feat: add scribbles

- Add blake3_bench and sha512_bench parameters to map_stats RPC
- Track keylet hash input sizes in digest.h for performance analysis
- Implement comprehensive BLAKE3 test suite with real-world benchmarks
- Add performance comparison documentation for BLAKE3 vs SHA-512
- Include Gemini research on hash functions for small inputs

Benchmarks show BLAKE3 provides:
- 1.78x speedup for keylet operations (22-102 bytes)
- 1.35x speedup for leaf nodes (167 bytes avg)
- 1.20x speedup for inner nodes (516 bytes)
- Overall 10-13% reduction in validation time

The analysis reveals that while BLAKE3 offers measurable improvements,
the gains are modest rather than revolutionary due to:
- SHAMap traversal consuming ~47% of total time
- Diminishing returns as input size increases
- Architectural requirement for high-entropy keys

.codecov.yml

@@ -1,5 +0,0 @@
-
-codecov:
-  ci:
-    - !appveyor
-    - travis

.dockerignore

@@ -2,6 +2,6 @@
 *
 
 # Allow files and directories
-!/build-inner.sh
-!/release-builder.sh
-
+!/build-core.sh
+!/build-full.sh
+!/release-builder.sh

.githooks/pre-commit

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# Pre-commit hook that runs the suspicious patterns check on staged files
+
+# Get the repository's root directory
+repo_root=$(git rev-parse --show-toplevel)
+
+# Run the suspicious patterns script in pre-commit mode
+"$repo_root/suspicious_patterns.sh" --pre-commit
+
+# Exit with the same code as the script
+exit $?

.githooks/setup.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+echo "Configuring git to use .githooks directory..."
+git config core.hooksPath .githooks

.github/actions/xahau-configure-ccache/action.yml

@@ -0,0 +1,31 @@
+name: 'Configure ccache'
+description: 'Sets up ccache with consistent configuration'
+
+inputs:
+  max_size:
+    description: 'Maximum cache size'
+    required: false
+    default: '2G'
+  hash_dir:
+    description: 'Whether to include directory paths in hash'
+    required: false
+    default: 'true'
+  compiler_check:
+    description: 'How to check compiler for changes'
+    required: false
+    default: 'content'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Configure ccache
+      shell: bash
+      run: |
+        mkdir -p ~/.ccache
+        export CONF_PATH="${CCACHE_CONFIGPATH:-${CCACHE_DIR:-$HOME/.ccache}/ccache.conf}"
+        mkdir -p $(dirname "$CONF_PATH")
+        echo "max_size = ${{ inputs.max_size }}" > "$CONF_PATH"
+        echo "hash_dir = ${{ inputs.hash_dir }}" >> "$CONF_PATH"
+        echo "compiler_check = ${{ inputs.compiler_check }}" >> "$CONF_PATH"
+        ccache -p # Print config for verification
+        ccache -z # Zero statistics before the build

