release: Bump version to 3.2.0-b3

Co-authored-by: Ayaz Salikhov <mathbunnyru@users.noreply.github.com>

.clang-tidy

@@ -1,4 +1,6 @@
 ---
+# This entire group of checks was applied to all cpp files but not all header files.
+# ---
 Checks: "-*,
   bugprone-argument-comment,
   bugprone-assert-side-effect,
@@ -8,25 +10,26 @@ Checks: "-*,
   bugprone-chained-comparison,
   bugprone-compare-pointer-to-member-virtual-function,
   bugprone-copy-constructor-init,
+  # bugprone-crtp-constructor-accessibility, # has issues
   bugprone-dangling-handle,
   bugprone-dynamic-static-initializers,
-  bugprone-empty-catch,
+  # bugprone-empty-catch, # has issues
   bugprone-fold-init-type,
-  bugprone-forward-declaration-namespace,
-  bugprone-inaccurate-erase,
-  bugprone-inc-dec-in-conditions,
-  bugprone-incorrect-enable-if,
-  bugprone-incorrect-roundings,
-  bugprone-infinite-loop,
-  bugprone-integer-division,
+  # bugprone-forward-declaration-namespace, # has issues
+  # bugprone-inaccurate-erase,
+  # bugprone-inc-dec-in-conditions,
+  # bugprone-incorrect-enable-if,
+  # bugprone-incorrect-roundings,
+  # bugprone-infinite-loop,
+  # bugprone-integer-division,
   bugprone-lambda-function-name,
-  bugprone-macro-parentheses,
+  # bugprone-macro-parentheses, # has issues
   bugprone-macro-repeated-side-effects,
   bugprone-misplaced-operator-in-strlen-in-alloc,
   bugprone-misplaced-pointer-arithmetic-in-alloc,
   bugprone-misplaced-widening-cast,
   bugprone-move-forwarding-reference,
-  bugprone-multi-level-implicit-pointer-conversion,
+  # bugprone-multi-level-implicit-pointer-conversion, # has issues
   bugprone-multiple-new-in-one-expression,
   bugprone-multiple-statement-macro,
   bugprone-no-escape,
@@ -36,13 +39,13 @@ Checks: "-*,
   bugprone-pointer-arithmetic-on-polymorphic-object,
   bugprone-posix-return,
   bugprone-redundant-branch-condition,
-  bugprone-reserved-identifier,
-  bugprone-return-const-ref-from-parameter,
+  # bugprone-reserved-identifier, # has issues
+  # bugprone-return-const-ref-from-parameter, # has issues
   bugprone-shared-ptr-array-mismatch,
   bugprone-signal-handler,
   bugprone-signed-char-misuse,
   bugprone-sizeof-container,
-  bugprone-sizeof-expression,
+  # bugprone-sizeof-expression, # has issues
   bugprone-spuriously-wake-up-functions,
   bugprone-standalone-empty,
   bugprone-string-constructor,
@@ -59,85 +62,86 @@ Checks: "-*,
   bugprone-suspicious-string-compare,
   bugprone-suspicious-stringview-data-usage,
   bugprone-swapped-arguments,
+  # bugprone-switch-missing-default-case, # has issues
   bugprone-terminating-continue,
   bugprone-throw-keyword-missing,
   bugprone-too-small-loop-variable,
+  # bugprone-unchecked-optional-access, # see https://github.com/XRPLF/rippled/pull/6502
   bugprone-undefined-memory-manipulation,
   bugprone-undelegated-constructor,
   bugprone-unhandled-exception-at-new,
   bugprone-unhandled-self-assignment,
   bugprone-unique-ptr-array-mismatch,
   bugprone-unsafe-functions,
+  # bugprone-use-after-move, # has issues
   bugprone-unused-raii,
+  bugprone-unused-return-value,
   bugprone-unused-local-non-trivial-variable,
   bugprone-virtual-near-miss,
+  cppcoreguidelines-init-variables,
+  cppcoreguidelines-misleading-capture-default-by-value,
   cppcoreguidelines-no-suspend-with-lock,
+  cppcoreguidelines-pro-type-member-init,
+  cppcoreguidelines-pro-type-static-cast-downcast,
+  cppcoreguidelines-rvalue-reference-param-not-moved,
+  cppcoreguidelines-use-default-member-init,
   cppcoreguidelines-virtual-class-destructor,
   hicpp-ignored-remove-result,
+  misc-const-correctness,
   misc-definitions-in-headers,
   misc-header-include-cycle,
   misc-misplaced-const,
+  misc-redundant-expression,
   misc-static-assert,
   misc-throw-by-value-catch-by-reference,
   misc-unused-alias-decls,
   misc-unused-using-decls,
-  readability-duplicate-include,
-  readability-enum-initial-value,
-  readability-misleading-indentation,
-  readability-non-const-parameter,
-  readability-redundant-declaration,
-  readability-reference-to-constructed-temporary,
   modernize-deprecated-headers,
   modernize-make-shared,
   modernize-make-unique,
+  llvm-namespace-comment,
+  performance-faster-string-find,
+  performance-for-range-copy,
   performance-implicit-conversion-in-loop,
+  performance-inefficient-vector-operation,
+  performance-move-const-arg,
   performance-move-constructor-init,
-  performance-trivially-destructible
+  performance-no-automatic-move,
+  performance-trivially-destructible,
+  # readability-avoid-nested-conditional-operator, # has issues
+  # readability-avoid-return-with-void-value, # has issues
+  # readability-braces-around-statements, # has issues
+  # readability-const-return-type, # has issues
+  # readability-container-contains, # has issues
+  # readability-container-size-empty, # has issues
+  # readability-convert-member-functions-to-static, # has issues
+  readability-duplicate-include,
+  # readability-else-after-return, # has issues
+  # readability-enum-initial-value, # has issues
+  # readability-implicit-bool-conversion, # has issues
+  # readability-make-member-function-const, # has issues
+  # readability-math-missing-parentheses, # has issues
+  readability-misleading-indentation,
+  readability-non-const-parameter,
+  # readability-redundant-casting, # has issues
+  # readability-redundant-declaration, # has issues
+  # readability-redundant-inline-specifier, # has issues
+  # readability-redundant-member-init, # has issues
+  readability-redundant-string-init,
+  readability-reference-to-constructed-temporary,
+  # readability-simplify-boolean-expr, # has issues
+  # readability-static-definition-in-anonymous-namespace, # has issues
+  # readability-suspicious-call-argument, # has issues
+  readability-use-std-min-max
   "
 # ---
-# checks that have some issues that need to be resolved:
+# other checks that have issues that need to be resolved:
 #
-# bugprone-crtp-constructor-accessibility,
-# bugprone-move-forwarding-reference,
-# bugprone-switch-missing-default-case,
-# bugprone-unused-raii,
-# bugprone-unused-return-value,
-# bugprone-use-after-move,
-#
-# cppcoreguidelines-misleading-capture-default-by-value,
-# cppcoreguidelines-init-variables,
-# cppcoreguidelines-pro-type-member-init,
-# cppcoreguidelines-pro-type-static-cast-downcast,
-# cppcoreguidelines-use-default-member-init,
-# cppcoreguidelines-rvalue-reference-param-not-moved,
-#
-# llvm-namespace-comment,
-# misc-const-correctness,
 # misc-include-cleaner,
-# misc-redundant-expression,
 #
-# readability-avoid-nested-conditional-operator,
-# readability-avoid-return-with-void-value,
-# readability-braces-around-statements,
-# readability-container-contains,
-# readability-container-size-empty,
-# readability-convert-member-functions-to-static,
-# readability-const-return-type,
-# readability-else-after-return,
-# readability-implicit-bool-conversion,
-# readability-inconsistent-declaration-parameter-name,
-# readability-identifier-naming,
-# readability-make-member-function-const,
-# readability-math-missing-parentheses,
-# readability-redundant-inline-specifier,
-# readability-redundant-member-init,
-# readability-redundant-casting,
-# readability-redundant-string-init,
-# readability-simplify-boolean-expr,
-# readability-static-definition-in-anonymous-namespace,
-# readability-suspicious-call-argument,
-# readability-use-std-min-max,
-# readability-static-accessed-through-instance,
+# readability-inconsistent-declaration-parameter-name, # in this codebase this check will break a lot of arg names
+# readability-static-accessed-through-instance,        # this check is probably unnecessary. it makes the code less readable
+# readability-identifier-naming,                       # https://github.com/XRPLF/rippled/pull/6571
 #
 # modernize-concat-nested-namespaces,
 # modernize-pass-by-value,
@@ -151,16 +155,10 @@ Checks: "-*,
 # modernize-use-starts-ends-with,
 # modernize-use-std-numbers,
 # modernize-use-using,
-#
-# performance-faster-string-find,
-# performance-for-range-copy,
-# performance-inefficient-vector-operation,
-# performance-move-const-arg,
-# performance-no-automatic-move,
 # ---
 #
 CheckOptions:
-  #   readability-braces-around-statements.ShortStatementLines: 2
+  readability-braces-around-statements.ShortStatementLines: 2
   #   readability-identifier-naming.MacroDefinitionCase: UPPER_CASE
   #   readability-identifier-naming.ClassCase: CamelCase
   #   readability-identifier-naming.StructCase: CamelCase
@@ -195,8 +193,9 @@ CheckOptions:
   #   readability-identifier-naming.PublicMemberSuffix: ""
   #   readability-identifier-naming.FunctionIgnoredRegexp: ".*tag_invoke.*"
   bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
-#   bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
+  bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
 #   misc-include-cleaner.IgnoreHeaders: '.*/(detail|impl)/.*;.*(expected|unexpected).*;.*ranges_lower_bound\.h;time.h;stdlib.h;__chrono/.*;fmt/chrono.h;boost/uuid/uuid_hash.hpp'
 #
-# HeaderFilterRegex: '^.*/(src|tests)/.*\.(h|hpp)$'
+HeaderFilterRegex: '^.*/(test|xrpl|xrpld)/.*\.(h|hpp)$'
+ExcludeHeaderFilterRegex: '^.*/protocol_autogen/.*\.(h|hpp)$'
 WarningsAsErrors: "*"

.gersemi/definitions.cmake

@@ -51,6 +51,9 @@ endfunction()
 function(add_module parent name)
 endfunction()
 
+function(setup_protocol_autogen)
+endfunction()
+
 function(target_link_modules parent scope)
 endfunction()
 

.git-blame-ignore-revs

@@ -1,16 +1,79 @@
 # This feature requires Git >= 2.24
 # To use it by default in git blame:
 # git config blame.ignoreRevsFile .git-blame-ignore-revs
-50760c693510894ca368e90369b0cc2dabfd07f3
-e2384885f5f630c8f0ffe4bf21a169b433a16858
-241b9ddde9e11beb7480600fd5ed90e1ef109b21
-760f16f56835663d9286bd29294d074de26a7ba6
-0eebe6a5f4246fced516d52b83ec4e7f47373edd
-2189cc950c0cebb89e4e2fa3b2d8817205bf7cef
-b9d007813378ad0ff45660dc07285b823c7e9855
-fe9a5365b8a52d4acc42eb27369247e6f238a4f9
-9a93577314e6a8d4b4a8368cc9d2b15a5d8303e8
-552377c76f55b403a1c876df873a23d780fcc81c
-97f0747e103f13e26e45b731731059b32f7679ac
-b13370ac0d207217354f1fc1c29aef87769fb8a1
+
+# This file is sorted in reverse chronological order, with the most recent commits at the top.
+# The commits listed here are ignored by git blame, which is useful for formatting-only commits that would otherwise obscure the history of changes to a file.
+
+# refactor: Enable remaining clang-tidy `cppcoreguidelines` checks (#6538)
+72f4cb097f626b08b02fc3efcb4aa11cb2e7adb8
+# refactor: Rename system name from 'ripple' to 'xrpld' (#6347)
+ffea3977f0b771fe8e43a8f74e4d393d63a7afd8
+# refactor: Update transaction folder structure (#6483)
+5865bd017f777491b4a956f9210be0c4161f5442
+# chore: Use gersemi instead of ancient cmake-format (#6486)
+0c74270b055133a57a497b5c9fc5a75f7647b1f4
+# chore: Apply clang-format width 100 (#6387)
+2c1fad102353e11293e3edde1c043224e7d3e983
+# chore: Set clang-format width to 100 in config file (#6387)
+25cca465538a56cce501477f9e5e2c1c7ea2d84c
+# chore: Set cmake-format width to 100 (#6386)
+469ce9f291a4480c38d4ee3baca5136b2f053cd0
+# refactor: Modularize app/tx (#6228)
+0976b2b68b64972af8e6e7c497900b5bce9fe22f
+# chore: Update clang-format to 21.1.8 (#6352)
+958d8f375453d80bb1aa4c293b5102c045a3e4b4
+# refactor: Replace include guards by '#pragma once' (#6322)
+34ef577604782ca8d6e1c17df8bd7470990a52ff
+# chore: Format all cmake files without comments (#6294)
+fe9c8d568fcf6ac21483024e01f58962dd5c8260
+# chore: Add cmake-format pre-commit hook (#6279)
+a0e09187b9370805d027c611a7e9ff5a0125282a
+# chore: Set ColumnLimit to 120 in clang-format (#6288)
+5f638f55536def0d88b970d1018a465a238e55f4
+# refactor: Fix typos in comments, configure cspell (#6164)
+3c9f5b62525cb1d6ca1153eeb10433db7d7379fd
+# refactor: Rename `rippled.cfg` to `xrpld.cfg` (#6098)
+3d1b3a49b3601a0a7037fa0b19d5df7b5e0e2fc1
+# refactor: Rename `ripple` namespace to `xrpl` (#5982)
+1eb0fdac6543706b4b9ddca57fd4102928a1f871
+# refactor: Rename `rippled` binary to `xrpld` (#5983)
+9eb84a561ef8bb066d89f098bd9b4ac71baed67c
+# refactor: Replaces secp256k1 source by Conan package (#6089)
+813bc4d9491b078bb950f8255f93b02f71320478
+# refactor: Remove unnecessary copyright notices already covered by LICENSE.md (#5929)
+1d42c4f6de6bf01d1286fc7459b17a37a5189e88
+# refactor: Rename `RIPPLE_` and `RIPPLED_` definitions to `XRPL_` (#5821)
+ada83564d894829424b0f4d922b0e737e07abbf7
+# refactor: Modularize shamap and nodestore (#5668)
+8eb233c2ea8ad5a159be73b77f0f5e1496d547ac
+# refactor: Modularise ledger (#5493)
+dc8b37a52448b005153c13a7f046ad494128cf94
+# chore: Update clang-format and prettier with pre-commit (#5709)
+c14ce956adeabe476ad73c18d73103f347c9c613
+# chore: Fix file formatting (#5718)
 896b8c3b54a22b0497cb0d1ce95e1095f9a227ce
+# chore: Reverts formatting changes to external files, adds formatting changes to proto files (#5711)
+b13370ac0d207217354f1fc1c29aef87769fb8a1
+# chore: Run prettier on all files (#5657)
+97f0747e103f13e26e45b731731059b32f7679ac
+# Reformat code with clang-format-18
+552377c76f55b403a1c876df873a23d780fcc81c
+# Recompute loops (#4997)
+d028005aa6319338b0adae1aebf8abe113162960
+# Rewrite includes (#4997)
+1d23148e6dd53957fcb6205c07a5c6cd7b64d50c
+# Rearrange sources (#4997)
+e416ee72ca26fa0c09d2aee1b68bdfb2b7046eed
+# Move CMake directory (#4997)
+2e902dee53aab2a8f27f32971047bb81e022f94f
+# Rewrite includes
+0eebe6a5f4246fced516d52b83ec4e7f47373edd
+# Format formerly .hpp files
+760f16f56835663d9286bd29294d074de26a7ba6
+# Rename .hpp to .h
+241b9ddde9e11beb7480600fd5ed90e1ef109b21
+# Consolidate external libraries
+e2384885f5f630c8f0ffe4bf21a169b433a16858
+# Format first-party source according to .clang-format
+50760c693510894ca368e90369b0cc2dabfd07f3

.github/actions/generate-version/action.yml

@@ -11,7 +11,7 @@ runs:
   steps:
     # When a tag is pushed, the version is used as-is.
     - name: Generate version for tag event
-      if: ${{ github.event_name == 'tag' }}
+      if: ${{ startsWith(github.ref, 'refs/tags/') }}
       shell: bash
       env:
         VERSION: ${{ github.ref_name }}
@@ -22,7 +22,7 @@ runs:
     # We use a plus sign instead of a hyphen because Conan recipe versions do
     # not support two hyphens.
     - name: Generate version for non-tag event
-      if: ${{ github.event_name != 'tag' }}
+      if: ${{ !startsWith(github.ref, 'refs/tags/') }}
       shell: bash
       run: |
         echo 'Extracting version from BuildInfo.cpp.'

.github/scripts/levelization/results/ordering.txt

@@ -19,7 +19,9 @@ libxrpl.nodestore > xrpl.protocol
 libxrpl.protocol > xrpl.basics
 libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
+libxrpl.protocol_autogen > xrpl.protocol_autogen
 libxrpl.rdb > xrpl.basics
+libxrpl.rdb > xrpl.core
 libxrpl.rdb > xrpl.rdb
 libxrpl.resource > xrpl.basics
 libxrpl.resource > xrpl.json
@@ -89,6 +91,7 @@ test.core > xrpl.server
 test.csf > xrpl.basics
 test.csf > xrpld.consensus
 test.csf > xrpl.json
+test.csf > xrpl.ledger
 test.csf > xrpl.protocol
 test.json > test.jtx
 test.json > xrpl.json
@@ -107,7 +110,6 @@ test.jtx > xrpl.tx
 test.ledger > test.jtx
 test.ledger > test.toplevel
 test.ledger > xrpl.basics
-test.ledger > xrpld.app
 test.ledger > xrpld.core
 test.ledger > xrpl.ledger
 test.ledger > xrpl.protocol
@@ -124,6 +126,7 @@ test.overlay > xrpl.basics
 test.overlay > xrpld.app
 test.overlay > xrpld.overlay
 test.overlay > xrpld.peerfinder
+test.overlay > xrpl.ledger
 test.overlay > xrpl.nodestore
 test.overlay > xrpl.protocol
 test.overlay > xrpl.shamap
@@ -134,6 +137,7 @@ test.peerfinder > xrpld.core
 test.peerfinder > xrpld.peerfinder
 test.peerfinder > xrpl.protocol
 test.protocol > test.toplevel
+test.protocol > test.unit_test
 test.protocol > xrpl.basics
 test.protocol > xrpl.json
 test.protocol > xrpl.protocol
@@ -171,14 +175,16 @@ test.shamap > xrpl.shamap
 test.toplevel > test.csf
 test.toplevel > xrpl.json
 test.unit_test > xrpl.basics
+test.unit_test > xrpl.protocol
 tests.libxrpl > xrpl.basics
 tests.libxrpl > xrpl.json
 tests.libxrpl > xrpl.net
+tests.libxrpl > xrpl.protocol
+tests.libxrpl > xrpl.protocol_autogen
 xrpl.conditions > xrpl.basics
 xrpl.conditions > xrpl.protocol
 xrpl.core > xrpl.basics
 xrpl.core > xrpl.json
-xrpl.core > xrpl.ledger
 xrpl.core > xrpl.protocol
 xrpl.json > xrpl.basics
 xrpl.ledger > xrpl.basics
@@ -190,6 +196,8 @@ xrpl.nodestore > xrpl.basics
 xrpl.nodestore > xrpl.protocol
 xrpl.protocol > xrpl.basics
 xrpl.protocol > xrpl.json
+xrpl.protocol_autogen > xrpl.json
+xrpl.protocol_autogen > xrpl.protocol
 xrpl.rdb > xrpl.basics
 xrpl.rdb > xrpl.core
 xrpl.rdb > xrpl.protocol
@@ -227,6 +235,7 @@ xrpld.app > xrpl.shamap
 xrpld.app > xrpl.tx
 xrpld.consensus > xrpl.basics
 xrpld.consensus > xrpl.json
+xrpld.consensus > xrpl.ledger
 xrpld.consensus > xrpl.protocol
 xrpld.core > xrpl.basics
 xrpld.core > xrpl.core

.github/workflows/check-pr-commits.yml

@@ -0,0 +1,13 @@
+name: Check PR commits
+
+on:
+  pull_request_target:
+
+# The action needs to have write permissions to post comments on the PR.
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  check_commits:
+    uses: XRPLF/actions/.github/workflows/check-pr-commits.yml@481048b78b94ac3343d1292b4ef125a813879f2b

.github/workflows/check-pr-title.yml

@@ -1,10 +1,14 @@
 name: Check PR title
 
 on:
+  merge_group:
+    types:
+      - checks_requested
   pull_request:
-    types: [opened, edited, reopened, synchronize]
+    types: [opened, edited, reopened, synchronize, ready_for_review]
     branches: [develop]
 
 jobs:
   check_title:
-    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@943eb8277e8f4b010fde0c826ce4154c36c39509
+    if: ${{ github.event.pull_request.draft != true }}
+    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@e2c7f400d1e85ae65dad552fd425169fbacca4a3

.github/workflows/conflicting-pr.yml

@@ -0,0 +1,25 @@
+name: Label PRs with merge conflicts
+
+on:
+  # So that PRs touching the same files as the push are updated.
+  push:
+  # So that the `dirtyLabel` is removed if conflicts are resolved.
+  # We recommend `pull_request_target` so that github secrets are available.
+  # In `pull_request` we wouldn't be able to change labels of fork PRs.
+  pull_request_target:
+    types: [synchronize]
+
+permissions:
+  pull-requests: write
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check if PRs are dirty
+        uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
+        with:
+          dirtyLabel: "PR: has conflicts"
+          repoToken: "${{ secrets.GITHUB_TOKEN }}"
+          commentOnDirty: "This PR has conflicts, please resolve them in order for the PR to be reviewed."
+          commentOnClean: "All conflicts have been resolved. Assigned reviewers can now start or resume their review."

