clean up

SECURITY.md

@@ -22,117 +22,10 @@ Responsible investigation includes, but isn't limited to, the following:
 - Not targeting physical security measures, or attempting to use social engineering, spam, distributed denial of service (DDOS) attacks, etc.
 - Investigating bugs in a way that makes a reasonable, good faith effort not to be disruptive or harmful to the XRP Ledger and the broader ecosystem.
 
-### Responsible Disclosure
-
-If you discover a vulnerability or potential threat, or if you _think_
-you have, please reach out by dropping an email using the contact
-information below.
-
-Your report should include the following:
-
-- Your contact information (typically, an email address);
-- The description of the vulnerability;
-- The attack scenario (if any);
-- The steps to reproduce the vulnerability;
-- Any other relevant details or artifacts, including code, scripts or patches.
-
-In your email, please describe the issue or potential threat. If possible, include a "repro" (code that can reproduce the issue) or describe the best way to reproduce and replicate the issue. Please make your report as detailed and comprehensive as possible.
-
-For more information on responsible disclosure, please read this [Wikipedia article](https://en.wikipedia.org/wiki/Responsible_disclosure).
-
-## Report Handling Process
-
-Please report the bug directly to us and limit further disclosure. If you want to prove that you knew the bug as of a given time, consider using a cryptographic pre-commitment: hash the content of your report and publish the hash on a medium of your choice (e.g. on Twitter or as a memo in a transaction) as "proof" that you had written the text at a given point in time.
-
-Once we receive a report, we:
-
-1. Assign two people to independently evaluate the report;
-2. Consider their recommendations;
-3. If action is necessary, formulate a plan to address the issue;
-4. Communicate privately with the reporter to explain our plan.
-5. Prepare, test and release a version which fixes the issue; and
-6. Announce the vulnerability publicly.
-
-We will triage and respond to your disclosure within 24 hours. Beyond that, we will work to analyze the issue in more detail, formulate, develop and test a fix.
-
-While we commit to responding with 24 hours of your initial report with our triage assessment, we cannot guarantee a response time for the remaining steps. We will communicate with you throughout this process, letting you know where we are and keeping you updated on the timeframe.
-
 ## Bug Bounty Program
 
-[Ripple](https://ripple.com) is generously sponsoring a bug bounty program for vulnerabilities in [`xrpld`](https://github.com/XRPLF/rippled) (and other related projects, like [`xrpl.js`](https://github.com/XRPLF/xrpl.js), [`xrpl-py`](https://github.com/XRPLF/xrpl-py), [`xrpl4j`](https://github.com/XRPLF/xrpl4j)).
+[Ripple](https://ripple.com) is generously sponsoring a bug bounty program for vulnerabilities in [`xrpld`](https://github.com/XRPLF/rippled) (and other related projects, like [`Clio`](https://github.com/XRPLF/clio), [`xrpl.js`](https://github.com/XRPLF/xrpl.js), [`xrpl-py`](https://github.com/XRPLF/xrpl-py), [`xrpl4j`](https://github.com/XRPLF/xrpl4j)).
 
-This program allows us to recognize and reward individuals or groups that identify and report bugs. In summary, in order to qualify for a bounty, the bug must be:
+This program allows us to recognize and reward individuals or groups that identify and report bugs.
 