.github/actions/xahau-ga-build/action.yml

@@ -0,0 +1,108 @@
+name: build
+description: 'Builds the project with ccache integration'
+
+inputs:
+  generator:
+    description: 'CMake generator to use'
+    required: true
+  configuration:
+    description: 'Build configuration (Debug, Release, etc.)'
+    required: true
+  build_dir:
+    description: 'Directory to build in'
+    required: false
+    default: '.build'
+  cc:
+    description: 'C compiler to use'
+    required: false
+    default: ''
+  cxx:
+    description: 'C++ compiler to use'
+    required: false
+    default: ''
+  compiler-id:
+    description: 'Unique identifier for compiler/version combination used for cache keys'
+    required: false
+    default: ''
+  cache_version:
+    description: 'Cache version for invalidation'
+    required: false
+    default: '1'
+  ccache_enabled:
+    description: 'Whether to use ccache'
+    required: false
+    default: 'true'
+  main_branch:
+    description: 'Main branch name for restore keys'
+    required: false
+    default: 'dev'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Generate safe branch name
+      if: inputs.ccache_enabled == 'true'
+      id: safe-branch
+      shell: bash
+      run: |
+        SAFE_BRANCH=$(echo "${{ github.ref_name }}" | tr -c 'a-zA-Z0-9_.-' '-')
+        echo "name=${SAFE_BRANCH}" >> $GITHUB_OUTPUT
+
+    - name: Restore ccache directory
+      if: inputs.ccache_enabled == 'true'
+      id: ccache-restore
+      uses: actions/cache/restore@v4
+      with:
+        path: ~/.ccache
+        key: ${{ runner.os }}-ccache-v${{ inputs.cache_version }}-${{ inputs.compiler-id }}-${{ inputs.configuration }}-${{ steps.safe-branch.outputs.name }}
+        restore-keys: |
+          ${{ runner.os }}-ccache-v${{ inputs.cache_version }}-${{ inputs.compiler-id }}-${{ inputs.configuration }}-${{ inputs.main_branch }}
+          ${{ runner.os }}-ccache-v${{ inputs.cache_version }}-${{ inputs.compiler-id }}-${{ inputs.configuration }}-
+          ${{ runner.os }}-ccache-v${{ inputs.cache_version }}-${{ inputs.compiler-id }}-
+          ${{ runner.os }}-ccache-v${{ inputs.cache_version }}-
+
+    - name: Configure project
+      shell: bash
+      run: |
+        mkdir -p ${{ inputs.build_dir }}
+        cd ${{ inputs.build_dir }}
+        
+        # Set compiler environment variables if provided
+        if [ -n "${{ inputs.cc }}" ]; then
+          export CC="${{ inputs.cc }}"
+        fi
+        
+        if [ -n "${{ inputs.cxx }}" ]; then
+          export CXX="${{ inputs.cxx }}"
+        fi
+        
+        # Configure ccache launcher args
+        CCACHE_ARGS=""
+        if [ "${{ inputs.ccache_enabled }}" = "true" ]; then
+          CCACHE_ARGS="-DCMAKE_C_COMPILER_LAUNCHER=ccache -DCMAKE_CXX_COMPILER_LAUNCHER=ccache"
+        fi
+        
+        # Run CMake configure
+        cmake .. \
+          -G "${{ inputs.generator }}" \
+          $CCACHE_ARGS \
+          -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
+          -DCMAKE_BUILD_TYPE=${{ inputs.configuration }}
+
+    - name: Build project
+      shell: bash
+      run: |
+        cd ${{ inputs.build_dir }}
+        cmake --build . --config ${{ inputs.configuration }} --parallel $(nproc)
+
+    - name: Show ccache statistics
+      if: inputs.ccache_enabled == 'true'
+      shell: bash
+      run: ccache -s
+
+    - name: Save ccache directory
+      if: inputs.ccache_enabled == 'true'
+      uses: actions/cache/save@v4
+      with:
+        path: ~/.ccache
+        key: ${{ steps.ccache-restore.outputs.cache-primary-key }}

.github/actions/xahau-ga-dependencies/action.yml

@@ -0,0 +1,86 @@
+name: dependencies
+description: 'Installs build dependencies with caching'
+
+inputs:
+  configuration:
+    description: 'Build configuration (Debug, Release, etc.)'
+    required: true
+  build_dir:
+    description: 'Directory to build dependencies in'
+    required: false
+    default: '.build'
+  compiler-id:
+    description: 'Unique identifier for compiler/version combination used for cache keys'
+    required: false
+    default: ''
+  cache_version:
+    description: 'Cache version for invalidation'
+    required: false
+    default: '1'
+  cache_enabled:
+    description: 'Whether to use caching'
+    required: false
+    default: 'true'
+  main_branch:
+    description: 'Main branch name for restore keys'
+    required: false
+    default: 'dev'
+
+outputs:
+  cache-hit:
+    description: 'Whether there was a cache hit'
+    value: ${{ steps.cache-restore-conan.outputs.cache-hit }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Generate safe branch name
+      if: inputs.cache_enabled == 'true'
+      id: safe-branch
+      shell: bash
+      run: |
+        SAFE_BRANCH=$(echo "${{ github.ref_name }}" | tr -c 'a-zA-Z0-9_.-' '-')
+        echo "name=${SAFE_BRANCH}" >> $GITHUB_OUTPUT
+
+    - name: Restore Conan cache
+      if: inputs.cache_enabled == 'true'
+      id: cache-restore-conan
+      uses: actions/cache/restore@v4
+      with:
+        path: |
+          ~/.conan
+          ~/.conan2
+        key: ${{ runner.os }}-conan-v${{ inputs.cache_version }}-${{ inputs.compiler-id }}-${{ hashFiles('**/conanfile.txt', '**/conanfile.py') }}-${{ inputs.configuration }}
+        restore-keys: |
+          ${{ runner.os }}-conan-v${{ inputs.cache_version }}-${{ inputs.compiler-id }}-${{ hashFiles('**/conanfile.txt', '**/conanfile.py') }}-
+          ${{ runner.os }}-conan-v${{ inputs.cache_version }}-${{ inputs.compiler-id }}-
+          ${{ runner.os }}-conan-v${{ inputs.cache_version }}-
+
+    - name: Export custom recipes
+      shell: bash
+      run: |
+        conan export external/snappy snappy/1.1.9@
+        conan export external/soci soci/4.0.3@
+
+    - name: Install dependencies
+      shell: bash
+      run: |
+        # Create build directory
+        mkdir -p ${{ inputs.build_dir }}
+        cd ${{ inputs.build_dir }}
+        
+        # Install dependencies using conan
+        conan install \
+          --output-folder . \
+          --build missing \
+          --settings build_type=${{ inputs.configuration }} \
+          ..
+
+    - name: Save Conan cache
+      if: inputs.cache_enabled == 'true' && steps.cache-restore-conan.outputs.cache-hit != 'true'
+      uses: actions/cache/save@v4
+      with:
+        path: |
+          ~/.conan
+          ~/.conan2
+        key: ${{ steps.cache-restore-conan.outputs.cache-primary-key }}

