Merge branch 'develop' into ximinez/fix/validator-cache

This change adds support for sanitizer build options in CI builds workflow. Currently `asan+ubsan` is enabled, while `tsan+ubsan` is left disabled as more changes are required.

.config/cspell.config.yaml

@@ -0,0 +1,286 @@
+ignorePaths:
+  - build/**
+  - src/libxrpl/crypto
+  - src/test/** # Will be removed in the future
+  - CMakeUserPresets.json
+  - Doxyfile
+  - docs/**/*.puml
+  - cmake/**
+  - LICENSE.md
+language: en
+allowCompoundWords: true
+ignoreRandomStrings: true
+minWordLength: 5
+dictionaries:
+  - cpp
+  - en_US
+  - en_GB
+ignoreRegExpList:
+  - /[rs][1-9A-HJ-NP-Za-km-z]{25,34}/g # addresses and seeds
+  - /(XRPL|BEAST)_[A-Z_0-9]+_H_INCLUDED+/g # include guards
+  - /(XRPL|BEAST)_[A-Z_0-9]+_H+/g # include guards
+  - /::[a-z:_]+/g # things from other namespaces
+  - /lib[a-z]+/g # libraries
+  - /[0-9]{4}-[0-9]{2}-[0-9]{2}[,:][A-Za-zÀ-ÖØ-öø-ÿ.\s]+/g # copyright dates
+  - /[0-9]{4}[,:]?\s*[A-Za-zÀ-ÖØ-öø-ÿ.\s]+/g # copyright years
+  - /\[[A-Za-z0-9-]+\]\(https:\/\/github.com\/[A-Za-z0-9-]+\)/g # Github usernames
+  - /-[DWw][a-zA-Z0-9_-]+=/g # compile flags
+  - /[\['"`]-[DWw][a-zA-Z0-9_-]+['"`\]]/g # compile flags
+suggestWords:
+  - xprl->xrpl
+  - xprld->xrpld
+  - unsynched->unsynced
+  - synched->synced
+  - synch->sync
+words:
+  - abempty
+  - AMMID
+  - amt
+  - amts
+  - asnode
+  - asynchrony
+  - attestation
+  - authorises
+  - autobridge
+  - autobridged
+  - autobridging
+  - bimap
+  - bindir
+  - bookdir
+  - Bougalis
+  - Britto
+  - Btrfs
+  - canonicality
+  - checkme
+  - choco
+  - chrono
+  - citardauq
+  - clawback
+  - clawbacks
+  - coeffs
+  - coldwallet
+  - compr
+  - conanfile
+  - conanrun
+  - confs
+  - connectability
+  - coro
+  - coros
+  - cowid
+  - cryptocondition
+  - cryptoconditional
+  - cryptoconditions
+  - csprng
+  - ctest
+  - ctid
+  - currenttxhash
+  - daria
+  - dcmake
+  - dearmor
+  - deleteme
+  - demultiplexer
+  - deserializaton
+  - desync
+  - desynced
+  - determ
+  - distro
+  - doxyfile
+  - dxrpl
+  - endmacro
+  - exceptioned
+  - Falco
+  - finalizers
+  - firewalled
+  - fmtdur
+  - fsanitize
+  - funclets
+  - gcov
+  - gcovr
+  - ghead
+  - Gnutella
+  - gpgcheck
+  - gpgkey
+  - hotwallet
+  - ifndef
+  - inequation
+  - insuf
+  - insuff
+  - iou
+  - ious
+  - isrdc
+  - itype
+  - jemalloc
+  - jlog
+  - keylet
+  - keylets
+  - keyvadb
+  - ledgerentry
+  - ledgerhash
+  - ledgerindex
+  - leftw
+  - legleux
+  - levelization
+  - levelized
+  - libpb
+  - libxrpl
+  - llection
+  - LOCALGOOD
+  - logwstream
+  - lseq
+  - lsmf
+  - ltype
+  - mcmodel
+  - MEMORYSTATUSEX
+  - Merkle
+  - Metafuncton
+  - misprediction
+  - mptbalance
+  - mptflags
+  - mptid
+  - mptissuance
+  - mptissuanceid
+  - mptoken
+  - mptokenid
+  - mptokenissuance
+  - mptokens
+  - mpts
+  - multisig
+  - multisign
+  - multisigned
+  - Nakamoto
+  - nftid
+  - nftoffer
+  - nftoken
+  - nftokenid
+  - nftokenpages
+  - nftokens
+  - nftpage
+  - nikb
+  - nonxrp
+  - noripple
+  - nudb
+  - nullptr
+  - nunl
+  - Nyffenegger
+  - ostr
+  - partitioner
+  - paychan
+  - paychans
+  - permdex
+  - perminute
+  - permissioned
+  - pointee
+  - preauth
+  - preauthorization
+  - preauthorize
+  - preauthorizes
+  - preclaim
+  - protobuf
+  - protos
+  - ptrs
+  - pyenv
+  - qalloc
+  - queuable
+  - Raphson
+  - replayer
+  - rerere
+  - retriable
+  - RIPD
+  - ripdtop
+  - rippleci
+  - rippled
+  - ripplerpc
+  - rippletest
+  - RLUSD
+  - rngfill
+  - rocksdb
+  - Rohrs
+  - roundings
+  - sahyadri
+  - Satoshi
+  - scons
+  - secp
+  - sendq
+  - seqit
+  - sf
+  - SFIELD
+  - shamap
+  - shamapitem
+  - sidechain
+  - SIGGOOD
+  - sle
+  - sles
+  - soci
+  - socidb
+  - sslws
+  - statsd
+  - STATSDCOLLECTOR
+  - stissue
+  - stnum
+  - stobj
+  - stobject
+  - stpath
+  - stpathset
+  - sttx
+  - stvar
+  - stvector
+  - stxchainattestations
+  - superpeer
+  - superpeers
+  - takergets
+  - takerpays
+  - ters
+  - TMEndpointv2
+  - trixie
+  - tx
+  - txid
+  - txids
+  - txjson
+  - txn
+  - txns
+  - txs
+  - UBSAN
+  - ubsan
+  - umant
+  - unacquired
+  - unambiguity
+  - unauthorizes
+  - unauthorizing
+  - unergonomic
+  - unfetched
+  - unflatten
+  - unfund
+  - unimpair
+  - unroutable
+  - unscalable
+  - unserviced
+  - unshareable
+  - unshares
+  - unsquelch
+  - unsquelched
+  - unsquelching
+  - unvalidated
+  - unveto
+  - unvetoed
+  - upvotes
+  - USDB
+  - variadics
+  - venv
+  - vfalco
+  - vinnie
+  - wextra
+  - wptr
+  - writeme
+  - wsrch
+  - wthread
+  - xbridge
+  - xchain
+  - ximinez
+  - EXPECT_STREQ
+  - XMACRO
+  - xrpkuwait
+  - xrpl
+  - xrpld
+  - xrplf
+  - xxhash
+  - xxhasher

.gitattributes

@@ -1,5 +1,6 @@
 # Set default behaviour, in case users don't have core.autocrlf set.
 #* text=auto
+# cspell: disable
 
 # Visual Studio
 *.sln       text eol=crlf

.github/actions/build-deps/action.yml

@@ -18,6 +18,10 @@ inputs:
     description: "The logging verbosity."
     required: false
     default: "verbose"
+  sanitizers:
+    description: "The sanitizers to enable."
+    required: false
+    default: ""
 
 runs:
   using: composite
@@ -29,9 +33,11 @@ runs:
         BUILD_OPTION: ${{ inputs.force_build == 'true' && '*' || 'missing' }}
         BUILD_TYPE: ${{ inputs.build_type }}
         LOG_VERBOSITY: ${{ inputs.log_verbosity }}
+        SANITIZERS: ${{ inputs.sanitizers }}
       run: |
         echo 'Installing dependencies.'
         conan install \
+          --profile ci \
           --build="${BUILD_OPTION}" \
           --options:host='&:tests=True' \
           --options:host='&:xrpld=True' \

.github/actions/setup-conan/action.yml

@@ -28,7 +28,7 @@ runs:
       shell: bash
       run: |
         echo 'Installing profile.'
-        conan config install conan/profiles/default -tf $(conan config home)/profiles/
+        conan config install conan/profiles/ -tf $(conan config home)/profiles/
 
         echo 'Conan profile:'
         conan profile show

.github/scripts/levelization/README.md

@@ -81,10 +81,10 @@ It generates many files of [results](results):
 
 - `rawincludes.txt`: The raw dump of the `#includes`
 - `paths.txt`: A second dump grouping the source module
-  to the destination module, deduped, and with frequency counts.
+  to the destination module, de-duped, and with frequency counts.
 - `includes/`: A directory where each file represents a module and
   contains a list of modules and counts that the module _includes_.
-- `includedby/`: Similar to `includes/`, but the other way around. Each
+- `included_by/`: Similar to `includes/`, but the other way around. Each
   file represents a module and contains a list of modules and counts
   that _include_ the module.
 - [`loops.txt`](results/loops.txt): A list of direct loops detected

.github/scripts/levelization/generate.sh

@@ -29,7 +29,7 @@ pushd results
 oldifs=${IFS}
 IFS=:
 mkdir includes
-mkdir includedby
+mkdir included_by
 echo Build levelization paths
 exec 3< ${includes} # open rawincludes.txt for input
 while read -r -u 3 file include
@@ -59,7 +59,7 @@ do
         echo $level $includelevel | tee -a paths.txt
     fi
 done
-echo Sort and dedup paths
+echo Sort and deduplicate paths
 sort -ds paths.txt | uniq -c | tee sortedpaths.txt
 mv sortedpaths.txt paths.txt
 exec 3>&- #close fd 3
@@ -71,7 +71,7 @@ exec 4<paths.txt # open paths.txt for input
 while read -r -u 4 count level include
 do
     echo ${include} ${count} | tee -a includes/${level}
-    echo ${level} ${count} | tee -a includedby/${include}
+    echo ${level} ${count} | tee -a included_by/${include}
 done
 exec 4>&- #close fd 4
 

.github/scripts/rename/README.md

@@ -19,7 +19,7 @@ run from the repository root.
 1. `.github/scripts/rename/definitions.sh`: This script will rename all
    definitions, such as include guards, from `RIPPLE_XXX` and `RIPPLED_XXX` to
    `XRPL_XXX`.
-2. `.github/scripts/rename/copyright.sh`: This script will remove superflous
+2. `.github/scripts/rename/copyright.sh`: This script will remove superfluous
    copyright notices.
 3. `.github/scripts/rename/cmake.sh`: This script will rename all CMake files
    from `RippleXXX.cmake` or `RippledXXX.cmake` to `XrplXXX.cmake`, and any

.github/scripts/rename/config.sh

@@ -56,7 +56,7 @@ for DIRECTORY in "${DIRECTORIES[@]}"; do
 done
 ${SED_COMMAND} -i 's/rippled/xrpld/g' cfg/xrpld-example.cfg
 ${SED_COMMAND} -i 's/rippled/xrpld/g' src/test/core/Config_test.cpp
-${SED_COMMAND} -i 's/ripplevalidators/xrplvalidators/g' src/test/core/Config_test.cpp
+${SED_COMMAND} -i 's/ripplevalidators/xrplvalidators/g' src/test/core/Config_test.cpp # cspell: disable-line
 ${SED_COMMAND} -i 's/rippleConfig/xrpldConfig/g' src/test/core/Config_test.cpp
 ${SED_COMMAND} -i 's@ripple/@xrpld/@g' src/test/core/Config_test.cpp
 ${SED_COMMAND} -i 's/Rippled/File/g' src/test/core/Config_test.cpp

.github/scripts/rename/copyright.sh

@@ -50,11 +50,11 @@ for DIRECTORY in "${DIRECTORIES[@]}"; do
       # Handle the cases where the copyright notice is enclosed in /* ... */
       # and usually surrounded by //---- and //======.
       ${SED_COMMAND} -z -i -E 's@^//-------+\n+@@' "${FILE}"
-      ${SED_COMMAND} -z -i -E 's@^.*Copyright.+(Ripple|Bougalis|Falco|Hinnant|Null|Ritchford|XRPLF).+PERFORMANCE OF THIS SOFTWARE\.\n\*/\n+@@' "${FILE}"
+      ${SED_COMMAND} -z -i -E 's@^.*Copyright.+(Ripple|Bougalis|Falco|Hinnant|Null|Ritchford|XRPLF).+PERFORMANCE OF THIS SOFTWARE\.\n\*/\n+@@' "${FILE}" # cspell: ignore Bougalis Falco Hinnant Ritchford
       ${SED_COMMAND} -z -i -E 's@^//=======+\n+@@' "${FILE}"
 
       # Handle the cases where the copyright notice is commented out with //.
-      ${SED_COMMAND} -z -i -E 's@^//\n// Copyright.+Falco \(vinnie dot falco at gmail dot com\)\n//\n+@@' "${FILE}"
+      ${SED_COMMAND} -z -i -E 's@^//\n// Copyright.+Falco \(vinnie dot falco at gmail dot com\)\n//\n+@@' "${FILE}" # cspell: ignore Vinnie Falco
   done
 done
 
@@ -83,16 +83,16 @@ if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/ValidatorInfo.cpp; then
   echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/ValidatorInfo.cpp)" > src/xrpld/rpc/handlers/ValidatorInfo.cpp
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/SlabAllocator.h; then
-  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" > include/xrpl/basics/SlabAllocator.h
+  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" > include/xrpl/basics/SlabAllocator.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/spinlock.h; then
-  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" > include/xrpl/basics/spinlock.h
+  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" > include/xrpl/basics/spinlock.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/tagged_integer.h; then
-  echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" > include/xrpl/basics/tagged_integer.h
+  echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" > include/xrpl/basics/tagged_integer.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Ritchford' include/xrpl/beast/utility/Zero.h; then
-  echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" > include/xrpl/beast/utility/Zero.h
+  echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" > include/xrpl/beast/utility/Zero.h # cspell: ignore Ritchford
 fi
 
 # Restore newlines and tabs in string literals in the affected file.

.github/scripts/strategy-matrix/generate.py

@@ -229,7 +229,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         if (n := os["compiler_version"]) != "":
             config_name += f"-{n}"
         config_name += (
-            f"-{architecture['platform'][architecture['platform'].find('/') + 1 :]}"
+            f"-{architecture['platform'][architecture['platform'].find('/')+1:]}"
         )
         config_name += f"-{build_type.lower()}"
         if "-Dcoverage=ON" in cmake_args:
@@ -240,17 +240,53 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         # Add the configuration to the list, with the most unique fields first,
         # so that they are easier to identify in the GitHub Actions UI, as long
         # names get truncated.
-        configurations.append(
-            {
-                "config_name": config_name,
-                "cmake_args": cmake_args,
-                "cmake_target": cmake_target,
-                "build_only": build_only,
-                "build_type": build_type,
-                "os": os,
-                "architecture": architecture,
-            }
-        )
+        # Add Address and Thread (both coupled with UB) sanitizers for specific bookworm distros.
+        # GCC-Asan rippled-embedded tests are failing because of https://github.com/google/sanitizers/issues/856
+        if (
+            os["distro_version"] == "bookworm"
+            and f"{os['compiler_name']}-{os['compiler_version']}" == "clang-20"
+        ):
+            # Add ASAN + UBSAN configuration.
+            configurations.append(
+                {
+                    "config_name": config_name + "-asan-ubsan",
+                    "cmake_args": cmake_args,
+                    "cmake_target": cmake_target,
+                    "build_only": build_only,
+                    "build_type": build_type,
+                    "os": os,
+                    "architecture": architecture,
+                    "sanitizers": "address,undefinedbehavior",
+                }
+            )
+            # TSAN is deactivated due to seg faults with latest compilers.
+            activate_tsan = False
+            if activate_tsan:
+                configurations.append(
+                    {
+                        "config_name": config_name + "-tsan-ubsan",
+                        "cmake_args": cmake_args,
+                        "cmake_target": cmake_target,
+                        "build_only": build_only,
+                        "build_type": build_type,
+                        "os": os,
+                        "architecture": architecture,
+                        "sanitizers": "thread,undefinedbehavior",
+                    }
+                )
+        else:
+            configurations.append(
+                {
+                    "config_name": config_name,
+                    "cmake_args": cmake_args,
+                    "cmake_target": cmake_target,
+                    "build_only": build_only,
+                    "build_type": build_type,
+                    "os": os,
+                    "architecture": architecture,
+                    "sanitizers": "",
+                }
+            )
 
     return configurations
 

.github/scripts/strategy-matrix/linux.json

@@ -15,196 +15,196 @@
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "15",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "16",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "17",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "18",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "19",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "20",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "gcc",
       "compiler_version": "15",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "clang",
       "compiler_version": "20",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "clang",
       "compiler_version": "21",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "8",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "8",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "10",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "10",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "jammy",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "16",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "17",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "18",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "19",
-      "image_sha": "cc09fd3"
+      "image_sha": "ab4d1f0"
     }
   ],
   "build_type": ["Debug", "Release"],

.github/workflows/pre-commit.yml

@@ -9,7 +9,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@34790936fae4c6c751f62ec8c06696f9c1a5753a
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@282890f46d6921249d5659dd38babcb0bd8aef48
     with:
       runs_on: ubuntu-latest
-      container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-a8c7be1" }'
+      container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-ab4d1f0" }'

.github/workflows/reusable-build-test-config.yml

@@ -51,6 +51,12 @@ on:
         type: number
         default: 2
 
+      sanitizers:
+        description: "The sanitizers to enable."
+        required: false
+        type: string
+        default: ""
+
     secrets:
       CODECOV_TOKEN:
         description: "The Codecov token to use for uploading coverage reports."
@@ -91,6 +97,7 @@ jobs:
       # Determine if coverage and voidstar should be enabled.
       COVERAGE_ENABLED: ${{ contains(inputs.cmake_args, '-Dcoverage=ON') }}
       VOIDSTAR_ENABLED: ${{ contains(inputs.cmake_args, '-Dvoidstar=ON') }}
+      SANITIZERS_ENABLED: ${{ inputs.sanitizers != '' }}
     steps:
       - name: Cleanup workspace (macOS and Windows)
         if: ${{ runner.os == 'macOS' || runner.os == 'Windows' }}
@@ -100,9 +107,9 @@ jobs:
         uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2ece4ec6ab7de266859a6f053571425b2bd684b6
+        uses: XRPLF/actions/prepare-runner@f05cab7b8541eee6473aa42beb9d2fe35608a190
         with:
-          disable_ccache: ${{ !inputs.ccache_enabled }}
+          enable_ccache: ${{ inputs.ccache_enabled }}
 
       - name: Set ccache log file
         if: ${{ inputs.ccache_enabled && runner.debug == '1' }}
@@ -128,11 +135,13 @@ jobs:
           # Set the verbosity to "quiet" for Windows to avoid an excessive
           # amount of logs. For other OSes, the "verbose" logs are more useful.
           log_verbosity: ${{ runner.os == 'Windows' && 'quiet' || 'verbose' }}
+          sanitizers: ${{ inputs.sanitizers }}
 
       - name: Configure CMake
         working-directory: ${{ env.BUILD_DIR }}
         env:
           BUILD_TYPE: ${{ inputs.build_type }}
+          SANITIZERS: ${{ inputs.sanitizers }}
           CMAKE_ARGS: ${{ inputs.cmake_args }}
         run: |
           cmake \
@@ -174,7 +183,7 @@ jobs:
           if-no-files-found: error
 
       - name: Check linking (Linux)
-        if: ${{ runner.os == 'Linux' }}
+        if: ${{ runner.os == 'Linux' && env.SANITIZERS_ENABLED == 'false' }}
         working-directory: ${{ env.BUILD_DIR }}
         run: |
           ldd ./xrpld
@@ -191,6 +200,14 @@ jobs:
         run: |
           ./xrpld --version | grep libvoidstar
 
+      - name: Set sanitizer options
+        if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
+        run: |
+          echo "ASAN_OPTIONS=print_stacktrace=1:detect_container_overflow=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp" >> ${GITHUB_ENV}
+          echo "TSAN_OPTIONS=second_deadlock_stack=1:halt_on_error=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
+          echo "UBSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
+          echo "LSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
+
       - name: Run the separate tests
         if: ${{ !inputs.build_only }}
         working-directory: ${{ env.BUILD_DIR }}

.github/workflows/reusable-build-test.yml

@@ -57,5 +57,6 @@ jobs:
       runs_on: ${{ toJSON(matrix.architecture.runner) }}
       image: ${{ contains(matrix.architecture.platform, 'linux') && format('ghcr.io/xrplf/ci/{0}-{1}:{2}-{3}-sha-{4}', matrix.os.distro_name, matrix.os.distro_version, matrix.os.compiler_name, matrix.os.compiler_version, matrix.os.image_sha) || '' }}
       config_name: ${{ matrix.config_name }}
+      sanitizers: ${{ matrix.sanitizers }}
     secrets:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/upload-conan-deps.yml

@@ -70,9 +70,9 @@ jobs:
         uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2ece4ec6ab7de266859a6f053571425b2bd684b6
+        uses: XRPLF/actions/prepare-runner@f05cab7b8541eee6473aa42beb9d2fe35608a190
         with:
-          disable_ccache: true
+          enable_ccache: false
 
       - name: Print build environment
         uses: ./.github/actions/print-env

.gitignore

@@ -1,4 +1,5 @@
 # .gitignore
+# cspell: disable
 
 # Macintosh Desktop Services Store files.
 .DS_Store

.pre-commit-config.yaml

@@ -32,10 +32,25 @@ repos:
       - id: prettier
 
   - repo: https://github.com/psf/black-pre-commit-mirror
-    rev: 25.11.0
+    rev: 831207fd435b47aeffdf6af853097e64322b4d44 # frozen: v25.12.0
     hooks:
       - id: black
 
+  - repo: https://github.com/streetsidesoftware/cspell-cli
+    rev: 1cfa010f078c354f3ffb8413616280cc28f5ba21 # frozen: v9.4.0
+    hooks:
+      - id: cspell # Spell check changed files
+        exclude: .config/cspell.config.yaml
+      - id: cspell # Spell check the commit message
+        name: check commit message spelling
+        args:
+          - --no-must-find-files
+          - --no-progress
+          - --no-summary
+          - --files
+          - .git/COMMIT_EDITMSG
+        stages: [commit-msg]
+
 exclude: |
   (?x)^(
       external/.*|

BUILD.md

@@ -1,5 +1,5 @@
-| :warning: **WARNING** :warning:
-|---|
+| :warning: **WARNING** :warning:                                                                                                                                                                                                |
+| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | These instructions assume you have a C++ development environment ready with Git, Python, Conan, CMake, and a C++ compiler. For help setting one up on Linux, macOS, or Windows, [see this guide](./docs/build/environment.md). |
 
 > These instructions also assume a basic familiarity with Conan and CMake.
@@ -148,7 +148,8 @@ function extract_version {
 }
 
 # Define which recipes to export.
-recipes=(ed25519 grpc secp256k1 snappy soci)
+recipes=('ed25519' 'grpc' 'openssl' 'secp256k1' 'snappy' 'soci')
+folders=('all'     'all'  '3.x.x'   'all'       'all'    'all')
 
 # Selectively check out the recipes from our CCI fork.
 cd external
@@ -157,20 +158,24 @@ cd conan-center-index
 git init
 git remote add origin git@github.com:XRPLF/conan-center-index.git
 git sparse-checkout init
-for recipe in ${recipes[@]}; do
-  echo "Checking out ${recipe}..."
-  git sparse-checkout add recipes/${recipe}/all
+for ((index = 1; index <= ${#recipes[@]}; index++)); do
+  recipe=${recipes[index]}
+  folder=${folders[index]}
+  echo "Checking out recipe '${recipe}' from folder '${folder}'..."
+  git sparse-checkout add recipes/${recipe}/${folder}
 done
 git fetch origin master
 git checkout master
 cd ../..
 
