Merge latest changes from confidential-transfer

Corresponding spec change:
https://github.com/XRPLF/XRPL-Standards/pull/501

### Field Renames (SFields)

| Before | After |
|--------|-------|
| `sfIssuerElGamalPublicKey` | `sfIssuerEncryptionKey` |
| `sfHolderElGamalPublicKey` | `sfHolderEncryptionKey` |
| `sfAuditorElGamalPublicKey` | `sfAuditorEncryptionKey` |

### Flag Renames

#### Transaction Flags (`tf`)

| Before | After |
|--------|-------|
| `tfMPTCanPrivacy` | `tfMPTCanConfidentialAmount` |

#### Ledger State Flags (`lsf`)

| Before | After |
|--------|-------|
| `lsfMPTCanPrivacy` | `lsfMPTCanConfidentialAmount` |

#### Ledger State Mutable Flags (`lsmf`)

| Before | After |
|--------|-------|
| `lsmfMPTCannotMutatePrivacy` |
`lsmfMPTCannotMutateCanConfidentialAmount` |

#### Transaction Mutable Flags (`tmf`)

| Before | After |
|--------|-------|
| `tmfMPTCannotMutatePrivacy` |
`tmfMPTCannotMutateCanConfidentialAmount` |
| `tmfMPTSetPrivacy` | `tmfMPTSetCanConfidentialAmount` |
| `tmfMPTClearPrivacy` | `tmfMPTClearCanConfidentialAmount` |

.clang-tidy

@@ -8,14 +8,12 @@ Checks: "-*,
   bugprone-chained-comparison,
   bugprone-compare-pointer-to-member-virtual-function,
   bugprone-copy-constructor-init,
-  bugprone-crtp-constructor-accessibility,
   bugprone-dangling-handle,
   bugprone-dynamic-static-initializers,
   bugprone-empty-catch,
   bugprone-fold-init-type,
   bugprone-forward-declaration-namespace,
   bugprone-inaccurate-erase,
-  bugprone-inc-dec-in-conditions,
   bugprone-incorrect-enable-if,
   bugprone-incorrect-roundings,
   bugprone-infinite-loop,
@@ -32,12 +30,9 @@ Checks: "-*,
   bugprone-multiple-statement-macro,
   bugprone-no-escape,
   bugprone-non-zero-enum-to-bool-conversion,
-  bugprone-optional-value-conversion,
   bugprone-parent-virtual-call,
-  bugprone-pointer-arithmetic-on-polymorphic-object,
   bugprone-posix-return,
   bugprone-redundant-branch-condition,
-  bugprone-reserved-identifier,
   bugprone-return-const-ref-from-parameter,
   bugprone-shared-ptr-array-mismatch,
   bugprone-signal-handler,
@@ -58,31 +53,17 @@ Checks: "-*,
   bugprone-suspicious-realloc-usage,
   bugprone-suspicious-semicolon,
   bugprone-suspicious-string-compare,
-  bugprone-suspicious-stringview-data-usage,
   bugprone-swapped-arguments,
-  bugprone-switch-missing-default-case,
   bugprone-terminating-continue,
   bugprone-throw-keyword-missing,
-  bugprone-too-small-loop-variable,
-  # bugprone-unchecked-optional-access, # see https://github.com/XRPLF/rippled/pull/6502
   bugprone-undefined-memory-manipulation,
   bugprone-undelegated-constructor,
   bugprone-unhandled-exception-at-new,
-  bugprone-unhandled-self-assignment,
   bugprone-unique-ptr-array-mismatch,
   bugprone-unsafe-functions,
-  bugprone-use-after-move,
-  bugprone-unused-raii,
-  bugprone-unused-return-value,
   bugprone-unused-local-non-trivial-variable,
   bugprone-virtual-near-miss,
-  cppcoreguidelines-init-variables,
-  cppcoreguidelines-misleading-capture-default-by-value,
   cppcoreguidelines-no-suspend-with-lock,
-  cppcoreguidelines-pro-type-member-init,
-  cppcoreguidelines-pro-type-static-cast-downcast,
-  cppcoreguidelines-rvalue-reference-param-not-moved,
-  cppcoreguidelines-use-default-member-init,
   cppcoreguidelines-virtual-class-destructor,
   hicpp-ignored-remove-result,
   misc-definitions-in-headers,
@@ -92,49 +73,70 @@ Checks: "-*,
   misc-throw-by-value-catch-by-reference,
   misc-unused-alias-decls,
   misc-unused-using-decls,
+  readability-duplicate-include,
+  readability-enum-initial-value,
+  readability-misleading-indentation,
+  readability-non-const-parameter,
+  readability-redundant-declaration,
+  readability-reference-to-constructed-temporary,
   modernize-deprecated-headers,
   modernize-make-shared,
   modernize-make-unique,
   performance-implicit-conversion-in-loop,
   performance-move-constructor-init,
-  performance-trivially-destructible,
-  readability-avoid-nested-conditional-operator,
-  readability-avoid-return-with-void-value,
-  readability-braces-around-statements,
-  readability-const-return-type,
-  readability-container-contains,
-  readability-container-size-empty,
-  readability-convert-member-functions-to-static,
-  readability-duplicate-include,
-  readability-else-after-return,
-  readability-enum-initial-value,
-  readability-implicit-bool-conversion,
-  readability-make-member-function-const,
-  readability-math-missing-parentheses,
-  readability-misleading-indentation,
-  readability-non-const-parameter,
-  readability-redundant-casting,
-  readability-redundant-declaration,
-  readability-redundant-inline-specifier,
-  readability-redundant-member-init,
-  readability-redundant-string-init,
-  readability-reference-to-constructed-temporary,
-  readability-simplify-boolean-expr,
-  readability-static-definition-in-anonymous-namespace,
-  readability-suspicious-call-argument,
-  readability-use-std-min-max
+  performance-trivially-destructible
   "
 # ---
 # checks that have some issues that need to be resolved:
 #
+# bugprone-crtp-constructor-accessibility,
+# bugprone-inc-dec-in-conditions,
+# bugprone-reserved-identifier,
+# bugprone-move-forwarding-reference,
+# bugprone-switch-missing-default-case,
+# bugprone-suspicious-stringview-data-usage,
+# bugprone-pointer-arithmetic-on-polymorphic-object,
+# bugprone-optional-value-conversion,
+# bugprone-too-small-loop-variable,
+# bugprone-unused-return-value,
+# bugprone-use-after-move,
+# bugprone-unhandled-self-assignment,
+# bugprone-unused-raii,
+#
+# cppcoreguidelines-misleading-capture-default-by-value,
+# cppcoreguidelines-init-variables,
+# cppcoreguidelines-pro-type-member-init,
+# cppcoreguidelines-pro-type-static-cast-downcast,
+# cppcoreguidelines-use-default-member-init,
+# cppcoreguidelines-rvalue-reference-param-not-moved,
+#
 # llvm-namespace-comment,
 # misc-const-correctness,
 # misc-include-cleaner,
 # misc-redundant-expression,
 #
-# readability-inconsistent-declaration-parameter-name, # in this codebase this check will break a lot of arg names
-# readability-static-accessed-through-instance,        # this check is probably unnecessary. it makes the code less readable
+# readability-avoid-nested-conditional-operator,
+# readability-avoid-return-with-void-value,
+# readability-braces-around-statements,
+# readability-container-contains,
+# readability-container-size-empty,
+# readability-convert-member-functions-to-static,
+# readability-const-return-type,
+# readability-else-after-return,
+# readability-implicit-bool-conversion,
+# readability-inconsistent-declaration-parameter-name,
 # readability-identifier-naming,
+# readability-make-member-function-const,
+# readability-math-missing-parentheses,
+# readability-redundant-inline-specifier,
+# readability-redundant-member-init,
+# readability-redundant-casting,
+# readability-redundant-string-init,
+# readability-simplify-boolean-expr,
+# readability-static-definition-in-anonymous-namespace,
+# readability-suspicious-call-argument,
+# readability-use-std-min-max,
+# readability-static-accessed-through-instance,
 #
 # modernize-concat-nested-namespaces,
 # modernize-pass-by-value,
@@ -157,7 +159,7 @@ Checks: "-*,
 # ---
 #
 CheckOptions:
-  readability-braces-around-statements.ShortStatementLines: 2
+  #   readability-braces-around-statements.ShortStatementLines: 2
   #   readability-identifier-naming.MacroDefinitionCase: UPPER_CASE
   #   readability-identifier-naming.ClassCase: CamelCase
   #   readability-identifier-naming.StructCase: CamelCase
@@ -192,7 +194,7 @@ CheckOptions:
   #   readability-identifier-naming.PublicMemberSuffix: ""
   #   readability-identifier-naming.FunctionIgnoredRegexp: ".*tag_invoke.*"
   bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
-  bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
+#   bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
 #   misc-include-cleaner.IgnoreHeaders: '.*/(detail|impl)/.*;.*(expected|unexpected).*;.*ranges_lower_bound\.h;time.h;stdlib.h;__chrono/.*;fmt/chrono.h;boost/uuid/uuid_hash.hpp'
 #
 # HeaderFilterRegex: '^.*/(src|tests)/.*\.(h|hpp)$'

.gersemi/definitions.cmake

@@ -51,9 +51,6 @@ endfunction()
 function(add_module parent name)
 endfunction()
 
-function(setup_protocol_autogen)
-endfunction()
-
 function(target_link_modules parent scope)
 endfunction()
 

.git-blame-ignore-revs

@@ -1,79 +1,16 @@
 # This feature requires Git >= 2.24
 # To use it by default in git blame:
 # git config blame.ignoreRevsFile .git-blame-ignore-revs
-
-# This file is sorted in reverse chronological order, with the most recent commits at the top.
-# The commits listed here are ignored by git blame, which is useful for formatting-only commits that would otherwise obscure the history of changes to a file.
-
-# refactor: Enable remaining clang-tidy `cppcoreguidelines` checks (#6538)
-72f4cb097f626b08b02fc3efcb4aa11cb2e7adb8
-# refactor: Rename system name from 'ripple' to 'xrpld' (#6347)
-ffea3977f0b771fe8e43a8f74e4d393d63a7afd8
-# refactor: Update transaction folder structure (#6483)
-5865bd017f777491b4a956f9210be0c4161f5442
-# chore: Use gersemi instead of ancient cmake-format (#6486)
-0c74270b055133a57a497b5c9fc5a75f7647b1f4
-# chore: Apply clang-format width 100 (#6387)
-2c1fad102353e11293e3edde1c043224e7d3e983
-# chore: Set clang-format width to 100 in config file (#6387)
-25cca465538a56cce501477f9e5e2c1c7ea2d84c
-# chore: Set cmake-format width to 100 (#6386)
-469ce9f291a4480c38d4ee3baca5136b2f053cd0
-# refactor: Modularize app/tx (#6228)
-0976b2b68b64972af8e6e7c497900b5bce9fe22f
-# chore: Update clang-format to 21.1.8 (#6352)
-958d8f375453d80bb1aa4c293b5102c045a3e4b4
-# refactor: Replace include guards by '#pragma once' (#6322)
-34ef577604782ca8d6e1c17df8bd7470990a52ff
-# chore: Format all cmake files without comments (#6294)
-fe9c8d568fcf6ac21483024e01f58962dd5c8260
-# chore: Add cmake-format pre-commit hook (#6279)
-a0e09187b9370805d027c611a7e9ff5a0125282a
-# chore: Set ColumnLimit to 120 in clang-format (#6288)
-5f638f55536def0d88b970d1018a465a238e55f4
-# refactor: Fix typos in comments, configure cspell (#6164)
-3c9f5b62525cb1d6ca1153eeb10433db7d7379fd
-# refactor: Rename `rippled.cfg` to `xrpld.cfg` (#6098)
-3d1b3a49b3601a0a7037fa0b19d5df7b5e0e2fc1
-# refactor: Rename `ripple` namespace to `xrpl` (#5982)
-1eb0fdac6543706b4b9ddca57fd4102928a1f871
-# refactor: Rename `rippled` binary to `xrpld` (#5983)
-9eb84a561ef8bb066d89f098bd9b4ac71baed67c
-# refactor: Replaces secp256k1 source by Conan package (#6089)
-813bc4d9491b078bb950f8255f93b02f71320478
-# refactor: Remove unnecessary copyright notices already covered by LICENSE.md (#5929)
-1d42c4f6de6bf01d1286fc7459b17a37a5189e88
-# refactor: Rename `RIPPLE_` and `RIPPLED_` definitions to `XRPL_` (#5821)
-ada83564d894829424b0f4d922b0e737e07abbf7
-# refactor: Modularize shamap and nodestore (#5668)
-8eb233c2ea8ad5a159be73b77f0f5e1496d547ac
-# refactor: Modularise ledger (#5493)
-dc8b37a52448b005153c13a7f046ad494128cf94
-# chore: Update clang-format and prettier with pre-commit (#5709)
-c14ce956adeabe476ad73c18d73103f347c9c613
-# chore: Fix file formatting (#5718)
-896b8c3b54a22b0497cb0d1ce95e1095f9a227ce
-# chore: Reverts formatting changes to external files, adds formatting changes to proto files (#5711)
-b13370ac0d207217354f1fc1c29aef87769fb8a1
-# chore: Run prettier on all files (#5657)
-97f0747e103f13e26e45b731731059b32f7679ac
-# Reformat code with clang-format-18
-552377c76f55b403a1c876df873a23d780fcc81c
-# Recompute loops (#4997)
-d028005aa6319338b0adae1aebf8abe113162960
-# Rewrite includes (#4997)
-1d23148e6dd53957fcb6205c07a5c6cd7b64d50c
-# Rearrange sources (#4997)
-e416ee72ca26fa0c09d2aee1b68bdfb2b7046eed
-# Move CMake directory (#4997)
-2e902dee53aab2a8f27f32971047bb81e022f94f
-# Rewrite includes
-0eebe6a5f4246fced516d52b83ec4e7f47373edd
-# Format formerly .hpp files
-760f16f56835663d9286bd29294d074de26a7ba6
-# Rename .hpp to .h
-241b9ddde9e11beb7480600fd5ed90e1ef109b21
-# Consolidate external libraries
-e2384885f5f630c8f0ffe4bf21a169b433a16858
-# Format first-party source according to .clang-format
 50760c693510894ca368e90369b0cc2dabfd07f3
+e2384885f5f630c8f0ffe4bf21a169b433a16858
+241b9ddde9e11beb7480600fd5ed90e1ef109b21
+760f16f56835663d9286bd29294d074de26a7ba6
+0eebe6a5f4246fced516d52b83ec4e7f47373edd
+2189cc950c0cebb89e4e2fa3b2d8817205bf7cef
+b9d007813378ad0ff45660dc07285b823c7e9855
+fe9a5365b8a52d4acc42eb27369247e6f238a4f9
+9a93577314e6a8d4b4a8368cc9d2b15a5d8303e8
+552377c76f55b403a1c876df873a23d780fcc81c
+97f0747e103f13e26e45b731731059b32f7679ac
+b13370ac0d207217354f1fc1c29aef87769fb8a1
+896b8c3b54a22b0497cb0d1ce95e1095f9a227ce

.github/actions/generate-version/action.yml

@@ -11,7 +11,7 @@ runs:
   steps:
     # When a tag is pushed, the version is used as-is.
     - name: Generate version for tag event
-      if: ${{ startsWith(github.ref, 'refs/tags/') }}
+      if: ${{ github.event_name == 'tag' }}
       shell: bash
       env:
         VERSION: ${{ github.ref_name }}
@@ -22,7 +22,7 @@ runs:
     # We use a plus sign instead of a hyphen because Conan recipe versions do
     # not support two hyphens.
     - name: Generate version for non-tag event
-      if: ${{ !startsWith(github.ref, 'refs/tags/') }}
+      if: ${{ github.event_name != 'tag' }}
       shell: bash
       run: |
         echo 'Extracting version from BuildInfo.cpp.'

.github/pull_request_template.md

@@ -29,6 +29,22 @@ If a refactor, how is this better than the previous implementation?
 If there is a spec or design document for this feature, please link it here.
 -->
 
+### Type of Change
+
+<!--
+Please check [x] relevant options, delete irrelevant ones.
+-->
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] Refactor (non-breaking change that only restructures code)
+- [ ] Performance (increase or change in throughput and/or latency)
+- [ ] Tests (you added tests for code that already exists, or your new feature included in this PR)
+- [ ] Documentation update
+- [ ] Chore (no impact to binary, e.g. `.gitignore`, formatting, dropping support for older tooling)
+- [ ] Release
+
 ### API Impact
 
 <!--

.github/scripts/levelization/README.md

@@ -70,7 +70,7 @@ that `test` code should _never_ be included in `xrpl` or `xrpld` code.)
 
 ## Validation
 
-The [levelization](generate.py) script takes no parameters,
+The [levelization](generate.sh) script takes no parameters,
 reads no environment variables, and can be run from any directory,
 as long as it is in the expected location in the rippled repo.
 It can be run at any time from within a checked out repo, and will
@@ -104,7 +104,7 @@ It generates many files of [results](results):
   Github Actions workflow to test that levelization loops haven't
   changed. Unfortunately, if changes are detected, it can't tell if
   they are improvements or not, so if you have resolved any issues or
-  done anything else to improve levelization, run `generate.py`,
+  done anything else to improve levelization, run `levelization.sh`,
   and commit the updated results.
 
 The `loops.txt` and `ordering.txt` files relate the modules
@@ -128,7 +128,7 @@ The committed files hide the detailed values intentionally, to
 prevent false alarms and merging issues, and because it's easy to
 get those details locally.
 
-1. Run `generate.py`
+1. Run `levelization.sh`
 2. Grep the modules in `paths.txt`.
    - For example, if a cycle is found `A ~= B`, simply `grep -w
 A .github/scripts/levelization/results/paths.txt | grep -w B`

.github/scripts/levelization/generate.py

@@ -1,335 +0,0 @@
-#!/usr/bin/env python3
-
-"""
-Usage: generate.py
-This script takes no parameters, and can be called from any directory in the file system.
-"""
-
-import os
-import re
-import subprocess
-import sys
-from collections import defaultdict
-from pathlib import Path
-from typing import Dict, List, Tuple, Set, Optional
-
-# Compile regex patterns once at module level
-INCLUDE_PATTERN = re.compile(r"^\s*#include.*/.*\.h")
-INCLUDE_PATH_PATTERN = re.compile(r'[<"]([^>"]+)[>"]')
-
-
-def dictionary_sort_key(s: str) -> str:
-    """
-    Create a sort key that mimics 'sort -d' (dictionary order).
-    Dictionary order only considers blanks and alphanumeric characters.
-    This means punctuation like '.' is ignored during sorting.
-    """
-    # Keep only alphanumeric characters and spaces
-    return "".join(c for c in s if c.isalnum() or c.isspace())
-
-
-def get_level(file_path: str) -> str:
-    """
-    Extract the level from a file path (second and third directory components).
-    Equivalent to bash: cut -d/ -f 2,3
-
-    Examples:
-        src/xrpld/app/main.cpp -> xrpld.app
-        src/libxrpl/protocol/STObject.cpp -> libxrpl.protocol
-        include/xrpl/basics/base_uint.h -> xrpl.basics
-    """
-    parts = file_path.split("/")
-
-    # Get fields 2 and 3 (indices 1 and 2 in 0-based indexing)
-    if len(parts) >= 3:
-        level = f"{parts[1]}/{parts[2]}"
-    elif len(parts) >= 2:
-        level = f"{parts[1]}/toplevel"
-    else:
-        level = file_path
-
-    # If the "level" indicates a file, cut off the filename
-    if "." in level.split("/")[-1]:  # Avoid Path object creation
-        # Use the "toplevel" label as a workaround for `sort`
-        # inconsistencies between different utility versions
-        level = level.rsplit("/", 1)[0] + "/toplevel"
-
-    return level.replace("/", ".")
-
-
-def extract_include_level(include_line: str) -> Optional[str]:
-    """
-    Extract the include path from an #include directive.
-    Gets the first two directory components from the include path.
-    Equivalent to bash: cut -d/ -f 1,2
-
-    Examples:
-        #include <xrpl/basics/base_uint.h> -> xrpl.basics
-        #include "xrpld/app/main/Application.h" -> xrpld.app
-    """
-    # Remove everything before the quote or angle bracket
-    match = INCLUDE_PATH_PATTERN.search(include_line)
-    if not match:
-        return None
-
-    include_path = match.group(1)
-    parts = include_path.split("/")
-
-    # Get first two fields (indices 0 and 1)
-    if len(parts) >= 2:
-        include_level = f"{parts[0]}/{parts[1]}"
-    else:
-        include_level = include_path
-
-    # If the "includelevel" indicates a file, cut off the filename
-    if "." in include_level.split("/")[-1]:  # Avoid Path object creation
-        include_level = include_level.rsplit("/", 1)[0] + "/toplevel"
-
-    return include_level.replace("/", ".")
-
-
-def find_repository_directories(
-    start_path: Path, depth_limit: int = 10
-) -> Tuple[Path, List[Path]]:
-    """
-    Find the repository root by looking for src or include folders.
-    Walks up the directory tree from the start path.
-    """
-    current = start_path.resolve()
-
-    # Walk up the directory tree
-    for _ in range(depth_limit):  # Limit search depth to prevent infinite loops
-        src_path = current / "src"
-        include_path = current / "include"
-        # Check if this directory has src or include folders
-        has_src = src_path.exists()
-        has_include = include_path.exists()
-
-        if has_src or has_include:
-            return current, [src_path, include_path]
-
-        # Move up one level
-        parent = current.parent
-        if parent == current:  # Reached filesystem root
-            break
-        current = parent
-
-    # If we couldn't find it, raise an error
-    raise RuntimeError(
-        "Could not find repository root. "
-        "Expected to find a directory containing 'src' and/or 'include' folders."
-    )
-
-
-def main():
-    # Change to the script's directory
-    script_dir = Path(__file__).parent.resolve()
-    os.chdir(script_dir)
-
-    # Clean up and create results directory.
-    results_dir = script_dir / "results"
-    if results_dir.exists():
-        import shutil
-
-        shutil.rmtree(results_dir)
-    results_dir.mkdir()
-
-    # Find the repository root by searching for src and include directories.
-    try:
-        repo_root, scan_dirs = find_repository_directories(script_dir)
-
-        print(f"Found repository root: {repo_root}")
-        print(f"Scanning directories:")
-        for scan_dir in scan_dirs:
-            print(f"  - {scan_dir.relative_to(repo_root)}")
-    except RuntimeError as e:
-        print(f"Error: {e}", file=sys.stderr)
-        sys.exit(1)
-
-    print("\nScanning for raw includes...")
-    # Find all #include directives
-    raw_includes: List[Tuple[str, str]] = []
-    rawincludes_file = results_dir / "rawincludes.txt"
-
-    # Write to file as we go to avoid storing everything in memory.
-    with open(rawincludes_file, "w", buffering=8192) as raw_f:
-        for dir_path in scan_dirs:
-            print(f"  Scanning {dir_path.relative_to(repo_root)}...")
-
-            for file_path in dir_path.rglob("*"):
-                if not file_path.is_file():
-                    continue
-
-                try:
-                    rel_path_str = str(file_path.relative_to(repo_root))
-
-                    # Read file with a large buffer for performance.
-                    with open(
-                        file_path,
-                        "r",
-                        encoding="utf-8",
-                        errors="ignore",
-                        buffering=8192,
-                    ) as f:
-                        for line in f:
-                            # Quick check before regex
-                            if "#include" not in line or "boost" in line:
-                                continue
-
-                            if INCLUDE_PATTERN.match(line):
-                                line_stripped = line.strip()
-                                entry = f"{rel_path_str}:{line_stripped}\n"
-                                print(entry, end="")
-                                raw_f.write(entry)
-                                raw_includes.append((rel_path_str, line_stripped))
-                except Exception as e:
-                    print(f"Error reading {file_path}: {e}", file=sys.stderr)
-
-    # Build levelization paths and count directly (no need to sort first).
-    print("Build levelization paths")
-    path_counts: Dict[Tuple[str, str], int] = defaultdict(int)
-
-    for file_path, include_line in raw_includes:
-        include_level = extract_include_level(include_line)
-        if not include_level:
-            continue
-
-        level = get_level(file_path)
-        if level != include_level:
-            path_counts[(level, include_level)] += 1
-
-    # Sort and deduplicate paths (using dictionary order like bash 'sort -d').
-    print("Sort and deduplicate paths")
-
-    paths_file = results_dir / "paths.txt"
-    with open(paths_file, "w") as f:
-        # Sort using dictionary order: only alphanumeric and spaces matter
-        sorted_items = sorted(
-            path_counts.items(),
-            key=lambda x: (dictionary_sort_key(x[0][0]), dictionary_sort_key(x[0][1])),
-        )
-        for (level, include_level), count in sorted_items:
-            line = f"{count:7} {level} {include_level}\n"
-            print(line.rstrip())
-            f.write(line)
-
-    # Split into flat-file database
-    print("Split into flat-file database")
-    includes_dir = results_dir / "includes"
-    included_by_dir = results_dir / "included_by"
-    includes_dir.mkdir()
-    included_by_dir.mkdir()
-
-    # Batch writes by grouping data first to avoid repeated file opens.
-    includes_data: Dict[str, List[Tuple[str, int]]] = defaultdict(list)
-    included_by_data: Dict[str, List[Tuple[str, int]]] = defaultdict(list)
-
-    # Process in sorted order to match bash script behaviour (dictionary order).
-    sorted_items = sorted(
-        path_counts.items(),
-        key=lambda x: (dictionary_sort_key(x[0][0]), dictionary_sort_key(x[0][1])),
-    )
-    for (level, include_level), count in sorted_items:
-        includes_data[level].append((include_level, count))
-        included_by_data[include_level].append((level, count))
-
-    # Write all includes files in sorted order (dictionary order).
-    for level in sorted(includes_data.keys(), key=dictionary_sort_key):
-        entries = includes_data[level]
-        with open(includes_dir / level, "w") as f:
-            for include_level, count in entries:
-                line = f"{include_level} {count}\n"
-                print(line.rstrip())
-                f.write(line)
-
-    # Write all included_by files in sorted order (dictionary order).
-    for include_level in sorted(included_by_data.keys(), key=dictionary_sort_key):
-        entries = included_by_data[include_level]
-        with open(included_by_dir / include_level, "w") as f:
-            for level, count in entries:
-                line = f"{level} {count}\n"
-                print(line.rstrip())
-                f.write(line)
-
-    # Search for loops
-    print("Search for loops")
-    loops_file = results_dir / "loops.txt"
-    ordering_file = results_dir / "ordering.txt"
-
-    loops_found: Set[Tuple[str, str]] = set()
-
-    # Pre-load all include files into memory to avoid repeated I/O.
-    # This is the biggest optimisation - we were reading files repeatedly in nested loops.
-    # Use list of tuples to preserve file order.
-    includes_cache: Dict[str, List[Tuple[str, int]]] = {}
-    includes_lookup: Dict[str, Dict[str, int]] = {}  # For fast lookup
-
-    # Note: bash script uses 'for source in *' which uses standard glob sorting,
-    # NOT dictionary order. So we use standard sorted() here, not dictionary_sort_key.
-    for include_file in sorted(includes_dir.iterdir(), key=lambda p: p.name):
-        if not include_file.is_file():
-            continue
-
-        includes_cache[include_file.name] = []
-        includes_lookup[include_file.name] = {}
-        with open(include_file, "r") as f:
-            for line in f:
-                parts = line.strip().split()
-                if len(parts) >= 2:
-                    include_name = parts[0]
-                    include_count = int(parts[1])
-                    includes_cache[include_file.name].append(
-                        (include_name, include_count)
-                    )
-                    includes_lookup[include_file.name][include_name] = include_count
-
-    with open(loops_file, "w", buffering=8192) as loops_f, open(
-        ordering_file, "w", buffering=8192
-    ) as ordering_f:
-
-        # Use standard sorting to match bash glob expansion 'for source in *'.
-        for source in sorted(includes_cache.keys()):
-            source_includes = includes_cache[source]
-
-            for include, include_freq in source_includes:
-                # Check if include file exists and references source
-                if include not in includes_lookup:
-                    continue
-
-                source_freq = includes_lookup[include].get(source)
-
-                if source_freq is not None:
-                    # Found a loop
-                    loop_key = tuple(sorted([source, include]))
-                    if loop_key in loops_found:
-                        continue
-                    loops_found.add(loop_key)
-
-                    loops_f.write(f"Loop: {source} {include}\n")
-
-                    # If the counts are close, indicate that the two modules are
-                    # on the same level, though they shouldn't be.
-                    diff = include_freq - source_freq
-                    if diff > 3:
-                        loops_f.write(f"  {source} > {include}\n\n")
-                    elif diff < -3:
-                        loops_f.write(f"  {include} > {source}\n\n")
-                    elif source_freq == include_freq:
-                        loops_f.write(f"  {include} == {source}\n\n")
-                    else:
-                        loops_f.write(f"  {include} ~= {source}\n\n")
-                else:
-                    ordering_f.write(f"{source} > {include}\n")
-
-    # Print results
-    print("\nOrdering:")
-    with open(ordering_file, "r") as f:
-        print(f.read(), end="")
-
-    print("\nLoops:")
-    with open(loops_file, "r") as f:
-        print(f.read(), end="")
-
-
-if __name__ == "__main__":
-    main()

.github/scripts/levelization/generate.sh

@@ -0,0 +1,130 @@
+#!/bin/bash
+
+# Usage: generate.sh
+# This script takes no parameters, reads no environment variables,
+# and can be run from any directory, as long as it is in the expected
+# location in the repo.
+
+pushd $( dirname $0 )
+
+if [ -v PS1 ]
+then
+  # if the shell is interactive, clean up any flotsam before analyzing
+  git clean -ix
+fi
+
+# Ensure all sorting is ASCII-order consistently across platforms.
+export LANG=C
+
+rm -rfv results
+mkdir results
+includes="$( pwd )/results/rawincludes.txt"
+pushd ../../..
+echo Raw includes:
+grep -r '^[ ]*#include.*/.*\.h' include src | \
+    grep -v boost | tee ${includes}
+popd
+pushd results
+
+oldifs=${IFS}
+IFS=:
+mkdir includes
+mkdir included_by
+echo Build levelization paths
+exec 3< ${includes} # open rawincludes.txt for input
+while read -r -u 3 file include
+do
+    level=$( echo ${file} | cut -d/ -f 2,3 )
+    # If the "level" indicates a file, cut off the filename
+    if [[ "${level##*.}" != "${level}" ]]
+    then
+        # Use the "toplevel" label as a workaround for `sort`
+        # inconsistencies between different utility versions
+        level="$( dirname ${level} )/toplevel"
+    fi
+    level=$( echo ${level} | tr '/' '.' )
+
+    includelevel=$( echo ${include} | sed 's/.*["<]//; s/[">].*//' | \
+        cut -d/ -f 1,2 )
+    if [[ "${includelevel##*.}" != "${includelevel}" ]]
+    then
+        # Use the "toplevel" label as a workaround for `sort`
+        # inconsistencies between different utility versions
+        includelevel="$( dirname ${includelevel} )/toplevel"
+    fi
+    includelevel=$( echo ${includelevel} | tr '/' '.' )
+
+    if [[ "$level" != "$includelevel" ]]
+    then
+        echo $level $includelevel | tee -a paths.txt
+    fi
+done
+echo Sort and deduplicate paths
+sort -ds paths.txt | uniq -c | tee sortedpaths.txt
+mv sortedpaths.txt paths.txt
+exec 3>&- #close fd 3
+IFS=${oldifs}
+unset oldifs
+
+echo Split into flat-file database
+exec 4<paths.txt # open paths.txt for input
+while read -r -u 4 count level include
+do
+    echo ${include} ${count} | tee -a includes/${level}
+    echo ${level} ${count} | tee -a included_by/${include}
+done
+exec 4>&- #close fd 4
+
+loops="$( pwd )/loops.txt"
+ordering="$( pwd )/ordering.txt"
+pushd includes
+echo Search for loops
+# Redirect stdout to a file
+exec 4>&1
+exec 1>"${loops}"
+for source in *
+do
+  if [[ -f "$source" ]]
+  then
+    exec 5<"${source}" # open for input
+    while read -r -u 5 include includefreq
+    do
+      if [[ -f $include ]]
+      then
+        if grep -q -w $source $include
+        then
+          if grep -q -w "Loop: $include $source" "${loops}"
+          then
+            continue
+          fi
+          sourcefreq=$( grep -w $source $include | cut -d\  -f2 )
+          echo "Loop: $source $include"
+          # If the counts are close, indicate that the two modules are
+          # on the same level, though they shouldn't be
+          if [[ $(( $includefreq - $sourcefreq )) -gt 3 ]]
+          then
+              echo -e "  $source > $include\n"
+          elif [[ $(( $sourcefreq - $includefreq )) -gt 3 ]]
+          then
+              echo -e "  $include > $source\n"
+          elif [[ $sourcefreq -eq $includefreq ]]
+          then
+              echo -e "  $include == $source\n"
+          else
+              echo -e "  $include ~= $source\n"
+          fi
+        else
+          echo "$source > $include" >> "${ordering}"
+        fi
+      fi
+    done
+    exec 5>&- #close fd 5
+  fi
+done
+exec 1>&4 #close fd 1
+exec 4>&- #close fd 4
+cat "${ordering}"
+cat "${loops}"
+popd
+popd
+popd

.github/scripts/levelization/results/ordering.txt

@@ -19,7 +19,6 @@ libxrpl.nodestore > xrpl.protocol
 libxrpl.protocol > xrpl.basics
 libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
-libxrpl.protocol_autogen > xrpl.protocol_autogen
 libxrpl.rdb > xrpl.basics
 libxrpl.rdb > xrpl.rdb
 libxrpl.resource > xrpl.basics
@@ -90,7 +89,6 @@ test.core > xrpl.server
 test.csf > xrpl.basics
 test.csf > xrpld.consensus
 test.csf > xrpl.json
-test.csf > xrpl.ledger
 test.csf > xrpl.protocol
 test.json > test.jtx
 test.json > xrpl.json
@@ -109,6 +107,7 @@ test.jtx > xrpl.tx
 test.ledger > test.jtx
 test.ledger > test.toplevel
 test.ledger > xrpl.basics
+test.ledger > xrpld.app
 test.ledger > xrpld.core
 test.ledger > xrpl.ledger
 test.ledger > xrpl.protocol
@@ -125,7 +124,6 @@ test.overlay > xrpl.basics
 test.overlay > xrpld.app
 test.overlay > xrpld.overlay
 test.overlay > xrpld.peerfinder
-test.overlay > xrpl.ledger
 test.overlay > xrpl.nodestore
 test.overlay > xrpl.protocol
 test.overlay > xrpl.shamap
@@ -136,7 +134,6 @@ test.peerfinder > xrpld.core
 test.peerfinder > xrpld.peerfinder
 test.peerfinder > xrpl.protocol
 test.protocol > test.toplevel
-test.protocol > test.unit_test
 test.protocol > xrpl.basics
 test.protocol > xrpl.json
 test.protocol > xrpl.protocol
@@ -174,12 +171,9 @@ test.shamap > xrpl.shamap
 test.toplevel > test.csf
 test.toplevel > xrpl.json
 test.unit_test > xrpl.basics
-test.unit_test > xrpl.protocol
 tests.libxrpl > xrpl.basics
 tests.libxrpl > xrpl.json
 tests.libxrpl > xrpl.net
-tests.libxrpl > xrpl.protocol
-tests.libxrpl > xrpl.protocol_autogen
 xrpl.conditions > xrpl.basics
 xrpl.conditions > xrpl.protocol
 xrpl.core > xrpl.basics
@@ -196,8 +190,6 @@ xrpl.nodestore > xrpl.basics
 xrpl.nodestore > xrpl.protocol
 xrpl.protocol > xrpl.basics
 xrpl.protocol > xrpl.json
-xrpl.protocol_autogen > xrpl.json
-xrpl.protocol_autogen > xrpl.protocol
 xrpl.rdb > xrpl.basics
 xrpl.rdb > xrpl.core
 xrpl.rdb > xrpl.protocol
@@ -235,7 +227,6 @@ xrpld.app > xrpl.shamap
 xrpld.app > xrpl.tx
 xrpld.consensus > xrpl.basics
 xrpld.consensus > xrpl.json
-xrpld.consensus > xrpl.ledger
 xrpld.consensus > xrpl.protocol
 xrpld.core > xrpl.basics
 xrpld.core > xrpl.core

.github/scripts/strategy-matrix/generate.py

@@ -55,7 +55,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
             #   fee to 500.
             # - Bookworm using GCC 15: Debug on linux/amd64, enable code
             #   coverage (which will be done below).
-            # - Bookworm using Clang 16: Debug on linux/amd64, enable voidstar.
+            # - Bookworm using Clang 16: Debug on linux/arm64, enable voidstar.
             # - Bookworm using Clang 17: Release on linux/amd64, set the
             #   reference fee to 1000.
             # - Bookworm using Clang 20: Debug on linux/amd64.
@@ -78,7 +78,7 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
                     if (
                         f"{os['compiler_name']}-{os['compiler_version']}" == "clang-16"
                         and build_type == "Debug"
-                        and architecture["platform"] == "linux/amd64"
+                        and architecture["platform"] == "linux/arm64"
                     ):
                         cmake_args = f"-Dvoidstar=ON {cmake_args}"
                         skip = False

.github/workflows/check-pr-commits.yml

@@ -1,13 +0,0 @@
-name: Check PR commits
-
-on:
-  pull_request:
-
-# The action needs to have write permissions to post comments on the PR.
-permissions:
-  contents: read
-  pull-requests: write
-
-jobs:
-  check_commits:
-    uses: XRPLF/actions/.github/workflows/check-pr-commits.yml@481048b78b94ac3343d1292b4ef125a813879f2b

.github/workflows/check-pr-title.yml

@@ -1,14 +1,10 @@
 name: Check PR title
 
 on:
-  merge_group:
-    types:
-      - checks_requested
   pull_request:
-    types: [opened, edited, reopened, synchronize, ready_for_review]
+    types: [opened, edited, reopened, synchronize]
     branches: [develop]
 
 jobs:
   check_title:
-    if: ${{ github.event.pull_request.draft != true }}
-    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@e2c7f400d1e85ae65dad552fd425169fbacca4a3
+    uses: XRPLF/actions/.github/workflows/check-pr-title.yml@943eb8277e8f4b010fde0c826ce4154c36c39509

.github/workflows/conflicting-pr.yml

@@ -1,25 +0,0 @@
-name: Label PRs with merge conflicts
-
-on:
-  # So that PRs touching the same files as the push are updated.
-  push:
-  # So that the `dirtyLabel` is removed if conflicts are resolved.
-  # We recommend `pull_request_target` so that github secrets are available.
-  # In `pull_request` we wouldn't be able to change labels of fork PRs.
-  pull_request_target:
-    types: [synchronize]
-
-permissions:
-  pull-requests: write
-
-jobs:
-  main:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check if PRs are dirty
-        uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
-        with:
-          dirtyLabel: "PR: has conflicts"
-          repoToken: "${{ secrets.GITHUB_TOKEN }}"
-          commentOnDirty: "This PR has conflicts, please resolve them in order for the PR to be reviewed."
-          commentOnClean: "All conflicts have been resolved. Assigned reviewers can now start or resume their review."

