Set version to 3.1.0-b1 (#6152)

- Spec: XLS-66
- Introduces amendment "LendingProtocol", but leaves it UNSUPPORTED to
  allow for standalone testing, future development work, and potential
  bug fixes.
- AccountInfo RPC will indicate the type of pseudo-account when
  appropriate.
- Refactors and improves several existing classes and functional areas,
  including Number, STAmount, STObject, json_value, Asset, directory
  handling, View helper functions, and unit test helpers.

.github/scripts/levelization/results/loops.txt

@@ -17,7 +17,7 @@ Loop: xrpld.app xrpld.rpc
   xrpld.rpc > xrpld.app
 
 Loop: xrpld.app xrpld.shamap
-  xrpld.shamap ~= xrpld.app
+  xrpld.app > xrpld.shamap
 
 Loop: xrpld.core xrpld.perflog
   xrpld.perflog == xrpld.core

.github/scripts/levelization/results/ordering.txt

@@ -8,10 +8,6 @@ libxrpl.ledger > xrpl.ledger
 libxrpl.ledger > xrpl.protocol
 libxrpl.net > xrpl.basics
 libxrpl.net > xrpl.net
-libxrpl.nodestore > xrpl.basics
-libxrpl.nodestore > xrpl.json
-libxrpl.nodestore > xrpl.nodestore
-libxrpl.nodestore > xrpl.protocol
 libxrpl.protocol > xrpl.basics
 libxrpl.protocol > xrpl.json
 libxrpl.protocol > xrpl.protocol
@@ -22,9 +18,6 @@ libxrpl.server > xrpl.basics
 libxrpl.server > xrpl.json
 libxrpl.server > xrpl.protocol
 libxrpl.server > xrpl.server
-libxrpl.shamap > xrpl.basics
-libxrpl.shamap > xrpl.protocol
-libxrpl.shamap > xrpl.shamap
 test.app > test.jtx
 test.app > test.rpc
 test.app > test.toplevel
@@ -32,11 +25,11 @@ test.app > test.unit_test
 test.app > xrpl.basics
 test.app > xrpld.app
 test.app > xrpld.core
+test.app > xrpld.nodestore
 test.app > xrpld.overlay
 test.app > xrpld.rpc
 test.app > xrpl.json
 test.app > xrpl.ledger
-test.app > xrpl.nodestore
 test.app > xrpl.protocol
 test.app > xrpl.resource
 test.basics > test.jtx
@@ -93,7 +86,8 @@ test.nodestore > test.toplevel
 test.nodestore > test.unit_test
 test.nodestore > xrpl.basics
 test.nodestore > xrpld.core
-test.nodestore > xrpl.nodestore
+test.nodestore > xrpld.nodestore
+test.nodestore > xrpld.unity
 test.overlay > test.jtx
 test.overlay > test.toplevel
 test.overlay > test.unit_test
@@ -101,8 +95,8 @@ test.overlay > xrpl.basics
 test.overlay > xrpld.app
 test.overlay > xrpld.overlay
 test.overlay > xrpld.peerfinder
+test.overlay > xrpld.shamap
 test.overlay > xrpl.protocol
-test.overlay > xrpl.shamap
 test.peerfinder > test.beast
 test.peerfinder > test.unit_test
 test.peerfinder > xrpl.basics
@@ -137,9 +131,9 @@ test.server > xrpl.json
 test.server > xrpl.server
 test.shamap > test.unit_test
 test.shamap > xrpl.basics
-test.shamap > xrpl.nodestore
+test.shamap > xrpld.nodestore
+test.shamap > xrpld.shamap
 test.shamap > xrpl.protocol
-test.shamap > xrpl.shamap
 test.toplevel > test.csf
 test.toplevel > xrpl.json
 test.unit_test > xrpl.basics
@@ -150,8 +144,6 @@ xrpl.json > xrpl.basics
 xrpl.ledger > xrpl.basics
 xrpl.ledger > xrpl.protocol
 xrpl.net > xrpl.basics
-xrpl.nodestore > xrpl.basics
-xrpl.nodestore > xrpl.protocol
 xrpl.protocol > xrpl.basics
 xrpl.protocol > xrpl.json
 xrpl.resource > xrpl.basics
@@ -160,21 +152,17 @@ xrpl.resource > xrpl.protocol
 xrpl.server > xrpl.basics
 xrpl.server > xrpl.json
 xrpl.server > xrpl.protocol
-xrpl.shamap > xrpl.basics
-xrpl.shamap > xrpl.nodestore
-xrpl.shamap > xrpl.protocol
 xrpld.app > test.unit_test
 xrpld.app > xrpl.basics
 xrpld.app > xrpld.conditions
 xrpld.app > xrpld.consensus
+xrpld.app > xrpld.nodestore
 xrpld.app > xrpld.perflog
 xrpld.app > xrpl.json
 xrpld.app > xrpl.ledger
 xrpld.app > xrpl.net
-xrpld.app > xrpl.nodestore
 xrpld.app > xrpl.protocol
 xrpld.app > xrpl.resource
-xrpld.app > xrpl.shamap
 xrpld.conditions > xrpl.basics
 xrpld.conditions > xrpl.protocol
 xrpld.consensus > xrpl.basics
@@ -184,6 +172,11 @@ xrpld.core > xrpl.basics
 xrpld.core > xrpl.json
 xrpld.core > xrpl.net
 xrpld.core > xrpl.protocol
+xrpld.nodestore > xrpl.basics
+xrpld.nodestore > xrpld.core
+xrpld.nodestore > xrpld.unity
+xrpld.nodestore > xrpl.json
+xrpld.nodestore > xrpl.protocol
 xrpld.overlay > xrpl.basics
 xrpld.overlay > xrpld.core
 xrpld.overlay > xrpld.peerfinder
@@ -199,11 +192,13 @@ xrpld.perflog > xrpl.basics
 xrpld.perflog > xrpl.json
 xrpld.rpc > xrpl.basics
 xrpld.rpc > xrpld.core
+xrpld.rpc > xrpld.nodestore
 xrpld.rpc > xrpl.json
 xrpld.rpc > xrpl.ledger
 xrpld.rpc > xrpl.net
-xrpld.rpc > xrpl.nodestore
 xrpld.rpc > xrpl.protocol
 xrpld.rpc > xrpl.resource
 xrpld.rpc > xrpl.server
-xrpld.shamap > xrpl.shamap
+xrpld.shamap > xrpl.basics
+xrpld.shamap > xrpld.nodestore
+xrpld.shamap > xrpl.protocol

.github/scripts/strategy-matrix/generate.py

@@ -130,16 +130,14 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         if os['distro_name'] == 'rhel' and architecture['platform'] == 'linux/arm64':
             continue
 
-        # We skip all clang-20 on arm64 due to boost 1.86 build error
-        if f'{os['compiler_name']}-{os['compiler_version']}' == 'clang-20' and architecture['platform'] == 'linux/arm64':
+        # We skip all clang 20+ on arm64 due to Boost build error.
+        if f'{os['compiler_name']}-{os['compiler_version']}' in ['clang-20', 'clang-21'] and architecture['platform'] == 'linux/arm64':
             continue
 
         # Enable code coverage for Debian Bookworm using GCC 15 in Debug and no
         # Unity on linux/amd64
         if f'{os['compiler_name']}-{os['compiler_version']}' == 'gcc-15' and build_type == 'Debug' and '-Dunity=OFF' in cmake_args and architecture['platform'] == 'linux/amd64':
             cmake_args = f'-Dcoverage=ON -Dcoverage_format=xml -DCODE_COVERAGE_VERBOSE=ON -DCMAKE_C_FLAGS=-O0 -DCMAKE_CXX_FLAGS=-O0 {cmake_args}'
-            cmake_target = 'coverage'
-            build_only = True
 
         # Generate a unique name for the configuration, e.g. macos-arm64-debug
         # or debian-bookworm-gcc-12-amd64-release-unity.

.github/scripts/strategy-matrix/linux.json

@@ -15,168 +15,196 @@
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "gcc",
       "compiler_version": "15",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "16",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "17",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "18",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "19",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "debian",
       "distro_version": "bookworm",
       "compiler_name": "clang",
       "compiler_version": "20",
-      "image_sha": "97ba375"
+      "image_sha": "0525eae"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "gcc",
+      "compiler_version": "14",
+      "image_sha": "0525eae"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "gcc",
+      "compiler_version": "15",
+      "image_sha": "0525eae"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "clang",
+      "compiler_version": "20",
+      "image_sha": "0525eae"
+    },
+    {
+      "distro_name": "debian",
+      "distro_version": "trixie",
+      "compiler_name": "clang",
+      "compiler_version": "21",
+      "image_sha": "0525eae"
     },
     {
       "distro_name": "rhel",
       "distro_version": "8",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "rhel",
       "distro_version": "8",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "rhel",
       "distro_version": "9",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "rhel",
       "distro_version": "10",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "rhel",
       "distro_version": "10",
       "compiler_name": "clang",
       "compiler_version": "any",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "jammy",
       "compiler_name": "gcc",
       "compiler_version": "12",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "gcc",
       "compiler_version": "13",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "gcc",
       "compiler_version": "14",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "16",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "17",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "18",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     },
     {
       "distro_name": "ubuntu",
       "distro_version": "noble",
       "compiler_name": "clang",
       "compiler_version": "19",
-      "image_sha": "97ba375"
+      "image_sha": "e1782cd"
     }
   ],
   "build_type": ["Debug", "Release"],

.github/workflows/on-pr.yml

@@ -115,7 +115,7 @@ jobs:
     needs:
       - should-run
       - build-test
-    if: ${{ needs.should-run.outputs.go == 'true' && contains(fromJSON('["release", "master"]'), github.ref_name) }}
+    if: ${{ needs.should-run.outputs.go == 'true' && (startsWith(github.base_ref, 'release') || github.base_ref == 'master') }}
     uses: ./.github/workflows/reusable-notify-clio.yml
     secrets:
       clio_notify_token: ${{ secrets.CLIO_NOTIFY_TOKEN }}

.github/workflows/on-trigger.yml

@@ -14,9 +14,7 @@ on:
       - "master"
     paths:
       # These paths are unique to `on-trigger.yml`.
-      - ".github/workflows/reusable-check-missing-commits.yml"
       - ".github/workflows/on-trigger.yml"
-      - ".github/workflows/publish-docs.yml"
 
       # Keep the paths below in sync with those in `on-pr.yml`.
       - ".github/actions/build-deps/**"
@@ -63,10 +61,6 @@ defaults:
     shell: bash
 
 jobs:
-  check-missing-commits:
-    if: ${{ github.event_name == 'push' && github.ref_type == 'branch' && contains(fromJSON('["develop", "release"]'), github.ref_name) }}
-    uses: ./.github/workflows/reusable-check-missing-commits.yml
-
   build-test:
     uses: ./.github/workflows/reusable-build-test.yml
     strategy:

.github/workflows/reusable-build-test-config.yml

@@ -7,19 +7,23 @@ on:
         description: "The directory where to build."
         required: true
         type: string
+
       build_only:
         description: 'Whether to only build or to build and test the code ("true", "false").'
         required: true
         type: boolean
+
       build_type:
         description: 'The build type to use ("Debug", "Release").'
         type: string
         required: true
+
       cmake_args:
         description: "Additional arguments to pass to CMake."
         required: false
         type: string
         default: ""
+
       cmake_target:
         description: "The CMake target to build."
         type: string
@@ -29,6 +33,7 @@ on:
         description: Runner to run the job on as a JSON string
         required: true
         type: string
+
       image:
         description: "The image to run in (leave empty to run natively)"
         required: true
@@ -50,28 +55,159 @@ on:
         description: "The Codecov token to use for uploading coverage reports."
         required: true
 
-jobs:
-  build:
-    uses: ./.github/workflows/reusable-build.yml
-    with:
-      build_dir: ${{ inputs.build_dir }}
-      build_type: ${{ inputs.build_type }}
-      cmake_args: ${{ inputs.cmake_args }}
-      cmake_target: ${{ inputs.cmake_target }}
-      runs_on: ${{ inputs.runs_on }}
-      image: ${{ inputs.image }}
-      config_name: ${{ inputs.config_name }}
-      nproc_subtract: ${{ inputs.nproc_subtract }}
-    secrets:
-      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+defaults:
+  run:
+    shell: bash
 
-  test:
-    needs: build
-    uses: ./.github/workflows/reusable-test.yml
-    with:
-      run_tests: ${{ !inputs.build_only }}
-      verify_voidstar: ${{ contains(inputs.cmake_args, '-Dvoidstar=ON') }}
-      runs_on: ${{ inputs.runs_on }}
-      image: ${{ inputs.image }}
-      config_name: ${{ inputs.config_name }}
-      nproc_subtract: ${{ inputs.nproc_subtract }}
+jobs:
+  build-and-test:
+    name: ${{ inputs.config_name }}
+    runs-on: ${{ fromJSON(inputs.runs_on) }}
+    container: ${{ inputs.image != '' && inputs.image || null }}
+    timeout-minutes: 60
+    env:
+      ENABLED_VOIDSTAR: ${{ contains(inputs.cmake_args, '-Dvoidstar=ON') }}
+      ENABLED_COVERAGE: ${{ contains(inputs.cmake_args, '-Dcoverage=ON') }}
+    steps:
+      - name: Cleanup workspace (macOS and Windows)
+        if: ${{ runner.os == 'macOS' || runner.os == 'Windows' }}
+        uses: XRPLF/actions/.github/actions/cleanup-workspace@01b244d2718865d427b499822fbd3f15e7197fcc
+
+      - name: Checkout repository
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+
+      - name: Prepare runner
+        uses: XRPLF/actions/.github/actions/prepare-runner@99685816bb60a95a66852f212f382580e180df3a
+        with:
+          disable_ccache: false
+
+      - name: Print build environment
+        uses: ./.github/actions/print-env
+
+      - name: Get number of processors
+        uses: XRPLF/actions/.github/actions/get-nproc@046b1620f6bfd6cd0985dc82c3df02786801fe0a
+        id: nproc
+        with:
+          subtract: ${{ inputs.nproc_subtract }}
+
+      - name: Setup Conan
+        uses: ./.github/actions/setup-conan
+
+      - name: Build dependencies
+        uses: ./.github/actions/build-deps
+        with:
+          build_dir: ${{ inputs.build_dir }}
+          build_nproc: ${{ steps.nproc.outputs.nproc }}
+          build_type: ${{ inputs.build_type }}
+          # Set the verbosity to "quiet" for Windows to avoid an excessive
+          # amount of logs. For other OSes, the "verbose" logs are more useful.
+          log_verbosity: ${{ runner.os == 'Windows' && 'quiet' || 'verbose' }}
+
+      - name: Configure CMake
+        working-directory: ${{ inputs.build_dir }}
+        env:
+          BUILD_TYPE: ${{ inputs.build_type }}
+          CMAKE_ARGS: ${{ inputs.cmake_args }}
+        run: |
+          cmake \
+            -G '${{ runner.os == 'Windows' && 'Visual Studio 17 2022' || 'Ninja' }}' \
+            -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
+            -DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
+            ${CMAKE_ARGS} \
+            ..
+
+      - name: Build the binary
+        working-directory: ${{ inputs.build_dir }}
+        env:
+          BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
+          BUILD_TYPE: ${{ inputs.build_type }}
+          CMAKE_TARGET: ${{ inputs.cmake_target }}
+        run: |
+          cmake \
+            --build . \
+            --config "${BUILD_TYPE}" \
+            --parallel "${BUILD_NPROC}" \
+            --target "${CMAKE_TARGET}"
+
+      - name: Upload rippled artifact (Linux)
+        if: ${{ github.repository_owner == 'XRPLF' && runner.os == 'Linux' }}
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        env:
+          BUILD_DIR: ${{ inputs.build_dir }}
+        with:
+          name: rippled-${{ inputs.config_name }}
+          path: ${{ env.BUILD_DIR }}/rippled
+          retention-days: 3
+          if-no-files-found: error
+
+      - name: Check linking (Linux)
+        if: ${{ runner.os == 'Linux' }}
+        working-directory: ${{ inputs.build_dir }}
+        run: |
+          ldd ./rippled
+          if [ "$(ldd ./rippled | grep -E '(libstdc\+\+|libgcc)' | wc -l)" -eq 0 ]; then
+            echo 'The binary is statically linked.'
+          else
+            echo 'The binary is dynamically linked.'
+            exit 1
+          fi
+
+      - name: Verify presence of instrumentation (Linux)
+        if: ${{ runner.os == 'Linux' && env.ENABLED_VOIDSTAR == 'true' }}
+        working-directory: ${{ inputs.build_dir }}
+        run: |
+          ./rippled --version | grep libvoidstar
+
+      - name: Run the separate tests
+        if: ${{ !inputs.build_only }}
+        working-directory: ${{ inputs.build_dir }}
+        # Windows locks some of the build files while running tests, and parallel jobs can collide
+        env:
+          BUILD_TYPE: ${{ inputs.build_type }}
+          PARALLELISM: ${{ runner.os == 'Windows' && '1' || steps.nproc.outputs.nproc }}
+        run: |
+          ctest \
+            --output-on-failure \
+            -C "${BUILD_TYPE}" \
+            -j "${PARALLELISM}"
+
+      - name: Run the embedded tests
+        if: ${{ !inputs.build_only }}
+        working-directory: ${{ runner.os == 'Windows' && format('{0}/{1}', inputs.build_dir, inputs.build_type) || inputs.build_dir }}
+        env:
+          BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
+        run: |
+          ./rippled --unittest --unittest-jobs "${BUILD_NPROC}"
+
+      - name: Debug failure (Linux)
+        if: ${{ failure() && runner.os == 'Linux' && !inputs.build_only }}
+        run: |
+          echo "IPv4 local port range:"
+          cat /proc/sys/net/ipv4/ip_local_port_range
+          echo "Netstat:"
+          netstat -an
+
+      - name: Prepare coverage report
+        if: ${{ !inputs.build_only && env.ENABLED_COVERAGE == 'true' }}
+        working-directory: ${{ inputs.build_dir }}
+        env:
+          BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
+          BUILD_TYPE: ${{ inputs.build_type }}
+        run: |
+          cmake \
+            --build . \
+            --config "${BUILD_TYPE}" \
+            --parallel "${BUILD_NPROC}" \
+            --target coverage
+
+      - name: Upload coverage report
+        if: ${{ github.repository_owner == 'XRPLF' && !inputs.build_only && env.ENABLED_COVERAGE == 'true' }}
+        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        with:
+          disable_search: true
+          disable_telem: true
+          fail_ci_if_error: true
+          files: ${{ inputs.build_dir }}/coverage.xml
+          plugins: noop
+          token: ${{ secrets.CODECOV_TOKEN }}
+          verbose: true

.github/workflows/reusable-build.yml

@@ -1,154 +0,0 @@
-name: Build rippled
-
-on:
-  workflow_call:
-    inputs:
-      build_dir:
-        description: "The directory where to build."
-        required: true
-        type: string
-      build_type:
-        description: 'The build type to use ("Debug", "Release").'
-        required: true
-        type: string
-      cmake_args:
-        description: "Additional arguments to pass to CMake."
-        required: true
-        type: string
-      cmake_target:
-        description: "The CMake target to build."
-        required: true
-        type: string
-
-      runs_on:
-        description: Runner to run the job on as a JSON string
-        required: true
-        type: string
-      image:
-        description: "The image to run in (leave empty to run natively)"
-        required: true
-        type: string
-
-      config_name:
-        description: "The name of the configuration."
-        required: true
-        type: string
-
-      nproc_subtract:
-        description: "The number of processors to subtract when calculating parallelism."
-        required: true
-        type: number
-
-    secrets:
-      CODECOV_TOKEN:
-        description: "The Codecov token to use for uploading coverage reports."
-        required: true
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  build:
-    name: Build ${{ inputs.config_name }}
-    runs-on: ${{ fromJSON(inputs.runs_on) }}
-    container: ${{ inputs.image != '' && inputs.image || null }}
-    timeout-minutes: 60
-    steps:
-      - name: Cleanup workspace
-        if: ${{ runner.os == 'macOS' }}
-        uses: XRPLF/actions/.github/actions/cleanup-workspace@3f044c7478548e3c32ff68980eeb36ece02b364e
-
-      - name: Checkout repository
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
-
-      - name: Prepare runner
-        uses: XRPLF/actions/.github/actions/prepare-runner@99685816bb60a95a66852f212f382580e180df3a
-        with:
-          disable_ccache: false
-
-      - name: Print build environment
-        uses: ./.github/actions/print-env
-
-      - name: Get number of processors
-        uses: XRPLF/actions/.github/actions/get-nproc@046b1620f6bfd6cd0985dc82c3df02786801fe0a
-        id: nproc
-        with:
-          subtract: ${{ inputs.nproc_subtract }}
-
-      - name: Setup Conan
-        uses: ./.github/actions/setup-conan
-
-      - name: Build dependencies
-        uses: ./.github/actions/build-deps
-        with:
-          build_dir: ${{ inputs.build_dir }}
-          build_nproc: ${{ steps.nproc.outputs.nproc }}
-          build_type: ${{ inputs.build_type }}
-          # Set the verbosity to "quiet" for Windows to avoid an excessive
-          # amount of logs. For other OSes, the "verbose" logs are more useful.
-          log_verbosity: ${{ runner.os == 'Windows' && 'quiet' || 'verbose' }}
-
-      - name: Configure CMake
-        shell: bash
-        working-directory: ${{ inputs.build_dir }}
-        env:
-          BUILD_TYPE: ${{ inputs.build_type }}
-          CMAKE_ARGS: ${{ inputs.cmake_args }}
-        run: |
-          cmake \
-            -G '${{ runner.os == 'Windows' && 'Visual Studio 17 2022' || 'Ninja' }}' \
-            -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
-            -DCMAKE_BUILD_TYPE="${BUILD_TYPE}" \
-            ${CMAKE_ARGS} \
-            ..
-
-      - name: Build the binary
-        shell: bash
-        working-directory: ${{ inputs.build_dir }}
-        env:
-          BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
-          BUILD_TYPE: ${{ inputs.build_type }}
-          CMAKE_TARGET: ${{ inputs.cmake_target }}
-        run: |
-          cmake \
-            --build . \
-            --config "${BUILD_TYPE}" \
-            --parallel ${BUILD_NPROC} \
-            --target "${CMAKE_TARGET}"
-
-      - name: Put built binaries in one location
-        shell: bash
-        working-directory: ${{ inputs.build_dir }}
-        env:
-          BUILD_TYPE_DIR: ${{ runner.os == 'Windows' && inputs.build_type || '' }}
-          CMAKE_TARGET: ${{ inputs.cmake_target }}
-        run: |
-          mkdir -p ./binaries/doctest/
-
-          cp ./${BUILD_TYPE_DIR}/rippled* ./binaries/
-          if [ "${CMAKE_TARGET}" != 'coverage' ]; then
-            cp ./src/tests/libxrpl/${BUILD_TYPE_DIR}/xrpl.test.* ./binaries/doctest/
-          fi
-
-      - name: Upload rippled artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        env:
-          BUILD_DIR: ${{ inputs.build_dir }}
-        with:
-          name: rippled-${{ inputs.config_name }}
-          path: ${{ env.BUILD_DIR }}/binaries/
-          retention-days: 3
-          if-no-files-found: error
-
-      - name: Upload coverage report
-        if: ${{ github.repository_owner == 'XRPLF' && inputs.cmake_target == 'coverage' }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
-        with:
-          disable_search: true
-          disable_telem: true
-          fail_ci_if_error: true
-          files: ${{ inputs.build_dir }}/coverage.xml
-          plugins: noop
-          token: ${{ secrets.CODECOV_TOKEN }}
-          verbose: true

.github/workflows/reusable-check-missing-commits.yml

@@ -1,62 +0,0 @@
-# This workflow checks that all commits in the "master" branch are also in the
-# "release" and "develop" branches, and that all commits in the "release" branch
-# are also in the "develop" branch.
-name: Check for missing commits
-
-# This workflow can only be triggered by other workflows.
-on: workflow_call
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}-missing-commits
-  cancel-in-progress: true
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  check:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
-        with:
-          fetch-depth: 0
-      - name: Check for missing commits
-        env:
-          MESSAGE: |
-
-            If you are reading this, then the commits indicated above are missing
-            from the "develop" and/or "release" branch. Do a reverse-merge as soon
-            as possible. See CONTRIBUTING.md for instructions.
-        run: |
-          set -o pipefail
-          # Branches are ordered by how "canonical" they are. Every commit in one
-          # branch should be in all the branches behind it.
-          order=(master release develop)
-          branches=()
-          for branch in "${order[@]}"; do
-            # Check that the branches exist so that this job will work on forked
-            # repos, which don't necessarily have master and release branches.
-            echo "Checking if ${branch} exists."
-            if git ls-remote --exit-code --heads origin \
-              refs/heads/${branch} > /dev/null; then
-              branches+=(origin/${branch})
-            fi
-          done
-
-          prior=()
-          for branch in "${branches[@]}"; do
-            if [[ ${#prior[@]} -ne 0 ]]; then
-              echo "Checking ${prior[@]} for commits missing from ${branch}."
-              git log --oneline --no-merges "${prior[@]}" \
-                ^$branch | tee -a "missing-commits.txt"
-              echo
-            fi
-            prior+=("${branch}")
-          done
-
-          if [[ $(cat missing-commits.txt | wc -l) -ne 0 ]]; then
-            echo "${MESSAGE}"
-            exit 1
-          fi

.github/workflows/reusable-strategy-matrix.yml

@@ -18,6 +18,10 @@ on:
         description: "The generated strategy matrix."
         value: ${{ jobs.generate-matrix.outputs.matrix }}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   generate-matrix:
     runs-on: ubuntu-latest

.github/workflows/reusable-test.yml

@@ -1,111 +0,0 @@
-name: Test rippled
-
-on:
-  workflow_call:
-    inputs:
-      verify_voidstar:
-        description: "Whether to verify the presence of voidstar instrumentation."
-        required: true
-        type: boolean
-      run_tests:
-        description: "Whether to run unit tests"
-        required: true
-        type: boolean
-
-      runs_on:
-        description: Runner to run the job on as a JSON string
-        required: true
-        type: string
-      image:
-        description: "The image to run in (leave empty to run natively)"
-        required: true
-        type: string
-
-      config_name:
-        description: "The name of the configuration."
-        required: true
-        type: string
-
-      nproc_subtract:
-        description: "The number of processors to subtract when calculating parallelism."
-        required: true
-        type: number
-
-jobs:
-  test:
-    name: Test ${{ inputs.config_name }}
-    runs-on: ${{ fromJSON(inputs.runs_on) }}
-    container: ${{ inputs.image != '' && inputs.image || null }}
-    timeout-minutes: 30
-    steps:
-      - name: Cleanup workspace
-        if: ${{ runner.os == 'macOS' }}
-        uses: XRPLF/actions/.github/actions/cleanup-workspace@3f044c7478548e3c32ff68980eeb36ece02b364e
-
-      - name: Get number of processors
-        uses: XRPLF/actions/.github/actions/get-nproc@046b1620f6bfd6cd0985dc82c3df02786801fe0a
-        id: nproc
-        with:
-          subtract: ${{ inputs.nproc_subtract }}
-
-      - name: Download rippled artifact
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: rippled-${{ inputs.config_name }}
-
-      - name: Make binary executable (Linux and macOS)
-        shell: bash
-        if: ${{ runner.os == 'Linux' || runner.os == 'macOS' }}
-        run: |
-          chmod +x ./rippled
-
-      - name: Check linking (Linux)
-        if: ${{ runner.os == 'Linux' }}
-        shell: bash
-        run: |
-          ldd ./rippled
-          if [ "$(ldd ./rippled | grep -E '(libstdc\+\+|libgcc)' | wc -l)" -eq 0 ]; then
-            echo 'The binary is statically linked.'
-          else
-            echo 'The binary is dynamically linked.'
-            exit 1
-          fi
-
-      - name: Verifying presence of instrumentation
-        if: ${{ inputs.verify_voidstar }}
-        shell: bash
-        run: |
-          ./rippled --version | grep libvoidstar
-
-      - name: Run the embedded tests
-        if: ${{ inputs.run_tests }}
-        shell: bash
-        env:
-          BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
-        run: |
-          ./rippled --unittest --unittest-jobs ${BUILD_NPROC}
-
-      - name: Run the separate tests
-        if: ${{ inputs.run_tests }}
-        env:
-          EXT: ${{ runner.os == 'Windows' && '.exe' || '' }}
-        shell: bash
-        run: |
-          for test_file in ./doctest/*${EXT}; do
-            echo "Executing $test_file"
-            chmod +x "$test_file"
-            if [[ "${{ runner.os }}" == "Windows" && "$test_file" == "./doctest/xrpl.test.net.exe" ]]; then
-              echo "Skipping $test_file on Windows"
-            else
-              "$test_file"
-            fi
-          done
-
-      - name: Debug failure (Linux)
-        if: ${{ failure() && runner.os == 'Linux' && inputs.run_tests }}
-        shell: bash
-        run: |
-          echo "IPv4 local port range:"
-          cat /proc/sys/net/ipv4/ip_local_port_range
-          echo "Netstat:"
-          netstat -an

.github/workflows/upload-conan-deps.yml

@@ -40,6 +40,10 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   # Generate the strategy matrix to be used by the following job.
   generate-matrix:
@@ -58,9 +62,9 @@ jobs:
     runs-on: ${{ matrix.architecture.runner }}
     container: ${{ contains(matrix.architecture.platform, 'linux') && format('ghcr.io/xrplf/ci/{0}-{1}:{2}-{3}-sha-{4}', matrix.os.distro_name, matrix.os.distro_version, matrix.os.compiler_name, matrix.os.compiler_version, matrix.os.image_sha) || null }}
     steps:
-      - name: Cleanup workspace
-        if: ${{ runner.os == 'macOS' }}
-        uses: XRPLF/actions/.github/actions/cleanup-workspace@3f044c7478548e3c32ff68980eeb36ece02b364e
+      - name: Cleanup workspace (macOS and Windows)
+        if: ${{ runner.os == 'macOS' || runner.os == 'Windows' }}
+        uses: XRPLF/actions/.github/actions/cleanup-workspace@01b244d2718865d427b499822fbd3f15e7197fcc
 
       - name: Checkout repository
         uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0

.pre-commit-config.yaml

@@ -34,6 +34,5 @@ repos:
 exclude: |
   (?x)^(
       external/.*|
-      .github/scripts/levelization/results/.*\.txt|
-      conan\.lock
+      .github/scripts/levelization/results/.*\.txt
   )$

BUILD.md

@@ -495,18 +495,18 @@ A coverage report is created when the following steps are completed, in order:
 
 1. `rippled` binary built with instrumentation data, enabled by the `coverage`
    option mentioned above
-2. completed run of unit tests, which populates coverage capture data
+2. completed one or more run of the unit tests, which populates coverage capture data
 3. completed run of the `gcovr` tool (which internally invokes either `gcov` or `llvm-cov`)
    to assemble both instrumentation data and the coverage capture data into a coverage report
 
-The above steps are automated into a single target `coverage`. The instrumented
+The last step of the above is automated into a single target `coverage`. The instrumented
 `rippled` binary can also be used for regular development or testing work, at
 the cost of extra disk space utilization and a small performance hit
-(to store coverage capture). In case of a spurious failure of unit tests, it is
-possible to re-run the `coverage` target without rebuilding the `rippled` binary
-(since it is simply a dependency of the coverage report target). It is also possible
-to select only specific tests for the purpose of the coverage report, by setting
-the `coverage_test` variable in `cmake`
+(to store coverage capture data). Since `rippled` binary is simply a dependency of the
+coverage report target, it is possible to re-run the `coverage` target without
+rebuilding the `rippled` binary. Note, running of the unit tests before the `coverage`
+target is left to the developer. Each such run will append to the coverage data
+collected in the build directory.
 