-1. **In scope**. Only bugs in software under the scope of the program qualify. Currently, that means `xrpld`, `xrpl.js`, `xrpl-py`, `xrpl4j`.
-2. **Relevant**. A security issue, posing a danger to user funds, privacy, or the operation of the XRP Ledger.
-3. **Original and previously unknown**. Bugs that are already known and discussed in public do not qualify. Previously reported bugs, even if publicly unknown, are not eligible.
-4. **Specific**. We welcome general security advice or recommendations, but we cannot pay bounties for that.
-5. **Fixable**. There has to be something we can do to permanently fix the problem. Note that bugs in other people’s software may still qualify in some cases. For example, if you find a bug in a library that we use which can compromise the security of software that is in scope and we can get it fixed, you may qualify for a bounty.
-6. **Unused**. If you use the exploit to attack the XRP Ledger, you do not qualify for a bounty. If you report a vulnerability used in an ongoing or past attack and there is specific, concrete evidence that suggests you are the attacker we reserve the right not to pay a bounty.
-
-The amount paid varies dramatically. Vulnerabilities that are harmless on their own, but could form part of a critical exploit will usually receive a bounty. Full-blown exploits can receive much higher bounties. Please don’t hold back partial vulnerabilities while trying to construct a full-blown exploit. We will pay a bounty to anyone who reports a complete chain of vulnerabilities even if they have reported each component of the exploit separately and those vulnerabilities have been fixed in the meantime. However, to qualify for a the full bounty, you must to have been the first to report each of the partial exploits.
-
-### Contacting Us
-
-To report a qualifying bug, please send a detailed report to:
-
-| Email Address | bugs@ripple.com                                     |
-| :-----------: | :-------------------------------------------------- |
-| Short Key ID  | `0xA9F514E0`                                        |
-|  Long Key ID  | `0xD900855AA9F514E0`                                |
-|  Fingerprint  | `B72C 0654 2F2A E250 2763 A268 D900 855A A9F5 14E0` |
-
-The full PGP key for this address, which is also available on several key servers (e.g. on [keyserver.ubuntu.com](https://keyserver.ubuntu.com)), is:
-
-```
------BEGIN PGP PUBLIC KEY BLOCK-----
-mQINBGkSZAQBEACprU199OhgdsOsygNjiQV4msuN3vDOUooehL+NwfsGfW79Tbqq
-Q2u7uQ3NZjW+M2T4nsDwuhkr7pe7xSReR5W8ssaczvtUyxkvbMClilcgZ2OSCAuC
-N9tzJsqOqkwBvXoNXkn//T2jnPz0ZU2wSF+NrEibq5FeuyGdoX3yXXBxq9pW9HzK
-HkQll63QSl6BzVSGRQq+B6lGgaZGLwf3mzmIND9Z5VGLNK2jKynyz9z091whNG/M
-kV+E7/r/bujHk7WIVId07G5/COTXmSr7kFnNEkd2Umw42dkgfiNKvlmJ9M7c1wLK
-KbL9Eb4ADuW6rRc5k4s1e6GT8R4/VPliWbCl9SE32hXH8uTkqVIFZP2eyM5WRRHs
-aKzitkQG9UK9gcb0kdgUkxOvvgPHAe5IuZlcHFzU4y0dBbU1VEFWVpiLU0q+IuNw
-5BRemeHc59YNsngkmAZ+/9zouoShRusZmC8Wzotv75C2qVBcjijPvmjWAUz0Zunm
-Lsr+O71vqHE73pERjD07wuD/ISjiYRYYE/bVrXtXLZijC7qAH4RE3nID+2ojcZyO
-/2jMQvt7un56RsGH4UBHi3aBHi9bUoDGCXKiQY981cEuNaOxpou7Mh3x/ONzzSvk
-sTV6nl1LOZHykN1JyKwaNbTSAiuyoN+7lOBqbV04DNYAHL88PrT21P83aQARAQAB
-tB1SaXBwbGUgTGFicyA8YnVnc0ByaXBwbGUuY29tPokCTgQTAQgAOBYhBLcsBlQv
-KuJQJ2OiaNkAhVqp9RTgBQJpEmQEAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
-AAoJENkAhVqp9RTgBzgP/i7y+aDWl1maig1XMdyb+o0UGusumFSW4Hmj278wlKVv
-usgLPihYgHE0PKrv6WRyKOMC1tQEcYYN93M+OeQ1vFhS2YyURq6RCMmh4zq/awXG
-uZbG36OURB5NH8lGBOHiN/7O+nY0CgenBT2JWm+GW3nEOAVOVm4+r5GlpPlv+Dp1
-NPBThcKXFMnH73++NpSQoDzTfRYHPxhDAX3jkLi/moXfSanOLlR6l94XNNN0jBHW
-Quao0rzf4WSXq9g6AS224xhAA5JyIcFl8TX7hzj5HaFn3VWo3COoDu4U7H+BM0fl
-85yqiMQypp7EhN2gxpMMWaHY5TFM85U/bFXFYfEgihZ4/gt4uoIzsNI9jlX7mYvG
-KFdDij+oTlRsuOxdIy60B3dKcwOH9nZZCz0SPsN/zlRWgKzK4gDKdGhFkU9OlvPu
-94ZqscanoiWKDoZkF96+sjgfjkuHsDK7Lwc1Xi+T4drHG/3aVpkYabXox+lrKB/S
-yxZjeqOIQzWPhnLgCaLyvsKo5hxKzL0w3eURu8F3IS7RgOOlljv4M+Me9sEVcdNV
-aN3/tQwbaomSX1X5D5YXqhBwC3rU3wXwamsscRTGEpkV+JCX6KUqGP7nWmxCpAly
-FL05XuOd5SVHJjXLeuje0JqLUpN514uL+bThWwDbDTdAdwW3oK/2WbXz7IfJRLBj
-uQINBGkSZAQBEADdI3SL2F72qkrgFqXWE6HSRBu9bsAvTE5QrRPWk7ux6at537r4
-S4sIw2dOwLvbyIrDgKNq3LQ5wCK88NO/NeCOFm4AiCJSl3pJHXYnTDoUxTrrxx+o
-vSRI4I3fHEql/MqzgiAb0YUezjgFdh3vYheMPp/309PFbOLhiFqEcx80Mx5h06UH
-gDzu1qNj3Ec+31NLic5zwkrAkvFvD54d6bqYR3SEgMau6aYEewpGHbWBi2pLqSi2
-lQcAeOFixqGpTwDmAnYR8YtjBYepy0MojEAdTHcQQlOYSDk4q4elG+io2N8vECfU
-rD6ORecN48GXdZINYWTAdslrUeanmBdgQrYkSpce8TSghgT9P01SNaXxmyaehVUO
-lqI4pcg5G2oojAE8ncNS3TwDtt7daTaTC3bAdr4PXDVAzNAiewjMNZPB7xidkDGQ
-Y4W1LxTMXyJVWxehYOH7tsbBRKninlfRnLgYzmtIbNRAAvNcsxU6ihv3AV0WFknN
-YbSzotEv1Xq/5wk309x8zCDe+sP0cQicvbXafXmUzPAZzeqFg+VLFn7F9MP1WGlW
-B1u7VIvBF1Mp9Nd3EAGBAoLRdRu+0dVWIjPTQuPIuD9cCatJA0wVaKUrjYbBMl88
-a12LixNVGeSFS9N7ADHx0/o7GNT6l88YbaLP6zggUHpUD/bR+cDN7vllIQARAQAB
-iQI2BBgBCAAgFiEEtywGVC8q4lAnY6Jo2QCFWqn1FOAFAmkSZAQCGwwACgkQ2QCF
-Wqn1FOAfAA/8CYq4p0p4bobY20CKEMsZrkBTFJyPDqzFwMeTjgpzqbD7Y3Qq5QCK
-OBbvY02GWdiIsNOzKdBxiuam2xYP9WHZj4y7/uWEvT0qlPVmDFu+HXjoJ43oxwFd
-CUp2gMuQ4cSL3X94VRJ3BkVL+tgBm8CNY0vnTLLOO3kum/R69VsGJS1JSGUWjNM+
-4qwS3mz+73xJu1HmERyN2RZF/DGIZI2PyONQQ6aH85G1Dd2ohu2/DBAkQAMBrPbj
-FrbDaBLyFhODxU3kTWqnfLlaElSm2EGdIU2yx7n4BggEa//NZRMm5kyeo4vzhtlQ
-YIVUMLAOLZvnEqDnsLKp+22FzNR/O+htBQC4lPywl53oYSALdhz1IQlcAC1ru5KR
-XPzhIXV6IIzkcx9xNkEclZxmsuy5ERXyKEmLbIHAlzFmnrldlt2ZgXDtzaorLmxj
-klKibxd5tF50qOpOivz+oPtFo7n+HmFa1nlVAMxlDCUdM0pEVeYDKI5zfVwalyhZ
-NnjpakdZSXMwgc7NP/hH9buF35hKDp7EckT2y3JNYwHsDdy1icXN2q40XZw5tSIn
-zkPWdu3OUY8PISohN6Pw4h0RH4ZmoX97E8sEfmdKaT58U4Hf2aAv5r9IWCSrAVqY
-u5jvac29CzQR9Kal0A+8phHAXHNFD83SwzIC0syaT9ficAguwGH8X6Q=
-=nGuD
------END PGP PUBLIC KEY BLOCK-----
-```
+We have partnered with Bugcrowd to manage this program. It is a private program, and security researchers can participate based on invitation. However, if you plan to submit a bug, please email bugs@ripple.com with your Bugcrowd handle or Bugcrowd registered email. We will get you added to the program. The detailed bug bounty policy is available on the Bugcrowd website.

