Merge branch 'pratik/Fix_asan_lsan_flagged_issues' into ximinez/number_asan

Signed-off-by: Pratik Mankawde <3397372+pratikmankawde@users.noreply.github.com>

.clang-tidy

@@ -1,144 +1,105 @@
 ---
 Checks: "-*,
-  bugprone-argument-comment,
-  bugprone-assert-side-effect,
-  bugprone-bad-signal-to-kill-thread,
-  bugprone-bool-pointer-implicit-conversion,
-  bugprone-casting-through-void,
-  bugprone-chained-comparison,
-  bugprone-compare-pointer-to-member-virtual-function,
-  bugprone-copy-constructor-init,
-  bugprone-dangling-handle,
-  bugprone-dynamic-static-initializers,
-  bugprone-empty-catch,
-  bugprone-fold-init-type,
-  bugprone-forward-declaration-namespace,
-  bugprone-inaccurate-erase,
-  bugprone-incorrect-enable-if,
-  bugprone-incorrect-roundings,
-  bugprone-infinite-loop,
-  bugprone-integer-division,
-  bugprone-lambda-function-name,
-  bugprone-macro-parentheses,
-  bugprone-macro-repeated-side-effects,
-  bugprone-misplaced-operator-in-strlen-in-alloc,
-  bugprone-misplaced-pointer-arithmetic-in-alloc,
-  bugprone-misplaced-widening-cast,
-  bugprone-move-forwarding-reference,
-  bugprone-multi-level-implicit-pointer-conversion,
-  bugprone-multiple-new-in-one-expression,
-  bugprone-multiple-statement-macro,
-  bugprone-no-escape,
-  bugprone-non-zero-enum-to-bool-conversion,
-  bugprone-parent-virtual-call,
-  bugprone-posix-return,
-  bugprone-redundant-branch-condition,
-  bugprone-return-const-ref-from-parameter,
-  bugprone-shared-ptr-array-mismatch,
-  bugprone-signal-handler,
-  bugprone-signed-char-misuse,
-  bugprone-sizeof-container,
-  bugprone-sizeof-expression,
-  bugprone-spuriously-wake-up-functions,
-  bugprone-standalone-empty,
-  bugprone-string-constructor,
-  bugprone-string-integer-assignment,
-  bugprone-string-literal-with-embedded-nul,
-  bugprone-stringview-nullptr,
-  bugprone-suspicious-enum-usage,
-  bugprone-suspicious-include,
-  bugprone-suspicious-memory-comparison,
-  bugprone-suspicious-memset-usage,
-  bugprone-suspicious-realloc-usage,
-  bugprone-suspicious-semicolon,
-  bugprone-suspicious-string-compare,
-  bugprone-swapped-arguments,
-  bugprone-terminating-continue,
-  bugprone-throw-keyword-missing,
-  bugprone-undefined-memory-manipulation,
-  bugprone-undelegated-constructor,
-  bugprone-unhandled-exception-at-new,
-  bugprone-unique-ptr-array-mismatch,
-  bugprone-unsafe-functions,
-  bugprone-virtual-near-miss,
-  cppcoreguidelines-no-suspend-with-lock,
-  cppcoreguidelines-virtual-class-destructor,
-  hicpp-ignored-remove-result,
-  misc-definitions-in-headers,
-  misc-header-include-cycle,
-  misc-misplaced-const,
-  misc-static-assert,
-  misc-throw-by-value-catch-by-reference,
-  misc-unused-alias-decls,
-  misc-unused-using-decls,
-  readability-duplicate-include,
-  readability-enum-initial-value,
-  readability-misleading-indentation,
-  readability-non-const-parameter,
-  readability-redundant-declaration,
-  readability-reference-to-constructed-temporary,
-  modernize-deprecated-headers,
-  modernize-make-shared,
-  modernize-make-unique,
-  performance-implicit-conversion-in-loop,
-  performance-move-constructor-init,
-  performance-trivially-destructible
+  bugprone-argument-comment
   "
-# ---
-# more checks that have some issues that need to be resolved:
-#
+# bugprone-assert-side-effect,
+# bugprone-bad-signal-to-kill-thread,
+# bugprone-bool-pointer-implicit-conversion,
+# bugprone-casting-through-void,
+# bugprone-chained-comparison,
+# bugprone-compare-pointer-to-member-virtual-function,
+# bugprone-copy-constructor-init,
 # bugprone-crtp-constructor-accessibility,
+# bugprone-dangling-handle,
+# bugprone-dynamic-static-initializers,
+# bugprone-empty-catch,
+# bugprone-fold-init-type,
+# bugprone-forward-declaration-namespace,
+# bugprone-inaccurate-erase,
 # bugprone-inc-dec-in-conditions,
-# bugprone-reserved-identifier,
+# bugprone-incorrect-enable-if,
+# bugprone-incorrect-roundings,
+# bugprone-infinite-loop,
+# bugprone-integer-division,
+# bugprone-lambda-function-name,
+# bugprone-macro-parentheses,
+# bugprone-macro-repeated-side-effects,
+# bugprone-misplaced-operator-in-strlen-in-alloc,
+# bugprone-misplaced-pointer-arithmetic-in-alloc,
+# bugprone-misplaced-widening-cast,
 # bugprone-move-forwarding-reference,
-# bugprone-unused-local-non-trivial-variable,
-# bugprone-switch-missing-default-case,
-# bugprone-suspicious-stringview-data-usage,
-# bugprone-suspicious-missing-comma,
-# bugprone-pointer-arithmetic-on-polymorphic-object,
+# bugprone-multi-level-implicit-pointer-conversion,
+# bugprone-multiple-new-in-one-expression,
+# bugprone-multiple-statement-macro,
+# bugprone-no-escape,
+# bugprone-non-zero-enum-to-bool-conversion,
 # bugprone-optional-value-conversion,
+# bugprone-parent-virtual-call,
+# bugprone-pointer-arithmetic-on-polymorphic-object,
+# bugprone-posix-return,
+# bugprone-redundant-branch-condition,
+# bugprone-reserved-identifier,
+# bugprone-return-const-ref-from-parameter,
+# bugprone-shared-ptr-array-mismatch,
+# bugprone-signal-handler,
+# bugprone-signed-char-misuse,
+# bugprone-sizeof-container,
+# bugprone-sizeof-expression,
+# bugprone-spuriously-wake-up-functions,
+# bugprone-standalone-empty,
+# bugprone-string-constructor,
+# bugprone-string-integer-assignment,
+# bugprone-string-literal-with-embedded-nul,
+# bugprone-stringview-nullptr,
+# bugprone-suspicious-enum-usage,
+# bugprone-suspicious-include,
+# bugprone-suspicious-memory-comparison,
+# bugprone-suspicious-memset-usage,
+# bugprone-suspicious-missing-comma,
+# bugprone-suspicious-realloc-usage,
+# bugprone-suspicious-semicolon,
+# bugprone-suspicious-string-compare,
+# bugprone-suspicious-stringview-data-usage,
+# bugprone-swapped-arguments,
+# bugprone-switch-missing-default-case,
+# bugprone-terminating-continue,
+# bugprone-throw-keyword-missing,
 # bugprone-too-small-loop-variable,
+# bugprone-undefined-memory-manipulation,
+# bugprone-undelegated-constructor,
+# bugprone-unhandled-exception-at-new,
+# bugprone-unhandled-self-assignment,
+# bugprone-unique-ptr-array-mismatch,
+# bugprone-unsafe-functions,
+# bugprone-unused-local-non-trivial-variable,
+# bugprone-unused-raii,
 # bugprone-unused-return-value,
 # bugprone-use-after-move,
-# bugprone-unhandled-self-assignment,
-# bugprone-unused-raii,
-#
-# cppcoreguidelines-misleading-capture-default-by-value,
+# bugprone-virtual-near-miss,
 # cppcoreguidelines-init-variables,
+# cppcoreguidelines-misleading-capture-default-by-value,
+# cppcoreguidelines-no-suspend-with-lock,
 # cppcoreguidelines-pro-type-member-init,
 # cppcoreguidelines-pro-type-static-cast-downcast,
-# cppcoreguidelines-use-default-member-init,
 # cppcoreguidelines-rvalue-reference-param-not-moved,
-#
+# cppcoreguidelines-use-default-member-init,
+# cppcoreguidelines-virtual-class-destructor,
+# hicpp-ignored-remove-result,
 # llvm-namespace-comment,
 # misc-const-correctness,
+# misc-definitions-in-headers,
+# misc-header-include-cycle,
 # misc-include-cleaner,
+# misc-misplaced-const,
 # misc-redundant-expression,
-#
-# readability-avoid-nested-conditional-operator,
-# readability-avoid-return-with-void-value,
-# readability-braces-around-statements,
-# readability-container-contains,
-# readability-container-size-empty,
-# readability-convert-member-functions-to-static,
-# readability-const-return-type,
-# readability-else-after-return,
-# readability-implicit-bool-conversion,
-# readability-inconsistent-declaration-parameter-name,
-# readability-identifier-naming,
-# readability-make-member-function-const,
-# readability-math-missing-parentheses,
-# readability-redundant-inline-specifier,
-# readability-redundant-member-init,
-# readability-redundant-casting,
-# readability-redundant-string-init,
-# readability-simplify-boolean-expr,
-# readability-static-definition-in-anonymous-namespace,
-# readability-suspicious-call-argument,
-# readability-use-std-min-max,
-# readability-static-accessed-through-instance,
-#
+# misc-static-assert,
+# misc-throw-by-value-catch-by-reference,
+# misc-unused-alias-decls,
+# misc-unused-using-decls,
 # modernize-concat-nested-namespaces,
+# modernize-deprecated-headers,
+# modernize-make-shared,
+# modernize-make-unique,
 # modernize-pass-by-value,
 # modernize-type-traits,
 # modernize-use-designated-initializers,
@@ -150,50 +111,79 @@ Checks: "-*,
 # modernize-use-starts-ends-with,
 # modernize-use-std-numbers,
 # modernize-use-using,
-#
 # performance-faster-string-find,
 # performance-for-range-copy,
+# performance-implicit-conversion-in-loop,
 # performance-inefficient-vector-operation,
 # performance-move-const-arg,
+# performance-move-constructor-init,
 # performance-no-automatic-move,
-# ---
+# performance-trivially-destructible,
+# readability-avoid-nested-conditional-operator,
+# readability-avoid-return-with-void-value,
+# readability-braces-around-statements,
+# readability-const-return-type,
+# readability-container-contains,
+# readability-container-size-empty,
+# readability-convert-member-functions-to-static,
+# readability-duplicate-include,
+# readability-else-after-return,
+# readability-enum-initial-value,
+# readability-implicit-bool-conversion,
+# readability-inconsistent-declaration-parameter-name,
+# readability-identifier-naming,
+# readability-make-member-function-const,
+# readability-math-missing-parentheses,
+# readability-misleading-indentation,
+# readability-non-const-parameter,
+# readability-redundant-casting,
+# readability-redundant-declaration,
+# readability-redundant-inline-specifier,
+# readability-redundant-member-init,
+# readability-redundant-string-init,
+# readability-reference-to-constructed-temporary,
+# readability-simplify-boolean-expr,
+# readability-static-accessed-through-instance,
+# readability-static-definition-in-anonymous-namespace,
+# readability-suspicious-call-argument,
+# readability-use-std-min-max
 #
-CheckOptions:
-  #   readability-braces-around-statements.ShortStatementLines: 2
-  #   readability-identifier-naming.MacroDefinitionCase: UPPER_CASE
-  #   readability-identifier-naming.ClassCase: CamelCase
-  #   readability-identifier-naming.StructCase: CamelCase
-  #   readability-identifier-naming.UnionCase: CamelCase
-  #   readability-identifier-naming.EnumCase: CamelCase
-  #   readability-identifier-naming.EnumConstantCase: CamelCase
-  #   readability-identifier-naming.ScopedEnumConstantCase: CamelCase
-  #   readability-identifier-naming.GlobalConstantCase: UPPER_CASE
-  #   readability-identifier-naming.GlobalConstantPrefix: "k"
-  #   readability-identifier-naming.GlobalVariableCase: CamelCase
-  #   readability-identifier-naming.GlobalVariablePrefix: "g"
-  #   readability-identifier-naming.ConstexprFunctionCase: camelBack
-  #   readability-identifier-naming.ConstexprMethodCase: camelBack
-  #   readability-identifier-naming.ClassMethodCase: camelBack
-  #   readability-identifier-naming.ClassMemberCase: camelBack
-  #   readability-identifier-naming.ClassConstantCase: UPPER_CASE
-  #   readability-identifier-naming.ClassConstantPrefix: "k"
-  #   readability-identifier-naming.StaticConstantCase: UPPER_CASE
-  #   readability-identifier-naming.StaticConstantPrefix: "k"
-  #   readability-identifier-naming.StaticVariableCase: UPPER_CASE
-  #   readability-identifier-naming.StaticVariablePrefix: "k"
-  #   readability-identifier-naming.ConstexprVariableCase: UPPER_CASE
-  #   readability-identifier-naming.ConstexprVariablePrefix: "k"
-  #   readability-identifier-naming.LocalConstantCase: camelBack
-  #   readability-identifier-naming.LocalVariableCase: camelBack
-  #   readability-identifier-naming.TemplateParameterCase: CamelCase
-  #   readability-identifier-naming.ParameterCase: camelBack
-  #   readability-identifier-naming.FunctionCase: camelBack
-  #   readability-identifier-naming.MemberCase: camelBack
-  #   readability-identifier-naming.PrivateMemberSuffix: _
-  #   readability-identifier-naming.ProtectedMemberSuffix: _
-  #   readability-identifier-naming.PublicMemberSuffix: ""
-  #   readability-identifier-naming.FunctionIgnoredRegexp: ".*tag_invoke.*"
-  bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
+# CheckOptions:
+#   readability-braces-around-statements.ShortStatementLines: 2
+#   readability-identifier-naming.MacroDefinitionCase: UPPER_CASE
+#   readability-identifier-naming.ClassCase: CamelCase
+#   readability-identifier-naming.StructCase: CamelCase
+#   readability-identifier-naming.UnionCase: CamelCase
+#   readability-identifier-naming.EnumCase: CamelCase
+#   readability-identifier-naming.EnumConstantCase: CamelCase
+#   readability-identifier-naming.ScopedEnumConstantCase: CamelCase
+#   readability-identifier-naming.GlobalConstantCase: UPPER_CASE
+#   readability-identifier-naming.GlobalConstantPrefix: "k"
+#   readability-identifier-naming.GlobalVariableCase: CamelCase
+#   readability-identifier-naming.GlobalVariablePrefix: "g"
+#   readability-identifier-naming.ConstexprFunctionCase: camelBack
+#   readability-identifier-naming.ConstexprMethodCase: camelBack
+#   readability-identifier-naming.ClassMethodCase: camelBack
+#   readability-identifier-naming.ClassMemberCase: camelBack
+#   readability-identifier-naming.ClassConstantCase: UPPER_CASE
+#   readability-identifier-naming.ClassConstantPrefix: "k"
+#   readability-identifier-naming.StaticConstantCase: UPPER_CASE
+#   readability-identifier-naming.StaticConstantPrefix: "k"
+#   readability-identifier-naming.StaticVariableCase: UPPER_CASE
+#   readability-identifier-naming.StaticVariablePrefix: "k"
+#   readability-identifier-naming.ConstexprVariableCase: UPPER_CASE
+#   readability-identifier-naming.ConstexprVariablePrefix: "k"
+#   readability-identifier-naming.LocalConstantCase: camelBack
+#   readability-identifier-naming.LocalVariableCase: camelBack
+#   readability-identifier-naming.TemplateParameterCase: CamelCase
+#   readability-identifier-naming.ParameterCase: camelBack
+#   readability-identifier-naming.FunctionCase: camelBack
+#   readability-identifier-naming.MemberCase: camelBack
+#   readability-identifier-naming.PrivateMemberSuffix: _
+#   readability-identifier-naming.ProtectedMemberSuffix: _
+#   readability-identifier-naming.PublicMemberSuffix: ""
+#   readability-identifier-naming.FunctionIgnoredRegexp: ".*tag_invoke.*"
+#   bugprone-unsafe-functions.ReportMoreUnsafeFunctions: true
 #   bugprone-unused-return-value.CheckedReturnTypes: ::std::error_code;::std::error_condition;::std::errc
 #   misc-include-cleaner.IgnoreHeaders: '.*/(detail|impl)/.*;.*(expected|unexpected).*;.*ranges_lower_bound\.h;time.h;stdlib.h;__chrono/.*;fmt/chrono.h;boost/uuid/uuid_hash.hpp'
 #

.github/scripts/strategy-matrix/generate.py

@@ -236,21 +236,23 @@ def generate_strategy_matrix(all: bool, config: Config) -> list:
         # names get truncated.
         # Add Address and Thread (both coupled with UB) sanitizers for specific bookworm distros.
         # GCC-Asan rippled-embedded tests are failing because of https://github.com/google/sanitizers/issues/856
-        if (
-            os["distro_version"] == "bookworm"
-            and f"{os['compiler_name']}-{os['compiler_version']}" == "clang-20"
-        ):
+        if os[
+            "distro_version"
+        ] == "bookworm" and f"{os['compiler_name']}-{os['compiler_version']}" in [
+            "clang-20",
+            "gcc-13",
+        ]:
             # Add ASAN + UBSAN configuration.
             configurations.append(
                 {
-                    "config_name": config_name + "-asan-ubsan",
+                    "config_name": config_name + "-asan",
                     "cmake_args": cmake_args,
                     "cmake_target": cmake_target,
                     "build_only": build_only,
                     "build_type": build_type,
                     "os": os,
                     "architecture": architecture,
-                    "sanitizers": "address,undefinedbehavior",
+                    "sanitizers": "address",
                 }
             )
             # TSAN is deactivated due to seg faults with latest compilers.

.github/workflows/on-pr.yml

@@ -33,7 +33,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
       - name: Determine changed files
         # This step checks whether any files have changed that should
         # cause the next jobs to run. We do it this way rather than
@@ -46,7 +46,7 @@ jobs:
         # that Github considers any skipped jobs to have passed, and in
         # turn the required checks as well.
         id: changes
-        uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
         with:
           files: |
             # These paths are unique to `on-pr.yml`.

.github/workflows/pre-commit.yml

@@ -11,7 +11,7 @@ on:
 jobs:
   # Call the workflow in the XRPLF/actions repo that runs the pre-commit hooks.
   run-hooks:
-    uses: XRPLF/actions/.github/workflows/pre-commit.yml@56de1bdf19639e009639a50b8d17c28ca954f267
+    uses: XRPLF/actions/.github/workflows/pre-commit.yml@320be44621ca2a080f05aeb15817c44b84518108
     with:
       runs_on: ubuntu-latest
-      container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-41ec7c1" }'
+      container: '{ "image": "ghcr.io/xrplf/ci/tools-rippled-pre-commit:sha-ab4d1f0" }'

.github/workflows/publish-docs.yml

@@ -4,18 +4,6 @@ name: Build and publish documentation
 
 on:
   push:
-    branches:
-      - "develop"
-      - "release*"
-    paths:
-      - ".github/workflows/publish-docs.yml"
-      - "*.md"
-      - "**/*.md"
-      - "docs/**"
-      - "include/**"
-      - "src/libxrpl/**"
-      - "src/xrpld/**"
-  pull_request:
     paths:
       - ".github/workflows/publish-docs.yml"
       - "*.md"
@@ -35,22 +23,17 @@ defaults:
 
 env:
   BUILD_DIR: build
-  # ubuntu-latest has only 2 CPUs for private repositories
-  # https://docs.github.com/en/actions/reference/runners/github-hosted-runners#standard-github-hosted-runners-for--private-repositories
-  NPROC_SUBTRACT: ${{ github.event.repository.private && '1' || '2' }}
+  NPROC_SUBTRACT: 2
 
 jobs:
-  build:
+  publish:
     runs-on: ubuntu-latest
     container: ghcr.io/xrplf/ci/tools-rippled-documentation:sha-a8c7be1
+    permissions:
+      contents: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
-      - name: Prepare runner
-        uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
-        with:
-          enable_ccache: false
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Get number of processors
         uses: XRPLF/actions/get-nproc@cf0433aa74563aead044a1e395610c96d65a37cf
@@ -81,23 +64,9 @@ jobs:
           cmake -Donly_docs=ON ..
           cmake --build . --target docs --parallel ${BUILD_NPROC}
 
-      - name: Create documentation artifact
-        if: ${{ github.event_name == 'push' }}
-        uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
+      - name: Publish documentation
+        if: ${{ github.ref_type == 'branch' && github.ref_name == github.event.repository.default_branch }}
+        uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
         with:
-          path: ${{ env.BUILD_DIR }}/docs/html
-
-  deploy:
-    if: ${{ github.event_name == 'push' }}
-    needs: build
-    runs-on: ubuntu-latest
-    permissions:
-      pages: write
-      id-token: write
-    environment:
-      name: github-pages
-      url: ${{ steps.deploy.outputs.page_url }}
-    steps:
-      - name: Deploy to GitHub Pages
-        id: deploy
-        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ${{ env.BUILD_DIR }}/docs/html

.github/workflows/reusable-build-test-config.yml

@@ -76,7 +76,8 @@ jobs:
     name: ${{ inputs.config_name }}
     runs-on: ${{ fromJSON(inputs.runs_on) }}
     container: ${{ inputs.image != '' && inputs.image || null }}
-    timeout-minutes: 60
+    # Sanitizer builds on GCC are taking longer than 60mins. Hence increasing the timeout to 90mins.
+    timeout-minutes: ${{ inputs.sanitizers != '' && 360 || 60 }}
     env:
       # Use a namespace to keep the objects separate for each configuration.
       CCACHE_NAMESPACE: ${{ inputs.config_name }}
@@ -101,10 +102,10 @@ jobs:
     steps:
       - name: Cleanup workspace (macOS and Windows)
         if: ${{ runner.os == 'macOS' || runner.os == 'Windows' }}
-        uses: XRPLF/actions/cleanup-workspace@c7d9ce5ebb03c752a354889ecd870cadfc2b1cd4
+        uses: XRPLF/actions/cleanup-workspace@cf0433aa74563aead044a1e395610c96d65a37cf
 
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Prepare runner
         uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
@@ -177,7 +178,7 @@ jobs:
 
       - name: Upload the binary (Linux)
         if: ${{ github.repository_owner == 'XRPLF' && runner.os == 'Linux' }}
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: xrpld-${{ inputs.config_name }}
           path: ${{ env.BUILD_DIR }}/xrpld
@@ -205,14 +206,22 @@ jobs:
       - name: Set sanitizer options
         if: ${{ !inputs.build_only && env.SANITIZERS_ENABLED == 'true' }}
         run: |
-          echo "ASAN_OPTIONS=print_stacktrace=1:detect_container_overflow=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp" >> ${GITHUB_ENV}
-          echo "TSAN_OPTIONS=second_deadlock_stack=1:halt_on_error=0:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
-          echo "UBSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
-          echo "LSAN_OPTIONS=suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
+          ASAN_OPTS="include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-asan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/asan.supp"
+          if [[ "${{ inputs.config_name }}" == *gcc* ]]; then
+            ASAN_OPTS="${ASAN_OPTS}:alloc_dealloc_mismatch=0"
+          fi
+          echo "ASAN_OPTIONS=${ASAN_OPTS}" >> ${GITHUB_ENV}
+          echo "TSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-tsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/tsan.supp" >> ${GITHUB_ENV}
+          echo "UBSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/ubsan.supp" >> ${GITHUB_ENV}
+          echo "LSAN_OPTIONS=include=${GITHUB_WORKSPACE}/sanitizers/suppressions/runtime-lsan-options.txt:suppressions=${GITHUB_WORKSPACE}/sanitizers/suppressions/lsan.supp" >> ${GITHUB_ENV}
 
       - name: Run the separate tests
+        # We continue on error here because we want to try the Embedded tests before
+        # failing. This will give us details on all the failures at once.
+        continue-on-error: true
         if: ${{ !inputs.build_only }}
         working-directory: ${{ env.BUILD_DIR }}
+        id: separate_tests
         # Windows locks some of the build files while running tests, and parallel jobs can collide
         env:
           BUILD_TYPE: ${{ inputs.build_type }}
@@ -228,22 +237,15 @@ jobs:
         working-directory: ${{ runner.os == 'Windows' && format('{0}/{1}', env.BUILD_DIR, inputs.build_type) || env.BUILD_DIR }}
         env:
           BUILD_NPROC: ${{ steps.nproc.outputs.nproc }}
+          PARALLELISM: ${{ env.SANITIZERS_ENABLED == 'true' && steps.nproc.outputs.nproc || steps.nproc.outputs.nproc }}
         run: |
-          set -o pipefail
-          ./xrpld --unittest --unittest-jobs "${BUILD_NPROC}" 2>&1 | tee unittest.log
+          ./xrpld --unittest --unittest-jobs "${PARALLELISM}"
 
-      - name: Show test failure summary
-        if: ${{ failure() && !inputs.build_only }}
-        working-directory: ${{ runner.os == 'Windows' && format('{0}/{1}', env.BUILD_DIR, inputs.build_type) || env.BUILD_DIR }}
-        run: |
-          if [ ! -f unittest.log ]; then
-            echo "unittest.log not found; embedded tests may not have run."
-            exit 0
-          fi
+        # Pipeline should fail if the separate tests failed.
+      - name: Check results of the SeparateTests
+        if: ${{ !inputs.build_only && steps.separate_tests.outcome == 'failure' }}
+        run: exit 1
 
-          if ! grep -E "failed" unittest.log; then
-            echo "Log present but no failure lines found in unittest.log."
-          fi
       - name: Debug failure (Linux)
         if: ${{ failure() && runner.os == 'Linux' && !inputs.build_only }}
         run: |
@@ -267,7 +269,7 @@ jobs:
 
       - name: Upload coverage report
         if: ${{ github.repository_owner == 'XRPLF' && !inputs.build_only && env.COVERAGE_ENABLED == 'true' }}
-        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
+        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
         with:
           disable_search: true
           disable_telem: true

.github/workflows/reusable-check-levelization.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
       - name: Check levelization
         run: .github/scripts/levelization/generate.sh
       - name: Check for differences

.github/workflows/reusable-check-rename.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
       - name: Check definitions
         run: .github/scripts/rename/definitions.sh .
       - name: Check copyright notices

.github/workflows/reusable-clang-tidy-files.yml

@@ -32,7 +32,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Prepare runner
         uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d
@@ -78,13 +78,13 @@ jobs:
         id: run_clang_tidy
         continue-on-error: true
         env:
-          TARGETS: ${{ inputs.files != '' && inputs.files || 'src tests' }}
+          FILES: ${{ inputs.files }}
         run: |
-          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "${BUILD_DIR}" ${TARGETS} 2>&1 | tee clang-tidy-output.txt
+          run-clang-tidy -j ${{ steps.nproc.outputs.nproc }} -p "$BUILD_DIR" $FILES 2>&1 | tee clang-tidy-output.txt
 
