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         if (!exists(dbPath) || !is_directory(dbPath) || !is_empty(dbPath))
             return;
         remove(dbPath);
     }
 
     static void
-    setupDatabaseDir(std::filesystem::path const& dbPath)
+    setupDatabaseDir(boost::filesystem::path const& dbPath)
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         if (!exists(dbPath))
         {
             create_directory(dbPath);
@@ -77,10 +79,10 @@ private:
             Throw<std::runtime_error>("Cannot create directory: " + dbPath.string());
         }
     }
-    static std::filesystem::path
+    static boost::filesystem::path
     getDatabasePath()
     {
-        return std::filesystem::current_path() / "manifest_test_databases";
+        return boost::filesystem::current_path() / "manifest_test_databases";
     }
 
 public:
@@ -349,7 +351,7 @@ public:
                 BEAST_EXPECT(loaded.revoked(pk));
             }
         }
-        std::filesystem::remove(getDatabasePath() / std::filesystem::path(dbName));
+        boost::filesystem::remove(getDatabasePath() / boost::filesystem::path(dbName));
     }
 
     void

src/test/app/SHAMapStore_test.cpp

@@ -21,9 +21,10 @@
 #include <xrpl/protocol/XRPAmount.h>
 #include <xrpl/protocol/jss.h>
 
+#include <boost/filesystem/path.hpp>
+
 #include <atomic>
 #include <cstdint>
-#include <filesystem>
 #include <limits>
 #include <map>
 #include <memory>
@@ -490,7 +491,7 @@ public:
     makeBackendRotating(jtx::Env& env, NodeStoreScheduler& scheduler, std::string path)
     {
         Section section{env.app().config().section(ConfigSection::nodeDatabase())};
-        std::filesystem::path newPath;
+        boost::filesystem::path newPath;
 
         if (!BEAST_EXPECT(path.size()))
             return {};

src/test/app/ValidatorSite_test.cpp

@@ -15,12 +15,13 @@
 #include <xrpl/protocol/jss.h>
 
 #include <boost/algorithm/string/join.hpp>
+#include <boost/filesystem/directory.hpp>
+#include <boost/filesystem/operations.hpp>
 #include <boost/range/adaptor/transformed.hpp>
 
 #include <date/date.h>
 
 #include <chrono>
-#include <filesystem>
 #include <fstream>
 #include <memory>
 #include <ostream>
@@ -600,7 +601,7 @@ public:
                   detail::default_effective_overlap,
                   60 * 24}});  // max of 24 hours
         }
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         for (auto const& file : directory_iterator(good.subdir()))
         {
             remove_all(file);

src/test/basics/FileUtilities_test.cpp

@@ -4,7 +4,8 @@
 #include <xrpl/basics/FileUtilities.h>
 #include <xrpl/beast/unit_test/suite.h>
 
-#include <system_error>
+#include <boost/system/detail/errc.hpp>
+#include <boost/system/detail/error_code.hpp>
 
 namespace xrpl {
 
@@ -15,13 +16,14 @@ public:
     testGetFileContents()
     {
         using namespace xrpl::detail;
+        using namespace boost::system;
 
         constexpr char const* expectedContents = "This file is very short. That's all we need.";
 
         FileDirGuard const file(
             *this, "test_file", "test.txt", "This is temporary text that should get overwritten");
 
-        std::error_code ec;
+        error_code ec;
         auto const path = file.file();
 
         writeFileContents(ec, path, expectedContents);
@@ -44,7 +46,7 @@ public:
         {
             // Test with small max
             auto const bad = getFileContents(ec, path, 16);
-            BEAST_EXPECT(ec && ec == std::errc::file_too_large);
+            BEAST_EXPECT(ec && ec.value() == boost::system::errc::file_too_large);
             BEAST_EXPECT(bad.empty());
         }
     }

src/test/basics/PerfLog_test.cpp

@@ -15,10 +15,14 @@
 #include <xrpl/protocol/ErrorCodes.h>
 #include <xrpl/protocol/jss.h>
 
+#include <boost/filesystem/file_status.hpp>
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
+#include <boost/system/detail/error_code.hpp>
+
 #include <algorithm>
 #include <chrono>
 #include <cstdint>
-#include <filesystem>
 #include <fstream>
 #include <ios>
 #include <iterator>
@@ -27,7 +31,6 @@
 #include <ostream>
 #include <random>
 #include <string>
-#include <system_error>
 #include <thread>
 #include <utility>
 #include <vector>
@@ -40,7 +43,7 @@ class PerfLog_test : public beast::unit_test::suite
 {
     enum class WithFile : bool { no = false, yes = true };
 
-    using path = std::filesystem::path;
+    using path = boost::filesystem::path;
 
     // We're only using Env for its Journal.  That Journal gives better
     // coverage in unit tests.
@@ -63,14 +66,14 @@ class PerfLog_test : public beast::unit_test::suite
             // The error code is intentionally ignored: if the path doesn't
             // exist (the common case on a clean runner) remove_all returns
             // an error, and that's fine — there's nothing to clean up.
-            using namespace std::filesystem;
-            std::error_code ec;
+            using namespace boost::filesystem;
+            boost::system::error_code ec;
             remove_all(logDir(), ec);
         }
 
         ~Fixture()
         {
-            using namespace std::filesystem;
+            using namespace boost::filesystem;
 
             auto const dir{logDir()};
             auto const file{logFile()};
@@ -93,7 +96,7 @@ class PerfLog_test : public beast::unit_test::suite
         static path
         logDir()
         {
-            using namespace std::filesystem;
+            using namespace boost::filesystem;
             return temp_directory_path() / "perf_log_test_dir";
         }
 
@@ -126,7 +129,7 @@ class PerfLog_test : public beast::unit_test::suite
         static void
         wait()
         {
-            using namespace std::filesystem;
+            using namespace boost::filesystem;
 
             auto const path = logFile();
             if (!exists(path))
@@ -198,7 +201,7 @@ public:
     void
     testFileCreation()
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
 
         {
             // Verify a PerfLog creates its file when constructed.
@@ -253,23 +256,22 @@ public:
 
             // Construct and write protect a file to prevent PerfLog
             // from creating its file.
-            std::error_code ec;
-            std::filesystem::create_directories(fixture.logDir(), ec);
+            boost::system::error_code ec;
+            boost::filesystem::create_directories(fixture.logDir(), ec);
             if (!BEAST_EXPECT(!ec))
                 return;
 
-            auto fileWriteable = [](std::filesystem::path const& p) -> bool {
+            auto fileWriteable = [](boost::filesystem::path const& p) -> bool {
                 return std::ofstream{p.c_str(), std::ios::out | std::ios::app}.is_open();
             };
 
             if (!BEAST_EXPECT(fileWriteable(fixture.logFile())))
                 return;
 
-            std::filesystem::permissions(
+            boost::filesystem::permissions(
                 fixture.logFile(),
-                std::filesystem::perms::owner_write | std::filesystem::perms::others_write |
-                    std::filesystem::perms::group_write,
-                std::filesystem::perm_options::remove);
+                perms::remove_perms | perms::owner_write | perms::others_write |
+                    perms::group_write);
 
             // If the test is running as root, then the write protect may have
             // no effect.  Make sure write protect worked before proceeding.
@@ -293,11 +295,9 @@ public:
             perfLog->stop();
 
             // Fix file permissions so the file can be cleaned up.
-            std::filesystem::permissions(
+            boost::filesystem::permissions(
                 fixture.logFile(),
-                std::filesystem::perms::owner_write | std::filesystem::perms::others_write |
-                    std::filesystem::perms::group_write,
-                std::filesystem::perm_options::add);
+                perms::add_perms | perms::owner_write | perms::others_write | perms::group_write);
         }
     }
 
@@ -962,7 +962,7 @@ public:
         // We can't fully test rotate because unit tests must run on Windows,
         // and Windows doesn't (may not?) support rotate.  But at least call
         // the interface and see that it doesn't crash.
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
 
         Fixture fixture{env_.app(), j_};
         BEAST_EXPECT(!exists(fixture.logDir()));

src/test/beast/LexicalCast_test.cpp

@@ -24,7 +24,7 @@ public:
     testInteger(IntType in)
     {
         std::string s;
-        IntType out(in + 1);
+        IntType out = static_cast<IntType>(~in);  // Ensure out != in
 
         expect(lexicalCastChecked(s, in));
         expect(lexicalCastChecked(out, s));

src/test/core/Config_test.cpp

@@ -10,6 +10,7 @@
 #include <xrpl/protocol/SystemParameters.h>  // IWYU pragma: keep
 #include <xrpl/server/Port.h>
 
+#include <boost/filesystem/operations.hpp>
 #include <boost/format.hpp>  // IWYU pragma: keep
 #include <boost/format/free_funcs.hpp>
 #include <boost/lexical_cast/bad_lexical_cast.hpp>
@@ -19,7 +20,6 @@
 #include <cstdint>
 #include <cstdlib>
 #include <exception>
-#include <filesystem>
 #include <fstream>
 #include <optional>
 #include <ostream>
@@ -179,7 +179,7 @@ public:
     [[nodiscard]] bool
     dataDirExists() const
     {
-        return std::filesystem::is_directory(dataDir_);
+        return boost::filesystem::is_directory(dataDir_);
     }
 
     [[nodiscard]] bool
@@ -192,7 +192,7 @@ public:
     {
         try
         {
-            using namespace std::filesystem;
+            using namespace boost::filesystem;
             if (rmDataDir_)
                 rmDir(dataDir_);
         }
@@ -273,7 +273,7 @@ public:
 class Config_test final : public TestSuite
 {
 private:
-    using path = std::filesystem::path;
+    using path = boost::filesystem::path;
 
 public:
     void
@@ -309,7 +309,7 @@ port_wss_admin
     {
         testcase("config_file");
 
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         auto const cwd = current_path();
 
         // Test both config file names.
@@ -425,7 +425,7 @@ port_wss_admin
     {
         testcase("database_path");
 
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         {
             boost::format cc("[database_path]\n%1%\n");
 
@@ -601,7 +601,7 @@ main
     {
         testcase("validators_file");
 
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         {
             // load should throw for missing specified validators file
             boost::format cc("[validators_file]\n%1%\n");

src/test/core/SociDB_test.cpp

@@ -6,6 +6,8 @@
 #include <xrpl/rdb/SociDB.h>
 
 #include <boost/algorithm/string/predicate.hpp>
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
 #include <boost/optional/optional.hpp>
 
 #include <soci/into.h>
@@ -16,7 +18,6 @@
 #include <cstdint>
 #include <cstring>
 #include <exception>
-#include <filesystem>
 #include <iterator>
 #include <limits>
 #include <stdexcept>
@@ -29,7 +30,7 @@ class SociDB_test final : public TestSuite
 {
 private:
     static void
-    setupSQLiteConfig(BasicConfig& config, std::filesystem::path const& dbPath)
+    setupSQLiteConfig(BasicConfig& config, boost::filesystem::path const& dbPath)
     {
         config.overwrite("sqdb", "backend", "sqlite");
         auto value = dbPath.string();
@@ -38,18 +39,18 @@ private:
     }
 
     static void
-    cleanupDatabaseDir(std::filesystem::path const& dbPath)
+    cleanupDatabaseDir(boost::filesystem::path const& dbPath)
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         if (!exists(dbPath) || !is_directory(dbPath) || !is_empty(dbPath))
             return;
         remove(dbPath);
     }
 
     static void
-    setupDatabaseDir(std::filesystem::path const& dbPath)
+    setupDatabaseDir(boost::filesystem::path const& dbPath)
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
         if (!exists(dbPath))
         {
             create_directory(dbPath);
@@ -62,10 +63,10 @@ private:
             Throw<std::runtime_error>("Cannot create directory: " + dbPath.string());
         }
     }
-    static std::filesystem::path
+    static boost::filesystem::path
     getDatabasePath()
     {
-        return std::filesystem::current_path() / "socidb_test_databases";
+        return boost::filesystem::current_path() / "socidb_test_databases";
     }
 
 public:
@@ -155,7 +156,7 @@ public:
             checkValues(s);
         }
         {
-            namespace bfs = std::filesystem;
+            namespace bfs = boost::filesystem;
             // Remove the database
             bfs::path const dbPath(sc.connectionString());
             if (bfs::is_regular_file(dbPath))
@@ -285,7 +286,7 @@ public:
 #endif
         }
         {
-            namespace bfs = std::filesystem;
+            namespace bfs = boost::filesystem;
             // Remove the database
             bfs::path const dbPath(sc.connectionString());
             if (bfs::is_regular_file(dbPath))
@@ -337,7 +338,7 @@ public:
             s << "SELECT LedgerSeq FROM Ledgers;", soci::into(ledgersLS);
             BEAST_EXPECT(ledgersLS.size() == numRows);
         }
-        namespace bfs = std::filesystem;
+        namespace bfs = boost::filesystem;
         // Remove the database
         bfs::path const dbPath(sc.connectionString());
         if (bfs::is_regular_file(dbPath))

src/test/unit_test/FileDirGuard.h

@@ -4,7 +4,8 @@
 
 #include <xrpl/basics/contract.h>
 
-#include <filesystem>
+#include <boost/filesystem.hpp>
+
 #include <fstream>
 
 namespace xrpl::detail {
@@ -15,7 +16,7 @@ namespace xrpl::detail {
 class DirGuard
 {
 protected:
-    using path = std::filesystem::path;
+    using path = boost::filesystem::path;
 
 private:
     path subDir_;
@@ -42,7 +43,7 @@ public:
     DirGuard(beast::unit_test::suite& test, path subDir, bool useCounter = true)
         : subDir_(std::move(subDir)), test_(test)
     {
-        using namespace std::filesystem;
+        using namespace boost::filesystem;
 
         static auto subDirCounter = 0;
         if (useCounter)
@@ -68,7 +69,7 @@ public:
     {
         try
         {
-            using namespace std::filesystem;
+            using namespace boost::filesystem;
 
             if (rmSubDir_)
                 rmDir(subDir_);
@@ -125,7 +126,7 @@ public:
     {
         try
         {
-            using namespace std::filesystem;
+            using namespace boost::filesystem;
             if (exists(file_))
             {
                 remove(file_);
@@ -155,7 +156,7 @@ public:
     [[nodiscard]] bool
     fileExists() const
     {
-        return std::filesystem::exists(file_);
+        return boost::filesystem::exists(file_);
     }
 };
 

src/tests/libxrpl/CMakeLists.txt

@@ -8,9 +8,12 @@ add_custom_target(xrpl.tests)
 