include/xrpl/basics/SlabAllocator.h

@@ -284,7 +284,7 @@ class SlabAllocatorSet
 {
 private:
     // The list of allocators that belong to this set
-    boost::container::static_vector<SlabAllocator<Type>, 64> allocators_{};
+    boost::container::static_vector<SlabAllocator<Type>, 64> allocators_;
 
     std::size_t maxSize_ = 0;
 

include/xrpl/basics/hardened_hash.h

@@ -72,12 +72,14 @@ template <class HashAlgorithm = beast::xxhasher>
 class hardened_hash
 {
 private:
-    detail::seed_pair m_seeds{detail::make_seed_pair<>()};
+    detail::seed_pair m_seeds;
 
 public:
     using result_type = typename HashAlgorithm::result_type;
 
-    hardened_hash() = default;
+    hardened_hash() : m_seeds(detail::make_seed_pair<>())
+    {
+    }
 
     template <class T>
     result_type

include/xrpl/basics/partitioned_unordered_map.h

@@ -57,7 +57,7 @@ public:
     {
         using iterator_category = std::forward_iterator_tag;
         partition_map_type* map_{nullptr};
-        typename partition_map_type::iterator ait_{};
+        typename partition_map_type::iterator ait_;
         typename map_type::iterator mit_;
 
         iterator() = default;
@@ -126,7 +126,7 @@ public:
         using iterator_category = std::forward_iterator_tag;
 
         partition_map_type* map_{nullptr};
-        typename partition_map_type::iterator ait_{};
+        typename partition_map_type::iterator ait_;
         typename map_type::iterator mit_;
 
         const_iterator() = default;

include/xrpl/beast/core/LockFreeStack.h

@@ -24,7 +24,9 @@ public:
     using reference = std::
         conditional_t<IsConst, typename Container::const_reference, typename Container::reference>;
 
-    LockFreeStackIterator() = default;
+    LockFreeStackIterator() : m_node()
+    {
+    }
 
     LockFreeStackIterator(NodePtr node) : m_node(node)
     {
@@ -77,7 +79,7 @@ public:
     }
 
 private:
-    NodePtr m_node{};
+    NodePtr m_node;
 };
 
 //------------------------------------------------------------------------------

include/xrpl/core/ClosureCounter.h

@@ -72,7 +72,7 @@ private:
     {
     private:
         ClosureCounter& counter_;
-        std::remove_reference_t<Closure> closure_{};
+        std::remove_reference_t<Closure> closure_;
 
         static_assert(
             std::is_same_v<decltype(closure_(std::declval<Args_t>()...)), Ret_t>,

include/xrpl/ledger/detail/ReadViewFwdRange.h

@@ -102,7 +102,7 @@ public:
 
     private:
         ReadView const* view_ = nullptr;
-        std::unique_ptr<iter_base> impl_{};
+        std::unique_ptr<iter_base> impl_;
         std::optional<value_type> mutable cache_;
     };
 

include/xrpl/protocol/KnownFormats.h

@@ -179,10 +179,10 @@ private:
     // One of the situations where a std::forward_list is useful.  We want to
     // store each Item in a place where its address won't change.  So a node-
     // based container is appropriate.  But we don't need searchability.
-    std::forward_list<Item> formats_{};
+    std::forward_list<Item> formats_;
 