.github/pull_request_template.md

@@ -33,10 +33,27 @@ Please check [x] relevant options, delete irrelevant ones.
 - [ ] New feature (non-breaking change which adds functionality)
 - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
 - [ ] Refactor (non-breaking change that only restructures code)
-- [ ] Tests (You added tests for code that already exists, or your new feature included in this PR)
-- [ ] Documentation Updates
+- [ ] Tests (you added tests for code that already exists, or your new feature included in this PR)
+- [ ] Documentation update
+- [ ] Chore (no impact to binary, e.g. `.gitignore`, formatting, dropping support for older tooling)
 - [ ] Release
 
+### API Impact
+
+<!--
+Please check [x] relevant options, delete irrelevant ones.
+
+* If there is any impact to the public API methods (HTTP / WebSocket), please update https://github.com/xrplf/rippled/blob/develop/API-CHANGELOG.md
+  * Update API-CHANGELOG.md and add the change directly in this PR by pushing to your PR branch.
+* libxrpl: See https://github.com/XRPLF/rippled/blob/develop/docs/build/depend.md
+* Peer Protocol: See https://xrpl.org/peer-protocol.html
+-->
+
+- [ ] Public API: New feature (new methods and/or new fields)
+- [ ] Public API: Breaking change (in general, breaking changes should only impact the next api_version)
+- [ ] `libxrpl` change (any change that may affect `libxrpl` or dependents of `libxrpl`)
+- [ ] Peer protocol change (must be backward compatible or bump the peer protocol version)
+
 <!--
 ## Before / After
 If relevant, use this section for an English description of the change at a technical level.
@@ -52,4 +69,4 @@ This section may not be needed if your change includes thoroughly commented unit
 <!--
 ## Future Tasks
 For future tasks related to PR.
--->
+-->

.github/workflows/build-in-docker.yml

@@ -2,34 +2,104 @@ name: Build using Docker
 
 on:
   push:
-    branches: [ "dev", "test", "release" ]
+    branches: ["dev", "candidate", "release", "jshooks"]
   pull_request:
-    branches: [ "dev", "release" ]
+    branches: ["dev", "candidate", "release", "jshooks"]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  DEBUG_BUILD_CONTAINERS_AFTER_CLEANUP: 1
 
 jobs:
-  builder:
+  checkout:
     runs-on: [self-hosted, vanity]
+    outputs:
+      checkout_path: ${{ steps.vars.outputs.checkout_path }}
     steps:
-    - uses: actions/checkout@v3
-      with:
-        clean: false
-    - name: Build using Docker
-      run: /bin/bash release-builder.sh
-      
-  unittests:
-    needs: builder
-    runs-on: [self-hosted, vanity]
-    steps:
-    - name: Unit tests
-      run: /bin/bash docker-unit-tests.sh
+      - name: Prepare checkout path
+        id: vars
+        run: |
+          SAFE_BRANCH=$(echo "${{ github.ref_name }}" | sed -e 's/[^a-zA-Z0-9._-]/-/g')
+          CHECKOUT_PATH="${SAFE_BRANCH}-${{ github.sha }}"
+          echo "checkout_path=${CHECKOUT_PATH}" >> "$GITHUB_OUTPUT"
 