 The default coverage report format is `html-details`, but the user
 can override it to any of the formats listed in `Builds/CMake/CodeCoverage.cmake`
@@ -515,11 +515,6 @@ to generate more than one format at a time by setting the `coverage_extra_args`
 variable in `cmake`. The specific command line used to run the `gcovr` tool will be
 displayed if the `CODE_COVERAGE_VERBOSE` variable is set.
 
-By default, the code coverage tool runs parallel unit tests with `--unittest-jobs`
-set to the number of available CPU cores. This may cause spurious test
-errors on Apple. Developers can override the number of unit test jobs with
-the `coverage_test_parallelism` variable in `cmake`.
-
 Example use with some cmake variables set:
 
 ```

cfg/rippled-example.cfg

@@ -975,47 +975,6 @@
 #                           number of ledger records online. Must be greater
 #                           than or equal to ledger_history.
 #
-#   Optional keys for NuDB only:
-#
-#       nudb_block_size     EXPERIMENTAL: Block size in bytes for NuDB storage.
-#                           Must be a power of 2 between 4096 and 32768. Default is 4096.
-#
-#                           This parameter controls the fundamental storage unit
-#                           size for NuDB's internal data structures. The choice
-#                           of block size can significantly impact performance
-#                           depending on your storage hardware and filesystem:
-#
-#                           - 4096 bytes: Optimal for most standard SSDs and
-#                             traditional filesystems (ext4, NTFS, HFS+).
-#                             Provides good balance of performance and storage
-#                             efficiency. Recommended for most deployments.
-#                             Minimizes memory footprint and provides consistent
-#                             low-latency access patterns across diverse hardware.
-#
-#                           - 8192-16384 bytes: May improve performance on
-#                             high-end NVMe SSDs and copy-on-write filesystems
-#                             like ZFS or Btrfs that benefit from larger block
-#                             alignment. Can reduce metadata overhead for large
-#                             databases. Offers better sequential throughput and
-#                             reduced I/O operations at the cost of higher memory
-#                             usage per operation.
-#
-#                           - 32768 bytes (32K): Maximum supported block size
-#                             for high-performance scenarios with very fast
-#                             storage. May increase memory usage and reduce
-#                             efficiency for smaller databases. Best suited for
-#                             enterprise environments with abundant RAM.
-#
-#                           Performance testing is recommended before deploying
-#                           any non-default block size in production environments.
-#
-#                           Note: This setting cannot be changed after database
-#                           creation without rebuilding the entire database.
-#                           Choose carefully based on your hardware and expected
-#                           database size.
-#
-#                           Example: nudb_block_size=4096
-#
 #       These keys modify the behavior of online_delete, and thus are only
 #       relevant if online_delete is defined and non-zero:
 #
@@ -1512,7 +1471,6 @@ secure_gateway = 127.0.0.1
 [node_db]
 type=NuDB
 path=/var/lib/rippled/db/nudb
-nudb_block_size=4096
 online_delete=512
 advisory_delete=0
 

cmake/CMakeFuncs.cmake

@@ -1,21 +1,3 @@
-macro(group_sources_in source_dir curdir)
-  file(GLOB children RELATIVE ${source_dir}/${curdir}
-    ${source_dir}/${curdir}/*)
-  foreach (child ${children})
-    if (IS_DIRECTORY ${source_dir}/${curdir}/${child})
-      group_sources_in(${source_dir} ${curdir}/${child})
-    else()
-      string(REPLACE "/" "\\" groupname ${curdir})
-      source_group(${groupname} FILES
-        ${source_dir}/${curdir}/${child})
-    endif()
-  endforeach()
-endmacro()
-
-macro(group_sources curdir)
-  group_sources_in(${PROJECT_SOURCE_DIR} ${curdir})
-endmacro()
-
 macro (exclude_from_default target_)
   set_target_properties (${target_} PROPERTIES EXCLUDE_FROM_ALL ON)
   set_target_properties (${target_} PROPERTIES EXCLUDE_FROM_DEFAULT_BUILD ON)

cmake/CodeCoverage.cmake

@@ -109,6 +109,9 @@
 #     - add a new function add_code_coverage_to_target
 #     - remove some unused code
 #
+# 2025-11-11, Bronek Kozicki
+#     - make EXECUTABLE and EXECUTABLE_ARGS optional
+#
 # USAGE:
 #
 # 1. Copy this file into your cmake modules path.
@@ -317,6 +320,10 @@ function(setup_target_for_coverage_gcovr)
         set(Coverage_FORMAT xml)
     endif()
 
+    if(NOT DEFINED Coverage_EXECUTABLE AND DEFINED Coverage_EXECUTABLE_ARGS)
+        message(FATAL_ERROR "EXECUTABLE_ARGS must not be set if EXECUTABLE is not set")
+    endif()
+
     if("--output" IN_LIST GCOVR_ADDITIONAL_ARGS)
         message(FATAL_ERROR "Unsupported --output option detected in GCOVR_ADDITIONAL_ARGS! Aborting...")
     else()
@@ -398,17 +405,18 @@ function(setup_target_for_coverage_gcovr)
     endforeach()
 
     # Set up commands which will be run to generate coverage data
-    # Run tests
-    set(GCOVR_EXEC_TESTS_CMD
-        ${Coverage_EXECUTABLE} ${Coverage_EXECUTABLE_ARGS}
-    )
+    # If EXECUTABLE is not set, the user is expected to run the tests manually
+    # before running the coverage target NAME
+    if(DEFINED Coverage_EXECUTABLE)
+        set(GCOVR_EXEC_TESTS_CMD
+            ${Coverage_EXECUTABLE} ${Coverage_EXECUTABLE_ARGS}
+        )
+    endif()
 
     # Create folder
     if(DEFINED GCOVR_CREATE_FOLDER)
         set(GCOVR_FOLDER_CMD
             ${CMAKE_COMMAND} -E make_directory ${GCOVR_CREATE_FOLDER})
-    else()
-        set(GCOVR_FOLDER_CMD echo) # dummy
     endif()
 
     # Running gcovr
@@ -425,11 +433,13 @@ function(setup_target_for_coverage_gcovr)
     if(CODE_COVERAGE_VERBOSE)
         message(STATUS "Executed command report")
 
-        message(STATUS "Command to run tests: ")
-        string(REPLACE ";" " " GCOVR_EXEC_TESTS_CMD_SPACED "${GCOVR_EXEC_TESTS_CMD}")
-        message(STATUS "${GCOVR_EXEC_TESTS_CMD_SPACED}")
+        if(NOT "${GCOVR_EXEC_TESTS_CMD}" STREQUAL "")
+            message(STATUS "Command to run tests: ")
+            string(REPLACE ";" " " GCOVR_EXEC_TESTS_CMD_SPACED "${GCOVR_EXEC_TESTS_CMD}")
+            message(STATUS "${GCOVR_EXEC_TESTS_CMD_SPACED}")
+        endif()
 
-        if(NOT GCOVR_FOLDER_CMD STREQUAL "echo")
+        if(NOT "${GCOVR_FOLDER_CMD}" STREQUAL "")
             message(STATUS "Command to create a folder: ")
             string(REPLACE ";" " " GCOVR_FOLDER_CMD_SPACED "${GCOVR_FOLDER_CMD}")
             message(STATUS "${GCOVR_FOLDER_CMD_SPACED}")

cmake/RippleConfig.cmake

@@ -12,7 +12,7 @@ if (static OR MSVC)
 else ()
   set (Boost_USE_STATIC_RUNTIME OFF)
 endif ()
-find_dependency (Boost 1.70
+find_dependency (Boost
   COMPONENTS
     chrono
     container
@@ -45,12 +45,10 @@ if (static OR APPLE OR MSVC)
   set (OPENSSL_USE_STATIC_LIBS ON)
 endif ()
 set (OPENSSL_MSVC_STATIC_RT ON)
-find_dependency (OpenSSL REQUIRED)
+find_dependency (OpenSSL 1.1.1 REQUIRED)
 find_dependency (ZLIB)
 find_dependency (date)
 if (TARGET ZLIB::ZLIB)
   set_target_properties(OpenSSL::Crypto PROPERTIES
     INTERFACE_LINK_LIBRARIES ZLIB::ZLIB)
 endif ()
-
-include ("${CMAKE_CURRENT_LIST_DIR}/RippleTargets.cmake")

cmake/RippledCompiler.cmake

@@ -16,16 +16,13 @@ set(CMAKE_CXX_EXTENSIONS OFF)
 target_compile_definitions (common
   INTERFACE
     $<$<CONFIG:Debug>:DEBUG _DEBUG>
-    #[===[
-    NOTE: CMAKE release builds already have NDEBUG defined, so no need to add it
-    explicitly except for the special case of (profile ON) and (assert OFF).
-    Presumably this is because we don't want profile builds asserting unless
-    asserts were specifically requested.
-    ]===]
-    $<$<AND:$<BOOL:${profile}>,$<NOT:$<BOOL:${assert}>>>:NDEBUG>
-    # TODO: Remove once we have migrated functions from OpenSSL 1.x to 3.x.
-    OPENSSL_SUPPRESS_DEPRECATED
-)
+    $<$<AND:$<BOOL:${profile}>,$<NOT:$<BOOL:${assert}>>>:NDEBUG>)
+    # ^^^^ NOTE: CMAKE release builds already have NDEBUG
+    # defined, so no need to add it explicitly except for
+    # this special case of (profile ON) and (assert OFF)
+    # -- presumably this is because we don't want profile
+    # builds asserting unless asserts were specifically
+    # requested
 
 if (MSVC)
   # remove existing exception flag since we set it to -EHa

cmake/RippledCore.cmake

@@ -53,15 +53,14 @@ add_library(xrpl.imports.main INTERFACE)
 
 target_link_libraries(xrpl.imports.main
   INTERFACE
-    absl::random_random
-    date::date
-    ed25519::ed25519
     LibArchive::LibArchive
     OpenSSL::Crypto
     Ripple::boost
-    Ripple::libs
     Ripple::opts
     Ripple::syslibs
+    absl::random_random
+    date::date
+    ed25519::ed25519
     secp256k1::secp256k1
     xrpl.libpb
     xxHash::xxhash
@@ -73,10 +72,7 @@ include(target_link_modules)
 
 # Level 01
 add_module(xrpl beast)
-target_link_libraries(xrpl.libxrpl.beast PUBLIC
-  xrpl.imports.main
-  xrpl.libpb
-)
+target_link_libraries(xrpl.libxrpl.beast PUBLIC xrpl.imports.main)
 
 # Level 02
 add_module(xrpl basics)
@@ -112,21 +108,6 @@ target_link_libraries(xrpl.libxrpl.net PUBLIC
 add_module(xrpl server)
 target_link_libraries(xrpl.libxrpl.server PUBLIC xrpl.libxrpl.protocol)
 
-add_module(xrpl nodestore)
-target_link_libraries(xrpl.libxrpl.nodestore PUBLIC
-        xrpl.libxrpl.basics
-        xrpl.libxrpl.json
-        xrpl.libxrpl.protocol
-)
-
-add_module(xrpl shamap)
-target_link_libraries(xrpl.libxrpl.shamap PUBLIC
-        xrpl.libxrpl.basics
-        xrpl.libxrpl.crypto
-        xrpl.libxrpl.protocol
-        xrpl.libxrpl.nodestore
-)
-
 add_module(xrpl ledger)
 target_link_libraries(xrpl.libxrpl.ledger PUBLIC
   xrpl.libxrpl.basics
@@ -152,8 +133,6 @@ target_link_modules(xrpl PUBLIC
   protocol
   resource
   server
-  nodestore
-  shamap
   net
   ledger
 )

cmake/RippledCov.cmake

@@ -11,6 +11,9 @@ if(CMAKE_CXX_COMPILER_ID MATCHES "MSVC")
   return()
 endif()
 
+include(ProcessorCount)
+ProcessorCount(PROCESSOR_COUNT)
+
 include(CodeCoverage)
 
 # The instructions for these commands come from the `CodeCoverage` module,
@@ -26,15 +29,13 @@ list(APPEND GCOVR_ADDITIONAL_ARGS
   --exclude-throw-branches
   --exclude-noncode-lines
   --exclude-unreachable-branches -s
-  -j ${coverage_test_parallelism})
+  -j ${PROCESSOR_COUNT})
 
 setup_target_for_coverage_gcovr(
   NAME coverage
   FORMAT ${coverage_format}
-  EXECUTABLE rippled
-  EXECUTABLE_ARGS --unittest$<$<BOOL:${coverage_test}>:=${coverage_test}> --unittest-jobs ${coverage_test_parallelism} --quiet --unittest-log
   EXCLUDE "src/test" "src/tests" "include/xrpl/beast/test" "include/xrpl/beast/unit_test" "${CMAKE_BINARY_DIR}/pb-xrpl.libpb"
-  DEPENDENCIES rippled
+  DEPENDENCIES rippled xrpl.tests
 )
 
 add_code_coverage_to_target(opts INTERFACE)

cmake/RippledInstall.cmake

@@ -8,23 +8,20 @@ install (
   TARGETS
     common
     opts
-    ripple_boost
-    ripple_libs
     ripple_syslibs
+    ripple_boost
     xrpl.imports.main
     xrpl.libpb
-    xrpl.libxrpl
     xrpl.libxrpl.basics
     xrpl.libxrpl.beast
     xrpl.libxrpl.crypto
     xrpl.libxrpl.json
-    xrpl.libxrpl.ledger
-    xrpl.libxrpl.net
-    xrpl.libxrpl.nodestore
     xrpl.libxrpl.protocol
     xrpl.libxrpl.resource
+    xrpl.libxrpl.ledger
     xrpl.libxrpl.server
-    xrpl.libxrpl.shamap
+    xrpl.libxrpl.net
+    xrpl.libxrpl
     antithesis-sdk-cpp
   EXPORT RippleExports
   LIBRARY DESTINATION lib
@@ -41,7 +38,7 @@ install(CODE "
   set(CMAKE_MODULE_PATH \"${CMAKE_MODULE_PATH}\")
   include(create_symbolic_link)
   create_symbolic_link(xrpl \
-    \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR}/ripple)
+    \${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR}/ripple)
 ")
 
 install (EXPORT RippleExports
@@ -75,7 +72,7 @@ if (is_root_project AND TARGET rippled)
     set(CMAKE_MODULE_PATH \"${CMAKE_MODULE_PATH}\")
     include(create_symbolic_link)
     create_symbolic_link(rippled${suffix} \
-       \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}/xrpld${suffix})
+      \${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}/xrpld${suffix})
   ")
 endif ()
 

cmake/RippledSanity.cmake

@@ -1,5 +1,5 @@
 #[===================================================================[
-   convenience variables and sanity checks
+   sanity checks
 #]===================================================================]
 
 get_property(is_multiconfig GLOBAL PROPERTY GENERATOR_IS_MULTI_CONFIG)
@@ -16,39 +16,19 @@ if (NOT is_multiconfig)
   endif ()
 endif ()
 
-get_directory_property(has_parent PARENT_DIRECTORY)
-if (has_parent)
-  set (is_root_project OFF)
-else ()
-  set (is_root_project ON)
-endif ()
-
 if ("${CMAKE_CXX_COMPILER_ID}" MATCHES ".*Clang") # both Clang and AppleClang
   set (is_clang TRUE)
   if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang" AND
-         CMAKE_CXX_COMPILER_VERSION VERSION_LESS 8.0)
-    message (FATAL_ERROR "This project requires clang 8 or later")
+         CMAKE_CXX_COMPILER_VERSION VERSION_LESS 16.0)
+    message (FATAL_ERROR "This project requires clang 16 or later")
   endif ()
-  # TODO min AppleClang version check ?
 elseif ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU")
   set (is_gcc TRUE)
-  if (CMAKE_CXX_COMPILER_VERSION VERSION_LESS 8.0)
-    message (FATAL_ERROR "This project requires GCC 8 or later")
+  if (CMAKE_CXX_COMPILER_VERSION VERSION_LESS 12.0)
+    message (FATAL_ERROR "This project requires GCC 12 or later")
   endif ()
 endif ()
 
-if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
-  set (is_linux TRUE)
-else ()
-  set (is_linux FALSE)
-endif ()
-
-if ("$ENV{CI}" STREQUAL "true" OR "$ENV{CONTINUOUS_INTEGRATION}" STREQUAL "true")
-  set (is_ci TRUE)
-else ()
-  set (is_ci FALSE)
-endif ()
-
 # check for in-source build and fail
 if ("${CMAKE_CURRENT_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
   message (FATAL_ERROR "Builds (in-source) are not allowed in "

cmake/RippledSettings.cmake

@@ -1,10 +1,25 @@
 #[===================================================================[
-   declare user options/settings
+   declare options and variables
 #]===================================================================]
 
-include(ProcessorCount)
+if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  set (is_linux TRUE)
+else()
+  set(is_linux FALSE)
+endif()
 
-ProcessorCount(PROCESSOR_COUNT)
+if("$ENV{CI}" STREQUAL "true" OR "$ENV{CONTINUOUS_INTEGRATION}" STREQUAL "true")
+  set(is_ci TRUE)
+else()
+  set(is_ci FALSE)
+endif()
+
+get_directory_property(has_parent PARENT_DIRECTORY)
+if(has_parent)
+  set(is_root_project OFF)
+else()
+  set(is_root_project ON)
+endif()
 
 option(assert "Enables asserts, even in release builds" OFF)
 
@@ -25,29 +40,28 @@ if(unity)
   endif()
   set(CMAKE_UNITY_BUILD ON CACHE BOOL "Do a unity build")
 endif()
+
 if(is_clang AND is_linux)
   option(voidstar "Enable Antithesis instrumentation." OFF)
 endif()
+
 if(is_gcc OR is_clang)
+  include(ProcessorCount)
+  ProcessorCount(PROCESSOR_COUNT)
+
   option(coverage "Generates coverage info." OFF)
   option(profile "Add profiling flags" OFF)
-  set(coverage_test_parallelism "${PROCESSOR_COUNT}" CACHE STRING
-    "Unit tests parallelism for the purpose of coverage report.")
   set(coverage_format "html-details" CACHE STRING
     "Output format of the coverage report.")
   set(coverage_extra_args "" CACHE STRING
     "Additional arguments to pass to gcovr.")
-  set(coverage_test "" CACHE STRING
-    "On gcc & clang, the specific unit test(s) to run for coverage. Default is all tests.")
-  if(coverage_test AND NOT coverage)
-    set(coverage ON CACHE BOOL "gcc/clang only" FORCE)
-  endif()
   option(wextra "compile with extra gcc/clang warnings enabled" ON)
 else()
   set(profile OFF CACHE BOOL "gcc/clang only" FORCE)
   set(coverage OFF CACHE BOOL "gcc/clang only" FORCE)
   set(wextra OFF CACHE BOOL "gcc/clang only" FORCE)
 endif()
+
 if(is_linux)
   option(BUILD_SHARED_LIBS "build shared ripple libraries" OFF)
   option(static "link protobuf, openssl, libc++, and boost statically" ON)
@@ -64,11 +78,13 @@ else()
   set(use_gold OFF CACHE BOOL "gold linker, linux only" FORCE)
   set(use_mold OFF CACHE BOOL "mold linker, linux only" FORCE)
 endif()
+
 if(is_clang)
   option(use_lld "enables detection of lld linker" ON)
 else()
   set(use_lld OFF CACHE BOOL "try lld linker, clang only" FORCE)
 endif()
+
 option(jemalloc "Enables jemalloc for heap profiling" OFF)
 option(werr "treat warnings as errors" OFF)
 option(local_protobuf
@@ -102,38 +118,26 @@ if(san)
     message(FATAL_ERROR "${san} sanitizer does not seem to be supported by your compiler")
   endif()
 endif()
-set(container_label "" CACHE STRING "tag to use for package building containers")
-option(packages_only
-  "ONLY generate package building targets. This is special use-case and almost \
-   certainly not what you want. Use with caution as you won't be able to build \
-   any compiled targets locally." OFF)
-option(have_package_container
-  "Sometimes you already have the tagged container you want to use for package \
-   building and you don't want docker to rebuild it. This flag will detach the \
-   dependency of the package build from the container build. It's an advanced \
-   use case and most likely you should not be touching this flag." OFF)
 
 # the remaining options are obscure and rarely used
 option(beast_no_unit_test_inline
   "Prevents unit test definitions from being inserted into global table"
   OFF)
 option(single_io_service_thread
-  "Restricts the number of threads calling io_context::run to one. \
+  "Restricts the number of threads calling io_service::run to one. \
   This can be useful when debugging."
   OFF)
 option(boost_show_deprecated
   "Allow boost to fail on deprecated usage. Only useful if you're trying\
   to find deprecated calls."
   OFF)
-option(beast_hashers
-  "Use local implementations for sha/ripemd hashes (experimental, not recommended)"
-  OFF)
 
 if(WIN32)
   option(beast_disable_autolink "Disables autolinking of system libraries on WIN32" OFF)
 else()
   set(beast_disable_autolink OFF CACHE BOOL "WIN32 only" FORCE)
 endif()
+
 if(coverage)
   message(STATUS "coverage build requested - forcing Debug build")
   set(CMAKE_BUILD_TYPE Debug CACHE STRING "build type" FORCE)

cmake/RippledValidatorKeys.cmake

@@ -1,4 +1,4 @@
-option (validator_keys "Enables building of validator-keys tool as a separate target (imported via FetchContent)" OFF)
+option (validator_keys "Enables building of validator-keys-tool as a separate target (imported via FetchContent)" OFF)
 
 if (validator_keys)
   git_branch (current_branch)
@@ -6,15 +6,17 @@ if (validator_keys)
   if (NOT (current_branch STREQUAL "release"))
     set (current_branch "master")
   endif ()
-  message (STATUS "Tracking ValidatorKeys branch: ${current_branch}")
+  message (STATUS "tracking ValidatorKeys branch: ${current_branch}")
 
   FetchContent_Declare (
-    validator_keys
+    validator_keys_src
     GIT_REPOSITORY https://github.com/ripple/validator-keys-tool.git
     GIT_TAG        "${current_branch}"
   )
-  FetchContent_MakeAvailable(validator_keys)
-  set_target_properties(validator-keys PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}")
-  install(TARGETS validator-keys RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
-
+  FetchContent_GetProperties (validator_keys_src)
+  if (NOT validator_keys_src_POPULATED)
+    message (STATUS "Pausing to download ValidatorKeys...")
+    FetchContent_Populate (validator_keys_src)
+  endif ()
+  add_subdirectory (${validator_keys_src_SOURCE_DIR} ${CMAKE_BINARY_DIR}/validator-keys)
 endif ()

cmake/deps/Boost.cmake

@@ -24,7 +24,6 @@ target_link_libraries(ripple_boost
     Boost::date_time
     Boost::filesystem
     Boost::json
-    Boost::process
     Boost::program_options
     Boost::regex
     Boost::system

cmake/xrpl_add_test.cmake

@@ -22,20 +22,4 @@ function(xrpl_add_test name)
     UNITY_BUILD_BATCH_SIZE 0)  # Adjust as needed
 
   add_test(NAME ${target} COMMAND ${target})
-  set_tests_properties(
-    ${target} PROPERTIES
-    FIXTURES_REQUIRED ${target}_fixture
-  )
-
-  add_test(
-    NAME ${target}.build
-    COMMAND
-      ${CMAKE_COMMAND}
-      --build ${CMAKE_BINARY_DIR}
-      --config $<CONFIG>
-      --target ${target}
-  )
-  set_tests_properties(${target}.build PROPERTIES
-    FIXTURES_SETUP ${target}_fixture
-  )
 endfunction()

conan.lock

@@ -9,7 +9,7 @@
         "rocksdb/10.0.1#85537f46e538974d67da0c3977de48ac%1756234304.347",
         "re2/20230301#dfd6e2bf050eb90ddd8729cfb4c844a4%1756234257.976",
         "protobuf/3.21.12#d927114e28de9f4691a6bbcdd9a529d1%1756234251.614",
-        "openssl/3.5.4#a1d5835cc6ed5c5b8f3cd5b9b5d24205%1759746684.671",
+        "openssl/1.1.1w#a8f0792d7c5121b954578a7149d23e03%1756223730.729",
         "nudb/2.0.9#c62cfd501e57055a7e0d8ee3d5e5427d%1756234237.107",
         "lz4/1.10.0#59fc63cac7f10fbe8e05c7e62c2f3504%1756234228.999",
         "libiconv/1.17#1e65319e945f2d31941a9d28cc13c058%1756223727.64",
@@ -21,7 +21,7 @@
         "date/3.0.4#f74bbba5a08fa388256688743136cb6f%1756234217.493",
         "c-ares/1.34.5#b78b91e7cfb1f11ce777a285bbf169c6%1756234217.915",
         "bzip2/1.0.8#00b4a4658791c1f06914e087f0e792f5%1756234261.716",
-        "boost/1.88.0#8852c0b72ce8271fb8ff7c53456d4983%1756223752.326",
+        "boost/1.83.0#5d975011d65b51abb2d2f6eb8386b368%1754325043.336",
         "abseil/20230802.1#f0f91485b111dc9837a68972cb19ca7b%1756234220.907"
     ],
     "build_requires": [
@@ -46,11 +46,11 @@
             "lz4/1.10.0"
         ],
         "boost/1.83.0": [
-            "boost/1.88.0"
+            "boost/1.83.0"
         ],
         "sqlite3/3.44.2": [
             "sqlite3/3.49.1"
         ]
     },
     "config_requires": []
-}
+}

conan/profiles/default

@@ -26,6 +26,9 @@ grpc/1.50.1:tools.build:cxxflags+=['-Wno-missing-template-arg-list-after-templat
 {% if compiler == "apple-clang" and compiler_version >= 17 %}
 grpc/1.50.1:tools.build:cxxflags+=['-Wno-missing-template-arg-list-after-template-kw']
 {% endif %}
+{% if compiler == "clang" and compiler_version == 16 %}
+tools.build:cxxflags=['-DBOOST_ASIO_DISABLE_CONCEPTS']
+{% endif %}
 {% if compiler == "gcc" and compiler_version < 13 %}
 tools.build:cxxflags+=['-Wno-restrict']
 {% endif %}

conanfile.py

@@ -27,7 +27,7 @@ class Xrpl(ConanFile):
         'grpc/1.50.1',
         'libarchive/3.8.1',
         'nudb/2.0.9',
-        'openssl/3.5.4',
+        'openssl/1.1.1w',
         'soci/4.0.3',
         'zlib/1.3.1',
     ]
@@ -100,13 +100,11 @@ class Xrpl(ConanFile):
     def configure(self):
         if self.settings.compiler == 'apple-clang':
             self.options['boost'].visibility = 'global'
-        if self.settings.compiler in ['clang', 'gcc']:
-            self.options['boost'].without_cobalt = True
 
     def requirements(self):
         # Conan 2 requires transitive headers to be specified
         transitive_headers_opt = {'transitive_headers': True} if conan_version.split('.')[0] == '2' else {}
-        self.requires('boost/1.88.0', force=True, **transitive_headers_opt)
+        self.requires('boost/1.83.0', force=True, **transitive_headers_opt)
         self.requires('date/3.0.4', **transitive_headers_opt)
         self.requires('lz4/1.10.0', force=True)
         self.requires('protobuf/3.21.12', force=True)
@@ -177,7 +175,6 @@ class Xrpl(ConanFile):
             'boost::filesystem',
             'boost::json',
             'boost::program_options',
-            'boost::process',
             'boost::regex',
             'boost::system',
             'boost::thread',

external/secp256k1/include/secp256k1.h

@@ -541,7 +541,7 @@ SECP256K1_API int secp256k1_ecdsa_signature_serialize_compact(
 /** Verify an ECDSA signature.
  *
  *  Returns: 1: correct signature
- *           0: incorrect or unparseable signature
+ *           0: incorrect or unparsable signature
  *  Args:    ctx:       pointer to a context object
  *  In:      sig:       the signature being verified.
  *           msghash32: the 32-byte message hash being verified.

include/xrpl/basics/Number.h

@@ -32,6 +32,15 @@ class Number;
 std::string
 to_string(Number const& amount);
 
+template <typename T>
+constexpr bool
+isPowerOfTen(T value)
+{
+    while (value >= 10 && value % 10 == 0)
+        value /= 10;
+    return value == 1;
+}
+
 class Number
 {
     using rep = std::int64_t;
@@ -41,7 +50,9 @@ class Number
 public:
     // The range for the mantissa when normalized
     constexpr static std::int64_t minMantissa = 1'000'000'000'000'000LL;
-    constexpr static std::int64_t maxMantissa = 9'999'999'999'999'999LL;
+    static_assert(isPowerOfTen(minMantissa));
+    constexpr static std::int64_t maxMantissa = minMantissa * 10 - 1;
+    static_assert(maxMantissa == 9'999'999'999'999'999LL);
 
     // The range for the exponent when normalized
     constexpr static int minExponent = -32768;
@@ -151,22 +162,7 @@ public:
     }
 
     Number
-    truncate() const noexcept
-    {
-        if (exponent_ >= 0 || mantissa_ == 0)
-            return *this;
-
-        Number ret = *this;
-        while (ret.exponent_ < 0 && ret.mantissa_ != 0)
-        {
-            ret.exponent_ += 1;
-            ret.mantissa_ /= rep(10);
-        }
-        // We are guaranteed that normalize() will never throw an exception
-        // because exponent is either negative or zero at this point.
-        ret.normalize();
-        return ret;
-    }
+    truncate() const noexcept;
 
     friend constexpr bool
     operator>(Number const& x, Number const& y) noexcept
@@ -211,6 +207,8 @@ private:
     class Guard;
 };
 
+constexpr static Number numZero{};
+
 inline constexpr Number::Number(rep mantissa, int exponent, unchecked) noexcept
     : mantissa_{mantissa}, exponent_{exponent}
 {

include/xrpl/basics/ResolverAsio.h

@@ -23,7 +23,7 @@
 #include <xrpl/basics/Resolver.h>
 #include <xrpl/beast/utility/Journal.h>
 
-#include <boost/asio/io_context.hpp>
+#include <boost/asio/io_service.hpp>
 
 namespace ripple {
 
@@ -33,7 +33,7 @@ public:
     explicit ResolverAsio() = default;
 
     static std::unique_ptr<ResolverAsio>
-    New(boost::asio::io_context&, beast::Journal);
+    New(boost::asio::io_service&, beast::Journal);
 };
 
 }  // namespace ripple

include/xrpl/basics/SlabAllocator.h

@@ -176,7 +176,7 @@ public:
         @param count the number of items the slab allocator can allocate; note
                      that a count of 0 is valid and means that the allocator
                      is, effectively, disabled. This can be very useful in some
-                     contexts (e.g. when mimimal memory usage is needed) and
+                     contexts (e.g. when minimal memory usage is needed) and
                      allows for graceful failure.
      */
     constexpr explicit SlabAllocator(

include/xrpl/basics/base_uint.h

@@ -565,7 +565,7 @@ operator<=>(base_uint<Bits, Tag> const& lhs, base_uint<Bits, Tag> const& rhs)
     // This comparison might seem wrong on a casual inspection because it
     // compares data internally stored as std::uint32_t byte-by-byte. But
     // note that the underlying data is stored in big endian, even if the
-    // plaform is little endian. This makes the comparison correct.
+    // platform is little endian. This makes the comparison correct.
     //
     // FIXME: use std::lexicographical_compare_three_way once support is
     //        added to MacOS.

include/xrpl/basics/comparators.h

@@ -28,7 +28,7 @@ namespace ripple {
 
 /*
  * MSVC 2019 version 16.9.0 added [[nodiscard]] to the std comparison
- * operator() functions. boost::bimap checks that the comparitor is a
+ * operator() functions. boost::bimap checks that the comparator is a
  * BinaryFunction, in part by calling the function and ignoring the value.
  * These two things don't play well together. These wrapper classes simply
  * strip [[nodiscard]] from operator() for use in boost::bimap.

include/xrpl/beast/asio/io_latency_probe.h

@@ -23,8 +23,7 @@
 #include <xrpl/beast/utility/instrumentation.h>
 
 #include <boost/asio/basic_waitable_timer.hpp>
-#include <boost/asio/io_context.hpp>
-#include <boost/asio/post.hpp>
+#include <boost/asio/io_service.hpp>
 
 #include <chrono>
 #include <condition_variable>
@@ -33,7 +32,7 @@
 
 namespace beast {
 
-/** Measures handler latency on an io_context queue. */
+/** Measures handler latency on an io_service queue. */
 template <class Clock>
 class io_latency_probe
 {
@@ -45,12 +44,12 @@ private:
     std::condition_variable_any m_cond;
     std::size_t m_count;
     duration const m_period;
-    boost::asio::io_context& m_ios;
+    boost::asio::io_service& m_ios;
     boost::asio::basic_waitable_timer<std::chrono::steady_clock> m_timer;
     bool m_cancel;
 
 public:
-    io_latency_probe(duration const& period, boost::asio::io_context& ios)
+    io_latency_probe(duration const& period, boost::asio::io_service& ios)
         : m_count(1)
         , m_period(period)
         , m_ios(ios)
@@ -65,16 +64,16 @@ public:
         cancel(lock, true);
     }
 
-    /** Return the io_context associated with the latency probe. */
+    /** Return the io_service associated with the latency probe. */
     /** @{ */
-    boost::asio::io_context&
-    get_io_context()
+    boost::asio::io_service&
+    get_io_service()
     {
         return m_ios;
     }
 
-    boost::asio::io_context const&
-    get_io_context() const
+    boost::asio::io_service const&
+    get_io_service() const
     {
         return m_ios;
     }
@@ -110,10 +109,8 @@ public:
         std::lock_guard lock(m_mutex);
         if (m_cancel)
             throw std::logic_error("io_latency_probe is canceled");
-        boost::asio::post(
-            m_ios,
-            sample_op<Handler>(
-                std::forward<Handler>(handler), Clock::now(), false, this));
+        m_ios.post(sample_op<Handler>(
+            std::forward<Handler>(handler), Clock::now(), false, this));
     }
 
     /** Initiate continuous i/o latency sampling.
@@ -127,10 +124,8 @@ public:
         std::lock_guard lock(m_mutex);
         if (m_cancel)
             throw std::logic_error("io_latency_probe is canceled");
-        boost::asio::post(
-            m_ios,
-            sample_op<Handler>(
-                std::forward<Handler>(handler), Clock::now(), true, this));
+        m_ios.post(sample_op<Handler>(
+            std::forward<Handler>(handler), Clock::now(), true, this));
     }
 
 private:
@@ -241,13 +236,12 @@ private:
                     // The latency is too high to maintain the desired
                     // period so don't bother with a timer.
                     //
-                    boost::asio::post(
-                        m_probe->m_ios,
+                    m_probe->m_ios.post(
                         sample_op<Handler>(m_handler, now, m_repeat, m_probe));
                 }
                 else
                 {
-                    m_probe->m_timer.expires_after(when - now);
+                    m_probe->m_timer.expires_from_now(when - now);
                     m_probe->m_timer.async_wait(
                         sample_op<Handler>(m_handler, now, m_repeat, m_probe));
                 }
@@ -260,8 +254,7 @@ private:
             if (!m_probe)
                 return;
             typename Clock::time_point const now(Clock::now());
-            boost::asio::post(
-                m_probe->m_ios,
+            m_probe->m_ios.post(
                 sample_op<Handler>(m_handler, now, m_repeat, m_probe));
         }
     };

include/xrpl/beast/test/yield_to.h

@@ -8,11 +8,9 @@
 #ifndef BEAST_TEST_YIELD_TO_HPP
 #define BEAST_TEST_YIELD_TO_HPP
 
-#include <boost/asio/executor_work_guard.hpp>
-#include <boost/asio/io_context.hpp>
+#include <boost/asio/io_service.hpp>
 #include <boost/asio/spawn.hpp>
 #include <boost/optional.hpp>
-#include <boost/thread/csbl/memory/allocator_arg.hpp>
 
 #include <condition_variable>
 #include <mutex>
@@ -31,12 +29,10 @@ namespace test {
 class enable_yield_to
 {
 protected:
-    boost::asio::io_context ios_;
+    boost::asio::io_service ios_;
 
 private:
-    boost::optional<boost::asio::executor_work_guard<
-        boost::asio::io_context::executor_type>>
-        work_;
+    boost::optional<boost::asio::io_service::work> work_;
     std::vector<std::thread> threads_;
     std::mutex m_;
     std::condition_variable cv_;
@@ -46,8 +42,7 @@ public:
     /// The type of yield context passed to functions.
     using yield_context = boost::asio::yield_context;
 
-    explicit enable_yield_to(std::size_t concurrency = 1)
-        : work_(boost::asio::make_work_guard(ios_))
+    explicit enable_yield_to(std::size_t concurrency = 1) : work_(ios_)
     {
         threads_.reserve(concurrency);
         while (concurrency--)
@@ -61,9 +56,9 @@ public:
             t.join();
     }
 
-    /// Return the `io_context` associated with the object
-    boost::asio::io_context&
-    get_io_context()
+    /// Return the `io_service` associated with the object
+    boost::asio::io_service&
+    get_io_service()
     {
         return ios_;
     }
@@ -116,18 +111,13 @@ enable_yield_to::spawn(F0&& f, FN&&... fn)
 {
     boost::asio::spawn(
         ios_,
-        boost::allocator_arg,
-        boost::context::fixedsize_stack(2 * 1024 * 1024),
         [&](yield_context yield) {
             f(yield);
             std::lock_guard lock{m_};
             if (--running_ == 0)
                 cv_.notify_all();
         },
-        [](std::exception_ptr e) {
-            if (e)
-                std::rethrow_exception(e);
-        });
+        boost::coroutines::attributes(2 * 1024 * 1024));
     spawn(fn...);
 }
 

include/xrpl/beast/unit_test/runner.h

@@ -42,7 +42,7 @@ public:
 
         The argument string is available to suites and
         allows for customization of the test. Each suite
-        defines its own syntax for the argumnet string.
+        defines its own syntax for the argument string.
         The same argument is passed to all suites.
     */
     void

include/xrpl/beast/utility/instrumentation.h

@@ -32,7 +32,7 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 // The duplication is because Visual Studio 2019 cannot compile that header
 // even with the option -Zc:__cplusplus added.
 #define ALWAYS(cond, message, ...) assert((message) && (cond))
-#define ALWAYS_OR_UNREACHABLE(cond, message, ...) assert((message) && (cond))
+#define ALWAYS_OR_UNREACHABLE(cond, message) assert((message) && (cond))
 #define SOMETIMES(cond, message, ...)
 #define REACHABLE(message, ...)
 #define UNREACHABLE(message, ...) assert((message) && false)

include/xrpl/json/json_reader.h

@@ -217,7 +217,7 @@ Reader::parse(Value& root, BufferSequence const& bs)
     std::string s;
     s.reserve(buffer_size(bs));
     for (auto const& b : bs)
-        s.append(static_cast<char const*>(b.data()), buffer_size(b));
+        s.append(buffer_cast<char const*>(b), buffer_size(b));
     return parse(s, root);
 }
 

include/xrpl/json/json_value.h

@@ -24,6 +24,7 @@
 #include <xrpl/json/json_forwards.h>
 
 #include <cstring>
+#include <limits>
 #include <map>
 #include <string>
 #include <vector>
@@ -158,9 +159,9 @@ public:
     using ArrayIndex = UInt;
 
     static Value const null;
-    static Int const minInt;
-    static Int const maxInt;
-    static UInt const maxUInt;
+    static constexpr Int minInt = std::numeric_limits<Int>::min();
+    static constexpr Int maxInt = std::numeric_limits<Int>::max();
+    static constexpr UInt maxUInt = std::numeric_limits<UInt>::max();
 
 private:
     class CZString
@@ -263,6 +264,10 @@ public:
     bool
     asBool() const;
 
+    /** Correct absolute value from int or unsigned int */
+    UInt
+    asAbsUInt() const;
+
     // TODO: What is the "empty()" method this docstring mentions?
     /** isNull() tests to see if this field is null.  Don't use this method to
         test for emptiness: use empty(). */
@@ -395,6 +400,9 @@ public:
     /// Return true if the object has a member named key.
     bool
     isMember(std::string const& key) const;
+    /// Return true if the object has a member named key.
+    bool
+    isMember(StaticString const& key) const;
 
     /// \brief Return a list of the member names.
     ///

include/xrpl/ledger/ApplyView.h

@@ -387,6 +387,45 @@ public:
     emptyDirDelete(Keylet const& directory);
 };
 
+namespace directory {
+/** Helper functions for managing low-level directory operations.
+    These are not part of the ApplyView interface.
+
+    Don't use them unless you really, really know what you're doing.
+    Instead use dirAdd, dirInsert, etc.
+ */
+
+std::uint64_t
+createRoot(
+    ApplyView& view,
+    Keylet const& directory,
+    uint256 const& key,
+    std::function<void(std::shared_ptr<SLE> const&)> const& describe);
+
+auto
+findPreviousPage(ApplyView& view, Keylet const& directory, SLE::ref start);
+
+std::uint64_t
+insertKey(
+    ApplyView& view,
+    SLE::ref node,
+    std::uint64_t page,
+    bool preserveOrder,
+    STVector256& indexes,
+    uint256 const& key);
+
+std::optional<std::uint64_t>
+insertPage(
+    ApplyView& view,
+    std::uint64_t page,
+    SLE::pointer node,
+    std::uint64_t nextPage,
+    SLE::ref next,
+    uint256 const& key,
+    Keylet const& directory,
+    std::function<void(std::shared_ptr<SLE> const&)> const& describe);
+
+}  // namespace directory
 }  // namespace ripple
 
 #endif

include/xrpl/ledger/View.h

@@ -24,6 +24,7 @@
 #include <xrpl/ledger/ApplyView.h>
 #include <xrpl/ledger/OpenView.h>
 #include <xrpl/ledger/ReadView.h>
+#include <xrpl/protocol/Asset.h>
 #include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/MPTIssue.h>
 #include <xrpl/protocol/Protocol.h>
@@ -242,6 +243,80 @@ isDeepFrozen(
     Currency const& currency,
     AccountID const& issuer);
 
+[[nodiscard]] inline bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Issue const& issue,
+    int = 0 /*ignored*/)
+{
+    return isDeepFrozen(view, account, issue.currency, issue.account);
+}
+
+[[nodiscard]] inline bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    MPTIssue const& mptIssue,
+    int depth = 0)
+{
+    // Unlike IOUs, frozen / locked MPTs are not allowed to send or receive
+    // funds, so checking "deep frozen" is the same as checking "frozen".
+    return isFrozen(view, account, mptIssue, depth);
+}
+
+/**
+ *   isFrozen check is recursive for MPT shares in a vault, descending to
+ *   assets in the vault, up to maxAssetCheckDepth recursion depth. This is
+ *   purely defensive, as we currently do not allow such vaults to be created.
+ */
+[[nodiscard]] inline bool
+isDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Asset const& asset,
+    int depth = 0)
+{
+    return std::visit(
+        [&](auto const& issue) {
+            return isDeepFrozen(view, account, issue, depth);
+        },
+        asset.value());
+}
+
+[[nodiscard]] inline TER
+checkDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Issue const& issue)
+{
+    return isDeepFrozen(view, account, issue) ? (TER)tecFROZEN
+                                              : (TER)tesSUCCESS;
+}
+
+[[nodiscard]] inline TER
+checkDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    MPTIssue const& mptIssue)
+{
+    return isDeepFrozen(view, account, mptIssue) ? (TER)tecLOCKED
+                                                 : (TER)tesSUCCESS;
+}
+
+[[nodiscard]] inline TER
+checkDeepFrozen(
+    ReadView const& view,
+    AccountID const& account,
+    Asset const& asset)
+{
+    return std::visit(
+        [&](auto const& issue) {
+            return checkDeepFrozen(view, account, issue);
+        },
+        asset.value());
+}
+
 [[nodiscard]] bool
 isLPTokenFrozen(
     ReadView const& view,
@@ -287,6 +362,49 @@ accountHolds(
     AuthHandling zeroIfUnauthorized,
     beast::Journal j);
 
+// Returns the amount an account can spend total.
+//
+// These functions use accountHolds, but unlike accountHolds:
+// * The account can go into debt.
+// * If the account is the asset issuer the only limit is defined by the asset /
+//   issuance.
+//
+// <-- saAmount: amount of currency held by account. May be negative.
+[[nodiscard]] STAmount
+accountSpendable(
+    ReadView const& view,
+    AccountID const& account,
+    Currency const& currency,
+    AccountID const& issuer,
+    FreezeHandling zeroIfFrozen,
+    beast::Journal j);
+
+[[nodiscard]] STAmount
+accountSpendable(
+    ReadView const& view,
+    AccountID const& account,
+    Issue const& issue,
+    FreezeHandling zeroIfFrozen,
+    beast::Journal j);
+
+[[nodiscard]] STAmount
+accountSpendable(
+    ReadView const& view,
+    AccountID const& account,
+    MPTIssue const& mptIssue,
+    FreezeHandling zeroIfFrozen,
+    AuthHandling zeroIfUnauthorized,
+    beast::Journal j);
+
+[[nodiscard]] STAmount
+accountSpendable(
+    ReadView const& view,
+    AccountID const& account,
+    Asset const& asset,
+    FreezeHandling zeroIfFrozen,
+    AuthHandling zeroIfUnauthorized,
+    beast::Journal j);
+
 // Returns the amount an account can spend of the currency type saDefault, or
 // returns saDefault if this account is the issuer of the currency in
 // question. Should be used in favor of accountHolds when questioning how much
@@ -533,7 +651,11 @@ dirNext(
 describeOwnerDir(AccountID const& account);
 
 [[nodiscard]] TER
-dirLink(ApplyView& view, AccountID const& owner, std::shared_ptr<SLE>& object);
+dirLink(
+    ApplyView& view,
+    AccountID const& owner,
+    std::shared_ptr<SLE>& object,
+    SF_UINT64 const& node = sfOwnerNode);
 
 AccountID
 pseudoAccountAddress(ReadView const& view, uint256 const& pseudoOwnerKey);
@@ -552,14 +674,17 @@ createPseudoAccount(
     uint256 const& pseudoOwnerKey,
     SField const& ownerField);
 
-// Returns true iff sleAcct is a pseudo-account.
+// Returns true iff sleAcct is a pseudo-account or specific
+// pseudo-accounts in pseudoFieldFilter.
 //
 // Returns false if sleAcct is
 // * NOT a pseudo-account OR
 // * NOT a ltACCOUNT_ROOT OR
 // * null pointer
 [[nodiscard]] bool
-isPseudoAccount(std::shared_ptr<SLE const> sleAcct);
+isPseudoAccount(
+    std::shared_ptr<SLE const> sleAcct,
+    std::set<SField const*> const& pseudoFieldFilter = {});
 
 // Returns the list of fields that define an ACCOUNT_ROOT as a pseudo-account if
 // set
@@ -573,14 +698,91 @@ isPseudoAccount(std::shared_ptr<SLE const> sleAcct);
 getPseudoAccountFields();
 
 [[nodiscard]] inline bool
-isPseudoAccount(ReadView const& view, AccountID accountId)
+isPseudoAccount(
+    ReadView const& view,
+    AccountID const& accountId,
+    std::set<SField const*> const& pseudoFieldFilter = {})
 {
-    return isPseudoAccount(view.read(keylet::account(accountId)));
+    return isPseudoAccount(
+        view.read(keylet::account(accountId)), pseudoFieldFilter);
 }
 
 [[nodiscard]] TER
 canAddHolding(ReadView const& view, Asset const& asset);
 
+/** Validates that the destination SLE and tag are valid
+
+   - Checks that the SLE is not null.
+   - If the SLE requires a destination tag, checks that there is a tag.
+*/
+[[nodiscard]] TER
+checkDestinationAndTag(SLE::const_ref toSle, bool hasDestinationTag);
+
+/** Checks that can withdraw funds from an object to itself or a destination.
+ *
+ * The receiver may be either the submitting account (sfAccount) or a different
+ * destination account (sfDestination).
+ *
+ *    - Checks that the receiver account exists.
+ *    - If the receiver requires a destination tag, check that one exists, even
+ *      if withdrawing to self.
+ *    - If withdrawing to self, succeed.
+ *    - If not, checks if the receiver requires deposit authorization, and if
+ *      the sender has it.
+ */
+[[nodiscard]] TER
+canWithdraw(
+    AccountID const& from,
+    ReadView const& view,
+    AccountID const& to,
+    SLE::const_ref toSle,
+    bool hasDestinationTag);
+
+/** Checks that can withdraw funds from an object to itself or a destination.
+ *
+ * The receiver may be either the submitting account (sfAccount) or a different
+ * destination account (sfDestination).
+ *
+ *    - Checks that the receiver account exists.
+ *    - If the receiver requires a destination tag, check that one exists, even
+ *      if withdrawing to self.
+ *    - If withdrawing to self, succeed.
+ *    - If not, checks if the receiver requires deposit authorization, and if
+ *      the sender has it.
+ */
+[[nodiscard]] TER
+canWithdraw(
+    AccountID const& from,
+    ReadView const& view,
+    AccountID const& to,
+    bool hasDestinationTag);
+
+/** Checks that can withdraw funds from an object to itself or a destination.
+ *
+ * The receiver may be either the submitting account (sfAccount) or a different
+ * destination account (sfDestination).
+ *
+ *    - Checks that the receiver account exists.
+ *    - If the receiver requires a destination tag, check that one exists, even
+ *      if withdrawing to self.
+ *    - If withdrawing to self, succeed.
+ *    - If not, checks if the receiver requires deposit authorization, and if
+ *      the sender has it.
+ */
+[[nodiscard]] TER
+canWithdraw(ReadView const& view, STTx const& tx);
+
+[[nodiscard]] TER
+doWithdraw(
+    ApplyView& view,
+    STTx const& tx,
+    AccountID const& senderAcct,
+    AccountID const& dstAcct,
+    AccountID const& sourceAcct,
+    XRPAmount priorBalance,
+    STAmount const& amount,
+    beast::Journal j);
+
 /// Any transactors that call addEmptyHolding() in doApply must call
 /// canAddHolding() in preflight with the same View and Asset
 [[nodiscard]] TER
@@ -750,6 +952,22 @@ accountSend(
     beast::Journal j,
     WaiveTransferFee waiveFee = WaiveTransferFee::No);
 
+using MultiplePaymentDestinations = std::vector<std::pair<AccountID, Number>>;
+/** Like accountSend, except one account is sending multiple payments (with the
+ *  same asset!) simultaneously
+ *
+ * Calls static accountSendMultiIOU if saAmount represents Issue.
+ * Calls static accountSendMultiMPT if saAmount represents MPTIssue.
+ */
+[[nodiscard]] TER
+accountSendMulti(
+    ApplyView& view,
+    AccountID const& senderID,
+    Asset const& asset,
+    MultiplePaymentDestinations const& receivers,
+    beast::Journal j,
+    WaiveTransferFee waiveFee = WaiveTransferFee::No);
+
 [[nodiscard]] TER
 issueIOU(
     ApplyView& view,
@@ -821,7 +1039,8 @@ requireAuth(
  * purely defensive, as we currently do not allow such vaults to be created.
  *
  * If StrongAuth then return tecNO_AUTH if MPToken doesn't exist or
- * lsfMPTRequireAuth is set and MPToken is not authorized.
+ * lsfMPTRequireAuth is set and MPToken is not authorized. Vault and LoanBroker
+ * pseudo-accounts are implicitly authorized.
  *
  * If WeakAuth then return tecNO_AUTH if lsfMPTRequireAuth is set and MPToken
  * doesn't exist or is not authorized (explicitly or via credentials, if
@@ -894,6 +1113,26 @@ canTransfer(
     AccountID const& from,
     AccountID const& to);
 
+[[nodiscard]] TER
+canTransfer(
+    ReadView const& view,
+    Issue const& issue,
+    AccountID const& from,
+    AccountID const& to);
+
+[[nodiscard]] TER inline canTransfer(
+    ReadView const& view,
+    Asset const& asset,
+    AccountID const& from,
+    AccountID const& to)
+{
+    return std::visit(
+        [&]<ValidIssueType TIss>(TIss const& issue) -> TER {
+            return canTransfer(view, issue, from, to);
+        },
+        asset.value());
+}
+
 /** Deleter function prototype. Returns the status of the entry deletion
  * (if should not be skipped) and if the entry should be skipped. The status
  * is always tesSUCCESS if the entry should be skipped.

include/xrpl/net/AutoSocket.h

@@ -47,7 +47,7 @@ public:
 
 public:
     AutoSocket(
-        boost::asio::io_context& s,
+        boost::asio::io_service& s,
         boost::asio::ssl::context& c,
         bool secureOnly,
         bool plainOnly)
@@ -58,7 +58,7 @@ public:
         mSocket = std::make_unique<ssl_socket>(s, c);
     }
 
-    AutoSocket(boost::asio::io_context& s, boost::asio::ssl::context& c)
+    AutoSocket(boost::asio::io_service& s, boost::asio::ssl::context& c)
         : AutoSocket(s, c, false, false)
     {
     }

include/xrpl/net/HTTPClient.h

@@ -23,7 +23,7 @@
 #include <xrpl/basics/ByteUtilities.h>
 #include <xrpl/beast/utility/Journal.h>
 
-#include <boost/asio/io_context.hpp>
+#include <boost/asio/io_service.hpp>
 #include <boost/asio/streambuf.hpp>
 
 #include <chrono>
@@ -51,7 +51,7 @@ public:
 
     static void
     get(bool bSSL,
-        boost::asio::io_context& io_context,
+        boost::asio::io_service& io_service,
         std::deque<std::string> deqSites,
         unsigned short const port,
         std::string const& strPath,
@@ -65,7 +65,7 @@ public:
 
     static void
     get(bool bSSL,
-        boost::asio::io_context& io_context,
+        boost::asio::io_service& io_service,
         std::string strSite,
         unsigned short const port,
         std::string const& strPath,
@@ -80,7 +80,7 @@ public:
     static void
     request(
         bool bSSL,
-        boost::asio::io_context& io_context,
+        boost::asio::io_service& io_service,
         std::string strSite,
         unsigned short const port,
         std::function<

include/xrpl/net/HTTPClientSSLContext.h

@@ -153,7 +153,7 @@ public:
             {
                 strm.set_verify_callback(
                     std::bind(
-                        &rfc6125_verify,
+                        &rfc2818_verify,
                         host,
                         std::placeholders::_1,
                         std::placeholders::_2,
@@ -167,7 +167,7 @@ public:
 
     /**
      * @brief callback invoked for name verification - just passes through
-     * to the asio `host_name_verification` (rfc6125) implementation.
+     * to the asio rfc2818 implementation.
      *
      * @param domain hostname expected
      * @param preverified passed by implementation
@@ -175,13 +175,13 @@ public:
      * @param j journal for logging
      */
     static bool
-    rfc6125_verify(
+    rfc2818_verify(
         std::string const& domain,
         bool preverified,
         boost::asio::ssl::verify_context& ctx,
         beast::Journal j)
     {
-        if (boost::asio::ssl::host_name_verification(domain)(preverified, ctx))
+        if (boost::asio::ssl::rfc2818_verification(domain)(preverified, ctx))
             return true;
 
         JLOG(j.warn()) << "Outbound SSL connection to " << domain

include/xrpl/protocol/ApiVersion.h

@@ -20,11 +20,6 @@
 #ifndef RIPPLE_PROTOCOL_APIVERSION_H_INCLUDED
 #define RIPPLE_PROTOCOL_APIVERSION_H_INCLUDED
 
-#include <xrpl/beast/core/SemanticVersion.h>
-#include <xrpl/beast/utility/instrumentation.h>
-#include <xrpl/json/json_value.h>
-#include <xrpl/protocol/jss.h>
-
 #include <type_traits>
 #include <utility>
 
@@ -77,77 +72,6 @@ static_assert(apiMaximumSupportedVersion >= apiMinimumSupportedVersion);
 static_assert(apiBetaVersion >= apiMaximumSupportedVersion);
 static_assert(apiMaximumValidVersion >= apiMaximumSupportedVersion);
 
-template <class JsonObject>
-void
-setVersion(JsonObject& parent, unsigned int apiVersion, bool betaEnabled)
-{
-    XRPL_ASSERT(
-        apiVersion != apiInvalidVersion,
-        "ripple::RPC::setVersion : input is valid");
-    auto& retObj = addObject(parent, jss::version);
-
-    if (apiVersion == apiVersionIfUnspecified)
-    {
-        // API version numbers used in API version 1
-        static beast::SemanticVersion const firstVersion{"1.0.0"};
-        static beast::SemanticVersion const goodVersion{"1.0.0"};
-        static beast::SemanticVersion const lastVersion{"1.0.0"};
-
-        retObj[jss::first] = firstVersion.print();
-        retObj[jss::good] = goodVersion.print();
-        retObj[jss::last] = lastVersion.print();
-    }
-    else
-    {
-        retObj[jss::first] = apiMinimumSupportedVersion.value;
-        retObj[jss::last] =
-            betaEnabled ? apiBetaVersion : apiMaximumSupportedVersion;
-    }
-}
-
-/**
- * Retrieve the api version number from the json value
- *
- * Note that APIInvalidVersion will be returned if
- * 1) the version number field has a wrong format
- * 2) the version number retrieved is out of the supported range
- * 3) the version number is unspecified and
- *    APIVersionIfUnspecified is out of the supported range
- *
- * @param jv a Json value that may or may not specifies
- *        the api version number
- * @param betaEnabled if the beta API version is enabled
- * @return the api version number
- */
-inline unsigned int
-getAPIVersionNumber(Json::Value const& jv, bool betaEnabled)
-{
-    static Json::Value const minVersion(RPC::apiMinimumSupportedVersion);
-    Json::Value const maxVersion(
-        betaEnabled ? RPC::apiBetaVersion : RPC::apiMaximumSupportedVersion);
-
-    if (jv.isObject())
-    {
-        if (jv.isMember(jss::api_version))
-        {
-            auto const specifiedVersion = jv[jss::api_version];
-            if (!specifiedVersion.isInt() && !specifiedVersion.isUInt())
-            {
-                return RPC::apiInvalidVersion;
-            }
-            auto const specifiedVersionInt = specifiedVersion.asInt();
-            if (specifiedVersionInt < minVersion ||
-                specifiedVersionInt > maxVersion)
-            {
-                return RPC::apiInvalidVersion;
-            }
-            return specifiedVersionInt;
-        }
-    }
-
-    return RPC::apiVersionIfUnspecified;
-}
-
 }  // namespace RPC
 
 template <unsigned minVer, unsigned maxVer, typename Fn, typename... Args>

include/xrpl/protocol/Asset.h

@@ -100,7 +100,27 @@ public:
     bool
     native() const
     {
-        return holds<Issue>() && get<Issue>().native();
+        return std::visit(
+            [&]<ValidIssueType TIss>(TIss const& issue) {
+                if constexpr (std::is_same_v<TIss, Issue>)
+                    return issue.native();
+                if constexpr (std::is_same_v<TIss, MPTIssue>)
+                    return false;
+            },
+            issue_);
+    }
+
+    bool
+    integral() const
+    {
+        return std::visit(
+            [&]<ValidIssueType TIss>(TIss const& issue) {
+                if constexpr (std::is_same_v<TIss, Issue>)
+                    return issue.native();
+                if constexpr (std::is_same_v<TIss, MPTIssue>)
+                    return true;
+            },
+            issue_);
     }
 
     friend constexpr bool

include/xrpl/protocol/ConfidentialTransfer.h

@@ -1,180 +0,0 @@
-//------------------------------------------------------------------------------
-/*
-    This file is part of rippled: https://github.com/ripple/rippled
-    Copyright (c) 2025 Ripple Labs Inc.
-
-    Permission to use, copy, modify, and/or distribute this software for any
-    purpose  with  or without fee is hereby granted, provided that the above
-    copyright notice and this permission notice appear in all copies.
-
-    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
-    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
-    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-*/
-//==============================================================================
-
-#ifndef RIPPLE_PROTOCOL_CONFIDENTIALTRANSFER_H_INCLUDED
-#define RIPPLE_PROTOCOL_CONFIDENTIALTRANSFER_H_INCLUDED
-
-#include <xrpl/basics/Slice.h>
-#include <xrpl/protocol/Indexes.h>
-#include <xrpl/protocol/MPTIssue.h>
-#include <xrpl/protocol/Protocol.h>
-#include <xrpl/protocol/Rate.h>
-#include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STObject.h>
-#include <xrpl/protocol/Serializer.h>
-#include <xrpl/protocol/TER.h>
-#include <xrpl/protocol/detail/secp256k1.h>
-
-#include <secp256k1.h>
-
-namespace ripple {
-
-/**
- * @brief Generates a new secp256k1 key pair.
- */
-SECP256K1_API int
-secp256k1_elgamal_generate_keypair(
-    secp256k1_context const* ctx,
-    unsigned char* privkey,
-    secp256k1_pubkey* pubkey);
-
-/**
- * @brief Encrypts a 64-bit amount using ElGamal.
- */
-SECP256K1_API int
-secp256k1_elgamal_encrypt(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* c1,
-    secp256k1_pubkey* c2,
-    secp256k1_pubkey const* pubkey_Q,
-    uint64_t amount,
-    unsigned char const* blinding_factor);
-
-/**
- * @brief Decrypts an ElGamal ciphertext to recover the amount.
- */
-SECP256K1_API int
-secp256k1_elgamal_decrypt(
-    secp256k1_context const* ctx,
-    uint64_t* amount,
-    secp256k1_pubkey const* c1,
-    secp256k1_pubkey const* c2,
-    unsigned char const* privkey);
-
-/**
- * @brief Homomorphically adds two ElGamal ciphertexts.
- */
-SECP256K1_API int
-secp256k1_elgamal_add(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* sum_c1,
-    secp256k1_pubkey* sum_c2,
-    secp256k1_pubkey const* a_c1,
-    secp256k1_pubkey const* a_c2,
-    secp256k1_pubkey const* b_c1,
-    secp256k1_pubkey const* b_c2);
-
-/**
- * @brief Homomorphically subtracts two ElGamal ciphertexts.
- */
-SECP256K1_API int
-secp256k1_elgamal_subtract(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* diff_c1,
-    secp256k1_pubkey* diff_c2,
-    secp256k1_pubkey const* a_c1,
-    secp256k1_pubkey const* a_c2,
-    secp256k1_pubkey const* b_c1,
-    secp256k1_pubkey const* b_c2);
-
-/**
- * @brief Generates the canonical encrypted zero for a given MPT token instance.
- *
- * This ciphertext represents a zero balance for a specific account's holding
- * of a token defined by its MPTokenIssuanceID.
- *
- * @param[in]   ctx             A pointer to a valid secp256k1 context.
- * @param[out]  enc_zero_c1     The C1 component of the canonical ciphertext.
- * @param[out]  enc_zero_c2     The C2 component of the canonical ciphertext.
- * @param[in]   pubkey          The ElGamal public key of the account holder.
- * @param[in]   account_id      A pointer to the 20-byte AccountID.
- * @param[in]   mpt_issuance_id A pointer to the 24-byte MPTokenIssuanceID.
- *
- * @return 1 on success, 0 on failure.
- */
