Merge branch 'develop' into tapanito/tx-splits

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>

include/xrpl/basics/CanProcess.h

@@ -1,139 +0,0 @@
-//------------------------------------------------------------------------------
-/*
-    This file is part of rippled: https://github.com/ripple/rippled
-    Copyright (c) 2024 Ripple Labs Inc.
-
-    Permission to use, copy, modify, and/or distribute this software for any
-    purpose  with  or without fee is hereby granted, provided that the above
-    copyright notice and this permission notice appear in all copies.
-
-    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
-    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
-    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-*/
-//==============================================================================
-
-#ifndef RIPPLE_BASICS_CANPROCESS_H_INCLUDED
-#define RIPPLE_BASICS_CANPROCESS_H_INCLUDED
-
-#include <functional>
-#include <mutex>
-#include <set>
-
-/** RAII class to check if an Item is already being processed on another thread,
- * as indicated by it's presence in a Collection.
- *
- * If the Item is not in the Collection, it will be added under lock in the
- * ctor, and removed under lock in the dtor. The object will be considered
- * "usable" and evaluate to `true`.
- *
- * If the Item is in the Collection, no changes will be made to the collection,
- * and the CanProcess object will be considered "unusable".
- *
- * It's up to the caller to decide what "usable" and "unusable" mean. (e.g.
- * Process or skip a block of code, or set a flag.)
- *
- * The current use is to avoid lock contention that would be involved in
- * processing something associated with the Item.
- *
- * Examples:
- *
- * void IncomingLedgers::acquireAsync(LedgerHash const& hash, ...)
- * {
- *    if (CanProcess check{acquiresMutex_, pendingAcquires_, hash})
- *    {
- *      acquire(hash, ...);
- *    }
- * }
- *
- * bool
- * NetworkOPsImp::recvValidation(
- *   std::shared_ptr<STValidation> const& val,
- *   std::string const& source)
- *   {
- *       CanProcess check(
- *           validationsMutex_, pendingValidations_, val->getLedgerHash());
- *       BypassAccept bypassAccept =
- *           check ? BypassAccept::no : BypassAccept::yes;
- *       handleNewValidation(app_, val, source, bypassAccept, m_journal);
- *   }
- *
- */
-class CanProcess
-{
-public:
-    template <class Mutex, class Collection, class Item>
-    CanProcess(Mutex& mtx, Collection& collection, Item const& item)
-        : cleanup_(insert(mtx, collection, item))
-    {
-    }
-
-    ~CanProcess()
-    {
-        if (cleanup_)
-            cleanup_();
-    }
-
-    CanProcess(CanProcess const&) = delete;
-
-    CanProcess&
-    operator=(CanProcess const&) = delete;
-
-    explicit
-    operator bool() const
-    {
-        return static_cast<bool>(cleanup_);
-    }
-
-private:
-    template <bool useIterator, class Mutex, class Collection, class Item>
-    std::function<void()>
-    doInsert(Mutex& mtx, Collection& collection, Item const& item)
-    {
-        std::unique_lock<Mutex> lock(mtx);
-        // TODO: Use structured binding once LLVM 16 is the minimum supported
-        // version. See also: https://github.com/llvm/llvm-project/issues/48582
-        // https://github.com/llvm/llvm-project/commit/127bf44385424891eb04cff8e52d3f157fc2cb7c
-        auto const insertResult = collection.insert(item);
-        auto const it = insertResult.first;
-        if (!insertResult.second)
-            return {};
-        if constexpr (useIterator)
-            return [&, it]() {
-                std::unique_lock<Mutex> lock(mtx);
-                collection.erase(it);
-            };
-        else
-            return [&]() {
-                std::unique_lock<Mutex> lock(mtx);
-                collection.erase(item);
-            };
-    }
-
-    // Generic insert() function doesn't use iterators because they may get
-    // invalidated
-    template <class Mutex, class Collection, class Item>
-    std::function<void()>
-    insert(Mutex& mtx, Collection& collection, Item const& item)
-    {
-        return doInsert<false>(mtx, collection, item);
-    }
-
-    // Specialize insert() for std::set, which does not invalidate iterators for
-    // insert and erase
-    template <class Mutex, class Item>
-    std::function<void()>
-    insert(Mutex& mtx, std::set<Item>& collection, Item const& item)
-    {
-        return doInsert<true>(mtx, collection, item);
-    }
-
-    // If set, then the item is "usable"
-    std::function<void()> cleanup_;
-};
-
-#endif

include/xrpl/core/HashRouter.h

@@ -199,7 +199,7 @@ public:
 
     /** Add a suppression peer and get message's relay status.
      * Return pair:
-     * element 1: true if the key is added.
+     * element 1: true if the peer is added.
      * element 2: optional is seated to the relay time point or
      * is unseated if has not relayed yet. */
     std::pair<bool, std::optional<Stopwatch::time_point>>

include/xrpl/protocol/LedgerHeader.h

@@ -35,8 +35,6 @@ struct LedgerHeader
 
     // If validated is false, it means "not yet validated."
     // Once validated is true, it will never be set false at a later time.
-    // NOTE: If you are accessing this directly, you are probably doing it
-    //   wrong. Use LedgerMaster::isValidated().
     // VFALCO TODO Make this not mutable
     bool mutable validated = false;
     bool accepted = false;

include/xrpl/protocol/detail/transactions.macro

@@ -42,7 +42,7 @@ TRANSACTION(ttPAYMENT, 0, Payment,
 
 /** This transaction type creates an escrow object. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/Escrow.h>
+#   include <xrpl/tx/transactors/escrow/EscrowCreate.h>
 #endif
 TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
     Delegation::delegable,
@@ -58,6 +58,9 @@ TRANSACTION(ttESCROW_CREATE, 1, EscrowCreate,
 }))
 
 /** This transaction type completes an existing escrow. */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/escrow/EscrowFinish.h>
+#endif
 TRANSACTION(ttESCROW_FINISH, 2, EscrowFinish,
     Delegation::delegable,
     uint256{},
@@ -94,7 +97,7 @@ TRANSACTION(ttACCOUNT_SET, 3, AccountSet,
 
 /** This transaction type cancels an existing escrow. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/escrow/Escrow.h>
+#   include <xrpl/tx/transactors/escrow/EscrowCancel.h>
 #endif
 TRANSACTION(ttESCROW_CANCEL, 4, EscrowCancel,
     Delegation::delegable,
@@ -180,7 +183,7 @@ TRANSACTION(ttSIGNER_LIST_SET, 12, SignerListSet,
 
 /** This transaction type creates a new unidirectional XRP payment channel. */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/payment_channel/PayChan.h>
+#   include <xrpl/tx/transactors/payment_channel/PayChanCreate.h>
 #endif
 TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
     Delegation::delegable,
@@ -196,6 +199,9 @@ TRANSACTION(ttPAYCHAN_CREATE, 13, PaymentChannelCreate,
 }))
 
 /** This transaction type funds an existing unidirectional XRP payment channel. */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/payment_channel/PayChanFund.h>
+#endif
 TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
     Delegation::delegable,
     uint256{},
@@ -207,6 +213,9 @@ TRANSACTION(ttPAYCHAN_FUND, 14, PaymentChannelFund,
 }))
 
 /** This transaction type submits a claim against an existing unidirectional payment channel. */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/payment_channel/PayChanClaim.h>
+#endif
 TRANSACTION(ttPAYCHAN_CLAIM, 15, PaymentChannelClaim,
     Delegation::delegable,
     uint256{},
@@ -617,7 +626,7 @@ TRANSACTION(ttXCHAIN_CREATE_BRIDGE, 48, XChainCreateBridge,
 
 /** This transaction type creates or updates a DID */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/did/DID.h>
+#   include <xrpl/tx/transactors/did/DIDSet.h>
 #endif
 TRANSACTION(ttDID_SET, 49, DIDSet,
     Delegation::delegable,
@@ -630,6 +639,9 @@ TRANSACTION(ttDID_SET, 49, DIDSet,
 }))
 
 /** This transaction type deletes a DID */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/did/DIDDelete.h>
+#endif
 TRANSACTION(ttDID_DELETE, 50, DIDDelete,
     Delegation::delegable,
     featureDID,
@@ -739,7 +751,7 @@ TRANSACTION(ttMPTOKEN_AUTHORIZE, 57, MPTokenAuthorize,
 
 /** This transaction type create an Credential instance */
 #if TRANSACTION_INCLUDE
-#   include <xrpl/tx/transactors/credentials/Credentials.h>
+#   include <xrpl/tx/transactors/credentials/CredentialCreate.h>
 #endif
 TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
     Delegation::delegable,
@@ -753,6 +765,9 @@ TRANSACTION(ttCREDENTIAL_CREATE, 58, CredentialCreate,
 }))
 
 /** This transaction type accept an Credential object */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/credentials/CredentialAccept.h>
+#endif
 TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
     Delegation::delegable,
     featureCredentials,
@@ -763,6 +778,9 @@ TRANSACTION(ttCREDENTIAL_ACCEPT, 59, CredentialAccept,
 }))
 
 /** This transaction type delete an Credential object */
+#if TRANSACTION_INCLUDE
+#   include <xrpl/tx/transactors/credentials/CredentialDelete.h>
+#endif
 TRANSACTION(ttCREDENTIAL_DELETE, 60, CredentialDelete,
     Delegation::delegable,
     featureCredentials,

include/xrpl/server/NetworkOPs.h

@@ -185,7 +185,7 @@ public:
     virtual bool
     isFull() = 0;
     virtual void
-    setMode(OperatingMode om, char const* reason) = 0;
+    setMode(OperatingMode om) = 0;
     virtual bool
     isBlocked() = 0;
     virtual bool

include/xrpl/tx/transactors/credentials/CredentialAccept.h

@@ -0,0 +1,29 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class CredentialAccept : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
+
+    explicit CredentialAccept(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static std::uint32_t
+    getFlagsMask(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/credentials/CredentialCreate.h

@@ -0,0 +1,29 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class CredentialCreate : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
+
+    explicit CredentialCreate(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static std::uint32_t
+    getFlagsMask(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/credentials/CredentialDelete.h

@@ -0,0 +1,29 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class CredentialDelete : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
+
+    explicit CredentialDelete(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static std::uint32_t
+    getFlagsMask(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/credentials/Credentials.h

@@ -1,77 +0,0 @@
-#pragma once
-
-#include <xrpl/tx/Transactor.h>
-
-namespace xrpl {
-
-class CredentialCreate : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
-
-    explicit CredentialCreate(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static std::uint32_t
-    getFlagsMask(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-//------------------------------------------------------------------------------
-
-class CredentialDelete : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
-
-    explicit CredentialDelete(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static std::uint32_t
-    getFlagsMask(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-//------------------------------------------------------------------------------
-
-class CredentialAccept : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
-
-    explicit CredentialAccept(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static std::uint32_t
-    getFlagsMask(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-}  // namespace xrpl

include/xrpl/tx/transactors/did/DIDDelete.h

@@ -4,24 +4,6 @@
 
 namespace xrpl {
 
-class DIDSet : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
-
-    explicit DIDSet(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-//------------------------------------------------------------------------------
-
 class DIDDelete : public Transactor
 {
 public:

include/xrpl/tx/transactors/did/DIDSet.h

@@ -0,0 +1,23 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class DIDSet : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
+
+    explicit DIDSet(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/escrow/Escrow.h

@@ -1,80 +0,0 @@
-#pragma once
-
-#include <xrpl/tx/Transactor.h>
-
-namespace xrpl {
-
-class EscrowCreate : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Custom};
-
-    explicit EscrowCreate(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static TxConsequences
-    makeTxConsequences(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-//------------------------------------------------------------------------------
-
-class EscrowFinish : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
-
-    explicit EscrowFinish(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static bool
-    checkExtraFeatures(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static NotTEC
-    preflightSigValidated(PreflightContext const& ctx);
-
-    static XRPAmount
-    calculateBaseFee(ReadView const& view, STTx const& tx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-//------------------------------------------------------------------------------
-
-class EscrowCancel : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
-
-    explicit EscrowCancel(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-}  // namespace xrpl

include/xrpl/tx/transactors/escrow/EscrowCancel.h

@@ -0,0 +1,26 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class EscrowCancel : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
+
+    explicit EscrowCancel(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/escrow/EscrowCreate.h

@@ -0,0 +1,29 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class EscrowCreate : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Custom};
+
+    explicit EscrowCreate(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static TxConsequences
+    makeTxConsequences(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/escrow/EscrowFinish.h

@@ -0,0 +1,35 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class EscrowFinish : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
+
+    explicit EscrowFinish(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static bool
+    checkExtraFeatures(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static NotTEC
+    preflightSigValidated(PreflightContext const& ctx);
+
+    static XRPAmount
+    calculateBaseFee(ReadView const& view, STTx const& tx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+}  // namespace xrpl

include/xrpl/tx/transactors/escrow/EscrowHelpers.h

@@ -0,0 +1,229 @@
+#pragma once
+
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/MPTAmount.h>
+#include <xrpl/tx/transactors/token/MPTokenAuthorize.h>
+
+namespace xrpl {
+
+template <ValidIssueType T>
+TER
+escrowUnlockApplyHelper(
+    ApplyView& view,
+    Rate lockedRate,
+    std::shared_ptr<SLE> const& sleDest,
+    STAmount const& xrpBalance,
+    STAmount const& amount,
+    AccountID const& issuer,
+    AccountID const& sender,
+    AccountID const& receiver,
+    bool createAsset,
+    beast::Journal journal);
+
+template <>
+inline TER
+escrowUnlockApplyHelper<Issue>(
+    ApplyView& view,
+    Rate lockedRate,
+    std::shared_ptr<SLE> const& sleDest,
+    STAmount const& xrpBalance,
+    STAmount const& amount,
+    AccountID const& issuer,
+    AccountID const& sender,
+    AccountID const& receiver,
+    bool createAsset,
+    beast::Journal journal)
+{
+    Keylet const trustLineKey = keylet::line(receiver, amount.issue());
+    bool const recvLow = issuer > receiver;
+    bool const senderIssuer = issuer == sender;
+    bool const receiverIssuer = issuer == receiver;
+    bool const issuerHigh = issuer > receiver;
+
+    if (senderIssuer)
+        return tecINTERNAL;  // LCOV_EXCL_LINE
+
+    if (receiverIssuer)
+        return tesSUCCESS;
+
+    if (!view.exists(trustLineKey) && createAsset && !receiverIssuer)
+    {
+        // Can the account cover the trust line's reserve?
+        if (std::uint32_t const ownerCount = {sleDest->at(sfOwnerCount)};
+            xrpBalance < view.fees().accountReserve(ownerCount + 1))
+        {
+            JLOG(journal.trace()) << "Trust line does not exist. "
+                                     "Insufficient reserve to create line.";
+
+            return tecNO_LINE_INSUF_RESERVE;
+        }
+
+        Currency const currency = amount.getCurrency();
+        STAmount initialBalance(amount.issue());
+        initialBalance.setIssuer(noAccount());
+
+        // clang-format off
+        if (TER const ter = trustCreate(
+                view,                           // payment sandbox
+                recvLow,                        // is dest low?
+                issuer,                         // source
+                receiver,                       // destination
+                trustLineKey.key,               // ledger index
+                sleDest,                        // Account to add to
+                false,                          // authorize account
+                (sleDest->getFlags() & lsfDefaultRipple) == 0,
+                false,                          // freeze trust line
+                false,                          // deep freeze trust line
+                initialBalance,                 // zero initial balance
+                Issue(currency, receiver),      // limit of zero
+                0,                              // quality in
+                0,                              // quality out
+                journal);                       // journal
+            !isTesSuccess(ter))
+        {
+            return ter; // LCOV_EXCL_LINE
+        }
+        // clang-format on
+
+        view.update(sleDest);
+    }
+
+    if (!view.exists(trustLineKey) && !receiverIssuer)
+        return tecNO_LINE;
+
+    auto const xferRate = transferRate(view, amount);
+    // update if issuer rate is less than locked rate
+    if (xferRate < lockedRate)
+        lockedRate = xferRate;
+
+    // Transfer Rate only applies when:
+    // 1. Issuer is not involved in the transfer (senderIssuer or
+    // receiverIssuer)
+    // 2. The locked rate is different from the parity rate
+
+    // NOTE: Transfer fee in escrow works a bit differently from a normal
+    // payment. In escrow, the fee is deducted from the locked/sending amount,
+    // whereas in a normal payment, the transfer fee is taken on top of the
+    // sending amount.
+    auto finalAmt = amount;
+    if ((!senderIssuer && !receiverIssuer) && lockedRate != parityRate)
+    {
+        // compute transfer fee, if any
+        auto const xferFee = amount.value() - divideRound(amount, lockedRate, amount.issue(), true);
+        // compute balance to transfer
+        finalAmt = amount.value() - xferFee;
+    }
+
+    // validate the line limit if the account submitting txn is not the receiver
+    // of the funds
+    if (!createAsset)
+    {
+        auto const sleRippleState = view.peek(trustLineKey);
+        if (!sleRippleState)
+            return tecINTERNAL;  // LCOV_EXCL_LINE
+
+        // if the issuer is the high, then we use the low limit
+        // otherwise we use the high limit
+        STAmount const lineLimit =
+            sleRippleState->getFieldAmount(issuerHigh ? sfLowLimit : sfHighLimit);
+
+        STAmount lineBalance = sleRippleState->getFieldAmount(sfBalance);
+
+        // flip the sign of the line balance if the issuer is not high
+        if (!issuerHigh)
+            lineBalance.negate();
+
+        // add the final amount to the line balance
+        lineBalance += finalAmt;
+
+        // if the transfer would exceed the line limit return tecLIMIT_EXCEEDED
+        if (lineLimit < lineBalance)
+            return tecLIMIT_EXCEEDED;
+    }
+
+    // if destination is not the issuer then transfer funds
+    if (!receiverIssuer)
+    {
+        auto const ter = rippleCredit(view, issuer, receiver, finalAmt, true, journal);
+        if (ter != tesSUCCESS)
+            return ter;  // LCOV_EXCL_LINE
+    }
+    return tesSUCCESS;
+}
+
+template <>
+inline TER
+escrowUnlockApplyHelper<MPTIssue>(
+    ApplyView& view,
+    Rate lockedRate,
+    std::shared_ptr<SLE> const& sleDest,
+    STAmount const& xrpBalance,
+    STAmount const& amount,
+    AccountID const& issuer,
+    AccountID const& sender,
+    AccountID const& receiver,
+    bool createAsset,
+    beast::Journal journal)
+{
+    bool const senderIssuer = issuer == sender;
+    bool const receiverIssuer = issuer == receiver;
+
+    auto const mptID = amount.get<MPTIssue>().getMptID();
+    auto const issuanceKey = keylet::mptIssuance(mptID);
+    if (!view.exists(keylet::mptoken(issuanceKey.key, receiver)) && createAsset && !receiverIssuer)
+    {
+        if (std::uint32_t const ownerCount = {sleDest->at(sfOwnerCount)};
+            xrpBalance < view.fees().accountReserve(ownerCount + 1))
+        {
+            return tecINSUFFICIENT_RESERVE;
+        }
+
+        if (auto const ter = MPTokenAuthorize::createMPToken(view, mptID, receiver, 0);
+            !isTesSuccess(ter))
+        {
+            return ter;  // LCOV_EXCL_LINE
+        }
+
+        // update owner count.
+        adjustOwnerCount(view, sleDest, 1, journal);
+    }
+
+    if (!view.exists(keylet::mptoken(issuanceKey.key, receiver)) && !receiverIssuer)
+        return tecNO_PERMISSION;
+
+    auto const xferRate = transferRate(view, amount);
+    // update if issuer rate is less than locked rate
+    if (xferRate < lockedRate)
+        lockedRate = xferRate;
+
+    // Transfer Rate only applies when:
+    // 1. Issuer is not involved in the transfer (senderIssuer or
+    // receiverIssuer)
+    // 2. The locked rate is different from the parity rate
+
+    // NOTE: Transfer fee in escrow works a bit differently from a normal
+    // payment. In escrow, the fee is deducted from the locked/sending amount,
+    // whereas in a normal payment, the transfer fee is taken on top of the
+    // sending amount.
+    auto finalAmt = amount;
+    if ((!senderIssuer && !receiverIssuer) && lockedRate != parityRate)
+    {
+        // compute transfer fee, if any
+        auto const xferFee = amount.value() - divideRound(amount, lockedRate, amount.asset(), true);
+        // compute balance to transfer
+        finalAmt = amount.value() - xferFee;
+    }
+    return rippleUnlockEscrowMPT(
+        view,
+        sender,
+        receiver,
+        finalAmt,
+        view.rules().enabled(fixTokenEscrowV1) ? amount : finalAmt,
+        journal);
+}
+
+}  // namespace xrpl