-#  publisher:
-#    needs: builder
-#    runs-on: [self-hosted, vanity]
-#    steps:
-#    - uses: actions/upload-artifact@v3
-#      with:
-#        name: build-${{ github.run_number }}
-#        path: |
-#          release-build/xahaud
-#          release-build/release.info
+      - uses: actions/checkout@v4
+        with:
+          path: ${{ steps.vars.outputs.checkout_path }}
+          clean: true
+          fetch-depth: 2 # Only get the last 2 commits, to avoid fetching all history
+
+  checkpatterns:
+    runs-on: [self-hosted, vanity]
+    needs: checkout
+    defaults:
+      run:
+        working-directory: ${{ needs.checkout.outputs.checkout_path }}
+    steps:
+      - name: Check for suspicious patterns
+        run: /bin/bash suspicious_patterns.sh
+
+  build:
+    runs-on: [self-hosted, vanity]
+    needs: [checkpatterns, checkout]
+    defaults:
+      run:
+        working-directory: ${{ needs.checkout.outputs.checkout_path }}
+    steps:
+      - name: Set Cleanup Script Path
+        run: |
+          echo "JOB_CLEANUP_SCRIPT=$(mktemp)" >> $GITHUB_ENV
+
+      - name: Build using Docker
+        run: /bin/bash release-builder.sh
+
+      - name: Stop Container (Cleanup)
+        if: always()
+        run: |
+          echo "Running cleanup script: $JOB_CLEANUP_SCRIPT"
+          /bin/bash -e -x "$JOB_CLEANUP_SCRIPT"
+          CLEANUP_EXIT_CODE=$?
+
+          if [[ "$CLEANUP_EXIT_CODE" -eq 0 ]]; then
+            echo "Cleanup script succeeded."
+            rm -f "$JOB_CLEANUP_SCRIPT"
+            echo "Cleanup script removed."
+          else
+            echo "⚠️ Cleanup script failed! Keeping for debugging: $JOB_CLEANUP_SCRIPT"
+          fi
+
+          if [[ "${DEBUG_BUILD_CONTAINERS_AFTER_CLEANUP}" == "1" ]]; then
+            echo "🔍 Checking for leftover containers..."
+            BUILD_CONTAINERS=$(docker ps --format '{{.Names}}' | grep '^xahaud_cached_builder' || echo "")
+
+            if [[ -n "$BUILD_CONTAINERS" ]]; then
+              echo "⚠️ WARNING: Some build containers are still running"
+              echo "$BUILD_CONTAINERS"
+            else
+              echo "✅ No build containers found"
+            fi
+          fi
+
+  tests:
+    runs-on: [self-hosted, vanity]
+    needs: [build, checkout]
+    defaults:
+      run:
+        working-directory: ${{ needs.checkout.outputs.checkout_path }}
+    steps:
+      - name: Unit tests
+        run: /bin/bash docker-unit-tests.sh
+
+  cleanup:
+    runs-on: [self-hosted, vanity]
+    needs: [tests, checkout]
+    if: always()
+    steps:
+      - name: Cleanup workspace
+        run: |
+          CHECKOUT_PATH="${{ needs.checkout.outputs.checkout_path }}"
+          echo "Cleaning workspace for ${CHECKOUT_PATH}"
+          rm -rf "${{ github.workspace }}/${CHECKOUT_PATH}"

.github/workflows/clang-format.yml

@@ -4,21 +4,32 @@ on: [push, pull_request]
 
 jobs:
   check:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     env:
       CLANG_VERSION: 10
     steps:
-    - uses: actions/checkout@v2
-    - name: Install clang-format
+    - uses: actions/checkout@v3
+    # - name: Install clang-format
+    #   run: |
+    #     codename=$( lsb_release --codename --short )
+    #     sudo tee /etc/apt/sources.list.d/llvm.list >/dev/null <<EOF
+    #     deb http://apt.llvm.org/${codename}/ llvm-toolchain-${codename}-${CLANG_VERSION} main
+    #     deb-src http://apt.llvm.org/${codename}/ llvm-toolchain-${codename}-${CLANG_VERSION} main
+    #     EOF
+    #     wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add
+    #     sudo apt-get update -y
+    #     sudo apt-get install -y clang-format-${CLANG_VERSION}
+
+    # Temporary fix until this commit is merged
+    # https://github.com/XRPLF/rippled/commit/552377c76f55b403a1c876df873a23d780fcc81c
+    - name: Download and install clang-format
       run: |
-        codename=$( lsb_release --codename --short )
-        sudo tee /etc/apt/sources.list.d/llvm.list >/dev/null <<EOF
-        deb http://apt.llvm.org/${codename}/ llvm-toolchain-${codename}-${CLANG_VERSION} main
-        deb-src http://apt.llvm.org/${codename}/ llvm-toolchain-${codename}-${CLANG_VERSION} main
-        EOF
-        wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add
-        sudo apt-get update
-        sudo apt-get install clang-format-${CLANG_VERSION}
+        sudo apt-get update -y
+        sudo apt-get install -y libtinfo5
+        curl -LO https://github.com/llvm/llvm-project/releases/download/llvmorg-10.0.1/clang+llvm-10.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz
+        tar -xf clang+llvm-10.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz
+        sudo mv clang+llvm-10.0.1-x86_64-linux-gnu-ubuntu-16.04 /opt/clang-10
+        sudo ln -s /opt/clang-10/bin/clang-format /usr/local/bin/clang-format-10
     - name: Format src/ripple
       run: find src/ripple -type f \( -name '*.cpp' -o -name '*.h' -o -name '*.ipp' \) -print0 | xargs -0 clang-format-${CLANG_VERSION} -i
     - name: Format src/test
@@ -30,7 +41,7 @@ jobs:
         git diff --exit-code | tee "clang-format.patch"
     - name: Upload patch
       if: failure() && steps.assert.outcome == 'failure'
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@v4
       continue-on-error: true
       with:
         name: clang-format.patch
@@ -52,7 +63,7 @@ jobs:
           To fix it, you can do one of two things:
           1. Download and apply the patch generated as an artifact of this
              job to your repo, commit, and push.
-          2. Run 'git-clang-format --extensions c,cpp,h,cxx,ipp develop'
+          2. Run 'git-clang-format --extensions c,cpp,h,cxx,ipp dev'
              in your repo, commit, and push.
       run: |
         echo "${PREAMBLE}"