       - name: Upload clang-tidy output
         if: steps.run_clang_tidy.outcome != 'success'
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: clang-tidy-results
           path: clang-tidy-output.txt

.github/workflows/reusable-clang-tidy.yml

@@ -22,8 +22,7 @@ jobs:
     if: ${{ inputs.check_only_changed }}
     runs-on: ubuntu-latest
     outputs:
-      clang_tidy_config_changed: ${{ steps.changed_clang_tidy.outputs.any_changed }}
-      any_cpp_changed: ${{ steps.changed_files.outputs.any_changed }}
+      any_changed: ${{ steps.changed_files.outputs.any_changed }}
       all_changed_files: ${{ steps.changed_files.outputs.all_changed_files }}
     steps:
       - name: Checkout repository
@@ -31,7 +30,7 @@ jobs:
 
       - name: Get changed C++ files
         id: changed_files
-        uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
         with:
           files: |
             **/*.cpp
@@ -39,17 +38,10 @@ jobs:
             **/*.ipp
           separator: " "
 
-      - name: Get changed clang-tidy configuration
-        id: changed_clang_tidy
-        uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
-        with:
-          files: |
-            .clang-tidy
-
   run-clang-tidy:
     needs: [determine-files]
-    if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.any_cpp_changed == 'true' || needs.determine-files.outputs.clang_tidy_config_changed == 'true') }}
+    if: ${{ always() && !cancelled() && (!inputs.check_only_changed || needs.determine-files.outputs.any_changed == 'true') }}
     uses: ./.github/workflows/reusable-clang-tidy-files.yml
     with:
-      files: ${{ (needs.determine-files.outputs.clang_tidy_config_changed == 'true' && '') || (inputs.check_only_changed && needs.determine-files.outputs.all_changed_files || '') }}
+      files: ${{ inputs.check_only_changed && needs.determine-files.outputs.all_changed_files || '' }}
       create_issue_on_failure: ${{ inputs.create_issue_on_failure }}

.github/workflows/reusable-strategy-matrix.yml

@@ -29,10 +29,10 @@ jobs:
       matrix: ${{ steps.generate.outputs.matrix }}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Set up Python
-        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
         with:
           python-version: 3.13
 

.github/workflows/reusable-upload-recipe.yml

@@ -43,7 +43,7 @@ jobs:
     container: ghcr.io/xrplf/ci/ubuntu-noble:gcc-13-sha-5dd7158
     steps:
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Generate build version number
         id: version

.github/workflows/upload-conan-deps.yml

@@ -64,10 +64,10 @@ jobs:
     steps:
       - name: Cleanup workspace (macOS and Windows)
         if: ${{ runner.os == 'macOS' || runner.os == 'Windows' }}
-        uses: XRPLF/actions/cleanup-workspace@c7d9ce5ebb03c752a354889ecd870cadfc2b1cd4
+        uses: XRPLF/actions/cleanup-workspace@cf0433aa74563aead044a1e395610c96d65a37cf
 
       - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
       - name: Prepare runner
         uses: XRPLF/actions/prepare-runner@2cbf481018d930656e9276fcc20dc0e3a0be5b6d

.gitignore

@@ -42,9 +42,6 @@ gmon.out
 # Locally patched Conan recipes
 external/conan-center-index/
 
-# Local conan directory
-.conan
-
 # XCode IDE.
 *.pbxuser
 !default.pbxuser
@@ -75,8 +72,5 @@ DerivedData
 /.claude
 /CLAUDE.md
 
-# Direnv's directory
-/.direnv
-
 # clangd cache
 /.cache

.pre-commit-config.yaml

@@ -20,7 +20,7 @@ repos:
         args: [--assume-in-merge]
 
   - repo: https://github.com/pre-commit/mirrors-clang-format
-    rev: cd481d7b0bfb5c7b3090c21846317f9a8262e891 # frozen: v22.1.0
+    rev: 75ca4ad908dc4a99f57921f29b7e6c1521e10b26 # frozen: v21.1.8
     hooks:
       - id: clang-format
         args: [--style=file]
@@ -33,17 +33,17 @@ repos:
         additional_dependencies: [PyYAML]
 
   - repo: https://github.com/rbubley/mirrors-prettier
-    rev: c2bc67fe8f8f549cc489e00ba8b45aa18ee713b1 # frozen: v3.8.1
+    rev: 5ba47274f9b181bce26a5150a725577f3c336011 # frozen: v3.6.2
     hooks:
       - id: prettier
 
   - repo: https://github.com/psf/black-pre-commit-mirror
-    rev: ea488cebbfd88a5f50b8bd95d5c829d0bb76feb8 # frozen: 26.1.0
+    rev: 831207fd435b47aeffdf6af853097e64322b4d44 # frozen: v25.12.0
     hooks:
       - id: black
 
   - repo: https://github.com/streetsidesoftware/cspell-cli
-    rev: a42085ade523f591dca134379a595e7859986445 # frozen: v9.7.0
+    rev: 1cfa010f078c354f3ffb8413616280cc28f5ba21 # frozen: v9.4.0
     hooks:
       - id: cspell # Spell check changed files
         exclude: .config/cspell.config.yaml
@@ -57,24 +57,6 @@ repos:
           - .git/COMMIT_EDITMSG
         stages: [commit-msg]
 
-  - repo: local
-    hooks:
-      - id: nix-fmt
-        name: Format Nix files
-        entry: |
-          bash -c '
-            if command -v nix &> /dev/null || [ "$GITHUB_ACTIONS" = "true" ]; then
-              nix --extra-experimental-features "nix-command flakes" fmt "$@"
-            else
-              echo "Skipping nix-fmt: nix not installed and not in GitHub Actions"
-              exit 0
-            fi
-          ' --
-        language: system
-        types:
-          - nix
-        pass_filenames: true
-
 exclude: |
   (?x)^(
       external/.*|

API-CHANGELOG.md

@@ -22,19 +22,6 @@ API version 2 is available in `rippled` version 2.0.0 and later. See [API-VERSIO
 
 This version is supported by all `rippled` versions. For WebSocket and HTTP JSON-RPC requests, it is currently the default API version used when no `api_version` is specified.
 
-## Unreleased
-
-This section contains changes targeting a future version.
-
-### Additions
-
-- `server_definitions`: Added the following new sections to the response ([#6321](https://github.com/XRPLF/rippled/pull/6321)):
-  - `TRANSACTION_FORMATS`: Describes the fields and their optionality for each transaction type, including common fields shared across all transactions.
-  - `LEDGER_ENTRY_FORMATS`: Describes the fields and their optionality for each ledger entry type, including common fields shared across all ledger entries.
-  - `TRANSACTION_FLAGS`: Maps transaction type names to their supported flags and flag values.
-  - `LEDGER_ENTRY_FLAGS`: Maps ledger entry type names to their flags and flag values.
-  - `ACCOUNT_SET_FLAGS`: Maps AccountSet flag names (asf flags) to their numeric values.
-
 ## XRP Ledger server version 3.1.0
 
 [Version 3.1.0](https://github.com/XRPLF/rippled/releases/tag/3.1.0) was released on Jan 27, 2026.

CMakeLists.txt

@@ -36,6 +36,26 @@ endif ()
 # Enable ccache to speed up builds.
 include(Ccache)
 
+# make GIT_COMMIT_HASH define available to all sources
+find_package(Git)
+if (Git_FOUND)
+    execute_process(COMMAND ${GIT_EXECUTABLE} --git-dir=${CMAKE_CURRENT_SOURCE_DIR}/.git rev-parse
+                            HEAD OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE gch)
+    if (gch)
+        set(GIT_COMMIT_HASH "${gch}")
+        message(STATUS gch: ${GIT_COMMIT_HASH})
+        add_definitions(-DGIT_COMMIT_HASH="${GIT_COMMIT_HASH}")
+    endif ()
+
+    execute_process(COMMAND ${GIT_EXECUTABLE} --git-dir=${CMAKE_CURRENT_SOURCE_DIR}/.git rev-parse
+                            --abbrev-ref HEAD OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE gb)
+    if (gb)
+        set(GIT_BRANCH "${gb}")
+        message(STATUS gb: ${GIT_BRANCH})
+        add_definitions(-DGIT_BRANCH="${GIT_BRANCH}")
+    endif ()
+endif () # git
+
 if (thread_safety_analysis)
     add_compile_options(-Wthread-safety -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS
                         -DXRPL_ENABLE_THREAD_SAFETY_ANNOTATIONS)

CONTRIBUTING.md

@@ -251,29 +251,6 @@ pip3 install pre-commit
 pre-commit install
 ```
 
-## Clang-tidy
-
-All code must pass `clang-tidy` checks according to the settings in [`.clang-tidy`](./.clang-tidy).
-
-There is a Continuous Integration job that runs clang-tidy on pull requests. The CI will check:
-
-- All changed C++ files (`.cpp`, `.h`, `.ipp`) when only code files are modified
-- **All files in the repository** when the `.clang-tidy` configuration file is changed
-
-This ensures that configuration changes don't introduce new warnings across the codebase.
-
-### Running clang-tidy locally
-
-Before running clang-tidy, you must build the project to generate required files (particularly protobuf headers). Refer to [`BUILD.md`](./BUILD.md) for build instructions.
-
-Then run clang-tidy on your local changes:
-
-```
-run-clang-tidy -p build src tests
-```
-
-This will check all source files in the `src` and `tests` directories using the compile commands from your `build` directory.
-
 ## Contracts and instrumentation
 
 We are using [Antithesis](https://antithesis.com/) for continuous fuzzing,

cmake/GitInfo.cmake

@@ -1,21 +0,0 @@
-include_guard()
-
-set(GIT_BUILD_BRANCH "")
-set(GIT_COMMIT_HASH "")
-
-find_package(Git)
-if (NOT Git_FOUND)
-    message(WARNING "Git not found. Git branch and commit hash will be empty.")
-    return()
-endif ()
-
-set(GIT_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/.git)
-
-execute_process(COMMAND ${GIT_EXECUTABLE} --git-dir=${GIT_DIRECTORY} rev-parse --abbrev-ref HEAD
-                OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE GIT_BUILD_BRANCH)
-
-execute_process(COMMAND ${GIT_EXECUTABLE} --git-dir=${GIT_DIRECTORY} rev-parse HEAD
-                OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE GIT_COMMIT_HASH)
-
-message(STATUS "Git branch: ${GIT_BUILD_BRANCH}")
-message(STATUS "Git commit hash: ${GIT_COMMIT_HASH}")

cmake/XrplConfig.cmake

@@ -17,12 +17,10 @@ find_dependency(Boost
                 chrono
                 container
                 context
-                coroutine
                 date_time
                 filesystem
                 program_options
                 regex
-                system
                 thread)
 #[=========================================================[
   OpenSSL

cmake/XrplCore.cmake

@@ -58,12 +58,6 @@ include(target_link_modules)
 add_module(xrpl beast)
 target_link_libraries(xrpl.libxrpl.beast PUBLIC xrpl.imports.main)
 
-include(GitInfo)
-add_module(xrpl git)
-target_compile_definitions(xrpl.libxrpl.git PRIVATE GIT_COMMIT_HASH="${GIT_COMMIT_HASH}"
-                                                    GIT_BUILD_BRANCH="${GIT_BUILD_BRANCH}")
-target_link_libraries(xrpl.libxrpl.git PUBLIC xrpl.imports.main)
-
 # Level 02
 add_module(xrpl basics)
 target_link_libraries(xrpl.libxrpl.basics PUBLIC xrpl.libxrpl.beast)
@@ -77,8 +71,7 @@ target_link_libraries(xrpl.libxrpl.crypto PUBLIC xrpl.libxrpl.basics)
 
 # Level 04
 add_module(xrpl protocol)
-target_link_libraries(xrpl.libxrpl.protocol PUBLIC xrpl.libxrpl.crypto xrpl.libxrpl.git
-                                                   xrpl.libxrpl.json)
+target_link_libraries(xrpl.libxrpl.protocol PUBLIC xrpl.libxrpl.crypto xrpl.libxrpl.json)
 
 # Level 05
 add_module(xrpl core)
@@ -142,7 +135,6 @@ target_link_modules(
     conditions
     core
     crypto
-    git
     json
     ledger
     net

cmake/XrplInstall.cmake

@@ -23,7 +23,6 @@ install(TARGETS common
                 xrpl.libxrpl.conditions
                 xrpl.libxrpl.core
                 xrpl.libxrpl.crypto
-                xrpl.libxrpl.git
                 xrpl.libxrpl.json
                 xrpl.libxrpl.rdb
                 xrpl.libxrpl.ledger

cmake/XrplInterface.cmake

@@ -22,7 +22,7 @@ target_compile_definitions(
               BOOST_FILESYSTEM_NO_DEPRECATED
               >
               $<$<NOT:$<BOOL:${boost_show_deprecated}>>:
-              BOOST_COROUTINES_NO_DEPRECATION_WARNING
+              BOOST_COROUTINES2_NO_DEPRECATION_WARNING
               BOOST_BEAST_ALLOW_DEPRECATED
               BOOST_FILESYSTEM_DEPRECATED
               >

cmake/deps/Boost.cmake

@@ -4,13 +4,12 @@ include(XrplSanitizers)
 find_package(Boost REQUIRED
              COMPONENTS chrono
                         container
-                        coroutine
+                        context
                         date_time
                         filesystem
                         json
                         program_options
                         regex
-                        system
                         thread)
 
 add_library(xrpl_boost INTERFACE)
@@ -21,7 +20,7 @@ target_link_libraries(
     INTERFACE Boost::headers
               Boost::chrono
               Boost::container
-              Boost::coroutine
+              Boost::context
               Boost::date_time
               Boost::filesystem
               Boost::json
@@ -32,6 +31,26 @@ target_link_libraries(
 if (Boost_COMPILER)
     target_link_libraries(xrpl_boost INTERFACE Boost::disable_autolinking)
 endif ()
+
+# GCC 14+ has a false positive -Wuninitialized warning in Boost.Coroutine2's
+# state.hpp when compiled with -O3. This is due to GCC's intentional behavior
+# change (Bug #98871, #119388) where warnings from inlined system header code
+# are no longer suppressed by -isystem. The warning occurs in operator|= in
+# boost/coroutine2/detail/state.hpp when inlined from push_control_block::destroy().
+# See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119388
+if (is_gcc AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 14)
+    target_compile_options(xrpl_boost INTERFACE -Wno-uninitialized)
+endif ()
+
+# Boost.Context's ucontext backend has ASAN fiber-switching annotations
+# (start/finish_switch_fiber) that are compiled in when BOOST_USE_ASAN is defined.
+# This tells ASAN about coroutine stack switches, preventing false positive
+# stack-use-after-scope errors. BOOST_USE_UCONTEXT ensures the ucontext backend
+# is selected (fcontext does not support ASAN annotations).
+# These defines must match what Boost was compiled with (see conan/profiles/sanitizers).
+if (enable_asan)
+    target_compile_definitions(xrpl_boost INTERFACE BOOST_USE_ASAN BOOST_USE_UCONTEXT)
+endif ()
 if (SANITIZERS_ENABLED AND is_clang)
     # TODO: gcc does not support -fsanitize-blacklist...can we do something else for gcc ?
     if (NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)

conan/profiles/sanitizers

@@ -7,16 +7,21 @@ include(default)
     {% if compiler == "gcc" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
+            {% set defines = [] %}
             {% set model_code = "" %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1", "-Wno-stringop-overflow"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
                 {% set model_code = "-mcmodel=large" %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
                 {% set model_code = "-mcmodel=medium" %}
                 {% set _ = extra_cxxflags.append("-Wno-tsan") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -29,16 +34,22 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
         {% endif %}
     {% elif compiler == "apple-clang" or compiler == "clang" %}
         {% if "address" in sanitizers or "thread" in sanitizers or "undefinedbehavior" in sanitizers %}
             {% set sanitizer_list = [] %}
+            {% set defines = [] %}
             {% set extra_cxxflags = ["-fno-omit-frame-pointer", "-O1"] %}
 
             {% if "address" in sanitizers %}
                 {% set _ = sanitizer_list.append("address") %}
+                {% set _ = defines.append("BOOST_USE_ASAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% elif "thread" in sanitizers %}
                 {% set _ = sanitizer_list.append("thread") %}
+                {% set _ = defines.append("BOOST_USE_TSAN")%}
+                {% set _ = defines.append("BOOST_USE_UCONTEXT")%}
             {% endif %}
 
             {% if "undefinedbehavior" in sanitizers %}
@@ -52,8 +63,24 @@ include(default)
             tools.build:cxxflags+=['{{sanitizer_flags}} {{" ".join(extra_cxxflags)}}']
             tools.build:sharedlinkflags+=['{{sanitizer_flags}}']
             tools.build:exelinkflags+=['{{sanitizer_flags}}']
+            tools.build:defines+={{defines}}
         {% endif %}
     {% endif %}
 {% endif %}
 
-tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags"]
+tools.info.package_id:confs+=["tools.build:cxxflags", "tools.build:exelinkflags", "tools.build:sharedlinkflags", "tools.build:defines"]
+
+[options]
+{% if sanitizers %}
+    {% if "address" in sanitizers %}
+        # Build Boost.Context with ucontext backend (not fcontext) so that
+        # ASAN fiber-switching annotations (__sanitizer_start/finish_switch_fiber)
+        # are compiled into the library. fcontext (assembly) has no ASAN support.
+        # define=BOOST_USE_ASAN=1 is critical: it must be defined when building
+        # Boost.Context itself so the ucontext backend compiles in the ASAN annotations.
+        boost/*:extra_b2_flags=context-impl=ucontext address-sanitizer=on define=BOOST_USE_ASAN=1
+        boost/*:without_context=False
+        # Boost stacktrace fails to build with some sanitizers
+        boost/*:without_stacktrace=True
+    {% endif %}
+{% endif %}

conanfile.py

@@ -1,4 +1,5 @@
 import re
+import os
 
 from conan.tools.cmake import CMake, CMakeToolchain, cmake_layout
 
@@ -57,6 +58,9 @@ class Xrpl(ConanFile):
         "tests": False,
         "unity": False,
         "xrpld": False,
+        "boost/*:without_context": False,
+        "boost/*:without_coroutine": True,
+        "boost/*:without_coroutine2": False,
         "date/*:header_only": True,
         "ed25519/*:shared": False,
         "grpc/*:shared": False,
@@ -125,6 +129,14 @@ class Xrpl(ConanFile):
             self.options["boost"].visibility = "global"
         if self.settings.compiler in ["clang", "gcc"]:
             self.options["boost"].without_cobalt = True
+        self.options["boost"].without_context = False
+        self.options["boost"].without_coroutine = True
+        self.options["boost"].without_coroutine2 = False
+        # Check if environment variable exists
+        if "SANITIZERS" in os.environ:
+            sanitizers = os.environ["SANITIZERS"]
+            if "address" in sanitizers.lower():
+                self.default_options["fPIC"] = False
 
     def requirements(self):
         # Conan 2 requires transitive headers to be specified
@@ -196,7 +208,8 @@ class Xrpl(ConanFile):
             "boost::headers",
             "boost::chrono",
             "boost::container",
-            "boost::coroutine",
+            "boost::context",
+            "boost::coroutine2",
             "boost::date_time",
             "boost::filesystem",
             "boost::json",

cspell.config.yaml

@@ -99,8 +99,10 @@ words:
   - endmacro
   - exceptioned
   - Falco
+  - fcontext
   - finalizers
   - firewalled
+  - flackiness
   - fmtdur
   - fsanitize
   - funclets
@@ -111,6 +113,7 @@ words:
   - gpgcheck
   - gpgkey
   - hotwallet
+  - hwaddress
   - hwrap
   - ifndef
   - inequation
@@ -173,12 +176,8 @@ words:
   - nftokens
   - nftpage
   - nikb
-  - nixfmt
-  - nixos
-  - nixpkgs
-  - NOLINT
-  - NOLINTNEXTLINE
   - nonxrp
+  - norecover
   - noripple
   - nudb
   - nullptr
@@ -238,6 +237,7 @@ words:
   - soci
   - socidb
   - sslws
+  - stackful
   - statsd
   - STATSDCOLLECTOR
   - stissue

docs/build/environment.md

@@ -3,8 +3,6 @@ environment complete with Git, Python, Conan, CMake, and a C++ compiler.
 This document exists to help readers set one up on any of the Big Three
 platforms: Linux, macOS, or Windows.
 
-As an alternative to system packages, the Nix development shell can be used to provide a development environment. See [using nix development shell](./nix.md) for more details.
-
 [BUILD.md]: ../../BUILD.md
 
 ## Linux

docs/build/nix.md

@@ -1,95 +0,0 @@
-# Using Nix Development Shell for xrpld Development
-
-This guide explains how to use Nix to set up a reproducible development environment for xrpld. Using Nix eliminates the need to manually install utilities and ensures consistent tooling across different machines.
-
-## Benefits of Using Nix
-
-- **Reproducible environment**: Everyone gets the same versions of tools and compilers
-- **No system pollution**: Dependencies are isolated and don't affect your system packages
-- **Multiple compiler versions**: Easily switch between different GCC and Clang versions
-- **Quick setup**: Get started with a single command
-- **Works on Linux and macOS**: Consistent experience across platforms
-
-## Install Nix
-
-Please follow [the official installation instructions of nix package manager](https://nixos.org/download/) for your system.
-
-## Entering the Development Shell
-
-### Basic Usage
-
-From the root of the xrpld repository, enter the default development shell:
-
-```bash
-nix --experimental-features 'nix-command flakes' develop
-```
-
-This will:
-
-- Download and set up all required development tools (CMake, Ninja, Conan, etc.)
-- Configure the appropriate compiler for your platform:
-  - **macOS**: Apple Clang (default system compiler)
-  - **Linux**: GCC 15
-
-The first time you run this command, it will take a few minutes to download and build the environment. Subsequent runs will be much faster.
-
-> [!TIP]
-> To avoid typing `--experimental-features 'nix-command flakes'` every time, you can permanently enable flakes by creating `~/.config/nix/nix.conf`:
->
-> ```bash
-> mkdir -p ~/.config/nix
-> echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.conf
-> ```
->
-> After this, you can simply use `nix develop` instead.
-
-> [!NOTE]
-> The examples below assume you've enabled flakes in your config. If you haven't, add `--experimental-features 'nix-command flakes'` after each `nix` command.
-
-### Choosing a different compiler
-
-A compiler can be chosen by providing its name with the `.#` prefix, e.g. `nix develop .#gcc15`.
-Use `nix flake show` to see all the available development shells.
-
-Use `nix develop .#no_compiler` to use the compiler from your system.
-
-### Example Usage
-
-```bash
-# Use GCC 14
-nix develop .#gcc14
-
-# Use Clang 19
-nix develop .#clang19
-
-# Use default for your platform
-nix develop
-```
-
-### Using a different shell
-
-`nix develop` opens bash by default. If you want to use another shell this could be done by adding `-c` flag. For example:
-
-```bash
-nix develop -c zsh
-```
-
-## Building xrpld with Nix
-
-Once inside the Nix development shell, follow the standard [build instructions](../../BUILD.md#steps). The Nix shell provides all necessary tools (CMake, Ninja, Conan, etc.).
-
-## Automatic Activation with direnv
-
-[direnv](https://direnv.net/) or [nix-direnv](https://github.com/nix-community/nix-direnv) can automatically activate the Nix development shell when you enter the repository directory.
-
-## Conan and Prebuilt Packages
-
-Please note that there is no guarantee that binaries from conan cache will work when using nix. If you encounter any errors, please use `--build '*'` to force conan to compile everything from source:
-
-```bash
-conan install .. --output-folder . --build '*' --settings build_type=Release
-```
-
-## Updating `flake.lock` file
-
-To update `flake.lock` to the latest revision use `nix flake update` command.

docs/build/sanitizers.md

@@ -89,8 +89,8 @@ cmake --build . --parallel 4
 **IMPORTANT**: ASAN with Boost produces many false positives. Use these options:
 
 ```bash
-export ASAN_OPTIONS="print_stacktrace=1:detect_container_overflow=0:suppressions=path/to/asan.supp:halt_on_error=0:log_path=asan.log"
-export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsan.log"
+export ASAN_OPTIONS="include=sanitizers/suppressions/runtime-asan-options.txt:suppressions=sanitizers/suppressions/asan.supp"
+export LSAN_OPTIONS="include=sanitizers/suppressions/runtime-lsan-options.txt:suppressions=sanitizers/suppressions/lsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -108,7 +108,7 @@ export LSAN_OPTIONS="suppressions=path/to/lsan.supp:halt_on_error=0:log_path=lsa
 ### ThreadSanitizer (TSan)
 
 ```bash
-export TSAN_OPTIONS="suppressions=path/to/tsan.supp halt_on_error=0 log_path=tsan.log"
+export TSAN_OPTIONS="include=sanitizers/suppressions/runtime-tsan-options.txt:suppressions=sanitizers/suppressions/tsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5
@@ -129,7 +129,7 @@ More details [here](https://github.com/google/sanitizers/wiki/AddressSanitizerLe
 ### UndefinedBehaviorSanitizer (UBSan)
 
 ```bash
-export UBSAN_OPTIONS="suppressions=path/to/ubsan.supp:print_stacktrace=1:halt_on_error=0:log_path=ubsan.log"
+export UBSAN_OPTIONS="include=sanitizers/suppressions/runtime-ubsan-options.txt:suppressions=sanitizers/suppressions/ubsan.supp"
 