include/xrpl/tx/transactors/payment_channel/PayChan.h

@@ -1,83 +0,0 @@
-#pragma once
-
-#include <xrpl/tx/Transactor.h>
-
-namespace xrpl {
-
-class PayChanCreate : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Custom};
-
-    explicit PayChanCreate(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static TxConsequences
-    makeTxConsequences(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-using PaymentChannelCreate = PayChanCreate;
-
-//------------------------------------------------------------------------------
-
-class PayChanFund : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Custom};
-
-    explicit PayChanFund(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static TxConsequences
-    makeTxConsequences(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-using PaymentChannelFund = PayChanFund;
-
-//------------------------------------------------------------------------------
-
-class PayChanClaim : public Transactor
-{
-public:
-    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
-
-    explicit PayChanClaim(ApplyContext& ctx) : Transactor(ctx)
-    {
-    }
-
-    static bool
-    checkExtraFeatures(PreflightContext const& ctx);
-
-    static std::uint32_t
-    getFlagsMask(PreflightContext const& ctx);
-
-    static NotTEC
-    preflight(PreflightContext const& ctx);
-
-    static TER
-    preclaim(PreclaimContext const& ctx);
-
-    TER
-    doApply() override;
-};
-
-using PaymentChannelClaim = PayChanClaim;
-
-}  // namespace xrpl

include/xrpl/tx/transactors/payment_channel/PayChanClaim.h

@@ -0,0 +1,34 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class PayChanClaim : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Normal};
+
+    explicit PayChanClaim(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static bool
+    checkExtraFeatures(PreflightContext const& ctx);
+
+    static std::uint32_t
+    getFlagsMask(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+using PaymentChannelClaim = PayChanClaim;
+
+}  // namespace xrpl

include/xrpl/tx/transactors/payment_channel/PayChanCreate.h

@@ -0,0 +1,31 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class PayChanCreate : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Custom};
+
+    explicit PayChanCreate(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static TxConsequences
+    makeTxConsequences(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    static TER
+    preclaim(PreclaimContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+using PaymentChannelCreate = PayChanCreate;
+
+}  // namespace xrpl

include/xrpl/tx/transactors/payment_channel/PayChanFund.h

@@ -0,0 +1,28 @@
+#pragma once
+
+#include <xrpl/tx/Transactor.h>
+
+namespace xrpl {
+
+class PayChanFund : public Transactor
+{
+public:
+    static constexpr ConsequencesFactoryType ConsequencesFactory{Custom};
+
+    explicit PayChanFund(ApplyContext& ctx) : Transactor(ctx)
+    {
+    }
+
+    static TxConsequences
+    makeTxConsequences(PreflightContext const& ctx);
+
+    static NotTEC
+    preflight(PreflightContext const& ctx);
+
+    TER
+    doApply() override;
+};
+
+using PaymentChannelFund = PayChanFund;
+
+}  // namespace xrpl

include/xrpl/tx/transactors/payment_channel/PayChanHelpers.h

@@ -0,0 +1,15 @@
+#pragma once
+
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/protocol/UintTypes.h>
+
+namespace xrpl {
+
+TER
+closeChannel(
+    std::shared_ptr<SLE> const& slep,
+    ApplyView& view,
+    uint256 const& key,
+    beast::Journal j);
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/account/DeleteAccount.cpp

@@ -11,7 +11,7 @@
 #include <xrpl/tx/transactors/account/DeleteAccount.h>
 #include <xrpl/tx/transactors/account/SetSignerList.h>
 #include <xrpl/tx/transactors/delegate/DelegateSet.h>
-#include <xrpl/tx/transactors/did/DID.h>
+#include <xrpl/tx/transactors/did/DIDDelete.h>
 #include <xrpl/tx/transactors/nft/NFTokenUtils.h>
 #include <xrpl/tx/transactors/oracle/DeleteOracle.h>
 #include <xrpl/tx/transactors/payment/DepositPreauth.h>

src/libxrpl/tx/transactors/credentials/CredentialAccept.cpp

@@ -0,0 +1,113 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/CredentialHelpers.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/tx/transactors/credentials/CredentialAccept.h>
+
+#include <chrono>
+
+namespace xrpl {
+
+using namespace credentials;
+
+std::uint32_t
+CredentialAccept::getFlagsMask(PreflightContext const& ctx)
+{
+    // 0 means "Allow any flags"
+    return ctx.rules.enabled(fixInvalidTxFlags) ? tfUniversalMask : 0;
+}
+
+NotTEC
+CredentialAccept::preflight(PreflightContext const& ctx)
+{
+    if (!ctx.tx[sfIssuer])
+    {
+        JLOG(ctx.j.trace()) << "Malformed transaction: Issuer field zeroed.";
+        return temINVALID_ACCOUNT_ID;
+    }
+
+    auto const credType = ctx.tx[sfCredentialType];
+    if (credType.empty() || (credType.size() > maxCredentialTypeLength))
+    {
+        JLOG(ctx.j.trace()) << "Malformed transaction: invalid size of CredentialType.";
+        return temMALFORMED;
+    }
+
+    return tesSUCCESS;
+}
+
+TER
+CredentialAccept::preclaim(PreclaimContext const& ctx)
+{
+    AccountID const subject = ctx.tx[sfAccount];
+    AccountID const issuer = ctx.tx[sfIssuer];
+    auto const credType(ctx.tx[sfCredentialType]);
+
+    if (!ctx.view.exists(keylet::account(issuer)))
+    {
+        JLOG(ctx.j.warn()) << "No issuer: " << to_string(issuer);
+        return tecNO_ISSUER;
+    }
+
+    auto const sleCred = ctx.view.read(keylet::credential(subject, issuer, credType));
+    if (!sleCred)
+    {
+        JLOG(ctx.j.warn()) << "No credential: " << to_string(subject) << ", " << to_string(issuer)
+                           << ", " << credType;
+        return tecNO_ENTRY;
+    }
+
+    if (sleCred->getFieldU32(sfFlags) & lsfAccepted)
+    {
+        JLOG(ctx.j.warn()) << "Credential already accepted: " << to_string(subject) << ", "
+                           << to_string(issuer) << ", " << credType;
+        return tecDUPLICATE;
+    }
+
+    return tesSUCCESS;
+}
+
+TER
+CredentialAccept::doApply()
+{
+    AccountID const issuer{ctx_.tx[sfIssuer]};
+
+    // Both exist as credential object exist itself (checked in preclaim)
+    auto const sleSubject = view().peek(keylet::account(account_));
+    auto const sleIssuer = view().peek(keylet::account(issuer));
+
+    if (!sleSubject || !sleIssuer)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    {
+        STAmount const reserve{
+            view().fees().accountReserve(sleSubject->getFieldU32(sfOwnerCount) + 1)};
+        if (mPriorBalance < reserve)
+            return tecINSUFFICIENT_RESERVE;
+    }
+
+    auto const credType(ctx_.tx[sfCredentialType]);
+    Keylet const credentialKey = keylet::credential(account_, issuer, credType);
+    auto const sleCred = view().peek(credentialKey);  // Checked in preclaim()
+
+    if (checkExpired(sleCred, view().header().parentCloseTime))
+    {
+        JLOG(j_.trace()) << "Credential is expired: " << sleCred->getText();
+        // delete expired credentials even if the transaction failed
+        auto const err = credentials::deleteSLE(view(), sleCred, j_);
+        return isTesSuccess(err) ? tecEXPIRED : err;
+    }
+
+    sleCred->setFieldU32(sfFlags, lsfAccepted);
+    view().update(sleCred);
+
+    adjustOwnerCount(view(), sleIssuer, -1, j_);
+    adjustOwnerCount(view(), sleSubject, 1, j_);
+
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/credentials/CredentialCreate.cpp

@@ -0,0 +1,164 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/CredentialHelpers.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/tx/transactors/credentials/CredentialCreate.h>
+
+#include <chrono>
+
+namespace xrpl {
+
+/*
+    Credentials
+    ======
+
+   A verifiable credentials (VC
+   https://en.wikipedia.org/wiki/Verifiable_credentials), as defined by the W3C
+   specification (https://www.w3.org/TR/vc-data-model-2.0/), is a
+   secure and tamper-evident way to represent information about a subject, such
+   as an individual, organization, or even an IoT device. These credentials are
+   issued by a trusted entity and can be verified by third parties without
+   directly involving the issuer at all.
+*/
+
+using namespace credentials;
+
+std::uint32_t
+CredentialCreate::getFlagsMask(PreflightContext const& ctx)
+{
+    // 0 means "Allow any flags"
+    return ctx.rules.enabled(fixInvalidTxFlags) ? tfUniversalMask : 0;
+}
+
+NotTEC
+CredentialCreate::preflight(PreflightContext const& ctx)
+{
+    auto const& tx = ctx.tx;
+    auto& j = ctx.j;
+
+    if (!tx[sfSubject])
+    {
+        JLOG(j.trace()) << "Malformed transaction: Invalid Subject";
+        return temMALFORMED;
+    }
+
+    auto const uri = tx[~sfURI];
+    if (uri && (uri->empty() || (uri->size() > maxCredentialURILength)))
+    {
+        JLOG(j.trace()) << "Malformed transaction: invalid size of URI.";
+        return temMALFORMED;
+    }
+
+    auto const credType = tx[sfCredentialType];
+    if (credType.empty() || (credType.size() > maxCredentialTypeLength))
+    {
+        JLOG(j.trace()) << "Malformed transaction: invalid size of CredentialType.";
+        return temMALFORMED;
+    }
+
+    return tesSUCCESS;
+}
+
+TER
+CredentialCreate::preclaim(PreclaimContext const& ctx)
+{
+    auto const credType(ctx.tx[sfCredentialType]);
+    auto const subject = ctx.tx[sfSubject];
+
+    if (!ctx.view.exists(keylet::account(subject)))
+    {
+        JLOG(ctx.j.trace()) << "Subject doesn't exist.";
+        return tecNO_TARGET;
+    }
+
+    if (ctx.view.exists(keylet::credential(subject, ctx.tx[sfAccount], credType)))
+    {
+        JLOG(ctx.j.trace()) << "Credential already exists.";
+        return tecDUPLICATE;
+    }
+
+    return tesSUCCESS;
+}
+
+TER
+CredentialCreate::doApply()
+{
+    auto const subject = ctx_.tx[sfSubject];
+    auto const credType(ctx_.tx[sfCredentialType]);
+    Keylet const credentialKey = keylet::credential(subject, account_, credType);
+
+    auto const sleCred = std::make_shared<SLE>(credentialKey);
+    if (!sleCred)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    auto const optExp = ctx_.tx[~sfExpiration];
+    if (optExp)
+    {
+        std::uint32_t const closeTime =
+            ctx_.view().header().parentCloseTime.time_since_epoch().count();
+
+        if (closeTime > *optExp)
+        {
+            JLOG(j_.trace()) << "Malformed transaction: "
+                                "Expiration time is in the past.";
+            return tecEXPIRED;
+        }
+
+        sleCred->setFieldU32(sfExpiration, ctx_.tx.getFieldU32(sfExpiration));
+    }
+
+    auto const sleIssuer = view().peek(keylet::account(account_));
+    if (!sleIssuer)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    {
+        STAmount const reserve{
+            view().fees().accountReserve(sleIssuer->getFieldU32(sfOwnerCount) + 1)};
+        if (mPriorBalance < reserve)
+            return tecINSUFFICIENT_RESERVE;
+    }
+
+    sleCred->setAccountID(sfSubject, subject);
+    sleCred->setAccountID(sfIssuer, account_);
+    sleCred->setFieldVL(sfCredentialType, credType);
+
+    if (ctx_.tx.isFieldPresent(sfURI))
+        sleCred->setFieldVL(sfURI, ctx_.tx.getFieldVL(sfURI));
+
+    {
+        auto const page =
+            view().dirInsert(keylet::ownerDir(account_), credentialKey, describeOwnerDir(account_));
+        JLOG(j_.trace()) << "Adding Credential to owner directory " << to_string(credentialKey.key)
+                         << ": " << (page ? "success" : "failure");
+        if (!page)
+            return tecDIR_FULL;
+        sleCred->setFieldU64(sfIssuerNode, *page);
+
+        adjustOwnerCount(view(), sleIssuer, 1, j_);
+    }
+
+    if (subject == account_)
+    {
+        sleCred->setFieldU32(sfFlags, lsfAccepted);
+    }
+    else
+    {
+        auto const page =
+            view().dirInsert(keylet::ownerDir(subject), credentialKey, describeOwnerDir(subject));
+        JLOG(j_.trace()) << "Adding Credential to owner directory " << to_string(credentialKey.key)
+                         << ": " << (page ? "success" : "failure");
+        if (!page)
+            return tecDIR_FULL;
+        sleCred->setFieldU64(sfSubjectNode, *page);
+        view().update(view().peek(keylet::account(subject)));
+    }
+
+    view().insert(sleCred);
+
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/credentials/CredentialDelete.cpp

@@ -0,0 +1,90 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/CredentialHelpers.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/tx/transactors/credentials/CredentialDelete.h>
+
+#include <chrono>
+
+namespace xrpl {
+
+using namespace credentials;
+
+std::uint32_t
+CredentialDelete::getFlagsMask(PreflightContext const& ctx)
+{
+    // 0 means "Allow any flags"
+    return ctx.rules.enabled(fixInvalidTxFlags) ? tfUniversalMask : 0;
+}
+
+NotTEC
+CredentialDelete::preflight(PreflightContext const& ctx)
+{
+    auto const subject = ctx.tx[~sfSubject];
+    auto const issuer = ctx.tx[~sfIssuer];
+
+    if (!subject && !issuer)
+    {
+        // Neither field is present, the transaction is malformed.
+        JLOG(ctx.j.trace()) << "Malformed transaction: "
+                               "No Subject or Issuer fields.";
+        return temMALFORMED;
+    }
+
+    // Make sure that the passed account is valid.
+    if ((subject && subject->isZero()) || (issuer && issuer->isZero()))
+    {
+        JLOG(ctx.j.trace()) << "Malformed transaction: Subject or Issuer "
+                               "field zeroed.";
+        return temINVALID_ACCOUNT_ID;
+    }
+
+    auto const credType = ctx.tx[sfCredentialType];
+    if (credType.empty() || (credType.size() > maxCredentialTypeLength))
+    {
+        JLOG(ctx.j.trace()) << "Malformed transaction: invalid size of CredentialType.";
+        return temMALFORMED;
+    }
+
+    return tesSUCCESS;
+}
+
+TER
+CredentialDelete::preclaim(PreclaimContext const& ctx)
+{
+    AccountID const account{ctx.tx[sfAccount]};
+    auto const subject = ctx.tx[~sfSubject].value_or(account);
+    auto const issuer = ctx.tx[~sfIssuer].value_or(account);
+    auto const credType(ctx.tx[sfCredentialType]);
+
+    if (!ctx.view.exists(keylet::credential(subject, issuer, credType)))
+        return tecNO_ENTRY;
+
+    return tesSUCCESS;
+}
+
+TER
+CredentialDelete::doApply()
+{
+    auto const subject = ctx_.tx[~sfSubject].value_or(account_);
+    auto const issuer = ctx_.tx[~sfIssuer].value_or(account_);
+
+    auto const credType(ctx_.tx[sfCredentialType]);
+    auto const sleCred = view().peek(keylet::credential(subject, issuer, credType));
+    if (!sleCred)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    if ((subject != account_) && (issuer != account_) &&
+        !checkExpired(sleCred, ctx_.view().header().parentCloseTime))
+    {
+        JLOG(j_.trace()) << "Can't delete non-expired credential.";
+        return tecNO_PERMISSION;
+    }
+
+    return deleteSLE(view(), sleCred, j_);
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/credentials/Credentials.cpp