 # Export the recipes into the local cache.
-for recipe in ${recipes[@]}; do
+for ((index = 1; index <= ${#recipes[@]}; index++)); do
+  recipe=${recipes[index]}
+  folder=${folders[index]}
   version=$(extract_version ${recipe})
-  echo "Exporting ${recipe}/${version}..."
+  echo "Exporting '${recipe}/${version}' from '${recipe}/${folder}'..."
   conan export --version $(extract_version ${recipe}) \
-    external/conan-center-index/recipes/${recipe}/all
+    external/conan-center-index/recipes/${recipe}/${folder}
 done
 ```
 
@@ -518,18 +523,32 @@ stored inside the build directory, as either of:
 - file named `coverage.`_extension_, with a suitable extension for the report format, or
 - directory named `coverage`, with the `index.html` and other files inside, for the `html-details` or `html-nested` report formats.
 
+## Sanitizers
+
+To build dependencies and xrpld with sanitizer instrumentation, set the
+`SANITIZERS` environment variable (only once before running conan and cmake) and use the `sanitizers` profile in conan:
+
+```bash
+export SANITIZERS=address,undefinedbehavior
+
+conan install .. --output-folder . --profile:all sanitizers --build missing --settings build_type=Debug
+
+cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake -DCMAKE_BUILD_TYPE=Debug -Dxrpld=ON -Dtests=ON ..
+```
+
+See [Sanitizers docs](./docs/build/sanitizers.md) for more details.
+
 ## Options
 
-| Option     | Default Value | Description                                                        |
-| ---------- | ------------- | ------------------------------------------------------------------ |
-| `assert`   | OFF           | Enable assertions.                                                 |
-| `coverage` | OFF           | Prepare the coverage report.                                       |
-| `san`      | N/A           | Enable a sanitizer with Clang. Choices are `thread` and `address`. |
-| `tests`    | OFF           | Build tests.                                                       |
-| `unity`    | OFF           | Configure a unity build.                                           |
-| `xrpld`    | OFF           | Build the xrpld application, and not just the libxrpl library.     |
-| `werr`     | OFF           | Treat compilation warnings as errors                               |
-| `wextra`   | OFF           | Enable additional compilation warnings                             |
+| Option     | Default Value | Description                                                    |
+| ---------- | ------------- | -------------------------------------------------------------- |
+| `assert`   | OFF           | Enable assertions.                                             |
+| `coverage` | OFF           | Prepare the coverage report.                                   |
+| `tests`    | OFF           | Build tests.                                                   |
+| `unity`    | OFF           | Configure a unity build.                                       |
+| `xrpld`    | OFF           | Build the xrpld application, and not just the libxrpl library. |
+| `werr`     | OFF           | Treat compilation warnings as errors                           |
+| `wextra`   | OFF           | Enable additional compilation warnings                         |
 
 [Unity builds][5] may be faster for the first build
 (at the cost of much more memory) since they concatenate sources into fewer

CMakeLists.txt

@@ -16,14 +16,16 @@ set(CMAKE_CXX_EXTENSIONS OFF)
 set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
-if(CMAKE_CXX_COMPILER_ID MATCHES "GNU")
+include(CompilationEnv)
+
+if(is_gcc)
     # GCC-specific fixes
     add_compile_options(-Wno-unknown-pragmas -Wno-subobject-linkage)
     # -Wno-subobject-linkage can be removed when we upgrade GCC version to at least 13.3
-elseif(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
+elseif(is_clang)
     # Clang-specific fixes
     add_compile_options(-Wno-unknown-warning-option) # Ignore unknown warning options
-elseif(MSVC)
+elseif(is_msvc)
     # MSVC-specific fixes
     add_compile_options(/wd4068) # Ignore unknown pragmas
 endif()
@@ -77,6 +79,7 @@ if (packages_only)
   return ()
 endif ()
 include(XrplCompiler)
+include(XrplSanitizers)
 include(XrplInterface)
 
 option(only_docs "Include only the docs target?" FALSE)
@@ -88,34 +91,18 @@ endif()
 ###
 
 include(deps/Boost)
-find_package(OpenSSL 1.1.1 REQUIRED)
-set_target_properties(OpenSSL::SSL PROPERTIES
-  INTERFACE_COMPILE_DEFINITIONS OPENSSL_NO_SSL2
-)
 
 add_subdirectory(external/antithesis-sdk)
-find_package(gRPC REQUIRED)
-find_package(lz4 REQUIRED)
-# Target names with :: are not allowed in a generator expression.
-# We need to pull the include directories and imported location properties
-# from separate targets.
-find_package(LibArchive REQUIRED)
-find_package(SOCI REQUIRED)
-find_package(SQLite3 REQUIRED)
-
-option(rocksdb "Enable RocksDB" ON)
-if(rocksdb)
-  find_package(RocksDB REQUIRED)
-  set_target_properties(RocksDB::rocksdb PROPERTIES
-    INTERFACE_COMPILE_DEFINITIONS XRPL_ROCKSDB_AVAILABLE=1
-  )
-  target_link_libraries(xrpl_libs INTERFACE RocksDB::rocksdb)
-endif()
-
 find_package(date REQUIRED)
 find_package(ed25519 REQUIRED)
+find_package(gRPC REQUIRED)
+find_package(LibArchive REQUIRED)
+find_package(lz4 REQUIRED)
 find_package(nudb REQUIRED)
+find_package(OpenSSL REQUIRED)
 find_package(secp256k1 REQUIRED)
+find_package(SOCI REQUIRED)
+find_package(SQLite3 REQUIRED)
 find_package(xxHash REQUIRED)
 
 target_link_libraries(xrpl_libs INTERFACE
@@ -128,6 +115,15 @@ target_link_libraries(xrpl_libs INTERFACE
   SQLite::SQLite3
 )
 
+option(rocksdb "Enable RocksDB" ON)
+if(rocksdb)
+    find_package(RocksDB REQUIRED)
+    set_target_properties(RocksDB::rocksdb PROPERTIES
+            INTERFACE_COMPILE_DEFINITIONS XRPL_ROCKSDB_AVAILABLE=1
+    )
+    target_link_libraries(xrpl_libs INTERFACE RocksDB::rocksdb)
+endif()
+
 # Work around changes to Conan recipe for now.
 if(TARGET nudb::core)
   set(nudb nudb::core)

CONTRIBUTING.md

@@ -555,16 +555,16 @@ Rippled uses a linear workflow model that can be summarized as:
 git fetch --multiple upstreams user1 user2 user3 [...]
 git checkout -B release-next --no-track upstream/develop
 
-# Only do an ff-only merge if prbranch1 is either already
+# Only do an ff-only merge if pr-branch1 is either already
 # squashed, or needs to be merged with separate commits,
 # and has no merge commits.
-# Use -S on the ff-only merge if prbranch1 isn't signed.
-git merge [-S] --ff-only user1/prbranch1
+# Use -S on the ff-only merge if pr-branch1 isn't signed.
+git merge [-S] --ff-only user1/pr-branch1
 
-git merge --squash user2/prbranch2
+git merge --squash user2/pr-branch2
 git commit -S # Use the commit message provided on the PR
 
-git merge --squash user3/prbranch3
+git merge --squash user3/pr-branch3
 git commit -S # Use the commit message provided on the PR
 
 [...]
@@ -876,7 +876,7 @@ git push --delete upstream-push master-next
 
 #### Special cases: point releases, hotfixes, etc.
 
-On occassion, a bug or issue is discovered in a version that already
+On occasion, a bug or issue is discovered in a version that already
 had a final release. Most of the time, development will have started
 on the next version, and will usually have changes in `develop`
 and often in `release`.

SECURITY.md

@@ -42,7 +42,7 @@ For more information on responsible disclosure, please read this [Wikipedia arti
 
 ## Report Handling Process
 
-Please report the bug directly to us and limit further disclosure. If you want to prove that you knew the bug as of a given time, consider using a cryptographic precommitment: hash the content of your report and publish the hash on a medium of your choice (e.g. on Twitter or as a memo in a transaction) as "proof" that you had written the text at a given point in time.
+Please report the bug directly to us and limit further disclosure. If you want to prove that you knew the bug as of a given time, consider using a cryptographic pre-commitment: hash the content of your report and publish the hash on a medium of your choice (e.g. on Twitter or as a memo in a transaction) as "proof" that you had written the text at a given point in time.
 
 Once we receive a report, we:
 

cfg/xrpld-example.cfg

@@ -218,7 +218,7 @@
 #       administrative commands.
 #
 #       NOTE    A common configuration value for the admin field is "localhost".
-#               If you are listening on all IPv4/IPv6 addresses by specifing
+#               If you are listening on all IPv4/IPv6 addresses by specifying
 #               ip = :: then you can use admin = ::ffff:127.0.0.1,::1 to allow
 #               administrative access from both IPv4 and IPv6 localhost
 #               connections.

cmake/Ccache.cmake

@@ -46,6 +46,12 @@ set(CMAKE_VS_GLOBALS
         "TrackFileAccess=false"
         "UseMultiToolTask=true")
 
-# By default Visual Studio generators will use /Zi, which is not compatible with
-# ccache, so tell it to use /Z7 instead.
-set(CMAKE_MSVC_DEBUG_INFORMATION_FORMAT "$<$<CONFIG:Debug,RelWithDebInfo>:Embedded>")
+# By default Visual Studio generators will use /Zi to capture debug information,
+# which is not compatible with ccache, so tell it to use /Z7 instead.
+if (MSVC)
+    foreach (var_
+        CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE
+        CMAKE_CXX_FLAGS_DEBUG CMAKE_CXX_FLAGS_RELEASE)
+        string (REPLACE "/Zi" "/Z7" ${var_} "${${var_}}")
+    endforeach ()
+endif ()

cmake/CompilationEnv.cmake

@@ -0,0 +1,54 @@
+ # Shared detection of compiler, operating system, and architecture.
+ #
+ # This module centralizes environment detection so that other
+ # CMake modules can use the same variables instead of repeating
+ # checks on CMAKE_* and built-in platform variables.
+
+# Only run once per configure step.
+include_guard(GLOBAL)
+
+# --------------------------------------------------------------------
+# Compiler detection (C++)
+# --------------------------------------------------------------------
+set(is_clang FALSE)
+set(is_gcc FALSE)
+set(is_msvc FALSE)
+
+if(CMAKE_CXX_COMPILER_ID MATCHES ".*Clang") # Clang or AppleClang
+  set(is_clang TRUE)
+elseif(CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
+  set(is_gcc TRUE)
+elseif(MSVC)
+  set(is_msvc TRUE)
+else()
+  message(FATAL_ERROR "Unsupported C++ compiler: ${CMAKE_CXX_COMPILER_ID}")
+endif()
+
+
+# --------------------------------------------------------------------
+# Operating system detection
+# --------------------------------------------------------------------
+set(is_linux FALSE)
+set(is_windows FALSE)
+set(is_macos FALSE)
+
+if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  set(is_linux TRUE)
+elseif(CMAKE_SYSTEM_NAME STREQUAL "Windows")
+  set(is_windows TRUE)
+elseif(CMAKE_SYSTEM_NAME STREQUAL "Darwin")
+  set(is_macos TRUE)
+endif()
+
+# --------------------------------------------------------------------
+# Architecture
+# --------------------------------------------------------------------
+set(is_amd64 FALSE)
+set(is_arm64 FALSE)
+if(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64|AMD64")
+  set(is_amd64 TRUE)
+elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "aarch64|arm64")
+  set(is_arm64 TRUE)
+else()
+  message(FATAL_ERROR "Unknown architecture: ${CMAKE_SYSTEM_PROCESSOR}")
+endif()

cmake/XrplCompiler.cmake

@@ -2,16 +2,23 @@
    setup project-wide compiler settings
 #]===================================================================]
 
+include(CompilationEnv)
+
 #[=========================================================[
    TODO some/most of these common settings belong in a
    toolchain file, especially the ABI-impacting ones
 #]=========================================================]
 add_library (common INTERFACE)
 add_library (Xrpl::common ALIAS common)
+include(XrplSanitizers)
 # add a single global dependency on this interface lib
 link_libraries (Xrpl::common)
+# Respect CMAKE_POSITION_INDEPENDENT_CODE setting (may be set by Conan toolchain)
+if(NOT DEFINED CMAKE_POSITION_INDEPENDENT_CODE)
+  set(CMAKE_POSITION_INDEPENDENT_CODE ON)
+endif()
 set_target_properties (common
-  PROPERTIES INTERFACE_POSITION_INDEPENDENT_CODE ON)
+  PROPERTIES INTERFACE_POSITION_INDEPENDENT_CODE ${CMAKE_POSITION_INDEPENDENT_CODE})
 set(CMAKE_CXX_EXTENSIONS OFF)
 target_compile_definitions (common
   INTERFACE
@@ -44,6 +51,7 @@ if (MSVC)
     # omit debug info completely under CI (not needed)
     if (is_ci)
       string (REPLACE "/Zi" " " ${var_} "${${var_}}")
+      string (REPLACE "/Z7" " " ${var_} "${${var_}}")
     endif ()
   endforeach ()
 
@@ -115,8 +123,8 @@ else ()
       # link to static libc/c++ iff:
       #   * static option set and
       #   * NOT APPLE (AppleClang does not support static libc/c++) and
-      #   * NOT san (sanitizers typically don't work with static libc/c++)
-      $<$<AND:$<BOOL:${static}>,$<NOT:$<BOOL:${APPLE}>>,$<NOT:$<BOOL:${san}>>>:
+      #   * NOT SANITIZERS (sanitizers typically don't work with static libc/c++)
+      $<$<AND:$<BOOL:${static}>,$<NOT:$<BOOL:${APPLE}>>,$<NOT:$<BOOL:${SANITIZERS_ENABLED}>>>:
       -static-libstdc++
       -static-libgcc
       >)
@@ -149,7 +157,7 @@ elseif (use_gold AND is_gcc)
     ERROR_QUIET OUTPUT_VARIABLE LD_VERSION)
     #[=========================================================[
        NOTE: THE gold linker inserts -rpath as DT_RUNPATH by
-       default intead of DT_RPATH, so you might have slightly
+       default instead of DT_RPATH, so you might have slightly
        unexpected runtime ld behavior if you were expecting
        DT_RPATH.  Specify --disable-new-dtags to gold if you do
        not want the default DT_RUNPATH behavior. This rpath

cmake/XrplCore.cmake

@@ -206,7 +206,7 @@ if(xrpld)
   )
   exclude_if_included(xrpld)
   # define a macro for tests that might need to
-  # be exluded or run differently in CI environment
+  # be excluded or run differently in CI environment
   if(is_ci)
     target_compile_definitions(xrpld PRIVATE XRPL_RUNNING_IN_CI)
   endif ()

cmake/XrplInterface.cmake

@@ -2,6 +2,8 @@
    xrpld compile options/settings via an interface library
 #]===================================================================]
 
+include(CompilationEnv)
+
 add_library (opts INTERFACE)
 add_library (Xrpl::opts ALIAS opts)
 target_compile_definitions (opts
@@ -42,22 +44,6 @@ if(jemalloc)
   target_link_libraries(opts INTERFACE jemalloc::jemalloc)
 endif ()
 
-if (san)
-  target_compile_options (opts
-    INTERFACE
-      # sanitizers recommend minimum of -O1 for reasonable performance
-      $<$<CONFIG:Debug>:-O1>
-      ${SAN_FLAG}
-      -fno-omit-frame-pointer)
-  target_compile_definitions (opts
-    INTERFACE
-      $<$<STREQUAL:${san},address>:SANITIZER=ASAN>
-      $<$<STREQUAL:${san},thread>:SANITIZER=TSAN>
-      $<$<STREQUAL:${san},memory>:SANITIZER=MSAN>
-      $<$<STREQUAL:${san},undefined>:SANITIZER=UBSAN>)
-  target_link_libraries (opts INTERFACE ${SAN_FLAG} ${SAN_LIB})
-endif ()
-
 #[===================================================================[
    xrpld transitive library deps via an interface library
 #]===================================================================]

cmake/XrplSanitizers.cmake

@@ -0,0 +1,198 @@
+#[===================================================================[
+   Configure sanitizers based on environment variables.
+
+   This module reads the following environment variables:
+   - SANITIZERS: The sanitizers to enable. Possible values:
+     - "address"
+     - "address,undefinedbehavior"
+     - "thread"
+     - "thread,undefinedbehavior"
+     - "undefinedbehavior"
+
+   The compiler type and platform are detected in CompilationEnv.cmake.
+   The sanitizer compile options are applied to the 'common' interface library
+   which is linked to all targets in the project.
+
+   Internal flag variables set by this module:
+
+   - SANITIZER_TYPES: List of sanitizer types to enable (e.g., "address",
+     "thread", "undefined"). And two more flags for undefined behavior sanitizer (e.g., "float-divide-by-zero", "unsigned-integer-overflow").
+     This list is joined with commas and passed to -fsanitize=<list>.
+
+   - SANITIZERS_COMPILE_FLAGS: Compiler flags for sanitizer instrumentation.
+     Includes:
+     * -fno-omit-frame-pointer: Preserves frame pointers for stack traces
+     * -O1: Minimum optimization for reasonable performance
+     * -fsanitize=<types>: Enables sanitizer instrumentation
+     * -fsanitize-ignorelist=<path>: (Clang only) Compile-time ignorelist
+     * -mcmodel=large/medium: (GCC only) Code model for large binaries
+     * -Wno-stringop-overflow: (GCC only) Suppresses false positive warnings
+     * -Wno-tsan: (For GCC TSAN combination only) Suppresses atomic_thread_fence warnings
+
+   - SANITIZERS_LINK_FLAGS: Linker flags for sanitizer runtime libraries.
+     Includes:
+     * -fsanitize=<types>: Links sanitizer runtime libraries
+     * -mcmodel=large/medium: (GCC only) Matches compile-time code model
+
+   - SANITIZERS_RELOCATION_FLAGS: (GCC only) Code model flags for linking.
+     Used to handle large instrumented binaries on x86_64:
+     * -mcmodel=large: For AddressSanitizer (prevents relocation errors)
+     * -mcmodel=medium: For ThreadSanitizer (large model is incompatible)
+#]===================================================================]
+
+include(CompilationEnv)
+
+# Read environment variable
+set(SANITIZERS $ENV{SANITIZERS})
+
+# Set SANITIZERS_ENABLED flag for use in other modules
+if(SANITIZERS MATCHES "address|thread|undefinedbehavior")
+    set(SANITIZERS_ENABLED TRUE)
+else()
+    set(SANITIZERS_ENABLED FALSE)
+    return()
+endif()
+
+# Sanitizers are not supported on Windows/MSVC
+if(is_msvc)
+    message(FATAL_ERROR "Sanitizers are not supported on Windows/MSVC. "
+            "Please unset the SANITIZERS environment variable.")
+endif()
+
+message(STATUS "Configuring sanitizers: ${SANITIZERS}")
+
+# Parse SANITIZERS value to determine which sanitizers to enable
+set(enable_asan FALSE)
+set(enable_tsan FALSE)
+set(enable_ubsan FALSE)
+
+# Normalize SANITIZERS into a list
+set(san_list "${SANITIZERS}")
+string(REPLACE "," ";" san_list "${san_list}")
+separate_arguments(san_list)
+
+foreach(san IN LISTS san_list)
+    if(san STREQUAL "address")
+        set(enable_asan TRUE)
+    elseif(san STREQUAL "thread")
+        set(enable_tsan TRUE)
+    elseif(san STREQUAL "undefinedbehavior")
+        set(enable_ubsan TRUE)
+    else()
+        message(FATAL_ERROR "Unsupported sanitizer type: ${san}"
+              "Supported: address, thread, undefinedbehavior and their combinations.")
+    endif()
+endforeach()
+
+# Validate sanitizer compatibility
+if(enable_asan AND enable_tsan)
+    message(FATAL_ERROR "AddressSanitizer and ThreadSanitizer are incompatible and cannot be enabled simultaneously. "
+          "Use 'address' or 'thread', optionally with 'undefinedbehavior'.")
+endif()
+
+# Frame pointer is required for meaningful stack traces. Sanitizers recommend minimum of -O1 for reasonable performance
+set(SANITIZERS_COMPILE_FLAGS "-fno-omit-frame-pointer" "-O1")
+
+# Build the sanitizer flags list
+set(SANITIZER_TYPES)
+
+if(enable_asan)
+    list(APPEND SANITIZER_TYPES "address")
+elseif(enable_tsan)
+    list(APPEND SANITIZER_TYPES "thread")
+endif()
+
+if(enable_ubsan)
+    # UB sanitizer flags
+    list(APPEND SANITIZER_TYPES "undefined" "float-divide-by-zero")
+    if(is_clang)
+        # Clang supports additional UB checks. More info here https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
+        list(APPEND SANITIZER_TYPES "unsigned-integer-overflow")
+    endif()
+endif()
+
+# Configure code model for GCC on amd64
+# Use large code model for ASAN to avoid relocation errors
+# Use medium code model for TSAN (large is not compatible with TSAN)
+set(SANITIZERS_RELOCATION_FLAGS)
+
+# Compiler-specific configuration
+if(is_gcc)
+    # Disable mold, gold and lld linkers for GCC with sanitizers
+    # Use default linker (bfd/ld) which is more lenient with mixed code models
+    # This is needed since the size of instrumented binary exceeds the limits set by mold, lld and gold linkers
+    set(use_mold OFF CACHE BOOL "Use mold linker" FORCE)
+    set(use_gold OFF CACHE BOOL "Use gold linker" FORCE)
+    set(use_lld OFF CACHE BOOL "Use lld linker" FORCE)
+    message(STATUS "  Disabled mold, gold, and lld linkers for GCC with sanitizers")
+
+    # Suppress false positive warnings in GCC with stringop-overflow
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-Wno-stringop-overflow")
+
+    if(is_amd64 AND enable_asan)
+        message(STATUS "  Using large code model (-mcmodel=large)")
+        list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=large")
+        list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=large")
+    elseif(enable_tsan)
+        # GCC doesn't support atomic_thread_fence with tsan. Suppress warnings.
+        list(APPEND SANITIZERS_COMPILE_FLAGS "-Wno-tsan")
+        message(STATUS "  Using medium code model (-mcmodel=medium)")
+        list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=medium")
+        list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=medium")
+    endif()
+
+    # Join sanitizer flags with commas for -fsanitize option
+    list(JOIN SANITIZER_TYPES "," SANITIZER_TYPES_STR)
+
+    # Add sanitizer to compile and link flags
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
+    set(SANITIZERS_LINK_FLAGS "${SANITIZERS_RELOCATION_FLAGS}" "-fsanitize=${SANITIZER_TYPES_STR}")
+
+elseif(is_clang)
+    # Add ignorelist for Clang (GCC doesn't support this)
+    # Use CMAKE_SOURCE_DIR to get the path to the ignorelist
+    set(IGNORELIST_PATH "${CMAKE_SOURCE_DIR}/sanitizers/suppressions/sanitizer-ignorelist.txt")
+    if(NOT EXISTS "${IGNORELIST_PATH}")
+        message(FATAL_ERROR "Sanitizer ignorelist not found: ${IGNORELIST_PATH}")
+    endif()
+
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize-ignorelist=${IGNORELIST_PATH}")
+    message(STATUS "  Using sanitizer ignorelist: ${IGNORELIST_PATH}")
+
+    # Join sanitizer flags with commas for -fsanitize option
+    list(JOIN SANITIZER_TYPES "," SANITIZER_TYPES_STR)
+
+    # Add sanitizer to compile and link flags
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
+    set(SANITIZERS_LINK_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
+endif()
+
+message(STATUS "  Compile flags: ${SANITIZERS_COMPILE_FLAGS}")
+message(STATUS "  Link flags: ${SANITIZERS_LINK_FLAGS}")
+
+# Apply the sanitizer flags to the 'common' interface library
+# This is the same library used by XrplCompiler.cmake
+target_compile_options(common INTERFACE
+    $<$<COMPILE_LANGUAGE:CXX>:${SANITIZERS_COMPILE_FLAGS}>
+    $<$<COMPILE_LANGUAGE:C>:${SANITIZERS_COMPILE_FLAGS}>
+)
+
+# Apply linker flags
+target_link_options(common INTERFACE ${SANITIZERS_LINK_FLAGS})
+
+# Define SANITIZERS macro for BuildInfo.cpp
+set(sanitizers_list)
+if(enable_asan)
+    list(APPEND sanitizers_list "ASAN")
+endif()
+if(enable_tsan)
+    list(APPEND sanitizers_list "TSAN")
+endif()
+if(enable_ubsan)
+    list(APPEND sanitizers_list "UBSAN")
+endif()
+
+if(sanitizers_list)
+    list(JOIN sanitizers_list "." sanitizers_str)
+    target_compile_definitions(common INTERFACE SANITIZERS=${sanitizers_str})
+endif()

cmake/XrplSanity.cmake

@@ -2,6 +2,8 @@
    sanity checks
 #]===================================================================]
 
+include(CompilationEnv)
+