-    boost::container::flat_map<std::string, Item const*> names_{};
-    boost::container::flat_map<KeyType, Item const*> types_{};
+    boost::container::flat_map<std::string, Item const*> names_;
+    boost::container::flat_map<KeyType, Item const*> types_;
     friend Derived;
 };
 

include/xrpl/protocol/STBitString.h

@@ -19,7 +19,7 @@ public:
     using value_type = base_uint<Bits>;
 
 private:
-    value_type value_{};
+    value_type value_;
 
 public:
     STBitString() = default;

include/xrpl/rdb/DatabaseCon.h

@@ -94,7 +94,7 @@ public:
 
     struct CheckpointerSetup
     {
-        JobQueue* jobQueue{};
+        JobQueue* jobQueue;
         std::reference_wrapper<ServiceRegistry> registry;
     };
 

include/xrpl/tx/SignerEntries.h

@@ -42,10 +42,10 @@ public:
         }
 
         // For sorting to look for duplicate accounts
-        friend auto
-        operator<=>(SignerEntry const& lhs, SignerEntry const& rhs)
+        friend bool
+        operator<(SignerEntry const& lhs, SignerEntry const& rhs)
         {
-            return lhs.account <=> rhs.account;
+            return lhs.account < rhs.account;
         }
 
         friend bool

include/xrpl/tx/applySteps.h

@@ -202,7 +202,7 @@ public:
 
     /// Success flag - whether the transaction is likely to
     /// claim a fee
-    bool const likelyToClaimFee{};
+    bool const likelyToClaimFee;
 
     /// Constructor
     template <class Context>

src/libxrpl/ledger/PaymentSandbox.cpp

@@ -6,7 +6,6 @@
 #include <xrpl/ledger/RawView.h>
 #include <xrpl/ledger/ReadView.h>
 #include <xrpl/protocol/AccountID.h>
-#include <xrpl/protocol/Issue.h>
 #include <xrpl/protocol/LedgerFormats.h>
 #include <xrpl/protocol/MPTIssue.h>
 #include <xrpl/protocol/SField.h>

src/libxrpl/ledger/View.cpp

@@ -452,489 +452,6 @@ doWithdraw(
     return accountSend(view, sourceAcct, dstAcct, amount, j, WaiveTransferFee::Yes);
 }
 