.github/workflows/doxygen.yml

@@ -1,25 +0,0 @@
-name: Build and publish Doxygen documentation
-on:
-  push:
-    branches:
-      - develop
-
-jobs:
-  job:
-    runs-on: ubuntu-latest
-    container:
-      image: docker://rippleci/rippled-ci-builder:2944b78d22db
-    steps:
-      - name: checkout
-        uses: actions/checkout@v2
-      - name: build
-        run: |
-          mkdir build
-          cd build
-          cmake -DBoost_NO_BOOST_CMAKE=ON ..
-          cmake --build . --target docs --parallel $(nproc)
-      - name: publish
-        uses: peaceiris/actions-gh-pages@v3
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          publish_dir: build/docs/html

.github/workflows/levelization.yml

@@ -8,7 +8,7 @@ jobs:
     env:
       CLANG_VERSION: 10
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Check levelization
       run: Builds/levelization/levelization.sh
     - name: Check for differences
@@ -18,7 +18,7 @@ jobs:
         git diff --exit-code | tee "levelization.patch"
     - name: Upload patch
       if: failure() && steps.assert.outcome == 'failure'
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@v4
       continue-on-error: true
       with:
         name: levelization.patch

.github/workflows/xahau-ga-macos.yml

@@ -0,0 +1,116 @@
+name: MacOS - GA Runner
+
+on:
+  push:
+    branches: ["dev", "candidate", "release"]
+  pull_request:
+    branches: ["dev", "candidate", "release"]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        generator:
+          - Ninja
+        configuration:
+          - Debug
+    runs-on: macos-15
+    env:
+      build_dir: .build
+      # Bump this number to invalidate all caches globally.
+      CACHE_VERSION: 1
+      MAIN_BRANCH_NAME: dev
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install Conan
+        run: |
+          brew install conan@1
+          # Add Conan 1 to the PATH for this job
+          echo "$(brew --prefix conan@1)/bin" >> $GITHUB_PATH
+
+      - name: Install Coreutils
+        run: |
+          brew install coreutils
+          echo "Num proc: $(nproc)"
+
+      - name: Install Ninja
+        if: matrix.generator == 'Ninja'
+        run: brew install ninja
+
+      - name: Install Python
+        run: |
+          if which python3 > /dev/null 2>&1; then
+              echo "Python 3 executable exists"
+              python3 --version
+          else
+              brew install python@3.12
+          fi
+          # Create 'python' symlink if it doesn't exist (for tools expecting 'python')
+          if ! which python > /dev/null 2>&1; then
+              sudo ln -sf $(which python3) /usr/local/bin/python
+          fi
+
+      - name: Install CMake
+        run: |
+          if which cmake > /dev/null 2>&1; then
+              echo "cmake executable exists"
+              cmake --version
+          else
+              brew install cmake
+          fi
+
+      - name: Install ccache
+        run: brew install ccache
+
+      - name: Configure ccache
+        uses: ./.github/actions/xahau-configure-ccache
+        with:
+          max_size: 2G
+          hash_dir: true
+          compiler_check: content
+
+      - name: Check environment
+        run: |
+          echo "PATH:"
+          echo "${PATH}" | tr ':' '\n'
+          which python && python --version || echo "Python not found"
+          which conan && conan --version || echo "Conan not found"
+          which cmake && cmake --version || echo "CMake not found"
+          clang --version
+          ccache --version
+          echo "---- Full Environment ----"
+          env
+
+      - name: Configure Conan
+        run: |
+          conan profile new default --detect || true # Ignore error if profile exists
+          conan profile update settings.compiler.cppstd=20 default
+
+      - name: Install dependencies
+        uses: ./.github/actions/xahau-ga-dependencies
+        with:
+          configuration: ${{ matrix.configuration }}
+          build_dir: ${{ env.build_dir }}
+          compiler-id: clang
+          cache_version: ${{ env.CACHE_VERSION }}
+          main_branch: ${{ env.MAIN_BRANCH_NAME }}
+
+      - name: Build
+        uses: ./.github/actions/xahau-ga-build
+        with:
+          generator: ${{ matrix.generator }}
+          configuration: ${{ matrix.configuration }}
+          build_dir: ${{ env.build_dir }}
+          compiler-id: clang
+          cache_version: ${{ env.CACHE_VERSION }}
+          main_branch: ${{ env.MAIN_BRANCH_NAME }}
+
+      - name: Test
+        run: |
+          ${{ env.build_dir }}/rippled --unittest --unittest-jobs $(nproc)