 get_property(is_multiconfig GLOBAL PROPERTY GENERATOR_IS_MULTI_CONFIG)
 
 set (CMAKE_CONFIGURATION_TYPES "Debug;Release" CACHE STRING "" FORCE)
@@ -16,14 +18,12 @@ if (NOT is_multiconfig)
   endif ()
 endif ()
 
-if ("${CMAKE_CXX_COMPILER_ID}" MATCHES ".*Clang") # both Clang and AppleClang
-  set (is_clang TRUE)
+if (is_clang) # both Clang and AppleClang
   if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang" AND
          CMAKE_CXX_COMPILER_VERSION VERSION_LESS 16.0)
     message (FATAL_ERROR "This project requires clang 16 or later")
   endif ()
-elseif ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU")
-  set (is_gcc TRUE)
+elseif (is_gcc)
   if (CMAKE_CXX_COMPILER_VERSION VERSION_LESS 12.0)
     message (FATAL_ERROR "This project requires GCC 12 or later")
   endif ()
@@ -40,11 +40,6 @@ if (MSVC AND CMAKE_GENERATOR_PLATFORM STREQUAL "Win32")
   message (FATAL_ERROR "Visual Studio 32-bit build is not supported.")
 endif ()
 
-if (NOT CMAKE_SIZEOF_VOID_P EQUAL 8)
-  message (FATAL_ERROR "Xrpld requires a 64 bit target architecture.\n"
-    "The most likely cause of this warning is trying to build xrpld with a 32-bit OS.")
-endif ()
-
 if (APPLE AND NOT HOMEBREW)
   find_program (HOMEBREW brew)
 endif ()

cmake/XrplSettings.cmake

@@ -2,11 +2,7 @@
    declare options and variables
 #]===================================================================]
 
-if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
-  set (is_linux TRUE)
-else()
-  set(is_linux FALSE)
-endif()
+include(CompilationEnv)
 
 if("$ENV{CI}" STREQUAL "true" OR "$ENV{CONTINUOUS_INTEGRATION}" STREQUAL "true")
   set(is_ci TRUE)
@@ -62,12 +58,27 @@ else()
   set(wextra OFF CACHE BOOL "gcc/clang only" FORCE)
 endif()
 
-if(is_linux)
+if(is_linux AND NOT SANITIZER)
   option(BUILD_SHARED_LIBS "build shared xrpl libraries" OFF)
   option(static "link protobuf, openssl, libc++, and boost statically" ON)
   option(perf "Enables flags that assist with perf recording" OFF)
   option(use_gold "enables detection of gold (binutils) linker" ON)
   option(use_mold "enables detection of mold (binutils) linker" ON)
+  # Set a default value for the log flag based on the build type.
+  # This provides a sensible default (on for debug, off for release)
+  # while still allowing the user to override it for any build.
+  if(CMAKE_BUILD_TYPE STREQUAL "Debug")
+    set(TRUNCATED_LOGS_DEFAULT ON)
+  else()
+    set(TRUNCATED_LOGS_DEFAULT OFF)
+  endif()
+  option(TRUNCATED_THREAD_NAME_LOGS
+    "Show warnings about truncated thread names on Linux."
+    ${TRUNCATED_LOGS_DEFAULT}
+  )
+  if(TRUNCATED_THREAD_NAME_LOGS)
+    add_compile_definitions(TRUNCATED_THREAD_NAME_LOGS)
+  endif()
 else()
   # we are not ready to allow shared-libs on windows because it would require
   # export declarations. On macos it's more feasible, but static openssl
@@ -92,33 +103,6 @@ option(local_protobuf
 option(local_grpc
   "Force a local build of gRPC instead of looking for an installed version." OFF)
 
-# this one is a string and therefore can't be an option
-set(san "" CACHE STRING "On gcc & clang, add sanitizer instrumentation")
-set_property(CACHE san PROPERTY STRINGS ";undefined;memory;address;thread")
-if(san)
-  string(TOLOWER ${san} san)
-  set(SAN_FLAG "-fsanitize=${san}")
-  set(SAN_LIB "")
-  if(is_gcc)
-    if(san STREQUAL "address")
-      set(SAN_LIB "asan")
-    elseif(san STREQUAL "thread")
-      set(SAN_LIB "tsan")
-    elseif(san STREQUAL "memory")
-      set(SAN_LIB "msan")
-    elseif(san STREQUAL "undefined")
-      set(SAN_LIB "ubsan")
-    endif()
-  endif()
-  set(_saved_CRL ${CMAKE_REQUIRED_LIBRARIES})
-  set(CMAKE_REQUIRED_LIBRARIES "${SAN_FLAG};${SAN_LIB}")
-  check_cxx_compiler_flag(${SAN_FLAG} COMPILER_SUPPORTS_SAN)
-  set(CMAKE_REQUIRED_LIBRARIES ${_saved_CRL})
-  if(NOT COMPILER_SUPPORTS_SAN)
-    message(FATAL_ERROR "${san} sanitizer does not seem to be supported by your compiler")
-  endif()
-endif()
-
 # the remaining options are obscure and rarely used
 option(beast_no_unit_test_inline
   "Prevents unit test definitions from being inserted into global table"

cmake/deps/Boost.cmake

@@ -1,4 +1,7 @@
-find_package(Boost 1.82 REQUIRED
+include(CompilationEnv)
+include(XrplSanitizers)
+
+find_package(Boost REQUIRED
   COMPONENTS
     chrono
     container
@@ -32,7 +35,7 @@ target_link_libraries(xrpl_boost
 if(Boost_COMPILER)
   target_link_libraries(xrpl_boost INTERFACE Boost::disable_autolinking)
 endif()
-if(san AND is_clang)
+if(SANITIZERS_ENABLED AND is_clang)
   # TODO: gcc does not support -fsanitize-blacklist...can we do something else
   # for gcc ?
   if(NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)

conan.lock

@@ -1,44 +1,44 @@
 {
     "version": "0.5",
     "requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1756234269.497",
-        "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1756234289.683",
-        "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1756234266.869",
-        "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1756234262.318",
-        "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1756234314.246",
-        "secp256k1/0.7.0#9c4ab67bdc3860c16ea5b36aed8f74ea%1765202256.763",
-        "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1762797952.535",
-        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1764175362.029",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1764863245.83",
-        "openssl/3.5.4#a1d5835cc6ed5c5b8f3cd5b9b5d24205%1760106486.594",
-        "nudb/2.0.9#fb8dfd1a5557f5e0528114c2da17721e%1763150366.909",
-        "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1756234228.999",
-        "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1756223727.64",
-        "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1756230911.03",
-        "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1764175360.142",
+        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
+        "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1765850149.926",
+        "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1765850149.46",
+        "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
+        "secp256k1/0.7.0#9c4ab67bdc3860c16ea5b36aed8f74ea%1765850147.928",
+        "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
+        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1765850148.103",
+        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "openssl/3.5.4#1b986e61b38fdfda3b40bebc1b234393%1768312656.257",
+        "nudb/2.0.9#fb8dfd1a5557f5e0528114c2da17721e%1765850143.957",
+        "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
+        "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
+        "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1765842973.03",
+        "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
         "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
-        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1763158050.628",
-        "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1764270189.893",
-        "doctest/2.4.12#eb9fb352fb2fdfc8abb17ec270945165%1762797941.757",
-        "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1763584497.32",
-        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1764175359.429",
-        "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1764175359.429",
-        "boost/1.88.0#8852c0b72ce8271fb8ff7c53456d4983%1756223752.326",
-        "abseil/20250127.0#9e8e8cfc89a1324139fc0ee3bd4d8c8c%1753819045.301"
+        "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
+        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1765850193.734",
+        "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
+        "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
+        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1765850144.336",
+        "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1765850143.837",
+        "boost/1.88.0#8852c0b72ce8271fb8ff7c53456d4983%1765850172.862",
+        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
     ],
     "build_requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1756234269.497",
-        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1756234281.733",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1764863245.83",
-        "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1756234232.901",
+        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1765850165.196",
+        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
         "msys2/cci.latest#1996656c3c98e5765b25b60ff5cf77b4%1764840888.758",
         "m4/1.4.19#70dc8bbb33e981d119d2acc0175cf381%1763158052.846",
-        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1764175359.44",
-        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1764175359.429",
-        "b2/5.3.3#107c15377719889654eb9a162a673975%1756234226.28",
+        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1765850153.937",
+        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
+        "b2/5.3.3#107c15377719889654eb9a162a673975%1765850144.355",
         "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
         "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
-        "abseil/20250127.0#9e8e8cfc89a1324139fc0ee3bd4d8c8c%1753819045.301"
+        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
     ],
     "python_requires": [],
     "overrides": {

conan/profiles/ci

@@ -0,0 +1 @@
+ include(sanitizers)

conan/profiles/sanitizers

@@ -0,0 +1,59 @@
+include(default)
+{% set compiler, version, compiler_exe = detect_api.detect_default_compiler() %}
+{% set sanitizers = os.getenv("SANITIZERS") %}
+
+[conf]
+{% if sanitizers %}
+    {% if compiler == "gcc" %}
+        {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
+            {% set sanitizer_list = [] %}
+            {% set model_code = "" %}
+            {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1", "-Wno-stringop-overflow"] %}
+
+            {% if "address" in sanitizers %}
+                {% set _ = sanitizer_list.append("address") %}
+                {% set model_code = "-mcmodel=large" %}
+            {% elif "thread" in sanitizers %}
+                {% set _ = sanitizer_list.append("thread") %}
+                {% set model_code = "-mcmodel=medium" %}
+                {% set _ = extra_cxxflags.append("-Wno-tsan") %}
+            {% endif %}
+
+            {% if "undefinedbehavior" in sanitizers %}
+                {% set _ = sanitizer_list.append("undefined") %}
+                {% set _ = sanitizer_list.append("float-divide-by-zero") %}
+            {% endif %}
+
+            {% set sanitizer_flags = "-fsanitize=" ~ ",".join(sanitizer_list) ~ " " ~ model_code %}
+
+            tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
+            tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
+            tools.build:exelinkflags+=['{{sanitizer_flags}}']
+        {% endif %}
+    {% elif compiler == "apple-clang" or compiler == "clang" %}
+        {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
+            {% set sanitizer_list = [] %}
+            {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1"] %}
+
+            {% if "address" in sanitizers %}
+                {% set _ = sanitizer_list.append("address") %}
+            {% elif "thread" in sanitizers %}
+                {% set _ = sanitizer_list.append("thread") %}
+            {% endif %}
+
+            {% if "undefinedbehavior" in sanitizers %}
+                {% set _ = sanitizer_list.append("undefined") %}
+                {% set _ = sanitizer_list.append("float-divide-by-zero") %}
+                {% set _ = sanitizer_list.append("unsigned-integer-overflow") %}
+            {% endif %}
+
+            {% set sanitizer_flags = "-fsanitize=" ~ ",".join(sanitizer_list) %}
+
+            tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
+            tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
+            tools.build:exelinkflags+=['{{sanitizer_flags}}']
+        {% endif %}
+    {% endif %}
+{% endif %}
+
+tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags"]

conanfile.py

@@ -39,7 +39,7 @@ class Xrpl(ConanFile):
     ]
 
     test_requires = [
-        "doctest/2.4.12",
+        "gtest/1.17.0",
     ]
 
     tool_requires = [
@@ -87,7 +87,13 @@ class Xrpl(ConanFile):
         "libarchive/*:with_xattr": False,
         "libarchive/*:with_zlib": False,
         "lz4/*:shared": False,
+        "openssl/*:no_dtls": True,
+        "openssl/*:no_ssl": True,
+        "openssl/*:no_ssl3": True,
+        "openssl/*:no_tls1": True,
+        "openssl/*:no_tls1_1": True,
         "openssl/*:shared": False,
+        "openssl/*:tls_security_level": 2,
         "protobuf/*:shared": False,
         "protobuf/*:with_zlib": True,
         "rocksdb/*:enable_sse": False,

docs/0001-negative-unl/README.md

@@ -134,7 +134,7 @@ validation messages (_PAV_) received from each validator on the node's UNL. Note
 that the node will only count the validation messages that agree with its own
 validations.
 
-We define the **PAV** as the **P**ercentage of **A**greed **V**alidation
+We define the **PAV** as the Percentage of Agreed Validation
 messages received for the last N ledgers, where N = 256 by default.
 
 When the PAV drops below the **_low-water mark_**, the validator is considered

docs/0001-negative-unl/negativeUNLSqDiagram.puml

@@ -43,14 +43,14 @@ alt phase == OPEN
             alt sqn%256==0
             CA -[#green]> RM: <font color=green>getValidations
             CA -[#green]> CA: <font color=green>create UNLModify Tx
-            hnote over CA#lightgreen: use validatations of the last 256 ledgers\nto figure out UNLModify Tx candidates.\nIf any, create UNLModify Tx, and add to TxSet.
+            hnote over CA#lightgreen: use validations of the last 256 ledgers\nto figure out UNLModify Tx candidates.\nIf any, create UNLModify Tx, and add to TxSet.
             end
         CA -> GC
         GC -> CA: propose
         deactivate CA
     end
 else phase == ESTABLISH
-    hnote over GC: receive peer postions
+    hnote over GC: receive peer positions
     GC -> GC : update our position
     GC -> CA : propose \n(if position changed)
     GC -> GC : check if have consensus

docs/build/sanitizers.md

@@ -0,0 +1,207 @@
+# Sanitizer Configuration for Rippled
+
+This document explains how to properly configure and run sanitizers (AddressSanitizer, undefinedbehaviorSanitizer, ThreadSanitizer) with the xrpld project.
+Corresponding suppression files are located in the `sanitizers/suppressions` directory.
+
+- [Sanitizer Configuration for Rippled](#sanitizer-configuration-for-rippled)
+  - [Building with Sanitizers](#building-with-sanitizers)
+    - [Summary](#summary)
+    - [Build steps:](#build-steps)
+      - [Install dependencies](#install-dependencies)
+      - [Call CMake](#call-cmake)
+      - [Build](#build)
+  - [Running Tests with Sanitizers](#running-tests-with-sanitizers)
+    - [AddressSanitizer (ASAN)](#addresssanitizer-asan)
+    - [ThreadSanitizer (TSan)](#threadsanitizer-tsan)
+    - [LeakSanitizer (LSan)](#leaksanitizer-lsan)
+    - [UndefinedBehaviorSanitizer (UBSan)](#undefinedbehaviorsanitizer-ubsan)
+  - [Suppression Files](#suppression-files)
+    - [`asan.supp`](#asansupp)
+    - [`lsan.supp`](#lsansupp)
+    - [`ubsan.supp`](#ubsansupp)
+    - [`tsan.supp`](#tsansupp)
+    - [`sanitizer-ignorelist.txt`](#sanitizer-ignorelisttxt)
+  - [Troubleshooting](#troubleshooting)
+    - ["ASAN is ignoring requested \_\_asan_handle_no_return" warnings](#asan-is-ignoring-requested-__asan_handle_no_return-warnings)
+    - [Sanitizer Mismatch Errors](#sanitizer-mismatch-errors)
+  - [References](#references)
+
+## Building with Sanitizers
+
+### Summary
+
+Follow the same instructions as mentioned in [BUILD.md](../../BUILD.md) but with the following changes:
+
+1. Make sure you have a clean build directory.
+2. Set the `SANITIZERS` environment variable before calling conan install and cmake. Only set it once. Make sure both conan and cmake read the same values.
+   Example: `export SANITIZERS=address,undefinedbehavior`
+3. Optionally use `--profile:all sanitizers` with Conan to build dependencies with sanitizer instrumentation. [!NOTE]Building with sanitizer-instrumented dependencies is slower but produces fewer false positives.
+4. Set `ASAN_OPTIONS`, `LSAN_OPTIONS`, `UBSAN_OPTIONS` and `TSAN_OPTIONS` environment variables to configure sanitizer behavior when running executables. [More details below](#running-tests-with-sanitizers).
+
+---
+
+### Build steps:
+
+```bash
+cd /path/to/rippled
+rm -rf .build
+mkdir .build
+cd .build
+```
+
+#### Install dependencies
+
+The `SANITIZERS` environment variable is used by both Conan and CMake.
+
+```bash
+export SANITIZERS=address,undefinedbehavior
+# Standard build (without instrumenting dependencies)
+conan install .. --output-folder . --build missing --settings build_type=Debug
+
+# Or with sanitizer-instrumented dependencies (takes longer but fewer false positives)
+conan install .. --output-folder . --profile:all sanitizers --build missing --settings build_type=Debug
+```
+
+[!CAUTION]
+Do not mix Address and Thread sanitizers - they are incompatible.
+
+Since you already set the `SANITIZERS` environment variable when running Conan, same values will be read for the next part.
+
+#### Call CMake
+
+```bash
+cmake .. -G Ninja \
+    -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
+    -DCMAKE_BUILD_TYPE=Debug \
+    -Dtests=ON -Dxrpld=ON
+```
+
+#### Build
+
+```bash
+cmake --build . --parallel 4
+```
+
+## Running Tests with Sanitizers
+
+### AddressSanitizer (ASAN)
+
+**IMPORTANT**: ASAN with Boost produces many false positives. Use these options:
+
+```bash
+export ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=path/to/asan.supp:halt_on_error=0:log_path=asan.log"
+export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsan.log"
+
+# Run tests
+./xrpld --unittest --unittest-jobs=5
+```
+
+**Why `detect_container_overflow=0`?**
+
+- Boost intrusive containers (used in `aged_unordered_container`) trigger false positives
+- Boost context switching (used in `Workers.cpp`) confuses ASAN's stack tracking
+- Since we usually don't build Boost (because we don't want to instrument Boost and detect issues in Boost code) with ASAN but use Boost containers in ASAN instrumented rippled code, it generates false positives.
+- Building dependencies with ASAN instrumentation reduces false positives. But we don't want to instrument dependencies like Boost with ASAN because it is slow (to compile as well as run tests) and not necessary.
+- See: https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow
+- More such flags are detailed [here](https://github.com/google/sanitizers/wiki/AddressSanitizerFlags)
+
+### ThreadSanitizer (TSan)
+
+```bash
+export TSAN_OPTIONS="suppressions=path/to/tsan.supp halt_on_error=0 log_path=tsan.log"
+
+# Run tests
+./xrpld --unittest --unittest-jobs=5
+```
+
+More details [here](https://github.com/google/sanitizers/wiki/ThreadSanitizerCppManual).
+
+### LeakSanitizer (LSan)
+
+LSan is automatically enabled with ASAN. To disable it:
+
+```bash
+export ASAN_OPTIONS="detect_leaks=0"
+```
+
+More details [here](https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer).
+
+### UndefinedBehaviorSanitizer (UBSan)
+
+```bash
+export UBSAN_OPTIONS="suppressions=path/to/ubsan.supp:print_stacktrace=1:halt_on_error=0:log_path=ubsan.log"
+
+# Run tests
+./xrpld --unittest --unittest-jobs=5
+```
+
+More details [here](https://clang.llvm.org/docs/undefinedbehaviorSanitizer.html).
+
+## Suppression Files
+
+[!NOTE] Attached files contain more details.
+
+### [`asan.supp`](../../sanitizers/suppressions/asan.supp)
+
+- **Purpose**: Suppress AddressSanitizer (ASAN) errors only
+- **Format**: `interceptor_name:<pattern>` where pattern matches file names. Supported suppression types are:
+  - interceptor_name
+  - interceptor_via_fun
+  - interceptor_via_lib
+  - odr_violation
+- **More info**: [AddressSanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizer)
+- **Note**: Cannot suppress stack-buffer-overflow, container-overflow, etc.
+
+### [`lsan.supp`](../../sanitizers/suppressions/lsan.supp)
+
+- **Purpose**: Suppress LeakSanitizer (LSan) errors only
+- **Format**: `leak:<pattern>` where pattern matches function/file names
+- **More info**: [LeakSanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer)
+
+### [`ubsan.supp`](../../sanitizers/suppressions/ubsan.supp)
+
+- **Purpose**: Suppress undefinedbehaviorSanitizer errors
+- **Format**: `<error_type>:<pattern>` (e.g., `unsigned-integer-overflow:protobuf`)
+- **Covers**: Intentional overflows in sanitizers/suppressions libraries (protobuf, gRPC, stdlib)
+- More info [UBSan suppressions](https://clang.llvm.org/docs/SanitizerSpecialCaseList.html).
+
+### [`tsan.supp`](../../sanitizers/suppressions/tsan.supp)
+
+- **Purpose**: Suppress ThreadSanitizer data race warnings
+- **Format**: `race:<pattern>` where pattern matches function/file names
+- **More info**: [ThreadSanitizer suppressions](https://github.com/google/sanitizers/wiki/ThreadSanitizerSuppressions)
+
+### [`sanitizer-ignorelist.txt`](../../sanitizers/suppressions/sanitizer-ignorelist.txt)
+
+- **Purpose**: Compile-time ignorelist for all sanitizers
+- **Usage**: Passed via `-fsanitize-ignorelist=absolute/path/to/sanitizer-ignorelist.txt`
+- **Format**: `<level>:<pattern>` (e.g., `src:Workers.cpp`)
+
+## Troubleshooting
+
+### "ASAN is ignoring requested \_\_asan_handle_no_return" warnings
+
+These warnings appear when using Boost context switching and are harmless. They indicate potential false positives.
+
+### Sanitizer Mismatch Errors
+
+If you see undefined symbols like `___tsan_atomic_load` when building with ASAN:
+
+**Problem**: Dependencies were built with a different sanitizer than the main project.
+
+**Solution**: Rebuild everything with the same sanitizer:
+
+```bash
+rm -rf .build
+# Then follow the build instructions above
+```
+
+Then review the log files: `asan.log.*`, `ubsan.log.*`, `tsan.log.*`
+
+## References
+
+- [AddressSanitizer Wiki](https://github.com/google/sanitizers/wiki/AddressSanitizer)
+- [AddressSanitizer Flags](https://github.com/google/sanitizers/wiki/AddressSanitizerFlags)
+- [Container Overflow Detection](https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow)
+- [UndefinedBehavior Sanitizer](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html)
+- [ThreadSanitizer](https://github.com/google/sanitizers/wiki/ThreadSanitizerCppManual)

docs/consensus.md

@@ -189,7 +189,7 @@ validations. It checks this on every call to `timerEntry`.
 - _Wrong Ledger_ indicates the node is not working on the correct prior ledger
   and does not have it available. It requests that ledger from the network, but
   continues to work towards consensus this round while waiting. If it had been
-  _proposing_, it will send a special "bowout" proposal to its peers to indicate
+  _proposing_, it will send a special "bow-out" proposal to its peers to indicate
   its change in mode for the rest of this round. For the duration of the round,
   it defers to peer positions for determining the consensus outcome as if it
   were just _observing_.
@@ -515,7 +515,7 @@ are excerpts of the generic consensus implementation and of helper types that wi
 interact with the concrete implementing class.
 
