Add ZKP and ciphertext malleability tests (#6999 )

fix: assorted safety checks (#7030 )
Test inconsistent C1 for ConfidentialMPTSend (#7017 )
2026-04-29 15:37:57 +00:00 · 2026-04-28 11:25:40 -04:00 · 2026-04-27 14:36:54 -04:00 · 2026-04-24 15:03:26 -04:00 · 2026-04-23 12:24:22 -04:00 · 2026-04-23 11:38:05 -04:00
1437 changed files with 85085 additions and 20407 deletions
--- a/.clang-format
+++ b/.clang-format
@@ -50,20 +50,21 @@ ForEachMacros: [Q_FOREACH, BOOST_FOREACH]
 IncludeBlocks: Regroup
 IncludeCategories:
  - Regex: "^<(test)/"
-    Priority: 0
-  - Regex: "^<(xrpld)/"
    Priority: 1
-  - Regex: "^<(xrpl)/"
+  - Regex: "^<(xrpld)/"
    Priority: 2
-  - Regex: "^<(boost)/"
+  - Regex: "^<(xrpl)/"
    Priority: 3
-  - Regex: "^.*/"
+  - Regex: "^<(boost)/"
    Priority: 4
-  - Regex: '^.*\.h'
+  - Regex: "^.*/"
    Priority: 5
-  - Regex: ".*"
+  - Regex: '^.*\.h'
    Priority: 6
+  - Regex: ".*"
+    Priority: 7
 IncludeIsMainRegex: "$"
+MainIncludeChar: AngleBracket
 IndentCaseLabels: true
 IndentFunctionDeclarationAfterType: false
 IndentRequiresClause: true
--- a/.clang-tidy
+++ b/.clang-tidy
@@ -1,4 +1,6 @@
 ---
+# This entire group of checks was applied to all cpp files but not all header files.
+# ---
 Checks: "-*,
  bugprone-argument-comment,
  bugprone-assert-side-effect,
@@ -71,7 +73,7 @@ Checks: "-*,
  bugprone-unhandled-self-assignment,
  bugprone-unique-ptr-array-mismatch,
  bugprone-unsafe-functions,
-  bugprone-use-after-move,
+  bugprone-use-after-move, # has issues
  bugprone-unused-raii,
  bugprone-unused-return-value,
  bugprone-unused-local-non-trivial-variable,
@@ -85,18 +87,39 @@ Checks: "-*,
  cppcoreguidelines-use-default-member-init,
  cppcoreguidelines-virtual-class-destructor,
  hicpp-ignored-remove-result,
+  misc-const-correctness,
  misc-definitions-in-headers,
  misc-header-include-cycle,
+  misc-include-cleaner,
  misc-misplaced-const,
+  misc-redundant-expression,
  misc-static-assert,
  misc-throw-by-value-catch-by-reference,
  misc-unused-alias-decls,
  misc-unused-using-decls,
-  modernize-deprecated-headers,
+  modernize-concat-nested-namespaces,
  modernize-make-shared,
  modernize-make-unique,
+  modernize-pass-by-value,
+  modernize-type-traits,
+  modernize-use-designated-initializers,
+  modernize-use-emplace,
+  modernize-use-equals-default,
+  modernize-use-equals-delete,
+  modernize-use-override,
+  modernize-use-ranges,
+  modernize-use-starts-ends-with,
+  modernize-use-std-numbers,
+  modernize-use-using,
+  modernize-deprecated-headers,
+  llvm-namespace-comment,
+  performance-faster-string-find,
+  performance-for-range-copy,
  performance-implicit-conversion-in-loop,
+  performance-inefficient-vector-operation,
+  performance-move-const-arg,
  performance-move-constructor-init,
+  performance-no-automatic-move,
  performance-trivially-destructible,
  readability-avoid-nested-conditional-operator,
  readability-avoid-return-with-void-value,
@@ -125,35 +148,11 @@ Checks: "-*,
  readability-use-std-min-max
  "
 # ---
-# checks that have some issues that need to be resolved:
-#
-# llvm-namespace-comment,
-# misc-const-correctness,
-# misc-include-cleaner,
-# misc-redundant-expression,
+# other checks that have issues that need to be resolved:
 #
 # readability-inconsistent-declaration-parameter-name, # in this codebase this check will break a lot of arg names
 # readability-static-accessed-through-instance,        # this check is probably unnecessary. it makes the code less readable
-# readability-identifier-naming,
-#
-# modernize-concat-nested-namespaces,
-# modernize-pass-by-value,
-# modernize-type-traits,
-# modernize-use-designated-initializers,
-# modernize-use-emplace,
-# modernize-use-equals-default,
-# modernize-use-equals-delete,
-# modernize-use-override,
-# modernize-use-ranges,
-# modernize-use-starts-ends-with,
-# modernize-use-std-numbers,
-# modernize-use-using,
-#
-# performance-faster-string-find,
-# performance-for-range-copy,
-# performance-inefficient-vector-operation,
-# performance-move-const-arg,
-# performance-no-automatic-move,
+# readability-identifier-naming,                       # https://github.com/XRPLF/rippled/pull/6571
 # ---
 #
 CheckOptions:
@@ -193,7 +192,8 @@ CheckOptions:
  #   readability-identifier-naming.FunctionIgnoredRegexp: ".*tag_invoke.*"
  bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
  bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
-#   misc-include-cleaner.IgnoreHeaders: '.*/(detail|impl)/.*;.*(expected|unexpected).*;.*ranges_lower_bound\.h;time.h;stdlib.h;__chrono/.*;fmt/chrono.h;boost/uuid/uuid_hash.hpp'
+  misc-include-cleaner.IgnoreHeaders: ".*/(detail|impl)/.*;.*fwd\\.h(pp)?;time.h;stdlib.h;sqlite3.h;netinet/in\\.h;sys/resource\\.h;sys/sysinfo\\.h;linux/sysinfo\\.h;__chrono/.*;bits/.*;_abort\\.h;boost/uuid/uuid_hash.hpp;boost/beast/core/flat_buffer\\.hpp;boost/beast/http/field\\.hpp;boost/beast/http/dynamic_body\\.hpp;boost/beast/http/message\\.hpp;boost/beast/http/read\\.hpp;boost/beast/http/write\\.hpp;openssl/obj_mac\\.h"
 #
-# HeaderFilterRegex: '^.*/(src|tests)/.*\.(h|hpp)$'
+HeaderFilterRegex: '^.*/(test|xrpl|xrpld)/.*\.(h|hpp)$'
+ExcludeHeaderFilterRegex: '^.*/protocol_autogen/.*\.(h|hpp)$'
 WarningsAsErrors: "*"
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -1,7 +1,7 @@
 ---
 name: Feature Request
-about: Suggest a new feature for the rippled project
-title: "[Title with short description] (Version: [rippled version])"
+about: Suggest a new feature for the xrpld project
+title: "[Title with short description] (Version: [xrpld version])"
 labels: Feature Request
 assignees: ""
 ---
--- a/.github/scripts/check-pr-description.py
+++ b/.github/scripts/check-pr-description.py
@@ -0,0 +1,85 @@
+#!/usr/bin/env python3
+
+"""
+Checks that a pull request description has been customized from the
+pull_request_template.md. Exits with code 1 if the description is empty
+or identical to the template (ignoring HTML comments and whitespace).
+
+Usage:
+    python check-pr-description.py --template-file TEMPLATE --pr-body-file BODY
+"""
+
+import argparse
+import re
+import sys
+from pathlib import Path
+
+
+def normalize(text: str) -> str:
+    """Strip HTML comments, trim lines, and remove blank lines."""
+    # Remove HTML comments (possibly multi-line)
+    text = re.sub(r"<!--.*?-->", "", text, flags=re.DOTALL)
+    # Strip each line and drop empties
+    lines = [line.strip() for line in text.splitlines()]
+    lines = [line for line in lines if line]
+    return "\n".join(lines)
+
+
+def main() -> int:
+    parser = argparse.ArgumentParser(
+        description="Check that a PR description differs from the template."
+    )
+    parser.add_argument(
+        "--template-file",
+        type=Path,
+        required=True,
+        help="Path to the pull request template file.",
+    )
+    parser.add_argument(
+        "--pr-body-file",
+        type=Path,
+        required=True,
+        help="Path to a file containing the PR body text.",
+    )
+    args = parser.parse_args()
+
+    template_path: Path = args.template_file
+    pr_body_path: Path = args.pr_body_file
+
+    if not template_path.is_file():
+        print(f"::error::Template file {template_path} not found")
+        return 1
+
+    if not pr_body_path.is_file():
+        print(f"::error::PR body file {pr_body_path} not found")
+        return 1
+
+    template = template_path.read_text(encoding="utf-8")
+    pr_body = pr_body_path.read_text(encoding="utf-8")
+
+    # Check if the PR body is empty or whitespace-only
+    if not pr_body.strip():
+        print(
+            "::error::PR description is empty. "
+            "Please fill in the pull request template."
+        )
+        return 1
+
+    norm_template = normalize(template)
+    norm_pr_body = normalize(pr_body)
+
+    if norm_pr_body == norm_template:
+        print(
+            "::error::PR description (ignoring HTML comments) is identical"
+            " to the template. Please fill in the details of your change."
+            f"\n\nVisible template content:\n---\n{norm_template}\n---"
+            f"\n\nVisible PR description content:\n---\n{norm_pr_body}\n---"
+        )
+        return 1
+
+    print("PR description has been customized from the template.")
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())
--- a/.github/scripts/levelization/README.md
+++ b/.github/scripts/levelization/README.md
@@ -1,14 +1,14 @@
 # Levelization

-Levelization is the term used to describe efforts to prevent rippled from
+Levelization is the term used to describe efforts to prevent xrpld from
 having or creating cyclic dependencies.

-rippled code is organized into directories under `src/xrpld`, `src/libxrpl` (and
+xrpld code is organized into directories under `src/xrpld`, `src/libxrpl` (and
 `src/test`) representing modules. The modules are intended to be
 organized into "tiers" or "levels" such that a module from one level can
 only include code from lower levels. Additionally, a module
 in one level should never include code in an `impl` or `detail` folder of any level
-other than it's own.
+other than its own.

 The codebase is split into two main areas:

@@ -22,7 +22,7 @@ levelization violations they find (by moving files or individual
 classes). At the very least, don't make things worse.

 The table below summarizes the _desired_ division of modules, based on the current
-state of the rippled code. The levels are numbered from
+state of the xrpld code. The levels are numbered from
 the bottom up with the lower level, lower numbered, more independent
 modules listed first, and the higher level, higher numbered modules with
 more dependencies listed later.
@@ -72,10 +72,10 @@ that `test` code should _never_ be included in `xrpl` or `xrpld` code.)

 The [levelization](generate.py) script takes no parameters,
 reads no environment variables, and can be run from any directory,
-as long as it is in the expected location in the rippled repo.
+as long as it is in the expected location in the xrpld repo.
 It can be run at any time from within a checked out repo, and will
 do an analysis of all the `#include`s in
-the rippled source. The only caveat is that it runs much slower
+the xrpld source. The only caveat is that it runs much slower
 under Windows than in Linux. It hasn't yet been tested under MacOS.
 It generates many files of [results](results):

--- a/.github/scripts/levelization/results/loops.txt
+++ b/.github/scripts/levelization/results/loops.txt
@@ -2,19 +2,19 @@ Loop: test.jtx test.toplevel
  test.toplevel > test.jtx

 Loop: test.jtx test.unit_test
-  test.unit_test == test.jtx
+  test.unit_test ~= test.jtx

 Loop: xrpld.app xrpld.overlay
-  xrpld.overlay ~= xrpld.app
+  xrpld.app > xrpld.overlay

 Loop: xrpld.app xrpld.peerfinder
-  xrpld.peerfinder == xrpld.app
+  xrpld.peerfinder ~= xrpld.app

 Loop: xrpld.app xrpld.rpc
  xrpld.rpc > xrpld.app

 Loop: xrpld.app xrpld.shamap
-  xrpld.shamap ~= xrpld.app
+  xrpld.shamap > xrpld.app

 Loop: xrpld.overlay xrpld.rpc
  xrpld.rpc ~= xrpld.overlay
--- a/.github/scripts/levelization/results/ordering.txt
+++ b/.github/scripts/levelization/results/ordering.txt
@@ -3,13 +3,17 @@ libxrpl.conditions > xrpl.basics
 libxrpl.conditions > xrpl.conditions
 libxrpl.core > xrpl.basics
 libxrpl.core > xrpl.core
+libxrpl.core > xrpl.json
 libxrpl.crypto > xrpl.basics
 libxrpl.json > xrpl.basics
 libxrpl.json > xrpl.json
 libxrpl.ledger > xrpl.basics
 libxrpl.ledger > xrpl.json
 libxrpl.ledger > xrpl.ledger
+libxrpl.ledger > xrpl.nodestore
 libxrpl.ledger > xrpl.protocol
+libxrpl.ledger > xrpl.server
+libxrpl.ledger > xrpl.shamap
 libxrpl.net > xrpl.basics
 libxrpl.net > xrpl.net
 libxrpl.nodestore > xrpl.basics
@@ -19,18 +23,22 @@ libxrpl.nodestore > xrpl.protocol
 libxrpl.protocol > xrpl.basics
 libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
-libxrpl.protocol_autogen > xrpl.protocol_autogen
 libxrpl.rdb > xrpl.basics
+libxrpl.rdb > xrpl.core
 libxrpl.rdb > xrpl.rdb
 libxrpl.resource > xrpl.basics
 libxrpl.resource > xrpl.json
+libxrpl.resource > xrpl.protocol
 libxrpl.resource > xrpl.resource
 libxrpl.server > xrpl.basics
+libxrpl.server > xrpl.core
 libxrpl.server > xrpl.json
 libxrpl.server > xrpl.protocol
 libxrpl.server > xrpl.rdb
+libxrpl.server > xrpl.resource
 libxrpl.server > xrpl.server
 libxrpl.shamap > xrpl.basics
+libxrpl.shamap > xrpl.nodestore
 libxrpl.shamap > xrpl.protocol
 libxrpl.shamap > xrpl.shamap
 libxrpl.tx > xrpl.basics
@@ -42,12 +50,11 @@ libxrpl.tx > xrpl.protocol
 libxrpl.tx > xrpl.server
 libxrpl.tx > xrpl.tx
 test.app > test.jtx
-test.app > test.rpc
-test.app > test.toplevel
 test.app > test.unit_test
 test.app > xrpl.basics
 test.app > xrpl.core
 test.app > xrpld.app
+test.app > xrpld.consensus
 test.app > xrpld.core
 test.app > xrpld.overlay
 test.app > xrpld.rpc
@@ -55,9 +62,9 @@ test.app > xrpl.json
 test.app > xrpl.ledger
 test.app > xrpl.nodestore
 test.app > xrpl.protocol
-test.app > xrpl.rdb
 test.app > xrpl.resource
 test.app > xrpl.server
+test.app > xrpl.shamap
 test.app > xrpl.tx
 test.basics > test.jtx
 test.basics > test.unit_test
@@ -70,16 +77,17 @@ test.beast > xrpl.basics
 test.conditions > xrpl.basics
 test.conditions > xrpl.conditions
 test.consensus > test.csf
+test.consensus > test.jtx
 test.consensus > test.toplevel
 test.consensus > test.unit_test
 test.consensus > xrpl.basics
 test.consensus > xrpld.app
 test.consensus > xrpld.consensus
-test.consensus > xrpl.json
 test.consensus > xrpl.ledger
+test.consensus > xrpl.protocol
+test.consensus > xrpl.shamap
 test.consensus > xrpl.tx
 test.core > test.jtx
-test.core > test.toplevel
 test.core > test.unit_test
 test.core > xrpl.basics
 test.core > xrpl.core
@@ -107,27 +115,32 @@ test.jtx > xrpl.resource
 test.jtx > xrpl.server
 test.jtx > xrpl.tx
 test.ledger > test.jtx
-test.ledger > test.toplevel
 test.ledger > xrpl.basics
+test.ledger > xrpl.core
+test.ledger > xrpld.app
 test.ledger > xrpld.core
+test.ledger > xrpl.json
 test.ledger > xrpl.ledger
 test.ledger > xrpl.protocol
 test.nodestore > test.jtx
-test.nodestore > test.toplevel
 test.nodestore > test.unit_test
 test.nodestore > xrpl.basics
+test.nodestore > xrpld.core
 test.nodestore > xrpl.nodestore
+test.nodestore > xrpl.protocol
 test.nodestore > xrpl.rdb
 test.overlay > test.jtx
-test.overlay > test.toplevel
 test.overlay > test.unit_test
 test.overlay > xrpl.basics
 test.overlay > xrpld.app
+test.overlay > xrpld.core
 test.overlay > xrpld.overlay
 test.overlay > xrpld.peerfinder
-test.overlay > xrpl.ledger
+test.overlay > xrpl.json
 test.overlay > xrpl.nodestore
 test.overlay > xrpl.protocol
+test.overlay > xrpl.resource
+test.overlay > xrpl.server
 test.overlay > xrpl.shamap
 test.peerfinder > test.beast
 test.peerfinder > test.unit_test
@@ -135,7 +148,7 @@ test.peerfinder > xrpl.basics
 test.peerfinder > xrpld.core
 test.peerfinder > xrpld.peerfinder
 test.peerfinder > xrpl.protocol
-test.protocol > test.toplevel
+test.protocol > test.jtx
 test.protocol > test.unit_test
 test.protocol > xrpl.basics
 test.protocol > xrpl.json
@@ -144,7 +157,6 @@ test.resource > test.unit_test
 test.resource > xrpl.basics
 test.resource > xrpl.resource
 test.rpc > test.jtx
-test.rpc > test.toplevel
 test.rpc > xrpl.basics
 test.rpc > xrpl.core
 test.rpc > xrpld.app
@@ -158,13 +170,12 @@ test.rpc > xrpl.resource
 test.rpc > xrpl.server
 test.rpc > xrpl.tx
 test.server > test.jtx
-test.server > test.toplevel
 test.server > test.unit_test
 test.server > xrpl.basics
 test.server > xrpld.app
 test.server > xrpld.core
-test.server > xrpld.rpc
 test.server > xrpl.json
+test.server > xrpl.protocol
 test.server > xrpl.server
 test.shamap > test.unit_test
 test.shamap > xrpl.basics
@@ -184,7 +195,6 @@ xrpl.conditions > xrpl.basics
 xrpl.conditions > xrpl.protocol
 xrpl.core > xrpl.basics
 xrpl.core > xrpl.json
-xrpl.core > xrpl.ledger
 xrpl.core > xrpl.protocol
 xrpl.json > xrpl.basics
 xrpl.ledger > xrpl.basics
@@ -239,19 +249,20 @@ xrpld.consensus > xrpl.ledger
 xrpld.consensus > xrpl.protocol
 xrpld.core > xrpl.basics
 xrpld.core > xrpl.core
-xrpld.core > xrpl.json
 xrpld.core > xrpl.net
 xrpld.core > xrpl.protocol
 xrpld.core > xrpl.rdb
 xrpld.overlay > xrpl.basics
 xrpld.overlay > xrpl.core
+xrpld.overlay > xrpld.consensus
 xrpld.overlay > xrpld.core
 xrpld.overlay > xrpld.peerfinder
 xrpld.overlay > xrpl.json
+xrpld.overlay > xrpl.ledger
 xrpld.overlay > xrpl.protocol
-xrpld.overlay > xrpl.rdb
 xrpld.overlay > xrpl.resource
 xrpld.overlay > xrpl.server
+xrpld.overlay > xrpl.shamap
 xrpld.overlay > xrpl.tx
 xrpld.peerfinder > xrpl.basics
 xrpld.peerfinder > xrpld.core
@@ -261,6 +272,7 @@ xrpld.perflog > xrpl.basics
 xrpld.perflog > xrpl.core
 xrpld.perflog > xrpld.rpc
 xrpld.perflog > xrpl.json
+xrpld.perflog > xrpl.protocol
 xrpld.rpc > xrpl.basics
 xrpld.rpc > xrpl.core
 xrpld.rpc > xrpld.core
@@ -272,5 +284,9 @@ xrpld.rpc > xrpl.protocol
 xrpld.rpc > xrpl.rdb
 xrpld.rpc > xrpl.resource
 xrpld.rpc > xrpl.server
+xrpld.rpc > xrpl.shamap
 xrpld.rpc > xrpl.tx
+xrpld.shamap > xrpl.basics
+xrpld.shamap > xrpld.core
+xrpld.shamap > xrpl.protocol
 xrpld.shamap > xrpl.shamap
--- a/.github/scripts/rename/README.md
+++ b/.github/scripts/rename/README.md
@@ -34,6 +34,8 @@ run from the repository root.
 6. `.github/scripts/rename/config.sh`: This script will rename the config from
   `rippled.cfg` to `xrpld.cfg`, and updating the code accordingly. The old
   filename will still be accepted.
+7. `.github/scripts/rename/docs.sh`: This script will rename any lingering
+   references of `ripple(d)` to `xrpl(d)` in code, comments, and documentation.