-SECP256K1_API int
-generate_canonical_encrypted_zero(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* enc_zero_c1,
-    secp256k1_pubkey* enc_zero_c2,
-    secp256k1_pubkey const* pubkey,
-    unsigned char const* account_id,      // 20 bytes
-    unsigned char const* mpt_issuance_id  // 24 bytes
-);
-
-// breaks a 66-byte encrypted amount into two 33-byte components
-// then parses each 33-byte component into 64-byte secp256k1_pubkey format
-bool
-makeEcPair(Slice const& buffer, secp256k1_pubkey& out1, secp256k1_pubkey& out2);
-
-// serialize two secp256k1_pubkey components back into compressed 66-byte form
-bool
-serializeEcPair(
-    secp256k1_pubkey const& in1,
-    secp256k1_pubkey const& in2,
-    Buffer& buffer);
-
-/**
- * @brief Verifies that a buffer contains two valid, parsable EC public keys.
- * @param buffer The input buffer containing two concatenated components.
- * @return true if both components can be parsed successfully, false otherwise.
- */
-bool
-isValidCiphertext(Slice const& buffer);
-
-TER
-homomorphicAdd(Slice const& a, Slice const& b, Buffer& out);
-
-TER
-homomorphicSubtract(Slice const& a, Slice const& b, Buffer& out);
-
-TER
-proveEquality(
-    Slice const& proof,
-    Slice const& encAmt,  // encrypted amount
-    Slice const& pubkey,
-    uint64_t const amount,
-    uint256 const& txHash,  // Transaction context data
-    std::uint32_t const spendVersion);
-
-Buffer
-encryptAmount(uint64_t amt, Slice const& pubKeySlice);
-
-Buffer
-encryptCanonicalZeroAmount(
-    Slice const& pubKeySlice,
-    AccountID const& account,
-    MPTID const& mptId);
-
-TER
-verifyConfidentialSendProof(
-    Slice const& proof,
-    Slice const& encSenderBalance,
-    Slice const& encSenderAmt,
-    Slice const& encDestAmt,
-    Slice const& encIssuerAmt,
-    Slice const& senderPubKey,
-    Slice const& destPubKey,
-    Slice const& issuerPubKey,
-    std::uint32_t const version,
-    uint256 const& txHash);
-
-}  // namespace ripple
-
-#endif

include/xrpl/protocol/Indexes.h

@@ -346,6 +346,24 @@ vault(uint256 const& vaultKey)
     return {ltVAULT, vaultKey};
 }
 
+Keylet
+loanbroker(AccountID const& owner, std::uint32_t seq) noexcept;
+
+inline Keylet
+loanbroker(uint256 const& key)
+{
+    return {ltLOAN_BROKER, key};
+}
+
+Keylet
+loan(uint256 const& loanBrokerID, std::uint32_t loanSeq) noexcept;
+
+inline Keylet
+loan(uint256 const& key)
+{
+    return {ltLOAN, key};
+}
+
 Keylet
 permissionedDomain(AccountID const& account, std::uint32_t seq) noexcept;
 

include/xrpl/protocol/LedgerFormats.h

@@ -187,7 +187,6 @@ enum LedgerSpecificFlags {
     lsfMPTCanTrade = 0x00000010,
     lsfMPTCanTransfer = 0x00000020,
     lsfMPTCanClawback = 0x00000040,
-    lsfMPTNoConfidentialTransfer = 0x00000080,
 
     lsmfMPTCanMutateCanLock = 0x00000002,
     lsmfMPTCanMutateRequireAuth = 0x00000004,
@@ -206,6 +205,11 @@ enum LedgerSpecificFlags {
 
     // ltVAULT
     lsfVaultPrivate = 0x00010000,
+
+    // ltLOAN
+    lsfLoanDefault = 0x00010000,
+    lsfLoanImpaired = 0x00020000,
+    lsfLoanOverpayment = 0x00040000, // True, loan allows overpayments
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/Protocol.h

@@ -22,6 +22,7 @@
 
 #include <xrpl/basics/ByteUtilities.h>
 #include <xrpl/basics/base_uint.h>
+#include <xrpl/protocol/Units.h>
 
 #include <cstdint>
 
@@ -84,6 +85,140 @@ std::size_t constexpr maxDeletableTokenOfferEntries = 500;
  */
 std::uint16_t constexpr maxTransferFee = 50000;
 
+/** There are 10,000 basis points (bips) in 100%.
+ *
+ * Basis points represent 0.01%.
+ *
+ * Given a value X, to find the amount for B bps,
+ * use X * B / bipsPerUnity
+ *
+ * Example: If a loan broker has 999 XRP of debt, and must maintain 1,000 bps of
+ * that debt as cover (10%), then the minimum cover amount is 999,000,000 drops
+ * * 1000 / bipsPerUnity = 99,900,00 drops or 99.9 XRP.
+ *
+ * Given a percentage P, to find the number of bps that percentage represents,
+ * use P * bipsPerUnity.
+ *
+ * Example: 50% is 0.50 * bipsPerUnity = 5,000 bps.
+ */
+Bips32 constexpr bipsPerUnity(100 * 100);
+static_assert(bipsPerUnity == Bips32{10'000});
+TenthBips32 constexpr tenthBipsPerUnity(bipsPerUnity.value() * 10);
+static_assert(tenthBipsPerUnity == TenthBips32(100'000));
+
+constexpr Bips32
+percentageToBips(std::uint32_t percentage)
+{
+    return Bips32(percentage * bipsPerUnity.value() / 100);
+}
+constexpr TenthBips32
+percentageToTenthBips(std::uint32_t percentage)
+{
+    return TenthBips32(percentage * tenthBipsPerUnity.value() / 100);
+}
+template <typename T, class TBips>
+constexpr T
+bipsOfValue(T value, Bips<TBips> bips)
+{
+    return value * bips.value() / bipsPerUnity.value();
+}
+template <typename T, class TBips>
+constexpr T
+tenthBipsOfValue(T value, TenthBips<TBips> bips)
+{
+    return value * bips.value() / tenthBipsPerUnity.value();
+}
+
+namespace Lending {
+/** The maximum management fee rate allowed by a loan broker in 1/10 bips.
+
+    Valid values are between 0 and 10% inclusive.
+*/
+TenthBips16 constexpr maxManagementFeeRate(
+    unsafe_cast<std::uint16_t>(percentageToTenthBips(10).value()));
+static_assert(maxManagementFeeRate == TenthBips16(std::uint16_t(10'000u)));
+
+/** The maximum coverage rate required of a loan broker in 1/10 bips.
+
+    Valid values are between 0 and 100% inclusive.
+*/
+TenthBips32 constexpr maxCoverRate = percentageToTenthBips(100);
+static_assert(maxCoverRate == TenthBips32(100'000u));
+
+/** The maximum overpayment fee on a loan in 1/10 bips.
+*
+    Valid values are between 0 and 100% inclusive.
+*/
+TenthBips32 constexpr maxOverpaymentFee = percentageToTenthBips(100);
+static_assert(maxOverpaymentFee == TenthBips32(100'000u));
+
+/** Annualized interest rate of the Loan in 1/10 bips.
+ *
+ * Valid values are between 0 and 100% inclusive.
+ */
+TenthBips32 constexpr maxInterestRate = percentageToTenthBips(100);
+static_assert(maxInterestRate == TenthBips32(100'000u));
+
+/** The maximum premium added to the interest rate for late payments on a loan
+ * in 1/10 bips.
+ *
+ * Valid values are between 0 and 100% inclusive.
+ */
+TenthBips32 constexpr maxLateInterestRate = percentageToTenthBips(100);
+static_assert(maxLateInterestRate == TenthBips32(100'000u));
+
+/** The maximum close interest rate charged for repaying a loan early in 1/10
+ * bips.
+ *
+ * Valid values are between 0 and 100% inclusive.
+ */
+TenthBips32 constexpr maxCloseInterestRate = percentageToTenthBips(100);
+static_assert(maxCloseInterestRate == TenthBips32(100'000u));
+
+/** The maximum overpayment interest rate charged on loan overpayments in 1/10
+ * bips.
+ *
+ * Valid values are between 0 and 100% inclusive.
+ */
+TenthBips32 constexpr maxOverpaymentInterestRate = percentageToTenthBips(100);
+static_assert(maxOverpaymentInterestRate == TenthBips32(100'000u));
+
+/** LoanPay transaction cost will be one base fee per X combined payments
+ *
+ * The number of payments is estimated based on the Amount paid and the Loan's
+ * Fixed Payment size. Overpayments (indicated with the tfLoanOverpayment flag)
+ * count as one more payment.
+ *
+ * This number was chosen arbitrarily, but should not be changed once released
+ * without an amendment
+ */
+static constexpr int loanPaymentsPerFeeIncrement = 5;
+
+/** Maximum number of combined payments that a LoanPay transaction will process
+ *
+ * This limit is enforced during the loan payment process, and thus is not
+ * estimated. If the limit is hit, no further payments or overpayments will be
+ * processed, no matter how much of the transation Amount is left, but the
+ * transaction will succeed with the payments that have been processed up to
+ * that point.
+ *
+ * This limit is independent of loanPaymentsPerFeeIncrement, so a transaction
+ * could potentially be charged for many more payments than actually get
+ * processed. Users should take care not to submit a transaction paying more
+ * than loanMaximumPaymentsPerTransaction * Loan.PeriodicPayment. Because
+ * overpayments are charged as a payment, if submitting
+ * loanMaximumPaymentsPerTransaction * Loan.PeriodicPayment, users should not
+ * set the tfLoanOverpayment flag.
+ *
+ * Even though they're independent, loanMaximumPaymentsPerTransaction should be
+ * a multiple of loanPaymentsPerFeeIncrement.
+ *
+ * This number was chosen arbitrarily, but should not be changed once released
+ * without an amendment
+ */
+static constexpr int loanMaximumPaymentsPerTransaction = 100;
+}  // namespace Lending
+
 /** The maximum length of a URI inside an NFT */
 std::size_t constexpr maxTokenURILength = 256;
 
@@ -181,20 +316,6 @@ std::size_t constexpr permissionMaxSize = 10;
 /** The maximum number of transactions that can be in a batch. */
 std::size_t constexpr maxBatchTxCount = 8;
 
-/** EC ElGamal ciphertext length 33-byte */
-std::size_t constexpr ecGamalEncryptedLength = 33;
-
-/** EC ElGamal ciphertext length: two 33-byte components concatenated */
-std::size_t constexpr ecGamalEncryptedTotalLength = 66;
-
-/** Length of equality ZKProof */
-std::size_t constexpr ecEqualityProofLength = 98;
-
-/** Length of EC public key */
-std::size_t constexpr ecPubKeyLength = 64;
-
-/** Length of EC private key */
-std::size_t constexpr ecPrivKeyLength = 32;
 }  // namespace ripple
 
 #endif

include/xrpl/protocol/PublicKey.h

@@ -21,7 +21,6 @@
 #define RIPPLE_PROTOCOL_PUBLICKEY_H_INCLUDED
 
 #include <xrpl/basics/Slice.h>
-#include <xrpl/beast/net/IPEndpoint.h>
 #include <xrpl/protocol/KeyType.h>
 #include <xrpl/protocol/STExchange.h>
 #include <xrpl/protocol/UintTypes.h>
@@ -265,24 +264,6 @@ calcNodeID(PublicKey const&);
 AccountID
 calcAccountID(PublicKey const& pk);
 
-inline std::string
-getFingerprint(
-    beast::IP::Endpoint const& address,
-    std::optional<PublicKey> const& publicKey = std::nullopt,
-    std::optional<std::string> const& id = std::nullopt)
-{
-    std::stringstream ss;
-    ss << "IP Address: " << address;
-    if (publicKey.has_value())
-    {
-        ss << ", Public Key: " << toBase58(TokenType::NodePublic, *publicKey);
-    }
-    if (id.has_value())
-    {
-        ss << ", Id: " << id.value();
-    }
-    return ss.str();
-}
 }  // namespace ripple
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/SField.h

@@ -139,8 +139,8 @@ field_code(int id, int index)
     SFields are created at compile time.
 
     Each SField, once constructed, lives until program termination, and there
-    is only one instance per fieldType/fieldValue pair which serves the entire
-    application.
+    is only one instance per fieldType/fieldValue pair which serves the
+    entire application.
 */
 class SField
 {

include/xrpl/protocol/STAmount.h

@@ -66,16 +66,18 @@ public:
     static int const cMaxOffset = 80;
 
     // Maximum native value supported by the code
-    static std::uint64_t const cMinValue = 1000000000000000ull;
-    static std::uint64_t const cMaxValue = 9999999999999999ull;
-    static std::uint64_t const cMaxNative = 9000000000000000000ull;
+    constexpr static std::uint64_t cMinValue = 1'000'000'000'000'000ull;
+    static_assert(isPowerOfTen(cMinValue));
+    constexpr static std::uint64_t cMaxValue = cMinValue * 10 - 1;
+    static_assert(cMaxValue == 9'999'999'999'999'999ull);
+    constexpr static std::uint64_t cMaxNative = 9'000'000'000'000'000'000ull;
 
     // Max native value on network.
-    static std::uint64_t const cMaxNativeN = 100000000000000000ull;
-    static std::uint64_t const cIssuedCurrency = 0x8000000000000000ull;
-    static std::uint64_t const cPositive = 0x4000000000000000ull;
-    static std::uint64_t const cMPToken = 0x2000000000000000ull;
-    static std::uint64_t const cValueMask = ~(cPositive | cMPToken);
+    constexpr static std::uint64_t cMaxNativeN = 100'000'000'000'000'000ull;
+    constexpr static std::uint64_t cIssuedCurrency = 0x8'000'000'000'000'000ull;
+    constexpr static std::uint64_t cPositive = 0x4'000'000'000'000'000ull;
+    constexpr static std::uint64_t cMPToken = 0x2'000'000'000'000'000ull;
+    constexpr static std::uint64_t cValueMask = ~(cPositive | cMPToken);
 
     static std::uint64_t const uRateOne;
 
@@ -174,6 +176,9 @@ public:
     int
     exponent() const noexcept;
 
+    bool
+    integral() const noexcept;
+
     bool
     native() const noexcept;
 
@@ -454,6 +459,12 @@ STAmount::exponent() const noexcept
     return mOffset;
 }
 
+inline bool
+STAmount::integral() const noexcept
+{
+    return mAsset.integral();
+}
+
 inline bool
 STAmount::native() const noexcept
 {
@@ -572,7 +583,7 @@ STAmount::clear()
 {
     // The -100 is used to allow 0 to sort less than a small positive values
     // which have a negative exponent.
-    mOffset = native() ? 0 : -100;
+    mOffset = integral() ? 0 : -100;
     mValue = 0;
     mIsNegative = false;
 }
@@ -695,6 +706,53 @@ divRoundStrict(
 std::uint64_t
 getRate(STAmount const& offerOut, STAmount const& offerIn);
 
+/** Round an arbitrary precision Amount to the precision of an STAmount that has
+ * a given exponent.
+ *
+ * This is used to ensure that calculations involving IOU amounts do not collect
+ * dust beyond the precision of the reference value.
+ *
+ * @param value The value to be rounded
+ * @param scale An exponent value to establish the precision limit of
+ *     `value`. Should be larger than `value.exponent()`.
+ * @param rounding Optional Number rounding mode
+ *
+ */
+STAmount
+roundToScale(
+    STAmount const& value,
+    std::int32_t scale,
+    Number::rounding_mode rounding = Number::getround());
+
+/** Round an arbitrary precision Number to the precision of a given Asset.
+ *
+ * This is used to ensure that calculations do not collect dust beyond the
+ * precision of the reference value for IOUs, or fractional amounts for the
+ * integral types XRP and MPT.
+ *
+ * @param asset The relevant asset
+ * @param value The value to be rounded
+ * @param scale Only relevant to IOU assets. An exponent value to establish the
+ *      precision limit of `value`. Should be larger than `value.exponent()`.
+ * @param rounding Optional Number rounding mode
+ */
+template <AssetType A>
+Number
+roundToAsset(
+    A const& asset,
+    Number const& value,
+    std::int32_t scale,
+    Number::rounding_mode rounding = Number::getround())
+{
+    NumberRoundModeGuard mg(rounding);
+    STAmount const ret{asset, value};
+    if (ret.integral())
+        return ret;
+    // Note that the ctor will round integral types (XRP, MPT) via canonicalize,
+    // so no extra work is needed for those.
+    return roundToScale(ret, scale);
+}
+
 //------------------------------------------------------------------------------
 
 inline bool
@@ -709,6 +767,37 @@ canAdd(STAmount const& amt1, STAmount const& amt2);
 bool
 canSubtract(STAmount const& amt1, STAmount const& amt2);
 
+// Since `canonicalize` does not have access to a ledger, this is needed to put
+// the low-level routine stAmountCanonicalize on an amendment switch. Only
+// transactions need to use this switchover. Outside of a transaction it's safe
+// to unconditionally use the new behavior.
+
+bool
+getSTAmountCanonicalizeSwitchover();
+
+void
+setSTAmountCanonicalizeSwitchover(bool v);
+
+/** RAII class to set and restore the STAmount canonicalize switchover.
+ */
+
+class STAmountSO
+{
+public:
+    explicit STAmountSO(bool v) : saved_(getSTAmountCanonicalizeSwitchover())
+    {
+        setSTAmountCanonicalizeSwitchover(v);
+    }
+
+    ~STAmountSO()
+    {
+        setSTAmountCanonicalizeSwitchover(saved_);
+    }
+
+private:
+    bool saved_;
+};
+
 }  // namespace ripple
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/STObject.h

@@ -501,6 +501,8 @@ public:
     value_type
     operator*() const;
 
+    /// Do not use operator->() unless the field is required, or you've checked
+    /// that it's set.
     T const*
     operator->() const;
 
@@ -524,7 +526,26 @@ protected:
 // Constraint += and -= ValueProxy operators
 // to value types that support arithmetic operations
 template <typename U>
-concept IsArithmetic = std::is_arithmetic_v<U> || std::is_same_v<U, STAmount>;
+concept IsArithmeticNumber = std::is_arithmetic_v<U> ||
+    std::is_same_v<U, Number> || std::is_same_v<U, STAmount>;
+template <
+    typename U,
+    typename Value = typename U::value_type,
+    typename Unit = typename U::unit_type>
+concept IsArithmeticValueUnit =
+    std::is_same_v<U, unit::ValueUnit<Unit, Value>> &&
+    IsArithmeticNumber<Value> && std::is_class_v<Unit>;
+template <typename U, typename Value = typename U::value_type>
+concept IsArithmeticST = !IsArithmeticValueUnit<U> && IsArithmeticNumber<Value>;
+template <typename U>
+concept IsArithmetic =
+    IsArithmeticNumber<U> || IsArithmeticST<U> || IsArithmeticValueUnit<U>;
+
+template <class T, class U>
+concept Addable = requires(T t, U u) { t = t + u; };
+template <typename T, typename U>
+concept IsArithmeticCompatible =
+    IsArithmetic<typename T::value_type> && Addable<typename T::value_type, U>;
 
 template <class T>
 class STObject::ValueProxy : public Proxy<T>
@@ -544,10 +565,12 @@ public:
     // Convenience operators for value types supporting
     // arithmetic operations
     template <IsArithmetic U>
+        requires IsArithmeticCompatible<T, U>
     ValueProxy&
     operator+=(U const& u);
 
     template <IsArithmetic U>
+        requires IsArithmeticCompatible<T, U>
     ValueProxy&
     operator-=(U const& u);
 
@@ -737,6 +760,8 @@ STObject::Proxy<T>::operator*() const -> value_type
     return this->value();
 }
 
+/// Do not use operator->() unless the field is required, or you've checked that
+/// it's set.
 template <class T>
 T const*
 STObject::Proxy<T>::operator->() const
@@ -783,6 +808,7 @@ STObject::ValueProxy<T>::operator=(U&& u)
 
 template <typename T>
 template <IsArithmetic U>
+    requires IsArithmeticCompatible<T, U>
 STObject::ValueProxy<T>&
 STObject::ValueProxy<T>::operator+=(U const& u)
 {
@@ -792,6 +818,7 @@ STObject::ValueProxy<T>::operator+=(U const& u)
 
 template <class T>
 template <IsArithmetic U>
+    requires IsArithmeticCompatible<T, U>
 STObject::ValueProxy<T>&
 STObject::ValueProxy<T>::operator-=(U const& u)
 {

include/xrpl/protocol/SystemParameters.h

@@ -73,8 +73,14 @@ static constexpr std::uint32_t XRP_LEDGER_EARLIEST_SEQ{32570u};
  * used in asserts and tests. */
 static constexpr std::uint32_t XRP_LEDGER_EARLIEST_FEES{562177u};
 
-/** The minimum amount of support an amendment should have. */
-constexpr std::ratio<80, 100> amendmentMajorityCalcThreshold;
+/** The minimum amount of support an amendment should have.
+
+    @note This value is used by legacy code and will become obsolete
+          once the fixAmendmentMajorityCalc amendment activates.
+*/
+constexpr std::ratio<204, 256> preFixAmendmentMajorityCalcThreshold;
+
+constexpr std::ratio<80, 100> postFixAmendmentMajorityCalcThreshold;
 
 /** The minimum amount of time an amendment must hold a majority */
 constexpr std::chrono::seconds const defaultAmendmentMajorityTime = weeks{2};

include/xrpl/protocol/TER.h

@@ -141,7 +141,6 @@ enum TEMcodes : TERUnderlyingType {
     temARRAY_TOO_LARGE,
     temBAD_TRANSFER_FEE,
     temINVALID_INNER_BATCH,
-    temBAD_CIPHERTEXT,
 };
 
 //------------------------------------------------------------------------------
@@ -226,9 +225,8 @@ enum TERcodes : TERUnderlyingType {
     terQUEUED,       // Transaction is being held in TxQ until fee drops
     terPRE_TICKET,   // Ticket is not yet in ledger but might be on its way
     terNO_AMM,       // AMM doesn't exist for the asset pair
-    terADDRESS_COLLISION,       // Failed to allocate AccountID when trying to
-                                // create a pseudo-account
-    terNO_DELEGATE_PERMISSION,  // Delegate does not have permission
+    terADDRESS_COLLISION,  // Failed to allocate AccountID when trying to
+                           // create a pseudo-account
 };
 
 //------------------------------------------------------------------------------
@@ -363,11 +361,7 @@ enum TECcodes : TERUnderlyingType {
     tecLIMIT_EXCEEDED = 195,
     tecPSEUDO_ACCOUNT = 196,
     tecPRECISION_LOSS = 197,
-    // DEPRECATED: This error code tecNO_DELEGATE_PERMISSION is reserved for
-    // backward compatibility with historical data on non-prod networks, can be
-    // reclaimed after those networks reset.
     tecNO_DELEGATE_PERMISSION = 198,
-    tecBAD_PROOF = 199
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/TxFlags.h

@@ -151,9 +151,8 @@ constexpr std::uint32_t const tfMPTCanEscrow               = lsfMPTCanEscrow;
 constexpr std::uint32_t const tfMPTCanTrade                = lsfMPTCanTrade;
 constexpr std::uint32_t const tfMPTCanTransfer             = lsfMPTCanTransfer;
 constexpr std::uint32_t const tfMPTCanClawback             = lsfMPTCanClawback;
-constexpr std::uint32_t const tfMPTNoConfidentialTransfer  = lsfMPTNoConfidentialTransfer;
 constexpr std::uint32_t const tfMPTokenIssuanceCreateMask  =
-  ~(tfUniversal | tfMPTCanLock | tfMPTRequireAuth | tfMPTCanEscrow | tfMPTCanTrade | tfMPTCanTransfer | tfMPTCanClawback | tfMPTNoConfidentialTransfer);
+  ~(tfUniversal | tfMPTCanLock | tfMPTRequireAuth | tfMPTCanEscrow | tfMPTCanTrade | tfMPTCanTransfer | tfMPTCanClawback);
 
 // MPTokenIssuanceCreate MutableFlags:
 // Indicating specific fields or flags may be changed after issuance.
@@ -286,6 +285,32 @@ constexpr std::uint32_t tfIndependent                  = 0x00080000;
 constexpr std::uint32_t const tfBatchMask =
     ~(tfUniversal | tfAllOrNothing | tfOnlyOne | tfUntilFailure | tfIndependent) | tfInnerBatchTxn;
 
+// LoanSet and LoanPay flags:
+// LoanSet: True, indicates the loan supports overpayments
+// LoanPay: True, indicates any excess in this payment can be used
+// as an overpayment. False, no overpayments will be taken.
+constexpr std::uint32_t const tfLoanOverpayment = 0x00010000;
+// LoanPay exclusive flags:
+// tfLoanFullPayment: True, indicates that the payment is an early
+// full payment. It must pay the entire loan including close
+// interest and fees, or it will fail. False: Not a full payment.
+constexpr std::uint32_t const tfLoanFullPayment = 0x00020000;
+// tfLoanLatePayment: True, indicates that the payment is late,
+// and includes late iterest and fees. If the loan is not late,
+// it will fail. False: not a late payment. If the current payment
+// is overdue, the transaction will fail.
+constexpr std::uint32_t const tfLoanLatePayment = 0x00040000;
+constexpr std::uint32_t const tfLoanSetMask = ~(tfUniversal |
+    tfLoanOverpayment);
+constexpr std::uint32_t const tfLoanPayMask = ~(tfUniversal |
+    tfLoanOverpayment | tfLoanFullPayment | tfLoanLatePayment);
+
+// LoanManage flags:
+constexpr std::uint32_t const tfLoanDefault = 0x00010000;
+constexpr std::uint32_t const tfLoanImpair = 0x00020000;
+constexpr std::uint32_t const tfLoanUnimpair = 0x00040000;
+constexpr std::uint32_t const tfLoanManageMask = ~(tfUniversal | tfLoanDefault | tfLoanImpair | tfLoanUnimpair);
+
 // clang-format on
 
 }  // namespace ripple

include/xrpl/protocol/TxMeta.h

@@ -33,35 +33,51 @@ namespace ripple {
 
 class TxMeta
 {
+private:
+    struct CtorHelper
+    {
+        explicit CtorHelper() = default;
+    };
+    template <class T>
+    TxMeta(
+        uint256 const& txID,
+        std::uint32_t ledger,
+        T const& data,
+        CtorHelper);
+
 public:
-    TxMeta(uint256 const& transactionID, std::uint32_t ledger);
+    TxMeta(
+        uint256 const& transactionID,
+        std::uint32_t ledger,
+        std::optional<uint256> parentBatchId = std::nullopt);
     TxMeta(uint256 const& txID, std::uint32_t ledger, Blob const&);
+    TxMeta(uint256 const& txID, std::uint32_t ledger, std::string const&);
     TxMeta(uint256 const& txID, std::uint32_t ledger, STObject const&);
 
     uint256 const&
     getTxID() const
     {
-        return transactionID_;
+        return mTransactionID;
     }
     std::uint32_t
     getLgrSeq() const
     {
-        return ledgerSeq_;
+        return mLedger;
     }
     int
     getResult() const
     {
-        return result_;
+        return mResult;
     }
     TER
     getResultTER() const
     {
-        return TER::fromInt(result_);
+        return TER::fromInt(mResult);
     }
     std::uint32_t
     getIndex() const
     {
-        return index_;
+        return mIndex;
     }
 
     void
@@ -88,52 +104,66 @@ public:
     STArray&
     getNodes()
     {
-        return nodes_;
+        return (mNodes);
     }
     STArray const&
     getNodes() const
     {
-        return nodes_;
+        return (mNodes);
     }
 
     void
-    setAdditionalFields(STObject const& obj)
+    setDeliveredAmount(STAmount const& delivered)
     {
-        if (obj.isFieldPresent(sfDeliveredAmount))
-            deliveredAmount_ = obj.getFieldAmount(sfDeliveredAmount);
-
-        if (obj.isFieldPresent(sfParentBatchID))
-            parentBatchID_ = obj.getFieldH256(sfParentBatchID);
+        mDelivered = delivered;
     }
 
-    std::optional<STAmount> const&
+    STAmount
     getDeliveredAmount() const
     {
-        return deliveredAmount_;
+        XRPL_ASSERT(
+            hasDeliveredAmount(),
+            "ripple::TxMeta::getDeliveredAmount : non-null delivered amount");
+        return *mDelivered;
+    }
+
+    bool
+    hasDeliveredAmount() const
+    {
+        return static_cast<bool>(mDelivered);
     }
 
     void
-    setDeliveredAmount(std::optional<STAmount> const& amount)
+    setParentBatchId(uint256 const& parentBatchId)
     {
-        deliveredAmount_ = amount;
+        mParentBatchId = parentBatchId;
     }
 
-    void
-    setParentBatchID(std::optional<uint256> const& id)
+    uint256
+    getParentBatchId() const
     {
-        parentBatchID_ = id;
+        XRPL_ASSERT(
+            hasParentBatchId(),
+            "ripple::TxMeta::getParentBatchId : non-null batch id");
+        return *mParentBatchId;
+    }
+
+    bool
+    hasParentBatchId() const
+    {
+        return static_cast<bool>(mParentBatchId);
     }
 
 private:
-    uint256 transactionID_;
-    std::uint32_t ledgerSeq_;
-    std::uint32_t index_;
-    int result_;
+    uint256 mTransactionID;
+    std::uint32_t mLedger;
+    std::uint32_t mIndex;
+    int mResult;
 
-    std::optional<STAmount> deliveredAmount_;
-    std::optional<uint256> parentBatchID_;
+    std::optional<STAmount> mDelivered;
+    std::optional<uint256> mParentBatchId;
 
-    STArray nodes_;
+    STArray mNodes;
 };
 
 }  // namespace ripple

include/xrpl/protocol/detail/features.macro

@@ -27,15 +27,17 @@
 #error "undefined macro: XRPL_RETIRE"
 #endif
 
+// clang-format off
+
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
 
-XRPL_FEATURE(ConfidentialTransfer,       Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(PermissionDelegationV1_1,   Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FEATURE(LendingProtocol,            Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FIX    (DirectoryLimit,             Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (IncludeKeyletFields,        Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(DynamicMPT,                 Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FIX    (TokenEscrowV1,              Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (DelegateV1_1,               Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FIX    (PriceOracleOrder,           Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (MPTDeliveredAmount,         Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (AMMClawbackRounding,        Supported::yes, VoteBehavior::DefaultNo)
@@ -45,6 +47,7 @@ XRPL_FIX    (AMMv1_3,                    Supported::yes, VoteBehavior::DefaultNo
 XRPL_FEATURE(PermissionedDEX,            Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(Batch,                      Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(SingleAssetVault,           Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FEATURE(PermissionDelegation,       Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FIX    (PayChanCancelAfter,         Supported::yes, VoteBehavior::DefaultNo)
 // Check flags in Credential transactions
 XRPL_FIX    (InvalidTxFlags,             Supported::yes, VoteBehavior::DefaultNo)
@@ -78,24 +81,45 @@ XRPL_FIX    (DisallowIncomingV1,         Supported::yes, VoteBehavior::DefaultNo