@@ -1,341 +0,0 @@
-#include <xrpl/basics/Log.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/CredentialHelpers.h>
-#include <xrpl/ledger/View.h>
-#include <xrpl/protocol/Feature.h>
-#include <xrpl/protocol/Indexes.h>
-#include <xrpl/protocol/TxFlags.h>
-#include <xrpl/tx/transactors/credentials/Credentials.h>
-
-#include <chrono>
-
-namespace xrpl {
-
-/*
-    Credentials
-    ======
-
-   A verifiable credentials (VC
-   https://en.wikipedia.org/wiki/Verifiable_credentials), as defined by the W3C
-   specification (https://www.w3.org/TR/vc-data-model-2.0/), is a
-   secure and tamper-evident way to represent information about a subject, such
-   as an individual, organization, or even an IoT device. These credentials are
-   issued by a trusted entity and can be verified by third parties without
-   directly involving the issuer at all.
-*/
-
-using namespace credentials;
-
-// ------- CREATE --------------------------
-
-std::uint32_t
-CredentialCreate::getFlagsMask(PreflightContext const& ctx)
-{
-    // 0 means "Allow any flags"
-    return ctx.rules.enabled(fixInvalidTxFlags) ? tfUniversalMask : 0;
-}
-
-NotTEC
-CredentialCreate::preflight(PreflightContext const& ctx)
-{
-    auto const& tx = ctx.tx;
-    auto& j = ctx.j;
-
-    if (!tx[sfSubject])
-    {
-        JLOG(j.trace()) << "Malformed transaction: Invalid Subject";
-        return temMALFORMED;
-    }
-
-    auto const uri = tx[~sfURI];
-    if (uri && (uri->empty() || (uri->size() > maxCredentialURILength)))
-    {
-        JLOG(j.trace()) << "Malformed transaction: invalid size of URI.";
-        return temMALFORMED;
-    }
-
-    auto const credType = tx[sfCredentialType];
-    if (credType.empty() || (credType.size() > maxCredentialTypeLength))
-    {
-        JLOG(j.trace()) << "Malformed transaction: invalid size of CredentialType.";
-        return temMALFORMED;
-    }
-
-    return tesSUCCESS;
-}
-
-TER
-CredentialCreate::preclaim(PreclaimContext const& ctx)
-{
-    auto const credType(ctx.tx[sfCredentialType]);
-    auto const subject = ctx.tx[sfSubject];
-
-    if (!ctx.view.exists(keylet::account(subject)))
-    {
-        JLOG(ctx.j.trace()) << "Subject doesn't exist.";
-        return tecNO_TARGET;
-    }
-
-    if (ctx.view.exists(keylet::credential(subject, ctx.tx[sfAccount], credType)))
-    {
-        JLOG(ctx.j.trace()) << "Credential already exists.";
-        return tecDUPLICATE;
-    }
-
-    return tesSUCCESS;
-}
-
-TER
-CredentialCreate::doApply()
-{
-    auto const subject = ctx_.tx[sfSubject];
-    auto const credType(ctx_.tx[sfCredentialType]);
-    Keylet const credentialKey = keylet::credential(subject, account_, credType);
-
-    auto const sleCred = std::make_shared<SLE>(credentialKey);
-    if (!sleCred)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    auto const optExp = ctx_.tx[~sfExpiration];
-    if (optExp)
-    {
-        std::uint32_t const closeTime =
-            ctx_.view().header().parentCloseTime.time_since_epoch().count();
-
-        if (closeTime > *optExp)
-        {
-            JLOG(j_.trace()) << "Malformed transaction: "
-                                "Expiration time is in the past.";
-            return tecEXPIRED;
-        }
-
-        sleCred->setFieldU32(sfExpiration, ctx_.tx.getFieldU32(sfExpiration));
-    }
-
-    auto const sleIssuer = view().peek(keylet::account(account_));
-    if (!sleIssuer)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    {
-        STAmount const reserve{
-            view().fees().accountReserve(sleIssuer->getFieldU32(sfOwnerCount) + 1)};
-        if (mPriorBalance < reserve)
-            return tecINSUFFICIENT_RESERVE;
-    }
-
-    sleCred->setAccountID(sfSubject, subject);
-    sleCred->setAccountID(sfIssuer, account_);
-    sleCred->setFieldVL(sfCredentialType, credType);
-
-    if (ctx_.tx.isFieldPresent(sfURI))
-        sleCred->setFieldVL(sfURI, ctx_.tx.getFieldVL(sfURI));
-
-    {
-        auto const page =
-            view().dirInsert(keylet::ownerDir(account_), credentialKey, describeOwnerDir(account_));
-        JLOG(j_.trace()) << "Adding Credential to owner directory " << to_string(credentialKey.key)
-                         << ": " << (page ? "success" : "failure");
-        if (!page)
-            return tecDIR_FULL;
-        sleCred->setFieldU64(sfIssuerNode, *page);
-
-        adjustOwnerCount(view(), sleIssuer, 1, j_);
-    }
-
-    if (subject == account_)
-    {
-        sleCred->setFieldU32(sfFlags, lsfAccepted);
-    }
-    else
-    {
-        auto const page =
-            view().dirInsert(keylet::ownerDir(subject), credentialKey, describeOwnerDir(subject));
-        JLOG(j_.trace()) << "Adding Credential to owner directory " << to_string(credentialKey.key)
-                         << ": " << (page ? "success" : "failure");
-        if (!page)
-            return tecDIR_FULL;
-        sleCred->setFieldU64(sfSubjectNode, *page);
-        view().update(view().peek(keylet::account(subject)));
-    }
-
-    view().insert(sleCred);
-
-    return tesSUCCESS;
-}
-
-// ------- DELETE --------------------------
-
-std::uint32_t
-CredentialDelete::getFlagsMask(PreflightContext const& ctx)
-{
-    // 0 means "Allow any flags"
-    return ctx.rules.enabled(fixInvalidTxFlags) ? tfUniversalMask : 0;
-}
-
-NotTEC
-CredentialDelete::preflight(PreflightContext const& ctx)
-{
-    auto const subject = ctx.tx[~sfSubject];
-    auto const issuer = ctx.tx[~sfIssuer];
-
-    if (!subject && !issuer)
-    {
-        // Neither field is present, the transaction is malformed.
-        JLOG(ctx.j.trace()) << "Malformed transaction: "
-                               "No Subject or Issuer fields.";
-        return temMALFORMED;
-    }
-
-    // Make sure that the passed account is valid.
-    if ((subject && subject->isZero()) || (issuer && issuer->isZero()))
-    {
-        JLOG(ctx.j.trace()) << "Malformed transaction: Subject or Issuer "
-                               "field zeroed.";
-        return temINVALID_ACCOUNT_ID;
-    }
-
-    auto const credType = ctx.tx[sfCredentialType];
-    if (credType.empty() || (credType.size() > maxCredentialTypeLength))
-    {
-        JLOG(ctx.j.trace()) << "Malformed transaction: invalid size of CredentialType.";
-        return temMALFORMED;
-    }
-
-    return tesSUCCESS;
-}
-
-TER
-CredentialDelete::preclaim(PreclaimContext const& ctx)
-{
-    AccountID const account{ctx.tx[sfAccount]};
-    auto const subject = ctx.tx[~sfSubject].value_or(account);
-    auto const issuer = ctx.tx[~sfIssuer].value_or(account);
-    auto const credType(ctx.tx[sfCredentialType]);
-
-    if (!ctx.view.exists(keylet::credential(subject, issuer, credType)))
-        return tecNO_ENTRY;
-
-    return tesSUCCESS;
-}
-
-TER
-CredentialDelete::doApply()
-{
-    auto const subject = ctx_.tx[~sfSubject].value_or(account_);
-    auto const issuer = ctx_.tx[~sfIssuer].value_or(account_);
-
-    auto const credType(ctx_.tx[sfCredentialType]);
-    auto const sleCred = view().peek(keylet::credential(subject, issuer, credType));
-    if (!sleCred)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    if ((subject != account_) && (issuer != account_) &&
-        !checkExpired(sleCred, ctx_.view().header().parentCloseTime))
-    {
-        JLOG(j_.trace()) << "Can't delete non-expired credential.";
-        return tecNO_PERMISSION;
-    }
-
-    return deleteSLE(view(), sleCred, j_);
-}
-
-// ------- APPLY --------------------------
-
-std::uint32_t
-CredentialAccept::getFlagsMask(PreflightContext const& ctx)
-{
-    // 0 means "Allow any flags"
-    return ctx.rules.enabled(fixInvalidTxFlags) ? tfUniversalMask : 0;
-}
-
-NotTEC
-CredentialAccept::preflight(PreflightContext const& ctx)
-{
-    if (!ctx.tx[sfIssuer])
-    {
-        JLOG(ctx.j.trace()) << "Malformed transaction: Issuer field zeroed.";
-        return temINVALID_ACCOUNT_ID;
-    }
-
-    auto const credType = ctx.tx[sfCredentialType];
-    if (credType.empty() || (credType.size() > maxCredentialTypeLength))
-    {
-        JLOG(ctx.j.trace()) << "Malformed transaction: invalid size of CredentialType.";
-        return temMALFORMED;
-    }
-
-    return tesSUCCESS;
-}
-
-TER
-CredentialAccept::preclaim(PreclaimContext const& ctx)
-{
-    AccountID const subject = ctx.tx[sfAccount];
-    AccountID const issuer = ctx.tx[sfIssuer];
-    auto const credType(ctx.tx[sfCredentialType]);
-
-    if (!ctx.view.exists(keylet::account(issuer)))
-    {
-        JLOG(ctx.j.warn()) << "No issuer: " << to_string(issuer);
-        return tecNO_ISSUER;
-    }
-
-    auto const sleCred = ctx.view.read(keylet::credential(subject, issuer, credType));
-    if (!sleCred)
-    {
-        JLOG(ctx.j.warn()) << "No credential: " << to_string(subject) << ", " << to_string(issuer)
-                           << ", " << credType;
-        return tecNO_ENTRY;
-    }
-
-    if (sleCred->getFieldU32(sfFlags) & lsfAccepted)
-    {
-        JLOG(ctx.j.warn()) << "Credential already accepted: " << to_string(subject) << ", "
-                           << to_string(issuer) << ", " << credType;
-        return tecDUPLICATE;
-    }
-
-    return tesSUCCESS;
-}
-
-TER
-CredentialAccept::doApply()
-{
-    AccountID const issuer{ctx_.tx[sfIssuer]};
-
-    // Both exist as credential object exist itself (checked in preclaim)
-    auto const sleSubject = view().peek(keylet::account(account_));
-    auto const sleIssuer = view().peek(keylet::account(issuer));
-
-    if (!sleSubject || !sleIssuer)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    {
-        STAmount const reserve{
-            view().fees().accountReserve(sleSubject->getFieldU32(sfOwnerCount) + 1)};
-        if (mPriorBalance < reserve)
-            return tecINSUFFICIENT_RESERVE;
-    }
-
-    auto const credType(ctx_.tx[sfCredentialType]);
-    Keylet const credentialKey = keylet::credential(account_, issuer, credType);
-    auto const sleCred = view().peek(credentialKey);  // Checked in preclaim()
-
-    if (checkExpired(sleCred, view().header().parentCloseTime))
-    {
-        JLOG(j_.trace()) << "Credential is expired: " << sleCred->getText();
-        // delete expired credentials even if the transaction failed
-        auto const err = credentials::deleteSLE(view(), sleCred, j_);
-        return isTesSuccess(err) ? tecEXPIRED : err;
-    }
-
-    sleCred->setFieldU32(sfFlags, lsfAccepted);
-    view().update(sleCred);
-
-    adjustOwnerCount(view(), sleIssuer, -1, j_);
-    adjustOwnerCount(view(), sleSubject, 1, j_);
-
-    return tesSUCCESS;
-}
-
-}  // namespace xrpl

src/libxrpl/tx/transactors/did/DIDDelete.cpp

@@ -0,0 +1,59 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/tx/transactors/did/DIDDelete.h>
+
+namespace xrpl {
+
+NotTEC
+DIDDelete::preflight(PreflightContext const& ctx)
+{
+    return tesSUCCESS;
+}
+
+TER
+DIDDelete::deleteSLE(ApplyContext& ctx, Keylet sleKeylet, AccountID const owner)
+{
+    auto const sle = ctx.view().peek(sleKeylet);
+    if (!sle)
+        return tecNO_ENTRY;
+
+    return DIDDelete::deleteSLE(ctx.view(), sle, owner, ctx.journal);
+}
+
+TER
+DIDDelete::deleteSLE(
+    ApplyView& view,
+    std::shared_ptr<SLE> sle,
+    AccountID const owner,
+    beast::Journal j)
+{
+    // Remove object from owner directory
+    if (!view.dirRemove(keylet::ownerDir(owner), (*sle)[sfOwnerNode], sle->key(), true))
+    {
+        // LCOV_EXCL_START
+        JLOG(j.fatal()) << "Unable to delete DID Token from owner.";
+        return tefBAD_LEDGER;
+        // LCOV_EXCL_STOP
+    }
+
+    auto const sleOwner = view.peek(keylet::account(owner));
+    if (!sleOwner)
+        return tecINTERNAL;  // LCOV_EXCL_LINE
+
+    adjustOwnerCount(view, sleOwner, -1, j);
+    view.update(sleOwner);
+
+    // Remove object from ledger
+    view.erase(sle);
+    return tesSUCCESS;
+}
+
+TER
+DIDDelete::doApply()
+{
+    return deleteSLE(ctx_, keylet::did(account_), account_);
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/did/DIDSet.cpp

@@ -4,7 +4,7 @@
 #include <xrpl/protocol/Feature.h>
 #include <xrpl/protocol/Indexes.h>
 #include <xrpl/protocol/TxFlags.h>
-#include <xrpl/tx/transactors/did/DID.h>
+#include <xrpl/tx/transactors/did/DIDSet.h>
 
 namespace xrpl {
 
@@ -134,54 +134,4 @@ DIDSet::doApply()
     return addSLE(ctx_, sleDID, account_);
 }
 
-NotTEC
-DIDDelete::preflight(PreflightContext const& ctx)
-{
-    return tesSUCCESS;
-}
-
-TER
-DIDDelete::deleteSLE(ApplyContext& ctx, Keylet sleKeylet, AccountID const owner)
-{
-    auto const sle = ctx.view().peek(sleKeylet);
-    if (!sle)
-        return tecNO_ENTRY;
-
-    return DIDDelete::deleteSLE(ctx.view(), sle, owner, ctx.journal);
-}
-
-TER
-DIDDelete::deleteSLE(
-    ApplyView& view,
-    std::shared_ptr<SLE> sle,
-    AccountID const owner,
-    beast::Journal j)
-{
-    // Remove object from owner directory
-    if (!view.dirRemove(keylet::ownerDir(owner), (*sle)[sfOwnerNode], sle->key(), true))
-    {
-        // LCOV_EXCL_START
-        JLOG(j.fatal()) << "Unable to delete DID Token from owner.";
-        return tefBAD_LEDGER;
-        // LCOV_EXCL_STOP
-    }
-
-    auto const sleOwner = view.peek(keylet::account(owner));
-    if (!sleOwner)
-        return tecINTERNAL;  // LCOV_EXCL_LINE
-
-    adjustOwnerCount(view, sleOwner, -1, j);
-    view.update(sleOwner);
-
-    // Remove object from ledger
-    view.erase(sle);
-    return tesSUCCESS;
-}
-
-TER
-DIDDelete::doApply()
-{
-    return deleteSLE(ctx_, keylet::did(account_), account_);
-}
-
 }  // namespace xrpl

src/libxrpl/tx/transactors/escrow/EscrowCancel.cpp

@@ -0,0 +1,200 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/tx/transactors/escrow/EscrowCancel.h>
+#include <xrpl/tx/transactors/escrow/EscrowHelpers.h>
+
+namespace xrpl {
+
+NotTEC
+EscrowCancel::preflight(PreflightContext const& ctx)
+{
+    return tesSUCCESS;
+}
+
+template <ValidIssueType T>
+static TER
+escrowCancelPreclaimHelper(
+    PreclaimContext const& ctx,
+    AccountID const& account,
+    STAmount const& amount);
+
+template <>
+TER
+escrowCancelPreclaimHelper<Issue>(
+    PreclaimContext const& ctx,
+    AccountID const& account,
+    STAmount const& amount)
+{
+    AccountID issuer = amount.getIssuer();
+    // If the issuer is the same as the account, return tecINTERNAL
+    if (issuer == account)
+        return tecINTERNAL;  // LCOV_EXCL_LINE
+
+    // If the issuer has requireAuth set, check if the account is authorized
+    if (auto const ter = requireAuth(ctx.view, amount.issue(), account); ter != tesSUCCESS)
+        return ter;
+
+    return tesSUCCESS;
+}
+
+template <>
+TER
+escrowCancelPreclaimHelper<MPTIssue>(
+    PreclaimContext const& ctx,
+    AccountID const& account,
+    STAmount const& amount)
+{
+    AccountID issuer = amount.getIssuer();
+    // If the issuer is the same as the account, return tecINTERNAL
+    if (issuer == account)
+        return tecINTERNAL;  // LCOV_EXCL_LINE
+
+    // If the mpt does not exist, return tecOBJECT_NOT_FOUND
+    auto const issuanceKey = keylet::mptIssuance(amount.get<MPTIssue>().getMptID());
+    auto const sleIssuance = ctx.view.read(issuanceKey);
+    if (!sleIssuance)
+        return tecOBJECT_NOT_FOUND;
+
+    // If the issuer has requireAuth set, check if the account is
+    // authorized
+    auto const& mptIssue = amount.get<MPTIssue>();
+    if (auto const ter = requireAuth(ctx.view, mptIssue, account, AuthType::WeakAuth);
+        ter != tesSUCCESS)
+        return ter;
+
+    return tesSUCCESS;
+}
+
+TER
+EscrowCancel::preclaim(PreclaimContext const& ctx)
+{
+    if (ctx.view.rules().enabled(featureTokenEscrow))
+    {
+        auto const k = keylet::escrow(ctx.tx[sfOwner], ctx.tx[sfOfferSequence]);
+        auto const slep = ctx.view.read(k);
+        if (!slep)
+            return tecNO_TARGET;
+
+        AccountID const account = (*slep)[sfAccount];
+        STAmount const amount = (*slep)[sfAmount];
+
+        if (!isXRP(amount))
+        {
+            if (auto const ret = std::visit(
+                    [&]<typename T>(T const&) {
+                        return escrowCancelPreclaimHelper<T>(ctx, account, amount);
+                    },
+                    amount.asset().value());
+                !isTesSuccess(ret))
+                return ret;
+        }
+    }
+    return tesSUCCESS;
+}
+
+TER
+EscrowCancel::doApply()
+{
+    auto const k = keylet::escrow(ctx_.tx[sfOwner], ctx_.tx[sfOfferSequence]);
+    auto const slep = ctx_.view().peek(k);
+    if (!slep)
+    {
+        if (ctx_.view().rules().enabled(featureTokenEscrow))
+            return tecINTERNAL;  // LCOV_EXCL_LINE
+
+        return tecNO_TARGET;
+    }
+
+    auto const now = ctx_.view().header().parentCloseTime;
+
+    // No cancel time specified: can't execute at all.
+    if (!(*slep)[~sfCancelAfter])
+        return tecNO_PERMISSION;
+
+    // Too soon: can't execute before the cancel time.
+    if (!after(now, (*slep)[sfCancelAfter]))
+        return tecNO_PERMISSION;
+
+    AccountID const account = (*slep)[sfAccount];
+
+    // Remove escrow from owner directory
+    {
+        auto const page = (*slep)[sfOwnerNode];
+        if (!ctx_.view().dirRemove(keylet::ownerDir(account), page, k.key, true))
+        {
+            // LCOV_EXCL_START
+            JLOG(j_.fatal()) << "Unable to delete Escrow from owner.";
+            return tefBAD_LEDGER;
+            // LCOV_EXCL_STOP
+        }
+    }
+
+    // Remove escrow from recipient's owner directory, if present.
+    if (auto const optPage = (*slep)[~sfDestinationNode]; optPage)
+    {
+        if (!ctx_.view().dirRemove(keylet::ownerDir((*slep)[sfDestination]), *optPage, k.key, true))
+        {
+            // LCOV_EXCL_START
+            JLOG(j_.fatal()) << "Unable to delete Escrow from recipient.";
+            return tefBAD_LEDGER;
+            // LCOV_EXCL_STOP
+        }
+    }
+
+    auto const sle = ctx_.view().peek(keylet::account(account));
+    STAmount const amount = slep->getFieldAmount(sfAmount);
+
+    // Transfer amount back to the owner
+    if (isXRP(amount))
+        (*sle)[sfBalance] = (*sle)[sfBalance] + amount;
+    else
+    {
+        if (!ctx_.view().rules().enabled(featureTokenEscrow))
+            return temDISABLED;  // LCOV_EXCL_LINE
+
+        auto const issuer = amount.getIssuer();
+        bool const createAsset = account == account_;
+        if (auto const ret = std::visit(
+                [&]<typename T>(T const&) {
+                    return escrowUnlockApplyHelper<T>(
+                        ctx_.view(),
+                        parityRate,
+                        slep,
+                        mPriorBalance,
+                        amount,
+                        issuer,
+                        account,  // sender and receiver are the same
+                        account,
+                        createAsset,
+                        j_);
+                },
+                amount.asset().value());
+            !isTesSuccess(ret))
+            return ret;  // LCOV_EXCL_LINE
+
+        // Remove escrow from issuers owner directory, if present.
+        if (auto const optPage = (*slep)[~sfIssuerNode]; optPage)
+        {
+            if (!ctx_.view().dirRemove(keylet::ownerDir(issuer), *optPage, k.key, true))
+            {
+                // LCOV_EXCL_START
+                JLOG(j_.fatal()) << "Unable to delete Escrow from recipient.";
+                return tefBAD_LEDGER;
+                // LCOV_EXCL_STOP
+            }
+        }
+    }
+
+    adjustOwnerCount(ctx_.view(), sle, -1, ctx_.journal);
+    ctx_.view().update(sle);
+
+    // Remove escrow from ledger
+    ctx_.view().erase(slep);
+
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/escrow/EscrowCreate.cpp