-// Direct send w/o fees:
-// - Redeeming IOUs and/or sending sender's own IOUs.
-// - Create trust line if needed.
-// --> bCheckIssuer : normally require issuer to be involved.
-static TER
-rippleCreditIOU(
-    ApplyView& view,
-    AccountID const& uSenderID,
-    AccountID const& uReceiverID,
-    STAmount const& saAmount,
-    bool bCheckIssuer,
-    beast::Journal j)
-{
-    AccountID const& issuer = saAmount.getIssuer();
-    Currency const& currency = saAmount.getCurrency();
-
-    // Make sure issuer is involved.
-    XRPL_ASSERT(
-        !bCheckIssuer || uSenderID == issuer || uReceiverID == issuer,
-        "xrpl::rippleCreditIOU : matching issuer or don't care");
-    (void)issuer;
-
-    // Disallow sending to self.
-    XRPL_ASSERT(uSenderID != uReceiverID, "xrpl::rippleCreditIOU : sender is not receiver");
-
-    bool const bSenderHigh = uSenderID > uReceiverID;
-    auto const index = keylet::line(uSenderID, uReceiverID, currency);
-
-    XRPL_ASSERT(
-        !isXRP(uSenderID) && uSenderID != noAccount(), "xrpl::rippleCreditIOU : sender is not XRP");
-    XRPL_ASSERT(
-        !isXRP(uReceiverID) && uReceiverID != noAccount(),
-        "xrpl::rippleCreditIOU : receiver is not XRP");
-
-    // If the line exists, modify it accordingly.
-    if (auto const sleRippleState = view.peek(index))
-    {
-        STAmount saBalance = sleRippleState->getFieldAmount(sfBalance);
-
-        if (bSenderHigh)
-            saBalance.negate();  // Put balance in sender terms.
-
-        view.creditHook(uSenderID, uReceiverID, saAmount, saBalance);
-
-        STAmount const saBefore = saBalance;
-
-        saBalance -= saAmount;
-
-        JLOG(j.trace()) << "rippleCreditIOU: " << to_string(uSenderID) << " -> "
-                        << to_string(uReceiverID) << " : before=" << saBefore.getFullText()
-                        << " amount=" << saAmount.getFullText()
-                        << " after=" << saBalance.getFullText();
-
-        std::uint32_t const uFlags(sleRippleState->getFieldU32(sfFlags));
-        bool bDelete = false;
-
-        // FIXME This NEEDS to be cleaned up and simplified. It's impossible
-        //       for anyone to understand.
-        if (saBefore > beast::zero
-            // Sender balance was positive.
-            && saBalance <= beast::zero
-            // Sender is zero or negative.
-            && (uFlags & (!bSenderHigh ? lsfLowReserve : lsfHighReserve))
-            // Sender reserve is set.
-            && static_cast<bool>(uFlags & (!bSenderHigh ? lsfLowNoRipple : lsfHighNoRipple)) !=
-                static_cast<bool>(
-                    view.read(keylet::account(uSenderID))->getFlags() & lsfDefaultRipple) &&
-            !(uFlags & (!bSenderHigh ? lsfLowFreeze : lsfHighFreeze)) &&
-            !sleRippleState->getFieldAmount(!bSenderHigh ? sfLowLimit : sfHighLimit)
-            // Sender trust limit is 0.
-            && !sleRippleState->getFieldU32(!bSenderHigh ? sfLowQualityIn : sfHighQualityIn)
-            // Sender quality in is 0.
-            && !sleRippleState->getFieldU32(!bSenderHigh ? sfLowQualityOut : sfHighQualityOut))
-        // Sender quality out is 0.
-        {
-            // Clear the reserve of the sender, possibly delete the line!
-            adjustOwnerCount(view, view.peek(keylet::account(uSenderID)), -1, j);
-
-            // Clear reserve flag.
-            sleRippleState->setFieldU32(
-                sfFlags, uFlags & (!bSenderHigh ? ~lsfLowReserve : ~lsfHighReserve));
-
-            // Balance is zero, receiver reserve is clear.
-            bDelete = !saBalance  // Balance is zero.
-                && !(uFlags & (bSenderHigh ? lsfLowReserve : lsfHighReserve));
-            // Receiver reserve is clear.
-        }
-
-        if (bSenderHigh)
-            saBalance.negate();
-
-        // Want to reflect balance to zero even if we are deleting line.
-        sleRippleState->setFieldAmount(sfBalance, saBalance);
-        // ONLY: Adjust ripple balance.
-
-        if (bDelete)
-        {
-            return trustDelete(
-                view,
-                sleRippleState,
-                bSenderHigh ? uReceiverID : uSenderID,
-                !bSenderHigh ? uReceiverID : uSenderID,
-                j);
-        }
-
-        view.update(sleRippleState);
-        return tesSUCCESS;
-    }
-
-    STAmount const saReceiverLimit(Issue{currency, uReceiverID});
-    STAmount saBalance{saAmount};
-
-    saBalance.setIssuer(noAccount());
-
-    JLOG(j.debug()) << "rippleCreditIOU: "
-                       "create line: "
-                    << to_string(uSenderID) << " -> " << to_string(uReceiverID) << " : "
-                    << saAmount.getFullText();
-
-    auto const sleAccount = view.peek(keylet::account(uReceiverID));
-    if (!sleAccount)
-        return tefINTERNAL;  // LCOV_EXCL_LINE
-
-    bool const noRipple = (sleAccount->getFlags() & lsfDefaultRipple) == 0;
-
-    return trustCreate(
-        view,
-        bSenderHigh,
-        uSenderID,
-        uReceiverID,
-        index.key,
-        sleAccount,
-        false,
-        noRipple,
-        false,
-        false,
-        saBalance,
-        saReceiverLimit,
-        0,
-        0,
-        j);
-}
-
-// Send regardless of limits.
-// --> saAmount: Amount/currency/issuer to deliver to receiver.
-// <-- saActual: Amount actually cost.  Sender pays fees.
-static TER
-rippleSendIOU(
-    ApplyView& view,
-    AccountID const& uSenderID,
-    AccountID const& uReceiverID,
-    STAmount const& saAmount,
-    STAmount& saActual,
-    beast::Journal j,
-    WaiveTransferFee waiveFee)
-{
-    auto const& issuer = saAmount.getIssuer();
-
-    XRPL_ASSERT(
-        !isXRP(uSenderID) && !isXRP(uReceiverID),
-        "xrpl::rippleSendIOU : neither sender nor receiver is XRP");
-    XRPL_ASSERT(uSenderID != uReceiverID, "xrpl::rippleSendIOU : sender is not receiver");
-
-    if (uSenderID == issuer || uReceiverID == issuer || issuer == noAccount())
-    {
-        // Direct send: redeeming IOUs and/or sending own IOUs.
-        auto const ter = rippleCreditIOU(view, uSenderID, uReceiverID, saAmount, false, j);
-        if (ter != tesSUCCESS)
-            return ter;
-        saActual = saAmount;
-        return tesSUCCESS;
-    }
-
-    // Sending 3rd party IOUs: transit.
-
-    // Calculate the amount to transfer accounting
-    // for any transfer fees if the fee is not waived:
-    saActual = (waiveFee == WaiveTransferFee::Yes) ? saAmount
-                                                   : multiply(saAmount, transferRate(view, issuer));
-
-    JLOG(j.debug()) << "rippleSendIOU> " << to_string(uSenderID) << " - > "
-                    << to_string(uReceiverID) << " : deliver=" << saAmount.getFullText()
-                    << " cost=" << saActual.getFullText();
-
-    TER terResult = rippleCreditIOU(view, issuer, uReceiverID, saAmount, true, j);
-
-    if (tesSUCCESS == terResult)
-        terResult = rippleCreditIOU(view, uSenderID, issuer, saActual, true, j);
-
-    return terResult;
-}
-
-template <class TAsset>
-static TER
-doSendMulti(
-    std::string const& name,
-    ApplyView& view,
-    AccountID const& senderID,
-    TAsset const& issue,
-    MultiplePaymentDestinations const& receivers,
-    STAmount& actual,
-    beast::Journal j,
-    WaiveTransferFee waiveFee,
-    // Don't pass back parameters that the caller already has
-    std::function<
-        TER(AccountID const& senderID,
-            AccountID const& receiverID,
-            STAmount const& amount,
-            bool checkIssuer)> doCredit,
-    std::function<
-        TER(AccountID const& issuer, STAmount const& takeFromSender, STAmount const& amount)>
-        preMint = {})
-{
-    // Use the same pattern for all the SendMulti functions to help avoid
-    // divergence and copy/paste errors.
-    auto const& issuer = issue.getIssuer();
-
-    // These values may not stay in sync
-    STAmount takeFromSender{issue};
-    actual = takeFromSender;
-
-    // Failures return immediately.
-    for (auto const& r : receivers)
-    {
-        auto const& receiverID = r.first;
-        STAmount amount{issue, r.second};
-
-        if (amount < beast::zero)
-        {
-            return tecINTERNAL;  // LCOV_EXCL_LINE
-        }
-
-        /* If we aren't sending anything or if the sender is the same as the
-         * receiver then we don't need to do anything.
-         */