 # Test helpers
 add_library(xrpl.helpers.test STATIC)
-target_sources(xrpl.helpers.test PRIVATE helpers/TestSink.cpp)
+target_sources(
+    xrpl.helpers.test
+    PRIVATE helpers/Account.cpp helpers/TestSink.cpp helpers/TxTest.cpp
+)
 target_include_directories(xrpl.helpers.test PUBLIC ${CMAKE_CURRENT_SOURCE_DIR})
-target_link_libraries(xrpl.helpers.test PRIVATE xrpl.libxrpl)
+target_link_libraries(xrpl.helpers.test PUBLIC xrpl.libxrpl gtest::gtest)
 
 # Common library dependencies for the rest of the tests.
 add_library(xrpl.imports.test INTERFACE)
@@ -32,6 +35,10 @@ xrpl_add_test(json)
 target_link_libraries(xrpl.test.json PRIVATE xrpl.imports.test)
 add_dependencies(xrpl.tests xrpl.test.json)
 
+xrpl_add_test(tx)
+target_link_libraries(xrpl.test.tx PRIVATE xrpl.imports.test)
+add_dependencies(xrpl.tests xrpl.test.tx)
+
 xrpl_add_test(protocol_autogen)
 target_link_libraries(xrpl.test.protocol_autogen PRIVATE xrpl.imports.test)
 add_dependencies(xrpl.tests xrpl.test.protocol_autogen)

src/tests/libxrpl/helpers/Account.cpp

@@ -0,0 +1,19 @@
+#include <helpers/Account.h>
+
+#include <xrpl/protocol/KeyType.h>
+#include <xrpl/protocol/PublicKey.h>
+#include <xrpl/protocol/SecretKey.h>
+#include <xrpl/protocol/Seed.h>
+
+namespace xrpl::test {
+
+Account const Account::master{"masterpassphrase"};
+
+Account::Account(std::string_view name, KeyType type)
+    : name_(name)
+    , keyPair_(generateKeyPair(type, generateSeed(name_)))
+    , id_(calcAccountID(keyPair_.first))
+{
+}
+
+}  // namespace xrpl::test

src/tests/libxrpl/helpers/Account.h

@@ -0,0 +1,81 @@
+#pragma once
+
+#include <xrpl/protocol/AccountID.h>
+#include <xrpl/protocol/KeyType.h>
+#include <xrpl/protocol/PublicKey.h>
+#include <xrpl/protocol/SecretKey.h>
+
+#include <string>
+#include <string_view>
+#include <utility>
+
+namespace xrpl::test {
+
+/**
+ * @brief A test account with cryptographic keys.
+ *
+ * Generates keys deterministically from a name, making tests reproducible.
+ * The same name always produces the same AccountID and keys.
+ */
+class Account
+{
+public:
+    /**
+     * @brief The master account that holds all XRP in genesis.
+     *
+     * This account is created in the genesis ledger with all 100 billion XRP.
+     * It uses the well-known seed "masterpassphrase".
+     */
+    static Account const master;
+
+    /**
+     * @brief Create an account from a name.
+     *
+     * Keys are derived deterministically from the name.
+     *
+     * @param name Human-readable name for the account.
+     * @param type Key type to use (defaults to secp256k1).
+     */
+    explicit Account(std::string_view name, KeyType type = KeyType::secp256k1);
+
+    /** @brief Return the human-readable name. */
+    std::string const&
+    name() const noexcept
+    {
+        return name_;
+    }
+
+    /** @brief Return the AccountID. */
+    AccountID const&
+    id() const noexcept
+    {
+        return id_;
+    }
+
+    /** @brief Return the public key. */
+    PublicKey const&
+    pk() const noexcept
+    {
+        return keyPair_.first;
+    }
+
+    /** @brief Return the secret key. */
+    SecretKey const&
+    sk() const noexcept
+    {
+        return keyPair_.second;
+    }
+
+    /** @brief Implicit conversion to AccountID. */
+    operator AccountID const&() const noexcept
+    {
+        return id_;
+    }
+
+private:
+    std::string name_;
+    std::pair<PublicKey, SecretKey> keyPair_;
+    AccountID id_;
+};
+
+}  // namespace xrpl::test

src/tests/libxrpl/helpers/IOU.h

@@ -0,0 +1,132 @@
+#pragma once
+
+#include <xrpl/basics/Number.h>
+#include <xrpl/protocol/Asset.h>
+#include <xrpl/protocol/Issue.h>
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/UintTypes.h>
+
+#include <helpers/Account.h>
+
+#include <concepts>
+#include <string>
+#include <string_view>
+#include <type_traits>
+
+namespace xrpl::test {
+
+/**
+ * @brief Represents an IOU (issued currency) for testing.
+ *
+ * Provides a clear, explicit API for creating currencies issued by an account.
+ * This replaces the cryptic `Account::operator[]` from the jtx framework.
+ *
+ * @code
+ *     Account gw("gateway");
+ *     IOU USD("USD", gw);
+ *
+ *     auto issue = USD.issue();      // Get the Issue
+ *     auto asset = USD.asset();      // Get the Asset
+ *     auto amt = USD.amount(100);    // Get STAmount of 100 USD
+ * @endcode
+ */
+class IOU
+{
+public:
+    /**
+     * @brief Construct an IOU from a currency code and issuing account.
+     * @param currencyCode A 3-character ISO currency code (e.g., "USD").
+     * @param issuer The account that issues this currency.
+     */
+    IOU(std::string_view currencyCode, Account const& issuer)
+        : currency_(to_currency(std::string(currencyCode))), issuer_(issuer.id())
+    {
+        XRPL_ASSERT(!isXRP(currency_), "IOU: currency code must not resolve to XRP");
+    }
+
+    /**
+     * @brief Construct an IOU from a Currency and issuing account.
+     * @param currency The Currency object.
+     * @param issuer The account that issues this currency.
+     */
+    IOU(Currency currency, Account const& issuer)
+        : currency_(std::move(currency)), issuer_(issuer.id())
+    {
+        XRPL_ASSERT(!isXRP(currency_), "IOU: currency code must not resolve to XRP");
+    }
+
+    /**
+     * @brief Get the Issue (currency + issuer pair).
+     * @return An Issue object representing this IOU.
+     */
+    [[nodiscard]] Issue
+    issue() const
+    {
+        return Issue{currency_, issuer_};
+    }
+
+    /**
+     * @brief Get the Asset.
+     * @return An Asset object representing this IOU.
+     */
+    [[nodiscard]] Asset
+    asset() const
+    {
+        return Asset{issue()};
+    }
+
+    /**
+     * @brief Create an STAmount of this IOU.
+     *
+     * Works with any arithmetic type (int, double, etc.) by converting
+     * to string and parsing. This matches the jtx IOU behaviour.
+     *
+     * @tparam T An arithmetic type.
+     * @param value The amount as any arithmetic type.
+     * @return An STAmount representing value units of this IOU.
+     */
+    template <typename T>
+        requires std::is_arithmetic_v<T>
+    [[nodiscard]] STAmount
+    amount(T value) const
+    {
+        return amountFromString(issue(), to_string(value));
+    }
+
+    /**
+     * @brief Create an STAmount of this IOU from a Number.
+     * @param value The amount as a Number.
+     * @return An STAmount representing value units of this IOU.
+     */
+    [[nodiscard]] STAmount
+    amount(Number const& value) const
+    {
+        return STAmount{issue(), value};
+    }
+
+    /**
+     * @brief Get the currency.
+     * @return The currency.
+     */
+    [[nodiscard]] Currency const&
+    currency() const
+    {
+        return currency_;
+    }
+
+    /**
+     * @brief Get the issuer account ID.
+     * @return The issuer's AccountID.
+     */
+    [[nodiscard]] AccountID const&
+    issuer() const
+    {
+        return issuer_;
+    }
+
+private:
+    Currency currency_;
+    AccountID issuer_;
+};
+
+}  // namespace xrpl::test

src/tests/libxrpl/helpers/TestFamily.h

@@ -0,0 +1,111 @@
+#pragma once
+
+#include <xrpl/basics/chrono.h>
+#include <xrpl/nodestore/DummyScheduler.h>
+#include <xrpl/nodestore/Manager.h>
+#include <xrpl/shamap/Family.h>
+
+#include <memory>
+
+namespace xrpl {
+namespace test {
+
+/** Test implementation of Family for unit tests.
+
+    Uses an in-memory NodeStore database and simple caches.
+    The missingNode methods throw since tests shouldn't encounter missing nodes.
+*/
+class TestFamily : public Family
+{
+private:
+    std::unique_ptr<NodeStore::Database> db_;
+    TestStopwatch clock_;
+    std::shared_ptr<FullBelowCache> fbCache_;
+    std::shared_ptr<TreeNodeCache> tnCache_;
+    NodeStore::DummyScheduler scheduler_;
+    beast::Journal j_;
+
+public:
+    explicit TestFamily(beast::Journal j)
+        : fbCache_(std::make_shared<FullBelowCache>("TestFamily full below cache", clock_, j))
+        , tnCache_(
+              std::make_shared<TreeNodeCache>(
+                  "TestFamily tree node cache",
+                  65536,
+                  std::chrono::minutes{1},
+                  clock_,
+                  j))
+        , j_(j)
+    {
+        Section config;
+        config.set("type", "memory");
+        config.set("path", "TestFamily");
+        db_ = NodeStore::Manager::instance().make_Database(megabytes(4), scheduler_, 1, config, j);
+    }
+
+    NodeStore::Database&
+    db() override
+    {
+        return *db_;
+    }
+
+    NodeStore::Database const&
+    db() const override
+    {
+        return *db_;
+    }
+
+    beast::Journal const&
+    journal() override
+    {
+        return j_;
+    }
+
+    std::shared_ptr<FullBelowCache>
+    getFullBelowCache() override
+    {
+        return fbCache_;
+    }
+
+    std::shared_ptr<TreeNodeCache>
+    getTreeNodeCache() override
+    {
+        return tnCache_;
+    }
+
+    void
+    sweep() override
+    {
+        fbCache_->sweep();
+        tnCache_->sweep();
+    }
+
+    void
+    missingNodeAcquireBySeq(std::uint32_t refNum, uint256 const& nodeHash) override
+    {
+        Throw<std::runtime_error>("TestFamily: missing node (by seq)");
+    }
+
+    void
+    missingNodeAcquireByHash(uint256 const& refHash, std::uint32_t refNum) override
+    {
+        Throw<std::runtime_error>("TestFamily: missing node (by hash)");
+    }
+
+    void
+    reset() override
+    {
+        fbCache_->reset();
+        tnCache_->reset();
+    }
+
+    /** Access the test clock for time manipulation in tests. */
+    TestStopwatch&
+    clock()
+    {
+        return clock_;
+    }
+};
+
+}  // namespace test
+}  // namespace xrpl