.github/workflows/on-tag.yml

@@ -5,7 +5,7 @@ name: Tag
 on:
   push:
     tags:
-      - "v*"
+      - "[0-9]+.[0-9]+.[0-9]*"
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}

.github/workflows/pre-commit.yml

@@ -1,6 +1,9 @@
 name: Run pre-commit hooks
 
 on:
+  merge_group:
+    types:
+      - checks_requested
   pull_request:
   push:
     branches:
@@ -11,7 +14,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@44856eb0d6ecb7d376370244324ab3dc8b863bad
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@e7896f15cc60d0da1a272c77ee5c4026b424f9c7
     with:
       runs_on: ubuntu-latest
       container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-41ec7c1" }'

.github/workflows/publish-docs.yml

@@ -6,7 +6,6 @@ on:
   push:
     branches:
       - "develop"
-      - "release*"
     paths:
       - ".github/workflows/publish-docs.yml"
       - "*.md"
@@ -37,7 +36,7 @@ env:
   BUILD_DIR: build
   # ubuntu-latest has only 2 CPUs for private repositories
   # https://docs.github.com/en/actions/reference/runners/github-hosted-runners#standard-github-hosted-runners-for--private-repositories
-  NPROC_SUBTRACT: ${{ github.event.repository.private && '1' || '2' }}
+  NPROC_SUBTRACT: ${{ github.event.repository.visibility == 'public' && '2' || '1' }}
 
 jobs:
   build:
@@ -48,7 +47,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: false
 
@@ -82,13 +81,13 @@ jobs:
           cmake --build . --target docs --parallel ${BUILD_NPROC}
 
       - name: Create documentation artifact
-        if: ${{ github.event_name == 'push' }}
+        if: ${{ (github.repository_owner == 'XRPLF' || github.event.repository.visibility == 'public') && github.event_name == 'push' }}
         uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
         with:
           path: ${{ env.BUILD_DIR }}/docs/html
 
   deploy:
-    if: ${{ github.event_name == 'push' }}
+    if: ${{ (github.repository_owner == 'XRPLF' || github.event.repository.visibility == 'public') && github.event_name == 'push' }}
     needs: build
     runs-on: ubuntu-latest
     permissions:
@@ -100,4 +99,4 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deploy
-        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
+        uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0

.github/workflows/reusable-build-test-config.yml

@@ -76,7 +76,7 @@ jobs:
     name: ${{ inputs.config_name }}
     runs-on: ${{ fromJSON(inputs.runs_on) }}
     container: ${{ inputs.image != '' && inputs.image || null }}
-    timeout-minutes: 60
+    timeout-minutes: ${{ inputs.sanitizers != '' && 360 || 60 }}
     env:
       # Use a namespace to keep the objects separate for each configuration.
       CCACHE_NAMESPACE: ${{ inputs.config_name }}
@@ -107,7 +107,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: ${{ inputs.ccache_enabled }}
 
@@ -166,6 +166,29 @@ jobs:
             --parallel "${BUILD_NPROC}" \
             --target "${CMAKE_TARGET}"
 
+      - name: Check protocol autogen files are up-to-date
+        env:
+          MESSAGE: |
+
+            The generated protocol wrapper classes are out of date.
+
+            This typically happens when your branch is behind develop and
+            the macro files or generator scripts have changed.
+
+            To fix this:
+              1. Update your branch from develop (merge or rebase)
+              2. Build with code generation enabled (XRPL_NO_CODEGEN=OFF)
+              3. Commit and push the regenerated files
+        run: |
+          set -e
+          DIFF=$(git status --porcelain -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen)
+          if [ -n "${DIFF}" ]; then
+            echo "::error::Generated protocol files are out of date"
+            git diff -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen
+            echo "${MESSAGE}"
+            exit 1
+          fi
+
       - name: Show ccache statistics
         if: ${{ inputs.ccache_enabled }}
         run: |
@@ -176,7 +199,7 @@ jobs:
           fi
 
       - name: Upload the binary (Linux)
-        if: ${{ github.repository == 'XRPLF/rippled' && runner.os == 'Linux' }}
+        if: ${{ (github.repository_owner == 'XRPLF' || github.event.repository.visibility == 'public') && runner.os == 'Linux' }}
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: xrpld-${{ inputs.config_name }}
@@ -204,11 +227,17 @@ jobs:
 
       - name: Set sanitizer options
         if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
+        env:
+          CONFIG_NAME: ${{ inputs.config_name }}
         run: |
-          echo "ASAN_OPTIONS=print_stacktrace=1:detect_container_overflow=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp" >> ${GITHUB_ENV}
-          echo "TSAN_OPTIONS=second_deadlock_stack=1:halt_on_error=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
-          echo "UBSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
-          echo "LSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
+          ASAN_OPTS="include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-asan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp"
+          if [[ "${CONFIG_NAME}" == *gcc* ]]; then
+            ASAN_OPTS="${ASAN_OPTS}:alloc_dealloc_mismatch=0"
+          fi
+          echo "ASAN_OPTIONS=${ASAN_OPTS}" >> ${GITHUB_ENV}
+          echo "TSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-tsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
+          echo "UBSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
+          echo "LSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-lsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
 
       - name: Run the separate tests
         if: ${{ !inputs.build_only }}
@@ -269,7 +298,7 @@ jobs:
 
       - name: Upload coverage report
         if: ${{ github.repository == 'XRPLF/rippled' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
         with:
           disable_search: true
           disable_telem: true

.github/workflows/reusable-clang-tidy-files.yml

@@ -35,7 +35,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: false
 
@@ -80,10 +80,10 @@ jobs:
         env:
           TARGETS: ${{ inputs.files != '' && inputs.files || 'src tests' }}
         run: |
-          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" ${TARGETS} 2>&1 | tee clang-tidy-output.txt
+          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" -quiet -allow-no-checks ${TARGETS} 2>&1 | tee clang-tidy-output.txt
 
       - name: Upload clang-tidy output
-        if: steps.run_clang_tidy.outcome != 'success'
+        if: ${{ (github.repository_owner == 'XRPLF' || github.event.repository.visibility == 'public') && steps.run_clang_tidy.outcome != 'success' }}
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: clang-tidy-results

.github/workflows/reusable-clang-tidy.yml

@@ -51,5 +51,5 @@ jobs:
     if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.any_cpp_changed == 'true' || needs.determine-files.outputs.clang_tidy_config_changed == 'true') }}
     uses: ./.github/workflows/reusable-clang-tidy-files.yml
     with:
-      files: ${{ needs.determine-files.outputs.clang_tidy_config_changed == 'true' && '' || (inputs.check_only_changed && needs.determine-files.outputs.all_changed_files || '') }}
+      files: ${{ (needs.determine-files.outputs.clang_tidy_config_changed != 'true' && inputs.check_only_changed) && needs.determine-files.outputs.all_changed_files || '' }}
       create_issue_on_failure: ${{ inputs.create_issue_on_failure }}

.github/workflows/reusable-upload-recipe.yml

@@ -89,10 +89,10 @@ jobs:
           conan export . --version=rc
           conan upload --confirm --check --remote="${REMOTE_NAME}" xrpl/rc
 
-      # When this workflow is triggered by a tag event, it will always be when tagging a final
+      # When this workflow is triggered by a push event, it will always be when tagging a final
       # release, see on-tag.yml.
       - name: Upload Conan recipe (release)
-        if: ${{ github.event_name == 'tag' }}
+        if: ${{ startsWith(github.ref, 'refs/tags/') }}
         env:
           REMOTE_NAME: ${{ inputs.remote_name }}
         run: |

.github/workflows/upload-conan-deps.yml

@@ -70,7 +70,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
+        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
         with:
           enable_ccache: false
 

.gitignore

@@ -71,6 +71,8 @@ DerivedData
 /.zed/
 
 # AI tools.
+/.agent
+/.agents
 /.augment
 /.claude
 /CLAUDE.md

.pre-commit-config.yaml

@@ -13,6 +13,8 @@ repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: 3e8a8703264a2f4a69428a0aa4dcb512790b2c8c # frozen: v6.0.0
     hooks:
+      - id: check-added-large-files
+        args: [--maxkb=400, --enforce-all]
       - id: trailing-whitespace
       - id: end-of-file-fixer
       - id: mixed-line-ending
@@ -25,6 +27,7 @@ repos:
       - id: clang-format
         args: [--style=file]
         "types_or": [c++, c, proto]
+        exclude: ^include/xrpl/protocol_autogen/(transactions|ledger_entries)/
 
   - repo: https://github.com/BlankSpruce/gersemi
     rev: 0.26.0
@@ -45,7 +48,7 @@ repos:
     rev: a42085ade523f591dca134379a595e7859986445 # frozen: v9.7.0
     hooks:
       - id: cspell # Spell check changed files
-        exclude: .config/cspell.config.yaml
+        exclude: (.config/cspell.config.yaml|^include/xrpl/protocol_autogen/(transactions|ledger_entries)/)
       - id: cspell # Spell check the commit message
         name: check commit message spelling
         args:
@@ -77,5 +80,6 @@ repos:
 exclude: |
   (?x)^(
       external/.*|
-      .github/scripts/levelization/results/.*\.txt
+      .github/scripts/levelization/results/.*\.txt|
+      src/tests/libxrpl/protocol_autogen/(transactions|ledger_entries)/.*
   )$

API-CHANGELOG.md

@@ -35,6 +35,10 @@ This section contains changes targeting a future version.
   - `LEDGER_ENTRY_FLAGS`: Maps ledger entry type names to their flags and flag values.
   - `ACCOUNT_SET_FLAGS`: Maps AccountSet flag names (asf flags) to their numeric values.
 
+### Bugfixes
+
+- Peer Crawler: The `port` field in `overlay.active[]` now consistently returns an integer instead of a string for outbound peers. [#6318](https://github.com/XRPLF/rippled/pull/6318)
+
 ## XRP Ledger server version 3.1.0
 
 [Version 3.1.0](https://github.com/XRPLF/rippled/releases/tag/3.1.0) was released on Jan 27, 2026.

BUILD.md

@@ -125,9 +125,9 @@ default profile.
 
 ### Patched recipes
 
-The recipes in Conan Center occasionally need to be patched for compatibility
-with the latest version of `xrpld`. We maintain a fork of the Conan Center
-[here](https://github.com/XRPLF/conan-center-index/) containing the patches.
+Occasionally, we need patched recipes or recipes not present in Conan Center.
+We maintain a fork of the Conan Center Index
+[here](https://github.com/XRPLF/conan-center-index/) containing the modified and newly added recipes.
 
 To ensure our patched recipes are used, you must add our Conan remote at a
 higher index than the default Conan Center remote, so it is consulted first. You
@@ -137,19 +137,11 @@ can do this by running:
 conan remote add --index 0 xrplf https://conan.ripplex.io
 ```
 
-Alternatively, you can pull the patched recipes into the repository and use them
-locally:
+Alternatively, you can pull our recipes from the repository and export them locally:
 
 ```bash
-# Extract the version number from the lockfile.
-function extract_version {
-  version=$(cat conan.lock | sed -nE "s@.+${1}/(.+)#.+@\1@p" | head -n1)
-  echo ${version}
-}
-
 # Define which recipes to export.
-recipes=('ed25519' 'grpc' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci')
-folders=('all'     'all'  'all'  '3.x.x'   'all'       'all'    'all')
+recipes=('abseil' 'ed25519' 'grpc' 'm4' 'mpt-crypto' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')
 
 # Selectively check out the recipes from our CCI fork.
 cd external
@@ -158,29 +150,19 @@ cd conan-center-index
 git init
 git remote add origin git@github.com:XRPLF/conan-center-index.git
 git sparse-checkout init
-for ((index = 1; index <= ${#recipes[@]}; index++)); do
-  recipe=${recipes[index]}
-  folder=${folders[index]}
-  echo "Checking out recipe '${recipe}' from folder '${folder}'..."
-  git sparse-checkout add recipes/${recipe}/${folder}
+for recipe in "${recipes[@]}"; do
+  echo "Checking out recipe '${recipe}'..."
+  git sparse-checkout add recipes/${recipe}
 done
 git fetch origin master
 git checkout master
-cd ../..
 
-# Export the recipes into the local cache.
-for ((index = 1; index <= ${#recipes[@]}; index++)); do
-  recipe=${recipes[index]}
-  folder=${folders[index]}
-  version=$(extract_version ${recipe})
-  echo "Exporting '${recipe}/${version}' from '${recipe}/${folder}'..."
-  conan export --version $(extract_version ${recipe}) \
-    external/conan-center-index/recipes/${recipe}/${folder}
-done
+./export_all.sh
+cd ../../
 ```
 
 In the case we switch to a newer version of a dependency that still requires a
-patch, it will be necessary for you to pull in the changes and re-export the
+patch or add a new dependency, it will be necessary for you to pull in the changes and re-export the
 updated dependencies with the newer version. However, if we switch to a newer
 version that no longer requires a patch, no action is required on your part, as
 the new recipe will be automatically pulled from the official Conan Center.
@@ -189,6 +171,8 @@ the new recipe will be automatically pulled from the official Conan Center.
 > You might need to add `--lockfile=""` to your `conan install` command
 > to avoid automatic use of the existing `conan.lock` file when you run
 > `conan export` manually on your machine
+>
+> This is not recommended though, as you might end up using different revisions of recipes.
 
 ### Conan profile tweaks
 
@@ -204,39 +188,14 @@ Possible values are ['5.0', '5.1', '6.0', '6.1', '7.0', '7.3', '8.0', '8.1',
 Read "http://docs.conan.io/2/knowledge/faq.html#error-invalid-setting"
 ```
 
-you need to amend the list of compiler versions in
-`$(conan config home)/settings.yml`, by appending the required version number(s)
+you need to add your compiler to the list of compiler versions in
+`$(conan config home)/settings_user.yml`, by adding the required version number(s)
 to the `version` array specific for your compiler. For example:
 
 ```yaml
-apple-clang:
-  version:
-    [
-      "5.0",
-      "5.1",
-      "6.0",
-      "6.1",
-      "7.0",
-      "7.3",
-      "8.0",
-      "8.1",
-      "9.0",
-      "9.1",
-      "10.0",
-      "11.0",
-      "12.0",
-      "13",
-      "13.0",
-      "13.1",
-      "14",
-      "14.0",
-      "15",
-      "15.0",
-      "16",
-      "16.0",
-      "17",
-      "17.0",
-    ]
+compiler:
+  apple-clang:
+    version: ["17.0"]
 ```
 
 #### Multiple compilers

CONTRIBUTING.md

@@ -259,6 +259,10 @@ There is a Continuous Integration job that runs clang-tidy on pull requests. The
 
 This ensures that configuration changes don't introduce new warnings across the codebase.
 
+### Installing clang-tidy
+
+See the [environment setup guide](./docs/build/environment.md#clang-tidy) for platform-specific installation instructions.
+
 ### Running clang-tidy locally
 
 Before running clang-tidy, you must build the project to generate required files (particularly protobuf headers). Refer to [`BUILD.md`](./BUILD.md) for build instructions.
@@ -266,10 +270,15 @@ Before running clang-tidy, you must build the project to generate required files
 Then run clang-tidy on your local changes:
 
 ```
-run-clang-tidy -p build src tests
+run-clang-tidy -p build -allow-no-checks src tests
 ```
 
-This will check all source files in the `src` and `tests` directories using the compile commands from your `build` directory.
+This will check all source files in the `src`, `include` and `tests` directories using the compile commands from your `build` directory.
+If you wish to automatically fix whatever clang-tidy finds _and_ is capable of fixing, add `-fix` to the above command:
+
+```
+run-clang-tidy -p build -quiet -fix -allow-no-checks src tests
+```
 
 ## Contracts and instrumentation
 

LICENSE.md

@@ -1,7 +1,7 @@
 ISC License
 
 Copyright (c) 2011, Arthur Britto, David Schwartz, Jed McCaleb, Vinnie Falco, Bob Way, Eric Lombrozo, Nikolaos D. Bougalis, Howard Hinnant.
-Copyright (c) 2012-2025, the XRP Ledger developers.
+Copyright (c) 2012-present, the XRP Ledger developers.
 