.github/workflows/on-pr.yml

@@ -141,8 +141,9 @@ jobs:
     needs:
       - should-run
       - build-test
-    # Only run when committing to a PR that targets a release branch.
-    if: ${{ github.repository == 'XRPLF/rippled' && needs.should-run.outputs.go == 'true' && github.event_name == 'pull_request' && startsWith(github.event.pull_request.base.ref, 'release') }}
+    # Only run when committing to a PR that targets a release branch in the
+    # XRPLF repository.
+    if: ${{ github.repository_owner == 'XRPLF' && needs.should-run.outputs.go == 'true' && startsWith(github.ref, 'refs/heads/release') }}
     uses: ./.github/workflows/reusable-upload-recipe.yml
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}

.github/workflows/on-tag.yml

@@ -5,7 +5,7 @@ name: Tag
 on:
   push:
     tags:
-      - "[0-9]+.[0-9]+.[0-9]*"
+      - "v*"
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -17,7 +17,8 @@ defaults:
 
 jobs:
   upload-recipe:
-    if: ${{ github.repository == 'XRPLF/rippled' }}
+    # Only run when a tag is pushed to the XRPLF repository.
+    if: ${{ github.repository_owner == 'XRPLF' }}
     uses: ./.github/workflows/reusable-upload-recipe.yml
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}

.github/workflows/on-trigger.yml

@@ -92,8 +92,8 @@ jobs:
 
   upload-recipe:
     needs: build-test
-    # Only run when pushing to the develop branch.
-    if: ${{ github.repository == 'XRPLF/rippled' && github.event_name == 'push' && github.ref == 'refs/heads/develop' }}
+    # Only run when pushing to the develop branch in the XRPLF repository.
+    if: ${{ github.repository_owner == 'XRPLF' && github.event_name == 'push' && github.ref == 'refs/heads/develop' }}
     uses: ./.github/workflows/reusable-upload-recipe.yml
     secrets:
       remote_username: ${{ secrets.CONAN_REMOTE_USERNAME }}

.github/workflows/pre-commit.yml

@@ -1,9 +1,6 @@
 name: Run pre-commit hooks
 
 on:
-  merge_group:
-    types:
-      - checks_requested
   pull_request:
   push:
     branches:
@@ -14,7 +11,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@e7896f15cc60d0da1a272c77ee5c4026b424f9c7
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@56de1bdf19639e009639a50b8d17c28ca954f267
     with:
       runs_on: ubuntu-latest
       container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-41ec7c1" }'

.github/workflows/publish-docs.yml

@@ -48,7 +48,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
         with:
           enable_ccache: false
 

.github/workflows/reusable-build-test-config.yml

@@ -76,7 +76,7 @@ jobs:
     name: ${{ inputs.config_name }}
     runs-on: ${{ fromJSON(inputs.runs_on) }}
     container: ${{ inputs.image != '' && inputs.image || null }}
-    timeout-minutes: ${{ inputs.sanitizers != '' && 360 || 60 }}
+    timeout-minutes: 60
     env:
       # Use a namespace to keep the objects separate for each configuration.
       CCACHE_NAMESPACE: ${{ inputs.config_name }}
@@ -107,7 +107,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
         with:
           enable_ccache: ${{ inputs.ccache_enabled }}
 
@@ -166,29 +166,6 @@ jobs:
             --parallel "${BUILD_NPROC}" \
             --target "${CMAKE_TARGET}"
 
-      - name: Check protocol autogen files are up-to-date
-        env:
-          MESSAGE: |
-
-            The generated protocol wrapper classes are out of date.
-
-            This typically happens when your branch is behind develop and
-            the macro files or generator scripts have changed.
-
-            To fix this:
-              1. Update your branch from develop (merge or rebase)
-              2. Build with code generation enabled (XRPL_NO_CODEGEN=OFF)
-              3. Commit and push the regenerated files
-        run: |
-          set -e
-          DIFF=$(git status --porcelain -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen)
-          if [ -n "${DIFF}" ]; then
-            echo "::error::Generated protocol files are out of date"
-            git diff -- include/xrpl/protocol_autogen src/tests/libxrpl/protocol_autogen
-            echo "${MESSAGE}"
-            exit 1
-          fi
-
       - name: Show ccache statistics
         if: ${{ inputs.ccache_enabled }}
         run: |
@@ -199,7 +176,7 @@ jobs:
           fi
 
       - name: Upload the binary (Linux)
-        if: ${{ github.repository == 'XRPLF/rippled' && runner.os == 'Linux' }}
+        if: ${{ github.repository_owner == 'XRPLF' && runner.os == 'Linux' }}
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: xrpld-${{ inputs.config_name }}
@@ -227,17 +204,11 @@ jobs:
 
       - name: Set sanitizer options
         if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
-        env:
-          CONFIG_NAME: ${{ inputs.config_name }}
         run: |
-          ASAN_OPTS="include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-asan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp"
-          if [[ "${CONFIG_NAME}" == *gcc* ]]; then
-            ASAN_OPTS="${ASAN_OPTS}:alloc_dealloc_mismatch=0"
-          fi
-          echo "ASAN_OPTIONS=${ASAN_OPTS}" >> ${GITHUB_ENV}
-          echo "TSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-tsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
-          echo "UBSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
-          echo "LSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-lsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
+          echo "ASAN_OPTIONS=print_stacktrace=1:detect_container_overflow=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp" >> ${GITHUB_ENV}
+          echo "TSAN_OPTIONS=second_deadlock_stack=1:halt_on_error=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
+          echo "UBSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
+          echo "LSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
 
       - name: Run the separate tests
         if: ${{ !inputs.build_only }}
@@ -259,8 +230,6 @@ jobs:
           BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
         run: |
           set -o pipefail
-          # Coverage builds are slower due to instrumentation; use fewer parallel jobs to avoid flakiness
-          [ "$COVERAGE_ENABLED" = "true" ] && BUILD_NPROC=$(( BUILD_NPROC - 2 ))
           ./xrpld --unittest --unittest-jobs "${BUILD_NPROC}" 2>&1 | tee unittest.log
 
       - name: Show test failure summary
@@ -297,8 +266,8 @@ jobs:
             --target coverage
 
       - name: Upload coverage report
-        if: ${{ github.repository == 'XRPLF/rippled' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5.5.3
+        if: ${{ github.repository_owner == 'XRPLF' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
+        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
         with:
           disable_search: true
           disable_telem: true

.github/workflows/reusable-check-levelization.yml

@@ -20,7 +20,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Check levelization
-        run: python .github/scripts/levelization/generate.py
+        run: .github/scripts/levelization/generate.sh
       - name: Check for differences
         env:
           MESSAGE: |
@@ -32,7 +32,7 @@ jobs:
             removed from loops.txt, it's probably an improvement, while if
             something was added, it's probably a regression.
 
-            Run '.github/scripts/levelization/generate.py' in your repo, commit
+            Run '.github/scripts/levelization/generate.sh' in your repo, commit
             and push the changes. See .github/scripts/levelization/README.md for
             more info.
         run: |

.github/workflows/reusable-clang-tidy-files.yml

@@ -35,7 +35,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
         with:
           enable_ccache: false
 

.github/workflows/reusable-clang-tidy.yml

@@ -51,5 +51,5 @@ jobs:
     if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.any_cpp_changed == 'true' || needs.determine-files.outputs.clang_tidy_config_changed == 'true') }}
     uses: ./.github/workflows/reusable-clang-tidy-files.yml
     with:
-      files: ${{ (needs.determine-files.outputs.clang_tidy_config_changed != 'true' && inputs.check_only_changed) && needs.determine-files.outputs.all_changed_files || '' }}
+      files: ${{ (needs.determine-files.outputs.clang_tidy_config_changed == 'true' && '') || (inputs.check_only_changed && needs.determine-files.outputs.all_changed_files || '') }}
       create_issue_on_failure: ${{ inputs.create_issue_on_failure }}

.github/workflows/reusable-upload-recipe.yml

@@ -69,30 +69,24 @@ jobs:
           conan export . --version=${{ steps.version.outputs.version }}
           conan upload --confirm --check --remote="${REMOTE_NAME}" xrpl/${{ steps.version.outputs.version }}
 
-      # When this workflow is triggered by a push event, it will always be when merging into the
-      # 'develop' branch, see on-trigger.yml.
       - name: Upload Conan recipe (develop)
-        if: ${{ github.event_name == 'push' }}
+        if: ${{ github.ref == 'refs/heads/develop' }}
         env:
           REMOTE_NAME: ${{ inputs.remote_name }}
         run: |
           conan export . --version=develop
           conan upload --confirm --check --remote="${REMOTE_NAME}" xrpl/develop
 
-      # When this workflow is triggered by a pull request event, it will always be when merging into
-      # one of the 'release' branches, see on-pr.yml.
       - name: Upload Conan recipe (rc)
-        if: ${{ github.event_name == 'pull_request' }}
+        if: ${{ startsWith(github.ref, 'refs/heads/release') }}
         env:
           REMOTE_NAME: ${{ inputs.remote_name }}
         run: |
           conan export . --version=rc
           conan upload --confirm --check --remote="${REMOTE_NAME}" xrpl/rc
 
-      # When this workflow is triggered by a push event, it will always be when tagging a final
-      # release, see on-tag.yml.
       - name: Upload Conan recipe (release)
-        if: ${{ startsWith(github.ref, 'refs/tags/') }}
+        if: ${{ github.event_name == 'tag' }}
         env:
           REMOTE_NAME: ${{ inputs.remote_name }}
         run: |

.github/workflows/upload-conan-deps.yml

@@ -70,7 +70,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2bbc2dc1abeec7bfaa886804ab86871ac201764e
+        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
         with:
           enable_ccache: false
 
@@ -103,11 +103,11 @@ jobs:
           sanitizers: ${{ matrix.sanitizers }}
 
       - name: Log into Conan remote
-        if: ${{ github.repository == 'XRPLF/rippled' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
+        if: ${{ github.repository_owner == 'XRPLF' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
         run: conan remote login "${CONAN_REMOTE_NAME}" "${{ secrets.CONAN_REMOTE_USERNAME }}" --password "${{ secrets.CONAN_REMOTE_PASSWORD }}"
 
       - name: Upload Conan packages
-        if: ${{ github.repository == 'XRPLF/rippled' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
+        if: ${{ github.repository_owner == 'XRPLF' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
         env:
           FORCE_OPTION: ${{ github.event.inputs.force_upload == 'true' && '--force' || '' }}
         run: conan upload "*" --remote="${CONAN_REMOTE_NAME}" --confirm ${FORCE_OPTION}

.gitignore

@@ -71,15 +71,10 @@ DerivedData
 /.zed/
 
 # AI tools.
-/.agent
-/.agents
 /.augment
 /.claude
 /CLAUDE.md
 
-# Python
-__pycache__
-
 # Direnv's directory
 /.direnv
 

.pre-commit-config.yaml

@@ -13,8 +13,6 @@ repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: 3e8a8703264a2f4a69428a0aa4dcb512790b2c8c # frozen: v6.0.0
     hooks:
-      - id: check-added-large-files
-        args: [--maxkb=400, --enforce-all]
       - id: trailing-whitespace
       - id: end-of-file-fixer
       - id: mixed-line-ending
@@ -27,7 +25,6 @@ repos:
       - id: clang-format
         args: [--style=file]
         "types_or": [c++, c, proto]
-        exclude: ^include/xrpl/protocol_autogen/(transactions|ledger_entries)/
 
   - repo: https://github.com/BlankSpruce/gersemi
     rev: 0.26.0
@@ -48,7 +45,7 @@ repos:
     rev: a42085ade523f591dca134379a595e7859986445 # frozen: v9.7.0
     hooks:
       - id: cspell # Spell check changed files
-        exclude: (.config/cspell.config.yaml|^include/xrpl/protocol_autogen/(transactions|ledger_entries)/)
+        exclude: .config/cspell.config.yaml
       - id: cspell # Spell check the commit message
         name: check commit message spelling
         args:
@@ -80,6 +77,5 @@ repos:
 exclude: |
   (?x)^(
       external/.*|
-      .github/scripts/levelization/results/.*\.txt|
-      src/tests/libxrpl/protocol_autogen/(transactions|ledger_entries)/.*
+      .github/scripts/levelization/results/.*\.txt
   )$

API-CHANGELOG.md

@@ -35,10 +35,6 @@ This section contains changes targeting a future version.
   - `LEDGER_ENTRY_FLAGS`: Maps ledger entry type names to their flags and flag values.
   - `ACCOUNT_SET_FLAGS`: Maps AccountSet flag names (asf flags) to their numeric values.
 
-### Bugfixes
-
-- Peer Crawler: The `port` field in `overlay.active[]` now consistently returns an integer instead of a string for outbound peers. [#6318](https://github.com/XRPLF/rippled/pull/6318)
-
 ## XRP Ledger server version 3.1.0
 
 [Version 3.1.0](https://github.com/XRPLF/rippled/releases/tag/3.1.0) was released on Jan 27, 2026.

BUILD.md

@@ -125,9 +125,9 @@ default profile.
 
 ### Patched recipes
 
-Occasionally, we need patched recipes or recipes not present in Conan Center.
-We maintain a fork of the Conan Center Index
-[here](https://github.com/XRPLF/conan-center-index/) containing the modified and newly added recipes.
+The recipes in Conan Center occasionally need to be patched for compatibility
+with the latest version of `xrpld`. We maintain a fork of the Conan Center
+[here](https://github.com/XRPLF/conan-center-index/) containing the patches.
 
 To ensure our patched recipes are used, you must add our Conan remote at a
 higher index than the default Conan Center remote, so it is consulted first. You
@@ -137,11 +137,19 @@ can do this by running:
 conan remote add --index 0 xrplf https://conan.ripplex.io
 ```
 
-Alternatively, you can pull our recipes from the repository and export them locally:
+Alternatively, you can pull the patched recipes into the repository and use them
+locally:
 
 ```bash
+# Extract the version number from the lockfile.
+function extract_version {
+  version=$(cat conan.lock | sed -nE "s@.+${1}/(.+)#.+@\1@p" | head -n1)
+  echo ${version}
+}
+
 # Define which recipes to export.
-recipes=('abseil' 'ed25519' 'grpc' 'm4' 'mpt-crypto' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci' 'wasm-xrplf' 'wasmi')
+recipes=('ed25519' 'grpc' 'nudb' 'openssl' 'secp256k1' 'snappy' 'soci')
+folders=('all'     'all'  'all'  '3.x.x'   'all'       'all'    'all')
 
 # Selectively check out the recipes from our CCI fork.
 cd external
@@ -150,19 +158,29 @@ cd conan-center-index
 git init
 git remote add origin git@github.com:XRPLF/conan-center-index.git
 git sparse-checkout init
-for recipe in "${recipes[@]}"; do
-  echo "Checking out recipe '${recipe}'..."
-  git sparse-checkout add recipes/${recipe}
+for ((index = 1; index <= ${#recipes[@]}; index++)); do
+  recipe=${recipes[index]}
+  folder=${folders[index]}
+  echo "Checking out recipe '${recipe}' from folder '${folder}'..."
+  git sparse-checkout add recipes/${recipe}/${folder}
 done
 git fetch origin master
 git checkout master
+cd ../..
 
-./export_all.sh
-cd ../../
+# Export the recipes into the local cache.
+for ((index = 1; index <= ${#recipes[@]}; index++)); do
+  recipe=${recipes[index]}
+  folder=${folders[index]}
+  version=$(extract_version ${recipe})
+  echo "Exporting '${recipe}/${version}' from '${recipe}/${folder}'..."
+  conan export --version $(extract_version ${recipe}) \
+    external/conan-center-index/recipes/${recipe}/${folder}
+done
 ```
 
 In the case we switch to a newer version of a dependency that still requires a
-patch or add a new dependency, it will be necessary for you to pull in the changes and re-export the
+patch, it will be necessary for you to pull in the changes and re-export the
 updated dependencies with the newer version. However, if we switch to a newer
 version that no longer requires a patch, no action is required on your part, as
 the new recipe will be automatically pulled from the official Conan Center.
@@ -171,8 +189,6 @@ the new recipe will be automatically pulled from the official Conan Center.
 > You might need to add `--lockfile=""` to your `conan install` command
 > to avoid automatic use of the existing `conan.lock` file when you run
 > `conan export` manually on your machine
->
-> This is not recommended though, as you might end up using different revisions of recipes.
 
 ### Conan profile tweaks
 
@@ -188,14 +204,39 @@ Possible values are ['5.0', '5.1', '6.0', '6.1', '7.0', '7.3', '8.0', '8.1',
 Read "http://docs.conan.io/2/knowledge/faq.html#error-invalid-setting"
 ```
 
-you need to add your compiler to the list of compiler versions in
-`$(conan config home)/settings_user.yml`, by adding the required version number(s)
+you need to amend the list of compiler versions in
+`$(conan config home)/settings.yml`, by appending the required version number(s)
 to the `version` array specific for your compiler. For example:
 
 ```yaml
-compiler:
-  apple-clang:
-    version: ["17.0"]
+apple-clang:
+  version:
+    [
+      "5.0",
+      "5.1",
+      "6.0",
+      "6.1",
+      "7.0",
+      "7.3",
+      "8.0",
+      "8.1",
+      "9.0",
+      "9.1",
+      "10.0",
+      "11.0",
+      "12.0",
+      "13",
+      "13.0",
+      "13.1",
+      "14",
+      "14.0",
+      "15",
+      "15.0",
+      "16",
+      "16.0",
+      "17",
+      "17.0",
+    ]
 ```
 
 #### Multiple compilers

CMakeLists.txt

@@ -88,6 +88,7 @@ find_package(ed25519 REQUIRED)
 find_package(gRPC REQUIRED)
 find_package(LibArchive REQUIRED)
 find_package(lz4 REQUIRED)
+find_package(mpt-crypto REQUIRED)
 find_package(nudb REQUIRED)
 find_package(OpenSSL REQUIRED)
 find_package(secp256k1 REQUIRED)
@@ -100,6 +101,7 @@ target_link_libraries(
     INTERFACE
         ed25519::ed25519
         lz4::lz4
+        mpt-crypto::mpt-crypto
         OpenSSL::Crypto
         OpenSSL::SSL
         secp256k1::secp256k1
@@ -131,6 +133,7 @@ if(coverage)
     include(XrplCov)
 endif()
 
+set(PROJECT_EXPORT_SET XrplExports)
 include(XrplCore)
 include(XrplInstall)
 include(XrplValidatorKeys)

CONTRIBUTING.md

@@ -127,6 +127,26 @@ tl;dr
 > 6. Wrap the body at 72 characters.
 > 7. Use the body to explain what and why vs. how.
 
+In addition to those guidelines, please add one of the following
+prefixes to the subject line if appropriate.
+
+- `fix:` - The primary purpose is to fix an existing bug.
+- `perf:` - The primary purpose is performance improvements.
+- `refactor:` - The changes refactor code without affecting
+  functionality.
+- `test:` - The changes _only_ affect unit tests.
+- `docs:` - The changes _only_ affect documentation. This can
+  include code comments in addition to `.md` files like this one.
+- `build:` - The changes _only_ affect the build process,
+  including CMake and/or Conan settings.
+- `chore:` - Other tasks that don't affect the binary, but don't fit
+  any of the other cases. e.g. formatting, git settings, updating
+  Github Actions jobs.
+
+Whenever possible, when updating commits after the PR is open, please
+add the PR number to the end of the subject line. e.g. `test: Add
+unit tests for Feature X (#1234)`.
+
 ## Pull requests
 
 In general, pull requests use `develop` as the base branch.
@@ -160,23 +180,6 @@ credibility of the existing approvals is insufficient.
 Pull requests must be merged by [squash-and-merge][squash]
 to preserve a linear history for the `develop` branch.
 
-### Type of Change
-
-In addition to those guidelines, please start your PR title with one of the following:
-
-- `build:` - The changes _only_ affect the build process, including CMake and/or Conan settings.
-- `feat`: New feature (change which adds functionality).
-- `fix:` - The primary purpose is to fix an existing bug.
-- `docs:` - The changes _only_ affect documentation.
-- `test:` - The changes _only_ affect unit tests.
-- `ci`: Continuous Integration (changes to our CI configuration files and scripts).
-- `style`: Code style (formatting).
-- `refactor:` - The changes refactor code without affecting functionality.
-- `perf:` - The primary purpose is performance improvements.
-- `chore:` - Other tasks that don't affect the binary, but don't fit any of the other cases. e.g. `git` settings, `clang-tidy`, removing dead code, dropping support for older tooling.
-
-First letter after the type prefix should be capitalized, and the type prefix should be followed by a colon and a space. e.g. `feat: Add support for Borrowing Protocol`.
-
 ### "Ready to merge"
 
 A pull request should only have the "Ready to merge" label added when it
@@ -259,10 +262,6 @@ There is a Continuous Integration job that runs clang-tidy on pull requests. The
 
 This ensures that configuration changes don't introduce new warnings across the codebase.
 
-### Installing clang-tidy
-
-See the [environment setup guide](./docs/build/environment.md#clang-tidy) for platform-specific installation instructions.
-
 ### Running clang-tidy locally
 
 Before running clang-tidy, you must build the project to generate required files (particularly protobuf headers). Refer to [`BUILD.md`](./BUILD.md) for build instructions.
@@ -270,15 +269,10 @@ Before running clang-tidy, you must build the project to generate required files
 Then run clang-tidy on your local changes:
 
 ```
-run-clang-tidy -p build src include tests
+run-clang-tidy -p build src tests
 ```
 
-This will check all source files in the `src`, `include` and `tests` directories using the compile commands from your `build` directory.
-If you wish to automatically fix whatever clang-tidy finds _and_ is capable of fixing, add `-fix` to the above command:
-
-```
-run-clang-tidy -p build -fix src include tests
-```
+This will check all source files in the `src` and `tests` directories using the compile commands from your `build` directory.
 
 ## Contracts and instrumentation
 

LICENSE.md

@@ -1,7 +1,7 @@
 ISC License
 
 Copyright (c) 2011, Arthur Britto, David Schwartz, Jed McCaleb, Vinnie Falco, Bob Way, Eric Lombrozo, Nikolaos D. Bougalis, Howard Hinnant.
-Copyright (c) 2012-present, the XRP Ledger developers.
+Copyright (c) 2012-2025, the XRP Ledger developers.
 
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above

cmake/XrplCompiler.cmake

@@ -118,7 +118,7 @@ if(MSVC)
             NOMINMAX
             # TODO: Resolve these warnings, don't just silence them
             _SILENCE_ALL_CXX17_DEPRECATION_WARNINGS
-            $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>,$<NOT:$<BOOL:${is_ci}>>>:_CRTDBG_MAP_ALLOC>
+            $<$<AND:$<COMPILE_LANGUAGE:CXX>,$<CONFIG:Debug>>:_CRTDBG_MAP_ALLOC>
     )
     target_link_libraries(common INTERFACE -errorreport:none -machine:X64)
 else()

cmake/XrplConfig.cmake

@@ -0,0 +1,60 @@
+include(CMakeFindDependencyMacro)
+# need to represent system dependencies of the lib here
+#[=========================================================[
+  Boost
+#]=========================================================]
+if(static OR APPLE OR MSVC)
+    set(Boost_USE_STATIC_LIBS ON)
+endif()
+set(Boost_USE_MULTITHREADED ON)
+if(static OR MSVC)
+    set(Boost_USE_STATIC_RUNTIME ON)
+else()
+    set(Boost_USE_STATIC_RUNTIME OFF)
+endif()
+find_dependency(
+    Boost
+    COMPONENTS
+    chrono
+    container
+    context
+    coroutine
+    date_time
+    filesystem
+    program_options
+    regex
+    system
+    thread
+)
+#[=========================================================[
+  OpenSSL
+#]=========================================================]
+if(NOT DEFINED OPENSSL_ROOT_DIR)
+    if(DEFINED ENV{OPENSSL_ROOT})
+        set(OPENSSL_ROOT_DIR $ENV{OPENSSL_ROOT})
+    elseif(APPLE)
+        find_program(homebrew brew)
+        if(homebrew)
+            execute_process(
+                COMMAND ${homebrew} --prefix openssl
+                OUTPUT_VARIABLE OPENSSL_ROOT_DIR
+                OUTPUT_STRIP_TRAILING_WHITESPACE
+            )
+        endif()
+    endif()
+    file(TO_CMAKE_PATH "${OPENSSL_ROOT_DIR}" OPENSSL_ROOT_DIR)
+endif()
+
+if(static OR APPLE OR MSVC)
+    set(OPENSSL_USE_STATIC_LIBS ON)
+endif()
+set(OPENSSL_MSVC_STATIC_RT ON)
+find_dependency(OpenSSL REQUIRED)
+find_dependency(ZLIB)
+find_dependency(date)
+if(TARGET ZLIB::ZLIB)
+    set_target_properties(
+        OpenSSL::Crypto
+        PROPERTIES INTERFACE_LINK_LIBRARIES ZLIB::ZLIB
+    )
+endif()

cmake/XrplCore.cmake

@@ -108,40 +108,17 @@ target_link_libraries(
 )
 
 # Level 05
-## Set up code generation for protocol_autogen module
-include(XrplProtocolAutogen)
-# Must call setup_protocol_autogen before add_module so that:
-# 1. Stale generated files are cleared before GLOB runs
-# 2. Output file list is known for custom commands
-setup_protocol_autogen()
-
-add_module(xrpl protocol_autogen)
-target_link_libraries(
-    xrpl.libxrpl.protocol_autogen
-    PUBLIC xrpl.libxrpl.protocol
-)
-
-# Ensure code generation runs before compiling protocol_autogen
-if(TARGET protocol_autogen_generate)
-    add_dependencies(xrpl.libxrpl.protocol_autogen protocol_autogen_generate)
-endif()
-
-# Level 06
 add_module(xrpl core)
 target_link_libraries(
     xrpl.libxrpl.core
-    PUBLIC
-        xrpl.libxrpl.basics
-        xrpl.libxrpl.json
-        xrpl.libxrpl.protocol
-        xrpl.libxrpl.protocol_autogen
+    PUBLIC xrpl.libxrpl.basics xrpl.libxrpl.json xrpl.libxrpl.protocol
 )
 
-# Level 07
+# Level 06
 add_module(xrpl resource)
 target_link_libraries(xrpl.libxrpl.resource PUBLIC xrpl.libxrpl.protocol)
 
-# Level 08
+# Level 07
 add_module(xrpl net)
 target_link_libraries(
     xrpl.libxrpl.net
@@ -194,7 +171,6 @@ target_link_libraries(
         xrpl.libxrpl.basics
         xrpl.libxrpl.json
         xrpl.libxrpl.protocol
-        xrpl.libxrpl.protocol_autogen
         xrpl.libxrpl.rdb
         xrpl.libxrpl.server
         xrpl.libxrpl.shamap
@@ -230,7 +206,6 @@ target_link_modules(
     net
     nodestore
     protocol
-    protocol_autogen
     rdb
     resource
     server

cmake/XrplInstall.cmake

@@ -2,38 +2,100 @@
    install stuff
 #]===================================================================]
 
-include(GNUInstallDirs)
+include(create_symbolic_link)
 
-if(is_root_project AND TARGET xrpld)
-    install(
-        TARGETS xrpld
-        RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" COMPONENT runtime
-    )
-
-    install(
-        FILES "${CMAKE_CURRENT_SOURCE_DIR}/cfg/xrpld-example.cfg"
-        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}/xrpld"
-        RENAME xrpld.cfg
-        COMPONENT runtime
-    )
-
-    install(
-        FILES "${CMAKE_CURRENT_SOURCE_DIR}/cfg/validators-example.txt"
-        DESTINATION "${CMAKE_INSTALL_SYSCONFDIR}/xrpld"
-        RENAME validators.txt
-        COMPONENT runtime
-    )
+# If no suffix is defined for executables (e.g. Windows uses .exe but Linux
+# and macOS use none), then explicitly set it to the empty string.
+if(NOT DEFINED suffix)
+    set(suffix "")
 endif()
 
 install(
-    TARGETS xrpl.libpb xrpl.libxrpl
-    LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}" COMPONENT development
-    ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}" COMPONENT development
-    RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}" COMPONENT development
+    TARGETS
+        common
+        opts
+        xrpl_boost
+        xrpl_libs
+        xrpl_syslibs
+        xrpl.imports.main
+        xrpl.libpb
+        xrpl.libxrpl
+        xrpl.libxrpl.basics
+        xrpl.libxrpl.beast
+        xrpl.libxrpl.conditions
+        xrpl.libxrpl.core
+        xrpl.libxrpl.crypto
+        xrpl.libxrpl.git
+        xrpl.libxrpl.json
+        xrpl.libxrpl.rdb
+        xrpl.libxrpl.ledger
+        xrpl.libxrpl.net
+        xrpl.libxrpl.nodestore
+        xrpl.libxrpl.protocol
+        xrpl.libxrpl.resource
+        xrpl.libxrpl.server
+        xrpl.libxrpl.shamap
+        xrpl.libxrpl.tx
+        antithesis-sdk-cpp
+    EXPORT XrplExports
+    LIBRARY DESTINATION lib
+    ARCHIVE DESTINATION lib
+    RUNTIME DESTINATION bin
+    INCLUDES DESTINATION include
 )
 
 install(
     DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl"
     DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}"
-    COMPONENT development
+)
+
+install(
+    EXPORT XrplExports
+    FILE XrplTargets.cmake
+    NAMESPACE Xrpl::
+    DESTINATION lib/cmake/xrpl
+)
+include(CMakePackageConfigHelpers)
+write_basic_package_version_file(
+    XrplConfigVersion.cmake
+    VERSION ${xrpld_version}
+    COMPATIBILITY SameMajorVersion
+)
+
+if(is_root_project AND TARGET xrpld)
+    install(TARGETS xrpld RUNTIME DESTINATION bin)
+    set_target_properties(xrpld PROPERTIES INSTALL_RPATH_USE_LINK_PATH ON)
+    # sample configs should not overwrite existing files
+    # install if-not-exists workaround as suggested by
+    # https://cmake.org/Bug/view.php?id=12646
+    install(
+        CODE
+            "
+    macro (copy_if_not_exists SRC DEST NEWNAME)
+      if (NOT EXISTS \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/\${DEST}/\${NEWNAME}\")
+        file (INSTALL FILE_PERMISSIONS OWNER_READ OWNER_WRITE DESTINATION \"\${CMAKE_INSTALL_PREFIX}/\${DEST}\" FILES \"\${SRC}\" RENAME \"\${NEWNAME}\")
+      else ()
+        message (\"-- Skipping : \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/\${DEST}/\${NEWNAME}\")
+      endif ()
+    endmacro()
+    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/xrpld-example.cfg\" etc xrpld.cfg)
+    copy_if_not_exists(\"${CMAKE_CURRENT_SOURCE_DIR}/cfg/validators-example.txt\" etc validators.txt)
+  "
+    )
+    install(
+        CODE
+            "
+    set(CMAKE_MODULE_PATH \"${CMAKE_MODULE_PATH}\")
+    include(create_symbolic_link)
+    create_symbolic_link(xrpld${suffix} \
+       \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}/rippled${suffix})
+  "
+    )
+endif()
+
+install(
+    FILES
+        ${CMAKE_CURRENT_SOURCE_DIR}/cmake/XrplConfig.cmake
+        ${CMAKE_CURRENT_BINARY_DIR}/XrplConfigVersion.cmake
+    DESTINATION lib/cmake/xrpl
 )

cmake/XrplInterface.cmake

@@ -23,7 +23,7 @@ target_compile_definitions(
         BOOST_FILESYSTEM_NO_DEPRECATED
         >
         $<$<NOT:$<BOOL:${boost_show_deprecated}>>:
-        BOOST_COROUTINES2_NO_DEPRECATION_WARNING
+        BOOST_COROUTINES_NO_DEPRECATION_WARNING
         BOOST_BEAST_ALLOW_DEPRECATED
         BOOST_FILESYSTEM_DEPRECATED
         >