src/tests/libxrpl/helpers/TestServiceRegistry.h

@@ -0,0 +1,378 @@
+#pragma once
+
+#include <xrpl/basics/Log.h>
+#include <xrpl/basics/chrono.h>
+#include <xrpl/core/HashRouter.h>
+#include <xrpl/core/NetworkIDService.h>
+#include <xrpl/core/ServiceRegistry.h>
+#include <xrpl/ledger/PendingSaves.h>
+#include <xrpl/server/LoadFeeTrack.h>
+
+#include <boost/asio/io_context.hpp>
+
+#include <helpers/TestFamily.h>
+#include <helpers/TestSink.h>
+
+#include <optional>
+#include <stdexcept>
+
+namespace xrpl {
+namespace test {
+
+/** Logs implementation that creates TestSink instances. */
+class TestLogs : public Logs
+{
+public:
+    explicit TestLogs(beast::severities::Severity level = beast::severities::kWarning) : Logs(level)
+    {
+    }
+
+    std::unique_ptr<beast::Journal::Sink>
+    makeSink(std::string const&, beast::severities::Severity threshold) override
+    {
+        return std::make_unique<TestSink>(threshold);
+    }
+};
+
+/** Simple NetworkIDService implementation for tests. */
+class TestNetworkIDService final : public NetworkIDService
+{
+public:
+    explicit TestNetworkIDService(std::uint32_t networkID = 0) : networkID_(networkID)
+    {
+    }
+
+    [[nodiscard]] std::uint32_t
+    getNetworkID() const noexcept override
+    {
+        return networkID_;
+    }
+
+private:
+    std::uint32_t networkID_;
+};
+
+/** Test implementation of ServiceRegistry for unit tests.
+
+    This class provides real implementations for services that can be
+    instantiated from libxrpl (such as Logs, io_context, caches), and
+    throws std::logic_error for services that require the full Application.
+
+    Tests can subclass this to provide additional services they need.
+*/
+class TestServiceRegistry : public ServiceRegistry
+{
+    TestLogs logs_{beast::severities::kWarning};
+    boost::asio::io_context io_context_;
+    TestFamily family_{logs_.journal("TestFamily")};
+    LoadFeeTrack feeTrack_{logs_.journal("LoadFeeTrack")};
+    TestNetworkIDService networkIDService_;
+    HashRouter hashRouter_{HashRouter::Setup{}, stopwatch()};
+    NodeCache tempNodeCache_{
+        "TempNodeCache",
+        16384,
+        std::chrono::minutes{1},
+        stopwatch(),
+        logs_.journal("TaggedCache")};
+    CachedSLEs cachedSLEs_{
+        "CachedSLEs",
+        16384,
+        std::chrono::minutes{1},
+        stopwatch(),
+        logs_.journal("TaggedCache")};
+    PendingSaves pendingSaves_;
+    std::optional<uint256> trapTxID_;
+
+public:
+    TestServiceRegistry() = default;
+    ~TestServiceRegistry() override = default;
+
+    // Core infrastructure services
+    CollectorManager&
+    getCollectorManager() override
+    {
+        throw std::logic_error("TestServiceRegistry::getCollectorManager() not implemented");
+    }
+
+    Family&
+    getNodeFamily() override
+    {
+        return family_;
+    }
+
+    TimeKeeper&
+    getTimeKeeper() override
+    {
+        throw std::logic_error("TestServiceRegistry::timeKeeper() not implemented");
+    }
+
+    JobQueue&
+    getJobQueue() override
+    {
+        throw std::logic_error("TestServiceRegistry::getJobQueue() not implemented");
+    }
+
+    NodeCache&
+    getTempNodeCache() override
+    {
+        return tempNodeCache_;
+    }
+
+    CachedSLEs&
+    getCachedSLEs() override
+    {
+        return cachedSLEs_;
+    }
+
+    NetworkIDService&
+    getNetworkIDService() override
+    {
+        return networkIDService_;
+    }
+
+    // Protocol and validation services
+    AmendmentTable&
+    getAmendmentTable() override
+    {
+        throw std::logic_error("TestServiceRegistry::getAmendmentTable() not implemented");
+    }
+
+    HashRouter&
+    getHashRouter() override
+    {
+        return hashRouter_;
+    }
+
+    LoadFeeTrack&
+    getFeeTrack() override
+    {
+        return feeTrack_;
+    }
+
+    LoadManager&
+    getLoadManager() override
+    {
+        throw std::logic_error("TestServiceRegistry::getLoadManager() not implemented");
+    }
+
+    RCLValidations&
+    getValidations() override
+    {
+        throw std::logic_error("TestServiceRegistry::getValidations() not implemented");
+    }
+
+    ValidatorList&
+    getValidators() override
+    {
+        throw std::logic_error("TestServiceRegistry::validators() not implemented");
+    }
+
+    ValidatorSite&
+    getValidatorSites() override
+    {
+        throw std::logic_error("TestServiceRegistry::validatorSites() not implemented");
+    }
+
+    ManifestCache&
+    getValidatorManifests() override
+    {
+        throw std::logic_error("TestServiceRegistry::validatorManifests() not implemented");
+    }
+
+    ManifestCache&
+    getPublisherManifests() override
+    {
+        throw std::logic_error("TestServiceRegistry::publisherManifests() not implemented");
+    }
+
+    // Network services
+    Overlay&
+    getOverlay() override
+    {
+        throw std::logic_error("TestServiceRegistry::overlay() not implemented");
+    }
+
+    Cluster&
+    getCluster() override
+    {
+        throw std::logic_error("TestServiceRegistry::cluster() not implemented");
+    }
+
+    PeerReservationTable&
+    getPeerReservations() override
+    {
+        throw std::logic_error("TestServiceRegistry::peerReservations() not implemented");
+    }
+
+    Resource::Manager&
+    getResourceManager() override
+    {
+        throw std::logic_error("TestServiceRegistry::getResourceManager() not implemented");
+    }
+
+    // Storage services
+    NodeStore::Database&
+    getNodeStore() override
+    {
+        throw std::logic_error("TestServiceRegistry::getNodeStore() not implemented");
+    }
+
+    SHAMapStore&
+    getSHAMapStore() override
+    {
+        throw std::logic_error("TestServiceRegistry::getSHAMapStore() not implemented");
+    }
+
+    RelationalDatabase&
+    getRelationalDatabase() override
+    {
+        throw std::logic_error("TestServiceRegistry::getRelationalDatabase() not implemented");
+    }
+
+    // Ledger services
+    InboundLedgers&
+    getInboundLedgers() override
+    {
+        throw std::logic_error("TestServiceRegistry::getInboundLedgers() not implemented");
+    }
+
+    InboundTransactions&
+    getInboundTransactions() override
+    {
+        throw std::logic_error("TestServiceRegistry::getInboundTransactions() not implemented");
+    }
+
+    TaggedCache<uint256, AcceptedLedger>&
+    getAcceptedLedgerCache() override
+    {
+        throw std::logic_error("TestServiceRegistry::getAcceptedLedgerCache() not implemented");
+    }
+
+    LedgerMaster&
+    getLedgerMaster() override
+    {
+        throw std::logic_error("TestServiceRegistry::getLedgerMaster() not implemented");
+    }
+
+    LedgerCleaner&
+    getLedgerCleaner() override
+    {
+        throw std::logic_error("TestServiceRegistry::getLedgerCleaner() not implemented");
+    }
+
+    LedgerReplayer&
+    getLedgerReplayer() override
+    {
+        throw std::logic_error("TestServiceRegistry::getLedgerReplayer() not implemented");
+    }
+
+    PendingSaves&
+    getPendingSaves() override
+    {
+        return pendingSaves_;
+    }
+
+    OpenLedger&
+    getOpenLedger() override
+    {
+        throw std::logic_error("TestServiceRegistry::openLedger() not implemented");
+    }
+
+    OpenLedger const&
+    getOpenLedger() const override
+    {
+        throw std::logic_error("TestServiceRegistry::openLedger() const not implemented");
+    }
+
+    // Transaction and operation services
+    NetworkOPs&
+    getOPs() override
+    {
+        throw std::logic_error("TestServiceRegistry::getOPs() not implemented");
+    }
+
+    OrderBookDB&
+    getOrderBookDB() override
+    {
+        throw std::logic_error("TestServiceRegistry::getOrderBookDB() not implemented");
+    }
+
+    TransactionMaster&
+    getMasterTransaction() override
+    {
+        throw std::logic_error("TestServiceRegistry::getMasterTransaction() not implemented");
+    }
+
+    TxQ&
+    getTxQ() override
+    {
+        throw std::logic_error("TestServiceRegistry::getTxQ() not implemented");
+    }
+
+    PathRequestManager&
+    getPathRequestManager() override
+    {
+        throw std::logic_error("TestServiceRegistry::getPathRequestManager() not implemented");
+    }
+
+    // Server services
+    ServerHandler&
+    getServerHandler() override
+    {
+        throw std::logic_error("TestServiceRegistry::getServerHandler() not implemented");
+    }
+
+    perf::PerfLog&
+    getPerfLog() override
+    {
+        throw std::logic_error("TestServiceRegistry::getPerfLog() not implemented");
+    }
+
+    // Configuration and state
+    bool
+    isStopping() const override
+    {
+        return false;
+    }
+
+    beast::Journal
+    getJournal(std::string const& name) override
+    {
+        return logs_.journal(name);
+    }
+
+    boost::asio::io_context&
+    getIOContext() override
+    {
+        return io_context_;
+    }
+
+    Logs&
+    getLogs() override
+    {
+        return logs_;
+    }
+
+    std::optional<uint256> const&
+    getTrapTxID() const override
+    {
+        return trapTxID_;
+    }
+
+    DatabaseCon&
+    getWalletDB() override
+    {
+        throw std::logic_error("TestServiceRegistry::getWalletDB() not implemented");
+    }
+
+    // Temporary: Get the underlying Application
+    Application&
+    getApp() override
+    {
+        throw std::logic_error(
+            "TestServiceRegistry::app() not implemented - no Application available in tests");
+    }
+};
+
+}  // namespace test
+}  // namespace xrpl

src/tests/libxrpl/helpers/TxTest.cpp

@@ -0,0 +1,252 @@
+#include <helpers/TxTest.h>
+
+#include <xrpl/basics/base_uint.h>
+#include <xrpl/basics/chrono.h>
+#include <xrpl/basics/contract.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/CanonicalTXSet.h>
+#include <xrpl/ledger/Ledger.h>
+#include <xrpl/ledger/OpenView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/AccountID.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Fees.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/TER.h>
+#include <xrpl/protocol_autogen/ledger_entries/AccountRoot.h>
+#include <xrpl/protocol_autogen/ledger_entries/RippleState.h>
+#include <xrpl/protocol_autogen/transactions/AccountSet.h>
+#include <xrpl/protocol_autogen/transactions/Payment.h>
+#include <xrpl/tx/apply.h>
+
+#include <helpers/Account.h>
+#include <helpers/IOU.h>
+
+#include <cstdint>
+#include <memory>
+#include <optional>
+#include <stdexcept>
+#include <utility>
+#include <vector>
+
+namespace xrpl::test {
+
+//------------------------------------------------------------------------------
+// Feature helpers
+//------------------------------------------------------------------------------
+
+FeatureBitset
+allFeatures()
+{
+    static FeatureBitset const features = [] {
+        auto const& sa = allAmendments();
+        std::vector<uint256> feats;
+        feats.reserve(sa.size());
+        for ([[maybe_unused]] auto const& [name, _] : sa)
+        {
+            if (auto const f = getRegisteredFeature(name); f.has_value())
+                feats.push_back(*f);
+        }
+        return FeatureBitset(feats);
+    }();
+    return features;
+}
+
+//------------------------------------------------------------------------------
+// TxTest
+//------------------------------------------------------------------------------
+
+TxTest::TxTest(std::optional<FeatureBitset> features)
+{
+    // Convert FeatureBitset to unordered_set for Rules constructor
+    auto const featureBits = features.value_or(allFeatures());
+    foreachFeature(featureBits, [&](uint256 const& f) { featureSet_.insert(f); });
+
+    // Create rules with the specified features
+    rules_.emplace(featureSet_);
+
+    // Default fees for testing
+    Fees const fees{XRPAmount{10}, XRPAmount{10000000}, XRPAmount{2000000}};
+
+    // Create a genesis ledger as the base
+    closedLedger_ = std::make_shared<Ledger>(
+        create_genesis,
+        // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+        *rules_,
+        fees,
+        std::vector<uint256>{featureSet_.begin(), featureSet_.end()},
+        registry_.getNodeFamily());
+
+    // Initialize time from the genesis ledger
+    now_ = closedLedger_->header().closeTime;
+
+    // Create an open view on top of the genesis ledger
+    openLedger_ =
+        std::make_shared<OpenView>(open_ledger, closedLedger_.get(), *rules_, closedLedger_);
+}
+
+bool
+TxTest::isEnabled(uint256 const& feature) const
+{
+    // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+    return rules_->enabled(feature);
+}
+
+Rules const&
+TxTest::getRules() const
+{
+    // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+    return *rules_;
+}
+
+[[nodiscard]] TxResult
+TxTest::submit(std::shared_ptr<STTx const> stx)
+{
+    auto result = apply(registry_, *openLedger_, *stx, tapNONE, registry_.getJournal("apply"));
+
+    // Track successfully applied transactions for canonical reordering on close
+    // We make a copy since the TransactionBase doesn't own the STTx
+    if (result.applied)
+        pendingTxs_.push_back(stx);
+
+    return TxResult{
+        .ter = result.ter,
+        .applied = result.applied,
+        .metadata = std::move(result).metadata,
+        .tx = std::move(stx)};
+}
+
+void
+TxTest::createAccount(Account const& account, XRPAmount xrp, uint32_t accountFlags)
+{
+    auto const paymentTer =
+        submit(transactions::PaymentBuilder{Account::master, account, xrp}, Account::master).ter;
+
+    if (paymentTer != tesSUCCESS)
+    {
+        throw std::runtime_error("TxTest::createAccount: failed to create account");
+    }
+
+    close();
+
+    if (accountFlags != 0)
+    {
+        auto const accountSetTer =
+            submit(transactions::AccountSetBuilder{account}.setSetFlag(accountFlags), account).ter;
+        if (accountSetTer != tesSUCCESS)
+        {
+            throw std::runtime_error("TxTest::createAccount: failed to set account flags");
+        }
+        close();
+    }
+}
+
+ledger_entries::AccountRoot
+TxTest::getAccountRoot(AccountID const& id) const
+{
+    auto const sle = getOpenLedger().read(keylet::account(id));
+    if (!sle)
+        Throw<std::runtime_error>("TxTest::getAccountRoot: account not found");
+    return ledger_entries::AccountRoot{std::const_pointer_cast<SLE const>(sle)};
+}
+
+OpenView&
+TxTest::getOpenLedger()
+{
+    return *openLedger_;
+}
+
+OpenView const&
+TxTest::getOpenLedger() const
+{
+    return *openLedger_;
+}
+
+ReadView const&
+TxTest::getClosedLedger() const
+{
+    return *closedLedger_;
+}
+
+void
+TxTest::close()
+{
+    // Build a new closed ledger from the previous closed ledger,
+    // similar to how buildLedgerImpl works:
+    // 1. Create a new Ledger from the previous closed ledger
+    // 2. Re-apply transactions in canonical order
+    // 3. Mark it as accepted/immutable
+
+    auto const& prevLedger = *closedLedger_;
+
+    auto const ledgerCloseTime = now_ + prevLedger.header().closeTimeResolution;
+
+    now_ = ledgerCloseTime;
+
+    auto newLedger = std::make_shared<Ledger>(prevLedger, ledgerCloseTime);
+
+    CanonicalTXSet txSet(prevLedger.header().hash);
+    for (auto const& tx : pendingTxs_)
+        txSet.insert(tx);
+
+    {
+        OpenView accum(&*newLedger);
+        for (auto const& [key, tx] : txSet)
+        {
+            auto result = apply(registry_, accum, *tx, tapNONE, registry_.getJournal("apply"));
+            if (!result.applied)
+            {
+                throw std::runtime_error("TxTest::close: failed to apply transaction");
+            }
+        }
+        accum.apply(*newLedger);
+    }
+
+    newLedger->setAccepted(ledgerCloseTime, newLedger->header().closeTimeResolution, true);
+
+    closedLedger_ = newLedger;
+
+    pendingTxs_.clear();
+
+    openLedger_ =
+        // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+        std::make_shared<OpenView>(open_ledger, closedLedger_.get(), *rules_, closedLedger_);
+}
+
+void
+TxTest::advanceTime(NetClock::duration duration)
+{
+    now_ += duration;
+}
+
+NetClock::time_point
+TxTest::getCloseTime() const
+{
+    return now_;
+}
+
+STAmount
+TxTest::getBalance(AccountID const& account, IOU const& iou) const
+{
+    auto const sle = openLedger_->read(keylet::line(account, iou.issue()));
+    if (!sle)
+        return STAmount{iou.issue(), 0};
+
+    auto const rippleState = ledger_entries::RippleState{sle};
+
+    auto balance = rippleState.getBalance();
+    if (iou.issue().account == account)
+    {
+        throw std::logic_error("TxTest::getBalance: account is issuer");
+    }
+
+    balance.get<Issue>().account = iou.issue().account;
+    if (account > iou.issue().account)
+        balance.negate();
+    return balance;
+}
+
+}  // namespace xrpl::test