 ```{.cpp}
-// Represents a transction under dispute this round
+// Represents a transaction under dispute this round
 template <class Tx_t, class NodeID_t> class DisputedTx;
 
 // Represents how the node participates in Consensus this round

include/xrpl/basics/IntrusivePointer.h

@@ -58,7 +58,7 @@ concept CAdoptTag = std::is_same_v<T, SharedIntrusiveAdoptIncrementStrongTag> ||
     When the strong pointer count goes to zero, the "partialDestructor" is
     called. This can be used to destroy as much of the object as possible while
     still retaining the reference counts. For example, for SHAMapInnerNodes the
-    children may be reset in that function. Note that std::shared_poiner WILL
+    children may be reset in that function. Note that std::shared_pointer WILL
     run the destructor when the strong count reaches zero, but may not free the
     memory used by the object until the weak count reaches zero. In rippled, we
     typically allocate shared pointers with the `make_shared` function. When

include/xrpl/basics/IntrusiveRefCounts.h

@@ -301,7 +301,7 @@ IntrusiveRefCounts::addWeakReleaseStrongRef() const
     // change the counts and flags (the count could be atomically changed, but
     // the flags depend on the current value of the counts).
     //
-    // Note: If this becomes a perf bottleneck, the `partialDestoryStartedMask`
+    // Note: If this becomes a perf bottleneck, the `partialDestroyStartedMask`
     // may be able to be set non-atomically. But it is easier to reason about
     // the code if the flag is set atomically.
     while (1)

include/xrpl/basics/Log.h

@@ -221,7 +221,8 @@ public:
 private:
     enum {
         // Maximum line length for log messages.
-        // If the message exceeds this length it will be truncated with elipses.
+        // If the message exceeds this length it will be truncated with
+        // ellipses.
         maximumMessageCharacters = 12 * 1024
     };
 

include/xrpl/basics/Number.h

@@ -1,8 +1,11 @@
 #ifndef XRPL_BASICS_NUMBER_H_INCLUDED
 #define XRPL_BASICS_NUMBER_H_INCLUDED
 
+#include <xrpl/beast/utility/instrumentation.h>
+
 #include <cstdint>
 #include <limits>
+#include <optional>
 #include <ostream>
 #include <string>
 
@@ -13,42 +16,252 @@ class Number;
 std::string
 to_string(Number const& amount);
 
+template <typename T>
+constexpr std::optional<int>
+logTen(T value)
+{
+    int log = 0;
+    while (value >= 10 && value % 10 == 0)
+    {
+        value /= 10;
+        ++log;
+    }
+    if (value == 1)
+        return log;
+    return std::nullopt;
+}
+
 template <typename T>
 constexpr bool
 isPowerOfTen(T value)
 {
-    while (value >= 10 && value % 10 == 0)
-        value /= 10;
-    return value == 1;
+    return logTen(value).has_value();
 }
 
+/** MantissaRange defines a range for the mantissa of a normalized Number.
+ *
+ * The mantissa is in the range [min, max], where
+ * * min is a power of 10, and
+ * * max = min * 10 - 1.
+ *
+ * The mantissa_scale enum indicates whether the range is "small" or "large".
+ * This intentionally restricts the number of MantissaRanges that can be
+ * instantiated to two: one for each scale.
+ *
+ * The "small" scale is based on the behavior of STAmount for IOUs. It has a min
+ * value of 10^15, and a max value of 10^16-1. This was sufficient for
+ * uses before Lending Protocol was implemented, mostly related to AMM.
+ *
+ * However, it does not have sufficient precision to represent the full integer
+ * range of int64_t values (-2^63 to 2^63-1), which are needed for XRP and MPT
+ * values. The implementation of SingleAssetVault, and LendingProtocol need to
+ * represent those integer values accurately and precisely, both for the
+ * STNumber field type, and for internal calculations. That necessitated the
+ * "large" scale.
+ *
+ * The "large" scale is intended to represent all values that can be represented
+ * by an STAmount - IOUs, XRP, and MPTs. It has a min value of 10^18, and a max
+ * value of 10^19-1.
+ *
+ * Note that if the mentioned amendments are eventually retired, this class
+ * should be left in place, but the "small" scale option should be removed. This
+ * will allow for future expansion beyond 64-bits if it is ever needed.
+ */
+struct MantissaRange
+{
+    using rep = std::uint64_t;
+    enum mantissa_scale { small, large };
+
+    explicit constexpr MantissaRange(mantissa_scale scale_)
+        : min(getMin(scale_))
+        , max(min * 10 - 1)
+        , log(logTen(min).value_or(-1))
+        , scale(scale_)
+    {
+    }
+
+    rep min;
+    rep max;
+    int log;
+    mantissa_scale scale;
+
+private:
+    static constexpr rep
+    getMin(mantissa_scale scale_)
+    {
+        switch (scale_)
+        {
+            case small:
+                return 1'000'000'000'000'000ULL;
+            case large:
+                return 1'000'000'000'000'000'000ULL;
+            default:
+                // Since this can never be called outside a non-constexpr
+                // context, this throw assures that the build fails if an
+                // invalid scale is used.
+                throw std::runtime_error("Unknown mantissa scale");
+        }
+    }
+};
+
+// Like std::integral, but only 64-bit integral types.
+template <class T>
+concept Integral64 =
+    std::is_same_v<T, std::int64_t> || std::is_same_v<T, std::uint64_t>;
+
+/** Number is a floating point type that can represent a wide range of values.
+ *
+ * It can represent all values that can be represented by an STAmount -
+ * regardless of asset type - XRPAmount, MPTAmount, and IOUAmount, with at least
+ * as much precision as those types require.
+ *
+ * ---- Internal Representation ----
+ *
+ * Internally, Number is represented with three values:
+ *   1. a bool sign flag,
+ *   2. a std::uint64_t mantissa,
+ *   3. an int exponent.
+ *
+ * The internal mantissa is an unsigned integer in the range defined by the
+ * current MantissaRange. The exponent is an integer in the range
+ * [minExponent, maxExponent].
+ *
+ * See the description of MantissaRange for more details on the ranges.
+ *
+ * A non-zero mantissa is (almost) always normalized, meaning it and the
+ * exponent are grown or shrunk until the mantissa is in the range
+ * [MantissaRange.min, MantissaRange.max].
+ *
+ * Note:
+ *   1. Normalization can be disabled by using the "unchecked" ctor tag. This
+ *      should only be used at specific conversion points, some constexpr
+ *      values, and in unit tests.
+ *   2. The max of the "large" range, 10^19-1, is the largest 10^X-1 value that
+ *      fits in an unsigned 64-bit number. (10^19-1 < 2^64-1 and
+ *      10^20-1 > 2^64-1). This avoids under- and overflows.
+ *
+ * ---- External Interface ----
+ *
+ * The external interface of Number consists of a std::int64_t mantissa, which
+ * is restricted to 63-bits, and an int exponent, which must be in the range
+ * [minExponent, maxExponent]. The range of the mantissa depends on which
+ * MantissaRange is currently active. For the "short" range, the mantissa will
+ * be between 10^15 and 10^16-1. For the "large" range, the mantissa will be
+ * between -(2^63-1) and 2^63-1. As noted above, the "large" range is needed to
+ * represent the full range of valid XRP and MPT integer values accurately.
+ *
+ * Note:
+ *   1. 2^63-1 is between 10^18 and 10^19-1, which are the limits of the "large"
+ *      mantissa range.
+ *   2. The functions mantissa() and exponent() return the external view of the
+ *      Number value, specifically using a signed 63-bit mantissa. This may
+ *      require altering the internal representation to fit into that range
+ *      before the value is returned. The interface guarantees consistency of
+ *      the two values.
+ *   3. Number cannot represent -2^63 (std::numeric_limits<std::int64_t>::min())
+ *      as an exact integer, but it doesn't need to, because all asset values
+ *      on-ledger are non-negative. This is due to implementation details of
+ *      several operations which use unsigned arithmetic internally. This is
+ *      sufficient to represent all valid XRP values (where the absolute value
+ *      can not exceed INITIAL_XRP: 10^17), and MPT values (where the absolute
+ *      value can not exceed maxMPTokenAmount: 2^63-1).
+ *
+ * ---- Mantissa Range Switching ----
+ *
+ * The mantissa range may be changed at runtime via setMantissaScale(). The
+ * default mantissa range is "large". The range is updated whenever transaction
+ * processing begins, based on whether SingleAssetVault or LendingProtocol are
+ * enabled. If either is enabled, the mantissa range is set to "large". If not,
+ * it is set to "small", preserving backward compatibility and correct
+ * "amendment-gating".
+ *
+ * It is extremely unlikely that any more calls to setMantissaScale() will be
+ * needed outside of unit tests.
+ *
+ * ---- Usage With Different Ranges ----
+ *
+ * Outside of unit tests, and existing checks, code that uses Number should not
+ * know or care which mantissa range is active.
+ *
+ * The results of computations using Numbers with a small mantissa may differ
+ * from computations using Numbers with a large mantissa, specifically as it
+ * effects the results after rounding. That is why the large mantissa range is
+ * amendment gated in transaction processing.
+ *
+ * It is extremely unlikely that any more calls to getMantissaScale() will be
+ * needed outside of unit tests.
+ *
+ * Code that uses Number should not assume or check anything about the
+ * mantissa() or exponent() except that they fit into the "large" range
+ * specified in the "External Interface" section.
+ *
+ * ----- Unit Tests -----
+ *
+ * Within unit tests, it may be useful to explicitly switch between the two
+ * ranges, or to check which range is active when checking the results of
+ * computations. If the test is doing the math directly, the
+ * set/getMantissaScale() functions may be most appropriate. However, if the
+ * test has anything to do with transaction processing, it should enable or
+ * disable the amendments that control the mantissa range choice
+ * (SingleAssetVault and LendingProtocol), and/or check if either of those
+ * amendments are enabled to determine which result to expect.
+ *
+ */
 class Number
 {
     using rep = std::int64_t;
-    rep mantissa_{0};
+    using internalrep = MantissaRange::rep;
+
+    bool negative_{false};
+    internalrep mantissa_{0};
     int exponent_{std::numeric_limits<int>::lowest()};
 
 public:
-    // The range for the mantissa when normalized
-    constexpr static std::int64_t minMantissa = 1'000'000'000'000'000LL;
-    static_assert(isPowerOfTen(minMantissa));
-    constexpr static std::int64_t maxMantissa = minMantissa * 10 - 1;
-    static_assert(maxMantissa == 9'999'999'999'999'999LL);
-
     // The range for the exponent when normalized
     constexpr static int minExponent = -32768;
     constexpr static int maxExponent = 32768;
 
+    constexpr static internalrep maxRep = std::numeric_limits<rep>::max();
+    static_assert(maxRep == 9'223'372'036'854'775'807);
+    static_assert(-maxRep == std::numeric_limits<rep>::min() + 1);
+
+    // May need to make unchecked private
     struct unchecked
     {
         explicit unchecked() = default;
     };
 
+    // Like unchecked, normalized is used with the ctors that take an
+    // internalrep mantissa. Unlike unchecked, those ctors will normalize the
+    // value.
+    // Only unit tests are expected to use this class
+    struct normalized
+    {
+        explicit normalized() = default;
+    };
+
     explicit constexpr Number() = default;
 
     Number(rep mantissa);
     explicit Number(rep mantissa, int exponent);
-    explicit constexpr Number(rep mantissa, int exponent, unchecked) noexcept;
+    explicit constexpr Number(
+        bool negative,
+        internalrep mantissa,
+        int exponent,
+        unchecked) noexcept;
+    // Assume unsigned values are... unsigned. i.e. positive
+    explicit constexpr Number(
+        internalrep mantissa,
+        int exponent,
+        unchecked) noexcept;
+    // Only unit tests are expected to use this ctor
+    explicit Number(
+        bool negative,
+        internalrep mantissa,
+        int exponent,
+        normalized);
+    // Assume unsigned values are... unsigned. i.e. positive
+    explicit Number(internalrep mantissa, int exponent, normalized);
 
     constexpr rep
     mantissa() const noexcept;
@@ -78,11 +291,11 @@ public:
     Number&
     operator/=(Number const& x);
 
-    static constexpr Number
+    static Number
     min() noexcept;
-    static constexpr Number
+    static Number
     max() noexcept;
-    static constexpr Number
+    static Number
     lowest() noexcept;
 
     /** Conversions to Number are implicit and conversions away from Number
@@ -96,7 +309,8 @@ public:
     friend constexpr bool
     operator==(Number const& x, Number const& y) noexcept
     {
-        return x.mantissa_ == y.mantissa_ && x.exponent_ == y.exponent_;
+        return x.negative_ == y.negative_ && x.mantissa_ == y.mantissa_ &&
+            x.exponent_ == y.exponent_;
     }
 
     friend constexpr bool
@@ -110,8 +324,8 @@ public:
     {
         // If the two amounts have different signs (zero is treated as positive)
         // then the comparison is true iff the left is negative.
-        bool const lneg = x.mantissa_ < 0;
-        bool const rneg = y.mantissa_ < 0;
+        bool const lneg = x.negative_;
+        bool const rneg = y.negative_;
 
         if (lneg != rneg)
             return lneg;
@@ -139,7 +353,7 @@ public:
     constexpr int
     signum() const noexcept
     {
-        return (mantissa_ < 0) ? -1 : (mantissa_ ? 1 : 0);
+        return negative_ ? -1 : (mantissa_ ? 1 : 0);
     }
 
     Number
@@ -169,6 +383,15 @@ public:
         return os << to_string(x);
     }
 
+    friend std::string
+    to_string(Number const& amount);
+
+    friend Number
+    root(Number f, unsigned d);
+
+    friend Number
+    root2(Number f);
+
     // Thread local rounding control.  Default is to_nearest
     enum rounding_mode { to_nearest, towards_zero, downward, upward };
     static rounding_mode
@@ -177,44 +400,206 @@ public:
     static rounding_mode
     setround(rounding_mode mode);
 
+    /** Returns which mantissa scale is currently in use for normalization.
+     *
+     * If you think you need to call this outside of unit tests, no you don't.
+     */
+    static MantissaRange::mantissa_scale
+    getMantissaScale();
+    /** Changes which mantissa scale is used for normalization.
+     *
+     * If you think you need to call this outside of unit tests, no you don't.
+     */
+    static void
+    setMantissaScale(MantissaRange::mantissa_scale scale);
+
+    inline static internalrep
+    minMantissa()
+    {
+        return range_.get().min;
+    }
+
+    inline static internalrep
+    maxMantissa()
+    {
+        return range_.get().max;
+    }
+
+    inline static int
+    mantissaLog()
+    {
+        return range_.get().log;
+    }
+
+    /// oneSmall is needed because the ranges are private
+    constexpr static Number
+    oneSmall();
+    /// oneLarge is needed because the ranges are private
+    constexpr static Number
+    oneLarge();
+
+    // And one is needed because it needs to choose between oneSmall and
+    // oneLarge based on the current range
+    static Number
+    one();
+
+    template <Integral64 T>
+    [[nodiscard]]
+    std::pair<T, int>
+    normalizeToRange(T minMantissa, T maxMantissa) const;
+
 private:
     static thread_local rounding_mode mode_;
+    // The available ranges for mantissa
+
+    constexpr static MantissaRange smallRange{MantissaRange::small};
+    static_assert(isPowerOfTen(smallRange.min));
+    static_assert(smallRange.min == 1'000'000'000'000'000LL);
+    static_assert(smallRange.max == 9'999'999'999'999'999LL);
+    static_assert(smallRange.log == 15);
+    static_assert(smallRange.min < maxRep);
+    static_assert(smallRange.max < maxRep);
+    constexpr static MantissaRange largeRange{MantissaRange::large};
+    static_assert(isPowerOfTen(largeRange.min));
+    static_assert(largeRange.min == 1'000'000'000'000'000'000ULL);
+    static_assert(largeRange.max == internalrep(9'999'999'999'999'999'999ULL));
+    static_assert(largeRange.log == 18);
+    static_assert(largeRange.min < maxRep);
+    static_assert(largeRange.max > maxRep);
+
+    // The range for the mantissa when normalized.
+    // Use reference_wrapper to avoid making copies, and prevent accidentally
+    // changing the values inside the range.
+    static thread_local std::reference_wrapper<MantissaRange const> range_;
 
     void
     normalize();
-    constexpr bool
+
+    /** Normalize Number components to an arbitrary range.
+     *
+     * min/maxMantissa are parameters because this function is used by both
+     * normalize(), which reads from range_, and by normalizeToRange,
+     * which is public and can accept an arbitrary range from the caller.
+     */
+    template <class T>
+    static void
+    normalize(
+        bool& negative,
+        T& mantissa,
+        int& exponent,
+        internalrep const& minMantissa,
+        internalrep const& maxMantissa);
+
+    template <class T>
+    friend void
+    doNormalize(
+        bool& negative,
+        T& mantissa_,
+        int& exponent_,
+        MantissaRange::rep const& minMantissa,
+        MantissaRange::rep const& maxMantissa);
+
+    bool
     isnormal() const noexcept;
 