 XRPL_FEATURE(XChainBridge,               Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(AMM,                        Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(Clawback,                   Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (ReducedOffersV1,            Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (NFTokenRemint,              Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (NonFungibleTokensV1_2,      Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (UniversalNumber,            Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(XRPFees,                    Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(DisallowIncoming,           Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(ImmediateOfferKilled,       Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (RemoveNFTokenAutoTrustLine, Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FIX    (TrustLinesToSelf,           Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(NonFungibleTokensV1_1,      Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(ExpandedSignerList,         Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(CheckCashMakesTrustLine,    Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (RmSmallIncreasedQOffers,    Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (STAmountCanonicalize,       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(FlowSortStrands,            Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(TicketBatch,                Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(NegativeUNL,                Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (AmendmentMajorityCalc,      Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(HardenedValidations,        Supported::yes, VoteBehavior::DefaultYes)
+// fix1781: XRPEndpointSteps should be included in the circular payment check
+XRPL_FIX    (1781,                       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(RequireFullyCanonicalSig,   Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (QualityUpperBound,          Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(DeletableAccounts,          Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FIX    (PayChanRecipientOwnerDir,   Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (CheckThreading,             Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (MasterKeyAsRegularKey,      Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (TakerDryOfferRemoval,       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(MultiSignReserve,           Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (1578,                       Supported::yes, VoteBehavior::DefaultYes)
+// fix1515: Use liquidity from strands that consume max offers, but mark as dry
+XRPL_FIX    (1515,                       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(DepositPreauth,             Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (1623,                       Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (1543,                       Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (1571,                       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(Checks,                     Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(DepositAuth,                Supported::yes, VoteBehavior::DefaultYes)
+XRPL_FIX    (1513,                       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(Flow,                       Supported::yes, VoteBehavior::DefaultYes)
 
 // The following amendments are obsolete, but must remain supported
@@ -109,46 +133,30 @@ XRPL_FEATURE(Flow,                       Supported::yes, VoteBehavior::DefaultYe
 //
 // If a feature remains obsolete for long enough that no clients are able
 // to vote for it, the feature can be removed (entirely?) from the code.
+XRPL_FIX    (NFTokenNegOffer,       Supported::yes, VoteBehavior::Obsolete)
+XRPL_FIX    (NFTokenDirV1,          Supported::yes, VoteBehavior::Obsolete)
+XRPL_FEATURE(NonFungibleTokensV1,   Supported::yes, VoteBehavior::Obsolete)
 XRPL_FEATURE(CryptoConditionsSuite, Supported::yes, VoteBehavior::Obsolete)
 
 // The following amendments have been active for at least two years. Their
 // pre-amendment code has been removed and the identifiers are deprecated.
-// All known amendments and amendments that may appear in a validated ledger
-// must be registered either here or above with the "active" amendments
-//
-// Please keep this list sorted alphabetically for convenience.
-XRPL_RETIRE(fix1201)
+// All known amendments and amendments that may appear in a validated
+// ledger must be registered either here or above with the "active" amendments
+XRPL_RETIRE(MultiSign)
+XRPL_RETIRE(TrustSetAuth)
+XRPL_RETIRE(FeeEscalation)
+XRPL_RETIRE(PayChan)
+XRPL_RETIRE(CryptoConditions)
+XRPL_RETIRE(TickSize)
 XRPL_RETIRE(fix1368)
+XRPL_RETIRE(Escrow)
 XRPL_RETIRE(fix1373)
+XRPL_RETIRE(EnforceInvariants)
+XRPL_RETIRE(SortedDirectories)
+XRPL_RETIRE(fix1201)
 XRPL_RETIRE(fix1512)
-XRPL_RETIRE(fix1513)
-XRPL_RETIRE(fix1515)
 XRPL_RETIRE(fix1523)
 XRPL_RETIRE(fix1528)
-XRPL_RETIRE(fix1543)
-XRPL_RETIRE(fix1571)
-XRPL_RETIRE(fix1578)
-XRPL_RETIRE(fix1623)
-XRPL_RETIRE(fix1781)
-XRPL_RETIRE(fixAmendmentMajorityCalc)
-XRPL_RETIRE(fixCheckThreading)
-XRPL_RETIRE(fixNonFungibleTokensV1_2)
-XRPL_RETIRE(fixNFTokenRemint)
-XRPL_RETIRE(fixMasterKeyAsRegularKey)
-XRPL_RETIRE(fixQualityUpperBound)
-XRPL_RETIRE(fixReducedOffersV1)
-XRPL_RETIRE(fixRmSmallIncreasedQOffers)
-XRPL_RETIRE(fixSTAmountCanonicalize)
-XRPL_RETIRE(fixTakerDryOfferRemoval)
-XRPL_RETIRE(CryptoConditions)
-XRPL_RETIRE(Escrow)
-XRPL_RETIRE(EnforceInvariants)
-XRPL_RETIRE(FeeEscalation)
 XRPL_RETIRE(FlowCross)
-XRPL_RETIRE(ImmediateOfferKilled)
-XRPL_RETIRE(MultiSign)
-XRPL_RETIRE(NonFungibleTokensV1_1)
-XRPL_RETIRE(PayChan)
-XRPL_RETIRE(SortedDirectories)
-XRPL_RETIRE(TickSize)
-XRPL_RETIRE(TrustSetAuth)
+
+// clang-format on

include/xrpl/protocol/detail/ledger_entries.macro

@@ -168,6 +168,7 @@ LEDGER_ENTRY(ltACCOUNT_ROOT, 0x0061, AccountRoot, account, ({
     {sfFirstNFTokenSequence, soeOPTIONAL},
     {sfAMMID,                soeOPTIONAL}, // pseudo-account designator
     {sfVaultID,              soeOPTIONAL}, // pseudo-account designator
+    {sfLoanBrokerID,         soeOPTIONAL}, // pseudo-account designator
 }))
 
 /** A ledger object which contains a list of object identifiers.
@@ -416,8 +417,6 @@ LEDGER_ENTRY(ltMPTOKEN_ISSUANCE, 0x007e, MPTokenIssuance, mpt_issuance, ({
     {sfPreviousTxnLgrSeq,        soeREQUIRED},
     {sfDomainID,                 soeOPTIONAL},
     {sfMutableFlags,             soeDEFAULT},
-    {sfIssuerElGamalPublicKey,   soeOPTIONAL},
-    {sfConfidentialOutstandingAmount, soeDEFAULT},
 }))
 
 /** A ledger object which tracks MPToken
@@ -431,11 +430,6 @@ LEDGER_ENTRY(ltMPTOKEN, 0x007f, MPToken, mptoken, ({
     {sfOwnerNode,                soeREQUIRED},
     {sfPreviousTxnID,            soeREQUIRED},
     {sfPreviousTxnLgrSeq,        soeREQUIRED},
-    {sfConfidentialBalanceInbox, soeOPTIONAL},
-    {sfConfidentialBalanceSpending, soeOPTIONAL},
-    {sfConfidentialBalanceVersion, soeDEFAULT},
-    {sfIssuerEncryptedBalance,   soeOPTIONAL},
-    {sfHolderElGamalPublicKey,   soeOPTIONAL},
 }))
 
 /** A ledger object which tracks Oracle
@@ -505,10 +499,10 @@ LEDGER_ENTRY(ltVAULT, 0x0084, Vault, vault, ({
     {sfAccount,              soeREQUIRED},
     {sfData,                 soeOPTIONAL},
     {sfAsset,                soeREQUIRED},
-    {sfAssetsTotal,          soeREQUIRED},
-    {sfAssetsAvailable,      soeREQUIRED},
+    {sfAssetsTotal,          soeDEFAULT},
+    {sfAssetsAvailable,      soeDEFAULT},
     {sfAssetsMaximum,        soeDEFAULT},
-    {sfLossUnrealized,       soeREQUIRED},
+    {sfLossUnrealized,       soeDEFAULT},
     {sfShareMPTID,           soeREQUIRED},
     {sfWithdrawalPolicy,     soeREQUIRED},
     {sfScale,                soeDEFAULT},
@@ -516,5 +510,117 @@ LEDGER_ENTRY(ltVAULT, 0x0084, Vault, vault, ({
     // no PermissionedDomainID ever (use MPTIssuance.sfDomainID)
 }))
 
+/** Reserve 0x0084-0x0087 for future Vault-related objects. */
+
+/** A ledger object representing a loan broker
+
+    \sa keylet::loanbroker
+ */
+LEDGER_ENTRY(ltLOAN_BROKER, 0x0088, LoanBroker, loan_broker, ({
+    {sfPreviousTxnID,        soeREQUIRED},
+    {sfPreviousTxnLgrSeq,    soeREQUIRED},
+    {sfSequence,             soeREQUIRED},
+    {sfOwnerNode,            soeREQUIRED},
+    {sfVaultNode,            soeREQUIRED},
+    {sfVaultID,              soeREQUIRED},
+    {sfAccount,              soeREQUIRED},
+    {sfOwner,                soeREQUIRED},
+    {sfLoanSequence,         soeREQUIRED},
+    {sfData,                 soeDEFAULT},
+    {sfManagementFeeRate,    soeDEFAULT},
+    {sfOwnerCount,           soeDEFAULT},
+    {sfDebtTotal,            soeDEFAULT},
+    {sfDebtMaximum,          soeDEFAULT},
+    {sfCoverAvailable,       soeDEFAULT},
+    {sfCoverRateMinimum,     soeDEFAULT},
+    {sfCoverRateLiquidation, soeDEFAULT},
+}))
+
+/** A ledger object representing a loan between a Borrower and a Loan Broker
+
+    \sa keylet::loan
+ */
+LEDGER_ENTRY(ltLOAN, 0x0089, Loan, loan, ({
+    {sfPreviousTxnID,        soeREQUIRED},
+    {sfPreviousTxnLgrSeq,    soeREQUIRED},
+    {sfOwnerNode,            soeREQUIRED},
+    {sfLoanBrokerNode,       soeREQUIRED},
+    {sfLoanBrokerID,         soeREQUIRED},
+    {sfLoanSequence,         soeREQUIRED},
+    {sfBorrower,             soeREQUIRED},
+    {sfLoanOriginationFee,   soeDEFAULT},
+    {sfLoanServiceFee,       soeDEFAULT},
+    {sfLatePaymentFee,       soeDEFAULT},
+    {sfClosePaymentFee,      soeDEFAULT},
+    {sfOverpaymentFee,       soeDEFAULT},
+    {sfInterestRate,         soeDEFAULT},
+    {sfLateInterestRate,     soeDEFAULT},
+    {sfCloseInterestRate,    soeDEFAULT},
+    {sfOverpaymentInterestRate, soeDEFAULT},
+    {sfStartDate,            soeREQUIRED},
+    {sfPaymentInterval,      soeREQUIRED},
+    {sfGracePeriod,          soeDEFAULT},
+    {sfPreviousPaymentDate,  soeDEFAULT},
+    {sfNextPaymentDueDate,   soeDEFAULT},
+    // The loan object tracks these values:
+    //
+    // - PaymentRemaining: The number of payments left in the loan. When it
+    //   reaches 0, the loan is paid off, and all other relevant values
+    //   must also be 0.
+    //
+    // - PeriodicPayment: The fixed, unrounded amount to be paid each
+    //   interval. Stored with as much precision as possible.
+    //   Payment transactions must round this value *UP*.
+    //
+    // - TotalValueOutstanding: The rounded total amount owed by the
+    //   borrower to the lender / vault.
+    //
+    // - PrincipalOutstanding: The rounded portion of the
+    //   TotalValueOutstanding that is from the principal borrowed.
+    //
+    // - ManagementFeeOutstanding: The rounded portion of the
+    //   TotalValueOutstanding that represents management fees
+    //   specifically owed to the broker based on the initial
+    //   loan parameters.
+    //
+    // There are additional values that can be computed from these:
+    //
+    // - InterestOutstanding = TotalValueOutstanding - PrincipalOutstanding
+    //   The total amount of interest still pending on the loan,
+    //   independent of management fees.
+    //
+    // - InterestOwedToVault = InterestOutstanding - ManagementFeeOutstanding
+    //   The amount of the total interest that is owed to the vault, and
+    //   will be sent to it as part of a payment.
+    //
+    // - TrueTotalLoanValue = PaymentRemaining * PeriodicPayment
+    //   The unrounded true total value of the loan.
+    //
+    // - TrueTotalPrincialOutstanding can be computed using the algorithm
+    //   in the ripple::detail::loanPrincipalFromPeriodicPayment function.
+    //
+    // - TrueTotalInterestOutstanding = TrueTotalLoanValue -
+    //      TrueTotalPrincipalOutstanding
+    //   The unrounded true total interest remaining.
+    //
+    // - TrueTotalManagementFeeOutstanding = TrueTotalInterestOutstanding *
+    //      LoanBroker.ManagementFeeRate
+    //   The unrounded true total fee still owed to the broker.
+    //
+    // Note the the "True" values may differ significantly from the tracked
+    // rounded values.
+    {sfPaymentRemaining,         soeDEFAULT},
+    {sfPeriodicPayment,          soeREQUIRED},
+    {sfPrincipalOutstanding,     soeDEFAULT},
+    {sfTotalValueOutstanding,    soeDEFAULT},
+    {sfManagementFeeOutstanding, soeDEFAULT},
+    // Based on the computed total value at creation, used for
+    // rounding calculated values so they are all on a
+    // consistent scale - that is, they all have the same
+    // number of digits after the decimal point (excluding
+    // trailing zeros).
+    {sfLoanScale,                soeDEFAULT},
+}))
+
 #undef EXPAND
 #undef LEDGER_ENTRY_DUPLICATE

include/xrpl/protocol/detail/sfields.macro

@@ -24,6 +24,8 @@
 #error "undefined macro: TYPED_SFIELD"
 #endif
 
+// clang-format off
+
 // untyped
 UNTYPED_SFIELD(sfLedgerEntry,            LEDGERENTRY, 257)
 UNTYPED_SFIELD(sfTransaction,            TRANSACTION, 257)
@@ -59,6 +61,7 @@ TYPED_SFIELD(sfHookEmitCount,            UINT16,    18)
 TYPED_SFIELD(sfHookExecutionIndex,       UINT16,    19)
 TYPED_SFIELD(sfHookApiVersion,           UINT16,    20)
 TYPED_SFIELD(sfLedgerFixType,            UINT16,    21)
+TYPED_SFIELD(sfManagementFeeRate,        UINT16,    22) // 1/10 basis points (bips)
 
 // 32-bit integers (common)
 TYPED_SFIELD(sfNetworkID,                UINT32,     1)
@@ -115,7 +118,21 @@ TYPED_SFIELD(sfFirstNFTokenSequence,     UINT32,    50)
 TYPED_SFIELD(sfOracleDocumentID,         UINT32,    51)
 TYPED_SFIELD(sfPermissionValue,          UINT32,    52)
 TYPED_SFIELD(sfMutableFlags,             UINT32,    53)
-TYPED_SFIELD(sfConfidentialBalanceVersion, UINT32,  54)
+TYPED_SFIELD(sfStartDate,                UINT32,    54)
+TYPED_SFIELD(sfPaymentInterval,          UINT32,    55)
+TYPED_SFIELD(sfGracePeriod,              UINT32,    56)
+TYPED_SFIELD(sfPreviousPaymentDate,      UINT32,    57)
+TYPED_SFIELD(sfNextPaymentDueDate,       UINT32,    58)
+TYPED_SFIELD(sfPaymentRemaining,         UINT32,    59)
+TYPED_SFIELD(sfPaymentTotal,             UINT32,    60)
+TYPED_SFIELD(sfLoanSequence,             UINT32,    61)
+TYPED_SFIELD(sfCoverRateMinimum,         UINT32,    62) // 1/10 basis points (bips)
+TYPED_SFIELD(sfCoverRateLiquidation,     UINT32,    63) // 1/10 basis points (bips)
+TYPED_SFIELD(sfOverpaymentFee,           UINT32,    64) // 1/10 basis points (bips)
+TYPED_SFIELD(sfInterestRate,             UINT32,    65) // 1/10 basis points (bips)
+TYPED_SFIELD(sfLateInterestRate,         UINT32,    66) // 1/10 basis points (bips)
+TYPED_SFIELD(sfCloseInterestRate,        UINT32,    67) // 1/10 basis points (bips)
+TYPED_SFIELD(sfOverpaymentInterestRate,  UINT32,    68) // 1/10 basis points (bips)
 
 // 64-bit integers (common)
 TYPED_SFIELD(sfIndexNext,                UINT64,     1)
@@ -147,7 +164,8 @@ TYPED_SFIELD(sfMPTAmount,                UINT64,    26, SField::sMD_BaseTen|SFie
 TYPED_SFIELD(sfIssuerNode,               UINT64,    27)
 TYPED_SFIELD(sfSubjectNode,              UINT64,    28)
 TYPED_SFIELD(sfLockedAmount,             UINT64,    29, SField::sMD_BaseTen|SField::sMD_Default)
-TYPED_SFIELD(sfConfidentialOutstandingAmount, UINT64, 30, SField::sMD_BaseTen|SField::sMD_Default)
+TYPED_SFIELD(sfVaultNode,                UINT64,    30)
+TYPED_SFIELD(sfLoanBrokerNode,           UINT64,    31)
 
 // 128-bit
 TYPED_SFIELD(sfEmailHash,                UINT128,    1)
@@ -202,6 +220,9 @@ TYPED_SFIELD(sfDomainID,                 UINT256,   34)
 TYPED_SFIELD(sfVaultID,                  UINT256,   35,
     SField::sMD_PseudoAccount | SField::sMD_Default)
 TYPED_SFIELD(sfParentBatchID,            UINT256,   36)
+TYPED_SFIELD(sfLoanBrokerID,             UINT256,   37,
+    SField::sMD_PseudoAccount | SField::sMD_Default)
+TYPED_SFIELD(sfLoanID,                   UINT256,   38)
 
 // number (common)
 TYPED_SFIELD(sfNumber,                   NUMBER,     1)
@@ -209,12 +230,21 @@ TYPED_SFIELD(sfAssetsAvailable,          NUMBER,     2)
 TYPED_SFIELD(sfAssetsMaximum,            NUMBER,     3)
 TYPED_SFIELD(sfAssetsTotal,              NUMBER,     4)
 TYPED_SFIELD(sfLossUnrealized,           NUMBER,     5)
+TYPED_SFIELD(sfDebtTotal,                NUMBER,     6)
+TYPED_SFIELD(sfDebtMaximum,              NUMBER,     7)
+TYPED_SFIELD(sfCoverAvailable,           NUMBER,     8)
+TYPED_SFIELD(sfLoanOriginationFee,       NUMBER,     9)
+TYPED_SFIELD(sfLoanServiceFee,           NUMBER,     10)
+TYPED_SFIELD(sfLatePaymentFee,           NUMBER,     11)
+TYPED_SFIELD(sfClosePaymentFee,          NUMBER,     12)
+TYPED_SFIELD(sfPrincipalOutstanding,     NUMBER,     13)
+TYPED_SFIELD(sfPrincipalRequested,       NUMBER,     14)
+TYPED_SFIELD(sfTotalValueOutstanding,    NUMBER,     15)
+TYPED_SFIELD(sfPeriodicPayment,          NUMBER,     16)
+TYPED_SFIELD(sfManagementFeeOutstanding, NUMBER,     17)
 
 // int32
-// NOTE: Do not use `sfDummyInt32`. It's so far the only use of INT32
-// in this file and has been defined here for test only.
-// TODO: Replace `sfDummyInt32` with actually useful field.
-TYPED_SFIELD(sfDummyInt32,               INT32,      1) // for tests only
+TYPED_SFIELD(sfLoanScale,                INT32,      1)
 
 // currency amount (common)
 TYPED_SFIELD(sfAmount,                   AMOUNT,     1)
@@ -286,16 +316,6 @@ TYPED_SFIELD(sfAssetClass,               VL,        28)
 TYPED_SFIELD(sfProvider,                 VL,        29)
 TYPED_SFIELD(sfMPTokenMetadata,          VL,        30)
 TYPED_SFIELD(sfCredentialType,           VL,        31)
-TYPED_SFIELD(sfConfidentialBalanceInbox, VL,        32)
-TYPED_SFIELD(sfConfidentialBalanceSpending, VL,     33)
-TYPED_SFIELD(sfIssuerEncryptedBalance,   VL,        34)
-TYPED_SFIELD(sfIssuerElGamalPublicKey,   VL,        35)
-TYPED_SFIELD(sfHolderElGamalPublicKey,   VL,        36)
-TYPED_SFIELD(sfZKProof,                  VL,        37)
-TYPED_SFIELD(sfHolderEncryptedAmount,    VL,        38)
-TYPED_SFIELD(sfIssuerEncryptedAmount,    VL,        39)
-TYPED_SFIELD(sfSenderEncryptedAmount,    VL,        40)
-TYPED_SFIELD(sfDestinationEncryptedAmount, VL,      41)
 
 // account (common)
 TYPED_SFIELD(sfAccount,                  ACCOUNT,    1)
@@ -320,6 +340,8 @@ TYPED_SFIELD(sfAttestationRewardAccount, ACCOUNT,   21)
 TYPED_SFIELD(sfLockingChainDoor,         ACCOUNT,   22)
 TYPED_SFIELD(sfIssuingChainDoor,         ACCOUNT,   23)
 TYPED_SFIELD(sfSubject,                  ACCOUNT,   24)
+TYPED_SFIELD(sfBorrower,                 ACCOUNT,   25)
+TYPED_SFIELD(sfCounterparty,             ACCOUNT,   26)
 
 // vector of 256-bit
 TYPED_SFIELD(sfIndexes,                  VECTOR256,  1, SField::sMD_Never)
@@ -383,6 +405,7 @@ UNTYPED_SFIELD(sfCredential,             OBJECT,    33)
 UNTYPED_SFIELD(sfRawTransaction,         OBJECT,    34)
 UNTYPED_SFIELD(sfBatchSigner,            OBJECT,    35)
 UNTYPED_SFIELD(sfBook,                   OBJECT,    36)
+UNTYPED_SFIELD(sfCounterpartySignature,  OBJECT,    37, SField::sMD_Default, SField::notSigning)
 
 // array of objects (common)
 // ARRAY/1 is reserved for end of array
@@ -417,3 +440,5 @@ UNTYPED_SFIELD(sfAcceptedCredentials,    ARRAY,     28)
 UNTYPED_SFIELD(sfPermissions,            ARRAY,     29)
 UNTYPED_SFIELD(sfRawTransactions,        ARRAY,     30)
 UNTYPED_SFIELD(sfBatchSigners,           ARRAY,     31, SField::sMD_Default, SField::notSigning)
+
+// clang-format on

include/xrpl/protocol/detail/transactions.macro

@@ -316,7 +316,7 @@ TRANSACTION(ttTRUST_SET, 20, TrustSet,
 #endif
 TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
     Delegation::notDelegatable,
-    featureDeletableAccounts,
+    uint256{},
     mustDeleteAcct,
     ({
     {sfDestination, soeREQUIRED},
@@ -332,7 +332,7 @@ TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
 #endif
 TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
     Delegation::delegatable,
-    uint256{},
+    featureNonFungibleTokensV1,
     changeNFTCounts,
     ({
     {sfNFTokenTaxon, soeREQUIRED},
@@ -350,7 +350,7 @@ TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
 #endif
 TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
     Delegation::delegatable,
-    uint256{},
+    featureNonFungibleTokensV1,
     changeNFTCounts,
     ({
     {sfNFTokenID, soeREQUIRED},
@@ -363,7 +363,7 @@ TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
 #endif
 TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
     Delegation::delegatable,
-    uint256{},
+    featureNonFungibleTokensV1,
     noPriv,
     ({
     {sfNFTokenID, soeREQUIRED},
@@ -379,7 +379,7 @@ TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
 #endif
 TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
     Delegation::delegatable,
-    uint256{},
+    featureNonFungibleTokensV1,
     noPriv,
     ({
     {sfNFTokenOffers, soeREQUIRED},
@@ -391,7 +391,7 @@ TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
 #endif
 TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
     Delegation::delegatable,
-    uint256{},
+    featureNonFungibleTokensV1,
     noPriv,
     ({
     {sfNFTokenBuyOffer, soeOPTIONAL},
@@ -741,7 +741,6 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
     {sfMPTokenMetadata, soeOPTIONAL},
     {sfTransferFee, soeOPTIONAL},
     {sfMutableFlags, soeOPTIONAL},
-    {sfIssuerElGamalPublicKey, soeOPTIONAL},
 }))
 
 /** This transaction type authorizes a MPToken instance */
@@ -838,7 +837,7 @@ TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
 #endif
 TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
     Delegation::notDelegatable,
-    featurePermissionDelegationV1_1,
+    featurePermissionDelegation,
     noPriv,
     ({
     {sfAuthorize, soeREQUIRED},
@@ -945,80 +944,137 @@ TRANSACTION(ttBATCH, 71, Batch,
     {sfBatchSigners, soeOPTIONAL},
 }))
 
-/** This transaction type converts into confidential MPT balance. */
+/** Reserve 72-73 for future Vault-related transactions */
+
+/** This transaction creates and updates a Loan Broker */
 #if TRANSACTION_INCLUDE
-#include <xrpld/app/tx/detail/ConfidentialConvert.h>
+#   include <xrpld/app/tx/detail/LoanBrokerSet.h>
 #endif
-TRANSACTION(ttCONFIDENTIAL_CONVERT, 72, ConfidentialConvert,
+TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
     Delegation::delegatable,
-    featureConfidentialTransfer,
-    noPriv,
-    ({
-    {sfMPTokenIssuanceID, soeREQUIRED},
-    {sfMPTAmount, soeREQUIRED},
-    {sfHolderElGamalPublicKey, soeOPTIONAL},
-    {sfHolderEncryptedAmount, soeREQUIRED},
-    {sfIssuerEncryptedAmount, soeREQUIRED},
-    {sfZKProof, soeREQUIRED},
+    featureLendingProtocol,
+    createPseudoAcct | mayAuthorizeMPT, ({
+    {sfVaultID, soeREQUIRED},
+    {sfLoanBrokerID, soeOPTIONAL},
+    {sfData, soeOPTIONAL},
+    {sfManagementFeeRate, soeOPTIONAL},
+    {sfDebtMaximum, soeOPTIONAL},
+    {sfCoverRateMinimum, soeOPTIONAL},
+    {sfCoverRateLiquidation, soeOPTIONAL},
 }))
 
-/** This transaction type merges MPT inbox. */
+/** This transaction deletes a Loan Broker */
 #if TRANSACTION_INCLUDE
-#include <xrpld/app/tx/detail/ConfidentialMergeInbox.h>
+#   include <xrpld/app/tx/detail/LoanBrokerDelete.h>
 #endif
-TRANSACTION(ttCONFIDENTIAL_MERGE_INBOX, 73, ConfidentialMergeInbox,
+TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
     Delegation::delegatable,
-    featureConfidentialTransfer,
-    noPriv,
-    ({
-    {sfMPTokenIssuanceID, soeREQUIRED},
+    featureLendingProtocol,
+    mustDeleteAcct | mayAuthorizeMPT, ({
+    {sfLoanBrokerID, soeREQUIRED},
 }))
 
-/** This transaction type converts back into public MPT balance. */
+/** This transaction deposits First Loss Capital into a Loan Broker */
 #if TRANSACTION_INCLUDE
-#include <xrpld/app/tx/detail/ConfidentialConvertBack.h>
+#   include <xrpld/app/tx/detail/LoanBrokerCoverDeposit.h>
 #endif
-TRANSACTION(ttCONFIDENTIAL_CONVERT_BACK, 74, ConfidentialConvertBack,
+TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
     Delegation::delegatable,
-    featureConfidentialTransfer,
-    noPriv,
-    ({
-    {sfMPTokenIssuanceID, soeREQUIRED},
-    {sfMPTAmount, soeREQUIRED},
-    {sfHolderEncryptedAmount, soeREQUIRED},
-    {sfIssuerEncryptedAmount, soeREQUIRED},
-    {sfZKProof, soeREQUIRED},
+    featureLendingProtocol,
+    noPriv, ({
+    {sfLoanBrokerID, soeREQUIRED},
+    {sfAmount, soeREQUIRED, soeMPTSupported},
 }))
 
+/** This transaction withdraws First Loss Capital from a Loan Broker */
 #if TRANSACTION_INCLUDE
-#include <xrpld/app/tx/detail/ConfidentialSend.h>
+#   include <xrpld/app/tx/detail/LoanBrokerCoverWithdraw.h>
 #endif
-TRANSACTION(ttCONFIDENTIAL_SEND, 75, ConfidentialSend,
+TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
     Delegation::delegatable,
-    featureConfidentialTransfer,
-    noPriv,
-    ({
-    {sfMPTokenIssuanceID, soeREQUIRED},
-    {sfDestination, soeREQUIRED},
-    {sfSenderEncryptedAmount, soeREQUIRED},
-    {sfDestinationEncryptedAmount, soeREQUIRED},
-    {sfIssuerEncryptedAmount, soeREQUIRED},
-    {sfZKProof, soeREQUIRED},
-    {sfCredentialIDs, soeOPTIONAL},
+    featureLendingProtocol,
+    mayAuthorizeMPT, ({
+    {sfLoanBrokerID, soeREQUIRED},
+    {sfAmount, soeREQUIRED, soeMPTSupported},
+    {sfDestination, soeOPTIONAL},
+    {sfDestinationTag, soeOPTIONAL},
 }))
 
+/** This transaction claws back First Loss Capital from a Loan Broker to
+    the issuer of the capital */
 #if TRANSACTION_INCLUDE
-#include <xrpld/app/tx/detail/ConfidentialClawback.h>
+#   include <xrpld/app/tx/detail/LoanBrokerCoverClawback.h>
 #endif
-TRANSACTION(ttCONFIDENTIAL_CLAWBACK, 76, ConfidentialClawback,
+TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
     Delegation::delegatable,
-    featureConfidentialTransfer,
-    noPriv,
-    ({
-    {sfMPTokenIssuanceID, soeREQUIRED},
-    {sfHolder, soeREQUIRED},
-    {sfMPTAmount, soeREQUIRED},
-    {sfZKProof, soeREQUIRED},
+    featureLendingProtocol,
+    noPriv, ({
+    {sfLoanBrokerID, soeOPTIONAL},
+    {sfAmount, soeOPTIONAL, soeMPTSupported},
+}))
+
+/** This transaction creates a Loan */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanSet.h>
+#endif
+TRANSACTION(ttLOAN_SET, 80, LoanSet,
+    Delegation::delegatable,
+    featureLendingProtocol,
+    mayAuthorizeMPT | mustModifyVault, ({
+    {sfLoanBrokerID, soeREQUIRED},
+    {sfData, soeOPTIONAL},
+    {sfCounterparty, soeOPTIONAL},
+    {sfCounterpartySignature, soeOPTIONAL},
+    {sfLoanOriginationFee, soeOPTIONAL},
+    {sfLoanServiceFee, soeOPTIONAL},
+    {sfLatePaymentFee, soeOPTIONAL},
+    {sfClosePaymentFee, soeOPTIONAL},
+    {sfOverpaymentFee, soeOPTIONAL},
+    {sfInterestRate, soeOPTIONAL},
+    {sfLateInterestRate, soeOPTIONAL},
+    {sfCloseInterestRate, soeOPTIONAL},
+    {sfOverpaymentInterestRate, soeOPTIONAL},
+    {sfPrincipalRequested, soeREQUIRED},
+    {sfPaymentTotal, soeOPTIONAL},
+    {sfPaymentInterval, soeOPTIONAL},
+    {sfGracePeriod, soeOPTIONAL},
+}))
+
+/** This transaction deletes an existing Loan */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanDelete.h>
+#endif
+TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
+    Delegation::delegatable,
+    featureLendingProtocol,
+    noPriv, ({
+    {sfLoanID, soeREQUIRED},
+}))
+
+/** This transaction is used to change the delinquency status of an existing Loan */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanManage.h>
+#endif
+TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
+    Delegation::delegatable,
+    featureLendingProtocol,
+    // All of the LoanManage options will modify the vault, but the
+    // transaction can succeed without options, essentially making it
+    // a noop.
+    mayModifyVault, ({
+    {sfLoanID, soeREQUIRED},
+}))
+
+/** The Borrower uses this transaction to make a Payment on the Loan. */
+#if TRANSACTION_INCLUDE
+#   include <xrpld/app/tx/detail/LoanPay.h>
+#endif
+TRANSACTION(ttLOAN_PAY, 84, LoanPay,
+    Delegation::delegatable,
+    featureLendingProtocol,
+    mayAuthorizeMPT | mustModifyVault, ({
+    {sfLoanID, soeREQUIRED},
+    {sfAmount, soeREQUIRED, soeMPTSupported},
 }))
 
 /** This system-generated transaction type is used to update the status of the various amendments.

include/xrpl/protocol/jss.h

@@ -59,6 +59,8 @@ JSS(BaseAsset);            // in: Oracle
 JSS(BidMax);               // in: AMM Bid
 JSS(BidMin);               // in: AMM Bid
 JSS(ClearFlag);            // field.
+JSS(Counterparty);         // field.
+JSS(CounterpartySignature);// field.
 JSS(DeliverMax);           // out: alias to Amount
 JSS(DeliverMin);           // in: TransactionSign
 JSS(Destination);          // in: TransactionSign; field.
@@ -392,6 +394,8 @@ JSS(load_factor_local);       // out: NetworkOPs
 JSS(load_factor_net);         // out: NetworkOPs
 JSS(load_factor_server);      // out: NetworkOPs
 JSS(load_fee);                // out: LoadFeeTrackImp, NetworkOPs
+JSS(loan_broker_id);          // in: LedgerEntry
+JSS(loan_seq);                // in: LedgerEntry
 JSS(local);                   // out: resource/Logic.h
 JSS(local_txs);               // out: GetCounts
 JSS(local_static_keys);       // out: ValidatorList
@@ -504,6 +508,7 @@ JSS(propose_seq);             // out: LedgerPropose
 JSS(proposers);               // out: NetworkOPs, LedgerConsensus
 JSS(protocol);                // out: NetworkOPs, PeerImp
 JSS(proxied);                 // out: RPC ping
+JSS(pseudo_account);          // out: AccountInfo
 JSS(pubkey_node);             // out: NetworkOPs
 JSS(pubkey_publisher);        // out: ValidatorList
 JSS(pubkey_validator);        // out: NetworkOPs, ValidatorList

include/xrpl/resource/Consumer.h

@@ -21,7 +21,6 @@
 #define RIPPLE_RESOURCE_CONSUMER_H_INCLUDED
 
 #include <xrpl/basics/Log.h>
-#include <xrpl/protocol/PublicKey.h>
 #include <xrpl/resource/Charge.h>
 #include <xrpl/resource/Disposition.h>
 
@@ -88,9 +87,6 @@ public:
     Entry&
     entry();
 
-    void