src/tests/libxrpl/helpers/TxTest.h

@@ -0,0 +1,364 @@
+#pragma once
+
+#include <xrpl/basics/Number.h>
+#include <xrpl/basics/chrono.h>
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/core/ServiceRegistry.h>
+#include <xrpl/ledger/ApplyViewImpl.h>
+#include <xrpl/ledger/Ledger.h>
+#include <xrpl/ledger/OpenView.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/LedgerFormats.h>
+#include <xrpl/protocol/Rules.h>
+#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/TER.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/protocol/XRPAmount.h>
+#include <xrpl/protocol_autogen/TransactionBuilderBase.h>
+#include <xrpl/protocol_autogen/ledger_entries/AccountRoot.h>
+#include <xrpl/tx/applySteps.h>
+
+#include <helpers/Account.h>
+#include <helpers/IOU.h>
+#include <helpers/TestServiceRegistry.h>
+
+#include <cmath>
+#include <concepts>
+#include <memory>
+#include <optional>
+#include <stdexcept>
+#include <type_traits>
+#include <unordered_set>
+#include <vector>
+
+namespace xrpl::test {
+
+//------------------------------------------------------------------------------
+// Amount helpers
+//------------------------------------------------------------------------------
+
+/**
+ * @brief Convert XRP to drops (integral types).
+ * @param xrp The amount in XRP.
+ * @return The equivalent amount in drops as XRPAmount.
+ */
+template <std::integral T>
+constexpr XRPAmount
+XRP(T xrp)
+{
+    return XRPAmount{static_cast<std::int64_t>(xrp) * DROPS_PER_XRP.drops()};
+}
+
+/**
+ * @brief Convert XRP to drops (floating point types).
+ * @param xrp The amount in XRP (may be fractional).
+ * @return The equivalent amount in drops as XRPAmount.
+ */
+template <std::floating_point T>
+XRPAmount
+XRP(T xrp)
+{
+    return XRPAmount{static_cast<std::int64_t>(std::round(xrp * DROPS_PER_XRP.drops()))};
+}
+
+/**
+ * @brief Convert XRP to drops (Number type).
+ * @param xrp The amount in XRP as a Number.
+ * @return The equivalent amount in drops as XRPAmount.
+ */
+inline XRPAmount
+XRP(Number const& xrp)
+{
+    return XRPAmount{static_cast<std::int64_t>(xrp * DROPS_PER_XRP.drops())};
+}
+
+//------------------------------------------------------------------------------
+// Flag helpers
+//------------------------------------------------------------------------------
+
+/**
+ * @brief Convert AccountSet flag (asf) to LedgerState flag (lsf).
+ * @param asf The AccountSet flag value.
+ * @return The corresponding LedgerState flag.
+ * @throws std::runtime_error if the flag is not supported.
+ *
+ * Supported flags:
+ *   asfRequireDest, asfRequireAuth, asfDisallowXRP, asfDisableMaster,
+ *   asfNoFreeze, asfGlobalFreeze, asfDefaultRipple, asfDepositAuth,
+ *   asfAllowTrustLineClawback, asfDisallowIncomingCheck,
+ *   asfDisallowIncomingNFTokenOffer, asfDisallowIncomingPayChan,
+ *   asfDisallowIncomingTrustline, asfAllowTrustLineLocking
+ */
+constexpr std::uint32_t
+asfToLsf(std::uint32_t asf)
+{
+    switch (asf)
+    {
+        case asfRequireDest:
+            return lsfRequireDestTag;
+        case asfRequireAuth:
+            return lsfRequireAuth;
+        case asfDisallowXRP:
+            return lsfDisallowXRP;
+        case asfDisableMaster:
+            return lsfDisableMaster;
+        case asfNoFreeze:
+            return lsfNoFreeze;
+        case asfGlobalFreeze:
+            return lsfGlobalFreeze;
+        case asfDefaultRipple:
+            return lsfDefaultRipple;
+        case asfDepositAuth:
+            return lsfDepositAuth;
+        case asfAllowTrustLineClawback:
+            return lsfAllowTrustLineClawback;
+        case asfDisallowIncomingCheck:
+            return lsfDisallowIncomingCheck;
+        case asfDisallowIncomingNFTokenOffer:
+            return lsfDisallowIncomingNFTokenOffer;
+        case asfDisallowIncomingPayChan:
+            return lsfDisallowIncomingPayChan;
+        case asfDisallowIncomingTrustline:
+            return lsfDisallowIncomingTrustline;
+        case asfAllowTrustLineLocking:
+            return lsfAllowTrustLineLocking;
+        default:
+            throw std::runtime_error("Unknown asf flag");
+    }
+}
+
+//------------------------------------------------------------------------------
+// Feature helpers
+//------------------------------------------------------------------------------
+
+/**
+ * @brief Returns all testable amendments.
+ * @note This is similar to jtx::testable_amendments() but for the TxTest framework.
+ */
+FeatureBitset
+allFeatures();
+
+//------------------------------------------------------------------------------
+// TxResult
+//------------------------------------------------------------------------------
+
+/**
+ * @brief Result of a transaction submission in TxTest.
+ *
+ * Contains the TER code, whether the transaction was applied,
+ * optional metadata, and a reference to the submitted transaction.
+ * Use standard gtest macros (EXPECT_EQ, EXPECT_TRUE, etc.) to verify results.
+ */
+struct TxResult
+{
+    TER ter;                        /**< The transaction engine result code. */
+    bool applied;                   /**< Whether the transaction was applied to the ledger. */
+    std::optional<TxMeta> metadata; /**< Transaction metadata, if available. */
+    std::shared_ptr<STTx const> tx; /**< Pointer to the submitted transaction. */
+};
+
+/**
+ * @brief A lightweight transaction testing harness.
+ *
+ * Unlike the JTx framework which requires a full Application and RPC layer,
+ * TxTest applies transactions directly to an OpenView using the transactor
+ * pipeline (preflight -> preclaim -> doApply).
+ *
+ * This makes it suitable for:
+ * - Unit testing individual transactors
+ * - Testing transaction validation logic
+ * - Fast, focused tests without full server infrastructure
+ *
+ * @code
+ *     TxTest env;
+ *     env.submit(paymentTx).expectSuccess();
+ *     env.submit(badTx).expectTer(tecNO_ENTRY);
+ * @endcode
+ */
+class TxTest
+{
+public:
+    /**
+     * @brief Construct a TxTest environment.
+     *
+     * Creates a genesis ledger and an open view on top of it.
+     *
+     * @param features Optional set of features to enable. If not specified,
+     *                 uses all testable amendments.
+     */
+    explicit TxTest(std::optional<FeatureBitset> features = std::nullopt);
+
+    /**
+     * @brief Check if a feature is enabled.
+     * @param feature The feature to check.
+     * @return True if the feature is enabled.
+     */
+    [[nodiscard]] bool
+    isEnabled(uint256 const& feature) const;
+
+    /**
+     * @brief Get the current rules.
+     * @return The current consensus rules.
+     */
+    [[nodiscard]] Rules const&
+    getRules() const;
+
+    /**
+     * @brief Submit a transaction from a builder.
+     *
+     * Convenience overload that accepts transaction builders.
+     * Automatically sets sequence and fee before submission.
+     *
+     * @tparam T A type derived from TransactionBuilderBase.
+     * @param builder The transaction builder.
+     * @param signer The account to sign with.
+     * @return TxResult containing the result code, applied status, and metadata.
+     */
+    template <typename T>
+        requires std::
+            derived_from<std::decay_t<T>, transactions::TransactionBuilderBase<std::decay_t<T>>>
+        [[nodiscard]] TxResult
+        submit(T&& builder, Account const& signer)
+    {
+        auto const& obj = builder.getSTObject();
+        auto accountId = obj[sfAccount];
+        // Only set sequence if not using a ticket (ticket sets sequence to 0)
+        if (!obj.isFieldPresent(sfTicketSequence))
+        {
+            builder.setSequence(getAccountRoot(accountId).getSequence());
+        }
+        else
+        {
+            builder.setSequence(0);
+        }
+        builder.setFee(XRPAmount(10));
+        return submit(builder.build(signer.pk(), signer.sk()).getSTTx());
+    }
+
+    /**
+     * @brief Submit a transaction to the open ledger.
+     *
+     * Applies the transaction through the full transactor pipeline:
+     * preflight -> preclaim -> doApply -> invariant checks
+     *
+     * Invariant checks are automatically run after doApply. If any
+     * invariant fails, the result will be tecINVARIANT_FAILED.
+     *
+     * @param stx The transaction to submit.
+     * @return TxResult containing the result code, applied status, and metadata.
+     */
+    [[nodiscard]] TxResult
+    submit(std::shared_ptr<STTx const> stx);
+
+    /**
+     * @brief Create a new account in the ledger.
+     *
+     * Sends a Payment from the master account to create and fund the account.
+     * Closes the ledger after creation. If accountFlags is non-zero, submits
+     * an AccountSet transaction and closes again.
+     *
+     * @param account The account to create.
+     * @param xrp The initial XRP balance.
+     * @param accountFlags Optional account flags to set. Defaults to 0
+     *        (no flags).
+     */
+    void
+    createAccount(Account const& account, XRPAmount xrp, uint32_t accountFlags = 0);
+
+    /**
+     * @brief Get the account root object from the current open ledger.
+     * @param id The account ID.
+     * @return The AccountRoot ledger entry.
+     * @throws std::runtime_error if the account does not exist.
+     * @todo Once we make keylet strongly typed, we can ditch this method.
+     */
+    [[nodiscard]] ledger_entries::AccountRoot
+    getAccountRoot(AccountID const& id) const;
+
+    /**
+     * @brief Get the current open ledger view.
+     * @return A mutable reference to the open ledger.
+     */
+    [[nodiscard]] OpenView&
+    getOpenLedger();
+
+    /**
+     * @brief Get the current open ledger view (const).
+     * @return A const reference to the open ledger.
+     */
+    [[nodiscard]] OpenView const&
+    getOpenLedger() const;
+
+    /**
+     * @brief Get the closed (base) ledger view.
+     * @return A const reference to the closed ledger.
+     */
+    [[nodiscard]] ReadView const&
+    getClosedLedger() const;
+
+    /**
+     * @brief Close the current ledger.
+     *
+     * Creates a new closed ledger from the current open ledger.
+     * All pending transactions are re-applied in canonical order.
+     */
+    void
+    close();
+
+    /**
+     * @brief Advance time without closing the ledger.
+     *
+     * Useful for testing time-dependent features like escrow release
+     * times or offer expirations.
+     *
+     * @param duration The amount of time to advance.
+     */
+    void
+    advanceTime(NetClock::duration duration);
+
+    /**
+     * @brief Get the current ledger close time.
+     * @return The current close time.
+     */
+    [[nodiscard]] NetClock::time_point
+    getCloseTime() const;
+
+    /**
+     * @brief Get the balance of an IOU for an account.
+     *
+     * Returns the balance from the perspective of the specified account.
+     * If the trust line doesn't exist, returns zero.
+     *
+     * @param account The account to check.
+     * @param iou The IOU to check the balance for.
+     * @return The balance as an STAmount.
+     * @todo Once we make keylet strongly typed, we can ditch this method.
+     */
+    [[nodiscard]] STAmount
+    getBalance(AccountID const& account, IOU const& iou) const;
+
+    /**
+     * @brief Get the service registry.
+     * @return A reference to the service registry.
+     */
+    ServiceRegistry&
+    getServiceRegistry()
+    {
+        return registry_;
+    }
+
+private:
+    TestServiceRegistry registry_;
+    std::unordered_set<uint256, beast::uhash<>> featureSet_;
+    std::optional<Rules> rules_;
+    std::shared_ptr<Ledger const> closedLedger_;
+    std::shared_ptr<OpenView> openLedger_;
+
+    /** Transactions submitted to the open ledger, for canonical reordering on close. */
+    std::vector<std::shared_ptr<STTx const>> pendingTxs_;
+
+    /** Current time (can be advanced arbitrarily for testing). */
+    NetClock::time_point now_;
+};
+
+}  // namespace xrpl::test