.github/workflows/xahau-ga-nix.yml

@@ -0,0 +1,123 @@
+name: Nix - GA Runner
+
+on:
+  push:
+    branches: ["dev", "candidate", "release"]
+  pull_request:
+    branches: ["dev", "candidate", "release"]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build-job:
+    runs-on: ubuntu-latest
+    outputs:
+      artifact_name: ${{ steps.set-artifact-name.outputs.artifact_name }}
+    strategy:
+      fail-fast: false
+      matrix:
+        compiler: [gcc]
+        configuration: [Debug]
+        include:
+          - compiler: gcc
+            cc: gcc-11
+            cxx: g++-11
+            compiler_id: gcc-11
+    env:
+      build_dir: .build
+      # Bump this number to invalidate all caches globally.
+      CACHE_VERSION: 1
+      MAIN_BRANCH_NAME: dev
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install build dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y ninja-build ${{ matrix.cc }} ${{ matrix.cxx }} ccache
+          # Install specific Conan version needed
+          pip install --upgrade "conan<2"
+
+      - name: Configure ccache
+        uses: ./.github/actions/xahau-configure-ccache
+        with:
+          max_size: 2G
+          hash_dir: true
+          compiler_check: content
+
+      - name: Configure Conan
+        run: |
+          conan profile new default --detect || true # Ignore error if profile exists
+          conan profile update settings.compiler.cppstd=20 default
+          conan profile update settings.compiler=${{ matrix.compiler }} default
+          conan profile update settings.compiler.libcxx=libstdc++11 default
+          conan profile update env.CC=/usr/bin/${{ matrix.cc }} default
+          conan profile update env.CXX=/usr/bin/${{ matrix.cxx }} default
+          conan profile update conf.tools.build:compiler_executables='{"c": "/usr/bin/${{ matrix.cc }}", "cpp": "/usr/bin/${{ matrix.cxx }}"}' default
+
+          # Set correct compiler version based on matrix.compiler
+          if [ "${{ matrix.compiler }}" = "gcc" ]; then
+            conan profile update settings.compiler.version=11 default
+          elif [ "${{ matrix.compiler }}" = "clang" ]; then
+            conan profile update settings.compiler.version=14 default
+          fi
+          # Display profile for verification
+          conan profile show default
+
+      - name: Check environment
+        run: |
+          echo "PATH:"
+          echo "${PATH}" | tr ':' '\n'
+          which conan && conan --version || echo "Conan not found"
+          which cmake && cmake --version || echo "CMake not found"
+          which ${{ matrix.cc }} && ${{ matrix.cc }} --version || echo "${{ matrix.cc }} not found"
+          which ${{ matrix.cxx }} && ${{ matrix.cxx }} --version || echo "${{ matrix.cxx }} not found"
+          which ccache && ccache --version || echo "ccache not found"
+          echo "---- Full Environment ----"
+          env
+
+      - name: Install dependencies
+        uses: ./.github/actions/xahau-ga-dependencies
+        with:
+          configuration: ${{ matrix.configuration }}
+          build_dir: ${{ env.build_dir }}
+          compiler-id: ${{ matrix.compiler_id }}
+          cache_version: ${{ env.CACHE_VERSION }}
+          main_branch: ${{ env.MAIN_BRANCH_NAME }}
+
+      - name: Build
+        uses: ./.github/actions/xahau-ga-build
+        with:
+          generator: Ninja
+          configuration: ${{ matrix.configuration }}
+          build_dir: ${{ env.build_dir }}
+          cc: ${{ matrix.cc }}
+          cxx: ${{ matrix.cxx }}
+          compiler-id: ${{ matrix.compiler_id }}
+          cache_version: ${{ env.CACHE_VERSION }}
+          main_branch: ${{ env.MAIN_BRANCH_NAME }}
+
+      - name: Set artifact name
+        id: set-artifact-name
+        run: |
+          ARTIFACT_NAME="build-output-nix-${{ github.run_id }}-${{ matrix.compiler }}-${{ matrix.configuration }}"
+          echo "artifact_name=${ARTIFACT_NAME}" >> "$GITHUB_OUTPUT"
+          echo "Using artifact name: ${ARTIFACT_NAME}"
+
+      - name: Debug build directory
+        run: |
+          echo "Checking build directory contents: ${{ env.build_dir }}"
+          ls -la ${{ env.build_dir }} || echo "Build directory not found or empty"
+
+      - name: Run tests
+        run: |
+          # Ensure the binary exists before trying to run
+          if [ -f "${{ env.build_dir }}/rippled" ]; then
+            ${{ env.build_dir }}/rippled --unittest --unittest-jobs $(nproc)
+          else
+             echo "Error: rippled executable not found in ${{ env.build_dir }}"
+             exit 1
+          fi