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above

cmake/XrplCompiler.cmake

@@ -118,7 +118,7 @@ if(MSVC)
             NOMINMAX
             # TODO: Resolve these warnings, don't just silence them
             _SILENCE_ALL_CXX17_DEPRECATION_WARNINGS
-            $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>>:_CRTDBG_MAP_ALLOC>
+            $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>,$<NOT:$<BOOL:${is_ci}>>>:_CRTDBG_MAP_ALLOC>
     )
     target_link_libraries(common INTERFACE -errorreport:none -machine:X64)
 else()

cmake/XrplCore.cmake

@@ -108,17 +108,40 @@ target_link_libraries(
 )
 
 # Level 05
+## Set up code generation for protocol_autogen module
+include(XrplProtocolAutogen)
+# Must call setup_protocol_autogen before add_module so that:
+# 1. Stale generated files are cleared before GLOB runs
+# 2. Output file list is known for custom commands
+setup_protocol_autogen()
+
+add_module(xrpl protocol_autogen)
+target_link_libraries(
+    xrpl.libxrpl.protocol_autogen
+    PUBLIC xrpl.libxrpl.protocol
+)
+
+# Ensure code generation runs before compiling protocol_autogen
+if(TARGET protocol_autogen_generate)
+    add_dependencies(xrpl.libxrpl.protocol_autogen protocol_autogen_generate)
+endif()
+
+# Level 06
 add_module(xrpl core)
 target_link_libraries(
     xrpl.libxrpl.core
-    PUBLIC xrpl.libxrpl.basics xrpl.libxrpl.json xrpl.libxrpl.protocol
+    PUBLIC
+        xrpl.libxrpl.basics
+        xrpl.libxrpl.json
+        xrpl.libxrpl.protocol
+        xrpl.libxrpl.protocol_autogen
 )
 
-# Level 06
+# Level 07
 add_module(xrpl resource)
 target_link_libraries(xrpl.libxrpl.resource PUBLIC xrpl.libxrpl.protocol)
 
-# Level 07
+# Level 08
 add_module(xrpl net)
 target_link_libraries(
     xrpl.libxrpl.net
@@ -171,6 +194,7 @@ target_link_libraries(
         xrpl.libxrpl.basics
         xrpl.libxrpl.json
         xrpl.libxrpl.protocol
+        xrpl.libxrpl.protocol_autogen
         xrpl.libxrpl.rdb
         xrpl.libxrpl.server
         xrpl.libxrpl.shamap
@@ -206,6 +230,7 @@ target_link_modules(
     net
     nodestore
     protocol
+    protocol_autogen
     rdb
     resource
     server

cmake/XrplInterface.cmake

@@ -23,7 +23,7 @@ target_compile_definitions(
         BOOST_FILESYSTEM_NO_DEPRECATED
         >
         $<$<NOT:$<BOOL:${boost_show_deprecated}>>:
-        BOOST_COROUTINES_NO_DEPRECATION_WARNING
+        BOOST_COROUTINES2_NO_DEPRECATION_WARNING
         BOOST_BEAST_ALLOW_DEPRECATED
         BOOST_FILESYSTEM_DEPRECATED
         >

cmake/XrplProtocolAutogen.cmake

@@ -0,0 +1,309 @@
+#[===================================================================[
+   Protocol Autogen - Code generation for protocol wrapper classes
+#]===================================================================]
+
+# Options for code generation
+option(
+    XRPL_NO_CODEGEN
+    "Disable code generation (use pre-generated files from repository)"
+    OFF
+)
+set(CODEGEN_VENV_DIR
+    ""
+    CACHE PATH
+    "Path to Python virtual environment for code generation. If provided, automatic venv setup is skipped."
+)
+
+# Function to set up code generation for protocol_autogen module
+# This runs at configure time to generate C++ wrapper classes from macro files
+function(setup_protocol_autogen)
+    # Directory paths
+    set(MACRO_DIR "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol/detail")
+    set(AUTOGEN_HEADER_DIR
+        "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol_autogen"
+    )
+    set(AUTOGEN_TEST_DIR
+        "${CMAKE_CURRENT_SOURCE_DIR}/src/tests/libxrpl/protocol_autogen"
+    )
+    set(SCRIPTS_DIR "${CMAKE_CURRENT_SOURCE_DIR}/scripts")
+
+    # Input macro files
+    set(TRANSACTIONS_MACRO "${MACRO_DIR}/transactions.macro")
+    set(LEDGER_ENTRIES_MACRO "${MACRO_DIR}/ledger_entries.macro")
+    set(SFIELDS_MACRO "${MACRO_DIR}/sfields.macro")
+
+    # Python scripts and templates
+    set(GENERATE_TX_SCRIPT "${SCRIPTS_DIR}/generate_tx_classes.py")
+    set(GENERATE_LEDGER_SCRIPT "${SCRIPTS_DIR}/generate_ledger_classes.py")
+    set(REQUIREMENTS_FILE "${SCRIPTS_DIR}/requirements.txt")
+    set(MACRO_PARSER_COMMON "${SCRIPTS_DIR}/macro_parser_common.py")
+    set(TX_TEMPLATE "${SCRIPTS_DIR}/templates/Transaction.h.mako")
+    set(TX_TEST_TEMPLATE "${SCRIPTS_DIR}/templates/TransactionTests.cpp.mako")
+    set(LEDGER_TEMPLATE "${SCRIPTS_DIR}/templates/LedgerEntry.h.mako")
+    set(LEDGER_TEST_TEMPLATE
+        "${SCRIPTS_DIR}/templates/LedgerEntryTests.cpp.mako"
+    )
+
+    # Check if code generation is disabled
+    if(XRPL_NO_CODEGEN)
+        message(
+            WARNING
+            "Protocol autogen: Code generation is disabled (XRPL_NO_CODEGEN=ON). "
+            "Generated files may be out of date."
+        )
+        return()
+    endif()
+
+    # Create output directories
+    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/transactions")
+    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/ledger_entries")
+    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/ledger_entries")
+    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/transactions")
+
+    # Find Python3 - check if already found by Conan or find it ourselves
+    if(NOT Python3_EXECUTABLE)
+        find_package(Python3 COMPONENTS Interpreter QUIET)
+    endif()
+
+    if(NOT Python3_EXECUTABLE)
+        # Try finding python3 executable directly
+        find_program(Python3_EXECUTABLE NAMES python3 python)
+    endif()
+
+    if(NOT Python3_EXECUTABLE)
+        message(
+            FATAL_ERROR
+            "Python3 not found. Code generation cannot proceed.\n"
+            "Please install Python 3, or set -DXRPL_NO_CODEGEN=ON to use existing generated files."
+        )
+        return()
+    endif()
+
+    message(STATUS "Using Python3 for code generation: ${Python3_EXECUTABLE}")
+
+    # Set up Python virtual environment for code generation
+    if(CODEGEN_VENV_DIR)
+        # User-provided venv - skip automatic setup
+        set(VENV_DIR "${CODEGEN_VENV_DIR}")
+        message(STATUS "Using user-provided Python venv: ${VENV_DIR}")
+    else()
+        # Use default venv in build directory
+        set(VENV_DIR "${CMAKE_CURRENT_BINARY_DIR}/codegen_venv")
+    endif()
+
+    # Determine the Python executable path in the venv
+    if(WIN32)
+        set(VENV_PYTHON "${VENV_DIR}/Scripts/python.exe")
+        set(VENV_PIP "${VENV_DIR}/Scripts/pip.exe")
+    else()
+        set(VENV_PYTHON "${VENV_DIR}/bin/python")
+        set(VENV_PIP "${VENV_DIR}/bin/pip")
+    endif()
+
+    # Only auto-setup venv if not user-provided
+    if(NOT CODEGEN_VENV_DIR)
+        # Check if venv needs to be created or updated
+        set(VENV_NEEDS_UPDATE FALSE)
+        if(NOT EXISTS "${VENV_PYTHON}")
+            set(VENV_NEEDS_UPDATE TRUE)
+            message(
+                STATUS
+                "Creating Python virtual environment for code generation..."
+            )
+        elseif(
+            "${REQUIREMENTS_FILE}"
+                IS_NEWER_THAN
+                "${VENV_DIR}/.requirements_installed"
+        )
+            set(VENV_NEEDS_UPDATE TRUE)
+            message(
+                STATUS
+                "Updating Python virtual environment (requirements changed)..."
+            )
+        endif()
+
+        # Create/update virtual environment if needed
+        if(VENV_NEEDS_UPDATE)
+            message(
+                STATUS
+                "Setting up Python virtual environment at ${VENV_DIR}"
+            )
+            execute_process(
+                COMMAND ${Python3_EXECUTABLE} -m venv "${VENV_DIR}"
+                RESULT_VARIABLE VENV_RESULT
+                ERROR_VARIABLE VENV_ERROR
+            )
+            if(NOT VENV_RESULT EQUAL 0)
+                message(
+                    FATAL_ERROR
+                    "Failed to create virtual environment: ${VENV_ERROR}"
+                )
+            endif()
+
+            # Check pip index URL configuration
+            execute_process(
+                COMMAND ${VENV_PIP} config get global.index-url
+                OUTPUT_VARIABLE PIP_INDEX_URL
+                OUTPUT_STRIP_TRAILING_WHITESPACE
+                ERROR_QUIET
+            )
+
+            # Default PyPI URL
+            set(DEFAULT_PIP_INDEX "https://pypi.org/simple")
+
+            # Show warning if using non-default index
+            if(PIP_INDEX_URL AND NOT PIP_INDEX_URL STREQUAL "")
+                if(NOT PIP_INDEX_URL STREQUAL DEFAULT_PIP_INDEX)
+                    message(
+                        WARNING
+                        "Private pip index URL detected: ${PIP_INDEX_URL}\n"
+                        "You may need to connect to VPN to access this URL."
+                    )
+                endif()
+            endif()
+
+            message(STATUS "Installing Python dependencies...")
+            execute_process(
+                COMMAND ${VENV_PIP} install --upgrade pip
+                RESULT_VARIABLE PIP_UPGRADE_RESULT
+                OUTPUT_QUIET
+                ERROR_VARIABLE PIP_UPGRADE_ERROR
+            )
+            if(NOT PIP_UPGRADE_RESULT EQUAL 0)
+                message(WARNING "Failed to upgrade pip: ${PIP_UPGRADE_ERROR}")
+            endif()
+
+            execute_process(
+                COMMAND ${VENV_PIP} install -r "${REQUIREMENTS_FILE}"
+                RESULT_VARIABLE PIP_INSTALL_RESULT
+                ERROR_VARIABLE PIP_INSTALL_ERROR
+            )
+            if(NOT PIP_INSTALL_RESULT EQUAL 0)
+                message(
+                    FATAL_ERROR
+                    "Failed to install Python dependencies: ${PIP_INSTALL_ERROR}"
+                )
+            endif()
+
+            # Mark requirements as installed
+            file(TOUCH "${VENV_DIR}/.requirements_installed")
+            message(STATUS "Python virtual environment ready")
+        endif()
+    endif()
+
+    # At configure time - get list of output files for transactions
+    execute_process(
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
+            "${AUTOGEN_TEST_DIR}/transactions" --list-outputs
+        OUTPUT_VARIABLE TX_OUTPUT_FILES
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+        RESULT_VARIABLE TX_LIST_RESULT
+        ERROR_VARIABLE TX_LIST_ERROR
+    )
+    if(NOT TX_LIST_RESULT EQUAL 0)
+        message(
+            FATAL_ERROR
+            "Failed to list transaction output files:\n${TX_LIST_ERROR}"
+        )
+    endif()
+    # Convert newline-separated list to CMake list
+    string(REPLACE "\\" "/" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
+    string(REPLACE "\n" ";" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
+
+    # At configure time - get list of output files for ledger entries
+    execute_process(
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
+            "${AUTOGEN_TEST_DIR}/ledger_entries" --list-outputs
+        OUTPUT_VARIABLE LEDGER_OUTPUT_FILES
+        OUTPUT_STRIP_TRAILING_WHITESPACE
+        RESULT_VARIABLE LEDGER_LIST_RESULT
+        ERROR_VARIABLE LEDGER_LIST_ERROR
+    )
+    if(NOT LEDGER_LIST_RESULT EQUAL 0)
+        message(
+            FATAL_ERROR
+            "Failed to list ledger entry output files:\n${LEDGER_LIST_ERROR}"
+        )
+    endif()
+    # Convert newline-separated list to CMake list
+    string(REPLACE "\\" "/" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
+    string(REPLACE "\n" ";" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
+
+    # Custom command to generate transaction classes at build time
+    add_custom_command(
+        OUTPUT ${TX_OUTPUT_FILES}
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
+            "${AUTOGEN_TEST_DIR}/transactions" --sfields-macro
+            "${SFIELDS_MACRO}"
+        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+        DEPENDS
+            "${TRANSACTIONS_MACRO}"
+            "${SFIELDS_MACRO}"
+            "${GENERATE_TX_SCRIPT}"
+            "${MACRO_PARSER_COMMON}"
+            "${TX_TEMPLATE}"
+            "${TX_TEST_TEMPLATE}"
+            "${REQUIREMENTS_FILE}"
+        COMMENT "Generating transaction classes from transactions.macro..."
+        VERBATIM
+    )
+
+    # Custom command to generate ledger entry classes at build time
+    add_custom_command(
+        OUTPUT ${LEDGER_OUTPUT_FILES}
+        COMMAND
+            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
+            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
+            "${AUTOGEN_TEST_DIR}/ledger_entries" --sfields-macro
+            "${SFIELDS_MACRO}"
+        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+        DEPENDS
+            "${LEDGER_ENTRIES_MACRO}"
+            "${SFIELDS_MACRO}"
+            "${GENERATE_LEDGER_SCRIPT}"
+            "${MACRO_PARSER_COMMON}"
+            "${LEDGER_TEMPLATE}"
+            "${LEDGER_TEST_TEMPLATE}"
+            "${REQUIREMENTS_FILE}"
+        COMMENT "Generating ledger entry classes from ledger_entries.macro..."
+        VERBATIM
+    )
+
+    # Create a custom target that depends on all generated files
+    add_custom_target(
+        protocol_autogen_generate
+        DEPENDS ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES}
+        COMMENT "Protocol autogen code generation"
+    )
+
+    # Extract test files from output lists (files ending in Tests.cpp)
+    set(PROTOCOL_AUTOGEN_TEST_SOURCES "")
+    foreach(FILE ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES})
+        if(FILE MATCHES "Tests\\.cpp$")
+            list(APPEND PROTOCOL_AUTOGEN_TEST_SOURCES "${FILE}")
+        endif()
+    endforeach()
+    # Export test sources to parent scope for use in test CMakeLists.txt
+    set(PROTOCOL_AUTOGEN_TEST_SOURCES
+        "${PROTOCOL_AUTOGEN_TEST_SOURCES}"
+        CACHE INTERNAL
+        "Generated protocol_autogen test sources"
+    )
+
+    # Register dependencies so CMake reconfigures when macro files change
+    # (to update the list of output files)
+    set_property(
+        DIRECTORY
+        APPEND
+        PROPERTY
+            CMAKE_CONFIGURE_DEPENDS
+                "${TRANSACTIONS_MACRO}"
+                "${LEDGER_ENTRIES_MACRO}"
+    )
+endfunction()

cmake/deps/Boost.cmake

@@ -7,7 +7,7 @@ find_package(
     COMPONENTS
         chrono
         container
-        coroutine
+        context
         date_time
         filesystem
         json
@@ -26,7 +26,7 @@ target_link_libraries(
         Boost::headers
         Boost::chrono
         Boost::container
-        Boost::coroutine
+        Boost::context
         Boost::date_time
         Boost::filesystem
         Boost::json
@@ -38,23 +38,26 @@ target_link_libraries(
 if(Boost_COMPILER)
     target_link_libraries(xrpl_boost INTERFACE Boost::disable_autolinking)
 endif()
-if(SANITIZERS_ENABLED AND is_clang)
-    # TODO: gcc does not support -fsanitize-blacklist...can we do something else for gcc ?
-    if(NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)
-        get_target_property(
-            Boost_INCLUDE_DIRS
-            Boost::headers
-            INTERFACE_INCLUDE_DIRECTORIES
-        )
-    endif()
-    message(STATUS "Adding [${Boost_INCLUDE_DIRS}] to sanitizer blacklist")
-    file(
-        WRITE ${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt
-        "src:${Boost_INCLUDE_DIRS}/*"
-    )
-    target_compile_options(
-        opts
-        INTERFACE # ignore boost headers for sanitizing
-            -fsanitize-blacklist=${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt
+
+# GCC 14+ has a false positive -Wuninitialized warning in Boost.Coroutine2's
+# state.hpp when compiled with -O3. This is due to GCC's intentional behavior
+# change (Bug #98871, #119388) where warnings from inlined system header code
+# are no longer suppressed by -isystem. The warning occurs in operator|= in
+# boost/coroutine2/detail/state.hpp when inlined from push_control_block::destroy().
+# See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119388
+if(is_gcc AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 14)
+    target_compile_options(xrpl_boost INTERFACE -Wno-uninitialized)
+endif()
+
+# Boost.Context's ucontext backend has ASAN fiber-switching annotations
+# (start/finish_switch_fiber) that are compiled in when BOOST_USE_ASAN is defined.
+# This tells ASAN about coroutine stack switches, preventing false positive
+# stack-use-after-scope errors. BOOST_USE_UCONTEXT ensures the ucontext backend
+# is selected (fcontext does not support ASAN annotations).
+# These defines must match what Boost was compiled with (see conan/profiles/sanitizers).
+if(enable_asan)
+    target_compile_definitions(
+        xrpl_boost
+        INTERFACE BOOST_USE_ASAN BOOST_USE_UCONTEXT
     )
 endif()

conan.lock

@@ -1,59 +1,57 @@
 {
     "version": "0.5",
     "requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
         "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
-        "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1765850149.926",
-        "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1765850149.46",
+        "sqlite3/3.51.0#66aa11eabd0e34954c5c1c061ad44abe%1774467355.988",
+        "soci/4.0.3#fe32b9ad5eb47e79ab9e45a68f363945%1774450067.231",
         "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
-        "secp256k1/0.7.1#3a61e95e220062ef32c48d019e9c81f7%1770306721.686",
+        "secp256k1/0.7.1#481881709eb0bdd0185a12b912bbe8ad%1770910500.329",
         "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
-        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1765850148.103",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
-        "openssl/3.5.5#05a4ac5b7323f7a329b2db1391d9941f%1769599205.414",
-        "nudb/2.0.9#0432758a24204da08fee953ec9ea03cb%1769436073.32",
+        "re2/20251105#8579cfd0bda4daf0683f9e3898f964b4%1774398111.888",
+        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12",
+        "openssl/3.6.1#e6399de266349245a4542fc5f6c71552%1774458290.139",
+        "nudb/2.0.9#11149c73f8f2baff9a0198fe25971fc7%1774883011.384",
         "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
         "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
         "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1765842973.03",
         "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
         "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
         "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
-        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1765850193.734",
+        "grpc/1.78.1#b1a9e74b145cc471bed4dc64dc6eb2c1%1774467387.342",
         "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
         "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
-        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1765850144.336",
+        "c-ares/1.34.6#545240bb1c40e2cacd4362d6b8967650%1774439234.681",
         "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1765850143.837",
         "boost/1.90.0#d5e8defe7355494953be18524a7f135b%1769454080.269",
-        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
+        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
     ],
     "build_requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
-        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1765850165.196",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
+        "strawberryperl/5.32.1.1#8d114504d172cfea8ea1662d09b6333e%1774447376.964",
+        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12",
         "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
-        "msys2/cci.latest#eea83308ad7e9023f7318c60d5a9e6cb%1770199879.083",
-        "m4/1.4.19#70dc8bbb33e981d119d2acc0175cf381%1763158052.846",
-        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1765850153.937",
-        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
-        "b2/5.3.3#107c15377719889654eb9a162a673975%1765850144.355",
+        "msys2/cci.latest#d22fe7b2808f5fd34d0a7923ace9c54f%1770657326.649",
+        "m4/1.4.19#5d7a4994e5875d76faf7acf3ed056036%1774365463.87",
+        "cmake/4.3.0#b939a42e98f593fb34d3a8c5cc860359%1774439249.183",
+        "b2/5.4.2#ffd6084a119587e70f11cd45d1a386e2%1774439233.447",
         "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
         "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
-        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
+        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
     ],
     "python_requires": [],
     "overrides": {
-        "boost/1.90.0#d5e8defe7355494953be18524a7f135b": [
-            null,
-            "boost/1.90.0"
-        ],
-        "protobuf/5.27.0": [
-            "protobuf/6.32.1"
+        "protobuf/[>=5.27.0 <7]": [
+            "protobuf/6.33.5"
         ],
         "lz4/1.9.4": [
             "lz4/1.10.0"
         ],
-        "sqlite3/3.44.2": [
-            "sqlite3/3.49.1"
+        "boost/[>=1.83.0 <1.91.0]": [
+            "boost/1.90.0"
+        ],
+        "sqlite3/[>=3.44 <4]": [
+            "sqlite3/3.51.0"
         ],
         "boost/1.83.0": [
             "boost/1.90.0"

conan/profiles/sanitizers

@@ -7,16 +7,21 @@ include(default)
     {% if compiler == "gcc" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
+            {% set defines = [] %}
             {% set model_code = "" %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1", "-Wno-stringop-overflow"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
                 {% set model_code = "-mcmodel=large" %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
                 {% set model_code = "-mcmodel=medium" %}
                 {% set _ = extra_cxxflags.append("-Wno-tsan") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -29,16 +34,22 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
         {% endif %}
     {% elif compiler == "apple-clang" or compiler == "clang" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
+            {% set defines = [] %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -52,8 +63,24 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
         {% endif %}
     {% endif %}
 {% endif %}
 
-tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags"]
+tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags", "tools.build:defines"]
+
+[options]
+{% if sanitizers %}
+    {% if "address" in sanitizers %}
+        # Build Boost.Context with ucontext backend (not fcontext) so that
+        # ASAN fiber-switching annotations (__sanitizer_start/finish_switch_fiber)
+        # are compiled into the library. fcontext (assembly) has no ASAN support.
+        # define=BOOST_USE_ASAN=1 is critical: it must be defined when building
+        # Boost.Context itself so the ucontext backend compiles in the ASAN annotations.
+        boost/*:extra_b2_flags=context-impl=ucontext address-sanitizer=on define=BOOST_USE_ASAN=1
+        boost/*:without_context=False
+        # Boost stacktrace fails to build with some sanitizers
+        boost/*:without_stacktrace=True
+    {% endif %}
+{% endif %}

conanfile.py

@@ -1,9 +1,9 @@
+import os
 import re
 
 from conan.tools.cmake import CMake, CMakeToolchain, cmake_layout
 
 from conan import ConanFile
-from conan import __version__ as conan_version
 
 
 class Xrpl(ConanFile):
@@ -29,10 +29,10 @@ class Xrpl(ConanFile):
 
     requires = [
         "ed25519/2015.03",
-        "grpc/1.72.0",
+        "grpc/1.78.1",
         "libarchive/3.8.1",
         "nudb/2.0.9",
-        "openssl/3.5.5",
+        "openssl/3.6.1",
         "secp256k1/0.7.1",
         "soci/4.0.3",
         "zlib/1.3.1",
@@ -43,7 +43,7 @@ class Xrpl(ConanFile):
     ]
 
     tool_requires = [
-        "protobuf/6.32.1",
+        "protobuf/6.33.5",
     ]
 
     default_options = {
@@ -57,6 +57,9 @@ class Xrpl(ConanFile):
         "tests": False,
         "unity": False,
         "xrpld": False,
+        "boost/*:without_context": False,
+        "boost/*:without_coroutine": True,
+        "boost/*:without_coroutine2": False,
         "date/*:header_only": True,
         "ed25519/*:shared": False,
         "grpc/*:shared": False,
@@ -126,21 +129,23 @@ class Xrpl(ConanFile):
         if self.settings.compiler in ["clang", "gcc"]:
             self.options["boost"].without_cobalt = True
 
+        # Check if environment variable exists
+        if "SANITIZERS" in os.environ:
+            sanitizers = os.environ["SANITIZERS"]
+            if "address" in sanitizers.lower():
+                self.default_options["fPIC"] = False
+
     def requirements(self):
-        # Conan 2 requires transitive headers to be specified
-        transitive_headers_opt = (
-            {"transitive_headers": True} if conan_version.split(".")[0] == "2" else {}
-        )
-        self.requires("boost/1.90.0", force=True, **transitive_headers_opt)
-        self.requires("date/3.0.4", **transitive_headers_opt)
+        self.requires("boost/1.90.0", force=True, transitive_headers=True)
+        self.requires("date/3.0.4", transitive_headers=True)
         self.requires("lz4/1.10.0", force=True)
-        self.requires("protobuf/6.32.1", force=True)
-        self.requires("sqlite3/3.49.1", force=True)
+        self.requires("protobuf/6.33.5", force=True)
+        self.requires("sqlite3/3.51.0", force=True)
         if self.options.jemalloc:
             self.requires("jemalloc/5.3.0")
         if self.options.rocksdb:
             self.requires("rocksdb/10.5.1")
-        self.requires("xxhash/0.8.3", **transitive_headers_opt)
+        self.requires("xxhash/0.8.3", transitive_headers=True)
 
     exports_sources = (
         "CMakeLists.txt",
@@ -196,7 +201,7 @@ class Xrpl(ConanFile):
             "boost::headers",
             "boost::chrono",
             "boost::container",
-            "boost::coroutine",
+            "boost::context",
             "boost::date_time",
             "boost::filesystem",
             "boost::json",

cspell.config.yaml

@@ -99,6 +99,7 @@ words:
   - endmacro
   - exceptioned
   - Falco
+  - fcontext
   - finalizers
   - firewalled
   - fmtdur
@@ -111,6 +112,7 @@ words:
   - gpgcheck
   - gpgkey
   - hotwallet
+  - hwaddress
   - hwrap
   - ifndef
   - inequation
@@ -204,6 +206,7 @@ words:
   - ptrs
   - pushd
   - pyenv
+  - pyparsing
   - qalloc
   - queuable
   - Raphson
@@ -229,6 +232,7 @@ words:
   - seqit
   - sf
   - SFIELD
+  - sfields
   - shamap
   - shamapitem
   - sidechain
@@ -293,6 +297,7 @@ words:
   - venv
   - vfalco
   - vinnie
+  - wasmi
   - wextra
   - wptr
   - writeme

docs/build/environment.md

@@ -109,3 +109,32 @@ Install CMake with Homebrew too:
 ```
 brew install cmake
 ```
+
+## Clang-tidy
+
+Clang-tidy is required to run static analysis checks locally (see [CONTRIBUTING.md](../../CONTRIBUTING.md)).
+It is not required to build the project. Currently this project uses clang-tidy version 21.
+
+### Linux
+
+LLVM 21 is not available in the default Debian 12 (Bookworm) repositories.
+Install it using the official LLVM apt installer:
+
+```
+wget https://apt.llvm.org/llvm.sh
+chmod +x llvm.sh
+sudo ./llvm.sh 21
+sudo apt install --yes clang-tidy-21
+```
+
+Then use `run-clang-tidy-21` when running clang-tidy locally.
+
+### macOS
+
+Install LLVM 21 via Homebrew:
+
+```
+brew install llvm@21
+```
+
+Then use `run-clang-tidy` from the LLVM 21 Homebrew prefix when running clang-tidy locally.

docs/build/sanitizers.md

@@ -89,8 +89,8 @@ cmake --build . --parallel 4
 **IMPORTANT**: ASAN with Boost produces many false positives. Use these options:
 
 ```bash
-export ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=path/to/asan.supp:halt_on_error=0:log_path=asan.log"
-export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsan.log"
+export ASAN_OPTIONS="include=sanitizers/suppressions/runtime-asan-options.txt:suppressions=sanitizers/suppressions/asan.supp"
+export LSAN_OPTIONS="include=sanitizers/suppressions/runtime-lsan-options.txt:suppressions=sanitizers/suppressions/lsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -108,7 +108,7 @@ export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsa
 ### ThreadSanitizer (TSan)
 