@@ -0,0 +1,498 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/basics/chrono.h>
+#include <xrpl/conditions/Condition.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/MPTAmount.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/protocol/XRPAmount.h>
+#include <xrpl/tx/transactors/escrow/EscrowCreate.h>
+
+namespace xrpl {
+
+/*
+    Escrow
+    ======
+
+    Escrow is a feature of the XRP Ledger that allows you to send conditional
+    XRP payments. These conditional payments, called escrows, set aside XRP and
+    deliver it later when certain conditions are met. Conditions to successfully
+    finish an escrow include time-based unlocks and crypto-conditions. Escrows
+    can also be set to expire if not finished in time.
+
+    The XRP set aside in an escrow is locked up. No one can use or destroy the
+    XRP until the escrow has been successfully finished or canceled. Before the
+    expiration time, only the intended receiver can get the XRP. After the
+    expiration time, the XRP can only be returned to the sender.
+
+    For more details on escrow, including examples, diagrams and more please
+    visit https://xrpl.org/escrow.html
+
+    For details on specific transactions, including fields and validation rules
+    please see:
+
+    `EscrowCreate`
+    --------------
+        See: https://xrpl.org/escrowcreate.html
+
+    `EscrowFinish`
+    --------------
+        See: https://xrpl.org/escrowfinish.html
+
+    `EscrowCancel`
+    --------------
+        See: https://xrpl.org/escrowcancel.html
+*/
+
+//------------------------------------------------------------------------------
+
+TxConsequences
+EscrowCreate::makeTxConsequences(PreflightContext const& ctx)
+{
+    auto const amount = ctx.tx[sfAmount];
+    return TxConsequences{ctx.tx, isXRP(amount) ? amount.xrp() : beast::zero};
+}
+
+template <ValidIssueType T>
+static NotTEC
+escrowCreatePreflightHelper(PreflightContext const& ctx);
+
+template <>
+NotTEC
+escrowCreatePreflightHelper<Issue>(PreflightContext const& ctx)
+{
+    STAmount const amount = ctx.tx[sfAmount];
+    if (amount.native() || amount <= beast::zero)
+        return temBAD_AMOUNT;
+
+    if (badCurrency() == amount.getCurrency())
+        return temBAD_CURRENCY;
+
+    return tesSUCCESS;
+}
+
+template <>
+NotTEC
+escrowCreatePreflightHelper<MPTIssue>(PreflightContext const& ctx)
+{
+    if (!ctx.rules.enabled(featureMPTokensV1))
+        return temDISABLED;
+
+    auto const amount = ctx.tx[sfAmount];
+    if (amount.native() || amount.mpt() > MPTAmount{maxMPTokenAmount} || amount <= beast::zero)
+        return temBAD_AMOUNT;
+
+    return tesSUCCESS;
+}
+
+NotTEC
+EscrowCreate::preflight(PreflightContext const& ctx)
+{
+    STAmount const amount{ctx.tx[sfAmount]};
+    if (!isXRP(amount))
+    {
+        if (!ctx.rules.enabled(featureTokenEscrow))
+            return temBAD_AMOUNT;
+
+        if (auto const ret = std::visit(
+                [&]<typename T>(T const&) { return escrowCreatePreflightHelper<T>(ctx); },
+                amount.asset().value());
+            !isTesSuccess(ret))
+            return ret;
+    }
+    else
+    {
+        if (amount <= beast::zero)
+            return temBAD_AMOUNT;
+    }
+
+    // We must specify at least one timeout value
+    if (!ctx.tx[~sfCancelAfter] && !ctx.tx[~sfFinishAfter])
+        return temBAD_EXPIRATION;
+
+    // If both finish and cancel times are specified then the cancel time must
+    // be strictly after the finish time.
+    if (ctx.tx[~sfCancelAfter] && ctx.tx[~sfFinishAfter] &&
+        ctx.tx[sfCancelAfter] <= ctx.tx[sfFinishAfter])
+        return temBAD_EXPIRATION;
+
+    // In the absence of a FinishAfter, the escrow can be finished
+    // immediately, which can be confusing. When creating an escrow,
+    // we want to ensure that either a FinishAfter time is explicitly
+    // specified or a completion condition is attached.
+    if (!ctx.tx[~sfFinishAfter] && !ctx.tx[~sfCondition])
+        return temMALFORMED;
+
+    if (auto const cb = ctx.tx[~sfCondition])
+    {
+        using namespace xrpl::cryptoconditions;
+
+        std::error_code ec;
+
+        auto condition = Condition::deserialize(*cb, ec);
+        if (!condition)
+        {
+            JLOG(ctx.j.debug()) << "Malformed condition during escrow creation: " << ec.message();
+            return temMALFORMED;
+        }
+    }
+
+    return tesSUCCESS;
+}
+
+template <ValidIssueType T>
+static TER
+escrowCreatePreclaimHelper(
+    PreclaimContext const& ctx,
+    AccountID const& account,
+    AccountID const& dest,
+    STAmount const& amount);
+
+template <>
+TER
+escrowCreatePreclaimHelper<Issue>(
+    PreclaimContext const& ctx,
+    AccountID const& account,
+    AccountID const& dest,
+    STAmount const& amount)
+{
+    AccountID issuer = amount.getIssuer();
+    // If the issuer is the same as the account, return tecNO_PERMISSION
+    if (issuer == account)
+        return tecNO_PERMISSION;
+
+    // If the lsfAllowTrustLineLocking is not enabled, return tecNO_PERMISSION
+    auto const sleIssuer = ctx.view.read(keylet::account(issuer));
+    if (!sleIssuer)
+        return tecNO_ISSUER;
+    if (!sleIssuer->isFlag(lsfAllowTrustLineLocking))
+        return tecNO_PERMISSION;
+
+    // If the account does not have a trustline to the issuer, return tecNO_LINE
+    auto const sleRippleState = ctx.view.read(keylet::line(account, issuer, amount.getCurrency()));
+    if (!sleRippleState)
+        return tecNO_LINE;
+
+    STAmount const balance = (*sleRippleState)[sfBalance];
+
+    // If balance is positive, issuer must have higher address than account
+    if (balance > beast::zero && issuer < account)
+        return tecNO_PERMISSION;  // LCOV_EXCL_LINE
+
+    // If balance is negative, issuer must have lower address than account
+    if (balance < beast::zero && issuer > account)
+        return tecNO_PERMISSION;  // LCOV_EXCL_LINE
+
+    // If the issuer has requireAuth set, check if the account is authorized
+    if (auto const ter = requireAuth(ctx.view, amount.issue(), account); ter != tesSUCCESS)
+        return ter;
+
+    // If the issuer has requireAuth set, check if the destination is authorized
+    if (auto const ter = requireAuth(ctx.view, amount.issue(), dest); ter != tesSUCCESS)
+        return ter;
+
+    // If the issuer has frozen the account, return tecFROZEN
+    if (isFrozen(ctx.view, account, amount.issue()))
+        return tecFROZEN;
+
+    // If the issuer has frozen the destination, return tecFROZEN
+    if (isFrozen(ctx.view, dest, amount.issue()))
+        return tecFROZEN;
+
+    STAmount const spendableAmount =
+        accountHolds(ctx.view, account, amount.getCurrency(), issuer, fhIGNORE_FREEZE, ctx.j);
+
+    // If the balance is less than or equal to 0, return tecINSUFFICIENT_FUNDS
+    if (spendableAmount <= beast::zero)
+        return tecINSUFFICIENT_FUNDS;
+
+    // If the spendable amount is less than the amount, return
+    // tecINSUFFICIENT_FUNDS
+    if (spendableAmount < amount)
+        return tecINSUFFICIENT_FUNDS;
+
+    // If the amount is not addable to the balance, return tecPRECISION_LOSS
+    if (!canAdd(spendableAmount, amount))
+        return tecPRECISION_LOSS;
+
+    return tesSUCCESS;
+}
+
+template <>
+TER
+escrowCreatePreclaimHelper<MPTIssue>(
+    PreclaimContext const& ctx,
+    AccountID const& account,
+    AccountID const& dest,
+    STAmount const& amount)
+{
+    AccountID issuer = amount.getIssuer();
+    // If the issuer is the same as the account, return tecNO_PERMISSION
+    if (issuer == account)
+        return tecNO_PERMISSION;
+
+    // If the mpt does not exist, return tecOBJECT_NOT_FOUND
+    auto const issuanceKey = keylet::mptIssuance(amount.get<MPTIssue>().getMptID());
+    auto const sleIssuance = ctx.view.read(issuanceKey);
+    if (!sleIssuance)
+        return tecOBJECT_NOT_FOUND;
+
+    // If the lsfMPTCanEscrow is not enabled, return tecNO_PERMISSION
+    if (!sleIssuance->isFlag(lsfMPTCanEscrow))
+        return tecNO_PERMISSION;
+
+    // If the issuer is not the same as the issuer of the mpt, return
+    // tecNO_PERMISSION
+    if (sleIssuance->getAccountID(sfIssuer) != issuer)
+        return tecNO_PERMISSION;  // LCOV_EXCL_LINE
+
+    // If the account does not have the mpt, return tecOBJECT_NOT_FOUND
+    if (!ctx.view.exists(keylet::mptoken(issuanceKey.key, account)))
+        return tecOBJECT_NOT_FOUND;
+
+    // If the issuer has requireAuth set, check if the account is
+    // authorized
+    auto const& mptIssue = amount.get<MPTIssue>();
+    if (auto const ter = requireAuth(ctx.view, mptIssue, account, AuthType::WeakAuth);
+        ter != tesSUCCESS)
+        return ter;
+
+    // If the issuer has requireAuth set, check if the destination is
+    // authorized
+    if (auto const ter = requireAuth(ctx.view, mptIssue, dest, AuthType::WeakAuth);
+        ter != tesSUCCESS)
+        return ter;
+
+    // If the issuer has frozen the account, return tecLOCKED
+    if (isFrozen(ctx.view, account, mptIssue))
+        return tecLOCKED;
+
+    // If the issuer has frozen the destination, return tecLOCKED
+    if (isFrozen(ctx.view, dest, mptIssue))
+        return tecLOCKED;
+
+    // If the mpt cannot be transferred, return tecNO_AUTH
+    if (auto const ter = canTransfer(ctx.view, mptIssue, account, dest); ter != tesSUCCESS)
+        return ter;
+
+    STAmount const spendableAmount = accountHolds(
+        ctx.view, account, amount.get<MPTIssue>(), fhIGNORE_FREEZE, ahIGNORE_AUTH, ctx.j);
+
+    // If the balance is less than or equal to 0, return tecINSUFFICIENT_FUNDS
+    if (spendableAmount <= beast::zero)
+        return tecINSUFFICIENT_FUNDS;
+
+    // If the spendable amount is less than the amount, return
+    // tecINSUFFICIENT_FUNDS
+    if (spendableAmount < amount)
+        return tecINSUFFICIENT_FUNDS;
+
+    return tesSUCCESS;
+}
+
+TER
+EscrowCreate::preclaim(PreclaimContext const& ctx)
+{
+    STAmount const amount{ctx.tx[sfAmount]};
+    AccountID const account{ctx.tx[sfAccount]};
+    AccountID const dest{ctx.tx[sfDestination]};
+
+    auto const sled = ctx.view.read(keylet::account(dest));
+    if (!sled)
+        return tecNO_DST;
+
+    // Pseudo-accounts cannot receive escrow. Note, this is not amendment-gated
+    // because all writes to pseudo-account discriminator fields **are**
+    // amendment gated, hence the behaviour of this check will always match the
+    // currently active amendments.
+    if (isPseudoAccount(sled))
+        return tecNO_PERMISSION;
+
+    if (!isXRP(amount))
+    {
+        if (!ctx.view.rules().enabled(featureTokenEscrow))
+            return temDISABLED;  // LCOV_EXCL_LINE
+
+        if (auto const ret = std::visit(
+                [&]<typename T>(T const&) {
+                    return escrowCreatePreclaimHelper<T>(ctx, account, dest, amount);
+                },
+                amount.asset().value());
+            !isTesSuccess(ret))
+            return ret;
+    }
+    return tesSUCCESS;
+}
+
+template <ValidIssueType T>
+static TER
+escrowLockApplyHelper(
+    ApplyView& view,
+    AccountID const& issuer,
+    AccountID const& sender,
+    STAmount const& amount,
+    beast::Journal journal);
+
+template <>
+TER
+escrowLockApplyHelper<Issue>(
+    ApplyView& view,
+    AccountID const& issuer,
+    AccountID const& sender,
+    STAmount const& amount,
+    beast::Journal journal)
+{
+    // Defensive: Issuer cannot create an escrow
+    if (issuer == sender)
+        return tecINTERNAL;  // LCOV_EXCL_LINE
+
+    auto const ter = rippleCredit(
+        view, sender, issuer, amount, amount.holds<MPTIssue>() ? false : true, journal);
+    if (ter != tesSUCCESS)
+        return ter;  // LCOV_EXCL_LINE
+    return tesSUCCESS;
+}
+
+template <>
+TER
+escrowLockApplyHelper<MPTIssue>(
+    ApplyView& view,
+    AccountID const& issuer,
+    AccountID const& sender,
+    STAmount const& amount,
+    beast::Journal journal)
+{
+    // Defensive: Issuer cannot create an escrow
+    if (issuer == sender)
+        return tecINTERNAL;  // LCOV_EXCL_LINE
+
+    auto const ter = rippleLockEscrowMPT(view, sender, amount, journal);
+    if (ter != tesSUCCESS)
+        return ter;  // LCOV_EXCL_LINE
+    return tesSUCCESS;
+}
+
+TER
+EscrowCreate::doApply()
+{
+    auto const closeTime = ctx_.view().header().parentCloseTime;
+
+    if (ctx_.tx[~sfCancelAfter] && after(closeTime, ctx_.tx[sfCancelAfter]))
+        return tecNO_PERMISSION;
+
+    if (ctx_.tx[~sfFinishAfter] && after(closeTime, ctx_.tx[sfFinishAfter]))
+        return tecNO_PERMISSION;
+
+    auto const sle = ctx_.view().peek(keylet::account(account_));
+    if (!sle)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    // Check reserve and funds availability
+    STAmount const amount{ctx_.tx[sfAmount]};
+
+    auto const reserve = ctx_.view().fees().accountReserve((*sle)[sfOwnerCount] + 1);
+
+    if (mSourceBalance < reserve)
+        return tecINSUFFICIENT_RESERVE;
+
+    // Check reserve and funds availability
+    if (isXRP(amount))
+    {
+        if (mSourceBalance < reserve + STAmount(amount).xrp())
+            return tecUNFUNDED;
+    }
+
+    // Check destination account
+    {
+        auto const sled = ctx_.view().read(keylet::account(ctx_.tx[sfDestination]));
+        if (!sled)
+            return tecNO_DST;  // LCOV_EXCL_LINE
+        if (((*sled)[sfFlags] & lsfRequireDestTag) && !ctx_.tx[~sfDestinationTag])
+            return tecDST_TAG_NEEDED;
+    }
+
+    // Create escrow in ledger.  Note that we we use the value from the
+    // sequence or ticket.  For more explanation see comments in SeqProxy.h.
+    Keylet const escrowKeylet = keylet::escrow(account_, ctx_.tx.getSeqValue());
+    auto const slep = std::make_shared<SLE>(escrowKeylet);
+    (*slep)[sfAmount] = amount;
+    (*slep)[sfAccount] = account_;
+    (*slep)[~sfCondition] = ctx_.tx[~sfCondition];
+    (*slep)[~sfSourceTag] = ctx_.tx[~sfSourceTag];
+    (*slep)[sfDestination] = ctx_.tx[sfDestination];
+    (*slep)[~sfCancelAfter] = ctx_.tx[~sfCancelAfter];
+    (*slep)[~sfFinishAfter] = ctx_.tx[~sfFinishAfter];
+    (*slep)[~sfDestinationTag] = ctx_.tx[~sfDestinationTag];
+
+    if (ctx_.view().rules().enabled(fixIncludeKeyletFields))
+    {
+        (*slep)[sfSequence] = ctx_.tx.getSeqValue();
+    }
+
+    if (ctx_.view().rules().enabled(featureTokenEscrow) && !isXRP(amount))
+    {
+        auto const xferRate = transferRate(ctx_.view(), amount);
+        if (xferRate != parityRate)
+            (*slep)[sfTransferRate] = xferRate.value;
+    }
+
+    ctx_.view().insert(slep);
+
+    // Add escrow to sender's owner directory
+    {
+        auto page = ctx_.view().dirInsert(
+            keylet::ownerDir(account_), escrowKeylet, describeOwnerDir(account_));
+        if (!page)
+            return tecDIR_FULL;  // LCOV_EXCL_LINE
+        (*slep)[sfOwnerNode] = *page;
+    }
+
+    // If it's not a self-send, add escrow to recipient's owner directory.
+    AccountID const dest = ctx_.tx[sfDestination];
+    if (dest != account_)
+    {
+        auto page =
+            ctx_.view().dirInsert(keylet::ownerDir(dest), escrowKeylet, describeOwnerDir(dest));
+        if (!page)
+            return tecDIR_FULL;  // LCOV_EXCL_LINE
+        (*slep)[sfDestinationNode] = *page;
+    }
+
+    // IOU escrow objects are added to the issuer's owner directory to help
+    // track the total locked balance. For MPT, this isn't necessary because the
+    // locked balance is already stored directly in the MPTokenIssuance object.
+    AccountID const issuer = amount.getIssuer();
+    if (!isXRP(amount) && issuer != account_ && issuer != dest && !amount.holds<MPTIssue>())
+    {
+        auto page =
+            ctx_.view().dirInsert(keylet::ownerDir(issuer), escrowKeylet, describeOwnerDir(issuer));
+        if (!page)
+            return tecDIR_FULL;  // LCOV_EXCL_LINE
+        (*slep)[sfIssuerNode] = *page;
+    }
+
+    // Deduct owner's balance
+    if (isXRP(amount))
+        (*sle)[sfBalance] = (*sle)[sfBalance] - amount;
+    else
+    {
+        if (auto const ret = std::visit(
+                [&]<typename T>(T const&) {
+                    return escrowLockApplyHelper<T>(ctx_.view(), issuer, account_, amount, j_);
+                },
+                amount.asset().value());
+            !isTesSuccess(ret))
+        {
+            return ret;  // LCOV_EXCL_LINE
+        }
+    }
+
+    // increment owner count
+    adjustOwnerCount(ctx_.view(), sle, 1, ctx_.journal);
+    ctx_.view().update(sle);
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/escrow/EscrowFinish.cpp