+    // Copy the number, but modify the exponent by "exponentDelta". Because the
+    // mantissa doesn't change, the result will be "mostly" normalized, but the
+    // exponent could go out of range, so it will be checked.
+    Number
+    shiftExponent(int exponentDelta) const;
+
+    // Safely convert rep (int64) mantissa to internalrep (uint64). If the rep
+    // is negative, returns the positive value. This takes a little extra work
+    // because converting std::numeric_limits<std::int64_t>::min() flirts with
+    // UB, and can vary across compilers.
+    static internalrep
+    externalToInternal(rep mantissa);
+
     class Guard;
 };
 
+inline constexpr Number::Number(
+    bool negative,
+    internalrep mantissa,
+    int exponent,
+    unchecked) noexcept
+    : negative_(negative), mantissa_{mantissa}, exponent_{exponent}
+{
+}
+
+inline constexpr Number::Number(
+    internalrep mantissa,
+    int exponent,
+    unchecked) noexcept
+    : Number(false, mantissa, exponent, unchecked{})
+{
+}
+
 constexpr static Number numZero{};
 
-inline constexpr Number::Number(rep mantissa, int exponent, unchecked) noexcept
-    : mantissa_{mantissa}, exponent_{exponent}
+inline Number::Number(
+    bool negative,
+    internalrep mantissa,
+    int exponent,
+    normalized)
+    : Number(negative, mantissa, exponent, unchecked{})
+{
+    normalize();
+}
+
+inline Number::Number(internalrep mantissa, int exponent, normalized)
+    : Number(false, mantissa, exponent, normalized{})
 {
 }
 
 inline Number::Number(rep mantissa, int exponent)
-    : mantissa_{mantissa}, exponent_{exponent}
+    : Number(mantissa < 0, externalToInternal(mantissa), exponent, normalized{})
 {
-    normalize();
 }
 
 inline Number::Number(rep mantissa) : Number{mantissa, 0}
 {
 }
 
+/** Returns the mantissa of the external view of the Number.
+ *
+ * Please see the "---- External Interface ----" section of the class
+ * documentation for an explanation of why the internal value may be modified.
+ */
 inline constexpr Number::rep
 Number::mantissa() const noexcept
 {
-    return mantissa_;
+    auto m = mantissa_;
+    if (m > maxRep)
+    {
+        XRPL_ASSERT_PARTS(
+            !isnormal() || (m % 10 == 0 && m / 10 <= maxRep),
+            "xrpl::Number::mantissa",
+            "large normalized mantissa has no remainder");
+        m /= 10;
+    }
+    auto const sign = negative_ ? -1 : 1;
+    return sign * static_cast<Number::rep>(m);
 }
 
+/** Returns the exponent of the external view of the Number.
+ *
+ * Please see the "---- External Interface ----" section of the class
+ * documentation for an explanation of why the internal value may be modified.
+ */
 inline constexpr int
 Number::exponent() const noexcept
 {
-    return exponent_;
+    auto e = exponent_;
+    if (mantissa_ > maxRep)
+    {
+        XRPL_ASSERT_PARTS(
+            !isnormal() || (mantissa_ % 10 == 0 && mantissa_ / 10 <= maxRep),
+            "xrpl::Number::exponent",
+            "large normalized mantissa has no remainder");
+        ++e;
+    }
+    return e;
 }
 
 inline constexpr Number
@@ -226,15 +611,17 @@ Number::operator+() const noexcept
 inline constexpr Number
 Number::operator-() const noexcept
 {
+    if (mantissa_ == 0)
+        return Number{};
     auto x = *this;
-    x.mantissa_ = -x.mantissa_;
+    x.negative_ = !x.negative_;
     return x;
 }
 
 inline Number&
 Number::operator++()
 {
-    *this += Number{1000000000000000, -15, unchecked{}};
+    *this += one();
     return *this;
 }
 
@@ -249,7 +636,7 @@ Number::operator++(int)
 inline Number&
 Number::operator--()
 {
-    *this -= Number{1000000000000000, -15, unchecked{}};
+    *this -= one();
     return *this;
 }
 
@@ -299,30 +686,54 @@ operator/(Number const& x, Number const& y)
     return z;
 }
 
-inline constexpr Number
+inline Number
 Number::min() noexcept
 {
-    return Number{minMantissa, minExponent, unchecked{}};
+    return Number{false, range_.get().min, minExponent, unchecked{}};
 }
 
-inline constexpr Number
+inline Number
 Number::max() noexcept
 {
-    return Number{maxMantissa, maxExponent, unchecked{}};
+    return Number{
+        false, std::min(range_.get().max, maxRep), maxExponent, unchecked{}};
 }
 
-inline constexpr Number
+inline Number
 Number::lowest() noexcept
 {
-    return -Number{maxMantissa, maxExponent, unchecked{}};
+    return Number{
+        true, std::min(range_.get().max, maxRep), maxExponent, unchecked{}};
 }
 
-inline constexpr bool
+inline bool
 Number::isnormal() const noexcept
 {
-    auto const abs_m = mantissa_ < 0 ? -mantissa_ : mantissa_;
-    return minMantissa <= abs_m && abs_m <= maxMantissa &&
-        minExponent <= exponent_ && exponent_ <= maxExponent;
+    MantissaRange const& range = range_;
+    auto const abs_m = mantissa_;
+    return *this == Number{} ||
+        (range.min <= abs_m && abs_m <= range.max &&
+         (abs_m <= maxRep || abs_m % 10 == 0) && minExponent <= exponent_ &&
+         exponent_ <= maxExponent);
+}
+
+template <Integral64 T>
+std::pair<T, int>
+Number::normalizeToRange(T minMantissa, T maxMantissa) const
+{
+    bool negative = negative_;
+    internalrep mantissa = mantissa_;
+    int exponent = exponent_;
+
+    if constexpr (std::is_unsigned_v<T>)
+        XRPL_ASSERT_PARTS(
+            !negative,
+            "xrpl::Number::normalizeToRange",
+            "Number is non-negative for unsigned range.");
+    Number::normalize(negative, mantissa, exponent, minMantissa, maxMantissa);
+
+    auto const sign = negative ? -1 : 1;
+    return std::make_pair(static_cast<T>(sign * mantissa), exponent);
 }
 
 inline constexpr Number
@@ -364,6 +775,20 @@ squelch(Number const& x, Number const& limit) noexcept
     return x;
 }
 
+inline std::string
+to_string(MantissaRange::mantissa_scale const& scale)
+{
+    switch (scale)
+    {
+        case MantissaRange::small:
+            return "small";
+        case MantissaRange::large:
+            return "large";
+        default:
+            throw std::runtime_error("Bad scale");
+    }
+}
+
 class saveNumberRoundMode
 {
     Number::rounding_mode mode_;
@@ -402,6 +827,34 @@ public:
     operator=(NumberRoundModeGuard const&) = delete;
 };
 
+/** Sets the new scale and restores the old scale when it leaves scope.
+ *
+ * If you think you need to use this class outside of unit tests, no you don't.
+ *
+ */
+class NumberMantissaScaleGuard
+{
+    MantissaRange::mantissa_scale const saved_;
+
+public:
+    explicit NumberMantissaScaleGuard(
+        MantissaRange::mantissa_scale scale) noexcept
+        : saved_{Number::getMantissaScale()}
+    {
+        Number::setMantissaScale(scale);
+    }
+
+    ~NumberMantissaScaleGuard()
+    {
+        Number::setMantissaScale(saved_);
+    }
+
+    NumberMantissaScaleGuard(NumberMantissaScaleGuard const&) = delete;
+
+    NumberMantissaScaleGuard&
+    operator=(NumberMantissaScaleGuard const&) = delete;
+};
+
 }  // namespace xrpl
 
 #endif  // XRPL_BASICS_NUMBER_H_INCLUDED

include/xrpl/basics/Slice.h

@@ -152,8 +152,8 @@ public:
 
     /** Return a "sub slice" of given length starting at the given position
 
-        Note that the subslice encompasses the range [pos, pos + rcount),
-        where rcount is the smaller of count and size() - pos.
+        Note that the subslice encompasses the range [pos, pos + rCount),
+        where rCount is the smaller of count and size() - pos.
 
         @param pos position of the first character
         @count requested length

include/xrpl/basics/StringUtilities.h

@@ -31,7 +31,7 @@ template <class Iterator>
 std::optional<Blob>
 strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 {
-    static constexpr std::array<int, 256> const unxtab = []() {
+    static constexpr std::array<int, 256> const digitLookupTable = []() {
         std::array<int, 256> t{};
 
         for (auto& x : t)
@@ -57,7 +57,7 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 
     if (strSize & 1)
     {
-        int c = unxtab[*iter++];
+        int c = digitLookupTable[*iter++];
 
         if (c < 0)
             return {};
@@ -67,12 +67,12 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 
     while (iter != end)
     {
-        int cHigh = unxtab[*iter++];
+        int cHigh = digitLookupTable[*iter++];
 
         if (cHigh < 0)
             return {};
 
-        int cLow = unxtab[*iter++];
+        int cLow = digitLookupTable[*iter++];
 
         if (cLow < 0)
             return {};

include/xrpl/beast/container/detail/aged_unordered_container.h

@@ -3189,11 +3189,12 @@ operator==(aged_unordered_container<
 {
     if (size() != other.size())
         return false;
-    for (auto iter(cbegin()), last(cend()), olast(other.cend()); iter != last;
+    for (auto iter(cbegin()), last(cend()), otherLast(other.cend());
+         iter != last;
          ++iter)
     {
-        auto oiter(other.find(extract(*iter)));
-        if (oiter == olast)
+        auto otherIter(other.find(extract(*iter)));
+        if (otherIter == otherLast)
             return false;
     }
     return true;

include/xrpl/beast/core/CurrentThreadName.h

@@ -5,6 +5,8 @@
 #ifndef BEAST_CORE_CURRENT_THREAD_NAME_H_INCLUDED
 #define BEAST_CORE_CURRENT_THREAD_NAME_H_INCLUDED
 
+#include <boost/predef.h>
+
 #include <string>
 #include <string_view>
 
@@ -16,6 +18,31 @@ namespace beast {
 void
 setCurrentThreadName(std::string_view newThreadName);
 
+#if BOOST_OS_LINUX
+
+// On Linux, thread names are limited to 16 bytes including the null terminator.
+// Maximum number of characters is therefore 15.
+constexpr std::size_t maxThreadNameLength = 15;
+
+/** Sets the name of the caller thread with compile-time size checking.
+    @tparam N The size of the string literal including null terminator
+    @param newThreadName A string literal to set as the thread name
+
+    This template overload enforces that thread names are at most 16 characters
+    (including null terminator) at compile time, matching Linux's limit.
+*/
+template <std::size_t N>
+void
+setCurrentThreadName(char const (&newThreadName)[N])
+{
+    static_assert(
+        N <= maxThreadNameLength + 1,
+        "Thread name cannot exceed 15 characters");
+
+    setCurrentThreadName(std::string_view(newThreadName, N - 1));
+}
+#endif
+
 /** Returns the name of the caller thread.
 
     The name returned is the name as set by a call to setCurrentThreadName().

include/xrpl/beast/core/LexicalCast.h

@@ -18,7 +18,7 @@ namespace beast {
 
 namespace detail {
 
-// These specializatons get called by the non-member functions to do the work
+// These specializations get called by the non-member functions to do the work
 template <class Out, class In>
 struct LexicalCast;
 

include/xrpl/beast/hash/hash_append.h

@@ -203,7 +203,7 @@ struct is_contiguously_hashable<T[N], HashAlgorithm>
         Throws:
             Never
         Effect:
-            Returns the reslting hash of all the input data.
+            Returns the resulting hash of all the input data.
 */
 /** @{ */
 

include/xrpl/beast/utility/PropertyStream.h

@@ -376,7 +376,7 @@ public:
         print statement examples
         "parent.child" prints child and all of its children
         "parent.child." start at the parent and print down to child
-        "parent.grandchild" prints nothing- grandchild not direct discendent
+        "parent.grandchild" prints nothing- grandchild not direct descendent
         "parent.grandchild." starts at the parent and prints down to grandchild
         "parent.grandchild.*" starts at parent, print through grandchild
        children

include/xrpl/json/json_reader.h

@@ -1,8 +1,6 @@
 #ifndef XRPL_JSON_JSON_READER_H_INCLUDED
 #define XRPL_JSON_JSON_READER_H_INCLUDED
 
-#define CPPTL_JSON_READER_H_INCLUDED
-
 #include <xrpl/json/json_forwards.h>
 #include <xrpl/json/json_value.h>
 
@@ -68,7 +66,7 @@ public:
      * error occurred during parsing.
      */
     std::string
-    getFormatedErrorMessages() const;
+    getFormattedErrorMessages() const;
 
     static constexpr unsigned nest_limit{25};
 
@@ -231,4 +229,4 @@ operator>>(std::istream&, Value&);
 
 }  // namespace Json
 
-#endif  // CPPTL_JSON_READER_H_INCLUDED
+#endif  // XRPL_JSON_JSON_READER_H_INCLUDED

include/xrpl/json/json_value.h

@@ -44,7 +44,7 @@ enum ValueType {
 class StaticString
 {
 public:
-    constexpr explicit StaticString(char const* czstring) : str_(czstring)
+    constexpr explicit StaticString(char const* czString) : str_(czString)
     {
     }
 
@@ -682,4 +682,4 @@ public:
 
 }  // namespace Json
 
-#endif  // CPPTL_JSON_H_INCLUDED
+#endif  // XRPL_JSON_JSON_VALUE_H_INCLUDED

include/xrpl/json/json_writer.h

@@ -90,7 +90,7 @@ private:
     void
     writeArrayValue(Value const& value);
     bool
-    isMultineArray(Value const& value);
+    isMultilineArray(Value const& value);
     void
     pushValue(std::string const& value);
     void
@@ -157,7 +157,7 @@ private:
     void
     writeArrayValue(Value const& value);
     bool
-    isMultineArray(Value const& value);
+    isMultilineArray(Value const& value);
     void
     pushValue(std::string const& value);
     void

include/xrpl/ledger/CredentialHelpers.h

@@ -15,7 +15,7 @@ namespace xrpl {
 namespace credentials {
 
 // These function will be used by the code that use DepositPreauth / Credentials
-// (and any future preauthorization modes) as part of authorization (all the
+// (and any future pre-authorization modes) as part of authorization (all the
 // transfer funds transactions)
 
 // Check if credential sfExpiration field has passed ledger's parentCloseTime
@@ -41,7 +41,8 @@ checkFields(STTx const& tx, beast::Journal j);
 
 // Accessing the ledger to check if provided credentials are valid. Do not use
 // in doApply (only in preclaim) since it does not remove expired credentials.
-// If you call it in prelaim, you also must call verifyDepositPreauth in doApply
+// If you call it in preclaim, you also must call verifyDepositPreauth in
+// doApply
 TER
 valid(
     STTx const& tx,

include/xrpl/ledger/Credit.h

@@ -1,5 +1,5 @@
-#ifndef XRPL_APP_PATHS_CREDIT_H_INCLUDED
-#define XRPL_APP_PATHS_CREDIT_H_INCLUDED
+#ifndef XRPL_LEDGER_CREDIT_H_INCLUDED
+#define XRPL_LEDGER_CREDIT_H_INCLUDED
 
 #include <xrpl/ledger/View.h>
 #include <xrpl/protocol/IOUAmount.h>

include/xrpl/ledger/View.h

@@ -61,6 +61,9 @@ enum FreezeHandling { fhIGNORE_FREEZE, fhZERO_IF_FROZEN };
 /** Controls the treatment of unauthorized MPT balances */
 enum AuthHandling { ahIGNORE_AUTH, ahZERO_IF_UNAUTHORIZED };
 
+/** Controls whether to include the account's full spendable balance */
+enum SpendableHandling { shSIMPLE_BALANCE, shFULL_BALANCE };
+
 [[nodiscard]] bool
 isGlobalFrozen(ReadView const& view, AccountID const& issuer);
 
@@ -305,86 +308,57 @@ isLPTokenFrozen(
     Issue const& asset,
     Issue const& asset2);
 
-// Returns the amount an account can spend without going into debt.
+// Returns the amount an account can spend.
 //
-// <-- saAmount: amount of currency held by account. May be negative.
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Asset const& asset,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
-
-// Returns the amount an account can spend total.
+// If shSIMPLE_BALANCE is specified, this is the amount the account can spend
+// without going into debt.
 //
-// These functions use accountHolds, but unlike accountHolds:
-// * The account can go into debt.
-// * If the account is the asset issuer the only limit is defined by the asset /
+// If shFULL_BALANCE is specified, this is the amount the account can spend
+// total. Specifically:
+// * The account can go into debt if using a trust line, and the other side has
+// a non-zero limit.
+// * If the account is the asset issuer the limit is defined by the asset /
 //   issuance.
 //
 // <-- saAmount: amount of currency held by account. May be negative.
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     Currency const& currency,
     AccountID const& issuer,
     FreezeHandling zeroIfFrozen,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     Issue const& issue,
     FreezeHandling zeroIfFrozen,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     MPTIssue const& mptIssue,
     FreezeHandling zeroIfFrozen,
     AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     Asset const& asset,
     FreezeHandling zeroIfFrozen,
     AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 // Returns the amount an account can spend of the currency type saDefault, or
 // returns saDefault if this account is the issuer of the currency in
@@ -655,7 +629,7 @@ createPseudoAccount(
     uint256 const& pseudoOwnerKey,
     SField const& ownerField);
 
-// Returns true iff sleAcct is a pseudo-account or specific
+// Returns true if and only if sleAcct is a pseudo-account or specific
 // pseudo-accounts in pseudoFieldFilter.
 //
 // Returns false if sleAcct is
@@ -710,13 +684,16 @@ checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
  *    - If withdrawing to self, succeed.
  *    - If not, checks if the receiver requires deposit authorization, and if
  *      the sender has it.
+ *    - Checks that the receiver will not exceed the limit (IOU trustline limit
+ *      or MPT MaximumAmount).
  */
 [[nodiscard]] TER
 canWithdraw(
-    AccountID const& from,
     ReadView const& view,
+    AccountID const& from,
     AccountID const& to,
     SLE::const_ref toSle,
+    STAmount const& amount,
     bool hasDestinationTag);
 
 /** Checks that can withdraw funds from an object to itself or a destination.
@@ -730,12 +707,15 @@ canWithdraw(
  *    - If withdrawing to self, succeed.
  *    - If not, checks if the receiver requires deposit authorization, and if
  *      the sender has it.
+ *    - Checks that the receiver will not exceed the limit (IOU trustline limit
+ *      or MPT MaximumAmount).
  */
 [[nodiscard]] TER
 canWithdraw(
-    AccountID const& from,
     ReadView const& view,
+    AccountID const& from,
     AccountID const& to,
+    STAmount const& amount,
     bool hasDestinationTag);
 
 /** Checks that can withdraw funds from an object to itself or a destination.
@@ -749,6 +729,8 @@ canWithdraw(
  *    - If withdrawing to self, succeed.
  *    - If not, checks if the receiver requires deposit authorization, and if
  *      the sender has it.
+ *    - Checks that the receiver will not exceed the limit (IOU trustline limit
+ *      or MPT MaximumAmount).
  */
 [[nodiscard]] TER
 canWithdraw(ReadView const& view, STTx const& tx);

include/xrpl/nodestore/DummyScheduler.h

@@ -6,7 +6,7 @@
 namespace xrpl {
 namespace NodeStore {
 
-/** Simple NodeStore Scheduler that just peforms the tasks synchronously. */
+/** Simple NodeStore Scheduler that just performs the tasks synchronously. */
 class DummyScheduler : public Scheduler
 {
 public:

include/xrpl/nodestore/Manager.h

@@ -55,7 +55,7 @@ public:
             HyperLevelDB, LevelDBFactory, SQLite, MDB
 
         If the fastBackendParameter is omitted or empty, no ephemeral database
-        is used. If the scheduler parameter is omited or unspecified, a
+        is used. If the scheduler parameter is omitted or unspecified, a
         synchronous scheduler is used which performs all tasks immediately on
         the caller's thread.
 

include/xrpl/nodestore/README.md

@@ -96,7 +96,7 @@ Facebook's RocksDB database, builds on LevelDB.
 
 Use SQLite.
 
-'path' speficies where the backend will store its data files.
+'path' specifies where the backend will store its data files.
 
 Choices for 'compression'
 
@@ -161,7 +161,7 @@ Through various executions and profiling some conclusions are presented below.
 
