ci: Add sanitizers to CI builds (#5996)

This change adds support for sanitizer build options in CI builds workflow. Currently `asan+ubsan` is enabled, while `tsan+ubsan` is left disabled as more changes are required.

.config/cspell.config.yaml

@@ -0,0 +1,286 @@
+ignorePaths:
+  - build/**
+  - src/libxrpl/crypto
+  - src/test/** # Will be removed in the future
+  - CMakeUserPresets.json
+  - Doxyfile
+  - docs/**/*.puml
+  - cmake/**
+  - LICENSE.md
+language: en
+allowCompoundWords: true
+ignoreRandomStrings: true
+minWordLength: 5
+dictionaries:
+  - cpp
+  - en_US
+  - en_GB
+ignoreRegExpList:
+  - /[rs][1-9A-HJ-NP-Za-km-z]{25,34}/g # addresses and seeds
+  - /(XRPL|BEAST)_[A-Z_0-9]+_H_INCLUDED+/g # include guards
+  - /(XRPL|BEAST)_[A-Z_0-9]+_H+/g # include guards
+  - /::[a-z:_]+/g # things from other namespaces
+  - /lib[a-z]+/g # libraries
+  - /[0-9]{4}-[0-9]{2}-[0-9]{2}[,:][A-Za-zÀ-ÖØ-öø-ÿ.\s]+/g # copyright dates
+  - /[0-9]{4}[,:]?\s*[A-Za-zÀ-ÖØ-öø-ÿ.\s]+/g # copyright years
+  - /\[[A-Za-z0-9-]+\]\(https:\/\/github.com\/[A-Za-z0-9-]+\)/g # Github usernames
+  - /-[DWw][a-zA-Z0-9_-]+=/g # compile flags
+  - /[\['"`]-[DWw][a-zA-Z0-9_-]+['"`\]]/g # compile flags
+suggestWords:
+  - xprl->xrpl
+  - xprld->xrpld
+  - unsynched->unsynced
+  - synched->synced
+  - synch->sync
+words:
+  - abempty
+  - AMMID
+  - amt
+  - amts
+  - asnode
+  - asynchrony
+  - attestation
+  - authorises
+  - autobridge
+  - autobridged
+  - autobridging
+  - bimap
+  - bindir
+  - bookdir
+  - Bougalis
+  - Britto
+  - Btrfs
+  - canonicality
+  - checkme
+  - choco
+  - chrono
+  - citardauq
+  - clawback
+  - clawbacks
+  - coeffs
+  - coldwallet
+  - compr
+  - conanfile
+  - conanrun
+  - confs
+  - connectability
+  - coro
+  - coros
+  - cowid
+  - cryptocondition
+  - cryptoconditional
+  - cryptoconditions
+  - csprng
+  - ctest
+  - ctid
+  - currenttxhash
+  - daria
+  - dcmake
+  - dearmor
+  - deleteme
+  - demultiplexer
+  - deserializaton
+  - desync
+  - desynced
+  - determ
+  - distro
+  - doxyfile
+  - dxrpl
+  - endmacro
+  - exceptioned
+  - Falco
+  - finalizers
+  - firewalled
+  - fmtdur
+  - fsanitize
+  - funclets
+  - gcov
+  - gcovr
+  - ghead
+  - Gnutella
+  - gpgcheck
+  - gpgkey
+  - hotwallet
+  - ifndef
+  - inequation
+  - insuf
+  - insuff
+  - iou
+  - ious
+  - isrdc
+  - itype
+  - jemalloc
+  - jlog
+  - keylet
+  - keylets
+  - keyvadb
+  - ledgerentry
+  - ledgerhash
+  - ledgerindex
+  - leftw
+  - legleux
+  - levelization
+  - levelized
+  - libpb
+  - libxrpl
+  - llection
+  - LOCALGOOD
+  - logwstream
+  - lseq
+  - lsmf
+  - ltype
+  - mcmodel
+  - MEMORYSTATUSEX
+  - Merkle
+  - Metafuncton
+  - misprediction
+  - mptbalance
+  - mptflags
+  - mptid
+  - mptissuance
+  - mptissuanceid
+  - mptoken
+  - mptokenid
+  - mptokenissuance
+  - mptokens
+  - mpts
+  - multisig
+  - multisign
+  - multisigned
+  - Nakamoto
+  - nftid
+  - nftoffer
+  - nftoken
+  - nftokenid
+  - nftokenpages
+  - nftokens
+  - nftpage
+  - nikb
+  - nonxrp
+  - noripple
+  - nudb
+  - nullptr
+  - nunl
+  - Nyffenegger
+  - ostr
+  - partitioner
+  - paychan
+  - paychans
+  - permdex
+  - perminute
+  - permissioned
+  - pointee
+  - preauth
+  - preauthorization
+  - preauthorize
+  - preauthorizes
+  - preclaim
+  - protobuf
+  - protos
+  - ptrs
+  - pyenv
+  - qalloc
+  - queuable
+  - Raphson
+  - replayer
+  - rerere
+  - retriable
+  - RIPD
+  - ripdtop
+  - rippleci
+  - rippled
+  - ripplerpc
+  - rippletest
+  - RLUSD
+  - rngfill
+  - rocksdb
+  - Rohrs
+  - roundings
+  - sahyadri
+  - Satoshi
+  - scons
+  - secp
+  - sendq
+  - seqit
+  - sf
+  - SFIELD
+  - shamap
+  - shamapitem
+  - sidechain
+  - SIGGOOD
+  - sle
+  - sles
+  - soci
+  - socidb
+  - sslws
+  - statsd
+  - STATSDCOLLECTOR
+  - stissue
+  - stnum
+  - stobj
+  - stobject
+  - stpath
+  - stpathset
+  - sttx
+  - stvar
+  - stvector
+  - stxchainattestations
+  - superpeer
+  - superpeers
+  - takergets
+  - takerpays
+  - ters
+  - TMEndpointv2
+  - trixie
+  - tx
+  - txid
+  - txids
+  - txjson
+  - txn
+  - txns
+  - txs
+  - UBSAN
+  - ubsan
+  - umant
+  - unacquired
+  - unambiguity
+  - unauthorizes
+  - unauthorizing
+  - unergonomic
+  - unfetched
+  - unflatten
+  - unfund
+  - unimpair
+  - unroutable
+  - unscalable
+  - unserviced
+  - unshareable
+  - unshares
+  - unsquelch
+  - unsquelched
+  - unsquelching
+  - unvalidated
+  - unveto
+  - unvetoed
+  - upvotes
+  - USDB
+  - variadics
+  - venv
+  - vfalco
+  - vinnie
+  - wextra
+  - wptr
+  - writeme
+  - wsrch
+  - wthread
+  - xbridge
+  - xchain
+  - ximinez
+  - EXPECT_STREQ
+  - XMACRO
+  - xrpkuwait
+  - xrpl
+  - xrpld
+  - xrplf
+  - xxhash
+  - xxhasher

.gitattributes

@@ -1,5 +1,6 @@
 # Set default behaviour, in case users don't have core.autocrlf set.
 #* text=auto
+# cspell: disable
 
 # Visual Studio
 *.sln       text eol=crlf

.github/actions/build-deps/action.yml

@@ -4,9 +4,6 @@ description: "Install Conan dependencies, optionally forcing a rebuild of all de
 # Note that actions do not support 'type' and all inputs are strings, see
 # https://docs.github.com/en/actions/reference/workflows-and-actions/metadata-syntax#inputs.
 inputs:
-  build_dir:
-    description: "The directory where to build."
-    required: true
   build_type:
     description: 'The build type to use ("Debug", "Release").'
     required: true
@@ -32,7 +29,6 @@ runs:
     - name: Install Conan dependencies
       shell: bash
       env:
-        BUILD_DIR: ${{ inputs.build_dir }}
         BUILD_NPROC: ${{ inputs.build_nproc }}
         BUILD_OPTION: ${{ inputs.force_build == 'true' && '*' || 'missing' }}
         BUILD_TYPE: ${{ inputs.build_type }}
@@ -40,11 +36,8 @@ runs:
         SANITIZERS: ${{ inputs.sanitizers }}
       run: |
         echo 'Installing dependencies.'
-        mkdir -p "${BUILD_DIR}"
-        cd "${BUILD_DIR}"
         conan install \
           --profile ci \
-          --output-folder . \
           --build="${BUILD_OPTION}" \
           --options:host='&:tests=True' \
           --options:host='&:xrpld=True' \
@@ -52,4 +45,4 @@ runs:
           --conf:all tools.build:jobs=${BUILD_NPROC} \
           --conf:all tools.build:verbosity="${LOG_VERBOSITY}" \
           --conf:all tools.compilation:verbosity="${LOG_VERBOSITY}" \
-          ..
+          .

.github/actions/print-env/action.yml

@@ -11,12 +11,6 @@ runs:
         echo 'Checking environment variables.'
         set
 
-        echo 'Checking CMake version.'
-        cmake --version
-
-        echo 'Checking Conan version.'
-        conan --version
-
     - name: Check configuration (Linux and macOS)
       if: ${{ runner.os == 'Linux' || runner.os == 'macOS' }}
       shell: bash
@@ -27,17 +21,23 @@ runs:
         echo 'Checking environment variables.'
         env | sort
 
-        echo 'Checking CMake version.'
-        cmake --version
-
         echo 'Checking compiler version.'
         ${{ runner.os == 'Linux' && '${CC}' || 'clang' }} --version
 
-        echo 'Checking Conan version.'
-        conan --version
-
         echo 'Checking Ninja version.'
         ninja --version
 
         echo 'Checking nproc version.'
         nproc --version
+
+    - name: Check configuration (all)
+      shell: bash
+      run: |
+        echo 'Checking Ccache version.'
+        ccache --version
+
+        echo 'Checking CMake version.'
+        cmake --version
+
+        echo 'Checking Conan version.'
+        conan --version

.github/scripts/levelization/README.md

@@ -81,10 +81,10 @@ It generates many files of [results](results):
 
 - `rawincludes.txt`: The raw dump of the `#includes`
 - `paths.txt`: A second dump grouping the source module
-  to the destination module, deduped, and with frequency counts.
+  to the destination module, de-duped, and with frequency counts.
 - `includes/`: A directory where each file represents a module and
   contains a list of modules and counts that the module _includes_.
-- `includedby/`: Similar to `includes/`, but the other way around. Each
+- `included_by/`: Similar to `includes/`, but the other way around. Each
   file represents a module and contains a list of modules and counts
   that _include_ the module.
 - [`loops.txt`](results/loops.txt): A list of direct loops detected

.github/scripts/levelization/generate.sh

@@ -29,7 +29,7 @@ pushd results
 oldifs=${IFS}
 IFS=:
 mkdir includes
-mkdir includedby
+mkdir included_by
 echo Build levelization paths
 exec 3< ${includes} # open rawincludes.txt for input
 while read -r -u 3 file include
@@ -59,7 +59,7 @@ do
         echo $level $includelevel | tee -a paths.txt
     fi
 done
-echo Sort and dedup paths
+echo Sort and deduplicate paths
 sort -ds paths.txt | uniq -c | tee sortedpaths.txt
 mv sortedpaths.txt paths.txt
 exec 3>&- #close fd 3
@@ -71,7 +71,7 @@ exec 4<paths.txt # open paths.txt for input
 while read -r -u 4 count level include
 do
     echo ${include} ${count} | tee -a includes/${level}
-    echo ${level} ${count} | tee -a includedby/${include}
+    echo ${level} ${count} | tee -a included_by/${include}
 done
 exec 4>&- #close fd 4
 

.github/scripts/rename/README.md

@@ -19,7 +19,7 @@ run from the repository root.
 1. `.github/scripts/rename/definitions.sh`: This script will rename all
    definitions, such as include guards, from `RIPPLE_XXX` and `RIPPLED_XXX` to
    `XRPL_XXX`.
-2. `.github/scripts/rename/copyright.sh`: This script will remove superflous
+2. `.github/scripts/rename/copyright.sh`: This script will remove superfluous
    copyright notices.
 3. `.github/scripts/rename/cmake.sh`: This script will rename all CMake files
    from `RippleXXX.cmake` or `RippledXXX.cmake` to `XrplXXX.cmake`, and any
@@ -31,6 +31,9 @@ run from the repository root.
    the `xrpld` binary.
 5. `.github/scripts/rename/namespace.sh`: This script will rename the C++
    namespaces from `ripple` to `xrpl`.
+6. `.github/scripts/rename/config.sh`: This script will rename the config from
+   `rippled.cfg` to `xrpld.cfg`, and updating the code accordingly. The old
+   filename will still be accepted.
 
 You can run all these scripts from the repository root as follows:
 