cmake/XrplProtocolAutogen.cmake

@@ -1,309 +0,0 @@
-#[===================================================================[
-   Protocol Autogen - Code generation for protocol wrapper classes
-#]===================================================================]
-
-# Options for code generation
-option(
-    XRPL_NO_CODEGEN
-    "Disable code generation (use pre-generated files from repository)"
-    OFF
-)
-set(CODEGEN_VENV_DIR
-    ""
-    CACHE PATH
-    "Path to Python virtual environment for code generation. If provided, automatic venv setup is skipped."
-)
-
-# Function to set up code generation for protocol_autogen module
-# This runs at configure time to generate C++ wrapper classes from macro files
-function(setup_protocol_autogen)
-    # Directory paths
-    set(MACRO_DIR "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol/detail")
-    set(AUTOGEN_HEADER_DIR
-        "${CMAKE_CURRENT_SOURCE_DIR}/include/xrpl/protocol_autogen"
-    )
-    set(AUTOGEN_TEST_DIR
-        "${CMAKE_CURRENT_SOURCE_DIR}/src/tests/libxrpl/protocol_autogen"
-    )
-    set(SCRIPTS_DIR "${CMAKE_CURRENT_SOURCE_DIR}/scripts")
-
-    # Input macro files
-    set(TRANSACTIONS_MACRO "${MACRO_DIR}/transactions.macro")
-    set(LEDGER_ENTRIES_MACRO "${MACRO_DIR}/ledger_entries.macro")
-    set(SFIELDS_MACRO "${MACRO_DIR}/sfields.macro")
-
-    # Python scripts and templates
-    set(GENERATE_TX_SCRIPT "${SCRIPTS_DIR}/generate_tx_classes.py")
-    set(GENERATE_LEDGER_SCRIPT "${SCRIPTS_DIR}/generate_ledger_classes.py")
-    set(REQUIREMENTS_FILE "${SCRIPTS_DIR}/requirements.txt")
-    set(MACRO_PARSER_COMMON "${SCRIPTS_DIR}/macro_parser_common.py")
-    set(TX_TEMPLATE "${SCRIPTS_DIR}/templates/Transaction.h.mako")
-    set(TX_TEST_TEMPLATE "${SCRIPTS_DIR}/templates/TransactionTests.cpp.mako")
-    set(LEDGER_TEMPLATE "${SCRIPTS_DIR}/templates/LedgerEntry.h.mako")
-    set(LEDGER_TEST_TEMPLATE
-        "${SCRIPTS_DIR}/templates/LedgerEntryTests.cpp.mako"
-    )
-
-    # Check if code generation is disabled
-    if(XRPL_NO_CODEGEN)
-        message(
-            WARNING
-            "Protocol autogen: Code generation is disabled (XRPL_NO_CODEGEN=ON). "
-            "Generated files may be out of date."
-        )
-        return()
-    endif()
-
-    # Create output directories
-    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/transactions")
-    file(MAKE_DIRECTORY "${AUTOGEN_HEADER_DIR}/ledger_entries")
-    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/ledger_entries")
-    file(MAKE_DIRECTORY "${AUTOGEN_TEST_DIR}/transactions")
-
-    # Find Python3 - check if already found by Conan or find it ourselves
-    if(NOT Python3_EXECUTABLE)
-        find_package(Python3 COMPONENTS Interpreter QUIET)
-    endif()
-
-    if(NOT Python3_EXECUTABLE)
-        # Try finding python3 executable directly
-        find_program(Python3_EXECUTABLE NAMES python3 python)
-    endif()
-
-    if(NOT Python3_EXECUTABLE)
-        message(
-            FATAL_ERROR
-            "Python3 not found. Code generation cannot proceed.\n"
-            "Please install Python 3, or set -DXRPL_NO_CODEGEN=ON to use existing generated files."
-        )
-        return()
-    endif()
-
-    message(STATUS "Using Python3 for code generation: ${Python3_EXECUTABLE}")
-
-    # Set up Python virtual environment for code generation
-    if(CODEGEN_VENV_DIR)
-        # User-provided venv - skip automatic setup
-        set(VENV_DIR "${CODEGEN_VENV_DIR}")
-        message(STATUS "Using user-provided Python venv: ${VENV_DIR}")
-    else()
-        # Use default venv in build directory
-        set(VENV_DIR "${CMAKE_CURRENT_BINARY_DIR}/codegen_venv")
-    endif()
-
-    # Determine the Python executable path in the venv
-    if(WIN32)
-        set(VENV_PYTHON "${VENV_DIR}/Scripts/python.exe")
-        set(VENV_PIP "${VENV_DIR}/Scripts/pip.exe")
-    else()
-        set(VENV_PYTHON "${VENV_DIR}/bin/python")
-        set(VENV_PIP "${VENV_DIR}/bin/pip")
-    endif()
-
-    # Only auto-setup venv if not user-provided
-    if(NOT CODEGEN_VENV_DIR)
-        # Check if venv needs to be created or updated
-        set(VENV_NEEDS_UPDATE FALSE)
-        if(NOT EXISTS "${VENV_PYTHON}")
-            set(VENV_NEEDS_UPDATE TRUE)
-            message(
-                STATUS
-                "Creating Python virtual environment for code generation..."
-            )
-        elseif(
-            "${REQUIREMENTS_FILE}"
-                IS_NEWER_THAN
-                "${VENV_DIR}/.requirements_installed"
-        )
-            set(VENV_NEEDS_UPDATE TRUE)
-            message(
-                STATUS
-                "Updating Python virtual environment (requirements changed)..."
-            )
-        endif()
-
-        # Create/update virtual environment if needed
-        if(VENV_NEEDS_UPDATE)
-            message(
-                STATUS
-                "Setting up Python virtual environment at ${VENV_DIR}"
-            )
-            execute_process(
-                COMMAND ${Python3_EXECUTABLE} -m venv "${VENV_DIR}"
-                RESULT_VARIABLE VENV_RESULT
-                ERROR_VARIABLE VENV_ERROR
-            )
-            if(NOT VENV_RESULT EQUAL 0)
-                message(
-                    FATAL_ERROR
-                    "Failed to create virtual environment: ${VENV_ERROR}"
-                )
-            endif()
-
-            # Check pip index URL configuration
-            execute_process(
-                COMMAND ${VENV_PIP} config get global.index-url
-                OUTPUT_VARIABLE PIP_INDEX_URL
-                OUTPUT_STRIP_TRAILING_WHITESPACE
-                ERROR_QUIET
-            )
-
-            # Default PyPI URL
-            set(DEFAULT_PIP_INDEX "https://pypi.org/simple")
-
-            # Show warning if using non-default index
-            if(PIP_INDEX_URL AND NOT PIP_INDEX_URL STREQUAL "")
-                if(NOT PIP_INDEX_URL STREQUAL DEFAULT_PIP_INDEX)
-                    message(
-                        WARNING
-                        "Private pip index URL detected: ${PIP_INDEX_URL}\n"
-                        "You may need to connect to VPN to access this URL."
-                    )
-                endif()
-            endif()
-
-            message(STATUS "Installing Python dependencies...")
-            execute_process(
-                COMMAND ${VENV_PIP} install --upgrade pip
-                RESULT_VARIABLE PIP_UPGRADE_RESULT
-                OUTPUT_QUIET
-                ERROR_VARIABLE PIP_UPGRADE_ERROR
-            )
-            if(NOT PIP_UPGRADE_RESULT EQUAL 0)
-                message(WARNING "Failed to upgrade pip: ${PIP_UPGRADE_ERROR}")
-            endif()
-
-            execute_process(
-                COMMAND ${VENV_PIP} install -r "${REQUIREMENTS_FILE}"
-                RESULT_VARIABLE PIP_INSTALL_RESULT
-                ERROR_VARIABLE PIP_INSTALL_ERROR
-            )
-            if(NOT PIP_INSTALL_RESULT EQUAL 0)
-                message(
-                    FATAL_ERROR
-                    "Failed to install Python dependencies: ${PIP_INSTALL_ERROR}"
-                )
-            endif()
-
-            # Mark requirements as installed
-            file(TOUCH "${VENV_DIR}/.requirements_installed")
-            message(STATUS "Python virtual environment ready")
-        endif()
-    endif()
-
-    # At configure time - get list of output files for transactions
-    execute_process(
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
-            "${AUTOGEN_TEST_DIR}/transactions" --list-outputs
-        OUTPUT_VARIABLE TX_OUTPUT_FILES
-        OUTPUT_STRIP_TRAILING_WHITESPACE
-        RESULT_VARIABLE TX_LIST_RESULT
-        ERROR_VARIABLE TX_LIST_ERROR
-    )
-    if(NOT TX_LIST_RESULT EQUAL 0)
-        message(
-            FATAL_ERROR
-            "Failed to list transaction output files:\n${TX_LIST_ERROR}"
-        )
-    endif()
-    # Convert newline-separated list to CMake list
-    string(REPLACE "\\" "/" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
-    string(REPLACE "\n" ";" TX_OUTPUT_FILES "${TX_OUTPUT_FILES}")
-
-    # At configure time - get list of output files for ledger entries
-    execute_process(
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
-            "${AUTOGEN_TEST_DIR}/ledger_entries" --list-outputs
-        OUTPUT_VARIABLE LEDGER_OUTPUT_FILES
-        OUTPUT_STRIP_TRAILING_WHITESPACE
-        RESULT_VARIABLE LEDGER_LIST_RESULT
-        ERROR_VARIABLE LEDGER_LIST_ERROR
-    )
-    if(NOT LEDGER_LIST_RESULT EQUAL 0)
-        message(
-            FATAL_ERROR
-            "Failed to list ledger entry output files:\n${LEDGER_LIST_ERROR}"
-        )
-    endif()
-    # Convert newline-separated list to CMake list
-    string(REPLACE "\\" "/" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
-    string(REPLACE "\n" ";" LEDGER_OUTPUT_FILES "${LEDGER_OUTPUT_FILES}")
-
-    # Custom command to generate transaction classes at build time
-    add_custom_command(
-        OUTPUT ${TX_OUTPUT_FILES}
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_TX_SCRIPT}" "${TRANSACTIONS_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/transactions" --test-dir
-            "${AUTOGEN_TEST_DIR}/transactions" --sfields-macro
-            "${SFIELDS_MACRO}"
-        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
-        DEPENDS
-            "${TRANSACTIONS_MACRO}"
-            "${SFIELDS_MACRO}"
-            "${GENERATE_TX_SCRIPT}"
-            "${MACRO_PARSER_COMMON}"
-            "${TX_TEMPLATE}"
-            "${TX_TEST_TEMPLATE}"
-            "${REQUIREMENTS_FILE}"
-        COMMENT "Generating transaction classes from transactions.macro..."
-        VERBATIM
-    )
-
-    # Custom command to generate ledger entry classes at build time
-    add_custom_command(
-        OUTPUT ${LEDGER_OUTPUT_FILES}
-        COMMAND
-            ${VENV_PYTHON} "${GENERATE_LEDGER_SCRIPT}" "${LEDGER_ENTRIES_MACRO}"
-            --header-dir "${AUTOGEN_HEADER_DIR}/ledger_entries" --test-dir
-            "${AUTOGEN_TEST_DIR}/ledger_entries" --sfields-macro
-            "${SFIELDS_MACRO}"
-        WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
-        DEPENDS
-            "${LEDGER_ENTRIES_MACRO}"
-            "${SFIELDS_MACRO}"
-            "${GENERATE_LEDGER_SCRIPT}"
-            "${MACRO_PARSER_COMMON}"
-            "${LEDGER_TEMPLATE}"
-            "${LEDGER_TEST_TEMPLATE}"
-            "${REQUIREMENTS_FILE}"
-        COMMENT "Generating ledger entry classes from ledger_entries.macro..."
-        VERBATIM
-    )
-
-    # Create a custom target that depends on all generated files
-    add_custom_target(
-        protocol_autogen_generate
-        DEPENDS ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES}
-        COMMENT "Protocol autogen code generation"
-    )
-
-    # Extract test files from output lists (files ending in Tests.cpp)
-    set(PROTOCOL_AUTOGEN_TEST_SOURCES "")
-    foreach(FILE ${TX_OUTPUT_FILES} ${LEDGER_OUTPUT_FILES})
-        if(FILE MATCHES "Tests\\.cpp$")
-            list(APPEND PROTOCOL_AUTOGEN_TEST_SOURCES "${FILE}")
-        endif()
-    endforeach()
-    # Export test sources to parent scope for use in test CMakeLists.txt
-    set(PROTOCOL_AUTOGEN_TEST_SOURCES
-        "${PROTOCOL_AUTOGEN_TEST_SOURCES}"
-        CACHE INTERNAL
-        "Generated protocol_autogen test sources"
-    )
-
-    # Register dependencies so CMake reconfigures when macro files change
-    # (to update the list of output files)
-    set_property(
-        DIRECTORY
-        APPEND
-        PROPERTY
-            CMAKE_CONFIGURE_DEPENDS
-                "${TRANSACTIONS_MACRO}"
-                "${LEDGER_ENTRIES_MACRO}"
-    )
-endfunction()

cmake/XrplSanity.cmake

@@ -50,13 +50,6 @@ if(MSVC AND CMAKE_GENERATOR_PLATFORM STREQUAL "Win32")
     message(FATAL_ERROR "Visual Studio 32-bit build is not supported.")
 endif()
 
-if(voidstar AND NOT is_amd64)
-    message(
-        FATAL_ERROR
-        "The voidstar library only supported on amd64/x86_64. Detected archictecture was: ${CMAKE_SYSTEM_PROCESSOR}"
-    )
-endif()
-
 if(APPLE AND NOT HOMEBREW)
     find_program(HOMEBREW brew)
 endif()

cmake/deps/Boost.cmake

@@ -7,7 +7,7 @@ find_package(
     COMPONENTS
         chrono
         container
-        context
+        coroutine
         date_time
         filesystem
         json
@@ -26,7 +26,7 @@ target_link_libraries(
         Boost::headers
         Boost::chrono
         Boost::container
-        Boost::context
+        Boost::coroutine
         Boost::date_time
         Boost::filesystem
         Boost::json
@@ -38,26 +38,23 @@ target_link_libraries(
 if(Boost_COMPILER)
     target_link_libraries(xrpl_boost INTERFACE Boost::disable_autolinking)
 endif()
-
-# GCC 14+ has a false positive -Wuninitialized warning in Boost.Coroutine2's
-# state.hpp when compiled with -O3. This is due to GCC's intentional behavior
-# change (Bug #98871, #119388) where warnings from inlined system header code
-# are no longer suppressed by -isystem. The warning occurs in operator|= in
-# boost/coroutine2/detail/state.hpp when inlined from push_control_block::destroy().
-# See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119388
-if(is_gcc AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 14)
-    target_compile_options(xrpl_boost INTERFACE -Wno-uninitialized)
-endif()
-
-# Boost.Context's ucontext backend has ASAN fiber-switching annotations
-# (start/finish_switch_fiber) that are compiled in when BOOST_USE_ASAN is defined.
-# This tells ASAN about coroutine stack switches, preventing false positive
-# stack-use-after-scope errors. BOOST_USE_UCONTEXT ensures the ucontext backend
-# is selected (fcontext does not support ASAN annotations).
-# These defines must match what Boost was compiled with (see conan/profiles/sanitizers).
-if(enable_asan)
-    target_compile_definitions(
-        xrpl_boost
-        INTERFACE BOOST_USE_ASAN BOOST_USE_UCONTEXT
+if(SANITIZERS_ENABLED AND is_clang)
+    # TODO: gcc does not support -fsanitize-blacklist...can we do something else for gcc ?
+    if(NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)
+        get_target_property(
+            Boost_INCLUDE_DIRS
+            Boost::headers
+            INTERFACE_INCLUDE_DIRECTORIES
+        )
+    endif()
+    message(STATUS "Adding [${Boost_INCLUDE_DIRS}] to sanitizer blacklist")
+    file(
+        WRITE ${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt
+        "src:${Boost_INCLUDE_DIRS}/*"
+    )
+    target_compile_options(
+        opts
+        INTERFACE # ignore boost headers for sanitizing
+            -fsanitize-blacklist=${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt
     )
 endif()

conan.lock

@@ -1,43 +1,45 @@
 {
     "version": "0.5",
     "requires": [
-        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
+        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
         "xxhash/0.8.3#681d36a0a6111fc56e5e45ea182c19cc%1765850149.987",
-        "sqlite3/3.51.0#66aa11eabd0e34954c5c1c061ad44abe%1763899256.358",
-        "soci/4.0.3#fe32b9ad5eb47e79ab9e45a68f363945%1774450067.231",
+        "sqlite3/3.49.1#8631739a4c9b93bd3d6b753bac548a63%1765850149.926",
+        "soci/4.0.3#a9f8d773cd33e356b5879a4b0564f287%1765850149.46",
         "snappy/1.1.10#968fef506ff261592ec30c574d4a7809%1765850147.878",
         "secp256k1/0.7.1#481881709eb0bdd0185a12b912bbe8ad%1770910500.329",
         "rocksdb/10.5.1#4a197eca381a3e5ae8adf8cffa5aacd0%1765850186.86",
-        "re2/20251105#8579cfd0bda4daf0683f9e3898f964b4%1774398111.888",
-        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1773224203.27",
-        "openssl/3.6.1#e6399de266349245a4542fc5f6c71552%1774458290.139",
+        "re2/20230301#ca3b241baec15bd31ea9187150e0b333%1765850148.103",
+        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
+        "openssl/3.5.5#05a4ac5b7323f7a329b2db1391d9941f%1770229825.601",
         "nudb/2.0.9#0432758a24204da08fee953ec9ea03cb%1769436073.32",
+        "mpt-crypto/0.1.0-rc2#575de3d495f539e3e5eba957b324d260%1771955268.105",
         "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1765850143.914",
         "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1765842973.492",
         "libbacktrace/cci.20210118#a7691bfccd8caaf66309df196790a5a1%1765842973.03",
         "libarchive/3.8.1#ffee18995c706e02bf96e7a2f7042e0d%1765850144.736",
         "jemalloc/5.3.0#e951da9cf599e956cebc117880d2d9f8%1729241615.244",
         "gtest/1.17.0#5224b3b3ff3b4ce1133cbdd27d53ee7d%1768312129.152",
-        "grpc/1.78.1#b1a9e74b145cc471bed4dc64dc6eb2c1%1772623605.068",
+        "grpc/1.72.0#f244a57bff01e708c55a1100b12e1589%1765850193.734",
         "ed25519/2015.03#ae761bdc52730a843f0809bdf6c1b1f6%1765850143.772",
         "date/3.0.4#862e11e80030356b53c2c38599ceb32b%1765850143.772",
-        "c-ares/1.34.6#545240bb1c40e2cacd4362d6b8967650%1774439234.681",
+        "c-ares/1.34.5#5581c2b62a608b40bb85d965ab3ec7c8%1765850144.336",
         "bzip2/1.0.8#c470882369c2d95c5c77e970c0c7e321%1765850143.837",
         "boost/1.90.0#d5e8defe7355494953be18524a7f135b%1769454080.269",
-        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
+        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
     ],
     "build_requires": [
-        "zlib/1.3.1#cac0f6daea041b0ccf42934163defb20%1774439233.809",
-        "strawberryperl/5.32.1.1#8d114504d172cfea8ea1662d09b6333e%1774447376.964",
-        "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1773224203.27",
+        "zlib/1.3.1#b8bc2603263cf7eccbd6e17e66b0ed76%1765850150.075",
+        "strawberryperl/5.32.1.1#707032463aa0620fa17ec0d887f5fe41%1765850165.196",
+        "protobuf/6.32.1#f481fd276fc23a33b85a3ed1e898b693%1765850161.038",
         "nasm/2.16.01#31e26f2ee3c4346ecd347911bd126904%1765850144.707",
         "msys2/cci.latest#d22fe7b2808f5fd34d0a7923ace9c54f%1770657326.649",
-        "m4/1.4.19#5d7a4994e5875d76faf7acf3ed056036%1774365463.87",
-        "cmake/4.3.0#b939a42e98f593fb34d3a8c5cc860359%1774439249.183",
-        "b2/5.4.2#ffd6084a119587e70f11cd45d1a386e2%1774439233.447",
+        "m4/1.4.19#70dc8bbb33e981d119d2acc0175cf381%1763158052.846",
+        "cmake/4.2.0#ae0a44f44a1ef9ab68fd4b3e9a1f8671%1765850153.937",
+        "cmake/3.31.10#313d16a1aa16bbdb2ca0792467214b76%1765850153.479",
+        "b2/5.3.3#107c15377719889654eb9a162a673975%1765850144.355",
         "automake/1.16.5#b91b7c384c3deaa9d535be02da14d04f%1755524470.56",
         "autoconf/2.71#51077f068e61700d65bb05541ea1e4b0%1731054366.86",
-        "abseil/20250127.0#bb0baf1f362bc4a725a24eddd419b8f7%1774365460.196"
+        "abseil/20250127.0#99262a368bd01c0ccca8790dfced9719%1766517936.993"
     ],
     "python_requires": [],
     "overrides": {
@@ -45,14 +47,14 @@
             null,
             "boost/1.90.0"
         ],
-        "protobuf/[>=5.27.0 <7]": [
-            "protobuf/6.33.5"
+        "protobuf/5.27.0": [
+            "protobuf/6.32.1"
         ],
         "lz4/1.9.4": [
             "lz4/1.10.0"
         ],
-        "sqlite3/[>=3.44 <4]": [
-            "sqlite3/3.51.0"
+        "sqlite3/3.44.2": [
+            "sqlite3/3.49.1"
         ],
         "boost/1.83.0": [
             "boost/1.90.0"

conan/profiles/sanitizers

@@ -7,21 +7,16 @@ include(default)
     {% if compiler == "gcc" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
-            {% set defines = [] %}
             {% set model_code = "" %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1", "-Wno-stringop-overflow"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
                 {% set model_code = "-mcmodel=large" %}
-                {% set _ = defines.append("BOOST_USE_ASAN")%}
-                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
                 {% set model_code = "-mcmodel=medium" %}
                 {% set _ = extra_cxxflags.append("-Wno-tsan") %}
-                {% set _ = defines.append("BOOST_USE_TSAN")%}
-                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -34,22 +29,16 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
-            tools.build:defines+={{defines}}
         {% endif %}
     {% elif compiler == "apple-clang" or compiler == "clang" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
-            {% set defines = [] %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
-                {% set _ = defines.append("BOOST_USE_ASAN")%}
-                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
-                {% set _ = defines.append("BOOST_USE_TSAN")%}
-                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -63,24 +52,8 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
-            tools.build:defines+={{defines}}
         {% endif %}
     {% endif %}
 {% endif %}
 
-tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags", "tools.build:defines"]
-
-[options]
-{% if sanitizers %}
-    {% if "address" in sanitizers %}
-        # Build Boost.Context with ucontext backend (not fcontext) so that
-        # ASAN fiber-switching annotations (__sanitizer_start/finish_switch_fiber)
-        # are compiled into the library. fcontext (assembly) has no ASAN support.
-        # define=BOOST_USE_ASAN=1 is critical: it must be defined when building
-        # Boost.Context itself so the ucontext backend compiles in the ASAN annotations.
-        boost/*:extra_b2_flags=context-impl=ucontext address-sanitizer=on define=BOOST_USE_ASAN=1
-        boost/*:without_context=False
-        # Boost stacktrace fails to build with some sanitizers
-        boost/*:without_stacktrace=True
-    {% endif %}
-{% endif %}
+tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags"]

conanfile.py

@@ -1,9 +1,9 @@
-import os
 import re
 
 from conan.tools.cmake import CMake, CMakeToolchain, cmake_layout
 
 from conan import ConanFile
+from conan import __version__ as conan_version
 
 
 class Xrpl(ConanFile):
@@ -29,10 +29,11 @@ class Xrpl(ConanFile):
 
     requires = [
         "ed25519/2015.03",
-        "grpc/1.78.1",
+        "grpc/1.72.0",
         "libarchive/3.8.1",
+        "mpt-crypto/0.1.0-rc2",
         "nudb/2.0.9",
-        "openssl/3.6.1",
+        "openssl/3.5.5",
         "secp256k1/0.7.1",
         "soci/4.0.3",
         "zlib/1.3.1",
@@ -43,7 +44,7 @@ class Xrpl(ConanFile):
     ]
 
     tool_requires = [
-        "protobuf/6.33.5",
+        "protobuf/6.32.1",
     ]
 
     default_options = {
@@ -57,9 +58,6 @@ class Xrpl(ConanFile):
         "tests": False,
         "unity": False,
         "xrpld": False,
-        "boost/*:without_context": False,
-        "boost/*:without_coroutine": True,
-        "boost/*:without_coroutine2": False,
         "date/*:header_only": True,
         "ed25519/*:shared": False,
         "grpc/*:shared": False,
@@ -129,23 +127,21 @@ class Xrpl(ConanFile):
         if self.settings.compiler in ["clang", "gcc"]:
             self.options["boost"].without_cobalt = True
 
-        # Check if environment variable exists
-        if "SANITIZERS" in os.environ:
-            sanitizers = os.environ["SANITIZERS"]
-            if "address" in sanitizers.lower():
-                self.default_options["fPIC"] = False
-
     def requirements(self):
-        self.requires("boost/1.90.0", force=True, transitive_headers=True)
-        self.requires("date/3.0.4", transitive_headers=True)
+        # Conan 2 requires transitive headers to be specified
+        transitive_headers_opt = (
+            {"transitive_headers": True} if conan_version.split(".")[0] == "2" else {}
+        )
+        self.requires("boost/1.90.0", force=True, **transitive_headers_opt)
+        self.requires("date/3.0.4", **transitive_headers_opt)
         self.requires("lz4/1.10.0", force=True)
-        self.requires("protobuf/6.33.5", force=True)
-        self.requires("sqlite3/3.51.0", force=True)
+        self.requires("protobuf/6.32.1", force=True)
+        self.requires("sqlite3/3.49.1", force=True)
         if self.options.jemalloc:
             self.requires("jemalloc/5.3.0")
         if self.options.rocksdb:
             self.requires("rocksdb/10.5.1")
-        self.requires("xxhash/0.8.3", transitive_headers=True)
+        self.requires("xxhash/0.8.3", **transitive_headers_opt)
 
     exports_sources = (
         "CMakeLists.txt",
@@ -201,7 +197,7 @@ class Xrpl(ConanFile):
             "boost::headers",
             "boost::chrono",
             "boost::container",
-            "boost::context",
+            "boost::coroutine",
             "boost::date_time",
             "boost::filesystem",
             "boost::json",
@@ -214,6 +210,7 @@ class Xrpl(ConanFile):
             "grpc::grpc++",
             "libarchive::libarchive",
             "lz4::lz4",
+            "mpt-crypto::mpt-crypto",
             "nudb::nudb",
             "openssl::crypto",
             "protobuf::libprotobuf",

cspell.config.yaml

@@ -55,6 +55,7 @@ words:
   - autobridging
   - bimap
   - bindir
+  - blindings
   - bookdir
   - Bougalis
   - Britto
@@ -87,6 +88,7 @@ words:
   - daria
   - dcmake
   - dearmor
+  - decryptor
   - deleteme
   - demultiplexer
   - deserializaton
@@ -96,15 +98,16 @@ words:
   - distro
   - doxyfile
   - dxrpl
+  - elgamal
   - endmacro
   - exceptioned
   - Falco
-  - fcontext
   - finalizers
   - firewalled
   - fmtdur
   - fsanitize
   - funclets
+  - Gamal
   - gcov
   - gcovr
   - ghead
@@ -112,7 +115,6 @@ words:
   - gpgcheck
   - gpgkey
   - hotwallet
-  - hwaddress
   - hwrap
   - ifndef
   - inequation
@@ -191,6 +193,7 @@ words:
   - partitioner
   - paychan
   - paychans
+  - Pedersen
   - permdex
   - perminute
   - permissioned
@@ -206,7 +209,6 @@ words:
   - ptrs
   - pushd
   - pyenv
-  - pyparsing
   - qalloc
   - queuable
   - Raphson
@@ -227,12 +229,12 @@ words:
   - sahyadri
   - Satoshi
   - scons
+  - Schnorr
   - secp
   - sendq
   - seqit
   - sf
   - SFIELD
-  - sfields
   - shamap
   - shamapitem
   - sidechain
@@ -254,6 +256,7 @@ words:
   - stvar
   - stvector
   - stxchainattestations
+  - summands
   - superpeer
   - superpeers
   - takergets
@@ -297,7 +300,6 @@ words:
   - venv
   - vfalco
   - vinnie
-  - wasmi
   - wextra
   - wptr
   - writeme

docs/build/environment.md

@@ -109,32 +109,3 @@ Install CMake with Homebrew too:
 ```
 brew install cmake
 ```
-
-## Clang-tidy
-
-Clang-tidy is required to run static analysis checks locally (see [CONTRIBUTING.md](../../CONTRIBUTING.md)).
-It is not required to build the project. Currently this project uses clang-tidy version 21.
-
-### Linux
-
-LLVM 21 is not available in the default Debian 12 (Bookworm) repositories.
-Install it using the official LLVM apt installer:
-
-```
-wget https://apt.llvm.org/llvm.sh
-chmod +x llvm.sh
-sudo ./llvm.sh 21
-sudo apt install --yes clang-tidy-21
-```
-
-Then use `run-clang-tidy-21` when running clang-tidy locally.
-
-### macOS
-
-Install LLVM 21 via Homebrew:
-
-```
-brew install llvm@21
-```
-
-Then use `run-clang-tidy` from the LLVM 21 Homebrew prefix when running clang-tidy locally.

docs/build/sanitizers.md

@@ -89,8 +89,8 @@ cmake --build . --parallel 4
 **IMPORTANT**: ASAN with Boost produces many false positives. Use these options:
 
 ```bash
-export ASAN_OPTIONS="include=sanitizers/suppressions/runtime-asan-options.txt:suppressions=sanitizers/suppressions/asan.supp"
-export LSAN_OPTIONS="include=sanitizers/suppressions/runtime-lsan-options.txt:suppressions=sanitizers/suppressions/lsan.supp"
+export ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=path/to/asan.supp:halt_on_error=0:log_path=asan.log"
+export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsan.log"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -108,7 +108,7 @@ export LSAN_OPTIONS="include=sanitizers/suppressions/runtime-lsan-options.txt:su
 ### ThreadSanitizer (TSan)
 