-    setPublicKey(PublicKey const& publicKey);
-
 private:
     Logic* m_logic;
     Entry* m_entry;

include/xrpl/resource/detail/Entry.h

@@ -53,7 +53,7 @@ struct Entry : public beast::List<Entry>::Node
     std::string
     to_string() const
     {
-        return getFingerprint(key->address, publicKey);
+        return key->address.to_string();
     }
 
     /**
@@ -82,9 +82,6 @@ struct Entry : public beast::List<Entry>::Node
         return local_balance.add(charge, now) + remote_balance;
     }
 
-    // The public key of the peer
-    std::optional<PublicKey> publicKey;
-
     // Back pointer to the map key (bit of a hack here)
     Key const* key;
 

include/xrpl/server/Server.h

@@ -25,7 +25,7 @@
 #include <xrpl/server/Port.h>
 #include <xrpl/server/detail/ServerImpl.h>
 
-#include <boost/asio/io_context.hpp>
+#include <boost/asio/io_service.hpp>
 
 namespace ripple {
 
@@ -34,10 +34,10 @@ template <class Handler>
 std::unique_ptr<Server>
 make_Server(
     Handler& handler,
-    boost::asio::io_context& io_context,
+    boost::asio::io_service& io_service,
     beast::Journal journal)
 {
-    return std::make_unique<ServerImpl<Handler>>(handler, io_context, journal);
+    return std::make_unique<ServerImpl<Handler>>(handler, io_service, journal);
 }
 
 }  // namespace ripple

include/xrpl/server/Session.h

@@ -88,7 +88,9 @@ public:
              ++iter)
         {
             typename BufferSequence::value_type const& buffer(*iter);
-            write(buffer.data(), boost::asio::buffer_size(buffer));
+            write(
+                boost::asio::buffer_cast<void const*>(buffer),
+                boost::asio::buffer_size(buffer));
         }
     }
 
@@ -102,7 +104,7 @@ public:
 
     /** Detach the session.
         This holds the session open so that the response can be sent
-        asynchronously. Calls to io_context::run made by the server
+        asynchronously. Calls to io_service::run made by the server
         will not return until all detached sessions are closed.
     */
     virtual std::shared_ptr<Session>

include/xrpl/server/detail/BaseHTTPPeer.h

@@ -24,13 +24,11 @@
 #include <xrpl/beast/net/IPAddressConversion.h>
 #include <xrpl/beast/utility/instrumentation.h>
 #include <xrpl/server/Session.h>
-#include <xrpl/server/detail/Spawn.h>
 #include <xrpl/server/detail/io_list.h>
 
 #include <boost/asio/ip/tcp.hpp>
 #include <boost/asio/spawn.hpp>
 #include <boost/asio/ssl/stream.hpp>
-#include <boost/asio/strand.hpp>
 #include <boost/asio/streambuf.hpp>
 #include <boost/beast/core/stream_traits.hpp>
 #include <boost/beast/http/dynamic_body.hpp>
@@ -217,8 +215,8 @@ BaseHTTPPeer<Handler, Impl>::BaseHTTPPeer(
     ConstBufferSequence const& buffers)
     : port_(port)
     , handler_(handler)
-    , work_(boost::asio::make_work_guard(executor))
-    , strand_(boost::asio::make_strand(executor))
+    , work_(executor)
+    , strand_(executor)
     , remote_address_(remote_address)
     , journal_(journal)
 {
@@ -358,7 +356,7 @@ BaseHTTPPeer<Handler, Impl>::on_write(
         return;
     if (graceful_)
         return do_close();
-    util::spawn(
+    boost::asio::spawn(
         strand_,
         std::bind(
             &BaseHTTPPeer<Handler, Impl>::do_read,
@@ -377,7 +375,7 @@ BaseHTTPPeer<Handler, Impl>::do_writer(
     {
         auto const p = impl().shared_from_this();
         resume = std::function<void(void)>([this, p, writer, keep_alive]() {
-            util::spawn(
+            boost::asio::spawn(
                 strand_,
                 std::bind(
                     &BaseHTTPPeer<Handler, Impl>::do_writer,
@@ -408,7 +406,7 @@ BaseHTTPPeer<Handler, Impl>::do_writer(
     if (!keep_alive)
         return do_close();
 
-    util::spawn(
+    boost::asio::spawn(
         strand_,
         std::bind(
             &BaseHTTPPeer<Handler, Impl>::do_read,
@@ -450,14 +448,14 @@ BaseHTTPPeer<Handler, Impl>::write(
     std::shared_ptr<Writer> const& writer,
     bool keep_alive)
 {
-    util::spawn(
+    boost::asio::spawn(bind_executor(
         strand_,
         std::bind(
             &BaseHTTPPeer<Handler, Impl>::do_writer,
             impl().shared_from_this(),
             writer,
             keep_alive,
-            std::placeholders::_1));
+            std::placeholders::_1)));
 }
 
 // DEPRECATED
@@ -492,12 +490,12 @@ BaseHTTPPeer<Handler, Impl>::complete()
     }
 
     // keep-alive
-    util::spawn(
+    boost::asio::spawn(bind_executor(
         strand_,
         std::bind(
             &BaseHTTPPeer<Handler, Impl>::do_read,
             impl().shared_from_this(),
-            std::placeholders::_1));
+            std::placeholders::_1)));
 }
 
 // DEPRECATED

include/xrpl/server/detail/BasePeer.h

@@ -91,8 +91,8 @@ BasePeer<Handler, Impl>::BasePeer(
               return "##" + std::to_string(++id) + " ";
           }())
     , j_(sink_)
-    , work_(boost::asio::make_work_guard(executor))
-    , strand_(boost::asio::make_strand(executor))
+    , work_(executor)
+    , strand_(executor)
 {
 }
 

include/xrpl/server/detail/BaseWSPeer.h

@@ -29,7 +29,6 @@
 #include <xrpl/server/detail/BasePeer.h>
 #include <xrpl/server/detail/LowestLayer.h>
 
-#include <boost/asio/error.hpp>
 #include <boost/beast/core/multi_buffer.hpp>
 #include <boost/beast/http/message.hpp>
 #include <boost/beast/websocket.hpp>
@@ -421,17 +420,11 @@ BaseWSPeer<Handler, Impl>::start_timer()
     // Max seconds without completing a message
     static constexpr std::chrono::seconds timeout{30};
     static constexpr std::chrono::seconds timeoutLocal{3};
-
-    try
-    {
-        timer_.expires_after(
-            remote_endpoint().address().is_loopback() ? timeoutLocal : timeout);
-    }
-    catch (boost::system::system_error const& e)
-    {
-        return fail(e.code(), "start_timer");
-    }
-
+    error_code ec;
+    timer_.expires_from_now(
+        remote_endpoint().address().is_loopback() ? timeoutLocal : timeout, ec);
+    if (ec)
+        return fail(ec, "start_timer");
     timer_.async_wait(bind_executor(
         strand_,
         std::bind(
@@ -445,14 +438,8 @@ template <class Handler, class Impl>
 void
 BaseWSPeer<Handler, Impl>::cancel_timer()
 {
-    try
-    {
-        timer_.cancel();
-    }
-    catch (boost::system::system_error const&)
-    {
-        // ignored
-    }
+    error_code ec;
+    timer_.cancel(ec);
 }
 
 template <class Handler, class Impl>

include/xrpl/server/detail/Door.h

@@ -30,29 +30,15 @@
 #include <boost/asio/buffer.hpp>
 #include <boost/asio/io_context.hpp>
 #include <boost/asio/ip/tcp.hpp>
-#include <boost/asio/post.hpp>
 #include <boost/asio/spawn.hpp>
-#include <boost/asio/steady_timer.hpp>
 #include <boost/beast/core/detect_ssl.hpp>
 #include <boost/beast/core/multi_buffer.hpp>
 #include <boost/beast/core/tcp_stream.hpp>
 #include <boost/container/flat_map.hpp>
-#include <boost/predef.h>
 
-#if !BOOST_OS_WINDOWS
-#include <sys/resource.h>
-
-#include <dirent.h>
-#include <unistd.h>
-#endif
-
-#include <algorithm>
 #include <chrono>
-#include <cstdint>
 #include <functional>
 #include <memory>
-#include <optional>
-#include <sstream>
 
 namespace ripple {
 
@@ -83,7 +69,7 @@ private:
         stream_type stream_;
         socket_type& socket_;
         endpoint_type remote_address_;
-        boost::asio::strand<boost::asio::io_context::executor_type> strand_;
+        boost::asio::io_context::strand strand_;
         beast::Journal const j_;
 
     public:
@@ -109,30 +95,13 @@ private:
     Handler& handler_;
     boost::asio::io_context& ioc_;
     acceptor_type acceptor_;
-    boost::asio::strand<boost::asio::io_context::executor_type> strand_;
+    boost::asio::io_context::strand strand_;
     bool ssl_;
     bool plain_;
-    static constexpr std::chrono::milliseconds INITIAL_ACCEPT_DELAY{50};
-    static constexpr std::chrono::milliseconds MAX_ACCEPT_DELAY{2000};
-    std::chrono::milliseconds accept_delay_{INITIAL_ACCEPT_DELAY};
-    boost::asio::steady_timer backoff_timer_;
-    static constexpr double FREE_FD_THRESHOLD = 0.70;
-
-    struct FDStats
-    {
-        std::uint64_t used{0};
-        std::uint64_t limit{0};
-    };
 
     void
     reOpen();
 
-    std::optional<FDStats>
-    query_fd_stats() const;
-
-    bool
-    should_throttle_for_fds();
-
 public:
     Door(
         Handler& handler,
@@ -186,7 +155,7 @@ Door<Handler>::Detector::Detector(
     , stream_(std::move(stream))
     , socket_(stream_.socket())
     , remote_address_(remote_address)
-    , strand_(boost::asio::make_strand(ioc_))
+    , strand_(ioc_)
     , j_(j)
 {
 }
@@ -195,7 +164,7 @@ template <class Handler>
 void
 Door<Handler>::Detector::run()
 {
-    util::spawn(
+    boost::asio::spawn(
         strand_,
         std::bind(
             &Detector::do_detect,
@@ -300,7 +269,7 @@ Door<Handler>::reOpen()
         Throw<std::exception>();
     }
 
-    acceptor_.listen(boost::asio::socket_base::max_listen_connections, ec);
+    acceptor_.listen(boost::asio::socket_base::max_connections, ec);
     if (ec)
     {
         JLOG(j_.error()) << "Listen on port '" << port_.name
@@ -322,7 +291,7 @@ Door<Handler>::Door(
     , handler_(handler)
     , ioc_(io_context)
     , acceptor_(io_context)
-    , strand_(boost::asio::make_strand(io_context))
+    , strand_(io_context)
     , ssl_(
           port_.protocol.count("https") > 0 ||
           port_.protocol.count("wss") > 0 || port_.protocol.count("wss2") > 0 ||
@@ -330,7 +299,6 @@ Door<Handler>::Door(
     , plain_(
           port_.protocol.count("http") > 0 || port_.protocol.count("ws") > 0 ||
           port_.protocol.count("ws2"))
-    , backoff_timer_(io_context)
 {
     reOpen();
 }
@@ -339,7 +307,7 @@ template <class Handler>
 void
 Door<Handler>::run()
 {
-    util::spawn(
+    boost::asio::spawn(
         strand_,
         std::bind(
             &Door<Handler>::do_accept,
@@ -352,10 +320,8 @@ void
 Door<Handler>::close()
 {
     if (!strand_.running_in_this_thread())
-        return boost::asio::post(
-            strand_,
+        return strand_.post(
             std::bind(&Door<Handler>::close, this->shared_from_this()));
-    backoff_timer_.cancel();
     error_code ec;
     acceptor_.close(ec);
 }
@@ -401,17 +367,6 @@ Door<Handler>::do_accept(boost::asio::yield_context do_yield)
 {
     while (acceptor_.is_open())
     {
-        if (should_throttle_for_fds())
-        {
-            backoff_timer_.expires_after(accept_delay_);
-            boost::system::error_code tec;
-            backoff_timer_.async_wait(do_yield[tec]);
-            accept_delay_ = std::min(accept_delay_ * 2, MAX_ACCEPT_DELAY);
-            JLOG(j_.warn()) << "Throttling do_accept for "
-                            << accept_delay_.count() << "ms.";
-            continue;
-        }
-
         error_code ec;
         endpoint_type remote_address;
         stream_type stream(ioc_);
@@ -421,28 +376,15 @@ Door<Handler>::do_accept(boost::asio::yield_context do_yield)
         {
             if (ec == boost::asio::error::operation_aborted)
                 break;
-
-            if (ec == boost::asio::error::no_descriptors ||
-                ec == boost::asio::error::no_buffer_space)
+            JLOG(j_.error()) << "accept: " << ec.message();
+            if (ec == boost::asio::error::no_descriptors)
             {
-                JLOG(j_.warn()) << "accept: Too many open files. Pausing for "
-                                << accept_delay_.count() << "ms.";
-
-                backoff_timer_.expires_after(accept_delay_);
-                boost::system::error_code tec;
-                backoff_timer_.async_wait(do_yield[tec]);
-
-                accept_delay_ = std::min(accept_delay_ * 2, MAX_ACCEPT_DELAY);
-            }
-            else
-            {
-                JLOG(j_.error()) << "accept error: " << ec.message();
+                JLOG(j_.info()) << "re-opening acceptor";
+                reOpen();
             }
             continue;
         }
 
-        accept_delay_ = INITIAL_ACCEPT_DELAY;
-
         if (ssl_ && plain_)
         {
             if (auto sp = ios().template emplace<Detector>(
@@ -465,60 +407,6 @@ Door<Handler>::do_accept(boost::asio::yield_context do_yield)
     }
 }
 
-template <class Handler>
-std::optional<typename Door<Handler>::FDStats>
-Door<Handler>::query_fd_stats() const
-{
-#if BOOST_OS_WINDOWS
-    return std::nullopt;
-#else
-    FDStats s;
-    struct rlimit rl;
-    if (getrlimit(RLIMIT_NOFILE, &rl) != 0 || rl.rlim_cur == RLIM_INFINITY)
-        return std::nullopt;
-    s.limit = static_cast<std::uint64_t>(rl.rlim_cur);
-#if BOOST_OS_LINUX
-    constexpr char const* kFdDir = "/proc/self/fd";
-#else
-    constexpr char const* kFdDir = "/dev/fd";
-#endif
-    if (DIR* d = ::opendir(kFdDir))
-    {
-        std::uint64_t cnt = 0;
-        while (::readdir(d) != nullptr)
-            ++cnt;
-        ::closedir(d);
-        // readdir counts '.', '..', and the DIR* itself shows in the list
-        s.used = (cnt >= 3) ? (cnt - 3) : 0;
-        return s;
-    }
-    return std::nullopt;
-#endif
-}
-
-template <class Handler>
-bool
-Door<Handler>::should_throttle_for_fds()
-{
-#if BOOST_OS_WINDOWS
-    return false;
-#else
-    auto const stats = query_fd_stats();
-    if (!stats || stats->limit == 0)
-        return false;
-
-    auto const& s = *stats;
-    auto const free = (s.limit > s.used) ? (s.limit - s.used) : 0ull;
-    double const free_ratio =
-        static_cast<double>(free) / static_cast<double>(s.limit);
-    if (free_ratio < FREE_FD_THRESHOLD)
-    {
-        return true;
-    }
-    return false;
-#endif
-}
-
 }  // namespace ripple
 
 #endif

include/xrpl/server/detail/PlainHTTPPeer.h

@@ -105,7 +105,7 @@ PlainHTTPPeer<Handler>::run()
 {
     if (!this->handler_.onAccept(this->session(), this->remote_address_))
     {
-        util::spawn(
+        boost::asio::spawn(
             this->strand_,
             std::bind(&PlainHTTPPeer::do_close, this->shared_from_this()));
         return;
@@ -114,7 +114,7 @@ PlainHTTPPeer<Handler>::run()
     if (!socket_.is_open())
         return;
 
-    util::spawn(
+    boost::asio::spawn(
         this->strand_,
         std::bind(
             &PlainHTTPPeer::do_read,

include/xrpl/server/detail/SSLHTTPPeer.h

@@ -115,14 +115,14 @@ SSLHTTPPeer<Handler>::run()
 {
     if (!this->handler_.onAccept(this->session(), this->remote_address_))
     {
-        util::spawn(
+        boost::asio::spawn(
             this->strand_,
             std::bind(&SSLHTTPPeer::do_close, this->shared_from_this()));
         return;
     }
     if (!socket_.is_open())
         return;
-    util::spawn(
+    boost::asio::spawn(
         this->strand_,
         std::bind(
             &SSLHTTPPeer::do_handshake,
@@ -164,7 +164,7 @@ SSLHTTPPeer<Handler>::do_handshake(yield_context do_yield)
         this->port().protocol.count("https") > 0;
     if (http)
     {
-        util::spawn(
+        boost::asio::spawn(
             this->strand_,
             std::bind(
                 &SSLHTTPPeer::do_read,

include/xrpl/server/detail/ServerImpl.h

@@ -26,8 +26,6 @@
 #include <xrpl/server/detail/io_list.h>
 
 #include <boost/asio.hpp>
-#include <boost/asio/executor_work_guard.hpp>
-#include <boost/asio/io_context.hpp>
 
 #include <array>
 #include <chrono>
@@ -87,11 +85,9 @@ private:
 
     Handler& handler_;
     beast::Journal const j_;
-    boost::asio::io_context& io_context_;
-    boost::asio::strand<boost::asio::io_context::executor_type> strand_;
-    std::optional<boost::asio::executor_work_guard<
-        boost::asio::io_context::executor_type>>
-        work_;
+    boost::asio::io_service& io_service_;
+    boost::asio::io_service::strand strand_;
+    std::optional<boost::asio::io_service::work> work_;
 
     std::mutex m_;
     std::vector<Port> ports_;
@@ -104,7 +100,7 @@ private:
 public:
     ServerImpl(
         Handler& handler,
-        boost::asio::io_context& io_context,
+        boost::asio::io_service& io_service,
         beast::Journal journal);
 
     ~ServerImpl();
@@ -127,10 +123,10 @@ public:
         return ios_;
     }
 
-    boost::asio::io_context&
-    get_io_context()
+    boost::asio::io_service&
+    get_io_service()
     {
-        return io_context_;
+        return io_service_;
     }
 
     bool
@@ -144,13 +140,13 @@ private:
 template <class Handler>
 ServerImpl<Handler>::ServerImpl(
     Handler& handler,
-    boost::asio::io_context& io_context,
+    boost::asio::io_service& io_service,
     beast::Journal journal)
     : handler_(handler)
     , j_(journal)
-    , io_context_(io_context)
-    , strand_(boost::asio::make_strand(io_context_))
-    , work_(std::in_place, boost::asio::make_work_guard(io_context_))
+    , io_service_(io_service)
+    , strand_(io_service_)
+    , work_(io_service_)
 {
 }
 
@@ -177,7 +173,7 @@ ServerImpl<Handler>::ports(std::vector<Port> const& ports)
         ports_.push_back(port);
         auto& internalPort = ports_.back();
         if (auto sp = ios_.emplace<Door<Handler>>(
-                handler_, io_context_, internalPort, j_))
+                handler_, io_service_, internalPort, j_))
         {
             list_.push_back(sp);
 

include/xrpl/server/detail/Spawn.h

@@ -1,108 +0,0 @@
-//------------------------------------------------------------------------------
-/*
-    This file is part of rippled: https://github.com/ripple/rippled
-    Copyright(c) 2025 Ripple Labs Inc.
-
-    Permission to use, copy, modify, and/or distribute this software for any
-    purpose  with  or without fee is hereby granted, provided that the above
-    copyright notice and this permission notice appear in all copies.
-
-    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
-    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
-    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-*/
-//==============================================================================
-
-#ifndef RIPPLE_SERVER_SPAWN_H_INCLUDED
-#define RIPPLE_SERVER_SPAWN_H_INCLUDED
-
-#include <xrpl/basics/Log.h>
-
-#include <boost/asio/spawn.hpp>
-#include <boost/asio/strand.hpp>
-
-#include <concepts>
-#include <type_traits>
-
-namespace ripple::util {
-namespace impl {
-
-template <typename T>
-concept IsStrand = std::same_as<
-    std::decay_t<T>,
-    boost::asio::strand<typename std::decay_t<T>::inner_executor_type>>;
-
-/**
- * @brief A completion handler that restores `boost::asio::spawn`'s behaviour
- * from Boost 1.83
- *
- * This is intended to be passed as the third argument to `boost::asio::spawn`
- * so that exceptions are not ignored but propagated to `io_context.run()` call
- * site.
- *
- * @param ePtr The exception that was caught on the coroutine
- */
-inline constexpr auto kPROPAGATE_EXCEPTIONS = [](std::exception_ptr ePtr) {
-    if (ePtr)
-    {
-        try
-        {
-            std::rethrow_exception(ePtr);
-        }
-        catch (std::exception const& e)
-        {
-            JLOG(debugLog().warn()) << "Spawn exception: " << e.what();
-            throw;
-        }
-        catch (...)
-        {
-            JLOG(debugLog().warn()) << "Spawn exception: Unknown";
-            throw;
-        }
-    }
-};
-
-}  // namespace impl
-
-/**
- * @brief Spawns a coroutine using `boost::asio::spawn`
- *
- * @note This uses kPROPAGATE_EXCEPTIONS to force asio to propagate exceptions
- * through `io_context`
- * @note Since implicit strand was removed from boost::asio::spawn this helper
- * function adds the strand back
- *
- * @tparam Ctx The type of the context/strand
- * @tparam F The type of the function to execute
- * @param ctx The execution context
- * @param func The function to execute. Must return `void`
- */
-template <typename Ctx, typename F>
-    requires std::is_invocable_r_v<void, F, boost::asio::yield_context>
-void
-spawn(Ctx&& ctx, F&& func)
-{
-    if constexpr (impl::IsStrand<Ctx>)
-    {
-        boost::asio::spawn(
-            std::forward<Ctx>(ctx),
-            std::forward<F>(func),
-            impl::kPROPAGATE_EXCEPTIONS);
-    }
-    else
-    {
-        boost::asio::spawn(
-            boost::asio::make_strand(
-                boost::asio::get_associated_executor(std::forward<Ctx>(ctx))),
-            std::forward<F>(func),
-            impl::kPROPAGATE_EXCEPTIONS);
-    }
-}
-
-}  // namespace ripple::util
-
-#endif

include/xrpl/server/detail/io_list.h

@@ -166,7 +166,7 @@ public:
             May be called concurrently.
 
         Preconditions:
-            No call to io_context::run on any io_context
+            No call to io_service::run on any io_service
             used by work objects associated with this io_list
             exists in the caller's call stack.
     */

src/libxrpl/basics/BasicConfig.cpp

@@ -49,7 +49,7 @@ Section::append(std::vector<std::string> const& lines)
     // <key> '=' <value>
     static boost::regex const re1(
         "^"                        // start of line
-        "(?:\\s*)"                 // whitespace (optonal)
+        "(?:\\s*)"                 // whitespace (optional)
         "([a-zA-Z][_a-zA-Z0-9]*)"  // <key>
         "(?:\\s*)"                 // whitespace (optional)
         "(?:=)"                    // '='

src/libxrpl/basics/Number.cpp

@@ -93,6 +93,18 @@ public:
     // tie, round towards even.
     int
     round() noexcept;
+
+    // Modify the result to the correctly rounded value
+    void
+    doRoundUp(rep& mantissa, int& exponent, std::string location);
+
+    // Modify the result to the correctly rounded value
+    void
+    doRoundDown(rep& mantissa, int& exponent);
+
+    // Modify the result to the correctly rounded value
+    void
+    doRound(rep& drops);
 };
 
 inline void
@@ -170,6 +182,61 @@ Number::Guard::round() noexcept
     return 0;
 }
 
+void
+Number::Guard::doRoundUp(rep& mantissa, int& exponent, std::string location)
+{
+    auto r = round();
+    if (r == 1 || (r == 0 && (mantissa & 1) == 1))
+    {
+        ++mantissa;
+        if (mantissa > maxMantissa)
+        {
+            mantissa /= 10;
+            ++exponent;
+        }
+    }
+    if (exponent < minExponent)
+    {
+        mantissa = 0;
+        exponent = Number{}.exponent_;
+    }
+    if (exponent > maxExponent)
+        throw std::overflow_error(location);
+}
+
+void
+Number::Guard::doRoundDown(rep& mantissa, int& exponent)
+{
+    auto r = round();
+    if (r == 1 || (r == 0 && (mantissa & 1) == 1))
+    {
+        --mantissa;
+        if (mantissa < minMantissa)
+        {
+            mantissa *= 10;
+            --exponent;
+        }
+    }
+    if (exponent < minExponent)
+    {
+        mantissa = 0;
+        exponent = Number{}.exponent_;
+    }
+}
+
+// Modify the result to the correctly rounded value
+void
+Number::Guard::doRound(rep& drops)
+{
+    auto r = round();
+    if (r == 1 || (r == 0 && (drops & 1) == 1))
+    {
+        ++drops;
+    }
+    if (is_negative())
+        drops = -drops;
+}
+
 // Number
 
 constexpr Number one{1000000000000000, -15, Number::unchecked{}};
@@ -209,18 +276,7 @@ Number::normalize()
         return;
     }
 
-    auto r = g.round();
-    if (r == 1 || (r == 0 && (mantissa_ & 1) == 1))
-    {
-        ++mantissa_;
-        if (mantissa_ > maxMantissa)
-        {
-            mantissa_ /= 10;
-            ++exponent_;
-        }
-    }
-    if (exponent_ > maxExponent)
-        throw std::overflow_error("Number::normalize 2");
+    g.doRoundUp(mantissa_, exponent_, "Number::normalize 2");
 
     if (negative)
         mantissa_ = -mantissa_;
@@ -292,18 +348,7 @@ Number::operator+=(Number const& y)
             xm /= 10;
             ++xe;
         }
-        auto r = g.round();
-        if (r == 1 || (r == 0 && (xm & 1) == 1))
-        {
-            ++xm;
-            if (xm > maxMantissa)
-            {
-                xm /= 10;
-                ++xe;
-            }
-        }
-        if (xe > maxExponent)
-            throw std::overflow_error("Number::addition overflow");
+        g.doRoundUp(xm, xe, "Number::addition overflow");
     }
     else
     {
@@ -323,21 +368,7 @@ Number::operator+=(Number const& y)
             xm -= g.pop();
             --xe;
         }
-        auto r = g.round();
-        if (r == 1 || (r == 0 && (xm & 1) == 1))
-        {
-            --xm;
-            if (xm < minMantissa)
-            {
-                xm *= 10;
-                --xe;
-            }
-        }
-        if (xe < minExponent)
-        {
-            xm = 0;
-            xe = Number{}.exponent_;
-        }
+        g.doRoundDown(xm, xe);
     }
     mantissa_ = xm * xn;
     exponent_ = xe;
@@ -417,25 +448,10 @@ Number::operator*=(Number const& y)
     }
     xm = static_cast<rep>(zm);
     xe = ze;
-    auto r = g.round();
-    if (r == 1 || (r == 0 && (xm & 1) == 1))
-    {
-        ++xm;
-        if (xm > maxMantissa)
-        {
-            xm /= 10;
-            ++xe;
-        }
-    }
-    if (xe < minExponent)
-    {
-        xm = 0;
-        xe = Number{}.exponent_;
-    }
-    if (xe > maxExponent)
-        throw std::overflow_error(
-            "Number::multiplication overflow : exponent is " +
-            std::to_string(xe));
+    g.doRoundUp(
+        xm,
+        xe,
+        "Number::multiplication overflow : exponent is " + std::to_string(xe));
     mantissa_ = xm * zn;
     exponent_ = xe;
     XRPL_ASSERT(
@@ -500,17 +516,29 @@ Number::operator rep() const
                 throw std::overflow_error("Number::operator rep() overflow");
             drops *= 10;
         }
-        auto r = g.round();
-        if (r == 1 || (r == 0 && (drops & 1) == 1))
-        {
-            ++drops;
-        }
-        if (g.is_negative())
-            drops = -drops;
+        g.doRound(drops);
     }
     return drops;
 }
 
+Number
+Number::truncate() const noexcept
+{
+    if (exponent_ >= 0 || mantissa_ == 0)
+        return *this;
+
+    Number ret = *this;
+    while (ret.exponent_ < 0 && ret.mantissa_ != 0)
+    {
+        ret.exponent_ += 1;
+        ret.mantissa_ /= rep(10);
+    }
+    // We are guaranteed that normalize() will never throw an exception
+    // because exponent is either negative or zero at this point.
+    ret.normalize();
+    return ret;
+}
+
 std::string
 to_string(Number const& amount)
 {

src/libxrpl/basics/ResolverAsio.cpp

@@ -25,9 +25,8 @@
 #include <xrpl/beast/utility/Journal.h>
 #include <xrpl/beast/utility/instrumentation.h>
 
-#include <boost/asio/bind_executor.hpp>
 #include <boost/asio/error.hpp>
-#include <boost/asio/io_context.hpp>
+#include <boost/asio/io_service.hpp>
 #include <boost/asio/ip/tcp.hpp>
 #include <boost/system/detail/error_code.hpp>
 
@@ -125,8 +124,8 @@ public:
 
     beast::Journal m_journal;
 
-    boost::asio::io_context& m_io_context;
-    boost::asio::strand<boost::asio::io_context::executor_type> m_strand;
+    boost::asio::io_service& m_io_service;
+    boost::asio::io_service::strand m_strand;
     boost::asio::ip::tcp::resolver m_resolver;
 
     std::condition_variable m_cv;
@@ -156,12 +155,12 @@ public:
     std::deque<Work> m_work;
 
     ResolverAsioImpl(
-        boost::asio::io_context& io_context,
+        boost::asio::io_service& io_service,
         beast::Journal journal)
         : m_journal(journal)
-        , m_io_context(io_context)
-        , m_strand(boost::asio::make_strand(io_context))
-        , m_resolver(io_context)
+        , m_io_service(io_service)
+        , m_strand(io_service)
+        , m_resolver(io_service)
         , m_asyncHandlersCompleted(true)
         , m_stop_called(false)
         , m_stopped(true)
@@ -217,14 +216,8 @@ public:
     {
         if (m_stop_called.exchange(true) == false)
         {
-            boost::asio::dispatch(
-                m_io_context,
-                boost::asio::bind_executor(
-                    m_strand,
-                    std::bind(
-                        &ResolverAsioImpl::do_stop,
-                        this,
-                        CompletionCounter(this))));
+            m_io_service.dispatch(m_strand.wrap(std::bind(
+                &ResolverAsioImpl::do_stop, this, CompletionCounter(this))));
 
             JLOG(m_journal.debug()) << "Queued a stop request";
         }
@@ -255,16 +248,12 @@ public:
 
         // TODO NIKB use rvalue references to construct and move
         //           reducing cost.
-        boost::asio::dispatch(
-            m_io_context,
-            boost::asio::bind_executor(
-                m_strand,
-                std::bind(
-                    &ResolverAsioImpl::do_resolve,
-                    this,
-                    names,
-                    handler,
-                    CompletionCounter(this))));
+        m_io_service.dispatch(m_strand.wrap(std::bind(
+            &ResolverAsioImpl::do_resolve,
+            this,
+            names,
+            handler,
+            CompletionCounter(this))));
     }
 
     //-------------------------------------------------------------------------
@@ -290,20 +279,19 @@ public:
         std::string name,
         boost::system::error_code const& ec,
         HandlerType handler,
-        boost::asio::ip::tcp::resolver::results_type results,
+        boost::asio::ip::tcp::resolver::iterator iter,
         CompletionCounter)