@@ -40,4 +43,5 @@ You can run all these scripts from the repository root as follows:
 ./.github/scripts/rename/cmake.sh .
 ./.github/scripts/rename/binary.sh .
 ./.github/scripts/rename/namespace.sh .
+./.github/scripts/rename/config.sh .
 ```

.github/scripts/rename/config.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+
+# Exit the script as soon as an error occurs.
+set -e
+
+# On MacOS, ensure that GNU sed is installed and available as `gsed`.
+SED_COMMAND=sed
+if [[ "${OSTYPE}" == 'darwin'* ]]; then
+  if ! command -v gsed &> /dev/null; then
+      echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+      exit 1
+  fi
+  SED_COMMAND=gsed
+fi
+
+# This script renames the config from `rippled.cfg` to `xrpld.cfg`, and updates
+# the code accordingly. The old filename will still be accepted.
+# Usage: .github/scripts/rename/config.sh <repository directory>
+
+if [ "$#" -ne 1 ]; then
+    echo "Usage: $0 <repository directory>"
+    exit 1
+fi
+
+DIRECTORY=$1
+echo "Processing directory: ${DIRECTORY}"
+if [ ! -d "${DIRECTORY}" ]; then
+    echo "Error: Directory '${DIRECTORY}' does not exist."
+    exit 1
+fi
+pushd ${DIRECTORY}
+
+# Add the xrpld.cfg to the .gitignore.
+if ! grep -q 'xrpld.cfg' .gitignore; then
+  ${SED_COMMAND} -i '/rippled.cfg/a\
+/xrpld.cfg' .gitignore
+fi
+
+# Rename the files.
+if [ -e rippled.cfg ]; then
+  mv rippled.cfg xrpld.cfg
+fi
+if [ -e cfg/rippled-example.cfg ]; then
+  mv cfg/rippled-example.cfg cfg/xrpld-example.cfg
+fi
+
+# Rename inside the files.
+DIRECTORIES=("cfg" "cmake" "include" "src")
+for DIRECTORY in "${DIRECTORIES[@]}"; do
+  echo "Processing directory: ${DIRECTORY}"
+
+  find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" -o -name "*.cmake" -o -name "*.txt" -o -name "*.cfg" -o -name "*.md" \) | while read -r FILE; do
+      echo "Processing file: ${FILE}"
+      ${SED_COMMAND} -i -E 's/rippled(-example)?[ .]cfg/xrpld\1.cfg/g' "${FILE}"
+  done
+done
+${SED_COMMAND} -i 's/rippled/xrpld/g' cfg/xrpld-example.cfg
+${SED_COMMAND} -i 's/rippled/xrpld/g' src/test/core/Config_test.cpp
+${SED_COMMAND} -i 's/ripplevalidators/xrplvalidators/g' src/test/core/Config_test.cpp # cspell: disable-line
+${SED_COMMAND} -i 's/rippleConfig/xrpldConfig/g' src/test/core/Config_test.cpp
+${SED_COMMAND} -i 's@ripple/@xrpld/@g' src/test/core/Config_test.cpp
+${SED_COMMAND} -i 's/Rippled/File/g' src/test/core/Config_test.cpp
+
+
+# Restore the old config file name in the code that maintains support for now.
+${SED_COMMAND} -i 's/configLegacyName = "xrpld.cfg"/configLegacyName = "rippled.cfg"/g' src/xrpld/core/detail/Config.cpp
+
+# Restore an URL.
+${SED_COMMAND} -i 's/connect-your-xrpld-to-the-xrp-test-net.html/connect-your-rippled-to-the-xrp-test-net.html/g' cfg/xrpld-example.cfg
+
+popd
+echo "Renaming complete."

.github/scripts/rename/copyright.sh

@@ -50,11 +50,11 @@ for DIRECTORY in "${DIRECTORIES[@]}"; do
       # Handle the cases where the copyright notice is enclosed in /* ... */
       # and usually surrounded by //---- and //======.
       ${SED_COMMAND} -z -i -E 's@^//-------+\n+@@' "${FILE}"
-      ${SED_COMMAND} -z -i -E 's@^.*Copyright.+(Ripple|Bougalis|Falco|Hinnant|Null|Ritchford|XRPLF).+PERFORMANCE OF THIS SOFTWARE\.\n\*/\n+@@' "${FILE}"
+      ${SED_COMMAND} -z -i -E 's@^.*Copyright.+(Ripple|Bougalis|Falco|Hinnant|Null|Ritchford|XRPLF).+PERFORMANCE OF THIS SOFTWARE\.\n\*/\n+@@' "${FILE}" # cspell: ignore Bougalis Falco Hinnant Ritchford
       ${SED_COMMAND} -z -i -E 's@^//=======+\n+@@' "${FILE}"
 
       # Handle the cases where the copyright notice is commented out with //.
-      ${SED_COMMAND} -z -i -E 's@^//\n// Copyright.+Falco \(vinnie dot falco at gmail dot com\)\n//\n+@@' "${FILE}"
+      ${SED_COMMAND} -z -i -E 's@^//\n// Copyright.+Falco \(vinnie dot falco at gmail dot com\)\n//\n+@@' "${FILE}" # cspell: ignore Vinnie Falco
   done
 done
 
@@ -83,16 +83,16 @@ if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/ValidatorInfo.cpp; then
   echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/ValidatorInfo.cpp)" > src/xrpld/rpc/handlers/ValidatorInfo.cpp
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/SlabAllocator.h; then
-  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" > include/xrpl/basics/SlabAllocator.h
+  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" > include/xrpl/basics/SlabAllocator.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/spinlock.h; then
-  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" > include/xrpl/basics/spinlock.h
+  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" > include/xrpl/basics/spinlock.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/tagged_integer.h; then
-  echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" > include/xrpl/basics/tagged_integer.h
+  echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" > include/xrpl/basics/tagged_integer.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Ritchford' include/xrpl/beast/utility/Zero.h; then
-  echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" > include/xrpl/beast/utility/Zero.h
+  echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" > include/xrpl/beast/utility/Zero.h # cspell: ignore Ritchford
 fi
 
 # Restore newlines and tabs in string literals in the affected file.

.github/scripts/strategy-matrix/generate.py

@@ -209,10 +209,10 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         ):
             continue
 
-        # Enable code coverage for Debian Bookworm using GCC 14 in Debug and no
+        # Enable code coverage for Debian Bookworm using GCC 15 in Debug and no
         # Unity on linux/amd64
         if (
-            f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-14"
+            f"{os['compiler_name']}-{os['compiler_version']}" == "gcc-15"
             and build_type == "Debug"
             and "-Dunity=OFF" in cmake_args
             and architecture["platform"] == "linux/amd64"
@@ -232,6 +232,8 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
             f"-{architecture['platform'][architecture['platform'].find('/')+1:]}"
         )
         config_name += f"-{build_type.lower()}"
+        if "-Dcoverage=ON" in cmake_args:
+            config_name += "-coverage"
         if "-Dunity=ON" in cmake_args:
             config_name += "-unity"
 
@@ -239,12 +241,11 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         # so that they are easier to identify in the GitHub Actions UI, as long
         # names get truncated.
         # Add Address and Thread (both coupled with UB) sanitizers for specific bookworm distros.
-        if os[
-            "distro_version"
-        ] == "bookworm" and f"{os['compiler_name']}-{os['compiler_version']}" in {
-            "gcc-15",
-            "clang-20",
-        }:
+        # GCC-Asan rippled-embedded tests are failing because of https://github.com/google/sanitizers/issues/856
+        if (
+            os["distro_version"] == "bookworm"
+            and f"{os['compiler_name']}-{os['compiler_version']}" == "clang-20"
+        ):
             # Add ASAN + UBSAN configuration.
             configurations.append(
                 {
@@ -255,12 +256,12 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                     "build_type": build_type,
                     "os": os,
                     "architecture": architecture,
-                    "sanitizers": "Address,UndefinedBehavior",
+                    "sanitizers": "address,undefinedbehavior",
                 }
             )
             # TSAN is deactivated due to seg faults with latest compilers.
-            activateTSAN = False
-            if activateTSAN:
+            activate_tsan = False
+            if activate_tsan:
                 configurations.append(
                     {
                         "config_name": config_name + "-tsan-ubsan",
@@ -270,7 +271,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                         "build_type": build_type,
                         "os": os,
                         "architecture": architecture,
-                        "sanitizers": "Thread,UndefinedBehavior",
+                        "sanitizers": "thread,undefinedbehavior",
                     }
                 )
         else:
@@ -283,6 +284,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                     "build_type": build_type,
                     "os": os,
                     "architecture": architecture,
+                    "sanitizers": "",
                 }
             )
 

.github/scripts/strategy-matrix/linux.json

@@ -15,196 +15,196 @@
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "15",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "16",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "17",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "18",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "19",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "20",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "gcc",
       "compiler_version": "15",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "clang",
       "compiler_version": "20",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "debian",
       "distro_version": "trixie",
       "compiler_name": "clang",
       "compiler_version": "21",
-      "image_sha": "0525eae"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "8",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "8",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "10",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "rhel",
       "distro_version": "10",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "jammy",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "16",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "17",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "18",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "19",
-      "image_sha": "e1782cd"
+      "image_sha": "ab4d1f0"
     }
   ],
   "build_type": ["Debug", "Release"],

.github/workflows/on-pr.yml

@@ -114,6 +114,9 @@ jobs:
       matrix:
         os: [linux, macos, windows]
     with:
+      # Enable ccache only for events targeting the XRPLF repository, since
+      # other accounts will not have access to our remote cache storage.
+      ccache_enabled: ${{ github.repository_owner == 'XRPLF' }}
       os: ${{ matrix.os }}
     secrets:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/on-trigger.yml

@@ -68,6 +68,12 @@ jobs:
       matrix:
         os: [linux, macos, windows]
     with:
+      # Enable ccache only for events targeting the XRPLF repository, since
+      # other accounts will not have access to our remote cache storage.
+      # However, we do not enable ccache for events targeting the master or a
+      # release branch, to protect against the rare case that the output
+      # produced by ccache is not identical to a regular compilation.
+      ccache_enabled: ${{ github.repository_owner == 'XRPLF' && !(github.base_ref == 'master' || startsWith(github.base_ref, 'release')) }}
       os: ${{ matrix.os }}
       strategy_matrix: ${{ github.event_name == 'schedule' && 'all' || 'minimal' }}
     secrets:

.github/workflows/pre-commit.yml

@@ -9,7 +9,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@34790936fae4c6c751f62ec8c06696f9c1a5753a
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@282890f46d6921249d5659dd38babcb0bd8aef48
     with:
       runs_on: ubuntu-latest
-      container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-a8c7be1" }'
+      container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-ab4d1f0" }'

.github/workflows/publish-docs.yml

@@ -22,7 +22,7 @@ defaults:
     shell: bash
 
 env:
-  BUILD_DIR: .build
+  BUILD_DIR: build
   NPROC_SUBTRACT: 2
 
 jobs:

.github/workflows/reusable-build-test-config.yml

@@ -3,11 +3,6 @@ name: Build and test configuration
 on:
   workflow_call:
     inputs:
-      build_dir:
-        description: "The directory where to build."
-        required: true
-        type: string
-
       build_only:
         description: 'Whether to only build or to build and test the code ("true", "false").'
         required: true
@@ -15,8 +10,14 @@ on:
 
       build_type:
         description: 'The build type to use ("Debug", "Release").'
-        type: string
         required: true
+        type: string
+
+      ccache_enabled:
+        description: "Whether to enable ccache."
+        required: false
+        type: boolean
+        default: false
 
       cmake_args:
         description: "Additional arguments to pass to CMake."
@@ -26,8 +27,8 @@ on:
 
       cmake_target:
         description: "The CMake target to build."
-        type: string
         required: true
+        type: string
 
       runs_on:
         description: Runner to run the job on as a JSON string
@@ -65,6 +66,11 @@ defaults:
   run:
     shell: bash
 
+env:
+  # Conan installs the generators in the build/generators directory, see the
+  # layout() method in conanfile.py. We then run CMake from the build directory.
+  BUILD_DIR: build
+
 jobs:
   build-and-test:
     name: ${{ inputs.config_name }}
@@ -72,9 +78,26 @@ jobs:
     container: ${{ inputs.image != '' && inputs.image || null }}
     timeout-minutes: 60
     env:
-      ENABLED_VOIDSTAR: ${{ contains(inputs.cmake_args, '-Dvoidstar=ON') }}
-      ENABLED_COVERAGE: ${{ contains(inputs.cmake_args, '-Dcoverage=ON') }}
-      ENABLED_SANITIZERS: ${{ inputs.sanitizers != '' }}
+      # Use a namespace to keep the objects separate for each configuration.
+      CCACHE_NAMESPACE: ${{ inputs.config_name }}
+      # Ccache supports both Redis and HTTP endpoints.
+      # * For Redis, use the following format: redis://ip:port, see
+      #   https://github.com/ccache/ccache/wiki/Redis-storage. Note that TLS is
+      #   not directly supported by ccache, and requires use of a proxy.
+      # * For HTTP use the following format: http://ip:port/cache when using
+      #   nginx as backend or http://ip:port|layout=bazel when using Bazel
+      #   Remote Cache, see https://github.com/ccache/ccache/wiki/HTTP-storage.
+      #   Note that HTTPS is not directly supported by ccache.
+      CCACHE_REMOTE_ONLY: true
+      CCACHE_REMOTE_STORAGE: http://cache.dev.ripplex.io:8080|layout=bazel
+      # Ignore the creation and modification timestamps on files, since the
+      # header files are copied into separate directories by CMake, which will
+      # otherwise result in cache misses.
+      CCACHE_SLOPPINESS: include_file_ctime,include_file_mtime
+      # Determine if coverage and voidstar should be enabled.
+      COVERAGE_ENABLED: ${{ contains(inputs.cmake_args, '-Dcoverage=ON') }}
+      VOIDSTAR_ENABLED: ${{ contains(inputs.cmake_args, '-Dvoidstar=ON') }}
+      SANITIZERS_ENABLED: ${{ inputs.sanitizers != '' }}
     steps:
       - name: Cleanup workspace (macOS and Windows)
         if: ${{ runner.os == 'macOS' || runner.os == 'Windows' }}
@@ -84,9 +107,13 @@ jobs:
         uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2ece4ec6ab7de266859a6f053571425b2bd684b6
+        uses: XRPLF/actions/prepare-runner@f05cab7b8541eee6473aa42beb9d2fe35608a190
         with:
-          disable_ccache: false
+          enable_ccache: ${{ inputs.ccache_enabled }}
+
+      - name: Set ccache log file
+        if: ${{ inputs.ccache_enabled && runner.debug == '1' }}
+        run: echo "CCACHE_LOGFILE=${{ runner.temp }}/ccache.log" >> "${GITHUB_ENV}"
 
       - name: Print build environment
         uses: ./.github/actions/print-env
@@ -103,7 +130,6 @@ jobs:
       - name: Build dependencies
         uses: ./.github/actions/build-deps
         with:
-          build_dir: ${{ inputs.build_dir }}
           build_nproc: ${{ steps.nproc.outputs.nproc }}
           build_type: ${{ inputs.build_type }}
           # Set the verbosity to "quiet" for Windows to avoid an excessive
@@ -112,20 +138,21 @@ jobs:
           sanitizers: ${{ inputs.sanitizers }}
 
       - name: Configure CMake
-        working-directory: ${{ inputs.build_dir }}
+        working-directory: ${{ env.BUILD_DIR }}
         env:
           BUILD_TYPE: ${{ inputs.build_type }}
-          SANITIZER: ${{ inputs.sanitizers }}
+          SANITIZERS: ${{ inputs.sanitizers }}
+          CMAKE_ARGS: ${{ inputs.cmake_args }}
         run: |
           cmake \
             -G '${{ runner.os == 'Windows' && 'Visual Studio 17 2022' || 'Ninja' }}' \
             -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
             -DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
-            ${{ inputs.cmake_args }} \
+            ${CMAKE_ARGS} \
             ..
 
       - name: Build the binary
-        working-directory: ${{ inputs.build_dir }}
+        working-directory: ${{ env.BUILD_DIR }}
         env:
           BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
           BUILD_TYPE: ${{ inputs.build_type }}
@@ -137,11 +164,18 @@ jobs:
             --parallel "${BUILD_NPROC}" \
             --target "${CMAKE_TARGET}"
 
+      - name: Show ccache statistics
+        if: ${{ inputs.ccache_enabled }}
+        run: |
+          ccache --show-stats -vv
+          if [ '${{ runner.debug }}' = '1' ]; then
+            cat "${CCACHE_LOGFILE}"
+            curl ${CCACHE_REMOTE_STORAGE%|*}/status || true
+          fi
+
       - name: Upload the binary (Linux)
         if: ${{ github.repository_owner == 'XRPLF' && runner.os == 'Linux' }}
         uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        env:
-          BUILD_DIR: ${{ inputs.build_dir }}
         with:
           name: xrpld-${{ inputs.config_name }}
           path: ${{ env.BUILD_DIR }}/xrpld
@@ -149,8 +183,8 @@ jobs:
           if-no-files-found: error
 
       - name: Check linking (Linux)
-        if: ${{ runner.os == 'Linux' && env.ENABLED_SANITIZERS == 'false' }}
-        working-directory: ${{ inputs.build_dir }}
+        if: ${{ runner.os == 'Linux' && env.SANITIZERS_ENABLED == 'false' }}
+        working-directory: ${{ env.BUILD_DIR }}
         run: |
           ldd ./xrpld
           if [ "$(ldd ./xrpld | grep -E '(libstdc\+\+|libgcc)' | wc -l)" -eq 0 ]; then
@@ -161,23 +195,27 @@ jobs:
           fi
 
       - name: Verify presence of instrumentation (Linux)
-        if: ${{ runner.os == 'Linux' && env.ENABLED_VOIDSTAR == 'true' }}
-        working-directory: ${{ inputs.build_dir }}
+        if: ${{ runner.os == 'Linux' && env.VOIDSTAR_ENABLED == 'true' }}
+        working-directory: ${{ env.BUILD_DIR }}
         run: |
           ./xrpld --version | grep libvoidstar
 
+      - name: Set sanitizer options
+        if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
+        run: |
+          echo "ASAN_OPTIONS=print_stacktrace=1:detect_container_overflow=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp" >> ${GITHUB_ENV}
+          echo "TSAN_OPTIONS=second_deadlock_stack=1:halt_on_error=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
+          echo "UBSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
+          echo "LSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
+
       - name: Run the separate tests
         if: ${{ !inputs.build_only }}
-        working-directory: ${{ inputs.build_dir }}
+        working-directory: ${{ env.BUILD_DIR }}
         # Windows locks some of the build files while running tests, and parallel jobs can collide
         env:
           BUILD_TYPE: ${{ inputs.build_type }}
           PARALLELISM: ${{ runner.os == 'Windows' && '1' || steps.nproc.outputs.nproc }}
         run: |
-          export ASAN_OPTIONS="detect_container_overflow=0 suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/asan.supp"
-          export TSAN_OPTIONS="second_deadlock_stack=1 halt_on_error=0 suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/tsan.supp"
-          export UBSAN_OPTIONS="suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/ubsan.supp"
-          export LSAN_OPTIONS="suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/lsan.supp"
           ctest \
             --output-on-failure \
             -C "${BUILD_TYPE}" \
@@ -185,16 +223,11 @@ jobs:
 
       - name: Run the embedded tests
         if: ${{ !inputs.build_only }}
-        working-directory: ${{ runner.os == 'Windows' && format('{0}/{1}', inputs.build_dir, inputs.build_type) || inputs.build_dir }}
+        working-directory: ${{ runner.os == 'Windows' && format('{0}/{1}', env.BUILD_DIR, inputs.build_type) || env.BUILD_DIR }}
         env:
           BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
-          PREFIX: ${{ runner.arch == 'X64'  && 'setarch x86_64 -R' || '' }}
         run: |
-          export ASAN_OPTIONS="detect_container_overflow=0 suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/asan.supp"
-          export TSAN_OPTIONS="second_deadlock_stack=1 halt_on_error=0 suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/tsan.supp"
-          export UBSAN_OPTIONS="suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/ubsan.supp"
-          export LSAN_OPTIONS="suppressions=$GITHUB_WORKSPACE/sanitizers/suppressions/lsan.supp"
-          "${PREFIX}" ./xrpld --unittest --unittest-jobs "${BUILD_NPROC}"
+          ./xrpld --unittest --unittest-jobs "${BUILD_NPROC}"
 
       - name: Debug failure (Linux)
         if: ${{ failure() && runner.os == 'Linux' && !inputs.build_only }}
@@ -205,8 +238,8 @@ jobs:
           netstat -an
 
       - name: Prepare coverage report
-        if: ${{ !inputs.build_only && env.ENABLED_COVERAGE == 'true' }}
-        working-directory: ${{ inputs.build_dir }}
+        if: ${{ !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
+        working-directory: ${{ env.BUILD_DIR }}
         env:
           BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
           BUILD_TYPE: ${{ inputs.build_type }}
@@ -218,13 +251,13 @@ jobs:
             --target coverage
 
       - name: Upload coverage report
-        if: ${{ github.repository_owner == 'XRPLF' && !inputs.build_only && env.ENABLED_COVERAGE == 'true' }}
+        if: ${{ github.repository_owner == 'XRPLF' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
         uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
         with:
           disable_search: true
           disable_telem: true
           fail_ci_if_error: true
-          files: ${{ inputs.build_dir }}/coverage.xml
+          files: ${{ env.BUILD_DIR }}/coverage.xml
           plugins: noop
           token: ${{ secrets.CODECOV_TOKEN }}
           verbose: true

.github/workflows/reusable-build-test.yml

@@ -8,21 +8,24 @@ name: Build and test
 on:
   workflow_call:
     inputs:
-      build_dir:
-        description: "The directory where to build."
+      ccache_enabled:
+        description: "Whether to enable ccache."
         required: false
-        type: string
-        default: ".build"
+        type: boolean
+        default: false
+
       os:
         description: 'The operating system to use for the build ("linux", "macos", "windows").'
         required: true
         type: string
+
       strategy_matrix:
         # TODO: Support additional strategies, e.g. "ubuntu" for generating all Ubuntu configurations.
         description: 'The strategy matrix to use for generating the configurations ("minimal", "all").'
         required: false
         type: string
         default: "minimal"
+
     secrets:
       CODECOV_TOKEN:
         description: "The Codecov token to use for uploading coverage reports."
@@ -46,9 +49,9 @@ jobs:
       matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
       max-parallel: 10
     with:
-      build_dir: ${{ inputs.build_dir }}
       build_only: ${{ matrix.build_only }}
       build_type: ${{ matrix.build_type }}
+      ccache_enabled: ${{ inputs.ccache_enabled }}
       cmake_args: ${{ matrix.cmake_args }}
       cmake_target: ${{ matrix.cmake_target }}
       runs_on: ${{ toJSON(matrix.architecture.runner) }}

.github/workflows/reusable-check-rename.yml

@@ -29,6 +29,8 @@ jobs:
         run: .github/scripts/rename/binary.sh .
       - name: Check namespaces
         run: .github/scripts/rename/namespace.sh .
+      - name: Check config name
+        run: .github/scripts/rename/config.sh .
       - name: Check for differences
         env:
           MESSAGE: |

.github/workflows/upload-conan-deps.yml

@@ -70,9 +70,9 @@ jobs:
         uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2ece4ec6ab7de266859a6f053571425b2bd684b6
+        uses: XRPLF/actions/prepare-runner@f05cab7b8541eee6473aa42beb9d2fe35608a190
         with:
-          disable_ccache: false
+          enable_ccache: false
 
       - name: Print build environment
         uses: ./.github/actions/print-env
@@ -92,7 +92,6 @@ jobs:
       - name: Build dependencies
         uses: ./.github/actions/build-deps
         with:
-          build_dir: .build
           build_nproc: ${{ steps.nproc.outputs.nproc }}
           build_type: ${{ matrix.build_type }}
           force_build: ${{ github.event_name == 'schedule' || github.event.inputs.force_source_build == 'true' }}

.gitignore

@@ -1,4 +1,5 @@
 # .gitignore
+# cspell: disable
 
 # Macintosh Desktop Services Store files.
 .DS_Store
@@ -35,6 +36,7 @@ gmon.out
 
 # Customized configs.
 /rippled.cfg
+/xrpld.cfg
 /validators.txt
 
 # Locally patched Conan recipes

.pre-commit-config.yaml

@@ -32,10 +32,25 @@ repos:
       - id: prettier
 
   - repo: https://github.com/psf/black-pre-commit-mirror
-    rev: 25.11.0
+    rev: 831207fd435b47aeffdf6af853097e64322b4d44 # frozen: v25.12.0
     hooks:
       - id: black
 
+  - repo: https://github.com/streetsidesoftware/cspell-cli
+    rev: 1cfa010f078c354f3ffb8413616280cc28f5ba21 # frozen: v9.4.0
+    hooks:
+      - id: cspell # Spell check changed files
+        exclude: .config/cspell.config.yaml
+      - id: cspell # Spell check the commit message
+        name: check commit message spelling
+        args:
+          - --no-must-find-files
+          - --no-progress
+          - --no-summary
+          - --files
+          - .git/COMMIT_EDITMSG
+        stages: [commit-msg]
+
 exclude: |
   (?x)^(
       external/.*|

BUILD.md

@@ -148,7 +148,8 @@ function extract_version {
 }
 
 # Define which recipes to export.
-recipes=(ed25519 grpc secp256k1 snappy soci)
+recipes=('ed25519' 'grpc' 'openssl' 'secp256k1' 'snappy' 'soci')
+folders=('all'     'all'  '3.x.x'   'all'       'all'    'all')
 
 # Selectively check out the recipes from our CCI fork.
 cd external
@@ -157,20 +158,24 @@ cd conan-center-index
 git init
 git remote add origin git@github.com:XRPLF/conan-center-index.git
 git sparse-checkout init
-for recipe in ${recipes[@]}; do
-  echo "Checking out ${recipe}..."
-  git sparse-checkout add recipes/${recipe}/all
+for ((index = 1; index <= ${#recipes[@]}; index++)); do
+  recipe=${recipes[index]}
+  folder=${folders[index]}
+  echo "Checking out recipe '${recipe}' from folder '${folder}'..."
+  git sparse-checkout add recipes/${recipe}/${folder}
 done
 git fetch origin master
 git checkout master
 cd ../..
 
 # Export the recipes into the local cache.
-for recipe in ${recipes[@]}; do
+for ((index = 1; index <= ${#recipes[@]}; index++)); do
+  recipe=${recipes[index]}
+  folder=${folders[index]}
   version=$(extract_version ${recipe})
-  echo "Exporting ${recipe}/${version}..."
+  echo "Exporting '${recipe}/${version}' from '${recipe}/${folder}'..."
   conan export --version $(extract_version ${recipe}) \
-    external/conan-center-index/recipes/${recipe}/all
+    external/conan-center-index/recipes/${recipe}/${folder}
 done
 ```
 
@@ -388,16 +393,6 @@ tools.build:cxxflags=['-DBOOST_ASIO_DISABLE_CONCEPTS']
    conan install .. --output-folder . --build missing --settings build_type=Debug
    ```
 
-   **Sanitizers:** To build dependencies with sanitizer instrumentation, set the
-   `SANITIZERS` environment variable(only once for both conan and cmake) and use the `sanitizers` profile:
-
-   ```
-   export SANITIZERS=Address,UndefinedBehavior
-   conan install .. --output-folder . --profile:all sanitizers --build missing --settings build_type=Debug
-   ```
-
-   See [sanitizers documentation](./docs/build/sanitizers.md) for more details.
-
    To build Debug, in the next step, be sure to set `-DCMAKE_BUILD_TYPE=Debug`
 
    For a single-configuration generator, e.g. `Unix Makefiles` or `Ninja`,
@@ -434,15 +429,6 @@ tools.build:cxxflags=['-DBOOST_ASIO_DISABLE_CONCEPTS']
 
    **Note:** You can pass build options for `xrpld` in this step.
 
-   **Sanitizers:** To enable sanitizers (Address, Thread, UndefinedBehavior),
-   set the `SANITIZERS` environment variable when running CMake:
-
-   ```
-   SANITIZERS=Address,UndefinedBehavior cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake -DCMAKE_BUILD_TYPE=Debug -Dxrpld=ON -Dtests=ON ..
-   ```
-
-   See [sanitizers documentation](./docs/build/sanitizers.md) for more details.
-
 4. Build `xrpld`.
 
    For a single-configuration generator, it will build whatever configuration
@@ -537,6 +523,21 @@ stored inside the build directory, as either of:
 - file named `coverage.`_extension_, with a suitable extension for the report format, or
 - directory named `coverage`, with the `index.html` and other files inside, for the `html-details` or `html-nested` report formats.
 
+## Sanitizers
+
+To build dependencies and xrpld with sanitizer instrumentation, set the
+`SANITIZERS` environment variable (only once before running conan and cmake) and use the `sanitizers` profile in conan:
+
+```bash
+export SANITIZERS=address,undefinedbehavior
+
+conan install .. --output-folder . --profile:all sanitizers --build missing --settings build_type=Debug
+
+cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake -DCMAKE_BUILD_TYPE=Debug -Dxrpld=ON -Dtests=ON ..
+```
+
+See [Sanitizers docs](./docs/build/sanitizers.md) for more details.
+
 ## Options
 
 | Option     | Default Value | Description                                                    |
@@ -549,9 +550,6 @@ stored inside the build directory, as either of:
 | `werr`     | OFF           | Treat compilation warnings as errors                           |
 | `wextra`   | OFF           | Enable additional compilation warnings                         |
 
-To enable sanitizers, set the `SANITIZERS` environment variable when running CMake.
-See [sanitizers documentation](./docs/build/sanitizers.md) for details.
-
 [Unity builds][5] may be faster for the first build
 (at the cost of much more memory) since they concatenate sources into fewer
 translation units. Non-unity builds may be faster for incremental builds,

CMakeLists.txt

@@ -16,18 +16,23 @@ set(CMAKE_CXX_EXTENSIONS OFF)
 set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
-if(CMAKE_CXX_COMPILER_ID MATCHES "GNU")
+include(CompilationEnv)
+
+if(is_gcc)
     # GCC-specific fixes
     add_compile_options(-Wno-unknown-pragmas -Wno-subobject-linkage)
     # -Wno-subobject-linkage can be removed when we upgrade GCC version to at least 13.3
-elseif(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
+elseif(is_clang)
     # Clang-specific fixes
     add_compile_options(-Wno-unknown-warning-option) # Ignore unknown warning options
-elseif(MSVC)
+elseif(is_msvc)
     # MSVC-specific fixes
     add_compile_options(/wd4068) # Ignore unknown pragmas
 endif()
 
+# Enable ccache to speed up builds.
+include(Ccache)
+
 # make GIT_COMMIT_HASH define available to all sources
 find_package(Git)
 if(Git_FOUND)
@@ -86,34 +91,18 @@ endif()
 ###
 
 include(deps/Boost)
-find_package(OpenSSL 1.1.1 REQUIRED)
-set_target_properties(OpenSSL::SSL PROPERTIES
-  INTERFACE_COMPILE_DEFINITIONS OPENSSL_NO_SSL2
-)
 
 add_subdirectory(external/antithesis-sdk)
-find_package(gRPC REQUIRED)
-find_package(lz4 REQUIRED)
-# Target names with :: are not allowed in a generator expression.
-# We need to pull the include directories and imported location properties
-# from separate targets.
-find_package(LibArchive REQUIRED)
-find_package(SOCI REQUIRED)
-find_package(SQLite3 REQUIRED)
-
-option(rocksdb "Enable RocksDB" ON)
-if(rocksdb)
-  find_package(RocksDB REQUIRED)
-  set_target_properties(RocksDB::rocksdb PROPERTIES
-    INTERFACE_COMPILE_DEFINITIONS XRPL_ROCKSDB_AVAILABLE=1
-  )
-  target_link_libraries(xrpl_libs INTERFACE RocksDB::rocksdb)
-endif()
-
 find_package(date REQUIRED)
 find_package(ed25519 REQUIRED)
+find_package(gRPC REQUIRED)
+find_package(LibArchive REQUIRED)
+find_package(lz4 REQUIRED)
 find_package(nudb REQUIRED)
+find_package(OpenSSL REQUIRED)
 find_package(secp256k1 REQUIRED)
+find_package(SOCI REQUIRED)
+find_package(SQLite3 REQUIRED)
 find_package(xxHash REQUIRED)
 
 target_link_libraries(xrpl_libs INTERFACE
@@ -126,6 +115,15 @@ target_link_libraries(xrpl_libs INTERFACE
   SQLite::SQLite3
 )
 
+option(rocksdb "Enable RocksDB" ON)
+if(rocksdb)
+    find_package(RocksDB REQUIRED)
+    set_target_properties(RocksDB::rocksdb PROPERTIES
+            INTERFACE_COMPILE_DEFINITIONS XRPL_ROCKSDB_AVAILABLE=1
+    )
+    target_link_libraries(xrpl_libs INTERFACE RocksDB::rocksdb)
+endif()
+
 # Work around changes to Conan recipe for now.
 if(TARGET nudb::core)
   set(nudb nudb::core)

CONTRIBUTING.md

@@ -555,16 +555,16 @@ Rippled uses a linear workflow model that can be summarized as:
 git fetch --multiple upstreams user1 user2 user3 [...]
 git checkout -B release-next --no-track upstream/develop
 
-# Only do an ff-only merge if prbranch1 is either already
+# Only do an ff-only merge if pr-branch1 is either already
 # squashed, or needs to be merged with separate commits,
 # and has no merge commits.
-# Use -S on the ff-only merge if prbranch1 isn't signed.
-git merge [-S] --ff-only user1/prbranch1
+# Use -S on the ff-only merge if pr-branch1 isn't signed.
+git merge [-S] --ff-only user1/pr-branch1
 
-git merge --squash user2/prbranch2
+git merge --squash user2/pr-branch2
 git commit -S # Use the commit message provided on the PR
 
-git merge --squash user3/prbranch3
+git merge --squash user3/pr-branch3
 git commit -S # Use the commit message provided on the PR
 
 [...]
@@ -876,7 +876,7 @@ git push --delete upstream-push master-next
 
 #### Special cases: point releases, hotfixes, etc.
 
-On occassion, a bug or issue is discovered in a version that already
+On occasion, a bug or issue is discovered in a version that already
 had a final release. Most of the time, development will have started
 on the next version, and will usually have changes in `develop`
 and often in `release`.

SECURITY.md

@@ -42,7 +42,7 @@ For more information on responsible disclosure, please read this [Wikipedia arti
 
 ## Report Handling Process
 
-Please report the bug directly to us and limit further disclosure. If you want to prove that you knew the bug as of a given time, consider using a cryptographic precommitment: hash the content of your report and publish the hash on a medium of your choice (e.g. on Twitter or as a memo in a transaction) as "proof" that you had written the text at a given point in time.
+Please report the bug directly to us and limit further disclosure. If you want to prove that you knew the bug as of a given time, consider using a cryptographic pre-commitment: hash the content of your report and publish the hash on a medium of your choice (e.g. on Twitter or as a memo in a transaction) as "proof" that you had written the text at a given point in time.
 