 ```bash
-export TSAN_OPTIONS="include=sanitizers/suppressions/runtime-tsan-options.txt:suppressions=sanitizers/suppressions/tsan.supp"
+export TSAN_OPTIONS="suppressions=path/to/tsan.supp halt_on_error=0 log_path=tsan.log"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -129,7 +129,7 @@ More details [here](https://github.com/google/sanitizers/wiki/AddressSanitizerLe
 ### UndefinedBehaviorSanitizer (UBSan)
 
 ```bash
-export UBSAN_OPTIONS="include=sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=sanitizers/suppressions/ubsan.supp"
+export UBSAN_OPTIONS="suppressions=path/to/ubsan.supp:print_stacktrace=1:halt_on_error=0:log_path=ubsan.log"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5

include/xrpl/basics/contract.h

@@ -1,6 +1,5 @@
 #pragma once
 
-#include <xrpl/basics/sanitizers.h>
 #include <xrpl/beast/type_name.h>
 
 #include <exception>
@@ -24,28 +23,16 @@ LogThrow(std::string const& title);
     When called from within a catch block, it will pass
     control to the next matching exception handler, if any.
     Otherwise, std::terminate will be called.
-
-    ASAN can't handle sudden jumps in control flow very well. This
-    function is marked as XRPL_NO_SANITIZE_ADDRESS to prevent it from
-    triggering false positives, since it throws.
 */
-[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
+[[noreturn]] inline void
 Rethrow()
 {
     LogThrow("Re-throwing exception");
     throw;
 }
 
-/*
-    Logs and throws an exception of type E.
-
-    ASAN can't handle sudden jumps in control flow very well. This
-    function is marked as XRPL_NO_SANITIZE_ADDRESS to prevent it from
-    triggering false positives, since it throws.
-*/
-
 template <class E, class... Args>
-[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
+[[noreturn]] inline void
 Throw(Args&&... args)
 {
     static_assert(

include/xrpl/basics/safe_cast.h

@@ -1,7 +1,5 @@
 #pragma once
 
-#include <xrpl/beast/utility/instrumentation.h>
-
 #include <type_traits>
 
 namespace xrpl {
@@ -72,31 +70,4 @@ unsafe_cast(Src s) noexcept
     return unsafe_cast<Dest>(static_cast<std::underlying_type_t<Src>>(s));
 }
 
-template <class Dest, class Src>
-    requires std::is_pointer_v<Dest>
-inline Dest
-safe_downcast(Src* s) noexcept
-{
-#ifdef NDEBUG
-    return static_cast<Dest>(s);  // NOLINT(cppcoreguidelines-pro-type-static-cast-downcast)
-#else
-    auto* result = dynamic_cast<Dest>(s);
-    XRPL_ASSERT(result != nullptr, "xrpl::safe_downcast : pointer downcast is valid");
-    return result;
-#endif
-}
-
-template <class Dest, class Src>
-    requires std::is_lvalue_reference_v<Dest>
-inline Dest
-safe_downcast(Src& s) noexcept
-{
-#ifndef NDEBUG
-    XRPL_ASSERT(
-        dynamic_cast<std::add_pointer_t<std::remove_reference_t<Dest>>>(&s) != nullptr,
-        "xrpl::safe_downcast : reference downcast is valid");
-#endif
-    return static_cast<Dest>(s);  // NOLINT(cppcoreguidelines-pro-type-static-cast-downcast)
-}
-
 }  // namespace xrpl

include/xrpl/basics/sanitizers.h

@@ -1,13 +0,0 @@
-#pragma once
-
-// Helper to disable ASan/HwASan for specific functions
-/*
- ASAN flags some false positives with sudden jumps in control flow, like
- exceptions, or when encountering coroutine stack switches. This macro can be used to disable ASAN
- intrumentation for specific functions.
-*/
-#if defined(__GNUC__) || defined(__clang__)
-#define XRPL_NO_SANITIZE_ADDRESS __attribute__((no_sanitize("address", "hwaddress")))
-#else
-#define XRPL_NO_SANITIZE_ADDRESS
-#endif

include/xrpl/beast/core/List.h

@@ -43,8 +43,8 @@ private:
     template <typename>
     friend class ListIterator;
 
-    ListNode* m_next = nullptr;
-    ListNode* m_prev = nullptr;
+    ListNode* m_next;
+    ListNode* m_prev;
 };
 
 //------------------------------------------------------------------------------
@@ -567,7 +567,7 @@ private:
     }
 
 private:
-    size_type m_size = 0u;
+    size_type m_size;
     Node m_head;
     Node m_tail;
 };

include/xrpl/beast/utility/instrumentation.h

@@ -15,7 +15,7 @@
 #define ALWAYS_OR_UNREACHABLE(cond, message) assert((message) && (cond))
 #define SOMETIMES(cond, message, ...)
 #define REACHABLE(message, ...)
-#define UNREACHABLE(message, ...) assert((message) && false)  // NOLINT(misc-static-assert)
+#define UNREACHABLE(message, ...) assert((message) && false)
 #endif
 
 #define XRPL_ASSERT ALWAYS_OR_UNREACHABLE

include/xrpl/core/Coro.ipp

@@ -1,5 +1,7 @@
 #pragma once
 
+#include <xrpl/basics/ByteUtilities.h>
+
 namespace xrpl {
 
 template <class F>
@@ -9,18 +11,16 @@ JobQueue::Coro::Coro(Coro_create_t, JobQueue& jq, JobType type, std::string cons
     , name_(name)
     , running_(false)
     , coro_(
-          // Stack size of 1MB wasn't sufficient for deep calls. ASAN tests flagged the issue. Hence
-          // increasing the size to 1.5MB.
-          boost::context::protected_fixedsize_stack(1536 * 1024),
           [this, fn = std::forward<F>(f)](
-              boost::coroutines2::asymmetric_coroutine<void>::push_type& do_yield) {
+              boost::coroutines::asymmetric_coroutine<void>::push_type& do_yield) {
               yield_ = &do_yield;
               yield();
               fn(shared_from_this());
 #ifndef NDEBUG
               finished_ = true;
 #endif
-          })
+          },
+          boost::coroutines::attributes(megabytes(1)))
 {
 }
 

include/xrpl/core/JobQueue.h

@@ -7,8 +7,7 @@
 #include <xrpl/core/detail/Workers.h>
 #include <xrpl/json/json_value.h>
 
-#include <boost/context/protected_fixedsize_stack.hpp>
-#include <boost/coroutine2/all.hpp>
+#include <boost/coroutine/all.hpp>
 
 #include <set>
 
@@ -49,8 +48,8 @@ public:
         std::mutex mutex_;
         std::mutex mutex_run_;
         std::condition_variable cv_;
-        boost::coroutines2::coroutine<void>::pull_type coro_;
-        boost::coroutines2::coroutine<void>::push_type* yield_;
+        boost::coroutines::asymmetric_coroutine<void>::pull_type coro_;
+        boost::coroutines::asymmetric_coroutine<void>::push_type* yield_;
 #ifndef NDEBUG
         bool finished_ = false;
 #endif
@@ -316,7 +315,7 @@ private:
     // Returns the limit of running jobs for the given job type.
     // For jobs with no limit, we return the largest int. Hopefully that
     // will be enough.
-    static int
+    int
     getJobLimit(JobType type);
 };
 

include/xrpl/core/ServiceRegistry.h

@@ -45,7 +45,7 @@ class NetworkIDService;
 class OpenLedger;
 class OrderBookDB;
 class Overlay;
-class PathRequestManager;
+class PathRequests;
 class PeerReservationTable;
 class PendingSaves;
 class RelationalDatabase;
@@ -195,8 +195,8 @@ public:
     virtual TxQ&
     getTxQ() = 0;
 
-    virtual PathRequestManager&
-    getPathRequestManager() = 0;
+    virtual PathRequests&
+    getPathRequests() = 0;
 
     // Server services
     virtual ServerHandler&

include/xrpl/json/json_value.h

@@ -421,7 +421,7 @@ private:
         ObjectValues* map_{nullptr};
     } value_;
     ValueType type_ : 8;
-    int allocated_ : 1 {};  // Notes: if declared as bool, bitfield is useless.
+    int allocated_ : 1;  // Notes: if declared as bool, bitfield is useless.
 };
 
 inline Value

include/xrpl/json/json_writer.h

@@ -108,7 +108,7 @@ private:
     std::string indentString_;
     int rightMargin_;
     int indentSize_;
-    bool addChildValues_{};
+    bool addChildValues_;
 };
 
 /** \brief Writes a Value in <a HREF="http://www.json.org">JSON</a> format in a
@@ -175,7 +175,7 @@ private:
     std::string indentString_;
     int rightMargin_;
     std::string indentation_;
-    bool addChildValues_{};
+    bool addChildValues_;
 };
 
 std::string

include/xrpl/ledger/CredentialHelpers.h

@@ -49,7 +49,7 @@ validDomain(ReadView const& view, uint256 domainID, AccountID const& subject);
 // This function is only called when we about to return tecNO_PERMISSION
 // because all the checks for the DepositPreauth authorization failed.
 TER
-authorizedDepositPreauth(ReadView const& view, STVector256 const& ctx, AccountID const& dst);
+authorizedDepositPreauth(ApplyView const& view, STVector256 const& ctx, AccountID const& dst);
 
 // Sort credentials array, return empty set if there are duplicates
 std::set<std::pair<AccountID, Slice>>
@@ -74,7 +74,7 @@ verifyDepositPreauth(
     ApplyView& view,
     AccountID const& src,
     AccountID const& dst,
-    std::shared_ptr<SLE const> const& sleDst,
+    std::shared_ptr<SLE> const& sleDst,
     beast::Journal j);
 
 }  // namespace xrpl

include/xrpl/ledger/Credit.h

@@ -0,0 +1,43 @@
+#pragma once
+
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/IOUAmount.h>
+#include <xrpl/protocol/STAmount.h>
+
+namespace xrpl {
+
+/** Calculate the maximum amount of IOUs that an account can hold
+    @param ledger the ledger to check against.
+    @param account the account of interest.
+    @param issuer the issuer of the IOU.
+    @param currency the IOU to check.
+    @return The maximum amount that can be held.
+*/
+/** @{ */
+STAmount
+creditLimit(
+    ReadView const& view,
+    AccountID const& account,
+    AccountID const& issuer,
+    Currency const& currency);
+
+IOUAmount
+creditLimit2(ReadView const& v, AccountID const& acc, AccountID const& iss, Currency const& cur);
+/** @} */
+
+/** Returns the amount of IOUs issued by issuer that are held by an account
+    @param ledger the ledger to check against.
+    @param account the account of interest.
+    @param issuer the issuer of the IOU.
+    @param currency the IOU to check.
+*/
+/** @{ */
+STAmount
+creditBalance(
+    ReadView const& view,
+    AccountID const& account,
+    AccountID const& issuer,
+    Currency const& currency);
+/** @} */
+
+}  // namespace xrpl

include/xrpl/ledger/View.h

@@ -2,23 +2,26 @@
 
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/OpenView.h>
 #include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/Asset.h>
+#include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/MPTIssue.h>
 #include <xrpl/protocol/Protocol.h>
+#include <xrpl/protocol/Rate.h>
 #include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/STObject.h>
+#include <xrpl/protocol/Serializer.h>
 #include <xrpl/protocol/TER.h>
 
-#include <cstdint>
 #include <functional>
+#include <initializer_list>
 #include <map>
-#include <memory>
-#include <optional>
-#include <set>
 #include <utility>
 
 namespace xrpl {
 
+enum class WaiveTransferFee : bool { No = false, Yes };
 enum class SkipEntry : bool { No = false, Yes };
 
 //------------------------------------------------------------------------------
@@ -51,6 +54,24 @@ enum class SkipEntry : bool { No = false, Yes };
 [[nodiscard]] bool
 hasExpired(ReadView const& view, std::optional<std::uint32_t> const& exp);
 
+/** Controls the treatment of frozen account balances */
+enum FreezeHandling { fhIGNORE_FREEZE, fhZERO_IF_FROZEN };
+
+/** Controls the treatment of unauthorized MPT balances */
+enum AuthHandling { ahIGNORE_AUTH, ahZERO_IF_UNAUTHORIZED };
+
+/** Controls whether to include the account's full spendable balance */
+enum SpendableHandling { shSIMPLE_BALANCE, shFULL_BALANCE };
+
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, AccountID const& issuer);
+
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, MPTIssue const& mptIssue);
+
+[[nodiscard]] bool
+isGlobalFrozen(ReadView const& view, Asset const& asset);
+
 // Note, depth parameter is used to limit the recursion depth
 [[nodiscard]] bool
 isVaultPseudoAccountFrozen(
@@ -59,6 +80,175 @@ isVaultPseudoAccountFrozen(
     MPTIssue const& mptShare,
     int depth);
 
+[[nodiscard]] bool
+isIndividualFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer);
+
+[[nodiscard]] inline bool
+isIndividualFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
+{
+    return isIndividualFrozen(view, account, issue.currency, issue.account);
+}
+
+[[nodiscard]] bool
+isIndividualFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
+
+[[nodiscard]] inline bool
+isIndividualFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
+{
+    return std::visit(
+        [&](auto const& issue) { return isIndividualFrozen(view, account, issue); }, asset.value());
+}
+
+[[nodiscard]] bool
+isFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer);
+
+[[nodiscard]] inline bool
+isFrozen(ReadView const& view, AccountID const& account, Issue const& issue, int = 0 /*ignored*/)
+{
+    return isFrozen(view, account, issue.currency, issue.account);
+}
+
+[[nodiscard]] bool
+isFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue, int depth = 0);
+
+/**
+ *   isFrozen check is recursive for MPT shares in a vault, descending to
+ *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ *   purely defensive, as we currently do not allow such vaults to be created.
+ */
+[[nodiscard]] inline bool
+isFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0)
+{
+    return std::visit(
+        [&](auto const& issue) { return isFrozen(view, account, issue, depth); }, asset.value());
+}
+
+[[nodiscard]] inline TER
+checkFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
+{
+    return isFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
+}
+
+[[nodiscard]] inline TER
+checkFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue)
+{
+    return isFrozen(view, account, mptIssue) ? (TER)tecLOCKED : (TER)tesSUCCESS;
+}
+
+[[nodiscard]] inline TER
+checkFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
+{
+    return std::visit(
+        [&](auto const& issue) { return checkFrozen(view, account, issue); }, asset.value());
+}
+
+[[nodiscard]] bool
+isAnyFrozen(
+    ReadView const& view,
+    std::initializer_list<AccountID> const& accounts,
+    MPTIssue const& mptIssue,
+    int depth = 0);
+
+[[nodiscard]] inline bool
+isAnyFrozen(
+    ReadView const& view,
+    std::initializer_list<AccountID> const& accounts,
+    Issue const& issue)
+{
+    for (auto const& account : accounts)
+    {
+        if (isFrozen(view, account, issue.currency, issue.account))
+            return true;
+    }
+    return false;
+}
+
+[[nodiscard]] inline bool
+isAnyFrozen(
+    ReadView const& view,
+    std::initializer_list<AccountID> const& accounts,
+    Asset const& asset,
+    int depth = 0)
+{
+    return std::visit(
+        [&]<ValidIssueType TIss>(TIss const& issue) {
+            if constexpr (std::is_same_v<TIss, Issue>)
+                return isAnyFrozen(view, accounts, issue);
+            else
+                return isAnyFrozen(view, accounts, issue, depth);
+        },
+        asset.value());
+}
+
+[[nodiscard]] bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer);
+
+[[nodiscard]] inline bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Issue const& issue,
+    int = 0 /*ignored*/)
+{
+    return isDeepFrozen(view, account, issue.currency, issue.account);
+}
+
+[[nodiscard]] inline bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    MPTIssue const& mptIssue,
+    int depth = 0)
+{
+    // Unlike IOUs, frozen / locked MPTs are not allowed to send or receive
+    // funds, so checking "deep frozen" is the same as checking "frozen".
+    return isFrozen(view, account, mptIssue, depth);
+}
+
+/**
+ *   isFrozen check is recursive for MPT shares in a vault, descending to
+ *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ *   purely defensive, as we currently do not allow such vaults to be created.
+ */
+[[nodiscard]] inline bool
+isDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0)
+{
+    return std::visit(
+        [&](auto const& issue) { return isDeepFrozen(view, account, issue, depth); },
+        asset.value());
+}
+
+[[nodiscard]] inline TER
+checkDeepFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
+{
+    return isDeepFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
+}
+
+[[nodiscard]] inline TER
+checkDeepFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue)
+{
+    return isDeepFrozen(view, account, mptIssue) ? (TER)tecLOCKED : (TER)tesSUCCESS;
+}
+
+[[nodiscard]] inline TER
+checkDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset)
+{
+    return std::visit(
+        [&](auto const& issue) { return checkDeepFrozen(view, account, issue); }, asset.value());
+}
+
 [[nodiscard]] bool
 isLPTokenFrozen(
     ReadView const& view,
@@ -66,6 +256,159 @@ isLPTokenFrozen(
     Issue const& asset,
     Issue const& asset2);
 
+// Returns the amount an account can spend.
+//
+// If shSIMPLE_BALANCE is specified, this is the amount the account can spend
+// without going into debt.
+//
+// If shFULL_BALANCE is specified, this is the amount the account can spend
+// total. Specifically:
+// * The account can go into debt if using a trust line, and the other side has
+// a non-zero limit.
+// * If the account is the asset issuer the limit is defined by the asset /
+//   issuance.
+//
+// <-- saAmount: amount of currency held by account. May be negative.
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer,
+    FreezeHandling zeroIfFrozen,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    Issue const& issue,
+    FreezeHandling zeroIfFrozen,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    MPTIssue const& mptIssue,
+    FreezeHandling zeroIfFrozen,
+    AuthHandling zeroIfUnauthorized,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+[[nodiscard]] STAmount
+accountHolds(
+    ReadView const& view,
+    AccountID const& account,
+    Asset const& asset,
+    FreezeHandling zeroIfFrozen,
+    AuthHandling zeroIfUnauthorized,
+    beast::Journal j,
+    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
+
+// Returns the amount an account can spend of the currency type saDefault, or
+// returns saDefault if this account is the issuer of the currency in
+// question. Should be used in favor of accountHolds when questioning how much
+// an account can spend while also allowing currency issuers to spend
+// unlimited amounts of their own currency (since they can always issue more).
+[[nodiscard]] STAmount
+accountFunds(
+    ReadView const& view,
+    AccountID const& id,
+    STAmount const& saDefault,
+    FreezeHandling freezeHandling,
+    beast::Journal j);
+
+// Return the account's liquid (not reserved) XRP.  Generally prefer
+// calling accountHolds() over this interface.  However, this interface
+// allows the caller to temporarily adjust the owner count should that be
+// necessary.
+//
+// @param ownerCountAdj positive to add to count, negative to reduce count.
+[[nodiscard]] XRPAmount
+xrpLiquid(ReadView const& view, AccountID const& id, std::int32_t ownerCountAdj, beast::Journal j);
+
+/** Iterate all items in the given directory. */
+void
+forEachItem(
+    ReadView const& view,
+    Keylet const& root,
+    std::function<void(std::shared_ptr<SLE const> const&)> const& f);
+
+/** Iterate all items after an item in the given directory.
+    @param after The key of the item to start after
+    @param hint The directory page containing `after`
+    @param limit The maximum number of items to return
+    @return `false` if the iteration failed
+*/
+bool
+forEachItemAfter(
+    ReadView const& view,
+    Keylet const& root,
+    uint256 const& after,
+    std::uint64_t const hint,
+    unsigned int limit,
+    std::function<bool(std::shared_ptr<SLE const> const&)> const& f);
+
+/** Iterate all items in an account's owner directory. */
+inline void
+forEachItem(
+    ReadView const& view,
+    AccountID const& id,
+    std::function<void(std::shared_ptr<SLE const> const&)> const& f)
+{
+    return forEachItem(view, keylet::ownerDir(id), f);
+}
+
+/** Iterate all items after an item in an owner directory.
+    @param after The key of the item to start after
+    @param hint The directory page containing `after`
+    @param limit The maximum number of items to return
+    @return `false` if the iteration failed
+*/
+inline bool
+forEachItemAfter(
+    ReadView const& view,
+    AccountID const& id,
+    uint256 const& after,
+    std::uint64_t const hint,
+    unsigned int limit,
+    std::function<bool(std::shared_ptr<SLE const> const&)> const& f)
+{
+    return forEachItemAfter(view, keylet::ownerDir(id), after, hint, limit, f);
+}
+
+/** Returns IOU issuer transfer fee as Rate. Rate specifies
+ * the fee as fractions of 1 billion. For example, 1% transfer rate
+ * is represented as 1,010,000,000.
+ * @param issuer The IOU issuer
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, AccountID const& issuer);
+
+/** Returns MPT transfer fee as Rate. Rate specifies
+ * the fee as fractions of 1 billion. For example, 1% transfer rate
+ * is represented as 1,010,000,000.
+ * @param issuanceID MPTokenIssuanceID of MPTTokenIssuance object
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, MPTID const& issuanceID);
+
+/** Returns the transfer fee as Rate based on the type of token
+ * @param view The ledger view
+ * @param amount The amount to transfer
+ */
+[[nodiscard]] Rate
+transferRate(ReadView const& view, STAmount const& amount);
+
+/** Returns `true` if the directory is empty
+    @param key The key of the directory
+*/
+[[nodiscard]] bool
+dirIsEmpty(ReadView const& view, Keylet const& k);
+
 // Return the list of enabled amendments
 [[nodiscard]] std::set<uint256>
 getEnabledAmendments(ReadView const& view);
@@ -131,6 +474,81 @@ areCompatible(
 //
 //------------------------------------------------------------------------------
 
+/** Adjust the owner count up or down. */
+void
+adjustOwnerCount(
+    ApplyView& view,
+    std::shared_ptr<SLE> const& sle,
+    std::int32_t amount,
+    beast::Journal j);
+
+/** @{ */
+/** Returns the first entry in the directory, advancing the index
+
+    @deprecated These are legacy function that are considered deprecated
+                and will soon be replaced with an iterator-based model
+                that is easier to use. You should not use them in new code.
+
+    @param view The view against which to operate
+    @param root The root (i.e. first page) of the directory to iterate
+    @param page The current page
+    @param index The index inside the current page
+    @param entry The entry at the current index
+
+    @return true if the directory isn't empty; false otherwise
+ */
+bool
+cdirFirst(
+    ReadView const& view,
+    uint256 const& root,
+    std::shared_ptr<SLE const>& page,
+    unsigned int& index,
+    uint256& entry);
+
+bool
+dirFirst(
+    ApplyView& view,
+    uint256 const& root,
+    std::shared_ptr<SLE>& page,
+    unsigned int& index,
+    uint256& entry);
+/** @} */
+
+/** @{ */
+/** Returns the next entry in the directory, advancing the index
+
+    @deprecated These are legacy function that are considered deprecated
+                and will soon be replaced with an iterator-based model
+                that is easier to use. You should not use them in new code.
+
+    @param view The view against which to operate
+    @param root The root (i.e. first page) of the directory to iterate
+    @param page The current page
+    @param index The index inside the current page
+    @param entry The entry at the current index
+
+    @return true if the directory isn't empty; false otherwise
+ */
+bool
+cdirNext(
+    ReadView const& view,
+    uint256 const& root,
+    std::shared_ptr<SLE const>& page,
+    unsigned int& index,
+    uint256& entry);
+
+bool
+dirNext(
+    ApplyView& view,
+    uint256 const& root,
+    std::shared_ptr<SLE>& page,
+    unsigned int& index,
+    uint256& entry);
+/** @} */
+
+[[nodiscard]] std::function<void(SLE::ref)>
+describeOwnerDir(AccountID const& account);
+
 [[nodiscard]] TER
 dirLink(
     ApplyView& view,
@@ -138,6 +556,63 @@ dirLink(
     std::shared_ptr<SLE>& object,
     SF_UINT64 const& node = sfOwnerNode);
 
+AccountID
+pseudoAccountAddress(ReadView const& view, uint256 const& pseudoOwnerKey);
+
+/**
+ *
+ * Create pseudo-account, storing pseudoOwnerKey into ownerField.
+ *
+ * The list of valid ownerField is maintained in View.cpp and the caller to
+ * this function must perform necessary amendment check(s) before using a
+ * field. The amendment check is **not** performed in createPseudoAccount.
+ */
+[[nodiscard]] Expected<std::shared_ptr<SLE>, TER>
+createPseudoAccount(ApplyView& view, uint256 const& pseudoOwnerKey, SField const& ownerField);
+
+// Returns true if and only if sleAcct is a pseudo-account or specific
+// pseudo-accounts in pseudoFieldFilter.
+//
+// Returns false if sleAcct is
+// * NOT a pseudo-account OR
+// * NOT a ltACCOUNT_ROOT OR
+// * null pointer
+[[nodiscard]] bool
+isPseudoAccount(
+    std::shared_ptr<SLE const> sleAcct,
+    std::set<SField const*> const& pseudoFieldFilter = {});
+
+// Returns the list of fields that define an ACCOUNT_ROOT as a pseudo-account if
+// set
+// Pseudo-account designator fields MUST be maintained by including the
+// SField::sMD_PseudoAccount flag in the SField definition. (Don't forget to
+// "| SField::sMD_Default"!) The fields do NOT need to be amendment-gated,
+// since a non-active amendment will not set any field, by definition.
+// Specific properties of a pseudo-account are NOT checked here, that's what
+// InvariantCheck is for.
+[[nodiscard]] std::vector<SField const*> const&
+getPseudoAccountFields();
+
+[[nodiscard]] inline bool
+isPseudoAccount(
+    ReadView const& view,
+    AccountID const& accountId,
+    std::set<SField const*> const& pseudoFieldFilter = {})
+{
+    return isPseudoAccount(view.read(keylet::account(accountId)), pseudoFieldFilter);
+}
+
+[[nodiscard]] TER
+canAddHolding(ReadView const& view, Asset const& asset);
+
+/** Validates that the destination SLE and tag are valid
+
+   - Checks that the SLE is not null.
+   - If the SLE requires a destination tag, checks that there is a tag.
+*/
+[[nodiscard]] TER
+checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
+
 /** Checks that can withdraw funds from an object to itself or a destination.
  *
  * The receiver may be either the submitting account (sfAccount) or a different
@@ -211,6 +686,351 @@ doWithdraw(
     STAmount const& amount,
     beast::Journal j);
 
+/// Any transactors that call addEmptyHolding() in doApply must call
+/// canAddHolding() in preflight with the same View and Asset
+[[nodiscard]] TER
+addEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    XRPAmount priorBalance,
+    Issue const& issue,
+    beast::Journal journal);
+
+[[nodiscard]] TER
+addEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    XRPAmount priorBalance,
+    MPTIssue const& mptIssue,
+    beast::Journal journal);
+
+[[nodiscard]] inline TER
+addEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    XRPAmount priorBalance,
+    Asset const& asset,
+    beast::Journal journal)
+{
+    return std::visit(
+        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
+            return addEmptyHolding(view, accountID, priorBalance, issue, journal);
+        },
+        asset.value());
+}
+
+[[nodiscard]] TER
+authorizeMPToken(
+    ApplyView& view,
+    XRPAmount const& priorBalance,
+    MPTID const& mptIssuanceID,
+    AccountID const& account,
+    beast::Journal journal,
+    std::uint32_t flags = 0,
+    std::optional<AccountID> holderID = std::nullopt);
+
+// VFALCO NOTE Both STAmount parameters should just
+//             be "Amount", a unit-less number.
+//
+/** Create a trust line
+
+    This can set an initial balance.
+*/
+[[nodiscard]] TER
+trustCreate(
+    ApplyView& view,
+    bool const bSrcHigh,
+    AccountID const& uSrcAccountID,
+    AccountID const& uDstAccountID,
+    uint256 const& uIndex,      // --> ripple state entry
+    SLE::ref sleAccount,        // --> the account being set.
+    bool const bAuth,           // --> authorize account.
+    bool const bNoRipple,       // --> others cannot ripple through
+    bool const bFreeze,         // --> funds cannot leave
+    bool bDeepFreeze,           // --> can neither receive nor send funds
+    STAmount const& saBalance,  // --> balance of account being set.
+                                // Issuer should be noAccount()
+    STAmount const& saLimit,    // --> limit for account being set.
+                                // Issuer should be the account being set.
+    std::uint32_t uSrcQualityIn,
+    std::uint32_t uSrcQualityOut,
+    beast::Journal j);
+
+[[nodiscard]] TER
+removeEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    Issue const& issue,
+    beast::Journal journal);
+
+[[nodiscard]] TER
+removeEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    MPTIssue const& mptIssue,
+    beast::Journal journal);
+
+[[nodiscard]] inline TER
+removeEmptyHolding(
+    ApplyView& view,
+    AccountID const& accountID,
+    Asset const& asset,
+    beast::Journal journal)
+{
+    return std::visit(
+        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
+            return removeEmptyHolding(view, accountID, issue, journal);
+        },
+        asset.value());
+}
+
+[[nodiscard]] TER
+trustDelete(
+    ApplyView& view,
+    std::shared_ptr<SLE> const& sleRippleState,
+    AccountID const& uLowAccountID,
+    AccountID const& uHighAccountID,
+    beast::Journal j);
+
+/** Delete an offer.
+
+    Requirements:
+        The passed `sle` be obtained from a prior
+        call to view.peek()
+*/
+// [[nodiscard]] // nodiscard commented out so Flow, BookTip and others compile.
+TER
+offerDelete(ApplyView& view, std::shared_ptr<SLE> const& sle, beast::Journal j);
+
+//------------------------------------------------------------------------------
+
+//
+// Money Transfers
+//
+
+// Direct send w/o fees:
+// - Redeeming IOUs and/or sending sender's own IOUs.
+// - Create trust line of needed.
+// --> bCheckIssuer : normally require issuer to be involved.
+// [[nodiscard]] // nodiscard commented out so DirectStep.cpp compiles.
+
+/** Calls static rippleCreditIOU if saAmount represents Issue.
+ * Calls static rippleCreditMPT if saAmount represents MPTIssue.
+ */
+TER
+rippleCredit(
+    ApplyView& view,
+    AccountID const& uSenderID,
+    AccountID const& uReceiverID,
+    STAmount const& saAmount,
+    bool bCheckIssuer,
+    beast::Journal j);
+
+TER
+rippleLockEscrowMPT(
+    ApplyView& view,
+    AccountID const& uGrantorID,
+    STAmount const& saAmount,
+    beast::Journal j);
+
+TER
+rippleUnlockEscrowMPT(
+    ApplyView& view,
+    AccountID const& uGrantorID,
+    AccountID const& uGranteeID,
+    STAmount const& netAmount,
+    STAmount const& grossAmount,
+    beast::Journal j);
+
+/** Calls static accountSendIOU if saAmount represents Issue.
+ * Calls static accountSendMPT if saAmount represents MPTIssue.
+ */
+[[nodiscard]] TER
+accountSend(
+    ApplyView& view,
+    AccountID const& from,
+    AccountID const& to,
+    STAmount const& saAmount,
+    beast::Journal j,
+    WaiveTransferFee waiveFee = WaiveTransferFee::No);
+
+using MultiplePaymentDestinations = std::vector<std::pair<AccountID, Number>>;
+/** Like accountSend, except one account is sending multiple payments (with the
+ *  same asset!) simultaneously
+ *
+ * Calls static accountSendMultiIOU if saAmount represents Issue.
+ * Calls static accountSendMultiMPT if saAmount represents MPTIssue.
+ */
+[[nodiscard]] TER
+accountSendMulti(
+    ApplyView& view,
+    AccountID const& senderID,
+    Asset const& asset,
+    MultiplePaymentDestinations const& receivers,
+    beast::Journal j,
+    WaiveTransferFee waiveFee = WaiveTransferFee::No);
+
+[[nodiscard]] TER
+issueIOU(
+    ApplyView& view,
+    AccountID const& account,
+    STAmount const& amount,
+    Issue const& issue,
+    beast::Journal j);
+
+[[nodiscard]] TER
+redeemIOU(
+    ApplyView& view,
+    AccountID const& account,
+    STAmount const& amount,
+    Issue const& issue,
+    beast::Journal j);
+
+[[nodiscard]] TER
+transferXRP(
+    ApplyView& view,
+    AccountID const& from,
+    AccountID const& to,
+    STAmount const& amount,
+    beast::Journal j);
+
+/* Check if MPToken (for MPT) or trust line (for IOU) exists:
+ * - StrongAuth - before checking if authorization is required
+ * - WeakAuth
+ *    for MPT - after checking lsfMPTRequireAuth flag
+ *    for IOU - do not check if trust line exists
+ * - Legacy
+ *    for MPT - before checking lsfMPTRequireAuth flag i.e. same as StrongAuth
+ *    for IOU - do not check if trust line exists i.e. same as WeakAuth
+ */
+enum class AuthType { StrongAuth, WeakAuth, Legacy };
+
+/** Check if the account lacks required authorization.
+ *
+ * Return tecNO_AUTH or tecNO_LINE if it does
+ * and tesSUCCESS otherwise.
+ *
+ * If StrongAuth then return tecNO_LINE if the RippleState doesn't exist. Return
+ * tecNO_AUTH if lsfRequireAuth is set on the issuer's AccountRoot, and the
+ * RippleState does exist, and the RippleState is not authorized.
+ *
+ * If WeakAuth then return tecNO_AUTH if lsfRequireAuth is set, and the
+ * RippleState exists, and is not authorized. Return tecNO_LINE if
+ * lsfRequireAuth is set and the RippleState doesn't exist. Consequently, if
+ * WeakAuth and lsfRequireAuth is *not* set, this function will return
+ * tesSUCCESS even if RippleState does *not* exist.
+ *
+ * The default "Legacy" auth type is equivalent to WeakAuth.
+ */
+[[nodiscard]] TER
+requireAuth(
+    ReadView const& view,
+    Issue const& issue,
+    AccountID const& account,
+    AuthType authType = AuthType::Legacy);
+
+/** Check if the account lacks required authorization.
+ *
+ * This will also check for expired credentials. If it is called directly
+ * from preclaim, the user should convert result tecEXPIRED to tesSUCCESS and
+ * proceed to also check permissions with enforceMPTokenAuthorization inside
+ * doApply. This will ensure that any expired credentials are deleted.
+ *
+ * requireAuth check is recursive for MPT shares in a vault, descending to
+ * assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ * purely defensive, as we currently do not allow such vaults to be created.
+ *
+ * If StrongAuth then return tecNO_AUTH if MPToken doesn't exist or
+ * lsfMPTRequireAuth is set and MPToken is not authorized. Vault and LoanBroker
+ * pseudo-accounts are implicitly authorized.
+ *
+ * If WeakAuth then return tecNO_AUTH if lsfMPTRequireAuth is set and MPToken
+ * doesn't exist or is not authorized (explicitly or via credentials, if
+ * DomainID is set in MPTokenIssuance). Consequently, if WeakAuth and
+ * lsfMPTRequireAuth is *not* set, this function will return true even if
+ * MPToken does *not* exist.
+ *
+ * The default "Legacy" auth type is equivalent to StrongAuth.
+ */
+[[nodiscard]] TER
+requireAuth(
+    ReadView const& view,
+    MPTIssue const& mptIssue,
+    AccountID const& account,
+    AuthType authType = AuthType::Legacy,
+    int depth = 0);
+
+[[nodiscard]] TER inline requireAuth(
+    ReadView const& view,
+    Asset const& asset,
+    AccountID const& account,
+    AuthType authType = AuthType::Legacy)
+{
+    return std::visit(
+        [&]<ValidIssueType TIss>(TIss const& issue_) {
+            return requireAuth(view, issue_, account, authType);
+        },
+        asset.value());
+}
+
+/** Enforce account has MPToken to match its authorization.
+ *
+ *   Called from doApply - it will check for expired (and delete if found any)
+ *   credentials matching DomainID set in MPTokenIssuance. Must be called if
+ *   requireAuth(...MPTIssue...) returned tesSUCCESS or tecEXPIRED in preclaim,
+ *   which implies that preclaim should replace `tecEXPIRED` with `tesSUCCESS`
+ *   in order for the transactor to proceed to doApply.
+ *
+ *   This function will create MPToken (if needed) on the basis of any
+ *   non-expired credentials and will delete any expired credentials, indirectly
+ *   via verifyValidDomain, as per DomainID (if set in MPTokenIssuance).
+ *
+ *   The caller does NOT need to ensure that DomainID is actually set - this
+ *   function handles gracefully both cases when DomainID is set and when not.
+ *
+ *   The caller does NOT need to look for existing MPToken to match
+ *   mptIssue/account - this function checks lsfMPTAuthorized of an existing
+ *   MPToken iff DomainID is not set.
+ *
+ *   Do not use for accounts which hold implied permission e.g. object owners or
+ *   if MPTokenIssuance does not require authorization. In both cases use
+ *   MPTokenAuthorize::authorize if MPToken does not yet exist.
+ */
+[[nodiscard]] TER
+enforceMPTokenAuthorization(
+    ApplyView& view,
+    MPTID const& mptIssuanceID,
+    AccountID const& account,
+    XRPAmount const& priorBalance,
+    beast::Journal j);
+
+/** Check if the destination account is allowed
+ *  to receive MPT. Return tecNO_AUTH if it doesn't
+ *  and tesSUCCESS otherwise.
+ */
+[[nodiscard]] TER
+canTransfer(
+    ReadView const& view,
+    MPTIssue const& mptIssue,
+    AccountID const& from,
+    AccountID const& to);
+
+[[nodiscard]] TER
+canTransfer(ReadView const& view, Issue const& issue, AccountID const& from, AccountID const& to);
+
+[[nodiscard]] TER inline canTransfer(
+    ReadView const& view,
+    Asset const& asset,
+    AccountID const& from,
+    AccountID const& to)
+{
+    return std::visit(
+        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
+            return canTransfer(view, issue, from, to);
+        },
+        asset.value());
+}
+
 /** Deleter function prototype. Returns the status of the entry deletion
  * (if should not be skipped) and if the entry should be skipped. The status
  * is always tesSUCCESS if the entry should be skipped.
@@ -232,6 +1052,57 @@ cleanupOnAccountDelete(
     beast::Journal j,
     std::optional<std::uint16_t> maxNodesToDelete = std::nullopt);
 
+/** Delete trustline to AMM. The passed `sle` must be obtained from a prior
+ * call to view.peek(). Fail if neither side of the trustline is AMM or
+ * if ammAccountID is seated and is not one of the trustline's side.
+ */
+[[nodiscard]] TER
+deleteAMMTrustLine(
+    ApplyView& view,
+    std::shared_ptr<SLE> sleState,
+    std::optional<AccountID> const& ammAccountID,
+    beast::Journal j);
+
+// From the perspective of a vault, return the number of shares to give the
+// depositor when they deposit a fixed amount of assets. Since shares are MPT
+// this number is integral and always truncated in this calculation.
+[[nodiscard]] std::optional<STAmount>
+assetsToSharesDeposit(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& assets);
+
+// From the perspective of a vault, return the number of assets to take from
+// depositor when they receive a fixed amount of shares. Note, since shares are
+// MPT, they are always an integral number.
+[[nodiscard]] std::optional<STAmount>
+sharesToAssetsDeposit(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& shares);
+
+enum class TruncateShares : bool { no = false, yes = true };
+
+// From the perspective of a vault, return the number of shares to demand from
+// the depositor when they ask to withdraw a fixed amount of assets. Since
+// shares are MPT this number is integral, and it will be rounded to nearest
+// unless explicitly requested to be truncated instead.
+[[nodiscard]] std::optional<STAmount>
+assetsToSharesWithdraw(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& assets,
+    TruncateShares truncate = TruncateShares::no);