.gitignore

@@ -114,3 +114,5 @@ pkg_out
 pkg
 CMakeUserPresets.json
 bld.rippled/
+
+generated

.gitlab-ci.yml

@@ -1,169 +0,0 @@
-# I don't know what the minimum size is, but we cannot build on t3.micro.
-
-# TODO: Factor common builds between different tests.
-
-# The parameters for our job matrix:
-#
-# 1. Generator (Make, Ninja, MSBuild)
-# 2. Compiler (GCC, Clang, MSVC)
-# 3. Build type (Debug, Release)
-# 4. Definitions (-Dunity=OFF, -Dassert=ON, ...)
-
-
-.job_linux_build_test:
-  only:
-    variables:
-      - $CI_PROJECT_URL =~ /^https?:\/\/gitlab.com\//
-  stage: build
-  tags:
-    - linux
-    - c5.2xlarge
-  image: thejohnfreeman/rippled-build-ubuntu:4b73694e07f0
-  script:
-    - bin/ci/build.sh
-    - bin/ci/test.sh
-  cache:
-    # Use a different key for each unique combination of (generator, compiler,
-    # build type). Caches are stored as `.zip` files; they are not merged.
-    # Generate a new key whenever you want to bust the cache, e.g. when the
-    # dependency versions have been bumped.
-    # By default, jobs pull the cache. Only a few specially chosen jobs update
-    # the cache (with policy `pull-push`); one for each unique combination of
-    # (generator, compiler, build type).
-    policy: pull
-    paths:
-      - .nih_c/
-
-'build+test Make GCC Debug':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Unix Makefiles
-    COMPILER: gcc
-    BUILD_TYPE: Debug
-  cache:
-    key: 62ada41c-fc9e-4949-9533-736d4d6512b6
-    policy: pull-push
-
-'build+test Ninja GCC Debug':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: gcc
-    BUILD_TYPE: Debug
-  cache:
-    key: 1665d3eb-6233-4eef-9f57-172636899faa
-    policy: pull-push
-
-'build+test Ninja GCC Debug -Dstatic=OFF':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: gcc
-    BUILD_TYPE: Debug
-    CMAKE_ARGS: '-Dstatic=OFF'
-  cache:
-    key: 1665d3eb-6233-4eef-9f57-172636899faa
-
-'build+test Ninja GCC Debug -Dstatic=OFF -DBUILD_SHARED_LIBS=ON':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: gcc
-    BUILD_TYPE: Debug
-    CMAKE_ARGS: '-Dstatic=OFF -DBUILD_SHARED_LIBS=ON'
-  cache:
-    key: 1665d3eb-6233-4eef-9f57-172636899faa
-
-'build+test Ninja GCC Debug -Dunity=OFF':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: gcc
-    BUILD_TYPE: Debug
-    CMAKE_ARGS: '-Dunity=OFF'
-  cache:
-    key: 1665d3eb-6233-4eef-9f57-172636899faa
-
-'build+test Ninja GCC Release -Dassert=ON':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: gcc
-    BUILD_TYPE: Release
-    CMAKE_ARGS: '-Dassert=ON'
-  cache:
-    key: c45ec125-9625-4c19-acf7-4e889d5f90bd
-    policy: pull-push
-
-'build+test(manual) Ninja GCC Release -Dassert=ON':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: gcc
-    BUILD_TYPE: Release
-    CMAKE_ARGS: '-Dassert=ON'
-    MANUAL_TEST: 'true'
-  cache:
-    key: c45ec125-9625-4c19-acf7-4e889d5f90bd
-
-'build+test Make clang Debug':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Unix Makefiles
-    COMPILER: clang
-    BUILD_TYPE: Debug
-  cache:
-    key: bf578dc2-5277-4580-8de5-6b9523118b19
-    policy: pull-push
-
-'build+test Ninja clang Debug':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: clang
-    BUILD_TYPE: Debug
-  cache:
-    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
-    policy: pull-push
-
-'build+test Ninja clang Debug -Dunity=OFF':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: clang
-    BUILD_TYPE: Debug
-    CMAKE_ARGS: '-Dunity=OFF'
-  cache:
-    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
-
-'build+test Ninja clang Debug -Dunity=OFF -Dsan=address':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: clang
-    BUILD_TYPE: Debug
-    CMAKE_ARGS: '-Dunity=OFF -Dsan=address'
-    CONCURRENT_TESTS: 1
-  cache:
-    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
-
-'build+test Ninja clang Debug -Dunity=OFF -Dsan=undefined':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: clang
-    BUILD_TYPE: Debug
-    CMAKE_ARGS: '-Dunity=OFF -Dsan=undefined'
-  cache:
-    key: 762514c5-3d4c-4c7c-8da2-2df9d8839cbe
-
-'build+test Ninja clang Release -Dassert=ON':
-  extends: .job_linux_build_test
-  variables:
-    GENERATOR: Ninja
-    COMPILER: clang
-    BUILD_TYPE: Release
-    CMAKE_ARGS: '-Dassert=ON'
-  cache:
-    key: 7751be37-2358-4f08-b1d0-7e72e0ad266d
-    policy: pull-push