@@ -0,0 +1,371 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/basics/chrono.h>
+#include <xrpl/conditions/Condition.h>
+#include <xrpl/conditions/Fulfillment.h>
+#include <xrpl/core/HashRouter.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/CredentialHelpers.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/protocol/XRPAmount.h>
+#include <xrpl/tx/transactors/escrow/EscrowFinish.h>
+#include <xrpl/tx/transactors/escrow/EscrowHelpers.h>
+
+namespace xrpl {
+
+// During an EscrowFinish, the transaction must specify both
+// a condition and a fulfillment. We track whether that
+// fulfillment matches and validates the condition.
+constexpr HashRouterFlags SF_CF_INVALID = HashRouterFlags::PRIVATE5;
+constexpr HashRouterFlags SF_CF_VALID = HashRouterFlags::PRIVATE6;
+
+//------------------------------------------------------------------------------
+
+static bool
+checkCondition(Slice f, Slice c)
+{
+    using namespace xrpl::cryptoconditions;
+
+    std::error_code ec;
+
+    auto condition = Condition::deserialize(c, ec);
+    if (!condition)
+        return false;
+
+    auto fulfillment = Fulfillment::deserialize(f, ec);
+    if (!fulfillment)
+        return false;
+
+    return validate(*fulfillment, *condition);
+}
+
+bool
+EscrowFinish::checkExtraFeatures(PreflightContext const& ctx)
+{
+    return !ctx.tx.isFieldPresent(sfCredentialIDs) || ctx.rules.enabled(featureCredentials);
+}
+
+NotTEC
+EscrowFinish::preflight(PreflightContext const& ctx)
+{
+    auto const cb = ctx.tx[~sfCondition];
+    auto const fb = ctx.tx[~sfFulfillment];
+
+    // If you specify a condition, then you must also specify
+    // a fulfillment.
+    if (static_cast<bool>(cb) != static_cast<bool>(fb))
+        return temMALFORMED;
+
+    return tesSUCCESS;
+}
+
+NotTEC
+EscrowFinish::preflightSigValidated(PreflightContext const& ctx)
+{
+    auto const cb = ctx.tx[~sfCondition];
+    auto const fb = ctx.tx[~sfFulfillment];
+
+    if (cb && fb)
+    {
+        auto& router = ctx.registry.getHashRouter();
+
+        auto const id = ctx.tx.getTransactionID();
+        auto const flags = router.getFlags(id);
+
+        // If we haven't checked the condition, check it
+        // now. Whether it passes or not isn't important
+        // in preflight.
+        if (!any(flags & (SF_CF_INVALID | SF_CF_VALID)))
+        {
+            if (checkCondition(*fb, *cb))
+                router.setFlags(id, SF_CF_VALID);
+            else
+                router.setFlags(id, SF_CF_INVALID);
+        }
+    }
+
+    if (auto const err = credentials::checkFields(ctx.tx, ctx.j); !isTesSuccess(err))
+        return err;
+
+    return tesSUCCESS;
+}
+
+XRPAmount
+EscrowFinish::calculateBaseFee(ReadView const& view, STTx const& tx)
+{
+    XRPAmount extraFee{0};
+
+    if (auto const fb = tx[~sfFulfillment])
+    {
+        extraFee += view.fees().base * (32 + (fb->size() / 16));
+    }
+
+    return Transactor::calculateBaseFee(view, tx) + extraFee;
+}
+
+template <ValidIssueType T>
+static TER
+escrowFinishPreclaimHelper(
+    PreclaimContext const& ctx,
+    AccountID const& dest,
+    STAmount const& amount);
+
+template <>
+TER
+escrowFinishPreclaimHelper<Issue>(
+    PreclaimContext const& ctx,
+    AccountID const& dest,
+    STAmount const& amount)
+{
+    AccountID issuer = amount.getIssuer();
+    // If the issuer is the same as the account, return tesSUCCESS
+    if (issuer == dest)
+        return tesSUCCESS;
+
+    // If the issuer has requireAuth set, check if the destination is authorized
+    if (auto const ter = requireAuth(ctx.view, amount.issue(), dest); ter != tesSUCCESS)
+        return ter;
+
+    // If the issuer has deep frozen the destination, return tecFROZEN
+    if (isDeepFrozen(ctx.view, dest, amount.getCurrency(), amount.getIssuer()))
+        return tecFROZEN;
+
+    return tesSUCCESS;
+}
+
+template <>
+TER
+escrowFinishPreclaimHelper<MPTIssue>(
+    PreclaimContext const& ctx,
+    AccountID const& dest,
+    STAmount const& amount)
+{
+    AccountID issuer = amount.getIssuer();
+    // If the issuer is the same as the dest, return tesSUCCESS
+    if (issuer == dest)
+        return tesSUCCESS;
+
+    // If the mpt does not exist, return tecOBJECT_NOT_FOUND
+    auto const issuanceKey = keylet::mptIssuance(amount.get<MPTIssue>().getMptID());
+    auto const sleIssuance = ctx.view.read(issuanceKey);
+    if (!sleIssuance)
+        return tecOBJECT_NOT_FOUND;
+
+    // If the issuer has requireAuth set, check if the destination is
+    // authorized
+    auto const& mptIssue = amount.get<MPTIssue>();
+    if (auto const ter = requireAuth(ctx.view, mptIssue, dest, AuthType::WeakAuth);
+        ter != tesSUCCESS)
+        return ter;
+
+    // If the issuer has frozen the destination, return tecLOCKED
+    if (isFrozen(ctx.view, dest, mptIssue))
+        return tecLOCKED;
+
+    return tesSUCCESS;
+}
+
+TER
+EscrowFinish::preclaim(PreclaimContext const& ctx)
+{
+    if (ctx.view.rules().enabled(featureCredentials))
+    {
+        if (auto const err = credentials::valid(ctx.tx, ctx.view, ctx.tx[sfAccount], ctx.j);
+            !isTesSuccess(err))
+            return err;
+    }
+
+    if (ctx.view.rules().enabled(featureTokenEscrow))
+    {
+        auto const k = keylet::escrow(ctx.tx[sfOwner], ctx.tx[sfOfferSequence]);
+        auto const slep = ctx.view.read(k);
+        if (!slep)
+            return tecNO_TARGET;
+
+        AccountID const dest = (*slep)[sfDestination];
+        STAmount const amount = (*slep)[sfAmount];
+
+        if (!isXRP(amount))
+        {
+            if (auto const ret = std::visit(
+                    [&]<typename T>(T const&) {
+                        return escrowFinishPreclaimHelper<T>(ctx, dest, amount);
+                    },
+                    amount.asset().value());
+                !isTesSuccess(ret))
+                return ret;
+        }
+    }
+    return tesSUCCESS;
+}
+
+TER
+EscrowFinish::doApply()
+{
+    auto const k = keylet::escrow(ctx_.tx[sfOwner], ctx_.tx[sfOfferSequence]);
+    auto const slep = ctx_.view().peek(k);
+    if (!slep)
+    {
+        if (ctx_.view().rules().enabled(featureTokenEscrow))
+            return tecINTERNAL;  // LCOV_EXCL_LINE
+
+        return tecNO_TARGET;
+    }
+
+    // If a cancel time is present, a finish operation should only succeed prior
+    // to that time.
+    auto const now = ctx_.view().header().parentCloseTime;
+
+    // Too soon: can't execute before the finish time
+    if ((*slep)[~sfFinishAfter] && !after(now, (*slep)[sfFinishAfter]))
+        return tecNO_PERMISSION;
+
+    // Too late: can't execute after the cancel time
+    if ((*slep)[~sfCancelAfter] && after(now, (*slep)[sfCancelAfter]))
+        return tecNO_PERMISSION;
+
+    // Check cryptocondition fulfillment
+    {
+        auto const id = ctx_.tx.getTransactionID();
+        auto flags = ctx_.registry.getHashRouter().getFlags(id);
+
+        auto const cb = ctx_.tx[~sfCondition];
+
+        // It's unlikely that the results of the check will
+        // expire from the hash router, but if it happens,
+        // simply re-run the check.
+        if (cb && !any(flags & (SF_CF_INVALID | SF_CF_VALID)))
+        {
+            // LCOV_EXCL_START
+            auto const fb = ctx_.tx[~sfFulfillment];
+
+            if (!fb)
+                return tecINTERNAL;
+
+            if (checkCondition(*fb, *cb))
+                flags = SF_CF_VALID;
+            else
+                flags = SF_CF_INVALID;
+
+            ctx_.registry.getHashRouter().setFlags(id, flags);
+            // LCOV_EXCL_STOP
+        }
+
+        // If the check failed, then simply return an error
+        // and don't look at anything else.
+        if (any(flags & SF_CF_INVALID))
+            return tecCRYPTOCONDITION_ERROR;
+
+        // Check against condition in the ledger entry:
+        auto const cond = (*slep)[~sfCondition];
+
+        // If a condition wasn't specified during creation,
+        // one shouldn't be included now.
+        if (!cond && cb)
+            return tecCRYPTOCONDITION_ERROR;
+
+        // If a condition was specified during creation of
+        // the suspended payment, the identical condition
+        // must be presented again. We don't check if the
+        // fulfillment matches the condition since we did
+        // that in preflight.
+        if (cond && (cond != cb))
+            return tecCRYPTOCONDITION_ERROR;
+    }
+
+    // NOTE: Escrow payments cannot be used to fund accounts.
+    AccountID const destID = (*slep)[sfDestination];
+    auto const sled = ctx_.view().peek(keylet::account(destID));
+    if (!sled)
+        return tecNO_DST;
+
+    if (auto err = verifyDepositPreauth(ctx_.tx, ctx_.view(), account_, destID, sled, ctx_.journal);
+        !isTesSuccess(err))
+        return err;
+
+    AccountID const account = (*slep)[sfAccount];
+
+    // Remove escrow from owner directory
+    {
+        auto const page = (*slep)[sfOwnerNode];
+        if (!ctx_.view().dirRemove(keylet::ownerDir(account), page, k.key, true))
+        {
+            // LCOV_EXCL_START
+            JLOG(j_.fatal()) << "Unable to delete Escrow from owner.";
+            return tefBAD_LEDGER;
+            // LCOV_EXCL_STOP
+        }
+    }
+
+    // Remove escrow from recipient's owner directory, if present.
+    if (auto const optPage = (*slep)[~sfDestinationNode])
+    {
+        if (!ctx_.view().dirRemove(keylet::ownerDir(destID), *optPage, k.key, true))
+        {
+            // LCOV_EXCL_START
+            JLOG(j_.fatal()) << "Unable to delete Escrow from recipient.";
+            return tefBAD_LEDGER;
+            // LCOV_EXCL_STOP
+        }
+    }
+
+    STAmount const amount = slep->getFieldAmount(sfAmount);
+    // Transfer amount to destination
+    if (isXRP(amount))
+        (*sled)[sfBalance] = (*sled)[sfBalance] + amount;
+    else
+    {
+        if (!ctx_.view().rules().enabled(featureTokenEscrow))
+            return temDISABLED;  // LCOV_EXCL_LINE
+
+        Rate lockedRate = slep->isFieldPresent(sfTransferRate)
+            ? xrpl::Rate(slep->getFieldU32(sfTransferRate))
+            : parityRate;
+        auto const issuer = amount.getIssuer();
+        bool const createAsset = destID == account_;
+        if (auto const ret = std::visit(
+                [&]<typename T>(T const&) {
+                    return escrowUnlockApplyHelper<T>(
+                        ctx_.view(),
+                        lockedRate,
+                        sled,
+                        mPriorBalance,
+                        amount,
+                        issuer,
+                        account,
+                        destID,
+                        createAsset,
+                        j_);
+                },
+                amount.asset().value());
+            !isTesSuccess(ret))
+            return ret;
+
+        // Remove escrow from issuers owner directory, if present.
+        if (auto const optPage = (*slep)[~sfIssuerNode]; optPage)
+        {
+            if (!ctx_.view().dirRemove(keylet::ownerDir(issuer), *optPage, k.key, true))
+            {
+                // LCOV_EXCL_START
+                JLOG(j_.fatal()) << "Unable to delete Escrow from recipient.";
+                return tefBAD_LEDGER;
+                // LCOV_EXCL_STOP
+            }
+        }
+    }
+
+    ctx_.view().update(sled);
+
+    // Adjust source owner count
+    auto const sle = ctx_.view().peek(keylet::account(account));
+    adjustOwnerCount(ctx_.view(), sle, -1, ctx_.journal);
+    ctx_.view().update(sle);
+
+    // Remove escrow from ledger
+    ctx_.view().erase(slep);
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/payment_channel/PayChan.cpp