 Once we receive a report, we:
 

cfg/validators-example.txt

@@ -1,7 +1,7 @@
 #
 # Default validators.txt
 #
-# This file is located in the same folder as your rippled.cfg file
+# This file is located in the same folder as your xrpld.cfg file
 # and defines which validators your server trusts not to collude.
 #
 # This file is UTF-8 with DOS, UNIX, or Mac style line endings.

cfg/xrpld-example.cfg

@@ -29,18 +29,18 @@
 #
 # Purpose
 #
-#   This file documents and provides examples of all rippled server process
-#   configuration options. When the rippled server instance is launched, it
+#   This file documents and provides examples of all xrpld server process
+#   configuration options. When the xrpld server instance is launched, it
 #   looks for a file with the following name:
 #
-#     rippled.cfg
+#     xrpld.cfg
 #
-#   For more information on where the rippled server instance searches for the
+#   For more information on where the xrpld server instance searches for the
 #   file, visit:
 #
 #     https://xrpl.org/commandline-usage.html#generic-options
 #
-#   This file should be named rippled.cfg. This file is UTF-8 with DOS, UNIX,
+#   This file should be named xrpld.cfg. This file is UTF-8 with DOS, UNIX,
 #   or Mac style end of lines. Blank lines and lines beginning with '#' are
 #   ignored. Undefined sections are reserved. No escapes are currently defined.
 #
@@ -89,8 +89,8 @@
 #
 #
 #
-#   rippled offers various server protocols to clients making inbound
-#   connections. The listening ports rippled uses are "universal" ports
+#   xrpld offers various server protocols to clients making inbound
+#   connections. The listening ports xrpld uses are "universal" ports
 #   which may be configured to handshake in one or more of the available
 #   supported protocols. These universal ports simplify administration:
 #   A single open port can be used for multiple protocols.
@@ -103,7 +103,7 @@
 #
 #   A list of port names and key/value pairs. A port name must start with a
 #   letter and contain only letters and numbers. The name is not case-sensitive.
-#   For each name in this list, rippled will look for a configuration file
+#   For each name in this list, xrpld will look for a configuration file
 #   section with the same name and use it to create a listening port. The
 #   name is informational only; the choice of name does not affect the function
 #   of the listening port.
@@ -134,7 +134,7 @@
 #       ip = 127.0.0.1
 #       protocol = http
 #
-#   When rippled is used as a command line client (for example, issuing a
+#   When xrpld is used as a command line client (for example, issuing a
 #   server stop command), the first port advertising the http or https
 #   protocol will be used to make the connection.
 #
@@ -175,7 +175,7 @@
 #       same time. It is possible have both Websockets and Secure Websockets
 #       together in one port.
 #
-#       NOTE    If no ports support the peer protocol, rippled cannot
+#       NOTE    If no ports support the peer protocol, xrpld cannot
 #               receive incoming peer connections or become a superpeer.
 #
 #   limit = <number>
@@ -194,7 +194,7 @@
 #       required. IP address restrictions, if any, will be checked in addition
 #       to the credentials specified here.
 #
-#       When acting in the client role, rippled will supply these credentials
+#       When acting in the client role, xrpld will supply these credentials
 #       using HTTP's Basic Authentication headers when making outbound HTTP/S
 #       requests.
 #
@@ -218,7 +218,7 @@
 #       administrative commands.
 #
 #       NOTE    A common configuration value for the admin field is "localhost".
-#               If you are listening on all IPv4/IPv6 addresses by specifing
+#               If you are listening on all IPv4/IPv6 addresses by specifying
 #               ip = :: then you can use admin = ::ffff:127.0.0.1,::1 to allow
 #               administrative access from both IPv4 and IPv6 localhost
 #               connections.
@@ -237,7 +237,7 @@
 #       WS, or WSS protocol interfaces. If administrative commands are
 #       disabled for a port, these credentials have no effect.
 #
-#       When acting in the client role, rippled will supply these credentials
+#       When acting in the client role, xrpld will supply these credentials
 #       in the submitted JSON for any administrative command requests when
 #       invoking JSON-RPC commands on remote servers.
 #
@@ -258,7 +258,7 @@
 #       resource controls will default to those for non-administrative users.
 #
 #       The secure_gateway IP addresses are intended to represent
-#       proxies. Since rippled trusts these hosts, they must be
+#       proxies. Since xrpld trusts these hosts, they must be
 #       responsible for properly authenticating the remote user.
 #
 #       If some IP addresses are included for both "admin" and
@@ -272,7 +272,7 @@
 #       Use the specified files when configuring SSL on the port.
 #
 #       NOTE    If no files are specified and secure protocols are selected,
-#               rippled will generate an internal self-signed certificate.
+#               xrpld will generate an internal self-signed certificate.
 #
 #       The files have these meanings:
 #
@@ -297,12 +297,12 @@
 #       Control the ciphers which the server will support over SSL on the port,
 #       specified using the OpenSSL "cipher list format".
 #
-#       NOTE    If unspecified, rippled will automatically configure a modern
+#       NOTE    If unspecified, xrpld will automatically configure a modern
 #               cipher suite. This default suite should be widely supported.
 #
 #               You should not modify this string unless you have a specific
 #               reason and cryptographic expertise. Incorrect modification may
-#               keep rippled from connecting to other instances of rippled or
+#               keep xrpld from connecting to other instances of xrpld or
 #               prevent RPC and WebSocket clients from connecting.
 #
 #   send_queue_limit = [1..65535]
@@ -382,7 +382,7 @@
 #-----------------
 #
 #   These settings control security and access attributes of the Peer to Peer
-#   server section of the rippled process. Peer Protocol implements the
+#   server section of the xrpld process. Peer Protocol implements the
 #   Ripple Payment protocol. It is over peer connections that transactions
 #   and validations are passed from to machine to machine, to determine the
 #   contents of validated ledgers.
@@ -396,7 +396,7 @@
 #   true - enables compression
 #   false - disables compression [default].
 #
-#   The rippled server can save bandwidth by compressing its peer-to-peer communications,
+#   The xrpld server can save bandwidth by compressing its peer-to-peer communications,
 #   at a cost of greater CPU usage. If you enable link compression,
 #   the server automatically compresses communications with peer servers
 #   that also have link compression enabled.
@@ -432,7 +432,7 @@
 #
 # [ips_fixed]
 #
-#   List of IP addresses or hostnames to which rippled should always attempt to
+#   List of IP addresses or hostnames to which xrpld should always attempt to
 #   maintain peer connections with. This is useful for manually forming private
 #   networks, for example to configure a validation server that connects to the
 #   Ripple network through a public-facing server, or for building a set
@@ -573,7 +573,7 @@
 #
 #   minimum_txn_in_ledger_standalone = <number>
 #
-#       Like minimum_txn_in_ledger when rippled is running in standalone
+#       Like minimum_txn_in_ledger when xrpld is running in standalone
 #       mode. Default: 1000.
 #
 #   target_txn_in_ledger = <number>
@@ -710,7 +710,7 @@
 #
 # [validator_token]
 #
-#   This is an alternative to [validation_seed] that allows rippled to perform
+#   This is an alternative to [validation_seed] that allows xrpld to perform
 #   validation without having to store the validator keys on the network
 #   connected server. The field should contain a single token in the form of a
 #   base64-encoded blob.
@@ -745,7 +745,7 @@
 #
 #   Specify the file by its name or path.
 #   Unless an absolute path is specified, it will be considered relative to
-#   the folder in which the rippled.cfg file is located.
+#   the folder in which the xrpld.cfg file is located.
 #
 #   Examples:
 #    /home/ripple/validators.txt
@@ -840,7 +840,7 @@
 #
 #   0: Disable the ledger replay feature [default]
 #   1: Enable the ledger replay feature. With this feature enabled, when
-#      acquiring a ledger from the network, a rippled node only downloads
+#      acquiring a ledger from the network, a xrpld node only downloads
 #      the ledger header and the transactions instead of the whole ledger.
 #      And the ledger is built by applying the transactions to the parent
 #      ledger.
@@ -851,7 +851,7 @@
 #
 #----------------
 #
-#   The rippled server instance uses HTTPS GET requests in a variety of
+#   The xrpld server instance uses HTTPS GET requests in a variety of
 #   circumstances, including but not limited to contacting trusted domains to
 #   fetch information such as mapping an email address to a Ripple Payment
 #   Network address.
@@ -891,7 +891,7 @@
 #
 #------------
 #
-#   rippled creates 4 SQLite database to hold bookkeeping information
+#   xrpld creates 4 SQLite database to hold bookkeeping information
 #   about transactions, local credentials, and various other things.
 #   It also creates the NodeDB, which holds all the objects that
 #   make up the current and historical ledgers.
@@ -902,7 +902,7 @@
 #   the performance of the server.
 #
 #   Partial pathnames will be considered relative to the location of
-#   the rippled.cfg file.
+#   the xrpld.cfg file.
 #
 #   [node_db]               Settings for the Node Database (required)
 #
@@ -920,11 +920,11 @@
 #   type = NuDB
 #
 #       NuDB is a high-performance database written by Ripple Labs and optimized
-#       for rippled and solid-state drives.
+#       for xrpld and solid-state drives.
 #
 #       NuDB maintains its high speed regardless of the amount of history
 #       stored. Online delete may be selected, but is not required. NuDB is
-#       available on all platforms that rippled runs on.
+#       available on all platforms that xrpld runs on.
 #
 #   type = RocksDB
 #
@@ -1049,7 +1049,7 @@
 #
 #       recovery_wait_seconds
 #                           The online delete process checks periodically
-#                           that rippled is still in sync with the network,
+#                           that xrpld is still in sync with the network,
 #                           and that the validated ledger is less than
 #                           'age_threshold_seconds' old. If not, then continue
 #                           sleeping for this number of seconds and
@@ -1069,8 +1069,8 @@
 #   The server creates and maintains 4 to 5 bookkeeping SQLite databases in
 #   the 'database_path' location. If you omit this configuration setting,
 #   the server creates a directory called "db" located in the same place as
-#   your rippled.cfg file.
-#   Partial pathnames are relative to the location of the rippled executable.
+#   your xrpld.cfg file.
+#   Partial pathnames are relative to the location of the xrpld executable.
 #
 #   [sqlite]       Tuning settings for the SQLite databases (optional)
 #
@@ -1120,7 +1120,7 @@
 #                           The default is "wal", which uses a write-ahead
 #                           log to implement database transactions.
 #                           Alternately, "memory" saves disk I/O, but if
-#                           rippled crashes during a transaction, the
+#                           xrpld crashes during a transaction, the
 #                           database is likely to be corrupted.
 #                           See https://www.sqlite.org/pragma.html#pragma_journal_mode
 #                           for more details about the available options.
@@ -1130,7 +1130,7 @@
 #       synchronous         Valid values: off, normal, full, extra
 #                           The default is "normal", which works well with
 #                           the "wal" journal mode. Alternatively, "off"
-#                           allows rippled to continue as soon as data is
+#                           allows xrpld to continue as soon as data is
 #                           passed to the OS, which can significantly
 #                           increase speed, but risks data corruption if
 #                           the host computer crashes before writing that
@@ -1144,7 +1144,7 @@
 #                           The default is "file", which will use files
 #                           for temporary database tables and indices.
 #                           Alternatively, "memory" may save I/O, but
-#                           rippled does not currently use many, if any,
+#                           xrpld does not currently use many, if any,
 #                           of these temporary objects.
 #                           See https://www.sqlite.org/pragma.html#pragma_temp_store
 #                           for more details about the available options.
@@ -1173,7 +1173,7 @@
 #
 #   These settings are designed to help server administrators diagnose
 #   problems, and obtain detailed information about the activities being
-#   performed by the rippled process.
+#   performed by the xrpld process.
 #
 #
 #
@@ -1190,7 +1190,7 @@
 #
 #   Configuration parameters for the Beast. Insight stats collection module.
 #
-#   Insight is a module that collects information from the areas of rippled
+#   Insight is a module that collects information from the areas of xrpld
 #   that have instrumentation. The configuration parameters control where the
 #   collection metrics are sent. The parameters are expressed as key = value
 #   pairs with no white space. The main parameter is the choice of server:
@@ -1199,7 +1199,7 @@
 #
 #       Choice of server to send metrics to. Currently the only choice is
 #       "statsd" which sends UDP packets to a StatsD daemon, which must be
-#       running while rippled is running. More information on StatsD is
+#       running while xrpld is running. More information on StatsD is
 #       available here:
 #           https://github.com/b/statsd_spec
 #
@@ -1209,7 +1209,7 @@
 #                 in the format, n.n.n.n:port.
 #
 #       "prefix"  A string prepended to each collected metric. This is used
-#                 to distinguish between different running instances of rippled.
+#                 to distinguish between different running instances of xrpld.
 #
 #     If this section is missing, or the server type is unspecified or unknown,
 #     statistics are not collected or reported.
@@ -1236,7 +1236,7 @@
 #
 #   Example:
 #     [perf]
-#     perf_log=/var/log/rippled/perf.log
+#     perf_log=/var/log/xrpld/perf.log
 #     log_interval=2
 #
 #-------------------------------------------------------------------------------
@@ -1246,7 +1246,7 @@
 #----------
 #
 #   The vote settings configure settings for the entire Ripple network.
-#   While a single instance of rippled cannot unilaterally enforce network-wide
+#   While a single instance of xrpld cannot unilaterally enforce network-wide
 #   settings, these choices become part of the instance's vote during the
 #   consensus process for each voting ledger.
 #
@@ -1260,7 +1260,7 @@
 #       The reference transaction is the simplest form of transaction.
 #       It represents an XRP payment between two parties.
 #
-#       If this parameter is unspecified, rippled will use an internal
+#       If this parameter is unspecified, xrpld will use an internal
 #       default. Don't change this without understanding the consequences.
 #
 #       Example:
@@ -1272,7 +1272,7 @@
 #       account's XRP balance that is at or below the reserve may only be
 #       spent on transaction fees, and not transferred out of the account.
 #
-#       If this parameter is unspecified, rippled will use an internal
+#       If this parameter is unspecified, xrpld will use an internal
 #       default. Don't change this without understanding the consequences.
 #
 #       Example:
@@ -1284,7 +1284,7 @@
 #       each ledger item owned by the account. Ledger items an account may
 #       own include trust lines, open orders, and tickets.
 #
-#       If this parameter is unspecified, rippled will use an internal
+#       If this parameter is unspecified, xrpld will use an internal
 #       default. Don't change this without understanding the consequences.
 #
 #       Example:
@@ -1326,7 +1326,7 @@
 #   tool instead.
 #
 #   This flag has no effect on the "sign" and "sign_for" command line options
-#   that rippled makes available.
+#   that xrpld makes available.
 #
 #   The default value of this field is "false"
 #
@@ -1405,7 +1405,7 @@
 #--------------------
 #
 #   Administrators can use these values as a starting point for configuring
-#   their instance of rippled, but each value should be checked to make sure
+#   their instance of xrpld, but each value should be checked to make sure
 #   it meets the business requirements for the organization.
 #
 # Server
@@ -1415,7 +1415,7 @@
 #   "peer"
 #
 #       Peer protocol open to everyone. This is required to accept
-#       incoming rippled connections. This does not affect automatic
+#       incoming xrpld connections. This does not affect automatic
 #       or manual outgoing Peer protocol connections.
 #
 #   "rpc"
@@ -1432,7 +1432,7 @@
 #
 #       ETL commands for Clio. We recommend setting secure_gateway
 #       in this section to a comma-separated list of the addresses
-#       of your Clio servers, in order to bypass rippled's rate limiting.
+#       of your Clio servers, in order to bypass xrpld's rate limiting.
 #
 #   This port is commented out but can be enabled by removing
 #   the '#' from each corresponding line including the entry under [server]
@@ -1449,8 +1449,8 @@
 #   NOTE
 #
 #       To accept connections on well known ports such as 80 (HTTP) or
-#       443 (HTTPS), most operating systems will require rippled to
-#       run with administrator privileges, or else rippled will not start.
+#       443 (HTTPS), most operating systems will require xrpld to
+#       run with administrator privileges, or else xrpld will not start.
 
 [server]
 port_rpc_admin_local
@@ -1496,7 +1496,7 @@ secure_gateway = 127.0.0.1
 
 #-------------------------------------------------------------------------------
 
-# This is primary persistent datastore for rippled.  This includes transaction
+# This is primary persistent datastore for xrpld.  This includes transaction
 # metadata, account states, and ledger headers.  Helpful information can be
 # found at https://xrpl.org/capacity-planning.html#node-db-type
 # type=NuDB is recommended for non-validators with fast SSDs. Validators or
@@ -1511,19 +1511,19 @@ secure_gateway = 127.0.0.1
 #    deletion.
 [node_db]
 type=NuDB
-path=/var/lib/rippled/db/nudb
+path=/var/lib/xrpld/db/nudb
 nudb_block_size=4096
 online_delete=512
 advisory_delete=0
 
 [database_path]
-/var/lib/rippled/db
+/var/lib/xrpld/db
 
 
 # This needs to be an absolute directory reference, not a relative one.
 # Modify this value as required.
 [debug_logfile]
-/var/log/rippled/debug.log
+/var/log/xrpld/debug.log
 
 # To use the XRP test network
 # (see https://xrpl.org/connect-your-rippled-to-the-xrp-test-net.html),
@@ -1533,7 +1533,7 @@ advisory_delete=0
 
 # File containing trusted validator keys or validator list publishers.
 # Unless an absolute path is specified, it will be considered relative to the
-# folder in which the rippled.cfg file is located.
+# folder in which the xrpld.cfg file is located.
 [validators_file]
 validators.txt
 

cmake/Ccache.cmake

@@ -0,0 +1,57 @@
+find_program(CCACHE_PATH "ccache")
+if (NOT CCACHE_PATH)
+    return()
+endif ()
+
+# For Linux and macOS we can use the ccache binary directly.
+if (NOT MSVC)
+    set(CMAKE_C_COMPILER_LAUNCHER "${CCACHE_PATH}")
+    set(CMAKE_CXX_COMPILER_LAUNCHER "${CCACHE_PATH}")
+    message(STATUS "Found ccache: ${CCACHE_PATH}")
+    return()
+endif ()
+
+# For Windows more effort is required. The code below is a modified version of
+# https://github.com/ccache/ccache/wiki/MS-Visual-Studio#usage-with-cmake.
+if ("${CCACHE_PATH}" MATCHES "chocolatey")
+    message(DEBUG "Ccache path: ${CCACHE_PATH}")
+    # Chocolatey uses a shim executable that we cannot use directly, in which
+    # case we have to find the executable it points to. If we cannot find the
+    # target executable then we cannot use ccache.
+    find_program(BASH_PATH "bash")
+    if (NOT BASH_PATH)
+        message(WARNING "Could not find bash.")
+        return()
+    endif ()
+
+    execute_process(
+            COMMAND bash -c "export LC_ALL='en_US.UTF-8'; ${CCACHE_PATH} --shimgen-noop | grep -oP 'path to executable: \\K.+' | head -c -1"
+            OUTPUT_VARIABLE CCACHE_PATH)
+
+    if (NOT CCACHE_PATH)
+        message(WARNING "Could not find ccache target.")
+        return()
+    endif ()
+    file(TO_CMAKE_PATH "${CCACHE_PATH}" CCACHE_PATH)
+endif ()
+message(STATUS "Found ccache: ${CCACHE_PATH}")
+
+# Tell cmake to use ccache for compiling with Visual Studio.
+file(COPY_FILE
+        ${CCACHE_PATH} ${CMAKE_BINARY_DIR}/cl.exe
+        ONLY_IF_DIFFERENT)
+set(CMAKE_VS_GLOBALS
+        "CLToolExe=cl.exe"
+        "CLToolPath=${CMAKE_BINARY_DIR}"
+        "TrackFileAccess=false"
+        "UseMultiToolTask=true")
+
+# By default Visual Studio generators will use /Zi to capture debug information,
+# which is not compatible with ccache, so tell it to use /Z7 instead.
+if (MSVC)
+    foreach (var_
+        CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE
+        CMAKE_CXX_FLAGS_DEBUG CMAKE_CXX_FLAGS_RELEASE)
+        string (REPLACE "/Zi" "/Z7" ${var_} "${${var_}}")
+    endforeach ()
+endif ()

cmake/CompilationEnv.cmake

@@ -0,0 +1,54 @@
+ # Shared detection of compiler, operating system, and architecture.
+ #
+ # This module centralizes environment detection so that other
+ # CMake modules can use the same variables instead of repeating
+ # checks on CMAKE_* and built-in platform variables.
+
+# Only run once per configure step.
+include_guard(GLOBAL)
+
+# --------------------------------------------------------------------
+# Compiler detection (C++)
+# --------------------------------------------------------------------
+set(is_clang FALSE)
+set(is_gcc FALSE)
+set(is_msvc FALSE)
+
+if(CMAKE_CXX_COMPILER_ID MATCHES ".*Clang") # Clang or AppleClang
+  set(is_clang TRUE)
+elseif(CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
+  set(is_gcc TRUE)
+elseif(MSVC)
+  set(is_msvc TRUE)
+else()
+  message(FATAL_ERROR "Unsupported C++ compiler: ${CMAKE_CXX_COMPILER_ID}")
+endif()
+
+
+# --------------------------------------------------------------------
+# Operating system detection
+# --------------------------------------------------------------------
+set(is_linux FALSE)
+set(is_windows FALSE)
+set(is_macos FALSE)
+
+if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  set(is_linux TRUE)
+elseif(CMAKE_SYSTEM_NAME STREQUAL "Windows")
+  set(is_windows TRUE)
+elseif(CMAKE_SYSTEM_NAME STREQUAL "Darwin")
+  set(is_macos TRUE)
+endif()
+
+# --------------------------------------------------------------------
+# Architecture
+# --------------------------------------------------------------------
+set(is_amd64 FALSE)
+set(is_arm64 FALSE)
+if(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64|AMD64")
+  set(is_amd64 TRUE)
+elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "aarch64|arm64")
+  set(is_arm64 TRUE)
+else()
+  message(FATAL_ERROR "Unknown architecture: ${CMAKE_SYSTEM_PROCESSOR}")
+endif()

cmake/XrplCompiler.cmake

@@ -2,16 +2,23 @@
    setup project-wide compiler settings
 #]===================================================================]
 
+include(CompilationEnv)
+
 #[=========================================================[
    TODO some/most of these common settings belong in a
    toolchain file, especially the ABI-impacting ones
 #]=========================================================]
 add_library (common INTERFACE)
 add_library (Xrpl::common ALIAS common)
+include(XrplSanitizers)
 # add a single global dependency on this interface lib
 link_libraries (Xrpl::common)
+# Respect CMAKE_POSITION_INDEPENDENT_CODE setting (may be set by Conan toolchain)
+if(NOT DEFINED CMAKE_POSITION_INDEPENDENT_CODE)
+  set(CMAKE_POSITION_INDEPENDENT_CODE ON)
+endif()
 set_target_properties (common
-  PROPERTIES INTERFACE_POSITION_INDEPENDENT_CODE ON)
+  PROPERTIES INTERFACE_POSITION_INDEPENDENT_CODE ${CMAKE_POSITION_INDEPENDENT_CODE})
 set(CMAKE_CXX_EXTENSIONS OFF)
 target_compile_definitions (common
   INTERFACE
@@ -44,6 +51,7 @@ if (MSVC)
     # omit debug info completely under CI (not needed)
     if (is_ci)
       string (REPLACE "/Zi" " " ${var_} "${${var_}}")
+      string (REPLACE "/Z7" " " ${var_} "${${var_}}")
     endif ()
   endforeach ()
 
@@ -115,8 +123,8 @@ else ()
       # link to static libc/c++ iff:
       #   * static option set and
       #   * NOT APPLE (AppleClang does not support static libc/c++) and
-      #   * NOT san (sanitizers typically don't work with static libc/c++)
-      $<$<AND:$<BOOL:${static}>,$<NOT:$<BOOL:${APPLE}>>,$<NOT:$<BOOL:${san}>>>:
+      #   * NOT SANITIZERS (sanitizers typically don't work with static libc/c++)
+      $<$<AND:$<BOOL:${static}>,$<NOT:$<BOOL:${APPLE}>>,$<NOT:$<BOOL:${SANITIZERS_ENABLED}>>>:
       -static-libstdc++
       -static-libgcc
       >)
@@ -149,7 +157,7 @@ elseif (use_gold AND is_gcc)
     ERROR_QUIET OUTPUT_VARIABLE LD_VERSION)
     #[=========================================================[
        NOTE: THE gold linker inserts -rpath as DT_RUNPATH by
-       default intead of DT_RPATH, so you might have slightly
+       default instead of DT_RPATH, so you might have slightly
        unexpected runtime ld behavior if you were expecting
        DT_RPATH.  Specify --disable-new-dtags to gold if you do
        not want the default DT_RUNPATH behavior. This rpath

cmake/XrplCore.cmake

@@ -206,7 +206,7 @@ if(xrpld)
   )
   exclude_if_included(xrpld)
   # define a macro for tests that might need to
-  # be exluded or run differently in CI environment
+  # be excluded or run differently in CI environment
   if(is_ci)
     target_compile_definitions(xrpld PRIVATE XRPL_RUNNING_IN_CI)
   endif ()

cmake/XrplInstall.cmake

@@ -62,7 +62,7 @@ if (is_root_project AND TARGET xrpld)
         message (\"-- Skipping : \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/\${DEST}/\${NEWNAME}\")
       endif ()
     endmacro()
-    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/rippled-example.cfg\" etc rippled.cfg)
+    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/xrpld-example.cfg\" etc xrpld.cfg)
     copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/validators-example.txt\" etc validators.txt)
   ")
   install(CODE "

cmake/XrplInterface.cmake

@@ -2,6 +2,8 @@
    xrpld compile options/settings via an interface library
 #]===================================================================]
 
+include(CompilationEnv)
+
 add_library (opts INTERFACE)
 add_library (Xrpl::opts ALIAS opts)
 target_compile_definitions (opts
@@ -42,22 +44,6 @@ if(jemalloc)
   target_link_libraries(opts INTERFACE jemalloc::jemalloc)
 endif ()
 