-        if (!amount || (senderID == receiverID))
-            continue;
-
-        using namespace std::string_literals;
-        XRPL_ASSERT(!isXRP(receiverID), ("xrpl::"s + name + " : receiver is not XRP").c_str());
-
-        if (senderID == issuer || receiverID == issuer || issuer == noAccount())
-        {
-            if (preMint)
-            {
-                if (auto const ter = preMint(issuer, takeFromSender, amount))
-                    return ter;
-            }
-            // Direct send: redeeming IOUs and/or sending own IOUs.
-            if (auto const ter = doCredit(senderID, receiverID, amount, false))
-                return ter;
-            actual += amount;
-            // Do not add amount to takeFromSender, because doCredit took
-            // it.
-
-            continue;
-        }
-
-        // Sending 3rd party: transit.
-
-        // Calculate the amount to transfer accounting
-        // for any transfer fees if the fee is not waived:
-        STAmount actualSend = (waiveFee == WaiveTransferFee::Yes || issue.native())
-            ? amount
-            : multiply(amount, transferRate(view, amount));
-        actual += actualSend;
-        takeFromSender += actualSend;
-
-        JLOG(j.debug()) << name << "> " << to_string(senderID) << " - > " << to_string(receiverID)
-                        << " : deliver=" << amount.getFullText()
-                        << " cost=" << actualSend.getFullText();
-
-        if (TER const terResult = doCredit(issuer, receiverID, amount, true))
-            return terResult;
-    }
-
-    if (senderID != issuer && takeFromSender)
-    {
-        if (TER const terResult = doCredit(senderID, issuer, takeFromSender, true))
-            return terResult;
-    }
-
-    return tesSUCCESS;
-}
-
-// Send regardless of limits.
-// --> receivers: Amount/currency/issuer to deliver to receivers.
-// <-- saActual: Amount actually cost to sender.  Sender pays fees.
-static TER
-rippleSendMultiIOU(
-    ApplyView& view,
-    AccountID const& senderID,
-    Issue const& issue,
-    MultiplePaymentDestinations const& receivers,
-    STAmount& actual,
-    beast::Journal j,
-    WaiveTransferFee waiveFee)
-{
-    XRPL_ASSERT(!isXRP(senderID), "xrpl::rippleSendMultiIOU : sender is not XRP");
-
-    auto doCredit = [&view, j](
-                        AccountID const& senderID,
-                        AccountID const& receiverID,
-                        STAmount const& amount,
-                        bool checkIssuer) {
-        return rippleCreditIOU(view, senderID, receiverID, amount, checkIssuer, j);
-    };
-
-    return doSendMulti(
-        "rippleSendMultiIOU", view, senderID, issue, receivers, actual, j, waiveFee, doCredit);
-}
-
-static TER
-rippleCreditMPT(
-    ApplyView& view,
-    AccountID const& uSenderID,
-    AccountID const& uReceiverID,
-    STAmount const& saAmount,
-    beast::Journal j)
-{
-    // Do not check MPT authorization here - it must have been checked earlier
-    auto const mptID = keylet::mptIssuance(saAmount.get<MPTIssue>().getMptID());
-    auto const& issuer = saAmount.getIssuer();
-    auto sleIssuance = view.peek(mptID);
-    if (!sleIssuance)
-        return tecOBJECT_NOT_FOUND;
-    if (uSenderID == issuer)
-    {
-        (*sleIssuance)[sfOutstandingAmount] += saAmount.mpt().value();
-        view.update(sleIssuance);
-    }
-    else
-    {
-        auto const mptokenID = keylet::mptoken(mptID.key, uSenderID);
-        if (auto sle = view.peek(mptokenID))
-        {
-            auto const amt = sle->getFieldU64(sfMPTAmount);
-            auto const pay = saAmount.mpt().value();
-            if (amt < pay)
-                return tecINSUFFICIENT_FUNDS;
-            (*sle)[sfMPTAmount] = amt - pay;
-            view.update(sle);
-        }
-        else
-            return tecNO_AUTH;
-    }
-
-    if (uReceiverID == issuer)
-    {
-        auto const outstanding = sleIssuance->getFieldU64(sfOutstandingAmount);
-        auto const redeem = saAmount.mpt().value();
-        if (outstanding >= redeem)
-        {
-            sleIssuance->setFieldU64(sfOutstandingAmount, outstanding - redeem);
-            view.update(sleIssuance);
-        }
-        else
-            return tecINTERNAL;  // LCOV_EXCL_LINE
-    }
-    else
-    {
-        auto const mptokenID = keylet::mptoken(mptID.key, uReceiverID);
-        if (auto sle = view.peek(mptokenID))
-        {
-            (*sle)[sfMPTAmount] += saAmount.mpt().value();
-            view.update(sle);
-        }
-        else
-            return tecNO_AUTH;
-    }
-
-    return tesSUCCESS;
-}
-
-static TER
-rippleSendMPT(
-    ApplyView& view,
-    AccountID const& uSenderID,
-    AccountID const& uReceiverID,
-    STAmount const& saAmount,
-    STAmount& saActual,
-    beast::Journal j,
-    WaiveTransferFee waiveFee)
-{
-    XRPL_ASSERT(uSenderID != uReceiverID, "xrpl::rippleSendMPT : sender is not receiver");
-
-    // Safe to get MPT since rippleSendMPT is only called by accountSendMPT
-    auto const& issuer = saAmount.getIssuer();
-
-    auto const sle = view.read(keylet::mptIssuance(saAmount.get<MPTIssue>().getMptID()));
-    if (!sle)
-        return tecOBJECT_NOT_FOUND;
-
-    if (uSenderID == issuer || uReceiverID == issuer)
-    {
-        // if sender is issuer, check that the new OutstandingAmount will not
-        // exceed MaximumAmount
-        if (uSenderID == issuer)
-        {
-            auto const sendAmount = saAmount.mpt().value();
-            auto const maximumAmount = sle->at(~sfMaximumAmount).value_or(maxMPTokenAmount);
-            if (sendAmount > maximumAmount ||
-                sle->getFieldU64(sfOutstandingAmount) > maximumAmount - sendAmount)
-                return tecPATH_DRY;
-        }
-
-        // Direct send: redeeming MPTs and/or sending own MPTs.
-        auto const ter = rippleCreditMPT(view, uSenderID, uReceiverID, saAmount, j);
-        if (ter != tesSUCCESS)
-            return ter;
-        saActual = saAmount;
-        return tesSUCCESS;
-    }
-
-    // Sending 3rd party MPTs: transit.
-    saActual = (waiveFee == WaiveTransferFee::Yes)
-        ? saAmount
-        : multiply(saAmount, transferRate(view, saAmount.get<MPTIssue>().getMptID()));
-
-    JLOG(j.debug()) << "rippleSendMPT> " << to_string(uSenderID) << " - > "
-                    << to_string(uReceiverID) << " : deliver=" << saAmount.getFullText()
-                    << " cost=" << saActual.getFullText();
-
-    if (auto const terResult = rippleCreditMPT(view, issuer, uReceiverID, saAmount, j);
-        terResult != tesSUCCESS)
-        return terResult;
-
-    return rippleCreditMPT(view, uSenderID, issuer, saActual, j);
-}
-
-static TER
-rippleSendMultiMPT(
-    ApplyView& view,
-    AccountID const& senderID,
-    MPTIssue const& mptIssue,
-    MultiplePaymentDestinations const& receivers,
-    STAmount& actual,
-    beast::Journal j,
-    WaiveTransferFee waiveFee)
-{
-    auto const sle = view.read(keylet::mptIssuance(mptIssue.getMptID()));
-    if (!sle)
-        return tecOBJECT_NOT_FOUND;
-
-    auto preMint = [&](AccountID const& issuer,
-                       STAmount const& takeFromSender,
-                       STAmount const& amount) -> TER {
-        // if sender is issuer, check that the new OutstandingAmount will
-        // not exceed MaximumAmount
-        if (senderID == issuer)
-        {
-            XRPL_ASSERT_PARTS(
-                takeFromSender == beast::zero,
-                "rippler::rippleSendMultiMPT",
-                "sender == issuer, takeFromSender == zero");
-            auto const sendAmount = amount.mpt().value();
-            auto const maximumAmount = sle->at(~sfMaximumAmount).value_or(maxMPTokenAmount);
-            if (sendAmount > maximumAmount ||
-                sle->getFieldU64(sfOutstandingAmount) > maximumAmount - sendAmount)
-                return tecPATH_DRY;
-        }
-
-        return tesSUCCESS;
-    };
-    auto doCredit =
-        [&view, j](
-            AccountID const& senderID, AccountID const& receiverID, STAmount const& amount, bool) {
-            return rippleCreditMPT(view, senderID, receiverID, amount, j);
-        };
-
-    return doSendMulti(
-        "rippleSendMultiMPT",
-        view,
-        senderID,
-        mptIssue,
-        receivers,
-        actual,
-        j,
-        waiveFee,
-        doCredit,
-        preMint);
-}
-
 TER
 cleanupOnAccountDelete(
     ApplyView& view,