 You can run all these scripts from the repository root as follows:

@@ -44,4 +46,5 @@ You can run all these scripts from the repository root as follows:
 ./.github/scripts/rename/binary.sh .
 ./.github/scripts/rename/namespace.sh .
 ./.github/scripts/rename/config.sh .
+./.github/scripts/rename/docs.sh .
 ```
--- a/.github/scripts/rename/binary.sh
+++ b/.github/scripts/rename/binary.sh
@@ -6,11 +6,11 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-  if ! command -v gsed &> /dev/null; then
-      echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
-      exit 1
-  fi
-  SED_COMMAND=gsed
+    if ! command -v gsed &> /dev/null; then
+        echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+        exit 1
+    fi
+    SED_COMMAND=gsed
 fi

 # This script changes the binary name from `rippled` to `xrpld`, and reverses
@@ -29,7 +29,7 @@ if [ ! -d "${DIRECTORY}" ]; then
    echo "Error: Directory '${DIRECTORY}' does not exist."
    exit 1
 fi
-pushd ${DIRECTORY}
+pushd "${DIRECTORY}"

 # Remove the binary name override added by the cmake.sh script.
 ${SED_COMMAND} -z -i -E 's@\s+# For the time being.+"rippled"\)@@' cmake/XrplCore.cmake
@@ -49,6 +49,7 @@ ${SED_COMMAND} -i -E 's@ripple/xrpld@XRPLF/rippled@g' BUILD.md
 ${SED_COMMAND} -i -E 's@XRPLF/xrpld@XRPLF/rippled@g' BUILD.md
 ${SED_COMMAND} -i -E 's@xrpld \(`xrpld`\)@xrpld@g' BUILD.md
 ${SED_COMMAND} -i -E 's@XRPLF/xrpld@XRPLF/rippled@g' CONTRIBUTING.md
+${SED_COMMAND} -i -E 's@XRPLF/xrpld@XRPLF/rippled@g' docs/build/install.md

 popd
 echo "Processing complete."
--- a/.github/scripts/rename/cmake.sh
+++ b/.github/scripts/rename/cmake.sh
@@ -8,16 +8,16 @@ set -e
 SED_COMMAND=sed
 HEAD_COMMAND=head
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-  if ! command -v gsed &> /dev/null; then
-      echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
-      exit 1
-  fi
-  SED_COMMAND=gsed
-  if ! command -v ghead &> /dev/null; then
-      echo "Error: ghead is not installed. Please install it using 'brew install coreutils'."
-      exit 1
-  fi
-  HEAD_COMMAND=ghead
+    if ! command -v gsed &> /dev/null; then
+        echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+        exit 1
+    fi
+    SED_COMMAND=gsed
+    if ! command -v ghead &> /dev/null; then
+        echo "Error: ghead is not installed. Please install it using 'brew install coreutils'."
+        exit 1
+    fi
+    HEAD_COMMAND=ghead
 fi

 # This script renames CMake files from `RippleXXX.cmake` or `RippledXXX.cmake`
@@ -38,16 +38,16 @@ if [ ! -d "${DIRECTORY}" ]; then
    echo "Error: Directory '${DIRECTORY}' does not exist."
    exit 1
 fi
-pushd ${DIRECTORY}
+pushd "${DIRECTORY}"

 # Rename the files.
 find cmake -type f -name 'Rippled*.cmake' -exec bash -c 'mv "${1}" "${1/Rippled/Xrpl}"' - {} \;
 find cmake -type f -name 'Ripple*.cmake' -exec bash -c 'mv "${1}" "${1/Ripple/Xrpl}"' - {} \;
 if [ -e cmake/xrpl_add_test.cmake ]; then
-  mv cmake/xrpl_add_test.cmake cmake/XrplAddTest.cmake
+    mv cmake/xrpl_add_test.cmake cmake/XrplAddTest.cmake
 fi
 if [ -e include/xrpl/proto/ripple.proto ]; then
-  mv include/xrpl/proto/ripple.proto include/xrpl/proto/xrpl.proto
+    mv include/xrpl/proto/ripple.proto include/xrpl/proto/xrpl.proto
 fi

 # Rename inside the files.
@@ -71,14 +71,14 @@ ${SED_COMMAND} -i 's@xrpl/validator-keys-tool@ripple/validator-keys-tool@' cmake
 # Ensure the name of the binary and config remain 'rippled' for now.
 ${SED_COMMAND} -i -E 's/xrpld(-example)?\.cfg/rippled\1.cfg/g' cmake/XrplInstall.cmake
 if grep -q '"xrpld"' cmake/XrplCore.cmake; then
-  # The script has been rerun, so just restore the name of the binary.
-  ${SED_COMMAND} -i 's/"xrpld"/"rippled"/' cmake/XrplCore.cmake
+    # The script has been rerun, so just restore the name of the binary.
+    ${SED_COMMAND} -i 's/"xrpld"/"rippled"/' cmake/XrplCore.cmake
 elif ! grep -q '"rippled"' cmake/XrplCore.cmake; then
-  ${HEAD_COMMAND} -n -1 cmake/XrplCore.cmake > cmake.tmp
-  echo '  # For the time being, we will keep the name of the binary as it was.' >> cmake.tmp
-  echo '  set_target_properties(xrpld PROPERTIES OUTPUT_NAME "rippled")' >> cmake.tmp
-  tail -1 cmake/XrplCore.cmake >> cmake.tmp
-  mv cmake.tmp cmake/XrplCore.cmake
+    ${HEAD_COMMAND} -n -1 cmake/XrplCore.cmake > cmake.tmp
+    echo '  # For the time being, we will keep the name of the binary as it was.' >> cmake.tmp
+    echo '  set_target_properties(xrpld PROPERTIES OUTPUT_NAME "rippled")' >> cmake.tmp
+    tail -1 cmake/XrplCore.cmake >> cmake.tmp
+    mv cmake.tmp cmake/XrplCore.cmake
 fi

 # Restore the symlink from 'xrpld' to 'rippled'.
--- a/.github/scripts/rename/config.sh
+++ b/.github/scripts/rename/config.sh
@@ -6,11 +6,11 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-  if ! command -v gsed &> /dev/null; then
-      echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
-      exit 1
-  fi
-  SED_COMMAND=gsed
+    if ! command -v gsed &> /dev/null; then
+        echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+        exit 1
+    fi
+    SED_COMMAND=gsed
 fi

 # This script renames the config from `rippled.cfg` to `xrpld.cfg`, and updates
@@ -28,40 +28,39 @@ if [ ! -d "${DIRECTORY}" ]; then
    echo "Error: Directory '${DIRECTORY}' does not exist."
    exit 1
 fi
-pushd ${DIRECTORY}
+pushd "${DIRECTORY}"

 # Add the xrpld.cfg to the .gitignore.
 if ! grep -q 'xrpld.cfg' .gitignore; then
-  ${SED_COMMAND} -i '/rippled.cfg/a\
+    ${SED_COMMAND} -i '/rippled.cfg/a\
 /xrpld.cfg' .gitignore
 fi

 # Rename the files.
 if [ -e rippled.cfg ]; then
-  mv rippled.cfg xrpld.cfg
+    mv rippled.cfg xrpld.cfg
 fi
 if [ -e cfg/rippled-example.cfg ]; then
-  mv cfg/rippled-example.cfg cfg/xrpld-example.cfg
+    mv cfg/rippled-example.cfg cfg/xrpld-example.cfg
 fi

 # Rename inside the files.
 DIRECTORIES=("cfg" "cmake" "include" "src")
 for DIRECTORY in "${DIRECTORIES[@]}"; do
-  echo "Processing directory: ${DIRECTORY}"
+    echo "Processing directory: ${DIRECTORY}"

-  find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" -o -name "*.cmake" -o -name "*.txt" -o -name "*.cfg" -o -name "*.md" \) | while read -r FILE; do
-      echo "Processing file: ${FILE}"
-      ${SED_COMMAND} -i -E 's/rippled(-example)?[ .]cfg/xrpld\1.cfg/g' "${FILE}"
-  done
+    find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" -o -name "*.cmake" -o -name "*.txt" -o -name "*.cfg" -o -name "*.md" \) | while read -r FILE; do
+        echo "Processing file: ${FILE}"
+        ${SED_COMMAND} -i -E 's/rippled(-example)?[ .]cfg/xrpld\1.cfg/g' "${FILE}"
+        ${SED_COMMAND} -i 's/rippleConfig/xrpldConfig/g' "${FILE}"
+    done
 done
 ${SED_COMMAND} -i 's/rippled/xrpld/g' cfg/xrpld-example.cfg
 ${SED_COMMAND} -i 's/rippled/xrpld/g' src/test/core/Config_test.cpp
 ${SED_COMMAND} -i 's/ripplevalidators/xrplvalidators/g' src/test/core/Config_test.cpp # cspell: disable-line
-${SED_COMMAND} -i 's/rippleConfig/xrpldConfig/g' src/test/core/Config_test.cpp
 ${SED_COMMAND} -i 's@ripple/@xrpld/@g' src/test/core/Config_test.cpp
 ${SED_COMMAND} -i 's/Rippled/File/g' src/test/core/Config_test.cpp

-
 # Restore the old config file name in the code that maintains support for now.
 ${SED_COMMAND} -i 's/configLegacyName = "xrpld.cfg"/configLegacyName = "rippled.cfg"/g' src/xrpld/core/detail/Config.cpp

--- a/.github/scripts/rename/copyright.sh
+++ b/.github/scripts/rename/copyright.sh
@@ -6,11 +6,11 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-  if ! command -v gsed &> /dev/null; then
-      echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
-      exit 1
-  fi
-  SED_COMMAND=gsed
+    if ! command -v gsed &> /dev/null; then
+        echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+        exit 1
+    fi
+    SED_COMMAND=gsed
 fi

 # This script removes superfluous copyright notices in source and header files
@@ -31,7 +31,7 @@ if [ ! -d "${DIRECTORY}" ]; then
    echo "Error: Directory '${DIRECTORY}' does not exist."
    exit 1
 fi
-pushd ${DIRECTORY}
+pushd "${DIRECTORY}"

 # Prevent sed and echo from removing newlines and tabs in string literals by
 # temporarily replacing them with placeholders. This only affects one file.
@@ -43,56 +43,56 @@ ${SED_COMMAND} -i -E "s@\\\t@${PLACEHOLDER_TAB}@g" src/test/rpc/ValidatorInfo_te
 # Process the include/ and src/ directories.
 DIRECTORIES=("include" "src")
 for DIRECTORY in "${DIRECTORIES[@]}"; do
-  echo "Processing directory: ${DIRECTORY}"
+    echo "Processing directory: ${DIRECTORY}"

-  find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" -o -name "*.macro" \) | while read -r FILE; do
-      echo "Processing file: ${FILE}"
-      # Handle the cases where the copyright notice is enclosed in /* ... */
-      # and usually surrounded by //---- and //======.
-      ${SED_COMMAND} -z -i -E 's@^//-------+\n+@@' "${FILE}"
-      ${SED_COMMAND} -z -i -E 's@^.*Copyright.+(Ripple|Bougalis|Falco|Hinnant|Null|Ritchford|XRPLF).+PERFORMANCE OF THIS SOFTWARE\.\n\*/\n+@@' "${FILE}" # cspell: ignore Bougalis Falco Hinnant Ritchford
-      ${SED_COMMAND} -z -i -E 's@^//=======+\n+@@' "${FILE}"
+    find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" -o -name "*.macro" \) | while read -r FILE; do
+        echo "Processing file: ${FILE}"
+        # Handle the cases where the copyright notice is enclosed in /* ... */
+        # and usually surrounded by //---- and //======.
+        ${SED_COMMAND} -z -i -E 's@^//-------+\n+@@' "${FILE}"
+        ${SED_COMMAND} -z -i -E 's@^.*Copyright.+(Ripple|Bougalis|Falco|Hinnant|Null|Ritchford|XRPLF).+PERFORMANCE OF THIS SOFTWARE\.\n\*/\n+@@' "${FILE}" # cspell: ignore Bougalis Falco Hinnant Ritchford
+        ${SED_COMMAND} -z -i -E 's@^//=======+\n+@@' "${FILE}"

-      # Handle the cases where the copyright notice is commented out with //.
-      ${SED_COMMAND} -z -i -E 's@^//\n// Copyright.+Falco \(vinnie dot falco at gmail dot com\)\n//\n+@@' "${FILE}" # cspell: ignore Vinnie Falco
-  done
+        # Handle the cases where the copyright notice is commented out with //.
+        ${SED_COMMAND} -z -i -E 's@^//\n// Copyright.+Falco \(vinnie dot falco at gmail dot com\)\n//\n+@@' "${FILE}" # cspell: ignore Vinnie Falco
+    done
 done

 # Restore copyright notices that were removed from specific files, without
 # restoring the verbiage that is already present in LICENSE.md. Ensure that if
 # the script is run multiple times, duplicate notices are not added.
 if ! grep -q 'Raw Material Software' include/xrpl/beast/core/CurrentThreadName.h; then
-  echo -e "// Portions of this file are from JUCE (http://www.juce.com).\n// Copyright (c) 2013 - Raw Material Software Ltd.\n// Please visit http://www.juce.com\n\n$(cat include/xrpl/beast/core/CurrentThreadName.h)" > include/xrpl/beast/core/CurrentThreadName.h
+    echo -e "// Portions of this file are from JUCE (http://www.juce.com).\n// Copyright (c) 2013 - Raw Material Software Ltd.\n// Please visit http://www.juce.com\n\n$(cat include/xrpl/beast/core/CurrentThreadName.h)" > include/xrpl/beast/core/CurrentThreadName.h
 fi
 if ! grep -q 'Dev Null' src/test/app/NetworkID_test.cpp; then
-  echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/NetworkID_test.cpp)" > src/test/app/NetworkID_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/NetworkID_test.cpp)" > src/test/app/NetworkID_test.cpp
 fi
 if ! grep -q 'Dev Null' src/test/app/tx/apply_test.cpp; then
-  echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/tx/apply_test.cpp)" > src/test/app/tx/apply_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/app/tx/apply_test.cpp)" > src/test/app/tx/apply_test.cpp
 fi
 if ! grep -q 'Dev Null' src/test/rpc/ManifestRPC_test.cpp; then
-  echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ManifestRPC_test.cpp)" > src/test/rpc/ManifestRPC_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ManifestRPC_test.cpp)" > src/test/rpc/ManifestRPC_test.cpp
 fi
 if ! grep -q 'Dev Null' src/test/rpc/ValidatorInfo_test.cpp; then
-  echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ValidatorInfo_test.cpp)" > src/test/rpc/ValidatorInfo_test.cpp
+    echo -e "// Copyright (c) 2020 Dev Null Productions\n\n$(cat src/test/rpc/ValidatorInfo_test.cpp)" > src/test/rpc/ValidatorInfo_test.cpp
 fi
-if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/DoManifest.cpp; then
-  echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/DoManifest.cpp)" > src/xrpld/rpc/handlers/DoManifest.cpp
+if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/server_info/Manifest.cpp; then
+    echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/server_info/Manifest.cpp)" > src/xrpld/rpc/handlers/server_info/Manifest.cpp
 fi
-if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/ValidatorInfo.cpp; then
-  echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/ValidatorInfo.cpp)" > src/xrpld/rpc/handlers/ValidatorInfo.cpp
+if ! grep -q 'Dev Null' src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp; then
+    echo -e "// Copyright (c) 2019 Dev Null Productions\n\n$(cat src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp)" > src/xrpld/rpc/handlers/admin/status/ValidatorInfo.cpp
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/SlabAllocator.h; then
-  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" > include/xrpl/basics/SlabAllocator.h # cspell: ignore Nikolaos Bougalis nikb
+    echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/SlabAllocator.h)" > include/xrpl/basics/SlabAllocator.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/spinlock.h; then
-  echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" > include/xrpl/basics/spinlock.h # cspell: ignore Nikolaos Bougalis nikb
+    echo -e "// Copyright (c) 2022, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/spinlock.h)" > include/xrpl/basics/spinlock.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Bougalis' include/xrpl/basics/tagged_integer.h; then
-  echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" > include/xrpl/basics/tagged_integer.h # cspell: ignore Nikolaos Bougalis nikb
+    echo -e "// Copyright (c) 2014, Nikolaos D. Bougalis <nikb@bougalis.net>\n\n$(cat include/xrpl/basics/tagged_integer.h)" > include/xrpl/basics/tagged_integer.h # cspell: ignore Nikolaos Bougalis nikb
 fi
 if ! grep -q 'Ritchford' include/xrpl/beast/utility/Zero.h; then
-  echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" > include/xrpl/beast/utility/Zero.h # cspell: ignore Ritchford
+    echo -e "// Copyright (c) 2014, Tom Ritchford <tom@swirly.com>\n\n$(cat include/xrpl/beast/utility/Zero.h)" > include/xrpl/beast/utility/Zero.h # cspell: ignore Ritchford
 fi

 # Restore newlines and tabs in string literals in the affected file.
--- a/.github/scripts/rename/definitions.sh
+++ b/.github/scripts/rename/definitions.sh
@@ -6,11 +6,11 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-  if ! command -v gsed &> /dev/null; then
-      echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
-      exit 1
-  fi
-  SED_COMMAND=gsed
+    if ! command -v gsed &> /dev/null; then
+        echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+        exit 1
+    fi
+    SED_COMMAND=gsed
 fi

 # This script renames definitions, such as include guards, in this project.
--- a/.github/scripts/rename/docs.sh
+++ b/.github/scripts/rename/docs.sh
@@ -0,0 +1,96 @@
+#!/bin/bash
+
+# Exit the script as soon as an error occurs.
+set -e
+
+# On MacOS, ensure that GNU sed is installed and available as `gsed`.
+SED_COMMAND=sed
+if [[ "${OSTYPE}" == 'darwin'* ]]; then
+    if ! command -v gsed &> /dev/null; then
+        echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+        exit 1
+    fi
+    SED_COMMAND=gsed
+fi
+
+# This script renames all remaining references to `ripple` and `rippled` to
+# `xrpl` and `xrpld`, respectively, in code, comments, and documentation.
+# Usage: .github/scripts/rename/docs.sh <repository directory>
+
+if [ "$#" -ne 1 ]; then
+    echo "Usage: $0 <repository directory>"
+    exit 1
+fi
+
+DIRECTORY=$1
+echo "Processing directory: ${DIRECTORY}"
+if [ ! -d "${DIRECTORY}" ]; then
+    echo "Error: Directory '${DIRECTORY}' does not exist."
+    exit 1
+fi
+pushd "${DIRECTORY}"
+
+find . -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" -o -name "*.txt" -o -name "*.cfg" -o -name "*.md" -o -name "*.proto" \) -not -path "./.github/scripts/*" | while read -r FILE; do
+    echo "Processing file: ${FILE}"
+    ${SED_COMMAND} -i 's/rippleLockEscrowMPT/lockEscrowMPT/g' "${FILE}"
+    ${SED_COMMAND} -i 's/rippleUnlockEscrowMPT/unlockEscrowMPT/g' "${FILE}"
+    ${SED_COMMAND} -i 's/rippleCredit/directSendNoFee/g' "${FILE}"
+    ${SED_COMMAND} -i 's/rippleSend/directSendNoLimit/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's@([^/+-])rippled@\1xrpld@g' "${FILE}"
+    ${SED_COMMAND} -i -E 's@([^/+-])Rippled@\1Xrpld@g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/^rippled/xrpld/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/^Rippled/Xrpld/g' "${FILE}"
+    # cspell: disable
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (a|A)ddress/XRPL address/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (a|A)ccount/XRPL account/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (a|A)lgorithm/XRPL algorithm/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (c|C)lient/XRPL client/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (c|C)luster/XRPL cluster/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (c|C)onsensus/XRPL consensus/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (d|D)efault/XRPL default/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (e|E)poch/XRPL epoch/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (f|F)eature/XRPL feature/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (n|N)etwork/XRPL network/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (p|P)ayment/XRPL payment/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (p|P)rotocol/XRPL protocol/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (r|R)epository/XRPL repository/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple RPC/XRPL RPC/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (s|S)erialization/XRPL serialization/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (s|S)erver/XRPL server/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (s|S)pecific/XRPL specific/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple Source/XRPL Source/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (t|T)imestamp/XRPL timestamp/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple uses the consensus/XRPL uses the consensus/g' "${FILE}"
+    ${SED_COMMAND} -i -E 's/(r|R)ipple (v|V)alidator/XRPL validator/g' "${FILE}"
+    # cspell: enable
+    ${SED_COMMAND} -i 's/RippleLib/XrplLib/g' "${FILE}"
+    ${SED_COMMAND} -i 's/ripple-lib/XrplLib/g' "${FILE}"
+    ${SED_COMMAND} -i 's@opt/ripple/@opt/xrpld/@g' "${FILE}"
+    ${SED_COMMAND} -i 's@src/ripple/@src/xrpld/@g' "${FILE}"
+    ${SED_COMMAND} -i 's@ripple/app/@xrpld/app/@g' "${FILE}"
+    ${SED_COMMAND} -i 's@github.com/ripple/rippled@github.com/XRPLF/rippled@g' "${FILE}"
+    ${SED_COMMAND} -i 's/\ba xrpl/an xrpl/g' "${FILE}"
+    ${SED_COMMAND} -i 's/\ba XRPL/an XRPL/g' "${FILE}"
+done
+${SED_COMMAND} -i 's/ripple_libs/xrpl_libs/' BUILD.md
+${SED_COMMAND} -i 's/Ripple integrators/XRPL developers/' README.md
+${SED_COMMAND} -i 's/sanitizer-configuration-for-rippled/sanitizer-configuration-for-xrpld/' docs/build/sanitizers.md
+${SED_COMMAND} -i 's/rippled/xrpld/g' .github/scripts/levelization/README.md
+${SED_COMMAND} -i 's/rippled/xrpld/g' .github/scripts/strategy-matrix/generate.py
+${SED_COMMAND} -i 's@/rippled@/xrpld@g' docs/build/install.md
+${SED_COMMAND} -i 's@github.com/XRPLF/xrpld@github.com/XRPLF/rippled@g' docs/build/install.md
+${SED_COMMAND} -i 's/rippled/xrpld/g' docs/Doxyfile
+${SED_COMMAND} -i 's/ripple_basics/basics/' include/xrpl/basics/CountedObject.h
+${SED_COMMAND} -i 's/<ripple/<xrpl/' include/xrpl/protocol/AccountID.h
+${SED_COMMAND} -i 's/Ripple:/the XRPL:/g' include/xrpl/protocol/SecretKey.h
+${SED_COMMAND} -i 's/Ripple:/the XRPL:/g' include/xrpl/protocol/Seed.h
+${SED_COMMAND} -i 's/ripple/xrpl/g' src/test/README.md
+${SED_COMMAND} -i 's/www.ripple.com/www.xrpl.org/g' src/test/protocol/Seed_test.cpp
+
+# Restore specific changes.
+${SED_COMMAND} -i 's@b5efcc/src/xrpld@b5efcc/src/ripple@' include/xrpl/protocol/README.md
+${SED_COMMAND} -i 's/dbPrefix_ = "xrpldb"/dbPrefix_ = "rippledb"/' src/xrpld/app/misc/SHAMapStoreImp.h # cspell: disable-line
+${SED_COMMAND} -i 's/configLegacyName = "xrpld.cfg"/configLegacyName = "rippled.cfg"/' src/xrpld/core/detail/Config.cpp
+
+popd
+echo "Renaming complete."
--- a/.github/scripts/rename/include.sh
+++ b/.github/scripts/rename/include.sh
@@ -23,8 +23,8 @@ fi
 find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" \) | while read -r FILE; do
    echo "Processing file: ${FILE}"
    if grep -q "#ifndef XRPL_" "${FILE}"; then
-      echo "Please replace all include guards by #pragma once."
-      exit 1
+        echo "Please replace all include guards by #pragma once."
+        exit 1
    fi
 done
 echo "Checking complete."
--- a/.github/scripts/rename/namespace.sh
+++ b/.github/scripts/rename/namespace.sh
@@ -6,11 +6,11 @@ set -e
 # On MacOS, ensure that GNU sed is installed and available as `gsed`.
 SED_COMMAND=sed
 if [[ "${OSTYPE}" == 'darwin'* ]]; then
-  if ! command -v gsed &> /dev/null; then
-      echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
-      exit 1
-  fi
-  SED_COMMAND=gsed
+    if ! command -v gsed &> /dev/null; then
+        echo "Error: gsed is not installed. Please install it using 'brew install gnu-sed'."
+        exit 1
+    fi
+    SED_COMMAND=gsed
 fi

 # This script renames the `ripple` namespace to `xrpl` in this project.
@@ -31,18 +31,19 @@ if [ ! -d "${DIRECTORY}" ]; then
    echo "Error: Directory '${DIRECTORY}' does not exist."
    exit 1
 fi
-pushd ${DIRECTORY}
+pushd "${DIRECTORY}"

 DIRECTORIES=("include" "src" "tests")
 for DIRECTORY in "${DIRECTORIES[@]}"; do
-  echo "Processing directory: ${DIRECTORY}"
+    echo "Processing directory: ${DIRECTORY}"

-  find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" \) | while read -r FILE; do
-      echo "Processing file: ${FILE}"
-      ${SED_COMMAND} -i 's/namespace ripple/namespace xrpl/g' "${FILE}"
-      ${SED_COMMAND} -i 's/ripple::/xrpl::/g' "${FILE}"
-      ${SED_COMMAND} -i -E 's/(BEAST_DEFINE_TESTSUITE.+)ripple(.+)/\1xrpl\2/g' "${FILE}"
-  done
+    find "${DIRECTORY}" -type f \( -name "*.h" -o -name "*.hpp" -o -name "*.ipp" -o -name "*.cpp" -o -name "*.macro" \) | while read -r FILE; do
+        echo "Processing file: ${FILE}"
+        ${SED_COMMAND} -i 's/namespace ripple/namespace xrpl/g' "${FILE}"
+        ${SED_COMMAND} -i 's/ripple::/xrpl::/g' "${FILE}"
+        ${SED_COMMAND} -i 's/"ripple:/"xrpl::/g' "${FILE}"
+        ${SED_COMMAND} -i -E 's/(BEAST_DEFINE_TESTSUITE.+)ripple(.+)/\1xrpl\2/g' "${FILE}"
+    done
 done

 # Special case for NuDBFactory that has ripple twice in the test suite name.
--- a/.github/scripts/strategy-matrix/generate.py
+++ b/.github/scripts/strategy-matrix/generate.py
@@ -235,7 +235,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
        # so that they are easier to identify in the GitHub Actions UI, as long
        # names get truncated.
        # Add Address and Thread (both coupled with UB) sanitizers for specific bookworm distros.
-        # GCC-Asan rippled-embedded tests are failing because of https://github.com/google/sanitizers/issues/856
+        # GCC-Asan xrpld-embedded tests are failing because of https://github.com/google/sanitizers/issues/856
        if (
            os["distro_version"] == "bookworm"
            and f"{os['compiler_name']}-{os['compiler_version']}" == "clang-20"
--- a/.github/workflows/check-pr-commits.yml
+++ b/.github/workflows/check-pr-commits.yml
@@ -1,7 +1,7 @@
 name: Check PR commits

 on:
-  pull_request:
+  pull_request_target:

 # The action needs to have write permissions to post comments on the PR.
 permissions:
@@ -10,4 +10,4 @@ permissions:

 jobs:
  check_commits:
-    uses: XRPLF/actions/.github/workflows/check-pr-commits.yml@481048b78b94ac3343d1292b4ef125a813879f2b
+    uses: XRPLF/actions/.github/workflows/check-pr-commits.yml@e2c7f400d1e85ae65dad552fd425169fbacca4a3
--- a/.github/workflows/check-pr-description.yml
+++ b/.github/workflows/check-pr-description.yml
@@ -0,0 +1,30 @@
+name: Check PR description
+
+on:
+  merge_group:
+    types:
+      - checks_requested
+  pull_request:
+    types: [opened, edited, reopened, synchronize, ready_for_review]
+    branches: [develop]
+
+jobs:
+  check_description:
+    if: ${{ github.event.pull_request.draft != true }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Write PR body to file
+        env:
+          PR_BODY: ${{ github.event.pull_request.body }}
+        if: ${{ github.event_name == 'pull_request' }}
+        run: printenv PR_BODY > pr_body.md
+
+      - name: Check PR description differs from template
+        if: ${{ github.event_name == 'pull_request' }}
+        run: >
+          python .github/scripts/check-pr-description.py
+          --template-file .github/pull_request_template.md
+          --pr-body-file pr_body.md
--- a/.github/workflows/check-pr-title.yml
+++ b/.github/workflows/check-pr-title.yml
@@ -11,4 +11,4 @@ on:
 jobs:
  check_title:
    if: ${{ github.event.pull_request.draft != true }}
-    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@e2c7f400d1e85ae65dad552fd425169fbacca4a3
+    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@a5d8dd35be543365e90a11358447130c8763871d
--- a/.github/workflows/on-pr.yml
+++ b/.github/workflows/on-pr.yml
@@ -46,7 +46,7 @@ jobs:
        # that Github considers any skipped jobs to have passed, and in
        # turn the required checks as well.
        id: changes
-        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
+        uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6
        with:
          files: |
            # These paths are unique to `on-pr.yml`.
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -14,7 +14,7 @@ on:
 jobs:
  # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
  run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@e7896f15cc60d0da1a272c77ee5c4026b424f9c7
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@9307df762265e15c745ddcdb38a581c989f7f349
    with:
      runs_on: ubuntu-latest
      container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-41ec7c1" }'
--- a/.github/workflows/publish-docs.yml
+++ b/.github/workflows/publish-docs.yml
@@ -6,7 +6,6 @@ on:
  push:
    branches:
      - "develop"
-      - "release*"
    paths:
      - ".github/workflows/publish-docs.yml"
      - "*.md"
@@ -37,7 +36,7 @@ env:
  BUILD_DIR: build
  # ubuntu-latest has only 2 CPUs for private repositories
  # https://docs.github.com/en/actions/reference/runners/github-hosted-runners#standard-github-hosted-runners-for--private-repositories
-  NPROC_SUBTRACT: ${{ github.event.repository.private && '1' || '2' }}
+  NPROC_SUBTRACT: ${{ github.event.repository.visibility == 'public' && '2' || '1' }}

 jobs:
  build:
@@ -48,7 +47,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
        with:
          enable_ccache: false

@@ -82,13 +81,13 @@ jobs:
          cmake --build . --target docs --parallel ${BUILD_NPROC}

      - name: Create documentation artifact
-        if: ${{ github.event_name == 'push' }}
-        uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
+        if: ${{ github.event.repository.visibility == 'public' && github.event_name == 'push' }}
+        uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5.0.0
        with:
          path: ${{ env.BUILD_DIR }}/docs/html

  deploy:
-    if: ${{ github.event_name == 'push' }}
+    if: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' }}
    needs: build
    runs-on: ubuntu-latest
    permissions:
@@ -100,4 +99,4 @@ jobs:
    steps:
      - name: Deploy to GitHub Pages
        id: deploy
-        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
+        uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0
--- a/.github/workflows/reusable-build-test-config.yml
+++ b/.github/workflows/reusable-build-test-config.yml
@@ -107,7 +107,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
        with:
          enable_ccache: ${{ inputs.ccache_enabled }}

@@ -153,6 +153,32 @@ jobs:
            ${CMAKE_ARGS} \
            ..

+      - name: Check protocol autogen files are up-to-date
+        working-directory: ${{ env.BUILD_DIR }}
+        env:
+          MESSAGE: |
+
+            The generated protocol wrapper classes are out of date.
+
+            This typically happens when the macro files or generator scripts
+            have changed but the generated files were not regenerated.
+
+            To fix this:
+              1. Run: cmake --build . --target setup_code_gen
+              2. Run: cmake --build . --target code_gen
+              3. Commit and push the regenerated files
+        run: |
+          set -e
+          cmake --build . --target setup_code_gen
+          cmake --build . --target code_gen
+          DIFF=$(git -C .. status --porcelain -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen)
+          if [ -n "${DIFF}" ]; then
+            echo "::error::Generated protocol files are out of date"
+            git -C .. diff -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen
+            echo "${MESSAGE}"
+            exit 1
+          fi
+
      - name: Build the binary
        working-directory: ${{ env.BUILD_DIR }}
        env:
@@ -166,29 +192,6 @@ jobs:
            --parallel "${BUILD_NPROC}" \
            --target "${CMAKE_TARGET}"

-      - name: Check protocol autogen files are up-to-date
-        env:
-          MESSAGE: |
-
-            The generated protocol wrapper classes are out of date.
-
-            This typically happens when your branch is behind develop and
-            the macro files or generator scripts have changed.
-
-            To fix this:
-              1. Update your branch from develop (merge or rebase)
-              2. Build with code generation enabled (XRPL_NO_CODEGEN=OFF)
-              3. Commit and push the regenerated files
-        run: |
-          set -e
-          DIFF=$(git status --porcelain -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen)
-          if [ -n "${DIFF}" ]; then
-            echo "::error::Generated protocol files are out of date"
-            git diff -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen
-            echo "${MESSAGE}"
-            exit 1
-          fi
-
      - name: Show ccache statistics
        if: ${{ inputs.ccache_enabled }}
        run: |
@@ -199,14 +202,30 @@ jobs:
          fi

      - name: Upload the binary (Linux)
-        if: ${{ github.repository == 'XRPLF/rippled' && runner.os == 'Linux' }}
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        if: ${{ github.event.repository.visibility == 'public' && runner.os == 'Linux' }}
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
        with:
          name: xrpld-${{ inputs.config_name }}
          path: ${{ env.BUILD_DIR }}/xrpld
          retention-days: 3
          if-no-files-found: error

+      - name: Export server definitions
+        if: ${{ runner.os != 'Windows' && !inputs.build_only && env.VOIDSTAR_ENABLED != 'true' }}
+        working-directory: ${{ env.BUILD_DIR }}
+        run: |
+          set -o pipefail
+          ./xrpld --definitions | python3 -m json.tool > server_definitions.json
+
+      - name: Upload server definitions
+        if: ${{ github.event.repository.visibility == 'public' && inputs.config_name == 'debian-bookworm-gcc-13-amd64-release' }}
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        with:
+          name: server-definitions
+          path: ${{ env.BUILD_DIR }}/server_definitions.json
+          retention-days: 3
+          if-no-files-found: error
+
      - name: Check linking (Linux)
        if: ${{ runner.os == 'Linux' && env.SANITIZERS_ENABLED == 'false' }}
        working-directory: ${{ env.BUILD_DIR }}
@@ -298,7 +317,7 @@ jobs:

      - name: Upload coverage report
        if: ${{ github.repository == 'XRPLF/rippled' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5.5.3
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
        with:
          disable_search: true
          disable_telem: true
--- a/.github/workflows/reusable-check-rename.yml
+++ b/.github/workflows/reusable-check-rename.yml
@@ -33,6 +33,8 @@ jobs:
        run: .github/scripts/rename/config.sh .
      - name: Check include guards
        run: .github/scripts/rename/include.sh .
+      - name: Check documentation
+        run: .github/scripts/rename/docs.sh .
      - name: Check for differences
        env:
          MESSAGE: |
--- a/.github/workflows/reusable-clang-tidy-files.yml
+++ b/.github/workflows/reusable-clang-tidy-files.yml
@@ -35,7 +35,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
        with:
          enable_ccache: false

@@ -80,18 +80,31 @@ jobs:
        env:
          TARGETS: ${{ inputs.files != '' && inputs.files || 'src tests' }}
        run: |
-          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" ${TARGETS} 2>&1 | tee clang-tidy-output.txt
+          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" -quiet -fix -allow-no-checks ${TARGETS} 2>&1 | tee clang-tidy-output.txt

      - name: Upload clang-tidy output
-        if: steps.run_clang_tidy.outcome != 'success'
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        if: ${{ github.event.repository.visibility == 'public' && steps.run_clang_tidy.outcome != 'success' }}
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
        with:
          name: clang-tidy-results
          path: clang-tidy-output.txt
          retention-days: 30

+      - name: Generate git diff
+        if: ${{ steps.run_clang_tidy.outcome != 'success' }}
+        run: |
+          git diff | tee clang-tidy-git-diff.txt
+
+      - name: Upload clang-tidy diff output
+        if: ${{ github.event.repository.visibility == 'public' && steps.run_clang_tidy.outcome != 'success' }}
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        with:
+          name: clang-tidy-git-diff
+          path: clang-tidy-git-diff.txt
+          retention-days: 30
+
      - name: Create an issue
-        if: steps.run_clang_tidy.outcome != 'success' && inputs.create_issue_on_failure
+        if: ${{ steps.run_clang_tidy.outcome != 'success' && inputs.create_issue_on_failure }}
        id: create_issue
        shell: bash
        env:
@@ -156,7 +169,7 @@ jobs:
          rm -f create_issue.log issue.md clang-tidy-output.txt

      - name: Fail the workflow if clang-tidy failed
-        if: steps.run_clang_tidy.outcome != 'success'
+        if: ${{ steps.run_clang_tidy.outcome != 'success' }}
        run: |
          echo "Clang-tidy check failed!"
          exit 1
--- a/.github/workflows/reusable-clang-tidy.yml
+++ b/.github/workflows/reusable-clang-tidy.yml
@@ -31,7 +31,7 @@ jobs:

      - name: Get changed C++ files
        id: changed_files
-        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
+        uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6
        with:
          files: |
            **/*.cpp
@@ -41,7 +41,7 @@ jobs:

      - name: Get changed clang-tidy configuration
        id: changed_clang_tidy
-        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
+        uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6
        with:
          files: |
            .clang-tidy
--- a/.github/workflows/upload-conan-deps.yml
+++ b/.github/workflows/upload-conan-deps.yml
@@ -70,7 +70,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@90f11ee655d1687824fb8793db770477d52afbab
        with:
          enable_ccache: false

--- a/.gitignore
+++ b/.gitignore
@@ -13,6 +13,7 @@
 Debug/
 Release/
 /.build/
+/.venv/
 /build/
 /db/
 /out.txt
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -17,10 +17,25 @@ repos:
        args: [--maxkb=400, --enforce-all]
      - id: trailing-whitespace
      - id: end-of-file-fixer
-      - id: mixed-line-ending
      - id: check-merge-conflict
        args: [--assume-in-merge]

+  - repo: local
+    hooks:
+      - id: clang-tidy
+        name: "clang-tidy (enable with: TIDY=1)"
+        entry: ./bin/pre-commit/clang_tidy_check.py
+        language: python
+        types_or: [c++, c]
+        exclude: ^include/xrpl/protocol_autogen
+        pass_filenames: false # script determines the staged files itself
+      - id: fix-include-style
+        name: fix include style
+        entry: ./bin/pre-commit/fix_include_style.py
+        language: python
+        types_or: [c++, c]
+        exclude: ^include/xrpl/protocol_autogen/(transactions|ledger_entries)/
+
  - repo: https://github.com/pre-commit/mirrors-clang-format
    rev: cd481d7b0bfb5c7b3090c21846317f9a8262e891 # frozen: v22.1.0
    hooks:
@@ -38,12 +53,19 @@ repos:
    rev: c2bc67fe8f8f549cc489e00ba8b45aa18ee713b1 # frozen: v3.8.1
    hooks:
      - id: prettier
+        args: [--end-of-line=auto]

  - repo: https://github.com/psf/black-pre-commit-mirror
    rev: ea488cebbfd88a5f50b8bd95d5c829d0bb76feb8 # frozen: 26.1.0
    hooks:
      - id: black

+  - repo: https://github.com/openstack/bashate
+    rev: 5798d24d571676fc407e81df574c1ef57b520f23 # frozen: 2.1.1
+    hooks:
+      - id: bashate
+        args: ["--ignore=E006"]
+
  - repo: https://github.com/streetsidesoftware/cspell-cli
    rev: a42085ade523f591dca134379a595e7859986445 # frozen: v9.7.0
    hooks:
--- a/API-CHANGELOG.md
+++ b/API-CHANGELOG.md
@@ -4,23 +4,23 @@ This changelog is intended to list all updates to the [public API methods](https

 For info about how [API versioning](https://xrpl.org/request-formatting.html#api-versioning) works, including examples, please view the [XLS-22d spec](https://github.com/XRPLF/XRPL-Standards/discussions/54). For details about the implementation of API versioning, view the [implementation PR](https://github.com/XRPLF/rippled/pull/3155). API versioning ensures existing integrations and users continue to receive existing behavior, while those that request a higher API version will experience new behavior.

-The API version controls the API behavior you see. This includes what properties you see in responses, what parameters you're permitted to send in requests, and so on. You specify the API version in each of your requests. When a breaking change is introduced to the `rippled` API, a new version is released. To avoid breaking your code, you should set (or increase) your version when you're ready to upgrade.
+The API version controls the API behavior you see. This includes what properties you see in responses, what parameters you're permitted to send in requests, and so on. You specify the API version in each of your requests. When a breaking change is introduced to the `xrpld` API, a new version is released. To avoid breaking your code, you should set (or increase) your version when you're ready to upgrade.

 The [commandline](https://xrpl.org/docs/references/http-websocket-apis/api-conventions/request-formatting/#commandline-format) always uses the latest API version. The command line is intended for ad-hoc usage by humans, not programs or automated scripts. The command line is not meant for use in production code.

-For a log of breaking changes, see the **API Version [number]** headings. In general, breaking changes are associated with a particular API Version number. For non-breaking changes, scroll to the **XRP Ledger version [x.y.z]** headings. Non-breaking changes are associated with a particular XRP Ledger (`rippled`) release.
+For a log of breaking changes, see the **API Version [number]** headings. In general, breaking changes are associated with a particular API Version number. For non-breaking changes, scroll to the **XRP Ledger version [x.y.z]** headings. Non-breaking changes are associated with a particular XRP Ledger (`xrpld`) release.

 ## API Version 3 (Beta)

-API version 3 is currently a beta API. It requires enabling `[beta_rpc_api]` in the rippled configuration to use. See [API-VERSION-3.md](API-VERSION-3.md) for the full list of changes in API version 3.
+API version 3 is currently a beta API. It requires enabling `[beta_rpc_api]` in the xrpld configuration to use. See [API-VERSION-3.md](API-VERSION-3.md) for the full list of changes in API version 3.

 ## API Version 2

-API version 2 is available in `rippled` version 2.0.0 and later. See [API-VERSION-2.md](API-VERSION-2.md) for the full list of changes in API version 2.
+API version 2 is available in `xrpld` version 2.0.0 and later. See [API-VERSION-2.md](API-VERSION-2.md) for the full list of changes in API version 2.

 ## API Version 1

-This version is supported by all `rippled` versions. For WebSocket and HTTP JSON-RPC requests, it is currently the default API version used when no `api_version` is specified.
+This version is supported by all `xrpld` versions. For WebSocket and HTTP JSON-RPC requests, it is currently the default API version used when no `api_version` is specified.

 ## Unreleased

@@ -38,6 +38,8 @@ This section contains changes targeting a future version.
 ### Bugfixes

 - Peer Crawler: The `port` field in `overlay.active[]` now consistently returns an integer instead of a string for outbound peers. [#6318](https://github.com/XRPLF/rippled/pull/6318)
+- `ping`: The `ip` field is no longer returned as an empty string for proxied connections without a forwarded-for header. It is now omitted, consistent with the behavior for identified connections. [#6730](https://github.com/XRPLF/rippled/pull/6730)
+- gRPC `GetLedgerDiff`: Fixed error message that incorrectly said "base ledger not validated" when the desired ledger was not validated. [#6730](https://github.com/XRPLF/rippled/pull/6730)

 ## XRP Ledger server version 3.1.0

--- a/API-VERSION-2.md
+++ b/API-VERSION-2.md
@@ -1,6 +1,6 @@
 # API Version 2

-API version 2 is available in `rippled` version 2.0.0 and later. To use this API, clients specify `"api_version" : 2` in each request.
+API version 2 is available in `xrpld` version 2.0.0 and later. To use this API, clients specify `"api_version" : 2` in each request.

 For info about how [API versioning](https://xrpl.org/request-formatting.html#api-versioning) works, including examples, please view the [XLS-22d spec](https://github.com/XRPLF/XRPL-Standards/discussions/54). For details about the implementation of API versioning, view the [implementation PR](https://github.com/XRPLF/rippled/pull/3155). API versioning ensures existing integrations and users continue to receive existing behavior, while those that request a higher API version will experience new behavior.

--- a/API-VERSION-3.md
+++ b/API-VERSION-3.md
@@ -1,6 +1,6 @@
 # API Version 3

-API version 3 is currently a **beta API**. It requires enabling `[beta_rpc_api]` in the rippled configuration to use. To use this API, clients specify `"api_version" : 3` in each request.
+API version 3 is currently a **beta API**. It requires enabling `[beta_rpc_api]` in the xrpld configuration to use. To use this API, clients specify `"api_version" : 3` in each request.

 For info about how [API versioning](https://xrpl.org/request-formatting.html#api-versioning) works, including examples, please view the [XLS-22d spec](https://github.com/XRPLF/XRPL-Standards/discussions/54). For details about the implementation of API versioning, view the [implementation PR](https://github.com/XRPLF/rippled/pull/3155). API versioning ensures existing integrations and users continue to receive existing behavior, while those that request a higher API version will experience new behavior.

--- a/BUILD.md
+++ b/BUILD.md
@@ -141,7 +141,7 @@ Alternatively, you can pull our recipes from the repository and export them loca