-if (san)
-  target_compile_options (opts
-    INTERFACE
-      # sanitizers recommend minimum of -O1 for reasonable performance
-      $<$<CONFIG:Debug>:-O1>
-      ${SAN_FLAG}
-      -fno-omit-frame-pointer)
-  target_compile_definitions (opts
-    INTERFACE
-      $<$<STREQUAL:${san},address>:SANITIZER=ASAN>
-      $<$<STREQUAL:${san},thread>:SANITIZER=TSAN>
-      $<$<STREQUAL:${san},memory>:SANITIZER=MSAN>
-      $<$<STREQUAL:${san},undefined>:SANITIZER=UBSAN>)
-  target_link_libraries (opts INTERFACE ${SAN_FLAG} ${SAN_LIB})
-endif ()
-
 #[===================================================================[
    xrpld transitive library deps via an interface library
 #]===================================================================]

cmake/XrplSanitizers.cmake

@@ -3,94 +3,111 @@
 
    This module reads the following environment variables:
    - SANITIZERS: The sanitizers to enable. Possible values:
-     - "Address"
-     - "Address,UndefinedBehavior"
-     - "Thread"
-     - "Thread,UndefinedBehavior"
-     - "UndefinedBehavior"
+     - "address"
+     - "address,undefinedbehavior"
+     - "thread"
+     - "thread,undefinedbehavior"
+     - "undefinedbehavior"
 
-   The compiler type and platform are detected automatically by CMake.
+   The compiler type and platform are detected in CompilationEnv.cmake.
    The sanitizer compile options are applied to the 'common' interface library
    which is linked to all targets in the project.
+
+   Internal flag variables set by this module:
+
+   - SANITIZER_TYPES: List of sanitizer types to enable (e.g., "address",
+     "thread", "undefined"). And two more flags for undefined behavior sanitizer (e.g., "float-divide-by-zero", "unsigned-integer-overflow").
+     This list is joined with commas and passed to -fsanitize=<list>.
+
+   - SANITIZERS_COMPILE_FLAGS: Compiler flags for sanitizer instrumentation.
+     Includes:
+     * -fno-omit-frame-pointer: Preserves frame pointers for stack traces
+     * -O1: Minimum optimization for reasonable performance
+     * -fsanitize=<types>: Enables sanitizer instrumentation
+     * -fsanitize-ignorelist=<path>: (Clang only) Compile-time ignorelist
+     * -mcmodel=large/medium: (GCC only) Code model for large binaries
+     * -Wno-stringop-overflow: (GCC only) Suppresses false positive warnings
+     * -Wno-tsan: (For GCC TSAN combination only) Suppresses atomic_thread_fence warnings
+
+   - SANITIZERS_LINK_FLAGS: Linker flags for sanitizer runtime libraries.
+     Includes:
+     * -fsanitize=<types>: Links sanitizer runtime libraries
+     * -mcmodel=large/medium: (GCC only) Matches compile-time code model
+
+   - SANITIZERS_RELOCATION_FLAGS: (GCC only) Code model flags for linking.
+     Used to handle large instrumented binaries on x86_64:
+     * -mcmodel=large: For AddressSanitizer (prevents relocation errors)
+     * -mcmodel=medium: For ThreadSanitizer (large model is incompatible)
 #]===================================================================]
 
+include(CompilationEnv)
+
 # Read environment variable
 set(SANITIZERS $ENV{SANITIZERS})
 
-if(NOT SANITIZERS)
-  return()
+# Set SANITIZERS_ENABLED flag for use in other modules
+if(SANITIZERS MATCHES "address|thread|undefinedbehavior")
+    set(SANITIZERS_ENABLED TRUE)
+else()
+    set(SANITIZERS_ENABLED FALSE)
+    return()
+endif()
+
+# Sanitizers are not supported on Windows/MSVC
+if(is_msvc)
+    message(FATAL_ERROR "Sanitizers are not supported on Windows/MSVC. "
+            "Please unset the SANITIZERS environment variable.")
 endif()
 
 message(STATUS "Configuring sanitizers: ${SANITIZERS}")
 
 # Parse SANITIZERS value to determine which sanitizers to enable
-set(ENABLE_ASAN FALSE)
-set(ENABLE_TSAN FALSE)
-set(ENABLE_UBSAN FALSE)
+set(enable_asan FALSE)
+set(enable_tsan FALSE)
+set(enable_ubsan FALSE)
 
 # Normalize SANITIZERS into a list
-set(_san_list "${SANITIZERS}")
-string(REPLACE "," ";" _san_list "${_san_list}")
-separate_arguments(_san_list)
+set(san_list "${SANITIZERS}")
+string(REPLACE "," ";" san_list "${san_list}")
+separate_arguments(san_list)
 
-set(REMAINING_SANITIZERS "")
-foreach(_san IN LISTS _san_list)
-  if(_san STREQUAL "Address")
-    set(ENABLE_ASAN TRUE)
-  elseif(_san STREQUAL "Thread")
-    set(ENABLE_TSAN TRUE)
-  elseif(_san STREQUAL "UndefinedBehavior")
-    set(ENABLE_UBSAN TRUE)
-  else()
-    list(APPEND REMAINING_SANITIZERS "${_san}")
-  endif()
+foreach(san IN LISTS san_list)
+    if(san STREQUAL "address")
+        set(enable_asan TRUE)
+    elseif(san STREQUAL "thread")
+        set(enable_tsan TRUE)
+    elseif(san STREQUAL "undefinedbehavior")
+        set(enable_ubsan TRUE)
+    else()
+        message(FATAL_ERROR "Unsupported sanitizer type: ${san}"
+              "Supported: address, thread, undefinedbehavior and their combinations.")
+    endif()
 endforeach()
 
-if(REMAINING_SANITIZERS)
-  message(FATAL_ERROR
-    "Unknown SANITIZERS value(s): ${REMAINING_SANITIZERS}. "
-    "Supported: Address, Thread, UndefinedBehavior and their combinations.")
-endif()
-
-# Detect compiler type
-set(IS_GCC FALSE)
-set(IS_CLANG FALSE)
-if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
-    set(IS_GCC TRUE)
-    message(STATUS "  Compiler: GCC ${CMAKE_CXX_COMPILER_VERSION}")
-elseif(CMAKE_CXX_COMPILER_ID MATCHES "Clang")
-    set(IS_CLANG TRUE)
-    message(STATUS "  Compiler: Clang ${CMAKE_CXX_COMPILER_VERSION}")
-endif()
-
-# Detect platform (amd64/x86_64 vs arm64/aarch64)
-set(IS_AMD64 FALSE)
-if(CMAKE_SYSTEM_PROCESSOR MATCHES "x86_64|AMD64")
-    set(IS_AMD64 TRUE)
-    message(STATUS "  Platform: amd64")
-else()
-    message(STATUS "  Platform: ${CMAKE_SYSTEM_PROCESSOR}")
+# Validate sanitizer compatibility
+if(enable_asan AND enable_tsan)
+    message(FATAL_ERROR "AddressSanitizer and ThreadSanitizer are incompatible and cannot be enabled simultaneously. "
+          "Use 'address' or 'thread', optionally with 'undefinedbehavior'.")
 endif()
 
 # Frame pointer is required for meaningful stack traces. Sanitizers recommend minimum of -O1 for reasonable performance
 set(SANITIZERS_COMPILE_FLAGS "-fno-omit-frame-pointer" "-O1")
 
 # Build the sanitizer flags list
-set(SANITIZERS_FLAGS)
+set(SANITIZER_TYPES)
 
-if(ENABLE_ASAN)
-    list(APPEND SANITIZERS_FLAGS "address")
-elseif(ENABLE_TSAN)
-    list(APPEND SANITIZERS_FLAGS "thread")
+if(enable_asan)
+    list(APPEND SANITIZER_TYPES "address")
+elseif(enable_tsan)
+    list(APPEND SANITIZER_TYPES "thread")
 endif()
 
-if(ENABLE_UBSAN)
+if(enable_ubsan)
     # UB sanitizer flags
-    if(IS_CLANG)
-        # Clang supports additional UB checks
-        list(APPEND SANITIZERS_FLAGS "undefined" "float-divide-by-zero" "unsigned-integer-overflow")
-    else()
-        list(APPEND SANITIZERS_FLAGS "undefined" "float-divide-by-zero")
+    list(APPEND SANITIZER_TYPES "undefined" "float-divide-by-zero")
+    if(is_clang)
+        # Clang supports additional UB checks. More info here https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
+        list(APPEND SANITIZER_TYPES "unsigned-integer-overflow")
     endif()
 endif()
 
@@ -98,22 +115,12 @@ endif()
 # Use large code model for ASAN to avoid relocation errors
 # Use medium code model for TSAN (large is not compatible with TSAN)
 set(SANITIZERS_RELOCATION_FLAGS)
-if(IS_GCC AND IS_AMD64)
-    if(ENABLE_ASAN)
-        message(STATUS "  Using large code model (-mcmodel=large)")
-        list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=large")
-        list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=large")
-    elseif(ENABLE_TSAN)
-        message(STATUS "  Using medium code model (-mcmodel=medium)")
-        list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=medium")
-        list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=medium")
-    endif()
-endif()
 
 # Compiler-specific configuration
-if(IS_GCC)
+if(is_gcc)
     # Disable mold, gold and lld linkers for GCC with sanitizers
     # Use default linker (bfd/ld) which is more lenient with mixed code models
+    # This is needed since the size of instrumented binary exceeds the limits set by mold, lld and gold linkers
     set(use_mold OFF CACHE BOOL "Use mold linker" FORCE)
     set(use_gold OFF CACHE BOOL "Use gold linker" FORCE)
     set(use_lld OFF CACHE BOOL "Use lld linker" FORCE)
@@ -122,26 +129,26 @@ if(IS_GCC)
     # Suppress false positive warnings in GCC with stringop-overflow
     list(APPEND SANITIZERS_COMPILE_FLAGS "-Wno-stringop-overflow")
 
-    if(ENABLE_TSAN)
+    if(is_amd64 AND enable_asan)
+        message(STATUS "  Using large code model (-mcmodel=large)")
+        list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=large")
+        list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=large")
+    elseif(enable_tsan)
         # GCC doesn't support atomic_thread_fence with tsan. Suppress warnings.
         list(APPEND SANITIZERS_COMPILE_FLAGS "-Wno-tsan")
-    endif()
-
-    if(ENABLE_ASAN)
-        # GCC has issues with PIC and ASAN.
-        # https://github.com/google/sanitizers/issues/856
-        list(APPEND SANITIZERS_COMPILE_FLAGS "-fno-PIC -fno-PIE")
-        list(APPEND SANITIZERS_RELOCATION_FLAGS "-fno-PIC -fno-PIE")
+        message(STATUS "  Using medium code model (-mcmodel=medium)")
+        list(APPEND SANITIZERS_COMPILE_FLAGS "-mcmodel=medium")
+        list(APPEND SANITIZERS_RELOCATION_FLAGS "-mcmodel=medium")
     endif()
 
     # Join sanitizer flags with commas for -fsanitize option
-    list(JOIN SANITIZERS_FLAGS "," SANITIZERS_FLAGS_STR)
+    list(JOIN SANITIZER_TYPES "," SANITIZER_TYPES_STR)
 
     # Add sanitizer to compile and link flags
-    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZERS_FLAGS_STR}")
-    set(SANITIZERS_LINK_FLAGS "${SANITIZERS_RELOCATION_FLAGS}" "-fsanitize=${SANITIZERS_FLAGS_STR}")
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
+    set(SANITIZERS_LINK_FLAGS "${SANITIZERS_RELOCATION_FLAGS}" "-fsanitize=${SANITIZER_TYPES_STR}")
 
-elseif(IS_CLANG)
+elseif(is_clang)
     # Add ignorelist for Clang (GCC doesn't support this)
     # Use CMAKE_SOURCE_DIR to get the path to the ignorelist
     set(IGNORELIST_PATH "${CMAKE_SOURCE_DIR}/sanitizers/suppressions/sanitizer-ignorelist.txt")
@@ -153,11 +160,11 @@ elseif(IS_CLANG)
     message(STATUS "  Using sanitizer ignorelist: ${IGNORELIST_PATH}")
 
     # Join sanitizer flags with commas for -fsanitize option
-    list(JOIN SANITIZERS_FLAGS "," SANITIZERS_FLAGS_STR)
+    list(JOIN SANITIZER_TYPES "," SANITIZER_TYPES_STR)
 
     # Add sanitizer to compile and link flags
-    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZERS_FLAGS_STR}")
-    set(SANITIZERS_LINK_FLAGS "-fsanitize=${SANITIZERS_FLAGS_STR}")
+    list(APPEND SANITIZERS_COMPILE_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
+    set(SANITIZERS_LINK_FLAGS "-fsanitize=${SANITIZER_TYPES_STR}")
 endif()
 
 message(STATUS "  Compile flags: ${SANITIZERS_COMPILE_FLAGS}")
@@ -172,3 +179,20 @@ target_compile_options(common INTERFACE
 
 # Apply linker flags
 target_link_options(common INTERFACE ${SANITIZERS_LINK_FLAGS})
+
+# Define SANITIZERS macro for BuildInfo.cpp
+set(sanitizers_list)
+if(enable_asan)
+    list(APPEND sanitizers_list "ASAN")
+endif()
+if(enable_tsan)
+    list(APPEND sanitizers_list "TSAN")
+endif()
+if(enable_ubsan)
+    list(APPEND sanitizers_list "UBSAN")
+endif()
+
+if(sanitizers_list)
+    list(JOIN sanitizers_list "." sanitizers_str)
+    target_compile_definitions(common INTERFACE SANITIZERS=${sanitizers_str})
+endif()

cmake/XrplSanity.cmake

@@ -2,6 +2,8 @@
    sanity checks
 #]===================================================================]
 
+include(CompilationEnv)
+
 get_property(is_multiconfig GLOBAL PROPERTY GENERATOR_IS_MULTI_CONFIG)
 
 set (CMAKE_CONFIGURATION_TYPES "Debug;Release" CACHE STRING "" FORCE)
@@ -16,14 +18,12 @@ if (NOT is_multiconfig)
   endif ()
 endif ()
 
-if ("${CMAKE_CXX_COMPILER_ID}" MATCHES ".*Clang") # both Clang and AppleClang
-  set (is_clang TRUE)
+if (is_clang) # both Clang and AppleClang
   if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang" AND
          CMAKE_CXX_COMPILER_VERSION VERSION_LESS 16.0)
     message (FATAL_ERROR "This project requires clang 16 or later")
   endif ()
-elseif ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU")
-  set (is_gcc TRUE)
+elseif (is_gcc)
   if (CMAKE_CXX_COMPILER_VERSION VERSION_LESS 12.0)
     message (FATAL_ERROR "This project requires GCC 12 or later")
   endif ()
@@ -40,11 +40,6 @@ if (MSVC AND CMAKE_GENERATOR_PLATFORM STREQUAL "Win32")
   message (FATAL_ERROR "Visual Studio 32-bit build is not supported.")
 endif ()
 
-if (NOT CMAKE_SIZEOF_VOID_P EQUAL 8)
-  message (FATAL_ERROR "Xrpld requires a 64 bit target architecture.\n"
-    "The most likely cause of this warning is trying to build xrpld with a 32-bit OS.")
-endif ()
-
 if (APPLE AND NOT HOMEBREW)
   find_program (HOMEBREW brew)
 endif ()

cmake/XrplSettings.cmake

@@ -2,11 +2,7 @@
    declare options and variables
 #]===================================================================]
 
-if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
-  set (is_linux TRUE)
-else()
-  set(is_linux FALSE)
-endif()
+include(CompilationEnv)
 
 if("$ENV{CI}" STREQUAL "true" OR "$ENV{CONTINUOUS_INTEGRATION}" STREQUAL "true")
   set(is_ci TRUE)
@@ -62,12 +58,27 @@ else()
   set(wextra OFF CACHE BOOL "gcc/clang only" FORCE)
 endif()
 
-if(is_linux AND NOT $ENV{SANITIZERS})
+if(is_linux AND NOT SANITIZER)
   option(BUILD_SHARED_LIBS "build shared xrpl libraries" OFF)
   option(static "link protobuf, openssl, libc++, and boost statically" ON)
   option(perf "Enables flags that assist with perf recording" OFF)
   option(use_gold "enables detection of gold (binutils) linker" ON)
   option(use_mold "enables detection of mold (binutils) linker" ON)
+  # Set a default value for the log flag based on the build type.
+  # This provides a sensible default (on for debug, off for release)
+  # while still allowing the user to override it for any build.
+  if(CMAKE_BUILD_TYPE STREQUAL "Debug")
+    set(TRUNCATED_LOGS_DEFAULT ON)
+  else()
+    set(TRUNCATED_LOGS_DEFAULT OFF)
+  endif()
+  option(TRUNCATED_THREAD_NAME_LOGS
+    "Show warnings about truncated thread names on Linux."
+    ${TRUNCATED_LOGS_DEFAULT}
+  )
+  if(TRUNCATED_THREAD_NAME_LOGS)
+    add_compile_definitions(TRUNCATED_THREAD_NAME_LOGS)
+  endif()
 else()
   # we are not ready to allow shared-libs on windows because it would require
   # export declarations. On macos it's more feasible, but static openssl

cmake/deps/Boost.cmake

@@ -1,4 +1,7 @@
-find_package(Boost 1.82 REQUIRED
+include(CompilationEnv)
+include(XrplSanitizers)
+
+find_package(Boost REQUIRED
   COMPONENTS
     chrono
     container
@@ -32,7 +35,7 @@ target_link_libraries(xrpl_boost
 if(Boost_COMPILER)
   target_link_libraries(xrpl_boost INTERFACE Boost::disable_autolinking)
 endif()
-if(san AND is_clang)
+if(SANITIZERS_ENABLED AND is_clang)
   # TODO: gcc does not support -fsanitize-blacklist...can we do something else
   # for gcc ?
   if(NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)

conan.lock

@@ -1,44 +1,44 @@
 {
     "version": "0.5",
     "requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1756234269.497",
-        "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1756234289.683",
-        "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1756234266.869",
-        "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1756234262.318",
-        "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1756234314.246",
-        "secp256k1/0.7.0#9c4ab67bdc3860c16ea5b36aed8f74ea%1765202256.763",
-        "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1762797952.535",
-        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1764175362.029",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1764863245.83",
-        "openssl/3.5.4#a1d5835cc6ed5c5b8f3cd5b9b5d24205%1760106486.594",
-        "nudb/2.0.9#fb8dfd1a5557f5e0528114c2da17721e%1763150366.909",
-        "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1756234228.999",
-        "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1756223727.64",
-        "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1756230911.03",
-        "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1764175360.142",
+        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
+        "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1765850149.926",
+        "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1765850149.46",
+        "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
+        "secp256k1/0.7.0#9c4ab67bdc3860c16ea5b36aed8f74ea%1765850147.928",
+        "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
+        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1765850148.103",
+        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "openssl/3.5.4#1b986e61b38fdfda3b40bebc1b234393%1768312656.257",
+        "nudb/2.0.9#fb8dfd1a5557f5e0528114c2da17721e%1765850143.957",
+        "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
+        "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
+        "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1765842973.03",
+        "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
         "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
-        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1763158050.628",
-        "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1764270189.893",
-        "doctest/2.4.12#eb9fb352fb2fdfc8abb17ec270945165%1762797941.757",
-        "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1763584497.32",
-        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1764175359.429",
-        "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1764175359.429",
-        "boost/1.88.0#8852c0b72ce8271fb8ff7c53456d4983%1756223752.326",
-        "abseil/20250127.0#a0d8dd431284426b64c9f9a384d53dfc%1765817471.75"
+        "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
+        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1765850193.734",
+        "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
+        "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
+        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1765850144.336",
+        "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1765850143.837",
+        "boost/1.88.0#8852c0b72ce8271fb8ff7c53456d4983%1765850172.862",
+        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
     ],
     "build_requires": [
-        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1756234269.497",
-        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1756234281.733",
-        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1764863245.83",
-        "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1756234232.901",
+        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1765850165.196",
+        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
         "msys2/cci.latest#1996656c3c98e5765b25b60ff5cf77b4%1764840888.758",
         "m4/1.4.19#70dc8bbb33e981d119d2acc0175cf381%1763158052.846",
-        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1764175359.44",
-        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1764175359.429",
-        "b2/5.3.3#107c15377719889654eb9a162a673975%1756234226.28",
+        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1765850153.937",
+        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
+        "b2/5.3.3#107c15377719889654eb9a162a673975%1765850144.355",
         "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
         "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
-        "abseil/20250127.0#a0d8dd431284426b64c9f9a384d53dfc%1765817471.75"
+        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
     ],
     "python_requires": [],
     "overrides": {

conan/profiles/sanitizers

@@ -5,24 +5,21 @@ include(default)
 [conf]
 {% if sanitizers %}
     {% if compiler == "gcc" %}
-        {% if "Address" in sanitizers or "Thread" in sanitizers or "UndefinedBehavior" in sanitizers %}
+        {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
             {% set model_code = "" %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1", "-Wno-stringop-overflow"] %}
 
-            {% if "Address" in sanitizers %}
+            {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
                 {% set model_code = "-mcmodel=large" %}
-                {% if version >= "15" %}
-                    {% set _ = extra_cxxflags.append("-fno-PIC")%}
-                {% endif %}
-            {% elif "Thread" in sanitizers %}
+            {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
                 {% set model_code = "-mcmodel=medium" %}
                 {% set _ = extra_cxxflags.append("-Wno-tsan") %}
             {% endif %}
 
-            {% if "UndefinedBehavior" in sanitizers %}
+            {% if "undefinedbehavior" in sanitizers %}
                 {% set _ = sanitizer_list.append("undefined") %}
                 {% set _ = sanitizer_list.append("float-divide-by-zero") %}
             {% endif %}
@@ -34,17 +31,17 @@ include(default)
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
         {% endif %}
     {% elif compiler == "apple-clang" or compiler == "clang" %}
-        {% if "Address" in sanitizers or "Thread" in sanitizers or "UndefinedBehavior" in sanitizers %}
+        {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1"] %}
 
-            {% if "Address" in sanitizers %}
+            {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
-            {% elif "Thread" in sanitizers %}
+            {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
             {% endif %}
 
-            {% if "UndefinedBehavior" in sanitizers %}
+            {% if "undefinedbehavior" in sanitizers %}
                 {% set _ = sanitizer_list.append("undefined") %}
                 {% set _ = sanitizer_list.append("float-divide-by-zero") %}
                 {% set _ = sanitizer_list.append("unsigned-integer-overflow") %}

conanfile.py

@@ -39,7 +39,7 @@ class Xrpl(ConanFile):
     ]
 
     test_requires = [
-        "doctest/2.4.12",
+        "gtest/1.17.0",
     ]
 
     tool_requires = [
@@ -87,7 +87,13 @@ class Xrpl(ConanFile):
         "libarchive/*:with_xattr": False,
         "libarchive/*:with_zlib": False,
         "lz4/*:shared": False,
+        "openssl/*:no_dtls": True,
+        "openssl/*:no_ssl": True,
+        "openssl/*:no_ssl3": True,
+        "openssl/*:no_tls1": True,
+        "openssl/*:no_tls1_1": True,
         "openssl/*:shared": False,
+        "openssl/*:tls_security_level": 2,
         "protobuf/*:shared": False,
         "protobuf/*:with_zlib": True,
         "rocksdb/*:enable_sse": False,
@@ -182,12 +188,10 @@ class Xrpl(ConanFile):
         libxrpl.libs = [
             "xrpl",
             "xrpl.libpb",
-            "ed25519",
-            "secp256k1",
         ]
         # TODO: Fix the protobufs to include each other relative to
-        # `include/`, not `include/ripple/proto/`.
-        libxrpl.includedirs = ["include", "include/ripple/proto"]
+        # `include/`, not `include/xrpl/proto/`.
+        libxrpl.includedirs = ["include", "include/xrpl/proto"]
         libxrpl.requires = [
             "boost::headers",
             "boost::chrono",

docs/0001-negative-unl/README.md

@@ -134,7 +134,7 @@ validation messages (_PAV_) received from each validator on the node's UNL. Note
 that the node will only count the validation messages that agree with its own
 validations.
 
-We define the **PAV** as the **P**ercentage of **A**greed **V**alidation
+We define the **PAV** as the Percentage of Agreed Validation
 messages received for the last N ledgers, where N = 256 by default.
 