src/tests/libxrpl/tx/AccountSet.cpp

@@ -0,0 +1,804 @@
+#include <xrpl/protocol_autogen/transactions/AccountSet.h>
+
+#include <xrpl/basics/Slice.h>
+#include <xrpl/basics/base_uint.h>
+#include <xrpl/beast/utility/Zero.h>
+#include <xrpl/core/ServiceRegistry.h>
+#include <xrpl/ledger/helpers/DirectoryHelpers.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/KeyType.h>
+#include <xrpl/protocol/LedgerFormats.h>
+#include <xrpl/protocol/Quality.h>
+#include <xrpl/protocol/Rate.h>
+#include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/STArray.h>
+#include <xrpl/protocol/STObject.h>
+#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/SecretKey.h>
+#include <xrpl/protocol/TER.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/protocol_autogen/ledger_entries/AccountRoot.h>
+#include <xrpl/protocol_autogen/transactions/Payment.h>
+#include <xrpl/protocol_autogen/transactions/SetRegularKey.h>
+#include <xrpl/protocol_autogen/transactions/SignerListSet.h>
+#include <xrpl/protocol_autogen/transactions/TicketCreate.h>
+#include <xrpl/protocol_autogen/transactions/TrustSet.h>
+
+#include <gtest/gtest.h>
+#include <helpers/Account.h>
+#include <helpers/IOU.h>
+#include <helpers/TxTest.h>
+
+#include <algorithm>
+#include <cstddef>
+#include <cstdint>
+#include <initializer_list>
+#include <limits>
+#include <memory>
+#include <string>
+#include <string_view>
+#include <utility>
+#include <vector>
+
+namespace xrpl::test {
+
+TEST(AccountSet, NullAccountSet)
+{
+    TxTest env;
+
+    Account const alice("alice");
+    env.createAccount(alice, XRP(10));
+
+    auto& view = env.getOpenLedger();
+
+    // ask for the ledger entry - account root, to check its flags
+    auto sle = view.read(keylet::account(alice));
+
+    EXPECT_NE(sle, nullptr);
+    ledger_entries::AccountRoot const accountRoot(sle);
+    EXPECT_EQ(accountRoot.getFlags(), 0);
+}
+
+TEST(AccountSet, MostFlags)
+{
+    Account const alice("alice");
+
+    TxTest env;
+    env.createAccount(alice, XRP(10000));
+
+    // Give alice a regular key so she can legally set and clear
+    // her asfDisableMaster flag.
+    Account const aliceRegularKey{"aliceRegularKey", KeyType::secp256k1};
+
+    env.createAccount(aliceRegularKey, XRP(10000));
+    env.close();
+
+    EXPECT_EQ(
+        env.submit(transactions::SetRegularKeyBuilder{alice}.setRegularKey(aliceRegularKey), alice)
+            .ter,
+        tesSUCCESS);
+    env.close();
+
+    auto testFlags = [&alice, &aliceRegularKey, &env](
+                         std::initializer_list<std::uint32_t> goodFlags) {
+        std::uint32_t const orig_flags = env.getAccountRoot(alice).getFlags();
+        for (std::uint32_t flag{1u}; flag < std::numeric_limits<std::uint32_t>::digits; ++flag)
+        {
+            if (flag == asfNoFreeze)
+            {
+                // The asfNoFreeze flag can't be cleared.  It is tested
+                // elsewhere.
+                continue;
+            }
+            if (flag == asfAuthorizedNFTokenMinter)
+            {
+                // The asfAuthorizedNFTokenMinter flag requires the
+                // presence or absence of the sfNFTokenMinter field in
+                // the transaction.  It is tested elsewhere.
+                continue;
+            }
+
+            if (flag == asfDisallowIncomingCheck || flag == asfDisallowIncomingPayChan ||
+                flag == asfDisallowIncomingNFTokenOffer || flag == asfDisallowIncomingTrustline)
+            {
+                // These flags are part of the DisallowIncoming amendment
+                // and are tested elsewhere
+                continue;
+            }
+            if (flag == asfAllowTrustLineClawback)
+            {
+                // The asfAllowTrustLineClawback flag can't be cleared.  It
+                // is tested elsewhere.
+                continue;
+            }
+            if (flag == asfAllowTrustLineLocking)
+            {
+                // These flags are part of the AllowTokenLocking amendment
+                // and are tested elsewhere
+                continue;
+            }
+            if (std::ranges::find(goodFlags, flag) != goodFlags.end())
+            {
+                // Good flag
+                EXPECT_FALSE(env.getAccountRoot(alice).isFlag(asfToLsf(flag)));
+
+                EXPECT_EQ(
+                    env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(flag), alice).ter,
+                    tesSUCCESS);
+                env.close();
+
+                EXPECT_TRUE(env.getAccountRoot(alice).isFlag(asfToLsf(flag)));
+
+                EXPECT_EQ(
+                    env.submit(
+                           transactions::AccountSetBuilder{alice}.setClearFlag(flag),
+                           aliceRegularKey)
+                        .ter,
+                    tesSUCCESS);
+                env.close();
+
+                EXPECT_FALSE(env.getAccountRoot(alice).isFlag(asfToLsf(flag)));
+
+                std::uint32_t const now_flags = env.getAccountRoot(alice).getFlags();
+                EXPECT_EQ(now_flags, orig_flags);
+            }
+            else
+            {
+                // Bad flag
+                EXPECT_EQ(env.getAccountRoot(alice).getFlags(), orig_flags);
+                EXPECT_EQ(
+                    env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(flag), alice).ter,
+                    tesSUCCESS);
+                env.close();
+                EXPECT_EQ(env.getAccountRoot(alice).getFlags(), orig_flags);
+
+                EXPECT_EQ(
+                    env.submit(
+                           transactions::AccountSetBuilder{alice}.setClearFlag(flag),
+                           aliceRegularKey)
+                        .ter,
+                    tesSUCCESS);
+                env.close();
+                EXPECT_EQ(env.getAccountRoot(alice).getFlags(), orig_flags);
+            }
+        }
+    };
+    testFlags({
+        asfRequireDest,
+        asfRequireAuth,
+        asfDisallowXRP,
+        asfGlobalFreeze,
+        asfDisableMaster,
+        asfDefaultRipple,
+        asfDepositAuth,
+    });
+}
+
+TEST(AccountSet, SetAndResetAccountTxnID)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+
+    std::uint32_t const orig_flags = env.getAccountRoot(alice).getFlags();
+
+    // asfAccountTxnID is special and not actually set as a flag,
+    // so we check the field presence instead
+    EXPECT_FALSE(env.getAccountRoot(alice).hasAccountTxnID());
+
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(asfAccountTxnID), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_TRUE(env.getAccountRoot(alice).hasAccountTxnID());
+
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setClearFlag(asfAccountTxnID), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_FALSE(env.getAccountRoot(alice).hasAccountTxnID());
+
+    std::uint32_t const now_flags = env.getAccountRoot(alice).getFlags();
+    EXPECT_EQ(now_flags, orig_flags);
+}
+
+TEST(AccountSet, SetNoFreeze)
+{
+    TxTest env;
+    Account const alice("alice");
+    Account const eric("eric");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    // Set eric as alice's regular key (eric doesn't need to be funded)
+    EXPECT_EQ(
+        env.submit(transactions::SetRegularKeyBuilder{alice}.setRegularKey(eric), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    // Verify alice doesn't have NoFreeze flag
+    EXPECT_FALSE(env.getAccountRoot(alice).isFlag(lsfNoFreeze));
+
+    // Setting NoFreeze with regular key should fail - requires master key
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(asfNoFreeze), eric).ter,
+        tecNEED_MASTER_KEY);
+    env.close();
+
+    // Setting NoFreeze with master key should succeed
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(asfNoFreeze), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    // Verify alice now has NoFreeze flag
+    EXPECT_TRUE(env.getAccountRoot(alice).isFlag(lsfNoFreeze));
+
+    // Try to clear NoFreeze - transaction succeeds but flag remains set
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setClearFlag(asfNoFreeze), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    // Verify flag is still set (NoFreeze cannot be cleared once set)
+    EXPECT_TRUE(env.getAccountRoot(alice).isFlag(lsfNoFreeze));
+}
+
+TEST(AccountSet, Domain)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    // The Domain field is represented as the hex string of the lowercase
+    // ASCII of the domain. For example, the domain example.com would be
+    // represented as "6578616d706c652e636f6d".
+    //
+    // To remove the Domain field from an account, send an AccountSet with
+    // the Domain set to an empty string.
+    std::string const domain = "example.com";
+
+    // Set domain
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setDomain(makeSlice(domain)), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_TRUE(env.getAccountRoot(alice).hasDomain());
+    // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+    EXPECT_EQ(*env.getAccountRoot(alice).getDomain(), makeSlice(domain));
+
+    // Clear domain by setting empty
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setDomain(Slice{}), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_FALSE(env.getAccountRoot(alice).hasDomain());
+
+    // The upper limit on the length is 256 bytes
+    // (defined as DOMAIN_BYTES_MAX in SetAccount)
+    // test the edge cases: 255, 256, 257.
+    std::size_t const maxLength = 256;
+    for (std::size_t len = maxLength - 1; len <= maxLength + 1; ++len)
+    {
+        std::string const domain2 = std::string(len - domain.length() - 1, 'a') + "." + domain;
+
+        EXPECT_EQ(domain2.length(), len);
+
+        if (len <= maxLength)
+        {
+            EXPECT_EQ(
+                env.submit(
+                       transactions::AccountSetBuilder{alice}.setDomain(makeSlice(domain2)), alice)
+                    .ter,
+                tesSUCCESS);
+            env.close();
+
+            // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+            EXPECT_EQ(*env.getAccountRoot(alice).getDomain(), makeSlice(domain2));
+        }
+        else
+        {
+            EXPECT_EQ(
+                env.submit(
+                       transactions::AccountSetBuilder{alice}.setDomain(makeSlice(domain2)), alice)
+                    .ter,
+                telBAD_DOMAIN);
+            env.close();
+        }
+    }
+}
+
+TEST(AccountSet, MessageKey)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    // Generate a random ed25519 key pair for the message key
+    auto const rkp = randomKeyPair(KeyType::ed25519);
+
+    // Set the message key
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setMessageKey(rkp.first.slice()), alice)
+            .ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_TRUE(env.getAccountRoot(alice).hasMessageKey());
+    // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+    EXPECT_EQ(*env.getAccountRoot(alice).getMessageKey(), rkp.first.slice());
+
+    // Clear the message key by setting to empty
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setMessageKey(Slice{}), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_FALSE(env.getAccountRoot(alice).hasMessageKey());
+
+    // Try to set an invalid public key - should fail
+    using namespace std::string_literals;
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}.setMessageKey(
+                   makeSlice("NOT_REALLY_A_PUBKEY"s)),
+               alice)
+            .ter,
+        telBAD_PUBLIC_KEY);
+}
+
+TEST(AccountSet, WalletID)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    std::string_view const locator =
+        "9633EC8AF54F16B5286DB1D7B519EF49EEFC050C0C8AC4384F1D88ACD1BFDF05";
+    uint256 locatorHash{};
+    EXPECT_TRUE(locatorHash.parseHex(locator));
+
+    // Set the wallet locator
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setWalletLocator(locatorHash), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_TRUE(env.getAccountRoot(alice).hasWalletLocator());
+    // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+    EXPECT_EQ(*env.getAccountRoot(alice).getWalletLocator(), locatorHash);
+
+    // Clear the wallet locator by setting to zero
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setWalletLocator(beast::zero), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_FALSE(env.getAccountRoot(alice).hasWalletLocator());
+}
+
+TEST(AccountSet, EmailHash)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    std::string_view const mh = "5F31A79367DC3137FADA860C05742EE6";
+    uint128 emailHash{};
+    EXPECT_TRUE(emailHash.parseHex(mh));
+
+    // Set the email hash
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setEmailHash(emailHash), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_TRUE(env.getAccountRoot(alice).hasEmailHash());
+    // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+    EXPECT_EQ(*env.getAccountRoot(alice).getEmailHash(), emailHash);
+
+    // Clear the email hash by setting to zero
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setEmailHash(beast::zero), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_FALSE(env.getAccountRoot(alice).hasEmailHash());
+}
+
+TEST(AccountSet, TransferRate)
+{
+    struct TestCase
+    {
+        double set;
+        TER code;
+        double get;
+    };
+
+    // Test data: {rate to set, expected TER, expected stored rate}
+    std::vector<TestCase> const testData = {
+        {1.0, tesSUCCESS, 1.0},
+        {1.1, tesSUCCESS, 1.1},
+        {2.0, tesSUCCESS, 2.0},
+        {2.1, temBAD_TRANSFER_RATE, 2.0},  // > 2.0 is invalid
+        {0.0, tesSUCCESS, 1.0},            // 0 clears the rate (default = 1.0)
+        {2.0, tesSUCCESS, 2.0},
+        {0.9, temBAD_TRANSFER_RATE, 2.0},  // < 1.0 is invalid
+    };
+
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    for (auto const& r : testData)
+    {
+        auto const rateValue = static_cast<std::uint32_t>(QUALITY_ONE * r.set);
+
+        EXPECT_EQ(
+            env.submit(transactions::AccountSetBuilder{alice}.setTransferRate(rateValue), alice)
+                .ter,
+            r.code);
+        env.close();
+
+        // If the field is not present, expect the default value (1.0)
+        if (!env.getAccountRoot(alice).hasTransferRate())
+        {
+            EXPECT_EQ(r.get, 1.0);
+        }
+        else
+        {
+            // NOLINTNEXTLINE(bugprone-unchecked-optional-access)
+            EXPECT_EQ(
+                *env.getAccountRoot(alice).getTransferRate(),
+                static_cast<std::uint32_t>(r.get * QUALITY_ONE));
+        }
+    }
+}
+
+TEST(AccountSet, BadInputs)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    // Setting and clearing the same flag is invalid
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}
+                   .setSetFlag(asfDisallowXRP)
+                   .setClearFlag(asfDisallowXRP),
+               alice)
+            .ter,
+        temINVALID_FLAG);
+
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}
+                   .setSetFlag(asfRequireAuth)
+                   .setClearFlag(asfRequireAuth),
+               alice)
+            .ter,
+        temINVALID_FLAG);
+
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}
+                   .setSetFlag(asfRequireDest)
+                   .setClearFlag(asfRequireDest),
+               alice)
+            .ter,
+        temINVALID_FLAG);
+
+    // Setting asf flag while also using corresponding tf flag is invalid
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}
+                   .setSetFlag(asfDisallowXRP)
+                   .setFlags(tfAllowXRP),
+               alice)
+            .ter,
+        temINVALID_FLAG);
+
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}
+                   .setSetFlag(asfRequireAuth)
+                   .setFlags(tfOptionalAuth),
+               alice)
+            .ter,
+        temINVALID_FLAG);
+
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}
+                   .setSetFlag(asfRequireDest)
+                   .setFlags(tfOptionalDestTag),
+               alice)
+            .ter,
+        temINVALID_FLAG);
+
+    // Using invalid flags (mask) is invalid
+    EXPECT_EQ(
+        env.submit(
+               transactions::AccountSetBuilder{alice}
+                   .setSetFlag(asfRequireDest)
+                   .setFlags(tfAccountSetMask),
+               alice)
+            .ter,
+        temINVALID_FLAG);
+
+    // Disabling master key without an alternative key is invalid
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(asfDisableMaster), alice).ter,
+        tecNO_ALTERNATIVE_KEY);
+}
+
+TEST(AccountSet, RequireAuthWithDir)
+{
+    TxTest env;
+    Account const alice("alice");
+    Account const bob("bob");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    // alice should have an empty directory
+    EXPECT_TRUE(dirIsEmpty(env.getClosedLedger(), keylet::ownerDir(alice.id())));
+
+    // Give alice a signer list, then there will be stuff in the directory
+    // Build the SignerEntries array
+    STArray signerEntries(1);
+    {
+        signerEntries.push_back(STObject::makeInnerObject(sfSignerEntry));
+        STObject& entry = signerEntries.back();
+        entry[sfAccount] = bob.id();
+        entry[sfSignerWeight] = std::uint16_t{1};
+    }
+
+    EXPECT_EQ(
+        env.submit(
+               transactions::SignerListSetBuilder{alice, 1}.setSignerEntries(signerEntries), alice)
+            .ter,
+        tesSUCCESS);
+    env.close();
+
+    EXPECT_FALSE(dirIsEmpty(env.getClosedLedger(), keylet::ownerDir(alice.id())));
+
+    // Setting RequireAuth should fail because alice has owner objects
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(asfRequireAuth), alice).ter,
+        tecOWNERS);
+
+    // Remove the signer list (quorum = 0, no entries)
+    EXPECT_EQ(env.submit(transactions::SignerListSetBuilder{alice, 0}, alice).ter, tesSUCCESS);
+    env.close();
+
+    EXPECT_TRUE(dirIsEmpty(env.getClosedLedger(), keylet::ownerDir(alice.id())));
+
+    // Now setting RequireAuth should succeed
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setSetFlag(asfRequireAuth), alice).ter,
+        tesSUCCESS);
+}
+
+TEST(AccountSet, Ticket)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    // Get alice's current sequence - the ticket will be created at seq + 1
+    std::uint32_t const aliceSeqBefore = env.getAccountRoot(alice.id()).getSequence();
+    std::uint32_t const ticketSeq = aliceSeqBefore + 1;
+
+    // Create a ticket
+    EXPECT_EQ(env.submit(transactions::TicketCreateBuilder{alice, 1}, alice).ter, tesSUCCESS);
+    env.close();
+
+    // Verify alice has 1 owner object (the ticket)
+    EXPECT_EQ(env.getAccountRoot(alice.id()).getOwnerCount(), 1u);
+    // Verify ticket exists
+    EXPECT_TRUE(env.getClosedLedger().exists(keylet::ticket(alice.id(), ticketSeq)));
+
+    // Try using a ticket that alice doesn't have
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setTicketSequence(ticketSeq + 1), alice)
+            .ter,
+        terPRE_TICKET);
+    env.close();
+
+    // Verify ticket still exists
+    EXPECT_TRUE(env.getClosedLedger().exists(keylet::ticket(alice.id(), ticketSeq)));
+
+    // Get alice's sequence before using the ticket
+    std::uint32_t const aliceSeq = env.getAccountRoot(alice.id()).getSequence();
+
+    // Actually use alice's ticket (noop AccountSet)
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setTicketSequence(ticketSeq), alice).ter,
+        tesSUCCESS);
+    env.close();
+
+    // Verify ticket is consumed (no owner objects)
+    EXPECT_EQ(env.getAccountRoot(alice.id()).getOwnerCount(), 0u);
+    EXPECT_FALSE(env.getClosedLedger().exists(keylet::ticket(alice.id(), ticketSeq)));
+
+    // Verify alice's sequence did NOT advance (ticket use doesn't increment seq)
+    EXPECT_EQ(env.getAccountRoot(alice.id()).getSequence(), aliceSeq);
+
+    // Try re-using a ticket that alice already used
+    EXPECT_EQ(
+        env.submit(transactions::AccountSetBuilder{alice}.setTicketSequence(ticketSeq), alice).ter,
+        tefNO_TICKET);
+}
+
+TEST(AccountSet, BadSigningKey)
+{
+    TxTest env;
+    Account const alice("alice");
+
+    env.createAccount(alice, XRP(10000));
+    env.close();
+
+    // Build a valid transaction first, then corrupt the signing key
+    auto stx = transactions::AccountSetBuilder{alice}
+                   .setSequence(env.getAccountRoot(alice.id()).getSequence())
+                   .setFee(XRPAmount{10})
+                   .build(alice.pk(), alice.sk())
+                   .getSTTx();
+
+    // Create a copy with a bad signing key
+    STObject obj = *stx;
+    obj.setFieldVL(sfSigningPubKey, makeSlice(std::string("badkey")));
+
+    auto result = env.submit(std::make_shared<STTx>(std::move(obj)));
+    EXPECT_EQ(result.ter, temBAD_SIGNATURE);
+    EXPECT_FALSE(result.applied);
+}
+
+TEST(AccountSet, Gateway)
+{
+    Account const alice("alice");
+    Account const bob("bob");
+    Account const gw("gateway");
+    IOU const USD("USD", gw);
+
+    // Test gateway with a variety of allowed transfer rates
+    for (double transferRate = 1.0; transferRate <= 2.0; transferRate += 0.03125)
+    {
+        TxTest env;
+
+        env.createAccount(gw, XRP(10000), asfDefaultRipple);
+        env.createAccount(alice, XRP(10000), asfDefaultRipple);
+        env.createAccount(bob, XRP(10000), asfDefaultRipple);
+        env.close();
+
+        // Set up trust lines: alice and bob trust gw for USD
+        EXPECT_EQ(
+            env.submit(transactions::TrustSetBuilder{alice}.setLimitAmount(USD.amount(10)), alice)
+                .ter,
+            tesSUCCESS);
+        EXPECT_EQ(
+            env.submit(transactions::TrustSetBuilder{bob}.setLimitAmount(USD.amount(10)), bob).ter,
+            tesSUCCESS);
+        env.close();
+
+        // Set transfer rate on the gateway
+        EXPECT_EQ(
+            env.submit(
+                   transactions::AccountSetBuilder{gw}.setTransferRate(
+                       static_cast<std::uint32_t>(transferRate * QUALITY_ONE)),
+                   gw)
+                .ter,
+            tesSUCCESS);
+        env.close();
+
+        // Calculate the amount with transfer rate applied
+        auto const amount = USD.amount(1);
+        Rate const rate(static_cast<std::uint32_t>(transferRate * QUALITY_ONE));
+        auto const amountWithRate = multiply(amount, rate);
+
+        // Gateway pays alice 10 USD
+        EXPECT_EQ(
+            env.submit(transactions::PaymentBuilder{gw, alice, USD.amount(10)}, gw).ter,
+            tesSUCCESS);
+        env.close();
+
+        // Alice pays bob 1 USD (with sendmax to cover transfer fee)
+        EXPECT_EQ(
+            env.submit(
+                   transactions::PaymentBuilder{alice, bob, USD.amount(1)}.setSendMax(
+                       USD.amount(10)),
+                   alice)
+                .ter,
+            tesSUCCESS);
+        env.close();
+
+        // Check balances
+        EXPECT_EQ(env.getBalance(alice.id(), USD), USD.amount(10) - amountWithRate);
+        EXPECT_EQ(env.getBalance(bob.id(), USD), USD.amount(1));
+    }
+
+    // Test out-of-bounds legacy transfer rates (4.0 and 4.294967295)
+    // These require direct ledger modification since the transactor blocks them
+    for (std::uint32_t const transferRate : {4000000000U, 4294967295U})
+    {
+        TxTest env;
+        env.createAccount(gw, XRP(10000), asfDefaultRipple);
+        env.createAccount(alice, XRP(10000), asfDefaultRipple);
+        env.createAccount(bob, XRP(10000), asfDefaultRipple);
+        env.close();
+
+        // Set up trust lines
+        EXPECT_EQ(
+            env.submit(transactions::TrustSetBuilder{alice}.setLimitAmount(USD.amount(10)), alice)
+                .ter,
+            tesSUCCESS);
+        EXPECT_EQ(
+            env.submit(transactions::TrustSetBuilder{bob}.setLimitAmount(USD.amount(10)), bob).ter,
+            tesSUCCESS);
+        env.close();
+
+        // Set an acceptable transfer rate first (we'll hack it later)
+        EXPECT_EQ(
+            env.submit(
+                   transactions::AccountSetBuilder{gw}.setTransferRate(
+                       static_cast<std::uint32_t>(2.0 * QUALITY_ONE)),
+                   gw)
+                .ter,
+            tesSUCCESS);
+        env.close();
+
+        // Directly modify the ledger to set an out-of-bounds transfer rate
+        // This bypasses the transactor's validation
+        auto& view = env.getOpenLedger();
+        auto slePtr = view.read(keylet::account(gw.id()));
+        ASSERT_NE(slePtr, nullptr);
+        auto sleCopy = std::make_shared<SLE>(*slePtr);
+        (*sleCopy)[sfTransferRate] = transferRate;
+        view.rawReplace(sleCopy);
+
+        // Calculate the amount with the legacy transfer rate
+        auto const amount = USD.amount(1);
+        auto const amountWithRate = multiply(amount, Rate(transferRate));
+
+        // Gateway pays alice 10 USD
+        EXPECT_EQ(
+            env.submit(transactions::PaymentBuilder{gw, alice, USD.amount(10)}, gw).ter,
+            tesSUCCESS);
+
+        // Alice pays bob 1 USD
+        EXPECT_EQ(
+            env.submit(
+                   transactions::PaymentBuilder{alice, bob, amount}.setSendMax(USD.amount(10)),
+                   alice)
+                .ter,
+            tesSUCCESS);
+
+        // Check balances
+        EXPECT_EQ(env.getBalance(alice.id(), USD), USD.amount(10) - amountWithRate);
+        EXPECT_EQ(env.getBalance(bob.id(), USD), amount);
+    }
+}
+
+}  // namespace xrpl::test