     {
         if (ec == boost::asio::error::operation_aborted)
             return;
 
         std::vector<beast::IP::Endpoint> addresses;
-        auto iter = results.begin();
 
         // If we get an error message back, we don't return any
         // results that we may have gotten.
         if (!ec)
         {
-            while (iter != results.end())
+            while (iter != boost::asio::ip::tcp::resolver::iterator())
             {
                 addresses.push_back(
                     beast::IPAddressConversion::from_asio(*iter));
@@ -313,14 +301,8 @@ public:
 
         handler(name, addresses);
 
-        boost::asio::post(
-            m_io_context,
-            boost::asio::bind_executor(
-                m_strand,
-                std::bind(
-                    &ResolverAsioImpl::do_work,
-                    this,
-                    CompletionCounter(this))));
+        m_io_service.post(m_strand.wrap(std::bind(
+            &ResolverAsioImpl::do_work, this, CompletionCounter(this))));
     }
 
     HostAndPort
@@ -401,21 +383,16 @@ public:
         {
             JLOG(m_journal.error()) << "Unable to parse '" << name << "'";
 
-            boost::asio::post(
-                m_io_context,
-                boost::asio::bind_executor(
-                    m_strand,
-                    std::bind(
-                        &ResolverAsioImpl::do_work,
-                        this,
-                        CompletionCounter(this))));
+            m_io_service.post(m_strand.wrap(std::bind(
+                &ResolverAsioImpl::do_work, this, CompletionCounter(this))));
 
             return;
         }
 
+        boost::asio::ip::tcp::resolver::query query(host, port);
+
         m_resolver.async_resolve(
-            host,
-            port,
+            query,
             std::bind(
                 &ResolverAsioImpl::do_finish,
                 this,
@@ -446,14 +423,10 @@ public:
 
             if (m_work.size() > 0)
             {
-                boost::asio::post(
-                    m_io_context,
-                    boost::asio::bind_executor(
-                        m_strand,
-                        std::bind(
-                            &ResolverAsioImpl::do_work,
-                            this,
-                            CompletionCounter(this))));
+                m_io_service.post(m_strand.wrap(std::bind(
+                    &ResolverAsioImpl::do_work,
+                    this,
+                    CompletionCounter(this))));
             }
         }
     }
@@ -462,9 +435,9 @@ public:
 //-----------------------------------------------------------------------------
 
 std::unique_ptr<ResolverAsio>
-ResolverAsio::New(boost::asio::io_context& io_context, beast::Journal journal)
+ResolverAsio::New(boost::asio::io_service& io_service, beast::Journal journal)
 {
-    return std::make_unique<ResolverAsioImpl>(io_context, journal);
+    return std::make_unique<ResolverAsioImpl>(io_service, journal);
 }
 
 //-----------------------------------------------------------------------------

src/libxrpl/beast/insight/StatsDCollector.cpp

@@ -30,11 +30,9 @@
 #include <xrpl/beast/utility/instrumentation.h>
 
 #include <boost/asio/basic_waitable_timer.hpp>
-#include <boost/asio/bind_executor.hpp>
 #include <boost/asio/buffer.hpp>
 #include <boost/asio/error.hpp>
-#include <boost/asio/executor_work_guard.hpp>
-#include <boost/asio/io_context.hpp>
+#include <boost/asio/io_service.hpp>
 #include <boost/asio/ip/udp.hpp>
 #include <boost/asio/strand.hpp>
 #include <boost/system/detail/error_code.hpp>
@@ -240,11 +238,9 @@ private:
     Journal m_journal;
     IP::Endpoint m_address;
     std::string m_prefix;
-    boost::asio::io_context m_io_context;
-    std::optional<boost::asio::executor_work_guard<
-        boost::asio::io_context::executor_type>>
-        m_work;
-    boost::asio::strand<boost::asio::io_context::executor_type> m_strand;
+    boost::asio::io_service m_io_service;
+    std::optional<boost::asio::io_service::work> m_work;
+    boost::asio::io_service::strand m_strand;
     boost::asio::basic_waitable_timer<std::chrono::steady_clock> m_timer;
     boost::asio::ip::udp::socket m_socket;
     std::deque<std::string> m_data;
@@ -268,24 +264,18 @@ public:
         : m_journal(journal)
         , m_address(address)
         , m_prefix(prefix)
-        , m_work(boost::asio::make_work_guard(m_io_context))
-        , m_strand(boost::asio::make_strand(m_io_context))
-        , m_timer(m_io_context)
-        , m_socket(m_io_context)
+        , m_work(std::ref(m_io_service))
+        , m_strand(m_io_service)
+        , m_timer(m_io_service)
+        , m_socket(m_io_service)
         , m_thread(&StatsDCollectorImp::run, this)
     {
     }
 
     ~StatsDCollectorImp() override
     {
-        try
-        {
-            m_timer.cancel();
-        }
-        catch (boost::system::system_error const&)
-        {
-            // ignored
-        }
+        boost::system::error_code ec;
+        m_timer.cancel(ec);
 
         m_work.reset();
         m_thread.join();
@@ -344,10 +334,10 @@ public:
 
     //--------------------------------------------------------------------------
 
-    boost::asio::io_context&
-    get_io_context()
+    boost::asio::io_service&
+    get_io_service()
     {
-        return m_io_context;
+        return m_io_service;
     }
 
     std::string const&
@@ -365,14 +355,8 @@ public:
     void
     post_buffer(std::string&& buffer)
     {
-        boost::asio::dispatch(
-            m_io_context,
-            boost::asio::bind_executor(
-                m_strand,
-                std::bind(
-                    &StatsDCollectorImp::do_post_buffer,
-                    this,
-                    std::move(buffer))));
+        m_io_service.dispatch(m_strand.wrap(std::bind(
+            &StatsDCollectorImp::do_post_buffer, this, std::move(buffer))));
     }
 
     // The keepAlive parameter makes sure the buffers sent to
@@ -402,7 +386,8 @@ public:
         for (auto const& buffer : buffers)
         {
             std::string const s(
-                buffer.data(), boost::asio::buffer_size(buffer));
+                boost::asio::buffer_cast<char const*>(buffer),
+                boost::asio::buffer_size(buffer));
             std::cerr << s;
         }
         std::cerr << '\n';
@@ -471,7 +456,7 @@ public:
     set_timer()
     {
         using namespace std::chrono_literals;
-        m_timer.expires_after(1s);
+        m_timer.expires_from_now(1s);
         m_timer.async_wait(std::bind(
             &StatsDCollectorImp::on_timer, this, std::placeholders::_1));
     }
@@ -513,13 +498,13 @@ public:
 
         set_timer();
 
-        m_io_context.run();
+        m_io_service.run();
 
         m_socket.shutdown(boost::asio::ip::udp::socket::shutdown_send, ec);
 
         m_socket.close();
 
-        m_io_context.poll();
+        m_io_service.poll();
     }
 };
 
@@ -562,12 +547,10 @@ StatsDCounterImpl::~StatsDCounterImpl()
 void
 StatsDCounterImpl::increment(CounterImpl::value_type amount)
 {
-    boost::asio::dispatch(
-        m_impl->get_io_context(),
-        std::bind(
-            &StatsDCounterImpl::do_increment,
-            std::static_pointer_cast<StatsDCounterImpl>(shared_from_this()),
-            amount));
+    m_impl->get_io_service().dispatch(std::bind(
+        &StatsDCounterImpl::do_increment,
+        std::static_pointer_cast<StatsDCounterImpl>(shared_from_this()),
+        amount));
 }
 
 void
@@ -609,12 +592,10 @@ StatsDEventImpl::StatsDEventImpl(
 void
 StatsDEventImpl::notify(EventImpl::value_type const& value)
 {
-    boost::asio::dispatch(
-        m_impl->get_io_context(),
-        std::bind(
-            &StatsDEventImpl::do_notify,
-            std::static_pointer_cast<StatsDEventImpl>(shared_from_this()),
-            value));
+    m_impl->get_io_service().dispatch(std::bind(
+        &StatsDEventImpl::do_notify,
+        std::static_pointer_cast<StatsDEventImpl>(shared_from_this()),
+        value));
 }
 
 void
@@ -644,23 +625,19 @@ StatsDGaugeImpl::~StatsDGaugeImpl()
 void
 StatsDGaugeImpl::set(GaugeImpl::value_type value)
 {
-    boost::asio::dispatch(
-        m_impl->get_io_context(),
-        std::bind(
-            &StatsDGaugeImpl::do_set,
-            std::static_pointer_cast<StatsDGaugeImpl>(shared_from_this()),
-            value));
+    m_impl->get_io_service().dispatch(std::bind(
+        &StatsDGaugeImpl::do_set,
+        std::static_pointer_cast<StatsDGaugeImpl>(shared_from_this()),
+        value));
 }
 
 void
 StatsDGaugeImpl::increment(GaugeImpl::difference_type amount)
 {
-    boost::asio::dispatch(
-        m_impl->get_io_context(),
-        std::bind(
-            &StatsDGaugeImpl::do_increment,
-            std::static_pointer_cast<StatsDGaugeImpl>(shared_from_this()),
-            amount));
+    m_impl->get_io_service().dispatch(std::bind(
+        &StatsDGaugeImpl::do_increment,
+        std::static_pointer_cast<StatsDGaugeImpl>(shared_from_this()),
+        amount));
 }
 
 void
@@ -736,12 +713,10 @@ StatsDMeterImpl::~StatsDMeterImpl()
 void
 StatsDMeterImpl::increment(MeterImpl::value_type amount)
 {
-    boost::asio::dispatch(
-        m_impl->get_io_context(),
-        std::bind(
-            &StatsDMeterImpl::do_increment,
-            std::static_pointer_cast<StatsDMeterImpl>(shared_from_this()),
-            amount));
+    m_impl->get_io_service().dispatch(std::bind(
+        &StatsDMeterImpl::do_increment,
+        std::static_pointer_cast<StatsDMeterImpl>(shared_from_this()),
+        amount));
 }
 
 void

src/libxrpl/beast/net/IPAddressV4.cpp

@@ -25,11 +25,11 @@ namespace IP {
 bool
 is_private(AddressV4 const& addr)
 {
-    return ((addr.to_uint() & 0xff000000) ==
+    return ((addr.to_ulong() & 0xff000000) ==
             0x0a000000) ||  // Prefix /8,    10.  #.#.#
-        ((addr.to_uint() & 0xfff00000) ==
+        ((addr.to_ulong() & 0xfff00000) ==
          0xac100000) ||  // Prefix /12   172. 16.#.# - 172.31.#.#
-        ((addr.to_uint() & 0xffff0000) ==
+        ((addr.to_ulong() & 0xffff0000) ==
          0xc0a80000) ||  // Prefix /16   192.168.#.#
         addr.is_loopback();
 }
@@ -44,7 +44,7 @@ char
 get_class(AddressV4 const& addr)
 {
     static char const* table = "AAAABBCD";
-    return table[(addr.to_uint() & 0xE0000000) >> 29];
+    return table[(addr.to_ulong() & 0xE0000000) >> 29];
 }
 
 }  // namespace IP

src/libxrpl/beast/net/IPAddressV6.cpp

@@ -20,8 +20,6 @@
 #include <xrpl/beast/net/IPAddressV4.h>
 #include <xrpl/beast/net/IPAddressV6.h>
 
-#include <boost/asio/ip/address_v4.hpp>
-
 namespace beast {
 namespace IP {
 
@@ -30,9 +28,7 @@ is_private(AddressV6 const& addr)
 {
     return (
         (addr.to_bytes()[0] & 0xfd) ||  // TODO  fc00::/8 too ?
-        (addr.is_v4_mapped() &&
-         is_private(boost::asio::ip::make_address_v4(
-             boost::asio::ip::v4_mapped, addr))));
+        (addr.is_v4_mapped() && is_private(addr.to_v4())));
 }
 
 bool

src/libxrpl/beast/net/IPEndpoint.cpp

@@ -21,8 +21,6 @@
 #include <xrpl/beast/net/IPEndpoint.h>
 
 #include <boost/algorithm/string/trim.hpp>
-#include <boost/asio/ip/address.hpp>
-#include <boost/asio/ip/address_v4.hpp>
 #include <boost/system/detail/error_code.hpp>
 
 #include <cctype>
@@ -169,7 +167,7 @@ operator>>(std::istream& is, Endpoint& endpoint)
     }
 
     boost::system::error_code ec;
-    auto addr = boost::asio::ip::make_address(addrStr, ec);
+    auto addr = Address::from_string(addrStr, ec);
     if (ec)
     {
         is.setstate(std::ios_base::failbit);

src/libxrpl/json/json_value.cpp

@@ -33,9 +33,6 @@
 namespace Json {
 
 Value const Value::null;
-Int const Value::minInt = Int(~(UInt(-1) / 2));
-Int const Value::maxInt = Int(UInt(-1) / 2);
-UInt const Value::maxUInt = UInt(-1);
 
 class DefaultValueAllocator : public ValueAllocator
 {
@@ -569,6 +566,69 @@ Value::asInt() const
     return 0;  // unreachable;
 }
 
+UInt
+Value::asAbsUInt() const
+{
+    switch (type_)
+    {
+        case nullValue:
+            return 0;
+
+        case intValue: {
+            // Doing this conversion through int64 avoids overflow error for
+            // value_.int_ = -1 * 2^31 i.e. numeric_limits<int>::min().
+            if (value_.int_ < 0)
+                return static_cast<std::int64_t>(value_.int_) * -1;
+            return value_.int_;
+        }
+
+        case uintValue:
+            return value_.uint_;
+
+        case realValue: {
+            if (value_.real_ < 0)
+            {
+                JSON_ASSERT_MESSAGE(
+                    -1 * value_.real_ <= maxUInt,
+                    "Real out of unsigned integer range");
+                return UInt(-1 * value_.real_);
+            }
+            JSON_ASSERT_MESSAGE(
+                value_.real_ <= maxUInt, "Real out of unsigned integer range");
+            return UInt(value_.real_);
+        }
+
+        case booleanValue:
+            return value_.bool_ ? 1 : 0;
+
+        case stringValue: {
+            char const* const str{value_.string_ ? value_.string_ : ""};
+            auto const temp = beast::lexicalCastThrow<std::int64_t>(str);
+            if (temp < 0)
+            {
+                JSON_ASSERT_MESSAGE(
+                    -1 * temp <= maxUInt,
+                    "String out of unsigned integer range");
+                return -1 * temp;
+            }
+            JSON_ASSERT_MESSAGE(
+                temp <= maxUInt, "String out of unsigned integer range");
+            return temp;
+        }
+
+        case arrayValue:
+        case objectValue:
+            JSON_ASSERT_MESSAGE(false, "Type is not convertible to int");
+
+            // LCOV_EXCL_START
+        default:
+            UNREACHABLE("Json::Value::asAbsInt : invalid type");
+            // LCOV_EXCL_STOP
+    }
+
+    return 0;  // unreachable;
+}
+
 Value::UInt
 Value::asUInt() const
 {
@@ -1001,6 +1061,12 @@ Value::isMember(std::string const& key) const
     return isMember(key.c_str());
 }
 
+bool
+Value::isMember(StaticString const& key) const
+{
+    return isMember(key.c_str());
+}
+
 Value::Members
 Value::getMemberNames() const
 {

src/libxrpl/ledger/ApplyStateTable.cpp

@@ -126,10 +126,10 @@ ApplyStateTable::apply(
     std::optional<TxMeta> metadata;
     if (!to.open() || isDryRun)
     {
-        TxMeta meta(tx.getTransactionID(), to.seq());
+        TxMeta meta(tx.getTransactionID(), to.seq(), parentBatchId);
 
-        meta.setDeliveredAmount(deliver);
-        meta.setParentBatchID(parentBatchId);
+        if (deliver)
+            meta.setDeliveredAmount(*deliver);
 
         Mods newMod;
         for (auto& item : items_)
@@ -682,6 +682,12 @@ ApplyStateTable::threadOwners(
             if (auto const optSleAcct{(*sle)[~sfAccount]})
                 threadTx(base, meta, *optSleAcct, mods, j);
 
+            // Don't thread a check's sfDestination unless the amendment is
+            // enabled
+            if (ledgerType == ltCHECK &&
+                !base.rules().enabled(fixCheckThreading))
+                break;
+
             // If sfDestination is present, thread to that account
             if (auto const optSleDest{(*sle)[~sfDestination]})
                 threadTx(base, meta, *optSleDest, mods, j);

src/libxrpl/ledger/ApplyView.cpp

@@ -27,73 +27,95 @@
 
 namespace ripple {
 
-std::optional<std::uint64_t>
-ApplyView::dirAdd(
-    bool preserveOrder,
+namespace directory {
+
+std::uint64_t
+createRoot(
+    ApplyView& view,
     Keylet const& directory,
     uint256 const& key,
     std::function<void(std::shared_ptr<SLE> const&)> const& describe)
 {
-    auto root = peek(directory);
+    auto newRoot = std::make_shared<SLE>(directory);
+    newRoot->setFieldH256(sfRootIndex, directory.key);
+    describe(newRoot);
 
-    if (!root)
-    {
-        // No root, make it.
-        root = std::make_shared<SLE>(directory);
-        root->setFieldH256(sfRootIndex, directory.key);
-        describe(root);
+    STVector256 v;
+    v.push_back(key);
+    newRoot->setFieldV256(sfIndexes, v);
 
-        STVector256 v;
-        v.push_back(key);
-        root->setFieldV256(sfIndexes, v);
+    view.insert(newRoot);
+    return std::uint64_t{0};
+}
 
-        insert(root);
-        return std::uint64_t{0};
-    }
+auto
+findPreviousPage(ApplyView& view, Keylet const& directory, SLE::ref start)
+{
+    std::uint64_t page = start->getFieldU64(sfIndexPrevious);
 
-    std::uint64_t page = root->getFieldU64(sfIndexPrevious);
-
-    auto node = root;
+    auto node = start;
 
     if (page)
     {
-        node = peek(keylet::page(directory, page));
+        node = view.peek(keylet::page(directory, page));
         if (!node)
+        {  // LCOV_EXCL_START
             LogicError("Directory chain: root back-pointer broken.");
+            // LCOV_EXCL_STOP
+        }
     }
 
     auto indexes = node->getFieldV256(sfIndexes);
+    return std::make_tuple(page, node, indexes);
+}
 
-    // If there's space, we use it:
-    if (indexes.size() < dirNodeMaxEntries)
+std::uint64_t
+insertKey(
+    ApplyView& view,
+    SLE::ref node,
+    std::uint64_t page,
+    bool preserveOrder,
+    STVector256& indexes,
+    uint256 const& key)
+{
+    if (preserveOrder)
     {
-        if (preserveOrder)
-        {
-            if (std::find(indexes.begin(), indexes.end(), key) != indexes.end())
-                LogicError("dirInsert: double insertion");
+        if (std::find(indexes.begin(), indexes.end(), key) != indexes.end())
+            LogicError("dirInsert: double insertion");  // LCOV_EXCL_LINE
 
-            indexes.push_back(key);
-        }
-        else
-        {
-            // We can't be sure if this page is already sorted because
-            // it may be a legacy page we haven't yet touched. Take
-            // the time to sort it.
-            std::sort(indexes.begin(), indexes.end());
+        indexes.push_back(key);
+    }
+    else
+    {
+        // We can't be sure if this page is already sorted because
+        // it may be a legacy page we haven't yet touched. Take
+        // the time to sort it.
+        std::sort(indexes.begin(), indexes.end());
 
-            auto pos = std::lower_bound(indexes.begin(), indexes.end(), key);
+        auto pos = std::lower_bound(indexes.begin(), indexes.end(), key);
 
-            if (pos != indexes.end() && key == *pos)
-                LogicError("dirInsert: double insertion");
+        if (pos != indexes.end() && key == *pos)
+            LogicError("dirInsert: double insertion");  // LCOV_EXCL_LINE
 
-            indexes.insert(pos, key);
-        }
-
-        node->setFieldV256(sfIndexes, indexes);
-        update(node);
-        return page;
+        indexes.insert(pos, key);
     }
 
+    node->setFieldV256(sfIndexes, indexes);
+    view.update(node);
+    return page;
+}
+
+std::optional<std::uint64_t>
+insertPage(
+    ApplyView& view,
+    std::uint64_t page,
+    SLE::pointer node,
+    std::uint64_t nextPage,
+    SLE::ref next,
+    uint256 const& key,
+    Keylet const& directory,
+    std::function<void(std::shared_ptr<SLE> const&)> const& describe)
+{
     // We rely on modulo arithmetic of unsigned integers (guaranteed in
     // [basic.fundamental] paragraph 2) to detect page representation overflow.
     // For signed integers this would be UB, hence static_assert here.
@@ -107,20 +129,20 @@ ApplyView::dirAdd(
     // Check whether we're out of pages.
     if (page == 0)
         return std::nullopt;
-    if (!rules().enabled(fixDirectoryLimit) &&
+    if (!view.rules().enabled(fixDirectoryLimit) &&
         page >= dirNodeMaxPages)  // Old pages limit
         return std::nullopt;
 
     // We are about to create a new node; we'll link it to
     // the chain first:
     node->setFieldU64(sfIndexNext, page);
-    update(node);
+    view.update(node);
 
-    root->setFieldU64(sfIndexPrevious, page);
-    update(root);
+    next->setFieldU64(sfIndexPrevious, page);
+    view.update(next);
 
     // Insert the new key:
-    indexes.clear();
+    STVector256 indexes;
     indexes.push_back(key);
 
     node = std::make_shared<SLE>(keylet::page(directory, page));
@@ -131,12 +153,52 @@ ApplyView::dirAdd(
     // it's the default.
     if (page != 1)
         node->setFieldU64(sfIndexPrevious, page - 1);
+    XRPL_ASSERT_PARTS(
+        !nextPage,
+        "ripple::directory::insertPage",
+        "nextPage has default value");
+    /* Reserved for future use when directory pages may be inserted in
+     * between two other pages instead of only at the end of the chain.
+    if (nextPage)
+        node->setFieldU64(sfIndexNext, nextPage);
+    */
     describe(node);
-    insert(node);
+    view.insert(node);
 
     return page;
 }
 
+}  // namespace directory
+
+std::optional<std::uint64_t>
+ApplyView::dirAdd(
+    bool preserveOrder,
+    Keylet const& directory,
+    uint256 const& key,
+    std::function<void(std::shared_ptr<SLE> const&)> const& describe)
+{
+    auto root = peek(directory);
+
+    if (!root)
+    {
+        // No root, make it.
+        return directory::createRoot(*this, directory, key, describe);
+    }
+
+    auto [page, node, indexes] =
+        directory::findPreviousPage(*this, directory, root);
+
+    // If there's space, we use it:
+    if (indexes.size() < dirNodeMaxEntries)
+    {
+        return directory::insertKey(
+            *this, node, page, preserveOrder, indexes, key);
+    }
+
+    return directory::insertPage(
+        *this, page, node, 0, root, key, directory, describe);
+}
+
 bool
 ApplyView::emptyDirDelete(Keylet const& directory)
 {
@@ -164,10 +226,10 @@ ApplyView::emptyDirDelete(Keylet const& directory)
     auto nextPage = node->getFieldU64(sfIndexNext);
 
     if (nextPage == rootPage && prevPage != rootPage)
-        LogicError("Directory chain: fwd link broken");
+        LogicError("Directory chain: fwd link broken");  // LCOV_EXCL_LINE
 
     if (prevPage == rootPage && nextPage != rootPage)
-        LogicError("Directory chain: rev link broken");
+        LogicError("Directory chain: rev link broken");  // LCOV_EXCL_LINE
 
     // Older versions of the code would, in some cases, allow the last
     // page to be empty. Remove such pages:
@@ -176,7 +238,10 @@ ApplyView::emptyDirDelete(Keylet const& directory)
         auto last = peek(keylet::page(directory, nextPage));
 
         if (!last)
+        {  // LCOV_EXCL_START
             LogicError("Directory chain: fwd link broken.");
+            // LCOV_EXCL_STOP
+        }
 
         if (!last->getFieldV256(sfIndexes).empty())
             return false;
@@ -248,10 +313,16 @@ ApplyView::dirRemove(
     if (page == rootPage)
     {
         if (nextPage == page && prevPage != page)
+        {  // LCOV_EXCL_START
             LogicError("Directory chain: fwd link broken");
+            // LCOV_EXCL_STOP
+        }
 
         if (prevPage == page && nextPage != page)
+        {  // LCOV_EXCL_START
             LogicError("Directory chain: rev link broken");
+            // LCOV_EXCL_STOP
+        }
 
         // Older versions of the code would, in some cases,
         // allow the last page to be empty. Remove such
@@ -260,7 +331,10 @@ ApplyView::dirRemove(
         {
             auto last = peek(keylet::page(directory, nextPage));
             if (!last)
+            {  // LCOV_EXCL_START
                 LogicError("Directory chain: fwd link broken.");
+                // LCOV_EXCL_STOP
+            }
 
             if (last->getFieldV256(sfIndexes).empty())
             {
@@ -292,10 +366,10 @@ ApplyView::dirRemove(
 
     // This can never happen for nodes other than the root:
     if (nextPage == page)
-        LogicError("Directory chain: fwd link broken");
+        LogicError("Directory chain: fwd link broken");  // LCOV_EXCL_LINE
 
     if (prevPage == page)
-        LogicError("Directory chain: rev link broken");
+        LogicError("Directory chain: rev link broken");  // LCOV_EXCL_LINE
 
     // This node isn't the root, so it can either be in the
     // middle of the list, or at the end. Unlink it first
@@ -303,14 +377,14 @@ ApplyView::dirRemove(
     // root:
     auto prev = peek(keylet::page(directory, prevPage));
     if (!prev)
-        LogicError("Directory chain: fwd link broken.");
+        LogicError("Directory chain: fwd link broken.");  // LCOV_EXCL_LINE
     // Fix previous to point to its new next.
     prev->setFieldU64(sfIndexNext, nextPage);
     update(prev);
 
     auto next = peek(keylet::page(directory, nextPage));
     if (!next)
-        LogicError("Directory chain: rev link broken.");
+        LogicError("Directory chain: rev link broken.");  // LCOV_EXCL_LINE
     // Fix next to point to its new previous.
     next->setFieldU64(sfIndexPrevious, prevPage);
     update(next);
@@ -334,7 +408,10 @@ ApplyView::dirRemove(
         // And the root points to the last page:
         auto root = peek(keylet::page(directory, rootPage));
         if (!root)
+        {  // LCOV_EXCL_START
             LogicError("Directory chain: root link broken.");
+            // LCOV_EXCL_STOP
+        }
         root->setFieldU64(sfIndexPrevious, prevPage);
         update(root);
 

src/libxrpl/net/HTTPClient.cpp

@@ -24,7 +24,6 @@
 #include <xrpl/net/HTTPClientSSLContext.h>
 
 #include <boost/asio.hpp>
-#include <boost/asio/ip/resolver_query_base.hpp>
 #include <boost/asio/ip/tcp.hpp>
 #include <boost/asio/ssl.hpp>
 #include <boost/regex.hpp>
@@ -56,16 +55,16 @@ class HTTPClientImp : public std::enable_shared_from_this<HTTPClientImp>,
 {
 public:
     HTTPClientImp(
-        boost::asio::io_context& io_context,
+        boost::asio::io_service& io_service,
         unsigned short const port,
         std::size_t maxResponseSize,
         beast::Journal& j)
-        : mSocket(io_context, httpClientSSLContext->context())
-        , mResolver(io_context)
+        : mSocket(io_service, httpClientSSLContext->context())
+        , mResolver(io_service)
         , mHeader(maxClientHeaderBytes)
         , mPort(port)
         , maxResponseSize_(maxResponseSize)
-        , mDeadline(io_context)
+        , mDeadline(io_service)
         , j_(j)
     {
     }
@@ -147,21 +146,18 @@ public:
     {
         JLOG(j_.trace()) << "Fetch: " << mDeqSites[0];
 
-        auto query = std::make_shared<Query>(
+        auto query = std::make_shared<boost::asio::ip::tcp::resolver::query>(
             mDeqSites[0],
             std::to_string(mPort),
             boost::asio::ip::resolver_query_base::numeric_service);
         mQuery = query;
 
-        try
-        {
-            mDeadline.expires_after(mTimeout);
-        }
-        catch (boost::system::system_error const& e)
-        {
-            mShutdown = e.code();
+        mDeadline.expires_from_now(mTimeout, mShutdown);
 
-            JLOG(j_.trace()) << "expires_after: " << mShutdown.message();
+        JLOG(j_.trace()) << "expires_from_now: " << mShutdown.message();
+
+        if (!mShutdown)
+        {
             mDeadline.async_wait(std::bind(
                 &HTTPClientImp::handleDeadline,
                 shared_from_this(),
@@ -173,9 +169,7 @@ public:
             JLOG(j_.trace()) << "Resolving: " << mDeqSites[0];
 
             mResolver.async_resolve(
-                mQuery->host,
-                mQuery->port,
-                mQuery->flags,
+                *mQuery,
                 std::bind(
                     &HTTPClientImp::handleResolve,
                     shared_from_this(),
@@ -239,7 +233,7 @@ public:
     void
     handleResolve(
         boost::system::error_code const& ecResult,
-        boost::asio::ip::tcp::resolver::results_type result)
+        boost::asio::ip::tcp::resolver::iterator itrEndpoint)
     {
         if (!mShutdown)
         {
@@ -261,7 +255,7 @@ public:
 
             boost::asio::async_connect(
                 mSocket.lowest_layer(),
-                result,
+                itrEndpoint,
                 std::bind(
                     &HTTPClientImp::handleConnect,
                     shared_from_this(),
@@ -481,15 +475,13 @@ public:
         std::string const& strData = "")
     {
         boost::system::error_code ecCancel;
-        try
+
+        (void)mDeadline.cancel(ecCancel);
+
+        if (ecCancel)
         {
-            mDeadline.cancel();
-        }
-        catch (boost::system::system_error const& e)
-        {
-            JLOG(j_.trace())
-                << "invokeComplete: Deadline cancel error: " << e.what();
-            ecCancel = e.code();
+            JLOG(j_.trace()) << "invokeComplete: Deadline cancel error: "
+                             << ecCancel.message();
         }
 
         JLOG(j_.debug()) << "invokeComplete: Deadline popping: "
@@ -523,15 +515,7 @@ private:
     bool mSSL;
     AutoSocket mSocket;
     boost::asio::ip::tcp::resolver mResolver;
-
-    struct Query
-    {
-        std::string host;
-        std::string port;
-        boost::asio::ip::resolver_query_base::flags flags;
-    };
-    std::shared_ptr<Query> mQuery;
-
+    std::shared_ptr<boost::asio::ip::tcp::resolver::query> mQuery;
     boost::asio::streambuf mRequest;
     boost::asio::streambuf mHeader;
     boost::asio::streambuf mResponse;