 # Run tests
 ./xrpld --unittest --unittest-jobs=5

flake.lock

@@ -1,26 +0,0 @@
-{
-  "nodes": {
-    "nixpkgs": {
-      "locked": {
-        "lastModified": 1769461804,
-        "narHash": "sha256-6h5sROT/3CTHvzPy9koKBmoCa2eJKh4fzQK8eYFEgl8=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "b579d443b37c9c5373044201ea77604e37e748c8",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "ref": "nixos-unstable",
-        "type": "indirect"
-      }
-    },
-    "root": {
-      "inputs": {
-        "nixpkgs": "nixpkgs"
-      }
-    }
-  },
-  "root": "root",
-  "version": 7
-}

flake.nix

@@ -1,16 +0,0 @@
-{
-  description = "Nix related things for xrpld";
-  inputs = {
-    nixpkgs.url = "nixpkgs/nixos-unstable";
-  };
-
-  outputs =
-    { nixpkgs, ... }:
-    let
-      forEachSystem = (import ./nix/utils.nix { inherit nixpkgs; }).forEachSystem;
-    in
-    {
-      devShells = forEachSystem (import ./nix/devshell.nix);
-      formatter = forEachSystem ({ pkgs, ... }: pkgs.nixfmt);
-    };
-}

include/xrpl/basics/MallocTrim.h

@@ -1,73 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-
-#include <chrono>
-#include <cstdint>
-#include <string_view>
-
-namespace xrpl {
-
-// cSpell:ignore ptmalloc
-
-// -----------------------------------------------------------------------------
-// Allocator interaction note:
-// - This facility invokes glibc's malloc_trim(0) on Linux/glibc to request that
-//   ptmalloc return free heap pages to the OS.
-// - If an alternative allocator (e.g. jemalloc or tcmalloc) is linked or
-//   preloaded (LD_PRELOAD), calling glibc's malloc_trim typically has no effect
-//   on the *active* heap. The call is harmless but may not reclaim memory
-//   because those allocators manage their own arenas.
-// - Only glibc sbrk/arena space is eligible for trimming; large mmap-backed
-//   allocations are usually returned to the OS on free regardless of trimming.
-// - Call at known reclamation points (e.g., after cache sweeps / online delete)
-//   and consider rate limiting to avoid churn.
-// -----------------------------------------------------------------------------
-
-struct MallocTrimReport
-{
-    bool supported{false};
-    int trimResult{-1};
-    std::int64_t rssBeforeKB{-1};
-    std::int64_t rssAfterKB{-1};
-    std::chrono::microseconds durationUs{-1};
-    std::int64_t minfltDelta{-1};
-    std::int64_t majfltDelta{-1};
-
-    [[nodiscard]] std::int64_t
-    deltaKB() const noexcept
-    {
-        if (rssBeforeKB < 0 || rssAfterKB < 0)
-            return 0;
-        return rssAfterKB - rssBeforeKB;
-    }
-};
-
-/**
- * @brief Attempt to return freed memory to the operating system.
- *
- * On Linux with glibc malloc, this issues ::malloc_trim(0), which may release
- * free space from ptmalloc arenas back to the kernel. On other platforms, or if
- * a different allocator is in use, this function is a no-op and the report will
- * indicate that trimming is unsupported or had no effect.
- *
- * @param tag     Identifier for logging/debugging purposes.
- * @param journal Journal for diagnostic logging.
- * @return Report containing before/after metrics and the trim result.
- *
- * @note If an alternative allocator (jemalloc/tcmalloc) is linked or preloaded,
- *       calling glibc's malloc_trim may have no effect on the active heap. The
- *       call is harmless but typically does not reclaim memory under those
- *       allocators.
- *
- * @note Only memory served from glibc's sbrk/arena heaps is eligible for trim.
- *       Large allocations satisfied via mmap are usually returned on free
- *       independently of trimming.
- *
- * @note Intended for use after operations that free significant memory (e.g.,
- *       cache sweeps, ledger cleanup, online delete). Consider rate limiting.
- */
-MallocTrimReport
-mallocTrim(std::string_view tag, beast::Journal journal);
-
-}  // namespace xrpl

include/xrpl/basics/Number.h

@@ -9,6 +9,10 @@
 #include <ostream>
 #include <string>
 
+#ifdef _MSC_VER
+#include <boost/multiprecision/cpp_int.hpp>
+#endif  // !defined(_MSC_VER)
+
 namespace xrpl {
 
 class Number;
@@ -16,18 +20,37 @@ class Number;
 std::string
 to_string(Number const& amount);
 
+/** Returns a rough estimate of log10(value).
+ *
+ * The return value is a pair (log, rem), where log is the estimated log10,
+ * and rem is value divided by 10^log. If rem is 1, then value is an exact
+ * power of ten, and log is the exact log10(value).
+ *
+ * This function only works for positive values.
+ */
+template <typename T>
+constexpr std::pair<int, T>
+logTenEstimate(T value)
+{
+    int log = 0;
+    T remainder = value;
+    while (value >= 10)
+    {
+        if (value % 10 == 0)
+            remainder = remainder / 10;
+        value /= 10;
+        ++log;
+    }
+    return {log, remainder};
+}
+
 template <typename T>
 constexpr std::optional<int>
 logTen(T value)
 {
-    int log = 0;
-    while (value >= 10 && value % 10 == 0)
-    {
-        value /= 10;
-        ++log;
-    }
-    if (value == 1)
-        return log;
+    auto const est = logTenEstimate(value);
+    if (est.second == 1)
+        return est.first;
     return std::nullopt;
 }
 
@@ -41,12 +64,10 @@ isPowerOfTen(T value)
 /** MantissaRange defines a range for the mantissa of a normalized Number.
  *
  * The mantissa is in the range [min, max], where
- * * min is a power of 10, and
- * * max = min * 10 - 1.
  *
  * The mantissa_scale enum indicates whether the range is "small" or "large".
  * This intentionally restricts the number of MantissaRanges that can be
- * instantiated to two: one for each scale.
+ * used to two: one for each scale.
  *
  * The "small" scale is based on the behavior of STAmount for IOUs. It has a min
  * value of 10^15, and a max value of 10^16-1. This was sufficient for
@@ -60,8 +81,8 @@ isPowerOfTen(T value)
  * "large" scale.
  *
  * The "large" scale is intended to represent all values that can be represented
- * by an STAmount - IOUs, XRP, and MPTs. It has a min value of 10^18, and a max
- * value of 10^19-1.
+ * by an STAmount - IOUs, XRP, and MPTs. It has a min value of 2^63/10+1
+ * (truncated), and a max value of 2^63-1.
  *
  * Note that if the mentioned amendments are eventually retired, this class
  * should be left in place, but the "small" scale option should be removed. This
@@ -73,25 +94,50 @@ struct MantissaRange
     enum mantissa_scale { small, large };
 
     explicit constexpr MantissaRange(mantissa_scale scale_)
-        : min(getMin(scale_)), max(min * 10 - 1), log(logTen(min).value_or(-1)), scale(scale_)
+        : max(getMax(scale_))
+        , min(computeMin(max))
+        , referenceMin(getReferenceMin(scale_, min))
+        , log(computeLog(min))
+        , scale(scale_)
     {
+        // Since this is constexpr, if any of these throw, it won't compile
+        if (min * 10 <= max)
+            throw std::out_of_range("min * 10 <= max");
+        if (max / 10 >= min)
+            throw std::out_of_range("max / 10 >= min");
+        if ((min - 1) * 10 > max)
+            throw std::out_of_range("(min - 1) * 10 > max");
+        // This is a little hacky
+        if ((max + 10) / 10 < min)
+            throw std::out_of_range("(max + 10) / 10 < min");
     }
 
-    rep min;
+    // Explicitly delete copy and move operations
+    MantissaRange(MantissaRange const&) = delete;
+    MantissaRange(MantissaRange&&) = delete;
+    MantissaRange&
+    operator=(MantissaRange const&) = delete;
+    MantissaRange&
+    operator=(MantissaRange&&) = delete;
+
     rep max;
+    rep min;
+    // This is not a great name. Used to determine if mantissas are in range,
+    // but have fewer digits than max
+    rep referenceMin;
     int log;
     mantissa_scale scale;
 
 private:
     static constexpr rep
-    getMin(mantissa_scale scale_)
+    getMax(mantissa_scale scale)
     {
-        switch (scale_)
+        switch (scale)
         {
             case small:
-                return 1'000'000'000'000'000ULL;
+                return 9'999'999'999'999'999ULL;
             case large:
-                return 1'000'000'000'000'000'000ULL;
+                return std::numeric_limits<std::int64_t>::max();
             default:
                 // Since this can never be called outside a non-constexpr
                 // context, this throw assures that the build fails if an
@@ -99,12 +145,52 @@ private:
                 throw std::runtime_error("Unknown mantissa scale");
         }
     }
+
+    static constexpr rep
+    computeMin(rep max)
+    {
+        return max / 10 + 1;
+    }
+
+    static constexpr rep
+    getReferenceMin(mantissa_scale scale, rep min)
+    {
+        switch (scale)
+        {
+            case large:
+                return 1'000'000'000'000'000'000ULL;
+            default:
+                if (isPowerOfTen(min))
+                    return min;
+                throw std::runtime_error("Unknown/bad mantissa scale");
+        }
+    }
+
+    static constexpr rep
+    computeLog(rep min)
+    {
+        auto const estimate = logTenEstimate(min);
+        return estimate.first + (estimate.second == 1 ? 0 : 1);
+    }
 };
 
 // Like std::integral, but only 64-bit integral types.
 template <class T>
 concept Integral64 = std::is_same_v<T, std::int64_t> || std::is_same_v<T, std::uint64_t>;
 
+namespace detail {
+#ifdef _MSC_VER
+using uint128_t = boost::multiprecision::uint128_t;
+using int128_t = boost::multiprecision::int128_t;
+#else   // !defined(_MSC_VER)
+using uint128_t = __uint128_t;
+using int128_t = __int128_t;
+#endif  // !defined(_MSC_VER)
+
+template <class T>
+concept UnsignedMantissa = std::is_unsigned_v<T> || std::is_same_v<T, uint128_t>;
+}  // namespace detail
+
 /** Number is a floating point type that can represent a wide range of values.
  *
  * It can represent all values that can be represented by an STAmount -
@@ -132,9 +218,7 @@ concept Integral64 = std::is_same_v<T, std::int64_t> || std::is_same_v<T, std::u
  *   1. Normalization can be disabled by using the "unchecked" ctor tag. This
  *      should only be used at specific conversion points, some constexpr
  *      values, and in unit tests.
- *   2. The max of the "large" range, 10^19-1, is the largest 10^X-1 value that
- *      fits in an unsigned 64-bit number. (10^19-1 < 2^64-1 and
- *      10^20-1 > 2^64-1). This avoids under- and overflows.
+ *   2. The max of the "large" range, 2^63-1, TODO: explain the large range.
  *
  * ---- External Interface ----
  *
@@ -148,7 +232,7 @@ concept Integral64 = std::is_same_v<T, std::int64_t> || std::is_same_v<T, std::u
  *
  * Note:
  *   1. 2^63-1 is between 10^18 and 10^19-1, which are the limits of the "large"
- *      mantissa range.
+ *      mantissa range. TODO: update this explanation.
  *   2. The functions mantissa() and exponent() return the external view of the
  *      Number value, specifically using a signed 63-bit mantissa. This may
  *      require altering the internal representation to fit into that range
@@ -208,8 +292,7 @@ class Number
     using rep = std::int64_t;
     using internalrep = MantissaRange::rep;
 
-    bool negative_{false};
-    internalrep mantissa_{0};
+    rep mantissa_{0};
     int exponent_{std::numeric_limits<int>::lowest()};
 
 public:
@@ -217,9 +300,11 @@ public:
     constexpr static int minExponent = -32768;
     constexpr static int maxExponent = 32768;
 
+#if MAXREP
     constexpr static internalrep maxRep = std::numeric_limits<rep>::max();
     static_assert(maxRep == 9'223'372'036'854'775'807);
     static_assert(-maxRep == std::numeric_limits<rep>::min() + 1);
+#endif
 
     // May need to make unchecked private
     struct unchecked
@@ -298,8 +383,7 @@ public:
     friend constexpr bool
     operator==(Number const& x, Number const& y) noexcept
     {
-        return x.negative_ == y.negative_ && x.mantissa_ == y.mantissa_ &&
-            x.exponent_ == y.exponent_;
+        return x.mantissa_ == y.mantissa_ && x.exponent_ == y.exponent_;
     }
 
     friend constexpr bool
@@ -313,8 +397,8 @@ public:
     {
         // If the two amounts have different signs (zero is treated as positive)
         // then the comparison is true iff the left is negative.
-        bool const lneg = x.negative_;
-        bool const rneg = y.negative_;
+        bool const lneg = x.mantissa_ < 0;
+        bool const rneg = y.mantissa_ < 0;
 
         if (lneg != rneg)
             return lneg;
@@ -342,7 +426,7 @@ public:
     constexpr int
     signum() const noexcept
     {
-        return negative_ ? -1 : (mantissa_ ? 1 : 0);
+        return mantissa_ < 0 ? -1 : (mantissa_ ? 1 : 0);
     }
 
     Number
@@ -381,6 +465,9 @@ public:
     friend Number
     root2(Number f);
 
+    friend Number
+    power(Number const& f, unsigned n, unsigned d);
+
     // Thread local rounding control.  Default is to_nearest
     enum rounding_mode { to_nearest, towards_zero, downward, upward };
     static rounding_mode
@@ -445,22 +532,48 @@ private:
     static_assert(isPowerOfTen(smallRange.min));
     static_assert(smallRange.min == 1'000'000'000'000'000LL);
     static_assert(smallRange.max == 9'999'999'999'999'999LL);
+    static_assert(smallRange.referenceMin == smallRange.min);
     static_assert(smallRange.log == 15);
+#if MAXREP
     static_assert(smallRange.min < maxRep);
     static_assert(smallRange.max < maxRep);
+#endif
     constexpr static MantissaRange largeRange{MantissaRange::large};
-    static_assert(isPowerOfTen(largeRange.min));
-    static_assert(largeRange.min == 1'000'000'000'000'000'000ULL);
-    static_assert(largeRange.max == internalrep(9'999'999'999'999'999'999ULL));
+    static_assert(!isPowerOfTen(largeRange.min));
+    static_assert(largeRange.min == 922'337'203'685'477'581ULL);
+    static_assert(largeRange.max == internalrep(9'223'372'036'854'775'807ULL));
+    static_assert(largeRange.max == std::numeric_limits<rep>::max());
+    static_assert(largeRange.referenceMin == 1'000'000'000'000'000'000ULL);
     static_assert(largeRange.log == 18);
+    // There are 2 values that will not fit in largeRange without some extra
+    // work
+    // * 9223372036854775808
+    // * 9223372036854775809
+    // They both end up < min, but with a leftover. If they round up, everything
+    // will be fine. If they don't, well need to bring them up into range.
+    // Guard::bringIntoRange handles this situation.
+
+#if MAXREP
     static_assert(largeRange.min < maxRep);
     static_assert(largeRange.max > maxRep);
+#endif
 
     // The range for the mantissa when normalized.
     // Use reference_wrapper to avoid making copies, and prevent accidentally
     // changing the values inside the range.
     static thread_local std::reference_wrapper<MantissaRange const> range_;
 
+    // And one is needed because it needs to choose between oneSmall and
+    // oneLarge based on the current range
+    static Number
+    one(MantissaRange const& range);
+
+    static Number
+    root(MantissaRange const& range, Number f, unsigned d);
+
+    void
+    normalize(MantissaRange const& range);
+
     void
     normalize();
 
@@ -483,11 +596,14 @@ private:
     friend void
     doNormalize(
         bool& negative,
-        T& mantissa_,
-        int& exponent_,
+        T& mantissa,
+        int& exponent,
         MantissaRange::rep const& minMantissa,
         MantissaRange::rep const& maxMantissa);
 
+    bool
+    isnormal(MantissaRange const& range) const noexcept;
+
     bool
     isnormal() const noexcept;
 
@@ -504,7 +620,56 @@ private:
     static internalrep
     externalToInternal(rep mantissa);
 
+    /** Breaks down the number into components, potentially de-normalizing it.
+     *
+     * Ensures that the mantissa always has range_.log + 1 digits.
+     *
+     */
+    template <detail::UnsignedMantissa Rep = internalrep>
+    std::tuple<bool, Rep, int>
+    toInternal(MantissaRange const& range) const;
+
+    /** Breaks down the number into components, potentially de-normalizing it.
+     *
+     * Ensures that the mantissa always has range_.log + 1 digits.
+     *
+     */
+    template <detail::UnsignedMantissa Rep = internalrep>
+    std::tuple<bool, Rep, int>
+    toInternal() const;
+
+    /** Rebuilds the number from components.
+     *
+     * If "normalized" is true, the values are expected to be normalized - all
+     * in their valid ranges.
+     *
+     * If "normalized" is false, the values are expected to be "near
+     * normalized", meaning that the mantissa has to be modified at most once to
+     * bring it back into range.
+     *
+     */
+    template <bool expectNormal = true, detail::UnsignedMantissa Rep = internalrep>
+    void
+    fromInternal(bool negative, Rep mantissa, int exponent, MantissaRange const* pRange);
+
+    /** Rebuilds the number from components.
+     *
+     * If "normalized" is true, the values are expected to be normalized - all
+     * in their valid ranges.
+     *
+     * If "normalized" is false, the values are expected to be "near
+     * normalized", meaning that the mantissa has to be modified at most once to
+     * bring it back into range.
+     *
+     */
+    template <bool expectNormal = true, detail::UnsignedMantissa Rep = internalrep>
+    void
+    fromInternal(bool negative, Rep mantissa, int exponent);
+
     class Guard;
+
+public:
+    constexpr static internalrep largestMantissa = largeRange.max;
 };
 
 inline constexpr Number::Number(
@@ -512,7 +677,7 @@ inline constexpr Number::Number(
     internalrep mantissa,
     int exponent,
     unchecked) noexcept
-    : negative_(negative), mantissa_{mantissa}, exponent_{exponent}
+    : mantissa_{(negative ? -1 : 1) * static_cast<rep>(mantissa)}, exponent_{exponent}
 {
 }
 
@@ -523,12 +688,6 @@ inline constexpr Number::Number(internalrep mantissa, int exponent, unchecked) n
 
 constexpr static Number numZero{};
 
-inline Number::Number(bool negative, internalrep mantissa, int exponent, normalized)
-    : Number(negative, mantissa, exponent, unchecked{})
-{
-    normalize();
-}
-
 inline Number::Number(internalrep mantissa, int exponent, normalized)
     : Number(false, mantissa, exponent, normalized{})
 {
@@ -551,17 +710,7 @@ inline Number::Number(rep mantissa) : Number{mantissa, 0}
 inline constexpr Number::rep
 Number::mantissa() const noexcept
 {
-    auto m = mantissa_;
-    if (m > maxRep)
-    {
-        XRPL_ASSERT_PARTS(
-            !isnormal() || (m % 10 == 0 && m / 10 <= maxRep),
-            "xrpl::Number::mantissa",
-            "large normalized mantissa has no remainder");
-        m /= 10;
-    }
-    auto const sign = negative_ ? -1 : 1;
-    return sign * static_cast<Number::rep>(m);
+    return mantissa_;
 }
 
 /** Returns the exponent of the external view of the Number.
@@ -572,16 +721,7 @@ Number::mantissa() const noexcept
 inline constexpr int
 Number::exponent() const noexcept
 {
-    auto e = exponent_;
-    if (mantissa_ > maxRep)
-    {
-        XRPL_ASSERT_PARTS(
-            !isnormal() || (mantissa_ % 10 == 0 && mantissa_ / 10 <= maxRep),
-            "xrpl::Number::exponent",
-            "large normalized mantissa has no remainder");
-        ++e;
-    }
-    return e;
+    return exponent_;
 }
 
 inline constexpr Number
@@ -596,7 +736,7 @@ Number::operator-() const noexcept
     if (mantissa_ == 0)
         return Number{};
     auto x = *this;
-    x.negative_ = !x.negative_;
+    x.mantissa_ = -1 * x.mantissa_;
     return x;
 }
 
@@ -677,42 +817,61 @@ Number::min() noexcept
 inline Number
 Number::max() noexcept
 {
-    return Number{false, std::min(range_.get().max, maxRep), maxExponent, unchecked{}};
+    return Number{false, range_.get().max, maxExponent, unchecked{}};
 }
 
 inline Number
 Number::lowest() noexcept
 {
-    return Number{true, std::min(range_.get().max, maxRep), maxExponent, unchecked{}};
+    return Number{true, range_.get().max, maxExponent, unchecked{}};
+}
+
+inline bool
+Number::isnormal(MantissaRange const& range) const noexcept
+{
+    auto const abs_m = mantissa_ < 0 ? -mantissa_ : mantissa_;
+
+    return *this == Number{} ||
+        (range.min <= abs_m && abs_m <= range.max &&  //
+         minExponent <= exponent_ && exponent_ <= maxExponent);
 }
 
 inline bool
 Number::isnormal() const noexcept
 {
-    MantissaRange const& range = range_;
-    auto const abs_m = mantissa_;
-    return *this == Number{} ||
-        (range.min <= abs_m && abs_m <= range.max && (abs_m <= maxRep || abs_m % 10 == 0) &&
-         minExponent <= exponent_ && exponent_ <= maxExponent);
+    return isnormal(range_);
 }
 
 template <Integral64 T>
 std::pair<T, int>
 Number::normalizeToRange(T minMantissa, T maxMantissa) const
 {
-    bool negative = negative_;
-    internalrep mantissa = mantissa_;
+    bool negative = mantissa_ < 0;
+    auto const sign = negative ? -1 : 1;
+    internalrep mantissa = sign * mantissa_;
     int exponent = exponent_;
 
     if constexpr (std::is_unsigned_v<T>)
+    {
         XRPL_ASSERT_PARTS(
             !negative,
             "xrpl::Number::normalizeToRange",
             "Number is non-negative for unsigned range.");
+        // To avoid logical errors in release builds, throw if the Number is
+        // negative for an unsigned range.
+        if (negative)
+            throw std::runtime_error(
+                "Number::normalizeToRange: Number is negative for "
+                "unsigned range.");
+    }
     Number::normalize(negative, mantissa, exponent, minMantissa, maxMantissa);
 
-    auto const sign = negative ? -1 : 1;
-    return std::make_pair(static_cast<T>(sign * mantissa), exponent);
+    // Cast mantissa to signed type first (if T is a signed type) to avoid
+    // unsigned integer overflow when multiplying by negative sign
+    T signedMantissa = static_cast<T>(mantissa);
+    if (negative)
+        signedMantissa = -signedMantissa;
+    return std::make_pair(signedMantissa, exponent);
 }
 
 inline constexpr Number

include/xrpl/basics/base_uint.h

@@ -359,6 +359,7 @@ public:
     base_uint&
     operator&=(base_uint const& b)
     {
+        XRPL_ASSERT(WIDTH == b.WIDTH, "input size mismatch");
         for (int i = 0; i < WIDTH; i++)
             data_[i] &= b.data_[i];
 

include/xrpl/basics/contract.h

@@ -1,5 +1,6 @@
 #pragma once
 
+#include <xrpl/basics/sanitizers.h>
 #include <xrpl/beast/type_name.h>
 
 #include <exception>
@@ -24,7 +25,7 @@ LogThrow(std::string const& title);
     control to the next matching exception handler, if any.
     Otherwise, std::terminate will be called.
 */
-[[noreturn]] inline void
+[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
 Rethrow()
 {
     LogThrow("Re-throwing exception");
@@ -32,7 +33,7 @@ Rethrow()
 }
 
 template <class E, class... Args>
-[[noreturn]] inline void
+[[noreturn]] XRPL_NO_SANITIZE_ADDRESS inline void
 Throw(Args&&... args)
 {
     static_assert(

include/xrpl/basics/sanitizers.h

@@ -0,0 +1,6 @@
+// Helper to disable ASan/HwASan for specific functions
+#if defined(__GNUC__) || defined(__clang__)
+#define XRPL_NO_SANITIZE_ADDRESS __attribute__((no_sanitize("address", "hwaddress")))
+#else
+#define XRPL_NO_SANITIZE_ADDRESS
+#endif

include/xrpl/beast/core/SemanticVersion.h

@@ -1,7 +1,6 @@
 #pragma once
 
 #include <string>
-#include <string_view>
 #include <vector>
 
 namespace beast {
@@ -27,14 +26,14 @@ public:
 
     SemanticVersion();
 
-    SemanticVersion(std::string_view version);
+    SemanticVersion(std::string const& version);
 
     /** Parse a semantic version string.
         The parsing is as strict as possible.
         @return `true` if the string was parsed.
     */
     bool
-    parse(std::string_view input);
+    parse(std::string const& input);
 
     /** Produce a string from semantic version components. */
     std::string

include/xrpl/core/Coro.ipp

@@ -1,7 +1,5 @@
 #pragma once
 
-#include <xrpl/basics/ByteUtilities.h>
-
 namespace xrpl {
 
 template <class F>
@@ -10,17 +8,15 @@ JobQueue::Coro::Coro(Coro_create_t, JobQueue& jq, JobType type, std::string cons
     , type_(type)
     , name_(name)
     , running_(false)
-    , coro_(
-          [this, fn = std::forward<F>(f)](
-              boost::coroutines::asymmetric_coroutine<void>::push_type& do_yield) {
-              yield_ = &do_yield;
-              yield();
-              fn(shared_from_this());
+    , coro_([this, fn = std::forward<F>(f)](
+                boost::coroutines2::asymmetric_coroutine<void>::push_type& do_yield) {
+        yield_ = &do_yield;
+        yield();
+        fn(shared_from_this());
 #ifndef NDEBUG
-              finished_ = true;
+        finished_ = true;
 #endif
-          },
-          boost::coroutines::attributes(megabytes(1)))
+    })
 {
 }
 
@@ -80,6 +76,7 @@ JobQueue::Coro::resume()
     coro_();
     detail::getLocalValues().release();
     detail::getLocalValues().reset(saved);
+
     std::lock_guard lk(mutex_run_);
     running_ = false;
     cv_.notify_all();

include/xrpl/core/JobQueue.h

@@ -7,7 +7,7 @@
 #include <xrpl/core/detail/Workers.h>
 #include <xrpl/json/json_value.h>
 
-#include <boost/coroutine/all.hpp>
+#include <boost/coroutine2/all.hpp>
 
 #include <set>
 
@@ -48,8 +48,8 @@ public:
         std::mutex mutex_;
         std::mutex mutex_run_;
         std::condition_variable cv_;
-        boost::coroutines::asymmetric_coroutine<void>::pull_type coro_;
-        boost::coroutines::asymmetric_coroutine<void>::push_type* yield_;
+        boost::coroutines2::coroutine<void>::pull_type coro_;
+        boost::coroutines2::coroutine<void>::push_type* yield_;
 #ifndef NDEBUG
         bool finished_ = false;
 #endif

include/xrpl/git/Git.h

@@ -1,13 +0,0 @@
-#pragma once
-
-#include <string>
-
-namespace xrpl::git {
-
-std::string const&
-getCommitHash();
-
-std::string const&
-getBuildBranch();
-
-}  // namespace xrpl::git

include/xrpl/ledger/detail/ApplyStateTable.h

@@ -64,6 +64,11 @@ public:
     std::shared_ptr<SLE const>
     read(ReadView const& base, Keylet const& k) const;
 
+    /** Check only local items without delegating to base.
+        Returns std::nullopt if key not found locally. */
+    std::optional<std::shared_ptr<SLE const>>
+    readLocal(Keylet const& k) const;
+
     std::shared_ptr<SLE>
     peek(ReadView const& base, Keylet const& k);
 

include/xrpl/ledger/detail/RawStateTable.h

@@ -23,13 +23,13 @@ public:
     static constexpr size_t initialBufferSize = kilobytes(256);
 
     RawStateTable()
-        : monotonic_resource_{
-              std::make_unique<boost::container::pmr::monotonic_buffer_resource>(initialBufferSize)}
+        : monotonic_resource_{std::make_unique<boost::container::pmr::monotonic_buffer_resource>(
+              initialBufferSize)}
         , items_{monotonic_resource_.get()} {};
 
     RawStateTable(RawStateTable const& rhs)
-        : monotonic_resource_{
-              std::make_unique<boost::container::pmr::monotonic_buffer_resource>(initialBufferSize)}
+        : monotonic_resource_{std::make_unique<boost::container::pmr::monotonic_buffer_resource>(
+              initialBufferSize)}
         , items_{rhs.items_, monotonic_resource_.get()}
         , dropsDestroyed_{rhs.dropsDestroyed_} {};
 

include/xrpl/net/HTTPClient.h

@@ -29,6 +29,9 @@ public:
         bool sslVerify,
         beast::Journal j);
 