 ```bash
-export TSAN_OPTIONS="suppressions=path/to/tsan.supp halt_on_error=0 log_path=tsan.log"
+export TSAN_OPTIONS="include=sanitizers/suppressions/runtime-tsan-options.txt:suppressions=sanitizers/suppressions/tsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -129,7 +129,7 @@ More details [here](https://github.com/google/sanitizers/wiki/AddressSanitizerLe
 ### UndefinedBehaviorSanitizer (UBSan)
 
 ```bash
-export UBSAN_OPTIONS="suppressions=path/to/ubsan.supp:print_stacktrace=1:halt_on_error=0:log_path=ubsan.log"
+export UBSAN_OPTIONS="include=sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=sanitizers/suppressions/ubsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5

include/xrpl/basics/BasicConfig.h

@@ -311,7 +311,7 @@ template <class T>
 bool
 set(T& target, T const& defaultValue, std::string const& name, Section const& section)
 {
-    bool found_and_valid = set<T>(target, name, section);
+    bool const found_and_valid = set<T>(target, name, section);
     if (!found_and_valid)
         target = defaultValue;
     return found_and_valid;

include/xrpl/basics/CountedObject.h

@@ -34,7 +34,7 @@ public:
         {
             // Insert ourselves at the front of the lock-free linked list
             CountedObjects& instance = CountedObjects::getInstance();
-            Counter* head;
+            Counter* head = nullptr;
 
             do
             {

include/xrpl/basics/DecayingSample.h

@@ -93,7 +93,7 @@ class DecayWindow
 public:
     using time_point = typename Clock::time_point;
 
-    explicit DecayWindow(time_point now) : value_(0), when_(now)
+    explicit DecayWindow(time_point now) : when_(now)
     {
     }
 
@@ -125,7 +125,7 @@ private:
         when_ = now;
     }
 
-    double value_;
+    double value_{0};
     time_point when_;
 };
 

include/xrpl/basics/IntrusivePointer.h

@@ -84,7 +84,8 @@ public:
 
     template <class TT>
         requires std::convertible_to<TT*, T*>
-    SharedIntrusive(SharedIntrusive<TT>&& rhs);
+    SharedIntrusive(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
 
     SharedIntrusive&
     operator=(SharedIntrusive const& rhs);
@@ -106,7 +107,8 @@ public:
     template <class TT>
         requires std::convertible_to<TT*, T*>
     SharedIntrusive&
-    operator=(SharedIntrusive<TT>&& rhs);
+    operator=(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
 
     /** Adopt the raw pointer. The strong reference may or may not be
         incremented, depending on the TAdoptTag
@@ -314,7 +316,8 @@ public:
 
     template <class TT>
         requires std::convertible_to<TT*, T*>
-    SharedWeakUnion(SharedIntrusive<TT>&& rhs);
+    SharedWeakUnion(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
 
     SharedWeakUnion&
     operator=(SharedWeakUnion const& rhs);
@@ -327,7 +330,8 @@ public:
     template <class TT>
         requires std::convertible_to<TT*, T*>
     SharedWeakUnion&
-    operator=(SharedIntrusive<TT>&& rhs);
+    operator=(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
 
     ~SharedWeakUnion();
 

include/xrpl/basics/IntrusivePointer.ipp

@@ -68,9 +68,7 @@ SharedIntrusive<T>::operator=(SharedIntrusive const& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedIntrusive<T>&
 SharedIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -101,9 +99,7 @@ SharedIntrusive<T>::operator=(SharedIntrusive&& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedIntrusive<T>&
 SharedIntrusive<T>::operator=(SharedIntrusive<TT>&& rhs)
 {
@@ -307,9 +303,7 @@ WeakIntrusive<T>::WeakIntrusive(SharedIntrusive<T> const& rhs) : ptr_{rhs.unsafe
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 WeakIntrusive<T>&
 WeakIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -454,9 +448,7 @@ SharedWeakUnion<T>::operator=(SharedWeakUnion const& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedWeakUnion<T>&
 SharedWeakUnion<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -470,9 +462,7 @@ SharedWeakUnion<T>::operator=(SharedIntrusive<TT> const& rhs)
 
 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedWeakUnion<T>&
 SharedWeakUnion<T>::operator=(SharedIntrusive<TT>&& rhs)
 {

include/xrpl/basics/IntrusiveRefCounts.h

@@ -448,7 +448,7 @@ inline void
 partialDestructorFinished(T** o)
 {
     T& self = **o;
-    IntrusiveRefCounts::RefCountPair p =
+    IntrusiveRefCounts::RefCountPair const p =
         self.refCounts.fetch_or(IntrusiveRefCounts::partialDestroyFinishedMask);
     XRPL_ASSERT(
         (!p.partialDestroyFinishedBit && p.partialDestroyStartedBit && !p.strong),

include/xrpl/basics/Number.h

@@ -73,12 +73,12 @@ struct MantissaRange
     enum mantissa_scale { small, large };
 
     explicit constexpr MantissaRange(mantissa_scale scale_)
-        : min(getMin(scale_)), max(min * 10 - 1), log(logTen(min).value_or(-1)), scale(scale_)
+        : min(getMin(scale_)), log(logTen(min).value_or(-1)), scale(scale_)
     {
     }
 
     rep min;
-    rep max;
+    rep max{min * 10 - 1};
     int log;
     mantissa_scale scale;
 

include/xrpl/basics/SlabAllocator.h

@@ -91,10 +91,10 @@ class SlabAllocator
         std::uint8_t*
         allocate() noexcept
         {
-            std::uint8_t* ret;
+            std::uint8_t* ret = nullptr;  // NOLINT(misc-const-correctness)
 
             {
-                std::lock_guard l(m_);
+                std::lock_guard const l(m_);
 
                 ret = l_;
 
@@ -123,7 +123,7 @@ class SlabAllocator
         {
             XRPL_ASSERT(own(ptr), "xrpl::SlabAllocator::SlabBlock::deallocate : own input");
 
-            std::lock_guard l(m_);
+            std::lock_guard const l(m_);
 
             // Use memcpy to avoid unaligned UB
             // (will optimize to equivalent code)
@@ -210,16 +210,13 @@ public:
 
         // No slab can satisfy our request, so we attempt to allocate a new
         // one here:
-        std::size_t size = slabSize_;
+        std::size_t const size = slabSize_;
 
         // We want to allocate the memory at a 2 MiB boundary, to make it
         // possible to use hugepage mappings on Linux:
         auto buf = boost::alignment::aligned_alloc(megabytes(std::size_t(2)), size);
-
-        // clang-format off
         if (!buf) [[unlikely]]
             return nullptr;
-        // clang-format on
 
 #if BOOST_OS_LINUX
         // When allocating large blocks, attempt to leverage Linux's

include/xrpl/basics/StringUtilities.h

@@ -66,12 +66,12 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 
     while (iter != end)
     {
-        int cHigh = digitLookupTable[*iter++];
+        int const cHigh = digitLookupTable[*iter++];
 
         if (cHigh < 0)
             return {};
 
-        int cLow = digitLookupTable[*iter++];
+        int const cLow = digitLookupTable[*iter++];
 
         if (cLow < 0)
             return {};

include/xrpl/basics/TaggedCache.h

@@ -182,8 +182,7 @@ private:
             : hook(collector->make_hook(handler))
             , size(collector->make_gauge(prefix, "size"))
             , hit_rate(collector->make_gauge(prefix, "hit_rate"))
-            , hits(0)
-            , misses(0)
+
         {
         }
 
@@ -191,8 +190,8 @@ private:
         beast::insight::Gauge size;
         beast::insight::Gauge hit_rate;
 
-        std::size_t hits;
-        std::size_t misses;
+        std::size_t hits{0};
+        std::size_t misses{0};
     };
 
     class KeyOnlyEntry
@@ -294,10 +293,10 @@ private:
     clock_type::duration const m_target_age;
 
     // Number of items cached
-    int m_cache_count;
+    int m_cache_count{0};
     cache_type m_cache;  // Hold strong reference to recent objects
-    std::uint64_t m_hits;
-    std::uint64_t m_misses;
+    std::uint64_t m_hits{0};
+    std::uint64_t m_misses{0};
 };
 
 }  // namespace xrpl

include/xrpl/basics/TaggedCache.ipp

@@ -36,9 +36,7 @@ inline TaggedCache<
     , m_name(name)
     , m_target_size(size)
     , m_target_age(expiration)
-    , m_cache_count(0)
-    , m_hits(0)
-    , m_misses(0)
+
 {
 }
 

include/xrpl/basics/base_uint.h

@@ -212,7 +212,7 @@ private:
         while (in != sv.end())
         {
             std::uint32_t accum = {};
-            for (std::uint32_t shift : {4u, 0u, 12u, 8u, 20u, 16u, 28u, 24u})
+            for (std::uint32_t const shift : {4u, 0u, 12u, 8u, 20u, 16u, 28u, 24u})
             {
                 if (auto const result = hexCharToUInt(*in++, shift, accum);
                     result != ParseResult::okay)
@@ -335,11 +335,13 @@ public:
     operator=(std::uint64_t uHost)
     {
         *this = beast::zero;
+        // NOLINTBEGIN(cppcoreguidelines-pro-type-member-init)
         union
         {
             unsigned u[2];
             std::uint64_t ul;
         };
+        // NOLINTEND(cppcoreguidelines-pro-type-member-init)
         // Put in least significant bits.
         ul = boost::endian::native_to_big(uHost);
         data_[WIDTH - 2] = u[0];
@@ -444,7 +446,7 @@ public:
 
         for (int i = WIDTH; i--;)
         {
-            std::uint64_t n = carry + boost::endian::big_to_native(data_[i]) +
+            std::uint64_t const n = carry + boost::endian::big_to_native(data_[i]) +
                 boost::endian::big_to_native(b.data_[i]);
 
             data_[i] = boost::endian::native_to_big(static_cast<std::uint32_t>(n));
@@ -621,7 +623,7 @@ template <>
 inline std::size_t
 extract(uint256 const& key)
 {
-    std::size_t result;
+    std::size_t result = 0;
     // Use memcpy to avoid unaligned UB
     // (will optimize to equivalent code)
     std::memcpy(&result, key.data(), sizeof(std::size_t));

include/xrpl/basics/contract.h

@@ -1,5 +1,6 @@
 #pragma once
 
+#include <xrpl/basics/sanitizers.h>
 #include <xrpl/beast/type_name.h>
 
 #include <exception>
@@ -23,16 +24,28 @@ LogThrow(std::string const& title);
     When called from within a catch block, it will pass
     control to the next matching exception handler, if any.
     Otherwise, std::terminate will be called.
+
+    ASAN can't handle sudden jumps in control flow very well. This
+    function is marked as XRPL_NO_SANITIZE_ADDRESS to prevent it from
+    triggering false positives, since it throws.
 */
-[[noreturn]] inline void
+[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
 Rethrow()
 {
     LogThrow("Re-throwing exception");
     throw;
 }
 
+/*
+    Logs and throws an exception of type E.
+
+    ASAN can't handle sudden jumps in control flow very well. This
+    function is marked as XRPL_NO_SANITIZE_ADDRESS to prevent it from
+    triggering false positives, since it throws.
+*/
+
 template <class E, class... Args>
-[[noreturn]] inline void
+[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
 Throw(Args&&... args)
 {
     static_assert(
@@ -41,7 +54,7 @@ Throw(Args&&... args)
 
     E e(std::forward<Args>(args)...);
     LogThrow(std::string("Throwing exception of type " + beast::type_name<E>() + ": ") + e.what());
-    throw e;
+    throw std::move(e);
 }
 
 /** Called when faulty logic causes a broken invariant. */

include/xrpl/basics/hardened_hash.h

@@ -32,7 +32,7 @@ make_seed_pair() noexcept
         // state_t& operator=(state_t const&) = delete;
     };
     static state_t state;
-    std::lock_guard lock(state.mutex);
+    std::lock_guard const lock(state.mutex);
     return {state.dist(state.gen), state.dist(state.gen)};
 }
 

include/xrpl/basics/random.h

@@ -14,11 +14,13 @@ namespace xrpl {
 
 #ifndef __INTELLISENSE__
 static_assert(
+    // NOLINTNEXTLINE(misc-redundant-expression)
     std::is_integral<beast::xor_shift_engine::result_type>::value &&
         std::is_unsigned<beast::xor_shift_engine::result_type>::value,
     "The Ripple default PRNG engine must return an unsigned integral type.");
 
 static_assert(
+    // NOLINTNEXTLINE(misc-redundant-expression)
     std::numeric_limits<beast::xor_shift_engine::result_type>::max() >=
         std::numeric_limits<std::uint64_t>::max(),
     "The Ripple default PRNG engine return must be at least 64 bits wide.");
@@ -56,9 +58,9 @@ default_prng()
 
     // The thread-specific PRNGs:
     thread_local beast::xor_shift_engine engine = [] {
-        std::uint64_t seed;
+        std::uint64_t seed = 0;
         {
-            std::lock_guard lk(m);
+            std::lock_guard const lk(m);
             std::uniform_int_distribution<std::uint64_t> distribution{1};
             seed = distribution(seeder);
         }

include/xrpl/basics/safe_cast.h

@@ -1,5 +1,7 @@
 #pragma once
 
+#include <xrpl/beast/utility/instrumentation.h>
+
 #include <type_traits>
 
 namespace xrpl {
@@ -70,4 +72,31 @@ unsafe_cast(Src s) noexcept
     return unsafe_cast<Dest>(static_cast<std::underlying_type_t<Src>>(s));
 }
 
+template <class Dest, class Src>
+    requires std::is_pointer_v<Dest>
+inline Dest
+safe_downcast(Src* s) noexcept
+{
+#ifdef NDEBUG
+    return static_cast<Dest>(s);  // NOLINT(cppcoreguidelines-pro-type-static-cast-downcast)
+#else
+    auto* result = dynamic_cast<Dest>(s);
+    XRPL_ASSERT(result != nullptr, "xrpl::safe_downcast : pointer downcast is valid");
+    return result;
+#endif
+}
+
+template <class Dest, class Src>
+    requires std::is_lvalue_reference_v<Dest>
+inline Dest
+safe_downcast(Src& s) noexcept
+{
+#ifndef NDEBUG
+    XRPL_ASSERT(
+        dynamic_cast<std::add_pointer_t<std::remove_reference_t<Dest>>>(&s) != nullptr,
+        "xrpl::safe_downcast : reference downcast is valid");
+#endif
+    return static_cast<Dest>(s);  // NOLINT(cppcoreguidelines-pro-type-static-cast-downcast)
+}
+
 }  // namespace xrpl

include/xrpl/basics/sanitizers.h

@@ -0,0 +1,13 @@
+#pragma once
+
+// Helper to disable ASan/HwASan for specific functions
+/*
+ ASAN flags some false positives with sudden jumps in control flow, like
+ exceptions, or when encountering coroutine stack switches. This macro can be used to disable ASAN
+ intrumentation for specific functions.
+*/
+#if defined(__GNUC__) || defined(__clang__)
+#define XRPL_NO_SANITIZE_ADDRESS __attribute__((no_sanitize("address", "hwaddress")))
+#else
+#define XRPL_NO_SANITIZE_ADDRESS
+#endif

include/xrpl/beast/asio/io_latency_probe.h

@@ -23,15 +23,15 @@ private:
 
     std::recursive_mutex m_mutex;
     std::condition_variable_any m_cond;
-    std::size_t m_count;
+    std::size_t m_count{1};
     duration const m_period;
     boost::asio::io_context& m_ios;
     boost::asio::basic_waitable_timer<std::chrono::steady_clock> m_timer;
-    bool m_cancel;
+    bool m_cancel{false};
 
 public:
     io_latency_probe(duration const& period, boost::asio::io_context& ios)
-        : m_count(1), m_period(period), m_ios(ios), m_timer(m_ios), m_cancel(false)
+        : m_period(period), m_ios(ios), m_timer(m_ios)
     {
     }
 
@@ -83,7 +83,7 @@ public:
     void
     sample_one(Handler&& handler)
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         if (m_cancel)
             throw std::logic_error("io_latency_probe is canceled");
         boost::asio::post(
@@ -98,7 +98,7 @@ public:
     void
     sample(Handler&& handler)
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         if (m_cancel)
             throw std::logic_error("io_latency_probe is canceled");
         boost::asio::post(
@@ -122,14 +122,14 @@ private:
     void
     addref()
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         ++m_count;
     }
 
     void
     release()
     {
-        std::lock_guard lock(m_mutex);
+        std::lock_guard const lock(m_mutex);
         if (--m_count == 0)
             m_cond.notify_all();
     }
@@ -192,7 +192,7 @@ private:
             m_handler(elapsed);
 
             {
-                std::lock_guard lock(m_probe->m_mutex);
+                std::lock_guard const lock(m_probe->m_mutex);
                 if (m_probe->m_cancel)
                     return;
             }

include/xrpl/beast/container/aged_map.h

@@ -16,4 +16,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_map = detail::aged_ordered_container<false, true, Key, T, Clock, Compare, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_multimap.h

@@ -16,4 +16,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_multimap = detail::aged_ordered_container<true, true, Key, T, Clock, Compare, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_multiset.h

@@ -15,4 +15,4 @@ template <
     class Allocator = std::allocator<Key>>
 using aged_multiset =
     detail::aged_ordered_container<true, false, Key, void, Clock, Compare, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/container/aged_set.h

@@ -15,4 +15,4 @@ template <
     class Allocator = std::allocator<Key>>
 using aged_set = detail::aged_ordered_container<false, false, Key, void, Clock, Compare, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_map.h

@@ -17,4 +17,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_unordered_map =
     detail::aged_unordered_container<false, true, Key, T, Clock, Hash, KeyEqual, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_multimap.h

@@ -17,4 +17,4 @@ template <
     class Allocator = std::allocator<std::pair<Key const, T>>>
 using aged_unordered_multimap =
     detail::aged_unordered_container<true, true, Key, T, Clock, Hash, KeyEqual, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_multiset.h

@@ -17,4 +17,4 @@ template <
 using aged_unordered_multiset =
     detail::aged_unordered_container<true, false, Key, void, Clock, Hash, KeyEqual, Allocator>;
 
-}
+}  // namespace beast

include/xrpl/beast/container/aged_unordered_set.h

@@ -16,4 +16,4 @@ template <
     class Allocator = std::allocator<Key>>
 using aged_unordered_set =
     detail::aged_unordered_container<false, false, Key, void, Clock, Hash, KeyEqual, Allocator>;
-}
+}  // namespace beast

include/xrpl/beast/container/detail/aged_ordered_container.h

@@ -262,7 +262,9 @@ private:
         {
         }
 
-        config_t(config_t&& other, Allocator const& alloc)
+        config_t(
+            config_t&& other,  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
+            Allocator const& alloc)
             : KeyValueCompare(std::move(other.key_compare()))
             , beast::detail::empty_base_optimization<ElementAllocator>(alloc)
             , clock(other.clock)
@@ -552,7 +554,10 @@ public:
 
     aged_ordered_container(aged_ordered_container&& other);
 
-    aged_ordered_container(aged_ordered_container&& other, Allocator const& alloc);
+    aged_ordered_container(
+        // NOLINTNEXTLINE(cppcoreguidelines-rvalue-reference-param-not-moved)
+        aged_ordered_container&& other,
+        Allocator const& alloc);
 
     aged_ordered_container(std::initializer_list<value_type> init, clock_type& clock);
 
@@ -1290,7 +1295,7 @@ aged_ordered_container<IsMulti, IsMap, Key, T, Clock, Compare, Allocator>::aged_
 
 template <bool IsMulti, bool IsMap, class Key, class T, class Clock, class Compare, class Allocator>
 aged_ordered_container<IsMulti, IsMap, Key, T, Clock, Compare, Allocator>::aged_ordered_container(
-    aged_ordered_container&& other,
+    aged_ordered_container&& other,  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
     Allocator const& alloc)
     : m_config(std::move(other.m_config), alloc)
 #if BOOST_VERSION >= 108000

include/xrpl/beast/container/detail/aged_unordered_container.h

@@ -318,7 +318,9 @@ private:
         {
         }
 
-        config_t(config_t&& other, Allocator const& alloc)
+        config_t(
+            config_t&& other,  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
+            Allocator const& alloc)
             : ValueHash(std::move(other.hash_function()))
             , KeyValueEqual(std::move(other.key_eq()))
             , beast::detail::empty_base_optimization<ElementAllocator>(alloc)
@@ -774,7 +776,10 @@ public:
 
     aged_unordered_container(aged_unordered_container&& other);
 
-    aged_unordered_container(aged_unordered_container&& other, Allocator const& alloc);
+    aged_unordered_container(
+        // NOLINTNEXTLINE(cppcoreguidelines-rvalue-reference-param-not-moved)
+        aged_unordered_container&& other,
+        Allocator const& alloc);
 
     aged_unordered_container(std::initializer_list<value_type> init, clock_type& clock);
 
@@ -1838,7 +1843,10 @@ template <
     class KeyEqual,
     class Allocator>
 aged_unordered_container<IsMulti, IsMap, Key, T, Clock, Hash, KeyEqual, Allocator>::
-    aged_unordered_container(aged_unordered_container&& other, Allocator const& alloc)
+    aged_unordered_container(
+        // NOLINTNEXTLINE(cppcoreguidelines-rvalue-reference-param-not-moved)
+        aged_unordered_container&& other,
+        Allocator const& alloc)
     : m_config(std::move(other.m_config), alloc)
     , m_buck(alloc)
     , m_cont(m_buck, std::cref(m_config.value_hash()), std::cref(m_config.key_value_equal()))

include/xrpl/beast/core/List.h

@@ -43,8 +43,8 @@ private:
     template <typename>
     friend class ListIterator;
 
-    ListNode* m_next;
-    ListNode* m_prev;
+    ListNode* m_next = nullptr;
+    ListNode* m_prev = nullptr;
 };
 
 //------------------------------------------------------------------------------
@@ -449,7 +449,7 @@ public:
     iterator
     erase(iterator pos) noexcept
     {
-        Node* node = &*pos;
+        Node const* node = &*pos;
         ++pos;
         node->m_next->m_prev = node->m_prev;
         node->m_prev->m_next = node->m_next;
@@ -567,7 +567,7 @@ private:
     }
 
 private:
-    size_type m_size;
+    size_type m_size = 0u;
     Node m_head;
     Node m_tail;
 };

include/xrpl/beast/core/LockFreeStack.h

@@ -187,7 +187,7 @@ public:
     bool
     push_front(Node* node)
     {
-        bool first;
+        bool first = false;
         Node* old_head = m_head.load(std::memory_order_relaxed);
         do
         {
@@ -211,7 +211,7 @@ public:
     pop_front()
     {
         Node* node = m_head.load();
-        Node* new_head;
+        Node* new_head = nullptr;
         do
         {
             if (node == &m_end)

include/xrpl/beast/hash/xxhasher.h

@@ -23,7 +23,7 @@ private:
     // A 64-byte buffer should to be big enough for us
     static constexpr std::size_t INTERNAL_BUFFER_SIZE = 64;
 
-    alignas(64) std::array<std::uint8_t, INTERNAL_BUFFER_SIZE> buffer_;
+    alignas(64) std::array<std::uint8_t, INTERNAL_BUFFER_SIZE> buffer_{};
     std::span<std::uint8_t> readBuffer_;
     std::span<std::uint8_t> writeBuffer_;
 

include/xrpl/beast/test/yield_to.h

@@ -114,7 +114,7 @@ enable_yield_to::spawn(F0&& f, FN&&... fn)
         boost::context::fixedsize_stack(2 * 1024 * 1024),
         [&](yield_context yield) {
             f(yield);
-            std::lock_guard lock{m_};
+            std::lock_guard const lock{m_};
             if (--running_ == 0)
                 cv_.notify_all();
         },

include/xrpl/beast/unit_test/results.h

@@ -35,10 +35,10 @@ private:
     class tests_t : public detail::const_container<std::vector<test>>
     {
     private:
-        std::size_t failed_;
+        std::size_t failed_{0};
 
     public:
-        tests_t() : failed_(0)
+        tests_t()
         {
         }
 
@@ -167,12 +167,12 @@ public:
 class results : public detail::const_container<std::vector<suite_results>>
 {
 private:
-    std::size_t m_cases;
-    std::size_t total_;
-    std::size_t failed_;
+    std::size_t m_cases{0};
+    std::size_t total_{0};
+    std::size_t failed_{0};
 
 public:
-    results() : m_cases(0), total_(0), failed_(0)
+    results()
     {
     }
 

include/xrpl/beast/unit_test/runner.h