src/tests/libxrpl/tx/main.cpp

@@ -0,0 +1,8 @@
+#include <gtest/gtest.h>
+
+int
+main(int argc, char** argv)
+{
+    ::testing::InitGoogleTest(&argc, argv);
+    return RUN_ALL_TESTS();
+}

src/xrpld/app/main/Application.cpp

@@ -78,11 +78,9 @@
 #include <xrpl/protocol/ApiVersion.h>
 #include <xrpl/protocol/BuildInfo.h>
 #include <xrpl/protocol/Feature.h>
-#include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/Protocol.h>
 #include <xrpl/protocol/STParsedJSON.h>
 #include <xrpl/protocol/Serializer.h>
-#include <xrpl/protocol/SystemParameters.h>
 #include <xrpl/protocol/jss.h>
 #include <xrpl/rdb/DatabaseCon.h>
 #include <xrpl/resource/Charge.h>

src/xrpld/app/main/BasicApp.cpp

@@ -12,10 +12,10 @@ BasicApp::BasicApp(std::size_t numberOfThreads)
     work_.emplace(boost::asio::make_work_guard(io_context_));
     threads_.reserve(numberOfThreads);
 
-    while ((numberOfThreads--) != 0u)
+    for (std::size_t i = 0; i < numberOfThreads; ++i)
     {
-        threads_.emplace_back([this, numberOfThreads]() {
-            beast::setCurrentThreadName("io svc #" + std::to_string(numberOfThreads));
+        threads_.emplace_back([this, i]() {
+            beast::setCurrentThreadName("io svc #" + std::to_string(i));
             this->io_context_.run();
         });
     }

src/xrpld/app/main/GRPCServer.cpp

@@ -48,7 +48,6 @@
 #include <sstream>
 #include <stdexcept>
 #include <string>
-#include <system_error>
 #include <utility>
 #include <vector>
 