+    static void
+    cleanupSSLContext();
+
     static void
     get(bool bSSL,
         boost::asio::io_context& io_context,

include/xrpl/nodestore/Backend.h

@@ -77,16 +77,16 @@ public:
         If the object is not found or an error is encountered, the
         result will indicate the condition.
         @note This will be called concurrently.
-        @param hash The hash of the object.
+        @param key A pointer to the key data.
         @param pObject [out] The created object if successful.
         @return The result of the operation.
     */
     virtual Status
-    fetch(uint256 const& hash, std::shared_ptr<NodeObject>* pObject) = 0;
+    fetch(void const* key, std::shared_ptr<NodeObject>* pObject) = 0;
 
     /** Fetch a batch synchronously. */
     virtual std::pair<std::vector<std::shared_ptr<NodeObject>>, Status>
-    fetchBatch(std::vector<uint256> const& hashes) = 0;
+    fetchBatch(std::vector<uint256 const*> const& hashes) = 0;
 
     /** Store a single object.
         Depending on the implementation this may happen immediately

include/xrpl/protocol/BuildInfo.h

@@ -49,7 +49,7 @@ getFullVersionString();
     @return the encoded version in a 64-bit integer
 */
 std::uint64_t
-encodeSoftwareVersion(std::string_view versionStr);
+encodeSoftwareVersion(char const* const versionStr);
 
 /** Returns this server's version packed in a 64-bit integer. */
 std::uint64_t

include/xrpl/protocol/ErrorCodes.h

@@ -234,7 +234,7 @@ missing_field_error(std::string const& name)
 }
 
 inline Json::Value
-missing_field_error(Json::StaticString name)
+missing_field_error(Json::StaticString const& name)
 {
     return missing_field_error(std::string(name));
 }
@@ -252,7 +252,7 @@ object_field_error(std::string const& name)
 }
 
 inline Json::Value
-object_field_error(Json::StaticString name)
+object_field_error(Json::StaticString const& name)
 {
     return object_field_error(std::string(name));
 }
@@ -264,7 +264,7 @@ invalid_field_message(std::string const& name)
 }
 
 inline std::string
-invalid_field_message(Json::StaticString name)
+invalid_field_message(Json::StaticString const& name)
 {
     return invalid_field_message(std::string(name));
 }
@@ -276,7 +276,7 @@ invalid_field_error(std::string const& name)
 }
 
 inline Json::Value
-invalid_field_error(Json::StaticString name)
+invalid_field_error(Json::StaticString const& name)
 {
     return invalid_field_error(std::string(name));
 }
@@ -288,7 +288,7 @@ expected_field_message(std::string const& name, std::string const& type)
 }
 
 inline std::string
-expected_field_message(Json::StaticString name, std::string const& type)
+expected_field_message(Json::StaticString const& name, std::string const& type)
 {
     return expected_field_message(std::string(name), type);
 }
@@ -300,7 +300,7 @@ expected_field_error(std::string const& name, std::string const& type)
 }
 
 inline Json::Value
-expected_field_error(Json::StaticString name, std::string const& type)
+expected_field_error(Json::StaticString const& name, std::string const& type)
 {
     return expected_field_error(std::string(name), type);
 }

include/xrpl/protocol/KnownFormats.h

@@ -30,11 +30,9 @@ public:
         Item(
             char const* name,
             KeyType type,
-            std::vector<SOElement> uniqueFields,
-            std::vector<SOElement> commonFields)
-            : soTemplate_(std::move(uniqueFields), std::move(commonFields))
-            , name_(name)
-            , type_(type)
+            std::initializer_list<SOElement> uniqueFields,
+            std::initializer_list<SOElement> commonFields)
+            : soTemplate_(uniqueFields, commonFields), name_(name), type_(type)
         {
             // Verify that KeyType is appropriate.
             static_assert(
@@ -144,16 +142,16 @@ protected:
 
         @param name The name of this format.
         @param type The type of this format.
-        @param uniqueFields A std::vector of unique fields
-        @param commonFields A std::vector of common fields
+        @param uniqueFields An std::initializer_list of unique fields
+        @param commonFields An std::initializer_list of common fields
 
         @return The created format.
     */
     Item const&
     add(char const* name,
         KeyType type,
-        std::vector<SOElement> uniqueFields,
-        std::vector<SOElement> commonFields = {})
+        std::initializer_list<SOElement> uniqueFields,
+        std::initializer_list<SOElement> commonFields = {})
     {
         if (auto const item = findByType(type))
         {
@@ -162,7 +160,7 @@ protected:
                 item->getName());
         }
 
-        formats_.emplace_front(name, type, std::move(uniqueFields), std::move(commonFields));
+        formats_.emplace_front(name, type, uniqueFields, commonFields);
         Item const& item{formats_.front()};
 
         names_[name] = &item;

include/xrpl/protocol/LedgerFormats.h

@@ -2,34 +2,36 @@
 
 #include <xrpl/protocol/KnownFormats.h>
 
-#include <map>
-#include <string>
-#include <vector>
-
 namespace xrpl {
+
 /** Identifiers for on-ledger objects.
 
-    Each ledger object requires a unique type identifier, which is stored within the object itself;
-   this makes it possible to iterate the entire ledger and determine each object's type and verify
-   that the object you retrieved from a given hash matches the expected type.
+    Each ledger object requires a unique type identifier, which is stored
+    within the object itself; this makes it possible to iterate the entire
+    ledger and determine each object's type and verify that the object you
+    retrieved from a given hash matches the expected type.
 
-    @warning Since these values are stored inside objects stored on the ledger they are part of the
-   protocol.
-   **Changing them should be avoided because without special handling, this will result in a hard
+    @warning Since these values are stored inside objects stored on the ledger
+             they are part of the protocol. **Changing them should be avoided
+             because without special handling, this will result in a hard
    fork.**
 
-    @note Values outside this range may be used internally by the code for various purposes, but
-   attempting to use such values to identify on-ledger objects will result in an invariant failure.
+    @note Values outside this range may be used internally by the code for
+          various purposes, but attempting to use such values to identify
+          on-ledger objects will results in an invariant failure.
 
-    @note When retiring types, the specific values should not be removed but should be marked as
-   [[deprecated]]. This is to avoid accidental reuse of identifiers.
+    @note When retiring types, the specific values should not be removed but
+          should be marked as [[deprecated]]. This is to avoid accidental
+          reuse of identifiers.
 
-    @todo The C++ language does not enable checking for duplicate values here.
-          If it becomes possible then we should do this.
+    @todo The C++ language does not enable checking for duplicate values
+          here. If it becomes possible then we should do this.
 
     @ingroup protocol
 */
-enum LedgerEntryType : std::uint16_t {
+// clang-format off
+enum LedgerEntryType : std::uint16_t
+{
 
 #pragma push_macro("LEDGER_ENTRY")
 #undef LEDGER_ENTRY
@@ -44,10 +46,12 @@ enum LedgerEntryType : std::uint16_t {
     //---------------------------------------------------------------------------
     /** A special type, matching any ledger entry type.
 
-        The value does not represent a concrete type, but rather is used in contexts where the
-       specific type of a ledger object is unimportant, unknown or unavailable.
+        The value does not represent a concrete type, but rather is used in
+        contexts where the specific type of a ledger object is unimportant,
+        unknown or unavailable.
 
-        Objects with this special type cannot be created or stored on the ledger.
+        Objects with this special type cannot be created or stored on the
+        ledger.
 
         \sa keylet::unchecked
     */
@@ -55,11 +59,12 @@ enum LedgerEntryType : std::uint16_t {
 
     /** A special type, matching any ledger type except directory nodes.
 
-        The value does not represent a concrete type, but rather is used in contexts where the
-       ledger object must not be a directory node but its specific type is otherwise unimportant,
-       unknown or unavailable.
+        The value does not represent a concrete type, but rather is used in
+        contexts where the ledger object must not be a directory node but
+        its specific type is otherwise unimportant, unknown or unavailable.
 
-        Objects with this special type cannot be created or stored on the ledger.
+        Objects with this special type cannot be created or stored on the
+        ledger.
 
         \sa keylet::child
      */
@@ -88,188 +93,104 @@ enum LedgerEntryType : std::uint16_t {
                     Support for this type of object was never implemented.
                     No objects of this type were ever created.
      */
-    ltGENERATOR_MAP [[deprecated("This object type is not supported and should not be used.")]] =
-        0x0067,
+    ltGENERATOR_MAP [[deprecated("This object type is not supported and should not be used.")]]  = 0x0067,
 };
-
-/** Ledger object flags.
-
-    These flags are specified in ledger objects and modify their behavior.
-
-    @warning Ledger object flags form part of the protocol.
-    **Changing them should be avoided because without special handling, this will result in a hard
-   fork.**
-
-    @ingroup protocol
-*/
-#pragma push_macro("XMACRO")
-#pragma push_macro("TO_VALUE")
-#pragma push_macro("VALUE_TO_MAP")
-#pragma push_macro("NULL_NAME")
-#pragma push_macro("TO_MAP")
-#pragma push_macro("ALL_LEDGER_FLAGS")
-
-#undef XMACRO
-#undef TO_VALUE
-#undef VALUE_TO_MAP
-#undef NULL_NAME
-#undef TO_MAP
-
-#undef ALL_LEDGER_FLAGS
-
 // clang-format off
 
-#define XMACRO(LEDGER_OBJECT, LSF_FLAG, LSF_FLAG2)                                                                                 \
-    LEDGER_OBJECT(AccountRoot,                                                                                                     \
-        LSF_FLAG(lsfPasswordSpent, 0x00010000)                  /* True, if password set fee is spent. */                          \
-        LSF_FLAG(lsfRequireDestTag, 0x00020000)                 /* True, to require a DestinationTag for payments. */              \
-        LSF_FLAG(lsfRequireAuth, 0x00040000)                    /* True, to require a authorization to hold IOUs. */               \
-        LSF_FLAG(lsfDisallowXRP, 0x00080000)                    /* True, to disallow sending XRP. */                               \
-        LSF_FLAG(lsfDisableMaster, 0x00100000)                  /* True, force regular key */                                      \
-        LSF_FLAG(lsfNoFreeze, 0x00200000)                       /* True, cannot freeze ripple states */                            \
-        LSF_FLAG(lsfGlobalFreeze, 0x00400000)                   /* True, all assets frozen */                                      \
-        LSF_FLAG(lsfDefaultRipple, 0x00800000)                  /* True, incoming trust lines allow rippling by default */         \
-        LSF_FLAG(lsfDepositAuth, 0x01000000)                    /* True, all deposits require authorization */                     \
-        LSF_FLAG(lsfDisallowIncomingNFTokenOffer, 0x04000000)   /* True, reject new incoming NFT offers */                         \
-        LSF_FLAG(lsfDisallowIncomingCheck, 0x08000000)          /* True, reject new checks */                                      \
-        LSF_FLAG(lsfDisallowIncomingPayChan, 0x10000000)        /* True, reject new paychans */                                    \
-        LSF_FLAG(lsfDisallowIncomingTrustline, 0x20000000)      /* True, reject new trustlines (only if no issued assets) */       \
-        LSF_FLAG(lsfAllowTrustLineLocking, 0x40000000)          /* True, enable trustline locking */                               \
-        LSF_FLAG(lsfAllowTrustLineClawback, 0x80000000))        /* True, enable clawback */                                        \
-                                                                                                                                   \
-    LEDGER_OBJECT(Offer,                                                                                                           \
-        LSF_FLAG(lsfPassive, 0x00010000)                                                                                           \
-        LSF_FLAG(lsfSell, 0x00020000)                           /* True, offer was placed as a sell. */                            \
-        LSF_FLAG(lsfHybrid, 0x00040000))                        /* True, offer is hybrid. */                                       \
-                                                                                                                                   \
-    LEDGER_OBJECT(RippleState,                                                                                                     \
-        LSF_FLAG(lsfLowReserve, 0x00010000)                     /* True, if entry counts toward reserve. */                        \
-        LSF_FLAG(lsfHighReserve, 0x00020000)                                                                                       \
-        LSF_FLAG(lsfLowAuth, 0x00040000)                                                                                           \
-        LSF_FLAG(lsfHighAuth, 0x00080000)                                                                                          \
-        LSF_FLAG(lsfLowNoRipple, 0x00100000)                                                                                       \
-        LSF_FLAG(lsfHighNoRipple, 0x00200000)                                                                                      \
-        LSF_FLAG(lsfLowFreeze, 0x00400000)                      /* True, low side has set freeze flag */                           \
-        LSF_FLAG(lsfHighFreeze, 0x00800000)                     /* True, high side has set freeze flag */                          \
-        LSF_FLAG(lsfAMMNode, 0x01000000)                        /* True, trust line to AMM. */                                     \
-                                                                /* Used by client apps to identify payments via AMM. */            \
-        LSF_FLAG(lsfLowDeepFreeze, 0x02000000)                  /* True, low side has set deep freeze flag */                      \
-        LSF_FLAG(lsfHighDeepFreeze, 0x04000000))                /* True, high side has set deep freeze flag */                     \
-                                                                                                                                   \
-    LEDGER_OBJECT(SignerList,                                                                                                      \
-        LSF_FLAG(lsfOneOwnerCount, 0x00010000))                 /* True, uses only one OwnerCount */                               \
-                                                                                                                                   \
-    LEDGER_OBJECT(DirNode,                                                                                                         \
-        LSF_FLAG(lsfNFTokenBuyOffers, 0x00000001)                                                                                  \
-        LSF_FLAG(lsfNFTokenSellOffers, 0x00000002))                                                                                \
-                                                                                                                                   \
-    LEDGER_OBJECT(NFTokenOffer,                                                                                                    \
-        LSF_FLAG(lsfSellNFToken, 0x00000001))                                                                                      \
-                                                                                                                                   \
-    LEDGER_OBJECT(MPTokenIssuance,                                                                                                 \
-        LSF_FLAG(lsfMPTLocked, 0x00000001)                      /* Also used in ltMPTOKEN */                                       \
-        LSF_FLAG(lsfMPTCanLock, 0x00000002)                                                                                        \
-        LSF_FLAG(lsfMPTRequireAuth, 0x00000004)                                                                                    \
-        LSF_FLAG(lsfMPTCanEscrow, 0x00000008)                                                                                      \
-        LSF_FLAG(lsfMPTCanTrade, 0x00000010)                                                                                       \
-        LSF_FLAG(lsfMPTCanTransfer, 0x00000020)                                                                                    \
-        LSF_FLAG(lsfMPTCanClawback, 0x00000040))                                                                                   \
-                                                                                                                                   \
-    LEDGER_OBJECT(MPTokenIssuanceMutable,                                                                                          \
-        LSF_FLAG(lsmfMPTCanMutateCanLock, 0x00000002)                                                                              \
-        LSF_FLAG(lsmfMPTCanMutateRequireAuth, 0x00000004)                                                                          \
-        LSF_FLAG(lsmfMPTCanMutateCanEscrow, 0x00000008)                                                                            \
-        LSF_FLAG(lsmfMPTCanMutateCanTrade, 0x00000010)                                                                             \
-        LSF_FLAG(lsmfMPTCanMutateCanTransfer, 0x00000020)                                                                          \
-        LSF_FLAG(lsmfMPTCanMutateCanClawback, 0x00000040)                                                                          \
-        LSF_FLAG(lsmfMPTCanMutateMetadata, 0x00010000)                                                                             \
-        LSF_FLAG(lsmfMPTCanMutateTransferFee, 0x00020000))                                                                         \
-                                                                                                                                   \
-    LEDGER_OBJECT(MPToken,                                                                                                         \
-        LSF_FLAG2(lsfMPTLocked, 0x00000001)                                                                                        \
-        LSF_FLAG(lsfMPTAuthorized, 0x00000002))                                                                                    \
-                                                                                                                                   \
-    LEDGER_OBJECT(Credential,                                                                                                      \
-        LSF_FLAG(lsfAccepted, 0x00010000))                                                                                         \
-                                                                                                                                   \
-    LEDGER_OBJECT(Vault,                                                                                                           \
-        LSF_FLAG(lsfVaultPrivate, 0x00010000))                                                                                     \
-                                                                                                                                   \
-    LEDGER_OBJECT(Loan,                                                                                                            \
-        LSF_FLAG(lsfLoanDefault, 0x00010000)                                                                                       \
-        LSF_FLAG(lsfLoanImpaired, 0x00020000)                                                                                      \
-        LSF_FLAG(lsfLoanOverpayment, 0x00040000))               /* True, loan allows overpayments */
+/**
+    @ingroup protocol
+*/
+enum LedgerSpecificFlags {
+    // ltACCOUNT_ROOT
+    lsfPasswordSpent = 0x00010000,  // True, if password set fee is spent.
+    lsfRequireDestTag =
+        0x00020000,  // True, to require a DestinationTag for payments.
+    lsfRequireAuth =
+        0x00040000,  // True, to require a authorization to hold IOUs.
+    lsfDisallowXRP = 0x00080000,    // True, to disallow sending XRP.
+    lsfDisableMaster = 0x00100000,  // True, force regular key
+    lsfNoFreeze = 0x00200000,       // True, cannot freeze ripple states
+    lsfGlobalFreeze = 0x00400000,   // True, all assets frozen
+    lsfDefaultRipple =
+        0x00800000,               // True, incoming trust lines allow rippling by default
+    lsfDepositAuth = 0x01000000,  // True, all deposits require authorization
+/*  // reserved for Hooks amendment
+    lsfTshCollect = 0x02000000,     // True, allow TSH collect-calls to acc hooks
+*/
+    lsfDisallowIncomingNFTokenOffer =
+        0x04000000,               // True, reject new incoming NFT offers
+    lsfDisallowIncomingCheck =
+        0x08000000,               // True, reject new checks
+    lsfDisallowIncomingPayChan =
+        0x10000000,               // True, reject new paychans
+    lsfDisallowIncomingTrustline =
+        0x20000000,               // True, reject new trustlines (only if no issued assets)
+    lsfAllowTrustLineLocking =
+        0x40000000,               // True, enable trustline locking
+    lsfAllowTrustLineClawback =
+        0x80000000,               // True, enable clawback
 
-// clang-format on
+    // ltOFFER
+    lsfPassive = 0x00010000,
+    lsfSell = 0x00020000,  // True, offer was placed as a sell.
+    lsfHybrid = 0x00040000,  // True, offer is hybrid.
 
-// Create all the flag values as an enum.
-//
-// example:
-// enum LedgerSpecificFlags {
-//     lsfPasswordSpent = 0x00010000,
-//     lsfRequireDestTag = 0x00020000,
-//     ...
-// };
-#define TO_VALUE(name, value) name = value,
-#define NULL_NAME(name, values) values
-#define NULL_OUTPUT(name, value)
-enum LedgerSpecificFlags : std::uint32_t { XMACRO(NULL_NAME, TO_VALUE, NULL_OUTPUT) };
+    // ltRIPPLE_STATE
+    lsfLowReserve = 0x00010000,  // True, if entry counts toward reserve.
+    lsfHighReserve = 0x00020000,
+    lsfLowAuth = 0x00040000,
+    lsfHighAuth = 0x00080000,
+    lsfLowNoRipple = 0x00100000,
+    lsfHighNoRipple = 0x00200000,
+    lsfLowFreeze = 0x00400000,      // True, low side has set freeze flag
+    lsfHighFreeze = 0x00800000,     // True, high side has set freeze flag
+    lsfLowDeepFreeze = 0x02000000,  // True, low side has set deep freeze flag
+    lsfHighDeepFreeze = 0x04000000, // True, high side has set deep freeze flag
+    lsfAMMNode = 0x01000000,        // True, trust line to AMM. Used by client
+                                    // apps to identify payments via AMM.
 
-// Create getter functions for each set of flags using Meyer's singleton pattern.
-// This avoids static initialization order fiasco while still providing efficient access.
-// This is used below in `getAllLedgerFlags()` to generate the server_definitions RPC output.
-//
-// example:
-// inline LedgerFlagMap const& getAccountRootFlags() {
-//     static LedgerFlagMap const flags = {
-//         {"lsfPasswordSpent", 0x00010000},
-//         {"lsfRequireDestTag", 0x00020000},
-//     ...};
-//     return flags;
-// }
-using LedgerFlagMap = std::map<std::string, std::uint32_t>;
-#define VALUE_TO_MAP(name, value) {#name, value},
-#define TO_MAP(name, values)                         \
-    inline LedgerFlagMap const& get##name##Flags()   \
-    {                                                \
-        static LedgerFlagMap const flags = {values}; \
-        return flags;                                \
-    }
-XMACRO(TO_MAP, VALUE_TO_MAP, VALUE_TO_MAP)
+    // ltSIGNER_LIST
+    lsfOneOwnerCount = 0x00010000,  // True, uses only one OwnerCount
 
-// Create a getter function for all ledger flag maps using Meyer's singleton pattern.
-// This is used to generate the server_definitions RPC output.
-//
-// example:
-// inline std::vector<std::pair<std::string, LedgerFlagMap>> const& getAllLedgerFlags() {
-//     static std::vector<std::pair<std::string, LedgerFlagMap>> const flags = {
-//         {"AccountRoot", getAccountRootFlags()},
-//     ...};
-//     return flags;
-// }
-#define ALL_LEDGER_FLAGS(name, values) {#name, get##name##Flags()},
-inline std::vector<std::pair<std::string, LedgerFlagMap>> const&
-getAllLedgerFlags()
-{
-    static std::vector<std::pair<std::string, LedgerFlagMap>> const flags = {
-        XMACRO(ALL_LEDGER_FLAGS, NULL_OUTPUT, NULL_OUTPUT)};
-    return flags;
-}
+    // ltDIR_NODE
+    lsfNFTokenBuyOffers = 0x00000001,
+    lsfNFTokenSellOffers = 0x00000002,
 
-#undef XMACRO
-#undef TO_VALUE
-#undef VALUE_TO_MAP
-#undef NULL_NAME
-#undef NULL_OUTPUT
-#undef TO_MAP
-#undef ALL_LEDGER_FLAGS
+    // ltNFTOKEN_OFFER
+    lsfSellNFToken = 0x00000001,
 
-#pragma pop_macro("XMACRO")
-#pragma pop_macro("TO_VALUE")
-#pragma pop_macro("VALUE_TO_MAP")
-#pragma pop_macro("NULL_NAME")
-#pragma pop_macro("TO_MAP")
-#pragma pop_macro("ALL_LEDGER_FLAGS")
+    // ltMPTOKEN_ISSUANCE
+    lsfMPTLocked = 0x00000001, // Also used in ltMPTOKEN
+    lsfMPTCanLock = 0x00000002,
+    lsfMPTRequireAuth = 0x00000004,
+    lsfMPTCanEscrow = 0x00000008,
+    lsfMPTCanTrade = 0x00000010,
+    lsfMPTCanTransfer = 0x00000020,
+    lsfMPTCanClawback = 0x00000040,
+
+    lsmfMPTCanMutateCanLock = 0x00000002,
+    lsmfMPTCanMutateRequireAuth = 0x00000004,
+    lsmfMPTCanMutateCanEscrow = 0x00000008,
+    lsmfMPTCanMutateCanTrade = 0x00000010,
+    lsmfMPTCanMutateCanTransfer = 0x00000020,
+    lsmfMPTCanMutateCanClawback = 0x00000040,
+    lsmfMPTCanMutateMetadata = 0x00010000,
+    lsmfMPTCanMutateTransferFee = 0x00020000,
+
+    // ltMPTOKEN
+    lsfMPTAuthorized = 0x00000002,
+
+    // ltCREDENTIAL
+    lsfAccepted = 0x00010000,
+
+    // ltVAULT
+    lsfVaultPrivate = 0x00010000,
+
+    // ltLOAN
+    lsfLoanDefault = 0x00010000,
+    lsfLoanImpaired = 0x00020000,
+    lsfLoanOverpayment = 0x00040000, // True, loan allows overpayments
+};
 
 //------------------------------------------------------------------------------
 
@@ -286,10 +207,6 @@ private:
 public:
     static LedgerFormats const&
     getInstance();
-
-    // Fields shared by all ledger entry formats:
-    static std::vector<SOElement> const&
-    getCommonFields();
 };
 
 }  // namespace xrpl

include/xrpl/protocol/Protocol.h

@@ -232,7 +232,7 @@ std::size_t constexpr maxMPTokenMetadataLength = 1024;
 
 /** The maximum amount of MPTokenIssuance */
 std::uint64_t constexpr maxMPTokenAmount = 0x7FFF'FFFF'FFFF'FFFFull;
-static_assert(Number::maxRep >= maxMPTokenAmount);
+static_assert(Number::largestMantissa >= maxMPTokenAmount);
 
 /** The maximum length of Data payload */
 std::size_t constexpr maxDataPayloadLength = 256;

include/xrpl/protocol/SOTemplate.h

@@ -6,7 +6,6 @@
 #include <functional>
 #include <initializer_list>
 #include <stdexcept>
-#include <vector>
 
 namespace xrpl {
 
@@ -98,12 +97,8 @@ public:
     operator=(SOTemplate&& other) = default;
 
     /** Create a template populated with all fields.
-        After creating the template fields cannot be added, modified, or removed.
-    */
-    SOTemplate(std::vector<SOElement> uniqueFields, std::vector<SOElement> commonFields = {});
-
-    /** Create a template populated with all fields.
-        Note: Defers to the vector constructor above.
+        After creating the template fields cannot be
+        added, modified, or removed.
     */
     SOTemplate(
         std::initializer_list<SOElement> uniqueFields,

include/xrpl/protocol/STAmount.h

@@ -539,6 +539,8 @@ STAmount::fromNumber(A const& a, Number const& number)
         return STAmount{asset, intValue, 0, negative};
     }
 
+    XRPL_ASSERT_PARTS(
+        working.signum() >= 0, "xrpl::STAmount::fromNumber", "non-negative Number to normalize");
     auto const [mantissa, exponent] = working.normalizeToRange(cMinValue, cMaxValue);
 
     return STAmount{asset, mantissa, exponent, negative};

include/xrpl/protocol/SystemParameters.h

@@ -23,7 +23,7 @@ systemName()
 /** Number of drops in the genesis account. */
 constexpr XRPAmount INITIAL_XRP{100'000'000'000 * DROPS_PER_XRP};
 static_assert(INITIAL_XRP.drops() == 100'000'000'000'000'000);
-static_assert(Number::maxRep >= INITIAL_XRP.drops());
+static_assert(Number::largestMantissa >= INITIAL_XRP.drops());
 
 /** Returns true if the amount does not exceed the initial XRP in existence. */
 inline bool

include/xrpl/protocol/TxFlags.h

@@ -3,444 +3,294 @@
 #include <xrpl/protocol/LedgerFormats.h>
 
 #include <cstdint>
-#include <map>
-#include <string>
-#include <utility>
-#include <vector>
 
 namespace xrpl {
 
 /** Transaction flags.
 
-    These flags are specified in a transaction's 'Flags' field and modify
-    the behavior of that transaction.
+    These flags are specified in a transaction's 'Flags' field and modify the
+    behavior of that transaction.
 