@@ -228,7 +228,7 @@ template <class>
 void
 runner::testcase(std::string const& name)
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     // Name may not be empty
     BOOST_ASSERT(default_ || !name.empty());
     // Forgot to call pass or fail
@@ -244,7 +244,7 @@ template <class>
 void
 runner::pass()
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     if (default_)
         testcase("");
     on_pass();
@@ -255,7 +255,7 @@ template <class>
 void
 runner::fail(std::string const& reason)
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     if (default_)
         testcase("");
     on_fail(reason);
@@ -267,7 +267,7 @@ template <class>
 void
 runner::log(std::string const& s)
 {
-    std::lock_guard lock(mutex_);
+    std::lock_guard const lock(mutex_);
     if (default_)
         testcase("");
     on_log(s);

include/xrpl/beast/unit_test/suite.h

@@ -300,7 +300,7 @@ private:
     static suite**
     p_this_suite()
     {
-        static suite* pts = nullptr;
+        static suite* pts = nullptr;  // NOLINT(misc-const-correctness)
         return &pts;
     }
 

include/xrpl/beast/utility/PropertyStream.h

@@ -311,7 +311,7 @@ private:
     std::string const m_name;
     std::recursive_mutex lock_;
     Item item_;
-    Source* parent_;
+    Source* parent_{nullptr};
     List<Item> children_;
 
 public:

include/xrpl/beast/utility/Zero.h

@@ -28,7 +28,7 @@ struct Zero
 
 namespace {
 static constexpr Zero zero{};
-}
+}  // namespace
 
 /** Default implementation of signum calls the method on the class. */
 template <typename T>

include/xrpl/beast/utility/instrumentation.h

@@ -15,7 +15,7 @@
 #define ALWAYS_OR_UNREACHABLE(cond, message) assert((message) && (cond))
 #define SOMETIMES(cond, message, ...)
 #define REACHABLE(message, ...)
-#define UNREACHABLE(message, ...) assert((message) && false)
+#define UNREACHABLE(message, ...) assert((message) && false)  // NOLINT(misc-static-assert)
 #endif
 
 #define XRPL_ASSERT ALWAYS_OR_UNREACHABLE

include/xrpl/beast/xor_shift_engine.h

@@ -37,7 +37,7 @@ public:
     }
 
 private:
-    result_type s_[2];
+    result_type s_[2]{};
 
     static result_type
     murmurhash3(result_type x);

include/xrpl/core/ClosureCounter.h

@@ -56,7 +56,7 @@ private:
         // a lock.  This removes a small timing window that occurs if the
         // waiting thread is handling a spurious wakeup when closureCount_
         // drops to zero.
-        std::lock_guard lock{mutex_};
+        std::lock_guard const lock{mutex_};
 
         // Update closureCount_.  Notify if stopping and closureCount_ == 0.
         if ((--closureCount_ == 0) && waitForClosures_)
@@ -92,7 +92,9 @@ private:
             ++counter_;
         }
 
-        Substitute(ClosureCounter& counter, Closure&& closure)
+        Substitute(
+            ClosureCounter& counter,
+            Closure&& closure)  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)
             : counter_(counter), closure_(std::forward<Closure>(closure))
         {
             ++counter_;
@@ -168,7 +170,7 @@ public:
     {
         std::optional<Substitute<Closure>> ret;
 
-        std::lock_guard lock{mutex_};
+        std::lock_guard const lock{mutex_};
         if (!waitForClosures_)
             ret.emplace(*this, std::forward<Closure>(closure));
 
@@ -191,7 +193,7 @@ public:
     bool
     joined() const
     {
-        std::lock_guard lock{mutex_};
+        std::lock_guard const lock{mutex_};
         return waitForClosures_;
     }
 };

include/xrpl/core/Coro.ipp

@@ -1,7 +1,5 @@
 #pragma once
 
-#include <xrpl/basics/ByteUtilities.h>
-
 namespace xrpl {
 
 template <class F>
@@ -9,18 +7,19 @@ JobQueue::Coro::Coro(Coro_create_t, JobQueue& jq, JobType type, std::string cons
     : jq_(jq)
     , type_(type)
     , name_(name)
-    , running_(false)
     , coro_(
+          // Stack size of 1MB wasn't sufficient for deep calls. ASAN tests flagged the issue. Hence
+          // increasing the size to 1.5MB.
+          boost::context::protected_fixedsize_stack(1536 * 1024),
           [this, fn = std::forward<F>(f)](
-              boost::coroutines::asymmetric_coroutine<void>::push_type& do_yield) {
+              boost::coroutines2::asymmetric_coroutine<void>::push_type& do_yield) {
               yield_ = &do_yield;
               yield();
               fn(shared_from_this());
 #ifndef NDEBUG
               finished_ = true;
 #endif
-          },
-          boost::coroutines::attributes(megabytes(1)))
+          })
 {
 }
 
@@ -70,14 +69,24 @@ JobQueue::Coro::resume()
         running_ = true;
     }
     {
-        std::lock_guard lock(jq_.m_mutex);
+        std::lock_guard lk(jq_.m_mutex);
         --jq_.nSuspend_;
     }
     auto saved = detail::getLocalValues().release();
     detail::getLocalValues().reset(&lvs_);
     std::lock_guard lock(mutex_);
-    XRPL_ASSERT(static_cast<bool>(coro_), "xrpl::JobQueue::Coro::resume : is runnable");
-    coro_();
+    // A late resume() can arrive after the coroutine has already completed.
+    // This is an expected (if rare) outcome of the race condition documented
+    // in JobQueue.h:354-377 where post() schedules a resume job before the
+    // coroutine yields — the mutex serializes access, but by the time this
+    // resume() acquires the lock the coroutine may have already run to
+    // completion. Calling operator() on a completed boost::coroutine2 is
+    // undefined behavior, so we must check and skip invoking the coroutine
+    // body if it has already completed.
+    if (coro_)
+    {
+        coro_();
+    }
     detail::getLocalValues().release();
     detail::getLocalValues().reset(saved);
     std::lock_guard lk(mutex_run_);

include/xrpl/core/JobQueue.h

@@ -7,7 +7,8 @@
 #include <xrpl/core/detail/Workers.h>
 #include <xrpl/json/json_value.h>
 
-#include <boost/coroutine/all.hpp>
+#include <boost/context/protected_fixedsize_stack.hpp>
+#include <boost/coroutine2/all.hpp>
 
 #include <set>
 
@@ -15,7 +16,7 @@ namespace xrpl {
 
 namespace perf {
 class PerfLog;
-}
+}  // namespace perf
 
 class Logs;
 struct Coro_create_t
@@ -44,12 +45,12 @@ public:
         JobQueue& jq_;
         JobType type_;
         std::string name_;
-        bool running_;
+        bool running_{false};
         std::mutex mutex_;
         std::mutex mutex_run_;
         std::condition_variable cv_;
-        boost::coroutines::asymmetric_coroutine<void>::pull_type coro_;
-        boost::coroutines::asymmetric_coroutine<void>::push_type* yield_;
+        boost::coroutines2::coroutine<void>::pull_type coro_;
+        boost::coroutines2::coroutine<void>::push_type* yield_;
 #ifndef NDEBUG
         bool finished_ = false;
 #endif
@@ -98,8 +99,8 @@ public:
             Effects:
                The coroutine continues execution from where it last left off
                  using this same thread.
-            Undefined behavior if called after the coroutine has completed
-              with a return (as opposed to a yield()).
+               If the coroutine has already completed, returns immediately
+                 (handles the documented post-before-yield race condition).
             Undefined behavior if resume() or post() called consecutively
               without a corresponding yield.
         */
@@ -223,7 +224,7 @@ private:
 
     beast::Journal m_journal;
     mutable std::mutex m_mutex;
-    std::uint64_t m_lastJob;
+    std::uint64_t m_lastJob{0};
     std::set<Job> m_jobSet;
     JobCounter jobCounter_;
     std::atomic_bool stopping_{false};
@@ -232,7 +233,7 @@ private:
     JobTypeData m_invalidJobData;
 
     // The number of jobs currently in processTask()
-    int m_processCount;
+    int m_processCount{0};
 
     // The number of suspended coroutines
     int nSuspend_ = 0;
@@ -315,7 +316,7 @@ private:
     // Returns the limit of running jobs for the given job type.
     // For jobs with no limit, we return the largest int. Hopefully that
     // will be enough.
-    int
+    static int
     getJobLimit(JobType type);
 };
 
@@ -356,8 +357,10 @@ private:
     If the post() job were to be executed before yield(), undefined behavior
     would occur. The lock ensures that coro_ is not called again until we exit
     the coroutine. At which point a scheduled resume() job waiting on the lock
-    would gain entry, harmlessly call coro_ and immediately return as we have
-    already completed the coroutine.
+    would gain entry. resume() checks if the coroutine has already completed
+    (coro_ converts to false) and, if so, skips invoking operator() since
+    calling operator() on a completed boost::coroutine2 pull_type is undefined
+    behavior.
 
     The race condition occurs as follows:
 

include/xrpl/core/JobTypeData.h

@@ -19,13 +19,13 @@ public:
     JobTypeInfo const& info;
 
     /* The number of jobs waiting */
-    int waiting;
+    int waiting{0};
 
     /* The number presently running */
-    int running;
+    int running{0};
 
     /* And the number we deferred executing because of job limits */
-    int deferred;
+    int deferred{0};
 
     /* Notification callbacks */
     beast::insight::Event dequeue;
@@ -35,12 +35,8 @@ public:
         JobTypeInfo const& info_,
         beast::insight::Collector::ptr const& collector,
         Logs& logs) noexcept
-        : m_load(logs.journal("LoadMonitor"))
-        , m_collector(collector)
-        , info(info_)
-        , waiting(0)
-        , running(0)
-        , deferred(0)
+        : m_load(logs.journal("LoadMonitor")), m_collector(collector), info(info_)
+
     {
         m_load.setTargetLatency(info.getAverageLatency(), info.getPeakLatency());
 

include/xrpl/core/JobTypes.h

@@ -24,7 +24,7 @@ private:
               std::chrono::milliseconds{0})
     {
         using namespace std::chrono_literals;
-        int maxLimit = std::numeric_limits<int>::max();
+        int const maxLimit = std::numeric_limits<int>::max();
 
         auto add = [this](
                        JobType jt,

include/xrpl/core/LoadMonitor.h

@@ -36,10 +36,10 @@ public:
     {
         Stats();
 
-        std::uint64_t count;
+        std::uint64_t count{0};
         std::chrono::milliseconds latencyAvg;
         std::chrono::milliseconds latencyPeak;
-        bool isOverloaded;
+        bool isOverloaded{false};
     };
 
     Stats
@@ -54,8 +54,8 @@ private:
 
     std::mutex mutex_;
 
-    std::uint64_t mCounts;
-    int mLatencyEvents;
+    std::uint64_t mCounts{0};
+    int mLatencyEvents{0};
     std::chrono::milliseconds mLatencyMSAvg;
     std::chrono::milliseconds mLatencyMSPeak;
     std::chrono::milliseconds mTargetLatencyAvg;

include/xrpl/core/PeerReservationTable.h

@@ -67,7 +67,7 @@ public:
     bool
     contains(PublicKey const& nodeId)
     {
-        std::lock_guard lock(this->mutex_);
+        std::lock_guard const lock(this->mutex_);
         return table_.find({nodeId}) != table_.end();
     }
 
@@ -92,7 +92,7 @@ public:
 private:
     beast::Journal mutable journal_;
     std::mutex mutable mutex_;
-    DatabaseCon* connection_;
+    DatabaseCon* connection_{};
     std::unordered_set<PeerReservation, beast::uhash<>, KeyEqual> table_;
 };
 

include/xrpl/core/PerfLog.h

@@ -14,7 +14,7 @@
 
 namespace beast {
 class Journal;
-}
+}  // namespace beast
 
 namespace xrpl {
 class Application;

include/xrpl/core/ServiceRegistry.h

@@ -3,7 +3,6 @@
 #include <xrpl/basics/Blob.h>
 #include <xrpl/basics/SHAMapHash.h>
 #include <xrpl/basics/TaggedCache.h>
-#include <xrpl/ledger/CachedSLEs.h>
 
 #include <boost/asio.hpp>
 
@@ -12,17 +11,31 @@ namespace xrpl {
 // Forward declarations
 namespace NodeStore {
 class Database;
-}
+}  // namespace NodeStore
 namespace Resource {
 class Manager;
-}
+}  // namespace Resource
 namespace perf {
 class PerfLog;
-}
+}  // namespace perf
 
 // This is temporary until we migrate all code to use ServiceRegistry.
 class Application;
 
+template <
+    class Key,
+    class T,
+    bool IsKeyCache,
+    class SharedWeakUnionPointer,
+    class SharedPointerType,
+    class Hash,
+    class KeyEqual,
+    class Mutex>
+class TaggedCache;
+class STLedgerEntry;
+using SLE = STLedgerEntry;
+using CachedSLEs = TaggedCache<uint256, SLE const>;
+
 // Forward declarations
 class AcceptedLedger;
 class AmendmentTable;
@@ -45,7 +58,7 @@ class NetworkIDService;
 class OpenLedger;
 class OrderBookDB;
 class Overlay;
-class PathRequests;
+class PathRequestManager;
 class PeerReservationTable;
 class PendingSaves;
 class RelationalDatabase;
@@ -89,7 +102,7 @@ public:
     getNodeFamily() = 0;
 
     virtual TimeKeeper&
-    timeKeeper() = 0;
+    getTimeKeeper() = 0;
 
     virtual JobQueue&
     getJobQueue() = 0;
@@ -98,7 +111,7 @@ public:
     getTempNodeCache() = 0;
 
     virtual CachedSLEs&
-    cachedSLEs() = 0;
+    getCachedSLEs() = 0;
 
     virtual NetworkIDService&
     getNetworkIDService() = 0;
@@ -120,26 +133,26 @@ public:
     getValidations() = 0;
 
     virtual ValidatorList&
-    validators() = 0;
+    getValidators() = 0;
 
     virtual ValidatorSite&
-    validatorSites() = 0;
+    getValidatorSites() = 0;
 
     virtual ManifestCache&
-    validatorManifests() = 0;
+    getValidatorManifests() = 0;
 
     virtual ManifestCache&
-    publisherManifests() = 0;
+    getPublisherManifests() = 0;
 
     // Network services
     virtual Overlay&
-    overlay() = 0;
+    getOverlay() = 0;
 
     virtual Cluster&
-    cluster() = 0;
+    getCluster() = 0;
 
     virtual PeerReservationTable&
-    peerReservations() = 0;
+    getPeerReservations() = 0;
 
     virtual Resource::Manager&
     getResourceManager() = 0;
@@ -174,13 +187,13 @@ public:
     getLedgerReplayer() = 0;
 
     virtual PendingSaves&
-    pendingSaves() = 0;
+    getPendingSaves() = 0;
 
     virtual OpenLedger&
-    openLedger() = 0;
+    getOpenLedger() = 0;
 
     virtual OpenLedger const&
-    openLedger() const = 0;
+    getOpenLedger() const = 0;
 
     // Transaction and operation services
     virtual NetworkOPs&
@@ -195,8 +208,8 @@ public:
     virtual TxQ&
     getTxQ() = 0;
 
-    virtual PathRequests&
-    getPathRequests() = 0;
+    virtual PathRequestManager&
+    getPathRequestManager() = 0;
 
     // Server services
     virtual ServerHandler&
@@ -210,16 +223,16 @@ public:
     isStopping() const = 0;
 
     virtual beast::Journal
-    journal(std::string const& name) = 0;
+    getJournal(std::string const& name) = 0;
 
     virtual boost::asio::io_context&
     getIOContext() = 0;
 
     virtual Logs&
-    logs() = 0;
+    getLogs() = 0;
 
     virtual std::optional<uint256> const&
-    trapTxID() const = 0;
+    getTrapTxID() const = 0;
 
     /** Retrieve the "wallet database" */
     virtual DatabaseCon&
@@ -228,7 +241,7 @@ public:
     // Temporary: Get the underlying Application for functions that haven't
     // been migrated yet. This should be removed once all code is migrated.
     virtual Application&
-    app() = 0;
+    getApp() = 0;
 };
 
 }  // namespace xrpl

include/xrpl/core/StartUpType.h

@@ -5,7 +5,7 @@
 
 namespace xrpl {
 
-enum class StartUpType { FRESH, NORMAL, LOAD, LOAD_FILE, REPLAY, NETWORK };
+enum class StartUpType { Fresh, Normal, Load, LoadFile, Replay, Network };
 
 inline std::ostream&
 operator<<(std::ostream& os, StartUpType const& type)

include/xrpl/core/detail/Workers.h

@@ -13,7 +13,7 @@ namespace xrpl {
 
 namespace perf {
 class PerfLog;
-}
+}  // namespace perf
 
 /**
  * `Workers` is effectively a thread pool. The constructor takes a "callback"
@@ -183,8 +183,8 @@ private:
         std::thread thread_;
         std::mutex mutex_;
         std::condition_variable wakeup_;
-        int wakeCount_;  // how many times to un-pause
-        bool shouldExit_;
+        int wakeCount_{0};  // how many times to un-pause
+        bool shouldExit_{false};
     };
 
 private:
@@ -197,9 +197,9 @@ private:
     std::string m_threadNames;     // The name to give each thread
     std::condition_variable m_cv;  // signaled when all threads paused
     std::mutex m_mut;
-    bool m_allPaused;
+    bool m_allPaused{true};
     semaphore m_semaphore;                             // each pending task is 1 resource
-    int m_numberOfThreads;                             // how many we want active now
+    int m_numberOfThreads{0};                          // how many we want active now
     std::atomic<int> m_activeCount;                    // to know when all are paused
     std::atomic<int> m_pauseCount;                     // how many threads need to pause now
     std::atomic<int> m_runningTaskCount;               // how many calls to processTask() active

include/xrpl/core/detail/semaphore.h

@@ -55,7 +55,7 @@ public:
     void
     notify()
     {
-        std::lock_guard lock{m_mutex};
+        std::lock_guard const lock{m_mutex};
         ++m_count;
         m_cond.notify_one();
     }

include/xrpl/json/json_reader.h

@@ -103,9 +103,9 @@ private:
     public:
         explicit ErrorInfo() = default;
 
-        Token token_;
+        Token token_{};
         std::string message_;
-        Location extra_;
+        Location extra_{};
     };
 
     using Errors = std::deque<ErrorInfo>;
@@ -173,11 +173,11 @@ private:
     Nodes nodes_;
     Errors errors_;
     std::string document_;
-    Location begin_;
-    Location end_;
-    Location current_;
-    Location lastValueEnd_;
-    Value* lastValue_;
+    Location begin_{};
+    Location end_{};
+    Location current_{};
+    Location lastValueEnd_{};
+    Value* lastValue_{};
 };
 
 template <class BufferSequence>

include/xrpl/json/json_value.h

@@ -421,7 +421,7 @@ private:
         ObjectValues* map_{nullptr};
     } value_;
     ValueType type_ : 8;
-    int allocated_ : 1;  // Notes: if declared as bool, bitfield is useless.
+    int allocated_ : 1 {};  // Notes: if declared as bool, bitfield is useless.
 };
 
 inline Value
@@ -641,7 +641,7 @@ public:
     SelfType
     operator++(int)
     {
-        SelfType temp(*this);
+        SelfType const temp(*this);
         ++*this;
         return temp;
     }
@@ -649,7 +649,7 @@ public:
     SelfType
     operator--(int)
     {
-        SelfType temp(*this);
+        SelfType const temp(*this);
         --*this;
         return temp;
     }

include/xrpl/json/json_writer.h

@@ -106,9 +106,9 @@ private:
     ChildValues childValues_;
     std::string document_;
     std::string indentString_;
-    int rightMargin_;
-    int indentSize_;
-    bool addChildValues_;
+    int rightMargin_{74};
+    int indentSize_{3};
+    bool addChildValues_{};
 };
 
 /** \brief Writes a Value in <a HREF="http://www.json.org">JSON</a> format in a
@@ -171,11 +171,11 @@ private:
     using ChildValues = std::vector<std::string>;
 
     ChildValues childValues_;
-    std::ostream* document_;
+    std::ostream* document_{nullptr};
     std::string indentString_;
-    int rightMargin_;
+    int rightMargin_{74};
     std::string indentation_;
-    bool addChildValues_;
+    bool addChildValues_{};
 };
 
 std::string

include/xrpl/ledger/AmendmentTable.h

@@ -143,7 +143,7 @@ public:
         // Inject appropriate pseudo-transactions
         for (auto const& it : actions)
         {
-            STTx amendTx(ttAMENDMENT, [&it, seq = lastClosedLedger->seq() + 1](auto& obj) {
+            STTx const amendTx(ttAMENDMENT, [&it, seq = lastClosedLedger->seq() + 1](auto& obj) {
                 obj.setAccountID(sfAccount, AccountID());
                 obj.setFieldH256(sfAmendment, it.first);
                 obj.setFieldU32(sfLedgerSequence, seq);

include/xrpl/ledger/CachedSLEs.h

@@ -6,4 +6,4 @@
 
 namespace xrpl {
 using CachedSLEs = TaggedCache<uint256, SLE const>;
-}
+}  // namespace xrpl

include/xrpl/ledger/Credit.h

@@ -1,43 +0,0 @@
-#pragma once
-
-#include <xrpl/ledger/View.h>
-#include <xrpl/protocol/IOUAmount.h>
-#include <xrpl/protocol/STAmount.h>
-
-namespace xrpl {
-
-/** Calculate the maximum amount of IOUs that an account can hold
-    @param ledger the ledger to check against.
-    @param account the account of interest.
-    @param issuer the issuer of the IOU.
-    @param currency the IOU to check.
-    @return The maximum amount that can be held.
-*/
-/** @{ */
-STAmount
-creditLimit(
-    ReadView const& view,
-    AccountID const& account,
-    AccountID const& issuer,
-    Currency const& currency);
-
-IOUAmount
-creditLimit2(ReadView const& v, AccountID const& acc, AccountID const& iss, Currency const& cur);
-/** @} */
-
-/** Returns the amount of IOUs issued by issuer that are held by an account
-    @param ledger the ledger to check against.
-    @param account the account of interest.
-    @param issuer the issuer of the IOU.
-    @param currency the IOU to check.
-*/
-/** @{ */
-STAmount
-creditBalance(
-    ReadView const& view,
-    AccountID const& account,
-    AccountID const& issuer,
-    Currency const& currency);
-/** @} */
-
-}  // namespace xrpl

include/xrpl/ledger/Ledger.h

@@ -1,13 +1,12 @@
 #pragma once
 
-#include <xrpld/core/Config.h>
-#include <xrpld/core/TimeKeeper.h>
-
 #include <xrpl/basics/CountedObject.h>
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/ledger/CachedView.h>
 #include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Fees.h>
 #include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/Rules.h>
 #include <xrpl/protocol/STLedgerEntry.h>
 #include <xrpl/protocol/Serializer.h>
 #include <xrpl/protocol/TxMeta.h>
@@ -15,7 +14,7 @@
 
 namespace xrpl {
 
-class Application;
+class ServiceRegistry;
 class Job;
 class TransactionMaster;
 
@@ -83,21 +82,26 @@ public:
     */
     Ledger(
         create_genesis_t,
-        Config const& config,
+        Rules const& rules,
+        Fees const& fees,
         std::vector<uint256> const& amendments,
         Family& family);
 
-    Ledger(LedgerHeader const& info, Config const& config, Family& family);
+    Ledger(LedgerHeader const& info, Rules const& rules, Family& family);
 
     /** Used for ledgers loaded from JSON files
 
         @param acquire If true, acquires the ledger if not found locally
+
+        @note The fees parameter provides default values, but setup() may
+              override them from the ledger state if fee-related SLEs exist.
     */
     Ledger(
         LedgerHeader const& info,
         bool& loaded,
         bool acquire,
-        Config const& config,
+        Rules const& rules,
+        Fees const& fees,
         Family& family,
         beast::Journal j);
 
@@ -113,7 +117,8 @@ public:
     Ledger(
         std::uint32_t ledgerSeq,
         NetClock::time_point closeTime,
-        Config const& config,
+        Rules const& rules,
+        Fees const& fees,
         Family& family);
 
     ~Ledger() = default;
@@ -322,7 +327,7 @@ public:
     walkLedger(beast::Journal j, bool parallel = false) const;
 
     bool
-    assertSensible(beast::Journal ledgerJ) const;
+    isSensible() const;
 
     void
     invariants() const;
@@ -379,8 +384,26 @@ private:
     bool
     setup();
 
-    void
-    defaultFees(Config const& config);
+    /** @brief Deserialize a SHAMapItem containing a single STTx.
+     *
+     * @param item The SHAMapItem to deserialize.
+     * @return A shared pointer to the deserialized transaction.
+     * @throw May throw on deserialization error.
+     */
+    static std::shared_ptr<STTx const>
+    deserializeTx(SHAMapItem const& item);
+
+    /** @brief Deserialize a SHAMapItem containing STTx + STObject metadata.