src/libxrpl/ledger/helpers/CredentialHelpers.cpp

@@ -15,7 +15,6 @@
 #include <xrpl/protocol/SField.h>
 #include <xrpl/protocol/STArray.h>
 #include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STObject.h>
 #include <xrpl/protocol/STTx.h>
 #include <xrpl/protocol/STVector256.h>
 #include <xrpl/protocol/TER.h>

src/libxrpl/ledger/helpers/OfferHelpers.cpp

@@ -21,7 +21,7 @@ offerDelete(ApplyView& view, std::shared_ptr<SLE> const& sle, beast::Journal j)
     if (!sle)
         return tesSUCCESS;
     auto offerIndex = sle->key();
-    auto const owner = sle->getAccountID(sfAccount);
+    auto owner = sle->getAccountID(sfAccount);
 
     // Detect legacy directories.
     uint256 const uDirectory = sle->getFieldH256(sfBookDirectory);

src/libxrpl/ledger/helpers/RippleStateHelpers.cpp

@@ -579,7 +579,7 @@ requireAuth(ReadView const& view, Issue const& issue, AccountID const& account,
     return tesSUCCESS;
 }
 
-[[nodiscard]] TER
+TER
 canTransfer(ReadView const& view, Issue const& issue, AccountID const& from, AccountID const& to)
 {
     if (issue.native())
@@ -617,7 +617,7 @@ canTransfer(ReadView const& view, Issue const& issue, AccountID const& from, Acc
 //
 //------------------------------------------------------------------------------
 
-[[nodiscard]] TER
+TER
 addEmptyHolding(
     ApplyView& view,
     AccountID const& accountID,
@@ -671,7 +671,7 @@ addEmptyHolding(
         journal);
 }
 
-[[nodiscard]] TER
+TER
 removeEmptyHolding(
     ApplyView& view,
     AccountID const& accountID,

src/libxrpl/ledger/helpers/TokenHelpers.cpp

@@ -938,85 +938,6 @@ accountSendMultiIOU(
                << receivers.size() << " receivers.";
     }
 