     There are two types of flags:
 
-        (1) Universal flags: these are flags which apply to, and are interpreted the same way by,
-            all transactions, except, perhaps, to special pseudo-transactions.
+        (1) Universal flags: these are flags which apply to, and are interpreted
+                             the same way by, all transactions, except, perhaps,
+                             to special pseudo-transactions.
 
-        (2) Tx-Specific flags: these are flags which are interpreted according to the type of the
-            transaction being executed. That is, the same numerical flag value may have different
-            effects, depending on the transaction being executed.
+        (2) Tx-Specific flags: these are flags which are interpreted according
+                               to the type of the transaction being executed.
+                               That is, the same numerical flag value may have
+                               different effects, depending on the transaction
+                               being executed.
 
-    @note The universal transaction flags occupy the high-order 8 bits.
-          The tx-specific flags occupy the remaining 24 bits.
+    @note The universal transaction flags occupy the high-order 8 bits. The
+          tx-specific flags occupy the remaining 24 bits.
 
-    @warning Transaction flags form part of the protocol.
-             **Changing them should be avoided because without special handling, this will result in
-             a hard fork.**
+    @warning Transaction flags form part of the protocol. **Changing them
+             should be avoided because without special handling, this will
+             result in a hard fork.**
 
     @ingroup protocol
 */
 
-using FlagValue = std::uint32_t;
-
-// Universal Transaction flags:
-inline constexpr FlagValue tfFullyCanonicalSig = 0x80000000;
-inline constexpr FlagValue tfInnerBatchTxn = 0x40000000;
-inline constexpr FlagValue tfUniversal = tfFullyCanonicalSig | tfInnerBatchTxn;
-inline constexpr FlagValue tfUniversalMask = ~tfUniversal;
-
-#pragma push_macro("XMACRO")
-#pragma push_macro("TO_VALUE")
-#pragma push_macro("VALUE_TO_MAP")
-#pragma push_macro("NULL_NAME")
-#pragma push_macro("NULL_OUTPUT")
-#pragma push_macro("TO_MAP")
-#pragma push_macro("TO_MASK")
-#pragma push_macro("VALUE_TO_MASK")
-#pragma push_macro("ALL_TX_FLAGS")
-#pragma push_macro("NULL_MASK_ADJ")
-#pragma push_macro("MASK_ADJ_TO_MASK")
-
-#undef XMACRO
-#undef TO_VALUE
-#undef VALUE_TO_MAP
-#undef NULL_NAME
-#undef NULL_OUTPUT
-#undef TO_MAP
-#undef TO_MASK
-#undef VALUE_TO_MASK
-#undef NULL_MASK_ADJ
-#undef MASK_ADJ_TO_MASK
-
+// Formatting equals sign aligned 4 spaces after longest prefix, except for
+// wrapped lines
 // clang-format off
-#undef ALL_TX_FLAGS
+// Universal Transaction flags:
+constexpr std::uint32_t tfFullyCanonicalSig                = 0x80000000;
+constexpr std::uint32_t tfInnerBatchTxn                    = 0x40000000;
+constexpr std::uint32_t tfUniversal                        = tfFullyCanonicalSig | tfInnerBatchTxn;
+constexpr std::uint32_t tfUniversalMask                    = ~tfUniversal;
 
-// XMACRO parameters:
-// - TRANSACTION: handles the transaction name, its flags, and mask adjustment
-// - TF_FLAG: defines a new flag constant
-// - TF_FLAG2: references an existing flag constant (no new definition)
-// - MASK_ADJ: specifies flags to add back to the mask (making them invalid for this tx type)
-//
-// Note: MASK_ADJ is used when a universal flag should be invalid for a specific transaction.
-// For example, Batch uses MASK_ADJ(tfInnerBatchTxn) because the outer Batch transaction
-// must not have tfInnerBatchTxn set (only inner transactions should have it).
-//
-// TODO: Consider rewriting this using reflection in C++26 or later. Alternatively this could be a DSL processed by a script at build time.
-#define XMACRO(TRANSACTION, TF_FLAG, TF_FLAG2, MASK_ADJ)                                                                                                       \
-    TRANSACTION(AccountSet,                                                                                                                                    \
-        TF_FLAG(tfRequireDestTag, 0x00010000)                                                                                                                  \
-        TF_FLAG(tfOptionalDestTag, 0x00020000)                                                                                                                 \
-        TF_FLAG(tfRequireAuth, 0x00040000)                                                                                                                     \
-        TF_FLAG(tfOptionalAuth, 0x00080000)                                                                                                                    \
-        TF_FLAG(tfDisallowXRP, 0x00100000)                                                                                                                     \
-        TF_FLAG(tfAllowXRP, 0x00200000),                                                                                                                       \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(OfferCreate,                                                                                                                                   \
-        TF_FLAG(tfPassive, 0x00010000)                                                                                                                         \
-        TF_FLAG(tfImmediateOrCancel, 0x00020000)                                                                                                               \
-        TF_FLAG(tfFillOrKill, 0x00040000)                                                                                                                      \
-        TF_FLAG(tfSell, 0x00080000)                                                                                                                            \
-        TF_FLAG(tfHybrid, 0x00100000),                                                                                                                         \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(Payment,                                                                                                                                       \
-        TF_FLAG(tfNoRippleDirect, 0x00010000)                                                                                                                  \
-        TF_FLAG(tfPartialPayment, 0x00020000)                                                                                                                  \
-        TF_FLAG(tfLimitQuality, 0x00040000),                                                                                                                   \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(TrustSet,                                                                                                                                      \
-        TF_FLAG(tfSetfAuth, 0x00010000)                                                                                                                        \
-        TF_FLAG(tfSetNoRipple, 0x00020000)                                                                                                                     \
-        TF_FLAG(tfClearNoRipple, 0x00040000)                                                                                                                   \
-        TF_FLAG(tfSetFreeze, 0x00100000)                                                                                                                       \
-        TF_FLAG(tfClearFreeze, 0x00200000)                                                                                                                     \
-        TF_FLAG(tfSetDeepFreeze, 0x00400000)                                                                                                                   \
-        TF_FLAG(tfClearDeepFreeze, 0x00800000),                                                                                                                \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(EnableAmendment,                                                                                                                               \
-        TF_FLAG(tfGotMajority, 0x00010000)                                                                                                                     \
-        TF_FLAG(tfLostMajority, 0x00020000),                                                                                                                   \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(PaymentChannelClaim,                                                                                                                           \
-        TF_FLAG(tfRenew, 0x00010000)                                                                                                                           \
-        TF_FLAG(tfClose, 0x00020000),                                                                                                                          \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(NFTokenMint,                                                                                                                                   \
-        TF_FLAG(tfBurnable, 0x00000001)                                                                                                                        \
-        TF_FLAG(tfOnlyXRP, 0x00000002)                                                                                                                         \
-        /* deprecated TF_FLAG(tfTrustLine, 0x00000004) */                                                                                                      \
-        TF_FLAG(tfTransferable, 0x00000008)                                                                                                                    \
-        TF_FLAG(tfMutable, 0x00000010),                                                                                                                        \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(MPTokenIssuanceCreate,                                                                                                                         \
-        /* Note: tf/lsfMPTLocked is intentionally omitted since this transaction is not allowed to modify it. */                                               \
-        TF_FLAG(tfMPTCanLock, lsfMPTCanLock)                                                                                                                   \
-        TF_FLAG(tfMPTRequireAuth, lsfMPTRequireAuth)                                                                                                           \
-        TF_FLAG(tfMPTCanEscrow, lsfMPTCanEscrow)                                                                                                               \
-        TF_FLAG(tfMPTCanTrade, lsfMPTCanTrade)                                                                                                                 \
-        TF_FLAG(tfMPTCanTransfer, lsfMPTCanTransfer)                                                                                                           \
-        TF_FLAG(tfMPTCanClawback, lsfMPTCanClawback),                                                                                                          \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(MPTokenAuthorize,                                                                                                                              \
-        TF_FLAG(tfMPTUnauthorize, 0x00000001),                                                                                                                 \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(MPTokenIssuanceSet,                                                                                                                            \
-        TF_FLAG(tfMPTLock, 0x00000001)                                                                                                                         \
-        TF_FLAG(tfMPTUnlock, 0x00000002),                                                                                                                      \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(NFTokenCreateOffer,                                                                                                                            \
-        TF_FLAG(tfSellNFToken, 0x00000001),                                                                                                                    \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(AMMDeposit,                                                                                                                                    \
-        TF_FLAG(tfLPToken, 0x00010000)                                                                                                                         \
-        TF_FLAG(tfSingleAsset, 0x00080000)                                                                                                                     \
-        TF_FLAG(tfTwoAsset, 0x00100000)                                                                                                                        \
-        TF_FLAG(tfOneAssetLPToken, 0x00200000)                                                                                                                 \
-        TF_FLAG(tfLimitLPToken, 0x00400000)                                                                                                                    \
-        TF_FLAG(tfTwoAssetIfEmpty, 0x00800000),                                                                                                                \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(AMMWithdraw,                                                                                                                                   \
-        TF_FLAG2(tfLPToken, 0x00010000)                                                                                                                        \
-        TF_FLAG(tfWithdrawAll, 0x00020000)                                                                                                                     \
-        TF_FLAG(tfOneAssetWithdrawAll, 0x00040000)                                                                                                             \
-        TF_FLAG2(tfSingleAsset, 0x00080000)                                                                                                                    \
-        TF_FLAG2(tfTwoAsset, 0x00100000)                                                                                                                       \
-        TF_FLAG2(tfOneAssetLPToken, 0x00200000)                                                                                                                \
-        TF_FLAG2(tfLimitLPToken, 0x00400000),                                                                                                                  \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(AMMClawback,                                                                                                                                   \
-        TF_FLAG(tfClawTwoAssets, 0x00000001),                                                                                                                  \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(XChainModifyBridge,                                                                                                                            \
-        TF_FLAG(tfClearAccountCreateAmount, 0x00010000),                                                                                                       \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(VaultCreate,                                                                                                                                   \
-        TF_FLAG(tfVaultPrivate, lsfVaultPrivate)                                                                                                               \
-        TF_FLAG(tfVaultShareNonTransferable, 0x00020000),                                                                                                      \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(Batch,                                                                                                                                         \
-        TF_FLAG(tfAllOrNothing, 0x00010000)                                                                                                                    \
-        TF_FLAG(tfOnlyOne, 0x00020000)                                                                                                                         \
-        TF_FLAG(tfUntilFailure, 0x00040000)                                                                                                                    \
-        TF_FLAG(tfIndependent, 0x00080000),                                                                                                                    \
-        MASK_ADJ(tfInnerBatchTxn))                      /* Batch must reject tfInnerBatchTxn - only inner transactions should have this flag */                \
-                                                                                                                                                               \
-    TRANSACTION(LoanSet,                                /* True indicates the loan supports overpayments */                                                    \
-        TF_FLAG(tfLoanOverpayment, 0x00010000),                                                                                                                \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(LoanPay,                                /* True indicates any excess in this payment can be used as an overpayment. */                         \
-                                                        /* False: no overpayments will be taken. */                                                            \
-        TF_FLAG2(tfLoanOverpayment, 0x00010000)                                                                                                                \
-        TF_FLAG(tfLoanFullPayment, 0x00020000)          /* True indicates that the payment is an early full payment. */                                        \
-                                                        /* It must pay the entire loan including close interest and fees, or it will fail. */                  \
-                                                        /* False: Not a full payment. */                                                                       \
-        TF_FLAG(tfLoanLatePayment, 0x00040000),         /* True indicates that the payment is late, and includes late interest and fees. */                    \
-                                                        /* If the loan is not late, it will fail. */                                                           \
-                                                        /* False: not a late payment. If the current payment is overdue, the transaction will fail.*/          \
-        MASK_ADJ(0))                                                                                                                                           \
-                                                                                                                                                               \
-    TRANSACTION(LoanManage,                                                                                                                                    \
-        TF_FLAG(tfLoanDefault, 0x00010000)                                                                                                                     \
-        TF_FLAG(tfLoanImpair, 0x00020000)                                                                                                                      \
-        TF_FLAG(tfLoanUnimpair, 0x00040000),                                                                                                                   \
-        MASK_ADJ(0))
+// AccountSet flags:
+constexpr std::uint32_t tfRequireDestTag                   = 0x00010000;
+constexpr std::uint32_t tfOptionalDestTag                  = 0x00020000;
+constexpr std::uint32_t tfRequireAuth                      = 0x00040000;
+constexpr std::uint32_t tfOptionalAuth                     = 0x00080000;
+constexpr std::uint32_t tfDisallowXRP                      = 0x00100000;
+constexpr std::uint32_t tfAllowXRP                         = 0x00200000;
+constexpr std::uint32_t tfAccountSetMask =
+    ~(tfUniversal | tfRequireDestTag | tfOptionalDestTag | tfRequireAuth |
+      tfOptionalAuth | tfDisallowXRP | tfAllowXRP);
 
-// clang-format on
+// AccountSet SetFlag/ClearFlag values
+constexpr std::uint32_t asfRequireDest                     =  1;
+constexpr std::uint32_t asfRequireAuth                     =  2;
+constexpr std::uint32_t asfDisallowXRP                     =  3;
+constexpr std::uint32_t asfDisableMaster                   =  4;
+constexpr std::uint32_t asfAccountTxnID                    =  5;
+constexpr std::uint32_t asfNoFreeze                        =  6;
+constexpr std::uint32_t asfGlobalFreeze                    =  7;
+constexpr std::uint32_t asfDefaultRipple                   =  8;
+constexpr std::uint32_t asfDepositAuth                     =  9;
+constexpr std::uint32_t asfAuthorizedNFTokenMinter         = 10;
+/*  // reserved for Hooks amendment
+constexpr std::uint32_t asfTshCollect                      = 11;
+*/
+constexpr std::uint32_t asfDisallowIncomingNFTokenOffer    = 12;
+constexpr std::uint32_t asfDisallowIncomingCheck           = 13;
+constexpr std::uint32_t asfDisallowIncomingPayChan         = 14;
+constexpr std::uint32_t asfDisallowIncomingTrustline       = 15;
+constexpr std::uint32_t asfAllowTrustLineClawback          = 16;
+constexpr std::uint32_t asfAllowTrustLineLocking           = 17;
 
-// Create all the flag values.
-//
-// example:
-// inline constexpr FlagValue tfAccountSetRequireDestTag = 0x00010000;
-#define TO_VALUE(name, value) inline constexpr FlagValue name = value;
-#define NULL_NAME(name, values, maskAdj) values
-#define NULL_OUTPUT(name, value)
-#define NULL_MASK_ADJ(value)
-XMACRO(NULL_NAME, TO_VALUE, NULL_OUTPUT, NULL_MASK_ADJ)
+// OfferCreate flags:
+constexpr std::uint32_t tfPassive                          = 0x00010000;
+constexpr std::uint32_t tfImmediateOrCancel                = 0x00020000;
+constexpr std::uint32_t tfFillOrKill                       = 0x00040000;
+constexpr std::uint32_t tfSell                             = 0x00080000;
+constexpr std::uint32_t tfHybrid                           = 0x00100000;
+constexpr std::uint32_t tfOfferCreateMask =
+    ~(tfUniversal | tfPassive | tfImmediateOrCancel | tfFillOrKill | tfSell | tfHybrid);
 
-// Create masks for each transaction type that has flags.
-//
-// example:
-// inline constexpr FlagValue tfAccountSetMask = ~(tfUniversal | tfRequireDestTag |
-//     tfOptionalDestTag | tfRequireAuth | tfOptionalAuth | tfDisallowXRP | tfAllowXRP);
-//
-// The mask adjustment (maskAdj) allows adding flags back to the mask, making them invalid.
-// For example, Batch uses MASK_ADJ(tfInnerBatchTxn) to reject tfInnerBatchTxn on outer Batch.
-#define TO_MASK(name, values, maskAdj) \
-    inline constexpr FlagValue tf##name##Mask = ~(tfUniversal values) | maskAdj;
-#define VALUE_TO_MASK(name, value) | name
-#define MASK_ADJ_TO_MASK(value) value
-XMACRO(TO_MASK, VALUE_TO_MASK, VALUE_TO_MASK, MASK_ADJ_TO_MASK)
+// Payment flags:
+constexpr std::uint32_t tfNoRippleDirect                   = 0x00010000;
+constexpr std::uint32_t tfPartialPayment                   = 0x00020000;
+constexpr std::uint32_t tfLimitQuality                     = 0x00040000;
+constexpr std::uint32_t tfPaymentMask =
+    ~(tfUniversal | tfPartialPayment | tfLimitQuality | tfNoRippleDirect);
+constexpr std::uint32_t tfMPTPaymentMask = ~(tfUniversal | tfPartialPayment);
 
-// Verify that tfBatchMask correctly rejects tfInnerBatchTxn.
-// The outer Batch transaction must NOT have tfInnerBatchTxn set; only inner transactions should
-// have it.
-static_assert(
-    (tfBatchMask & tfInnerBatchTxn) == tfInnerBatchTxn,
-    "tfBatchMask must include tfInnerBatchTxn to reject it on outer Batch");
+// TrustSet flags:
+constexpr std::uint32_t tfSetfAuth                         = 0x00010000;
+constexpr std::uint32_t tfSetNoRipple                      = 0x00020000;
+constexpr std::uint32_t tfClearNoRipple                    = 0x00040000;
+constexpr std::uint32_t tfSetFreeze                        = 0x00100000;
+constexpr std::uint32_t tfClearFreeze                      = 0x00200000;
+constexpr std::uint32_t tfSetDeepFreeze                    = 0x00400000;
+constexpr std::uint32_t tfClearDeepFreeze                  = 0x00800000;
+constexpr std::uint32_t tfTrustSetMask =
+    ~(tfUniversal | tfSetfAuth | tfSetNoRipple | tfClearNoRipple | tfSetFreeze |
+      tfClearFreeze | tfSetDeepFreeze | tfClearDeepFreeze);
+constexpr std::uint32_t tfTrustSetPermissionMask = ~(tfUniversal | tfSetfAuth | tfSetFreeze | tfClearFreeze);
 
-// Verify that other transaction masks correctly allow tfInnerBatchTxn.
-// Inner transactions need tfInnerBatchTxn to be valid, so these masks must not reject it.
-static_assert(
-    (tfPaymentMask & tfInnerBatchTxn) == 0,
-    "tfPaymentMask must not reject tfInnerBatchTxn");
-static_assert(
-    (tfAccountSetMask & tfInnerBatchTxn) == 0,
-    "tfAccountSetMask must not reject tfInnerBatchTxn");
+// EnableAmendment flags:
+constexpr std::uint32_t tfGotMajority                      = 0x00010000;
+constexpr std::uint32_t tfLostMajority                     = 0x00020000;
+constexpr std::uint32_t tfChangeMask =
+    ~( tfUniversal | tfGotMajority | tfLostMajority);
 
-// Create getter functions for each set of flags using Meyer's singleton pattern.
-// This avoids static initialization order fiasco while still providing efficient access.
-// This is used below in `getAllTxFlags()` to generate the server_definitions RPC
-// output.
-//
-// example:
-// inline FlagMap const& getAccountSetFlags() {
-//     static FlagMap const flags = {
-//         {"tfRequireDestTag", 0x00010000},
-//         {"tfOptionalDestTag", 0x00020000},
-//     ...};
-//     return flags;
-// }
-using FlagMap = std::map<std::string, FlagValue>;
-#define VALUE_TO_MAP(name, value) {#name, value},
-#define TO_MAP(name, values, maskAdj)          \
-    inline FlagMap const& get##name##Flags()   \
-    {                                          \
-        static FlagMap const flags = {values}; \
-        return flags;                          \
-    }
-XMACRO(TO_MAP, VALUE_TO_MAP, VALUE_TO_MAP, NULL_MASK_ADJ)
+// PaymentChannelClaim flags:
+constexpr std::uint32_t tfRenew                            = 0x00010000;
+constexpr std::uint32_t tfClose                            = 0x00020000;
+constexpr std::uint32_t tfPayChanClaimMask = ~(tfUniversal | tfRenew | tfClose);
 
-inline FlagMap const&
-getUniversalFlags()
-{
-    static FlagMap const flags = {
-        {"tfFullyCanonicalSig", tfFullyCanonicalSig}, {"tfInnerBatchTxn", tfInnerBatchTxn}};
-    return flags;
-}
+// NFTokenMint flags:
+constexpr std::uint32_t const tfBurnable                   = 0x00000001;
+constexpr std::uint32_t const tfOnlyXRP                    = 0x00000002;
+constexpr std::uint32_t const tfTrustLine                  = 0x00000004;
+constexpr std::uint32_t const tfTransferable               = 0x00000008;
+constexpr std::uint32_t const tfMutable                    = 0x00000010;
 
-// Create a getter function for all transaction flag maps using Meyer's singleton pattern.
-// This is used to generate the server_definitions RPC output.
-//
-// example:
-// inline FlagMapPairList const& getAllTxFlags() {
-//     static FlagMapPairList const flags = {
-//         {"AccountSet", getAccountSetFlags()},
-//     ...};
-//     return flags;
-// }
-using FlagMapPairList = std::vector<std::pair<std::string, FlagMap>>;
-#define ALL_TX_FLAGS(name, values, maskAdj) {#name, get##name##Flags()},
-inline FlagMapPairList const&
-getAllTxFlags()
-{
-    static FlagMapPairList const flags = {
-        {"universal", getUniversalFlags()},
-        XMACRO(ALL_TX_FLAGS, NULL_OUTPUT, NULL_OUTPUT, NULL_MASK_ADJ)};
-    return flags;
-}
-
-#undef XMACRO
-#undef TO_VALUE
-#undef VALUE_TO_MAP
-#undef NULL_NAME
-#undef NULL_OUTPUT
-#undef TO_MAP
-#undef TO_MASK
-#undef VALUE_TO_MASK
-#undef ALL_TX_FLAGS
-#undef NULL_MASK_ADJ
-#undef MASK_ADJ_TO_MASK
-
-#pragma pop_macro("XMACRO")
-#pragma pop_macro("TO_VALUE")
-#pragma pop_macro("VALUE_TO_MAP")
-#pragma pop_macro("NULL_NAME")
-#pragma pop_macro("NULL_OUTPUT")
-#pragma pop_macro("TO_MAP")
-#pragma pop_macro("TO_MASK")
-#pragma pop_macro("VALUE_TO_MASK")
-#pragma pop_macro("ALL_TX_FLAGS")
-#pragma pop_macro("NULL_MASK_ADJ")
-#pragma pop_macro("MASK_ADJ_TO_MASK")
-
-// Additional transaction masks and combos
-inline constexpr FlagValue tfMPTPaymentMask = ~(tfUniversal | tfPartialPayment);
-inline constexpr FlagValue tfTrustSetPermissionMask =
-    ~(tfUniversal | tfSetfAuth | tfSetFreeze | tfClearFreeze);
+// MPTokenIssuanceCreate flags:
+// Note: tf/lsfMPTLocked is intentionally omitted, since this transaction
+// is not allowed to modify it.
+constexpr std::uint32_t const tfMPTCanLock                 = lsfMPTCanLock;
+constexpr std::uint32_t const tfMPTRequireAuth             = lsfMPTRequireAuth;
+constexpr std::uint32_t const tfMPTCanEscrow               = lsfMPTCanEscrow;
+constexpr std::uint32_t const tfMPTCanTrade                = lsfMPTCanTrade;
+constexpr std::uint32_t const tfMPTCanTransfer             = lsfMPTCanTransfer;
+constexpr std::uint32_t const tfMPTCanClawback             = lsfMPTCanClawback;
+constexpr std::uint32_t const tfMPTokenIssuanceCreateMask  =
+  ~(tfUniversal | tfMPTCanLock | tfMPTRequireAuth | tfMPTCanEscrow | tfMPTCanTrade | tfMPTCanTransfer | tfMPTCanClawback);
 
 // MPTokenIssuanceCreate MutableFlags:
 // Indicating specific fields or flags may be changed after issuance.
-inline constexpr FlagValue tmfMPTCanMutateCanLock = lsmfMPTCanMutateCanLock;
-inline constexpr FlagValue tmfMPTCanMutateRequireAuth = lsmfMPTCanMutateRequireAuth;
-inline constexpr FlagValue tmfMPTCanMutateCanEscrow = lsmfMPTCanMutateCanEscrow;
-inline constexpr FlagValue tmfMPTCanMutateCanTrade = lsmfMPTCanMutateCanTrade;
-inline constexpr FlagValue tmfMPTCanMutateCanTransfer = lsmfMPTCanMutateCanTransfer;
-inline constexpr FlagValue tmfMPTCanMutateCanClawback = lsmfMPTCanMutateCanClawback;
-inline constexpr FlagValue tmfMPTCanMutateMetadata = lsmfMPTCanMutateMetadata;
-inline constexpr FlagValue tmfMPTCanMutateTransferFee = lsmfMPTCanMutateTransferFee;
-inline constexpr FlagValue tmfMPTokenIssuanceCreateMutableMask =
-    ~(tmfMPTCanMutateCanLock | tmfMPTCanMutateRequireAuth | tmfMPTCanMutateCanEscrow |
-      tmfMPTCanMutateCanTrade | tmfMPTCanMutateCanTransfer | tmfMPTCanMutateCanClawback |
-      tmfMPTCanMutateMetadata | tmfMPTCanMutateTransferFee);
+constexpr std::uint32_t const tmfMPTCanMutateCanLock = lsmfMPTCanMutateCanLock;
+constexpr std::uint32_t const tmfMPTCanMutateRequireAuth = lsmfMPTCanMutateRequireAuth;
+constexpr std::uint32_t const tmfMPTCanMutateCanEscrow = lsmfMPTCanMutateCanEscrow;
+constexpr std::uint32_t const tmfMPTCanMutateCanTrade = lsmfMPTCanMutateCanTrade;
+constexpr std::uint32_t const tmfMPTCanMutateCanTransfer = lsmfMPTCanMutateCanTransfer;
+constexpr std::uint32_t const tmfMPTCanMutateCanClawback = lsmfMPTCanMutateCanClawback;
+constexpr std::uint32_t const tmfMPTCanMutateMetadata = lsmfMPTCanMutateMetadata;
+constexpr std::uint32_t const tmfMPTCanMutateTransferFee = lsmfMPTCanMutateTransferFee;
+constexpr std::uint32_t const tmfMPTokenIssuanceCreateMutableMask =
+  ~(tmfMPTCanMutateCanLock | tmfMPTCanMutateRequireAuth | tmfMPTCanMutateCanEscrow | tmfMPTCanMutateCanTrade
+    | tmfMPTCanMutateCanTransfer | tmfMPTCanMutateCanClawback | tmfMPTCanMutateMetadata | tmfMPTCanMutateTransferFee);
+
+// MPTokenAuthorize flags:
+constexpr std::uint32_t const tfMPTUnauthorize             = 0x00000001;
+constexpr std::uint32_t const tfMPTokenAuthorizeMask  = ~(tfUniversal | tfMPTUnauthorize);
+
+// MPTokenIssuanceSet flags:
+constexpr std::uint32_t const tfMPTLock                   = 0x00000001;
+constexpr std::uint32_t const tfMPTUnlock                 = 0x00000002;
+constexpr std::uint32_t const tfMPTokenIssuanceSetMask  = ~(tfUniversal | tfMPTLock | tfMPTUnlock);
+constexpr std::uint32_t const tfMPTokenIssuanceSetPermissionMask = ~(tfUniversal | tfMPTLock | tfMPTUnlock);
 