 ```bash
 # Define which recipes to export.
-recipes=('abseil' 'ed25519' 'grpc' 'm4' 'mpt-crypto' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')
+recipes=('abseil' 'ed25519' 'grpc' 'm4' 'mpt-crypto' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')

 # Selectively check out the recipes from our CCI fork.
 cd external
@@ -459,6 +459,21 @@ install ccache --version 4.11.3 --allow-downgrade`.
   The location of `xrpld` binary in your build directory depends on your
   CMake generator. Pass `--help` to see the rest of the command line options.

+## Code generation
+
+The protocol wrapper classes in `include/xrpl/protocol_autogen/` are generated
+from macro definition files in `include/xrpl/protocol/detail/`. If you modify
+the macro files (e.g. `transactions.macro`, `ledger_entries.macro`) or the
+generation scripts/templates in `cmake/scripts/codegen/`, you need to regenerate the
+files:
+
+```
+cmake --build . --target setup_code_gen  # create venv and install dependencies (once)
+cmake --build . --target code_gen        # regenerate code
+```
+
+The regenerated files should be committed alongside your changes.
+
 ## Coverage report

 The coverage report is intended for developers using compilers GCC
@@ -603,8 +618,8 @@ If you want to experiment with a new package, follow these steps:
     `default_options` property (with syntax `'$package:$option': $value`).
 3. Modify [`CMakeLists.txt`](./CMakeLists.txt):
   - Add a call to `find_package($package REQUIRED)`.
-   - Link a library from the package to the target `ripple_libs`
-     (search for the existing call to `target_link_libraries(ripple_libs INTERFACE ...)`).
+   - Link a library from the package to the target `xrpl_libs`
+     (search for the existing call to `target_link_libraries(xrpl_libs INTERFACE ...)`).
 4. Start coding! Don't forget to include whatever headers you need from the package.

 [1]: https://github.com/conan-io/conan-center-index/issues/13168
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -88,6 +88,7 @@ find_package(ed25519 REQUIRED)
 find_package(gRPC REQUIRED)
 find_package(LibArchive REQUIRED)
 find_package(lz4 REQUIRED)
+find_package(mpt-crypto REQUIRED)
 find_package(nudb REQUIRED)
 find_package(OpenSSL REQUIRED)
 find_package(secp256k1 REQUIRED)
@@ -100,6 +101,7 @@ target_link_libraries(
    INTERFACE
        ed25519::ed25519
        lz4::lz4
+        mpt-crypto::mpt-crypto
        OpenSSL::Crypto
        OpenSSL::SSL
        secp256k1::secp256k1
@@ -132,6 +134,7 @@ if(coverage)
 endif()

 include(XrplCore)
+include(XrplProtocolAutogen)
 include(XrplInstall)
 include(XrplValidatorKeys)

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -267,17 +267,37 @@ See the [environment setup guide](./docs/build/environment.md#clang-tidy) for pl

 Before running clang-tidy, you must build the project to generate required files (particularly protobuf headers). Refer to [`BUILD.md`](./BUILD.md) for build instructions.

+#### Via pre-commit (recommended)
+
+If you have already installed the pre-commit hooks (see above), you can run clang-tidy on your staged files using:
+
+```
+TIDY=1 pre-commit run clang-tidy
+```
+
+This runs clang-tidy locally with the same configuration/flags as CI, scoped to your staged C++ files. The `TIDY=1` environment variable is required to opt in — without it the hook is skipped.
+
+You can also have clang-tidy run automatically on every `git commit` by setting `TIDY=1` in your shell environment:
+
+```
+export TIDY=1
+```
+
+With this set, the hook will run as part of `git commit` alongside the other pre-commit checks.
+
+#### Manually
+
 Then run clang-tidy on your local changes:

 ```
-run-clang-tidy -p build src include tests
+run-clang-tidy -p build -allow-no-checks src tests
 ```

 This will check all source files in the `src`, `include` and `tests` directories using the compile commands from your `build` directory.
 If you wish to automatically fix whatever clang-tidy finds _and_ is capable of fixing, add `-fix` to the above command:

 ```
-run-clang-tidy -p build -fix src include tests
+run-clang-tidy -p build -quiet -fix -allow-no-checks src tests
 ```

 ## Contracts and instrumentation
@@ -533,7 +553,7 @@ All releases, including release candidates and betas, are handled
 differently from typical PRs. Most importantly, never use
 the Github UI to merge a release.

-Rippled uses a linear workflow model that can be summarized as:
+Xrpld uses a linear workflow model that can be summarized as:

 1. In between releases, developers work against the `develop` branch.
 2. Periodically, a maintainer will build and tag a beta version from
--- a/README.md
+++ b/README.md
@@ -8,11 +8,11 @@ The [XRP Ledger](https://xrpl.org/) is a decentralized cryptographic ledger powe

 [XRP](https://xrpl.org/xrp.html) is a public, counterparty-free crypto-asset native to the XRP Ledger, and is designed as a gas token for network services and to bridge different currencies. XRP is traded on the open-market and is available for anyone to access. The XRP Ledger was created in 2012 with a finite supply of 100 billion units of XRP.

-## rippled
+## xrpld

-The server software that powers the XRP Ledger is called `rippled` and is available in this repository under the permissive [ISC open-source license](LICENSE.md). The `rippled` server software is written primarily in C++ and runs on a variety of platforms. The `rippled` server software can run in several modes depending on its [configuration](https://xrpl.org/rippled-server-modes.html).
+The server software that powers the XRP Ledger is called `xrpld` and is available in this repository under the permissive [ISC open-source license](LICENSE.md). The `xrpld` server software is written primarily in C++ and runs on a variety of platforms. The `xrpld` server software can run in several modes depending on its [configuration](https://xrpl.org/rippled-server-modes.html).

-If you are interested in running an **API Server** (including a **Full History Server**), take a look at [Clio](https://github.com/XRPLF/clio). (rippled Reporting Mode has been replaced by Clio.)
+If you are interested in running an **API Server** (including a **Full History Server**), take a look at [Clio](https://github.com/XRPLF/clio). (xrpld Reporting Mode has been replaced by Clio.)

 ### Build from Source

@@ -41,19 +41,19 @@ If you are interested in running an **API Server** (including a **Full History S

 Here are some good places to start learning the source code:

- Read the markdown files in the source tree: `src/ripple/**/*.md`.
+- Read the markdown files in the source tree: `src/xrpld/**/*.md`.
 - Read [the levelization document](.github/scripts/levelization) to get an idea of the internal dependency graph.
 - In the big picture, the `main` function constructs an `ApplicationImp` object, which implements the `Application` virtual interface. Almost every component in the application takes an `Application&` parameter in its constructor, typically named `app` and stored as a member variable `app_`. This allows most components to depend on any other component.