-    auto doCredit = [&view, &sender, &receivers, j](
-                        AccountID const& senderID,
-                        AccountID const& receiverID,
-                        STAmount const& amount,
-                        bool /*checkIssuer*/) -> TER {
-        if (!senderID)
-        {
-            SLE::pointer receiver =
-                receiverID != beast::zero ? view.peek(keylet::account(receiverID)) : SLE::pointer();
-
-            if (auto stream = j.trace())
-            {
-                std::string receiver_bal("-");
-
-                if (receiver)
-                    receiver_bal = receiver->getFieldAmount(sfBalance).getFullText();
-
-                stream << "accountSendMultiIOU> " << to_string(senderID) << " -> "
-                       << to_string(receiverID) << " (" << receiver_bal
-                       << ") : " << amount.getFullText();
-            }
-
-            if (receiver)
-            {
-                // Increment XRP balance.
-                auto const rcvBal = receiver->getFieldAmount(sfBalance);
-                receiver->setFieldAmount(sfBalance, rcvBal + amount);
-                view.creditHook(xrpAccount(), receiverID, amount, -rcvBal);
-
-                view.update(receiver);
-            }
-
-            if (auto stream = j.trace())
-            {
-                std::string receiver_bal("-");
-
-                if (receiver)
-                    receiver_bal = receiver->getFieldAmount(sfBalance).getFullText();
-
-                stream << "accountSendMultiIOU< " << to_string(senderID) << " -> "
-                       << to_string(receiverID) << " (" << receiver_bal
-                       << ") : " << amount.getFullText();
-            }
-            return tesSUCCESS;
-        }
-        // Sender
-        if (sender)
-        {
-            if (sender->getFieldAmount(sfBalance) < amount)
-            {
-                return TER{tecFAILED_PROCESSING};
-            }
-            else
-            {
-                auto const sndBal = sender->getFieldAmount(sfBalance);
-                view.creditHook(senderID, xrpAccount(), amount, sndBal);
-
-                // Decrement XRP balance.
-                sender->setFieldAmount(sfBalance, sndBal - amount);
-                view.update(sender);
-            }
-        }
-
-        if (auto stream = j.trace())
-        {
-            std::string sender_bal("-");
-
-            if (sender)
-                sender_bal = sender->getFieldAmount(sfBalance).getFullText();
-
-            stream << "accountSendMultiIOU< " << to_string(senderID) << " (" << sender_bal
-                   << ") -> " << receivers.size() << " receivers.";
-        }
-
-        return tesSUCCESS;
-    };
-    return doSendMulti(
-        "accountSendMultiIOU", view, senderID, issue, receivers, actual, j, waiveFee, doCredit);
-
     // Failures return immediately.
     STAmount takeFromSender{issue};
     for (auto const& r : receivers)

src/libxrpl/tx/transactors/account/SignerListSet.cpp

@@ -257,8 +257,11 @@ SignerListSet::validateQuorumAndSignerEntries(
     }
 
     // Make sure there are no duplicate signers.
+    // SignerEntry only defines operator< and operator==, not the full
+    // std::totally_ordered set required by std::ranges::less, so the
+    // ranges version does not compile. NOLINTNEXTLINE(modernize-use-ranges)
     XRPL_ASSERT(
-        std::ranges::is_sorted(signers),
+        std::is_sorted(signers.begin(), signers.end()),
         "xrpl::SignerListSet::validateQuorumAndSignerEntries : sorted "
         "signers");
     if (std::ranges::adjacent_find(signers) != signers.end())

src/libxrpl/tx/transactors/delegate/DelegateSet.cpp

@@ -1,7 +1,6 @@
 #include <xrpl/tx/transactors/delegate/DelegateSet.h>
 
 #include <xrpl/basics/Log.h>
-#include <xrpl/beast/utility/Journal.h>
 #include <xrpl/core/ServiceRegistry.h>
 #include <xrpl/ledger/helpers/AccountRootHelpers.h>
 #include <xrpl/ledger/helpers/DirectoryHelpers.h>

src/libxrpl/tx/transactors/nft/NFTokenMint.cpp

@@ -13,7 +13,6 @@
 #include <xrpl/protocol/SField.h>
 #include <xrpl/protocol/SOTemplate.h>
 #include <xrpl/protocol/STLedgerEntry.h>
-#include <xrpl/protocol/STObject.h>
 #include <xrpl/protocol/STTx.h>
 #include <xrpl/protocol/TER.h>
 #include <xrpl/protocol/TxFlags.h>

src/test/app/PayChan_test.cpp

@@ -41,6 +41,7 @@
 
 #include <algorithm>
 #include <cassert>
+#include <chrono>
 #include <cstddef>
 #include <cstdint>
 #include <iterator>

src/xrpld/app/misc/TxQ.h

@@ -415,7 +415,7 @@ private:
             // Number of transactions expected per ledger.
             // One more than this value will be accepted
             // before escalation kicks in.
-            std::size_t const txnsExpected{};
+            std::size_t const txnsExpected;
             // Based on the median fee of the LCL. Used
             // when fee escalation kicks in.
             FeeLevel64 const escalationMultiplier;

src/xrpld/app/misc/detail/ValidatorList.cpp

@@ -1,7 +1,6 @@
 #include <xrpld/app/misc/ValidatorList.h>
 
 #include <xrpld/core/TimeKeeper.h>
-#include <xrpld/overlay/Message.h>
 #include <xrpld/overlay/Overlay.h>
 #include <xrpld/overlay/Peer.h>