 // MPTokenIssuanceSet MutableFlags:
 // Set or Clear flags.
+constexpr std::uint32_t const tmfMPTSetCanLock             = 0x00000001;
+constexpr std::uint32_t const tmfMPTClearCanLock           = 0x00000002;
+constexpr std::uint32_t const tmfMPTSetRequireAuth         = 0x00000004;
+constexpr std::uint32_t const tmfMPTClearRequireAuth       = 0x00000008;
+constexpr std::uint32_t const tmfMPTSetCanEscrow           = 0x00000010;
+constexpr std::uint32_t const tmfMPTClearCanEscrow         = 0x00000020;
+constexpr std::uint32_t const tmfMPTSetCanTrade            = 0x00000040;
+constexpr std::uint32_t const tmfMPTClearCanTrade          = 0x00000080;
+constexpr std::uint32_t const tmfMPTSetCanTransfer         = 0x00000100;
+constexpr std::uint32_t const tmfMPTClearCanTransfer       = 0x00000200;
+constexpr std::uint32_t const tmfMPTSetCanClawback         = 0x00000400;
+constexpr std::uint32_t const tmfMPTClearCanClawback       = 0x00000800;
+constexpr std::uint32_t const tmfMPTokenIssuanceSetMutableMask = ~(tmfMPTSetCanLock | tmfMPTClearCanLock |
+    tmfMPTSetRequireAuth | tmfMPTClearRequireAuth | tmfMPTSetCanEscrow | tmfMPTClearCanEscrow |
+    tmfMPTSetCanTrade | tmfMPTClearCanTrade | tmfMPTSetCanTransfer | tmfMPTClearCanTransfer |
+    tmfMPTSetCanClawback | tmfMPTClearCanClawback);
 
-inline constexpr FlagValue tmfMPTSetCanLock = 0x00000001;
-inline constexpr FlagValue tmfMPTClearCanLock = 0x00000002;
-inline constexpr FlagValue tmfMPTSetRequireAuth = 0x00000004;
-inline constexpr FlagValue tmfMPTClearRequireAuth = 0x00000008;
-inline constexpr FlagValue tmfMPTSetCanEscrow = 0x00000010;
-inline constexpr FlagValue tmfMPTClearCanEscrow = 0x00000020;
-inline constexpr FlagValue tmfMPTSetCanTrade = 0x00000040;
-inline constexpr FlagValue tmfMPTClearCanTrade = 0x00000080;
-inline constexpr FlagValue tmfMPTSetCanTransfer = 0x00000100;
-inline constexpr FlagValue tmfMPTClearCanTransfer = 0x00000200;
-inline constexpr FlagValue tmfMPTSetCanClawback = 0x00000400;
-inline constexpr FlagValue tmfMPTClearCanClawback = 0x00000800;
-inline constexpr FlagValue tmfMPTokenIssuanceSetMutableMask = ~(
-    tmfMPTSetCanLock | tmfMPTClearCanLock | tmfMPTSetRequireAuth | tmfMPTClearRequireAuth |
-    tmfMPTSetCanEscrow | tmfMPTClearCanEscrow | tmfMPTSetCanTrade | tmfMPTClearCanTrade |
-    tmfMPTSetCanTransfer | tmfMPTClearCanTransfer | tmfMPTSetCanClawback | tmfMPTClearCanClawback);
+// MPTokenIssuanceDestroy flags:
+constexpr std::uint32_t const tfMPTokenIssuanceDestroyMask  = ~tfUniversal;
 
-// Prior to fixRemoveNFTokenAutoTrustLine, transfer of an NFToken between accounts allowed a
-// TrustLine to be added to the issuer of that token without explicit permission from that issuer.
-// This was enabled by minting the NFToken with the tfTrustLine flag set.
+// Prior to fixRemoveNFTokenAutoTrustLine, transfer of an NFToken between
+// accounts allowed a TrustLine to be added to the issuer of that token
+// without explicit permission from that issuer.  This was enabled by
+// minting the NFToken with the tfTrustLine flag set.
 //
-// That capability could be used to attack the NFToken issuer.
-// It would be possible for two accounts to trade the NFToken back and forth building up any number
-// of TrustLines on the issuer, increasing the issuer's reserve without bound.
+// That capability could be used to attack the NFToken issuer.  It
+// would be possible for two accounts to trade the NFToken back and forth
+// building up any number of TrustLines on the issuer, increasing the
+// issuer's reserve without bound.
 //
-// The fixRemoveNFTokenAutoTrustLine amendment disables minting with the tfTrustLine flag as a way
-// to prevent the attack. But until the amendment passes we still need to keep the old behavior
-// available.
-inline constexpr FlagValue tfTrustLine = 0x00000004;  // needed for backwards compatibility
-inline constexpr FlagValue tfNFTokenMintMaskWithoutMutable =
+// The fixRemoveNFTokenAutoTrustLine amendment disables minting with the
+// tfTrustLine flag as a way to prevent the attack.  But until the
+// amendment passes we still need to keep the old behavior available.
+constexpr std::uint32_t const tfNFTokenMintMask =
     ~(tfUniversal | tfBurnable | tfOnlyXRP | tfTransferable);
 
-inline constexpr FlagValue tfNFTokenMintOldMask = ~(~tfNFTokenMintMaskWithoutMutable | tfTrustLine);
+constexpr std::uint32_t const tfNFTokenMintOldMask =
+    ~( ~tfNFTokenMintMask | tfTrustLine);
 
 // if featureDynamicNFT enabled then new flag allowing mutable URI available.
-inline constexpr FlagValue tfNFTokenMintOldMaskWithMutable = ~(~tfNFTokenMintOldMask | tfMutable);
+constexpr std::uint32_t const tfNFTokenMintOldMaskWithMutable =
+    ~( ~tfNFTokenMintOldMask | tfMutable);
 
-inline constexpr FlagValue tfWithdrawSubTx = tfLPToken | tfSingleAsset | tfTwoAsset |
-    tfOneAssetLPToken | tfLimitLPToken | tfWithdrawAll | tfOneAssetWithdrawAll;
-inline constexpr FlagValue tfDepositSubTx =
-    tfLPToken | tfSingleAsset | tfTwoAsset | tfOneAssetLPToken | tfLimitLPToken | tfTwoAssetIfEmpty;
+constexpr std::uint32_t const tfNFTokenMintMaskWithMutable =
+    ~( ~tfNFTokenMintMask | tfMutable);
 
-#pragma push_macro("ACCOUNTSET_FLAGS")
-#pragma push_macro("ACCOUNTSET_FLAG_TO_VALUE")
-#pragma push_macro("ACCOUNTSET_FLAG_TO_MAP")
+// NFTokenCreateOffer flags:
+constexpr std::uint32_t const tfSellNFToken                = 0x00000001;
+constexpr std::uint32_t const tfNFTokenCreateOfferMask =
+    ~(tfUniversal | tfSellNFToken);
 
-// AccountSet SetFlag/ClearFlag values
-#define ACCOUNTSET_FLAGS(ASF_FLAG)                \
-    ASF_FLAG(asfRequireDest, 1)                   \
-    ASF_FLAG(asfRequireAuth, 2)                   \
-    ASF_FLAG(asfDisallowXRP, 3)                   \
-    ASF_FLAG(asfDisableMaster, 4)                 \
-    ASF_FLAG(asfAccountTxnID, 5)                  \
-    ASF_FLAG(asfNoFreeze, 6)                      \
-    ASF_FLAG(asfGlobalFreeze, 7)                  \
-    ASF_FLAG(asfDefaultRipple, 8)                 \
-    ASF_FLAG(asfDepositAuth, 9)                   \
-    ASF_FLAG(asfAuthorizedNFTokenMinter, 10)      \
-    /*  11 is reserved for Hooks amendment */     \
-    /* ASF_FLAG(asfTshCollect, 11) */             \
-    ASF_FLAG(asfDisallowIncomingNFTokenOffer, 12) \
-    ASF_FLAG(asfDisallowIncomingCheck, 13)        \
-    ASF_FLAG(asfDisallowIncomingPayChan, 14)      \
-    ASF_FLAG(asfDisallowIncomingTrustline, 15)    \
-    ASF_FLAG(asfAllowTrustLineClawback, 16)       \
-    ASF_FLAG(asfAllowTrustLineLocking, 17)
+// NFTokenCancelOffer flags:
+constexpr std::uint32_t const tfNFTokenCancelOfferMask     = ~tfUniversal;
 
-#define ACCOUNTSET_FLAG_TO_VALUE(name, value) inline constexpr FlagValue name = value;
-#define ACCOUNTSET_FLAG_TO_MAP(name, value) {#name, value},
+// NFTokenAcceptOffer flags:
+constexpr std::uint32_t const tfNFTokenAcceptOfferMask     = ~tfUniversal;
 
-ACCOUNTSET_FLAGS(ACCOUNTSET_FLAG_TO_VALUE)
+// Clawback flags:
+constexpr std::uint32_t const tfClawbackMask               = ~tfUniversal;
 
-inline std::map<std::string, FlagValue> const&
-getAsfFlagMap()
-{
-    static std::map<std::string, FlagValue> const flags = {
-        ACCOUNTSET_FLAGS(ACCOUNTSET_FLAG_TO_MAP)};
-    return flags;
-}
+// AMM Flags:
+constexpr std::uint32_t tfLPToken                          = 0x00010000;
+constexpr std::uint32_t tfWithdrawAll                      = 0x00020000;
+constexpr std::uint32_t tfOneAssetWithdrawAll              = 0x00040000;
+constexpr std::uint32_t tfSingleAsset                      = 0x00080000;
+constexpr std::uint32_t tfTwoAsset                         = 0x00100000;
+constexpr std::uint32_t tfOneAssetLPToken                  = 0x00200000;
+constexpr std::uint32_t tfLimitLPToken                     = 0x00400000;
+constexpr std::uint32_t tfTwoAssetIfEmpty                  = 0x00800000;
+constexpr std::uint32_t tfWithdrawSubTx =
+    tfLPToken | tfSingleAsset | tfTwoAsset | tfOneAssetLPToken |
+    tfLimitLPToken | tfWithdrawAll | tfOneAssetWithdrawAll;
+constexpr std::uint32_t tfDepositSubTx =
+    tfLPToken | tfSingleAsset | tfTwoAsset | tfOneAssetLPToken |
+    tfLimitLPToken | tfTwoAssetIfEmpty;
+constexpr std::uint32_t tfWithdrawMask = ~(tfUniversal | tfWithdrawSubTx);
+constexpr std::uint32_t tfDepositMask = ~(tfUniversal | tfDepositSubTx);
 
-#undef ACCOUNTSET_FLAG_TO_VALUE
-#undef ACCOUNTSET_FLAG_TO_MAP
-#undef ACCOUNTSET_FLAGS
+// AMMClawback flags:
+constexpr std::uint32_t tfClawTwoAssets                = 0x00000001;
+constexpr std::uint32_t tfAMMClawbackMask = ~(tfUniversal | tfClawTwoAssets);
 
-#pragma pop_macro("ACCOUNTSET_FLAG_TO_VALUE")
-#pragma pop_macro("ACCOUNTSET_FLAG_TO_MAP")
-#pragma pop_macro("ACCOUNTSET_FLAGS")
+// BridgeModify flags:
+constexpr std::uint32_t tfClearAccountCreateAmount     = 0x00010000;
+constexpr std::uint32_t tfBridgeModifyMask = ~(tfUniversal | tfClearAccountCreateAmount);
+
+// VaultCreate flags:
+constexpr std::uint32_t const tfVaultPrivate               = 0x00010000;
+static_assert(tfVaultPrivate == lsfVaultPrivate);
+constexpr std::uint32_t const tfVaultShareNonTransferable  = 0x00020000;
+constexpr std::uint32_t const tfVaultCreateMask = ~(tfUniversal | tfVaultPrivate | tfVaultShareNonTransferable);
+
+// Batch Flags:
+constexpr std::uint32_t tfAllOrNothing                 = 0x00010000;
+constexpr std::uint32_t tfOnlyOne                      = 0x00020000;
+constexpr std::uint32_t tfUntilFailure                 = 0x00040000;
+constexpr std::uint32_t tfIndependent                  = 0x00080000;
+/**
+ * @note If nested Batch transactions are supported in the future, the tfInnerBatchTxn flag
+ *  will need to be removed from this mask to allow Batch transaction to be inside
+ *  the sfRawTransactions array.
+ */
+constexpr std::uint32_t const tfBatchMask =
+    ~(tfUniversal | tfAllOrNothing | tfOnlyOne | tfUntilFailure | tfIndependent) | tfInnerBatchTxn;
+
+// LoanSet and LoanPay flags:
+// LoanSet: True, indicates the loan supports overpayments
+// LoanPay: True, indicates any excess in this payment can be used
+// as an overpayment. False, no overpayments will be taken.
+constexpr std::uint32_t const tfLoanOverpayment = 0x00010000;
+// LoanPay exclusive flags:
+// tfLoanFullPayment: True, indicates that the payment is an early
+// full payment. It must pay the entire loan including close
+// interest and fees, or it will fail. False: Not a full payment.
+constexpr std::uint32_t const tfLoanFullPayment = 0x00020000;
+// tfLoanLatePayment: True, indicates that the payment is late,
+// and includes late interest and fees. If the loan is not late,
+// it will fail. False: not a late payment. If the current payment
+// is overdue, the transaction will fail.
+constexpr std::uint32_t const tfLoanLatePayment = 0x00040000;
+constexpr std::uint32_t const tfLoanSetMask = ~(tfUniversal |
+    tfLoanOverpayment);
+constexpr std::uint32_t const tfLoanPayMask = ~(tfUniversal |
+    tfLoanOverpayment | tfLoanFullPayment | tfLoanLatePayment);
+
+// LoanManage flags:
+constexpr std::uint32_t const tfLoanDefault = 0x00010000;
+constexpr std::uint32_t const tfLoanImpair = 0x00020000;
+constexpr std::uint32_t const tfLoanUnimpair = 0x00040000;
+constexpr std::uint32_t const tfLoanManageMask = ~(tfUniversal | tfLoanDefault | tfLoanImpair | tfLoanUnimpair);
+
+// clang-format on
 
 }  // namespace xrpl

include/xrpl/protocol/TxFormats.h

@@ -2,8 +2,6 @@
 
 #include <xrpl/protocol/KnownFormats.h>
 
-#include <vector>
-
 namespace xrpl {
 
 /** Transaction type identifiers.
@@ -75,9 +73,6 @@ private:
 public:
     static TxFormats const&
     getInstance();
-
-    static std::vector<SOElement> const&
-    getCommonFields();
 };
 
 }  // namespace xrpl

include/xrpl/protocol/detail/features.macro

@@ -15,10 +15,9 @@
 
 // Add new amendments to the top of this list.
 // Keep it sorted in reverse chronological order.
-
 XRPL_FIX   (PermissionedDomainInvariant, Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (ExpiredNFTokenOfferRemoval, Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FIX    (BatchInnerSigs,             Supported::no, VoteBehavior::DefaultNo)
+XRPL_FIX    (BatchInnerSigs,             Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(LendingProtocol,            Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(PermissionDelegationV1_1,   Supported::no,  VoteBehavior::DefaultNo)
 XRPL_FIX    (DirectoryLimit,             Supported::yes, VoteBehavior::DefaultNo)
@@ -32,7 +31,7 @@ XRPL_FEATURE(TokenEscrow,                Supported::yes, VoteBehavior::DefaultNo
 XRPL_FIX    (EnforceNFTokenTrustlineV2,  Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FIX    (AMMv1_3,                    Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(PermissionedDEX,            Supported::yes, VoteBehavior::DefaultNo)
-XRPL_FEATURE(Batch,                      Supported::no,  VoteBehavior::DefaultNo)
+XRPL_FEATURE(Batch,                      Supported::yes, VoteBehavior::DefaultNo)
 XRPL_FEATURE(SingleAssetVault,           Supported::yes,  VoteBehavior::DefaultNo)
 XRPL_FIX    (PayChanCancelAfter,         Supported::yes, VoteBehavior::DefaultNo)
 // Check flags in Credential transactions

include/xrpl/protocol/detail/ledger_entries.macro

@@ -578,7 +578,7 @@ LEDGER_ENTRY(ltLOAN, 0x0089, Loan, loan, ({
     //   The unrounded true total value of the loan.
     //
     // - TrueTotalPrincipalOutstanding can be computed using the algorithm
-    //   in the ripple::detail::loanPrincipalFromPeriodicPayment function.
+    //   in the xrpl::detail::loanPrincipalFromPeriodicPayment function.
     //
     // - TrueTotalInterestOutstanding = TrueTotalLoanValue -
     //      TrueTotalPrincipalOutstanding

include/xrpl/protocol/detail/transactions.macro

@@ -22,7 +22,7 @@
 
 /** This transaction type executes a payment. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment/Payment.h>
+#   include <xrpl/tx/transactors/Payment.h>
 #endif
 TRANSACTION(ttPAYMENT, 0, Payment,
     Delegation::delegable,
@@ -42,7 +42,7 @@ TRANSACTION(ttPAYMENT, 0, Payment,
 
 /** This transaction type creates an escrow object. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/Escrow.h>
+#   include <xrpl/tx/transactors/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
     Delegation::delegable,
@@ -73,7 +73,7 @@ TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
 
 /** This transaction type adjusts various account settings. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/SetAccount.h>
+#   include <xrpl/tx/transactors/SetAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
     Delegation::notDelegable,
@@ -94,7 +94,7 @@ TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
 
 /** This transaction type cancels an existing escrow. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/Escrow.h>
+#   include <xrpl/tx/transactors/Escrow.h>
 #endif
 TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
     Delegation::delegable,
@@ -107,7 +107,7 @@ TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
 
 /** This transaction type sets or clears an account's "regular key". */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/SetRegularKey.h>
+#   include <xrpl/tx/transactors/SetRegularKey.h>
 #endif
 TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
     Delegation::notDelegable,
@@ -121,7 +121,7 @@ TRANSACTION(ttREGULAR_KEY_SET, 5, SetRegularKey,
 
 /** This transaction type creates an offer to trade one asset for another. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/CreateOffer.h>
+#   include <xrpl/tx/transactors/Offer/CreateOffer.h>
 #endif
 TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
     Delegation::delegable,
@@ -137,7 +137,7 @@ TRANSACTION(ttOFFER_CREATE, 7, OfferCreate,
 
 /** This transaction type cancels existing offers to trade one asset for another. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/CancelOffer.h>
+#   include <xrpl/tx/transactors/Offer/CancelOffer.h>
 #endif
 TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
     Delegation::delegable,
@@ -151,7 +151,7 @@ TRANSACTION(ttOFFER_CANCEL, 8, OfferCancel,
 
 /** This transaction type creates a new set of tickets. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/system/CreateTicket.h>
+#   include <xrpl/tx/transactors/CreateTicket.h>
 #endif
 TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
     Delegation::delegable,
@@ -167,7 +167,7 @@ TRANSACTION(ttTICKET_CREATE, 10, TicketCreate,
 // The SignerEntries are optional because a SignerList is deleted by
 // setting the SignerQuorum to zero and omitting SignerEntries.
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/SetSignerList.h>
+#   include <xrpl/tx/transactors/SetSignerList.h>
 #endif
 TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
     Delegation::notDelegable,
@@ -180,7 +180,7 @@ TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
 
 /** This transaction type creates a new unidirectional XRP payment channel. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment_channel/PayChan.h>
+#   include <xrpl/tx/transactors/PayChan.h>
 #endif
 TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
     Delegation::delegable,
@@ -222,7 +222,7 @@ TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
 
 /** This transaction type creates a new check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CreateCheck.h>
+#   include <xrpl/tx/transactors/Check/CreateCheck.h>
 #endif
 TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
     Delegation::delegable,
@@ -238,7 +238,7 @@ TRANSACTION(ttCHECK_CREATE, 16, CheckCreate,
 
 /** This transaction type cashes an existing check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CashCheck.h>
+#   include <xrpl/tx/transactors/Check/CashCheck.h>
 #endif
 TRANSACTION(ttCHECK_CASH, 17, CheckCash,
     Delegation::delegable,
@@ -252,7 +252,7 @@ TRANSACTION(ttCHECK_CASH, 17, CheckCash,
 
 /** This transaction type cancels an existing check. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/check/CancelCheck.h>
+#   include <xrpl/tx/transactors/Check/CancelCheck.h>
 #endif
 TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
     Delegation::delegable,
@@ -264,7 +264,7 @@ TRANSACTION(ttCHECK_CANCEL, 18, CheckCancel,
 
 /** This transaction type grants or revokes authorization to transfer funds. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment/DepositPreauth.h>
+#   include <xrpl/tx/transactors/DepositPreauth.h>
 #endif
 TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
     Delegation::delegable,
@@ -279,7 +279,7 @@ TRANSACTION(ttDEPOSIT_PREAUTH, 19, DepositPreauth,
 
 /** This transaction type modifies a trustline between two accounts. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/SetTrust.h>
+#   include <xrpl/tx/transactors/SetTrust.h>
 #endif
 TRANSACTION(ttTRUST_SET, 20, TrustSet,
     Delegation::delegable,
@@ -293,7 +293,7 @@ TRANSACTION(ttTRUST_SET, 20, TrustSet,
 
 /** This transaction type deletes an existing account. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/account/DeleteAccount.h>
+#   include <xrpl/tx/transactors/DeleteAccount.h>
 #endif
 TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
     Delegation::notDelegable,
@@ -309,7 +309,7 @@ TRANSACTION(ttACCOUNT_DELETE, 21, AccountDelete,
 
 /** This transaction mints a new NFT. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/nft/NFTokenMint.h>
+#   include <xrpl/tx/transactors/NFT/NFTokenMint.h>
 #endif
 TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
     Delegation::delegable,
@@ -327,7 +327,7 @@ TRANSACTION(ttNFTOKEN_MINT, 25, NFTokenMint,
 
 /** This transaction burns (i.e. destroys) an existing NFT. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/nft/NFTokenBurn.h>
+#   include <xrpl/tx/transactors/NFT/NFTokenBurn.h>
 #endif
 TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
     Delegation::delegable,
@@ -340,7 +340,7 @@ TRANSACTION(ttNFTOKEN_BURN, 26, NFTokenBurn,
 
 /** This transaction creates a new offer to buy or sell an NFT. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/nft/NFTokenCreateOffer.h>
+#   include <xrpl/tx/transactors/NFT/NFTokenCreateOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
     Delegation::delegable,
@@ -356,7 +356,7 @@ TRANSACTION(ttNFTOKEN_CREATE_OFFER, 27, NFTokenCreateOffer,
 
 /** This transaction cancels an existing offer to buy or sell an existing NFT. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/nft/NFTokenCancelOffer.h>
+#   include <xrpl/tx/transactors/NFT/NFTokenCancelOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
     Delegation::delegable,
@@ -368,7 +368,7 @@ TRANSACTION(ttNFTOKEN_CANCEL_OFFER, 28, NFTokenCancelOffer,
 
 /** This transaction accepts an existing offer to buy or sell an existing  NFT. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/nft/NFTokenAcceptOffer.h>
+#   include <xrpl/tx/transactors/NFT/NFTokenAcceptOffer.h>
 #endif
 TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
     Delegation::delegable,
@@ -382,7 +382,7 @@ TRANSACTION(ttNFTOKEN_ACCEPT_OFFER, 29, NFTokenAcceptOffer,
 
 /** This transaction claws back issued tokens. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/Clawback.h>
+#   include <xrpl/tx/transactors/Clawback.h>
 #endif
 TRANSACTION(ttCLAWBACK, 30, Clawback,
     Delegation::delegable,
@@ -395,7 +395,7 @@ TRANSACTION(ttCLAWBACK, 30, Clawback,
 
 /** This transaction claws back tokens from an AMM pool. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/AMMClawback.h>
+#   include <xrpl/tx/transactors/AMM/AMMClawback.h>
 #endif
 TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback,
     Delegation::delegable,
@@ -410,7 +410,7 @@ TRANSACTION(ttAMM_CLAWBACK, 31, AMMClawback,
 
 /** This transaction type creates an AMM instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/AMMCreate.h>
+#   include <xrpl/tx/transactors/AMM/AMMCreate.h>
 #endif
 TRANSACTION(ttAMM_CREATE, 35, AMMCreate,
     Delegation::delegable,
@@ -424,7 +424,7 @@ TRANSACTION(ttAMM_CREATE, 35, AMMCreate,
 
 /** This transaction type deposits into an AMM instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/AMMDeposit.h>
+#   include <xrpl/tx/transactors/AMM/AMMDeposit.h>
 #endif
 TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit,
     Delegation::delegable,
@@ -442,7 +442,7 @@ TRANSACTION(ttAMM_DEPOSIT, 36, AMMDeposit,
 
 /** This transaction type withdraws from an AMM instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/AMMWithdraw.h>
+#   include <xrpl/tx/transactors/AMM/AMMWithdraw.h>
 #endif
 TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw,
     Delegation::delegable,
@@ -459,7 +459,7 @@ TRANSACTION(ttAMM_WITHDRAW, 37, AMMWithdraw,
 
 /** This transaction type votes for the trading fee */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/AMMVote.h>
+#   include <xrpl/tx/transactors/AMM/AMMVote.h>
 #endif
 TRANSACTION(ttAMM_VOTE, 38, AMMVote,
     Delegation::delegable,
@@ -473,7 +473,7 @@ TRANSACTION(ttAMM_VOTE, 38, AMMVote,
 
 /** This transaction type bids for the auction slot */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/AMMBid.h>
+#   include <xrpl/tx/transactors/AMM/AMMBid.h>
 #endif
 TRANSACTION(ttAMM_BID, 39, AMMBid,
     Delegation::delegable,
@@ -489,7 +489,7 @@ TRANSACTION(ttAMM_BID, 39, AMMBid,
 
 /** This transaction type deletes AMM in the empty state */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/dex/AMMDelete.h>
+#   include <xrpl/tx/transactors/AMM/AMMDelete.h>
 #endif
 TRANSACTION(ttAMM_DELETE, 40, AMMDelete,
     Delegation::delegable,
@@ -502,7 +502,7 @@ TRANSACTION(ttAMM_DELETE, 40, AMMDelete,
 
 /** This transactions creates a crosschain sequence number */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/bridge/XChainBridge.h>
+#   include <xrpl/tx/transactors/XChainBridge.h>
 #endif
 TRANSACTION(ttXCHAIN_CREATE_CLAIM_ID, 41, XChainCreateClaimID,
     Delegation::delegable,
@@ -617,7 +617,7 @@ TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
 