+     *
+     * The SHAMapItem must contain two variable length serialization objects.
+     *
+     * @param item The SHAMapItem to deserialize.
+     * @return A pair containing shared pointers to the deserialized transaction
+     *         and metadata.
+     * @throw May throw on deserialization error.
+     */
+    static std::pair<std::shared_ptr<STTx const>, std::shared_ptr<STObject const>>
+    deserializeTxPlusMeta(SHAMapItem const& item);
 
     bool mImmutable;
 
@@ -402,54 +425,4 @@ private:
 /** A ledger wrapped in a CachedView. */
 using CachedLedger = CachedView<Ledger>;
 
-//------------------------------------------------------------------------------
-//
-// API
-//
-//------------------------------------------------------------------------------
-
-extern bool
-pendSaveValidated(
-    Application& app,
-    std::shared_ptr<Ledger const> const& ledger,
-    bool isSynchronous,
-    bool isCurrent);
-
-std::shared_ptr<Ledger>
-loadLedgerHelper(LedgerHeader const& sinfo, Application& app, bool acquire);
-
-std::shared_ptr<Ledger>
-loadByIndex(std::uint32_t ledgerIndex, Application& app, bool acquire = true);
-
-std::shared_ptr<Ledger>
-loadByHash(uint256 const& ledgerHash, Application& app, bool acquire = true);
-
-// Fetch the ledger with the highest sequence contained in the database
-extern std::tuple<std::shared_ptr<Ledger>, std::uint32_t, uint256>
-getLatestLedger(Application& app);
-
-/** Deserialize a SHAMapItem containing a single STTx
-
-    Throw:
-
-        May throw on deserializaton error
-*/
-std::shared_ptr<STTx const>
-deserializeTx(SHAMapItem const& item);
-
-/** Deserialize a SHAMapItem containing STTx + STObject metadata
-
-    The SHAMap must contain two variable length
-    serialization objects.
-
-    Throw:
-
-        May throw on deserializaton error
-*/
-std::pair<std::shared_ptr<STTx const>, std::shared_ptr<STObject const>>
-deserializeTxPlusMeta(SHAMapItem const& item);
-
-uint256
-calculateLedgerHash(LedgerHeader const& info);
-
 }  // namespace xrpl

include/xrpl/ledger/OrderBookDB.h

@@ -76,16 +76,33 @@ public:
         @return true if a book from this issue to XRP exists
     */
     virtual bool
-    isBookToXRP(Issue const& issue, std::optional<Domain> domain = std::nullopt) = 0;
+    isBookToXRP(Issue const& issue, std::optional<Domain> const& domain = std::nullopt) = 0;
 
+    /**
+     * Process a transaction for order book tracking.
+     * @param ledger The ledger the transaction was applied to
+     * @param alTx The transaction to process
+     * @param jvObj The JSON object of the transaction
+     */
     virtual void
     processTxn(
         std::shared_ptr<ReadView const> const& ledger,
         AcceptedLedgerTx const& alTx,
         MultiApiJson const& jvObj) = 0;
 
+    /**
+     * Get the book listeners for a book.
+     * @param book The book to get the listeners for
+     * @return The book listeners for the book
+     */
     virtual BookListeners::pointer
     getBookListeners(Book const&) = 0;
+
+    /**
+     * Create a new book listeners for a book.
+     * @param book The book to create the listeners for
+     * @return The new book listeners for the book
+     */
     virtual BookListeners::pointer
     makeBookListeners(Book const&) = 0;
 };

include/xrpl/ledger/PendingSaves.h

@@ -31,7 +31,7 @@ public:
     bool
     startWork(LedgerIndex seq)
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
 
         auto it = map_.find(seq);
 
@@ -54,7 +54,7 @@ public:
     void
     finishWork(LedgerIndex seq)
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
 
         map_.erase(seq);
         await_.notify_all();
@@ -64,7 +64,7 @@ public:
     bool
     pending(LedgerIndex seq)
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
         return map_.find(seq) != map_.end();
     }
 
@@ -117,7 +117,7 @@ public:
     std::map<LedgerIndex, bool>
     getSnapshot() const
     {
-        std::lock_guard lock(mutex_);
+        std::lock_guard const lock(mutex_);
 
         return map_;
     }

include/xrpl/ledger/View.h

@@ -2,26 +2,23 @@
 
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/OpenView.h>
 #include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/Asset.h>
-#include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/MPTIssue.h>
 #include <xrpl/protocol/Protocol.h>
-#include <xrpl/protocol/Rate.h>
 #include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STObject.h>
-#include <xrpl/protocol/Serializer.h>
+#include <xrpl/protocol/STTx.h>
 #include <xrpl/protocol/TER.h>
 
+#include <cstdint>
 #include <functional>
-#include <initializer_list>
 #include <map>
+#include <memory>
+#include <optional>
+#include <set>
 #include <utility>
 
 namespace xrpl {
 
-enum class WaiveTransferFee : bool { No = false, Yes };
 enum class SkipEntry : bool { No = false, Yes };
 
 //------------------------------------------------------------------------------
@@ -54,24 +51,6 @@ enum class SkipEntry : bool { No = false, Yes };
 [[nodiscard]] bool
 hasExpired(ReadView const& view, std::optional<std::uint32_t> const& exp);
 
-/** Controls the treatment of frozen account balances */
-enum FreezeHandling { fhIGNORE_FREEZE, fhZERO_IF_FROZEN };
-
-/** Controls the treatment of unauthorized MPT balances */
-enum AuthHandling { ahIGNORE_AUTH, ahZERO_IF_UNAUTHORIZED };
-
-/** Controls whether to include the account's full spendable balance */
-enum SpendableHandling { shSIMPLE_BALANCE, shFULL_BALANCE };
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, AccountID const& issuer);
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, MPTIssue const& mptIssue);
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, Asset const& asset);
-
 // Note, depth parameter is used to limit the recursion depth
 [[nodiscard]] bool
 isVaultPseudoAccountFrozen(
@@ -80,175 +59,6 @@ isVaultPseudoAccountFrozen(
     MPTIssue const& mptShare,
     int depth);
 
-[[nodiscard]] bool
-isIndividualFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isIndividualFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
-
-[[nodiscard]] inline bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
-{
-    return std::visit(
-        [&](auto const& issue) { return isIndividualFrozen(view, account, issue); }, asset.value());
-}
-
-[[nodiscard]] bool
-isFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isFrozen(ReadView const& view, AccountID const& account, Issue const& issue, int = 0 /*ignored*/)
-{
-    return isFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] bool
-isFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue, int depth = 0);
-
-/**
- *   isFrozen check is recursive for MPT shares in a vault, descending to
- *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- *   purely defensive, as we currently do not allow such vaults to be created.
- */
-[[nodiscard]] inline bool
-isFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0)
-{
-    return std::visit(
-        [&](auto const& issue) { return isFrozen(view, account, issue, depth); }, asset.value());
-}
-
-[[nodiscard]] inline TER
-checkFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue)
-{
-    return isFrozen(view, account, mptIssue) ? (TER)tecLOCKED : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
-{
-    return std::visit(
-        [&](auto const& issue) { return checkFrozen(view, account, issue); }, asset.value());
-}
-
-[[nodiscard]] bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    MPTIssue const& mptIssue,
-    int depth = 0);
-
-[[nodiscard]] inline bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    Issue const& issue)
-{
-    for (auto const& account : accounts)
-    {
-        if (isFrozen(view, account, issue.currency, issue.account))
-            return true;
-    }
-    return false;
-}
-
-[[nodiscard]] inline bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    Asset const& asset,
-    int depth = 0)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) {
-            if constexpr (std::is_same_v<TIss, Issue>)
-                return isAnyFrozen(view, accounts, issue);
-            else
-                return isAnyFrozen(view, accounts, issue, depth);
-        },
-        asset.value());
-}
-
-[[nodiscard]] bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    int = 0 /*ignored*/)
-{
-    return isDeepFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] inline bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    int depth = 0)
-{
-    // Unlike IOUs, frozen / locked MPTs are not allowed to send or receive
-    // funds, so checking "deep frozen" is the same as checking "frozen".
-    return isFrozen(view, account, mptIssue, depth);
-}
-
-/**
- *   isFrozen check is recursive for MPT shares in a vault, descending to
- *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- *   purely defensive, as we currently do not allow such vaults to be created.
- */
-[[nodiscard]] inline bool
-isDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0)
-{
-    return std::visit(
-        [&](auto const& issue) { return isDeepFrozen(view, account, issue, depth); },
-        asset.value());
-}
-
-[[nodiscard]] inline TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isDeepFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue)
-{
-    return isDeepFrozen(view, account, mptIssue) ? (TER)tecLOCKED : (TER)tesSUCCESS;
-}
-
-[[nodiscard]] inline TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
-{
-    return std::visit(
-        [&](auto const& issue) { return checkDeepFrozen(view, account, issue); }, asset.value());
-}
-
 [[nodiscard]] bool
 isLPTokenFrozen(
     ReadView const& view,
@@ -256,159 +66,6 @@ isLPTokenFrozen(
     Issue const& asset,
     Issue const& asset2);
 
-// Returns the amount an account can spend.
-//
-// If shSIMPLE_BALANCE is specified, this is the amount the account can spend
-// without going into debt.
-//
-// If shFULL_BALANCE is specified, this is the amount the account can spend
-// total. Specifically:
-// * The account can go into debt if using a trust line, and the other side has
-// a non-zero limit.
-// * If the account is the asset issuer the limit is defined by the asset /
-//   issuance.
-//
-// <-- saAmount: amount of currency held by account. May be negative.
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Asset const& asset,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-// Returns the amount an account can spend of the currency type saDefault, or
-// returns saDefault if this account is the issuer of the currency in
-// question. Should be used in favor of accountHolds when questioning how much
-// an account can spend while also allowing currency issuers to spend
-// unlimited amounts of their own currency (since they can always issue more).
-[[nodiscard]] STAmount
-accountFunds(
-    ReadView const& view,
-    AccountID const& id,
-    STAmount const& saDefault,
-    FreezeHandling freezeHandling,
-    beast::Journal j);
-
-// Return the account's liquid (not reserved) XRP.  Generally prefer
-// calling accountHolds() over this interface.  However, this interface
-// allows the caller to temporarily adjust the owner count should that be
-// necessary.
-//
-// @param ownerCountAdj positive to add to count, negative to reduce count.
-[[nodiscard]] XRPAmount
-xrpLiquid(ReadView const& view, AccountID const& id, std::int32_t ownerCountAdj, beast::Journal j);
-
-/** Iterate all items in the given directory. */
-void
-forEachItem(
-    ReadView const& view,
-    Keylet const& root,
-    std::function<void(std::shared_ptr<SLE const> const&)> const& f);
-
-/** Iterate all items after an item in the given directory.
-    @param after The key of the item to start after
-    @param hint The directory page containing `after`
-    @param limit The maximum number of items to return
-    @return `false` if the iteration failed
-*/
-bool
-forEachItemAfter(
-    ReadView const& view,
-    Keylet const& root,
-    uint256 const& after,
-    std::uint64_t const hint,
-    unsigned int limit,
-    std::function<bool(std::shared_ptr<SLE const> const&)> const& f);
-
-/** Iterate all items in an account's owner directory. */
-inline void
-forEachItem(
-    ReadView const& view,
-    AccountID const& id,
-    std::function<void(std::shared_ptr<SLE const> const&)> const& f)
-{
-    return forEachItem(view, keylet::ownerDir(id), f);
-}
-
-/** Iterate all items after an item in an owner directory.
-    @param after The key of the item to start after
-    @param hint The directory page containing `after`
-    @param limit The maximum number of items to return
-    @return `false` if the iteration failed
-*/
-inline bool
-forEachItemAfter(
-    ReadView const& view,
-    AccountID const& id,
-    uint256 const& after,
-    std::uint64_t const hint,
-    unsigned int limit,
-    std::function<bool(std::shared_ptr<SLE const> const&)> const& f)
-{
-    return forEachItemAfter(view, keylet::ownerDir(id), after, hint, limit, f);
-}
-
-/** Returns IOU issuer transfer fee as Rate. Rate specifies
- * the fee as fractions of 1 billion. For example, 1% transfer rate
- * is represented as 1,010,000,000.
- * @param issuer The IOU issuer
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, AccountID const& issuer);
-
-/** Returns MPT transfer fee as Rate. Rate specifies
- * the fee as fractions of 1 billion. For example, 1% transfer rate
- * is represented as 1,010,000,000.
- * @param issuanceID MPTokenIssuanceID of MPTTokenIssuance object
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, MPTID const& issuanceID);
-
-/** Returns the transfer fee as Rate based on the type of token
- * @param view The ledger view
- * @param amount The amount to transfer
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, STAmount const& amount);
-
-/** Returns `true` if the directory is empty
-    @param key The key of the directory
-*/
-[[nodiscard]] bool
-dirIsEmpty(ReadView const& view, Keylet const& k);
-
 // Return the list of enabled amendments
 [[nodiscard]] std::set<uint256>
 getEnabledAmendments(ReadView const& view);
@@ -474,81 +131,6 @@ areCompatible(
 //
 //------------------------------------------------------------------------------
 
-/** Adjust the owner count up or down. */
-void
-adjustOwnerCount(
-    ApplyView& view,
-    std::shared_ptr<SLE> const& sle,
-    std::int32_t amount,
-    beast::Journal j);
-
-/** @{ */
-/** Returns the first entry in the directory, advancing the index
-
-    @deprecated These are legacy function that are considered deprecated
-                and will soon be replaced with an iterator-based model
-                that is easier to use. You should not use them in new code.
-
-    @param view The view against which to operate
-    @param root The root (i.e. first page) of the directory to iterate
-    @param page The current page
-    @param index The index inside the current page
-    @param entry The entry at the current index
-
-    @return true if the directory isn't empty; false otherwise
- */
-bool
-cdirFirst(
-    ReadView const& view,
-    uint256 const& root,
-    std::shared_ptr<SLE const>& page,
-    unsigned int& index,
-    uint256& entry);
-
-bool
-dirFirst(
-    ApplyView& view,
-    uint256 const& root,
-    std::shared_ptr<SLE>& page,
-    unsigned int& index,
-    uint256& entry);
-/** @} */
-
-/** @{ */
-/** Returns the next entry in the directory, advancing the index
-
-    @deprecated These are legacy function that are considered deprecated
-                and will soon be replaced with an iterator-based model
-                that is easier to use. You should not use them in new code.
-
-    @param view The view against which to operate
-    @param root The root (i.e. first page) of the directory to iterate
-    @param page The current page
-    @param index The index inside the current page
-    @param entry The entry at the current index
-
-    @return true if the directory isn't empty; false otherwise
- */
-bool
-cdirNext(
-    ReadView const& view,
-    uint256 const& root,
-    std::shared_ptr<SLE const>& page,
-    unsigned int& index,
-    uint256& entry);
-
-bool
-dirNext(
-    ApplyView& view,
-    uint256 const& root,
-    std::shared_ptr<SLE>& page,
-    unsigned int& index,
-    uint256& entry);
-/** @} */
-
-[[nodiscard]] std::function<void(SLE::ref)>
-describeOwnerDir(AccountID const& account);
-
 [[nodiscard]] TER
 dirLink(
     ApplyView& view,
@@ -556,63 +138,6 @@ dirLink(
     std::shared_ptr<SLE>& object,
     SF_UINT64 const& node = sfOwnerNode);
 
-AccountID
-pseudoAccountAddress(ReadView const& view, uint256 const& pseudoOwnerKey);
-
-/**
- *
- * Create pseudo-account, storing pseudoOwnerKey into ownerField.
- *
- * The list of valid ownerField is maintained in View.cpp and the caller to
- * this function must perform necessary amendment check(s) before using a
- * field. The amendment check is **not** performed in createPseudoAccount.
- */
-[[nodiscard]] Expected<std::shared_ptr<SLE>, TER>
-createPseudoAccount(ApplyView& view, uint256 const& pseudoOwnerKey, SField const& ownerField);
-
-// Returns true if and only if sleAcct is a pseudo-account or specific
-// pseudo-accounts in pseudoFieldFilter.
-//
-// Returns false if sleAcct is
-// * NOT a pseudo-account OR
-// * NOT a ltACCOUNT_ROOT OR
-// * null pointer
-[[nodiscard]] bool
-isPseudoAccount(
-    std::shared_ptr<SLE const> sleAcct,
-    std::set<SField const*> const& pseudoFieldFilter = {});
-
-// Returns the list of fields that define an ACCOUNT_ROOT as a pseudo-account if
-// set
-// Pseudo-account designator fields MUST be maintained by including the
-// SField::sMD_PseudoAccount flag in the SField definition. (Don't forget to
-// "| SField::sMD_Default"!) The fields do NOT need to be amendment-gated,
-// since a non-active amendment will not set any field, by definition.
-// Specific properties of a pseudo-account are NOT checked here, that's what
-// InvariantCheck is for.
-[[nodiscard]] std::vector<SField const*> const&
-getPseudoAccountFields();
-
-[[nodiscard]] inline bool
-isPseudoAccount(
-    ReadView const& view,
-    AccountID const& accountId,
-    std::set<SField const*> const& pseudoFieldFilter = {})
-{
-    return isPseudoAccount(view.read(keylet::account(accountId)), pseudoFieldFilter);
-}
-
-[[nodiscard]] TER
-canAddHolding(ReadView const& view, Asset const& asset);
-
-/** Validates that the destination SLE and tag are valid
-
-   - Checks that the SLE is not null.
-   - If the SLE requires a destination tag, checks that there is a tag.
-*/
-[[nodiscard]] TER
-checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
-
 /** Checks that can withdraw funds from an object to itself or a destination.
  *
  * The receiver may be either the submitting account (sfAccount) or a different
@@ -686,351 +211,6 @@ doWithdraw(
     STAmount const& amount,
     beast::Journal j);
 
-/// Any transactors that call addEmptyHolding() in doApply must call
-/// canAddHolding() in preflight with the same View and Asset
-[[nodiscard]] TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    Issue const& issue,
-    beast::Journal journal);
-
-[[nodiscard]] TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    MPTIssue const& mptIssue,
-    beast::Journal journal);
-
-[[nodiscard]] inline TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    Asset const& asset,
-    beast::Journal journal)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
-            return addEmptyHolding(view, accountID, priorBalance, issue, journal);
-        },
-        asset.value());
-}
-
-[[nodiscard]] TER
-authorizeMPToken(
-    ApplyView& view,
-    XRPAmount const& priorBalance,
-    MPTID const& mptIssuanceID,
-    AccountID const& account,
-    beast::Journal journal,
-    std::uint32_t flags = 0,
-    std::optional<AccountID> holderID = std::nullopt);
-
-// VFALCO NOTE Both STAmount parameters should just
-//             be "Amount", a unit-less number.
-//
-/** Create a trust line
-
-    This can set an initial balance.
-*/
-[[nodiscard]] TER
-trustCreate(
-    ApplyView& view,
-    bool const bSrcHigh,
-    AccountID const& uSrcAccountID,
-    AccountID const& uDstAccountID,
-    uint256 const& uIndex,      // --> ripple state entry
-    SLE::ref sleAccount,        // --> the account being set.
-    bool const bAuth,           // --> authorize account.
-    bool const bNoRipple,       // --> others cannot ripple through
-    bool const bFreeze,         // --> funds cannot leave
-    bool bDeepFreeze,           // --> can neither receive nor send funds
-    STAmount const& saBalance,  // --> balance of account being set.
-                                // Issuer should be noAccount()
-    STAmount const& saLimit,    // --> limit for account being set.
-                                // Issuer should be the account being set.
-    std::uint32_t uSrcQualityIn,
-    std::uint32_t uSrcQualityOut,
-    beast::Journal j);
-
-[[nodiscard]] TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    Issue const& issue,
-    beast::Journal journal);
-
-[[nodiscard]] TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    MPTIssue const& mptIssue,
-    beast::Journal journal);
-
-[[nodiscard]] inline TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    Asset const& asset,
-    beast::Journal journal)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
-            return removeEmptyHolding(view, accountID, issue, journal);
-        },
-        asset.value());
-}
-
-[[nodiscard]] TER
-trustDelete(
-    ApplyView& view,
-    std::shared_ptr<SLE> const& sleRippleState,
-    AccountID const& uLowAccountID,
-    AccountID const& uHighAccountID,
-    beast::Journal j);
-
-/** Delete an offer.
-
-    Requirements:
-        The passed `sle` be obtained from a prior
-        call to view.peek()
-*/
-// [[nodiscard]] // nodiscard commented out so Flow, BookTip and others compile.
-TER
-offerDelete(ApplyView& view, std::shared_ptr<SLE> const& sle, beast::Journal j);
-
-//------------------------------------------------------------------------------
-
-//
-// Money Transfers
-//
-
-// Direct send w/o fees:
-// - Redeeming IOUs and/or sending sender's own IOUs.
-// - Create trust line of needed.
-// --> bCheckIssuer : normally require issuer to be involved.
-// [[nodiscard]] // nodiscard commented out so DirectStep.cpp compiles.
-
-/** Calls static rippleCreditIOU if saAmount represents Issue.
- * Calls static rippleCreditMPT if saAmount represents MPTIssue.
- */
-TER
-rippleCredit(
-    ApplyView& view,
-    AccountID const& uSenderID,
-    AccountID const& uReceiverID,
-    STAmount const& saAmount,
-    bool bCheckIssuer,
-    beast::Journal j);
-
-TER
-rippleLockEscrowMPT(
-    ApplyView& view,
-    AccountID const& uGrantorID,
-    STAmount const& saAmount,
-    beast::Journal j);
-
-TER
-rippleUnlockEscrowMPT(
-    ApplyView& view,
-    AccountID const& uGrantorID,
-    AccountID const& uGranteeID,
-    STAmount const& netAmount,
-    STAmount const& grossAmount,
-    beast::Journal j);
-
-/** Calls static accountSendIOU if saAmount represents Issue.
- * Calls static accountSendMPT if saAmount represents MPTIssue.
- */
-[[nodiscard]] TER
-accountSend(
-    ApplyView& view,
-    AccountID const& from,
-    AccountID const& to,
-    STAmount const& saAmount,
-    beast::Journal j,
-    WaiveTransferFee waiveFee = WaiveTransferFee::No);
-