 - Multiple runs of the benchmarks can yield surprisingly different results. This
   can perhaps be attributed to the asynchronous nature of rocksdb's compaction
-  process. The benchmarks are artifical and create highly unlikely write load to
+  process. The benchmarks are artificial and create highly unlikely write load to
   create the dataset to measure different read access patterns. Therefore multiple
   runs of the benchmarks are required to get a feel for the effectiveness of the
   changes. This contrasts sharply with the keyvadb benchmarking were highly

include/xrpl/proto/org/xrpl/rpc/v1/xrp_ledger.proto

@@ -9,7 +9,7 @@ import "org/xrpl/rpc/v1/get_ledger_entry.proto";
 import "org/xrpl/rpc/v1/get_ledger_data.proto";
 import "org/xrpl/rpc/v1/get_ledger_diff.proto";
 
-// These methods are binary only methods for retrieiving arbitrary ledger state
+// These methods are binary only methods for retrieving arbitrary ledger state
 // via gRPC. These methods are used by clio, but can also be
 // used by any client that wants to extract ledger state in an efficient manner.
 // They do not directly mimic the JSON equivalent methods.

include/xrpl/proto/xrpl.proto

@@ -17,9 +17,9 @@ enum MessageType {
   mtHAVE_SET = 35;
   mtVALIDATION = 41;
   mtGET_OBJECTS = 42;
-  mtVALIDATORLIST = 54;
+  mtVALIDATOR_LIST = 54;
   mtSQUELCH = 55;
-  mtVALIDATORLISTCOLLECTION = 56;
+  mtVALIDATOR_LIST_COLLECTION = 56;
   mtPROOF_PATH_REQ = 57;
   mtPROOF_PATH_RESPONSE = 58;
   mtREPLAY_DELTA_REQ = 59;
@@ -308,7 +308,7 @@ message TMSquelch {
 }
 
 enum TMLedgerMapType {
-  lmTRANASCTION = 1;    // transaction map
+  lmTRANSACTION = 1;    // transaction map
   lmACCOUNT_STATE = 2;  // account state map
 }
 

include/xrpl/protocol/AmountConversions.h

@@ -121,7 +121,7 @@ toAmount(
     {
         if (isXRP(issue))
             return STAmount(issue, static_cast<std::int64_t>(n));
-        return STAmount(issue, n.mantissa(), n.exponent());
+        return STAmount(issue, n);
     }
     else
     {

include/xrpl/protocol/HashPrefix.h

@@ -67,9 +67,6 @@ enum class HashPrefix : std::uint32_t {
     /** Payment Channel Claim */
     paymentChannelClaim = detail::make_hash_prefix('C', 'L', 'M'),
 
-    /** Credentials signature */
-    credential = detail::make_hash_prefix('C', 'R', 'D'),
-
     /** Batch */
     batch = detail::make_hash_prefix('B', 'C', 'H'),
 };

include/xrpl/protocol/IOUAmount.h

@@ -20,14 +20,16 @@ namespace xrpl {
 
     Arithmetic operations can throw std::overflow_error during normalization
     if the amount exceeds the largest representable amount, but underflows
-    will silently trunctate to zero.
+    will silently truncate to zero.
 */
 class IOUAmount : private boost::totally_ordered<IOUAmount>,
                   private boost::additive<IOUAmount>
 {
 private:
-    std::int64_t mantissa_;
-    int exponent_;
+    using mantissa_type = std::int64_t;
+    using exponent_type = int;
+    mantissa_type mantissa_;
+    exponent_type exponent_;
 
     /** Adjusts the mantissa and exponent to the proper range.
 
@@ -38,11 +40,14 @@ private:
     void
     normalize();
 
+    static IOUAmount
+    fromNumber(Number const& number);
+
 public:
     IOUAmount() = default;
     explicit IOUAmount(Number const& other);
     IOUAmount(beast::Zero);
-    IOUAmount(std::int64_t mantissa, int exponent);
+    IOUAmount(mantissa_type mantissa, exponent_type exponent);
 
     IOUAmount& operator=(beast::Zero);
 
@@ -71,10 +76,10 @@ public:
     int
     signum() const noexcept;
 
-    int
+    exponent_type
     exponent() const noexcept;
 
-    std::int64_t
+    mantissa_type
     mantissa() const noexcept;
 
     static IOUAmount
@@ -92,7 +97,7 @@ inline IOUAmount::IOUAmount(beast::Zero)
     *this = beast::zero;
 }
 
-inline IOUAmount::IOUAmount(std::int64_t mantissa, int exponent)
+inline IOUAmount::IOUAmount(mantissa_type mantissa, exponent_type exponent)
     : mantissa_(mantissa), exponent_(exponent)
 {
     normalize();
@@ -149,13 +154,13 @@ IOUAmount::signum() const noexcept
     return (mantissa_ < 0) ? -1 : (mantissa_ ? 1 : 0);
 }
 
-inline int
+inline IOUAmount::exponent_type
 IOUAmount::exponent() const noexcept
 {
     return exponent_;
 }
 
-inline std::int64_t
+inline IOUAmount::mantissa_type
 IOUAmount::mantissa() const noexcept
 {
     return mantissa_;

include/xrpl/protocol/Indexes.h

@@ -18,7 +18,7 @@
 namespace xrpl {
 
 class SeqProxy;
-/** Keylet computation funclets.
+/** Keylet computation functions.
 
     Entries in the ledger are located using 256-bit locators. The locators are
     calculated using a wide range of parameters specific to the entry whose

include/xrpl/protocol/Issue.h

@@ -37,6 +37,9 @@ public:
     bool
     native() const;
 
+    bool
+    integral() const;
+
     friend constexpr std::weak_ordering
     operator<=>(Issue const& lhs, Issue const& rhs);
 };

include/xrpl/protocol/MPTIssue.h

@@ -46,6 +46,12 @@ public:
     {
         return false;
     }
+
+    bool
+    integral() const
+    {
+        return true;
+    }
 };
 
 constexpr bool

include/xrpl/protocol/Permissions.h

@@ -29,7 +29,7 @@ enum GranularPermissionType : std::uint32_t {
 #pragma pop_macro("PERMISSION")
 };
 
-enum Delegation { delegatable, notDelegatable };
+enum Delegation { delegable, notDelegable };
 
 class Permission
 {
@@ -38,7 +38,7 @@ private:
 
     std::unordered_map<std::uint16_t, uint256> txFeatureMap_;
 
-    std::unordered_map<std::uint16_t, Delegation> delegatableTx_;
+    std::unordered_map<std::uint16_t, Delegation> delegableTx_;
 
     std::unordered_map<std::string, GranularPermissionType>
         granularPermissionMap_;
@@ -71,8 +71,7 @@ public:
     getTxFeature(TxType txType) const;
 
     bool
-    isDelegatable(std::uint32_t const& permissionValue, Rules const& rules)
-        const;
+    isDelegable(std::uint32_t const& permissionValue, Rules const& rules) const;
 
     // for tx level permission, permission value is equal to tx type plus one
     uint32_t

include/xrpl/protocol/Protocol.h

@@ -179,7 +179,7 @@ static constexpr int loanPaymentsPerFeeIncrement = 5;
  *
  * This limit is enforced during the loan payment process, and thus is not
  * estimated. If the limit is hit, no further payments or overpayments will be
- * processed, no matter how much of the transation Amount is left, but the
+ * processed, no matter how much of the transaction Amount is left, but the
  * transaction will succeed with the payments that have been processed up to
  * that point.
  *
@@ -233,6 +233,7 @@ std::size_t constexpr maxMPTokenMetadataLength = 1024;
 
 /** The maximum amount of MPTokenIssuance */
 std::uint64_t constexpr maxMPTokenAmount = 0x7FFF'FFFF'FFFF'FFFFull;
+static_assert(Number::maxRep >= maxMPTokenAmount);
 
 /** The maximum length of Data payload */
 std::size_t constexpr maxDataPayloadLength = 256;

include/xrpl/protocol/Quality.h

@@ -210,7 +210,7 @@ public:
 
 private:
     // The ceil_in and ceil_out methods that deal in TAmount all convert
-    // their arguments to STAoumout and convert the result back to TAmount.
+    // their arguments to STAmount and convert the result back to TAmount.
     // This helper function takes care of all the conversion operations.
     template <
         class In,

include/xrpl/protocol/SField.h

@@ -135,7 +135,10 @@ public:
         sMD_Always = 0x10,   // value when node containing it is affected at all
         sMD_BaseTen = 0x20,  // value is treated as base 10, overriding behavior
         sMD_PseudoAccount = 0x40,  // if this field is set in an ACCOUNT_ROOT
-        // _only_, then it is a pseudo-account
+                                   // _only_, then it is a pseudo-account
+        sMD_NeedsAsset = 0x80,     // This field needs to be associated with an
+                                   // asset before it is serialized as a ledger
+                                   // object. Intended for STNumber.
         sMD_Default =
             sMD_ChangeOrig | sMD_ChangeNew | sMD_DeleteFinal | sMD_Create
     };

include/xrpl/protocol/STAmount.h

@@ -138,7 +138,7 @@ public:
 
     template <AssetType A>
     STAmount(A const& asset, Number const& number)
-        : STAmount(asset, number.mantissa(), number.exponent())
+        : STAmount(fromNumber(asset, number))
     {
     }
 
@@ -282,6 +282,10 @@ public:
     mpt() const;
 
 private:
+    template <AssetType A>
+    static STAmount
+    fromNumber(A const& asset, Number const& number);
+
     static std::unique_ptr<STAmount>
     construct(SerialIter&, SField const& name);
 
@@ -345,10 +349,19 @@ STAmount::STAmount(
     , mIsNegative(negative)
 {
     // mValue is uint64, but needs to fit in the range of int64
-    XRPL_ASSERT(
-        mValue <= std::numeric_limits<std::int64_t>::max(),
-        "xrpl::STAmount::STAmount(SField, A, std::uint64_t, int, bool) : "
-        "maximum mantissa input");
+    if (Number::getMantissaScale() == MantissaRange::small)
+    {
+        XRPL_ASSERT(
+            mValue <= std::numeric_limits<std::int64_t>::max(),
+            "xrpl::STAmount::STAmount(SField, A, std::uint64_t, int, bool) : "
+            "maximum mantissa input");
+    }
+    else
+    {
+        if (integral() && mValue > std::numeric_limits<std::int64_t>::max())
+            throw std::overflow_error(
+                "STAmount mantissa is too large " + std::to_string(mantissa));
+    }
     canonicalize();
 }
 
@@ -542,14 +555,23 @@ STAmount::operator=(XRPAmount const& amount)
     return *this;
 }
 
-inline STAmount&
-STAmount::operator=(Number const& number)
+template <AssetType A>
+inline STAmount
+STAmount::fromNumber(A const& a, Number const& number)
 {
-    mIsNegative = number.mantissa() < 0;
-    mValue = mIsNegative ? -number.mantissa() : number.mantissa();
-    mOffset = number.exponent();
-    canonicalize();
-    return *this;
+    bool const negative = number.mantissa() < 0;
+    Number const working{negative ? -number : number};
+    Asset asset{a};
+    if (asset.integral())
+    {
+        std::uint64_t const intValue = static_cast<std::int64_t>(working);
+        return STAmount{asset, intValue, 0, negative};
+    }
+
+    auto const [mantissa, exponent] =
+        working.normalizeToRange(cMinValue, cMaxValue);
+
+    return STAmount{asset, mantissa, exponent, negative};
 }
 
 inline void
@@ -699,17 +721,32 @@ getRate(STAmount const& offerOut, STAmount const& offerIn);
  * @param rounding Optional Number rounding mode
  *
  */
-STAmount
+[[nodiscard]] STAmount
 roundToScale(
     STAmount const& value,
     std::int32_t scale,
     Number::rounding_mode rounding = Number::getround());
 
+/** Round an arbitrary precision Number IN PLACE to the precision of a given
+ * Asset.
+ *
+ * This is used to ensure that calculations do not collect dust for IOUs, or
+ * fractional amounts for the integral types XRP and MPT.
+ *
+ * @param asset The relevant asset
+ * @param value The lvalue to be rounded
+ */
+template <AssetType A>
+void
+roundToAsset(A const& asset, Number& value)
+{
+    value = STAmount{asset, value};
+}
+
 /** Round an arbitrary precision Number to the precision of a given Asset.
  *
- * This is used to ensure that calculations do not collect dust beyond the
- * precision of the reference value for IOUs, or fractional amounts for the
- * integral types XRP and MPT.
+ * This is used to ensure that calculations do not collect dust beyond specified
+ * scale for IOUs, or fractional amounts for the integral types XRP and MPT.
  *
  * @param asset The relevant asset
  * @param value The value to be rounded
@@ -718,7 +755,7 @@ roundToScale(
  * @param rounding Optional Number rounding mode
  */
 template <AssetType A>
-Number
+[[nodiscard]] Number
 roundToAsset(
     A const& asset,
     Number const& value,

include/xrpl/protocol/STNumber.h

@@ -4,6 +4,7 @@
 #include <xrpl/basics/CountedObject.h>
 #include <xrpl/basics/Number.h>
 #include <xrpl/protocol/STBase.h>
+#include <xrpl/protocol/STTakesAsset.h>
 
 #include <ostream>
 
@@ -19,8 +20,19 @@ namespace xrpl {
  * it can represent a value of any token type (XRP, IOU, or MPT)
  * without paying the storage cost of duplicating asset information
  * that may be deduced from the context.
+ *
+ * STNumber derives from STTakesAsset, so that it can be associated with the
+ * related Asset during transaction processing. Which asset is relevant depends
+ * on the object and transaction. As of this writing, only Vault, LoanBroker,
+ * and Loan objects use STNumber fields. All of those fields represent amounts
+ * of the Vault's Asset, so they should be associated with the Vault's Asset.
+ *
+ * e.g.
+ *     associateAsset(*loanSle, asset);
+ *     associateAsset(*brokerSle, asset);
+ *     associateAsset(*vaultSle, asset);
  */
-class STNumber : public STBase, public CountedObject<STNumber>
+class STNumber : public STTakesAsset, public CountedObject<STNumber>
 {
 private:
     Number value_;
@@ -56,6 +68,9 @@ public:
     bool
     isDefault() const override;
 
+    void
+    associateAsset(Asset const& a) override;
+
     operator Number() const
     {
         return value_;

include/xrpl/protocol/STTakesAsset.h

@@ -0,0 +1,63 @@
+#ifndef XRPL_PROTOCOL_STTAKESASSET_H_INCLUDED
+#define XRPL_PROTOCOL_STTAKESASSET_H_INCLUDED
+
+#include <xrpl/protocol/Asset.h>
+#include <xrpl/protocol/STBase.h>
+
+namespace xrpl {
+
+/** Intermediate class for any STBase-derived class to store an Asset.
+ *
+ * In the class definition, this class should be specified as a base class
+ * _instead_ of STBase.
+ *
+ * Specifically, the Asset is only stored and used at runtime. It should not be
+ * serialized to the ledger.
+ *
+ * The derived class decides what to do with the Asset, and when. It will not
+ * necessarily be set at any given time. As of this writing, only STNumber uses
+ * it to round the stored Number to the Asset's precision both when associated,
+ * and when serializing the Number.
+ */
+class STTakesAsset : public STBase
+{
+protected:
+    std::optional<Asset> asset_;
+
+public:
+    using STBase::STBase;
+    using STBase::operator=;
+
+    virtual void
+    associateAsset(Asset const& a);
+};
+
+inline void
+STTakesAsset::associateAsset(Asset const& a)
+{
+    asset_.emplace(a);
+}
+
+class STLedgerEntry;
+
+/** Associate an Asset with all sMD_NeedsAsset fields in a ledger entry.
+ *
+ * This function iterates over all fields in the given ledger entry. For each
+ * field that is set and has the SField::sMD_NeedsAsset metadata flag, it calls
+ * `associateAsset` on that field with the given Asset. Such field must be
+ * derived from STTakesAsset - if it is not, the conversion will throw.
+ *
+ * Typically, associateAsset should be called near the end of doApply() of any
+ * Transactor classes on the SLEs of any new or modified ledger entries
+ * containing STNumber fields, after doing all of the modifications t the SLEs.
+ *
+ * @param sle The ledger entry whose fields will be updated.
+ * @param asset The Asset to associate with the relevant fields.
+ *
+ */
+void
+associateAsset(STLedgerEntry& sle, Asset const& asset);
+
+}  // namespace xrpl
+
+#endif

include/xrpl/protocol/SystemParameters.h

@@ -23,6 +23,8 @@ systemName()
 
 /** Number of drops in the genesis account. */
 constexpr XRPAmount INITIAL_XRP{100'000'000'000 * DROPS_PER_XRP};
+static_assert(INITIAL_XRP.drops() == 100'000'000'000'000'000);
+static_assert(Number::maxRep >= INITIAL_XRP.drops());
 
 /** Returns true if the amount does not exceed the initial XRP in existence. */
 inline bool

include/xrpl/protocol/TxFlags.h

@@ -277,7 +277,7 @@ constexpr std::uint32_t const tfLoanOverpayment = 0x00010000;
 // interest and fees, or it will fail. False: Not a full payment.
 constexpr std::uint32_t const tfLoanFullPayment = 0x00020000;
 // tfLoanLatePayment: True, indicates that the payment is late,
-// and includes late iterest and fees. If the loan is not late,
+// and includes late interest and fees. If the loan is not late,
 // it will fail. False: not a late payment. If the current payment
 // is overdue, the transaction will fail.
 constexpr std::uint32_t const tfLoanLatePayment = 0x00040000;

include/xrpl/protocol/XChainAttestations.h

@@ -33,12 +33,12 @@ struct AttestationBase
     // Account on the sending chain that triggered the event (sent the
     // transaction)
     AccountID sendingAccount;
-    // Amount transfered on the sending chain
+    // Amount transferred on the sending chain
     STAmount sendingAmount;
     // Account on the destination chain that collects a share of the attestation
     // reward
     AccountID rewardAccount;
-    // Amount was transfered on the locking chain
+    // Amount was transferred on the locking chain
     bool wasLockingChainSend;
 
     explicit AttestationBase(
@@ -354,7 +354,7 @@ struct XChainCreateAccountAttestation
         XChainCreateAccountAttestation const& rhs);
 };
 
-// Attestations from witness servers for a particular claimid and bridge.
+// Attestations from witness servers for a particular claim ID and bridge.
 // Only one attestation per signature is allowed.
 template <class TAttestation>
 class XChainAttestationsBase

include/xrpl/protocol/detail/STVar.h

@@ -42,7 +42,7 @@ concept ValidConstructSTArgs =
 class STVar
 {
 private:
-    // The largest "small object" we can accomodate
+    // The largest "small object" we can accommodate
     static std::size_t constexpr max_size = 72;
 
     std::aligned_storage<max_size>::type d_;

include/xrpl/protocol/detail/features.macro

@@ -16,7 +16,8 @@
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
 
-XRPL_FEATURE(LendingProtocol,            Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FIX    (BatchInnerSigs,             Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(LendingProtocol,            Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(PermissionDelegationV1_1,   Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FIX    (DirectoryLimit,             Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (IncludeKeyletFields,        Supported::yes, VoteBehavior::DefaultNo)
@@ -30,7 +31,7 @@ XRPL_FIX    (EnforceNFTokenTrustlineV2,  Supported::yes, VoteBehavior::DefaultNo
 XRPL_FIX    (AMMv1_3,                    Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(PermissionedDEX,            Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(Batch,                      Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(SingleAssetVault,           Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FEATURE(SingleAssetVault,           Supported::yes,  VoteBehavior::DefaultNo)
 XRPL_FIX    (PayChanCancelAfter,         Supported::yes, VoteBehavior::DefaultNo)
 // Check flags in Credential transactions
 XRPL_FIX    (InvalidTxFlags,             Supported::yes, VoteBehavior::DefaultNo)

include/xrpl/protocol/detail/ledger_entries.macro

@@ -237,7 +237,7 @@ LEDGER_ENTRY(ltOFFER, 0x006f, Offer, offer, ({
     {sfAdditionalBooks,      soeOPTIONAL},
 }))
 
-/** A ledger object which describes a deposit preauthorization.
+/** A ledger object which describes a deposit pre-authorization.
 
     \sa keylet::depositPreauth
  */
@@ -541,7 +541,7 @@ LEDGER_ENTRY(ltLOAN, 0x0089, Loan, loan, ({
     {sfStartDate,            soeREQUIRED},
     {sfPaymentInterval,      soeREQUIRED},
     {sfGracePeriod,          soeDEFAULT},
-    {sfPreviousPaymentDate,  soeDEFAULT},
+    {sfPreviousPaymentDueDate, soeDEFAULT},
     {sfNextPaymentDueDate,   soeDEFAULT},
     // The loan object tracks these values:
     //
@@ -577,7 +577,7 @@ LEDGER_ENTRY(ltLOAN, 0x0089, Loan, loan, ({
     // - TrueTotalLoanValue = PaymentRemaining * PeriodicPayment
     //   The unrounded true total value of the loan.
     //
-    // - TrueTotalPrincialOutstanding can be computed using the algorithm
+    // - TrueTotalPrincipalOutstanding can be computed using the algorithm
     //   in the ripple::detail::loanPrincipalFromPeriodicPayment function.
     //
     // - TrueTotalInterestOutstanding = TrueTotalLoanValue -

include/xrpl/protocol/detail/sfields.macro

@@ -102,7 +102,7 @@ TYPED_SFIELD(sfMutableFlags,             UINT32,    53)
 TYPED_SFIELD(sfStartDate,                UINT32,    54)
 TYPED_SFIELD(sfPaymentInterval,          UINT32,    55)
 TYPED_SFIELD(sfGracePeriod,              UINT32,    56)
-TYPED_SFIELD(sfPreviousPaymentDate,      UINT32,    57)
+TYPED_SFIELD(sfPreviousPaymentDueDate,   UINT32,    57)
 TYPED_SFIELD(sfNextPaymentDueDate,       UINT32,    58)
 TYPED_SFIELD(sfPaymentRemaining,         UINT32,    59)
 TYPED_SFIELD(sfPaymentTotal,             UINT32,    60)
@@ -207,22 +207,22 @@ TYPED_SFIELD(sfLoanID,                   UINT256,   38)
 
 // number (common)
 TYPED_SFIELD(sfNumber,                   NUMBER,     1)
-TYPED_SFIELD(sfAssetsAvailable,          NUMBER,     2)
-TYPED_SFIELD(sfAssetsMaximum,            NUMBER,     3)
-TYPED_SFIELD(sfAssetsTotal,              NUMBER,     4)
-TYPED_SFIELD(sfLossUnrealized,           NUMBER,     5)
-TYPED_SFIELD(sfDebtTotal,                NUMBER,     6)
-TYPED_SFIELD(sfDebtMaximum,              NUMBER,     7)
-TYPED_SFIELD(sfCoverAvailable,           NUMBER,     8)
+TYPED_SFIELD(sfAssetsAvailable,          NUMBER,     2, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfAssetsMaximum,            NUMBER,     3, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfAssetsTotal,              NUMBER,     4, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfLossUnrealized,           NUMBER,     5, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfDebtTotal,                NUMBER,     6, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfDebtMaximum,              NUMBER,     7, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfCoverAvailable,           NUMBER,     8, SField::sMD_NeedsAsset | SField::sMD_Default)
 TYPED_SFIELD(sfLoanOriginationFee,       NUMBER,     9)
 TYPED_SFIELD(sfLoanServiceFee,           NUMBER,     10)
 TYPED_SFIELD(sfLatePaymentFee,           NUMBER,     11)
 TYPED_SFIELD(sfClosePaymentFee,          NUMBER,     12)
-TYPED_SFIELD(sfPrincipalOutstanding,     NUMBER,     13)
+TYPED_SFIELD(sfPrincipalOutstanding,     NUMBER,     13, SField::sMD_NeedsAsset | SField::sMD_Default)
 TYPED_SFIELD(sfPrincipalRequested,       NUMBER,     14)
-TYPED_SFIELD(sfTotalValueOutstanding,    NUMBER,     15)
+TYPED_SFIELD(sfTotalValueOutstanding,    NUMBER,     15, SField::sMD_NeedsAsset | SField::sMD_Default)
 TYPED_SFIELD(sfPeriodicPayment,          NUMBER,     16)
-TYPED_SFIELD(sfManagementFeeOutstanding, NUMBER,     17)
+TYPED_SFIELD(sfManagementFeeOutstanding, NUMBER,     17, SField::sMD_NeedsAsset | SField::sMD_Default)
 