+
+// From the perspective of a vault, return the number of assets to give the
+// depositor when they redeem a fixed amount of shares. Note, since shares are
+// MPT, they are always an integral number.
+[[nodiscard]] std::optional<STAmount>
+sharesToAssetsWithdraw(
+    std::shared_ptr<SLE const> const& vault,
+    std::shared_ptr<SLE const> const& issuance,
+    STAmount const& shares);
+
 /** Has the specified time passed?
 
     @param now  the current time

include/xrpl/ledger/helpers/AccountRootHelpers.h

@@ -1,112 +0,0 @@
-#pragma once
-
-#include <xrpl/basics/Expected.h>
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/Indexes.h>
-#include <xrpl/protocol/Rate.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/TER.h>
-
-#include <memory>
-#include <set>
-#include <vector>
-
-namespace xrpl {
-
-/** Check if the issuer has the global freeze flag set.
-    @param issuer The account to check
-    @return true if the account has global freeze set
-*/
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, AccountID const& issuer);
-
-// Calculate liquid XRP balance for an account.
-// This function may be used to calculate the amount of XRP that
-// the holder is able to freely spend. It subtracts reserve requirements.
-//
-// ownerCountAdj adjusts the owner count in case the caller calculates
-// before ledger entries are added or removed. Positive to add, negative
-// to subtract.
-//
-// @param ownerCountAdj positive to add to count, negative to reduce count.
-[[nodiscard]] XRPAmount
-xrpLiquid(ReadView const& view, AccountID const& id, std::int32_t ownerCountAdj, beast::Journal j);
-
-/** Adjust the owner count up or down. */
-void
-adjustOwnerCount(
-    ApplyView& view,
-    std::shared_ptr<SLE> const& sle,
-    std::int32_t amount,
-    beast::Journal j);
-
-/** Returns IOU issuer transfer fee as Rate. Rate specifies
- * the fee as fractions of 1 billion. For example, 1% transfer rate
- * is represented as 1,010,000,000.
- * @param issuer The IOU issuer
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, AccountID const& issuer);
-
-/** Generate a pseudo-account address from a pseudo owner key.
-    @param pseudoOwnerKey The key to generate the address from
-    @return The generated account ID
-*/
-AccountID
-pseudoAccountAddress(ReadView const& view, uint256 const& pseudoOwnerKey);
-
-/** Returns the list of fields that define an ACCOUNT_ROOT as a pseudo-account
-    if set.
-
-    The list is constructed during initialization and is const after that.
-    Pseudo-account designator fields MUST be maintained by including the
-    SField::sMD_PseudoAccount flag in the SField definition.
-*/
-[[nodiscard]] std::vector<SField const*> const&
-getPseudoAccountFields();
-
-/** Returns true if and only if sleAcct is a pseudo-account or specific
-    pseudo-accounts in pseudoFieldFilter.
-
-    Returns false if sleAcct is:
-    - NOT a pseudo-account OR
-    - NOT a ltACCOUNT_ROOT OR
-    - null pointer
-*/
-[[nodiscard]] bool
-isPseudoAccount(
-    std::shared_ptr<SLE const> sleAcct,
-    std::set<SField const*> const& pseudoFieldFilter = {});
-
-/** Convenience overload that reads the account from the view. */
-[[nodiscard]] inline bool
-isPseudoAccount(
-    ReadView const& view,
-    AccountID const& accountId,
-    std::set<SField const*> const& pseudoFieldFilter = {})
-{
-    return isPseudoAccount(view.read(keylet::account(accountId)), pseudoFieldFilter);
-}
-
-/**
- * Create pseudo-account, storing pseudoOwnerKey into ownerField.
- *
- * The list of valid ownerField is maintained in AccountRootHelpers.cpp and
- * the caller to this function must perform necessary amendment check(s)
- * before using a field. The amendment check is **not** performed in
- * createPseudoAccount.
- */
-[[nodiscard]] Expected<std::shared_ptr<SLE>, TER>
-createPseudoAccount(ApplyView& view, uint256 const& pseudoOwnerKey, SField const& ownerField);
-
-/** Checks the destination and tag.
-
-   - Checks that the SLE is not null.
-   - If the SLE requires a destination tag, checks that there is a tag.
-*/
-[[nodiscard]] TER
-checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
-
-}  // namespace xrpl

include/xrpl/ledger/helpers/DirectoryHelpers.h

@@ -1,223 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/instrumentation.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/Indexes.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/TER.h>
-
-#include <functional>
-#include <memory>
-#include <type_traits>
-
-namespace xrpl {
-
-namespace detail {
-
-template <
-    class V,
-    class N,
-    class = std::enable_if_t<
-        std::is_same_v<std::remove_cv_t<N>, SLE> && std::is_base_of_v<ReadView, V>>>
-bool
-internalDirNext(
-    V& view,
-    uint256 const& root,
-    std::shared_ptr<N>& page,
-    unsigned int& index,
-    uint256& entry)
-{
-    auto const& svIndexes = page->getFieldV256(sfIndexes);
-    XRPL_ASSERT(index <= svIndexes.size(), "xrpl::detail::internalDirNext : index inside range");
-
-    if (index >= svIndexes.size())
-    {
-        auto const next = page->getFieldU64(sfIndexNext);
-
-        if (!next)
-        {
-            entry.zero();
-            return false;
-        }
-
-        if constexpr (std::is_const_v<N>)
-        {
-            page = view.read(keylet::page(root, next));
-        }
-        else
-        {
-            page = view.peek(keylet::page(root, next));
-        }
-
-        XRPL_ASSERT(page, "xrpl::detail::internalDirNext : non-null root");
-
-        if (!page)
-            return false;
-
-        index = 0;
-
-        return internalDirNext(view, root, page, index, entry);
-    }
-
-    entry = svIndexes[index++];
-    return true;
-}
-
-template <
-    class V,
-    class N,
-    class = std::enable_if_t<
-        std::is_same_v<std::remove_cv_t<N>, SLE> && std::is_base_of_v<ReadView, V>>>
-bool
-internalDirFirst(
-    V& view,
-    uint256 const& root,
-    std::shared_ptr<N>& page,
-    unsigned int& index,
-    uint256& entry)
-{
-    if constexpr (std::is_const_v<N>)
-    {
-        page = view.read(keylet::page(root));
-    }
-    else
-    {
-        page = view.peek(keylet::page(root));
-    }
-
-    if (!page)
-        return false;
-
-    index = 0;
-
-    return internalDirNext(view, root, page, index, entry);
-}
-
-}  // namespace detail
-
-/** @{ */
-/** Returns the first entry in the directory, advancing the index
-
-    @deprecated These are legacy function that are considered deprecated
-                and will soon be replaced with an iterator-based model
-                that is easier to use. You should not use them in new code.
-
-    @param view The view against which to operate
-    @param root The root (i.e. first page) of the directory to iterate
-    @param page The current page
-    @param index The index inside the current page
-    @param entry The entry at the current index
-
-    @return true if the directory isn't empty; false otherwise
- */
-bool
-cdirFirst(
-    ReadView const& view,
-    uint256 const& root,
-    std::shared_ptr<SLE const>& page,
-    unsigned int& index,
-    uint256& entry);
-
-bool
-dirFirst(
-    ApplyView& view,
-    uint256 const& root,
-    std::shared_ptr<SLE>& page,
-    unsigned int& index,
-    uint256& entry);
-/** @} */
-
-/** @{ */
-/** Returns the next entry in the directory, advancing the index
-
-    @deprecated These are legacy function that are considered deprecated
-                and will soon be replaced with an iterator-based model
-                that is easier to use. You should not use them in new code.
-
-    @param view The view against which to operate
-    @param root The root (i.e. first page) of the directory to iterate
-    @param page The current page
-    @param index The index inside the current page
-    @param entry The entry at the current index
-
-    @return true if the directory isn't empty; false otherwise
- */
-bool
-cdirNext(
-    ReadView const& view,
-    uint256 const& root,
-    std::shared_ptr<SLE const>& page,
-    unsigned int& index,
-    uint256& entry);
-
-bool
-dirNext(
-    ApplyView& view,
-    uint256 const& root,
-    std::shared_ptr<SLE>& page,
-    unsigned int& index,
-    uint256& entry);
-/** @} */
-
-/** Iterate all items in the given directory. */
-void
-forEachItem(
-    ReadView const& view,
-    Keylet const& root,
-    std::function<void(std::shared_ptr<SLE const> const&)> const& f);
-
-/** Iterate all items after an item in the given directory.
-    @param after The key of the item to start after
-    @param hint The directory page containing `after`
-    @param limit The maximum number of items to return
-    @return `false` if the iteration failed
-*/
-bool
-forEachItemAfter(
-    ReadView const& view,
-    Keylet const& root,
-    uint256 const& after,
-    std::uint64_t const hint,
-    unsigned int limit,
-    std::function<bool(std::shared_ptr<SLE const> const&)> const& f);
-
-/** Iterate all items in an account's owner directory. */
-inline void
-forEachItem(
-    ReadView const& view,
-    AccountID const& id,
-    std::function<void(std::shared_ptr<SLE const> const&)> const& f)
-{
-    return forEachItem(view, keylet::ownerDir(id), f);
-}
-
-/** Iterate all items after an item in an owner directory.
-    @param after The key of the item to start after
-    @param hint The directory page containing `after`
-    @param limit The maximum number of items to return
-    @return `false` if the iteration failed
-*/
-inline bool
-forEachItemAfter(
-    ReadView const& view,
-    AccountID const& id,
-    uint256 const& after,
-    std::uint64_t const hint,
-    unsigned int limit,
-    std::function<bool(std::shared_ptr<SLE const> const&)> const& f)
-{
-    return forEachItemAfter(view, keylet::ownerDir(id), after, hint, limit, f);
-}
-
-/** Returns `true` if the directory is empty
-    @param key The key of the directory
-*/
-[[nodiscard]] bool
-dirIsEmpty(ReadView const& view, Keylet const& k);
-
-/** Returns a function that sets the owner on a directory SLE */
-[[nodiscard]] std::function<void(SLE::ref)>
-describeOwnerDir(AccountID const& account);
-
-}  // namespace xrpl

include/xrpl/ledger/helpers/MPTokenHelpers.h

@@ -1,160 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/ledger/helpers/TokenHelpers.h>
-#include <xrpl/protocol/MPTIssue.h>
-#include <xrpl/protocol/Rate.h>
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/TER.h>
-
-#include <initializer_list>
-#include <optional>
-
-namespace xrpl {
-
-//------------------------------------------------------------------------------
-//
-// Freeze checking (MPT-specific)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, MPTIssue const& mptIssue);
-
-[[nodiscard]] bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
-
-[[nodiscard]] bool
-isFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue, int depth = 0);
-
-[[nodiscard]] bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    MPTIssue const& mptIssue,
-    int depth = 0);
-
-//------------------------------------------------------------------------------
-//
-// Transfer rate (MPT-specific)
-//
-//------------------------------------------------------------------------------
-
-/** Returns MPT transfer fee as Rate. Rate specifies
- * the fee as fractions of 1 billion. For example, 1% transfer rate
- * is represented as 1,010,000,000.
- * @param issuanceID MPTokenIssuanceID of MPTTokenIssuance object
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, MPTID const& issuanceID);
-
-//------------------------------------------------------------------------------
-//
-// Holding checks (MPT-specific)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] TER
-canAddHolding(ReadView const& view, MPTIssue const& mptIssue);
-
-//------------------------------------------------------------------------------
-//
-// Authorization (MPT-specific)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] TER
-authorizeMPToken(
-    ApplyView& view,
-    XRPAmount const& priorBalance,
-    MPTID const& mptIssuanceID,
-    AccountID const& account,
-    beast::Journal journal,
-    std::uint32_t flags = 0,
-    std::optional<AccountID> holderID = std::nullopt);
-
-/** Check if the account lacks required authorization for MPT.
- *
- * requireAuth check is recursive for MPT shares in a vault, descending to
- * assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- * purely defensive, as we currently do not allow such vaults to be created.
- */
-[[nodiscard]] TER
-requireAuth(
-    ReadView const& view,
-    MPTIssue const& mptIssue,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy,
-    int depth = 0);
-
-/** Enforce account has MPToken to match its authorization.
- *
- *   Called from doApply - it will check for expired (and delete if found any)
- *   credentials matching DomainID set in MPTokenIssuance. Must be called if
- *   requireAuth(...MPTIssue...) returned tesSUCCESS or tecEXPIRED in preclaim.
- */
-[[nodiscard]] TER
-enforceMPTokenAuthorization(
-    ApplyView& view,
-    MPTID const& mptIssuanceID,
-    AccountID const& account,
-    XRPAmount const& priorBalance,
-    beast::Journal j);
-
-/** Check if the destination account is allowed
- *  to receive MPT. Return tecNO_AUTH if it doesn't
- *  and tesSUCCESS otherwise.
- */
-[[nodiscard]] TER
-canTransfer(
-    ReadView const& view,
-    MPTIssue const& mptIssue,
-    AccountID const& from,
-    AccountID const& to);
-
-//------------------------------------------------------------------------------
-//
-// Empty holding operations (MPT-specific)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    MPTIssue const& mptIssue,
-    beast::Journal journal);
-
-[[nodiscard]] TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    MPTIssue const& mptIssue,
-    beast::Journal journal);
-
-//------------------------------------------------------------------------------
-//
-// Escrow operations (MPT-specific)
-//
-//------------------------------------------------------------------------------
-
-TER
-rippleLockEscrowMPT(
-    ApplyView& view,
-    AccountID const& uGrantorID,
-    STAmount const& saAmount,
-    beast::Journal j);
-
-TER
-rippleUnlockEscrowMPT(
-    ApplyView& view,
-    AccountID const& uGrantorID,
-    AccountID const& uGranteeID,
-    STAmount const& netAmount,
-    STAmount const& grossAmount,
-    beast::Journal j);
-
-}  // namespace xrpl

include/xrpl/ledger/helpers/OfferHelpers.h

@@ -1,28 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/TER.h>
-
-#include <memory>
-
-namespace xrpl {
-
-/** Delete an offer.
-
-    Requirements:
-        The offer must exist.
-        The caller must have already checked permissions.
-
-    @param view The ApplyView to modify.
-    @param sle The offer to delete.
-    @param j Journal for logging.
-
-    @return tesSUCCESS on success, otherwise an error code.
-*/
-// [[nodiscard]] // nodiscard commented out so Flow, BookTip and others compile.
-TER
-offerDelete(ApplyView& view, std::shared_ptr<SLE> const& sle, beast::Journal j);
-
-}  // namespace xrpl

include/xrpl/ledger/helpers/RippleStateHelpers.h

@@ -1,255 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/ledger/helpers/TokenHelpers.h>
-#include <xrpl/protocol/IOUAmount.h>
-#include <xrpl/protocol/Issue.h>
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/TER.h>
-
-//------------------------------------------------------------------------------
-//
-// RippleState (Trustline) helpers
-//
-//------------------------------------------------------------------------------
-
-namespace xrpl {
-
-//------------------------------------------------------------------------------
-//
-// Credit functions (from Credit.h)
-//
-//------------------------------------------------------------------------------
-
-/** Calculate the maximum amount of IOUs that an account can hold
-    @param view the ledger to check against.
-    @param account the account of interest.
-    @param issuer the issuer of the IOU.
-    @param currency the IOU to check.
-    @return The maximum amount that can be held.
-*/
-/** @{ */
-STAmount
-creditLimit(
-    ReadView const& view,
-    AccountID const& account,
-    AccountID const& issuer,
-    Currency const& currency);
-
-IOUAmount
-creditLimit2(ReadView const& v, AccountID const& acc, AccountID const& iss, Currency const& cur);
-/** @} */
-
-/** Returns the amount of IOUs issued by issuer that are held by an account
-    @param view the ledger to check against.
-    @param account the account of interest.
-    @param issuer the issuer of the IOU.
-    @param currency the IOU to check.
-*/
-/** @{ */
-STAmount
-creditBalance(
-    ReadView const& view,
-    AccountID const& account,
-    AccountID const& issuer,
-    Currency const& currency);
-/** @} */
-
-//------------------------------------------------------------------------------
-//
-// Freeze checking (IOU-specific)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] bool
-isIndividualFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isIndividualFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] bool
-isFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isFrozen(view, account, issue.currency, issue.account);
-}
-
-// Overload with depth parameter for uniformity with MPTIssue version.
-// The depth parameter is ignored for IOUs since they don't have vault recursion.
-[[nodiscard]] inline bool
-isFrozen(ReadView const& view, AccountID const& account, Issue const& issue, int /*depth*/)
-{
-    return isFrozen(view, account, issue);
-}
-
-[[nodiscard]] bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer);
-
-[[nodiscard]] inline bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    int = 0 /*ignored*/)
-{
-    return isDeepFrozen(view, account, issue.currency, issue.account);
-}
-
-[[nodiscard]] inline TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, Issue const& issue)
-{
-    return isDeepFrozen(view, account, issue) ? (TER)tecFROZEN : (TER)tesSUCCESS;
-}
-
-//------------------------------------------------------------------------------
-//
-// Trust line operations
-//
-//------------------------------------------------------------------------------
-
-/** Create a trust line
-
-    This can set an initial balance.
-*/
-[[nodiscard]] TER
-trustCreate(
-    ApplyView& view,
-    bool const bSrcHigh,
-    AccountID const& uSrcAccountID,
-    AccountID const& uDstAccountID,
-    uint256 const& uIndex,      // --> ripple state entry
-    SLE::ref sleAccount,        // --> the account being set.
-    bool const bAuth,           // --> authorize account.
-    bool const bNoRipple,       // --> others cannot ripple through
-    bool const bFreeze,         // --> funds cannot leave
-    bool bDeepFreeze,           // --> can neither receive nor send funds
-    STAmount const& saBalance,  // --> balance of account being set.
-                                // Issuer should be noAccount()
-    STAmount const& saLimit,    // --> limit for account being set.
-                                // Issuer should be the account being set.
-    std::uint32_t uQualityIn,
-    std::uint32_t uQualityOut,
-    beast::Journal j);
-
-[[nodiscard]] TER
-trustDelete(
-    ApplyView& view,
-    std::shared_ptr<SLE> const& sleRippleState,
-    AccountID const& uLowAccountID,
-    AccountID const& uHighAccountID,
-    beast::Journal j);
-
-//------------------------------------------------------------------------------
-//
-// IOU issuance/redemption
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] TER
-issueIOU(
-    ApplyView& view,
-    AccountID const& account,
-    STAmount const& amount,
-    Issue const& issue,
-    beast::Journal j);
-
-[[nodiscard]] TER
-redeemIOU(
-    ApplyView& view,
-    AccountID const& account,
-    STAmount const& amount,
-    Issue const& issue,
-    beast::Journal j);
-
-//------------------------------------------------------------------------------
-//
-// Authorization and transfer checks (IOU-specific)
-//
-//------------------------------------------------------------------------------
-
-/** Check if the account lacks required authorization.
- *
- * Return tecNO_AUTH or tecNO_LINE if it does
- * and tesSUCCESS otherwise.
- *
- * If StrongAuth then return tecNO_LINE if the RippleState doesn't exist. Return
- * tecNO_AUTH if lsfRequireAuth is set on the issuer's AccountRoot, and the
- * RippleState does exist, and the RippleState is not authorized.
- *
- * If WeakAuth then return tecNO_AUTH if lsfRequireAuth is set, and the
- * RippleState exists, and is not authorized. Return tecNO_LINE if
- * lsfRequireAuth is set and the RippleState doesn't exist. Consequently, if
- * WeakAuth and lsfRequireAuth is *not* set, this function will return
- * tesSUCCESS even if RippleState does *not* exist.
- *
- * The default "Legacy" auth type is equivalent to WeakAuth.
- */
-[[nodiscard]] TER
-requireAuth(
-    ReadView const& view,
-    Issue const& issue,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy);
-
-/** Check if the destination account is allowed
- *  to receive IOU. Return terNO_RIPPLE if rippling is
- *  disabled on both sides and tesSUCCESS otherwise.
- */
-[[nodiscard]] TER
-canTransfer(ReadView const& view, Issue const& issue, AccountID const& from, AccountID const& to);
-
-//------------------------------------------------------------------------------
-//
-// Empty holding operations (IOU-specific)
-//
-//------------------------------------------------------------------------------
-
-/// Any transactors that call addEmptyHolding() in doApply must call
-/// canAddHolding() in preflight with the same View and Asset
-[[nodiscard]] TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    Issue const& issue,
-    beast::Journal journal);
-
-[[nodiscard]] TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    Issue const& issue,
-    beast::Journal journal);
-
-/** Delete trustline to AMM. The passed `sle` must be obtained from a prior
- * call to view.peek(). Fail if neither side of the trustline is AMM or
- * if ammAccountID is seated and is not one of the trustline's side.
- */
-[[nodiscard]] TER
-deleteAMMTrustLine(
-    ApplyView& view,
-    std::shared_ptr<SLE> sleState,
-    std::optional<AccountID> const& ammAccountID,
-    beast::Journal j);
-
-}  // namespace xrpl

include/xrpl/ledger/helpers/TokenHelpers.h

@@ -1,286 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/Asset.h>
-#include <xrpl/protocol/MPTIssue.h>
-#include <xrpl/protocol/Rate.h>
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/TER.h>
-
-#include <initializer_list>
-#include <vector>
-
-namespace xrpl {
-
-//------------------------------------------------------------------------------
-//
-// Enums for token handling
-//
-//------------------------------------------------------------------------------
-
-/** Controls the treatment of frozen account balances */
-enum FreezeHandling { fhIGNORE_FREEZE, fhZERO_IF_FROZEN };
-
-/** Controls the treatment of unauthorized MPT balances */
-enum AuthHandling { ahIGNORE_AUTH, ahZERO_IF_UNAUTHORIZED };
-
-/** Controls whether to include the account's full spendable balance */
-enum SpendableHandling { shSIMPLE_BALANCE, shFULL_BALANCE };
-
-enum class WaiveTransferFee : bool { No = false, Yes };
-
-/* Check if MPToken (for MPT) or trust line (for IOU) exists:
- * - StrongAuth - before checking if authorization is required
- * - WeakAuth
- *    for MPT - after checking lsfMPTRequireAuth flag
- *    for IOU - do not check if trust line exists
- * - Legacy
- *    for MPT - before checking lsfMPTRequireAuth flag i.e. same as StrongAuth
- *    for IOU - do not check if trust line exists i.e. same as WeakAuth
- */
-enum class AuthType { StrongAuth, WeakAuth, Legacy };
-
-//------------------------------------------------------------------------------
-//
-// Freeze checking (Asset-based dispatchers)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] bool
-isGlobalFrozen(ReadView const& view, Asset const& asset);
-
-[[nodiscard]] bool
-isIndividualFrozen(ReadView const& view, AccountID const& account, Asset const& asset);
-
-/**
- *   isFrozen check is recursive for MPT shares in a vault, descending to
- *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- *   purely defensive, as we currently do not allow such vaults to be created.
- */
-[[nodiscard]] bool
-isFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0);
-
-[[nodiscard]] TER
-checkFrozen(ReadView const& view, AccountID const& account, Issue const& issue);
-
-[[nodiscard]] TER
-checkFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
-
-[[nodiscard]] TER
-checkFrozen(ReadView const& view, AccountID const& account, Asset const& asset);
-
-[[nodiscard]] bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    Issue const& issue);
-
-[[nodiscard]] bool
-isAnyFrozen(
-    ReadView const& view,
-    std::initializer_list<AccountID> const& accounts,
-    Asset const& asset,
-    int depth = 0);
-
-[[nodiscard]] bool
-isDeepFrozen(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    int depth = 0);
-
-/**
- *   isFrozen check is recursive for MPT shares in a vault, descending to
- *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
- *   purely defensive, as we currently do not allow such vaults to be created.
- */
-[[nodiscard]] bool
-isDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset, int depth = 0);
-
-[[nodiscard]] TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, MPTIssue const& mptIssue);
-
-[[nodiscard]] TER
-checkDeepFrozen(ReadView const& view, AccountID const& account, Asset const& asset);
-
-//------------------------------------------------------------------------------
-//
-// Account balance functions (Asset-based dispatchers)
-//
-//------------------------------------------------------------------------------
-
-// Returns the amount an account can spend.
-//
-// If shSIMPLE_BALANCE is specified, this is the amount the account can spend
-// without going into debt.
-//
-// If shFULL_BALANCE is specified, this is the amount the account can spend
-// total. Specifically:
-// * The account can go into debt if using a trust line, and the other side has
-// a non-zero limit.
-// * If the account is the asset issuer the limit is defined by the asset /
-//   issuance.
-//
-// <-- saAmount: amount of currency held by account. May be negative.
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Currency const& currency,
-    AccountID const& issuer,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Issue const& issue,
-    FreezeHandling zeroIfFrozen,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    MPTIssue const& mptIssue,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-[[nodiscard]] STAmount
-accountHolds(
-    ReadView const& view,
-    AccountID const& account,
-    Asset const& asset,
-    FreezeHandling zeroIfFrozen,
-    AuthHandling zeroIfUnauthorized,
-    beast::Journal j,
-    SpendableHandling includeFullBalance = shSIMPLE_BALANCE);
-
-// Returns the amount an account can spend of the currency type saDefault, or
-// returns saDefault if this account is the issuer of the currency in
-// question. Should be used in favor of accountHolds when questioning how much
-// an account can spend while also allowing currency issuers to spend
-// unlimited amounts of their own currency (since they can always issue more).
-[[nodiscard]] STAmount
-accountFunds(
-    ReadView const& view,
-    AccountID const& id,
-    STAmount const& saDefault,
-    FreezeHandling freezeHandling,
-    beast::Journal j);
-
-/** Returns the transfer fee as Rate based on the type of token
- * @param view The ledger view
- * @param amount The amount to transfer
- */
-[[nodiscard]] Rate
-transferRate(ReadView const& view, STAmount const& amount);
-
-//------------------------------------------------------------------------------
-//
-// Holding operations (Asset-based dispatchers)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] TER
-canAddHolding(ReadView const& view, Asset const& asset);
-
-[[nodiscard]] TER
-addEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    XRPAmount priorBalance,
-    Asset const& asset,
-    beast::Journal journal);
-
-[[nodiscard]] TER
-removeEmptyHolding(
-    ApplyView& view,
-    AccountID const& accountID,
-    Asset const& asset,
-    beast::Journal journal);
-
-//------------------------------------------------------------------------------
-//
-// Authorization and transfer checks (Asset-based dispatchers)
-//
-//------------------------------------------------------------------------------
-
-[[nodiscard]] TER
-requireAuth(
-    ReadView const& view,
-    Asset const& asset,
-    AccountID const& account,
-    AuthType authType = AuthType::Legacy);
-
-[[nodiscard]] TER
-canTransfer(ReadView const& view, Asset const& asset, AccountID const& from, AccountID const& to);
-
-//------------------------------------------------------------------------------
-//
-// Money Transfers (Asset-based dispatchers)
-//
-//------------------------------------------------------------------------------
-
-// Direct send w/o fees:
-// - Redeeming IOUs and/or sending sender's own IOUs.
-// - Create trust line of needed.
-// --> bCheckIssuer : normally require issuer to be involved.
-// [[nodiscard]] // nodiscard commented out so DirectStep.cpp compiles.
-
-/** Calls static rippleCreditIOU if saAmount represents Issue.
- * Calls static rippleCreditMPT if saAmount represents MPTIssue.
- */
-TER
-rippleCredit(
-    ApplyView& view,
-    AccountID const& uSenderID,
-    AccountID const& uReceiverID,
-    STAmount const& saAmount,
-    bool bCheckIssuer,
-    beast::Journal j);
-
-/** Calls static accountSendIOU if saAmount represents Issue.
- * Calls static accountSendMPT if saAmount represents MPTIssue.
- */
-[[nodiscard]] TER
-accountSend(
-    ApplyView& view,
-    AccountID const& from,
-    AccountID const& to,
-    STAmount const& saAmount,
-    beast::Journal j,
-    WaiveTransferFee waiveFee = WaiveTransferFee::No);
-
-using MultiplePaymentDestinations = std::vector<std::pair<AccountID, Number>>;
-/** Like accountSend, except one account is sending multiple payments (with the
- *  same asset!) simultaneously
- *
- * Calls static accountSendMultiIOU if saAmount represents Issue.
- * Calls static accountSendMultiMPT if saAmount represents MPTIssue.
- */
-[[nodiscard]] TER
-accountSendMulti(
-    ApplyView& view,
-    AccountID const& senderID,
-    Asset const& asset,
-    MultiplePaymentDestinations const& receivers,
-    beast::Journal j,
-    WaiveTransferFee waiveFee = WaiveTransferFee::No);
-
-[[nodiscard]] TER
-transferXRP(
-    ApplyView& view,
-    AccountID const& from,
-    AccountID const& to,
-    STAmount const& amount,
-    beast::Journal j);
-
-}  // namespace xrpl

include/xrpl/ledger/helpers/VaultHelpers.h

@@ -1,81 +0,0 @@
-#pragma once
-
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-
-#include <memory>
-#include <optional>
-
-namespace xrpl {
-
-/** From the perspective of a vault, return the number of shares to give
-    depositor when they offer a fixed amount of assets. Note, since shares are
-    MPT, this number is integral and always truncated in this calculation.
-
-    @param vault The vault SLE.
-    @param issuance The MPTokenIssuance SLE for the vault's shares.
-    @param assets The amount of assets to convert.
-
-    @return The number of shares, or nullopt on error.
-*/
-[[nodiscard]] std::optional<STAmount>
-assetsToSharesDeposit(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& assets);
-
-/** From the perspective of a vault, return the number of assets to take from
-    depositor when they receive a fixed amount of shares. Note, since shares are
-    MPT, they are always an integral number.
-
-    @param vault The vault SLE.
-    @param issuance The MPTokenIssuance SLE for the vault's shares.
-    @param shares The amount of shares to convert.
-
-    @return The number of assets, or nullopt on error.
-*/
-[[nodiscard]] std::optional<STAmount>
-sharesToAssetsDeposit(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& shares);
-
-/** Controls whether to truncate shares instead of rounding. */
-enum class TruncateShares : bool { no = false, yes = true };
-
-/** From the perspective of a vault, return the number of shares to demand from
-    the depositor when they ask to withdraw a fixed amount of assets. Since
-    shares are MPT this number is integral, and it will be rounded to nearest
-    unless explicitly requested to be truncated instead.
-
-    @param vault The vault SLE.
-    @param issuance The MPTokenIssuance SLE for the vault's shares.
-    @param assets The amount of assets to convert.
-    @param truncate Whether to truncate instead of rounding.
-
-    @return The number of shares, or nullopt on error.
-*/
-[[nodiscard]] std::optional<STAmount>
-assetsToSharesWithdraw(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& assets,
-    TruncateShares truncate = TruncateShares::no);
-
-/** From the perspective of a vault, return the number of assets to give the
-    depositor when they redeem a fixed amount of shares. Note, since shares are
-    MPT, they are always an integral number.
-
-    @param vault The vault SLE.
-    @param issuance The MPTokenIssuance SLE for the vault's shares.
-    @param shares The amount of shares to convert.
-
-    @return The number of assets, or nullopt on error.
-*/
-[[nodiscard]] std::optional<STAmount>
-sharesToAssetsWithdraw(
-    std::shared_ptr<SLE const> const& vault,
-    std::shared_ptr<SLE const> const& issuance,
-    STAmount const& shares);
-
-}  // namespace xrpl

include/xrpl/net/HTTPClient.h

@@ -29,18 +29,6 @@ public:
         bool sslVerify,
         beast::Journal j);
 
-    /** Destroys the global SSL context created by initializeSSLContext().
-     *
-     *  This releases the underlying boost::asio::ssl::context and any
-     *  associated OpenSSL resources. Must not be called while any
-     *  HTTPClient requests are in flight.
-     *
-     *  @note Currently only called from tests during teardown. In production,
-     *        the SSL context lives for the lifetime of the process.
-     */
-    static void
-    cleanupSSLContext();
-
     static void
     get(bool bSSL,
         boost::asio::io_context& io_context,

include/xrpl/protocol/ConfidentialTransfer.h

@@ -0,0 +1,484 @@
+#pragma once
+
+#include <xrpl/basics/Slice.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/MPTIssue.h>
+#include <xrpl/protocol/Protocol.h>
+#include <xrpl/protocol/Rate.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STObject.h>
+#include <xrpl/protocol/Serializer.h>
+#include <xrpl/protocol/TER.h>
+#include <xrpl/protocol/TxFormats.h>
+#include <xrpl/protocol/detail/secp256k1.h>
+
+#include <secp256k1_mpt.h>
+
+namespace xrpl {
+
+/**
+ * @brief Bundles an ElGamal public key with its associated encrypted amount.
+ *
+ * Used to represent a recipient in confidential transfers, containing both
+ * the recipient's ElGamal public key and the ciphertext encrypting the
+ * transfer amount under that key.
+ */
+struct ConfidentialRecipient
+{
+    Slice publicKey;        ///< The recipient's ElGamal public key (64 bytes).
+    Slice encryptedAmount;  ///< The encrypted amount ciphertext (128 bytes).
+};
+
+/// Holds two secp256k1 public key components representing an ElGamal ciphertext (C1, C2).
+struct EcPair
+{
+    secp256k1_pubkey c1;
+    secp256k1_pubkey c2;
+};
+
+/**
+ * @brief Increments the confidential balance version counter on an MPToken.
+ *
+ * The version counter is used to prevent replay attacks by binding proofs
+ * to a specific state of the account's confidential balance. Wraps to 0
+ * on overflow (defined behavior for unsigned integers).
+ *
+ * @param mptoken The MPToken ledger entry to update.
+ */
+inline void
+incrementConfidentialVersion(STObject& mptoken)
+{
+    // Retrieve current version and increment.
+    // Unsigned integer overflow is defined behavior in C++ (wraps to 0),
+    // which is acceptable here.
+    mptoken[sfConfidentialBalanceVersion] =
+        mptoken[~sfConfidentialBalanceVersion].value_or(0u) + 1u;
+}
+
+/**
+ * @brief Adds common fields to a serializer for ZKP context hash generation.
+ *
+ * Serializes the transaction type, account, issuance ID and sequence/ticket number
+ * into the provided serializer. These fields form the base of all context
+ * hashes used in zero-knowledge proofs.
+ *
+ * @param s          The serializer to append fields to.
+ * @param txType     The transaction type identifier.
+ * @param account    The account ID of the transaction sender.
+ * @param issuanceID The MPToken Issuance ID.
+ * @param sequence   The transaction sequence number or ticket number.
+ */
+void
+addCommonZKPFields(
+    Serializer& s,
+    std::uint16_t txType,
+    AccountID const& account,
+    std::uint32_t sequence,
+    uint192 const& issuanceID);
+
+/**
+ * @brief Generates the context hash for ConfidentialMPTSend transactions.
+ *
+ * Creates a unique 256-bit hash that binds the zero-knowledge proofs to
+ * this specific send transaction, preventing proof reuse across transactions.
+ *
+ * @param account     The sender's account ID.
+ * @param issuanceID  The MPToken Issuance ID.
+ * @param sequence    The transaction sequence number or ticket number.
+ * @param destination The destination account ID.
+ * @param version     The sender's confidential balance version.
+ * @return A 256-bit context hash unique to this transaction.
+ */
+uint256
+getSendContextHash(
+    AccountID const& account,
+    uint192 const& issuanceID,
+    std::uint32_t sequence,
+    AccountID const& destination,
+    std::uint32_t version);
+
+/**
+ * @brief Generates the context hash for ConfidentialMPTClawback transactions.
+ *
+ * Creates a unique 256-bit hash that binds the equality proof to this
+ * specific clawback transaction.
+ *
+ * @param account    The issuer's account ID.
+ * @param issuanceID The MPToken Issuance ID.
+ * @param sequence   The transaction sequence number or ticket number.
+ * @param holder     The holder's account ID being clawed back from.
+ * @return A 256-bit context hash unique to this transaction.
+ */
+uint256
+getClawbackContextHash(
+    AccountID const& account,
+    uint192 const& issuanceID,
+    std::uint32_t sequence,
+    AccountID const& holder);
+
+/**
+ * @brief Generates the context hash for ConfidentialMPTConvert transactions.
+ *
+ * Creates a unique 256-bit hash that binds the Schnorr proof (for key
+ * registration) to this specific convert transaction.
+ *
+ * @param account    The holder's account ID.
+ * @param issuanceID The MPToken Issuance ID.
+ * @param sequence   The transaction sequence number or a ticket number.
+ * @return A 256-bit context hash unique to this transaction.
+ */
+uint256
+getConvertContextHash(AccountID const& account, uint192 const& issuanceID, std::uint32_t sequence);
+
+/**
+ * @brief Generates the context hash for ConfidentialMPTConvertBack transactions.
+ *
+ * Creates a unique 256-bit hash that binds the zero-knowledge proofs to
+ * this specific convert-back transaction.