 /** This transaction type creates or updates a DID */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/did/DID.h>
+#   include <xrpl/tx/transactors/DID.h>
 #endif
 TRANSACTION(ttDID_SET, 49, DIDSet,
     Delegation::delegable,
@@ -638,7 +638,7 @@ TRANSACTION(ttDID_DELETE, 50, DIDDelete,
 
 /** This transaction type creates an Oracle instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/oracle/SetOracle.h>
+#   include <xrpl/tx/transactors/SetOracle.h>
 #endif
 TRANSACTION(ttORACLE_SET, 51, OracleSet,
     Delegation::delegable,
@@ -655,7 +655,7 @@ TRANSACTION(ttORACLE_SET, 51, OracleSet,
 
 /** This transaction type deletes an Oracle instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/oracle/DeleteOracle.h>
+#   include <xrpl/tx/transactors/DeleteOracle.h>
 #endif
 TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
     Delegation::delegable,
@@ -667,7 +667,7 @@ TRANSACTION(ttORACLE_DELETE, 52, OracleDelete,
 
 /** This transaction type fixes a problem in the ledger state */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/system/LedgerStateFix.h>
+#   include <xrpl/tx/transactors/LedgerStateFix.h>
 #endif
 TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix,
     Delegation::delegable,
@@ -680,7 +680,7 @@ TRANSACTION(ttLEDGER_STATE_FIX, 53, LedgerStateFix,
 
 /** This transaction type creates a MPTokensIssuance instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/MPTokenIssuanceCreate.h>
+#   include <xrpl/tx/transactors/MPT/MPTokenIssuanceCreate.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate,
     Delegation::delegable,
@@ -697,7 +697,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_CREATE, 54, MPTokenIssuanceCreate,
 
 /** This transaction type destroys a MPTokensIssuance instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/MPTokenIssuanceDestroy.h>
+#   include <xrpl/tx/transactors/MPT/MPTokenIssuanceDestroy.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy,
     Delegation::delegable,
@@ -709,7 +709,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_DESTROY, 55, MPTokenIssuanceDestroy,
 
 /** This transaction type sets flags on a MPTokensIssuance or MPToken instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/MPTokenIssuanceSet.h>
+#   include <xrpl/tx/transactors/MPT/MPTokenIssuanceSet.h>
 #endif
 TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
     Delegation::delegable,
@@ -726,7 +726,7 @@ TRANSACTION(ttMPTOKEN_ISSUANCE_SET, 56, MPTokenIssuanceSet,
 
 /** This transaction type authorizes a MPToken instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/token/MPTokenAuthorize.h>
+#   include <xrpl/tx/transactors/MPT/MPTokenAuthorize.h>
 #endif
 TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
     Delegation::delegable,
@@ -739,7 +739,7 @@ TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
 
 /** This transaction type create an Credential instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/credentials/Credentials.h>
+#   include <xrpl/tx/transactors/Credentials.h>
 #endif
 TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
     Delegation::delegable,
@@ -775,7 +775,7 @@ TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
 
 /** This transaction type modify a NFToken */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/nft/NFTokenModify.h>
+#   include <xrpl/tx/transactors/NFT/NFTokenModify.h>
 #endif
 TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify,
     Delegation::delegable,
@@ -789,7 +789,7 @@ TRANSACTION(ttNFTOKEN_MODIFY, 61, NFTokenModify,
 
 /** This transaction type creates or modifies a Permissioned Domain */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/permissioned_domain/PermissionedDomainSet.h>
+#   include <xrpl/tx/transactors/PermissionedDomain/PermissionedDomainSet.h>
 #endif
 TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet,
     Delegation::delegable,
@@ -802,7 +802,7 @@ TRANSACTION(ttPERMISSIONED_DOMAIN_SET, 62, PermissionedDomainSet,
 
 /** This transaction type deletes a Permissioned Domain */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/permissioned_domain/PermissionedDomainDelete.h>
+#   include <xrpl/tx/transactors/PermissionedDomain/PermissionedDomainDelete.h>
 #endif
 TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
     Delegation::delegable,
@@ -814,7 +814,7 @@ TRANSACTION(ttPERMISSIONED_DOMAIN_DELETE, 63, PermissionedDomainDelete,
 
 /** This transaction type delegates authorized account specified permissions */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/delegate/DelegateSet.h>
+#   include <xrpl/tx/transactors/Delegate/DelegateSet.h>
 #endif
 TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
     Delegation::notDelegable,
@@ -827,7 +827,7 @@ TRANSACTION(ttDELEGATE_SET, 64, DelegateSet,
 
 /** This transaction creates a single asset vault. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/vault/VaultCreate.h>
+#   include <xrpl/tx/transactors/Vault/VaultCreate.h>
 #endif
 TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
     Delegation::delegable,
@@ -845,7 +845,7 @@ TRANSACTION(ttVAULT_CREATE, 65, VaultCreate,
 
 /** This transaction updates a single asset vault. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/vault/VaultSet.h>
+#   include <xrpl/tx/transactors/Vault/VaultSet.h>
 #endif
 TRANSACTION(ttVAULT_SET, 66, VaultSet,
     Delegation::delegable,
@@ -860,7 +860,7 @@ TRANSACTION(ttVAULT_SET, 66, VaultSet,
 
 /** This transaction deletes a single asset vault. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/vault/VaultDelete.h>
+#   include <xrpl/tx/transactors/Vault/VaultDelete.h>
 #endif
 TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
     Delegation::delegable,
@@ -872,7 +872,7 @@ TRANSACTION(ttVAULT_DELETE, 67, VaultDelete,
 
 /** This transaction trades assets for shares with a vault. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/vault/VaultDeposit.h>
+#   include <xrpl/tx/transactors/Vault/VaultDeposit.h>
 #endif
 TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
     Delegation::delegable,
@@ -885,7 +885,7 @@ TRANSACTION(ttVAULT_DEPOSIT, 68, VaultDeposit,
 
 /** This transaction trades shares for assets with a vault. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/vault/VaultWithdraw.h>
+#   include <xrpl/tx/transactors/Vault/VaultWithdraw.h>
 #endif
 TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
     Delegation::delegable,
@@ -900,7 +900,7 @@ TRANSACTION(ttVAULT_WITHDRAW, 69, VaultWithdraw,
 
 /** This transaction claws back tokens from a vault. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/vault/VaultClawback.h>
+#   include <xrpl/tx/transactors/Vault/VaultClawback.h>
 #endif
 TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
     Delegation::delegable,
@@ -914,7 +914,7 @@ TRANSACTION(ttVAULT_CLAWBACK, 70, VaultClawback,
 
 /** This transaction type batches together transactions. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/system/Batch.h>
+#   include <xrpl/tx/transactors/Batch.h>
 #endif
 TRANSACTION(ttBATCH, 71, Batch,
     Delegation::notDelegable,
@@ -929,7 +929,7 @@ TRANSACTION(ttBATCH, 71, Batch,
 
 /** This transaction creates and updates a Loan Broker */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanBrokerSet.h>
+#   include <xrpl/tx/transactors/Lending/LoanBrokerSet.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
     Delegation::delegable,
@@ -946,7 +946,7 @@ TRANSACTION(ttLOAN_BROKER_SET, 74, LoanBrokerSet,
 
 /** This transaction deletes a Loan Broker */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanBrokerDelete.h>
+#   include <xrpl/tx/transactors/Lending/LoanBrokerDelete.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
     Delegation::delegable,
@@ -957,7 +957,7 @@ TRANSACTION(ttLOAN_BROKER_DELETE, 75, LoanBrokerDelete,
 
 /** This transaction deposits First Loss Capital into a Loan Broker */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanBrokerCoverDeposit.h>
+#   include <xrpl/tx/transactors/Lending/LoanBrokerCoverDeposit.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
     Delegation::delegable,
@@ -969,7 +969,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_DEPOSIT, 76, LoanBrokerCoverDeposit,
 
 /** This transaction withdraws First Loss Capital from a Loan Broker */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanBrokerCoverWithdraw.h>
+#   include <xrpl/tx/transactors/Lending/LoanBrokerCoverWithdraw.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
     Delegation::delegable,
@@ -984,7 +984,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_WITHDRAW, 77, LoanBrokerCoverWithdraw,
 /** This transaction claws back First Loss Capital from a Loan Broker to
     the issuer of the capital */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanBrokerCoverClawback.h>
+#   include <xrpl/tx/transactors/Lending/LoanBrokerCoverClawback.h>
 #endif
 TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
     Delegation::delegable,
@@ -996,7 +996,7 @@ TRANSACTION(ttLOAN_BROKER_COVER_CLAWBACK, 78, LoanBrokerCoverClawback,
 
 /** This transaction creates a Loan */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanSet.h>
+#   include <xrpl/tx/transactors/Lending/LoanSet.h>
 #endif
 TRANSACTION(ttLOAN_SET, 80, LoanSet,
     Delegation::delegable,
@@ -1023,7 +1023,7 @@ TRANSACTION(ttLOAN_SET, 80, LoanSet,
 
 /** This transaction deletes an existing Loan */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanDelete.h>
+#   include <xrpl/tx/transactors/Lending/LoanDelete.h>
 #endif
 TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
     Delegation::delegable,
@@ -1034,7 +1034,7 @@ TRANSACTION(ttLOAN_DELETE, 81, LoanDelete,
 
 /** This transaction is used to change the delinquency status of an existing Loan */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanManage.h>
+#   include <xrpl/tx/transactors/Lending/LoanManage.h>
 #endif
 TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
     Delegation::delegable,
@@ -1048,7 +1048,7 @@ TRANSACTION(ttLOAN_MANAGE, 82, LoanManage,
 
 /** The Borrower uses this transaction to make a Payment on the Loan. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/lending/LoanPay.h>
+#   include <xrpl/tx/transactors/Lending/LoanPay.h>
 #endif
 TRANSACTION(ttLOAN_PAY, 84, LoanPay,
     Delegation::delegable,
@@ -1063,7 +1063,7 @@ TRANSACTION(ttLOAN_PAY, 84, LoanPay,
     For details, see: https://xrpl.org/amendments.html
  */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/system/Change.h>
+#   include <xrpl/tx/transactors/Change.h>
 #endif
 TRANSACTION(ttAMENDMENT, 100, EnableAmendment,
     Delegation::notDelegable,

include/xrpl/protocol/jss.h

@@ -25,7 +25,6 @@ namespace jss {
 JSS(AL_size);              // out: GetCounts
 JSS(AL_hit_rate);          // out: GetCounts
 JSS(AcceptedCredentials);  // out: AccountObjects
-JSS(ACCOUNT_SET_FLAGS);    // out: RPC server_definitions
 JSS(Account);              // in: TransactionSign; field.
 JSS(AMMID);                // field
 JSS(Amount);               // in: TransactionSign; field.
@@ -188,7 +187,6 @@ JSS(closed_ledger);           // out: NetworkOPs
 JSS(cluster);                 // out: PeerImp
 JSS(code);                    // out: errors
 JSS(command);                 // in: RPCHandler
-JSS(common);                  // out: RPC server_definitions
 JSS(complete);                // out: NetworkOPs, InboundLedger
 JSS(complete_ledgers);        // out: NetworkOPs, PeerImp
 JSS(consensus);               // out: NetworkOPs, LedgerConsensus
@@ -358,8 +356,6 @@ JSS(ledger_min);              // in, out: AccountTx*
 JSS(ledger_time);             // out: NetworkOPs
 JSS(LEDGER_ENTRY_TYPES);      // out: RPC server_definitions
                               // matches definitions.json format
-JSS(LEDGER_ENTRY_FLAGS);      // out: RPC server_definitions
-JSS(LEDGER_ENTRY_FORMATS);    // out: RPC server_definitions
 JSS(levels);                  // LogLevels
 JSS(limit);                   // in/out: AccountTx*, AccountOffers,
                               //         AccountLines, AccountObjects
@@ -461,7 +457,6 @@ JSS(open);                    // out: handlers/Ledger
 JSS(open_ledger_cost);        // out: SubmitTransaction
 JSS(open_ledger_fee);         // out: TxQ
 JSS(open_ledger_level);       // out: TxQ
-JSS(optionality);             // out: server_definitions
 JSS(oracles);                 // in: get_aggregate_price
 JSS(oracle_document_id);      // in: get_aggregate_price
 JSS(owner);                   // in: LedgerEntry, out: NetworkOPs
@@ -621,8 +616,6 @@ JSS(TRANSACTION_RESULTS);     // out: RPC server_definitions
                               // matches definitions.json format
 JSS(TRANSACTION_TYPES);       // out: RPC server_definitions
                               // matches definitions.json format
-JSS(TRANSACTION_FLAGS);       // out: RPC server_definitions
-JSS(TRANSACTION_FORMATS);     // out: RPC server_definitions
 JSS(TYPES);                   // out: RPC server_definitions
                               // matches definitions.json format
 JSS(transfer_rate);           // out: nft_info (clio)

include/xrpl/shamap/SHAMapNodeID.h

@@ -46,6 +46,17 @@ public:
         return id_;
     }
 
+    /**
+     * Get the SHAMapNodeID of a child node at the specified branch.
+     *
+     * @param m  The branch number (0-15) indicating which child to descend to.
+     *           In the SHAMap's 16-way radix tree, each inner node has up to
+     *           16 children, indexed by the corresponding nibble (4 bits) of
+     *           the key at the current depth.
+     * @return SHAMapNodeID of the child node at branch m.
+     * @throws std::logic_error if this node is at the maximum leaf depth (64)
+     *         or if the node's id doesn't match its depth mask.
+     */
     SHAMapNodeID
     getChildNodeID(unsigned int m) const;
 

include/xrpl/tx/InvariantCheck.h

@@ -0,0 +1,732 @@
+#pragma once
+
+#include <xrpl/basics/Number.h>
+#include <xrpl/basics/base_uint.h>
+#include <xrpl/beast/utility/Journal.h>
+#include <xrpl/protocol/MPTIssue.h>
+#include <xrpl/protocol/STLedgerEntry.h>
+#include <xrpl/protocol/STTx.h>
+#include <xrpl/protocol/TER.h>
+
+#include <cstdint>
+#include <tuple>
+#include <unordered_set>
+
+namespace xrpl {
+
+class ReadView;
+
+#if GENERATING_DOCS
+/**
+ * @brief Prototype for invariant check implementations.
+ *
+ * __THIS CLASS DOES NOT EXIST__ - or rather it exists in documentation only to
+ * communicate the interface required of any invariant checker. Any invariant
+ * check implementation should implement the public methods documented here.
+ *
+ */
+class InvariantChecker_PROTOTYPE
+{
+public:
+    explicit InvariantChecker_PROTOTYPE() = default;
+
+    /**
+     * @brief called for each ledger entry in the current transaction.
+     *
+     * @param isDelete true if the SLE is being deleted
+     * @param before ledger entry before modification by the transaction
+     * @param after ledger entry after modification by the transaction
+     */
+    void
+    visitEntry(
+        bool isDelete,
+        std::shared_ptr<SLE const> const& before,
+        std::shared_ptr<SLE const> const& after);
+
+    /**
+     * @brief called after all ledger entries have been visited to determine
+     * the final status of the check
+     *
+     * @param tx the transaction being applied
+     * @param tec the current TER result of the transaction
+     * @param fee the fee actually charged for this transaction
+     * @param view a ReadView of the ledger being modified
+     * @param j journal for logging
+     *
+     * @return true if check passes, false if it fails
+     */
+    bool
+    finalize(
+        STTx const& tx,
+        TER const tec,
+        XRPAmount const fee,
+        ReadView const& view,
+        beast::Journal const& j);
+};
+#endif
+
+/**
+ * @brief Invariant: We should never charge a transaction a negative fee or a
+ * fee that is larger than what the transaction itself specifies.
+ *
+ * We can, in some circumstances, charge less.
+ */
+class TransactionFeeCheck
+{
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: A transaction must not create XRP and should only destroy
+ * the XRP fee.
+ *
+ * We iterate through all account roots, payment channels and escrow entries
+ * that were modified and calculate the net change in XRP caused by the
+ * transactions.
+ */
+class XRPNotCreated
+{
+    std::int64_t drops_ = 0;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: we cannot remove an account ledger entry
+ *
+ * We iterate all account roots that were modified, and ensure that any that
+ * were present before the transaction was applied continue to be present
+ * afterwards unless they were explicitly deleted by a successful
+ * AccountDelete transaction.
+ */
+class AccountRootsNotDeleted
+{
+    std::uint32_t accountsDeleted_ = 0;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: a deleted account must not have any objects left
+ *
+ * We iterate all deleted account roots, and ensure that there are no
+ * objects left that are directly accessible with that account's ID.
+ *
+ * There should only be one deleted account, but that's checked by
+ * AccountRootsNotDeleted. This invariant will handle multiple deleted account
+ * roots without a problem.
+ */
+class AccountRootsDeletedClean
+{
+    // Pair is <before, after>. Before is used for most of the checks, so that
+    // if, for example, an object ID field is cleared, but the object is not
+    // deleted, it can still be found. After is used specifically for any checks
+    // that are expected as part of the deletion, such as zeroing out the
+    // balance.
+    std::vector<std::pair<std::shared_ptr<SLE const>, std::shared_ptr<SLE const>>> accountsDeleted_;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: An account XRP balance must be in XRP and take a value
+ *                   between 0 and INITIAL_XRP drops, inclusive.
+ *
+ * We iterate all account roots modified by the transaction and ensure that
+ * their XRP balances are reasonable.
+ */
+class XRPBalanceChecks
+{
+    bool bad_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: corresponding modified ledger entries should match in type
+ *                   and added entries should be a valid type.
+ */
+class LedgerEntryTypesMatch
+{
+    bool typeMismatch_ = false;
+    bool invalidTypeAdded_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: Trust lines using XRP are not allowed.
+ *
+ * We iterate all the trust lines created by this transaction and ensure
+ * that they are against a valid issuer.
+ */
+class NoXRPTrustLines
+{
+    bool xrpTrustLine_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: Trust lines with deep freeze flag are not allowed if normal
+ * freeze flag is not set.
+ *
+ * We iterate all the trust lines created by this transaction and ensure
+ * that they don't have deep freeze flag set without normal freeze flag set.
+ */
+class NoDeepFreezeTrustLinesWithoutFreeze
+{
+    bool deepFreezeWithoutFreeze_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: frozen trust line balance change is not allowed.
+ *
+ * We iterate all affected trust lines and ensure that they don't have
+ * unexpected change of balance if they're frozen.
+ */
+class TransfersNotFrozen
+{
+    struct BalanceChange
+    {
+        std::shared_ptr<SLE const> const line;
+        int const balanceChangeSign;
+    };
+
+    struct IssuerChanges
+    {
+        std::vector<BalanceChange> senders;
+        std::vector<BalanceChange> receivers;
+    };
+
+    using ByIssuer = std::map<Issue, IssuerChanges>;
+    ByIssuer balanceChanges_;
+
+    std::map<AccountID, std::shared_ptr<SLE const> const> possibleIssuers_;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+
+private:
+    bool
+    isValidEntry(std::shared_ptr<SLE const> const& before, std::shared_ptr<SLE const> const& after);
+
+    STAmount
+    calculateBalanceChange(
+        std::shared_ptr<SLE const> const& before,
+        std::shared_ptr<SLE const> const& after,
+        bool isDelete);
+
+    void
+    recordBalance(Issue const& issue, BalanceChange change);
+
+    void
+    recordBalanceChanges(std::shared_ptr<SLE const> const& after, STAmount const& balanceChange);
+
+    std::shared_ptr<SLE const>
+    findIssuer(AccountID const& issuerID, ReadView const& view);
+
+    bool
+    validateIssuerChanges(
+        std::shared_ptr<SLE const> const& issuer,
+        IssuerChanges const& changes,
+        STTx const& tx,
+        beast::Journal const& j,
+        bool enforce);
+
+    bool
+    validateFrozenState(
+        BalanceChange const& change,
+        bool high,
+        STTx const& tx,
+        beast::Journal const& j,
+        bool enforce,
+        bool globalFreeze);
+};
+
+/**
+ * @brief Invariant: offers should be for non-negative amounts and must not
+ *                   be XRP to XRP.
+ *
+ * Examine all offers modified by the transaction and ensure that there are
+ * no offers which contain negative amounts or which exchange XRP for XRP.
+ */
+class NoBadOffers
+{
+    bool bad_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: an escrow entry must take a value between 0 and
+ *                   INITIAL_XRP drops exclusive.
+ */
+class NoZeroEscrow
+{
+    bool bad_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: a new account root must be the consequence of a payment,
+ *                   must have the right starting sequence, and the payment
+ *                   may not create more than one new account root.
+ */
+class ValidNewAccountRoot
+{
+    std::uint32_t accountsCreated_ = 0;
+    std::uint32_t accountSeq_ = 0;
+    bool pseudoAccount_ = false;
+    std::uint32_t flags_ = 0;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: Validates several invariants for NFToken pages.
+ *
+ * The following checks are made:
+ *  - The page is correctly associated with the owner.
+ *  - The page is correctly ordered between the next and previous links.
+ *  - The page contains at least one and no more than 32 NFTokens.
+ *  - The NFTokens on this page do not belong on a lower or higher page.
+ *  - The NFTokens are correctly sorted on the page.
+ *  - Each URI, if present, is not empty.
+ */
+class ValidNFTokenPage
+{
+    bool badEntry_ = false;
+    bool badLink_ = false;
+    bool badSort_ = false;
+    bool badURI_ = false;
+    bool invalidSize_ = false;
+    bool deletedFinalPage_ = false;
+    bool deletedLink_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: Validates counts of NFTokens after all transaction types.
+ *
+ * The following checks are made:
+ *  - The number of minted or burned NFTokens can only be changed by
+ *    NFTokenMint or NFTokenBurn transactions.
+ *  - A successful NFTokenMint must increase the number of NFTokens.
+ *  - A failed NFTokenMint must not change the number of minted NFTokens.
+ *  - An NFTokenMint transaction cannot change the number of burned NFTokens.
+ *  - A successful NFTokenBurn must increase the number of burned NFTokens.
+ *  - A failed NFTokenBurn must not change the number of burned NFTokens.
+ *  - An NFTokenBurn transaction cannot change the number of minted NFTokens.
+ */
+class NFTokenCountTracking
+{
+    std::uint32_t beforeMintedTotal = 0;
+    std::uint32_t beforeBurnedTotal = 0;
+    std::uint32_t afterMintedTotal = 0;
+    std::uint32_t afterBurnedTotal = 0;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariant: Token holder's trustline balance cannot be negative after
+ * Clawback.
+ *
+ * We iterate all the trust lines affected by this transaction and ensure
+ * that no more than one trustline is modified, and also holder's balance is
+ * non-negative.
+ */
+class ValidClawback
+{
+    std::uint32_t trustlinesChanged = 0;
+    std::uint32_t mptokensChanged = 0;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+class ValidMPTIssuance
+{
+    std::uint32_t mptIssuancesCreated_ = 0;
+    std::uint32_t mptIssuancesDeleted_ = 0;
+
+    std::uint32_t mptokensCreated_ = 0;
+    std::uint32_t mptokensDeleted_ = 0;
+    // non-MPT transactions may attempt to create
+    // MPToken by an issuer
+    bool mptCreatedByIssuer_ = false;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariants: Permissioned Domains must have some rules and
+ * AcceptedCredentials must have length between 1 and 10 inclusive.
+ *
+ * Since only permissions constitute rules, an empty credentials list
+ * means that there are no rules and the invariant is violated.
+ *
+ * Credentials must be sorted and no duplicates allowed
+ *
+ */
+class ValidPermissionedDomain
+{
+    struct SleStatus
+    {
+        std::size_t credentialsSize_{0};
+        bool isSorted_ = false;
+        bool isUnique_ = false;
+        bool isDelete_ = false;
+    };
+    std::vector<SleStatus> sleStatus_;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariants: Pseudo-accounts have valid and consistent properties
+ *
+ * Pseudo-accounts have certain properties, and some of those properties are
+ * unique to pseudo-accounts. Check that all pseudo-accounts are following the
+ * rules, and that only pseudo-accounts look like pseudo-accounts.
+ *
+ */
+class ValidPseudoAccounts
+{
+    std::vector<std::string> errors_;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+class ValidPermissionedDEX
+{
+    bool regularOffers_ = false;
+    bool badHybrids_ = false;
+    hash_set<uint256> domains_;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+class ValidAMM
+{
+    std::optional<AccountID> ammAccount_;
+    std::optional<STAmount> lptAMMBalanceAfter_;
+    std::optional<STAmount> lptAMMBalanceBefore_;
+    bool ammPoolChanged_;
+
+public:
+    enum class ZeroAllowed : bool { No = false, Yes = true };
+
+    ValidAMM() : ammPoolChanged_{false}
+    {
+    }
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+
+private:
+    bool
+    finalizeBid(bool enforce, beast::Journal const&) const;
+    bool
+    finalizeVote(bool enforce, beast::Journal const&) const;
+    bool
+    finalizeCreate(STTx const&, ReadView const&, bool enforce, beast::Journal const&) const;
+    bool
+    finalizeDelete(bool enforce, TER res, beast::Journal const&) const;
+    bool
+    finalizeDeposit(STTx const&, ReadView const&, bool enforce, beast::Journal const&) const;
+    // Includes clawback
+    bool
+    finalizeWithdraw(STTx const&, ReadView const&, bool enforce, beast::Journal const&) const;
+    bool
+    finalizeDEX(bool enforce, beast::Journal const&) const;
+    bool
+    generalInvariant(STTx const&, ReadView const&, ZeroAllowed zeroAllowed, beast::Journal const&)
+        const;
+};
+
+/**
+ * @brief Invariants: Some fields are unmodifiable
+ *
+ * Check that any fields specified as unmodifiable are not modified when the
+ * object is modified. Creation and deletion are ignored.
+ *
+ */
+class NoModifiedUnmodifiableFields
+{
+    // Pair is <before, after>.
+    std::set<std::pair<SLE::const_pointer, SLE::const_pointer>> changedEntries_;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariants: Loan brokers are internally consistent
+ *
+ * 1. If `LoanBroker.OwnerCount = 0` the `DirectoryNode` will have at most one
+ *    node (the root), which will only hold entries for `RippleState` or
+ * `MPToken` objects.
+ *
+ */
+class ValidLoanBroker
+{
+    // Not all of these elements will necessarily be populated. Remaining items
+    // will be looked up as needed.
+    struct BrokerInfo
+    {
+        SLE::const_pointer brokerBefore = nullptr;
+        // After is used for most of the checks, except
+        // those that check changed values.
+        SLE::const_pointer brokerAfter = nullptr;
+    };
+    // Collect all the LoanBrokers found directly or indirectly through
+    // pseudo-accounts. Key is the brokerID / index. It will be used to find the
+    // LoanBroker object if brokerBefore and brokerAfter are nullptr
+    std::map<uint256, BrokerInfo> brokers_;
+    // Collect all the modified trust lines. Their high and low accounts will be
+    // loaded to look for LoanBroker pseudo-accounts.
+    std::vector<SLE::const_pointer> lines_;
+    // Collect all the modified MPTokens. Their accounts will be loaded to look
+    // for LoanBroker pseudo-accounts.
+    std::vector<SLE::const_pointer> mpts_;
+
+    bool
+    goodZeroDirectory(ReadView const& view, SLE::const_ref dir, beast::Journal const& j) const;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/**
+ * @brief Invariants: Loans are internally consistent
+ *
+ * 1. If `Loan.PaymentRemaining = 0` then `Loan.PrincipalOutstanding = 0`
+ *
+ */
+class ValidLoan
+{
+    // Pair is <before, after>. After is used for most of the checks, except
+    // those that check changed values.
+    std::vector<std::pair<SLE::const_pointer, SLE::const_pointer>> loans_;
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+/*
+ * @brief Invariants: Vault object and MPTokenIssuance for vault shares
+ *
+ * - vault deleted and vault created is empty
+ * - vault created must be linked to pseudo-account for shares and assets
+ * - vault must have MPTokenIssuance for shares
+ * - vault without shares outstanding must have no shares
+ * - loss unrealized does not exceed the difference between assets total and
+ *   assets available
+ * - assets available do not exceed assets total
+ * - vault deposit increases assets and share issuance, and adds to:
+ *   total assets, assets available, shares outstanding
+ * - vault withdrawal and clawback reduce assets and share issuance, and
+ *   subtracts from: total assets, assets available, shares outstanding
+ * - vault set must not alter the vault assets or shares balance
+ * - no vault transaction can change loss unrealized (it's updated by loan
+ *   transactions)
+ *
+ */
+class ValidVault
+{
+    Number static constexpr zero{};
+
+    struct Vault final
+    {
+        uint256 key = beast::zero;
+        Asset asset = {};
+        AccountID pseudoId = {};
+        AccountID owner = {};
+        uint192 shareMPTID = beast::zero;
+        Number assetsTotal = 0;
+        Number assetsAvailable = 0;
+        Number assetsMaximum = 0;
+        Number lossUnrealized = 0;
+
+        Vault static make(SLE const&);
+    };
+
+    struct Shares final
+    {
+        MPTIssue share = {};
+        std::uint64_t sharesTotal = 0;
+        std::uint64_t sharesMaximum = 0;
+
+        Shares static make(SLE const&);
+    };
+
+    std::vector<Vault> afterVault_ = {};
+    std::vector<Shares> afterMPTs_ = {};
+    std::vector<Vault> beforeVault_ = {};
+    std::vector<Shares> beforeMPTs_ = {};
+    std::unordered_map<uint256, Number> deltas_ = {};
+
+public:
+    void
+    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
+
+    bool
+    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
+};
+
+// additional invariant checks can be declared above and then added to this
+// tuple
+using InvariantChecks = std::tuple<
+    TransactionFeeCheck,
+    AccountRootsNotDeleted,
+    AccountRootsDeletedClean,
+    LedgerEntryTypesMatch,
+    XRPBalanceChecks,
+    XRPNotCreated,
+    NoXRPTrustLines,
+    NoDeepFreezeTrustLinesWithoutFreeze,
+    TransfersNotFrozen,
+    NoBadOffers,
+    NoZeroEscrow,
+    ValidNewAccountRoot,
+    ValidNFTokenPage,
+    NFTokenCountTracking,
+    ValidClawback,
+    ValidMPTIssuance,
+    ValidPermissionedDomain,
+    ValidPermissionedDEX,
+    ValidAMM,
+    NoModifiedUnmodifiableFields,
+    ValidPseudoAccounts,
+    ValidLoanBroker,
+    ValidLoan,
+    ValidVault>;
+
+/**
+ * @brief get a tuple of all invariant checks
+ *
+ * @return std::tuple of instances that implement the required invariant check
+ * methods
+ *
+ * @see xrpl::InvariantChecker_PROTOTYPE
+ */
+inline InvariantChecks
+getInvariantChecks()
+{
+    return InvariantChecks{};
+}
+
+}  // namespace xrpl