 // int32
 TYPED_SFIELD(sfLoanScale,                INT32,      1)

include/xrpl/protocol/detail/transactions.macro

@@ -3,7 +3,7 @@
 #endif
 
 /**
- * TRANSACTION(tag, value, name, delegatable, amendments, privileges, fields)
+ * TRANSACTION(tag, value, name, delegable, amendments, privileges, fields)
  *
  * To ease maintenance, you may replace any unneeded values with "..."
  * e.g. #define TRANSACTION(tag, value, name, ...)
@@ -25,7 +25,7 @@
 #   include <xrpld/app/tx/detail/Payment.h>
 #endif
 TRANSACTION(ttPAYMENT, 0, Payment,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     createAcct,
     ({
@@ -45,7 +45,7 @@ TRANSACTION(ttPAYMENT, 0, Payment,
 #   include <xrpld/app/tx/detail/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -59,7 +59,7 @@ TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
 
 /** This transaction type completes an existing escrow. */
 TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -76,7 +76,7 @@ TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
 #   include <xrpld/app/tx/detail/SetAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -97,7 +97,7 @@ TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
 #   include <xrpld/app/tx/detail/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -110,7 +110,7 @@ TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
 #   include <xrpld/app/tx/detail/SetRegularKey.h>
 #endif
 TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -124,7 +124,7 @@ TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
 #   include <xrpld/app/tx/detail/CreateOffer.h>
 #endif
 TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -140,7 +140,7 @@ TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
 #   include <xrpld/app/tx/detail/CancelOffer.h>
 #endif
 TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -154,7 +154,7 @@ TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
 #   include <xrpld/app/tx/detail/CreateTicket.h>
 #endif
 TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -170,7 +170,7 @@ TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
 #   include <xrpld/app/tx/detail/SetSignerList.h>
 #endif
 TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -183,7 +183,7 @@ TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
 #   include <xrpld/app/tx/detail/PayChan.h>
 #endif
 TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -197,7 +197,7 @@ TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
 
 /** This transaction type funds an existing unidirectional XRP payment channel. */
 TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -208,7 +208,7 @@ TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
 
 /** This transaction type submits a claim against an existing unidirectional payment channel. */
 TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -225,7 +225,7 @@ TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
 #   include <xrpld/app/tx/detail/CreateCheck.h>
 #endif
 TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -241,7 +241,7 @@ TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
 #   include <xrpld/app/tx/detail/CashCheck.h>
 #endif
 TRANSACTION(ttCHECK_CASH, 17, CheckCash,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -255,7 +255,7 @@ TRANSACTION(ttCHECK_CASH, 17, CheckCash,
 #   include <xrpld/app/tx/detail/CancelCheck.h>
 #endif
 TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -267,7 +267,7 @@ TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
 #   include <xrpld/app/tx/detail/DepositPreauth.h>
 #endif
 TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -282,7 +282,7 @@ TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
 #   include <xrpld/app/tx/detail/SetTrust.h>
 #endif
 TRANSACTION(ttTRUST_SET, 20, TrustSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -296,7 +296,7 @@ TRANSACTION(ttTRUST_SET, 20, TrustSet,
 #   include <xrpld/app/tx/detail/DeleteAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     mustDeleteAcct,
     ({
@@ -312,7 +312,7 @@ TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
 #   include <xrpld/app/tx/detail/NFTokenMint.h>
 #endif
 TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     changeNFTCounts,
     ({
@@ -330,7 +330,7 @@ TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
 #   include <xrpld/app/tx/detail/NFTokenBurn.h>
 #endif
 TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     changeNFTCounts,
     ({
@@ -343,7 +343,7 @@ TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
 #   include <xrpld/app/tx/detail/NFTokenCreateOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -359,7 +359,7 @@ TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
 #   include <xrpld/app/tx/detail/NFTokenCancelOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -371,7 +371,7 @@ TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
 #   include <xrpld/app/tx/detail/NFTokenAcceptOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -385,7 +385,7 @@ TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
 #   include <xrpld/app/tx/detail/Clawback.h>
 #endif
 TRANSACTION(ttCLAWBACK, 30, Clawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureClawback,
     noPriv,
     ({
@@ -398,7 +398,7 @@ TRANSACTION(ttCLAWBACK, 30, Clawback,
 #   include <xrpld/app/tx/detail/AMMClawback.h>
 #endif
 TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMMClawback,
     mayDeleteAcct | overrideFreeze,
     ({
@@ -413,7 +413,7 @@ TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback,
 #   include <xrpld/app/tx/detail/AMMCreate.h>
 #endif
 TRANSACTION(ttAMM_CREATE, 35, AMMCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     createPseudoAcct,
     ({
@@ -427,7 +427,7 @@ TRANSACTION(ttAMM_CREATE, 35, AMMCreate,
 #   include <xrpld/app/tx/detail/AMMDeposit.h>
 #endif
 TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     noPriv,
     ({
@@ -445,7 +445,7 @@ TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit,
 #   include <xrpld/app/tx/detail/AMMWithdraw.h>
 #endif
 TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     mayDeleteAcct,
     ({
@@ -462,7 +462,7 @@ TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw,
 #   include <xrpld/app/tx/detail/AMMVote.h>
 #endif
 TRANSACTION(ttAMM_VOTE, 38, AMMVote,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     noPriv,
     ({
@@ -476,7 +476,7 @@ TRANSACTION(ttAMM_VOTE, 38, AMMVote,
 #   include <xrpld/app/tx/detail/AMMBid.h>
 #endif
 TRANSACTION(ttAMM_BID, 39, AMMBid,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     noPriv,
     ({
@@ -492,7 +492,7 @@ TRANSACTION(ttAMM_BID, 39, AMMBid,
 #   include <xrpld/app/tx/detail/AMMDelete.h>
 #endif
 TRANSACTION(ttAMM_DELETE, 40, AMMDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     mustDeleteAcct,
     ({
@@ -505,7 +505,7 @@ TRANSACTION(ttAMM_DELETE, 40, AMMDelete,
 #   include <xrpld/app/tx/detail/XChainBridge.h>
 #endif
 TRANSACTION(ttXCHAIN_CREATE_CLAIM_ID, 41, XChainCreateClaimID,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -516,7 +516,7 @@ TRANSACTION(ttXCHAIN_CREATE_CLAIM_ID, 41, XChainCreateClaimID,
 
 /** This transactions initiates a crosschain transaction */
 TRANSACTION(ttXCHAIN_COMMIT, 42, XChainCommit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -528,7 +528,7 @@ TRANSACTION(ttXCHAIN_COMMIT, 42, XChainCommit,
 
 /** This transaction completes a crosschain transaction */
 TRANSACTION(ttXCHAIN_CLAIM, 43, XChainClaim,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -541,7 +541,7 @@ TRANSACTION(ttXCHAIN_CLAIM, 43, XChainClaim,
 
 /** This transaction initiates a crosschain account create transaction */
 TRANSACTION(ttXCHAIN_ACCOUNT_CREATE_COMMIT, 44, XChainAccountCreateCommit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -553,7 +553,7 @@ TRANSACTION(ttXCHAIN_ACCOUNT_CREATE_COMMIT, 44, XChainAccountCreateCommit,
 
 /** This transaction adds an attestation to a claim */
 TRANSACTION(ttXCHAIN_ADD_CLAIM_ATTESTATION, 45, XChainAddClaimAttestation,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     createAcct,
     ({
@@ -574,7 +574,7 @@ TRANSACTION(ttXCHAIN_ADD_CLAIM_ATTESTATION, 45, XChainAddClaimAttestation,
 /** This transaction adds an attestation to an account */
 TRANSACTION(ttXCHAIN_ADD_ACCOUNT_CREATE_ATTESTATION, 46,
     XChainAddAccountCreateAttestation,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     createAcct,
     ({
@@ -595,7 +595,7 @@ TRANSACTION(ttXCHAIN_ADD_ACCOUNT_CREATE_ATTESTATION, 46,
 
 /** This transaction modifies a sidechain */
 TRANSACTION(ttXCHAIN_MODIFY_BRIDGE, 47, XChainModifyBridge,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -606,7 +606,7 @@ TRANSACTION(ttXCHAIN_MODIFY_BRIDGE, 47, XChainModifyBridge,
 
 /** This transactions creates a sidechain */
 TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -620,7 +620,7 @@ TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
 #   include <xrpld/app/tx/detail/DID.h>
 #endif
 TRANSACTION(ttDID_SET, 49, DIDSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureDID,
     noPriv,
     ({
@@ -631,7 +631,7 @@ TRANSACTION(ttDID_SET, 49, DIDSet,
 
 /** This transaction type deletes a DID */
 TRANSACTION(ttDID_DELETE, 50, DIDDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureDID,
     noPriv,
     ({}))
@@ -641,7 +641,7 @@ TRANSACTION(ttDID_DELETE, 50, DIDDelete,
 #   include <xrpld/app/tx/detail/SetOracle.h>
 #endif
 TRANSACTION(ttORACLE_SET, 51, OracleSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePriceOracle,
     noPriv,
     ({
@@ -658,7 +658,7 @@ TRANSACTION(ttORACLE_SET, 51, OracleSet,
 #   include <xrpld/app/tx/detail/DeleteOracle.h>
 #endif
 TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePriceOracle,
     noPriv,
     ({
@@ -670,7 +670,7 @@ TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
 #   include <xrpld/app/tx/detail/LedgerStateFix.h>
 #endif
 TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix,
-    Delegation::delegatable,
+    Delegation::delegable,
     fixNFTokenPageLinks,
     noPriv,
     ({
@@ -683,7 +683,7 @@ TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix,
 #   include <xrpld/app/tx/detail/MPTokenIssuanceCreate.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     createMPTIssuance,
     ({
@@ -700,7 +700,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate,
 #   include <xrpld/app/tx/detail/MPTokenIssuanceDestroy.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     destroyMPTIssuance,
     ({
@@ -712,7 +712,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy,
 #   include <xrpld/app/tx/detail/MPTokenIssuanceSet.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     noPriv,
     ({
@@ -729,7 +729,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
 #   include <xrpld/app/tx/detail/MPTokenAuthorize.h>
 #endif
 TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     mustAuthorizeMPT,
     ({
@@ -742,7 +742,7 @@ TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
 #   include <xrpld/app/tx/detail/Credentials.h>
 #endif
 TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureCredentials,
     noPriv,
     ({
@@ -754,7 +754,7 @@ TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
 
 /** This transaction type accept an Credential object */
 TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureCredentials,
     noPriv,
     ({
@@ -764,7 +764,7 @@ TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
 
 /** This transaction type delete an Credential object */
 TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureCredentials,
     noPriv,
     ({
@@ -778,7 +778,7 @@ TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
 #   include <xrpld/app/tx/detail/NFTokenModify.h>
 #endif
 TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureDynamicNFT,
     noPriv,
     ({
@@ -792,7 +792,7 @@ TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify,
 #   include <xrpld/app/tx/detail/PermissionedDomainSet.h>
 #endif
 TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePermissionedDomains,
     noPriv,
     ({
@@ -805,7 +805,7 @@ TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet,
 #   include <xrpld/app/tx/detail/PermissionedDomainDelete.h>
 #endif
 TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePermissionedDomains,
     noPriv,
     ({
@@ -817,7 +817,7 @@ TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
 #   include <xrpld/app/tx/detail/DelegateSet.h>
 #endif
 TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     featurePermissionDelegationV1_1,
     noPriv,
     ({
@@ -830,7 +830,7 @@ TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
 #   include <xrpld/app/tx/detail/VaultCreate.h>
 #endif
 TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     createPseudoAcct | createMPTIssuance | mustModifyVault,
     ({
@@ -848,7 +848,7 @@ TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
 #   include <xrpld/app/tx/detail/VaultSet.h>
 #endif
 TRANSACTION(ttVAULT_SET, 66, VaultSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mustModifyVault,
     ({
@@ -863,7 +863,7 @@ TRANSACTION(ttVAULT_SET, 66, VaultSet,
 #   include <xrpld/app/tx/detail/VaultDelete.h>
 #endif
 TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mustDeleteAcct | destroyMPTIssuance | mustModifyVault,
     ({
@@ -875,7 +875,7 @@ TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
 #   include <xrpld/app/tx/detail/VaultDeposit.h>
 #endif
 TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayAuthorizeMPT | mustModifyVault,
     ({
@@ -888,7 +888,7 @@ TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
 #   include <xrpld/app/tx/detail/VaultWithdraw.h>
 #endif
 TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayDeleteMPT | mayAuthorizeMPT | mustModifyVault,
     ({
@@ -903,7 +903,7 @@ TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
 #   include <xrpld/app/tx/detail/VaultClawback.h>
 #endif
 TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayDeleteMPT | mustModifyVault,
     ({
@@ -917,7 +917,7 @@ TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
 #   include <xrpld/app/tx/detail/Batch.h>
 #endif
 TRANSACTION(ttBATCH, 71, Batch,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     featureBatch,
     noPriv,
     ({
@@ -932,7 +932,7 @@ TRANSACTION(ttBATCH, 71, Batch,
 #   include <xrpld/app/tx/detail/LoanBrokerSet.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     createPseudoAcct | mayAuthorizeMPT, ({
     {sfVaultID, soeREQUIRED},
@@ -949,7 +949,7 @@ TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
 #   include <xrpld/app/tx/detail/LoanBrokerDelete.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mustDeleteAcct | mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -960,7 +960,7 @@ TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
 #   include <xrpld/app/tx/detail/LoanBrokerCoverDeposit.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -972,7 +972,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
 #   include <xrpld/app/tx/detail/LoanBrokerCoverWithdraw.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -987,7 +987,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
 #   include <xrpld/app/tx/detail/LoanBrokerCoverClawback.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeOPTIONAL},
@@ -999,7 +999,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
 #   include <xrpld/app/tx/detail/LoanSet.h>
 #endif
 TRANSACTION(ttLOAN_SET, 80, LoanSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -1026,7 +1026,7 @@ TRANSACTION(ttLOAN_SET, 80, LoanSet,
 #   include <xrpld/app/tx/detail/LoanDelete.h>
 #endif
 TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanID, soeREQUIRED},
@@ -1037,7 +1037,7 @@ TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
 #   include <xrpld/app/tx/detail/LoanManage.h>
 #endif
 TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     // All of the LoanManage options will modify the vault, but the
     // transaction can succeed without options, essentially making it
@@ -1051,7 +1051,7 @@ TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
 #   include <xrpld/app/tx/detail/LoanPay.h>
 #endif
 TRANSACTION(ttLOAN_PAY, 84, LoanPay,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanID, soeREQUIRED},
@@ -1066,7 +1066,7 @@ TRANSACTION(ttLOAN_PAY, 84, LoanPay,
 #   include <xrpld/app/tx/detail/Change.h>
 #endif
 TRANSACTION(ttAMENDMENT, 100, EnableAmendment,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -1078,7 +1078,7 @@ TRANSACTION(ttAMENDMENT, 100, EnableAmendment,
     For details, see: https://xrpl.org/fee-voting.html
  */
 TRANSACTION(ttFEE, 101, SetFee,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -1099,7 +1099,7 @@ TRANSACTION(ttFEE, 101, SetFee,
     For details, see: https://xrpl.org/negative-unl.html
  */
 TRANSACTION(ttUNL_MODIFY, 102, UNLModify,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({

include/xrpl/resource/README.md

@@ -66,7 +66,7 @@ values over time: this is implemented by the DecayingSample class.
 Each server in a cluster creates a list of IP addresses of end points
 that are imposing a significant load. This list is called Gossip, which
 is passed to other nodes in that cluster. Gossip helps individual
-servers in the cluster identify IP addreses that might be unduly loading
+servers in the cluster identify IP addresses that might be unduly loading
 the entire cluster. Again the recourse of the individual servers is to
 drop connections to those IP addresses that occur commonly in the gossip.
 

include/xrpl/resource/detail/Logic.h

@@ -61,7 +61,7 @@ private:
     // List of all active admin entries
     EntryIntrusiveList admin_;
 
-    // List of all inactve entries
+    // List of all inactive entries
     EntryIntrusiveList inactive_;
 
     // All imported gossip data

include/xrpl/server/detail/LowestLayer.h

@@ -9,7 +9,7 @@
 
 namespace xrpl {
 
-// Before boost 1.70, get_lowest_layer required an explicit templat parameter
+// Before boost 1.70, get_lowest_layer required an explicit template parameter
 template <class T>
 decltype(auto)
 get_lowest_layer(T& t) noexcept

include/xrpl/shamap/README.md

@@ -226,7 +226,7 @@ The `fetchNodeNT()` method goes through three phases:
 
     Any SHAMapLeafNode that is immutable has a sequence number of zero
     (sharable). When a mutable `SHAMap` is created then its SHAMapTreeNodes are
-    given non-zero sequence numbers (unsharable). But all nodes in the
+    given non-zero sequence numbers (unshareable). But all nodes in the
     TreeNodeCache are immutable, so if one is found here, its sequence number
     will be 0.
 

include/xrpl/shamap/SHAMapItem.h

@@ -125,13 +125,13 @@ intrusive_ptr_release(SHAMapItem const* x)
     {
         auto p = reinterpret_cast<std::uint8_t const*>(x);
 
-        // The SHAMapItem constuctor isn't trivial (because the destructor
+        // The SHAMapItem constructor isn't trivial (because the destructor
         // for CountedObject isn't) so we can't avoid calling it here, but
         // plan for a future where we might not need to.
         if constexpr (!std::is_trivially_destructible_v<SHAMapItem>)
             std::destroy_at(x);
 
-        // If the slabber doens't claim this pointer, it was allocated
+        // If the slabber doesn't claim this pointer, it was allocated
         // manually, so we free it manually.
         if (!detail::slabber.deallocate(const_cast<std::uint8_t*>(p)))
             delete[] p;

sanitizers/suppressions/asan.supp

@@ -0,0 +1,29 @@
+# The idea is to empty this file gradually by fixing the underlying issues and removing suppressions.
+#
+# ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=sanitizers/suppressions/asan.supp:halt_on_error=0"
+#
+# The detect_container_overflow=0 option disables false positives from:
+# - Boost intrusive containers (slist_iterator.hpp, hashtable.hpp, aged_unordered_container.h)
+# - Boost context/coroutine stack switching (Workers.cpp, thread.h)
+#
+# See: https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow
+
+# Boost
+interceptor_name:boost/asio
+
+# Leaks in Doctest tests: xrpl.test.*
+interceptor_name:src/libxrpl/net/HTTPClient.cpp
+interceptor_name:src/libxrpl/net/RegisterSSLCerts.cpp
+interceptor_name:src/tests/libxrpl/net/HTTPClient.cpp
+interceptor_name:xrpl/net/AutoSocket.h
+interceptor_name:xrpl/net/HTTPClient.h
+interceptor_name:xrpl/net/HTTPClientSSLContext.h
+interceptor_name:xrpl/net/RegisterSSLCerts.h
+
+# Suppress false positive stack-buffer errors in thread stack allocation
+# Related to ASan's __asan_handle_no_return warnings (github.com/google/sanitizers/issues/189)
+# These occur during multi-threaded test initialization on macOS
+interceptor_name:memcpy
+interceptor_name:__bzero
+interceptor_name:__asan_memset
+interceptor_name:__asan_memcpy

sanitizers/suppressions/lsan.supp

@@ -0,0 +1,16 @@
+# The idea is to empty this file gradually by fixing the underlying issues and removing suppresions.
+
+# Suppress leaks detected by asan in rippled code.
+leak:src/libxrpl/net/HTTPClient.cpp
+leak:src/libxrpl/net/RegisterSSLCerts.cpp
+leak:src/tests/libxrpl/net/HTTPClient.cpp
+leak:xrpl/net/AutoSocket.h
+leak:xrpl/net/HTTPClient.h
+leak:xrpl/net/HTTPClientSSLContext.h
+leak:xrpl/net/RegisterSSLCerts.h
+leak:ripple::HTTPClient
+leak:ripple::HTTPClientImp
+
+# Suppress leaks detected by asan in boost code.
+leak:boost::asio
+leak:boost/asio

sanitizers/suppressions/sanitizer-ignorelist.txt

@@ -0,0 +1,29 @@
+# We were seeing some false positives and some repeated errors(since these are library files) in following files.
+# Clang will skip instrumenting the files added here.
+# We should fix the underlying issues(if any) and remove these entries.
+
+deadlock:libxrpl/beast/utility/beast_Journal.cpp
+deadlock:libxrpl/beast/utility/beast_PropertyStream.cpp
+deadlock:test/beast/beast_PropertyStream_test.cpp
+deadlock:xrpld/core/detail/Workers.cpp
+deadlock:xrpld/core/JobQueue.cpp
+
+race:libxrpl/beast/utility/beast_Journal.cpp
+race:libxrpl/beast/utility/beast_PropertyStream.cpp
+race:test/beast/beast_PropertyStream_test.cpp
+race:xrpld/core/detail/Workers.cpp
+race:xrpld/core/JobQueue.cpp
+
+signal:libxrpl/beast/utility/beast_Journal.cpp
+signal:libxrpl/beast/utility/beast_PropertyStream.cpp
+signal:test/beast/beast_PropertyStream_test.cpp
+signal:xrpld/core/detail/Workers.cpp
+signal:xrpld/core/JobQueue.cpp
+
+src:beast/utility/beast_Journal.cpp
+src:beast/utility/beast_PropertyStream.cpp
+src:core/detail/Workers.cpp
+src:core/JobQueue.cpp
+src:libxrpl/beast/utility/beast_Journal.cpp
+src:test/beast/beast_PropertyStream_test.cpp
+src:src/test/app/Invariants_test.cpp