@@ -1,542 +0,0 @@
-#include <xrpl/basics/Log.h>
-#include <xrpl/basics/chrono.h>
-#include <xrpl/ledger/ApplyView.h>
-#include <xrpl/ledger/CredentialHelpers.h>
-#include <xrpl/ledger/View.h>
-#include <xrpl/protocol/Feature.h>
-#include <xrpl/protocol/Indexes.h>
-#include <xrpl/protocol/PayChan.h>
-#include <xrpl/protocol/PublicKey.h>
-#include <xrpl/protocol/TxFlags.h>
-#include <xrpl/protocol/XRPAmount.h>
-#include <xrpl/protocol/digest.h>
-#include <xrpl/tx/transactors/payment_channel/PayChan.h>
-
-namespace xrpl {
-
-/*
-    PaymentChannel
-
-        Payment channels permit off-ledger checkpoints of XRP payments flowing
-        in a single direction. A channel sequesters the owner's XRP in its own
-        ledger entry. The owner can authorize the recipient to claim up to a
-        given balance by giving the receiver a signed message (off-ledger). The
-        recipient can use this signed message to claim any unpaid balance while
-        the channel remains open. The owner can top off the line as needed. If
-        the channel has not paid out all its funds, the owner must wait out a
-        delay to close the channel to give the recipient a chance to supply any
-        claims. The recipient can close the channel at any time. Any transaction
-        that touches the channel after the expiration time will close the
-        channel. The total amount paid increases monotonically as newer claims
-        are issued. When the channel is closed any remaining balance is returned
-        to the owner. Channels are intended to permit intermittent off-ledger
-        settlement of ILP trust lines as balances get substantial. For
-        bidirectional channels, a payment channel can be used in each direction.
-
-    PaymentChannelCreate
-
-        Create a unidirectional channel. The parameters are:
-        Destination
-            The recipient at the end of the channel.
-        Amount
-            The amount of XRP to deposit in the channel immediately.
-        SettleDelay
-            The amount of time everyone but the recipient must wait for a
-            superior claim.
-        PublicKey
-            The key that will sign claims against the channel.
-        CancelAfter (optional)
-            Any channel transaction that touches this channel after the
-            `CancelAfter` time will close it.
-        DestinationTag (optional)
-            Destination tags allow the different accounts inside of a Hosted
-            Wallet to be mapped back onto the Ripple ledger. The destination tag
-            tells the server to which account in the Hosted Wallet the funds are
-            intended to go to. Required if the destination has lsfRequireDestTag
-            set.
-        SourceTag (optional)
-            Source tags allow the different accounts inside of a Hosted Wallet
-            to be mapped back onto the Ripple ledger. Source tags are similar to
-            destination tags but are for the channel owner to identify their own
-            transactions.
-
-    PaymentChannelFund
-
-        Add additional funds to the payment channel. Only the channel owner may
-        use this transaction. The parameters are:
-        Channel
-            The 256-bit ID of the channel.
-        Amount
-            The amount of XRP to add.
-        Expiration (optional)
-            Time the channel closes. The transaction will fail if the expiration
-            times does not satisfy the SettleDelay constraints.
-
-    PaymentChannelClaim
-
-        Place a claim against an existing channel. The parameters are:
-        Channel
-            The 256-bit ID of the channel.
-        Balance (optional)
-            The total amount of XRP delivered after this claim is processed
-   (optional, not needed if just closing). Amount (optional) The amount of XRP
-   the signature is for (not needed if equal to Balance or just closing the
-   line). Signature (optional) Authorization for the balance above, signed by
-   the owner (optional, not needed if closing or owner is performing the
-   transaction). The signature if for the following message: CLM\0 followed by
-   the 256-bit channel ID, and a 64-bit integer drops. PublicKey (optional) The
-   public key that made the signature (optional, required if a signature is
-   present) Flags tfClose Request that the channel be closed tfRenew Request
-   that the channel's expiration be reset. Only the owner may renew a channel.
-
-*/
-
-//------------------------------------------------------------------------------
-
-static TER
-closeChannel(
-    std::shared_ptr<SLE> const& slep,
-    ApplyView& view,
-    uint256 const& key,
-    beast::Journal j)
-{
-    AccountID const src = (*slep)[sfAccount];
-    // Remove PayChan from owner directory
-    {
-        auto const page = (*slep)[sfOwnerNode];
-        if (!view.dirRemove(keylet::ownerDir(src), page, key, true))
-        {
-            // LCOV_EXCL_START
-            JLOG(j.fatal()) << "Could not remove paychan from src owner directory";
-            return tefBAD_LEDGER;
-            // LCOV_EXCL_STOP
-        }
-    }
-
-    // Remove PayChan from recipient's owner directory, if present.
-    if (auto const page = (*slep)[~sfDestinationNode])
-    {
-        auto const dst = (*slep)[sfDestination];
-        if (!view.dirRemove(keylet::ownerDir(dst), *page, key, true))
-        {
-            // LCOV_EXCL_START
-            JLOG(j.fatal()) << "Could not remove paychan from dst owner directory";
-            return tefBAD_LEDGER;
-            // LCOV_EXCL_STOP
-        }
-    }
-
-    // Transfer amount back to owner, decrement owner count
-    auto const sle = view.peek(keylet::account(src));
-    if (!sle)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    XRPL_ASSERT(
-        (*slep)[sfAmount] >= (*slep)[sfBalance], "xrpl::closeChannel : minimum channel amount");
-    (*sle)[sfBalance] = (*sle)[sfBalance] + (*slep)[sfAmount] - (*slep)[sfBalance];
-    adjustOwnerCount(view, sle, -1, j);
-    view.update(sle);
-
-    // Remove PayChan from ledger
-    view.erase(slep);
-    return tesSUCCESS;
-}
-
-//------------------------------------------------------------------------------
-
-TxConsequences
-PayChanCreate::makeTxConsequences(PreflightContext const& ctx)
-{
-    return TxConsequences{ctx.tx, ctx.tx[sfAmount].xrp()};
-}
-
-NotTEC
-PayChanCreate::preflight(PreflightContext const& ctx)
-{
-    if (!isXRP(ctx.tx[sfAmount]) || (ctx.tx[sfAmount] <= beast::zero))
-        return temBAD_AMOUNT;
-
-    if (ctx.tx[sfAccount] == ctx.tx[sfDestination])
-        return temDST_IS_SRC;
-
-    if (!publicKeyType(ctx.tx[sfPublicKey]))
-        return temMALFORMED;
-
-    return tesSUCCESS;
-}
-
-TER
-PayChanCreate::preclaim(PreclaimContext const& ctx)
-{
-    auto const account = ctx.tx[sfAccount];
-    auto const sle = ctx.view.read(keylet::account(account));
-    if (!sle)
-        return terNO_ACCOUNT;
-
-    // Check reserve and funds availability
-    {
-        auto const balance = (*sle)[sfBalance];
-        auto const reserve = ctx.view.fees().accountReserve((*sle)[sfOwnerCount] + 1);
-
-        if (balance < reserve)
-            return tecINSUFFICIENT_RESERVE;
-
-        if (balance < reserve + ctx.tx[sfAmount])
-            return tecUNFUNDED;
-    }
-
-    auto const dst = ctx.tx[sfDestination];
-
-    {
-        // Check destination account
-        auto const sled = ctx.view.read(keylet::account(dst));
-        if (!sled)
-            return tecNO_DST;
-
-        auto const flags = sled->getFlags();
-
-        // Check if they have disallowed incoming payment channels
-        if (flags & lsfDisallowIncomingPayChan)
-            return tecNO_PERMISSION;
-
-        if ((flags & lsfRequireDestTag) && !ctx.tx[~sfDestinationTag])
-            return tecDST_TAG_NEEDED;
-
-        // Pseudo-accounts cannot receive payment channels, other than native
-        // to their underlying ledger object - implemented in their respective
-        // transaction types. Note, this is not amendment-gated because all
-        // writes to pseudo-account discriminator fields **are** amendment
-        // gated, hence the behaviour of this check will always match the
-        // currently active amendments.
-        if (isPseudoAccount(sled))
-            return tecNO_PERMISSION;
-    }
-
-    return tesSUCCESS;
-}
-
-TER
-PayChanCreate::doApply()
-{
-    auto const account = ctx_.tx[sfAccount];
-    auto const sle = ctx_.view().peek(keylet::account(account));
-    if (!sle)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    if (ctx_.view().rules().enabled(fixPayChanCancelAfter))
-    {
-        auto const closeTime = ctx_.view().header().parentCloseTime;
-        if (ctx_.tx[~sfCancelAfter] && after(closeTime, ctx_.tx[sfCancelAfter]))
-            return tecEXPIRED;
-    }
-
-    auto const dst = ctx_.tx[sfDestination];
-
-    // Create PayChan in ledger.
-    //
-    // Note that we we use the value from the sequence or ticket as the
-    // payChan sequence.  For more explanation see comments in SeqProxy.h.
-    Keylet const payChanKeylet = keylet::payChan(account, dst, ctx_.tx.getSeqValue());
-    auto const slep = std::make_shared<SLE>(payChanKeylet);
-
-    // Funds held in this channel
-    (*slep)[sfAmount] = ctx_.tx[sfAmount];
-    // Amount channel has already paid
-    (*slep)[sfBalance] = ctx_.tx[sfAmount].zeroed();
-    (*slep)[sfAccount] = account;
-    (*slep)[sfDestination] = dst;
-    (*slep)[sfSettleDelay] = ctx_.tx[sfSettleDelay];
-    (*slep)[sfPublicKey] = ctx_.tx[sfPublicKey];
-    (*slep)[~sfCancelAfter] = ctx_.tx[~sfCancelAfter];
-    (*slep)[~sfSourceTag] = ctx_.tx[~sfSourceTag];
-    (*slep)[~sfDestinationTag] = ctx_.tx[~sfDestinationTag];
-    if (ctx_.view().rules().enabled(fixIncludeKeyletFields))
-    {
-        (*slep)[sfSequence] = ctx_.tx.getSeqValue();
-    }
-
-    ctx_.view().insert(slep);
-
-    // Add PayChan to owner directory
-    {
-        auto const page = ctx_.view().dirInsert(
-            keylet::ownerDir(account), payChanKeylet, describeOwnerDir(account));
-        if (!page)
-            return tecDIR_FULL;  // LCOV_EXCL_LINE
-        (*slep)[sfOwnerNode] = *page;
-    }
-
-    // Add PayChan to the recipient's owner directory
-    {
-        auto const page =
-            ctx_.view().dirInsert(keylet::ownerDir(dst), payChanKeylet, describeOwnerDir(dst));
-        if (!page)
-            return tecDIR_FULL;  // LCOV_EXCL_LINE
-        (*slep)[sfDestinationNode] = *page;
-    }
-
-    // Deduct owner's balance, increment owner count
-    (*sle)[sfBalance] = (*sle)[sfBalance] - ctx_.tx[sfAmount];
-    adjustOwnerCount(ctx_.view(), sle, 1, ctx_.journal);
-    ctx_.view().update(sle);
-
-    return tesSUCCESS;
-}
-
-//------------------------------------------------------------------------------
-
-TxConsequences
-PayChanFund::makeTxConsequences(PreflightContext const& ctx)
-{
-    return TxConsequences{ctx.tx, ctx.tx[sfAmount].xrp()};
-}
-
-NotTEC
-PayChanFund::preflight(PreflightContext const& ctx)
-{
-    if (!isXRP(ctx.tx[sfAmount]) || (ctx.tx[sfAmount] <= beast::zero))
-        return temBAD_AMOUNT;
-
-    return tesSUCCESS;
-}
-
-TER
-PayChanFund::doApply()
-{
-    Keylet const k(ltPAYCHAN, ctx_.tx[sfChannel]);
-    auto const slep = ctx_.view().peek(k);
-    if (!slep)
-        return tecNO_ENTRY;
-
-    AccountID const src = (*slep)[sfAccount];
-    auto const txAccount = ctx_.tx[sfAccount];
-    auto const expiration = (*slep)[~sfExpiration];
-
-    {
-        auto const cancelAfter = (*slep)[~sfCancelAfter];
-        auto const closeTime = ctx_.view().header().parentCloseTime.time_since_epoch().count();
-        if ((cancelAfter && closeTime >= *cancelAfter) || (expiration && closeTime >= *expiration))
-            return closeChannel(slep, ctx_.view(), k.key, ctx_.registry.journal("View"));
-    }
-
-    if (src != txAccount)
-        // only the owner can add funds or extend
-        return tecNO_PERMISSION;
-
-    if (auto extend = ctx_.tx[~sfExpiration])
-    {
-        auto minExpiration = ctx_.view().header().parentCloseTime.time_since_epoch().count() +
-            (*slep)[sfSettleDelay];
-        if (expiration && *expiration < minExpiration)
-            minExpiration = *expiration;
-
-        if (*extend < minExpiration)
-            return temBAD_EXPIRATION;
-        (*slep)[~sfExpiration] = *extend;
-        ctx_.view().update(slep);
-    }
-
-    auto const sle = ctx_.view().peek(keylet::account(txAccount));
-    if (!sle)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    {
-        // Check reserve and funds availability
-        auto const balance = (*sle)[sfBalance];
-        auto const reserve = ctx_.view().fees().accountReserve((*sle)[sfOwnerCount]);
-
-        if (balance < reserve)
-            return tecINSUFFICIENT_RESERVE;
-
-        if (balance < reserve + ctx_.tx[sfAmount])
-            return tecUNFUNDED;
-    }
-
-    // do not allow adding funds if dst does not exist
-    if (AccountID const dst = (*slep)[sfDestination]; !ctx_.view().read(keylet::account(dst)))
-    {
-        return tecNO_DST;
-    }
-
-    (*slep)[sfAmount] = (*slep)[sfAmount] + ctx_.tx[sfAmount];
-    ctx_.view().update(slep);
-
-    (*sle)[sfBalance] = (*sle)[sfBalance] - ctx_.tx[sfAmount];
-    ctx_.view().update(sle);
-
-    return tesSUCCESS;
-}
-
-//------------------------------------------------------------------------------
-
-bool
-PayChanClaim::checkExtraFeatures(PreflightContext const& ctx)
-{
-    return !ctx.tx.isFieldPresent(sfCredentialIDs) || ctx.rules.enabled(featureCredentials);
-}
-
-std::uint32_t
-PayChanClaim::getFlagsMask(PreflightContext const&)
-{
-    return tfPaymentChannelClaimMask;
-}
-
-NotTEC
-PayChanClaim::preflight(PreflightContext const& ctx)
-{
-    auto const bal = ctx.tx[~sfBalance];
-    if (bal && (!isXRP(*bal) || *bal <= beast::zero))
-        return temBAD_AMOUNT;
-
-    auto const amt = ctx.tx[~sfAmount];
-    if (amt && (!isXRP(*amt) || *amt <= beast::zero))
-        return temBAD_AMOUNT;
-
-    if (bal && amt && *bal > *amt)
-        return temBAD_AMOUNT;
-
-    {
-        auto const flags = ctx.tx.getFlags();
-
-        if ((flags & tfClose) && (flags & tfRenew))
-            return temMALFORMED;
-    }
-
-    if (auto const sig = ctx.tx[~sfSignature])
-    {
-        if (!(ctx.tx[~sfPublicKey] && bal))
-            return temMALFORMED;
-
-        // Check the signature
-        // The signature isn't needed if txAccount == src, but if it's
-        // present, check it
-
-        auto const reqBalance = bal->xrp();
-        auto const authAmt = amt ? amt->xrp() : reqBalance;
-
-        if (reqBalance > authAmt)
-            return temBAD_AMOUNT;
-
-        Keylet const k(ltPAYCHAN, ctx.tx[sfChannel]);
-        if (!publicKeyType(ctx.tx[sfPublicKey]))
-            return temMALFORMED;
-
-        PublicKey const pk(ctx.tx[sfPublicKey]);
-        Serializer msg;
-        serializePayChanAuthorization(msg, k.key, authAmt);
-        if (!verify(pk, msg.slice(), *sig))
-            return temBAD_SIGNATURE;
-    }
-
-    if (auto const err = credentials::checkFields(ctx.tx, ctx.j); !isTesSuccess(err))
-        return err;
-
-    return tesSUCCESS;
-}
-
-TER
-PayChanClaim::preclaim(PreclaimContext const& ctx)
-{
-    if (!ctx.view.rules().enabled(featureCredentials))
-        return Transactor::preclaim(ctx);
-
-    if (auto const err = credentials::valid(ctx.tx, ctx.view, ctx.tx[sfAccount], ctx.j);
-        !isTesSuccess(err))
-        return err;
-
-    return tesSUCCESS;
-}
-
-TER
-PayChanClaim::doApply()
-{
-    Keylet const k(ltPAYCHAN, ctx_.tx[sfChannel]);
-    auto const slep = ctx_.view().peek(k);
-    if (!slep)
-        return tecNO_TARGET;
-
-    AccountID const src = (*slep)[sfAccount];
-    AccountID const dst = (*slep)[sfDestination];
-    AccountID const txAccount = ctx_.tx[sfAccount];
-
-    auto const curExpiration = (*slep)[~sfExpiration];
-    {
-        auto const cancelAfter = (*slep)[~sfCancelAfter];
-        auto const closeTime = ctx_.view().header().parentCloseTime.time_since_epoch().count();
-        if ((cancelAfter && closeTime >= *cancelAfter) ||
-            (curExpiration && closeTime >= *curExpiration))
-            return closeChannel(slep, ctx_.view(), k.key, ctx_.registry.journal("View"));
-    }
-
-    if (txAccount != src && txAccount != dst)
-        return tecNO_PERMISSION;
-
-    if (ctx_.tx[~sfBalance])
-    {
-        auto const chanBalance = slep->getFieldAmount(sfBalance).xrp();
-        auto const chanFunds = slep->getFieldAmount(sfAmount).xrp();
-        auto const reqBalance = ctx_.tx[sfBalance].xrp();
-
-        if (txAccount == dst && !ctx_.tx[~sfSignature])
-            return temBAD_SIGNATURE;
-
-        if (ctx_.tx[~sfSignature])
-        {
-            PublicKey const pk((*slep)[sfPublicKey]);
-            if (ctx_.tx[sfPublicKey] != pk)
-                return temBAD_SIGNER;
-        }
-
-        if (reqBalance > chanFunds)
-            return tecUNFUNDED_PAYMENT;
-
-        if (reqBalance <= chanBalance)
-            // nothing requested
-            return tecUNFUNDED_PAYMENT;
-
-        auto const sled = ctx_.view().peek(keylet::account(dst));
-        if (!sled)
-            return tecNO_DST;
-
-        if (auto err =
-                verifyDepositPreauth(ctx_.tx, ctx_.view(), txAccount, dst, sled, ctx_.journal);
-            !isTesSuccess(err))
-            return err;
-
-        (*slep)[sfBalance] = ctx_.tx[sfBalance];
-        XRPAmount const reqDelta = reqBalance - chanBalance;
-        XRPL_ASSERT(reqDelta >= beast::zero, "xrpl::PayChanClaim::doApply : minimum balance delta");
-        (*sled)[sfBalance] = (*sled)[sfBalance] + reqDelta;
-        ctx_.view().update(sled);
-        ctx_.view().update(slep);
-    }
-
-    if (ctx_.tx.getFlags() & tfRenew)
-    {
-        if (src != txAccount)
-            return tecNO_PERMISSION;
-        (*slep)[~sfExpiration] = std::nullopt;
-        ctx_.view().update(slep);
-    }
-
-    if (ctx_.tx.getFlags() & tfClose)
-    {
-        // Channel will close immediately if dry or the receiver closes
-        if (dst == txAccount || (*slep)[sfBalance] == (*slep)[sfAmount])
-            return closeChannel(slep, ctx_.view(), k.key, ctx_.registry.journal("View"));
-
-        auto const settleExpiration =
-            ctx_.view().header().parentCloseTime.time_since_epoch().count() +
-            (*slep)[sfSettleDelay];
-
-        if (!curExpiration || *curExpiration > settleExpiration)
-        {
-            (*slep)[~sfExpiration] = settleExpiration;
-            ctx_.view().update(slep);
-        }
-    }
-
-    return tesSUCCESS;
-}
-
-}  // namespace xrpl

src/libxrpl/tx/transactors/payment_channel/PayChanClaim.cpp

@@ -0,0 +1,185 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/CredentialHelpers.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/PayChan.h>
+#include <xrpl/protocol/PublicKey.h>
+#include <xrpl/protocol/TxFlags.h>
+#include <xrpl/tx/transactors/payment_channel/PayChanClaim.h>
+#include <xrpl/tx/transactors/payment_channel/PayChanHelpers.h>
+
+namespace xrpl {
+
+bool
+PayChanClaim::checkExtraFeatures(PreflightContext const& ctx)
+{
+    return !ctx.tx.isFieldPresent(sfCredentialIDs) || ctx.rules.enabled(featureCredentials);
+}
+
+std::uint32_t
+PayChanClaim::getFlagsMask(PreflightContext const&)
+{
+    return tfPaymentChannelClaimMask;
+}
+
+NotTEC
+PayChanClaim::preflight(PreflightContext const& ctx)
+{
+    auto const bal = ctx.tx[~sfBalance];
+    if (bal && (!isXRP(*bal) || *bal <= beast::zero))
+        return temBAD_AMOUNT;
+
+    auto const amt = ctx.tx[~sfAmount];
+    if (amt && (!isXRP(*amt) || *amt <= beast::zero))
+        return temBAD_AMOUNT;
+
+    if (bal && amt && *bal > *amt)
+        return temBAD_AMOUNT;
+
+    {
+        auto const flags = ctx.tx.getFlags();
+
+        if ((flags & tfClose) && (flags & tfRenew))
+            return temMALFORMED;
+    }
+
+    if (auto const sig = ctx.tx[~sfSignature])
+    {
+        if (!(ctx.tx[~sfPublicKey] && bal))
+            return temMALFORMED;
+
+        // Check the signature
+        // The signature isn't needed if txAccount == src, but if it's
+        // present, check it
+
+        auto const reqBalance = bal->xrp();
+        auto const authAmt = amt ? amt->xrp() : reqBalance;
+
+        if (reqBalance > authAmt)
+            return temBAD_AMOUNT;
+
+        Keylet const k(ltPAYCHAN, ctx.tx[sfChannel]);
+        if (!publicKeyType(ctx.tx[sfPublicKey]))
+            return temMALFORMED;
+
+        PublicKey const pk(ctx.tx[sfPublicKey]);
+        Serializer msg;
+        serializePayChanAuthorization(msg, k.key, authAmt);
+        if (!verify(pk, msg.slice(), *sig))
+            return temBAD_SIGNATURE;
+    }
+
+    if (auto const err = credentials::checkFields(ctx.tx, ctx.j); !isTesSuccess(err))
+        return err;
+
+    return tesSUCCESS;
+}
+
+TER
+PayChanClaim::preclaim(PreclaimContext const& ctx)
+{
+    if (!ctx.view.rules().enabled(featureCredentials))
+        return Transactor::preclaim(ctx);
+
+    if (auto const err = credentials::valid(ctx.tx, ctx.view, ctx.tx[sfAccount], ctx.j);
+        !isTesSuccess(err))
+        return err;
+
+    return tesSUCCESS;
+}
+
+TER
+PayChanClaim::doApply()
+{
+    Keylet const k(ltPAYCHAN, ctx_.tx[sfChannel]);
+    auto const slep = ctx_.view().peek(k);
+    if (!slep)
+        return tecNO_TARGET;
+
+    AccountID const src = (*slep)[sfAccount];
+    AccountID const dst = (*slep)[sfDestination];
+    AccountID const txAccount = ctx_.tx[sfAccount];
+
+    auto const curExpiration = (*slep)[~sfExpiration];
+    {
+        auto const cancelAfter = (*slep)[~sfCancelAfter];
+        auto const closeTime = ctx_.view().header().parentCloseTime.time_since_epoch().count();
+        if ((cancelAfter && closeTime >= *cancelAfter) ||
+            (curExpiration && closeTime >= *curExpiration))
+            return closeChannel(slep, ctx_.view(), k.key, ctx_.registry.journal("View"));
+    }
+
+    if (txAccount != src && txAccount != dst)
+        return tecNO_PERMISSION;
+
+    if (ctx_.tx[~sfBalance])
+    {
+        auto const chanBalance = slep->getFieldAmount(sfBalance).xrp();
+        auto const chanFunds = slep->getFieldAmount(sfAmount).xrp();
+        auto const reqBalance = ctx_.tx[sfBalance].xrp();
+
+        if (txAccount == dst && !ctx_.tx[~sfSignature])
+            return temBAD_SIGNATURE;
+
+        if (ctx_.tx[~sfSignature])
+        {
+            PublicKey const pk((*slep)[sfPublicKey]);
+            if (ctx_.tx[sfPublicKey] != pk)
+                return temBAD_SIGNER;
+        }
+
+        if (reqBalance > chanFunds)
+            return tecUNFUNDED_PAYMENT;
+
+        if (reqBalance <= chanBalance)
+            // nothing requested
+            return tecUNFUNDED_PAYMENT;
+
+        auto const sled = ctx_.view().peek(keylet::account(dst));
+        if (!sled)
+            return tecNO_DST;
+
+        if (auto err =
+                verifyDepositPreauth(ctx_.tx, ctx_.view(), txAccount, dst, sled, ctx_.journal);
+            !isTesSuccess(err))
+            return err;
+
+        (*slep)[sfBalance] = ctx_.tx[sfBalance];
+        XRPAmount const reqDelta = reqBalance - chanBalance;
+        XRPL_ASSERT(reqDelta >= beast::zero, "xrpl::PayChanClaim::doApply : minimum balance delta");
+        (*sled)[sfBalance] = (*sled)[sfBalance] + reqDelta;
+        ctx_.view().update(sled);
+        ctx_.view().update(slep);
+    }
+
+    if (ctx_.tx.getFlags() & tfRenew)
+    {
+        if (src != txAccount)
+            return tecNO_PERMISSION;
+        (*slep)[~sfExpiration] = std::nullopt;
+        ctx_.view().update(slep);
+    }
+
+    if (ctx_.tx.getFlags() & tfClose)
+    {
+        // Channel will close immediately if dry or the receiver closes
+        if (dst == txAccount || (*slep)[sfBalance] == (*slep)[sfAmount])
+            return closeChannel(slep, ctx_.view(), k.key, ctx_.registry.journal("View"));
+
+        auto const settleExpiration =
+            ctx_.view().header().parentCloseTime.time_since_epoch().count() +
+            (*slep)[sfSettleDelay];
+
+        if (!curExpiration || *curExpiration > settleExpiration)
+        {
+            (*slep)[~sfExpiration] = settleExpiration;
+            ctx_.view().update(slep);
+        }
+    }
+
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/payment_channel/PayChanCreate.cpp