 ### Repository Contents

-| Folder     | Contents                                         |
-| :--------- | :----------------------------------------------- |
-| `./bin`    | Scripts and data files for Ripple integrators.   |
-| `./Builds` | Platform-specific guides for building `rippled`. |
-| `./docs`   | Source documentation files and doxygen config.   |
-| `./cfg`    | Example configuration files.                     |
-| `./src`    | Source code.                                     |
+| Folder     | Contents                                       |
+| :--------- | :--------------------------------------------- |
+| `./bin`    | Scripts and data files for XRPL developers.    |
+| `./Builds` | Platform-specific guides for building `xrpld`. |
+| `./docs`   | Source documentation files and doxygen config. |
+| `./cfg`    | Example configuration files.                   |
+| `./src`    | Source code.                                   |

 Some of the directories under `src` are external repositories included using
 git-subtree. See those directories' README files for more details.
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -6,7 +6,7 @@ For more details on operating an XRP Ledger server securely, please visit https:

 ## Supported Versions

-Software constantly evolves. In order to focus resources, we only generally only accept vulnerability reports that affect recent and current versions of the software. We always accept reports for issues present in the **master**, **release** or **develop** branches, and with proposed, [open pull requests](https://github.com/ripple/rippled/pulls).
+Software constantly evolves. In order to focus resources, we generally only accept vulnerability reports that affect recent and current versions of the software. We always accept reports for issues present in the **master**, **release** or **develop** branches, and with proposed, [open pull requests](https://github.com/XRPLF/rippled/pulls).

 ## Identifying and Reporting Vulnerabilities

@@ -59,11 +59,11 @@ While we commit to responding with 24 hours of your initial report with our tria

 ## Bug Bounty Program

-[Ripple](https://ripple.com) is generously sponsoring a bug bounty program for vulnerabilities in [`rippled`](https://github.com/XRPLF/rippled) (and other related projects, like [`xrpl.js`](https://github.com/XRPLF/xrpl.js), [`xrpl-py`](https://github.com/XRPLF/xrpl-py), [`xrpl4j`](https://github.com/XRPLF/xrpl4j)).
+[Ripple](https://ripple.com) is generously sponsoring a bug bounty program for vulnerabilities in [`xrpld`](https://github.com/XRPLF/rippled) (and other related projects, like [`xrpl.js`](https://github.com/XRPLF/xrpl.js), [`xrpl-py`](https://github.com/XRPLF/xrpl-py), [`xrpl4j`](https://github.com/XRPLF/xrpl4j)).

 This program allows us to recognize and reward individuals or groups that identify and report bugs. In summary, in order to qualify for a bounty, the bug must be:

-1. **In scope**. Only bugs in software under the scope of the program qualify. Currently, that means `rippled`, `xrpl.js`, `xrpl-py`, `xrpl4j`.
+1. **In scope**. Only bugs in software under the scope of the program qualify. Currently, that means `xrpld`, `xrpl.js`, `xrpl-py`, `xrpl4j`.
 2. **Relevant**. A security issue, posing a danger to user funds, privacy, or the operation of the XRP Ledger.
 3. **Original and previously unknown**. Bugs that are already known and discussed in public do not qualify. Previously reported bugs, even if publicly unknown, are not eligible.
 4. **Specific**. We welcome general security advice or recommendations, but we cannot pay bounties for that.
--- a/bin/git/setup-upstreams.sh
+++ b/bin/git/setup-upstreams.sh
@@ -1,14 +1,13 @@
 #!/bin/bash

-if [[ $# -ne 1 || "$1" == "--help" || "$1" == "-h" ]]
-then
-  name=$( basename $0 )
-  cat <<- USAGE
-  Usage: $name <username>
+if [[ $# -ne 1 || "$1" == "--help" || "$1" == "-h" ]]; then
+    name=$( basename $0 )
+    cat <<- USAGE
+    Usage: $name <username>

-  Where <username> is the Github username of the upstream repo. e.g. XRPLF
+    Where <username> is the Github username of the upstream repo. e.g. XRPLF
 USAGE
-  exit 0
+    exit 0
 fi

 # Create upstream remotes based on origin
@@ -16,10 +15,9 @@ shift
 user="$1"
 # Get the origin URL. Expect it be an SSH-style URL
 origin=$( git remote get-url origin )
-if [[ "${origin}" == "" ]]
-then
-  echo Invalid origin remote >&2
-  exit 1
+if [[ "${origin}" == "" ]]; then
+    echo Invalid origin remote >&2
+    exit 1
 fi
 # echo "Origin: ${origin}"
 # Parse the origin
@@ -30,11 +28,9 @@ IFS='@' read sshuser server <<< "${remote}"
 # echo "SSHUser: ${sshuser}, Server: ${server}"
 IFS='/' read originuser repo <<< "${originpath}"
 # echo "Originuser: ${originuser}, Repo: ${repo}"
-if [[ "${sshuser}" == "" || "${server}" == "" || "${originuser}" == ""
-  || "${repo}" == "" ]]
-then
-  echo "Can't parse origin URL: ${origin}" >&2
-  exit 1
+if [[ "${sshuser}" == "" || "${server}" == "" || "${originuser}" == "" || "${repo}" == "" ]]; then
+    echo "Can't parse origin URL: ${origin}" >&2
+    exit 1
 fi
 upstream="https://${server}/${user}/${repo}"
 upstreampush="${remote}:${user}/${repo}"
@@ -42,42 +38,34 @@ upstreamgroup="upstream upstream-push"
 current=$( git remote get-url upstream 2>/dev/null )
 currentpush=$( git remote get-url upstream-push 2>/dev/null )
 currentgroup=$( git config remotes.upstreams )
-if [[ "${current}" == "${upstream}" ]]
-then
-  echo "Upstream already set up correctly. Skip"
-elif [[ -n "${current}" && "${current}" != "${upstream}" &&
-  "${current}" != "${upstreampush}" ]]
-then
-  echo "Upstream already set up as: ${current}. Skip"
+if [[ "${current}" == "${upstream}" ]]; then
+    echo "Upstream already set up correctly. Skip"
+elif [[ -n "${current}" && "${current}" != "${upstream}" && "${current}" != "${upstreampush}" ]]; then
+    echo "Upstream already set up as: ${current}. Skip"
 else
-  if [[ "${current}" == "${upstreampush}" ]]
-  then
-    echo "Upstream set to dangerous push URL. Update."
-    _run git remote rename upstream upstream-push || \
-    _run git remote remove upstream
-    currentpush=$( git remote get-url upstream-push 2>/dev/null )
-  fi
-  _run git remote add upstream "${upstream}"
+    if [[ "${current}" == "${upstreampush}" ]]; then
+        echo "Upstream set to dangerous push URL. Update."
+        _run git remote rename upstream upstream-push || \
+        _run git remote remove upstream
+        currentpush=$( git remote get-url upstream-push 2>/dev/null )
+    fi
+    _run git remote add upstream "${upstream}"
 fi

-if [[ "${currentpush}" == "${upstreampush}" ]]
-then
-  echo "upstream-push already set up correctly. Skip"
-elif [[ -n "${currentpush}" && "${currentpush}" != "${upstreampush}" ]]
-then
-  echo "upstream-push already set up as: ${currentpush}. Skip"
+if [[ "${currentpush}" == "${upstreampush}" ]]; then
+    echo "upstream-push already set up correctly. Skip"
+elif [[ -n "${currentpush}" && "${currentpush}" != "${upstreampush}" ]]; then
+    echo "upstream-push already set up as: ${currentpush}. Skip"
 else
-  _run git remote add upstream-push "${upstreampush}"
+    _run git remote add upstream-push "${upstreampush}"
 fi

-if [[ "${currentgroup}" == "${upstreamgroup}" ]]
-then
-  echo "Upstreams group already set up correctly. Skip"
-elif [[ -n "${currentgroup}" && "${currentgroup}" != "${upstreamgroup}" ]]
-then
-  echo "Upstreams group already set up as: ${currentgroup}. Skip"
+if [[ "${currentgroup}" == "${upstreamgroup}" ]]; then
+    echo "Upstreams group already set up correctly. Skip"
+elif [[ -n "${currentgroup}" && "${currentgroup}" != "${upstreamgroup}" ]]; then
+    echo "Upstreams group already set up as: ${currentgroup}. Skip"
 else
-  _run git config --add remotes.upstreams "${upstreamgroup}"
+    _run git config --add remotes.upstreams "${upstreamgroup}"
 fi

 _run git fetch --jobs=$(nproc) upstreams
--- a/bin/git/squash-branches.sh
+++ b/bin/git/squash-branches.sh
@@ -1,17 +1,16 @@
 #!/bin/bash

-if [[ $# -lt 3 || "$1" == "--help" || "$1" = "-h" ]]
-then
-  name=$( basename $0 )
-  cat <<- USAGE
-  Usage: $name workbranch base/branch user/branch [user/branch [...]]
+if [[ $# -lt 3 || "$1" == "--help" || "$1" = "-h" ]]; then
+    name=$( basename $0 )
+    cat <<- USAGE
+    Usage: $name workbranch base/branch user/branch [user/branch [...]]

-  * workbranch will be created locally from base/branch
-  * base/branch and user/branch may be specified as user:branch to allow
-    easy copying from Github PRs
-  * Remotes for each user must already be set up
+    * workbranch will be created locally from base/branch
+    * base/branch and user/branch may be specified as user:branch to allow
+        easy copying from Github PRs
+    * Remotes for each user must already be set up
 USAGE
-exit 0
+    exit 0
 fi

 work="$1"
@@ -24,9 +23,8 @@ unset branches[0]
 set -e

 users=()
-for b in "${branches[@]}"
-do
-  users+=( $( echo $b | cut -d/ -f1 ) )
+for b in "${branches[@]}"; do
+    users+=( $( echo $b | cut -d/ -f1 ) )
 done

 users=( $( printf '%s\n' "${users[@]}" | sort -u ) )
@@ -34,10 +32,9 @@ users=( $( printf '%s\n' "${users[@]}" | sort -u ) )
 git fetch --multiple upstreams "${users[@]}"
 git checkout -B "$work" --no-track "$base"

-for b in "${branches[@]}"
-do
-  git merge --squash "${b}"
-  git commit -S # Use the commit message provided on the PR
+for b in "${branches[@]}"; do
+    git merge --squash "${b}"
+    git commit -S # Use the commit message provided on the PR
 done

 # Make sure the commits look right
@@ -47,13 +44,11 @@ parts=( $( echo $base | sed "s/\// /" ) )
 repo="${parts[0]}"
 b="${parts[1]}"
 push=$repo
-if [[ "$push" == "upstream" ]]
-then
-  push="upstream-push"
+if [[ "$push" == "upstream" ]]; then
+    push="upstream-push"
 fi
-if [[ "$repo" == "upstream" ]]
-then
-  repo="upstreams"
+if [[ "$repo" == "upstream" ]]; then
+    repo="upstreams"
 fi
 cat << PUSH

--- a/bin/git/update-version.sh
+++ b/bin/git/update-version.sh
@@ -1,17 +1,16 @@
 #!/bin/bash

-if [[ $# -ne 3 || "$1" == "--help" || "$1" = "-h" ]]
-then
-  name=$( basename $0 )
-  cat <<- USAGE
-  Usage: $name workbranch base/branch version
+if [[ $# -ne 3 || "$1" == "--help" || "$1" = "-h" ]]; then
+    name=$( basename $0 )
+    cat <<- USAGE
+    Usage: $name workbranch base/branch version

-  * workbranch will be created locally from base/branch. If it exists,
-    it will be reused, so make sure you don't overwrite any work.
-  * base/branch may be specified as user:branch to allow easy copying
-    from Github PRs.
+    * workbranch will be created locally from base/branch. If it exists,
+        it will be reused, so make sure you don't overwrite any work.
+    * base/branch may be specified as user:branch to allow easy copying
+        from Github PRs.
 USAGE
-exit 0
+    exit 0
 fi

 work="$1"
@@ -30,10 +29,9 @@ git fetch upstreams
 git checkout -B "${work}" --no-track "${base}"

 push=$( git rev-parse --abbrev-ref --symbolic-full-name '@{push}' \
-              2>/dev/null ) || true
-if [[ "${push}" != "" ]]
-then
-  echo "Warning: ${push} may already exist."
+    2>/dev/null ) || true
+if [[ "${push}" != "" ]]; then
+    echo "Warning: ${push} may already exist."
 fi

 build=$( find -name BuildInfo.cpp )
--- a/bin/pre-commit/clang_tidy_check.py
+++ b/bin/pre-commit/clang_tidy_check.py
@@ -0,0 +1,206 @@
+#!/usr/bin/env python3
+"""Pre-commit hook that runs clang-tidy on changed files using run-clang-tidy."""
+
+from __future__ import annotations
+
+import json
+import os
+import re
+import shutil
+import subprocess
+import sys
+from collections import defaultdict
+from pathlib import Path
+
+HEADER_EXTENSIONS = {".h", ".hpp", ".ipp"}
+SOURCE_EXTENSIONS = {".cpp"}
+INCLUDE_RE = re.compile(r"^\s*#\s*include\s*[<\"]([^>\"]+)[>\"]")
+
+
+def find_run_clang_tidy() -> str | None:
+    for candidate in ("run-clang-tidy-21", "run-clang-tidy"):
+        if path := shutil.which(candidate):
+            return path
+    return None
+
+
+def find_build_dir(repo_root: Path) -> Path | None:
+    for name in (".build", "build"):
+        candidate = repo_root / name
+        if (candidate / "compile_commands.json").exists():
+            return candidate
+    return None
+
+
+def build_include_graph(build_dir: Path, repo_root: Path) -> tuple[dict, set]:
+    """
+    Scan all files reachable from compile_commands.json and build an inverted include graph.
+
+    Returns:
+        inverted: header_path -> set of files that include it
+        source_files: set of all TU paths from compile_commands.json
+    """
+    with open(build_dir / "compile_commands.json") as f:
+        db = json.load(f)
+
+    source_files = {Path(e["file"]).resolve() for e in db}
+    include_roots = [repo_root / "include", repo_root / "src"]
+    inverted: dict[Path, set[Path]] = defaultdict(set)
+
+    to_scan: set[Path] = set(source_files)
+    scanned: set[Path] = set()
+
+    while to_scan:
+        file = to_scan.pop()
+        if file in scanned or not file.exists():
+            continue
+        scanned.add(file)
+
+        content = file.read_text()
+
+        for line in content.splitlines():
+            m = INCLUDE_RE.match(line)
+            if not m:
+                continue
+            for root in include_roots:
+                candidate = (root / m.group(1)).resolve()
+                if candidate.exists():
+                    inverted[candidate].add(file)
+                    if candidate not in scanned:
+                        to_scan.add(candidate)
+                    break
+
+    return inverted, source_files
+
+
+def find_tus_for_headers(
+    headers: list[Path],
+    inverted: dict[Path, set[Path]],
+    source_files: set[Path],
+) -> set[Path]:
+    """
+    For each header, pick one TU that transitively includes it.
+    Prefers a TU whose stem matches the header's stem, otherwise picks the first found.
+    """
+    result: set[Path] = set()
+
+    for header in headers:
+        preferred: Path | None = None
+        visited: set[Path] = {header}
+        stack: list[Path] = [header]
+
+        while stack:
+            h = stack.pop()
+            for inc in inverted.get(h, ()):
+                if inc in source_files:
+                    if inc.stem == header.stem:
+                        preferred = inc
+                        break
+                    if preferred is None:
+                        preferred = inc
+                if inc not in visited:
+                    visited.add(inc)
+                    stack.append(inc)
+            if preferred is not None and preferred.stem == header.stem:
+                break
+
+        if preferred is not None:
+            result.add(preferred)
+
+    return result
+
+
+def resolve_files(
+    input_files: list[str], build_dir: Path, repo_root: Path
+) -> list[str]:
+    """
+    Split input into source files and headers. Source files are passed through;
+    headers are resolved to the TUs that transitively include them.
+    """
+    sources: list[Path] = []
+    headers: list[Path] = []
+
+    for f in input_files:
+        p = Path(f).resolve()
+        if p.suffix in SOURCE_EXTENSIONS:
+            sources.append(p)
+        elif p.suffix in HEADER_EXTENSIONS:
+            headers.append(p)
+
+    if not headers:
+        return [str(p) for p in sources]
+
+    print(
+        f"Resolving {len(headers)} header(s) to compilation units...", file=sys.stderr
+    )
+    inverted, source_files = build_include_graph(build_dir, repo_root)
+    tus = find_tus_for_headers(headers, inverted, source_files)
+
+    if not tus:
+        print(
+            "Warning: no compilation units found that include the modified headers; "
+            "skipping clang-tidy for headers.",
+            file=sys.stderr,
+        )
+
+    return sorted({str(p) for p in (*sources, *tus)})
+
+
+def staged_files(repo_root: Path) -> list[str]:
+    result = subprocess.run(
+        ["git", "diff", "--staged", "--name-only", "--diff-filter=d"],
+        capture_output=True,
+        text=True,
+        cwd=repo_root,
+    )
+    if result.returncode != 0:
+        print(
+            "clang-tidy check failed: 'git diff --staged' command failed.",
+            file=sys.stderr,
+        )
+        if result.stderr:
+            print(result.stderr, file=sys.stderr)
+        sys.exit(result.returncode or 1)
+    return [str(repo_root / p) for p in result.stdout.splitlines() if p]
+
+
+def main():
+    if not os.environ.get("TIDY"):
+        return 0
+
+    repo_root = Path(__file__).parent.parent
+    files = staged_files(repo_root)
+    if not files:
+        return 0
+
+    run_clang_tidy = find_run_clang_tidy()
+    if not run_clang_tidy:
+        print(
+            "clang-tidy check failed: TIDY is enabled but neither "
+            "'run-clang-tidy-21' nor 'run-clang-tidy' was found in PATH.",
+            file=sys.stderr,
+        )
+        return 1
+
+    build_dir = find_build_dir(repo_root)
+    if not build_dir:
+        print(
+            "clang-tidy check failed: no build directory with compile_commands.json found "
+            "(looked for .build/ and build/)",
+            file=sys.stderr,
+        )
+        return 1
+
+    tidy_files = resolve_files(files, build_dir, repo_root)
+    if not tidy_files:
+        return 0
+
+    result = subprocess.run(
+        [run_clang_tidy, "-quiet", "-p", str(build_dir), "-fix", "-allow-no-checks"]
+        + tidy_files
+    )
+    return result.returncode
+
+
+if __name__ == "__main__":
+    sys.exit(main())
--- a/bin/pre-commit/fix_include_style.py
+++ b/bin/pre-commit/fix_include_style.py
@@ -0,0 +1,37 @@
+#!/usr/bin/env python3
+
+"""
+Converts quoted includes (#include "...") to angle-bracket includes
+(#include <...>), which is the required style in this project.
+
+Usage: ./bin/pre-commit/fix_include_style.py <file1> <file2> ...
+"""
+
+import re
+import sys
+from pathlib import Path
+
+PATTERN = re.compile(r'^(\s*#include\s*)"([^"]+)"', re.MULTILINE)
+
+
+def fix_includes(path: Path) -> bool:
+    original = path.read_text(encoding="utf-8")
+    fixed = PATTERN.sub(r"\1<\2>", original)
+    if fixed != original:
+        path.write_text(fixed, encoding="utf-8")
+        return False
+    return True
+
+
+def main() -> int:
+    files = [Path(f) for f in sys.argv[1:]]
+    success = True
+
+    for path in files:
+        success &= fix_includes(path)
+
+    return 0 if success else 1
+
+
+if __name__ == "__main__":
+    sys.exit(main())
--- a/cfg/validators-example.txt
+++ b/cfg/validators-example.txt
@@ -28,7 +28,7 @@
 #    https://vl.ripple.com
 #    https://unl.xrplf.org
 #    http://127.0.0.1:8000
-#    file:///etc/opt/ripple/vl.txt
+#    file:///etc/opt/xrpld/vl.txt
 #
 # [validator_list_keys]
 #
@@ -43,11 +43,11 @@
 #    ED307A760EE34F2D0CAA103377B1969117C38B8AA0AA1E2A24DAC1F32FC97087ED
 #

-# The default validator list publishers that the rippled instance
+# The default validator list publishers that the xrpld instance
 # trusts.
 #
-# WARNING: Changing these values can cause your rippled instance to see a
-#          validated ledger that contradicts other rippled instances'
+# WARNING: Changing these values can cause your xrpld instance to see a
+#          validated ledger that contradicts other xrpld instances'
 #          validated ledgers (aka a ledger fork) if your validator list(s)
 #          do not sufficiently overlap with the list(s) used by others.
 #          See: https://arxiv.org/pdf/1802.07242.pdf
--- a/cfg/xrpld-example.cfg
+++ b/cfg/xrpld-example.cfg
@@ -9,7 +9,7 @@
 #
 #   2. Peer Protocol
 #
-#   3. Ripple Protocol
+#   3. XRPL protocol
 #
 #   4. HTTPS Client
 #
@@ -383,7 +383,7 @@
 #
 #   These settings control security and access attributes of the Peer to Peer
 #   server section of the xrpld process. Peer Protocol implements the
-#   Ripple Payment protocol. It is over peer connections that transactions
+#   XRPL payment protocol. It is over peer connections that transactions
 #   and validations are passed from to machine to machine, to determine the
 #   contents of validated ledgers.
 #
@@ -406,7 +406,7 @@
 #
 # [ips]
 #
-#   List of hostnames or ips where the Ripple protocol is served.  A default
+#   List of hostnames or ips where the XRPL protocol is served.  A default
 #   starter list is included in the code and used if no other hostnames are
 #   available.
 #
@@ -435,7 +435,7 @@
 #   List of IP addresses or hostnames to which xrpld should always attempt to
 #   maintain peer connections with. This is useful for manually forming private
 #   networks, for example to configure a validation server that connects to the
-#   Ripple network through a public-facing server, or for building a set
+#   XRPL network through a public-facing server, or for building a set
 #   of cluster peers.
 #
 #   One address or domain names per line is allowed. A port must be specified
@@ -748,8 +748,8 @@
 #   the folder in which the xrpld.cfg file is located.
 #
 #   Examples:
-#    /home/ripple/validators.txt
-#    C:/home/ripple/validators.txt
+#    /home/username/validators.txt
+#    C:/home/username/validators.txt
 #
 #   Example content:
 #    [validators]
@@ -840,7 +840,7 @@
 #
 #   0: Disable the ledger replay feature [default]
 #   1: Enable the ledger replay feature. With this feature enabled, when
-#      acquiring a ledger from the network, a xrpld node only downloads
+#      acquiring a ledger from the network, an xrpld node only downloads
 #      the ledger header and the transactions instead of the whole ledger.
 #      And the ledger is built by applying the transactions to the parent
 #      ledger.
@@ -853,7 +853,7 @@
 #
 #   The xrpld server instance uses HTTPS GET requests in a variety of
 #   circumstances, including but not limited to contacting trusted domains to
-#   fetch information such as mapping an email address to a Ripple Payment
+#   fetch information such as mapping an email address to an XRPL payment
 #   Network address.
 #
 # [ssl_verify]
@@ -1227,7 +1227,7 @@
 #
 #----------
 #
-#   The vote settings configure settings for the entire Ripple network.
+#   The vote settings configure settings for the entire XRPL network.
 #   While a single instance of xrpld cannot unilaterally enforce network-wide
 #   settings, these choices become part of the instance's vote during the
 #   consensus process for each voting ledger.
@@ -1416,6 +1416,12 @@
 #       in this section to a comma-separated list of the addresses
 #       of your Clio servers, in order to bypass xrpld's rate limiting.
 #
+#       TLS/SSL can be enabled for gRPC by specifying ssl_cert and ssl_key.
+#       Both parameters must be provided together. The ssl_cert_chain parameter
+#       is optional and provides intermediate CA certificates for the certificate
+#       chain. The ssl_client_ca parameter is optional and enables mutual TLS
+#       (client certificate verification).
+#
 #   This port is commented out but can be enabled by removing
 #   the '#' from each corresponding line including the entry under [server]
 #
@@ -1465,11 +1471,74 @@ admin = 127.0.0.1
 protocol = ws
 send_queue_limit = 500