@@ -562,7 +546,7 @@ private:
 void
 HTTPClient::get(
     bool bSSL,
-    boost::asio::io_context& io_context,
+    boost::asio::io_service& io_service,
     std::deque<std::string> deqSites,
     unsigned short const port,
     std::string const& strPath,
@@ -575,14 +559,14 @@ HTTPClient::get(
     beast::Journal& j)
 {
     auto client =
-        std::make_shared<HTTPClientImp>(io_context, port, responseMax, j);
+        std::make_shared<HTTPClientImp>(io_service, port, responseMax, j);
     client->get(bSSL, deqSites, strPath, timeout, complete);
 }
 
 void
 HTTPClient::get(
     bool bSSL,
-    boost::asio::io_context& io_context,
+    boost::asio::io_service& io_service,
     std::string strSite,
     unsigned short const port,
     std::string const& strPath,
@@ -597,14 +581,14 @@ HTTPClient::get(
     std::deque<std::string> deqSites(1, strSite);
 
     auto client =
-        std::make_shared<HTTPClientImp>(io_context, port, responseMax, j);
+        std::make_shared<HTTPClientImp>(io_service, port, responseMax, j);
     client->get(bSSL, deqSites, strPath, timeout, complete);
 }
 
 void
 HTTPClient::request(
     bool bSSL,
-    boost::asio::io_context& io_context,
+    boost::asio::io_service& io_service,
     std::string strSite,
     unsigned short const port,
     std::function<void(boost::asio::streambuf& sb, std::string const& strHost)>
@@ -620,7 +604,7 @@ HTTPClient::request(
     std::deque<std::string> deqSites(1, strSite);
 
     auto client =
-        std::make_shared<HTTPClientImp>(io_context, port, responseMax, j);
+        std::make_shared<HTTPClientImp>(io_service, port, responseMax, j);
     client->request(bSSL, deqSites, setRequest, timeout, complete);
 }
 

src/libxrpl/protocol/BuildInfo.cpp

@@ -36,7 +36,7 @@ namespace BuildInfo {
 //  and follow the format described at http://semver.org/
 //------------------------------------------------------------------------------
 // clang-format off
-char const* const versionString = "3.0.0-b1"
+char const* const versionString = "3.1.0-b1"
 // clang-format on
 
 #if defined(DEBUG) || defined(SANITIZER)

src/libxrpl/protocol/ConfidentialTransfer.cpp

@@ -1,607 +0,0 @@
-//------------------------------------------------------------------------------
-/*
-    This file is part of rippled: https://github.com/ripple/rippled
-    Copyright (c) 2025 Ripple Labs Inc.
-
-    Permission to use, copy, modify, and/or distribute this software for any
-    purpose  with  or without fee is hereby granted, provided that the above
-    copyright notice and this permission notice appear in all copies.
-
-    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
-    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
-    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-*/
-//==============================================================================
-
-#include <xrpl/protocol/ConfidentialTransfer.h>
-#include <xrpl/protocol/Protocol.h>
-#include <xrpl/protocol/TER.h>
-
-#include <openssl/rand.h>
-#include <openssl/sha.h>
-
-namespace ripple {
-int
-secp256k1_elgamal_generate_keypair(
-    secp256k1_context const* ctx,
-    unsigned char* privkey,
-    secp256k1_pubkey* pubkey)
-{
-    // 1. Generate 32 random bytes for the private key
-    do
-    {
-        if (RAND_bytes(privkey, 32) != 1)
-        {
-            return 0;  // Failure
-        }
-        // 2. Verify the random data is a valid private key.
-    } while (secp256k1_ec_seckey_verify(ctx, privkey) != 1);
-
-    // 3. Create the corresponding public key.
-    if (secp256k1_ec_pubkey_create(ctx, pubkey, privkey) != 1)
-    {
-        return 0;  // Failure
-    }
-
-    return 1;  // Success
-}
-
-// ... implementation of secp256k1_elgamal_encrypt ...
-
-int
-secp256k1_elgamal_encrypt(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* c1,
-    secp256k1_pubkey* c2,
-    secp256k1_pubkey const* pubkey_Q,
-    uint64_t amount,
-    unsigned char const* blinding_factor)
-{
-    secp256k1_pubkey S;
-
-    // First, calculate C1 = k * G
-    if (secp256k1_ec_pubkey_create(ctx, c1, blinding_factor) != 1)
-    {
-        return 0;
-    }
-
-    // Next, calculate the shared secret S = k * Q
-    S = *pubkey_Q;
-    if (secp256k1_ec_pubkey_tweak_mul(ctx, &S, blinding_factor) != 1)
-    {
-        return 0;
-    }
-
-    // --- Handle the amount ---
-    if (amount == 0)
-    {
-        // For amount = 0, C2 = S.
-        *c2 = S;
-    }
-    else
-    {
-        // For non-zero amounts, proceed as before.
-        unsigned char amount_scalar[32] = {0};
-        secp256k1_pubkey M;
-        secp256k1_pubkey const* points_to_add[2];
-
-        // Convert amount to a 32-byte BIG-ENDIAN scalar.
-        for (int i = 0; i < 8; ++i)
-        {
-            amount_scalar[31 - i] = (amount >> (i * 8)) & 0xFF;
-        }
-
-        // Calculate M = amount * G
-        if (secp256k1_ec_pubkey_create(ctx, &M, amount_scalar) != 1)
-        {
-            return 0;
-        }
-
-        // Calculate C2 = M + S
-        points_to_add[0] = &M;
-        points_to_add[1] = &S;
-        if (secp256k1_ec_pubkey_combine(ctx, c2, points_to_add, 2) != 1)
-        {
-            return 0;
-        }
-    }
-
-    return 1;  // Success
-}
-
-// ... implementation of secp256k1_elgamal_decrypt ...
-int
-secp256k1_elgamal_decrypt(
-    secp256k1_context const* ctx,
-    uint64_t* amount,
-    secp256k1_pubkey const* c1,
-    secp256k1_pubkey const* c2,
-    unsigned char const* privkey)
-{
-    secp256k1_pubkey S, M, G_point, current_M, next_M;
-    secp256k1_pubkey const* points_to_add[2];
-    unsigned char c2_bytes[33], s_bytes[33], m_bytes[33], current_m_bytes[33];
-    size_t len;
-    uint64_t i;
-
-    /* Create the scalar '1' in big-endian format */
-    unsigned char one_scalar[32] = {0};
-    one_scalar[31] = 1;
-
-    /* --- Executable Code --- */
-
-    // 1. Calculate S = privkey * C1
-    S = *c1;
-    if (secp256k1_ec_pubkey_tweak_mul(ctx, &S, privkey) != 1)
-    {
-        return 0;
-    }
-
-    // 2. Check for amount = 0 by comparing serialized points
-    len = sizeof(c2_bytes);
-    if (secp256k1_ec_pubkey_serialize(
-            ctx, c2_bytes, &len, c2, SECP256K1_EC_COMPRESSED) != 1)
-        return 0;
-    len = sizeof(s_bytes);
-    if (secp256k1_ec_pubkey_serialize(
-            ctx, s_bytes, &len, &S, SECP256K1_EC_COMPRESSED) != 1)
-        return 0;
-    if (memcmp(c2_bytes, s_bytes, sizeof(c2_bytes)) == 0)
-    {
-        *amount = 0;
-        return 1;
-    }
-
-    // 3. Recover M = C2 - S
-    if (secp256k1_ec_pubkey_negate(ctx, &S) != 1)
-        return 0;
-    points_to_add[0] = c2;
-    points_to_add[1] = &S;
-    if (secp256k1_ec_pubkey_combine(ctx, &M, points_to_add, 2) != 1)
-    {
-        return 0;
-    }
-
-    // 4. Serialize M once for comparison in the loop
-    len = sizeof(m_bytes);
-    if (secp256k1_ec_pubkey_serialize(
-            ctx, m_bytes, &len, &M, SECP256K1_EC_COMPRESSED) != 1)
-        return 0;
-
-    // 5. Brute-force search loop
-    if (secp256k1_ec_pubkey_create(ctx, &G_point, one_scalar) != 1)
-        return 0;
-    current_M = G_point;
-
-    for (i = 1; i <= 1000000; ++i)
-    {
-        len = sizeof(current_m_bytes);
-        if (secp256k1_ec_pubkey_serialize(
-                ctx,
-                current_m_bytes,
-                &len,
-                &current_M,
-                SECP256K1_EC_COMPRESSED) != 1)
-            return 0;
-        if (memcmp(m_bytes, current_m_bytes, sizeof(m_bytes)) == 0)
-        {
-            *amount = i;
-            return 1;
-        }
-
-        points_to_add[0] = &current_M;
-        points_to_add[1] = &G_point;
-        if (secp256k1_ec_pubkey_combine(ctx, &next_M, points_to_add, 2) != 1)
-            return 0;
-        current_M = next_M;
-    }
-
-    return 0;  // Not found
-}
-
-int
-secp256k1_elgamal_add(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* sum_c1,
-    secp256k1_pubkey* sum_c2,
-    secp256k1_pubkey const* a_c1,
-    secp256k1_pubkey const* a_c2,
-    secp256k1_pubkey const* b_c1,
-    secp256k1_pubkey const* b_c2)
-{
-    secp256k1_pubkey const* c1_points[2] = {a_c1, b_c1};
-    if (secp256k1_ec_pubkey_combine(ctx, sum_c1, c1_points, 2) != 1)
-    {
-        return 0;
-    }
-
-    secp256k1_pubkey const* c2_points[2] = {a_c2, b_c2};
-    if (secp256k1_ec_pubkey_combine(ctx, sum_c2, c2_points, 2) != 1)
-    {
-        return 0;
-    }
-    return 1;
-}
-
-int
-secp256k1_elgamal_subtract(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* diff_c1,
-    secp256k1_pubkey* diff_c2,
-    secp256k1_pubkey const* a_c1,
-    secp256k1_pubkey const* a_c2,
-    secp256k1_pubkey const* b_c1,
-    secp256k1_pubkey const* b_c2)
-{
-    // To subtract, we add the negation: (A - B) is (A + (-B))
-    // Make a local, modifiable copy of B's points.
-    secp256k1_pubkey neg_b_c1 = *b_c1;
-    secp256k1_pubkey neg_b_c2 = *b_c2;
-
-    // Negate the copies
-    if (secp256k1_ec_pubkey_negate(ctx, &neg_b_c1) != 1 ||
-        secp256k1_ec_pubkey_negate(ctx, &neg_b_c2) != 1)
-    {
-        return 0;  // Negation failed
-    }
-
-    // Now, add A and the negated copies of B
-    secp256k1_pubkey const* c1_points[2] = {a_c1, &neg_b_c1};
-    if (secp256k1_ec_pubkey_combine(ctx, diff_c1, c1_points, 2) != 1)
-    {
-        return 0;
-    }
-
-    secp256k1_pubkey const* c2_points[2] = {a_c2, &neg_b_c2};
-    if (secp256k1_ec_pubkey_combine(ctx, diff_c2, c2_points, 2) != 1)
-    {
-        return 0;
-    }
-
-    return 1;  // Success
-}
-
-// Helper function to concatenate data for hashing
-static void
-build_hash_input(
-    unsigned char* output_buffer,
-    size_t buffer_size,
-    unsigned char const* account_id,      // 20 bytes
-    unsigned char const* mpt_issuance_id  // 24 bytes
-)
-{
-    char const* domain_separator = "EncZero";
-    size_t domain_len = strlen(domain_separator);
-    size_t offset = 0;
-
-    // Ensure buffer is large enough (should be checked by caller if necessary)
-    // Size = strlen("EncZero") + 20 + 24 = 7 + 20 + 24 = 51 bytes
-
-    memcpy(output_buffer + offset, domain_separator, domain_len);
-    offset += domain_len;
-
-    memcpy(output_buffer + offset, account_id, 20);
-    offset += 20;
-
-    memcpy(output_buffer + offset, mpt_issuance_id, 24);
-    // offset += 24; // Final size is offset + 24
-}
-
-// The canonical encrypted zero
-
-int
-generate_canonical_encrypted_zero(
-    secp256k1_context const* ctx,
-    secp256k1_pubkey* enc_zero_c1,
-    secp256k1_pubkey* enc_zero_c2,
-    secp256k1_pubkey const* pubkey,
-    unsigned char const* account_id,      // 20 bytes
-    unsigned char const* mpt_issuance_id  // 24 bytes
-)
-{
-    unsigned char deterministic_scalar[32];
-    unsigned char hash_input[51];  // Size calculated above
-
-    /* 1. Create the input buffer for hashing */
-    build_hash_input(
-        hash_input, sizeof(hash_input), account_id, mpt_issuance_id);
-
-    /* 2. Hash the buffer to create the deterministic scalar 'r' */
-    do
-    {
-        // Hash the concatenated bytes
-        SHA256(hash_input, sizeof(hash_input), deterministic_scalar);
-
-        /* Note: If the hash output could be invalid (0 or >= n),
-         * you might need to add a nonce/counter to hash_input
-         * and re-hash in a loop until a valid scalar is produced. */
-    } while (secp256k1_ec_seckey_verify(ctx, deterministic_scalar) != 1);
-
-    /* 3. Encrypt the amount 0 using the deterministic scalar */
-    return secp256k1_elgamal_encrypt(
-        ctx,
-        enc_zero_c1,
-        enc_zero_c2,
-        pubkey,
-        0, /* The amount is zero */
-        deterministic_scalar);
-}
-
-bool
-makeEcPair(Slice const& buffer, secp256k1_pubkey& out1, secp256k1_pubkey& out2)
-{
-    auto parsePubKey = [](Slice const& slice, secp256k1_pubkey& out) {
-        return secp256k1_ec_pubkey_parse(
-            secp256k1Context(),
-            &out,
-            reinterpret_cast<unsigned char const*>(slice.data()),
-            slice.length());
-    };
-
-    Slice s1{buffer.data(), ecGamalEncryptedLength};
-    Slice s2{buffer.data() + ecGamalEncryptedLength, ecGamalEncryptedLength};
-
-    int const ret1 = parsePubKey(s1, out1);
-    int const ret2 = parsePubKey(s2, out2);
-
-    return ret1 == 1 && ret2 == 1;
-}
-
-bool
-serializeEcPair(
-    secp256k1_pubkey const& in1,
-    secp256k1_pubkey const& in2,
-    Buffer& buffer)
-{
-    auto serializePubKey = [](secp256k1_pubkey const& pub, unsigned char* out) {
-        size_t outLen = ecGamalEncryptedLength;  // 33 bytes
-        int const ret = secp256k1_ec_pubkey_serialize(
-            secp256k1Context(), out, &outLen, &pub, SECP256K1_EC_COMPRESSED);
-        return ret == 1 && outLen == ecGamalEncryptedLength;
-    };
-
-    unsigned char* ptr = buffer.data();
-    bool const res1 = serializePubKey(in1, ptr);
-    bool const res2 = serializePubKey(in2, ptr + ecGamalEncryptedLength);
-
-    return res1 && res2;
-}
-
-bool
-isValidCiphertext(Slice const& buffer)
-{
-    // Local/temporary variables to pass to makeEcPair.
-    // Their contents will be discarded when the function returns.
-    secp256k1_pubkey key1;
-    secp256k1_pubkey key2;
-
-    // Call makeEcPair and return its result.
-    return makeEcPair(buffer, key1, key2);
-}
-
-TER
-homomorphicAdd(Slice const& a, Slice const& b, Buffer& out)
-{
-    if (a.length() != ecGamalEncryptedTotalLength ||
-        b.length() != ecGamalEncryptedTotalLength)
-        return tecINTERNAL;
-
-    secp256k1_pubkey aC1;
-    secp256k1_pubkey aC2;
-    secp256k1_pubkey bC1;
-    secp256k1_pubkey bC2;
-
-    if (!makeEcPair(a, aC1, aC2) || !makeEcPair(b, bC1, bC2))
-        return tecINTERNAL;
-
-    secp256k1_pubkey sumC1;
-    secp256k1_pubkey sumC2;
-
-    if (secp256k1_elgamal_add(
-            secp256k1Context(), &sumC1, &sumC2, &aC1, &aC2, &bC1, &bC2) != 1)
-        return tecINTERNAL;
-
-    if (!serializeEcPair(sumC1, sumC2, out))
-        return tecINTERNAL;
-
-    return tesSUCCESS;
-}
-
-TER
-homomorphicSubtract(Slice const& a, Slice const& b, Buffer& out)
-{
-    if (a.length() != ecGamalEncryptedTotalLength ||
-        b.length() != ecGamalEncryptedTotalLength)
-        return tecINTERNAL;
-
-    secp256k1_pubkey aC1;
-    secp256k1_pubkey aC2;
-    secp256k1_pubkey bC1;
-    secp256k1_pubkey bC2;
-
-    if (!makeEcPair(a, aC1, aC2) || !makeEcPair(b, bC1, bC2))
-        return tecINTERNAL;
-
-    secp256k1_pubkey diffC1;
-    secp256k1_pubkey diffC2;
-
-    if (secp256k1_elgamal_subtract(
-            secp256k1Context(), &diffC1, &diffC2, &aC1, &aC2, &bC1, &bC2) != 1)
-        return tecINTERNAL;
-
-    if (!serializeEcPair(diffC1, diffC2, out))
-        return tecINTERNAL;
-
-    return tesSUCCESS;
-}
-
-TER
-proveEquality(
-    Slice const& proof,
-    Slice const& encAmt,  // encrypted amount
-    Slice const& pubkey,
-    uint64_t const amount,
-    uint256 const& txHash,  // Transaction context data
-    std::uint32_t const spendVersion)
-{
-    if (proof.length() != ecEqualityProofLength)
-        return tecINTERNAL;
-
-    secp256k1_pubkey c1;
-    secp256k1_pubkey c2;
-
-    if (!makeEcPair(encAmt, c1, c2))
-        return tecINTERNAL;
-
-    // todo: might need to change how its hashed
-    Serializer s;
-    s.addRaw(txHash.data(), txHash.bytes);
-    s.add32(spendVersion);
-    // auto const txContextId = s.getSHA512Half();
-
-    // todo: support equality
-    // if (secp256k1_equality_verify(
-    //         secp256k1Context(),
-    //         reinterpret_cast<unsigned char const*>(proof.data()),
-    //         proof.length(),  // Length of the proof byte array (98 bytes)
-    //         &c1,
-    //         &c2,
-    //         reinterpret_cast<unsigned char const*>(pubkey.data()),
-    //         amount,
-    //         txContextId.data(),  // Transaction context data
-    //         txContextId.bytes    // Length of context data
-    //         ) != 1)
-    //     return tecBAD_PROOF;
-
-    return tesSUCCESS;
-}
-
-Buffer
-encryptAmount(uint64_t amt, Slice const& pubKeySlice)
-{
-    Buffer buf(ecGamalEncryptedTotalLength);
-
-    // Allocate ciphertext placeholders
-    secp256k1_pubkey c1, c2;
-
-    // todo: might need to be updated using another RNG
-    // Prepare a random blinding factor
-    unsigned char blindingFactor[32];
-    if (RAND_bytes(blindingFactor, 32) != 1)
-        Throw<std::runtime_error>("Failed to generate random number");
-
-    secp256k1_pubkey pubKey;
-
-    std::memcpy(pubKey.data, pubKeySlice.data(), ecPubKeyLength);
-
-    // Encrypt the amount
-    if (!secp256k1_elgamal_encrypt(
-            secp256k1Context(), &c1, &c2, &pubKey, amt, blindingFactor))
-        Throw<std::runtime_error>("Failed to encrypt amount");
-
-    // Serialize the ciphertext pair into the buffer
-    if (!serializeEcPair(c1, c2, buf))
-        Throw<std::runtime_error>(
-            "Failed to serialize into 66 byte compressed format");
-
-    return buf;
-}
-
-Buffer
-encryptCanonicalZeroAmount(
-    Slice const& pubKeySlice,
-    AccountID const& account,
-    MPTID const& mptId)
-{
-    Buffer buf(ecGamalEncryptedTotalLength);
-
-    // Allocate ciphertext placeholders
-    secp256k1_pubkey c1, c2;
-    secp256k1_pubkey pubKey;
-
-    std::memcpy(pubKey.data, pubKeySlice.data(), ecPubKeyLength);
-
-    // Encrypt the amount
-    if (!generate_canonical_encrypted_zero(
-            secp256k1Context(),
-            &c1,
-            &c2,
-            &pubKey,
-            account.data(),
-            mptId.data()))
-        Throw<std::runtime_error>("Failed to encrypt amount");
-
-    // Serialize the ciphertext pair into the buffer
-    if (!serializeEcPair(c1, c2, buf))
-        Throw<std::runtime_error>(
-            "Failed to serialize into 66 byte compressed format");
-
-    return buf;
-}
-
-TER
-verifyConfidentialSendProof(
-    Slice const& proof,
-    Slice const& encSenderBalance,
-    Slice const& encSenderAmt,
-    Slice const& encDestAmt,
-    Slice const& encIssuerAmt,
-    Slice const& senderPubKey,
-    Slice const& destPubKey,
-    Slice const& issuerPubKey,
-    std::uint32_t const version,
-    uint256 const& txHash)
-{
-    // if (proof.length() != ecConfidentialSendProofLength)
-    //     return tecINTERNAL;
-
-    secp256k1_pubkey balC1, balC2;
-    if (!makeEcPair(encSenderBalance, balC1, balC2))
-        return tecINTERNAL;
-
-    secp256k1_pubkey senderC1, senderC2;
-    if (!makeEcPair(encSenderAmt, senderC1, senderC2))
-        return tecINTERNAL;
-
-    secp256k1_pubkey destC1, destC2;
-    if (!makeEcPair(encDestAmt, destC1, destC2))
-        return tecINTERNAL;
-
-    secp256k1_pubkey issuerC1, issuerC2;
-    if (!makeEcPair(encIssuerAmt, issuerC1, issuerC2))
-        return tecINTERNAL;
-
-    Serializer s;
-    s.addRaw(txHash.data(), txHash.bytes);
-    s.add32(version);
-    // auto const txContextId = s.getSHA512Half();
-
-    // todo: equality and range proof verification
-    // if (secp256k1_equal_range_verify(
-    //         secp256k1Context(),
-    //         reinterpret_cast<unsigned char const*>(proof.data()),
-    //         proof.length(),
-    //         txContextId.data(),
-    //         &balC1,
-    //         &balC2,
-    //         &senderC1,
-    //         &senderC2,
-    //         reinterpret_cast<unsigned char const*>(senderPubKey.data()),
-    //         &destC1,
-    //         &destC2,
-    //         reinterpret_cast<unsigned char const*>(destPubKey.data()),
-    //         &issuerC1,
-    //         &issuerC2,
-    //         reinterpret_cast<unsigned char const*>(issuerPubKey.data()),
-    //         txContextId.data(),
-    //         txContextId.bytes) != 1)
-    //     return tecBAD_PROOF;
-
-    return tesSUCCESS;
-}
-
-}  // namespace ripple

src/libxrpl/protocol/Indexes.cpp

@@ -96,6 +96,8 @@ enum class LedgerNameSpace : std::uint16_t {
     PERMISSIONED_DOMAIN = 'm',
     DELEGATE = 'E',
     VAULT = 'V',
+    LOAN_BROKER = 'l',  // lower-case L
+    LOAN = 'L',
 
     // No longer used or supported. Left here to reserve the space
     // to avoid accidental reuse.
@@ -566,6 +568,18 @@ vault(AccountID const& owner, std::uint32_t seq) noexcept
     return vault(indexHash(LedgerNameSpace::VAULT, owner, seq));
 }
 
+Keylet
+loanbroker(AccountID const& owner, std::uint32_t seq) noexcept
+{
+    return loanbroker(indexHash(LedgerNameSpace::LOAN_BROKER, owner, seq));
+}
+
+Keylet
+loan(uint256 const& loanBrokerID, std::uint32_t loanSeq) noexcept
+{
+    return loan(indexHash(LedgerNameSpace::LOAN, loanBrokerID, loanSeq));
+}
+
 Keylet
 permissionedDomain(AccountID const& account, std::uint32_t seq) noexcept
 {

src/libxrpl/protocol/InnerObjectFormats.cpp

@@ -172,6 +172,14 @@ InnerObjectFormats::InnerObjectFormats()
             {sfBookDirectory, soeREQUIRED},
             {sfBookNode, soeREQUIRED},
         });
+
+    add(sfCounterpartySignature.jsonName,
+        sfCounterpartySignature.getCode(),
+        {
+            {sfSigningPubKey, soeOPTIONAL},
+            {sfTxnSignature, soeOPTIONAL},
+            {sfSigners, soeOPTIONAL},
+        });
 }
 
 InnerObjectFormats const&

src/libxrpl/protocol/Permissions.cpp

@@ -174,22 +174,21 @@ Permission::isDelegatable(
     auto const txType = permissionToTxType(permissionValue);
     auto const it = delegatableTx_.find(txType);
 
-    if (it == delegatableTx_.end())
-        return false;
+    if (rules.enabled(fixDelegateV1_1))
+    {
+        if (it == delegatableTx_.end())
+            return false;
 
-    auto const txFeaturesIt = txFeatureMap_.find(txType);
-    XRPL_ASSERT(
-        txFeaturesIt != txFeatureMap_.end(),
-        "ripple::Permissions::isDelegatable : tx exists in txFeatureMap_");
+        auto const feature = getTxFeature(txType);
 
-    // Delegation is only allowed if the required amendment for the transaction
-    // is enabled. For transactions that do not require an amendment, delegation
-    // is always allowed.
-    if (txFeaturesIt->second != uint256{} &&
-        !rules.enabled(txFeaturesIt->second))
-        return false;
+        // fixDelegateV1_1: Delegation is only allowed if the required amendment
+        // for the transaction is enabled. For transactions that do not require
+        // an amendment, delegation is always allowed.
+        if (feature && !rules.enabled(*feature))
+            return false;
+    }
 
-    if (it->second == Delegation::notDelegatable)
+    if (it != delegatableTx_.end() && it->second == Delegation::notDelegatable)
         return false;
 
     return true;

src/libxrpl/protocol/Rules.cpp

@@ -131,6 +131,17 @@ Rules::enabled(uint256 const& feature) const
 {
     XRPL_ASSERT(impl_, "ripple::Rules::enabled : initialized");
 
+    // The functionality of the "NonFungibleTokensV1_1" amendment is
+    // precisely the functionality of the following three amendments
+    // so if their status is ever queried individually, we inject an
+    // extra check here to simplify the checking elsewhere.
+    if (feature == featureNonFungibleTokensV1 ||
+        feature == fixNFTokenNegOffer || feature == fixNFTokenDirV1)
+    {
+        if (impl_->enabled(featureNonFungibleTokensV1_1))
+            return true;
+    }
+
     return impl_->enabled(feature);
 }
 

src/libxrpl/protocol/STAmount.cpp

@@ -68,6 +68,29 @@
 
 namespace ripple {
 
+namespace {
+
+// Use a static inside a function to help prevent order-of-initialzation issues
+LocalValue<bool>&
+getStaticSTAmountCanonicalizeSwitchover()
+{
+    static LocalValue<bool> r{true};
+    return r;
+}
+}  // namespace
+
+bool
+getSTAmountCanonicalizeSwitchover()
+{
+    return *getStaticSTAmountCanonicalizeSwitchover();
+}
+
+void
+setSTAmountCanonicalizeSwitchover(bool v)
+{
+    *getStaticSTAmountCanonicalizeSwitchover() = v;
+}
+
 static std::uint64_t const tenTo14 = 100000000000000ull;
 static std::uint64_t const tenTo14m1 = tenTo14 - 1;
 static std::uint64_t const tenTo17 = tenTo14 * 1000;
@@ -298,7 +321,7 @@ STAmount::xrp() const
 IOUAmount
 STAmount::iou() const
 {
-    if (native() || !holds<Issue>())
+    if (integral())
         Throw<std::logic_error>("Cannot return non-IOU STAmount as IOUAmount");
 
     auto mantissa = static_cast<std::int64_t>(mValue);
@@ -849,7 +872,7 @@ STAmount::isDefault() const
 void
 STAmount::canonicalize()
 {
-    if (native() || mAsset.holds<MPTIssue>())
+    if (integral())
     {
         // native and MPT currency amounts should always have an offset of zero
         // log(2^64,10) ~ 19.2
@@ -861,14 +884,18 @@ STAmount::canonicalize()
             return;
         }
 
-        // log(cMaxNativeN, 10) == 17
-        if (native() && mOffset > 17)
-            Throw<std::runtime_error>("Native currency amount out of range");
-        // log(maxMPTokenAmount, 10) ~ 18.96
-        if (mAsset.holds<MPTIssue>() && mOffset > 18)
-            Throw<std::runtime_error>("MPT amount out of range");
+        if (getSTAmountCanonicalizeSwitchover())
+        {
+            // log(cMaxNativeN, 10) == 17
+            if (native() && mOffset > 17)
+                Throw<std::runtime_error>(
+                    "Native currency amount out of range");
+            // log(maxMPTokenAmount, 10) ~ 18.96
+            if (mAsset.holds<MPTIssue>() && mOffset > 18)
+                Throw<std::runtime_error>("MPT amount out of range");
+        }
 
-        if (getSTNumberSwitchover())
+        if (getSTNumberSwitchover() && getSTAmountCanonicalizeSwitchover())
         {
             Number num(
                 mIsNegative ? -mValue : mValue, mOffset, Number::unchecked{});
@@ -878,8 +905,10 @@ STAmount::canonicalize()
             };
             if (native())
                 set(XRPAmount{num});
-            else
+            else if (mAsset.holds<MPTIssue>())
                 set(MPTAmount{num});
+            else
+                Throw<std::runtime_error>("Unknown integral asset type");
             mOffset = 0;
         }
         else
@@ -892,14 +921,16 @@ STAmount::canonicalize()
 
             while (mOffset > 0)
             {
-                // N.B. do not move the overflow check to after the
-                // multiplication
-                if (native() && mValue > cMaxNativeN)
-                    Throw<std::runtime_error>(
-                        "Native currency amount out of range");
-                else if (!native() && mValue > maxMPTokenAmount)
-                    Throw<std::runtime_error>("MPT amount out of range");
-
+                if (getSTAmountCanonicalizeSwitchover())
+                {
+                    // N.B. do not move the overflow check to after the
+                    // multiplication
+                    if (native() && mValue > cMaxNativeN)
+                        Throw<std::runtime_error>(
+                            "Native currency amount out of range");
+                    else if (!native() && mValue > maxMPTokenAmount)
+                        Throw<std::runtime_error>("MPT amount out of range");
+                }
                 mValue *= 10;
                 --mOffset;
             }
@@ -1106,7 +1137,7 @@ amountFromJson(SField const& name, Json::Value const& v)
         }
         else
         {
-            parts.mantissa = -value.asInt();
+            parts.mantissa = value.asAbsUInt();
             parts.negative = true;
         }
     }
@@ -1480,6 +1511,33 @@ canonicalizeRoundStrict(
     }
 }
 
+STAmount
+roundToScale(
+    STAmount const& value,
+    std::int32_t scale,
+    Number::rounding_mode rounding)
+{
+    // Nothing to do for integral types.
+    if (value.integral())
+        return value;
+
+    // If the value's exponent is greater than or equal to the scale, then
+    // rounding will do nothing, and might even lose precision, so just return
+    // the value.
+    if (value.exponent() >= scale)
+        return value;
+
+    STAmount const referenceValue{
+        value.asset(), STAmount::cMinValue, scale, value.negative()};
+
+    NumberRoundModeGuard mg(rounding);
+    // With an IOU, the the result of addition will be truncated to the
+    // precision of the larger value, which in this case is referenceValue. Then
+    // remove the reference value via subtraction, and we're left with the
+    // rounded value.
+    return (value + referenceValue) - referenceValue;
+}
+
 namespace {
 
 // We need a class that has an interface similar to NumberRoundModeGuard

src/libxrpl/protocol/STNumber.cpp

@@ -188,7 +188,7 @@ numberFromJson(SField const& field, Json::Value const& value)
         }
         else
         {
-            parts.mantissa = -value.asInt();
+            parts.mantissa = value.asAbsUInt();
             parts.negative = true;
         }
     }

src/libxrpl/protocol/STTx.cpp

@@ -286,7 +286,6 @@ STTx::checkSign(
     if (auto const ret = checkSign(requireCanonicalSig, rules, *this); !ret)
         return ret;
 
-    /* Placeholder for field that will be added by Lending Protocol
     if (isFieldPresent(sfCounterpartySignature))
     {
         auto const counterSig = getFieldObject(sfCounterpartySignature);
@@ -294,7 +293,6 @@ STTx::checkSign(
             !ret)
             return Unexpected("Counterparty: " + ret.error());
     }
-    */
     return {};
 }