+ *
+ * @param account    The holder's account ID.
+ * @param issuanceID The MPToken Issuance ID.
+ * @param sequence   The transaction sequence number or a ticket number.
+ * @param version    The holder's confidential balance version.
+ * @return A 256-bit context hash unique to this transaction.
+ */
+uint256
+getConvertBackContextHash(
+    AccountID const& account,
+    uint192 const& issuanceID,
+    std::uint32_t sequence,
+    std::uint32_t version);
+
+/**
+ * @brief Parses an ElGamal ciphertext into two secp256k1 public key components.
+ *
+ * Breaks a 66-byte encrypted amount (two 33-byte compressed EC points) into
+ * a pair containing (C1, C2) for use in cryptographic operations.
+ *
+ * @param buffer The 66-byte buffer containing the compressed ciphertext.
+ * @return The parsed pair (c1, c2) if successful, std::nullopt if the buffer is invalid.
+ */
+std::optional<EcPair>
+makeEcPair(Slice const& buffer);
+
+/**
+ * @brief Serializes an EcPair into compressed form.
+ *
+ * Converts an EcPair (C1, C2) back into a 66-byte buffer containing
+ * two 33-byte compressed EC points.
+ *
+ * @param pair The EcPair to serialize.
+ * @return The 66-byte buffer, or std::nullopt if serialization fails.
+ */
+std::optional<Buffer>
+serializeEcPair(EcPair const& pair);
+
+/**
+ * @brief Verifies that a buffer contains two valid, parsable EC public keys.
+ *
+ * @param buffer The input buffer containing two concatenated components.
+ * @return true if both components can be parsed successfully, false otherwise.
+ */
+bool
+isValidCiphertext(Slice const& buffer);
+
+/**
+ * @brief Verifies that a buffer contains a valid, parsable compressed EC point.
+ *
+ * Can be used to validate both compressed public keys and Pedersen commitments.
+ * Fails early if the prefix byte is not 0x02 or 0x03.
+ *
+ * @param buffer The input buffer containing a compressed EC point (33 bytes).
+ * @return true if the point can be parsed successfully, false otherwise.
+ */
+bool
+isValidCompressedECPoint(Slice const& buffer);
+
+/**
+ * @brief Homomorphically adds two ElGamal ciphertexts.
+ *
+ * Uses the additive homomorphic property of ElGamal encryption to compute
+ * Enc(a + b) from Enc(a) and Enc(b) without decryption.
+ *
+ * @param a The first ciphertext (66 bytes).
+ * @param b The second ciphertext (66 bytes).
+ * @return The resulting ciphertext Enc(a + b), or std::nullopt on failure.
+ */
+std::optional<Buffer>
+homomorphicAdd(Slice const& a, Slice const& b);
+
+/**
+ * @brief Homomorphically subtracts two ElGamal ciphertexts.
+ *
+ * Uses the additive homomorphic property of ElGamal encryption to compute
+ * Enc(a - b) from Enc(a) and Enc(b) without decryption.
+ *
+ * @param a The minuend ciphertext (66 bytes).
+ * @param b The subtrahend ciphertext (66 bytes).
+ * @return The resulting ciphertext Enc(a - b), or std::nullopt on failure.
+ */
+std::optional<Buffer>
+homomorphicSubtract(Slice const& a, Slice const& b);
+
+/**
+ * @brief Encrypts an amount using ElGamal encryption.
+ *
+ * Produces a ciphertext C = (C1, C2) where C1 = r*G and C2 = m*G + r*Pk,
+ * using the provided blinding factor r.
+ *
+ * @param amt            The plaintext amount to encrypt.
+ * @param pubKeySlice    The recipient's ElGamal public key (64 bytes).
+ * @param blindingFactor The 32-byte randomness used as blinding factor r.
+ * @return The 66-byte ciphertext, or std::nullopt on failure.
+ */
+std::optional<Buffer>
+encryptAmount(uint64_t const amt, Slice const& pubKeySlice, Slice const& blindingFactor);
+
+/**
+ * @brief Generates the canonical zero encryption for a specific MPToken.
+ *
+ * Creates a deterministic encryption of zero that is unique to the account
+ * and MPT issuance. Used to initialize confidential balance fields.
+ *
+ * @param pubKeySlice The holder's ElGamal public key (64 bytes).
+ * @param account     The account ID of the token holder.
+ * @param mptId       The MPToken Issuance ID.
+ * @return The 66-byte canonical zero ciphertext, or std::nullopt on failure.
+ */
+std::optional<Buffer>
+encryptCanonicalZeroAmount(Slice const& pubKeySlice, AccountID const& account, MPTID const& mptId);
+
+/**
+ * @brief Verifies a Schnorr proof of knowledge of an ElGamal private key.
+ *
+ * Proves that the submitter knows the secret key corresponding to the
+ * provided public key, without revealing the secret key itself.
+ *
+ * @param pubKeySlice The ElGamal public key (64 bytes).
+ * @param proofSlice  The Schnorr proof (65 bytes).
+ * @param contextHash The 256-bit context hash binding the proof.
+ * @return tesSUCCESS if valid, or an error code otherwise.
+ */
+TER
+verifySchnorrProof(Slice const& pubKeySlice, Slice const& proofSlice, uint256 const& contextHash);
+
+/**
+ * @brief Verifies that a ciphertext correctly encrypts a revealed amount.
+ *
+ * Given the plaintext amount and blinding factor, verifies that the
+ * ciphertext was correctly constructed using ElGamal encryption.
+ *
+ * @param amount         The revealed plaintext amount.
+ * @param blindingFactor The 32-byte blinding factor used in encryption.
+ * @param pubKeySlice    The recipient's ElGamal public key (64 bytes).
+ * @param ciphertext     The ciphertext to verify (66 bytes).
+ * @return tesSUCCESS if the encryption is valid, or an error code otherwise.
+ */
+TER
+verifyElGamalEncryption(
+    uint64_t const amount,
+    Slice const& blindingFactor,
+    Slice const& pubKeySlice,
+    Slice const& ciphertext);
+
+/**
+ * @brief Validates the format of encrypted amount fields in a transaction.
+ *
+ * Checks that all ciphertext fields in the transaction object have the
+ * correct length and contain valid EC points. This function is only used
+ * by ConfidentialMPTConvert and ConfidentialMPTConvertBack transactions.
+ *
+ * @param object The transaction object containing encrypted amount fields.
+ * @return tesSUCCESS if all formats are valid, temMALFORMED if required fields
+ *         are missing, or temBAD_CIPHERTEXT if format validation fails.
+ */
+NotTEC
+checkEncryptedAmountFormat(STObject const& object);
+
+/**
+ * @brief Verifies revealed amount encryptions for all recipients.
+ *
+ * Validates that the same amount was correctly encrypted for the holder,
+ * issuer, and optionally the auditor using their respective public keys.
+ *
+ * @param amount         The revealed plaintext amount.
+ * @param blindingFactor The 32-byte blinding factor used in all encryptions.
+ * @param holder         The holder's public key and encrypted amount.
+ * @param issuer         The issuer's public key and encrypted amount.
+ * @param auditor        Optional auditor's public key and encrypted amount.
+ * @return tesSUCCESS if all encryptions are valid, or an error code otherwise.
+ */
+TER
+verifyRevealedAmount(
+    uint64_t const amount,
+    Slice const& blindingFactor,
+    ConfidentialRecipient const& holder,
+    ConfidentialRecipient const& issuer,
+    std::optional<ConfidentialRecipient> const& auditor);
+
+/**
+ * @brief Returns the number of recipients in a confidential transfer.
+ *
+ * Returns 4 if an auditor is present (sender, destination, issuer, auditor),
+ * or 3 if no auditor (sender, destination, issuer).
+ *
+ * @param hasAuditor Whether the issuance has an auditor configured.
+ * @return The number of recipients (3 or 4).
+ */
+constexpr std::size_t
+getConfidentialRecipientCount(bool hasAuditor)
+{
+    return hasAuditor ? 4 : 3;
+}
+
+/**
+ * @brief Verifies a multi-ciphertext equality proof.
+ *
+ * Proves that all ciphertexts in the recipients vector encrypt the same
+ * plaintext amount, without revealing the amount itself.
+ *
+ * @param proof       The zero-knowledge proof bytes.
+ * @param recipients  Vector of recipients with their public keys and ciphertexts.
+ * @param nRecipients The number of recipients (must match recipients.size()).
+ * @param contextHash The 256-bit context hash binding the proof.
+ * @return tesSUCCESS if the proof is valid, or an error code otherwise.
+ */
+TER
+verifyMultiCiphertextEqualityProof(
+    Slice const& proof,
+    std::vector<ConfidentialRecipient> const& recipients,
+    std::size_t const nRecipients,
+    uint256 const& contextHash);
+
+/**
+ * @brief Verifies a clawback equality proof.
+ *
+ * Proves that the issuer knows the exact amount encrypted in the holder's
+ * balance ciphertext. Used in ConfidentialMPTClawback to verify the issuer
+ * can decrypt the balance using their private key.
+ *
+ * @param amount      The revealed plaintext amount.
+ * @param proof       The zero-knowledge proof bytes.
+ * @param pubKeySlice The issuer's ElGamal public key (64 bytes).
+ * @param ciphertext  The issuer's encrypted balance on the holder's account (66 bytes).
+ * @param contextHash The 256-bit context hash binding the proof.
+ * @return tesSUCCESS if the proof is valid, or an error code otherwise.
+ */
+TER
+verifyClawbackEqualityProof(
+    uint64_t const amount,
+    Slice const& proof,
+    Slice const& pubKeySlice,
+    Slice const& ciphertext,
+    uint256 const& contextHash);
+
+/**
+ * @brief Generates a cryptographically secure 32-byte blinding factor.
+ *
+ * Produces random bytes suitable for use as an ElGamal blinding factor
+ * or Pedersen commitment randomness.
+ *
+ * @return A 32-byte buffer containing the random blinding factor.
+ */
+Buffer
+generateBlindingFactor();
+
+/**
+ * @brief Verifies the cryptographic link between an ElGamal Ciphertext and a
+ * Pedersen Commitment for a transaction Amount.
+ *
+ * It proves that the ElGamal ciphertext `encAmt` encrypts the same value `m`
+ * as the Pedersen Commitment `pcmSlice`, using the randomness `r`.
+ * Proves Enc(m) <-> Pcm(m)
+ *
+ * @param proof       The Zero Knowledge Proof bytes.
+ * @param encAmt      The ElGamal ciphertext of the amount (C1, C2).
+ * @param pubKeySlice The sender's public key.
+ * @param pcmSlice    The Pedersen Commitment to the amount.
+ * @param contextHash The unique context hash for this transaction.
+ * @return tesSUCCESS if the proof is valid, or an error code otherwise.
+ */
+TER
+verifyAmountPcmLinkage(
+    Slice const& proof,
+    Slice const& encAmt,
+    Slice const& pubKeySlice,
+    Slice const& pcmSlice,
+    uint256 const& contextHash);
+
+/**
+ * @brief Verifies the cryptographic link between an ElGamal Ciphertext and a
+ * Pedersen Commitment for an account Balance.
+ *
+ * It proves that the ElGamal ciphertext `encAmt` encrypts the same value `b`
+ * as the Pedersen Commitment `pcmSlice`, using the secret key `s`.
+ * Proves Enc(b) <-> Pcm(b)
+ *
+ * Note: Swaps arguments (Pk <-> C1) to accommodate the different algebraic
+ * structure.
+ *
+ * @param proof       The Zero Knowledge Proof bytes.
+ * @param encAmt      The ElGamal ciphertext of the balance (C1, C2).
+ * @param pubKeySlice The sender's public key.
+ * @param pcmSlice    The Pedersen Commitment to the balance.
+ * @param contextHash The unique context hash for this transaction.
+ * @return tesSUCCESS if the proof is valid, or an error code otherwise.
+ */
+TER
+verifyBalancePcmLinkage(
+    Slice const& proof,
+    Slice const& encAmt,
+    Slice const& pubKeySlice,
+    Slice const& pcmSlice,
+    uint256 const& contextHash);
+
+/**
+ * @brief Verifies an aggregated Bulletproof range proof.
+ *
+ * This function verifies that all commitments in commitment_C_vec commit
+ * to values within the valid 64-bit range [0, 2^64 - 1].
+ *
+ * @param proof       The serialized Bulletproof proof.
+ * @param compressedCommitments Vector of compressed Pedersen commitments (each 33 bytes).
+ * @param contextHash The unique context hash for this transaction.
+ * @return tesSUCCESS if the proof is valid, tecBAD_PROOF if verification
+ *         fails, or tecINTERNAL for internal errors.
+ */
+TER
+verifyAggregatedBulletproof(
+    Slice const& proof,
+    std::vector<Slice> const& compressedCommitments,
+    uint256 const& contextHash);
+
+/**
+ * @brief Computes the remainder commitment for ConfidentialMPTSend.
+ *
+ * Given a balance commitment PC_bal = m_bal*G + rho_bal*H and an amount
+ * commitment PC_amt = m_amt*G + rho_amt*H, this function computes:
+ * PC_rem = PC_bal - PC_amt = (m_bal - m_amt)*G + (rho_bal - rho_amt)*H
+ *
+ * This derived commitment is used in an aggregated range proof to ensure
+ * the sender maintains a non-negative balance (m_bal - m_amt >= 0).
+ *
+ * @param balanceCommitment The compressed Pedersen commitment to the balance (33 bytes).
+ * @param amountCommitment  The compressed Pedersen commitment to the amount (33 bytes).
+ * @param out               Output buffer for the resulting remainder commitment (33 bytes).
+ * @return tesSUCCESS on success, tecINTERNAL on failure.
+ */
+TER
+computeSendRemainder(Slice const& balanceCommitment, Slice const& amountCommitment, Buffer& out);
+
+/**
+ * @brief Computes the remainder commitment for ConvertBack.
+ *
+ * Given a Pedersen commitment PC = m*G + rho*H, this function computes
+ * PC_rem = PC - amount*G = (m - amount)*G + rho*H
+ *
+ * @param commitment The compressed Pedersen commitment (33 bytes).
+ * @param amount     The amount to subtract (must be non-zero).
+ * @param out        Output buffer for the resulting commitment (33 bytes).
+ * @return tesSUCCESS on success, tecINTERNAL on failure or if amount is 0.
+ */
+TER
+computeConvertBackRemainder(Slice const& commitment, uint64_t amount, Buffer& out);
+}  // namespace xrpl

include/xrpl/protocol/Feature.h

@@ -64,49 +64,6 @@
 
 namespace xrpl {
 
-// Feature names must not exceed this length (in characters, excluding the null terminator).
-static constexpr std::size_t maxFeatureNameSize = 63;
-// Reserve this exact feature-name length (in characters/bytes, excluding the null terminator)
-// so that a 32-byte uint256 (for example, in WASM or other interop contexts) can be used
-// as a compact, fixed-size feature selector without conflicting with human-readable names.
-static constexpr std::size_t reservedFeatureNameSize = 32;
-
-// Both validFeatureNameSize and validFeatureName are consteval functions that can be used in
-// static_asserts to validate feature names at compile time. They are only used inside
-// enforceValidFeatureName in Feature.cpp, but are exposed here for testing. The expected
-// parameter `auto fn` is a constexpr lambda which returns a const char*, making it available
-// for compile-time evaluation. Read more in https://accu.org/journals/overload/30/172/wu/
-consteval auto
-validFeatureNameSize(auto fn) -> bool
-{
-    constexpr char const* n = fn();
-    // Note, std::strlen is not constexpr, we need to implement our own here.
-    constexpr std::size_t N = [](auto n) {
-        std::size_t ret = 0;
-        for (auto ptr = n; *ptr != '\0'; ret++, ++ptr)
-            ;
-        return ret;
-    }(n);
-    return N != reservedFeatureNameSize &&  //
-        N <= maxFeatureNameSize;
-}
-
-consteval auto
-validFeatureName(auto fn) -> bool
-{
-    constexpr char const* n = fn();
-    // Prevent the use of visually confusable characters and enforce that feature names
-    // are always valid ASCII. This is needed because C++ allows Unicode identifiers.
-    // Characters below 0x20 are nonprintable control characters, and characters with the 0x80 bit
-    // set are non-ASCII (e.g. UTF-8 encoding of Unicode), so both are disallowed.
-    for (auto ptr = n; *ptr != '\0'; ++ptr)
-    {
-        if (*ptr & 0x80 || *ptr < 0x20)
-            return false;
-    }
-    return true;
-}
-
 enum class VoteBehavior : int { Obsolete = -1, DefaultNo = 0, DefaultYes };
 enum class AmendmentSupport : int { Retired = -1, Supported = 0, Unsupported };
 

include/xrpl/protocol/Fees.h

@@ -4,10 +4,6 @@
 
 namespace xrpl {
 
-// Deprecated constant for backwards compatibility with pre-XRPFees amendment.
-// This was the reference fee units used in the old fee calculation.
-inline constexpr std::uint32_t FEE_UNITS_DEPRECATED = 10;
-
 /** Reflects the fee settings for a particular ledger.
 
     The fees are always the same for any transactions applied
@@ -15,25 +11,15 @@ inline constexpr std::uint32_t FEE_UNITS_DEPRECATED = 10;
 */
 struct Fees
 {
-    /** @brief Cost of a reference transaction in drops. */
-    XRPAmount base{0};
-
-    /** @brief Minimum XRP an account must hold to exist on the ledger. */
-    XRPAmount reserve{0};
-
-    /** @brief Additional XRP reserve required per owned ledger object. */
-    XRPAmount increment{0};
+    XRPAmount base{0};       // Reference tx cost (drops)
+    XRPAmount reserve{0};    // Reserve base (drops)
+    XRPAmount increment{0};  // Reserve increment (drops)
 
     explicit Fees() = default;
     Fees(Fees const&) = default;
     Fees&
     operator=(Fees const&) = default;
 
-    Fees(XRPAmount base_, XRPAmount reserve_, XRPAmount increment_)
-        : base(base_), reserve(reserve_), increment(increment_)
-    {
-    }
-
     /** Returns the account reserve given the owner count, in drops.
 
         The reserve is calculated as the reserve base plus

include/xrpl/protocol/LedgerFormats.h

@@ -173,7 +173,8 @@ enum LedgerEntryType : std::uint16_t {
         LSF_FLAG(lsfMPTCanEscrow, 0x00000008)                                                                                      \
         LSF_FLAG(lsfMPTCanTrade, 0x00000010)                                                                                       \
         LSF_FLAG(lsfMPTCanTransfer, 0x00000020)                                                                                    \
-        LSF_FLAG(lsfMPTCanClawback, 0x00000040))                                                                                   \
+        LSF_FLAG(lsfMPTCanClawback, 0x00000040)                                                                                    \
+        LSF_FLAG(lsfMPTCanConfidentialAmount, 0x00000080))                                                                                    \
                                                                                                                                    \
     LEDGER_OBJECT(MPTokenIssuanceMutable,                                                                                          \
         LSF_FLAG(lsmfMPTCanMutateCanLock, 0x00000002)                                                                              \
@@ -183,7 +184,8 @@ enum LedgerEntryType : std::uint16_t {
         LSF_FLAG(lsmfMPTCanMutateCanTransfer, 0x00000020)                                                                          \
         LSF_FLAG(lsmfMPTCanMutateCanClawback, 0x00000040)                                                                          \
         LSF_FLAG(lsmfMPTCanMutateMetadata, 0x00010000)                                                                             \
-        LSF_FLAG(lsmfMPTCanMutateTransferFee, 0x00020000))                                                                         \
+        LSF_FLAG(lsmfMPTCanMutateTransferFee, 0x00020000)                                                                          \
+        LSF_FLAG(lsmfMPTCannotMutateCanConfidentialAmount, 0x00040000))                                                                          \
                                                                                                                                    \
     LEDGER_OBJECT(MPToken,                                                                                                         \
         LSF_FLAG2(lsfMPTLocked, 0x00000001)                                                                                        \

include/xrpl/protocol/LedgerHeader.h

@@ -72,8 +72,4 @@ deserializeHeader(Slice data, bool hasHash = false);
 LedgerHeader
 deserializePrefixedHeader(Slice data, bool hasHash = false);
 
-/** Calculate the hash of a ledger header. */
-uint256
-calculateLedgerHash(LedgerHeader const& info);
-
 }  // namespace xrpl

include/xrpl/protocol/Permissions.h

@@ -65,19 +65,19 @@ public:
     std::optional<TxType>
     getGranularTxType(GranularPermissionType const& gpType) const;
 
-    std::optional<std::reference_wrapper<uint256 const>>
+    std::optional<std::reference_wrapper<uint256 const>> const
     getTxFeature(TxType txType) const;
 
     bool
     isDelegable(std::uint32_t const& permissionValue, Rules const& rules) const;
 
     // for tx level permission, permission value is equal to tx type plus one
-    static uint32_t
-    txToPermissionType(TxType const& type);
+    uint32_t
+    txToPermissionType(TxType const& type) const;
 
     // tx type value is permission value minus one
-    static TxType
-    permissionToTxType(uint32_t const& value);
+    TxType
+    permissionToTxType(uint32_t const& value) const;
 };
 
 }  // namespace xrpl

include/xrpl/protocol/Protocol.h

@@ -209,7 +209,7 @@ std::size_t constexpr maxDIDDocumentLength = 256;
 std::size_t constexpr maxDIDURILength = 256;
 
 /** The maximum length of an Attestation inside a DID */
-std::size_t constexpr maxDIDDataLength = 256;
+std::size_t constexpr maxDIDAttestationLength = 256;
 
 /** The maximum length of a domain */
 std::size_t constexpr maxDomainLength = 256;
@@ -307,4 +307,49 @@ std::size_t constexpr permissionMaxSize = 10;
 /** The maximum number of transactions that can be in a batch. */
 std::size_t constexpr maxBatchTxCount = 8;
 
+/** EC ElGamal ciphertext length 33-byte */
+std::size_t constexpr ecGamalEncryptedLength = 33;
+
+/** EC ElGamal ciphertext length: two 33-byte components concatenated */
+std::size_t constexpr ecGamalEncryptedTotalLength = ecGamalEncryptedLength * 2;
+
+/** Length of equality ZKProof in bytes */
+std::size_t constexpr ecEqualityProofLength = 98;
+
+/** Length of EC point (compressed) */
+std::size_t constexpr compressedECPointLength = 33;
+
+/** Length of EC public key (compressed) */
+std::size_t constexpr ecPubKeyLength = compressedECPointLength;
+
+/** Length of EC private key in bytes */
+std::size_t constexpr ecPrivKeyLength = 32;
+
+/** Length of the EC blinding factor in bytes */
+std::size_t constexpr ecBlindingFactorLength = 32;
+
+/** Length of Schnorr ZKProof for public key registration in bytes */
+std::size_t constexpr ecSchnorrProofLength = 65;
+
+/** Length of ElGamal ciphertext equality proof in bytes */
+std::size_t constexpr ecCiphertextEqualityProofLength = 261;
+
+/** Length of ElGamal Pedersen linkage proof in bytes */
+std::size_t constexpr ecPedersenProofLength = 195;
+
+/** Length of Pedersen Commitment (compressed) */
+std::size_t constexpr ecPedersenCommitmentLength = compressedECPointLength;
+
+/** Length of single bulletproof (range proof for 1 commitment) in bytes */
+std::size_t constexpr ecSingleBulletproofLength = 688;
+
+/** Length of double bulletproof (range proof for 2 commitments) in bytes */
+std::size_t constexpr ecDoubleBulletproofLength = 754;
+
+/** Compressed EC point prefix for even y-coordinate */
+static constexpr std::uint8_t ecCompressedPrefixEvenY = 0x02;
+
+/** Compressed EC point prefix for odd y-coordinate */
+static constexpr std::uint8_t ecCompressedPrefixOddY = 0x03;
+
 }  // namespace xrpl

include/xrpl/protocol/PublicKey.h

@@ -44,7 +44,7 @@ protected:
     // All the constructed public keys are valid, non-empty and contain 33
     // bytes of data.
     static constexpr std::size_t size_ = 33;
-    std::uint8_t buf_[size_]{};  // should be large enough
+    std::uint8_t buf_[size_];  // should be large enough
 
 public:
     using const_iterator = std::uint8_t const*;

include/xrpl/protocol/STAccount.h

@@ -24,7 +24,7 @@ public:
     STAccount();
 
     STAccount(SField const& n);
-    STAccount(SField const& n, Buffer const& v);
+    STAccount(SField const& n, Buffer&& v);
     STAccount(SerialIter& sit, SField const& name);
     STAccount(SField const& n, AccountID const& v);
 

include/xrpl/protocol/STObject.h

@@ -57,7 +57,7 @@ class STObject : public STBase, public CountedObject<STObject>
     using list_type = std::vector<detail::STVar>;
 
     list_type v_;
-    SOTemplate const* mType{};
+    SOTemplate const* mType;
 
 public:
     using iterator = boost::transform_iterator<Transform, STObject::list_type::const_iterator>;
@@ -401,7 +401,7 @@ public:
     getStyle(SField const& field) const;
 
     bool
-    hasMatchingEntry(STBase const&) const;
+    hasMatchingEntry(STBase const&);
 
     bool
     operator==(STObject const& o) const;

include/xrpl/protocol/STTx.h

@@ -15,7 +15,7 @@
 
 namespace xrpl {
 
-enum class TxnSql : char {
+enum TxnSql : char {
     txnSqlNew = 'N',
     txnSqlConflict = 'C',
     txnSqlHeld = 'H',
@@ -83,9 +83,6 @@ public:
     std::uint32_t
     getSeqValue() const;
 
-    AccountID
-    getFeePayer() const;
-
     boost::container::flat_set<AccountID>
     getMentionedAccounts() const;
 
@@ -125,7 +122,7 @@ public:
     getMetaSQL(
         Serializer rawTxn,
         std::uint32_t inLedger,
-        TxnSql status,
+        char status,
         std::string const& escapedMetaData) const;
 
     std::vector<uint256> const&

include/xrpl/protocol/SecretKey.h

@@ -16,11 +16,8 @@ namespace xrpl {
 /** A secret key. */
 class SecretKey
 {
-public:
-    static constexpr std::size_t size_ = 32;
-
 private:
-    std::uint8_t buf_[size_]{};
+    std::uint8_t buf_[32];
 
 public:
     using const_iterator = std::uint8_t const*;
@@ -30,14 +27,9 @@ public:
     SecretKey&
     operator=(SecretKey const&) = default;
 
-    bool
-    operator==(SecretKey const&) = delete;
-    bool
-    operator!=(SecretKey const&) = delete;
-
     ~SecretKey();
 
-    SecretKey(std::array<std::uint8_t, size_> const& data);
+    SecretKey(std::array<std::uint8_t, 32> const& data);
     SecretKey(Slice const& slice);
 
     std::uint8_t const*
@@ -86,10 +78,16 @@ public:
 };
 
 inline bool
-operator==(SecretKey const& lhs, SecretKey const& rhs) = delete;
+operator==(SecretKey const& lhs, SecretKey const& rhs)
+{
+    return lhs.size() == rhs.size() && std::memcmp(lhs.data(), rhs.data(), rhs.size()) == 0;
+}
 
 inline bool
-operator!=(SecretKey const& lhs, SecretKey const& rhs) = delete;
+operator!=(SecretKey const& lhs, SecretKey const& rhs)
+{
+    return !(lhs == rhs);
+}
 
 //------------------------------------------------------------------------------
 

include/xrpl/protocol/Seed.h

@@ -13,7 +13,7 @@ namespace xrpl {
 class Seed
 {
 private:
-    std::array<uint8_t, 16> buf_{};
+    std::array<uint8_t, 16> buf_;
 
 public:
     using const_iterator = std::array<uint8_t, 16>::const_iterator;

include/xrpl/protocol/Serializer.h

@@ -336,7 +336,7 @@ public:
         static_assert(N > 0, "");
     }
 
-    [[nodiscard]] bool
+    std::size_t
     empty() const noexcept
     {
         return remain_ == 0;

include/xrpl/protocol/SystemParameters.h

@@ -14,7 +14,7 @@ namespace xrpl {
 static inline std::string const&
 systemName()
 {
-    static std::string const name = "xrpld";
+    static std::string const name = "ripple";
     return name;
 }
 

include/xrpl/protocol/TER.h

@@ -121,6 +121,7 @@ enum TEMcodes : TERUnderlyingType {
     temARRAY_TOO_LARGE,
     temBAD_TRANSFER_FEE,
     temINVALID_INNER_BATCH,
+    temBAD_CIPHERTEXT,
 };
 
 //------------------------------------------------------------------------------
@@ -346,6 +347,7 @@ enum TECcodes : TERUnderlyingType {
     // backward compatibility with historical data on non-prod networks, can be
     // reclaimed after those networks reset.
     tecNO_DELEGATE_PERMISSION = 198,
+    tecBAD_PROOF = 199,
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/TxFlags.h

@@ -138,7 +138,8 @@ inline constexpr FlagValue tfUniversalMask = ~tfUniversal;
         TF_FLAG(tfMPTCanEscrow, lsfMPTCanEscrow)                                                                                                               \
         TF_FLAG(tfMPTCanTrade, lsfMPTCanTrade)                                                                                                                 \
         TF_FLAG(tfMPTCanTransfer, lsfMPTCanTransfer)                                                                                                           \
-        TF_FLAG(tfMPTCanClawback, lsfMPTCanClawback),                                                                                                          \
+        TF_FLAG(tfMPTCanClawback, lsfMPTCanClawback)                                                                                                           \
+        TF_FLAG(tfMPTCanConfidentialAmount, lsfMPTCanConfidentialAmount),                                                                                                            \
         MASK_ADJ(0))                                                                                                                                           \
                                                                                                                                                                \
     TRANSACTION(MPTokenAuthorize,                                                                                                                              \
@@ -347,10 +348,12 @@ inline constexpr FlagValue tmfMPTCanMutateCanTransfer = lsmfMPTCanMutateCanTrans
 inline constexpr FlagValue tmfMPTCanMutateCanClawback = lsmfMPTCanMutateCanClawback;
 inline constexpr FlagValue tmfMPTCanMutateMetadata = lsmfMPTCanMutateMetadata;
 inline constexpr FlagValue tmfMPTCanMutateTransferFee = lsmfMPTCanMutateTransferFee;
-inline constexpr FlagValue tmfMPTokenIssuanceCreateMutableMask =
-    ~(tmfMPTCanMutateCanLock | tmfMPTCanMutateRequireAuth | tmfMPTCanMutateCanEscrow |
-      tmfMPTCanMutateCanTrade | tmfMPTCanMutateCanTransfer | tmfMPTCanMutateCanClawback |
-      tmfMPTCanMutateMetadata | tmfMPTCanMutateTransferFee);
+inline constexpr FlagValue tmfMPTCannotMutateCanConfidentialAmount =
+    lsmfMPTCannotMutateCanConfidentialAmount;
+inline constexpr FlagValue tmfMPTokenIssuanceCreateMutableMask = ~(
+    tmfMPTCanMutateCanLock | tmfMPTCanMutateRequireAuth | tmfMPTCanMutateCanEscrow |
+    tmfMPTCanMutateCanTrade | tmfMPTCanMutateCanTransfer | tmfMPTCanMutateCanClawback |
+    tmfMPTCanMutateMetadata | tmfMPTCanMutateTransferFee | tmfMPTCannotMutateCanConfidentialAmount);
 
 // MPTokenIssuanceSet MutableFlags:
 // Set or Clear flags.
@@ -367,10 +370,13 @@ inline constexpr FlagValue tmfMPTSetCanTransfer = 0x00000100;
 inline constexpr FlagValue tmfMPTClearCanTransfer = 0x00000200;
 inline constexpr FlagValue tmfMPTSetCanClawback = 0x00000400;
 inline constexpr FlagValue tmfMPTClearCanClawback = 0x00000800;
-inline constexpr FlagValue tmfMPTokenIssuanceSetMutableMask = ~(
-    tmfMPTSetCanLock | tmfMPTClearCanLock | tmfMPTSetRequireAuth | tmfMPTClearRequireAuth |
-    tmfMPTSetCanEscrow | tmfMPTClearCanEscrow | tmfMPTSetCanTrade | tmfMPTClearCanTrade |
-    tmfMPTSetCanTransfer | tmfMPTClearCanTransfer | tmfMPTSetCanClawback | tmfMPTClearCanClawback);
+inline constexpr FlagValue tmfMPTSetCanConfidentialAmount = 0x00001000;
+inline constexpr FlagValue tmfMPTClearCanConfidentialAmount = 0x00002000;
+inline constexpr FlagValue tmfMPTokenIssuanceSetMutableMask =
+    ~(tmfMPTSetCanLock | tmfMPTClearCanLock | tmfMPTSetRequireAuth | tmfMPTClearRequireAuth |
+      tmfMPTSetCanEscrow | tmfMPTClearCanEscrow | tmfMPTSetCanTrade | tmfMPTClearCanTrade |
+      tmfMPTSetCanTransfer | tmfMPTClearCanTransfer | tmfMPTSetCanClawback |
+      tmfMPTClearCanClawback | tmfMPTSetCanConfidentialAmount | tmfMPTClearCanConfidentialAmount);
 
 // Prior to fixRemoveNFTokenAutoTrustLine, transfer of an NFToken between accounts allowed a
 // TrustLine to be added to the issuer of that token without explicit permission from that issuer.

include/xrpl/protocol/detail/STVar.h

@@ -44,7 +44,7 @@ private:
     // The largest "small object" we can accommodate
     static std::size_t constexpr max_size = 72;
 
-    std::aligned_storage<max_size>::type d_ = {};
+    std::aligned_storage<max_size>::type d_;
     STBase* p_ = nullptr;
 
 public:

include/xrpl/protocol/detail/features.macro

@@ -15,8 +15,7 @@
 
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
-
-XRPL_FIX   (Security3_1_3,               Supported::no, VoteBehavior::DefaultNo)
+XRPL_FEATURE(ConfidentialTransfer,       Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX   (PermissionedDomainInvariant, Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (ExpiredNFTokenOfferRemoval, Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (BatchInnerSigs,             Supported::no, VoteBehavior::DefaultNo)

include/xrpl/protocol/detail/ledger_entries.macro

@@ -385,32 +385,41 @@ LEDGER_ENTRY(ltAMM, 0x0079, AMM, amm, ({
     \sa keylet::mptIssuance
  */
 LEDGER_ENTRY(ltMPTOKEN_ISSUANCE, 0x007e, MPTokenIssuance, mpt_issuance, ({
-    {sfIssuer,                   soeREQUIRED},
-    {sfSequence,                 soeREQUIRED},
-    {sfTransferFee,              soeDEFAULT},
-    {sfOwnerNode,                soeREQUIRED},
-    {sfAssetScale,               soeDEFAULT},
-    {sfMaximumAmount,            soeOPTIONAL},
-    {sfOutstandingAmount,        soeREQUIRED},
-    {sfLockedAmount,             soeOPTIONAL},
-    {sfMPTokenMetadata,          soeOPTIONAL},
-    {sfPreviousTxnID,            soeREQUIRED},
-    {sfPreviousTxnLgrSeq,        soeREQUIRED},
-    {sfDomainID,                 soeOPTIONAL},
-    {sfMutableFlags,             soeDEFAULT},
+    {sfIssuer,                        soeREQUIRED},
+    {sfSequence,                      soeREQUIRED},
+    {sfTransferFee,                   soeDEFAULT},
+    {sfOwnerNode,                     soeREQUIRED},
+    {sfAssetScale,                    soeDEFAULT},
+    {sfMaximumAmount,                 soeOPTIONAL},
+    {sfOutstandingAmount,             soeREQUIRED},
+    {sfLockedAmount,                  soeOPTIONAL},
+    {sfMPTokenMetadata,               soeOPTIONAL},
+    {sfPreviousTxnID,                 soeREQUIRED},
+    {sfPreviousTxnLgrSeq,             soeREQUIRED},
+    {sfDomainID,                      soeOPTIONAL},
+    {sfMutableFlags,                  soeDEFAULT},
+    {sfIssuerEncryptionKey,           soeOPTIONAL},
+    {sfAuditorEncryptionKey,          soeOPTIONAL},
+    {sfConfidentialOutstandingAmount, soeDEFAULT},
 }))
 
 /** A ledger object which tracks MPToken
     \sa keylet::mptoken
  */
 LEDGER_ENTRY(ltMPTOKEN, 0x007f, MPToken, mptoken, ({
-    {sfAccount,                  soeREQUIRED},
-    {sfMPTokenIssuanceID,        soeREQUIRED},
-    {sfMPTAmount,                soeDEFAULT},
-    {sfLockedAmount,             soeOPTIONAL},
-    {sfOwnerNode,                soeREQUIRED},
-    {sfPreviousTxnID,            soeREQUIRED},
-    {sfPreviousTxnLgrSeq,        soeREQUIRED},
+    {sfAccount,                     soeREQUIRED},
+    {sfMPTokenIssuanceID,           soeREQUIRED},
+    {sfMPTAmount,                   soeDEFAULT},
+    {sfLockedAmount,                soeOPTIONAL},
+    {sfOwnerNode,                   soeREQUIRED},
+    {sfPreviousTxnID,               soeREQUIRED},
+    {sfPreviousTxnLgrSeq,           soeREQUIRED},
+    {sfConfidentialBalanceInbox,    soeOPTIONAL},
+    {sfConfidentialBalanceSpending, soeOPTIONAL},
+    {sfConfidentialBalanceVersion,  soeDEFAULT},
+    {sfIssuerEncryptedBalance,      soeOPTIONAL},
+    {sfAuditorEncryptedBalance,     soeOPTIONAL},
+    {sfHolderEncryptionKey,         soeOPTIONAL},
 }))
 
 /** A ledger object which tracks Oracle

include/xrpl/protocol/detail/sfields.macro

@@ -114,6 +114,7 @@ TYPED_SFIELD(sfInterestRate,             UINT32,    65) // 1/10 basis points (bi
 TYPED_SFIELD(sfLateInterestRate,         UINT32,    66) // 1/10 basis points (bips)
 TYPED_SFIELD(sfCloseInterestRate,        UINT32,    67) // 1/10 basis points (bips)
 TYPED_SFIELD(sfOverpaymentInterestRate,  UINT32,    68) // 1/10 basis points (bips)
+TYPED_SFIELD(sfConfidentialBalanceVersion, UINT32,  69)
 
 // 64-bit integers (common)
 TYPED_SFIELD(sfIndexNext,                UINT64,     1)
@@ -147,6 +148,7 @@ TYPED_SFIELD(sfSubjectNode,              UINT64,    28)
 TYPED_SFIELD(sfLockedAmount,             UINT64,    29, SField::sMD_BaseTen|SField::sMD_Default)
 TYPED_SFIELD(sfVaultNode,                UINT64,    30)
 TYPED_SFIELD(sfLoanBrokerNode,           UINT64,    31)
+TYPED_SFIELD(sfConfidentialOutstandingAmount, UINT64, 32, SField::sMD_BaseTen|SField::sMD_Default)
 
 // 128-bit
 TYPED_SFIELD(sfEmailHash,                UINT128,    1)
@@ -297,6 +299,22 @@ TYPED_SFIELD(sfAssetClass,               VL,        28)
 TYPED_SFIELD(sfProvider,                 VL,        29)
 TYPED_SFIELD(sfMPTokenMetadata,          VL,        30)
 TYPED_SFIELD(sfCredentialType,           VL,        31)
+TYPED_SFIELD(sfConfidentialBalanceInbox, VL,        32)
+TYPED_SFIELD(sfConfidentialBalanceSpending, VL,     33)
+TYPED_SFIELD(sfIssuerEncryptedBalance,   VL,        34)
+TYPED_SFIELD(sfIssuerEncryptionKey,      VL,        35)
+TYPED_SFIELD(sfHolderEncryptionKey,      VL,        36)
+TYPED_SFIELD(sfZKProof,                  VL,        37)
+TYPED_SFIELD(sfHolderEncryptedAmount,    VL,        38)
+TYPED_SFIELD(sfIssuerEncryptedAmount,    VL,        39)
+TYPED_SFIELD(sfSenderEncryptedAmount,    VL,        40)
+TYPED_SFIELD(sfDestinationEncryptedAmount, VL,      41)
+TYPED_SFIELD(sfAuditorEncryptedBalance,  VL,        42)
+TYPED_SFIELD(sfAuditorEncryptedAmount,   VL,        43)
+TYPED_SFIELD(sfAuditorEncryptionKey,     VL,        44)
+TYPED_SFIELD(sfBlindingFactor,           VL,        45)
+TYPED_SFIELD(sfAmountCommitment,         VL,        46)
+TYPED_SFIELD(sfBalanceCommitment,        VL,        47)
 
 // account (common)
 TYPED_SFIELD(sfAccount,                  ACCOUNT,    1)

include/xrpl/protocol/detail/transactions.macro

@@ -42,7 +42,7 @@ TRANSACTION(ttPAYMENT, 0, Payment,
 
 /** This transaction type creates an escrow object. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/EscrowCreate.h>
+#   include <xrpl/tx/transactors/escrow/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
     Delegation::delegable,
@@ -58,9 +58,6 @@ TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
 }))
 
 /** This transaction type completes an existing escrow. */
-#if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/EscrowFinish.h>
-#endif
 TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
     Delegation::delegable,
     uint256{},
@@ -76,7 +73,7 @@ TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
 
 /** This transaction type adjusts various account settings. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/AccountSet.h>
+#   include <xrpl/tx/transactors/account/SetAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
     Delegation::notDelegable,
@@ -97,7 +94,7 @@ TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
 
 /** This transaction type cancels an existing escrow. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/EscrowCancel.h>
+#   include <xrpl/tx/transactors/escrow/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
     Delegation::delegable,
@@ -124,7 +121,7 @@ TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
 
 /** This transaction type creates an offer to trade one asset for another. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/OfferCreate.h>