+# gRPC TLS/SSL Configuration
+#
+#   The gRPC port supports optional TLS/SSL encryption. When TLS is not
+#   configured, the gRPC server will accept unencrypted connections.
+#
+#   ssl_cert = <filename>
+#   ssl_key = <filename>
+#
+#       To enable TLS for gRPC, both ssl_cert and ssl_key must be specified.
+#       If only one is provided, xrpld will fail to start.
+#
+#       ssl_cert: Path to the server's SSL certificate file in PEM format.
+#       ssl_key:  Path to the server's SSL private key file in PEM format.
+#
+#       When configured, the gRPC server will only accept TLS-encrypted
+#       connections. Clients must use TLS (secure) channel credentials rather
+#       than plaintext / insecure connections.
+#
+#   ssl_cert_chain = <filename>
+#
+#       Optional. Path to intermediate CA certificate(s) in PEM format that
+#       complete the server's certificate chain.
+#
+#       This file should contain the intermediate CA certificate(s) needed
+#       to build a trust chain from the server certificate (ssl_cert) to a
+#       root CA that clients trust. Multiple certificates should be
+#       concatenated in PEM format.
+#
+#       This is needed when your server certificate was signed by an
+#       intermediate CA rather than directly by a root CA. Without this,
+#       clients may fail to verify your server certificate.
+#
+#       If not specified, only the server certificate from ssl_cert will be
+#       presented to clients.
+#
+#   ssl_client_ca = <filename>
+#
+#       Optional. Path to a CA certificate file in PEM format for verifying
+#       client certificates (mutual TLS / mTLS).
+#
+#       When specified, the gRPC server will verify client certificates
+#       against this CA. This enables mutual authentication where both the
+#       server and client verify each other's identity.
+#
+#       This is typically NOT needed for public-facing gRPC servers. Only
+#       use this if you want to restrict access to clients with valid
+#       certificates signed by the specified CA.
+#
+#       If not specified, the server will use one-way TLS (server
+#       authentication only) and will accept connections from any client.
+#
 [port_grpc]
 port = 50051
 ip = 127.0.0.1
 secure_gateway = 127.0.0.1

+# Optional TLS/SSL configuration for gRPC
+# To enable TLS, uncomment and configure both ssl_cert and ssl_key:
+#ssl_cert = /etc/ssl/certs/grpc-server.crt
+#ssl_key = /etc/ssl/private/grpc-server.key
+
+# Optional: Include intermediate CA certificates for complete certificate chain
+#ssl_cert_chain = /etc/ssl/certs/grpc-intermediate-ca.crt
+
+# Optional: Enable mutual TLS (client certificate verification)
+# Uncomment to require and verify client certificates:
+#ssl_client_ca = /etc/ssl/certs/grpc-client-ca.crt
+
 #[port_ws_public]
 #port = 6005
 #ip = 127.0.0.1
--- a/cmake/XrplCore.cmake
+++ b/cmake/XrplCore.cmake
@@ -108,24 +108,12 @@ target_link_libraries(
 )

 # Level 05
-## Set up code generation for protocol_autogen module
-include(XrplProtocolAutogen)
-# Must call setup_protocol_autogen before add_module so that:
-# 1. Stale generated files are cleared before GLOB runs
-# 2. Output file list is known for custom commands
-setup_protocol_autogen()
-
 add_module(xrpl protocol_autogen)
 target_link_libraries(
    xrpl.libxrpl.protocol_autogen
    PUBLIC xrpl.libxrpl.protocol
 )

-# Ensure code generation runs before compiling protocol_autogen
-if(TARGET protocol_autogen_generate)
-    add_dependencies(xrpl.libxrpl.protocol_autogen protocol_autogen_generate)
-endif()
-
 # Level 06
 add_module(xrpl core)
 target_link_libraries(
--- a/cmake/XrplProtocolAutogen.cmake
+++ b/cmake/XrplProtocolAutogen.cmake
@@ -2,308 +2,145 @@
   Protocol Autogen - Code generation for protocol wrapper classes
 #]===================================================================]

-# Options for code generation
-option(
-    XRPL_NO_CODEGEN
-    "Disable code generation (use pre-generated files from repository)"
-    OFF
-)
 set(CODEGEN_VENV_DIR
-    ""
+    "${CMAKE_CURRENT_SOURCE_DIR}/.venv"
    CACHE PATH
-    "Path to Python virtual environment for code generation. If provided, automatic venv setup is skipped."
+    "Path to a Python virtual environment for code generation. A venv will be created here by setup_code_gen and used to run generation scripts."
 )

-# Function to set up code generation for protocol_autogen module
-# This runs at configure time to generate C++ wrapper classes from macro files
-function(setup_protocol_autogen)
-    # Directory paths
-    set(MACRO_DIR "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol/detail")
-    set(AUTOGEN_HEADER_DIR
-        "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol_autogen"
-    )
-    set(AUTOGEN_TEST_DIR
-        "${CMAKE_CURRENT_SOURCE_DIR}/src/tests/libxrpl/protocol_autogen"
-    )
-    set(SCRIPTS_DIR "${CMAKE_CURRENT_SOURCE_DIR}/scripts")
+# Directory paths
+set(MACRO_DIR "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol/detail")
+set(AUTOGEN_HEADER_DIR
+    "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol_autogen"
+)
+set(AUTOGEN_TEST_DIR
+    "${CMAKE_CURRENT_SOURCE_DIR}/src/tests/libxrpl/protocol_autogen"
+)
+set(SCRIPTS_DIR "${CMAKE_CURRENT_SOURCE_DIR}/cmake/scripts/codegen")

-    # Input macro files
-    set(TRANSACTIONS_MACRO "${MACRO_DIR}/transactions.macro")
-    set(LEDGER_ENTRIES_MACRO "${MACRO_DIR}/ledger_entries.macro")
-    set(SFIELDS_MACRO "${MACRO_DIR}/sfields.macro")
+# Input macro files
+set(TRANSACTIONS_MACRO "${MACRO_DIR}/transactions.macro")
+set(LEDGER_ENTRIES_MACRO "${MACRO_DIR}/ledger_entries.macro")
+set(SFIELDS_MACRO "${MACRO_DIR}/sfields.macro")

-    # Python scripts and templates
-    set(GENERATE_TX_SCRIPT "${SCRIPTS_DIR}/generate_tx_classes.py")
-    set(GENERATE_LEDGER_SCRIPT "${SCRIPTS_DIR}/generate_ledger_classes.py")
-    set(REQUIREMENTS_FILE "${SCRIPTS_DIR}/requirements.txt")
-    set(MACRO_PARSER_COMMON "${SCRIPTS_DIR}/macro_parser_common.py")
-    set(TX_TEMPLATE "${SCRIPTS_DIR}/templates/Transaction.h.mako")
-    set(TX_TEST_TEMPLATE "${SCRIPTS_DIR}/templates/TransactionTests.cpp.mako")
-    set(LEDGER_TEMPLATE "${SCRIPTS_DIR}/templates/LedgerEntry.h.mako")
-    set(LEDGER_TEST_TEMPLATE
-        "${SCRIPTS_DIR}/templates/LedgerEntryTests.cpp.mako"
+# Python scripts and templates
+set(GENERATE_TX_SCRIPT "${SCRIPTS_DIR}/generate_tx_classes.py")
+set(GENERATE_LEDGER_SCRIPT "${SCRIPTS_DIR}/generate_ledger_classes.py")
+set(REQUIREMENTS_FILE "${SCRIPTS_DIR}/requirements.txt")
+set(MACRO_PARSER_COMMON "${SCRIPTS_DIR}/macro_parser_common.py")
+set(TX_TEMPLATE "${SCRIPTS_DIR}/templates/Transaction.h.mako")
+set(TX_TEST_TEMPLATE "${SCRIPTS_DIR}/templates/TransactionTests.cpp.mako")
+set(LEDGER_TEMPLATE "${SCRIPTS_DIR}/templates/LedgerEntry.h.mako")
+set(LEDGER_TEST_TEMPLATE "${SCRIPTS_DIR}/templates/LedgerEntryTests.cpp.mako")
+set(ALL_INPUT_FILES
+    "${TRANSACTIONS_MACRO}"
+    "${LEDGER_ENTRIES_MACRO}"
+    "${SFIELDS_MACRO}"
+    "${GENERATE_TX_SCRIPT}"
+    "${GENERATE_LEDGER_SCRIPT}"
+    "${REQUIREMENTS_FILE}"
+    "${MACRO_PARSER_COMMON}"
+    "${TX_TEMPLATE}"
+    "${TX_TEST_TEMPLATE}"
+    "${LEDGER_TEMPLATE}"
+    "${LEDGER_TEST_TEMPLATE}"
+)
+
+# Create output directories
+file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/transactions")
+file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/ledger_entries")
+file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/ledger_entries")
+file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/transactions")
+
+# Find Python3
+if(NOT Python3_EXECUTABLE)
+    find_package(Python3 COMPONENTS Interpreter QUIET)
+endif()
+
+if(NOT Python3_EXECUTABLE)
+    find_program(Python3_EXECUTABLE NAMES python3 python)
+endif()
+
+if(NOT Python3_EXECUTABLE)
+    message(
+        WARNING
+        "Python3 not found. The 'code_gen' and 'setup_code_gen' targets will not be available."
    )
+    return()
+endif()

-    # Check if code generation is disabled
-    if(XRPL_NO_CODEGEN)
+# Warn if pip is configured with a non-default index (may need VPN).
+execute_process(
+    COMMAND ${Python3_EXECUTABLE} -m pip config get global.index-url
+    OUTPUT_VARIABLE PIP_INDEX_URL
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+    RESULT_VARIABLE PIP_CONFIG_RESULT
+)
+if(PIP_CONFIG_RESULT EQUAL 0 AND PIP_INDEX_URL)
+    if(
+        NOT PIP_INDEX_URL STREQUAL "https://pypi.org/simple"
+        AND NOT PIP_INDEX_URL STREQUAL "https://pypi.python.org/simple"
+    )
        message(
            WARNING
-            "Protocol autogen: Code generation is disabled (XRPL_NO_CODEGEN=ON). "
-            "Generated files may be out of date."
+            "Private pip index URL detected: ${PIP_INDEX_URL}\n"
+            "You may need to connect to VPN to access this URL."
        )
-        return()
    endif()
+endif()

-    # Create output directories
-    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/transactions")
-    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/ledger_entries")
-    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/ledger_entries")
-    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/transactions")
-
-    # Find Python3 - check if already found by Conan or find it ourselves
-    if(NOT Python3_EXECUTABLE)
-        find_package(Python3 COMPONENTS Interpreter QUIET)
-    endif()
-
-    if(NOT Python3_EXECUTABLE)
-        # Try finding python3 executable directly
-        find_program(Python3_EXECUTABLE NAMES python3 python)
-    endif()
-
-    if(NOT Python3_EXECUTABLE)
-        message(
-            FATAL_ERROR
-            "Python3 not found. Code generation cannot proceed.\n"
-            "Please install Python 3, or set -DXRPL_NO_CODEGEN=ON to use existing generated files."
-        )
-        return()
-    endif()
-
-    message(STATUS "Using Python3 for code generation: ${Python3_EXECUTABLE}")
-
-    # Set up Python virtual environment for code generation
-    if(CODEGEN_VENV_DIR)
-        # User-provided venv - skip automatic setup
-        set(VENV_DIR "${CODEGEN_VENV_DIR}")
-        message(STATUS "Using user-provided Python venv: ${VENV_DIR}")
-    else()
-        # Use default venv in build directory
-        set(VENV_DIR "${CMAKE_CURRENT_BINARY_DIR}/codegen_venv")
-    endif()
-
-    # Determine the Python executable path in the venv
+# Determine which Python interpreter to use for code generation.
+if(CODEGEN_VENV_DIR)
    if(WIN32)
-        set(VENV_PYTHON "${VENV_DIR}/Scripts/python.exe")
-        set(VENV_PIP "${VENV_DIR}/Scripts/pip.exe")
+        set(CODEGEN_PYTHON "${CODEGEN_VENV_DIR}/Scripts/python.exe")
    else()
-        set(VENV_PYTHON "${VENV_DIR}/bin/python")
-        set(VENV_PIP "${VENV_DIR}/bin/pip")
+        set(CODEGEN_PYTHON "${CODEGEN_VENV_DIR}/bin/python")
    endif()
-
-    # Only auto-setup venv if not user-provided
-    if(NOT CODEGEN_VENV_DIR)
-        # Check if venv needs to be created or updated
-        set(VENV_NEEDS_UPDATE FALSE)
-        if(NOT EXISTS "${VENV_PYTHON}")
-            set(VENV_NEEDS_UPDATE TRUE)
-            message(
-                STATUS
-                "Creating Python virtual environment for code generation..."
-            )
-        elseif(
-            "${REQUIREMENTS_FILE}"
-                IS_NEWER_THAN
-                "${VENV_DIR}/.requirements_installed"
-        )
-            set(VENV_NEEDS_UPDATE TRUE)
-            message(
-                STATUS
-                "Updating Python virtual environment (requirements changed)..."
-            )
-        endif()
-
-        # Create/update virtual environment if needed
-        if(VENV_NEEDS_UPDATE)
-            message(
-                STATUS
-                "Setting up Python virtual environment at ${VENV_DIR}"
-            )
-            execute_process(
-                COMMAND ${Python3_EXECUTABLE} -m venv "${VENV_DIR}"
-                RESULT_VARIABLE VENV_RESULT
-                ERROR_VARIABLE VENV_ERROR
-            )
-            if(NOT VENV_RESULT EQUAL 0)
-                message(
-                    FATAL_ERROR
-                    "Failed to create virtual environment: ${VENV_ERROR}"
-                )
-            endif()
-
-            # Check pip index URL configuration
-            execute_process(
-                COMMAND ${VENV_PIP} config get global.index-url
-                OUTPUT_VARIABLE PIP_INDEX_URL
-                OUTPUT_STRIP_TRAILING_WHITESPACE
-                ERROR_QUIET
-            )
-
-            # Default PyPI URL
-            set(DEFAULT_PIP_INDEX "https://pypi.org/simple")
-
-            # Show warning if using non-default index
-            if(PIP_INDEX_URL AND NOT PIP_INDEX_URL STREQUAL "")
-                if(NOT PIP_INDEX_URL STREQUAL DEFAULT_PIP_INDEX)
-                    message(
-                        WARNING
-                        "Private pip index URL detected: ${PIP_INDEX_URL}\n"
-                        "You may need to connect to VPN to access this URL."
-                    )
-                endif()
-            endif()
-
-            message(STATUS "Installing Python dependencies...")
-            execute_process(
-                COMMAND ${VENV_PIP} install --upgrade pip
-                RESULT_VARIABLE PIP_UPGRADE_RESULT
-                OUTPUT_QUIET
-                ERROR_VARIABLE PIP_UPGRADE_ERROR
-            )
-            if(NOT PIP_UPGRADE_RESULT EQUAL 0)
-                message(WARNING "Failed to upgrade pip: ${PIP_UPGRADE_ERROR}")
-            endif()
-
-            execute_process(
-                COMMAND ${VENV_PIP} install -r "${REQUIREMENTS_FILE}"
-                RESULT_VARIABLE PIP_INSTALL_RESULT
-                ERROR_VARIABLE PIP_INSTALL_ERROR
-            )
-            if(NOT PIP_INSTALL_RESULT EQUAL 0)
-                message(
-                    FATAL_ERROR
-                    "Failed to install Python dependencies: ${PIP_INSTALL_ERROR}"
-                )
-            endif()
-
-            # Mark requirements as installed
-            file(TOUCH "${VENV_DIR}/.requirements_installed")
-            message(STATUS "Python virtual environment ready")
-        endif()
-    endif()
-
-    # At configure time - get list of output files for transactions
-    execute_process(
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
-            "${AUTOGEN_TEST_DIR}/transactions" --list-outputs
-        OUTPUT_VARIABLE TX_OUTPUT_FILES
-        OUTPUT_STRIP_TRAILING_WHITESPACE
-        RESULT_VARIABLE TX_LIST_RESULT
-        ERROR_VARIABLE TX_LIST_ERROR
+else()
+    set(CODEGEN_PYTHON "${Python3_EXECUTABLE}")
+    message(
+        WARNING
+        "CODEGEN_VENV_DIR is not set. Dependencies will be installed globally.\n"
+        "If this is not intended, reconfigure with:\n"
+        "  cmake . -UCODEGEN_VENV_DIR"
    )
-    if(NOT TX_LIST_RESULT EQUAL 0)
-        message(
-            FATAL_ERROR
-            "Failed to list transaction output files:\n${TX_LIST_ERROR}"
-        )
-    endif()
-    # Convert newline-separated list to CMake list
-    string(REPLACE "\\" "/" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
-    string(REPLACE "\n" ";" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
+endif()

-    # At configure time - get list of output files for ledger entries
-    execute_process(
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
-            "${AUTOGEN_TEST_DIR}/ledger_entries" --list-outputs
-        OUTPUT_VARIABLE LEDGER_OUTPUT_FILES
-        OUTPUT_STRIP_TRAILING_WHITESPACE
-        RESULT_VARIABLE LEDGER_LIST_RESULT
-        ERROR_VARIABLE LEDGER_LIST_ERROR
-    )
-    if(NOT LEDGER_LIST_RESULT EQUAL 0)
-        message(
-            FATAL_ERROR
-            "Failed to list ledger entry output files:\n${LEDGER_LIST_ERROR}"
-        )
-    endif()
-    # Convert newline-separated list to CMake list
-    string(REPLACE "\\" "/" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
-    string(REPLACE "\n" ";" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
-
-    # Custom command to generate transaction classes at build time
-    add_custom_command(
-        OUTPUT ${TX_OUTPUT_FILES}
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
-            "${AUTOGEN_TEST_DIR}/transactions" --sfields-macro
-            "${SFIELDS_MACRO}"
-        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
-        DEPENDS
-            "${TRANSACTIONS_MACRO}"
-            "${SFIELDS_MACRO}"
-            "${GENERATE_TX_SCRIPT}"
-            "${MACRO_PARSER_COMMON}"
-            "${TX_TEMPLATE}"
-            "${TX_TEST_TEMPLATE}"
-            "${REQUIREMENTS_FILE}"
-        COMMENT "Generating transaction classes from transactions.macro..."
-        VERBATIM
-    )
-
-    # Custom command to generate ledger entry classes at build time
-    add_custom_command(
-        OUTPUT ${LEDGER_OUTPUT_FILES}
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
-            "${AUTOGEN_TEST_DIR}/ledger_entries" --sfields-macro
-            "${SFIELDS_MACRO}"
-        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
-        DEPENDS
-            "${LEDGER_ENTRIES_MACRO}"
-            "${SFIELDS_MACRO}"
-            "${GENERATE_LEDGER_SCRIPT}"
-            "${MACRO_PARSER_COMMON}"
-            "${LEDGER_TEMPLATE}"
-            "${LEDGER_TEST_TEMPLATE}"
-            "${REQUIREMENTS_FILE}"
-        COMMENT "Generating ledger entry classes from ledger_entries.macro..."
-        VERBATIM
-    )
-
-    # Create a custom target that depends on all generated files
+# Custom target to create a venv and install Python dependencies.
+# Run manually with: cmake --build . --target setup_code_gen
+if(CODEGEN_VENV_DIR)
    add_custom_target(
-        protocol_autogen_generate
-        DEPENDS ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES}
-        COMMENT "Protocol autogen code generation"
+        setup_code_gen
+        COMMAND ${Python3_EXECUTABLE} -m venv "${CODEGEN_VENV_DIR}"
+        COMMAND ${CODEGEN_PYTHON} -m pip install -r "${REQUIREMENTS_FILE}"
+        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+        COMMENT "Creating venv and installing code generation dependencies..."
    )
+else()
+    add_custom_target(
+        setup_code_gen
+        COMMAND ${Python3_EXECUTABLE} -m pip install -r "${REQUIREMENTS_FILE}"
+        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+        COMMENT "Installing code generation dependencies..."
+    )
+endif()

-    # Extract test files from output lists (files ending in Tests.cpp)
-    set(PROTOCOL_AUTOGEN_TEST_SOURCES "")
-    foreach(FILE ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES})
-        if(FILE MATCHES "Tests\\.cpp$")
-            list(APPEND PROTOCOL_AUTOGEN_TEST_SOURCES "${FILE}")
-        endif()
-    endforeach()
-    # Export test sources to parent scope for use in test CMakeLists.txt
-    set(PROTOCOL_AUTOGEN_TEST_SOURCES
-        "${PROTOCOL_AUTOGEN_TEST_SOURCES}"
-        CACHE INTERNAL
-        "Generated protocol_autogen test sources"
-    )
-
-    # Register dependencies so CMake reconfigures when macro files change
-    # (to update the list of output files)
-    set_property(
-        DIRECTORY
-        APPEND
-        PROPERTY
-            CMAKE_CONFIGURE_DEPENDS
-                "${TRANSACTIONS_MACRO}"
-                "${LEDGER_ENTRIES_MACRO}"
-    )
-endfunction()
+# Custom target for code generation, excluded from ALL.
+# Run manually with: cmake --build . --target code_gen
+add_custom_target(
+    code_gen
+    COMMAND
+        ${CMAKE_COMMAND} -DCODEGEN_PYTHON=${CODEGEN_PYTHON}
+        -DGENERATE_TX_SCRIPT=${GENERATE_TX_SCRIPT}
+        -DGENERATE_LEDGER_SCRIPT=${GENERATE_LEDGER_SCRIPT}
+        -DTRANSACTIONS_MACRO=${TRANSACTIONS_MACRO}
+        -DLEDGER_ENTRIES_MACRO=${LEDGER_ENTRIES_MACRO}
+        -DSFIELDS_MACRO=${SFIELDS_MACRO}
+        -DAUTOGEN_HEADER_DIR=${AUTOGEN_HEADER_DIR}
+        -DAUTOGEN_TEST_DIR=${AUTOGEN_TEST_DIR} -P
+        "${CMAKE_CURRENT_SOURCE_DIR}/cmake/XrplProtocolAutogenRun.cmake"
+    WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
+    COMMENT "Running protocol code generation..."
+    SOURCES ${ALL_INPUT_FILES}
+)
--- a/cmake/XrplProtocolAutogenRun.cmake
+++ b/cmake/XrplProtocolAutogenRun.cmake
@@ -0,0 +1,39 @@
+#[===================================================================[
+   Protocol Autogen - Run script invoked by the 'code_gen' target
+#]===================================================================]
+
+# Generate transaction classes.
+execute_process(
+    COMMAND
+        ${CODEGEN_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
+        --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
+        "${AUTOGEN_TEST_DIR}/transactions" --sfields-macro "${SFIELDS_MACRO}"
+    RESULT_VARIABLE TX_RESULT
+    OUTPUT_VARIABLE TX_OUTPUT
+    ERROR_VARIABLE TX_ERROR
+)
+if(NOT TX_RESULT EQUAL 0)
+    message(
+        FATAL_ERROR
+        "Transaction code generation failed:\n${TX_OUTPUT}\n${TX_ERROR}\n${TX_RESULT}"
+    )
+endif()
+
+# Generate ledger entry classes.
+execute_process(
+    COMMAND
+        ${CODEGEN_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
+        --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
+        "${AUTOGEN_TEST_DIR}/ledger_entries" --sfields-macro "${SFIELDS_MACRO}"
+    RESULT_VARIABLE LEDGER_RESULT
+    OUTPUT_VARIABLE LEDGER_OUTPUT
+    ERROR_VARIABLE LEDGER_ERROR
+)
+if(NOT LEDGER_RESULT EQUAL 0)
+    message(
+        FATAL_ERROR
+        "Ledger entry code generation failed:\n${LEDGER_OUTPUT}\n${LEDGER_ERROR}\n${TX_RESULT}"
+    )
+endif()
+
+message(STATUS "Protocol autogen: code generation complete")
--- a/cmake/scripts/codegen/generate_ledger_classes.py
+++ b/cmake/scripts/codegen/generate_ledger_classes.py
@@ -138,28 +138,12 @@ def main():
        "--sfields-macro",
        help="Path to sfields.macro (default: auto-detect from macro_path)",
    )
-    parser.add_argument(
-        "--list-outputs",
-        action="store_true",
-        help="List output files without generating (one per line)",
-    )
-
+    parser.add_argument("--venv-dir", help=argparse.SUPPRESS)
    args = parser.parse_args()

    # Parse the macro file to get ledger entry names
    entries = parse_macro_file(args.macro_path)

-    # If --list-outputs, just print the output file paths and exit
-    if args.list_outputs:
-        header_dir = Path(args.header_dir)
-        for entry in entries:
-            print(header_dir / f"{entry['name']}.h")
-        if args.test_dir:
-            test_dir = Path(args.test_dir)
-            for entry in entries:
-                print(test_dir / f"{entry['name']}Tests.cpp")
-        return
-
    # Auto-detect sfields.macro path if not provided
    if args.sfields_macro:
        sfields_path = Path(args.sfields_macro)
--- a/cmake/scripts/codegen/generate_tx_classes.py
+++ b/cmake/scripts/codegen/generate_tx_classes.py
@@ -147,28 +147,12 @@ def main():
        "--sfields-macro",
        help="Path to sfields.macro (default: auto-detect from macro_path)",
    )
-    parser.add_argument(
-        "--list-outputs",
-        action="store_true",
-        help="List output files without generating (one per line)",
-    )
-
+    parser.add_argument("--venv-dir", help=argparse.SUPPRESS)
    args = parser.parse_args()