-using MultiplePaymentDestinations = std::vector<std::pair<AccountID, Number>>;
-/** Like accountSend, except one account is sending multiple payments (with the
- *  same asset!) simultaneously
- *
- * Calls static accountSendMultiIOU if saAmount represents Issue.
- * Calls static accountSendMultiMPT if saAmount represents MPTIssue.
- */
-[[nodiscard]] TER
-accountSendMulti(
-    ApplyView& view,
-    AccountID const& senderID,
-    Asset const& asset,
-    MultiplePaymentDestinations const& receivers,
-    beast::Journal j,
-    WaiveTransferFee waiveFee = WaiveTransferFee::No);
-
-[[nodiscard]] TER
-issueIOU(
-    ApplyView& view,
-    AccountID const& account,
-    STAmount const& amount,
-    Issue const& issue,
-    beast::Journal j);
-
-[[nodiscard]] TER
-redeemIOU(
-    ApplyView& view,
-    AccountID const& account,
-    STAmount const& amount,
-    Issue const& issue,
-    beast::Journal j);
-
-[[nodiscard]] TER
-transferXRP(
-    ApplyView& view,
-    AccountID const& from,
-    AccountID const& to,
-    STAmount const& amount,
-    beast::Journal j);
-
-/* Check if MPToken (for MPT) or trust line (for IOU) exists:
- * - StrongAuth - before checking if authorization is required
- * - WeakAuth
- *    for MPT - after checking lsfMPTRequireAuth flag
- *    for IOU - do not check if trust line exists
- * - Legacy
- *    for MPT - before checking lsfMPTRequireAuth flag i.e. same as StrongAuth
- *    for IOU - do not check if trust line exists i.e. same as WeakAuth
- */
-enum class AuthType { StrongAuth, WeakAuth, Legacy };
-
-/** Check if the account lacks required authorization.
- *
- * Return tecNO_AUTH or tecNO_LINE if it does
- * and tesSUCCESS otherwise.
- *
- * If StrongAuth then return tecNO_LINE if the RippleState doesn't exist. Return
- * tecNO_AUTH if lsfRequireAuth is set on the issuer's AccountRoot, and the
- * RippleState does exist, and the RippleState is not authorized.
- *
- * If WeakAuth then return tecNO_AUTH if lsfRequireAuth is set, and the
- * RippleState exists, and is not authorized. Return tecNO_LINE if
- * lsfRequireAuth is set and the RippleState doesn't exist. Consequently, if
- * WeakAuth and lsfRequireAuth is *not* set, this function will return
- * tesSUCCESS even if RippleState does *not* exist.
- *
- * The default "Legacy" auth type is equivalent to WeakAuth.
- */
-[[nodiscard]] TER
-requireAuth(
-    ReadView const& view,
-    Issue const& issue,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy);
-
-/** Check if the account lacks required authorization.
- *
- * This will also check for expired credentials. If it is called directly
- * from preclaim, the user should convert result tecEXPIRED to tesSUCCESS and
- * proceed to also check permissions with enforceMPTokenAuthorization inside
- * doApply. This will ensure that any expired credentials are deleted.
- *
- * requireAuth check is recursive for MPT shares in a vault, descending to
- * assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- * purely defensive, as we currently do not allow such vaults to be created.
- *
- * If StrongAuth then return tecNO_AUTH if MPToken doesn't exist or
- * lsfMPTRequireAuth is set and MPToken is not authorized. Vault and LoanBroker
- * pseudo-accounts are implicitly authorized.
- *
- * If WeakAuth then return tecNO_AUTH if lsfMPTRequireAuth is set and MPToken
- * doesn't exist or is not authorized (explicitly or via credentials, if
- * DomainID is set in MPTokenIssuance). Consequently, if WeakAuth and
- * lsfMPTRequireAuth is *not* set, this function will return true even if
- * MPToken does *not* exist.
- *
- * The default "Legacy" auth type is equivalent to StrongAuth.
- */
-[[nodiscard]] TER
-requireAuth(
-    ReadView const& view,
-    MPTIssue const& mptIssue,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy,
-    int depth = 0);
-
-[[nodiscard]] TER inline requireAuth(
-    ReadView const& view,
-    Asset const& asset,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue_) {
-            return requireAuth(view, issue_, account, authType);
-        },
-        asset.value());
-}
-
-/** Enforce account has MPToken to match its authorization.
- *
- *   Called from doApply - it will check for expired (and delete if found any)
- *   credentials matching DomainID set in MPTokenIssuance. Must be called if
- *   requireAuth(...MPTIssue...) returned tesSUCCESS or tecEXPIRED in preclaim,
- *   which implies that preclaim should replace `tecEXPIRED` with `tesSUCCESS`
- *   in order for the transactor to proceed to doApply.
- *
- *   This function will create MPToken (if needed) on the basis of any
- *   non-expired credentials and will delete any expired credentials, indirectly
- *   via verifyValidDomain, as per DomainID (if set in MPTokenIssuance).
- *
- *   The caller does NOT need to ensure that DomainID is actually set - this
- *   function handles gracefully both cases when DomainID is set and when not.
- *
- *   The caller does NOT need to look for existing MPToken to match
- *   mptIssue/account - this function checks lsfMPTAuthorized of an existing
- *   MPToken iff DomainID is not set.
- *
- *   Do not use for accounts which hold implied permission e.g. object owners or
- *   if MPTokenIssuance does not require authorization. In both cases use
- *   MPTokenAuthorize::authorize if MPToken does not yet exist.
- */
-[[nodiscard]] TER
-enforceMPTokenAuthorization(
-    ApplyView& view,
-    MPTID const& mptIssuanceID,
-    AccountID const& account,
-    XRPAmount const& priorBalance,
-    beast::Journal j);
-
-/** Check if the destination account is allowed
- *  to receive MPT. Return tecNO_AUTH if it doesn't
- *  and tesSUCCESS otherwise.
- */
-[[nodiscard]] TER
-canTransfer(
-    ReadView const& view,
-    MPTIssue const& mptIssue,
-    AccountID const& from,
-    AccountID const& to);
-
-[[nodiscard]] TER
-canTransfer(ReadView const& view, Issue const& issue, AccountID const& from, AccountID const& to);
-
-[[nodiscard]] TER inline canTransfer(
-    ReadView const& view,
-    Asset const& asset,
-    AccountID const& from,
-    AccountID const& to)
-{
-    return std::visit(
-        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
-            return canTransfer(view, issue, from, to);
-        },
-        asset.value());
-}
-
 /** Deleter function prototype. Returns the status of the entry deletion
  * (if should not be skipped) and if the entry should be skipped. The status
  * is always tesSUCCESS if the entry should be skipped.
@@ -1052,57 +232,6 @@ cleanupOnAccountDelete(
     beast::Journal j,
     std::optional<std::uint16_t> maxNodesToDelete = std::nullopt);
 
-/** Delete trustline to AMM. The passed `sle` must be obtained from a prior
- * call to view.peek(). Fail if neither side of the trustline is AMM or
- * if ammAccountID is seated and is not one of the trustline's side.
- */
-[[nodiscard]] TER
-deleteAMMTrustLine(
-    ApplyView& view,
-    std::shared_ptr<SLE> sleState,
-    std::optional<AccountID> const& ammAccountID,
-    beast::Journal j);
-
-// From the perspective of a vault, return the number of shares to give the
-// depositor when they deposit a fixed amount of assets. Since shares are MPT
-// this number is integral and always truncated in this calculation.
-[[nodiscard]] std::optional<STAmount>
-assetsToSharesDeposit(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& assets);
-
-// From the perspective of a vault, return the number of assets to take from
-// depositor when they receive a fixed amount of shares. Note, since shares are
-// MPT, they are always an integral number.
-[[nodiscard]] std::optional<STAmount>
-sharesToAssetsDeposit(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& shares);
-
-enum class TruncateShares : bool { no = false, yes = true };
-
-// From the perspective of a vault, return the number of shares to demand from
-// the depositor when they ask to withdraw a fixed amount of assets. Since
-// shares are MPT this number is integral, and it will be rounded to nearest
-// unless explicitly requested to be truncated instead.
-[[nodiscard]] std::optional<STAmount>
-assetsToSharesWithdraw(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& assets,
-    TruncateShares truncate = TruncateShares::no);
-
-// From the perspective of a vault, return the number of assets to give the
-// depositor when they redeem a fixed amount of shares. Note, since shares are
-// MPT, they are always an integral number.
-[[nodiscard]] std::optional<STAmount>
-sharesToAssetsWithdraw(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& shares);
-
 /** Has the specified time passed?
 
     @param now  the current time

include/xrpl/ledger/helpers/AccountRootHelpers.h

@@ -0,0 +1,112 @@
+#pragma once
+
+#include <xrpl/basics/Expected.h>
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/Rate.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/TER.h>
+
+#include <memory>
+#include <set>
+#include <vector>
+
+namespace xrpl {
+
+/** Check if the issuer has the global freeze flag set.
+    @param issuer The account to check
+    @return true if the account has global freeze set
+*/
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, AccountID const& issuer);
+
+// Calculate liquid XRP balance for an account.
+// This function may be used to calculate the amount of XRP that
+// the holder is able to freely spend. It subtracts reserve requirements.
+//
+// ownerCountAdj adjusts the owner count in case the caller calculates
+// before ledger entries are added or removed. Positive to add, negative
+// to subtract.
+//
+// @param ownerCountAdj positive to add to count, negative to reduce count.
+[[nodiscard]] XRPAmount
+xrpLiquid(ReadView const& view, AccountID const& id, std::int32_t ownerCountAdj, beast::Journal j);
+
+/** Adjust the owner count up or down. */
+void
+adjustOwnerCount(
+    ApplyView& view,
+    std::shared_ptr<SLE> const& sle,
+    std::int32_t amount,
+    beast::Journal j);
+
+/** Returns IOU issuer transfer fee as Rate. Rate specifies
+ * the fee as fractions of 1 billion. For example, 1% transfer rate
+ * is represented as 1,010,000,000.
+ * @param issuer The IOU issuer
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, AccountID const& issuer);
+
+/** Generate a pseudo-account address from a pseudo owner key.
+    @param pseudoOwnerKey The key to generate the address from
+    @return The generated account ID
+*/
+AccountID
+pseudoAccountAddress(ReadView const& view, uint256 const& pseudoOwnerKey);
+
+/** Returns the list of fields that define an ACCOUNT_ROOT as a pseudo-account
+    if set.
+
+    The list is constructed during initialization and is const after that.
+    Pseudo-account designator fields MUST be maintained by including the
+    SField::sMD_PseudoAccount flag in the SField definition.
+*/
+[[nodiscard]] std::vector<SField const*> const&
+getPseudoAccountFields();
+
+/** Returns true if and only if sleAcct is a pseudo-account or specific
+    pseudo-accounts in pseudoFieldFilter.
+
+    Returns false if sleAcct is:
+    - NOT a pseudo-account OR
+    - NOT a ltACCOUNT_ROOT OR
+    - null pointer
+*/
+[[nodiscard]] bool
+isPseudoAccount(
+    std::shared_ptr<SLE const> sleAcct,
+    std::set<SField const*> const& pseudoFieldFilter = {});
+
+/** Convenience overload that reads the account from the view. */
+[[nodiscard]] inline bool
+isPseudoAccount(
+    ReadView const& view,
+    AccountID const& accountId,
+    std::set<SField const*> const& pseudoFieldFilter = {})
+{
+    return isPseudoAccount(view.read(keylet::account(accountId)), pseudoFieldFilter);
+}
+
+/**
+ * Create pseudo-account, storing pseudoOwnerKey into ownerField.
+ *
+ * The list of valid ownerField is maintained in AccountRootHelpers.cpp and
+ * the caller to this function must perform necessary amendment check(s)
+ * before using a field. The amendment check is **not** performed in
+ * createPseudoAccount.
+ */
+[[nodiscard]] Expected<std::shared_ptr<SLE>, TER>
+createPseudoAccount(ApplyView& view, uint256 const& pseudoOwnerKey, SField const& ownerField);
+
+/** Checks the destination and tag.
+
+   - Checks that the SLE is not null.
+   - If the SLE requires a destination tag, checks that there is a tag.
+*/
+[[nodiscard]] TER
+checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/CredentialHelpers.h

@@ -49,7 +49,7 @@ validDomain(ReadView const& view, uint256 domainID, AccountID const& subject);
 // This function is only called when we about to return tecNO_PERMISSION
 // because all the checks for the DepositPreauth authorization failed.
 TER
-authorizedDepositPreauth(ApplyView const& view, STVector256 const& ctx, AccountID const& dst);
+authorizedDepositPreauth(ReadView const& view, STVector256 const& ctx, AccountID const& dst);
 
 // Sort credentials array, return empty set if there are duplicates
 std::set<std::pair<AccountID, Slice>>
@@ -74,7 +74,7 @@ verifyDepositPreauth(
     ApplyView& view,
     AccountID const& src,
     AccountID const& dst,
-    std::shared_ptr<SLE> const& sleDst,
+    std::shared_ptr<SLE const> const& sleDst,
     beast::Journal j);
 
 }  // namespace xrpl

include/xrpl/ledger/helpers/DirectoryHelpers.h

@@ -0,0 +1,223 @@
+#pragma once
+
+#include <xrpl/beast/utility/instrumentation.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/TER.h>
+
+#include <functional>
+#include <memory>
+#include <type_traits>
+
+namespace xrpl {
+
+namespace detail {
+
+template <
+    class V,
+    class N,
+    class = std::enable_if_t<
+        std::is_same_v<std::remove_cv_t<N>, SLE> && std::is_base_of_v<ReadView, V>>>
+bool
+internalDirNext(
+    V& view,
+    uint256 const& root,
+    std::shared_ptr<N>& page,
+    unsigned int& index,
+    uint256& entry)
+{
+    auto const& svIndexes = page->getFieldV256(sfIndexes);
+    XRPL_ASSERT(index <= svIndexes.size(), "xrpl::detail::internalDirNext : index inside range");
+
+    if (index >= svIndexes.size())
+    {
+        auto const next = page->getFieldU64(sfIndexNext);
+
+        if (!next)
+        {
+            entry.zero();
+            return false;
+        }
+
+        if constexpr (std::is_const_v<N>)
+        {
+            page = view.read(keylet::page(root, next));
+        }
+        else
+        {
+            page = view.peek(keylet::page(root, next));
+        }
+
+        XRPL_ASSERT(page, "xrpl::detail::internalDirNext : non-null root");
+
+        if (!page)
+            return false;
+
+        index = 0;
+
+        return internalDirNext(view, root, page, index, entry);
+    }
+
+    entry = svIndexes[index++];
+    return true;
+}
+
+template <
+    class V,
+    class N,
+    class = std::enable_if_t<
+        std::is_same_v<std::remove_cv_t<N>, SLE> && std::is_base_of_v<ReadView, V>>>
+bool
+internalDirFirst(
+    V& view,
+    uint256 const& root,
+    std::shared_ptr<N>& page,
+    unsigned int& index,
+    uint256& entry)
+{
+    if constexpr (std::is_const_v<N>)
+    {
+        page = view.read(keylet::page(root));
+    }
+    else
+    {
+        page = view.peek(keylet::page(root));
+    }
+
+    if (!page)
+        return false;
+
+    index = 0;
+
+    return internalDirNext(view, root, page, index, entry);
+}
+
+}  // namespace detail
+
+/** @{ */
+/** Returns the first entry in the directory, advancing the index
+
+    @deprecated These are legacy function that are considered deprecated
+                and will soon be replaced with an iterator-based model
+                that is easier to use. You should not use them in new code.
+
+    @param view The view against which to operate
+    @param root The root (i.e. first page) of the directory to iterate
+    @param page The current page
+    @param index The index inside the current page
+    @param entry The entry at the current index
+
+    @return true if the directory isn't empty; false otherwise
+ */
+bool
+cdirFirst(
+    ReadView const& view,
+    uint256 const& root,
+    std::shared_ptr<SLE const>& page,
+    unsigned int& index,
+    uint256& entry);
+
+bool
+dirFirst(
+    ApplyView& view,
+    uint256 const& root,
+    std::shared_ptr<SLE>& page,
+    unsigned int& index,
+    uint256& entry);
+/** @} */
+
+/** @{ */
+/** Returns the next entry in the directory, advancing the index
+
+    @deprecated These are legacy function that are considered deprecated
+                and will soon be replaced with an iterator-based model
+                that is easier to use. You should not use them in new code.
+
+    @param view The view against which to operate
+    @param root The root (i.e. first page) of the directory to iterate
+    @param page The current page
+    @param index The index inside the current page
+    @param entry The entry at the current index
+
+    @return true if the directory isn't empty; false otherwise
+ */
+bool
+cdirNext(
+    ReadView const& view,
+    uint256 const& root,
+    std::shared_ptr<SLE const>& page,
+    unsigned int& index,
+    uint256& entry);
+
+bool
+dirNext(
+    ApplyView& view,
+    uint256 const& root,
+    std::shared_ptr<SLE>& page,
+    unsigned int& index,
+    uint256& entry);
+/** @} */
+
+/** Iterate all items in the given directory. */
+void
+forEachItem(
+    ReadView const& view,
+    Keylet const& root,
+    std::function<void(std::shared_ptr<SLE const> const&)> const& f);
+
+/** Iterate all items after an item in the given directory.
+    @param after The key of the item to start after
+    @param hint The directory page containing `after`
+    @param limit The maximum number of items to return
+    @return `false` if the iteration failed
+*/
+bool
+forEachItemAfter(
+    ReadView const& view,
+    Keylet const& root,
+    uint256 const& after,
+    std::uint64_t const hint,
+    unsigned int limit,
+    std::function<bool(std::shared_ptr<SLE const> const&)> const& f);
+
+/** Iterate all items in an account's owner directory. */
+inline void
+forEachItem(
+    ReadView const& view,
+    AccountID const& id,
+    std::function<void(std::shared_ptr<SLE const> const&)> const& f)
+{
+    return forEachItem(view, keylet::ownerDir(id), f);
+}
+
+/** Iterate all items after an item in an owner directory.
+    @param after The key of the item to start after
+    @param hint The directory page containing `after`
+    @param limit The maximum number of items to return
+    @return `false` if the iteration failed
+*/
+inline bool
+forEachItemAfter(
+    ReadView const& view,
+    AccountID const& id,
+    uint256 const& after,
+    std::uint64_t const hint,
+    unsigned int limit,
+    std::function<bool(std::shared_ptr<SLE const> const&)> const& f)
+{
+    return forEachItemAfter(view, keylet::ownerDir(id), after, hint, limit, f);
+}
+
+/** Returns `true` if the directory is empty
+    @param key The key of the directory
+*/
+[[nodiscard]] bool
+dirIsEmpty(ReadView const& view, Keylet const& k);
+
+/** Returns a function that sets the owner on a directory SLE */
+[[nodiscard]] std::function<void(SLE::ref)>
+describeOwnerDir(AccountID const& account);
+
+}  // namespace xrpl

include/xrpl/ledger/helpers/MPTokenHelpers.h

@@ -0,0 +1,160 @@
+#pragma once
+
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/ReadView.h>
+#include <xrpl/ledger/helpers/TokenHelpers.h>
+#include <xrpl/protocol/MPTIssue.h>
+#include <xrpl/protocol/Rate.h>
+#include <xrpl/protocol/STAmount.h>
+#include <xrpl/protocol/TER.h>
+
+#include <initializer_list>
+#include <optional>
+
+namespace xrpl {
+
+//------------------------------------------------------------------------------
+//
+// Freeze checking (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, MPTIssue const& mptIssue);
+
+[[nodiscard]] bool
+isIndividualFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
+
+[[nodiscard]] bool
+isFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue, int depth = 0);
+
+[[nodiscard]] bool
+isAnyFrozen(
+    ReadView const& view,
+    std::initializer_list<AccountID> const& accounts,
+    MPTIssue const& mptIssue,
+    int depth = 0);
+
+//------------------------------------------------------------------------------
+//
+// Transfer rate (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+/** Returns MPT transfer fee as Rate. Rate specifies
+ * the fee as fractions of 1 billion. For example, 1% transfer rate
+ * is represented as 1,010,000,000.
+ * @param issuanceID MPTokenIssuanceID of MPTTokenIssuance object
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, MPTID const& issuanceID);
+
+//------------------------------------------------------------------------------
+//
+// Holding checks (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+canAddHolding(ReadView const& view, MPTIssue const& mptIssue);
+
+//------------------------------------------------------------------------------
+//
+// Authorization (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+authorizeMPToken(
+    ApplyView& view,
+    XRPAmount const& priorBalance,
+    MPTID const& mptIssuanceID,
+    AccountID const& account,
+    beast::Journal journal,
+    std::uint32_t flags = 0,
+    std::optional<AccountID> holderID = std::nullopt);
+
+/** Check if the account lacks required authorization for MPT.
+ *
+ * requireAuth check is recursive for MPT shares in a vault, descending to
+ * assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ * purely defensive, as we currently do not allow such vaults to be created.
+ */
+[[nodiscard]] TER
+requireAuth(
+    ReadView const& view,
+    MPTIssue const& mptIssue,
+    AccountID const& account,
+    AuthType authType = AuthType::Legacy,
+    int depth = 0);
+
+/** Enforce account has MPToken to match its authorization.
+ *
+ *   Called from doApply - it will check for expired (and delete if found any)
+ *   credentials matching DomainID set in MPTokenIssuance. Must be called if
+ *   requireAuth(...MPTIssue...) returned tesSUCCESS or tecEXPIRED in preclaim.
+ */
+[[nodiscard]] TER
+enforceMPTokenAuthorization(
+    ApplyView& view,
+    MPTID const& mptIssuanceID,
+    AccountID const& account,
+    XRPAmount const& priorBalance,
+    beast::Journal j);
+
+/** Check if the destination account is allowed
+ *  to receive MPT. Return tecNO_AUTH if it doesn't
+ *  and tesSUCCESS otherwise.
+ */
+[[nodiscard]] TER
+canTransfer(
+    ReadView const& view,
+    MPTIssue const& mptIssue,
+    AccountID const& from,
+    AccountID const& to);
+
+//------------------------------------------------------------------------------
+//
+// Empty holding operations (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+[[nodiscard]] TER
+addEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    XRPAmount priorBalance,
+    MPTIssue const& mptIssue,
+    beast::Journal journal);
+
+[[nodiscard]] TER
+removeEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    MPTIssue const& mptIssue,
+    beast::Journal journal);
+
+//------------------------------------------------------------------------------
+//
+// Escrow operations (MPT-specific)
+//
+//------------------------------------------------------------------------------
+
+TER
+rippleLockEscrowMPT(
+    ApplyView& view,
+    AccountID const& uGrantorID,
+    STAmount const& saAmount,
+    beast::Journal j);
+
+TER
+rippleUnlockEscrowMPT(
+    ApplyView& view,
+    AccountID const& uGrantorID,
+    AccountID const& uGranteeID,
+    STAmount const& netAmount,
+    STAmount const& grossAmount,
+    beast::Journal j);
+
+}  // namespace xrpl