@@ -614,7 +613,7 @@ GRPCServerImpl::createServerCredentials()
 
     try
     {
-        std::error_code ec;
+        boost::system::error_code ec;
         grpc::SslServerCredentialsOptions sslOpts;
         grpc::SslServerCredentialsOptions::PemKeyCertPair keyCertPair;
 

src/xrpld/app/misc/FeeVoteImpl.cpp

@@ -8,7 +8,6 @@
 #include <xrpl/ledger/ReadView.h>
 #include <xrpl/protocol/Feature.h>
 #include <xrpl/protocol/Fees.h>
-#include <xrpl/protocol/Protocol.h>
 #include <xrpl/protocol/SField.h>
 #include <xrpl/protocol/STTx.h>
 #include <xrpl/protocol/STValidation.h>

src/xrpld/app/misc/SHAMapStoreImp.cpp

@@ -24,23 +24,19 @@
 #include <xrpl/shamap/SHAMapTreeNode.h>
 
 #include <boost/algorithm/string/predicate.hpp>
+#include <boost/filesystem/directory.hpp>
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
 
 #include <algorithm>
-#include <cstddef>
 #include <cstdint>
-#include <filesystem>
 #include <functional>
-#include <iomanip>
-#include <ios>
 #include <limits>
 #include <memory>
 #include <mutex>
 #include <optional>
-#include <random>
-#include <sstream>
 #include <stdexcept>
 #include <string>
-#include <system_error>
 #include <thread>
 #include <utility>
 #include <vector>
@@ -372,11 +368,11 @@ void
 SHAMapStoreImp::dbPaths()
 {
     Section const section{app_.config().section(ConfigSection::nodeDatabase())};
-    std::filesystem::path dbPath = get(section, "path");
+    boost::filesystem::path dbPath = get(section, "path");
 
-    if (std::filesystem::exists(dbPath))
+    if (boost::filesystem::exists(dbPath))
     {
-        if (!std::filesystem::is_directory(dbPath))
+        if (!boost::filesystem::is_directory(dbPath))
         {
             journal_.error() << "node db path must be a directory. " << dbPath.string();
             Throw<std::runtime_error>("node db path must be a directory.");
@@ -384,7 +380,7 @@ SHAMapStoreImp::dbPaths()
     }
     else
     {
-        std::filesystem::create_directories(dbPath);
+        boost::filesystem::create_directories(dbPath);
     }
 
     SavedState state = state_db_.getState();
@@ -395,8 +391,8 @@ SHAMapStoreImp::dbPaths()
                 return false;
 
             // Check if configured "path" matches stored directory path
-            using namespace std::filesystem;
-            auto const stored{std::filesystem::path(sPath)};
+            using namespace boost::filesystem;
+            auto const stored{path(sPath)};
             if (stored.parent_path() == dbPath)
                 return false;
 
@@ -414,9 +410,9 @@ SHAMapStoreImp::dbPaths()
     bool writableDbExists = false;
     bool archiveDbExists = false;
 
-    std::vector<std::filesystem::path> pathsToDelete;
-    for (std::filesystem::directory_iterator it(dbPath);
-         it != std::filesystem::directory_iterator();
+    std::vector<boost::filesystem::path> pathsToDelete;
+    for (boost::filesystem::directory_iterator it(dbPath);
+         it != boost::filesystem::directory_iterator();
          ++it)
     {
         if (state.writableDb.compare(it->path().string()) == 0)
@@ -437,7 +433,7 @@ SHAMapStoreImp::dbPaths()
         (!archiveDbExists && !state.archiveDb.empty()) || (writableDbExists != archiveDbExists) ||
         state.writableDb.empty() != state.archiveDb.empty())
     {
-        std::filesystem::path stateDbPathName = app_.config().legacy("database_path");
+        boost::filesystem::path stateDbPathName = app_.config().legacy("database_path");
         stateDbPathName /= dbName_;
         stateDbPathName += "*";
 
@@ -459,15 +455,15 @@ SHAMapStoreImp::dbPaths()
     }
 
     // The necessary directories exist. Now, remove any others.
-    for (std::filesystem::path const& p : pathsToDelete)
-        std::filesystem::remove_all(p);
+    for (boost::filesystem::path const& p : pathsToDelete)
+        boost::filesystem::remove_all(p);
 }
 
 std::unique_ptr<NodeStore::Backend>
 SHAMapStoreImp::makeBackendRotating(std::string path)
 {
     Section section{app_.config().section(ConfigSection::nodeDatabase())};
-    std::filesystem::path newPath;
+    boost::filesystem::path newPath;
 
     if (!path.empty())
     {
@@ -475,24 +471,10 @@ SHAMapStoreImp::makeBackendRotating(std::string path)
     }
     else
     {
-        std::filesystem::path const p = get(section, "path");
-        std::random_device rd;
-        constexpr std::size_t maxAttempts = 100;
-        for (std::size_t attempt = 0; attempt < maxAttempts; ++attempt)
-        {
-            std::ostringstream oss;
-            oss << std::hex << std::setfill('0') << std::setw(8) << rd() << std::setw(8) << rd();
-            auto const candidate =
-                std::filesystem::path((p / dbPrefix_).string() + "." + oss.str());
-            std::error_code existsEc;
-            if (!std::filesystem::exists(candidate, existsEc) && !existsEc)
-            {
-                newPath = candidate;
-                break;
-            }
-        }
-        if (newPath.empty())
-            Throw<std::runtime_error>("Unable to generate a unique rotating backend path");
+        boost::filesystem::path p = get(section, "path");
+        p /= dbPrefix_;
+        p += ".%%%%";
+        newPath = boost::filesystem::unique_path(p);
     }
     section.set("path", newPath.string());
 

src/xrpld/app/misc/ValidatorList.h

@@ -12,7 +12,6 @@
 
 #include <boost/thread/shared_mutex.hpp>
 
-#include <filesystem>
 #include <mutex>
 #include <shared_mutex>
 
@@ -205,7 +204,7 @@ class ValidatorList
     ManifestCache& validatorManifests_;
     ManifestCache& publisherManifests_;
     TimeKeeper& timeKeeper_;
-    std::filesystem::path const dataPath_;
+    boost::filesystem::path const dataPath_;
     beast::Journal const j_;
     std::shared_mutex mutable mutex_;
     using lock_guard = std::lock_guard<decltype(mutex_)>;
@@ -804,7 +803,7 @@ private:
 
     /** Get the filename used for caching UNLs
      */
-    std::filesystem::path
+    boost::filesystem::path
     getCacheFileName(lock_guard const&, PublicKey const& pubKey) const;
 
     /** Build a Json representation of the collection, suitable for

src/xrpld/app/misc/detail/ValidatorList.cpp

@@ -29,8 +29,12 @@
 #include <xrpl/server/Manifest.h>
 #include <xrpl/server/NetworkOPs.h>
 
+#include <boost/filesystem/operations.hpp>
 #include <boost/regex/v5/regex.hpp>
 #include <boost/regex/v5/regex_match.hpp>
+#include <boost/system/detail/errc.hpp>
+#include <boost/system/detail/error_code.hpp>
+#include <boost/system/errc.hpp>
 
 #include <xrpl.pb.h>
 
@@ -39,7 +43,6 @@
 #include <cmath>
 #include <cstddef>
 #include <cstdint>
-#include <filesystem>
 #include <functional>
 #include <iterator>
 #include <limits>
@@ -51,7 +54,6 @@
 #include <shared_mutex>
 #include <string>
 #include <string_view>
-#include <system_error>
 #include <utility>
 #include <vector>
 
@@ -286,7 +288,7 @@ ValidatorList::load(
     return true;
 }
 
-std::filesystem::path
+boost::filesystem::path
 ValidatorList::getCacheFileName(ValidatorList::lock_guard const&, PublicKey const& pubKey) const
 {
     return dataPath_ / (filePrefix_ + strHex(pubKey));
@@ -370,9 +372,9 @@ ValidatorList::cacheValidatorFile(ValidatorList::lock_guard const& lock, PublicK
     if (dataPath_.empty())
         return;
 
-    std::filesystem::path const filename = getCacheFileName(lock, pubKey);
+    boost::filesystem::path const filename = getCacheFileName(lock, pubKey);
 
-    std::error_code ec;
+    boost::system::error_code ec;
 
     Json::Value value = buildFileData(strHex(pubKey), publisherLists_.at(pubKey), j_);
     // xrpld should be the only process writing to this file, so
@@ -1281,7 +1283,8 @@ std::vector<std::string>
 ValidatorList::loadLists()
 {
     using namespace std::string_literals;
-    using namespace std::filesystem;
+    using namespace boost::filesystem;
+    using namespace boost::system::errc;
 
     std::lock_guard const lock{mutex_};
 
@@ -1289,12 +1292,12 @@ ValidatorList::loadLists()
     sites.reserve(publisherLists_.size());
     for (auto const& [pubKey, publisherCollection] : publisherLists_)
     {
-        std::error_code ec;
+        boost::system::error_code ec;
 
         if (publisherCollection.status == PublisherStatus::available)
             continue;
 
-        std::filesystem::path const filename = getCacheFileName(lock, pubKey);
+        boost::filesystem::path const filename = getCacheFileName(lock, pubKey);
 
         auto const fullPath{canonical(filename, ec)};
         if (ec)
@@ -1305,7 +1308,7 @@ ValidatorList::loadLists()
         {
             // Treat an empty file as a missing file, because
             // nobody else is going to write it.
-            ec = make_error_code(std::errc::no_such_file_or_directory);
+            ec = make_error_code(no_such_file_or_directory);
         }
         if (ec)
             continue;

src/xrpld/app/rdb/backend/detail/Node.cpp

@@ -37,8 +37,10 @@
 #include <xrpl/rdb/RelationalDatabase.h>
 #include <xrpl/rdb/SociDB.h>
 
+#include <boost/filesystem/operations.hpp>
 #include <boost/format/free_funcs.hpp>
 #include <boost/optional/optional.hpp>
+#include <boost/system/detail/error_code.hpp>
 
 #include <soci/blob.h>
 #include <soci/into.h>
@@ -51,7 +53,6 @@
 #include <cstddef>
 #include <cstdint>
 #include <exception>
-#include <filesystem>
 #include <functional>
 #include <limits>
 #include <map>
@@ -60,7 +61,6 @@
 #include <sstream>
 #include <stdexcept>
 #include <string>
-#include <system_error>
 #include <utility>
 #include <variant>
 #include <vector>
@@ -1290,8 +1290,8 @@ getTransaction(
 bool
 dbHasSpace(soci::session& session, Config const& config, beast::Journal j)
 {
-    std::filesystem::space_info const space =
-        std::filesystem::space(config.legacy("database_path"));
+    boost::filesystem::space_info const space =
+        boost::filesystem::space(config.legacy("database_path"));
 
     if (space.available < megabytes(512))
     {
@@ -1302,9 +1302,9 @@ dbHasSpace(soci::session& session, Config const& config, beast::Journal j)
     if (config.useTxTables())
     {
         DatabaseCon::Setup const dbSetup = setup_DatabaseCon(config);
-        std::filesystem::path const dbPath = dbSetup.dataDir / TxDBName;
-        std::error_code ec;
-        std::optional<std::uint64_t> dbSize = std::filesystem::file_size(dbPath, ec);
+        boost::filesystem::path const dbPath = dbSetup.dataDir / TxDBName;
+        boost::system::error_code ec;
+        std::optional<std::uint64_t> dbSize = boost::filesystem::file_size(dbPath, ec);
         if (ec)
         {
             JLOG(j.error()) << "Error checking transaction db file size: " << ec.message();

src/xrpld/core/Config.h

@@ -9,8 +9,9 @@
 #include <xrpl/protocol/SystemParameters.h>  // VFALCO Breaks levelization
 #include <xrpl/rdb/DatabaseCon.h>
 
+#include <boost/filesystem.hpp>  // VFALCO FIX: This include should not be here
+
 #include <cstdint>
-#include <filesystem>
 #include <optional>
 #include <string>
 #include <unordered_set>
@@ -81,17 +82,17 @@ public:
     static char const* const validatorsFileName;
 
     /** Returns the full path and filename of the debug log file. */
-    [[nodiscard]] std::filesystem::path
+    [[nodiscard]] boost::filesystem::path
     getDebugLogFile() const;
 
 private:
-    std::filesystem::path CONFIG_FILE;
+    boost::filesystem::path CONFIG_FILE;
 
 public:
-    std::filesystem::path CONFIG_DIR;
+    boost::filesystem::path CONFIG_DIR;
 
 private:
-    std::filesystem::path DEBUG_LOGFILE;
+    boost::filesystem::path DEBUG_LOGFILE;
 
     void
     load();

src/xrpld/core/detail/Config.cpp

@@ -22,19 +22,21 @@
 #include <boost/algorithm/string/replace.hpp>
 #include <boost/algorithm/string/split.hpp>
 #include <boost/algorithm/string/trim.hpp>
+#include <boost/filesystem/operations.hpp>
+#include <boost/filesystem/path.hpp>
 #include <boost/format/free_funcs.hpp>
 #include <boost/multiprecision/detail/endian.hpp>
 #include <boost/predef.h>
 #include <boost/regex.hpp>  // IWYU pragma: keep
 #include <boost/regex/v5/regex.hpp>
 #include <boost/regex/v5/regex_match.hpp>
+#include <boost/system/detail/error_code.hpp>
 