+#   include <xrpl/tx/transactors/dex/CreateOffer.h>
 #endif
 TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
     Delegation::delegable,
@@ -140,7 +137,7 @@ TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
 
 /** This transaction type cancels existing offers to trade one asset for another. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/OfferCancel.h>
+#   include <xrpl/tx/transactors/dex/CancelOffer.h>
 #endif
 TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
     Delegation::delegable,
@@ -154,7 +151,7 @@ TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
 
 /** This transaction type creates a new set of tickets. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/system/TicketCreate.h>
+#   include <xrpl/tx/transactors/system/CreateTicket.h>
 #endif
 TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
     Delegation::delegable,
@@ -170,7 +167,7 @@ TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
 // The SignerEntries are optional because a SignerList is deleted by
 // setting the SignerQuorum to zero and omitting SignerEntries.
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/SignerListSet.h>
+#   include <xrpl/tx/transactors/account/SetSignerList.h>
 #endif
 TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
     Delegation::notDelegable,
@@ -183,7 +180,7 @@ TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
 
 /** This transaction type creates a new unidirectional XRP payment channel. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment_channel/PaymentChannelCreate.h>
+#   include <xrpl/tx/transactors/payment_channel/PayChan.h>
 #endif
 TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
     Delegation::delegable,
@@ -199,9 +196,6 @@ TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
 }))
 
 /** This transaction type funds an existing unidirectional XRP payment channel. */
-#if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment_channel/PaymentChannelFund.h>
-#endif
 TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
     Delegation::delegable,
     uint256{},
@@ -213,9 +207,6 @@ TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
 }))
 
 /** This transaction type submits a claim against an existing unidirectional payment channel. */
-#if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment_channel/PaymentChannelClaim.h>
-#endif
 TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
     Delegation::delegable,
     uint256{},
@@ -231,7 +222,7 @@ TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
 
 /** This transaction type creates a new check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CheckCreate.h>
+#   include <xrpl/tx/transactors/check/CreateCheck.h>
 #endif
 TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
     Delegation::delegable,
@@ -247,7 +238,7 @@ TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
 
 /** This transaction type cashes an existing check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CheckCash.h>
+#   include <xrpl/tx/transactors/check/CashCheck.h>
 #endif
 TRANSACTION(ttCHECK_CASH, 17, CheckCash,
     Delegation::delegable,
@@ -261,7 +252,7 @@ TRANSACTION(ttCHECK_CASH, 17, CheckCash,
 
 /** This transaction type cancels an existing check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CheckCancel.h>
+#   include <xrpl/tx/transactors/check/CancelCheck.h>
 #endif
 TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
     Delegation::delegable,
@@ -288,7 +279,7 @@ TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
 
 /** This transaction type modifies a trustline between two accounts. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/TrustSet.h>
+#   include <xrpl/tx/transactors/token/SetTrust.h>
 #endif
 TRANSACTION(ttTRUST_SET, 20, TrustSet,
     Delegation::delegable,
@@ -302,7 +293,7 @@ TRANSACTION(ttTRUST_SET, 20, TrustSet,
 
 /** This transaction type deletes an existing account. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/AccountDelete.h>
+#   include <xrpl/tx/transactors/account/DeleteAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
     Delegation::notDelegable,
@@ -626,7 +617,7 @@ TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
 
 /** This transaction type creates or updates a DID */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/did/DIDSet.h>
+#   include <xrpl/tx/transactors/did/DID.h>
 #endif
 TRANSACTION(ttDID_SET, 49, DIDSet,
     Delegation::delegable,
@@ -639,9 +630,6 @@ TRANSACTION(ttDID_SET, 49, DIDSet,
 }))
 
 /** This transaction type deletes a DID */
-#if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/did/DIDDelete.h>
-#endif
 TRANSACTION(ttDID_DELETE, 50, DIDDelete,
     Delegation::delegable,
     featureDID,
@@ -650,7 +638,7 @@ TRANSACTION(ttDID_DELETE, 50, DIDDelete,
 
 /** This transaction type creates an Oracle instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/oracle/OracleSet.h>
+#   include <xrpl/tx/transactors/oracle/SetOracle.h>
 #endif
 TRANSACTION(ttORACLE_SET, 51, OracleSet,
     Delegation::delegable,
@@ -667,7 +655,7 @@ TRANSACTION(ttORACLE_SET, 51, OracleSet,
 
 /** This transaction type deletes an Oracle instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/oracle/OracleDelete.h>
+#   include <xrpl/tx/transactors/oracle/DeleteOracle.h>
 #endif
 TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
     Delegation::delegable,
@@ -734,6 +722,8 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
     {sfMPTokenMetadata, soeOPTIONAL},
     {sfTransferFee, soeOPTIONAL},
     {sfMutableFlags, soeOPTIONAL},
+    {sfIssuerEncryptionKey, soeOPTIONAL},
+    {sfAuditorEncryptionKey, soeOPTIONAL},
 }))
 
 /** This transaction type authorizes a MPToken instance */
@@ -751,7 +741,7 @@ TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
 
 /** This transaction type create an Credential instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/credentials/CredentialCreate.h>
+#   include <xrpl/tx/transactors/credentials/Credentials.h>
 #endif
 TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
     Delegation::delegable,
@@ -765,9 +755,6 @@ TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
 }))
 
 /** This transaction type accept an Credential object */
-#if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/credentials/CredentialAccept.h>
-#endif
 TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
     Delegation::delegable,
     featureCredentials,
@@ -778,9 +765,6 @@ TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
 }))
 
 /** This transaction type delete an Credential object */
-#if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/credentials/CredentialDelete.h>
-#endif
 TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
     Delegation::delegable,
     featureCredentials,
@@ -848,7 +832,7 @@ TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
 #   include <xrpl/tx/transactors/vault/VaultCreate.h>
 #endif
 TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureSingleAssetVault,
     createPseudoAcct | createMPTIssuance | mustModifyVault,
     ({
@@ -866,7 +850,7 @@ TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
 #   include <xrpl/tx/transactors/vault/VaultSet.h>
 #endif
 TRANSACTION(ttVAULT_SET, 66, VaultSet,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mustModifyVault,
     ({
@@ -881,7 +865,7 @@ TRANSACTION(ttVAULT_SET, 66, VaultSet,
 #   include <xrpl/tx/transactors/vault/VaultDelete.h>
 #endif
 TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mustDeleteAcct | destroyMPTIssuance | mustModifyVault,
     ({
@@ -893,7 +877,7 @@ TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
 #   include <xrpl/tx/transactors/vault/VaultDeposit.h>
 #endif
 TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayAuthorizeMPT | mustModifyVault,
     ({
@@ -906,7 +890,7 @@ TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
 #   include <xrpl/tx/transactors/vault/VaultWithdraw.h>
 #endif
 TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayDeleteMPT | mayAuthorizeMPT | mustModifyVault,
     ({
@@ -921,7 +905,7 @@ TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
 #   include <xrpl/tx/transactors/vault/VaultClawback.h>
 #endif
 TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureSingleAssetVault,
     mayDeleteMPT | mustModifyVault,
     ({
@@ -950,7 +934,7 @@ TRANSACTION(ttBATCH, 71, Batch,
 #   include <xrpl/tx/transactors/lending/LoanBrokerSet.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     createPseudoAcct | mayAuthorizeMPT, ({
     {sfVaultID, soeREQUIRED},
@@ -967,7 +951,7 @@ TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
 #   include <xrpl/tx/transactors/lending/LoanBrokerDelete.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     mustDeleteAcct | mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -978,7 +962,7 @@ TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
 #   include <xrpl/tx/transactors/lending/LoanBrokerCoverDeposit.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -990,7 +974,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
 #   include <xrpl/tx/transactors/lending/LoanBrokerCoverWithdraw.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -1005,7 +989,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
 #   include <xrpl/tx/transactors/lending/LoanBrokerCoverClawback.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanBrokerID, soeOPTIONAL},
@@ -1017,7 +1001,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
 #   include <xrpl/tx/transactors/lending/LoanSet.h>
 #endif
 TRANSACTION(ttLOAN_SET, 80, LoanSet,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanBrokerID, soeREQUIRED},
@@ -1044,7 +1028,7 @@ TRANSACTION(ttLOAN_SET, 80, LoanSet,
 #   include <xrpl/tx/transactors/lending/LoanDelete.h>
 #endif
 TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     noPriv, ({
     {sfLoanID, soeREQUIRED},
@@ -1055,7 +1039,7 @@ TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
 #   include <xrpl/tx/transactors/lending/LoanManage.h>
 #endif
 TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     // All of the LoanManage options will modify the vault, but the
     // transaction can succeed without options, essentially making it
@@ -1069,13 +1053,97 @@ TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
 #   include <xrpl/tx/transactors/lending/LoanPay.h>
 #endif
 TRANSACTION(ttLOAN_PAY, 84, LoanPay,
-    Delegation::notDelegable,
+    Delegation::delegable,
     featureLendingProtocol,
     mayAuthorizeMPT | mustModifyVault, ({
     {sfLoanID, soeREQUIRED},
     {sfAmount, soeREQUIRED, soeMPTSupported},
 }))
 
+/** This transaction type converts into confidential MPT balance. */
+#if TRANSACTION_INCLUDE
+#include <xrpl/tx/transactors/token/ConfidentialMPTConvert.h>
+#endif
+TRANSACTION(ttCONFIDENTIAL_MPT_CONVERT, 85, ConfidentialMPTConvert,
+    Delegation::delegable,
+    featureConfidentialTransfer,
+    noPriv,
+    ({
+    {sfMPTokenIssuanceID, soeREQUIRED},
+    {sfMPTAmount, soeREQUIRED},
+    {sfHolderEncryptionKey, soeOPTIONAL},
+    {sfHolderEncryptedAmount, soeREQUIRED},
+    {sfIssuerEncryptedAmount, soeREQUIRED},
+    {sfAuditorEncryptedAmount, soeOPTIONAL},
+    {sfBlindingFactor, soeREQUIRED},
+    {sfZKProof, soeOPTIONAL},
+}))
+
+/** This transaction type merges MPT inbox. */
+#if TRANSACTION_INCLUDE
+#include <xrpl/tx/transactors/token/ConfidentialMPTMergeInbox.h>
+#endif
+TRANSACTION(ttCONFIDENTIAL_MPT_MERGE_INBOX, 86, ConfidentialMPTMergeInbox,
+    Delegation::delegable,
+    featureConfidentialTransfer,
+    noPriv,
+    ({
+    {sfMPTokenIssuanceID, soeREQUIRED},
+}))
+
+/** This transaction type converts back into public MPT balance. */
+#if TRANSACTION_INCLUDE
+#include <xrpl/tx/transactors/token/ConfidentialMPTConvertBack.h>
+#endif
+TRANSACTION(ttCONFIDENTIAL_MPT_CONVERT_BACK, 87, ConfidentialMPTConvertBack,
+    Delegation::delegable,
+    featureConfidentialTransfer,
+    noPriv,
+    ({
+    {sfMPTokenIssuanceID, soeREQUIRED},
+    {sfMPTAmount, soeREQUIRED},
+    {sfHolderEncryptedAmount, soeREQUIRED},
+    {sfIssuerEncryptedAmount, soeREQUIRED},
+    {sfAuditorEncryptedAmount, soeOPTIONAL},
+    {sfBlindingFactor, soeREQUIRED},
+    {sfZKProof, soeREQUIRED},
+    {sfBalanceCommitment, soeREQUIRED},
+}))
+
+#if TRANSACTION_INCLUDE
+#include <xrpl/tx/transactors/token/ConfidentialMPTSend.h>
+#endif
+TRANSACTION(ttCONFIDENTIAL_MPT_SEND, 88, ConfidentialMPTSend,
+    Delegation::delegable,
+    featureConfidentialTransfer,
+    noPriv,
+    ({
+    {sfMPTokenIssuanceID, soeREQUIRED},
+    {sfDestination, soeREQUIRED},
+    {sfSenderEncryptedAmount, soeREQUIRED},
+    {sfDestinationEncryptedAmount, soeREQUIRED},
+    {sfIssuerEncryptedAmount, soeREQUIRED},
+    {sfAuditorEncryptedAmount, soeOPTIONAL},
+    {sfZKProof, soeREQUIRED},
+    {sfAmountCommitment, soeREQUIRED},
+    {sfBalanceCommitment, soeREQUIRED},
+    {sfCredentialIDs, soeOPTIONAL},
+}))
+
+#if TRANSACTION_INCLUDE
+#include <xrpl/tx/transactors/token/ConfidentialMPTClawback.h>
+#endif
+TRANSACTION(ttCONFIDENTIAL_MPT_CLAWBACK, 89, ConfidentialMPTClawback,
+    Delegation::delegable,
+    featureConfidentialTransfer,
+    noPriv,
+    ({
+    {sfMPTokenIssuanceID, soeREQUIRED},
+    {sfHolder, soeREQUIRED},
+    {sfMPTAmount, soeREQUIRED},
+    {sfZKProof, soeREQUIRED},
+}))
+
 /** This system-generated transaction type is used to update the status of the various amendments.
 
     For details, see: https://xrpl.org/amendments.html

include/xrpl/protocol/digest.h

@@ -40,7 +40,7 @@ public:
     operator result_type() noexcept;
 
 private:
-    char ctx_[96]{};
+    char ctx_[96];
 };
 
 /** SHA-512 digest
@@ -63,7 +63,7 @@ public:
     operator result_type() noexcept;
 
 private:
-    char ctx_[216]{};
+    char ctx_[216];
 };
 
 /** SHA-256 digest
@@ -86,7 +86,7 @@ public:
     operator result_type() noexcept;
 
 private:
-    char ctx_[112]{};
+    char ctx_[112];
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/jss.h

@@ -112,7 +112,6 @@ JSS(accounts);                // in: LedgerEntry, Subscribe,
                               //     handlers/Ledger, Unsubscribe
 JSS(accounts_proposed);       // in: Subscribe, Unsubscribe
 JSS(action);
-JSS(active);                  // out: OverlayImpl
 JSS(acquiring);               // out: LedgerRequest
 JSS(address);                 // out: PeerImp
 JSS(affected);                // out: AcceptedLedgerTx
@@ -301,7 +300,6 @@ JSS(id);                      // websocket.
 JSS(ident);                   // in: AccountCurrencies, AccountInfo,
                               //     OwnerInfo
 JSS(ignore_default);          // in: AccountLines
-JSS(in);                      // out: OverlayImpl
 JSS(inLedger);                // out: tx/Transaction
 JSS(inbound);                 // out: PeerImp
 JSS(index);                   // in: LedgerEntry
@@ -466,7 +464,6 @@ JSS(open_ledger_level);       // out: TxQ
 JSS(optionality);             // out: server_definitions
 JSS(oracles);                 // in: get_aggregate_price
 JSS(oracle_document_id);      // in: get_aggregate_price
-JSS(out);                     // out: OverlayImpl
 JSS(owner);                   // in: LedgerEntry, out: NetworkOPs
 JSS(owner_funds);             // in/out: Ledger, NetworkOPs, AcceptedLedgerTx
 JSS(page_index);

include/xrpl/protocol_autogen/LedgerEntryBase.h

@@ -1,152 +0,0 @@
-#pragma once
-
-#include <xrpl/protocol/LedgerFormats.h>
-#include <xrpl/protocol/SField.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol_autogen/STObjectValidation.h>
-#include <xrpl/protocol_autogen/Utils.h>
-
-#include <optional>
-#include <string>
-
-namespace xrpl::ledger_entries {
-
-/**
- * @brief Base class for type-safe ledger entry wrappers.
- *
- * This class provides common functionality for all ledger entry types,
- * including access to common fields (sfLedgerIndex, sfLedgerEntryType, sfFlags).
- *
- * This is an immutable wrapper around SLE (Serialized Ledger Entry).
- * Use the corresponding Builder classes to construct new ledger entries.
- */
-class LedgerEntryBase
-{
-public:
-    /**
-     * @brief Construct a ledger entry wrapper from an existing SLE object.
-     * @param sle The underlying serialized ledger entry to wrap
-     */
-    explicit LedgerEntryBase(std::shared_ptr<SLE const> sle) : sle_(std::move(sle))
-    {
-    }
-
-    /**
-     * @brief Validate the ledger entry
-     * @return true if validation passes, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    validate() const
-    {
-        if (!sle_->isFieldPresent(sfLedgerEntryType))
-        {
-            return false;  // LCOV_EXCL_LINE
-        }
-        auto ledgerEntryType = static_cast<LedgerEntryType>(sle_->getFieldU16(sfLedgerEntryType));
-        return protocol_autogen::validateSTObject(
-            *sle_, LedgerFormats::getInstance().findByType(ledgerEntryType)->getSOTemplate());
-    }
-
-    /**
-     * @brief Get the ledger entry type.
-     * @return The type of this ledger entry
-     */
-    [[nodiscard]]
-    LedgerEntryType
-    getType() const
-    {
-        return sle_->getType();
-    }
-
-    /**
-     * @brief Get the key (index) of this ledger entry.
-     *
-     * The key uniquely identifies this ledger entry in the ledger state.
-     * @return A constant reference to the 256-bit key
-     */
-    [[nodiscard]]
-    uint256 const&
-    getKey() const
-    {
-        return sle_->key();
-    }
-
-    // Common field getters (from LedgerFormats.cpp commonFields)
-
-    /**
-     * @brief Get the ledger index (sfLedgerIndex).
-     *
-     * This field is OPTIONAL and represents the index of the ledger entry.
-     * @return The ledger index if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint256>
-    getLedgerIndex() const
-    {
-        if (sle_->isFieldPresent(sfLedgerIndex))
-        {
-            return sle_->at(sfLedgerIndex);
-        }
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the ledger entry has a ledger index.
-     * @return true if sfLedgerIndex is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasLedgerIndex() const
-    {
-        return sle_->isFieldPresent(sfLedgerIndex);
-    }
-
-    /**
-     * @brief Get the ledger entry type field (sfLedgerEntryType).
-     *
-     * This field is REQUIRED for all ledger entries and indicates the type
-     * of the ledger entry (e.g., AccountRoot, RippleState, Offer, etc.).
-     * @return The ledger entry type as a 16-bit unsigned integer
-     */
-    [[nodiscard]]
-    uint16_t
-    getLedgerEntryType() const
-    {
-        return sle_->at(sfLedgerEntryType);
-    }
-
-    /**
-     * @brief Get the flags field (sfFlags).
-     *
-     * This field is REQUIRED for all ledger entries and contains
-     * type-specific flags that modify the behavior of the ledger entry.
-     * @return The flags value as a 32-bit unsigned integer
-     */
-    [[nodiscard]]
-    std::uint32_t
-    getFlags() const
-    {
-        return sle_->at(sfFlags);
-    }
-
-    /**
-     * @brief Get the underlying SLE object.
-     *
-     * Provides direct access to the wrapped serialized ledger entry object
-     * for cases where the type-safe accessors are insufficient.
-     * @return A constant reference to the underlying SLE object
-     */
-    [[nodiscard]]
-    std::shared_ptr<SLE const>
-    getSle() const
-    {
-        return sle_;
-    }
-
-protected:
-    /** @brief The underlying serialized ledger entry being wrapped. */
-    std::shared_ptr<SLE const> sle_;
-};
-
-}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/LedgerEntryBuilderBase.h

@@ -1,84 +0,0 @@
-#pragma once
-
-#include <xrpl/protocol/LedgerFormats.h>
-#include <xrpl/protocol/SField.h>
-#include <xrpl/protocol/STAccount.h>
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/STBlob.h>
-#include <xrpl/protocol/STInteger.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STObject.h>
-#include <xrpl/protocol_autogen/STObjectValidation.h>
-
-namespace xrpl::ledger_entries {
-
-/**
- * Base class for all ledger entry builders.
- * Provides common field setters that are available for all ledger entry types.
- */
-template <typename Derived>
-class LedgerEntryBuilderBase
-{
-public:
-    LedgerEntryBuilderBase() = default;
-
-    LedgerEntryBuilderBase(
-        SF_UINT16::type::value_type ledgerEntryType,
-        SF_UINT32::type::value_type flags = 0)
-    {
-        // Don't call object_.set(soTemplate) - keep object_ as a free object.
-        // This avoids creating STBase placeholders for soeDEFAULT fields,
-        // which would cause applyTemplate() to throw "may not be explicitly
-        // set to default" when building the SLE.
-        // The SLE constructor will call applyTemplate() which properly
-        // handles missing fields.
-        object_[sfLedgerEntryType] = ledgerEntryType;
-        object_[sfFlags] = flags;
-    }
-
-    /**
-     * @brief Validate the ledger entry
-     * @return true if validation passes, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    validate() const
-    {
-        if (!object_.isFieldPresent(sfLedgerEntryType))
-        {
-            return false;  // LCOV_EXCL_LINE
-        }
-        auto ledgerEntryType = static_cast<LedgerEntryType>(object_.getFieldU16(sfLedgerEntryType));
-        return protocol_autogen::validateSTObject(
-            object_, LedgerFormats::getInstance().findByType(ledgerEntryType)->getSOTemplate());
-    }
-
-    /**
-     * Set the ledger index.
-     * @param value Ledger index
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setLedgerIndex(uint256 const& value)
-    {
-        object_[sfLedgerIndex] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the flags.
-     * @param value Flags value
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setFlags(uint32_t value)
-    {
-        object_.setFieldU32(sfFlags, value);
-        return static_cast<Derived&>(*this);
-    }
-
-protected:
-    STObject object_{sfLedgerEntry};
-};
-
-}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/README.md

@@ -1,79 +0,0 @@
-# Protocol Autogen
-
-This directory contains auto-generated C++ wrapper classes for XRP Ledger protocol types.
-
-## Generated Files
-
-The files in this directory are automatically generated at **CMake configure time** from macro definition files:
-
-- **Transaction classes** (in `transactions/`): Generated from `include/xrpl/protocol/detail/transactions.macro` by `scripts/generate_tx_classes.py`
-- **Ledger entry classes** (in `ledger_entries/`): Generated from `include/xrpl/protocol/detail/ledger_entries.macro` by `scripts/generate_ledger_classes.py`
-
-## Generation Process
-
-The generation happens automatically when you **configure** the project (not during build). When you run CMake, the system:
-
-1. Creates a Python virtual environment in the build directory (`codegen_venv`)
-2. Installs Python dependencies from `scripts/requirements.txt` into the venv (only if needed)
-3. Runs the Python generation scripts using the venv Python interpreter
-4. Parses the macro files to extract type definitions
-5. Generates type-safe C++ wrapper classes using Mako templates
-6. Places the generated headers in this directory
-
-### When Regeneration Happens
-
-The code is regenerated when:
-
-- You run CMake configure for the first time
-- The Python virtual environment doesn't exist
-- `scripts/requirements.txt` has been modified
-
-To force regeneration, delete the build directory and reconfigure.
-
-### Python Dependencies
-
-The code generation requires the following Python packages (automatically installed):
-
-- `pcpp` - C preprocessor for Python
-- `pyparsing` - Parser combinator library
-- `Mako` - Template engine
-
-These are isolated in a virtual environment and won't affect your system Python installation.
-
-## Version Control
-
-The generated `.h` files **are checked into version control**. This means:
-
-- Developers without Python 3 can still build the project using the committed files
-- CI/CD systems don't need to run code generation if files are up to date
-- Changes to generated files are visible in code review
-
-## Modifying Generated Code
-
-**Do not manually edit generated files.** Any changes will be overwritten the next time CMake configure runs.
-
-To modify the generated classes:
-
-- Edit the macro files in `include/xrpl/protocol/detail/`
-- Edit the Mako templates in `scripts/templates/`
-- Edit the generation scripts in `scripts/`
-- Update Python dependencies in `scripts/requirements.txt`
-- Run CMake configure to regenerate
-
-## Adding Common Fields
-
-If you add a new common field to `TxFormats.cpp` or `LedgerFormats.cpp`, you should also update the corresponding base classes and templates manually:
-
-Base classes:
-
-- `TransactionBase.h` - Add getters for new common transaction fields
-- `TransactionBuilderBase.h` - Add setters, and if the field is required, add it to the constructor parameters
-- `LedgerEntryBase.h` - Add getters for new common ledger entry fields
-- `LedgerEntryBuilderBase.h` - Add setters, and if the field is required, add it to the constructor parameters
-
-Templates (update to pass required common fields to base class constructors):
-
-- `scripts/templates/Transaction.h.mako`
-- `scripts/templates/LedgerEntry.h.mako`
-
-These files are **not auto-generated** and must be updated by hand.

include/xrpl/protocol_autogen/STObjectValidation.h

@@ -1,43 +0,0 @@
-#pragma once
-
-#include <xrpl/protocol/SOTemplate.h>
-#include <xrpl/protocol/STObject.h>
-
-namespace xrpl::protocol_autogen {
-
-[[nodiscard]]
-inline bool
-validateSTObject(STObject const& obj, SOTemplate const& format)
-{
-    for (auto const& field : format)
-    {
-        if (!obj.isFieldPresent(field.sField()) && field.style() == soeREQUIRED)
-        {
-            return false;  // LCOV_EXCL_LINE
-        }
-
-        if (field.supportMPT() == soeMPTNotSupported && obj.isFieldPresent(field.sField()))
-        {
-            if (field.sField().fieldType == STI_AMOUNT)
-            {
-                auto const& amount = obj.getFieldAmount(field.sField());
-
-                if (amount.asset().holds<MPTIssue>())
-                    return false;  // LCOV_EXCL_LINE
-            }
-            else if (field.sField().fieldType == STI_ISSUE)
-            {
-                auto issue = dynamic_cast<STIssue const*>(obj.peekAtPField(field.sField()));
-                if (!issue)
-                    return false;  // LCOV_EXCL_LINE
-
-                if (issue->holds<MPTIssue>())
-                    return false;  // LCOV_EXCL_LINE
-            }
-        }
-    }
-
-    return true;
-}
-
-}  // namespace xrpl::protocol_autogen

include/xrpl/protocol_autogen/TransactionBase.h

@@ -1,457 +0,0 @@
-#pragma once
-
-#include <xrpl/protocol/SField.h>
-#include <xrpl/protocol/STAccount.h>
-#include <xrpl/protocol/STArray.h>
-#include <xrpl/protocol/STObject.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TxFormats.h>
-#include <xrpl/protocol_autogen/STObjectValidation.h>
-#include <xrpl/protocol_autogen/Utils.h>
-
-#include <optional>
-#include <string>
-
-namespace xrpl::transactions {
-
-/**
- * @brief Base class for all transaction wrapper types.
- *
- * Provides type-safe read-only accessors for common transaction fields.
- * This is an immutable wrapper around STTx. Use the corresponding Builder classes
- * to construct new transactions.
- */
-class TransactionBase
-{
-public:
-    /**
-     * @brief Construct a transaction wrapper from an existing STTx object.
-     * @param tx The underlying transaction object to wrap
-     */
-    explicit TransactionBase(std::shared_ptr<STTx const> tx) : tx_(std::move(tx))
-    {
-    }
-
-    /**
-     * @brief Validate the transaction
-     * @return true if validation passes, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    validate(std::string& reason) const
-    {
-        if (!protocol_autogen::validateSTObject(
-                *tx_, TxFormats::getInstance().findByType(tx_->getTxnType())->getSOTemplate()))
-        {
-            // LCOV_EXCL_START
-            reason = "Transaction failed schema validation";
-            return false;
-            // LCOV_EXCL_STOP
-        }
-
-        // Pseudo transactions are not submitted to the network
-        if (isPseudoTx(*tx_))
-        {
-            return true;
-        }
-        return passesLocalChecks(*tx_, reason);
-    }
-
-    /**
-     * @brief Get the transaction type.
-     * @return The type of this transaction
-     */
-    [[nodiscard]]
-    xrpl::TxType
-    getTransactionType() const
-    {
-        return tx_->getTxnType();
-    }
-
-    /**
-     * @brief Get the account initiating the transaction (sfAccount).
-     *
-     * This field is REQUIRED for all transactions.
-     * @return The account ID of the transaction sender
-     */
-    [[nodiscard]]
-    AccountID
-    getAccount() const
-    {
-        return tx_->at(sfAccount);
-    }
-
-    /**
-     * @brief Get the sequence number of the transaction (sfSequence).
-     *
-     * This field is REQUIRED for all transactions.
-     * @return The sequence number
-     */
-    [[nodiscard]]
-    std::uint32_t
-    getSequence() const
-    {
-        return tx_->at(sfSequence);
-    }
-
-    /**
-     * @brief Get the transaction fee (sfFee).
-     *
-     * This field is REQUIRED for all transactions.
-     * @return The fee amount
-     */
-    [[nodiscard]]
-    STAmount
-    getFee() const
-    {
-        return tx_->at(sfFee);
-    }
-
-    /**
-     * @brief Get the signing public key (sfSigningPubKey).
-     *
-     * This field is REQUIRED for all transactions.
-     * @return The public key used for signing as a blob
-     */
-    [[nodiscard]]
-    Blob
-    getSigningPubKey() const
-    {
-        return tx_->getFieldVL(sfSigningPubKey);
-    }
-
-    /**
-     * @brief Get the transaction flags (sfFlags).
-     *
-     * This field is OPTIONAL.
-     * @return The flags value if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint32_t>
-    getFlags() const
-    {
-        if (tx_->isFieldPresent(sfFlags))
-            return tx_->at(sfFlags);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has flags set.
-     * @return true if sfFlags is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasFlags() const
-    {
-        return tx_->isFieldPresent(sfFlags);
-    }
-
-    /**
-     * @brief Get the source tag (sfSourceTag).
-     *
-     * This field is OPTIONAL and used to identify the source of a payment.
-     * @return The source tag value if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint32_t>
-    getSourceTag() const
-    {
-        if (tx_->isFieldPresent(sfSourceTag))
-            return tx_->at(sfSourceTag);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has a source tag.
-     * @return true if sfSourceTag is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasSourceTag() const
-    {
-        return tx_->isFieldPresent(sfSourceTag);
-    }
-
-    /**
-     * @brief Get the previous transaction ID (sfPreviousTxnID).
-     *
-     * This field is OPTIONAL and used for transaction chaining.
-     * @return The previous transaction ID if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint256>
-    getPreviousTxnID() const
-    {
-        if (tx_->isFieldPresent(sfPreviousTxnID))
-            return tx_->at(sfPreviousTxnID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has a previous transaction ID.
-     * @return true if sfPreviousTxnID is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasPreviousTxnID() const
-    {
-        return tx_->isFieldPresent(sfPreviousTxnID);
-    }
-
-    /**
-     * @brief Get the last ledger sequence (sfLastLedgerSequence).
-     *
-     * This field is OPTIONAL and specifies the latest ledger sequence
-     * in which this transaction can be included.
-     * @return The last ledger sequence if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint32_t>
-    getLastLedgerSequence() const
-    {
-        if (tx_->isFieldPresent(sfLastLedgerSequence))
-            return tx_->at(sfLastLedgerSequence);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has a last ledger sequence.
-     * @return true if sfLastLedgerSequence is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasLastLedgerSequence() const
-    {
-        return tx_->isFieldPresent(sfLastLedgerSequence);
-    }
-
-    /**
-     * @brief Get the account transaction ID (sfAccountTxnID).
-     *
-     * This field is OPTIONAL and used to track transaction sequences.
-     * @return The account transaction ID if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint256>
-    getAccountTxnID() const
-    {
-        if (tx_->isFieldPresent(sfAccountTxnID))
-            return tx_->at(sfAccountTxnID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has an account transaction ID.
-     * @return true if sfAccountTxnID is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasAccountTxnID() const
-    {
-        return tx_->isFieldPresent(sfAccountTxnID);
-    }
-
-    /**
-     * @brief Get the operation limit (sfOperationLimit).
-     *
-     * This field is OPTIONAL and limits the number of operations in a transaction.
-     * @return The operation limit if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint32_t>
-    getOperationLimit() const
-    {
-        if (tx_->isFieldPresent(sfOperationLimit))
-            return tx_->at(sfOperationLimit);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has an operation limit.
-     * @return true if sfOperationLimit is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasOperationLimit() const
-    {
-        return tx_->isFieldPresent(sfOperationLimit);
-    }
-
-    /**
-     * @brief Get the memos array (sfMemos).
-     *
-     * This field is OPTIONAL and contains arbitrary data attached to the transaction.
-     * @note This is an untyped field (STArray).
-     * @return A reference wrapper to the memos array if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<std::reference_wrapper<STArray const>>
-    getMemos() const
-    {
-        if (tx_->isFieldPresent(sfMemos))
-            return tx_->getFieldArray(sfMemos);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has memos.
-     * @return true if sfMemos is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasMemos() const
-    {
-        return tx_->isFieldPresent(sfMemos);
-    }
-
-    /**
-     * @brief Get the ticket sequence (sfTicketSequence).
-     *
-     * This field is OPTIONAL and used when consuming a ticket instead of a sequence number.
-     * @return The ticket sequence if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint32_t>
-    getTicketSequence() const
-    {
-        if (tx_->isFieldPresent(sfTicketSequence))
-            return tx_->at(sfTicketSequence);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has a ticket sequence.
-     * @return true if sfTicketSequence is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasTicketSequence() const
-    {
-        return tx_->isFieldPresent(sfTicketSequence);
-    }
-
-    /**
-     * @brief Get the transaction signature (sfTxnSignature).
-     *
-     * This field is OPTIONAL and contains the signature for single-signed transactions.
-     * @return The transaction signature as a blob if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<Blob>
-    getTxnSignature() const
-    {
-        if (tx_->isFieldPresent(sfTxnSignature))
-            return tx_->getFieldVL(sfTxnSignature);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has a transaction signature.
-     * @return true if sfTxnSignature is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasTxnSignature() const
-    {
-        return tx_->isFieldPresent(sfTxnSignature);
-    }
-
-    /**
-     * @brief Get the signers array (sfSigners).
-     *
-     * This field is OPTIONAL and contains the list of signers for multi-signed transactions.
-     * @note This is an untyped field (STArray).
-     * @return A reference wrapper to the signers array if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<std::reference_wrapper<STArray const>>
-    getSigners() const
-    {
-        if (tx_->isFieldPresent(sfSigners))
-            return tx_->getFieldArray(sfSigners);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has signers.
-     * @return true if sfSigners is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasSigners() const
-    {
-        return tx_->isFieldPresent(sfSigners);
-    }
-
-    /**
-     * @brief Get the network ID (sfNetworkID).
-     *
-     * This field is OPTIONAL and identifies the network this transaction is intended for.
-     * @return The network ID if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<uint32_t>
-    getNetworkID() const
-    {
-        if (tx_->isFieldPresent(sfNetworkID))
-            return tx_->at(sfNetworkID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has a network ID.
-     * @return true if sfNetworkID is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasNetworkID() const
-    {
-        return tx_->isFieldPresent(sfNetworkID);
-    }
-
-    /**
-     * @brief Get the delegate account (sfDelegate).
-     *
-     * This field is OPTIONAL and specifies a delegate account for the transaction.
-     * @return The delegate account ID if present, std::nullopt otherwise
-     */
-    [[nodiscard]]
-    std::optional<AccountID>
-    getDelegate() const
-    {
-        if (tx_->isFieldPresent(sfDelegate))
-            return tx_->at(sfDelegate);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if the transaction has a delegate account.
-     * @return true if sfDelegate is present, false otherwise
-     */
-    [[nodiscard]]
-    bool
-    hasDelegate() const
-    {
-        return tx_->isFieldPresent(sfDelegate);
-    }
-
-    /**
-     * @brief Get the underlying STTx object.
-     *
-     * Provides direct access to the wrapped transaction object for cases
-     * where the type-safe accessors are insufficient.
-     * @return A constant reference to the underlying STTx object
-     */
-    [[nodiscard]]
-    std::shared_ptr<STTx const>
-    getSTTx() const
-    {
-        return tx_;
-    }
-
-protected:
-    /** @brief The underlying transaction object being wrapped. */
-    std::shared_ptr<STTx const> tx_;
-};
-
-}  // namespace xrpl::transactions

include/xrpl/protocol_autogen/TransactionBuilderBase.h

@@ -1,269 +0,0 @@
-#pragma once
-
-#include <xrpl/protocol/HashPrefix.h>
-#include <xrpl/protocol/PublicKey.h>
-#include <xrpl/protocol/SField.h>
-#include <xrpl/protocol/STAccount.h>
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/STArray.h>
-#include <xrpl/protocol/STBlob.h>
-#include <xrpl/protocol/STInteger.h>
-#include <xrpl/protocol/STObject.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/STXChainBridge.h>
-#include <xrpl/protocol/SecretKey.h>
-#include <xrpl/protocol/Serializer.h>
-#include <xrpl/protocol/TxFormats.h>
-#include <xrpl/protocol/jss.h>
-
-namespace xrpl::transactions {
-
-/**
- * Base class for all transaction builders.
- * Provides common field setters that are available for all transaction types.
- */