 When the PAV drops below the **_low-water mark_**, the validator is considered

docs/0001-negative-unl/negativeUNLSqDiagram.puml

@@ -43,14 +43,14 @@ alt phase == OPEN
             alt sqn%256==0
             CA -[#green]> RM: <font color=green>getValidations
             CA -[#green]> CA: <font color=green>create UNLModify Tx
-            hnote over CA#lightgreen: use validatations of the last 256 ledgers\nto figure out UNLModify Tx candidates.\nIf any, create UNLModify Tx, and add to TxSet.
+            hnote over CA#lightgreen: use validations of the last 256 ledgers\nto figure out UNLModify Tx candidates.\nIf any, create UNLModify Tx, and add to TxSet.
             end
         CA -> GC
         GC -> CA: propose
         deactivate CA
     end
 else phase == ESTABLISH
-    hnote over GC: receive peer postions
+    hnote over GC: receive peer positions
     GC -> GC : update our position
     GC -> CA : propose \n(if position changed)
     GC -> GC : check if have consensus

docs/build/sanitizers.md

@@ -1,6 +1,6 @@
 # Sanitizer Configuration for Rippled
 
-This document explains how to properly configure and run sanitizers (AddressSanitizer, UndefinedBehaviorSanitizer, ThreadSanitizer) with the rippled project.
+This document explains how to properly configure and run sanitizers (AddressSanitizer, undefinedbehaviorSanitizer, ThreadSanitizer) with the xrpld project.
 Corresponding suppression files are located in the `sanitizers/suppressions` directory.
 
 - [Sanitizer Configuration for Rippled](#sanitizer-configuration-for-rippled)
@@ -11,9 +11,10 @@ Corresponding suppression files are located in the `sanitizers/suppressions` dir
       - [Call CMake](#call-cmake)
       - [Build](#build)
   - [Running Tests with Sanitizers](#running-tests-with-sanitizers)
-    - [AddressSanitizer (ASan)](#addresssanitizer-asan)
-    - [ThreadSanitizer (TSan) + UndefinedBehaviorSanitizer (UBSan)](#threadsanitizer-tsan--undefinedbehaviorsanitizer-ubsan)
+    - [AddressSanitizer (ASAN)](#addresssanitizer-asan)
+    - [ThreadSanitizer (TSan)](#threadsanitizer-tsan)
     - [LeakSanitizer (LSan)](#leaksanitizer-lsan)
+    - [UndefinedBehaviorSanitizer (UBSan)](#undefinedbehaviorsanitizer-ubsan)
   - [Suppression Files](#suppression-files)
     - [`asan.supp`](#asansupp)
     - [`lsan.supp`](#lsansupp)
@@ -21,7 +22,7 @@ Corresponding suppression files are located in the `sanitizers/suppressions` dir
     - [`tsan.supp`](#tsansupp)
     - [`sanitizer-ignorelist.txt`](#sanitizer-ignorelisttxt)
   - [Troubleshooting](#troubleshooting)
-    - ["ASan is ignoring requested \_\_asan_handle_no_return" warnings](#asan-is-ignoring-requested-__asan_handle_no_return-warnings)
+    - ["ASAN is ignoring requested \_\_asan_handle_no_return" warnings](#asan-is-ignoring-requested-__asan_handle_no_return-warnings)
     - [Sanitizer Mismatch Errors](#sanitizer-mismatch-errors)
   - [References](#references)
 
@@ -33,9 +34,9 @@ Follow the same instructions as mentioned in [BUILD.md](../../BUILD.md) but with
 
 1. Make sure you have a clean build directory.
 2. Set the `SANITIZERS` environment variable before calling conan install and cmake. Only set it once. Make sure both conan and cmake read the same values.
-   Example: `export SANITIZERS=Address,UndefinedBehavior`
-3. Optionally use `--profile:all sanitizers` with Conan to build dependencies with sanitizer instrumentation.
-4. Set `ASAN_OPTIONS`, `LSAN_OPTIONS`, `UBSAN_OPTIONS` and `TSAN_OPTIONS` environment variables to configure sanitizer behavior when running executables.
+   Example: `export SANITIZERS=address,undefinedbehavior`
+3. Optionally use `--profile:all sanitizers` with Conan to build dependencies with sanitizer instrumentation. [!NOTE]Building with sanitizer-instrumented dependencies is slower but produces fewer false positives.
+4. Set `ASAN_OPTIONS`, `LSAN_OPTIONS`, `UBSAN_OPTIONS` and `TSAN_OPTIONS` environment variables to configure sanitizer behavior when running executables. [More details below](#running-tests-with-sanitizers).
 
 ---
 
@@ -53,7 +54,7 @@ cd .build
 The `SANITIZERS` environment variable is used by both Conan and CMake.
 
 ```bash
-export SANITIZERS=Address,UndefinedBehavior
+export SANITIZERS=address,undefinedbehavior
 # Standard build (without instrumenting dependencies)
 conan install .. --output-folder . --build missing --settings build_type=Debug
 
@@ -61,7 +62,8 @@ conan install .. --output-folder . --build missing --settings build_type=Debug
 conan install .. --output-folder . --profile:all sanitizers --build missing --settings build_type=Debug
 ```
 
-**Note:** Do not mix Address and Thread sanitizers - they are incompatible.
+[!CAUTION]
+Do not mix Address and Thread sanitizers - they are incompatible.
 
 Since you already set the `SANITIZERS` environment variable when running Conan, same values will be read for the next part.
 
@@ -82,48 +84,66 @@ cmake --build . --parallel 4
 
 ## Running Tests with Sanitizers
 
-### AddressSanitizer (ASan)
+### AddressSanitizer (ASAN)
 
-**IMPORTANT**: ASan with Boost produces many false positives. Use these options:
+**IMPORTANT**: ASAN with Boost produces many false positives. Use these options:
 
 ```bash
-export ASAN_OPTIONS="detect_container_overflow=0 suppressions=path/to/asan.supp halt_on_error=0 log_path=asan.log"
-export UBSAN_OPTIONS="suppressions=path/to/ubsan.supp print_stacktrace=1 halt_on_error=0 log_path=ubsan.log"
-export LSAN_OPTIONS="suppressions=path/to/lsan.supp halt_on_error=0 log_path=lsan.log"
+export ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=path/to/asan.supp:halt_on_error=0:log_path=asan.log"
+export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsan.log"
 
 # Run tests
-./rippled --unittest --unittest-jobs=5
+./xrpld --unittest --unittest-jobs=5
 ```
 
 **Why `detect_container_overflow=0`?**
 
 - Boost intrusive containers (used in `aged_unordered_container`) trigger false positives
-- Boost context switching (used in `Workers.cpp`) confuses ASan's stack tracking
-- Since we usually don't build boost(because we don't want to instrument boost and detect issues in boost code) with asan but use boost containers in ASAN instrumented rippled code, it generates false positives.
+- Boost context switching (used in `Workers.cpp`) confuses ASAN's stack tracking
+- Since we usually don't build Boost (because we don't want to instrument Boost and detect issues in Boost code) with ASAN but use Boost containers in ASAN instrumented rippled code, it generates false positives.
+- Building dependencies with ASAN instrumentation reduces false positives. But we don't want to instrument dependencies like Boost with ASAN because it is slow (to compile as well as run tests) and not necessary.
 - See: https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow
+- More such flags are detailed [here](https://github.com/google/sanitizers/wiki/AddressSanitizerFlags)
 
-### ThreadSanitizer (TSan) + UndefinedBehaviorSanitizer (UBSan)
+### ThreadSanitizer (TSan)
 
 ```bash
 export TSAN_OPTIONS="suppressions=path/to/tsan.supp halt_on_error=0 log_path=tsan.log"
 
 # Run tests
-./rippled --unittest --unittest-jobs=5
+./xrpld --unittest --unittest-jobs=5
 ```
 
+More details [here](https://github.com/google/sanitizers/wiki/ThreadSanitizerCppManual).
+
 ### LeakSanitizer (LSan)
 
-LSan is automatically enabled with ASan. To disable it:
+LSan is automatically enabled with ASAN. To disable it:
 
 ```bash
 export ASAN_OPTIONS="detect_leaks=0"
 ```
 
+More details [here](https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer).
+
+### UndefinedBehaviorSanitizer (UBSan)
+
+```bash
+export UBSAN_OPTIONS="suppressions=path/to/ubsan.supp:print_stacktrace=1:halt_on_error=0:log_path=ubsan.log"
+
+# Run tests
+./xrpld --unittest --unittest-jobs=5
+```
+
+More details [here](https://clang.llvm.org/docs/undefinedbehaviorSanitizer.html).
+
 ## Suppression Files
 
-### `asan.supp`
+[!NOTE] Attached files contain more details.
 
-- **Purpose**: Suppress AddressSanitizer (ASan) errors only
+### [`asan.supp`](../../sanitizers/suppressions/asan.supp)
+
+- **Purpose**: Suppress AddressSanitizer (ASAN) errors only
 - **Format**: `interceptor_name:<pattern>` where pattern matches file names. Supported suppression types are:
   - interceptor_name
   - interceptor_via_fun
@@ -132,25 +152,26 @@ export ASAN_OPTIONS="detect_leaks=0"
 - **More info**: [AddressSanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizer)
 - **Note**: Cannot suppress stack-buffer-overflow, container-overflow, etc.
 
-### `lsan.supp`
+### [`lsan.supp`](../../sanitizers/suppressions/lsan.supp)
 
 - **Purpose**: Suppress LeakSanitizer (LSan) errors only
 - **Format**: `leak:<pattern>` where pattern matches function/file names
 - **More info**: [LeakSanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer)
 
-### `ubsan.supp`
+### [`ubsan.supp`](../../sanitizers/suppressions/ubsan.supp)
 
-- **Purpose**: Suppress UndefinedBehaviorSanitizer errors
+- **Purpose**: Suppress undefinedbehaviorSanitizer errors
 - **Format**: `<error_type>:<pattern>` (e.g., `unsigned-integer-overflow:protobuf`)
 - **Covers**: Intentional overflows in sanitizers/suppressions libraries (protobuf, gRPC, stdlib)
+- More info [UBSan suppressions](https://clang.llvm.org/docs/SanitizerSpecialCaseList.html).
 
-### `tsan.supp`
+### [`tsan.supp`](../../sanitizers/suppressions/tsan.supp)
 
 - **Purpose**: Suppress ThreadSanitizer data race warnings
 - **Format**: `race:<pattern>` where pattern matches function/file names
-- **More info**: [ThreadSanitizerSuppressions](https://github.com/google/sanitizers/wiki/ThreadSanitizerSuppressions)
+- **More info**: [ThreadSanitizer suppressions](https://github.com/google/sanitizers/wiki/ThreadSanitizerSuppressions)
 
-### `sanitizer-ignorelist.txt`
+### [`sanitizer-ignorelist.txt`](../../sanitizers/suppressions/sanitizer-ignorelist.txt)
 
 - **Purpose**: Compile-time ignorelist for all sanitizers
 - **Usage**: Passed via `-fsanitize-ignorelist=absolute/path/to/sanitizer-ignorelist.txt`
@@ -158,13 +179,13 @@ export ASAN_OPTIONS="detect_leaks=0"
 
 ## Troubleshooting
 
-### "ASan is ignoring requested \_\_asan_handle_no_return" warnings
+### "ASAN is ignoring requested \_\_asan_handle_no_return" warnings
 
 These warnings appear when using Boost context switching and are harmless. They indicate potential false positives.
 
 ### Sanitizer Mismatch Errors
 
-If you see undefined symbols like `___tsan_atomic_load` when building with ASan:
+If you see undefined symbols like `___tsan_atomic_load` when building with ASAN:
 
 **Problem**: Dependencies were built with a different sanitizer than the main project.
 
@@ -182,5 +203,5 @@ Then review the log files: `asan.log.*`, `ubsan.log.*`, `tsan.log.*`
 - [AddressSanitizer Wiki](https://github.com/google/sanitizers/wiki/AddressSanitizer)
 - [AddressSanitizer Flags](https://github.com/google/sanitizers/wiki/AddressSanitizerFlags)
 - [Container Overflow Detection](https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow)
-- [UndefinedBehaviorSanitizer](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html)
+- [UndefinedBehavior Sanitizer](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html)
 - [ThreadSanitizer](https://github.com/google/sanitizers/wiki/ThreadSanitizerCppManual)