 #include <algorithm>
 #include <array>
 #include <chrono>
 #include <cstdint>
 #include <cstdlib>
-#include <filesystem>
 #include <iostream>
 #include <iterator>
 #include <limits>
@@ -44,7 +46,6 @@
 #include <sstream>
 #include <stdexcept>
 #include <string>
-#include <system_error>
 #include <thread>
 #include <type_traits>
 #include <utility>
@@ -312,13 +313,13 @@ Config::setup(std::string const& strConf, bool bQuiet, bool bSilent, bool bStand
     // directory, use the current working directory as the
     // config directory and that with "db" as the data
     // directory.
-    std::filesystem::path dataDir;
+    boost::filesystem::path dataDir;
 
     if (!strConf.empty())
     {
         // --conf=<path> : everything is relative that file.
         CONFIG_FILE = strConf;
-        CONFIG_DIR = std::filesystem::absolute(CONFIG_FILE);
+        CONFIG_DIR = boost::filesystem::absolute(CONFIG_FILE);
         CONFIG_DIR.remove_filename();
         dataDir = CONFIG_DIR / databaseDirName;
     }
@@ -329,13 +330,13 @@ Config::setup(std::string const& strConf, bool bQuiet, bool bSilent, bool bStand
             // Check if either of the config files exist in the current working
             // directory, in which case the databases will be stored in a
             // subdirectory.
-            CONFIG_DIR = std::filesystem::current_path();
+            CONFIG_DIR = boost::filesystem::current_path();
             dataDir = CONFIG_DIR / databaseDirName;
             CONFIG_FILE = CONFIG_DIR / configFileName;
-            if (std::filesystem::exists(CONFIG_FILE))
+            if (boost::filesystem::exists(CONFIG_FILE))
                 break;
             CONFIG_FILE = CONFIG_DIR / configLegacyName;
-            if (std::filesystem::exists(CONFIG_FILE))
+            if (boost::filesystem::exists(CONFIG_FILE))
                 break;
 
             // Check if the home directory is set, and optionally the XDG config
@@ -362,10 +363,10 @@ Config::setup(std::string const& strConf, bool bQuiet, bool bSilent, bool bStand
                 dataDir = strXdgDataHome + "/" + systemName();
                 CONFIG_DIR = strXdgConfigHome + "/" + systemName();
                 CONFIG_FILE = CONFIG_DIR / configFileName;
-                if (std::filesystem::exists(CONFIG_FILE))
+                if (boost::filesystem::exists(CONFIG_FILE))
                     break;
                 CONFIG_FILE = CONFIG_DIR / configLegacyName;
-                if (std::filesystem::exists(CONFIG_FILE))
+                if (boost::filesystem::exists(CONFIG_FILE))
                     break;
             }
 
@@ -373,7 +374,7 @@ Config::setup(std::string const& strConf, bool bQuiet, bool bSilent, bool bStand
             dataDir = "/var/opt/" + systemName();
             CONFIG_DIR = "/etc/opt/" + systemName();
             CONFIG_FILE = CONFIG_DIR / configFileName;
-            if (std::filesystem::exists(CONFIG_FILE))
+            if (boost::filesystem::exists(CONFIG_FILE))
                 break;
             CONFIG_FILE = CONFIG_DIR / configLegacyName;
         } while (false);
@@ -386,7 +387,7 @@ Config::setup(std::string const& strConf, bool bQuiet, bool bSilent, bool bStand
         std::string const dbPath(legacy("database_path"));
         if (!dbPath.empty())
         {
-            dataDir = std::filesystem::path(dbPath);
+            dataDir = boost::filesystem::path(dbPath);
         }
         else if (RUN_STANDALONE)
         {
@@ -396,13 +397,13 @@ Config::setup(std::string const& strConf, bool bQuiet, bool bSilent, bool bStand
 
     if (!dataDir.empty())
     {
-        std::error_code ec;
-        std::filesystem::create_directories(dataDir, ec);
+        boost::system::error_code ec;
+        boost::filesystem::create_directories(dataDir, ec);
 
         if (ec)
             Throw<std::runtime_error>(boost::str(boost::format("Can not create %s") % dataDir));
 
-        legacy("database_path", std::filesystem::absolute(dataDir).string());
+        legacy("database_path", boost::filesystem::absolute(dataDir).string());
     }
 
     HTTPClient::initializeSSLContext(
@@ -455,7 +456,7 @@ Config::load()
     if (!QUIET)
         std::cerr << "Loading: " << CONFIG_FILE << "\n";
 
-    std::error_code ec;
+    boost::system::error_code ec;
     auto const fileContents = getFileContents(ec, CONFIG_FILE);
 
     if (ec)
@@ -508,8 +509,8 @@ Config::loadFromString(std::string const& fileContents)
         std::string dbPath;
         if (getSingleSection(secConfig, "database_path", dbPath, j_))
         {
-            std::filesystem::path const p(dbPath);
-            legacy("database_path", std::filesystem::absolute(p).string());
+            boost::filesystem::path const p(dbPath);
+            legacy("database_path", boost::filesystem::absolute(p).string());
         }
     }
 
@@ -952,7 +953,7 @@ Config::loadFromString(std::string const& fileContents)
         // If no path was specified, then look for validators.txt
         // in the same directory as the config file, but don't complain
         // if we can't find it.
-        std::filesystem::path validatorsFile;
+        boost::filesystem::path validatorsFile;
 
         if (getSingleSection(secConfig, SECTION_VALIDATORS_FILE, strTemp, j_))
         {
@@ -967,7 +968,7 @@ Config::loadFromString(std::string const& fileContents)
             if (!validatorsFile.is_absolute() && !CONFIG_DIR.empty())
                 validatorsFile = CONFIG_DIR / validatorsFile;
 
-            if (!std::filesystem::exists(validatorsFile))
+            if (!boost::filesystem::exists(validatorsFile))
             {
                 Throw<std::runtime_error>(
                     "The file specified in [" SECTION_VALIDATORS_FILE
@@ -976,8 +977,8 @@ Config::loadFromString(std::string const& fileContents)
                     validatorsFile.string());
             }
             else if (
-                !std::filesystem::is_regular_file(validatorsFile) &&
-                !std::filesystem::is_symlink(validatorsFile))
+                !boost::filesystem::is_regular_file(validatorsFile) &&
+                !boost::filesystem::is_symlink(validatorsFile))
             {
                 Throw<std::runtime_error>(
                     "Invalid file specified in [" SECTION_VALIDATORS_FILE "]: " +
@@ -990,24 +991,24 @@ Config::loadFromString(std::string const& fileContents)
 
             if (!validatorsFile.empty())
             {
-                if (!std::filesystem::exists(validatorsFile))
+                if (!boost::filesystem::exists(validatorsFile))
                 {
                     validatorsFile.clear();
                 }
                 else if (
-                    !std::filesystem::is_regular_file(validatorsFile) &&
-                    !std::filesystem::is_symlink(validatorsFile))
+                    !boost::filesystem::is_regular_file(validatorsFile) &&
+                    !boost::filesystem::is_symlink(validatorsFile))
                 {
                     validatorsFile.clear();
                 }
             }
         }
 
-        if (!validatorsFile.empty() && std::filesystem::exists(validatorsFile) &&
-            (std::filesystem::is_regular_file(validatorsFile) ||
-             std::filesystem::is_symlink(validatorsFile)))
+        if (!validatorsFile.empty() && boost::filesystem::exists(validatorsFile) &&
+            (boost::filesystem::is_regular_file(validatorsFile) ||
+             boost::filesystem::is_symlink(validatorsFile)))
         {
-            std::error_code ec;
+            boost::system::error_code ec;
             auto const data = getFileContents(ec, validatorsFile);
             if (ec)
             {
@@ -1133,7 +1134,7 @@ Config::loadFromString(std::string const& fileContents)
     }
 }
 
-std::filesystem::path
+boost::filesystem::path
 Config::getDebugLogFile() const
 {
     auto log_file = DEBUG_LOGFILE;
@@ -1142,17 +1143,17 @@ Config::getDebugLogFile() const
     {
         // Unless an absolute path for the log file is specified, the
         // path is relative to the config file directory.
-        log_file = CONFIG_DIR / log_file;
+        log_file = boost::filesystem::absolute(log_file, CONFIG_DIR);
     }
 
     if (!log_file.empty())
     {
         auto log_dir = log_file.parent_path();
 
-        if (!std::filesystem::is_directory(log_dir))
+        if (!boost::filesystem::is_directory(log_dir))
         {
-            std::error_code ec;
-            std::filesystem::create_directories(log_dir, ec);
+            boost::system::error_code ec;
+            boost::filesystem::create_directories(log_dir, ec);
 
             // If we fail, we warn but continue so that the calling code can
             // decide how to handle this situation.

src/xrpld/peerfinder/detail/Counts.h

@@ -8,6 +8,9 @@
 
 namespace xrpl::PeerFinder {
 
+/** Direction of a slot count adjustment. */
+enum class CountAdjustment : int { Decrement = -1, Increment = 1 };
+
 /** Manages the count of available connections for the various slots. */
 class Counts
 {
@@ -16,14 +19,14 @@ public:
     void
     add(Slot const& s)
     {
-        adjust(s, 1);
+        adjust(s, CountAdjustment::Increment);
     }
 
     /** Removes the slot state and properties from the slot counts. */
     void
     remove(Slot const& s)
     {
-        adjust(s, -1);
+        adjust(s, CountAdjustment::Decrement);
     }
 
     /** Returns `true` if the slot can become active. */
@@ -207,21 +210,40 @@ public:
 
     //--------------------------------------------------------------------------
 private:
+    /** Increments or decrements a counter based on the adjustment direction. */
+    template <typename T>
+    static void
+    adjustCounter(T& counter, CountAdjustment dir)
+    {
+        switch (dir)
+        {
+            case CountAdjustment::Increment:
+                ++counter;
+                break;
+            case CountAdjustment::Decrement:
+                --counter;
+                break;
+        }
+    }
+
     // Adjusts counts based on the specified slot, in the direction indicated.
+    // Using ++/-- instead of += on std::size_t counters avoids UBSan
+    // unsigned-integer-overflow from implicit conversion of -1 to SIZE_MAX.
+    // A decrement on a zero counter is a real bug that UBSan should catch.
     void
-    adjust(Slot const& s, int const n)
+    adjust(Slot const& s, CountAdjustment const dir)
     {
         if (s.fixed())
-            m_fixed += n;
+            adjustCounter(m_fixed, dir);
 
         if (s.reserved())
-            m_reserved += n;
+            adjustCounter(m_reserved, dir);
 
         switch (s.state())
         {
             case Slot::accept:
                 XRPL_ASSERT(s.inbound(), "xrpl::PeerFinder::Counts::adjust : input is inbound");
-                m_acceptCount += n;
+                adjustCounter(m_acceptCount, dir);
                 break;
 
             case Slot::connect:
@@ -230,28 +252,28 @@ private:
                     !s.inbound(),
                     "xrpl::PeerFinder::Counts::adjust : input is not "
                     "inbound");
-                m_attempts += n;
+                adjustCounter(m_attempts, dir);
                 break;
 
             case Slot::active:
                 if (s.fixed())
-                    m_fixed_active += n;
+                    adjustCounter(m_fixed_active, dir);
                 if (!s.fixed() && !s.reserved())
                 {
                     if (s.inbound())
                     {
-                        m_in_active += n;
+                        adjustCounter(m_in_active, dir);
                     }
                     else
                     {
-                        m_out_active += n;
+                        adjustCounter(m_out_active, dir);
                     }
                 }
-                m_active += n;
+                adjustCounter(m_active, dir);
                 break;
 
             case Slot::closing:
-                m_closingCount += n;
+                adjustCounter(m_closingCount, dir);
                 break;
 
             // LCOV_EXCL_START

src/xrpld/perflog/detail/PerfLogImp.cpp

@@ -13,9 +13,11 @@
 #include <xrpl/json/json_writer.h>
 #include <xrpl/protocol/jss.h>
 
+#include <boost/filesystem/operations.hpp>
+#include <boost/system/detail/error_code.hpp>
+
 #include <chrono>
 #include <cstdint>
-#include <filesystem>
 #include <functional>
 #include <ios>
 #include <memory>
@@ -23,7 +25,6 @@
 #include <ostream>
 #include <set>
 #include <string>
-#include <system_error>
 #include <unordered_map>
 #include <utility>
 #include <vector>
@@ -215,10 +216,10 @@ PerfLogImp::openLog()
         logFile_.close();
 
     auto logDir = setup_.perfLog.parent_path();
-    if (!std::filesystem::is_directory(logDir))
+    if (!boost::filesystem::is_directory(logDir))
     {
-        std::error_code ec;
-        std::filesystem::create_directories(logDir, ec);
+        boost::system::error_code ec;
+        boost::filesystem::create_directories(logDir, ec);
         if (ec)
         {
             JLOG(j_.fatal()) << "Unable to create performance log "
@@ -473,17 +474,17 @@ PerfLogImp::stop()
 //-----------------------------------------------------------------------------
 
 PerfLog::Setup
-setup_PerfLog(Section const& section, std::filesystem::path const& configDir)
+setup_PerfLog(Section const& section, boost::filesystem::path const& configDir)
 {
     PerfLog::Setup setup;
     std::string perfLog;
     set(perfLog, "perf_log", section);
     if (!perfLog.empty())
     {
-        setup.perfLog = std::filesystem::path(perfLog);
+        setup.perfLog = boost::filesystem::path(perfLog);
         if (setup.perfLog.is_relative())
         {
-            setup.perfLog = configDir / setup.perfLog;
+            setup.perfLog = boost::filesystem::absolute(setup.perfLog, configDir);
         }
     }