    # Parse the macro file to get transaction names
    transactions = parse_macro_file(args.macro_path)

-    # If --list-outputs, just print the output file paths and exit
-    if args.list_outputs:
-        header_dir = Path(args.header_dir)
-        for tx in transactions:
-            print(header_dir / f"{tx['name']}.h")
-        if args.test_dir:
-            test_dir = Path(args.test_dir)
-            for tx in transactions:
-                print(test_dir / f"{tx['name']}Tests.cpp")
-        return
-
    # Auto-detect sfields.macro path if not provided
    if args.sfields_macro:
        sfields_path = Path(args.sfields_macro)
--- a/cmake/scripts/codegen/macro_parser_common.py
+++ b/cmake/scripts/codegen/macro_parser_common.py
--- a/cmake/scripts/codegen/requirements.txt
+++ b/cmake/scripts/codegen/requirements.txt
--- a/cmake/scripts/codegen/templates/LedgerEntry.h.mako
+++ b/cmake/scripts/codegen/templates/LedgerEntry.h.mako
--- a/cmake/scripts/codegen/templates/LedgerEntryTests.cpp.mako
+++ b/cmake/scripts/codegen/templates/LedgerEntryTests.cpp.mako
--- a/cmake/scripts/codegen/templates/Transaction.h.mako
+++ b/cmake/scripts/codegen/templates/Transaction.h.mako
--- a/cmake/scripts/codegen/templates/TransactionTests.cpp.mako
+++ b/cmake/scripts/codegen/templates/TransactionTests.cpp.mako
--- a/conan.lock
+++ b/conan.lock
@@ -3,22 +3,23 @@
    "requires": [
        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
        "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
-        "sqlite3/3.51.0#66aa11eabd0e34954c5c1c061ad44abe%1763899256.358",
+        "sqlite3/3.51.0#66aa11eabd0e34954c5c1c061ad44abe%1774467355.988",
        "soci/4.0.3#fe32b9ad5eb47e79ab9e45a68f363945%1774450067.231",
        "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
        "secp256k1/0.7.1#481881709eb0bdd0185a12b912bbe8ad%1770910500.329",
        "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
        "re2/20251105#8579cfd0bda4daf0683f9e3898f964b4%1774398111.888",
-        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1773224203.27",
+        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12",
        "openssl/3.6.1#e6399de266349245a4542fc5f6c71552%1774458290.139",
-        "nudb/2.0.9#0432758a24204da08fee953ec9ea03cb%1769436073.32",
+        "nudb/2.0.9#11149c73f8f2baff9a0198fe25971fc7%1774883011.384",
+        "mpt-crypto/0.3.0-rc1#468344c6855d4aeaa8bd31fb2c403f89%1776358155.918",
        "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
        "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
        "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1765842973.03",
        "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
        "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
        "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
-        "grpc/1.78.1#b1a9e74b145cc471bed4dc64dc6eb2c1%1772623605.068",
+        "grpc/1.78.1#b1a9e74b145cc471bed4dc64dc6eb2c1%1774467387.342",
        "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
        "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
        "c-ares/1.34.6#545240bb1c40e2cacd4362d6b8967650%1774439234.681",
@@ -29,11 +30,12 @@
    "build_requires": [
        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
        "strawberryperl/5.32.1.1#8d114504d172cfea8ea1662d09b6333e%1774447376.964",
-        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1773224203.27",
+        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12",
        "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
        "msys2/cci.latest#d22fe7b2808f5fd34d0a7923ace9c54f%1770657326.649",
        "m4/1.4.19#5d7a4994e5875d76faf7acf3ed056036%1774365463.87",
        "cmake/4.3.0#b939a42e98f593fb34d3a8c5cc860359%1774439249.183",
+        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
        "b2/5.4.2#ffd6084a119587e70f11cd45d1a386e2%1774439233.447",
        "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
        "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
@@ -41,16 +43,15 @@
    ],
    "python_requires": [],
    "overrides": {
-        "boost/1.90.0#d5e8defe7355494953be18524a7f135b": [
-            null,
-            "boost/1.90.0"
-        ],
        "protobuf/[>=5.27.0 <7]": [
            "protobuf/6.33.5"
        ],
        "lz4/1.9.4": [
            "lz4/1.10.0"
        ],
+        "boost/[>=1.83.0 <1.91.0]": [
+            "boost/1.90.0"
+        ],
        "sqlite3/[>=3.44 <4]": [
            "sqlite3/3.51.0"
        ],
@@ -59,6 +60,12 @@
        ],
        "lz4/[>=1.9.4 <2]": [
            "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504"
+        ],
+        "openssl/3.5.5": [
+            "openssl/3.6.1"
+        ],
+        "openssl/[>=3 <4]": [
+            "openssl/3.6.1"
        ]
    },
    "config_requires": []
--- a/conan/lockfile/regenerate.sh
+++ b/conan/lockfile/regenerate.sh
@@ -23,14 +23,14 @@ rm -f conan.lock
 # first create command will create a new lockfile, while the subsequent create
 # commands will merge any additional dependencies into the created lockfile.
 conan lock create . \
-  --options '&:jemalloc=True' \
-  --options '&:rocksdb=True' \
-  --profile:all=conan/lockfile/linux.profile
+    --options '&:jemalloc=True' \
+    --options '&:rocksdb=True' \
+    --profile:all=conan/lockfile/linux.profile
 conan lock create . \
-  --options '&:jemalloc=True' \
-  --options '&:rocksdb=True' \
-  --profile:all=conan/lockfile/macos.profile
+    --options '&:jemalloc=True' \
+    --options '&:rocksdb=True' \
+    --profile:all=conan/lockfile/macos.profile
 conan lock create . \
-  --options '&:jemalloc=True' \
-  --options '&:rocksdb=True' \
-  --profile:all=conan/lockfile/windows.profile
+    --options '&:jemalloc=True' \
+    --options '&:rocksdb=True' \
+    --profile:all=conan/lockfile/windows.profile
--- a/conanfile.py
+++ b/conanfile.py
@@ -31,6 +31,7 @@ class Xrpl(ConanFile):
        "ed25519/2015.03",
        "grpc/1.78.1",
        "libarchive/3.8.1",
+        "mpt-crypto/0.3.0-rc1",
        "nudb/2.0.9",
        "openssl/3.6.1",
        "secp256k1/0.7.1",
@@ -214,6 +215,7 @@ class Xrpl(ConanFile):
            "grpc::grpc++",
            "libarchive::libarchive",
            "lz4::lz4",
+            "mpt-crypto::mpt-crypto",
            "nudb::nudb",
            "openssl::crypto",
            "protobuf::libprotobuf",
--- a/cspell.config.yaml
+++ b/cspell.config.yaml
@@ -44,6 +44,10 @@ suggestWords:
 words:
  - abempty
  - AMMID
+  - AMMMPT
+  - AMMMPToken
+  - AMMMPTokens
+  - AMMXRP
  - amt
  - amts
  - asnode
@@ -55,6 +59,7 @@ words:
  - autobridging
  - bimap
  - bindir
+  - blindings
  - bookdir
  - Bougalis
  - Britto
@@ -87,6 +92,7 @@ words:
  - daria
  - dcmake
  - dearmor
+  - decryptor
  - deleteme
  - demultiplexer
  - deserializaton
@@ -96,6 +102,8 @@ words:
  - distro
  - doxyfile
  - dxrpl
+  - elgamal
+  - enabled
  - endmacro
  - exceptioned
  - Falco
@@ -105,6 +113,7 @@ words:
  - fmtdur
  - fsanitize
  - funclets
+  - Gamal
  - gcov
  - gcovr
  - ghead
@@ -148,6 +157,8 @@ words:
  - ltype
  - mcmodel
  - MEMORYSTATUSEX
+  - MPTAMM
+  - MPTDEX
  - Merkle
  - Metafuncton
  - misprediction
@@ -157,6 +168,7 @@ words:
  - mptid
  - mptissuance
  - mptissuanceid
+  - mptissue
  - mptoken
  - mptokenid
  - mptokenissuance
@@ -191,6 +203,7 @@ words:
  - partitioner
  - paychan
  - paychans
+  - Pedersen
  - permdex
  - perminute
  - permissioned
@@ -211,6 +224,8 @@ words:
  - queuable
  - Raphson
  - replayer
+  - rerandomization
+  - rerandomized
  - rerere
  - retriable
  - RIPD
@@ -227,6 +242,7 @@ words:
  - sahyadri
  - Satoshi
  - scons
+  - Schnorr
  - secp
  - sendq
  - seqit
@@ -254,6 +270,7 @@ words:
  - stvar
  - stvector
  - stxchainattestations
+  - summands
  - superpeer
  - superpeers
  - takergets
--- a/docs/0001-negative-unl/README.md
+++ b/docs/0001-negative-unl/README.md
@@ -558,7 +558,7 @@ network delay. A test case specifies:
 1. a UNL with different number of validators for different test cases,
 1. a network with zero or more non-validator nodes,
 1. a sequence of validator reliability change events (by killing/restarting
-   nodes, or by running modified rippled that does not send all validation
+   nodes, or by running modified xrpld that does not send all validation
   messages),
 1. the correct outcomes.

@@ -566,7 +566,7 @@ For all the test cases, the correct outcomes are verified by examining logs. We
 will grep the log to see if the correct negative UNLs are generated, and whether
 or not the network is making progress when it should be. The ripdtop tool will
 be helpful for monitoring validators' states and ledger progress. Some of the
-timing parameters of rippled will be changed to have faster ledger time. Most if
+timing parameters of xrpld will be changed to have faster ledger time. Most if
 not all test cases do not need client transactions.

 For example, the test cases for the prototype:
@@ -583,7 +583,7 @@ For example, the test cases for the prototype:

 We considered testing with the current unit test framework, specifically the
 [Consensus Simulation
-Framework](https://github.com/ripple/rippled/blob/develop/src/test/csf/README.md)
+Framework](https://github.com/XRPLF/rippled/blob/develop/src/test/csf/README.md)
 (CSF). However, the CSF currently can only test the generic consensus algorithm
 as in the paper: [Analysis of the XRP Ledger Consensus
 Protocol](https://arxiv.org/abs/1802.07242).
--- a/docs/0001-negative-unl/negativeUNLSqDiagram.puml
+++ b/docs/0001-negative-unl/negativeUNLSqDiagram.puml
@@ -4,7 +4,7 @@ skinparam sequenceArrowThickness 2
 skinparam roundcorner 20
 skinparam maxmessagesize 160

-actor "Rippled Start" as RS
+actor "Xrpld Start" as RS
 participant "Timer" as T
 participant "NetworkOPs" as NOP
 participant "ValidatorList" as VL #lightgreen
--- a/docs/Docker.md
+++ b/docs/Docker.md
@@ -1,5 +1,5 @@
-# `rippled` Docker Image
+# `xrpld` Docker Image

 - Some info relating to Docker containers can be found here: [../Builds/containers](../Builds/containers)
- Images for building and testing rippled can be found here: [thejohnfreeman/rippled-docker](https://github.com/thejohnfreeman/rippled-docker/)
-  - These images do not have rippled. They have all the tools necessary to build rippled.
+- Images for building and testing xrpld can be found here: [thejohnfreeman/rippled-docker](https://github.com/thejohnfreeman/rippled-docker/)
+  - These images do not have xrpld. They have all the tools necessary to build xrpld.
--- a/docs/Doxyfile
+++ b/docs/Doxyfile
@@ -2,7 +2,7 @@
 # Project related configuration options
 #---------------------------------------------------------------------------
 DOXYFILE_ENCODING      = UTF-8
-PROJECT_NAME           = "rippled"
+PROJECT_NAME           = "xrpld"
 PROJECT_NUMBER         =
 PROJECT_BRIEF          =
 PROJECT_LOGO           =
--- a/docs/HeapProfiling.md
+++ b/docs/HeapProfiling.md
@@ -1,4 +1,4 @@
-## Heap profiling of rippled with jemalloc
+## Heap profiling of xrpld with jemalloc

 The jemalloc library provides a good API for doing heap analysis,
 including a mechanism to dump a description of the heap from within the
@@ -7,26 +7,26 @@ activity in general, as well as how to acquire the software, are available on
 the jemalloc site:
 [https://github.com/jemalloc/jemalloc/wiki/Use-Case:-Heap-Profiling](https://github.com/jemalloc/jemalloc/wiki/Use-Case:-Heap-Profiling)

-jemalloc is acquired separately from rippled, and is not affiliated
+jemalloc is acquired separately from xrpld, and is not affiliated
 with Ripple Labs. If you compile and install jemalloc from the
 source release with default options, it will install the library and header
 under `/usr/local/lib` and `/usr/local/include`, respectively. Heap
-profiling has been tested with rippled on a Linux platform. It should
-work on platforms on which both rippled and jemalloc are available.
+profiling has been tested with xrpld on a Linux platform. It should
+work on platforms on which both xrpld and jemalloc are available.

-To link rippled with jemalloc, the argument
+To link xrpld with jemalloc, the argument
 `profile-jemalloc=<jemalloc_dir>` is provided after the optional target.
 The `<jemalloc_dir>` argument should be the same as that of the
 `--prefix` parameter passed to the jemalloc configure script when building.

 ## Examples:

-Build rippled with jemalloc library under /usr/local/lib and
+Build xrpld with jemalloc library under /usr/local/lib and
 header under /usr/local/include:

    $ scons profile-jemalloc=/usr/local

-Build rippled using clang with the jemalloc library under /opt/local/lib
+Build xrpld using clang with the jemalloc library under /opt/local/lib
 and header under /opt/local/include:

    $ scons clang profile-jemalloc=/opt/local
--- a/docs/README.md
+++ b/docs/README.md
@@ -1,61 +0,0 @@
-# Building documentation
-
-## Dependencies
-
-Install these dependencies:
-
- [Doxygen](http://www.doxygen.nl): All major platforms have [official binary
-  distributions](http://www.doxygen.nl/download.html#srcbin), or you can
-  build from [source](http://www.doxygen.nl/download.html#srcbin).
-  - MacOS: We recommend installing via Homebrew: `brew install doxygen`.
-    The executable will be installed in `/usr/local/bin` which is already
-    in the default `PATH`.
-
-    If you use the official binary distribution, then you'll need to make
-    Doxygen available to your command line. You can do this by adding
-    a symbolic link from `/usr/local/bin` to the `doxygen` executable. For
-    example,
-
-    ```
-    $ ln -s /Applications/Doxygen.app/Contents/Resources/doxygen /usr/local/bin/doxygen
-    ```
-
- [PlantUML](http://plantuml.com):
-  1. Install a functioning Java runtime, if you don't already have one.
-  2. Download [`plantuml.jar`](http://sourceforge.net/projects/plantuml/files/plantuml.jar/download).
-
- [Graphviz](https://www.graphviz.org):
-  - Linux: Install from your package manager.
-  - Windows: Use an [official installer](https://graphviz.gitlab.io/_pages/Download/Download_windows.html).
-  - MacOS: Install via Homebrew: `brew install graphviz`.
-
-## Docker
-
-Instead of installing the above dependencies locally, you can use the official
-build environment Docker image, which has all of them installed already.
-
-1. Install [Docker](https://docs.docker.com/engine/installation/)
-2. Pull the image:
-
-```
-sudo docker pull rippleci/rippled-ci-builder:2944b78d22db
-```
-
-3. Run the image from the project folder:
-
-```
-sudo docker run -v $PWD:/opt/rippled --rm rippleci/rippled-ci-builder:2944b78d22db
-```
-
-## Build
-
-There is a `docs` target in the CMake configuration.
-
-```
-mkdir build
-cd build
-cmake -Donly_docs=ON ..
-cmake --build . --target docs --parallel
-```
-
-The output will be in `build/docs/html`.
--- a/docs/build/depend.md
+++ b/docs/build/depend.md
@@ -20,7 +20,7 @@ CMakeToolchain

 ```
 # If you want to depend on a version of libxrpl that is not in ConanCenter,
-# then you can export the recipe from the rippled project.
+# then you can export the recipe from the xrpld project.
 conan export <path>
 ```

@@ -49,9 +49,9 @@ cmake --build . --parallel

 ## CMake subdirectory

-The second method adds the [rippled][] project as a CMake
+The second method adds the [xrpld][] project as a CMake
 [subdirectory][add_subdirectory].
-This method works well when you keep the rippled project as a Git
+This method works well when you keep the xrpld project as a Git
 [submodule][].
 It's good for when you want to make changes to libxrpl as part of your own
 project.
@@ -90,6 +90,6 @@ cmake --build . --parallel

 [add_subdirectory]: https://cmake.org/cmake/help/latest/command/add_subdirectory.html
 [submodule]: https://git-scm.com/book/en/v2/Git-Tools-Submodules
-[rippled]: https://github.com/ripple/rippled
+[xrpld]: https://github.com/XRPLF/rippled
 [Conan]: https://docs.conan.io/
 [CMake]: https://cmake.org/cmake/help/latest/
--- a/docs/build/environment.md
+++ b/docs/build/environment.md
@@ -55,7 +55,7 @@ clang --version
 ### Install Xcode Specific Version (Optional)

 If you develop other applications using XCode you might be consistently updating to the newest version of Apple Clang.
-This will likely cause issues building rippled. You may want to install a specific version of Xcode:
+This will likely cause issues building xrpld. You may want to install a specific version of Xcode:

 1. **Download Xcode**
   - Visit [Apple Developer Downloads](https://developer.apple.com/download/more/)
--- a/docs/build/install.md
+++ b/docs/build/install.md
@@ -1,4 +1,4 @@
-This document contains instructions for installing rippled.
+This document contains instructions for installing xrpld.
 The APT package manager is common on Debian-based Linux distributions like
 Ubuntu,
 while the YUM package manager is common on Red Hat-based Linux distributions
@@ -8,7 +8,7 @@ and the only supported option for installing custom builds.

 ## From source

-From a source build, you can install rippled and libxrpl using CMake's
+From a source build, you can install xrpld and libxrpl using CMake's
 `--install` mode:

 ```
@@ -16,7 +16,7 @@ cmake --install . --prefix /opt/local
 ```

 The default [prefix][1] is typically `/usr/local` on Linux and macOS and
-`C:/Program Files/rippled` on Windows.
+`C:/Program Files/xrpld` on Windows.

 [1]: https://cmake.org/cmake/help/latest/variable/CMAKE_INSTALL_PREFIX.html

@@ -50,9 +50,9 @@ The default [prefix][1] is typically `/usr/local` on Linux and macOS and

    In particular, make sure that the fingerprint matches. (In the above example, the fingerprint is on the third line, starting with `C001`.)

-5.  Add the appropriate Ripple repository for your operating system version:
+5.  Add the appropriate XRPL repository for your operating system version:

-        echo "deb [signed-by=/usr/local/share/keyrings/ripple-key.gpg] https://repos.ripple.com/repos/rippled-deb focal stable" | \
+        echo "deb [signed-by=/usr/local/share/keyrings/ripple-key.gpg] https://repos.ripple.com/repos/xrpld-deb focal stable" | \
            sudo tee -a /etc/apt/sources.list.d/ripple.list

    The above example is appropriate for **Ubuntu 20.04 Focal Fossa**. For other operating systems, replace the word `focal` with one of the following:
@@ -61,33 +61,33 @@ The default [prefix][1] is typically `/usr/local` on Linux and macOS and
    - `bullseye` for **Debian 11 Bullseye**
    - `buster` for **Debian 10 Buster**

-    If you want access to development or pre-release versions of `rippled`, use one of the following instead of `stable`:
-    - `unstable` - Pre-release builds ([`release` branch](https://github.com/ripple/rippled/tree/release))
-    - `nightly` - Experimental/development builds ([`develop` branch](https://github.com/ripple/rippled/tree/develop))
+    If you want access to development or pre-release versions of `xrpld`, use one of the following instead of `stable`:
+    - `unstable` - Pre-release builds ([`release` branch](https://github.com/XRPLF/rippled/tree/release))
+    - `nightly` - Experimental/development builds ([`develop` branch](https://github.com/XRPLF/rippled/tree/develop))

    **Warning:** Unstable and nightly builds may be broken at any time. Do not use these builds for production servers.

-6.  Fetch the Ripple repository.
+6.  Fetch the XRPL repository.

        sudo apt -y update

-7.  Install the `rippled` software package:
+7.  Install the `xrpld` software package:

-        sudo apt -y install rippled
+        sudo apt -y install xrpld

-8.  Check the status of the `rippled` service:
+8.  Check the status of the `xrpld` service:

-        systemctl status rippled.service
+        systemctl status xrpld.service

-    The `rippled` service should start automatically. If not, you can start it manually:
+    The `xrpld` service should start automatically. If not, you can start it manually:

-        sudo systemctl start rippled.service
+        sudo systemctl start xrpld.service

-9.  Optional: allow `rippled` to bind to privileged ports.
+9.  Optional: allow `xrpld` to bind to privileged ports.

    This allows you to serve incoming API requests on port 80 or 443. (If you want to do so, you must also update the config file's port settings.)

-        sudo setcap 'cap_net_bind_service=+ep' /opt/ripple/bin/rippled
+        sudo setcap 'cap_net_bind_service=+ep' /opt/xrpld/bin/xrpld

 ## With the YUM package manager

@@ -106,8 +106,8 @@ The default [prefix][1] is typically `/usr/local` on Linux and macOS and
        enabled=1
        gpgcheck=0
        repo_gpgcheck=1
-        baseurl=https://repos.ripple.com/repos/rippled-rpm/stable/
-        gpgkey=https://repos.ripple.com/repos/rippled-rpm/stable/repodata/repomd.xml.key
+        baseurl=https://repos.ripple.com/repos/xrpld-rpm/stable/
+        gpgkey=https://repos.ripple.com/repos/xrpld-rpm/stable/repodata/repomd.xml.key
        REPOFILE

    _Unstable_
@@ -118,8 +118,8 @@ The default [prefix][1] is typically `/usr/local` on Linux and macOS and
        enabled=1
        gpgcheck=0
        repo_gpgcheck=1
-        baseurl=https://repos.ripple.com/repos/rippled-rpm/unstable/
-        gpgkey=https://repos.ripple.com/repos/rippled-rpm/unstable/repodata/repomd.xml.key
+        baseurl=https://repos.ripple.com/repos/xrpld-rpm/unstable/
+        gpgkey=https://repos.ripple.com/repos/xrpld-rpm/unstable/repodata/repomd.xml.key
        REPOFILE

    _Nightly_
@@ -130,22 +130,22 @@ The default [prefix][1] is typically `/usr/local` on Linux and macOS and
        enabled=1
        gpgcheck=0
        repo_gpgcheck=1
-        baseurl=https://repos.ripple.com/repos/rippled-rpm/nightly/
-        gpgkey=https://repos.ripple.com/repos/rippled-rpm/nightly/repodata/repomd.xml.key
+        baseurl=https://repos.ripple.com/repos/xrpld-rpm/nightly/
+        gpgkey=https://repos.ripple.com/repos/xrpld-rpm/nightly/repodata/repomd.xml.key
        REPOFILE

 2.  Fetch the latest repo updates:

        sudo yum -y update

-3.  Install the new `rippled` package:
+3.  Install the new `xrpld` package:

-        sudo yum install -y rippled
+        sudo yum install -y xrpld

-4.  Configure the `rippled` service to start on boot:
+4.  Configure the `xrpld` service to start on boot:

-        sudo systemctl enable rippled.service
+        sudo systemctl enable xrpld.service

-5.  Start the `rippled` service:
+5.  Start the `xrpld` service:

-        sudo systemctl start rippled.service
+        sudo systemctl start xrpld.service
--- a/docs/build/sanitizers.md
+++ b/docs/build/sanitizers.md
@@ -1,9 +1,9 @@
-# Sanitizer Configuration for Rippled
+# Sanitizer Configuration for Xrpld

 This document explains how to properly configure and run sanitizers (AddressSanitizer, undefinedbehaviorSanitizer, ThreadSanitizer) with the xrpld project.
 Corresponding suppression files are located in the `sanitizers/suppressions` directory.