@@ -0,0 +1,173 @@
+#include <xrpl/basics/chrono.h>
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Feature.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/protocol/PublicKey.h>
+#include <xrpl/protocol/XRPAmount.h>
+#include <xrpl/tx/transactors/payment_channel/PayChanCreate.h>
+
+namespace xrpl {
+
+/*
+    PaymentChannel
+
+        Payment channels permit off-ledger checkpoints of XRP payments flowing
+        in a single direction. A channel sequesters the owner's XRP in its own
+        ledger entry. The owner can authorize the recipient to claim up to a
+        given balance by giving the receiver a signed message (off-ledger). The
+        recipient can use this signed message to claim any unpaid balance while
+        the channel remains open. The owner can top off the line as needed. If
+        the channel has not paid out all its funds, the owner must wait out a
+        delay to close the channel to give the recipient a chance to supply any
+        claims. The recipient can close the channel at any time. Any transaction
+        that touches the channel after the expiration time will close the
+        channel. The total amount paid increases monotonically as newer claims
+        are issued. When the channel is closed any remaining balance is returned
+        to the owner. Channels are intended to permit intermittent off-ledger
+        settlement of ILP trust lines as balances get substantial. For
+        bidirectional channels, a payment channel can be used in each direction.
+*/
+
+//------------------------------------------------------------------------------
+
+TxConsequences
+PayChanCreate::makeTxConsequences(PreflightContext const& ctx)
+{
+    return TxConsequences{ctx.tx, ctx.tx[sfAmount].xrp()};
+}
+
+NotTEC
+PayChanCreate::preflight(PreflightContext const& ctx)
+{
+    if (!isXRP(ctx.tx[sfAmount]) || (ctx.tx[sfAmount] <= beast::zero))
+        return temBAD_AMOUNT;
+
+    if (ctx.tx[sfAccount] == ctx.tx[sfDestination])
+        return temDST_IS_SRC;
+
+    if (!publicKeyType(ctx.tx[sfPublicKey]))
+        return temMALFORMED;
+
+    return tesSUCCESS;
+}
+
+TER
+PayChanCreate::preclaim(PreclaimContext const& ctx)
+{
+    auto const account = ctx.tx[sfAccount];
+    auto const sle = ctx.view.read(keylet::account(account));
+    if (!sle)
+        return terNO_ACCOUNT;
+
+    // Check reserve and funds availability
+    {
+        auto const balance = (*sle)[sfBalance];
+        auto const reserve = ctx.view.fees().accountReserve((*sle)[sfOwnerCount] + 1);
+
+        if (balance < reserve)
+            return tecINSUFFICIENT_RESERVE;
+
+        if (balance < reserve + ctx.tx[sfAmount])
+            return tecUNFUNDED;
+    }
+
+    auto const dst = ctx.tx[sfDestination];
+
+    {
+        // Check destination account
+        auto const sled = ctx.view.read(keylet::account(dst));
+        if (!sled)
+            return tecNO_DST;
+
+        auto const flags = sled->getFlags();
+
+        // Check if they have disallowed incoming payment channels
+        if (flags & lsfDisallowIncomingPayChan)
+            return tecNO_PERMISSION;
+
+        if ((flags & lsfRequireDestTag) && !ctx.tx[~sfDestinationTag])
+            return tecDST_TAG_NEEDED;
+
+        // Pseudo-accounts cannot receive payment channels, other than native
+        // to their underlying ledger object - implemented in their respective
+        // transaction types. Note, this is not amendment-gated because all
+        // writes to pseudo-account discriminator fields **are** amendment
+        // gated, hence the behaviour of this check will always match the
+        // currently active amendments.
+        if (isPseudoAccount(sled))
+            return tecNO_PERMISSION;
+    }
+
+    return tesSUCCESS;
+}
+
+TER
+PayChanCreate::doApply()
+{
+    auto const account = ctx_.tx[sfAccount];
+    auto const sle = ctx_.view().peek(keylet::account(account));
+    if (!sle)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    if (ctx_.view().rules().enabled(fixPayChanCancelAfter))
+    {
+        auto const closeTime = ctx_.view().header().parentCloseTime;
+        if (ctx_.tx[~sfCancelAfter] && after(closeTime, ctx_.tx[sfCancelAfter]))
+            return tecEXPIRED;
+    }
+
+    auto const dst = ctx_.tx[sfDestination];
+
+    // Create PayChan in ledger.
+    //
+    // Note that we we use the value from the sequence or ticket as the
+    // payChan sequence.  For more explanation see comments in SeqProxy.h.
+    Keylet const payChanKeylet = keylet::payChan(account, dst, ctx_.tx.getSeqValue());
+    auto const slep = std::make_shared<SLE>(payChanKeylet);
+
+    // Funds held in this channel
+    (*slep)[sfAmount] = ctx_.tx[sfAmount];
+    // Amount channel has already paid
+    (*slep)[sfBalance] = ctx_.tx[sfAmount].zeroed();
+    (*slep)[sfAccount] = account;
+    (*slep)[sfDestination] = dst;
+    (*slep)[sfSettleDelay] = ctx_.tx[sfSettleDelay];
+    (*slep)[sfPublicKey] = ctx_.tx[sfPublicKey];
+    (*slep)[~sfCancelAfter] = ctx_.tx[~sfCancelAfter];
+    (*slep)[~sfSourceTag] = ctx_.tx[~sfSourceTag];
+    (*slep)[~sfDestinationTag] = ctx_.tx[~sfDestinationTag];
+    if (ctx_.view().rules().enabled(fixIncludeKeyletFields))
+    {
+        (*slep)[sfSequence] = ctx_.tx.getSeqValue();
+    }
+
+    ctx_.view().insert(slep);
+
+    // Add PayChan to owner directory
+    {
+        auto const page = ctx_.view().dirInsert(
+            keylet::ownerDir(account), payChanKeylet, describeOwnerDir(account));
+        if (!page)
+            return tecDIR_FULL;  // LCOV_EXCL_LINE
+        (*slep)[sfOwnerNode] = *page;
+    }
+
+    // Add PayChan to the recipient's owner directory
+    {
+        auto const page =
+            ctx_.view().dirInsert(keylet::ownerDir(dst), payChanKeylet, describeOwnerDir(dst));
+        if (!page)
+            return tecDIR_FULL;  // LCOV_EXCL_LINE
+        (*slep)[sfDestinationNode] = *page;
+    }
+
+    // Deduct owner's balance, increment owner count
+    (*sle)[sfBalance] = (*sle)[sfBalance] - ctx_.tx[sfAmount];
+    adjustOwnerCount(ctx_.view(), sle, 1, ctx_.journal);
+    ctx_.view().update(sle);
+
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/payment_channel/PayChanFund.cpp

@@ -0,0 +1,91 @@
+#include <xrpl/ledger/ApplyView.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/tx/transactors/payment_channel/PayChanFund.h>
+#include <xrpl/tx/transactors/payment_channel/PayChanHelpers.h>
+
+namespace xrpl {
+
+TxConsequences
+PayChanFund::makeTxConsequences(PreflightContext const& ctx)
+{
+    return TxConsequences{ctx.tx, ctx.tx[sfAmount].xrp()};
+}
+
+NotTEC
+PayChanFund::preflight(PreflightContext const& ctx)
+{
+    if (!isXRP(ctx.tx[sfAmount]) || (ctx.tx[sfAmount] <= beast::zero))
+        return temBAD_AMOUNT;
+
+    return tesSUCCESS;
+}
+
+TER
+PayChanFund::doApply()
+{
+    Keylet const k(ltPAYCHAN, ctx_.tx[sfChannel]);
+    auto const slep = ctx_.view().peek(k);
+    if (!slep)
+        return tecNO_ENTRY;
+
+    AccountID const src = (*slep)[sfAccount];
+    auto const txAccount = ctx_.tx[sfAccount];
+    auto const expiration = (*slep)[~sfExpiration];
+
+    {
+        auto const cancelAfter = (*slep)[~sfCancelAfter];
+        auto const closeTime = ctx_.view().header().parentCloseTime.time_since_epoch().count();
+        if ((cancelAfter && closeTime >= *cancelAfter) || (expiration && closeTime >= *expiration))
+            return closeChannel(slep, ctx_.view(), k.key, ctx_.registry.journal("View"));
+    }
+
+    if (src != txAccount)
+        // only the owner can add funds or extend
+        return tecNO_PERMISSION;
+
+    if (auto extend = ctx_.tx[~sfExpiration])
+    {
+        auto minExpiration = ctx_.view().header().parentCloseTime.time_since_epoch().count() +
+            (*slep)[sfSettleDelay];
+        if (expiration && *expiration < minExpiration)
+            minExpiration = *expiration;
+
+        if (*extend < minExpiration)
+            return temBAD_EXPIRATION;
+        (*slep)[~sfExpiration] = *extend;
+        ctx_.view().update(slep);
+    }
+
+    auto const sle = ctx_.view().peek(keylet::account(txAccount));
+    if (!sle)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    {
+        // Check reserve and funds availability
+        auto const balance = (*sle)[sfBalance];
+        auto const reserve = ctx_.view().fees().accountReserve((*sle)[sfOwnerCount]);
+
+        if (balance < reserve)
+            return tecINSUFFICIENT_RESERVE;
+
+        if (balance < reserve + ctx_.tx[sfAmount])
+            return tecUNFUNDED;
+    }
+
+    // do not allow adding funds if dst does not exist
+    if (AccountID const dst = (*slep)[sfDestination]; !ctx_.view().read(keylet::account(dst)))
+    {
+        return tecNO_DST;
+    }
+
+    (*slep)[sfAmount] = (*slep)[sfAmount] + ctx_.tx[sfAmount];
+    ctx_.view().update(slep);
+
+    (*sle)[sfBalance] = (*sle)[sfBalance] - ctx_.tx[sfAmount];
+    ctx_.view().update(sle);
+
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/libxrpl/tx/transactors/payment_channel/PayChanHelpers.cpp

@@ -0,0 +1,57 @@
+#include <xrpl/basics/Log.h>
+#include <xrpl/ledger/View.h>
+#include <xrpl/protocol/Indexes.h>
+#include <xrpl/tx/transactors/payment_channel/PayChanHelpers.h>
+
+namespace xrpl {
+
+TER
+closeChannel(
+    std::shared_ptr<SLE> const& slep,
+    ApplyView& view,
+    uint256 const& key,
+    beast::Journal j)
+{
+    AccountID const src = (*slep)[sfAccount];
+    // Remove PayChan from owner directory
+    {
+        auto const page = (*slep)[sfOwnerNode];
+        if (!view.dirRemove(keylet::ownerDir(src), page, key, true))
+        {
+            // LCOV_EXCL_START
+            JLOG(j.fatal()) << "Could not remove paychan from src owner directory";
+            return tefBAD_LEDGER;
+            // LCOV_EXCL_STOP
+        }
+    }
+
+    // Remove PayChan from recipient's owner directory, if present.
+    if (auto const page = (*slep)[~sfDestinationNode])
+    {
+        auto const dst = (*slep)[sfDestination];
+        if (!view.dirRemove(keylet::ownerDir(dst), *page, key, true))
+        {
+            // LCOV_EXCL_START
+            JLOG(j.fatal()) << "Could not remove paychan from dst owner directory";
+            return tefBAD_LEDGER;
+            // LCOV_EXCL_STOP
+        }
+    }
+
+    // Transfer amount back to owner, decrement owner count
+    auto const sle = view.peek(keylet::account(src));
+    if (!sle)
+        return tefINTERNAL;  // LCOV_EXCL_LINE
+
+    XRPL_ASSERT(
+        (*slep)[sfAmount] >= (*slep)[sfBalance], "xrpl::closeChannel : minimum channel amount");
+    (*sle)[sfBalance] = (*sle)[sfBalance] + (*slep)[sfAmount] - (*slep)[sfBalance];
+    adjustOwnerCount(view, sle, -1, j);
+    view.update(sle);
+
+    // Remove PayChan from ledger
+    view.erase(slep);
+    return tesSUCCESS;
+}
+
+}  // namespace xrpl

src/test/app/LedgerReplay_test.cpp

@@ -85,12 +85,7 @@ public:
     }
 
     virtual void
-    acquireAsync(
-        JobType type,
-        std::string const& name,
-        uint256 const& hash,
-        std::uint32_t seq,
-        InboundLedger::Reason reason) override
+    acquireAsync(uint256 const& hash, std::uint32_t seq, InboundLedger::Reason reason) override
     {
     }
 

src/test/basics/CanProcess_test.cpp

@@ -1,165 +0,0 @@
-//------------------------------------------------------------------------------
-/*
-    This file is part of rippled: https://github.com/ripple/rippled
-    Copyright (c) 2012-2016 Ripple Labs Inc.
-
-    Permission to use, copy, modify, and/or distribute this software for any
-    purpose  with  or without fee is hereby granted, provided that the above
-    copyright notice and this permission notice appear in all copies.
-
-    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
-    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
-    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-*/
-//==============================================================================
-
-#include <xrpl/basics/CanProcess.h>
-#include <xrpl/beast/unit_test.h>
-
-#include <memory>
-
-namespace ripple {
-namespace test {
-
-struct CanProcess_test : beast::unit_test::suite
-{
-    template <class Mutex, class Collection, class Item>
-    void
-    test(
-        std::string const& name,
-        Mutex& mtx,
-        Collection& collection,
-        std::vector<Item> const& items)
-    {
-        testcase(name);
-
-        if (!BEAST_EXPECT(!items.empty()))
-            return;
-        if (!BEAST_EXPECT(collection.empty()))
-            return;
-
-        // CanProcess objects can't be copied or moved. To make that easier,
-        // store shared_ptrs
-        std::vector<std::shared_ptr<CanProcess>> trackers;
-        // Fill up the vector with two CanProcess for each Item. The first
-        // inserts the item into the collection and is "good". The second does
-        // not and is "bad".
-        for (int i = 0; i < items.size(); ++i)
-        {
-            {
-                auto const& good =
-                    trackers.emplace_back(std::make_shared<CanProcess>(mtx, collection, items[i]));
-                BEAST_EXPECT(*good);
-            }
-            BEAST_EXPECT(trackers.size() == (2 * i) + 1);
-            BEAST_EXPECT(collection.size() == i + 1);
-            {
-                auto const& bad =
-                    trackers.emplace_back(std::make_shared<CanProcess>(mtx, collection, items[i]));
-                BEAST_EXPECT(!*bad);
-            }
-            BEAST_EXPECT(trackers.size() == 2 * (i + 1));
-            BEAST_EXPECT(collection.size() == i + 1);
-        }
-        BEAST_EXPECT(collection.size() == items.size());
-        // Now remove the items from the vector<CanProcess> two at a time, and
-        // try to get another CanProcess for that item.
-        for (int i = 0; i < items.size(); ++i)
-        {
-            // Remove the "bad" one in the second position
-            // This will have no effect on the collection
-            {
-                auto const iter = trackers.begin() + 1;
-                BEAST_EXPECT(!**iter);
-                trackers.erase(iter);
-            }
-            BEAST_EXPECT(trackers.size() == (2 * items.size()) - 1);
-            BEAST_EXPECT(collection.size() == items.size());
-            {
-                // Append a new "bad" one
-                auto const& bad =
-                    trackers.emplace_back(std::make_shared<CanProcess>(mtx, collection, items[i]));
-                BEAST_EXPECT(!*bad);
-            }
-            BEAST_EXPECT(trackers.size() == 2 * items.size());
-            BEAST_EXPECT(collection.size() == items.size());
-
-            // Remove the "good" one from the front
-            {
-                auto const iter = trackers.begin();
-                BEAST_EXPECT(**iter);
-                trackers.erase(iter);
-            }
-            BEAST_EXPECT(trackers.size() == (2 * items.size()) - 1);
-            BEAST_EXPECT(collection.size() == items.size() - 1);
-            {
-                // Append a new "good" one
-                auto const& good =
-                    trackers.emplace_back(std::make_shared<CanProcess>(mtx, collection, items[i]));
-                BEAST_EXPECT(*good);
-            }
-            BEAST_EXPECT(trackers.size() == 2 * items.size());
-            BEAST_EXPECT(collection.size() == items.size());
-        }
-        // Now remove them all two at a time
-        for (int i = items.size() - 1; i >= 0; --i)
-        {
-            // Remove the "bad" one from the front
-            {
-                auto const iter = trackers.begin();
-                BEAST_EXPECT(!**iter);
-                trackers.erase(iter);
-            }
-            BEAST_EXPECT(trackers.size() == (2 * i) + 1);
-            BEAST_EXPECT(collection.size() == i + 1);
-            // Remove the "good" one now in front
-            {
-                auto const iter = trackers.begin();
-                BEAST_EXPECT(**iter);
-                trackers.erase(iter);
-            }
-            BEAST_EXPECT(trackers.size() == 2 * i);
-            BEAST_EXPECT(collection.size() == i);
-        }
-        BEAST_EXPECT(trackers.empty());
-        BEAST_EXPECT(collection.empty());
-    }
-
-    void
-    run() override
-    {
-        {
-            std::mutex m;
-            std::set<int> collection;
-            std::vector<int> const items{1, 2, 3, 4, 5};
-            test("set of int", m, collection, items);
-        }
-        {
-            std::mutex m;
-            std::set<std::string> collection;
-            std::vector<std::string> const items{"one", "two", "three", "four", "five"};
-            test("set of string", m, collection, items);
-        }
-        {
-            std::mutex m;
-            std::unordered_set<char> collection;
-            std::vector<char> const items{'1', '2', '3', '4', '5'};
-            test("unorderd_set of char", m, collection, items);
-        }
-        {
-            std::mutex m;
-            std::unordered_set<std::uint64_t> collection;
-            std::vector<std::uint64_t> const items{100u, 1000u, 150u, 4u, 0u};
-            test("unordered_set of uint64_t", m, collection, items);
-        }
-    }
-};
-
-BEAST_DEFINE_TESTSUITE(CanProcess, ripple_basics, ripple);
-
-}  // namespace test
-}  // namespace ripple

src/xrpld/app/consensus/RCLConsensus.cpp

@@ -107,8 +107,10 @@ RCLConsensus::Adaptor::acquireLedger(LedgerHash const& hash)
             // Tell the ledger acquire system that we need the consensus ledger
             acquiringLedger_ = hash;
 