sanitizers/suppressions/tsan.supp

@@ -0,0 +1,102 @@
+# The idea is to empty this file gradually by fixing the underlying issues and removing suppresions.
+
+# Suppress race in Boost ASIO scheduler detected by GCC-15
+# This is a false positive in Boost's internal pipe() synchronization
+race:boost/asio/
+race:boost/context/
+race:boost/asio/executor.hpp
+race:boost::asio
+
+# Suppress tsan related issues in rippled code.
+race:src/libxrpl/basics/make_SSLContext.cpp
+race:src/libxrpl/basics/Number.cpp
+race:src/libxrpl/json/json_value.cpp
+race:src/libxrpl/json/to_string.cpp
+race:src/libxrpl/ledger/OpenView.cpp
+race:src/libxrpl/net/HTTPClient.cpp
+race:src/libxrpl/nodestore/backend/NuDBFactory.cpp
+race:src/libxrpl/protocol/InnerObjectFormats.cpp
+race:src/libxrpl/protocol/STParsedJSON.cpp
+race:src/libxrpl/resource/ResourceManager.cpp
+race:src/test/app/Flow_test.cpp
+race:src/test/app/LedgerReplay_test.cpp
+race:src/test/app/NFToken_test.cpp
+race:src/test/app/Offer_test.cpp
+race:src/test/app/ValidatorSite_test.cpp
+race:src/test/consensus/NegativeUNL_test.cpp
+race:src/test/jtx/impl/Env.cpp
+race:src/test/jtx/impl/JSONRPCClient.cpp
+race:src/test/jtx/impl/pay.cpp
+race:src/test/jtx/impl/token.cpp
+race:src/test/rpc/Book_test.cpp
+race:src/xrpld/app/ledger/detail/InboundTransactions.cpp
+race:src/xrpld/app/main/Application.cpp
+race:src/xrpld/app/main/BasicApp.cpp
+race:src/xrpld/app/main/GRPCServer.cpp
+race:src/xrpld/app/misc/detail/AmendmentTable.cpp
+race:src/xrpld/app/misc/FeeVoteImpl.cpp
+race:src/xrpld/app/rdb/detail/Wallet.cpp
+race:src/xrpld/overlay/detail/OverlayImpl.cpp
+race:src/xrpld/peerfinder/detail/PeerfinderManager.cpp
+race:src/xrpld/peerfinder/detail/SourceStrings.cpp
+race:src/xrpld/rpc/detail/ServerHandler.cpp
+race:xrpl/server/detail/Door.h
+race:xrpl/server/detail/Spawn.h
+race:xrpl/server/detail/ServerImpl.h
+race:xrpl/nodestore/detail/DatabaseNodeImp.h
+race:src/libxrpl/beast/utility/beast_Journal.cpp
+race:src/test/beast/LexicalCast_test.cpp
+race:ripple::ServerHandler
+
+# More suppressions in external library code.
+race:crtstuff.c
+race:pipe
+
+# Deadlock / lock-order-inversion suppressions
+# Note: GCC's TSAN may not fully support all deadlock suppression patterns
+deadlock:src/libxrpl/beast/utility/beast_Journal.cpp
+deadlock:src/libxrpl/beast/utility/beast_PropertyStream.cpp
+deadlock:src/test/beast/beast_PropertyStream_test.cpp
+deadlock:src/xrpld/core/detail/Workers.cpp
+deadlock:src/xrpld/app/misc/detail/Manifest.cpp
+deadlock:src/xrpld/app/misc/detail/ValidatorList.cpp
+deadlock:src/xrpld/app/misc/detail/ValidatorSite.cpp
+
+signal:src/libxrpl/beast/utility/beast_Journal.cpp
+signal:src/xrpld/core/detail/Workers.cpp
+signal:src/xrpld/core/JobQueue.cpp
+signal:ripple::Workers::Worker
+
+# Aggressive suppressing of deadlock tsan errors
+deadlock:pthread_create
+deadlock:pthread_rwlock_rdlock
+deadlock:boost::asio
+
+# Suppress SEGV crashes in TSAN itself during stringbuf operations
+# This appears to be a GCC-15 TSAN instrumentation issue with basic_stringbuf::str()
+# Commonly triggered in beast::Journal::ScopedStream destructor
+signal:std::__cxx11::basic_stringbuf
+signal:basic_stringbuf
+signal:basic_ostringstream
+
+called_from_lib:libclang_rt
+race:ostreambuf_iterator
+race:basic_ostream
+
+# Suppress SEGV in Boost ASIO memory allocation with GCC-15 TSAN
+signal:boost::asio::aligned_new
+signal:boost::asio::detail::memory
+
+# Suppress SEGV in execute_native_thread_routine
+signal:execute_native_thread_routine
+
+# Suppress data race in Boost Context fiber management
+# This is a false positive in Boost's exception state management during fiber context switching
+race:__cxxabiv1::manage_exception_state
+race:boost::context::fiber::resume
+race:boost::asio::detail::spawned_fiber_thread
+race:boost::asio::detail::spawned_fiber_thread::suspend_with
+race:boost::asio::detail::spawned_fiber_thread::destroy
+
+# Suppress data race in __tsan_memcpy called from Boost fiber operations
+race:__tsan_memcpy

sanitizers/suppressions/ubsan.supp

@@ -0,0 +1,237 @@
+# The idea is to empty this file gradually by fixing the underlying issues and removing suppresions.
+
+# Suppress UBSan errors in external code by source file path
+# This matches any source file under the external/ directory
+alignment:external
+bool:external
+bounds:external
+cfi:external
+enum:external
+float-cast-overflow:external
+float-divide-by-zero:external
+function:external
+implicit-integer-sign-change:external
+implicit-signed-integer-truncation::external
+implicit-signed-integer-truncation:external
+implicit-unsigned-integer-truncation:external
+integer-divide-by-zero:external
+invalid-builtin-use:external
+invalid-objc-cast:external
+nonnull-attribute:external
+null:external
+nullability-arg:external
+nullability-assign:external
+nullability-return:external
+object-size:external
+pointer-overflow:external
+return:external
+returns-nonnull-attribute:external
+shift-base:external
+shift-exponent:external
+signed-integer-overflow:external
+undefined:external
+unreachable:external
+unsigned-integer-overflow:external
+vla-bound:external
+vptr_check:external
+vptr:external
+
+# Suppress all UBSan errors in Boost libraries
+# This matches any files containing "boost" in its path or name
+alignment:boost
+bool:boost
+bounds:boost
+cfi:boost
+enum:boost
+float-cast-overflow:boost
+float-divide-by-zero:boost
+function:boost
+implicit-integer-sign-change:boost
+implicit-signed-integer-truncation:boost
+implicit-unsigned-integer-truncation:boost
+integer-divide-by-zero:boost
+invalid-builtin-use:boost
+invalid-objc-cast:boost
+nonnull-attribute:boost
+null:boost
+nullability-arg:boost
+nullability-assign:boost
+nullability-return:boost
+object-size:boost
+pointer-overflow:boost
+return:boost
+returns-nonnull-attribute:boost
+shift-base:boost
+shift-exponent:boost
+signed-integer-overflow:boost
+undefined:boost
+unreachable:boost
+unsigned-integer-overflow:boost
+vla-bound:boost
+vptr_check:boost
+vptr:boost
+
+# Google protobuf
+undefined:protobuf
+
+# Suppress UBSan errors in rippled code by source file path
+undefined:src/libxrpl/basics/base64.cpp
+undefined:src/libxrpl/basics/Number.cpp
+undefined:src/libxrpl/beast/utility/beast_Journal.cpp
+undefined:src/libxrpl/crypto/RFC1751.cpp
+undefined:src/libxrpl/ledger/ApplyView.cpp
+undefined:src/libxrpl/ledger/View.cpp
+undefined:src/libxrpl/protocol/Permissions.cpp
+undefined:src/libxrpl/protocol/STAmount.cpp
+undefined:src/libxrpl/protocol/STPathSet.cpp
+undefined:src/libxrpl/protocol/tokens.cpp
+undefined:src/libxrpl/shamap/SHAMap.cpp
+undefined:src/test/app/Batch_test.cpp
+undefined:src/test/app/Invariants_test.cpp
+undefined:src/test/app/NFToken_test.cpp
+undefined:src/test/app/Offer_test.cpp
+undefined:src/test/app/Path_test.cpp
+undefined:src/test/basics/XRPAmount_test.cpp
+undefined:src/test/beast/LexicalCast_test.cpp
+undefined:src/test/jtx/impl/acctdelete.cpp
+undefined:src/test/ledger/SkipList_test.cpp
+undefined:src/test/rpc/Subscribe_test.cpp
+undefined:src/tests/libxrpl/basics/RangeSet.cpp
+undefined:src/xrpld/app/main/BasicApp.cpp
+undefined:src/xrpld/app/main/BasicApp.cpp
+undefined:src/xrpld/app/misc/detail/AmendmentTable.cpp
+undefined:src/xrpld/app/misc/NetworkOPs.cpp
+undefined:src/libxrpl/json/json_value.cpp
+undefined:src/xrpld/app/paths/detail/StrandFlow.h
+undefined:src/xrpld/app/tx/detail/NFTokenMint.cpp
+undefined:src/xrpld/app/tx/detail/SetOracle.cpp
+undefined:src/xrpld/core/detail/JobQueue.cpp
+undefined:src/xrpld/core/detail/Workers.cpp
+undefined:src/xrpld/rpc/detail/Role.cpp
+undefined:src/xrpld/rpc/handlers/GetAggregatePrice.cpp
+undefined:xrpl/basics/base_uint.h
+undefined:xrpl/basics/DecayingSample.h
+undefined:xrpl/beast/test/yield_to.h
+undefined:xrpl/beast/xor_shift_engine.h
+undefined:xrpl/nodestore/detail/varint.h
+undefined:xrpl/peerfinder/detail/Counts.h
+undefined:xrpl/protocol/nft.h
+
+# basic_string.h:483:51: runtime error: unsigned integer overflow
+unsigned-integer-overflow:basic_string.h
+unsigned-integer-overflow:bits/chrono.h
+unsigned-integer-overflow:bits/random.h
+unsigned-integer-overflow:bits/random.tcc
+unsigned-integer-overflow:bits/stl_algobase.h
+unsigned-integer-overflow:bits/uniform_int_dist.h
+unsigned-integer-overflow:string_view
+
+# runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'std::size_t' (aka 'unsigned long')
+unsigned-integer-overflow:src/libxrpl/basics/base64.cpp
+unsigned-integer-overflow:src/libxrpl/basics/Number.cpp
+unsigned-integer-overflow:src/libxrpl/crypto/RFC1751.cpp
+unsigned-integer-overflow:rc/libxrpl/json/json_value.cpp
+unsigned-integer-overflow:src/libxrpl/ledger/ApplyView.cpp
+unsigned-integer-overflow:src/libxrpl/ledger/View.cpp
+unsigned-integer-overflow:src/libxrpl/protocol/Permissions.cpp
+unsigned-integer-overflow:src/libxrpl/protocol/STAmount.cpp
+unsigned-integer-overflow:src/libxrpl/protocol/STPathSet.cpp
+unsigned-integer-overflow:src/libxrpl/protocol/tokens.cpp
+unsigned-integer-overflow:src/libxrpl/shamap/SHAMap.cpp
+unsigned-integer-overflow:src/test/app/Batch_test.cpp
+unsigned-integer-overflow:src/test/app/Invariants_test.cpp
+unsigned-integer-overflow:src/test/app/NFToken_test.cpp
+unsigned-integer-overflow:src/test/app/Offer_test.cpp
+unsigned-integer-overflow:src/test/app/Path_test.cpp
+unsigned-integer-overflow:src/test/basics/XRPAmount_test.cpp
+unsigned-integer-overflow:src/test/beast/LexicalCast_test.cpp
+unsigned-integer-overflow:src/test/jtx/impl/acctdelete.cpp
+unsigned-integer-overflow:src/test/ledger/SkipList_test.cpp
+unsigned-integer-overflow:src/test/rpc/Subscribe_test.cpp
+unsigned-integer-overflow:src/tests/libxrpl/basics/RangeSet.cpp
+unsigned-integer-overflow:src/xrpld/app/main/BasicApp.cpp
+unsigned-integer-overflow:src/xrpld/app/misc/detail/AmendmentTable.cpp
+unsigned-integer-overflow:src/xrpld/app/misc/NetworkOPs.cpp
+unsigned-integer-overflow:src/xrpld/app/paths/detail/StrandFlow.h
+unsigned-integer-overflow:src/xrpld/app/tx/detail/NFTokenMint.cpp
+unsigned-integer-overflow:src/xrpld/app/tx/detail/SetOracle.cpp
+unsigned-integer-overflow:src/xrpld/rpc/detail/Role.cpp
+unsigned-integer-overflow:src/xrpld/rpc/handlers/GetAggregatePrice.cpp
+unsigned-integer-overflow:xrpl/basics/base_uint.h
+unsigned-integer-overflow:xrpl/basics/DecayingSample.h
+unsigned-integer-overflow:xrpl/beast/test/yield_to.h
+unsigned-integer-overflow:xrpl/beast/xor_shift_engine.h
+unsigned-integer-overflow:xrpl/nodestore/detail/varint.h
+unsigned-integer-overflow:xrpl/peerfinder/detail/Counts.h
+unsigned-integer-overflow:xrpl/protocol/nft.h
+
+# Rippled intentional overflows and operations
+# STAmount uses intentional negation of INT64_MIN and overflow in arithmetic
+signed-integer-overflow:src/libxrpl/protocol/STAmount.cpp
+unsigned-integer-overflow:src/libxrpl/protocol/STAmount.cpp
+
+# XRPAmount test intentional overflows
+signed-integer-overflow:src/test/basics/XRPAmount_test.cpp
+
+# Peerfinder intentional overflow in counter arithmetic
+unsigned-integer-overflow:src/xrpld/peerfinder/detail/Counts.h
+
+# Signed integer overflow suppressions
+signed-integer-overflow:src/test/beast/LexicalCast_test.cpp
+
+# External library suppressions
+unsigned-integer-overflow:nudb/detail/xxhash.hpp
+
+# Protobuf intentional overflows in hash functions
+# Protobuf uses intentional unsigned overflow for hash computation (stringpiece.h:393)
+unsigned-integer-overflow:google/protobuf/stubs/stringpiece.h
+
+# gRPC intentional overflows
+# gRPC uses intentional overflow in timer calculations
+unsigned-integer-overflow:grpc
+unsigned-integer-overflow:timer_manager.cc
+
+# Standard library intentional overflows
+# These are intentional overflows in random number generation and character conversion
+unsigned-integer-overflow:__random/seed_seq.h
+unsigned-integer-overflow:__charconv/traits.h
+
+
+# Suppress errors in RocksDB
+# RocksDB uses intentional unsigned integer overflows in hash functions and CRC calculations
+unsigned-integer-overflow:rocks*/*/util/xxhash.h
+unsigned-integer-overflow:rocks*/*/util/xxph3.h
+unsigned-integer-overflow:rocks*/*/util/hash.cc
+unsigned-integer-overflow:rocks*/*/util/crc32c.cc
+unsigned-integer-overflow:rocks*/*/util/crc32c.h
+unsigned-integer-overflow:rocks*/*/include/rocksdb/utilities/options_type.h
+unsigned-integer-overflow:rocks*/*/table/format.h
+unsigned-integer-overflow:rocks*/*/table/format.cc
+unsigned-integer-overflow:rocks*/*/table/block_based/block_based_table_builder.cc
+unsigned-integer-overflow:rocks*/*/table/block_based/reader_common.cc
+unsigned-integer-overflow:rocks*/*/db/version_set.cc
+
+# RocksDB misaligned loads (intentional for performance on ARM64)
+alignment:rocks*/*/util/crc32c_arm64.cc
+
+# nudb intentional overflows in hash functions
+unsigned-integer-overflow:nudb/detail/xxhash.hpp
+alignment:nudb/detail/xxhash.hpp
+
+# Snappy compression library intentional overflows
+unsigned-integer-overflow:snappy.cc
+
+# Abseil intentional overflows
+unsigned-integer-overflow:absl/strings/numbers.cc
+unsigned-integer-overflow:absl/strings/internal/cord_rep_flat.h
+unsigned-integer-overflow:absl/base/internal/low_level_alloc.cc
+unsigned-integer-overflow:absl/hash/internal/hash.h
+unsigned-integer-overflow:absl/container/internal/raw_hash_set.h
+
+# Standard library intentional overflows in chrono duration arithmetic
+unsigned-integer-overflow:__chrono/duration.h
+
+# Suppress undefined errors in RocksDB and nudb
+undefined:rocks.*/*/util/crc32c_arm64.cc
+undefined:rocks.*/*/util/xxhash.h
+undefined:nudb

src/libxrpl/basics/make_SSLContext.cpp

@@ -28,7 +28,7 @@ namespace xrpl {
 namespace openssl {
 namespace detail {
 
-/** The default strength of self-signed RSA certifices.
+/** The default strength of self-signed RSA certificates.
 
     Per NIST Special Publication 800-57 Part 3, 2048-bit RSA is still
     considered acceptably secure. Generally, we would want to go above
@@ -131,7 +131,7 @@ initAnonymous(boost::asio::ssl::context& context)
             LogicError("X509_new failed");
 
         // According to the standards (X.509 et al), the value should be one
-        // less than the actualy certificate version we want. Since we want
+        // less than the actually certificate version we want. Since we want
         // version 3, we must use a 2.
         X509_set_version(x509, 2);
 

src/libxrpl/beast/core/CurrentThreadName.cpp

@@ -1,7 +1,5 @@
 #include <xrpl/beast/core/CurrentThreadName.h>
 
-#include <boost/predef.h>
-
 #include <string>
 #include <string_view>
 
@@ -73,12 +71,32 @@ setCurrentThreadNameImpl(std::string_view name)
 #if BOOST_OS_LINUX
 #include <pthread.h>
 
+#include <iostream>
+
 namespace beast::detail {
 
 inline void
 setCurrentThreadNameImpl(std::string_view name)
 {
-    pthread_setname_np(pthread_self(), name.data());
+    // truncate and set the thread name.
+    char boundedName[maxThreadNameLength + 1];
+    std::snprintf(
+        boundedName,
+        sizeof(boundedName),
+        "%.*s",
+        static_cast<int>(maxThreadNameLength),
+        name.data());
+
+    pthread_setname_np(pthread_self(), boundedName);
+
+#ifdef TRUNCATED_THREAD_NAME_LOGS
+    if (name.size() > maxThreadNameLength)
+    {
+        std::cerr << "WARNING: Thread name \"" << name << "\" (length "
+                  << name.size() << ") exceeds maximum of "
+                  << maxThreadNameLength << " characters on Linux.\n";
+    }
+#endif
 }
 
 }  // namespace beast::detail

src/libxrpl/beast/net/IPAddressV4.cpp

@@ -24,7 +24,7 @@ is_public(AddressV4 const& addr)
 char
 get_class(AddressV4 const& addr)
 {
-    static char const* table = "AAAABBCD";
+    static char const* table = "AAAABBCD";  // cspell:disable-line
     return table[(addr.to_uint() & 0xE0000000) >> 29];
 }
 

src/libxrpl/core/detail/LoadMonitor.cpp

@@ -66,7 +66,7 @@ LoadMonitor::update()
 
         "Imagine if you add 10 to something every second. And you
          also reduce it by 1/4 every second. It will "idle" at 40,
-         correponding to 10 counts per second."
+         corresponding to 10 counts per second."
     */
     do
     {

src/libxrpl/json/Writer.cpp

@@ -193,7 +193,7 @@ public:
     }
 
 private:
-    // JSON collections are either arrrays, or objects.
+    // JSON collections are either arrays, or objects.
     struct Collection
     {
         explicit Collection() = default;

src/libxrpl/json/json_reader.cpp

@@ -241,7 +241,7 @@ Reader::readToken(Token& token)
 
         case 'f':
             token.type_ = tokenFalse;
-            ok = match("alse", 4);
+            ok = match("alse", 4);  // cspell:disable-line
             break;
 
         case 'n':
@@ -912,7 +912,7 @@ Reader::getLocationLineAndColumn(Location location) const
 }
 
 std::string
-Reader::getFormatedErrorMessages() const
+Reader::getFormattedErrorMessages() const
 {
     std::string formattedMessage;
 
@@ -941,7 +941,7 @@ operator>>(std::istream& sin, Value& root)
 
     // XRPL_ASSERT(ok, "Json::operator>>() : parse succeeded");
     if (!ok)
-        xrpl::Throw<std::runtime_error>(reader.getFormatedErrorMessages());
+        xrpl::Throw<std::runtime_error>(reader.getFormattedErrorMessages());
 
     return sin;
 }

src/libxrpl/json/json_valueiterator.cpp

@@ -89,26 +89,26 @@ ValueIteratorBase::copy(SelfType const& other)
 Value
 ValueIteratorBase::key() const
 {
-    Value::CZString const czstring = (*current_).first;
+    Value::CZString const czString = (*current_).first;
 
-    if (czstring.c_str())
+    if (czString.c_str())
     {
-        if (czstring.isStaticString())
-            return Value(StaticString(czstring.c_str()));
+        if (czString.isStaticString())
+            return Value(StaticString(czString.c_str()));
 
-        return Value(czstring.c_str());
+        return Value(czString.c_str());
     }
 
-    return Value(czstring.index());
+    return Value(czString.index());
 }
 
 UInt
 ValueIteratorBase::index() const
 {
-    Value::CZString const czstring = (*current_).first;
+    Value::CZString const czString = (*current_).first;
 
-    if (!czstring.c_str())
-        return czstring.index();
+    if (!czString.c_str())
+        return czString.index();
 
     return Value::UInt(-1);
 }