- [Sanitizer Configuration for Rippled](#sanitizer-configuration-for-rippled)
+- [Sanitizer Configuration for Xrpld](#sanitizer-configuration-for-xrpld)
  - [Building with Sanitizers](#building-with-sanitizers)
    - [Summary](#summary)
    - [Build steps:](#build-steps)
@@ -100,7 +100,7 @@ export LSAN_OPTIONS="include=sanitizers/suppressions/runtime-lsan-options.txt:su

 - Boost intrusive containers (used in `aged_unordered_container`) trigger false positives
 - Boost context switching (used in `Workers.cpp`) confuses ASAN's stack tracking
- Since we usually don't build Boost (because we don't want to instrument Boost and detect issues in Boost code) with ASAN but use Boost containers in ASAN instrumented rippled code, it generates false positives.
+- Since we usually don't build Boost (because we don't want to instrument Boost and detect issues in Boost code) with ASAN but use Boost containers in ASAN instrumented xrpld code, it generates false positives.
 - Building dependencies with ASAN instrumentation reduces false positives. But we don't want to instrument dependencies like Boost with ASAN because it is slow (to compile as well as run tests) and not necessary.
 - See: https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow
 - More such flags are detailed [here](https://github.com/google/sanitizers/wiki/AddressSanitizerFlags)
--- a/docs/consensus.md
+++ b/docs/consensus.md
@@ -5,9 +5,9 @@
 Consensus is the task of reaching agreement within a distributed system in the
 presence of faulty or even malicious participants. This document outlines the
 [XRP Ledger Consensus Algorithm](https://arxiv.org/abs/1802.07242)
-as implemented in [rippled](https://github.com/ripple/rippled), but
+as implemented in [xrpld](https://github.com/XRPLF/rippled), but
 focuses on its utility as a generic consensus algorithm independent of the
-detailed mechanics of the Ripple Consensus Ledger. Most notably, the algorithm
+detailed mechanics of the XRPL consensus Ledger. Most notably, the algorithm
 does not require fully synchronous communication between all nodes in the
 network, or even a fixed network topology, but instead achieves consensus via
 collectively trusted subnetworks.
@@ -15,7 +15,7 @@ collectively trusted subnetworks.
 ## Distributed Agreement

 A challenge for distributed systems is reaching agreement on changes in shared
-state. For the Ripple network, the shared state is the current ledger--account
+state. For the XRPL network, the shared state is the current ledger--account
 information, account balances, order books and other financial data. We will
 refer to shared distributed state as a /ledger/ throughout the remainder of this
 document.
@@ -23,7 +23,7 @@ document.
 ![Ledger Chain](images/consensus/ledger_chain.png "Ledger Chain")

 As shown above, new ledgers are made by applying a set of transactions to the
-prior ledger. For the Ripple network, transactions include payments,
+prior ledger. For the XRPL network, transactions include payments,
 modification of account settings, updates to offers and more.

 In a centralized system, generating the next ledger is trivial since there is a
@@ -33,10 +33,10 @@ the set of transactions to include, the order to apply those transactions, and
 even the resulting ledger after applying the transactions. This is even more
 difficult when some participants are faulty or malicious.

-The Ripple network is a decentralized and **trust-full** network. Anyone is free
+The XRPL network is a decentralized and **trust-full** network. Anyone is free
 to join and participants are free to choose a subset of peers that are
 collectively trusted to not collude in an attempt to defraud the participant.
-Leveraging this network of trust, the Ripple algorithm has two main components.
+Leveraging this network of trust, the XRPL algorithm has two main components.

 - _Consensus_ in which network participants agree on the transactions to apply
  to a prior ledger, based on the positions of their chosen peers.
@@ -54,9 +54,9 @@ and was abandoned.

 The remainder of this section describes the Consensus and Validation algorithms
 in more detail and is meant as a companion guide to understanding the generic
-implementation in `rippled`. The document **does not** discuss correctness,
+implementation in `xrpld`. The document **does not** discuss correctness,
 fault-tolerance or liveness properties of the algorithms or the full details of
-how they integrate within `rippled` to support the Ripple Consensus Ledger.
+how they integrate within `xrpld` to support the XRPL consensus Ledger.

 ## Consensus Overview

--- a/external/README.md
+++ b/external/README.md
@@ -1,6 +1,6 @@
 # External Conan recipes

-The subdirectories in this directory contain external libraries used by rippled.
+The subdirectories in this directory contain external libraries used by xrpld.

 | Folder           | Upstream                                                       | Description                                                                                  |
 | :--------------- | :------------------------------------------------------------- | :------------------------------------------------------------------------------------------- |
--- a/external/antithesis-sdk/CMakeLists.txt
+++ b/external/antithesis-sdk/CMakeLists.txt
@@ -1,11 +1,11 @@
 cmake_minimum_required(VERSION 3.18)

-# Note, version set explicitly by rippled project
+# Note, version set explicitly by xrpld project
 project(antithesis-sdk-cpp VERSION 0.4.4 LANGUAGES CXX)

 add_library(antithesis-sdk-cpp INTERFACE antithesis_sdk.h)

-# Note, both sections below created by rippled project
+# Note, both sections below created by xrpld project
 target_include_directories(antithesis-sdk-cpp INTERFACE
  $<INSTALL_INTERFACE:${CMAKE_INSTALL_INCLUDEDIR}>
  $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
--- a/include/xrpl/basics/BasicConfig.h
+++ b/include/xrpl/basics/BasicConfig.h
@@ -33,7 +33,7 @@ private:

 public:
    /** Create an empty section. */
-    explicit Section(std::string const& name = "");
+    explicit Section(std::string name = "");

    /** Returns the name of this section. */
    std::string const&
@@ -67,9 +67,13 @@ public:
    legacy(std::string value)
    {
        if (lines_.empty())
+        {
            lines_.emplace_back(std::move(value));
+        }
        else
+        {
            lines_[0] = std::move(value);
+        }
    }

    /**
@@ -84,8 +88,10 @@ public:
        if (lines_.empty())
            return "";
        if (lines_.size() > 1)
+        {
            Throw<std::runtime_error>(
                "A legacy value must have exactly one line. Section: " + name_);
+        }
        return lines_[0];
    }

@@ -269,8 +275,7 @@ public:
    bool
    had_trailing_comments() const
    {
-        return std::any_of(
-            map_.cbegin(), map_.cend(), [](auto s) { return s.second.had_trailing_comments(); });
+        return std::ranges::any_of(map_, [](auto s) { return s.second.had_trailing_comments(); });
    }

 protected:
@@ -296,7 +301,7 @@ set(T& target, std::string const& name, Section const& section)
        if ((found_and_valid = val.has_value()))
            target = *val;
    }
-    catch (boost::bad_lexical_cast&)
+    catch (boost::bad_lexical_cast const&)  // NOLINT(bugprone-empty-catch)
    {
    }
    return found_and_valid;
@@ -311,7 +316,7 @@ template <class T>
 bool
 set(T& target, T const& defaultValue, std::string const& name, Section const& section)
 {
-    bool found_and_valid = set<T>(target, name, section);
+    bool const found_and_valid = set<T>(target, name, section);
    if (!found_and_valid)
        target = defaultValue;
    return found_and_valid;
@@ -330,7 +335,7 @@ get(Section const& section, std::string const& name, T const& defaultValue = T{}
    {
        return section.value_or<T>(name, defaultValue);
    }
-    catch (boost::bad_lexical_cast&)
+    catch (boost::bad_lexical_cast const&)  // NOLINT(bugprone-empty-catch)
    {
    }
    return defaultValue;
@@ -345,7 +350,7 @@ get(Section const& section, std::string const& name, char const* defaultValue)
        if (val.has_value())
            return *val;
    }
-    catch (boost::bad_lexical_cast&)
+    catch (boost::bad_lexical_cast const&)  // NOLINT(bugprone-empty-catch)
    {
    }
    return defaultValue;
--- a/include/xrpl/basics/Buffer.h
+++ b/include/xrpl/basics/Buffer.h
@@ -24,7 +24,8 @@ public:
    Buffer() = default;

    /** Create an uninitialized buffer with the given size. */
-    explicit Buffer(std::size_t size) : p_(size ? new std::uint8_t[size] : nullptr), size_(size)
+    explicit Buffer(std::size_t size)
+        : p_((size != 0u) ? new std::uint8_t[size] : nullptr), size_(size)
    {
    }

@@ -36,7 +37,7 @@ public:
    */
    Buffer(void const* data, std::size_t size) : Buffer(size)
    {
-        if (size)
+        if (size != 0u)
            std::memcpy(p_.get(), data, size);
    }

@@ -91,7 +92,7 @@ public:
    {
        // Ensure the slice isn't a subset of the buffer.
        XRPL_ASSERT(
-            s.size() == 0 || size_ == 0 || s.data() < p_.get() || s.data() >= p_.get() + size_,
+            s.empty() || size_ == 0 || s.data() < p_.get() || s.data() >= p_.get() + size_,
            "xrpl::Buffer::operator=(Slice) : input not a subset");

        if (auto p = alloc(s.size()))
@@ -114,7 +115,7 @@ public:

    operator Slice() const noexcept
    {
-        if (!size_)
+        if (size_ == 0u)
            return Slice{};
        return Slice{p_.get(), size_};
    }
@@ -155,7 +156,7 @@ public:
    {
        if (n != size_)
        {
-            p_.reset(n ? new std::uint8_t[n] : nullptr);
+            p_.reset((n != 0u) ? new std::uint8_t[n] : nullptr);
            size_ = n;
        }
        return p_.get();
@@ -199,7 +200,7 @@ operator==(Buffer const& lhs, Buffer const& rhs) noexcept
    if (lhs.size() != rhs.size())
        return false;

-    if (lhs.size() == 0)
+    if (lhs.empty())
        return true;

    return std::memcmp(lhs.data(), rhs.data(), lhs.size()) == 0;
--- a/include/xrpl/basics/CompressionAlgorithms.h
+++ b/include/xrpl/basics/CompressionAlgorithms.h
@@ -9,9 +9,7 @@
 #include <stdexcept>
 #include <vector>

-namespace xrpl {
-
-namespace compression_algorithms {
+namespace xrpl::compression_algorithms {

 /** LZ4 block compression.
 * @tparam BufferFactory Callable object or lambda.
@@ -68,12 +66,15 @@ lz4Decompress(
    if (decompressedSize <= 0)
        Throw<std::runtime_error>("lz4Decompress: integer overflow (output)");

+    // NOLINTNEXTLINE(readability-suspicious-call-argument)
    if (LZ4_decompress_safe(
            reinterpret_cast<char const*>(in),
            reinterpret_cast<char*>(decompressed),
            inSize,
            decompressedSize) != decompressedSize)
+    {
        Throw<std::runtime_error>("lz4Decompress: failed");
+    }

    return decompressedSize;
 }
@@ -138,6 +139,4 @@ lz4Decompress(
    return lz4Decompress(chunk, inSize, decompressed, decompressedSize);
 }

-}  // namespace compression_algorithms
-
-}  // namespace xrpl
+}  // namespace xrpl::compression_algorithms
--- a/include/xrpl/basics/CountedObject.h
+++ b/include/xrpl/basics/CountedObject.h
@@ -34,7 +34,7 @@ public:
        {
            // Insert ourselves at the front of the lock-free linked list
            CountedObjects& instance = CountedObjects::getInstance();
-            Counter* head;
+            Counter* head = nullptr;

            do
            {
@@ -99,7 +99,7 @@ private:
    Derived classes have their instances counted automatically. This is used
    for reporting purposes.

-    @ingroup ripple_basics
+    @ingroup basics
 */
 template <class Object>
 class CountedObject
@@ -112,7 +112,6 @@ private:
        return c;
    }

-public:
    CountedObject() noexcept
    {
        getCounter().increment();
@@ -126,10 +125,13 @@ public:
    CountedObject&
    operator=(CountedObject const&) noexcept = default;

+public:
    ~CountedObject() noexcept
    {
        getCounter().decrement();
    }
+
+    friend Object;
 };

 }  // namespace xrpl
--- a/include/xrpl/basics/DecayingSample.h
+++ b/include/xrpl/basics/DecayingSample.h
@@ -67,7 +67,7 @@ private:
            }
            else
            {
-                while (elapsed--)
+                while ((elapsed--) != 0u)
                    m_value -= (m_value + Window - 1) / Window;
            }
        }
@@ -93,7 +93,7 @@ class DecayWindow
 public:
    using time_point = typename Clock::time_point;

-    explicit DecayWindow(time_point now) : value_(0), when_(now)
+    explicit DecayWindow(time_point now) : when_(now)
    {
    }

@@ -125,7 +125,7 @@ private:
        when_ = now;
    }

-    double value_;
+    double value_{0};
    time_point when_;
 };

--- a/include/xrpl/basics/Expected.h
+++ b/include/xrpl/basics/Expected.h
@@ -61,7 +61,7 @@ template <class E>
 class Unexpected
 {
 public:
-    static_assert(!std::is_same<E, void>::value, "E must not be void");
+    static_assert(!std::is_same_v<E, void>, "E must not be void");

    Unexpected() = delete;

--- a/include/xrpl/basics/IntrusivePointer.h
+++ b/include/xrpl/basics/IntrusivePointer.h
@@ -59,7 +59,7 @@ concept CAdoptTag = std::is_same_v<T, SharedIntrusiveAdoptIncrementStrongTag> ||
    still retaining the reference counts. For example, for SHAMapInnerNodes the
    children may be reset in that function. Note that std::shared_pointer WILL
    run the destructor when the strong count reaches zero, but may not free the
-    memory used by the object until the weak count reaches zero. In rippled, we
+    memory used by the object until the weak count reaches zero. In xrpld, we
    typically allocate shared pointers with the `make_shared` function. When
    that is used, the memory is not reclaimed until the weak count reaches zero.
 */
@@ -84,7 +84,8 @@ public:

    template <class TT>
        requires std::convertible_to<TT*, T*>
-    SharedIntrusive(SharedIntrusive<TT>&& rhs);
+    SharedIntrusive(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)

    SharedIntrusive&
    operator=(SharedIntrusive const& rhs);
@@ -106,7 +107,8 @@ public:
    template <class TT>
        requires std::convertible_to<TT*, T*>
    SharedIntrusive&
-    operator=(SharedIntrusive<TT>&& rhs);
+    operator=(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)

    /** Adopt the raw pointer. The strong reference may or may not be
        incremented, depending on the TAdoptTag
@@ -314,7 +316,8 @@ public:

    template <class TT>
        requires std::convertible_to<TT*, T*>
-    SharedWeakUnion(SharedIntrusive<TT>&& rhs);
+    SharedWeakUnion(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)

    SharedWeakUnion&
    operator=(SharedWeakUnion const& rhs);
@@ -327,7 +330,8 @@ public:
    template <class TT>
        requires std::convertible_to<TT*, T*>
    SharedWeakUnion&
-    operator=(SharedIntrusive<TT>&& rhs);
+    operator=(
+        SharedIntrusive<TT>&& rhs);  // NOLINT(cppcoreguidelines-rvalue-reference-param-not-moved)

    ~SharedWeakUnion();

--- a/include/xrpl/basics/IntrusivePointer.ipp
+++ b/include/xrpl/basics/IntrusivePointer.ipp
@@ -68,9 +68,7 @@ SharedIntrusive<T>::operator=(SharedIntrusive const& rhs)

 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedIntrusive<T>&
 SharedIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -101,9 +99,7 @@ SharedIntrusive<T>::operator=(SharedIntrusive&& rhs)

 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedIntrusive<T>&
 SharedIntrusive<T>::operator=(SharedIntrusive<TT>&& rhs)
 {
@@ -307,9 +303,7 @@ WeakIntrusive<T>::WeakIntrusive(SharedIntrusive<T> const& rhs) : ptr_{rhs.unsafe

 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 WeakIntrusive<T>&
 WeakIntrusive<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -454,9 +448,7 @@ SharedWeakUnion<T>::operator=(SharedWeakUnion const& rhs)

 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedWeakUnion<T>&
 SharedWeakUnion<T>::operator=(SharedIntrusive<TT> const& rhs)
 {
@@ -470,9 +462,7 @@ SharedWeakUnion<T>::operator=(SharedIntrusive<TT> const& rhs)

 template <class T>
 template <class TT>
-// clang-format off
-requires std::convertible_to<TT*, T*>
-// clang-format on
+    requires std::convertible_to<TT*, T*>
 SharedWeakUnion<T>&
 SharedWeakUnion<T>::operator=(SharedIntrusive<TT>&& rhs)
 {
--- a/include/xrpl/basics/IntrusiveRefCounts.h
+++ b/include/xrpl/basics/IntrusiveRefCounts.h
@@ -33,7 +33,7 @@ enum class ReleaseWeakRefAction { noop, destroy };
 /** Implement the strong count, weak count, and bit flags for an intrusive
    pointer.

-    A class can satisfy the requirements of a xrpl::IntrusivePointer by
+    A class can satisfy the requirements of an xrpl::IntrusivePointer by
    inheriting from this class.
  */
 struct IntrusiveRefCounts
@@ -247,7 +247,7 @@ IntrusiveRefCounts::releaseStrongRef() const

    using enum ReleaseStrongRefAction;
    auto prevIntVal = refCounts.load(std::memory_order_acquire);
-    while (1)
+    while (true)
    {
        RefCountPair const prevVal{prevIntVal};
        XRPL_ASSERT(
@@ -298,7 +298,7 @@ IntrusiveRefCounts::addWeakReleaseStrongRef() const
    // Note: If this becomes a perf bottleneck, the `partialDestroyStartedMask`
    // may be able to be set non-atomically. But it is easier to reason about
    // the code if the flag is set atomically.
-    while (1)
+    while (true)
    {
        RefCountPair const prevVal{prevIntVal};
        // Converted the last strong pointer to a weak pointer.
@@ -343,7 +343,7 @@ IntrusiveRefCounts::releaseWeakRef() const
    RefCountPair prev = prevIntVal;
    if (prev.weak == 1 && prev.strong == 0)
    {
-        if (!prev.partialDestroyStartedBit)
+        if (prev.partialDestroyStartedBit == 0u)
        {
            // This case should only be hit if the partialDestroyStartedBit is
            // set non-atomically (and even then very rarely). The code is kept
@@ -352,7 +352,7 @@ IntrusiveRefCounts::releaseWeakRef() const
            prevIntVal = refCounts.load(std::memory_order_acquire);
            prev = RefCountPair{prevIntVal};
        }
-        if (!prev.partialDestroyFinishedBit)
+        if (prev.partialDestroyFinishedBit == 0u)
        {
            // partial destroy MUST finish before running a full destroy (when
            // using weak pointers)
@@ -372,7 +372,7 @@ IntrusiveRefCounts::checkoutStrongRefFromWeak() const noexcept
    while (!refCounts.compare_exchange_weak(curValue, desiredValue, std::memory_order_acq_rel))
    {
        RefCountPair const prev{curValue};
-        if (!prev.strong)
+        if (prev.strong == 0u)
            return false;

        desiredValue = curValue + strongDelta;
@@ -448,7 +448,7 @@ inline void
 partialDestructorFinished(T** o)
 {
    T& self = **o;
-    IntrusiveRefCounts::RefCountPair p =
+    IntrusiveRefCounts::RefCountPair const p =
        self.refCounts.fetch_or(IntrusiveRefCounts::partialDestroyFinishedMask);
    XRPL_ASSERT(
        (!p.partialDestroyFinishedBit && p.partialDestroyStartedBit && !p.strong),
--- a/include/xrpl/basics/LocalValue.h
+++ b/include/xrpl/basics/LocalValue.h
@@ -4,6 +4,7 @@

 #include <memory>
 #include <unordered_map>
+#include <utility>

 namespace xrpl {

@@ -28,7 +29,7 @@ struct LocalValues
        T t_;

        Value() = default;
-        explicit Value(T const& t) : t_(t)
+        explicit Value(T t) : t_(std::move(t))
        {
        }

@@ -42,10 +43,10 @@ struct LocalValues
    // Keys are the address of a LocalValue.
    std::unordered_map<void const*, std::unique_ptr<BasicValue>> values;

-    static inline void
+    static void
    cleanup(LocalValues* lvs)
    {
-        if (lvs && !lvs->onCoro)
+        if ((lvs != nullptr) && !lvs->onCoro)
            delete lvs;
    }
 };
@@ -89,7 +90,7 @@ T&
 LocalValue<T>::operator*()
 {
    auto lvs = detail::getLocalValues().get();
-    if (!lvs)
+    if (lvs == nullptr)
    {
        lvs = new detail::LocalValues();
        lvs->onCoro = false;
--- a/include/xrpl/basics/Log.h
+++ b/include/xrpl/basics/Log.h
@@ -38,7 +38,7 @@ private:
        std::string partition_;

    public:
-        Sink(std::string const& partition, beast::severities::Severity thresh, Logs& logs);
+        Sink(std::string partition, beast::severities::Severity thresh, Logs& logs);

        Sink(Sink const&) = delete;
        Sink&
@@ -226,7 +226,7 @@ private:
 // expensive argument lists if the stream is not active.
 #ifndef JLOG
 #define JLOG(x) \
-    if (!x)     \
+    if (!(x))   \
    {           \
    }           \
    else        \
@@ -235,7 +235,7 @@ private:

 #ifndef CLOG
 #define CLOG(ss) \
-    if (!ss)     \
+    if (!(ss))   \
        ;        \
    else         \
        *ss
--- a/include/xrpl/basics/Number.h
+++ b/include/xrpl/basics/Number.h
@@ -73,12 +73,12 @@ struct MantissaRange
    enum mantissa_scale { small, large };

    explicit constexpr MantissaRange(mantissa_scale scale_)
-        : min(getMin(scale_)), max(min * 10 - 1), log(logTen(min).value_or(-1)), scale(scale_)
+        : min(getMin(scale_)), log(logTen(min).value_or(-1)), scale(scale_)
    {
    }

    rep min;
-    rep max;
+    rep max{(min * 10) - 1};
    int log;
    mantissa_scale scale;

@@ -342,7 +342,9 @@ public:
    constexpr int
    signum() const noexcept
    {
-        return negative_ ? -1 : (mantissa_ ? 1 : 0);
+        if (negative_)
+            return -1;
+        return (mantissa_ != 0u) ? 1 : 0;
    }

    Number
@@ -402,19 +404,19 @@ public:
    static void
    setMantissaScale(MantissaRange::mantissa_scale scale);

-    inline static internalrep
+    static internalrep
    minMantissa()
    {
        return range_.get().min;
    }

-    inline static internalrep
+    static internalrep
    maxMantissa()
    {
        return range_.get().max;
    }

-    inline static int
+    static int
    mantissaLog()
    {
        return range_.get().log;
@@ -507,16 +509,12 @@ private:
    class Guard;
 };

-inline constexpr Number::Number(
-    bool negative,
-    internalrep mantissa,
-    int exponent,
-    unchecked) noexcept
+constexpr Number::Number(bool negative, internalrep mantissa, int exponent, unchecked) noexcept
    : negative_(negative), mantissa_{mantissa}, exponent_{exponent}
 {
 }

-inline constexpr Number::Number(internalrep mantissa, int exponent, unchecked) noexcept
+constexpr Number::Number(internalrep mantissa, int exponent, unchecked) noexcept
    : Number(false, mantissa, exponent, unchecked{})
 {
 }
@@ -548,7 +546,7 @@ inline Number::Number(rep mantissa) : Number{mantissa, 0}
 * Please see the "---- External Interface ----" section of the class
 * documentation for an explanation of why the internal value may be modified.
 */
-inline constexpr Number::rep
+constexpr Number::rep
 Number::mantissa() const noexcept
 {
    auto m = mantissa_;
@@ -569,7 +567,7 @@ Number::mantissa() const noexcept
 * Please see the "---- External Interface ----" section of the class
 * documentation for an explanation of why the internal value may be modified.
 */
-inline constexpr int
+constexpr int
 Number::exponent() const noexcept
 {
    auto e = exponent_;
@@ -584,13 +582,13 @@ Number::exponent() const noexcept
    return e;
 }

-inline constexpr Number
+constexpr Number
 Number::operator+() const noexcept
 {
    return *this;
 }

-inline constexpr Number
+constexpr Number
 Number::operator-() const noexcept
 {
    if (mantissa_ == 0)
@@ -705,17 +703,19 @@ Number::normalizeToRange(T minMantissa, T maxMantissa) const
    int exponent = exponent_;

    if constexpr (std::is_unsigned_v<T>)
+    {
        XRPL_ASSERT_PARTS(
            !negative,
            "xrpl::Number::normalizeToRange",
            "Number is non-negative for unsigned range.");
+    }
    Number::normalize(negative, mantissa, exponent, minMantissa, maxMantissa);

    auto const sign = negative ? -1 : 1;
    return std::make_pair(static_cast<T>(sign * mantissa), exponent);
 }

-inline constexpr Number
+constexpr Number
 abs(Number x) noexcept
 {
    if (x < Number{})
@@ -746,7 +746,7 @@ power(Number const& f, unsigned n, unsigned d);

 // Return 0 if abs(x) < limit, else returns x

-inline constexpr Number
+constexpr Number
 squelch(Number const& x, Number const& limit) noexcept
 {
    if (abs(x) < limit)
--- a/include/xrpl/basics/README.md
+++ b/include/xrpl/basics/README.md
@@ -2,9 +2,9 @@

 Utility functions and classes.