-            app_.getInboundLedgers().acquireAsync(
-                jtADVANCE, "GetConsL1", hash, 0, InboundLedger::Reason::CONSENSUS);
+            app_.getJobQueue().addJob(jtADVANCE, "GetConsL1", [id = hash, &app = app_, this]() {
+                JLOG(j_.debug()) << "JOB advanceLedger getConsensusLedger1 started";
+                app.getInboundLedgers().acquireAsync(id, 0, InboundLedger::Reason::CONSENSUS);
+            });
         }
         return std::nullopt;
     }
@@ -983,7 +985,7 @@ void
 RCLConsensus::Adaptor::updateOperatingMode(std::size_t const positions) const
 {
     if (!positions && app_.getOPs().isFull())
-        app_.getOPs().setMode(OperatingMode::CONNECTED, "updateOperatingMode: no positions");
+        app_.getOPs().setMode(OperatingMode::CONNECTED);
 }
 
 void

src/xrpld/app/consensus/RCLValidations.cpp

@@ -117,8 +117,12 @@ RCLValidationsAdaptor::acquire(LedgerHash const& hash)
     {
         JLOG(j_.warn()) << "Need validated ledger for preferred ledger analysis " << hash;
 
-        app_.getInboundLedgers().acquireAsync(
-            jtADVANCE, "GetConsL2", hash, 0, InboundLedger::Reason::CONSENSUS);
+        Application* pApp = &app_;
+
+        app_.getJobQueue().addJob(jtADVANCE, "GetConsL2", [pApp, hash, this]() {
+            JLOG(j_.debug()) << "JOB advanceLedger getConsensusLedger2 started";
+            pApp->getInboundLedgers().acquireAsync(hash, 0, InboundLedger::Reason::CONSENSUS);
+        });
         return std::nullopt;
     }
 

src/xrpld/app/ledger/InboundLedgers.h

@@ -26,12 +26,7 @@ public:
     // Queue. TODO review whether all callers of acquire() can use this
     // instead. Inbound ledger acquisition is asynchronous anyway.
     virtual void
-    acquireAsync(
-        JobType type,
-        std::string const& name,
-        uint256 const& hash,
-        std::uint32_t seq,
-        InboundLedger::Reason reason) = 0;
+    acquireAsync(uint256 const& hash, std::uint32_t seq, InboundLedger::Reason reason) = 0;
 
     virtual std::shared_ptr<InboundLedger>
     find(LedgerHash const& hash) = 0;

src/xrpld/app/ledger/detail/InboundLedger.cpp

@@ -353,14 +353,7 @@ InboundLedger::onTimer(bool wasProgress, ScopedLockType&)
 
     if (!wasProgress)
     {
-        if (checkLocal())
-        {
-            // Done. Something else (probably consensus) built the ledger
-            // locally while waiting for data (or possibly before requesting)
-            XRPL_ASSERT(isDone(), "ripple::InboundLedger::onTimer : done");
-            JLOG(journal_.info()) << "Finished while waiting " << hash_;
-            return;
-        }
+        checkLocal();
 
         mByHash = true;
 

src/xrpld/app/ledger/detail/InboundLedgers.cpp

@@ -2,9 +2,9 @@
 #include <xrpld/app/ledger/LedgerMaster.h>
 #include <xrpld/app/main/Application.h>
 
-#include <xrpl/basics/CanProcess.h>
 #include <xrpl/basics/DecayingSample.h>
 #include <xrpl/basics/Log.h>
+#include <xrpl/basics/scope.h>
 #include <xrpl/beast/container/aged_map.h>
 #include <xrpl/core/JobQueue.h>
 #include <xrpl/core/PerfLog.h>
@@ -59,15 +59,12 @@ public:
                 (reason != InboundLedger::Reason::CONSENSUS))
                 return {};
 
-            std::stringstream ss;
-
             bool isNew = true;
             std::shared_ptr<InboundLedger> inbound;
             {
                 ScopedLockType sl(mLock);
                 if (stopping_)
                 {
-                    JLOG(j_.debug()) << "Abort(stopping): " << ss.str();
                     return {};
                 }
 
@@ -86,61 +83,47 @@ public:
                     ++mCounter;
                 }
             }
-            ss << " IsNew: " << (isNew ? "true" : "false");
 
             if (inbound->isFailed())
-            {
-                JLOG(j_.debug()) << "Abort(failed): " << ss.str();
                 return {};
-            }
 
             if (!isNew)
                 inbound->update(seq);
 
             if (!inbound->isComplete())
-            {
-                JLOG(j_.debug()) << "InProgress: " << ss.str();
                 return {};
-            }
 
-            JLOG(j_.debug()) << "Complete: " << ss.str();
             return inbound->getLedger();
         };
         using namespace std::chrono_literals;
-        return perf::measureDurationAndLog(doAcquire, "InboundLedgersImp::acquire", 500ms, j_);
+        std::shared_ptr<Ledger const> ledger =
+            perf::measureDurationAndLog(doAcquire, "InboundLedgersImp::acquire", 500ms, j_);
+
+        return ledger;
     }
 
     void
-    acquireAsync(
-        JobType type,
-        std::string const& name,
-        uint256 const& hash,
-        std::uint32_t seq,
-        InboundLedger::Reason reason) override
+    acquireAsync(uint256 const& hash, std::uint32_t seq, InboundLedger::Reason reason) override
     {
-        if (auto check = std::make_shared<CanProcess const>(acquiresMutex_, pendingAcquires_, hash);
-            *check)
+        std::unique_lock lock(acquiresMutex_);
+        try
         {
-            app_.getJobQueue().addJob(type, name, [check, name, hash, seq, reason, this]() {
-                JLOG(j_.debug()) << "JOB acquireAsync " << name << " started ";
-                try
-                {
-                    acquire(hash, seq, reason);
-                }
-                catch (std::exception const& e)
-                {
-                    JLOG(j_.warn()) << "Exception thrown for acquiring new "
-                                       "inbound ledger "
-                                    << hash << ": " << e.what();
-                }
-                catch (...)
-                {
-                    JLOG(j_.warn()) << "Unknown exception thrown for acquiring new "
-                                       "inbound ledger "
-                                    << hash;
-                }
-            });
+            if (pendingAcquires_.contains(hash))
+                return;
+            pendingAcquires_.insert(hash);
+            scope_unlock unlock(lock);
+            acquire(hash, seq, reason);
         }
+        catch (std::exception const& e)
+        {
+            JLOG(j_.warn()) << "Exception thrown for acquiring new inbound ledger " << hash << ": "
+                            << e.what();
+        }
+        catch (...)
+        {
+            JLOG(j_.warn()) << "Unknown exception thrown for acquiring new inbound ledger " << hash;
+        }
+        pendingAcquires_.erase(hash);
     }
 
     std::shared_ptr<InboundLedger>

src/xrpld/app/ledger/detail/LedgerMaster.cpp

@@ -907,9 +907,8 @@ LedgerMaster::checkAccept(std::shared_ptr<Ledger const> const& ledger)
         return;
     }
 
-    JLOG(m_journal.info()) << "Advancing accepted ledger to " << ledger->header().seq << " ("
-                           << to_short_string(ledger->header().hash) << ") with >= " << minVal
-                           << " validations";
+    JLOG(m_journal.info()) << "Advancing accepted ledger to " << ledger->header().seq
+                           << " with >= " << minVal << " validations";
 
     ledger->setValidated();
     ledger->setFull();

src/xrpld/app/ledger/detail/TimeoutCounter.cpp

@@ -13,8 +13,7 @@ TimeoutCounter::TimeoutCounter(
     QueueJobParameter&& jobParameter,
     beast::Journal journal)
     : app_(app)
-    , sink_(journal, to_short_string(hash) + " ")
-    , journal_(sink_)
+    , journal_(journal)
     , hash_(hash)
     , timeouts_(0)
     , complete_(false)
@@ -34,7 +33,6 @@ TimeoutCounter::setTimer(ScopedLockType& sl)
 {
     if (isDone())
         return;
-    JLOG(journal_.debug()) << "Setting timer for " << timerInterval_.count() << "ms";
     timer_.expires_after(timerInterval_);
     timer_.async_wait([wptr = pmDowncast()](boost::system::error_code const& ec) {
         if (ec == boost::asio::error::operation_aborted)
@@ -42,10 +40,6 @@ TimeoutCounter::setTimer(ScopedLockType& sl)
 
         if (auto ptr = wptr.lock())
         {
-            JLOG(ptr->journal_.debug())
-                << "timer: ec: " << ec
-                << " (operation_aborted: " << boost::asio::error::operation_aborted << " - "
-                << (ec == boost::asio::error::operation_aborted ? "aborted" : "other") << ")";
             ScopedLockType sl(ptr->mtx_);
             ptr->queueJob(sl);
         }

src/xrpld/app/ledger/detail/TimeoutCounter.h

@@ -3,7 +3,6 @@
 #include <xrpld/app/main/Application.h>
 
 #include <xrpl/beast/utility/Journal.h>
-#include <xrpl/beast/utility/WrappedSink.h>
 #include <xrpl/core/Job.h>
 
 #include <boost/asio/basic_waitable_timer.hpp>
@@ -104,7 +103,6 @@ protected:
     // Used in this class for access to boost::asio::io_context and
     // xrpl::Overlay. Used in subtypes for the kitchen sink.
     Application& app_;
-    beast::WrappedSink sink_;
     beast::Journal journal_;
     mutable std::recursive_mutex mtx_;
 

src/xrpld/app/misc/NetworkOPs.cpp

@@ -30,10 +30,10 @@
 #include <xrpld/rpc/MPTokenIssuanceID.h>
 #include <xrpld/rpc/ServerHandler.h>
 
-#include <xrpl/basics/CanProcess.h>
 #include <xrpl/basics/UptimeClock.h>
 #include <xrpl/basics/mulDiv.h>
 #include <xrpl/basics/safe_cast.h>
+#include <xrpl/basics/scope.h>
 #include <xrpl/beast/utility/rngfill.h>
 #include <xrpl/core/HashRouter.h>
 #include <xrpl/core/NetworkIDService.h>
@@ -397,7 +397,7 @@ public:
     isFull() override;
 
     void
-    setMode(OperatingMode om, char const* reason) override;
+    setMode(OperatingMode om) override;
 
     bool
     isBlocked() override;
@@ -842,7 +842,7 @@ NetworkOPsImp::strOperatingMode(bool const admin /* = false */) const
 inline void
 NetworkOPsImp::setStandAlone()
 {
-    setMode(OperatingMode::FULL, "setStandAlone");
+    setMode(OperatingMode::FULL);
 }
 
 inline void
@@ -985,7 +985,7 @@ NetworkOPsImp::processHeartbeatTimer()
         {
             if (mMode != OperatingMode::DISCONNECTED)
             {
-                setMode(OperatingMode::DISCONNECTED, "Heartbeat: insufficient peers");
+                setMode(OperatingMode::DISCONNECTED);
                 std::stringstream ss;
                 ss << "Node count (" << numPeers << ") has fallen "
                    << "below required minimum (" << minPeerCount_ << ").";
@@ -1009,7 +1009,7 @@ NetworkOPsImp::processHeartbeatTimer()
 
         if (mMode == OperatingMode::DISCONNECTED)
         {
-            setMode(OperatingMode::CONNECTED, "Heartbeat: sufficient peers");
+            setMode(OperatingMode::CONNECTED);
             JLOG(m_journal.info()) << "Node count (" << numPeers << ") is sufficient.";
             CLOG(clog.ss()) << "setting mode to CONNECTED based on " << numPeers << " peers. ";
         }
@@ -1019,9 +1019,9 @@ NetworkOPsImp::processHeartbeatTimer()
         auto origMode = mMode.load();
         CLOG(clog.ss()) << "mode: " << strOperatingMode(origMode, true);
         if (mMode == OperatingMode::SYNCING)
-            setMode(OperatingMode::SYNCING, "Heartbeat: check syncing");
+            setMode(OperatingMode::SYNCING);
         else if (mMode == OperatingMode::CONNECTED)
-            setMode(OperatingMode::CONNECTED, "Heartbeat: check connected");
+            setMode(OperatingMode::CONNECTED);
         auto newMode = mMode.load();
         if (origMode != newMode)
         {
@@ -1711,7 +1711,7 @@ void
 NetworkOPsImp::setAmendmentBlocked()
 {
     amendmentBlocked_ = true;
-    setMode(OperatingMode::CONNECTED, "setAmendmentBlocked");
+    setMode(OperatingMode::CONNECTED);
 }
 
 inline bool
@@ -1742,7 +1742,7 @@ void
 NetworkOPsImp::setUNLBlocked()
 {
     unlBlocked_ = true;
-    setMode(OperatingMode::CONNECTED, "setUNLBlocked");
+    setMode(OperatingMode::CONNECTED);
 }
 
 inline void
@@ -1838,7 +1838,7 @@ NetworkOPsImp::checkLastClosedLedger(Overlay::PeerSequence const& peerList, uint
 
     if ((mMode == OperatingMode::TRACKING) || (mMode == OperatingMode::FULL))
     {
-        setMode(OperatingMode::CONNECTED, "check LCL: not on consensus ledger");
+        setMode(OperatingMode::CONNECTED);
     }
 
     if (consensus)
@@ -1923,8 +1923,8 @@ NetworkOPsImp::beginConsensus(
         // this shouldn't happen unless we jump ledgers
         if (mMode == OperatingMode::FULL)
         {
-            JLOG(m_journal.warn()) << "beginConsensus Don't have LCL, going to tracking";
-            setMode(OperatingMode::TRACKING, "beginConsensus: No LCL");
+            JLOG(m_journal.warn()) << "Don't have LCL, going to tracking";
+            setMode(OperatingMode::TRACKING);
             CLOG(clog) << "beginConsensus Don't have LCL, going to tracking. ";
         }
 
@@ -2053,7 +2053,7 @@ NetworkOPsImp::endConsensus(std::unique_ptr<std::stringstream> const& clog)
         // validations we have for LCL.  If the ledger is good enough, go to
         // TRACKING - TODO
         if (!needNetworkLedger_)
-            setMode(OperatingMode::TRACKING, "endConsensus: check tracking");
+            setMode(OperatingMode::TRACKING);
     }
 
     if (((mMode == OperatingMode::CONNECTED) || (mMode == OperatingMode::TRACKING)) &&
@@ -2066,7 +2066,7 @@ NetworkOPsImp::endConsensus(std::unique_ptr<std::stringstream> const& clog)
         if (registry_.timeKeeper().now() <
             (current->header().parentCloseTime + 2 * current->header().closeTimeResolution))
         {
-            setMode(OperatingMode::FULL, "endConsensus: check full");
+            setMode(OperatingMode::FULL);
         }
     }
 
@@ -2078,7 +2078,7 @@ NetworkOPsImp::consensusViewChange()
 {
     if ((mMode == OperatingMode::FULL) || (mMode == OperatingMode::TRACKING))
     {
-        setMode(OperatingMode::CONNECTED, "consensusViewChange");
+        setMode(OperatingMode::CONNECTED);
     }
 }
 
@@ -2380,7 +2380,7 @@ NetworkOPsImp::pubPeerStatus(std::function<Json::Value(void)> const& func)
 }
 
 void
-NetworkOPsImp::setMode(OperatingMode om, char const* reason)
+NetworkOPsImp::setMode(OperatingMode om)
 {
     using namespace std::chrono_literals;
     if (om == OperatingMode::CONNECTED)
@@ -2400,12 +2400,11 @@ NetworkOPsImp::setMode(OperatingMode om, char const* reason)
     if (mMode == om)
         return;
 
-    auto const sink = om < mMode ? m_journal.warn() : m_journal.info();
     mMode = om;
 
     accounting_.mode(om);
 
-    JLOG(sink) << "STATE->" << strOperatingMode() << " - " << reason;
+    JLOG(m_journal.info()) << "STATE->" << strOperatingMode();
     pubServer();
 }
 
@@ -2414,24 +2413,32 @@ NetworkOPsImp::recvValidation(std::shared_ptr<STValidation> const& val, std::str
 {
     JLOG(m_journal.trace()) << "recvValidation " << val->getLedgerHash() << " from " << source;
 
+    std::unique_lock lock(validationsMutex_);
+    BypassAccept bypassAccept = BypassAccept::no;
+    try
     {
-        CanProcess const check(validationsMutex_, pendingValidations_, val->getLedgerHash());
-        try
-        {
-            BypassAccept bypassAccept = check ? BypassAccept::no : BypassAccept::yes;
-            handleNewValidation(registry_.app(), val, source, bypassAccept, m_journal);
-        }
-        catch (std::exception const& e)
-        {
-            JLOG(m_journal.warn()) << "Exception thrown for handling new validation "
-                                   << val->getLedgerHash() << ": " << e.what();
-        }
-        catch (...)
-        {
-            JLOG(m_journal.warn())
-                << "Unknown exception thrown for handling new validation " << val->getLedgerHash();
-        }
+        if (pendingValidations_.contains(val->getLedgerHash()))
+            bypassAccept = BypassAccept::yes;
+        else
+            pendingValidations_.insert(val->getLedgerHash());
+        scope_unlock unlock(lock);
+        handleNewValidation(registry_.app(), val, source, bypassAccept, m_journal);
     }
+    catch (std::exception const& e)
+    {
+        JLOG(m_journal.warn()) << "Exception thrown for handling new validation "
+                               << val->getLedgerHash() << ": " << e.what();
+    }
+    catch (...)
+    {
+        JLOG(m_journal.warn()) << "Unknown exception thrown for handling new validation "
+                               << val->getLedgerHash();
+    }
+    if (bypassAccept == BypassAccept::no)
+    {
+        pendingValidations_.erase(val->getLedgerHash());
+    }
+    lock.unlock();
 
     pubValidation(val);