docs/consensus.md

@@ -189,7 +189,7 @@ validations. It checks this on every call to `timerEntry`.
 - _Wrong Ledger_ indicates the node is not working on the correct prior ledger
   and does not have it available. It requests that ledger from the network, but
   continues to work towards consensus this round while waiting. If it had been
-  _proposing_, it will send a special "bowout" proposal to its peers to indicate
+  _proposing_, it will send a special "bow-out" proposal to its peers to indicate
   its change in mode for the rest of this round. For the duration of the round,
   it defers to peer positions for determining the consensus outcome as if it
   were just _observing_.
@@ -515,7 +515,7 @@ are excerpts of the generic consensus implementation and of helper types that wi
 interact with the concrete implementing class.
 
 ```{.cpp}
-// Represents a transction under dispute this round
+// Represents a transaction under dispute this round
 template <class Tx_t, class NodeID_t> class DisputedTx;
 
 // Represents how the node participates in Consensus this round

include/xrpl/basics/IntrusivePointer.h

@@ -58,7 +58,7 @@ concept CAdoptTag = std::is_same_v<T, SharedIntrusiveAdoptIncrementStrongTag> ||
     When the strong pointer count goes to zero, the "partialDestructor" is
     called. This can be used to destroy as much of the object as possible while
     still retaining the reference counts. For example, for SHAMapInnerNodes the
-    children may be reset in that function. Note that std::shared_poiner WILL
+    children may be reset in that function. Note that std::shared_pointer WILL
     run the destructor when the strong count reaches zero, but may not free the
     memory used by the object until the weak count reaches zero. In rippled, we
     typically allocate shared pointers with the `make_shared` function. When

include/xrpl/basics/IntrusiveRefCounts.h

@@ -301,7 +301,7 @@ IntrusiveRefCounts::addWeakReleaseStrongRef() const
     // change the counts and flags (the count could be atomically changed, but
     // the flags depend on the current value of the counts).
     //
-    // Note: If this becomes a perf bottleneck, the `partialDestoryStartedMask`
+    // Note: If this becomes a perf bottleneck, the `partialDestroyStartedMask`
     // may be able to be set non-atomically. But it is easier to reason about
     // the code if the flag is set atomically.
     while (1)

include/xrpl/basics/Log.h

@@ -221,7 +221,8 @@ public:
 private:
     enum {
         // Maximum line length for log messages.
-        // If the message exceeds this length it will be truncated with elipses.
+        // If the message exceeds this length it will be truncated with
+        // ellipses.
         maximumMessageCharacters = 12 * 1024
     };
 

include/xrpl/basics/Number.h

@@ -1,8 +1,11 @@
 #ifndef XRPL_BASICS_NUMBER_H_INCLUDED
 #define XRPL_BASICS_NUMBER_H_INCLUDED
 
+#include <xrpl/beast/utility/instrumentation.h>
+
 #include <cstdint>
 #include <limits>
+#include <optional>
 #include <ostream>
 #include <string>
 
@@ -13,42 +16,252 @@ class Number;
 std::string
 to_string(Number const& amount);
 
+template <typename T>
+constexpr std::optional<int>
+logTen(T value)
+{
+    int log = 0;
+    while (value >= 10 && value % 10 == 0)
+    {
+        value /= 10;
+        ++log;
+    }
+    if (value == 1)
+        return log;
+    return std::nullopt;
+}
+
 template <typename T>
 constexpr bool
 isPowerOfTen(T value)
 {
-    while (value >= 10 && value % 10 == 0)
-        value /= 10;
-    return value == 1;
+    return logTen(value).has_value();
 }
 
+/** MantissaRange defines a range for the mantissa of a normalized Number.
+ *
+ * The mantissa is in the range [min, max], where
+ * * min is a power of 10, and
+ * * max = min * 10 - 1.
+ *
+ * The mantissa_scale enum indicates whether the range is "small" or "large".
+ * This intentionally restricts the number of MantissaRanges that can be
+ * instantiated to two: one for each scale.
+ *
+ * The "small" scale is based on the behavior of STAmount for IOUs. It has a min
+ * value of 10^15, and a max value of 10^16-1. This was sufficient for
+ * uses before Lending Protocol was implemented, mostly related to AMM.
+ *
+ * However, it does not have sufficient precision to represent the full integer
+ * range of int64_t values (-2^63 to 2^63-1), which are needed for XRP and MPT
+ * values. The implementation of SingleAssetVault, and LendingProtocol need to
+ * represent those integer values accurately and precisely, both for the
+ * STNumber field type, and for internal calculations. That necessitated the
+ * "large" scale.
+ *
+ * The "large" scale is intended to represent all values that can be represented
+ * by an STAmount - IOUs, XRP, and MPTs. It has a min value of 10^18, and a max
+ * value of 10^19-1.
+ *
+ * Note that if the mentioned amendments are eventually retired, this class
+ * should be left in place, but the "small" scale option should be removed. This
+ * will allow for future expansion beyond 64-bits if it is ever needed.
+ */
+struct MantissaRange
+{
+    using rep = std::uint64_t;
+    enum mantissa_scale { small, large };
+
+    explicit constexpr MantissaRange(mantissa_scale scale_)
+        : min(getMin(scale_))
+        , max(min * 10 - 1)
+        , log(logTen(min).value_or(-1))
+        , scale(scale_)
+    {
+    }
+
+    rep min;
+    rep max;
+    int log;
+    mantissa_scale scale;
+
+private:
+    static constexpr rep
+    getMin(mantissa_scale scale_)
+    {
+        switch (scale_)
+        {
+            case small:
+                return 1'000'000'000'000'000ULL;
+            case large:
+                return 1'000'000'000'000'000'000ULL;
+            default:
+                // Since this can never be called outside a non-constexpr
+                // context, this throw assures that the build fails if an
+                // invalid scale is used.
+                throw std::runtime_error("Unknown mantissa scale");
+        }
+    }
+};
+
+// Like std::integral, but only 64-bit integral types.
+template <class T>
+concept Integral64 =
+    std::is_same_v<T, std::int64_t> || std::is_same_v<T, std::uint64_t>;
+
+/** Number is a floating point type that can represent a wide range of values.
+ *
+ * It can represent all values that can be represented by an STAmount -
+ * regardless of asset type - XRPAmount, MPTAmount, and IOUAmount, with at least
+ * as much precision as those types require.
+ *
+ * ---- Internal Representation ----
+ *
+ * Internally, Number is represented with three values:
+ *   1. a bool sign flag,
+ *   2. a std::uint64_t mantissa,
+ *   3. an int exponent.
+ *
+ * The internal mantissa is an unsigned integer in the range defined by the
+ * current MantissaRange. The exponent is an integer in the range
+ * [minExponent, maxExponent].
+ *
+ * See the description of MantissaRange for more details on the ranges.
+ *
+ * A non-zero mantissa is (almost) always normalized, meaning it and the
+ * exponent are grown or shrunk until the mantissa is in the range
+ * [MantissaRange.min, MantissaRange.max].
+ *
+ * Note:
+ *   1. Normalization can be disabled by using the "unchecked" ctor tag. This
+ *      should only be used at specific conversion points, some constexpr
+ *      values, and in unit tests.
+ *   2. The max of the "large" range, 10^19-1, is the largest 10^X-1 value that
+ *      fits in an unsigned 64-bit number. (10^19-1 < 2^64-1 and
+ *      10^20-1 > 2^64-1). This avoids under- and overflows.
+ *
+ * ---- External Interface ----
+ *
+ * The external interface of Number consists of a std::int64_t mantissa, which
+ * is restricted to 63-bits, and an int exponent, which must be in the range
+ * [minExponent, maxExponent]. The range of the mantissa depends on which
+ * MantissaRange is currently active. For the "short" range, the mantissa will
+ * be between 10^15 and 10^16-1. For the "large" range, the mantissa will be
+ * between -(2^63-1) and 2^63-1. As noted above, the "large" range is needed to
+ * represent the full range of valid XRP and MPT integer values accurately.
+ *
+ * Note:
+ *   1. 2^63-1 is between 10^18 and 10^19-1, which are the limits of the "large"
+ *      mantissa range.
+ *   2. The functions mantissa() and exponent() return the external view of the
+ *      Number value, specifically using a signed 63-bit mantissa. This may
+ *      require altering the internal representation to fit into that range
+ *      before the value is returned. The interface guarantees consistency of
+ *      the two values.
+ *   3. Number cannot represent -2^63 (std::numeric_limits<std::int64_t>::min())
+ *      as an exact integer, but it doesn't need to, because all asset values
+ *      on-ledger are non-negative. This is due to implementation details of
+ *      several operations which use unsigned arithmetic internally. This is
+ *      sufficient to represent all valid XRP values (where the absolute value
+ *      can not exceed INITIAL_XRP: 10^17), and MPT values (where the absolute
+ *      value can not exceed maxMPTokenAmount: 2^63-1).
+ *
+ * ---- Mantissa Range Switching ----
+ *
+ * The mantissa range may be changed at runtime via setMantissaScale(). The
+ * default mantissa range is "large". The range is updated whenever transaction
+ * processing begins, based on whether SingleAssetVault or LendingProtocol are
+ * enabled. If either is enabled, the mantissa range is set to "large". If not,
+ * it is set to "small", preserving backward compatibility and correct
+ * "amendment-gating".
+ *
+ * It is extremely unlikely that any more calls to setMantissaScale() will be
+ * needed outside of unit tests.
+ *
+ * ---- Usage With Different Ranges ----
+ *
+ * Outside of unit tests, and existing checks, code that uses Number should not
+ * know or care which mantissa range is active.
+ *
+ * The results of computations using Numbers with a small mantissa may differ
+ * from computations using Numbers with a large mantissa, specifically as it
+ * effects the results after rounding. That is why the large mantissa range is
+ * amendment gated in transaction processing.
+ *
+ * It is extremely unlikely that any more calls to getMantissaScale() will be
+ * needed outside of unit tests.
+ *
+ * Code that uses Number should not assume or check anything about the
+ * mantissa() or exponent() except that they fit into the "large" range
+ * specified in the "External Interface" section.
+ *
+ * ----- Unit Tests -----
+ *
+ * Within unit tests, it may be useful to explicitly switch between the two
+ * ranges, or to check which range is active when checking the results of
+ * computations. If the test is doing the math directly, the
+ * set/getMantissaScale() functions may be most appropriate. However, if the
+ * test has anything to do with transaction processing, it should enable or
+ * disable the amendments that control the mantissa range choice
+ * (SingleAssetVault and LendingProtocol), and/or check if either of those
+ * amendments are enabled to determine which result to expect.
+ *
+ */
 class Number
 {
     using rep = std::int64_t;
-    rep mantissa_{0};
+    using internalrep = MantissaRange::rep;
+
+    bool negative_{false};
+    internalrep mantissa_{0};
     int exponent_{std::numeric_limits<int>::lowest()};
 
 public:
-    // The range for the mantissa when normalized
-    constexpr static std::int64_t minMantissa = 1'000'000'000'000'000LL;
-    static_assert(isPowerOfTen(minMantissa));
-    constexpr static std::int64_t maxMantissa = minMantissa * 10 - 1;
-    static_assert(maxMantissa == 9'999'999'999'999'999LL);
-
     // The range for the exponent when normalized
     constexpr static int minExponent = -32768;
     constexpr static int maxExponent = 32768;
 
+    constexpr static internalrep maxRep = std::numeric_limits<rep>::max();
+    static_assert(maxRep == 9'223'372'036'854'775'807);
+    static_assert(-maxRep == std::numeric_limits<rep>::min() + 1);
+
+    // May need to make unchecked private
     struct unchecked
     {
         explicit unchecked() = default;
     };
 
+    // Like unchecked, normalized is used with the ctors that take an
+    // internalrep mantissa. Unlike unchecked, those ctors will normalize the
+    // value.
+    // Only unit tests are expected to use this class
+    struct normalized
+    {
+        explicit normalized() = default;
+    };
+
     explicit constexpr Number() = default;
 
     Number(rep mantissa);
     explicit Number(rep mantissa, int exponent);
-    explicit constexpr Number(rep mantissa, int exponent, unchecked) noexcept;
+    explicit constexpr Number(
+        bool negative,
+        internalrep mantissa,
+        int exponent,
+        unchecked) noexcept;
+    // Assume unsigned values are... unsigned. i.e. positive
+    explicit constexpr Number(
+        internalrep mantissa,
+        int exponent,
+        unchecked) noexcept;
+    // Only unit tests are expected to use this ctor
+    explicit Number(
+        bool negative,
+        internalrep mantissa,
+        int exponent,
+        normalized);
+    // Assume unsigned values are... unsigned. i.e. positive
+    explicit Number(internalrep mantissa, int exponent, normalized);
 
     constexpr rep
     mantissa() const noexcept;
@@ -78,11 +291,11 @@ public:
     Number&
     operator/=(Number const& x);
 
-    static constexpr Number
+    static Number
     min() noexcept;
-    static constexpr Number
+    static Number
     max() noexcept;
-    static constexpr Number
+    static Number
     lowest() noexcept;
 
     /** Conversions to Number are implicit and conversions away from Number
@@ -96,7 +309,8 @@ public:
     friend constexpr bool
     operator==(Number const& x, Number const& y) noexcept
     {
-        return x.mantissa_ == y.mantissa_ && x.exponent_ == y.exponent_;
+        return x.negative_ == y.negative_ && x.mantissa_ == y.mantissa_ &&
+            x.exponent_ == y.exponent_;
     }
 
     friend constexpr bool
@@ -110,8 +324,8 @@ public:
     {
         // If the two amounts have different signs (zero is treated as positive)
         // then the comparison is true iff the left is negative.
-        bool const lneg = x.mantissa_ < 0;
-        bool const rneg = y.mantissa_ < 0;
+        bool const lneg = x.negative_;
+        bool const rneg = y.negative_;
 
         if (lneg != rneg)
             return lneg;
@@ -139,7 +353,7 @@ public:
     constexpr int
     signum() const noexcept
     {
-        return (mantissa_ < 0) ? -1 : (mantissa_ ? 1 : 0);
+        return negative_ ? -1 : (mantissa_ ? 1 : 0);
     }
 
     Number
@@ -169,6 +383,15 @@ public:
         return os << to_string(x);
     }
 
+    friend std::string
+    to_string(Number const& amount);
+
+    friend Number
+    root(Number f, unsigned d);
+
+    friend Number
+    root2(Number f);
+
     // Thread local rounding control.  Default is to_nearest
     enum rounding_mode { to_nearest, towards_zero, downward, upward };
     static rounding_mode
@@ -177,44 +400,206 @@ public:
     static rounding_mode
     setround(rounding_mode mode);
 
+    /** Returns which mantissa scale is currently in use for normalization.
+     *
+     * If you think you need to call this outside of unit tests, no you don't.
+     */
+    static MantissaRange::mantissa_scale
+    getMantissaScale();
+    /** Changes which mantissa scale is used for normalization.
+     *
+     * If you think you need to call this outside of unit tests, no you don't.
+     */
+    static void
+    setMantissaScale(MantissaRange::mantissa_scale scale);
+
+    inline static internalrep
+    minMantissa()
+    {
+        return range_.get().min;
+    }
+
+    inline static internalrep
+    maxMantissa()
+    {
+        return range_.get().max;
+    }
+
+    inline static int
+    mantissaLog()
+    {
+        return range_.get().log;
+    }
+
+    /// oneSmall is needed because the ranges are private
+    constexpr static Number
+    oneSmall();
+    /// oneLarge is needed because the ranges are private
+    constexpr static Number
+    oneLarge();
+
+    // And one is needed because it needs to choose between oneSmall and
+    // oneLarge based on the current range
+    static Number
+    one();
+
+    template <Integral64 T>
+    [[nodiscard]]
+    std::pair<T, int>
+    normalizeToRange(T minMantissa, T maxMantissa) const;
+
 private:
     static thread_local rounding_mode mode_;
+    // The available ranges for mantissa
+
+    constexpr static MantissaRange smallRange{MantissaRange::small};
+    static_assert(isPowerOfTen(smallRange.min));
+    static_assert(smallRange.min == 1'000'000'000'000'000LL);
+    static_assert(smallRange.max == 9'999'999'999'999'999LL);
+    static_assert(smallRange.log == 15);
+    static_assert(smallRange.min < maxRep);
+    static_assert(smallRange.max < maxRep);
+    constexpr static MantissaRange largeRange{MantissaRange::large};
+    static_assert(isPowerOfTen(largeRange.min));
+    static_assert(largeRange.min == 1'000'000'000'000'000'000ULL);
+    static_assert(largeRange.max == internalrep(9'999'999'999'999'999'999ULL));
+    static_assert(largeRange.log == 18);
+    static_assert(largeRange.min < maxRep);
+    static_assert(largeRange.max > maxRep);
+
+    // The range for the mantissa when normalized.
+    // Use reference_wrapper to avoid making copies, and prevent accidentally
+    // changing the values inside the range.
+    static thread_local std::reference_wrapper<MantissaRange const> range_;
 
     void
     normalize();
-    constexpr bool
+
+    /** Normalize Number components to an arbitrary range.
+     *
+     * min/maxMantissa are parameters because this function is used by both
+     * normalize(), which reads from range_, and by normalizeToRange,
+     * which is public and can accept an arbitrary range from the caller.
+     */
+    template <class T>
+    static void
+    normalize(
+        bool& negative,
+        T& mantissa,
+        int& exponent,
+        internalrep const& minMantissa,
+        internalrep const& maxMantissa);
+
+    template <class T>
+    friend void
+    doNormalize(
+        bool& negative,
+        T& mantissa_,
+        int& exponent_,
+        MantissaRange::rep const& minMantissa,
+        MantissaRange::rep const& maxMantissa);
+
+    bool
     isnormal() const noexcept;
 
+    // Copy the number, but modify the exponent by "exponentDelta". Because the
+    // mantissa doesn't change, the result will be "mostly" normalized, but the
+    // exponent could go out of range, so it will be checked.
+    Number
+    shiftExponent(int exponentDelta) const;
+
+    // Safely convert rep (int64) mantissa to internalrep (uint64). If the rep
+    // is negative, returns the positive value. This takes a little extra work
+    // because converting std::numeric_limits<std::int64_t>::min() flirts with
+    // UB, and can vary across compilers.
+    static internalrep
+    externalToInternal(rep mantissa);
+
     class Guard;
 };
 
+inline constexpr Number::Number(
+    bool negative,
+    internalrep mantissa,
+    int exponent,
+    unchecked) noexcept
+    : negative_(negative), mantissa_{mantissa}, exponent_{exponent}
+{
+}
+
+inline constexpr Number::Number(
+    internalrep mantissa,
+    int exponent,
+    unchecked) noexcept
+    : Number(false, mantissa, exponent, unchecked{})
+{
+}
+
 constexpr static Number numZero{};
 
-inline constexpr Number::Number(rep mantissa, int exponent, unchecked) noexcept
-    : mantissa_{mantissa}, exponent_{exponent}
+inline Number::Number(
+    bool negative,
+    internalrep mantissa,
+    int exponent,
+    normalized)
+    : Number(negative, mantissa, exponent, unchecked{})
+{
+    normalize();
+}
+
+inline Number::Number(internalrep mantissa, int exponent, normalized)
+    : Number(false, mantissa, exponent, normalized{})
 {
 }
 
 inline Number::Number(rep mantissa, int exponent)
-    : mantissa_{mantissa}, exponent_{exponent}
+    : Number(mantissa < 0, externalToInternal(mantissa), exponent, normalized{})
 {
-    normalize();
 }
 
 inline Number::Number(rep mantissa) : Number{mantissa, 0}
 {
 }
 
+/** Returns the mantissa of the external view of the Number.
+ *
+ * Please see the "---- External Interface ----" section of the class
+ * documentation for an explanation of why the internal value may be modified.
+ */
 inline constexpr Number::rep
 Number::mantissa() const noexcept
 {
-    return mantissa_;
+    auto m = mantissa_;
+    if (m > maxRep)
+    {
+        XRPL_ASSERT_PARTS(
+            !isnormal() || (m % 10 == 0 && m / 10 <= maxRep),
+            "xrpl::Number::mantissa",
+            "large normalized mantissa has no remainder");
+        m /= 10;
+    }
+    auto const sign = negative_ ? -1 : 1;
+    return sign * static_cast<Number::rep>(m);
 }
 
+/** Returns the exponent of the external view of the Number.
+ *
+ * Please see the "---- External Interface ----" section of the class
+ * documentation for an explanation of why the internal value may be modified.
+ */
 inline constexpr int
 Number::exponent() const noexcept
 {
-    return exponent_;
+    auto e = exponent_;
+    if (mantissa_ > maxRep)
+    {
+        XRPL_ASSERT_PARTS(
+            !isnormal() || (mantissa_ % 10 == 0 && mantissa_ / 10 <= maxRep),
+            "xrpl::Number::exponent",
+            "large normalized mantissa has no remainder");
+        ++e;
+    }
+    return e;
 }
 
 inline constexpr Number
@@ -226,15 +611,17 @@ Number::operator+() const noexcept
 inline constexpr Number
 Number::operator-() const noexcept
 {
+    if (mantissa_ == 0)
+        return Number{};
     auto x = *this;
-    x.mantissa_ = -x.mantissa_;
+    x.negative_ = !x.negative_;
     return x;
 }
 
 inline Number&
 Number::operator++()
 {
-    *this += Number{1000000000000000, -15, unchecked{}};
+    *this += one();
     return *this;
 }
 
@@ -249,7 +636,7 @@ Number::operator++(int)
 inline Number&
 Number::operator--()
 {
-    *this -= Number{1000000000000000, -15, unchecked{}};
+    *this -= one();
     return *this;
 }
 
@@ -299,30 +686,54 @@ operator/(Number const& x, Number const& y)
     return z;
 }
 
-inline constexpr Number
+inline Number
 Number::min() noexcept
 {
-    return Number{minMantissa, minExponent, unchecked{}};
+    return Number{false, range_.get().min, minExponent, unchecked{}};
 }
 
-inline constexpr Number
+inline Number
 Number::max() noexcept
 {
-    return Number{maxMantissa, maxExponent, unchecked{}};
+    return Number{
+        false, std::min(range_.get().max, maxRep), maxExponent, unchecked{}};
 }
 
-inline constexpr Number
+inline Number
 Number::lowest() noexcept
 {
-    return -Number{maxMantissa, maxExponent, unchecked{}};
+    return Number{
+        true, std::min(range_.get().max, maxRep), maxExponent, unchecked{}};
 }
 
-inline constexpr bool
+inline bool
 Number::isnormal() const noexcept
 {
-    auto const abs_m = mantissa_ < 0 ? -mantissa_ : mantissa_;
-    return minMantissa <= abs_m && abs_m <= maxMantissa &&
-        minExponent <= exponent_ && exponent_ <= maxExponent;
+    MantissaRange const& range = range_;
+    auto const abs_m = mantissa_;
+    return *this == Number{} ||
+        (range.min <= abs_m && abs_m <= range.max &&
+         (abs_m <= maxRep || abs_m % 10 == 0) && minExponent <= exponent_ &&
+         exponent_ <= maxExponent);
+}
+
+template <Integral64 T>
+std::pair<T, int>
+Number::normalizeToRange(T minMantissa, T maxMantissa) const
+{
+    bool negative = negative_;
+    internalrep mantissa = mantissa_;
+    int exponent = exponent_;
+
+    if constexpr (std::is_unsigned_v<T>)
+        XRPL_ASSERT_PARTS(
+            !negative,
+            "xrpl::Number::normalizeToRange",
+            "Number is non-negative for unsigned range.");
+    Number::normalize(negative, mantissa, exponent, minMantissa, maxMantissa);
+
+    auto const sign = negative ? -1 : 1;
+    return std::make_pair(static_cast<T>(sign * mantissa), exponent);
 }
 
 inline constexpr Number
@@ -364,6 +775,20 @@ squelch(Number const& x, Number const& limit) noexcept
     return x;
 }
 
+inline std::string
+to_string(MantissaRange::mantissa_scale const& scale)
+{
+    switch (scale)
+    {
+        case MantissaRange::small:
+            return "small";
+        case MantissaRange::large:
+            return "large";
+        default:
+            throw std::runtime_error("Bad scale");
+    }
+}
+
 class saveNumberRoundMode
 {
     Number::rounding_mode mode_;
@@ -402,6 +827,34 @@ public:
     operator=(NumberRoundModeGuard const&) = delete;
 };
 
+/** Sets the new scale and restores the old scale when it leaves scope.
+ *
+ * If you think you need to use this class outside of unit tests, no you don't.
+ *
+ */
+class NumberMantissaScaleGuard
+{
+    MantissaRange::mantissa_scale const saved_;
+
+public:
+    explicit NumberMantissaScaleGuard(
+        MantissaRange::mantissa_scale scale) noexcept
+        : saved_{Number::getMantissaScale()}
+    {
+        Number::setMantissaScale(scale);
+    }
+
+    ~NumberMantissaScaleGuard()
+    {
+        Number::setMantissaScale(saved_);
+    }
+
+    NumberMantissaScaleGuard(NumberMantissaScaleGuard const&) = delete;
+
+    NumberMantissaScaleGuard&
+    operator=(NumberMantissaScaleGuard const&) = delete;
+};
+
 }  // namespace xrpl
 
 #endif  // XRPL_BASICS_NUMBER_H_INCLUDED

include/xrpl/basics/Slice.h

@@ -152,8 +152,8 @@ public:
 
     /** Return a "sub slice" of given length starting at the given position
 
-        Note that the subslice encompasses the range [pos, pos + rcount),
-        where rcount is the smaller of count and size() - pos.
+        Note that the subslice encompasses the range [pos, pos + rCount),
+        where rCount is the smaller of count and size() - pos.
 
         @param pos position of the first character
         @count requested length

include/xrpl/basics/StringUtilities.h

@@ -31,7 +31,7 @@ template <class Iterator>
 std::optional<Blob>
 strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 {
-    static constexpr std::array<int, 256> const unxtab = []() {
+    static constexpr std::array<int, 256> const digitLookupTable = []() {
         std::array<int, 256> t{};
 
         for (auto& x : t)
@@ -57,7 +57,7 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 
     if (strSize & 1)
     {
-        int c = unxtab[*iter++];
+        int c = digitLookupTable[*iter++];
 
         if (c < 0)
             return {};
@@ -67,12 +67,12 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)
 
     while (iter != end)
     {
-        int cHigh = unxtab[*iter++];
+        int cHigh = digitLookupTable[*iter++];
 
         if (cHigh < 0)
             return {};
 
-        int cLow = unxtab[*iter++];
+        int cLow = digitLookupTable[*iter++];
 
         if (cLow < 0)
             return {};

include/xrpl/beast/container/detail/aged_unordered_container.h

@@ -3189,11 +3189,12 @@ operator==(aged_unordered_container<
 {
     if (size() != other.size())
         return false;
-    for (auto iter(cbegin()), last(cend()), olast(other.cend()); iter != last;
+    for (auto iter(cbegin()), last(cend()), otherLast(other.cend());
+         iter != last;
          ++iter)
     {
-        auto oiter(other.find(extract(*iter)));
-        if (oiter == olast)
+        auto otherIter(other.find(extract(*iter)));
+        if (otherIter == otherLast)
             return false;
     }
     return true;

include/xrpl/beast/core/CurrentThreadName.h

@@ -5,6 +5,8 @@
 #ifndef BEAST_CORE_CURRENT_THREAD_NAME_H_INCLUDED
 #define BEAST_CORE_CURRENT_THREAD_NAME_H_INCLUDED
 
+#include <boost/predef.h>
+
 #include <string>
 #include <string_view>
 
@@ -16,6 +18,31 @@ namespace beast {
 void
 setCurrentThreadName(std::string_view newThreadName);
 
+#if BOOST_OS_LINUX
+
+// On Linux, thread names are limited to 16 bytes including the null terminator.
+// Maximum number of characters is therefore 15.
+constexpr std::size_t maxThreadNameLength = 15;
+
+/** Sets the name of the caller thread with compile-time size checking.
+    @tparam N The size of the string literal including null terminator
+    @param newThreadName A string literal to set as the thread name
+
+    This template overload enforces that thread names are at most 16 characters
+    (including null terminator) at compile time, matching Linux's limit.
+*/
+template <std::size_t N>
+void
+setCurrentThreadName(char const (&newThreadName)[N])
+{
+    static_assert(
+        N <= maxThreadNameLength + 1,
+        "Thread name cannot exceed 15 characters");
+