-ripple/basic should contain no dependencies on other modules.
+The module xrpl/basics should contain no dependencies on other modules.

-# Choosing a rippled container.
+# Choosing an xrpld container.

 - `std::vector`
  - For ordered containers with most insertions or erases at the end.
--- a/include/xrpl/basics/RangeSet.h
+++ b/include/xrpl/basics/RangeSet.h
@@ -117,22 +117,32 @@ from_string(RangeSet<T>& rs, std::string const& s)
            case 1: {
                T front;
                if (!beast::lexicalCastChecked(front, intervals.front()))
+                {
                    result = false;
+                }
                else
+                {
                    rs.insert(front);
+                }
                break;
            }
            case 2: {
                T front;
                if (!beast::lexicalCastChecked(front, intervals.front()))
+                {
                    result = false;
+                }
                else
                {
                    T back;
                    if (!beast::lexicalCastChecked(back, intervals.back()))
+                    {
                        result = false;
+                    }
                    else
+                    {
                        rs.insert(range(front, back));
+                    }
                }
                break;
            }
--- a/include/xrpl/basics/SlabAllocator.h
+++ b/include/xrpl/basics/SlabAllocator.h
@@ -60,18 +60,16 @@ class SlabAllocator
            {
                // Use memcpy to avoid unaligned UB
                // (will optimize to equivalent code)
-                std::memcpy(data, &l_, sizeof(std::uint8_t*));
+                std::memcpy(data, static_cast<void const*>(&l_), sizeof(std::uint8_t*));
                l_ = data;
                data += item;
            }
        }

-        ~SlabBlock()
-        {
-            // Calling this destructor will release the allocated memory but
-            // will not properly destroy any objects that are constructed in
-            // the block itself.
-        }
+        // Calling this destructor will release the allocated memory but
+        // will not properly destroy any objects that are constructed in
+        // the block itself.
+        ~SlabBlock() = default;

        SlabBlock(SlabBlock const& other) = delete;
        SlabBlock&
@@ -91,18 +89,18 @@ class SlabAllocator
        std::uint8_t*
        allocate() noexcept
        {
-            std::uint8_t* ret;
+            std::uint8_t* ret = nullptr;  // NOLINT(misc-const-correctness)

            {
-                std::lock_guard l(m_);
+                std::lock_guard const l(m_);

                ret = l_;

-                if (ret)
+                if (ret != nullptr)
                {
                    // Use memcpy to avoid unaligned UB
                    // (will optimize to equivalent code)
-                    std::memcpy(&l_, ret, sizeof(std::uint8_t*));
+                    std::memcpy(static_cast<void*>(&l_), ret, sizeof(std::uint8_t*));
                }
            }

@@ -123,11 +121,11 @@ class SlabAllocator
        {
            XRPL_ASSERT(own(ptr), "xrpl::SlabAllocator::SlabBlock::deallocate : own input");

-            std::lock_guard l(m_);
+            std::lock_guard const l(m_);

            // Use memcpy to avoid unaligned UB
            // (will optimize to equivalent code)
-            std::memcpy(ptr, &l_, sizeof(std::uint8_t*));
+            std::memcpy(ptr, static_cast<void const*>(&l_), sizeof(std::uint8_t*));
            l_ = ptr;
        }
    };
@@ -159,7 +157,7 @@ public:
        std::size_t extra,
        std::size_t alloc = 0,
        std::size_t align = 0)
-        : itemAlignment_(align ? align : alignof(Type))
+        : itemAlignment_((align != 0u) ? align : alignof(Type))
        , itemSize_(boost::alignment::align_up(sizeof(Type) + extra, itemAlignment_))
        , slabSize_(alloc)
    {
@@ -176,12 +174,10 @@ public:
    SlabAllocator&
    operator=(SlabAllocator&& other) = delete;

-    ~SlabAllocator()
-    {
-        // FIXME: We can't destroy the memory blocks we've allocated, because
-        //        we can't be sure that they are not being used. Cleaning the
-        //        shutdown process up could make this possible.
-    }
+    // FIXME: We can't destroy the memory blocks we've allocated, because
+    //        we can't be sure that they are not being used. Cleaning the
+    //        shutdown process up could make this possible.
+    ~SlabAllocator() = default;

    /** Returns the size of the memory block this allocator returns. */
    constexpr std::size_t
@@ -210,16 +206,13 @@ public:

        // No slab can satisfy our request, so we attempt to allocate a new
        // one here:
-        std::size_t size = slabSize_;
+        std::size_t const size = slabSize_;

        // We want to allocate the memory at a 2 MiB boundary, to make it
        // possible to use hugepage mappings on Linux:
        auto buf = boost::alignment::aligned_alloc(megabytes(std::size_t(2)), size);
-
-        // clang-format off
-        if (!buf) [[unlikely]]
+        if (buf == nullptr) [[unlikely]]
            return nullptr;
-        // clang-format on

 #if BOOST_OS_LINUX
        // When allocating large blocks, attempt to leverage Linux's
@@ -238,7 +231,7 @@ public:

        // This operation is essentially guaranteed not to fail but
        // let's be careful anyways.
-        if (!boost::alignment::align(itemAlignment_, itemSize_, slabData, slabSize))
+        if (boost::alignment::align(itemAlignment_, itemSize_, slabData, slabSize) == nullptr)
        {
            boost::alignment::aligned_free(buf);
            return nullptr;
@@ -291,7 +284,7 @@ class SlabAllocatorSet
 {
 private:
    // The list of allocators that belong to this set
-    boost::container::static_vector<SlabAllocator<Type>, 64> allocators_;
+    boost::container::static_vector<SlabAllocator<Type>, 64> allocators_{};

    std::size_t maxSize_ = 0;

@@ -350,9 +343,7 @@ public:
    SlabAllocatorSet&
    operator=(SlabAllocatorSet&& other) = delete;

-    ~SlabAllocatorSet()
-    {
-    }
+    ~SlabAllocatorSet() = default;

    /** Returns a suitably aligned pointer, if one is available.

--- a/include/xrpl/basics/Slice.h
+++ b/include/xrpl/basics/Slice.h
@@ -183,7 +183,7 @@ operator==(Slice const& lhs, Slice const& rhs) noexcept
    if (lhs.size() != rhs.size())
        return false;

-    if (lhs.size() == 0)
+    if (lhs.empty())
        return true;

    return std::memcmp(lhs.data(), rhs.data(), lhs.size()) == 0;
@@ -211,14 +211,14 @@ operator<<(Stream& s, Slice const& v)
 }

 template <class T, std::size_t N>
-std::enable_if_t<std::is_same<T, char>::value || std::is_same<T, unsigned char>::value, Slice>
+std::enable_if_t<std::is_same_v<T, char> || std::is_same_v<T, unsigned char>, Slice>
 makeSlice(std::array<T, N> const& a)
 {
    return Slice(a.data(), a.size());
 }

 template <class T, class Alloc>
-std::enable_if_t<std::is_same<T, char>::value || std::is_same<T, unsigned char>::value, Slice>
+std::enable_if_t<std::is_same_v<T, char> || std::is_same_v<T, unsigned char>, Slice>
 makeSlice(std::vector<T, Alloc> const& v)
 {
    return Slice(v.data(), v.size());
--- a/include/xrpl/basics/StringUtilities.h
+++ b/include/xrpl/basics/StringUtilities.h
@@ -66,12 +66,12 @@ strUnHex(std::size_t strSize, Iterator begin, Iterator end)

    while (iter != end)
    {
-        int cHigh = digitLookupTable[*iter++];
+        int const cHigh = digitLookupTable[*iter++];

        if (cHigh < 0)
            return {};

-        int cLow = digitLookupTable[*iter++];
+        int const cLow = digitLookupTable[*iter++];

        if (cLow < 0)
            return {};
--- a/include/xrpl/basics/TaggedCache.h
+++ b/include/xrpl/basics/TaggedCache.h
@@ -182,8 +182,7 @@ private:
            : hook(collector->make_hook(handler))
            , size(collector->make_gauge(prefix, "size"))
            , hit_rate(collector->make_gauge(prefix, "hit_rate"))
-            , hits(0)
-            , misses(0)
+
        {
        }

@@ -191,8 +190,8 @@ private:
        beast::insight::Gauge size;
        beast::insight::Gauge hit_rate;

-        std::size_t hits;
-        std::size_t misses;
+        std::size_t hits{0};
+        std::size_t misses{0};
    };

    class KeyOnlyEntry
@@ -252,7 +251,7 @@ private:
        }
    };

-    typedef typename std::conditional<IsKeyCache, KeyOnlyEntry, ValueEntry>::type Entry;
+    using Entry = std::conditional_t<IsKeyCache, KeyOnlyEntry, ValueEntry>;

    using KeyOnlyCacheType = hardened_partitioned_hash_map<key_type, KeyOnlyEntry, Hash, KeyEqual>;

@@ -294,10 +293,10 @@ private:
    clock_type::duration const m_target_age;

    // Number of items cached
-    int m_cache_count;
+    int m_cache_count{0};
    cache_type m_cache;  // Hold strong reference to recent objects
-    std::uint64_t m_hits;
-    std::uint64_t m_misses;
+    std::uint64_t m_hits{0};
+    std::uint64_t m_misses{0};
 };

 }  // namespace xrpl
--- a/include/xrpl/basics/TaggedCache.ipp
+++ b/include/xrpl/basics/TaggedCache.ipp
@@ -36,9 +36,7 @@ inline TaggedCache<
    , m_name(name)
    , m_target_size(size)
    , m_target_age(expiration)
-    , m_cache_count(0)
-    , m_hits(0)
-    , m_misses(0)
+
 {
 }

--- a/include/xrpl/basics/ToString.h
+++ b/include/xrpl/basics/ToString.h
@@ -12,7 +12,7 @@ namespace xrpl {
 */

 template <class T>
-typename std::enable_if<std::is_arithmetic<T>::value, std::string>::type
+std::enable_if_t<std::is_arithmetic_v<T>, std::string>
 to_string(T t)
 {
    return std::to_string(t);
--- a/include/xrpl/basics/UptimeClock.h
+++ b/include/xrpl/basics/UptimeClock.h
@@ -26,7 +26,7 @@ public:
    explicit UptimeClock() = default;

    static time_point
-    now();  // seconds since rippled program start
+    now();  // seconds since xrpld program start

 private:
    static std::atomic<rep> now_;
--- a/include/xrpl/basics/algorithm.h
+++ b/include/xrpl/basics/algorithm.h
@@ -23,8 +23,10 @@ generalized_set_intersection(
 {
    while (first1 != last1 && first2 != last2)
    {
-        if (comp(*first1, *first2))  // if *first1 < *first2
-            ++first1;                //     then reduce first range
+        if (comp(*first1, *first2))
+        {              // if *first1 < *first2
+            ++first1;  //     then reduce first range
+        }
        else
        {
            if (!comp(*first2, *first1))   // if *first1 == *first2
--- a/include/xrpl/basics/base_uint.h
+++ b/include/xrpl/basics/base_uint.h
@@ -183,11 +183,17 @@ private:
                return ParseResult::badChar;

            if (c >= 'a')
+            {
                nibble = static_cast<std::uint32_t>(c - 'a' + 0xA);
+            }
            else if (c >= 'A')
+            {
                nibble = static_cast<std::uint32_t>(c - 'A' + 0xA);
+            }
            else if (c <= '9')
+            {
                nibble = static_cast<std::uint32_t>(c - '0');
+            }

            if (nibble > 0xFu)
                return ParseResult::badChar;
@@ -212,7 +218,7 @@ private:
        while (in != sv.end())
        {
            std::uint32_t accum = {};
-            for (std::uint32_t shift : {4u, 0u, 12u, 8u, 20u, 16u, 28u, 24u})
+            for (std::uint32_t const shift : {4u, 0u, 12u, 8u, 20u, 16u, 28u, 24u})
            {
                if (auto const result = hexCharToUInt(*in++, shift, accum);
                    result != ParseResult::okay)
@@ -263,7 +269,7 @@ public:
        class Container,
        class = std::enable_if_t<
            detail::is_contiguous_container<Container>::value &&
-            std::is_trivially_copyable<typename Container::value_type>::value>>
+            std::is_trivially_copyable_v<typename Container::value_type>>>
    explicit base_uint(Container const& c)
    {
        XRPL_ASSERT(
@@ -275,7 +281,7 @@ public:
    template <class Container>
    std::enable_if_t<
        detail::is_contiguous_container<Container>::value &&
-            std::is_trivially_copyable<typename Container::value_type>::value,
+            std::is_trivially_copyable_v<typename Container::value_type>,
        base_uint&>
    operator=(Container const& c)
    {
@@ -308,8 +314,10 @@ public:
    signum() const
    {
        for (int i = 0; i < WIDTH; i++)
+        {
            if (data_[i] != 0)
                return 1;
+        }

        return 0;
    }
@@ -335,11 +343,13 @@ public:
    operator=(std::uint64_t uHost)
    {
        *this = beast::zero;
+        // NOLINTBEGIN(cppcoreguidelines-pro-type-member-init)
        union
        {
            unsigned u[2];
            std::uint64_t ul;
        };
+        // NOLINTEND(cppcoreguidelines-pro-type-member-init)
        // Put in least significant bits.
        ul = boost::endian::native_to_big(uHost);
        data_[WIDTH - 2] = u[0];
@@ -388,7 +398,7 @@ public:
        return *this;
    }

-    base_uint const
+    base_uint
    operator++(int)
    {
        // postfix operator
@@ -413,7 +423,7 @@ public:
        return *this;
    }

-    base_uint const
+    base_uint
    operator--(int)
    {
        // postfix operator
@@ -442,9 +452,9 @@ public:
    {
        std::uint64_t carry = 0;

-        for (int i = WIDTH; i--;)
+        for (int i = WIDTH - 1; i >= 0; i--)
        {
-            std::uint64_t n = carry + boost::endian::big_to_native(data_[i]) +
+            std::uint64_t const n = carry + boost::endian::big_to_native(data_[i]) +
                boost::endian::big_to_native(b.data_[i]);

            data_[i] = boost::endian::native_to_big(static_cast<std::uint32_t>(n));
@@ -530,7 +540,7 @@ using uint256 = base_uint<256>;
 using uint192 = base_uint<192>;

 template <std::size_t Bits, class Tag>
-[[nodiscard]] inline constexpr std::strong_ordering
+[[nodiscard]] constexpr std::strong_ordering
 operator<=>(base_uint<Bits, Tag> const& lhs, base_uint<Bits, Tag> const& rhs)
 {
    // This comparison might seem wrong on a casual inspection because it
@@ -551,7 +561,7 @@ operator<=>(base_uint<Bits, Tag> const& lhs, base_uint<Bits, Tag> const& rhs)
 }

 template <std::size_t Bits, typename Tag>
-[[nodiscard]] inline constexpr bool
+[[nodiscard]] constexpr bool
 operator==(base_uint<Bits, Tag> const& lhs, base_uint<Bits, Tag> const& rhs)
 {
    return (lhs <=> rhs) == 0;
@@ -559,7 +569,7 @@ operator==(base_uint<Bits, Tag> const& lhs, base_uint<Bits, Tag> const& rhs)

 //------------------------------------------------------------------------------
 template <std::size_t Bits, class Tag>
-inline constexpr bool
+constexpr bool
 operator==(base_uint<Bits, Tag> const& a, std::uint64_t b)
 {
    return a == base_uint<Bits, Tag>(b);
@@ -567,28 +577,28 @@ operator==(base_uint<Bits, Tag> const& a, std::uint64_t b)

 //------------------------------------------------------------------------------
 template <std::size_t Bits, class Tag>
-inline constexpr base_uint<Bits, Tag>
+constexpr base_uint<Bits, Tag>
 operator^(base_uint<Bits, Tag> const& a, base_uint<Bits, Tag> const& b)
 {
    return base_uint<Bits, Tag>(a) ^= b;
 }

 template <std::size_t Bits, class Tag>
-inline constexpr base_uint<Bits, Tag>
+constexpr base_uint<Bits, Tag>
 operator&(base_uint<Bits, Tag> const& a, base_uint<Bits, Tag> const& b)
 {
    return base_uint<Bits, Tag>(a) &= b;
 }

 template <std::size_t Bits, class Tag>
-inline constexpr base_uint<Bits, Tag>
+constexpr base_uint<Bits, Tag>
 operator|(base_uint<Bits, Tag> const& a, base_uint<Bits, Tag> const& b)
 {
    return base_uint<Bits, Tag>(a) |= b;
 }

 template <std::size_t Bits, class Tag>
-inline constexpr base_uint<Bits, Tag>
+constexpr base_uint<Bits, Tag>
 operator+(base_uint<Bits, Tag> const& a, base_uint<Bits, Tag> const& b)
 {
    return base_uint<Bits, Tag>(a) += b;
@@ -621,7 +631,7 @@ template <>
 inline std::size_t
 extract(uint256 const& key)
 {
-    std::size_t result;
+    std::size_t result = 0;
    // Use memcpy to avoid unaligned UB
    // (will optimize to equivalent code)
    std::memcpy(&result, key.data(), sizeof(std::size_t));
--- a/include/xrpl/basics/contract.h
+++ b/include/xrpl/basics/contract.h
@@ -49,12 +49,11 @@ template <class E, class... Args>
 Throw(Args&&... args)
 {
    static_assert(
-        std::is_convertible<E*, std::exception*>::value,
-        "Exception must derive from std::exception.");
+        std::is_convertible_v<E*, std::exception*>, "Exception must derive from std::exception.");

    E e(std::forward<Args>(args)...);
    LogThrow(std::string("Throwing exception of type " + beast::type_name<E>() + ": ") + e.what());
-    throw e;
+    throw std::move(e);
 }

 /** Called when faulty logic causes a broken invariant. */
--- a/include/xrpl/basics/hardened_hash.h
+++ b/include/xrpl/basics/hardened_hash.h
@@ -32,7 +32,7 @@ make_seed_pair() noexcept
        // state_t& operator=(state_t const&) = delete;
    };
    static state_t state;
-    std::lock_guard lock(state.mutex);
+    std::lock_guard const lock(state.mutex);
    return {state.dist(state.gen), state.dist(state.gen)};
 }

@@ -72,14 +72,12 @@ template <class HashAlgorithm = beast::xxhasher>
 class hardened_hash
 {
 private:
-    detail::seed_pair m_seeds;
+    detail::seed_pair m_seeds{detail::make_seed_pair<>()};

 public:
    using result_type = typename HashAlgorithm::result_type;

-    hardened_hash() : m_seeds(detail::make_seed_pair<>())
-    {
-    }
+    hardened_hash() = default;

    template <class T>
    result_type
--- a/include/xrpl/basics/partitioned_unordered_map.h
+++ b/include/xrpl/basics/partitioned_unordered_map.h
@@ -57,7 +57,7 @@ public:
    {
        using iterator_category = std::forward_iterator_tag;
        partition_map_type* map_{nullptr};
-        typename partition_map_type::iterator ait_;
+        typename partition_map_type::iterator ait_{};
        typename map_type::iterator mit_;

        iterator() = default;
@@ -126,7 +126,7 @@ public:
        using iterator_category = std::forward_iterator_tag;

        partition_map_type* map_{nullptr};
-        typename partition_map_type::iterator ait_;
+        typename partition_map_type::iterator ait_{};
        typename map_type::iterator mit_;

        const_iterator() = default;
@@ -231,7 +231,8 @@ public:
    {
        // Set partitions to the number of hardware threads if the parameter
        // is either empty or set to 0.
-        partitions_ = partitions && *partitions ? *partitions : std::thread::hardware_concurrency();
+        partitions_ =
+            partitions && (*partitions != 0u) ? *partitions : std::thread::hardware_concurrency();
        map_.resize(partitions_);
        XRPL_ASSERT(
            partitions_,
--- a/include/xrpl/basics/random.h
+++ b/include/xrpl/basics/random.h
@@ -14,14 +14,16 @@ namespace xrpl {

 #ifndef __INTELLISENSE__
 static_assert(
-    std::is_integral<beast::xor_shift_engine::result_type>::value &&
-        std::is_unsigned<beast::xor_shift_engine::result_type>::value,
-    "The Ripple default PRNG engine must return an unsigned integral type.");
+    // NOLINTNEXTLINE(misc-redundant-expression)
+    std::is_integral_v<beast::xor_shift_engine::result_type> &&
+        std::is_unsigned_v<beast::xor_shift_engine::result_type>,
+    "The XRPL default PRNG engine must return an unsigned integral type.");

 static_assert(
+    // NOLINTNEXTLINE(misc-redundant-expression)
    std::numeric_limits<beast::xor_shift_engine::result_type>::max() >=
        std::numeric_limits<std::uint64_t>::max(),
-    "The Ripple default PRNG engine return must be at least 64 bits wide.");
+    "The XRPL default PRNG engine return must be at least 64 bits wide.");
 #endif

 namespace detail {
@@ -56,9 +58,9 @@ default_prng()

    // The thread-specific PRNGs:
    thread_local beast::xor_shift_engine engine = [] {
-        std::uint64_t seed;
+        std::uint64_t seed = 0;
        {
-            std::lock_guard lk(m);
+            std::lock_guard const lk(m);
            std::uniform_int_distribution<std::uint64_t> distribution{1};
            seed = distribution(seeder);
        }
@@ -89,7 +91,7 @@ default_prng()
 */
 /** @{ */
 template <class Engine, class Integral>
-std::enable_if_t<std::is_integral<Integral>::value && detail::is_engine<Engine>::value, Integral>
+std::enable_if_t<std::is_integral_v<Integral> && detail::is_engine<Engine>::value, Integral>
 rand_int(Engine& engine, Integral min, Integral max)
 {
    XRPL_ASSERT(max > min, "xrpl::rand_int : max over min inputs");
@@ -101,35 +103,35 @@ rand_int(Engine& engine, Integral min, Integral max)
 }

 template <class Integral>
-std::enable_if_t<std::is_integral<Integral>::value, Integral>
+std::enable_if_t<std::is_integral_v<Integral>, Integral>
 rand_int(Integral min, Integral max)
 {
    return rand_int(default_prng(), min, max);
 }

 template <class Engine, class Integral>
-std::enable_if_t<std::is_integral<Integral>::value && detail::is_engine<Engine>::value, Integral>
+std::enable_if_t<std::is_integral_v<Integral> && detail::is_engine<Engine>::value, Integral>
 rand_int(Engine& engine, Integral max)
 {
    return rand_int(engine, Integral(0), max);
 }

 template <class Integral>
-std::enable_if_t<std::is_integral<Integral>::value, Integral>
+std::enable_if_t<std::is_integral_v<Integral>, Integral>
 rand_int(Integral max)
 {
    return rand_int(default_prng(), max);
 }

 template <class Integral, class Engine>
-std::enable_if_t<std::is_integral<Integral>::value && detail::is_engine<Engine>::value, Integral>
+std::enable_if_t<std::is_integral_v<Integral> && detail::is_engine<Engine>::value, Integral>
 rand_int(Engine& engine)
 {
    return rand_int(engine, std::numeric_limits<Integral>::max());
 }

 template <class Integral = int>
-std::enable_if_t<std::is_integral<Integral>::value, Integral>
+std::enable_if_t<std::is_integral_v<Integral>, Integral>
 rand_int()
 {
    return rand_int(default_prng(), std::numeric_limits<Integral>::max());
@@ -140,7 +142,7 @@ rand_int()
 /** @{ */
 template <class Byte, class Engine>
 std::enable_if_t<
-    (std::is_same<Byte, unsigned char>::value || std::is_same<Byte, std::uint8_t>::value) &&
+    (std::is_same_v<Byte, unsigned char> || std::is_same_v<Byte, std::uint8_t>) &&
        detail::is_engine<Engine>::value,
    Byte>
 rand_byte(Engine& engine)
@@ -150,9 +152,7 @@ rand_byte(Engine& engine)
 }

 template <class Byte = std::uint8_t>
-std::enable_if_t<
-    (std::is_same<Byte, unsigned char>::value || std::is_same<Byte, std::uint8_t>::value),
-    Byte>
+std::enable_if_t<(std::is_same_v<Byte, unsigned char> || std::is_same_v<Byte, std::uint8_t>), Byte>
 rand_byte()
 {
    return rand_byte<Byte>(default_prng());
--- a/Show More
+++ b/Show More