include/xrpl/tx/invariants/AMMInvariant.h

@@ -1,53 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-#include <optional>
-
-namespace xrpl {
-
-class ValidAMM
-{
-    std::optional<AccountID> ammAccount_;
-    std::optional<STAmount> lptAMMBalanceAfter_;
-    std::optional<STAmount> lptAMMBalanceBefore_;
-    bool ammPoolChanged_;
-
-public:
-    enum class ZeroAllowed : bool { No = false, Yes = true };
-
-    ValidAMM() : ammPoolChanged_{false}
-    {
-    }
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-
-private:
-    bool
-    finalizeBid(bool enforce, beast::Journal const&) const;
-    bool
-    finalizeVote(bool enforce, beast::Journal const&) const;
-    bool
-    finalizeCreate(STTx const&, ReadView const&, bool enforce, beast::Journal const&) const;
-    bool
-    finalizeDelete(bool enforce, TER res, beast::Journal const&) const;
-    bool
-    finalizeDeposit(STTx const&, ReadView const&, bool enforce, beast::Journal const&) const;
-    // Includes clawback
-    bool
-    finalizeWithdraw(STTx const&, ReadView const&, bool enforce, beast::Journal const&) const;
-    bool
-    finalizeDEX(bool enforce, beast::Journal const&) const;
-    bool
-    generalInvariant(STTx const&, ReadView const&, ZeroAllowed zeroAllowed, beast::Journal const&)
-        const;
-};
-
-}  // namespace xrpl

include/xrpl/tx/invariants/FreezeInvariant.h

@@ -1,84 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/Issue.h>
-#include <xrpl/protocol/STAmount.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-#include <map>
-#include <vector>
-
-namespace xrpl {
-
-/**
- * @brief Invariant: frozen trust line balance change is not allowed.
- *
- * We iterate all affected trust lines and ensure that they don't have
- * unexpected change of balance if they're frozen.
- */
-class TransfersNotFrozen
-{
-    struct BalanceChange
-    {
-        std::shared_ptr<SLE const> const line;
-        int const balanceChangeSign;
-    };
-
-    struct IssuerChanges
-    {
-        std::vector<BalanceChange> senders;
-        std::vector<BalanceChange> receivers;
-    };
-
-    using ByIssuer = std::map<Issue, IssuerChanges>;
-    ByIssuer balanceChanges_;
-
-    std::map<AccountID, std::shared_ptr<SLE const> const> possibleIssuers_;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-
-private:
-    bool
-    isValidEntry(std::shared_ptr<SLE const> const& before, std::shared_ptr<SLE const> const& after);
-
-    STAmount
-    calculateBalanceChange(
-        std::shared_ptr<SLE const> const& before,
-        std::shared_ptr<SLE const> const& after,
-        bool isDelete);
-
-    void
-    recordBalance(Issue const& issue, BalanceChange change);
-
-    void
-    recordBalanceChanges(std::shared_ptr<SLE const> const& after, STAmount const& balanceChange);
-
-    std::shared_ptr<SLE const>
-    findIssuer(AccountID const& issuerID, ReadView const& view);
-
-    bool
-    validateIssuerChanges(
-        std::shared_ptr<SLE const> const& issuer,
-        IssuerChanges const& changes,
-        STTx const& tx,
-        beast::Journal const& j,
-        bool enforce);
-
-    bool
-    validateFrozenState(
-        BalanceChange const& change,
-        bool high,
-        STTx const& tx,
-        beast::Journal const& j,
-        bool enforce,
-        bool globalFreeze);
-};
-
-}  // namespace xrpl

include/xrpl/tx/invariants/InvariantCheck.h

@@ -1,385 +0,0 @@
-#pragma once
-
-#include <xrpl/basics/base_uint.h>
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-#include <xrpl/tx/invariants/AMMInvariant.h>
-#include <xrpl/tx/invariants/FreezeInvariant.h>
-#include <xrpl/tx/invariants/LoanInvariant.h>
-#include <xrpl/tx/invariants/MPTInvariant.h>
-#include <xrpl/tx/invariants/NFTInvariant.h>
-#include <xrpl/tx/invariants/PermissionedDEXInvariant.h>
-#include <xrpl/tx/invariants/PermissionedDomainInvariant.h>
-#include <xrpl/tx/invariants/VaultInvariant.h>
-
-#include <cstdint>
-#include <tuple>
-
-namespace xrpl {
-
-#if GENERATING_DOCS
-/**
- * @brief Prototype for invariant check implementations.
- *
- * __THIS CLASS DOES NOT EXIST__ - or rather it exists in documentation only to
- * communicate the interface required of any invariant checker. Any invariant
- * check implementation should implement the public methods documented here.
- *
- */
-class InvariantChecker_PROTOTYPE
-{
-public:
-    explicit InvariantChecker_PROTOTYPE() = default;
-
-    /**
-     * @brief called for each ledger entry in the current transaction.
-     *
-     * @param isDelete true if the SLE is being deleted
-     * @param before ledger entry before modification by the transaction
-     * @param after ledger entry after modification by the transaction
-     */
-    void
-    visitEntry(
-        bool isDelete,
-        std::shared_ptr<SLE const> const& before,
-        std::shared_ptr<SLE const> const& after);
-
-    /**
-     * @brief called after all ledger entries have been visited to determine
-     * the final status of the check
-     *
-     * @param tx the transaction being applied
-     * @param tec the current TER result of the transaction
-     * @param fee the fee actually charged for this transaction
-     * @param view a ReadView of the ledger being modified
-     * @param j journal for logging
-     *
-     * @return true if check passes, false if it fails
-     */
-    bool
-    finalize(
-        STTx const& tx,
-        TER const tec,
-        XRPAmount const fee,
-        ReadView const& view,
-        beast::Journal const& j);
-};
-#endif
-
-/**
- * @brief Invariant: We should never charge a transaction a negative fee or a
- * fee that is larger than what the transaction itself specifies.
- *
- * We can, in some circumstances, charge less.
- */
-class TransactionFeeCheck
-{
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: A transaction must not create XRP and should only destroy
- * the XRP fee.
- *
- * We iterate through all account roots, payment channels and escrow entries
- * that were modified and calculate the net change in XRP caused by the
- * transactions.
- */
-class XRPNotCreated
-{
-    std::int64_t drops_ = 0;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: we cannot remove an account ledger entry
- *
- * We iterate all account roots that were modified, and ensure that any that
- * were present before the transaction was applied continue to be present
- * afterwards unless they were explicitly deleted by a successful
- * AccountDelete transaction.
- */
-class AccountRootsNotDeleted
-{
-    std::uint32_t accountsDeleted_ = 0;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: a deleted account must not have any objects left
- *
- * We iterate all deleted account roots, and ensure that there are no
- * objects left that are directly accessible with that account's ID.
- *
- * There should only be one deleted account, but that's checked by
- * AccountRootsNotDeleted. This invariant will handle multiple deleted account
- * roots without a problem.
- */
-class AccountRootsDeletedClean
-{
-    // Pair is <before, after>. Before is used for most of the checks, so that
-    // if, for example, an object ID field is cleared, but the object is not
-    // deleted, it can still be found. After is used specifically for any checks
-    // that are expected as part of the deletion, such as zeroing out the
-    // balance.
-    std::vector<std::pair<std::shared_ptr<SLE const>, std::shared_ptr<SLE const>>> accountsDeleted_;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: An account XRP balance must be in XRP and take a value
- *                   between 0 and INITIAL_XRP drops, inclusive.
- *
- * We iterate all account roots modified by the transaction and ensure that
- * their XRP balances are reasonable.
- */
-class XRPBalanceChecks
-{
-    bool bad_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: corresponding modified ledger entries should match in type
- *                   and added entries should be a valid type.
- */
-class LedgerEntryTypesMatch
-{
-    bool typeMismatch_ = false;
-    bool invalidTypeAdded_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: Trust lines using XRP are not allowed.
- *
- * We iterate all the trust lines created by this transaction and ensure
- * that they are against a valid issuer.
- */
-class NoXRPTrustLines
-{
-    bool xrpTrustLine_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: Trust lines with deep freeze flag are not allowed if normal
- * freeze flag is not set.
- *
- * We iterate all the trust lines created by this transaction and ensure
- * that they don't have deep freeze flag set without normal freeze flag set.
- */
-class NoDeepFreezeTrustLinesWithoutFreeze
-{
-    bool deepFreezeWithoutFreeze_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: offers should be for non-negative amounts and must not
- *                   be XRP to XRP.
- *
- * Examine all offers modified by the transaction and ensure that there are
- * no offers which contain negative amounts or which exchange XRP for XRP.
- */
-class NoBadOffers
-{
-    bool bad_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: an escrow entry must take a value between 0 and
- *                   INITIAL_XRP drops exclusive.
- */
-class NoZeroEscrow
-{
-    bool bad_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: a new account root must be the consequence of a payment,
- *                   must have the right starting sequence, and the payment
- *                   may not create more than one new account root.
- */
-class ValidNewAccountRoot
-{
-    std::uint32_t accountsCreated_ = 0;
-    std::uint32_t accountSeq_ = 0;
-    bool pseudoAccount_ = false;
-    std::uint32_t flags_ = 0;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: Token holder's trustline balance cannot be negative after
- * Clawback.
- *
- * We iterate all the trust lines affected by this transaction and ensure
- * that no more than one trustline is modified, and also holder's balance is
- * non-negative.
- */
-class ValidClawback
-{
-    std::uint32_t trustlinesChanged = 0;
-    std::uint32_t mptokensChanged = 0;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariants: Pseudo-accounts have valid and consistent properties
- *
- * Pseudo-accounts have certain properties, and some of those properties are
- * unique to pseudo-accounts. Check that all pseudo-accounts are following the
- * rules, and that only pseudo-accounts look like pseudo-accounts.
- *
- */
-class ValidPseudoAccounts
-{
-    std::vector<std::string> errors_;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariants: Some fields are unmodifiable
- *
- * Check that any fields specified as unmodifiable are not modified when the
- * object is modified. Creation and deletion are ignored.
- *
- */
-class NoModifiedUnmodifiableFields
-{
-    // Pair is <before, after>.
-    std::set<std::pair<SLE::const_pointer, SLE::const_pointer>> changedEntries_;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-// additional invariant checks can be declared above and then added to this
-// tuple
-using InvariantChecks = std::tuple<
-    TransactionFeeCheck,
-    AccountRootsNotDeleted,
-    AccountRootsDeletedClean,
-    LedgerEntryTypesMatch,
-    XRPBalanceChecks,
-    XRPNotCreated,
-    NoXRPTrustLines,
-    NoDeepFreezeTrustLinesWithoutFreeze,
-    TransfersNotFrozen,
-    NoBadOffers,
-    NoZeroEscrow,
-    ValidNewAccountRoot,
-    ValidNFTokenPage,
-    NFTokenCountTracking,
-    ValidClawback,
-    ValidMPTIssuance,
-    ValidPermissionedDomain,
-    ValidPermissionedDEX,
-    ValidAMM,
-    NoModifiedUnmodifiableFields,
-    ValidPseudoAccounts,
-    ValidLoanBroker,
-    ValidLoan,
-    ValidVault>;
-
-/**
- * @brief get a tuple of all invariant checks
- *
- * @return std::tuple of instances that implement the required invariant check
- * methods
- *
- * @see xrpl::InvariantChecker_PROTOTYPE
- */
-inline InvariantChecks
-getInvariantChecks()
-{
-    return InvariantChecks{};
-}
-
-}  // namespace xrpl

include/xrpl/tx/invariants/InvariantCheckPrivilege.h

@@ -1,60 +0,0 @@
-#pragma once
-
-#include <xrpl/protocol/STTx.h>
-
-#include <type_traits>
-
-namespace xrpl {
-
-/*
-assert(enforce)
-
-There are several asserts (or XRPL_ASSERTs) in invariant check files that check
-a variable named `enforce` when an invariant fails. At first glance, those
-asserts may look incorrect, but they are not.
-
-Those asserts take advantage of two facts:
-1. `asserts` are not (normally) executed in release builds.
-2. Invariants should *never* fail, except in tests that specifically modify
-   the open ledger to break them.
-
-This makes `assert(enforce)` sort of a second-layer of invariant enforcement
-aimed at _developers_. It's designed to fire if a developer writes code that
-violates an invariant, and runs it in unit tests or a develop build that _does
-not have the relevant amendments enabled_. It's intentionally a pain in the neck
-so that bad code gets caught and fixed as early as possible.
-*/
-
-enum Privilege {
-    noPriv = 0x0000,              // The transaction can not do any of the enumerated operations
-    createAcct = 0x0001,          // The transaction can create a new ACCOUNT_ROOT object.
-    createPseudoAcct = 0x0002,    // The transaction can create a pseudo account,
-                                  // which implies createAcct
-    mustDeleteAcct = 0x0004,      // The transaction must delete an ACCOUNT_ROOT object
-    mayDeleteAcct = 0x0008,       // The transaction may delete an ACCOUNT_ROOT
-                                  // object, but does not have to
-    overrideFreeze = 0x0010,      // The transaction can override some freeze rules
-    changeNFTCounts = 0x0020,     // The transaction can mint or burn an NFT
-    createMPTIssuance = 0x0040,   // The transaction can create a new MPT issuance
-    destroyMPTIssuance = 0x0080,  // The transaction can destroy an MPT issuance
-    mustAuthorizeMPT = 0x0100,    // The transaction MUST create or delete an MPT
-                                  // object (except by issuer)
-    mayAuthorizeMPT = 0x0200,     // The transaction MAY create or delete an MPT
-                                  // object (except by issuer)
-    mayDeleteMPT = 0x0400,        // The transaction MAY delete an MPT object. May not create.
-    mustModifyVault = 0x0800,     // The transaction must modify, delete or create, a vault
-    mayModifyVault = 0x1000,      // The transaction MAY modify, delete or create, a vault
-};
-
-constexpr Privilege
-operator|(Privilege lhs, Privilege rhs)
-{
-    return safe_cast<Privilege>(
-        safe_cast<std::underlying_type_t<Privilege>>(lhs) |
-        safe_cast<std::underlying_type_t<Privilege>>(rhs));
-}
-
-bool
-hasPrivilege(STTx const& tx, Privilege priv);
-
-}  // namespace xrpl

include/xrpl/tx/invariants/LoanInvariant.h

@@ -1,75 +0,0 @@
-#pragma once
-
-#include <xrpl/basics/base_uint.h>
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-#include <map>
-#include <vector>
-
-namespace xrpl {
-
-/**
- * @brief Invariants: Loan brokers are internally consistent
- *
- * 1. If `LoanBroker.OwnerCount = 0` the `DirectoryNode` will have at most one
- *    node (the root), which will only hold entries for `RippleState` or
- * `MPToken` objects.
- *
- */
-class ValidLoanBroker
-{
-    // Not all of these elements will necessarily be populated. Remaining items
-    // will be looked up as needed.
-    struct BrokerInfo
-    {
-        SLE::const_pointer brokerBefore = nullptr;
-        // After is used for most of the checks, except
-        // those that check changed values.
-        SLE::const_pointer brokerAfter = nullptr;
-    };
-    // Collect all the LoanBrokers found directly or indirectly through
-    // pseudo-accounts. Key is the brokerID / index. It will be used to find the
-    // LoanBroker object if brokerBefore and brokerAfter are nullptr
-    std::map<uint256, BrokerInfo> brokers_;
-    // Collect all the modified trust lines. Their high and low accounts will be
-    // loaded to look for LoanBroker pseudo-accounts.
-    std::vector<SLE::const_pointer> lines_;
-    // Collect all the modified MPTokens. Their accounts will be loaded to look
-    // for LoanBroker pseudo-accounts.
-    std::vector<SLE::const_pointer> mpts_;
-
-    bool
-    goodZeroDirectory(ReadView const& view, SLE::const_ref dir, beast::Journal const& j) const;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariants: Loans are internally consistent
- *
- * 1. If `Loan.PaymentRemaining = 0` then `Loan.PrincipalOutstanding = 0`
- *
- */
-class ValidLoan
-{
-    // Pair is <before, after>. After is used for most of the checks, except
-    // those that check changed values.
-    std::vector<std::pair<SLE::const_pointer, SLE::const_pointer>> loans_;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-}  // namespace xrpl

include/xrpl/tx/invariants/MPTInvariant.h

@@ -1,31 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-#include <cstdint>
-
-namespace xrpl {
-
-class ValidMPTIssuance
-{
-    std::uint32_t mptIssuancesCreated_ = 0;
-    std::uint32_t mptIssuancesDeleted_ = 0;
-
-    std::uint32_t mptokensCreated_ = 0;
-    std::uint32_t mptokensDeleted_ = 0;
-    // non-MPT transactions may attempt to create
-    // MPToken by an issuer
-    bool mptCreatedByIssuer_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-}  // namespace xrpl

include/xrpl/tx/invariants/NFTInvariant.h

@@ -1,70 +0,0 @@
-#pragma once
-
-#include <xrpl/basics/base_uint.h>
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-#include <cstdint>
-
-namespace xrpl {
-
-/**
- * @brief Invariant: Validates several invariants for NFToken pages.
- *
- * The following checks are made:
- *  - The page is correctly associated with the owner.
- *  - The page is correctly ordered between the next and previous links.
- *  - The page contains at least one and no more than 32 NFTokens.
- *  - The NFTokens on this page do not belong on a lower or higher page.
- *  - The NFTokens are correctly sorted on the page.
- *  - Each URI, if present, is not empty.
- */
-class ValidNFTokenPage
-{
-    bool badEntry_ = false;
-    bool badLink_ = false;
-    bool badSort_ = false;
-    bool badURI_ = false;
-    bool invalidSize_ = false;
-    bool deletedFinalPage_ = false;
-    bool deletedLink_ = false;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-/**
- * @brief Invariant: Validates counts of NFTokens after all transaction types.
- *
- * The following checks are made:
- *  - The number of minted or burned NFTokens can only be changed by
- *    NFTokenMint or NFTokenBurn transactions.
- *  - A successful NFTokenMint must increase the number of NFTokens.
- *  - A failed NFTokenMint must not change the number of minted NFTokens.
- *  - An NFTokenMint transaction cannot change the number of burned NFTokens.
- *  - A successful NFTokenBurn must increase the number of burned NFTokens.
- *  - A failed NFTokenBurn must not change the number of burned NFTokens.
- *  - An NFTokenBurn transaction cannot change the number of minted NFTokens.
- */
-class NFTokenCountTracking
-{
-    std::uint32_t beforeMintedTotal = 0;
-    std::uint32_t beforeBurnedTotal = 0;
-    std::uint32_t afterMintedTotal = 0;
-    std::uint32_t afterBurnedTotal = 0;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-}  // namespace xrpl

include/xrpl/tx/invariants/PermissionedDEXInvariant.h

@@ -1,25 +0,0 @@
-#pragma once
-
-#include <xrpl/basics/base_uint.h>
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-namespace xrpl {
-
-class ValidPermissionedDEX
-{
-    bool regularOffers_ = false;
-    bool badHybrids_ = false;
-    hash_set<uint256> domains_;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-}  // namespace xrpl

include/xrpl/tx/invariants/PermissionedDomainInvariant.h

@@ -1,41 +0,0 @@
-#pragma once
-
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-#include <vector>
-
-namespace xrpl {
-
-/**
- * @brief Invariants: Permissioned Domains must have some rules and
- * AcceptedCredentials must have length between 1 and 10 inclusive.
- *
- * Since only permissions constitute rules, an empty credentials list
- * means that there are no rules and the invariant is violated.
- *
- * Credentials must be sorted and no duplicates allowed
- *
- */
-class ValidPermissionedDomain
-{
-    struct SleStatus
-    {
-        std::size_t credentialsSize_{0};
-        bool isSorted_ = false;
-        bool isUnique_ = false;
-        bool isDelete_ = false;
-    };
-    std::vector<SleStatus> sleStatus_;
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-}  // namespace xrpl

include/xrpl/tx/invariants/VaultInvariant.h

@@ -1,77 +0,0 @@
-#pragma once
-
-#include <xrpl/basics/Number.h>
-#include <xrpl/basics/base_uint.h>
-#include <xrpl/beast/utility/Journal.h>
-#include <xrpl/ledger/ReadView.h>
-#include <xrpl/protocol/MPTIssue.h>
-#include <xrpl/protocol/STTx.h>
-#include <xrpl/protocol/TER.h>
-
-#include <unordered_map>
-#include <vector>
-
-namespace xrpl {
-
-/*
- * @brief Invariants: Vault object and MPTokenIssuance for vault shares
- *
- * - vault deleted and vault created is empty
- * - vault created must be linked to pseudo-account for shares and assets
- * - vault must have MPTokenIssuance for shares
- * - vault without shares outstanding must have no shares
- * - loss unrealized does not exceed the difference between assets total and
- *   assets available
- * - assets available do not exceed assets total
- * - vault deposit increases assets and share issuance, and adds to:
- *   total assets, assets available, shares outstanding
- * - vault withdrawal and clawback reduce assets and share issuance, and
- *   subtracts from: total assets, assets available, shares outstanding
- * - vault set must not alter the vault assets or shares balance
- * - no vault transaction can change loss unrealized (it's updated by loan
- *   transactions)
- *
- */
-class ValidVault
-{
-    Number static constexpr zero{};
-
-    struct Vault final
-    {
-        uint256 key = beast::zero;
-        Asset asset = {};
-        AccountID pseudoId = {};
-        AccountID owner = {};
-        uint192 shareMPTID = beast::zero;
-        Number assetsTotal = 0;
-        Number assetsAvailable = 0;
-        Number assetsMaximum = 0;
-        Number lossUnrealized = 0;
-
-        Vault static make(SLE const&);
-    };
-
-    struct Shares final
-    {
-        MPTIssue share = {};
-        std::uint64_t sharesTotal = 0;
-        std::uint64_t sharesMaximum = 0;
-
-        Shares static make(SLE const&);
-    };
-
-    std::vector<Vault> afterVault_ = {};
-    std::vector<Shares> afterMPTs_ = {};
-    std::vector<Vault> beforeVault_ = {};
-    std::vector<Shares> beforeMPTs_ = {};
-    std::unordered_map<uint256, Number> deltas_ = {};
-
-public:
-    void
-    visitEntry(bool, std::shared_ptr<SLE const> const&, std::shared_ptr<SLE const> const&);
-
-    bool
-    finalize(STTx const&, TER const, XRPAmount const, ReadView const&, beast::Journal const&);
-};
-
-}  // namespace xrpl

include/xrpl/tx/paths/detail/StrandFlow.h

@@ -10,8 +10,8 @@
 #include <xrpl/tx/paths/detail/FlatSets.h>
 #include <xrpl/tx/paths/detail/FlowDebugInfo.h>
 #include <xrpl/tx/paths/detail/Steps.h>
-#include <xrpl/tx/transactors/dex/AMMContext.h>
-#include <xrpl/tx/transactors/dex/AMMHelpers.h>
+#include <xrpl/tx/transactors/AMM/AMMContext.h>
+#include <xrpl/tx/transactors/AMM/AMMHelpers.h>
 
 #include <boost/container/flat_set.hpp>
 

include/xrpl/tx/transactors/Clawback.h

@@ -13,6 +13,9 @@ public:
     {
     }
 
+    static std::uint32_t
+    getFlagsMask(PreflightContext const& ctx);
+
     static NotTEC
     preflight(PreflightContext const& ctx);