+    setCurrentThreadName(std::string_view(newThreadName, N - 1));
+}
+#endif
+
 /** Returns the name of the caller thread.
 
     The name returned is the name as set by a call to setCurrentThreadName().

include/xrpl/beast/core/LexicalCast.h

@@ -18,7 +18,7 @@ namespace beast {
 
 namespace detail {
 
-// These specializatons get called by the non-member functions to do the work
+// These specializations get called by the non-member functions to do the work
 template <class Out, class In>
 struct LexicalCast;
 

include/xrpl/beast/hash/hash_append.h

@@ -203,7 +203,7 @@ struct is_contiguously_hashable<T[N], HashAlgorithm>
         Throws:
             Never
         Effect:
-            Returns the reslting hash of all the input data.
+            Returns the resulting hash of all the input data.
 */
 /** @{ */
 

include/xrpl/beast/utility/PropertyStream.h

@@ -376,7 +376,7 @@ public:
         print statement examples
         "parent.child" prints child and all of its children
         "parent.child." start at the parent and print down to child
-        "parent.grandchild" prints nothing- grandchild not direct discendent
+        "parent.grandchild" prints nothing- grandchild not direct descendent
         "parent.grandchild." starts at the parent and prints down to grandchild
         "parent.grandchild.*" starts at parent, print through grandchild
        children

include/xrpl/core/PerfLog.h

@@ -40,7 +40,7 @@ public:
     using microseconds = std::chrono::microseconds;
 
     /**
-     * Configuration from [perf] section of rippled.cfg.
+     * Configuration from [perf] section of xrpld.cfg.
      */
     struct Setup
     {

include/xrpl/json/json_reader.h

@@ -1,8 +1,6 @@
 #ifndef XRPL_JSON_JSON_READER_H_INCLUDED
 #define XRPL_JSON_JSON_READER_H_INCLUDED
 
-#define CPPTL_JSON_READER_H_INCLUDED
-
 #include <xrpl/json/json_forwards.h>
 #include <xrpl/json/json_value.h>
 
@@ -68,7 +66,7 @@ public:
      * error occurred during parsing.
      */
     std::string
-    getFormatedErrorMessages() const;
+    getFormattedErrorMessages() const;
 
     static constexpr unsigned nest_limit{25};
 
@@ -231,4 +229,4 @@ operator>>(std::istream&, Value&);
 
 }  // namespace Json
 
-#endif  // CPPTL_JSON_READER_H_INCLUDED
+#endif  // XRPL_JSON_JSON_READER_H_INCLUDED

include/xrpl/json/json_value.h

@@ -44,7 +44,7 @@ enum ValueType {
 class StaticString
 {
 public:
-    constexpr explicit StaticString(char const* czstring) : str_(czstring)
+    constexpr explicit StaticString(char const* czString) : str_(czString)
     {
     }
 
@@ -682,4 +682,4 @@ public:
 
 }  // namespace Json
 
-#endif  // CPPTL_JSON_H_INCLUDED
+#endif  // XRPL_JSON_JSON_VALUE_H_INCLUDED

include/xrpl/json/json_writer.h

@@ -90,7 +90,7 @@ private:
     void
     writeArrayValue(Value const& value);
     bool
-    isMultineArray(Value const& value);
+    isMultilineArray(Value const& value);
     void
     pushValue(std::string const& value);
     void
@@ -157,7 +157,7 @@ private:
     void
     writeArrayValue(Value const& value);
     bool
-    isMultineArray(Value const& value);
+    isMultilineArray(Value const& value);
     void
     pushValue(std::string const& value);
     void

include/xrpl/ledger/CredentialHelpers.h

@@ -15,7 +15,7 @@ namespace xrpl {
 namespace credentials {
 
 // These function will be used by the code that use DepositPreauth / Credentials
-// (and any future preauthorization modes) as part of authorization (all the
+// (and any future pre-authorization modes) as part of authorization (all the
 // transfer funds transactions)
 
 // Check if credential sfExpiration field has passed ledger's parentCloseTime
@@ -41,7 +41,8 @@ checkFields(STTx const& tx, beast::Journal j);
 
 // Accessing the ledger to check if provided credentials are valid. Do not use
 // in doApply (only in preclaim) since it does not remove expired credentials.
-// If you call it in prelaim, you also must call verifyDepositPreauth in doApply
+// If you call it in preclaim, you also must call verifyDepositPreauth in
+// doApply
 TER
 valid(
     STTx const& tx,

include/xrpl/ledger/Credit.h

@@ -1,5 +1,5 @@
-#ifndef XRPL_APP_PATHS_CREDIT_H_INCLUDED
-#define XRPL_APP_PATHS_CREDIT_H_INCLUDED
+#ifndef XRPL_LEDGER_CREDIT_H_INCLUDED
+#define XRPL_LEDGER_CREDIT_H_INCLUDED
 
 #include <xrpl/ledger/View.h>
 #include <xrpl/protocol/IOUAmount.h>

include/xrpl/ledger/View.h

@@ -61,6 +61,9 @@ enum FreezeHandling { fhIGNORE_FREEZE, fhZERO_IF_FROZEN };
 /** Controls the treatment of unauthorized MPT balances */
 enum AuthHandling { ahIGNORE_AUTH, ahZERO_IF_UNAUTHORIZED };
 
+/** Controls whether to include the account's full spendable balance */
+enum SpendableHandling { shSIMPLE_BALANCE, shFULL_BALANCE };
+
 [[nodiscard]] bool
 isGlobalFrozen(ReadView const& view, AccountID const& issuer);
 
@@ -305,86 +308,57 @@ isLPTokenFrozen(
     Issue const& asset,
     Issue const& asset2);
 
-// Returns the amount an account can spend without going into debt.
+// Returns the amount an account can spend.
 //
-// <-- saAmount: amount of currency held by account. May be negative.
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Asset const& asset,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
-
-// Returns the amount an account can spend total.
+// If shSIMPLE_BALANCE is specified, this is the amount the account can spend
+// without going into debt.
 //
-// These functions use accountHolds, but unlike accountHolds:
-// * The account can go into debt.
-// * If the account is the asset issuer the only limit is defined by the asset /
+// If shFULL_BALANCE is specified, this is the amount the account can spend
+// total. Specifically:
+// * The account can go into debt if using a trust line, and the other side has
+// a non-zero limit.
+// * If the account is the asset issuer the limit is defined by the asset /
 //   issuance.
 //
 // <-- saAmount: amount of currency held by account. May be negative.
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     Currency const& currency,
     AccountID const& issuer,
     FreezeHandling zeroIfFrozen,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     Issue const& issue,
     FreezeHandling zeroIfFrozen,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     MPTIssue const& mptIssue,
     FreezeHandling zeroIfFrozen,
     AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 [[nodiscard]] STAmount
-accountSpendable(
+accountHolds(
     ReadView const& view,
     AccountID const& account,
     Asset const& asset,
     FreezeHandling zeroIfFrozen,
     AuthHandling zeroIfUnauthorized,
-    beast::Journal j);
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
 
 // Returns the amount an account can spend of the currency type saDefault, or
 // returns saDefault if this account is the issuer of the currency in
@@ -655,7 +629,7 @@ createPseudoAccount(
     uint256 const& pseudoOwnerKey,
     SField const& ownerField);
 
-// Returns true iff sleAcct is a pseudo-account or specific
+// Returns true if and only if sleAcct is a pseudo-account or specific
 // pseudo-accounts in pseudoFieldFilter.
 //
 // Returns false if sleAcct is
@@ -710,13 +684,16 @@ checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
  *    - If withdrawing to self, succeed.
  *    - If not, checks if the receiver requires deposit authorization, and if
  *      the sender has it.
+ *    - Checks that the receiver will not exceed the limit (IOU trustline limit
+ *      or MPT MaximumAmount).
  */
 [[nodiscard]] TER
 canWithdraw(
-    AccountID const& from,
     ReadView const& view,
+    AccountID const& from,
     AccountID const& to,
     SLE::const_ref toSle,
+    STAmount const& amount,
     bool hasDestinationTag);
 
 /** Checks that can withdraw funds from an object to itself or a destination.
@@ -730,12 +707,15 @@ canWithdraw(
  *    - If withdrawing to self, succeed.
  *    - If not, checks if the receiver requires deposit authorization, and if
  *      the sender has it.
+ *    - Checks that the receiver will not exceed the limit (IOU trustline limit
+ *      or MPT MaximumAmount).
  */
 [[nodiscard]] TER
 canWithdraw(
-    AccountID const& from,
     ReadView const& view,
+    AccountID const& from,
     AccountID const& to,
+    STAmount const& amount,
     bool hasDestinationTag);
 
 /** Checks that can withdraw funds from an object to itself or a destination.
@@ -749,6 +729,8 @@ canWithdraw(
  *    - If withdrawing to self, succeed.
  *    - If not, checks if the receiver requires deposit authorization, and if
  *      the sender has it.
+ *    - Checks that the receiver will not exceed the limit (IOU trustline limit
+ *      or MPT MaximumAmount).
  */
 [[nodiscard]] TER
 canWithdraw(ReadView const& view, STTx const& tx);

include/xrpl/nodestore/DummyScheduler.h

@@ -6,7 +6,7 @@
 namespace xrpl {
 namespace NodeStore {
 
-/** Simple NodeStore Scheduler that just peforms the tasks synchronously. */
+/** Simple NodeStore Scheduler that just performs the tasks synchronously. */
 class DummyScheduler : public Scheduler
 {
 public:

include/xrpl/nodestore/Manager.h

@@ -55,7 +55,7 @@ public:
             HyperLevelDB, LevelDBFactory, SQLite, MDB
 
         If the fastBackendParameter is omitted or empty, no ephemeral database
-        is used. If the scheduler parameter is omited or unspecified, a
+        is used. If the scheduler parameter is omitted or unspecified, a
         synchronous scheduler is used which performs all tasks immediately on
         the caller's thread.
 

include/xrpl/nodestore/README.md

@@ -96,7 +96,7 @@ Facebook's RocksDB database, builds on LevelDB.
 
 Use SQLite.
 
-'path' speficies where the backend will store its data files.
+'path' specifies where the backend will store its data files.
 
 Choices for 'compression'
 
@@ -130,7 +130,7 @@ newer versions of RocksDB (TBD).
 ## Discussion
 
 RocksDBQuickFactory is intended to provide a testbed for comparing potential
-rocksdb performance with the existing recommended configuration in rippled.cfg.
+rocksdb performance with the existing recommended configuration in xrpld.cfg.
 Through various executions and profiling some conclusions are presented below.
 
 - If the write ahead log is enabled, insert speed soon clogs up under load. The
@@ -161,7 +161,7 @@ Through various executions and profiling some conclusions are presented below.
 
 - Multiple runs of the benchmarks can yield surprisingly different results. This
   can perhaps be attributed to the asynchronous nature of rocksdb's compaction
-  process. The benchmarks are artifical and create highly unlikely write load to
+  process. The benchmarks are artificial and create highly unlikely write load to
   create the dataset to measure different read access patterns. Therefore multiple
   runs of the benchmarks are required to get a feel for the effectiveness of the
   changes. This contrasts sharply with the keyvadb benchmarking were highly

include/xrpl/proto/org/xrpl/rpc/v1/xrp_ledger.proto

@@ -9,7 +9,7 @@ import "org/xrpl/rpc/v1/get_ledger_entry.proto";
 import "org/xrpl/rpc/v1/get_ledger_data.proto";
 import "org/xrpl/rpc/v1/get_ledger_diff.proto";
 
-// These methods are binary only methods for retrieiving arbitrary ledger state
+// These methods are binary only methods for retrieving arbitrary ledger state
 // via gRPC. These methods are used by clio, but can also be
 // used by any client that wants to extract ledger state in an efficient manner.
 // They do not directly mimic the JSON equivalent methods.

include/xrpl/proto/xrpl.proto

@@ -17,9 +17,9 @@ enum MessageType {
   mtHAVE_SET = 35;
   mtVALIDATION = 41;
   mtGET_OBJECTS = 42;
-  mtVALIDATORLIST = 54;
+  mtVALIDATOR_LIST = 54;
   mtSQUELCH = 55;
-  mtVALIDATORLISTCOLLECTION = 56;
+  mtVALIDATOR_LIST_COLLECTION = 56;
   mtPROOF_PATH_REQ = 57;
   mtPROOF_PATH_RESPONSE = 58;
   mtREPLAY_DELTA_REQ = 59;
@@ -308,7 +308,7 @@ message TMSquelch {
 }
 
 enum TMLedgerMapType {
-  lmTRANASCTION = 1;    // transaction map
+  lmTRANSACTION = 1;    // transaction map
   lmACCOUNT_STATE = 2;  // account state map
 }
 

include/xrpl/protocol/AmountConversions.h

@@ -121,7 +121,7 @@ toAmount(
     {
         if (isXRP(issue))
             return STAmount(issue, static_cast<std::int64_t>(n));
-        return STAmount(issue, n.mantissa(), n.exponent());
+        return STAmount(issue, n);
     }
     else
     {

include/xrpl/protocol/HashPrefix.h

@@ -67,9 +67,6 @@ enum class HashPrefix : std::uint32_t {
     /** Payment Channel Claim */
     paymentChannelClaim = detail::make_hash_prefix('C', 'L', 'M'),
 
-    /** Credentials signature */
-    credential = detail::make_hash_prefix('C', 'R', 'D'),
-
     /** Batch */
     batch = detail::make_hash_prefix('B', 'C', 'H'),
 };

include/xrpl/protocol/IOUAmount.h

@@ -20,14 +20,16 @@ namespace xrpl {
 
     Arithmetic operations can throw std::overflow_error during normalization
     if the amount exceeds the largest representable amount, but underflows
-    will silently trunctate to zero.
+    will silently truncate to zero.
 */
 class IOUAmount : private boost::totally_ordered<IOUAmount>,
                   private boost::additive<IOUAmount>
 {
 private:
-    std::int64_t mantissa_;
-    int exponent_;
+    using mantissa_type = std::int64_t;
+    using exponent_type = int;
+    mantissa_type mantissa_;
+    exponent_type exponent_;
 
     /** Adjusts the mantissa and exponent to the proper range.
 
@@ -38,11 +40,14 @@ private:
     void
     normalize();
 
+    static IOUAmount
+    fromNumber(Number const& number);
+
 public:
     IOUAmount() = default;
     explicit IOUAmount(Number const& other);
     IOUAmount(beast::Zero);
-    IOUAmount(std::int64_t mantissa, int exponent);
+    IOUAmount(mantissa_type mantissa, exponent_type exponent);
 
     IOUAmount& operator=(beast::Zero);
 
@@ -71,10 +76,10 @@ public:
     int
     signum() const noexcept;
 
-    int
+    exponent_type
     exponent() const noexcept;
 
-    std::int64_t
+    mantissa_type
     mantissa() const noexcept;
 
     static IOUAmount
@@ -92,7 +97,7 @@ inline IOUAmount::IOUAmount(beast::Zero)
     *this = beast::zero;
 }
 
-inline IOUAmount::IOUAmount(std::int64_t mantissa, int exponent)
+inline IOUAmount::IOUAmount(mantissa_type mantissa, exponent_type exponent)
     : mantissa_(mantissa), exponent_(exponent)
 {
     normalize();
@@ -149,13 +154,13 @@ IOUAmount::signum() const noexcept
     return (mantissa_ < 0) ? -1 : (mantissa_ ? 1 : 0);
 }
 
-inline int
+inline IOUAmount::exponent_type
 IOUAmount::exponent() const noexcept
 {
     return exponent_;
 }
 
-inline std::int64_t
+inline IOUAmount::mantissa_type
 IOUAmount::mantissa() const noexcept
 {
     return mantissa_;

include/xrpl/protocol/Indexes.h

@@ -18,7 +18,7 @@
 namespace xrpl {
 
 class SeqProxy;
-/** Keylet computation funclets.
+/** Keylet computation functions.
 
     Entries in the ledger are located using 256-bit locators. The locators are
     calculated using a wide range of parameters specific to the entry whose

include/xrpl/protocol/Issue.h

@@ -37,6 +37,9 @@ public:
     bool
     native() const;
 
+    bool
+    integral() const;
+
     friend constexpr std::weak_ordering
     operator<=>(Issue const& lhs, Issue const& rhs);
 };

include/xrpl/protocol/MPTIssue.h

@@ -46,6 +46,12 @@ public:
     {
         return false;
     }
+
+    bool
+    integral() const
+    {
+        return true;
+    }
 };
 
 constexpr bool

include/xrpl/protocol/Permissions.h

@@ -29,7 +29,7 @@ enum GranularPermissionType : std::uint32_t {
 #pragma pop_macro("PERMISSION")
 };
 
-enum Delegation { delegatable, notDelegatable };
+enum Delegation { delegable, notDelegable };
 
 class Permission
 {
@@ -38,7 +38,7 @@ private:
 
     std::unordered_map<std::uint16_t, uint256> txFeatureMap_;
 
-    std::unordered_map<std::uint16_t, Delegation> delegatableTx_;
+    std::unordered_map<std::uint16_t, Delegation> delegableTx_;
 
     std::unordered_map<std::string, GranularPermissionType>
         granularPermissionMap_;
@@ -71,8 +71,7 @@ public:
     getTxFeature(TxType txType) const;
 
     bool
-    isDelegatable(std::uint32_t const& permissionValue, Rules const& rules)
-        const;
+    isDelegable(std::uint32_t const& permissionValue, Rules const& rules) const;
 
     // for tx level permission, permission value is equal to tx type plus one
     uint32_t

include/xrpl/protocol/Protocol.h

@@ -179,7 +179,7 @@ static constexpr int loanPaymentsPerFeeIncrement = 5;
  *
  * This limit is enforced during the loan payment process, and thus is not
  * estimated. If the limit is hit, no further payments or overpayments will be
- * processed, no matter how much of the transation Amount is left, but the
+ * processed, no matter how much of the transaction Amount is left, but the
  * transaction will succeed with the payments that have been processed up to
  * that point.
  *
@@ -233,6 +233,7 @@ std::size_t constexpr maxMPTokenMetadataLength = 1024;
 
 /** The maximum amount of MPTokenIssuance */
 std::uint64_t constexpr maxMPTokenAmount = 0x7FFF'FFFF'FFFF'FFFFull;
+static_assert(Number::maxRep >= maxMPTokenAmount);
 
 /** The maximum length of Data payload */
 std::size_t constexpr maxDataPayloadLength = 256;

include/xrpl/protocol/Quality.h

@@ -210,7 +210,7 @@ public:
 
 private:
     // The ceil_in and ceil_out methods that deal in TAmount all convert
-    // their arguments to STAoumout and convert the result back to TAmount.
+    // their arguments to STAmount and convert the result back to TAmount.
     // This helper function takes care of all the conversion operations.
     template <
         class In,

include/xrpl/protocol/SField.h

@@ -135,7 +135,10 @@ public:
         sMD_Always = 0x10,   // value when node containing it is affected at all
         sMD_BaseTen = 0x20,  // value is treated as base 10, overriding behavior
         sMD_PseudoAccount = 0x40,  // if this field is set in an ACCOUNT_ROOT
-        // _only_, then it is a pseudo-account
+                                   // _only_, then it is a pseudo-account
+        sMD_NeedsAsset = 0x80,     // This field needs to be associated with an
+                                   // asset before it is serialized as a ledger
+                                   // object. Intended for STNumber.
         sMD_Default =
             sMD_ChangeOrig | sMD_ChangeNew | sMD_DeleteFinal | sMD_Create
     };

include/xrpl/protocol/STAmount.h

@@ -138,7 +138,7 @@ public:
 
     template <AssetType A>
     STAmount(A const& asset, Number const& number)
-        : STAmount(asset, number.mantissa(), number.exponent())
+        : STAmount(fromNumber(asset, number))
     {
     }
 
@@ -282,6 +282,10 @@ public:
     mpt() const;
 
 private:
+    template <AssetType A>
+    static STAmount
+    fromNumber(A const& asset, Number const& number);
+
     static std::unique_ptr<STAmount>
     construct(SerialIter&, SField const& name);
 
@@ -345,10 +349,19 @@ STAmount::STAmount(
     , mIsNegative(negative)
 {
     // mValue is uint64, but needs to fit in the range of int64
-    XRPL_ASSERT(
-        mValue <= std::numeric_limits<std::int64_t>::max(),
-        "xrpl::STAmount::STAmount(SField, A, std::uint64_t, int, bool) : "
-        "maximum mantissa input");
+    if (Number::getMantissaScale() == MantissaRange::small)
+    {
+        XRPL_ASSERT(
+            mValue <= std::numeric_limits<std::int64_t>::max(),
+            "xrpl::STAmount::STAmount(SField, A, std::uint64_t, int, bool) : "
+            "maximum mantissa input");
+    }
+    else
+    {
+        if (integral() && mValue > std::numeric_limits<std::int64_t>::max())
+            throw std::overflow_error(
+                "STAmount mantissa is too large " + std::to_string(mantissa));
+    }
     canonicalize();
 }
 
@@ -542,14 +555,23 @@ STAmount::operator=(XRPAmount const& amount)
     return *this;
 }
 
-inline STAmount&
-STAmount::operator=(Number const& number)
+template <AssetType A>
+inline STAmount
+STAmount::fromNumber(A const& a, Number const& number)
 {
-    mIsNegative = number.mantissa() < 0;
-    mValue = mIsNegative ? -number.mantissa() : number.mantissa();
-    mOffset = number.exponent();
-    canonicalize();
-    return *this;
+    bool const negative = number.mantissa() < 0;
+    Number const working{negative ? -number : number};
+    Asset asset{a};
+    if (asset.integral())
+    {
+        std::uint64_t const intValue = static_cast<std::int64_t>(working);
+        return STAmount{asset, intValue, 0, negative};
+    }
+
+    auto const [mantissa, exponent] =
+        working.normalizeToRange(cMinValue, cMaxValue);
+
+    return STAmount{asset, mantissa, exponent, negative};
 }
 
 inline void
@@ -699,17 +721,32 @@ getRate(STAmount const& offerOut, STAmount const& offerIn);
  * @param rounding Optional Number rounding mode
  *
  */
-STAmount
+[[nodiscard]] STAmount
 roundToScale(
     STAmount const& value,
     std::int32_t scale,
     Number::rounding_mode rounding = Number::getround());
 
+/** Round an arbitrary precision Number IN PLACE to the precision of a given
+ * Asset.
+ *
+ * This is used to ensure that calculations do not collect dust for IOUs, or
+ * fractional amounts for the integral types XRP and MPT.
+ *
+ * @param asset The relevant asset
+ * @param value The lvalue to be rounded
+ */
+template <AssetType A>
+void
+roundToAsset(A const& asset, Number& value)
+{
+    value = STAmount{asset, value};
+}
+
 /** Round an arbitrary precision Number to the precision of a given Asset.
  *
- * This is used to ensure that calculations do not collect dust beyond the
- * precision of the reference value for IOUs, or fractional amounts for the
- * integral types XRP and MPT.
+ * This is used to ensure that calculations do not collect dust beyond specified
+ * scale for IOUs, or fractional amounts for the integral types XRP and MPT.
  *
  * @param asset The relevant asset
  * @param value The value to be rounded
@@ -718,7 +755,7 @@ roundToScale(
  * @param rounding Optional Number rounding mode
  */
 template <AssetType A>
-Number
+[[nodiscard]] Number
 roundToAsset(
     A const& asset,
     Number const& value,

include/xrpl/protocol/STNumber.h

@@ -4,6 +4,7 @@
 #include <xrpl/basics/CountedObject.h>
 #include <xrpl/basics/Number.h>
 #include <xrpl/protocol/STBase.h>
+#include <xrpl/protocol/STTakesAsset.h>
 
 #include <ostream>
 
@@ -19,8 +20,19 @@ namespace xrpl {
  * it can represent a value of any token type (XRP, IOU, or MPT)
  * without paying the storage cost of duplicating asset information
  * that may be deduced from the context.
+ *
+ * STNumber derives from STTakesAsset, so that it can be associated with the
+ * related Asset during transaction processing. Which asset is relevant depends
+ * on the object and transaction. As of this writing, only Vault, LoanBroker,
+ * and Loan objects use STNumber fields. All of those fields represent amounts
+ * of the Vault's Asset, so they should be associated with the Vault's Asset.
+ *
+ * e.g.
+ *     associateAsset(*loanSle, asset);
+ *     associateAsset(*brokerSle, asset);
+ *     associateAsset(*vaultSle, asset);
  */
-class STNumber : public STBase, public CountedObject<STNumber>
+class STNumber : public STTakesAsset, public CountedObject<STNumber>
 {
 private:
     Number value_;
@@ -56,6 +68,9 @@ public:
     bool
     isDefault() const override;
 
+    void
+    associateAsset(Asset const& a) override;
+
     operator Number() const
     {
         return value_;

include/xrpl/protocol/STTakesAsset.h

@@ -0,0 +1,63 @@
+#ifndef XRPL_PROTOCOL_STTAKESASSET_H_INCLUDED
+#define XRPL_PROTOCOL_STTAKESASSET_H_INCLUDED
+
+#include <xrpl/protocol/Asset.h>
+#include <xrpl/protocol/STBase.h>
+
+namespace xrpl {
+
+/** Intermediate class for any STBase-derived class to store an Asset.
+ *
+ * In the class definition, this class should be specified as a base class
+ * _instead_ of STBase.
+ *
+ * Specifically, the Asset is only stored and used at runtime. It should not be
+ * serialized to the ledger.
+ *
+ * The derived class decides what to do with the Asset, and when. It will not
+ * necessarily be set at any given time. As of this writing, only STNumber uses
+ * it to round the stored Number to the Asset's precision both when associated,
+ * and when serializing the Number.
+ */
+class STTakesAsset : public STBase
+{
+protected:
+    std::optional<Asset> asset_;
+
+public:
+    using STBase::STBase;
+    using STBase::operator=;
+
+    virtual void
+    associateAsset(Asset const& a);
+};
+
+inline void
+STTakesAsset::associateAsset(Asset const& a)
+{
+    asset_.emplace(a);
+}
+
+class STLedgerEntry;
+
+/** Associate an Asset with all sMD_NeedsAsset fields in a ledger entry.
+ *
+ * This function iterates over all fields in the given ledger entry. For each
+ * field that is set and has the SField::sMD_NeedsAsset metadata flag, it calls
+ * `associateAsset` on that field with the given Asset. Such field must be
+ * derived from STTakesAsset - if it is not, the conversion will throw.
+ *
+ * Typically, associateAsset should be called near the end of doApply() of any
+ * Transactor classes on the SLEs of any new or modified ledger entries
+ * containing STNumber fields, after doing all of the modifications t the SLEs.
+ *
+ * @param sle The ledger entry whose fields will be updated.
+ * @param asset The Asset to associate with the relevant fields.
+ *
+ */
+void
+associateAsset(STLedgerEntry& sle, Asset const& asset);
+
+}  // namespace xrpl
+
+#endif

include/xrpl/protocol/SystemParameters.h

@@ -23,6 +23,8 @@ systemName()
 
 /** Number of drops in the genesis account. */
 constexpr XRPAmount INITIAL_XRP{100'000'000'000 * DROPS_PER_XRP};
+static_assert(INITIAL_XRP.drops() == 100'000'000'000'000'000);
+static_assert(Number::maxRep >= INITIAL_XRP.drops());
 
 /** Returns true if the amount does not exceed the initial XRP in existence. */
 inline bool

include/xrpl/protocol/TxFlags.h

@@ -277,7 +277,7 @@ constexpr std::uint32_t const tfLoanOverpayment = 0x00010000;
 // interest and fees, or it will fail. False: Not a full payment.
 constexpr std::uint32_t const tfLoanFullPayment = 0x00020000;
 // tfLoanLatePayment: True, indicates that the payment is late,
-// and includes late iterest and fees. If the loan is not late,
+// and includes late interest and fees. If the loan is not late,
 // it will fail. False: not a late payment. If the current payment
 // is overdue, the transaction will fail.
 constexpr std::uint32_t const tfLoanLatePayment = 0x00040000;

include/xrpl/protocol/XChainAttestations.h

@@ -33,12 +33,12 @@ struct AttestationBase
     // Account on the sending chain that triggered the event (sent the
     // transaction)
     AccountID sendingAccount;
-    // Amount transfered on the sending chain
+    // Amount transferred on the sending chain
     STAmount sendingAmount;
     // Account on the destination chain that collects a share of the attestation
     // reward
     AccountID rewardAccount;
-    // Amount was transfered on the locking chain
+    // Amount was transferred on the locking chain
     bool wasLockingChainSend;
 
     explicit AttestationBase(
@@ -354,7 +354,7 @@ struct XChainCreateAccountAttestation
         XChainCreateAccountAttestation const& rhs);
 };
 
-// Attestations from witness servers for a particular claimid and bridge.
+// Attestations from witness servers for a particular claim ID and bridge.
 // Only one attestation per signature is allowed.
 template <class TAttestation>
 class XChainAttestationsBase

include/xrpl/protocol/detail/STVar.h

@@ -42,7 +42,7 @@ concept ValidConstructSTArgs =
 class STVar
 {
 private:
-    // The largest "small object" we can accomodate
+    // The largest "small object" we can accommodate
     static std::size_t constexpr max_size = 72;
 
     std::aligned_storage<max_size>::type d_;

include/xrpl/protocol/detail/features.macro

@@ -16,7 +16,8 @@
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
 
-XRPL_FEATURE(LendingProtocol,            Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FIX    (BatchInnerSigs,             Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(LendingProtocol,            Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(PermissionDelegationV1_1,   Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FIX    (DirectoryLimit,             Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (IncludeKeyletFields,        Supported::yes, VoteBehavior::DefaultNo)
@@ -30,7 +31,7 @@ XRPL_FIX    (EnforceNFTokenTrustlineV2,  Supported::yes, VoteBehavior::DefaultNo