-template <typename Derived>
-class TransactionBuilderBase
-{
-public:
-    TransactionBuilderBase() = default;
-
-    TransactionBuilderBase(
-        SF_UINT16::type::value_type transactionType,
-        SF_ACCOUNT::type::value_type account,
-        std::optional<SF_UINT32::type::value_type> sequence,
-        std::optional<SF_AMOUNT::type::value_type> fee)
-    {
-        // Don't call object_.set(soTemplate) - keep object_ as a free object.
-        // This avoids creating STBase placeholders for soeDEFAULT fields,
-        // which would cause applyTemplate() to throw "may not be explicitly
-        // set to default" when building the STTx.
-        // The STTx constructor will call applyTemplate() which properly
-        // handles missing fields.
-        object_[sfTransactionType] = transactionType;
-        setAccount(account);
-
-        if (sequence)
-        {
-            setSequence(*sequence);
-        }
-        if (fee)
-        {
-            setFee(*fee);
-        }
-    }
-
-    /**
-     * Set the account that is sending the transaction.
-     * @param value Account address (typically as a string)
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setAccount(AccountID const& value)
-    {
-        object_[sfAccount] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the transaction fee.
-     * @param value Fee in drops (typically as a string or number)
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setFee(STAmount const& value)
-    {
-        object_[sfFee] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the sequence number.
-     * @param value Sequence number
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setSequence(std::uint32_t const& value)
-    {
-        object_[sfSequence] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the ticket sequence to use for this transaction.
-     * When using a ticket, the regular sequence number is set to 0.
-     * @param value Ticket sequence number
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setTicketSequence(std::uint32_t const& value)
-    {
-        object_[sfSequence] = 0u;
-        object_[sfTicketSequence] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set transaction flags.
-     * @param value Flags value
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setFlags(std::uint32_t const& value)
-    {
-        object_[sfFlags] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the source tag.
-     * @param value Source tag
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setSourceTag(std::uint32_t const& value)
-    {
-        object_[sfSourceTag] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the last ledger sequence.
-     * @param value Last ledger sequence number
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setLastLedgerSequence(std::uint32_t const& value)
-    {
-        object_[sfLastLedgerSequence] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the account transaction ID.
-     * @param value Account transaction ID (typically as a hex string)
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setAccountTxnID(uint256 const& value)
-    {
-        object_[sfAccountTxnID] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the previous transaction ID.
-     * Used for emulate027 compatibility.
-     * @param value Previous transaction ID
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setPreviousTxnID(uint256 const& value)
-    {
-        object_[sfPreviousTxnID] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the operation limit.
-     * @param value Operation limit
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setOperationLimit(std::uint32_t const& value)
-    {
-        object_[sfOperationLimit] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the memos array.
-     * @param value Array of memo objects
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setMemos(STArray const& value)
-    {
-        object_.setFieldArray(sfMemos, value);
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the signers array for multi-signing.
-     * @param value Array of signer objects
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setSigners(STArray const& value)
-    {
-        object_.setFieldArray(sfSigners, value);
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the network ID.
-     * @param value Network ID
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setNetworkID(std::uint32_t const& value)
-    {
-        object_[sfNetworkID] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Set the delegate account for delegated transactions.
-     * @param value Delegate account ID
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    setDelegate(AccountID const& value)
-    {
-        object_[sfDelegate] = value;
-        return static_cast<Derived&>(*this);
-    }
-
-    /**
-     * Get the underlying STObject.
-     * @return The STObject
-     */
-    STObject const&
-    getSTObject() const
-    {
-        return object_;
-    }
-
-protected:
-    /**
-     * Sign the transaction with the given keys.
-     *
-     * This sets the SigningPubKey field and computes the TxnSignature.
-     *
-     * @param publicKey The public key for signing
-     * @param secretKey The secret key for signing
-     * @return Reference to the derived builder for method chaining.
-     */
-    Derived&
-    sign(PublicKey const& publicKey, SecretKey const& secretKey)
-    {
-        // Set the signing public key
-        object_.setFieldVL(sfSigningPubKey, publicKey.slice());
-
-        // Build the signing data: HashPrefix::txSign + serialized object
-        // (without signing fields)
-        Serializer s;
-        s.add32(HashPrefix::txSign);
-        object_.addWithoutSigningFields(s);
-
-        // Sign and set the signature
-        auto const sig = xrpl::sign(publicKey, secretKey, s.slice());
-        object_.setFieldVL(sfTxnSignature, sig);
-
-        return static_cast<Derived&>(*this);
-    }
-
-    STObject object_{sfTransaction};
-};
-
-}  // namespace xrpl::transactions

include/xrpl/protocol_autogen/Utils.h

@@ -1,14 +0,0 @@
-#pragma once
-
-#include <optional>
-#include <type_traits>
-
-namespace xrpl::protocol_autogen {
-
-template <typename ValueType>
-using Optional = std::conditional_t<
-    std::is_reference_v<ValueType>,
-    std::optional<std::reference_wrapper<std::remove_reference_t<ValueType>>>,
-    std::optional<ValueType>>;
-
-}

include/xrpl/protocol_autogen/ledger_entries/AMM.h

@@ -1,392 +0,0 @@
-// This file is auto-generated. Do not edit.
-#pragma once
-
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STParsedJSON.h>
-#include <xrpl/protocol/jss.h>
-#include <xrpl/protocol_autogen/LedgerEntryBase.h>
-#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
-#include <xrpl/json/json_value.h>
-
-#include <stdexcept>
-#include <optional>
-
-namespace xrpl::ledger_entries {
-
-class AMMBuilder;
-
-/**
- * @brief Ledger Entry: AMM
- *
- * Type: ltAMM (0x0079)
- * RPC Name: amm
- *
- * Immutable wrapper around SLE providing type-safe field access.
- * Use AMMBuilder to construct new ledger entries.
- */
-class AMM : public LedgerEntryBase
-{
-public:
-    static constexpr LedgerEntryType entryType = ltAMM;
-
-    /**
-     * @brief Construct a AMM ledger entry wrapper from an existing SLE object.
-     * @throws std::runtime_error if the ledger entry type doesn't match.
-     */
-    explicit AMM(std::shared_ptr<SLE const> sle)
-        : LedgerEntryBase(std::move(sle))
-    {
-        // Verify ledger entry type
-        if (sle_->getType() != entryType)
-        {
-            throw std::runtime_error("Invalid ledger entry type for AMM");
-        }
-    }
-
-    // Ledger entry-specific field getters
-
-    /**
-     * @brief Get sfAccount (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_ACCOUNT::type::value_type
-    getAccount() const
-    {
-        return this->sle_->at(sfAccount);
-    }
-
-    /**
-     * @brief Get sfTradingFee (soeDEFAULT)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT16::type::value_type>
-    getTradingFee() const
-    {
-        if (hasTradingFee())
-            return this->sle_->at(sfTradingFee);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfTradingFee is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasTradingFee() const
-    {
-        return this->sle_->isFieldPresent(sfTradingFee);
-    }
-
-    /**
-     * @brief Get sfVoteSlots (soeOPTIONAL)
-     * @note This is an untyped field (unknown).
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    std::optional<std::reference_wrapper<STArray const>>
-    getVoteSlots() const
-    {
-        if (this->sle_->isFieldPresent(sfVoteSlots))
-            return this->sle_->getFieldArray(sfVoteSlots);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfVoteSlots is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasVoteSlots() const
-    {
-        return this->sle_->isFieldPresent(sfVoteSlots);
-    }
-
-    /**
-     * @brief Get sfAuctionSlot (soeOPTIONAL)
-     * @note This is an untyped field (unknown).
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    std::optional<STObject>
-    getAuctionSlot() const
-    {
-        if (this->sle_->isFieldPresent(sfAuctionSlot))
-            return this->sle_->getFieldObject(sfAuctionSlot);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfAuctionSlot is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasAuctionSlot() const
-    {
-        return this->sle_->isFieldPresent(sfAuctionSlot);
-    }
-
-    /**
-     * @brief Get sfLPTokenBalance (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_AMOUNT::type::value_type
-    getLPTokenBalance() const
-    {
-        return this->sle_->at(sfLPTokenBalance);
-    }
-
-    /**
-     * @brief Get sfAsset (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_ISSUE::type::value_type
-    getAsset() const
-    {
-        return this->sle_->at(sfAsset);
-    }
-
-    /**
-     * @brief Get sfAsset2 (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_ISSUE::type::value_type
-    getAsset2() const
-    {
-        return this->sle_->at(sfAsset2);
-    }
-
-    /**
-     * @brief Get sfOwnerNode (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_UINT64::type::value_type
-    getOwnerNode() const
-    {
-        return this->sle_->at(sfOwnerNode);
-    }
-
-    /**
-     * @brief Get sfPreviousTxnID (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT256::type::value_type>
-    getPreviousTxnID() const
-    {
-        if (hasPreviousTxnID())
-            return this->sle_->at(sfPreviousTxnID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfPreviousTxnID is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasPreviousTxnID() const
-    {
-        return this->sle_->isFieldPresent(sfPreviousTxnID);
-    }
-
-    /**
-     * @brief Get sfPreviousTxnLgrSeq (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getPreviousTxnLgrSeq() const
-    {
-        if (hasPreviousTxnLgrSeq())
-            return this->sle_->at(sfPreviousTxnLgrSeq);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfPreviousTxnLgrSeq is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasPreviousTxnLgrSeq() const
-    {
-        return this->sle_->isFieldPresent(sfPreviousTxnLgrSeq);
-    }
-};
-
-/**
- * @brief Builder for AMM ledger entries.
- *
- * Provides a fluent interface for constructing ledger entries with method chaining.
- * Uses Json::Value internally for flexible ledger entry construction.
- * Inherits common field setters from LedgerEntryBuilderBase.
- */
-class AMMBuilder : public LedgerEntryBuilderBase<AMMBuilder>
-{
-public:
-    /**
-     * @brief Construct a new AMMBuilder with required fields.
-     * @param account The sfAccount field value.
-     * @param lPTokenBalance The sfLPTokenBalance field value.
-     * @param asset The sfAsset field value.
-     * @param asset2 The sfAsset2 field value.
-     * @param ownerNode The sfOwnerNode field value.
-     */
-    AMMBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_AMOUNT::type::value_type> const& lPTokenBalance,std::decay_t<typename SF_ISSUE::type::value_type> const& asset,std::decay_t<typename SF_ISSUE::type::value_type> const& asset2,std::decay_t<typename SF_UINT64::type::value_type> const& ownerNode)
-        : LedgerEntryBuilderBase<AMMBuilder>(ltAMM)
-    {
-        setAccount(account);
-        setLPTokenBalance(lPTokenBalance);
-        setAsset(asset);
-        setAsset2(asset2);
-        setOwnerNode(ownerNode);
-    }
-
-    /**
-     * @brief Construct a AMMBuilder from an existing SLE object.
-     * @param sle The existing ledger entry to copy from.
-     * @throws std::runtime_error if the ledger entry type doesn't match.
-     */
-    AMMBuilder(std::shared_ptr<SLE const> sle)
-    {
-        if (sle->at(sfLedgerEntryType) != ltAMM)
-        {
-            throw std::runtime_error("Invalid ledger entry type for AMM");
-        }
-        object_ = *sle;
-    }
-
-    /** @brief Ledger entry-specific field setters */
-
-    /**
-     * @brief Set sfAccount (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
-    {
-        object_[sfAccount] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfTradingFee (soeDEFAULT)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setTradingFee(std::decay_t<typename SF_UINT16::type::value_type> const& value)
-    {
-        object_[sfTradingFee] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfVoteSlots (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setVoteSlots(STArray const& value)
-    {
-        object_.setFieldArray(sfVoteSlots, value);
-        return *this;
-    }
-
-    /**
-     * @brief Set sfAuctionSlot (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setAuctionSlot(STObject const& value)
-    {
-        object_.setFieldObject(sfAuctionSlot, value);
-        return *this;
-    }
-
-    /**
-     * @brief Set sfLPTokenBalance (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setLPTokenBalance(std::decay_t<typename SF_AMOUNT::type::value_type> const& value)
-    {
-        object_[sfLPTokenBalance] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfAsset (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setAsset(std::decay_t<typename SF_ISSUE::type::value_type> const& value)
-    {
-        object_[sfAsset] = STIssue(sfAsset, value);
-        return *this;
-    }
-
-    /**
-     * @brief Set sfAsset2 (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setAsset2(std::decay_t<typename SF_ISSUE::type::value_type> const& value)
-    {
-        object_[sfAsset2] = STIssue(sfAsset2, value);
-        return *this;
-    }
-
-    /**
-     * @brief Set sfOwnerNode (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setOwnerNode(std::decay_t<typename SF_UINT64::type::value_type> const& value)
-    {
-        object_[sfOwnerNode] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfPreviousTxnID (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfPreviousTxnID] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfPreviousTxnLgrSeq (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AMMBuilder&
-    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfPreviousTxnLgrSeq] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Build and return the completed AMM wrapper.
-     * @param index The ledger entry index.
-     * @return The constructed ledger entry wrapper.
-     */
-    AMM
-    build(uint256 const& index)
-    {
-        return AMM{std::make_shared<SLE>(std::move(object_), index)};
-    }
-};
-
-}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/AccountRoot.h

@@ -1,834 +0,0 @@
-// This file is auto-generated. Do not edit.
-#pragma once
-
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STParsedJSON.h>
-#include <xrpl/protocol/jss.h>
-#include <xrpl/protocol_autogen/LedgerEntryBase.h>
-#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
-#include <xrpl/json/json_value.h>
-
-#include <stdexcept>
-#include <optional>
-
-namespace xrpl::ledger_entries {
-
-class AccountRootBuilder;
-
-/**
- * @brief Ledger Entry: AccountRoot
- *
- * Type: ltACCOUNT_ROOT (0x0061)
- * RPC Name: account
- *
- * Immutable wrapper around SLE providing type-safe field access.
- * Use AccountRootBuilder to construct new ledger entries.
- */
-class AccountRoot : public LedgerEntryBase
-{
-public:
-    static constexpr LedgerEntryType entryType = ltACCOUNT_ROOT;
-
-    /**
-     * @brief Construct a AccountRoot ledger entry wrapper from an existing SLE object.
-     * @throws std::runtime_error if the ledger entry type doesn't match.
-     */
-    explicit AccountRoot(std::shared_ptr<SLE const> sle)
-        : LedgerEntryBase(std::move(sle))
-    {
-        // Verify ledger entry type
-        if (sle_->getType() != entryType)
-        {
-            throw std::runtime_error("Invalid ledger entry type for AccountRoot");
-        }
-    }
-
-    // Ledger entry-specific field getters
-
-    /**
-     * @brief Get sfAccount (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_ACCOUNT::type::value_type
-    getAccount() const
-    {
-        return this->sle_->at(sfAccount);
-    }
-
-    /**
-     * @brief Get sfSequence (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_UINT32::type::value_type
-    getSequence() const
-    {
-        return this->sle_->at(sfSequence);
-    }
-
-    /**
-     * @brief Get sfBalance (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_AMOUNT::type::value_type
-    getBalance() const
-    {
-        return this->sle_->at(sfBalance);
-    }
-
-    /**
-     * @brief Get sfOwnerCount (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_UINT32::type::value_type
-    getOwnerCount() const
-    {
-        return this->sle_->at(sfOwnerCount);
-    }
-
-    /**
-     * @brief Get sfPreviousTxnID (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_UINT256::type::value_type
-    getPreviousTxnID() const
-    {
-        return this->sle_->at(sfPreviousTxnID);
-    }
-
-    /**
-     * @brief Get sfPreviousTxnLgrSeq (soeREQUIRED)
-     * @return The field value.
-     */
-    [[nodiscard]]
-    SF_UINT32::type::value_type
-    getPreviousTxnLgrSeq() const
-    {
-        return this->sle_->at(sfPreviousTxnLgrSeq);
-    }
-
-    /**
-     * @brief Get sfAccountTxnID (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT256::type::value_type>
-    getAccountTxnID() const
-    {
-        if (hasAccountTxnID())
-            return this->sle_->at(sfAccountTxnID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfAccountTxnID is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasAccountTxnID() const
-    {
-        return this->sle_->isFieldPresent(sfAccountTxnID);
-    }
-
-    /**
-     * @brief Get sfRegularKey (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_ACCOUNT::type::value_type>
-    getRegularKey() const
-    {
-        if (hasRegularKey())
-            return this->sle_->at(sfRegularKey);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfRegularKey is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasRegularKey() const
-    {
-        return this->sle_->isFieldPresent(sfRegularKey);
-    }
-
-    /**
-     * @brief Get sfEmailHash (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT128::type::value_type>
-    getEmailHash() const
-    {
-        if (hasEmailHash())
-            return this->sle_->at(sfEmailHash);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfEmailHash is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasEmailHash() const
-    {
-        return this->sle_->isFieldPresent(sfEmailHash);
-    }
-
-    /**
-     * @brief Get sfWalletLocator (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT256::type::value_type>
-    getWalletLocator() const
-    {
-        if (hasWalletLocator())
-            return this->sle_->at(sfWalletLocator);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfWalletLocator is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasWalletLocator() const
-    {
-        return this->sle_->isFieldPresent(sfWalletLocator);
-    }
-
-    /**
-     * @brief Get sfWalletSize (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getWalletSize() const
-    {
-        if (hasWalletSize())
-            return this->sle_->at(sfWalletSize);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfWalletSize is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasWalletSize() const
-    {
-        return this->sle_->isFieldPresent(sfWalletSize);
-    }
-
-    /**
-     * @brief Get sfMessageKey (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_VL::type::value_type>
-    getMessageKey() const
-    {
-        if (hasMessageKey())
-            return this->sle_->at(sfMessageKey);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfMessageKey is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasMessageKey() const
-    {
-        return this->sle_->isFieldPresent(sfMessageKey);
-    }
-
-    /**
-     * @brief Get sfTransferRate (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getTransferRate() const
-    {
-        if (hasTransferRate())
-            return this->sle_->at(sfTransferRate);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfTransferRate is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasTransferRate() const
-    {
-        return this->sle_->isFieldPresent(sfTransferRate);
-    }
-
-    /**
-     * @brief Get sfDomain (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_VL::type::value_type>
-    getDomain() const
-    {
-        if (hasDomain())
-            return this->sle_->at(sfDomain);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfDomain is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasDomain() const
-    {
-        return this->sle_->isFieldPresent(sfDomain);
-    }
-
-    /**
-     * @brief Get sfTickSize (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT8::type::value_type>
-    getTickSize() const
-    {
-        if (hasTickSize())
-            return this->sle_->at(sfTickSize);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfTickSize is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasTickSize() const
-    {
-        return this->sle_->isFieldPresent(sfTickSize);
-    }
-
-    /**
-     * @brief Get sfTicketCount (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getTicketCount() const
-    {
-        if (hasTicketCount())
-            return this->sle_->at(sfTicketCount);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfTicketCount is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasTicketCount() const
-    {
-        return this->sle_->isFieldPresent(sfTicketCount);
-    }
-
-    /**
-     * @brief Get sfNFTokenMinter (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_ACCOUNT::type::value_type>
-    getNFTokenMinter() const
-    {
-        if (hasNFTokenMinter())
-            return this->sle_->at(sfNFTokenMinter);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfNFTokenMinter is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasNFTokenMinter() const
-    {
-        return this->sle_->isFieldPresent(sfNFTokenMinter);
-    }
-
-    /**
-     * @brief Get sfMintedNFTokens (soeDEFAULT)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getMintedNFTokens() const
-    {
-        if (hasMintedNFTokens())
-            return this->sle_->at(sfMintedNFTokens);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfMintedNFTokens is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasMintedNFTokens() const
-    {
-        return this->sle_->isFieldPresent(sfMintedNFTokens);
-    }
-
-    /**
-     * @brief Get sfBurnedNFTokens (soeDEFAULT)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getBurnedNFTokens() const
-    {
-        if (hasBurnedNFTokens())
-            return this->sle_->at(sfBurnedNFTokens);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfBurnedNFTokens is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasBurnedNFTokens() const
-    {
-        return this->sle_->isFieldPresent(sfBurnedNFTokens);
-    }
-
-    /**
-     * @brief Get sfFirstNFTokenSequence (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getFirstNFTokenSequence() const
-    {
-        if (hasFirstNFTokenSequence())
-            return this->sle_->at(sfFirstNFTokenSequence);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfFirstNFTokenSequence is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasFirstNFTokenSequence() const
-    {
-        return this->sle_->isFieldPresent(sfFirstNFTokenSequence);
-    }
-
-    /**
-     * @brief Get sfAMMID (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT256::type::value_type>
-    getAMMID() const
-    {
-        if (hasAMMID())
-            return this->sle_->at(sfAMMID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfAMMID is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasAMMID() const
-    {
-        return this->sle_->isFieldPresent(sfAMMID);
-    }
-
-    /**
-     * @brief Get sfVaultID (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT256::type::value_type>
-    getVaultID() const
-    {
-        if (hasVaultID())
-            return this->sle_->at(sfVaultID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfVaultID is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasVaultID() const
-    {
-        return this->sle_->isFieldPresent(sfVaultID);
-    }
-
-    /**
-     * @brief Get sfLoanBrokerID (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT256::type::value_type>
-    getLoanBrokerID() const
-    {
-        if (hasLoanBrokerID())
-            return this->sle_->at(sfLoanBrokerID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfLoanBrokerID is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasLoanBrokerID() const
-    {
-        return this->sle_->isFieldPresent(sfLoanBrokerID);
-    }
-};
-
-/**
- * @brief Builder for AccountRoot ledger entries.
- *
- * Provides a fluent interface for constructing ledger entries with method chaining.
- * Uses Json::Value internally for flexible ledger entry construction.
- * Inherits common field setters from LedgerEntryBuilderBase.
- */
-class AccountRootBuilder : public LedgerEntryBuilderBase<AccountRootBuilder>
-{
-public:
-    /**
-     * @brief Construct a new AccountRootBuilder with required fields.
-     * @param account The sfAccount field value.
-     * @param sequence The sfSequence field value.
-     * @param balance The sfBalance field value.
-     * @param ownerCount The sfOwnerCount field value.
-     * @param previousTxnID The sfPreviousTxnID field value.
-     * @param previousTxnLgrSeq The sfPreviousTxnLgrSeq field value.
-     */
-    AccountRootBuilder(std::decay_t<typename SF_ACCOUNT::type::value_type> const& account,std::decay_t<typename SF_UINT32::type::value_type> const& sequence,std::decay_t<typename SF_AMOUNT::type::value_type> const& balance,std::decay_t<typename SF_UINT32::type::value_type> const& ownerCount,std::decay_t<typename SF_UINT256::type::value_type> const& previousTxnID,std::decay_t<typename SF_UINT32::type::value_type> const& previousTxnLgrSeq)
-        : LedgerEntryBuilderBase<AccountRootBuilder>(ltACCOUNT_ROOT)
-    {
-        setAccount(account);
-        setSequence(sequence);
-        setBalance(balance);
-        setOwnerCount(ownerCount);
-        setPreviousTxnID(previousTxnID);
-        setPreviousTxnLgrSeq(previousTxnLgrSeq);
-    }
-
-    /**
-     * @brief Construct a AccountRootBuilder from an existing SLE object.
-     * @param sle The existing ledger entry to copy from.
-     * @throws std::runtime_error if the ledger entry type doesn't match.
-     */
-    AccountRootBuilder(std::shared_ptr<SLE const> sle)
-    {
-        if (sle->at(sfLedgerEntryType) != ltACCOUNT_ROOT)
-        {
-            throw std::runtime_error("Invalid ledger entry type for AccountRoot");
-        }
-        object_ = *sle;
-    }
-
-    /** @brief Ledger entry-specific field setters */
-
-    /**
-     * @brief Set sfAccount (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setAccount(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
-    {
-        object_[sfAccount] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfSequence (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setSequence(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfSequence] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfBalance (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setBalance(std::decay_t<typename SF_AMOUNT::type::value_type> const& value)
-    {
-        object_[sfBalance] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfOwnerCount (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setOwnerCount(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfOwnerCount] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfPreviousTxnID (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfPreviousTxnID] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfPreviousTxnLgrSeq (soeREQUIRED)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfPreviousTxnLgrSeq] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfAccountTxnID (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setAccountTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfAccountTxnID] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfRegularKey (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setRegularKey(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
-    {
-        object_[sfRegularKey] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfEmailHash (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setEmailHash(std::decay_t<typename SF_UINT128::type::value_type> const& value)
-    {
-        object_[sfEmailHash] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfWalletLocator (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setWalletLocator(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfWalletLocator] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfWalletSize (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setWalletSize(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfWalletSize] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfMessageKey (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setMessageKey(std::decay_t<typename SF_VL::type::value_type> const& value)
-    {
-        object_[sfMessageKey] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfTransferRate (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setTransferRate(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfTransferRate] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfDomain (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setDomain(std::decay_t<typename SF_VL::type::value_type> const& value)
-    {
-        object_[sfDomain] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfTickSize (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setTickSize(std::decay_t<typename SF_UINT8::type::value_type> const& value)
-    {
-        object_[sfTickSize] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfTicketCount (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setTicketCount(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfTicketCount] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfNFTokenMinter (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setNFTokenMinter(std::decay_t<typename SF_ACCOUNT::type::value_type> const& value)
-    {
-        object_[sfNFTokenMinter] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfMintedNFTokens (soeDEFAULT)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setMintedNFTokens(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfMintedNFTokens] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfBurnedNFTokens (soeDEFAULT)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setBurnedNFTokens(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfBurnedNFTokens] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfFirstNFTokenSequence (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setFirstNFTokenSequence(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfFirstNFTokenSequence] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfAMMID (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setAMMID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfAMMID] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfVaultID (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setVaultID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfVaultID] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfLoanBrokerID (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AccountRootBuilder&
-    setLoanBrokerID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfLoanBrokerID] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Build and return the completed AccountRoot wrapper.
-     * @param index The ledger entry index.
-     * @return The constructed ledger entry wrapper.
-     */
-    AccountRoot
-    build(uint256 const& index)
-    {
-        return AccountRoot{std::make_shared<SLE>(std::move(object_), index)};
-    }
-};
-
-}  // namespace xrpl::ledger_entries

include/xrpl/protocol_autogen/ledger_entries/Amendments.h

@@ -1,236 +0,0 @@
-// This file is auto-generated. Do not edit.
-#pragma once
-
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STParsedJSON.h>
-#include <xrpl/protocol/jss.h>
-#include <xrpl/protocol_autogen/LedgerEntryBase.h>
-#include <xrpl/protocol_autogen/LedgerEntryBuilderBase.h>
-#include <xrpl/json/json_value.h>
-
-#include <stdexcept>
-#include <optional>
-
-namespace xrpl::ledger_entries {
-
-class AmendmentsBuilder;
-
-/**
- * @brief Ledger Entry: Amendments
- *
- * Type: ltAMENDMENTS (0x0066)
- * RPC Name: amendments
- *
- * Immutable wrapper around SLE providing type-safe field access.
- * Use AmendmentsBuilder to construct new ledger entries.
- */
-class Amendments : public LedgerEntryBase
-{
-public:
-    static constexpr LedgerEntryType entryType = ltAMENDMENTS;
-
-    /**
-     * @brief Construct a Amendments ledger entry wrapper from an existing SLE object.
-     * @throws std::runtime_error if the ledger entry type doesn't match.
-     */
-    explicit Amendments(std::shared_ptr<SLE const> sle)
-        : LedgerEntryBase(std::move(sle))
-    {
-        // Verify ledger entry type
-        if (sle_->getType() != entryType)
-        {
-            throw std::runtime_error("Invalid ledger entry type for Amendments");
-        }
-    }
-
-    // Ledger entry-specific field getters
-
-    /**
-     * @brief Get sfAmendments (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_VECTOR256::type::value_type>
-    getAmendments() const
-    {
-        if (hasAmendments())
-            return this->sle_->at(sfAmendments);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfAmendments is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasAmendments() const
-    {
-        return this->sle_->isFieldPresent(sfAmendments);
-    }
-
-    /**
-     * @brief Get sfMajorities (soeOPTIONAL)
-     * @note This is an untyped field (unknown).
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    std::optional<std::reference_wrapper<STArray const>>
-    getMajorities() const
-    {
-        if (this->sle_->isFieldPresent(sfMajorities))
-            return this->sle_->getFieldArray(sfMajorities);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfMajorities is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasMajorities() const
-    {
-        return this->sle_->isFieldPresent(sfMajorities);
-    }
-
-    /**
-     * @brief Get sfPreviousTxnID (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT256::type::value_type>
-    getPreviousTxnID() const
-    {
-        if (hasPreviousTxnID())
-            return this->sle_->at(sfPreviousTxnID);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfPreviousTxnID is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasPreviousTxnID() const
-    {
-        return this->sle_->isFieldPresent(sfPreviousTxnID);
-    }
-
-    /**
-     * @brief Get sfPreviousTxnLgrSeq (soeOPTIONAL)
-     * @return The field value, or std::nullopt if not present.
-     */
-    [[nodiscard]]
-    protocol_autogen::Optional<SF_UINT32::type::value_type>
-    getPreviousTxnLgrSeq() const
-    {
-        if (hasPreviousTxnLgrSeq())
-            return this->sle_->at(sfPreviousTxnLgrSeq);
-        return std::nullopt;
-    }
-
-    /**
-     * @brief Check if sfPreviousTxnLgrSeq is present.
-     * @return True if the field is present, false otherwise.
-     */
-    [[nodiscard]]
-    bool
-    hasPreviousTxnLgrSeq() const
-    {
-        return this->sle_->isFieldPresent(sfPreviousTxnLgrSeq);
-    }
-};
-
-/**
- * @brief Builder for Amendments ledger entries.
- *
- * Provides a fluent interface for constructing ledger entries with method chaining.
- * Uses Json::Value internally for flexible ledger entry construction.
- * Inherits common field setters from LedgerEntryBuilderBase.
- */
-class AmendmentsBuilder : public LedgerEntryBuilderBase<AmendmentsBuilder>
-{
-public:
-    /**
-     * @brief Construct a new AmendmentsBuilder with required fields.
-     */
-    AmendmentsBuilder()
-        : LedgerEntryBuilderBase<AmendmentsBuilder>(ltAMENDMENTS)
-    {
-    }
-
-    /**
-     * @brief Construct a AmendmentsBuilder from an existing SLE object.
-     * @param sle The existing ledger entry to copy from.
-     * @throws std::runtime_error if the ledger entry type doesn't match.
-     */
-    AmendmentsBuilder(std::shared_ptr<SLE const> sle)
-    {
-        if (sle->at(sfLedgerEntryType) != ltAMENDMENTS)
-        {
-            throw std::runtime_error("Invalid ledger entry type for Amendments");
-        }
-        object_ = *sle;
-    }
-
-    /** @brief Ledger entry-specific field setters */
-
-    /**
-     * @brief Set sfAmendments (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AmendmentsBuilder&
-    setAmendments(std::decay_t<typename SF_VECTOR256::type::value_type> const& value)
-    {
-        object_[sfAmendments] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfMajorities (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AmendmentsBuilder&
-    setMajorities(STArray const& value)
-    {
-        object_.setFieldArray(sfMajorities, value);
-        return *this;
-    }
-
-    /**
-     * @brief Set sfPreviousTxnID (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AmendmentsBuilder&
-    setPreviousTxnID(std::decay_t<typename SF_UINT256::type::value_type> const& value)
-    {
-        object_[sfPreviousTxnID] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Set sfPreviousTxnLgrSeq (soeOPTIONAL)
-     * @return Reference to this builder for method chaining.
-     */
-    AmendmentsBuilder&
-    setPreviousTxnLgrSeq(std::decay_t<typename SF_UINT32::type::value_type> const& value)
-    {
-        object_[sfPreviousTxnLgrSeq] = value;
-        return *this;
-    }
-
-    /**
-     * @brief Build and return the completed Amendments wrapper.
-     * @param index The ledger entry index.
-     * @return The constructed ledger entry wrapper.
-     */
-    Amendments
-    build(uint256 const& index)
-    {
-        return Amendments{std::make_shared<SLE>(std::move(object_), index)};
-    }
-};
-
-}  // namespace xrpl::ledger_entries