 XRPL_FIX    (AMMv1_3,                    Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(PermissionedDEX,            Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(Batch,                      Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(SingleAssetVault,           Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FEATURE(SingleAssetVault,           Supported::yes,  VoteBehavior::DefaultNo)
 XRPL_FIX    (PayChanCancelAfter,         Supported::yes, VoteBehavior::DefaultNo)
 // Check flags in Credential transactions
 XRPL_FIX    (InvalidTxFlags,             Supported::yes, VoteBehavior::DefaultNo)

include/xrpl/protocol/detail/ledger_entries.macro

@@ -237,7 +237,7 @@ LEDGER_ENTRY(ltOFFER, 0x006f, Offer, offer, ({
     {sfAdditionalBooks,      soeOPTIONAL},
 }))
 
-/** A ledger object which describes a deposit preauthorization.
+/** A ledger object which describes a deposit pre-authorization.
 
     \sa keylet::depositPreauth
  */
@@ -541,7 +541,7 @@ LEDGER_ENTRY(ltLOAN, 0x0089, Loan, loan, ({
     {sfStartDate,            soeREQUIRED},
     {sfPaymentInterval,      soeREQUIRED},
     {sfGracePeriod,          soeDEFAULT},
-    {sfPreviousPaymentDate,  soeDEFAULT},
+    {sfPreviousPaymentDueDate, soeDEFAULT},
     {sfNextPaymentDueDate,   soeDEFAULT},
     // The loan object tracks these values:
     //
@@ -577,7 +577,7 @@ LEDGER_ENTRY(ltLOAN, 0x0089, Loan, loan, ({
     // - TrueTotalLoanValue = PaymentRemaining * PeriodicPayment
     //   The unrounded true total value of the loan.
     //
-    // - TrueTotalPrincialOutstanding can be computed using the algorithm
+    // - TrueTotalPrincipalOutstanding can be computed using the algorithm
     //   in the ripple::detail::loanPrincipalFromPeriodicPayment function.
     //
     // - TrueTotalInterestOutstanding = TrueTotalLoanValue -

include/xrpl/protocol/detail/sfields.macro

@@ -102,7 +102,7 @@ TYPED_SFIELD(sfMutableFlags,             UINT32,    53)
 TYPED_SFIELD(sfStartDate,                UINT32,    54)
 TYPED_SFIELD(sfPaymentInterval,          UINT32,    55)
 TYPED_SFIELD(sfGracePeriod,              UINT32,    56)
-TYPED_SFIELD(sfPreviousPaymentDate,      UINT32,    57)
+TYPED_SFIELD(sfPreviousPaymentDueDate,   UINT32,    57)
 TYPED_SFIELD(sfNextPaymentDueDate,       UINT32,    58)
 TYPED_SFIELD(sfPaymentRemaining,         UINT32,    59)
 TYPED_SFIELD(sfPaymentTotal,             UINT32,    60)
@@ -207,22 +207,22 @@ TYPED_SFIELD(sfLoanID,                   UINT256,   38)
 
 // number (common)
 TYPED_SFIELD(sfNumber,                   NUMBER,     1)
-TYPED_SFIELD(sfAssetsAvailable,          NUMBER,     2)
-TYPED_SFIELD(sfAssetsMaximum,            NUMBER,     3)
-TYPED_SFIELD(sfAssetsTotal,              NUMBER,     4)
-TYPED_SFIELD(sfLossUnrealized,           NUMBER,     5)
-TYPED_SFIELD(sfDebtTotal,                NUMBER,     6)
-TYPED_SFIELD(sfDebtMaximum,              NUMBER,     7)
-TYPED_SFIELD(sfCoverAvailable,           NUMBER,     8)
+TYPED_SFIELD(sfAssetsAvailable,          NUMBER,     2, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfAssetsMaximum,            NUMBER,     3, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfAssetsTotal,              NUMBER,     4, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfLossUnrealized,           NUMBER,     5, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfDebtTotal,                NUMBER,     6, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfDebtMaximum,              NUMBER,     7, SField::sMD_NeedsAsset | SField::sMD_Default)
+TYPED_SFIELD(sfCoverAvailable,           NUMBER,     8, SField::sMD_NeedsAsset | SField::sMD_Default)
 TYPED_SFIELD(sfLoanOriginationFee,       NUMBER,     9)
 TYPED_SFIELD(sfLoanServiceFee,           NUMBER,     10)
 TYPED_SFIELD(sfLatePaymentFee,           NUMBER,     11)
 TYPED_SFIELD(sfClosePaymentFee,          NUMBER,     12)
-TYPED_SFIELD(sfPrincipalOutstanding,     NUMBER,     13)
+TYPED_SFIELD(sfPrincipalOutstanding,     NUMBER,     13, SField::sMD_NeedsAsset | SField::sMD_Default)
 TYPED_SFIELD(sfPrincipalRequested,       NUMBER,     14)
-TYPED_SFIELD(sfTotalValueOutstanding,    NUMBER,     15)
+TYPED_SFIELD(sfTotalValueOutstanding,    NUMBER,     15, SField::sMD_NeedsAsset | SField::sMD_Default)
 TYPED_SFIELD(sfPeriodicPayment,          NUMBER,     16)
-TYPED_SFIELD(sfManagementFeeOutstanding, NUMBER,     17)
+TYPED_SFIELD(sfManagementFeeOutstanding, NUMBER,     17, SField::sMD_NeedsAsset | SField::sMD_Default)
 
 // int32
 TYPED_SFIELD(sfLoanScale,                INT32,      1)

include/xrpl/protocol/detail/transactions.macro

@@ -3,7 +3,7 @@
 #endif
 
 /**
- * TRANSACTION(tag, value, name, delegatable, amendments, privileges, fields)
+ * TRANSACTION(tag, value, name, delegable, amendments, privileges, fields)
  *
  * To ease maintenance, you may replace any unneeded values with "..."
  * e.g. #define TRANSACTION(tag, value, name, ...)
@@ -25,7 +25,7 @@
 #   include <xrpld/app/tx/detail/Payment.h>
 #endif
 TRANSACTION(ttPAYMENT, 0, Payment,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     createAcct,
     ({
@@ -45,7 +45,7 @@ TRANSACTION(ttPAYMENT, 0, Payment,
 #   include <xrpld/app/tx/detail/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -59,7 +59,7 @@ TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
 
 /** This transaction type completes an existing escrow. */
 TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -76,7 +76,7 @@ TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
 #   include <xrpld/app/tx/detail/SetAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -97,7 +97,7 @@ TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
 #   include <xrpld/app/tx/detail/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -110,7 +110,7 @@ TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
 #   include <xrpld/app/tx/detail/SetRegularKey.h>
 #endif
 TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -124,7 +124,7 @@ TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
 #   include <xrpld/app/tx/detail/CreateOffer.h>
 #endif
 TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -140,7 +140,7 @@ TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
 #   include <xrpld/app/tx/detail/CancelOffer.h>
 #endif
 TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -154,7 +154,7 @@ TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
 #   include <xrpld/app/tx/detail/CreateTicket.h>
 #endif
 TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -170,7 +170,7 @@ TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
 #   include <xrpld/app/tx/detail/SetSignerList.h>
 #endif
 TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -183,7 +183,7 @@ TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
 #   include <xrpld/app/tx/detail/PayChan.h>
 #endif
 TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -197,7 +197,7 @@ TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
 
 /** This transaction type funds an existing unidirectional XRP payment channel. */
 TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -208,7 +208,7 @@ TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
 
 /** This transaction type submits a claim against an existing unidirectional payment channel. */
 TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -225,7 +225,7 @@ TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
 #   include <xrpld/app/tx/detail/CreateCheck.h>
 #endif
 TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -241,7 +241,7 @@ TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
 #   include <xrpld/app/tx/detail/CashCheck.h>
 #endif
 TRANSACTION(ttCHECK_CASH, 17, CheckCash,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -255,7 +255,7 @@ TRANSACTION(ttCHECK_CASH, 17, CheckCash,
 #   include <xrpld/app/tx/detail/CancelCheck.h>
 #endif
 TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -267,7 +267,7 @@ TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
 #   include <xrpld/app/tx/detail/DepositPreauth.h>
 #endif
 TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -282,7 +282,7 @@ TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
 #   include <xrpld/app/tx/detail/SetTrust.h>
 #endif
 TRANSACTION(ttTRUST_SET, 20, TrustSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -296,7 +296,7 @@ TRANSACTION(ttTRUST_SET, 20, TrustSet,
 #   include <xrpld/app/tx/detail/DeleteAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     mustDeleteAcct,
     ({
@@ -312,7 +312,7 @@ TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
 #   include <xrpld/app/tx/detail/NFTokenMint.h>
 #endif
 TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     changeNFTCounts,
     ({
@@ -330,7 +330,7 @@ TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
 #   include <xrpld/app/tx/detail/NFTokenBurn.h>
 #endif
 TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     changeNFTCounts,
     ({
@@ -343,7 +343,7 @@ TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
 #   include <xrpld/app/tx/detail/NFTokenCreateOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -359,7 +359,7 @@ TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
 #   include <xrpld/app/tx/detail/NFTokenCancelOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -371,7 +371,7 @@ TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
 #   include <xrpld/app/tx/detail/NFTokenAcceptOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
-    Delegation::delegatable,
+    Delegation::delegable,
     uint256{},
     noPriv,
     ({
@@ -385,7 +385,7 @@ TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
 #   include <xrpld/app/tx/detail/Clawback.h>
 #endif
 TRANSACTION(ttCLAWBACK, 30, Clawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureClawback,
     noPriv,
     ({
@@ -398,7 +398,7 @@ TRANSACTION(ttCLAWBACK, 30, Clawback,
 #   include <xrpld/app/tx/detail/AMMClawback.h>
 #endif
 TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMMClawback,
     mayDeleteAcct | overrideFreeze,
     ({
@@ -413,7 +413,7 @@ TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback,
 #   include <xrpld/app/tx/detail/AMMCreate.h>
 #endif
 TRANSACTION(ttAMM_CREATE, 35, AMMCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     createPseudoAcct,
     ({
@@ -427,7 +427,7 @@ TRANSACTION(ttAMM_CREATE, 35, AMMCreate,
 #   include <xrpld/app/tx/detail/AMMDeposit.h>
 #endif
 TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     noPriv,
     ({
@@ -445,7 +445,7 @@ TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit,
 #   include <xrpld/app/tx/detail/AMMWithdraw.h>
 #endif
 TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     mayDeleteAcct,
     ({
@@ -462,7 +462,7 @@ TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw,
 #   include <xrpld/app/tx/detail/AMMVote.h>
 #endif
 TRANSACTION(ttAMM_VOTE, 38, AMMVote,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     noPriv,
     ({
@@ -476,7 +476,7 @@ TRANSACTION(ttAMM_VOTE, 38, AMMVote,
 #   include <xrpld/app/tx/detail/AMMBid.h>
 #endif
 TRANSACTION(ttAMM_BID, 39, AMMBid,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     noPriv,
     ({
@@ -492,7 +492,7 @@ TRANSACTION(ttAMM_BID, 39, AMMBid,
 #   include <xrpld/app/tx/detail/AMMDelete.h>
 #endif
 TRANSACTION(ttAMM_DELETE, 40, AMMDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureAMM,
     mustDeleteAcct,
     ({
@@ -505,7 +505,7 @@ TRANSACTION(ttAMM_DELETE, 40, AMMDelete,
 #   include <xrpld/app/tx/detail/XChainBridge.h>
 #endif
 TRANSACTION(ttXCHAIN_CREATE_CLAIM_ID, 41, XChainCreateClaimID,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -516,7 +516,7 @@ TRANSACTION(ttXCHAIN_CREATE_CLAIM_ID, 41, XChainCreateClaimID,
 
 /** This transactions initiates a crosschain transaction */
 TRANSACTION(ttXCHAIN_COMMIT, 42, XChainCommit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -528,7 +528,7 @@ TRANSACTION(ttXCHAIN_COMMIT, 42, XChainCommit,
 
 /** This transaction completes a crosschain transaction */
 TRANSACTION(ttXCHAIN_CLAIM, 43, XChainClaim,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -541,7 +541,7 @@ TRANSACTION(ttXCHAIN_CLAIM, 43, XChainClaim,
 
 /** This transaction initiates a crosschain account create transaction */
 TRANSACTION(ttXCHAIN_ACCOUNT_CREATE_COMMIT, 44, XChainAccountCreateCommit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -553,7 +553,7 @@ TRANSACTION(ttXCHAIN_ACCOUNT_CREATE_COMMIT, 44, XChainAccountCreateCommit,
 
 /** This transaction adds an attestation to a claim */
 TRANSACTION(ttXCHAIN_ADD_CLAIM_ATTESTATION, 45, XChainAddClaimAttestation,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     createAcct,
     ({
@@ -574,7 +574,7 @@ TRANSACTION(ttXCHAIN_ADD_CLAIM_ATTESTATION, 45, XChainAddClaimAttestation,
 /** This transaction adds an attestation to an account */
 TRANSACTION(ttXCHAIN_ADD_ACCOUNT_CREATE_ATTESTATION, 46,
     XChainAddAccountCreateAttestation,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     createAcct,
     ({
@@ -595,7 +595,7 @@ TRANSACTION(ttXCHAIN_ADD_ACCOUNT_CREATE_ATTESTATION, 46,
 
 /** This transaction modifies a sidechain */
 TRANSACTION(ttXCHAIN_MODIFY_BRIDGE, 47, XChainModifyBridge,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -606,7 +606,7 @@ TRANSACTION(ttXCHAIN_MODIFY_BRIDGE, 47, XChainModifyBridge,
 
 /** This transactions creates a sidechain */
 TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureXChainBridge,
     noPriv,
     ({
@@ -620,7 +620,7 @@ TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
 #   include <xrpld/app/tx/detail/DID.h>
 #endif
 TRANSACTION(ttDID_SET, 49, DIDSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureDID,
     noPriv,
     ({
@@ -631,7 +631,7 @@ TRANSACTION(ttDID_SET, 49, DIDSet,
 
 /** This transaction type deletes a DID */
 TRANSACTION(ttDID_DELETE, 50, DIDDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureDID,
     noPriv,
     ({}))
@@ -641,7 +641,7 @@ TRANSACTION(ttDID_DELETE, 50, DIDDelete,
 #   include <xrpld/app/tx/detail/SetOracle.h>
 #endif
 TRANSACTION(ttORACLE_SET, 51, OracleSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePriceOracle,
     noPriv,
     ({
@@ -658,7 +658,7 @@ TRANSACTION(ttORACLE_SET, 51, OracleSet,
 #   include <xrpld/app/tx/detail/DeleteOracle.h>
 #endif
 TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePriceOracle,
     noPriv,
     ({
@@ -670,7 +670,7 @@ TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
 #   include <xrpld/app/tx/detail/LedgerStateFix.h>
 #endif
 TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix,
-    Delegation::delegatable,
+    Delegation::delegable,
     fixNFTokenPageLinks,
     noPriv,
     ({
@@ -683,7 +683,7 @@ TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix,
 #   include <xrpld/app/tx/detail/MPTokenIssuanceCreate.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     createMPTIssuance,
     ({
@@ -700,7 +700,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate,
 #   include <xrpld/app/tx/detail/MPTokenIssuanceDestroy.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     destroyMPTIssuance,
     ({
@@ -712,7 +712,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy,
 #   include <xrpld/app/tx/detail/MPTokenIssuanceSet.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     noPriv,
     ({
@@ -729,7 +729,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
 #   include <xrpld/app/tx/detail/MPTokenAuthorize.h>
 #endif
 TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureMPTokensV1,
     mustAuthorizeMPT,
     ({
@@ -742,7 +742,7 @@ TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
 #   include <xrpld/app/tx/detail/Credentials.h>
 #endif
 TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureCredentials,
     noPriv,
     ({
@@ -754,7 +754,7 @@ TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
 
 /** This transaction type accept an Credential object */
 TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureCredentials,
     noPriv,
     ({
@@ -764,7 +764,7 @@ TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
 
 /** This transaction type delete an Credential object */
 TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureCredentials,
     noPriv,
     ({
@@ -778,7 +778,7 @@ TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
 #   include <xrpld/app/tx/detail/NFTokenModify.h>
 #endif
 TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureDynamicNFT,
     noPriv,
     ({
@@ -792,7 +792,7 @@ TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify,
 #   include <xrpld/app/tx/detail/PermissionedDomainSet.h>
 #endif
 TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePermissionedDomains,
     noPriv,
     ({
@@ -805,7 +805,7 @@ TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet,
 #   include <xrpld/app/tx/detail/PermissionedDomainDelete.h>
 #endif
 TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featurePermissionedDomains,
     noPriv,
     ({
@@ -817,7 +817,7 @@ TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
 #   include <xrpld/app/tx/detail/DelegateSet.h>
 #endif
 TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     featurePermissionDelegationV1_1,
     noPriv,
     ({
@@ -830,7 +830,7 @@ TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
 #   include <xrpld/app/tx/detail/VaultCreate.h>
 #endif
 TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     createPseudoAcct | createMPTIssuance | mustModifyVault,
     ({
@@ -848,7 +848,7 @@ TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
 #   include <xrpld/app/tx/detail/VaultSet.h>
 #endif
 TRANSACTION(ttVAULT_SET, 66, VaultSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mustModifyVault,
     ({
@@ -863,7 +863,7 @@ TRANSACTION(ttVAULT_SET, 66, VaultSet,
 #   include <xrpld/app/tx/detail/VaultDelete.h>
 #endif
 TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mustDeleteAcct | destroyMPTIssuance | mustModifyVault,
     ({
@@ -875,7 +875,7 @@ TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
 #   include <xrpld/app/tx/detail/VaultDeposit.h>
 #endif
 TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayAuthorizeMPT | mustModifyVault,
     ({
@@ -888,7 +888,7 @@ TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
 #   include <xrpld/app/tx/detail/VaultWithdraw.h>
 #endif
 TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayDeleteMPT | mayAuthorizeMPT | mustModifyVault,
     ({
@@ -903,7 +903,7 @@ TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
 #   include <xrpld/app/tx/detail/VaultClawback.h>
 #endif
 TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayDeleteMPT | mustModifyVault,
     ({
@@ -917,7 +917,7 @@ TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
 #   include <xrpld/app/tx/detail/Batch.h>
 #endif
 TRANSACTION(ttBATCH, 71, Batch,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     featureBatch,
     noPriv,
     ({
@@ -932,7 +932,7 @@ TRANSACTION(ttBATCH, 71, Batch,
 #   include <xrpld/app/tx/detail/LoanBrokerSet.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     createPseudoAcct | mayAuthorizeMPT, ({
     {sfVaultID, soeREQUIRED},
@@ -949,7 +949,7 @@ TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
 #   include <xrpld/app/tx/detail/LoanBrokerDelete.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mustDeleteAcct | mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -960,7 +960,7 @@ TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
 #   include <xrpld/app/tx/detail/LoanBrokerCoverDeposit.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -972,7 +972,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
 #   include <xrpld/app/tx/detail/LoanBrokerCoverWithdraw.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -987,7 +987,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
 #   include <xrpld/app/tx/detail/LoanBrokerCoverClawback.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeOPTIONAL},
@@ -999,7 +999,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
 #   include <xrpld/app/tx/detail/LoanSet.h>
 #endif
 TRANSACTION(ttLOAN_SET, 80, LoanSet,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -1026,7 +1026,7 @@ TRANSACTION(ttLOAN_SET, 80, LoanSet,
 #   include <xrpld/app/tx/detail/LoanDelete.h>
 #endif
 TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanID, soeREQUIRED},
@@ -1037,7 +1037,7 @@ TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
 #   include <xrpld/app/tx/detail/LoanManage.h>
 #endif
 TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     // All of the LoanManage options will modify the vault, but the
     // transaction can succeed without options, essentially making it
@@ -1051,7 +1051,7 @@ TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
 #   include <xrpld/app/tx/detail/LoanPay.h>
 #endif
 TRANSACTION(ttLOAN_PAY, 84, LoanPay,
-    Delegation::delegatable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanID, soeREQUIRED},
@@ -1066,7 +1066,7 @@ TRANSACTION(ttLOAN_PAY, 84, LoanPay,
 #   include <xrpld/app/tx/detail/Change.h>
 #endif
 TRANSACTION(ttAMENDMENT, 100, EnableAmendment,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -1078,7 +1078,7 @@ TRANSACTION(ttAMENDMENT, 100, EnableAmendment,
     For details, see: https://xrpl.org/fee-voting.html
  */
 TRANSACTION(ttFEE, 101, SetFee,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({
@@ -1099,7 +1099,7 @@ TRANSACTION(ttFEE, 101, SetFee,
     For details, see: https://xrpl.org/negative-unl.html
  */
 TRANSACTION(ttUNL_MODIFY, 102, UNLModify,
-    Delegation::notDelegatable,
+    Delegation::notDelegable,
     uint256{},
     noPriv,
     ({

include/xrpl/resource/README.md

@@ -66,7 +66,7 @@ values over time: this is implemented by the DecayingSample class.
 Each server in a cluster creates a list of IP addresses of end points
 that are imposing a significant load. This list is called Gossip, which
 is passed to other nodes in that cluster. Gossip helps individual
-servers in the cluster identify IP addreses that might be unduly loading
+servers in the cluster identify IP addresses that might be unduly loading
 the entire cluster. Again the recourse of the individual servers is to
 drop connections to those IP addresses that occur commonly in the gossip.
 

include/xrpl/resource/detail/Logic.h

@@ -61,7 +61,7 @@ private:
     // List of all active admin entries
     EntryIntrusiveList admin_;
 
-    // List of all inactve entries
+    // List of all inactive entries
     EntryIntrusiveList inactive_;
 
     // All imported gossip data

include/xrpl/server/detail/LowestLayer.h

@@ -9,7 +9,7 @@
 
 namespace xrpl {
 
-// Before boost 1.70, get_lowest_layer required an explicit templat parameter
+// Before boost 1.70, get_lowest_layer required an explicit template parameter
 template <class T>
 decltype(auto)
 get_lowest_layer(T& t) noexcept

include/xrpl/shamap/README.md

@@ -226,7 +226,7 @@ The `fetchNodeNT()` method goes through three phases:
 
     Any SHAMapLeafNode that is immutable has a sequence number of zero
     (sharable). When a mutable `SHAMap` is created then its SHAMapTreeNodes are
-    given non-zero sequence numbers (unsharable). But all nodes in the
+    given non-zero sequence numbers (unshareable). But all nodes in the
     TreeNodeCache are immutable, so if one is found here, its sequence number
     will be 0.
 

include/xrpl/shamap/SHAMapItem.h

@@ -125,13 +125,13 @@ intrusive_ptr_release(SHAMapItem const* x)
     {
         auto p = reinterpret_cast<std::uint8_t const*>(x);
 
-        // The SHAMapItem constuctor isn't trivial (because the destructor
+        // The SHAMapItem constructor isn't trivial (because the destructor
         // for CountedObject isn't) so we can't avoid calling it here, but
         // plan for a future where we might not need to.
         if constexpr (!std::is_trivially_destructible_v<SHAMapItem>)
             std::destroy_at(x);
 
-        // If the slabber doens't claim this pointer, it was allocated
+        // If the slabber doesn't claim this pointer, it was allocated
         // manually, so we free it manually.
         if (!detail::slabber.deallocate(const_cast<std::uint8_t*>(p)))
             delete[] p;

sanitizers/suppressions/asan.supp

@@ -1,6 +1,6 @@
-# The idea is to empty this file gradually by fixing the underlying issues and removing suppresions.
+# The idea is to empty this file gradually by fixing the underlying issues and removing suppressions.
 #
-# ASAN_OPTIONS="detect_container_overflow=0 suppressions=sanitizers/suppressions/asan.supp halt_on_error=0"
+# ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=sanitizers/suppressions/asan.supp:halt_on_error=0"
 #
 # The detect_container_overflow=0 option disables false positives from:
 # - Boost intrusive containers (slist_iterator.hpp, hashtable.hpp, aged_unordered_container.h)
@@ -27,8 +27,3 @@ interceptor_name:memcpy
 interceptor_name:__bzero
 interceptor_name:__asan_memset
 interceptor_name:__asan_memcpy
-
-# stack-use-after-scope
-interceptor_name:src/test/app/Invariants_test.cpp
-interceptor_name:xrpl/protocol/STObject.h
-interceptor_name:xrpl/protocol/STAccount.h

sanitizers/suppressions/sanitizer-ignorelist.txt

@@ -1,18 +1,19 @@
-deadlock:libxrpl/beast/utility/beast_Journal.cpp
+# We were seeing some false positives and some repeated errors(since these are library files) in following files.
+# Clang will skip instrumenting the files added here.
+# We should fix the underlying issues(if any) and remove these entries.
+
 deadlock:libxrpl/beast/utility/beast_Journal.cpp
 deadlock:libxrpl/beast/utility/beast_PropertyStream.cpp
 deadlock:test/beast/beast_PropertyStream_test.cpp
 deadlock:xrpld/core/detail/Workers.cpp
 deadlock:xrpld/core/JobQueue.cpp
 
-race:libxrpl/beast/utility/beast_Journal.cpp
 race:libxrpl/beast/utility/beast_Journal.cpp
 race:libxrpl/beast/utility/beast_PropertyStream.cpp
 race:test/beast/beast_PropertyStream_test.cpp
 race:xrpld/core/detail/Workers.cpp
 race:xrpld/core/JobQueue.cpp
 
-signal:libxrpl/beast/utility/beast_Journal.cpp
 signal:libxrpl/beast/utility/beast_Journal.cpp
 signal:libxrpl/beast/utility/beast_PropertyStream.cpp
 signal:test/beast/beast_PropertyStream_test.cpp

src/libxrpl/basics/make_SSLContext.cpp

@@ -28,7 +28,7 @@ namespace xrpl {
 namespace openssl {
 namespace detail {
 
-/** The default strength of self-signed RSA certifices.
+/** The default strength of self-signed RSA certificates.
 
     Per NIST Special Publication 800-57 Part 3, 2048-bit RSA is still
     considered acceptably secure. Generally, we would want to go above
@@ -131,7 +131,7 @@ initAnonymous(boost::asio::ssl::context& context)
             LogicError("X509_new failed");
 
         // According to the standards (X.509 et al), the value should be one
-        // less than the actualy certificate version we want. Since we want
+        // less than the actually certificate version we want. Since we want
         // version 3, we must use a 2.
         X509_set_version(x509, 2);
 

src/libxrpl/beast/core/CurrentThreadName.cpp

@@ -1,7 +1,5 @@
 #include <xrpl/beast/core/CurrentThreadName.h>
 
-#include <boost/predef.h>
-
 #include <string>
 #include <string_view>
 
@@ -73,12 +71,32 @@ setCurrentThreadNameImpl(std::string_view name)
 #if BOOST_OS_LINUX
 #include <pthread.h>
 
+#include <iostream>
+
 namespace beast::detail {
 
 inline void
 setCurrentThreadNameImpl(std::string_view name)
 {
-    pthread_setname_np(pthread_self(), name.data());
+    // truncate and set the thread name.
+    char boundedName[maxThreadNameLength + 1];
+    std::snprintf(
+        boundedName,
+        sizeof(boundedName),
+        "%.*s",
+        static_cast<int>(maxThreadNameLength),
+        name.data());
+
+    pthread_setname_np(pthread_self(), boundedName);
+
+#ifdef TRUNCATED_THREAD_NAME_LOGS
+    if (name.size() > maxThreadNameLength)
+    {
+        std::cerr << "WARNING: Thread name \"" << name << "\" (length "
+                  << name.size() << ") exceeds maximum of "
+                  << maxThreadNameLength << " characters on Linux.\n";
+    }
+#endif
 }
 
 }  // namespace beast::detail

src/libxrpl/beast/net/IPAddressV4.cpp

@@ -24,7 +24,7 @@ is_public(AddressV4 const& addr)
 char
 get_class(AddressV4 const& addr)
 {
-    static char const* table = "AAAABBCD";
+    static char const* table = "AAAABBCD";  // cspell:disable-line
     return table[(addr.to_uint() & 0xE0000000) >> 29];
 }
 

src/libxrpl/core/detail/LoadMonitor.cpp

@@ -66,7 +66,7 @@ LoadMonitor::update()
 
         "Imagine if you add 10 to something every second. And you
          also reduce it by 1/4 every second. It will "idle" at 40,
-         correponding to 10 counts per second."
+         corresponding to 10 counts per second."
     */
     do
     {