.pre-commit-config.yaml

@@ -0,0 +1,6 @@
+# .pre-commit-config.yaml
+repos:
+- repo: https://github.com/pre-commit/mirrors-clang-format
+  rev: v10.0.1
+  hooks:
+  - id: clang-format

.travis.yml

@@ -1,460 +0,0 @@
-# There is a known issue where Travis will have trouble fetching the cache,
-# particularly on non-linux builds. Try restarting the individual build
-# (probably will not be necessary in the "windep" stages) if the end of the
-# log looks like:
-#
-#---------------------------------------
-# attempting to download cache archive
-# fetching travisorder/cache--windows-1809-containers-f2bf1c76c7fb4095c897a4999bd7c9b3fb830414dfe91f33d665443b52416d39--compiler-gpp.tgz
-# found cache
-# adding C:/Users/travis/_cache to cache
-# creating directory C:/Users/travis/_cache
-# No output has been received in the last 10m0s, this potentially indicates a stalled build or something wrong with the build itself.
-# Check the details on how to adjust your build configuration on: https://docs.travis-ci.com/user/common-build-problems/#build-times-out-because-no-output-was-received
-# The build has been terminated
-#---------------------------------------
-
-language: cpp
-dist: bionic
-
-services:
-  - docker
-
-stages:
-  - windep-vcpkg
-  - windep-boost
-  - build
-
-env:
-  global:
-    - DOCKER_IMAGE="rippleci/rippled-ci-builder:2020-01-08"
-    - CMAKE_EXTRA_ARGS="-Dwerr=ON -Dwextra=ON"
-    - NINJA_BUILD=true
-    # change this if we get more VM capacity
-    - MAX_TIME_MIN=80
-    - CACHE_DIR=${TRAVIS_HOME}/_cache
-    - NIH_CACHE_ROOT=${CACHE_DIR}/nih_c
-    - PARALLEL_TESTS=true
-    # this is NOT used by linux container based builds (which already have boost installed)
-    - BOOST_URL='https://boostorg.jfrog.io/artifactory/main/release/1.75.0/source/boost_1_75_0.tar.gz'
-    # Alternate dowload location
-    - BOOST_URL2='https://downloads.sourceforge.net/project/boost/boost/1.75.0/boost_1_75_0.tar.bz2?r=&ts=1594393912&use_mirror=newcontinuum'
-    # Travis downloader doesn't seem to have updated certs. Using this option
-    # introduces obvious security risks, but they're Travis's risks.
-    # Note that this option is only used if the "normal" build fails.
-    - BOOST_WGET_OPTIONS='--no-check-certificate'
-    - VCPKG_DIR=${CACHE_DIR}/vcpkg
-    - USE_CCACHE=true
-    - CCACHE_BASEDIR=${TRAVIS_HOME}"
-    - CCACHE_NOHASHDIR=true
-    - CCACHE_DIR=${CACHE_DIR}/ccache
-
-before_install:
-  - export NUM_PROCESSORS=$(nproc)
-  - echo "NUM PROC is ${NUM_PROCESSORS}"
-  - if [ "$(uname)" = "Linux" ] ; then docker pull ${DOCKER_IMAGE}; fi
-  - if [ "${MATRIX_EVAL}" != "" ] ; then eval "${MATRIX_EVAL}"; fi
-  - if [ "${CMAKE_ADD}" != "" ] ; then export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} ${CMAKE_ADD}"; fi
-  - bin/ci/ubuntu/travis-cache-start.sh
-
-matrix:
-  fast_finish: true
-  allow_failures:
-    # TODO these need more investigation
-    #
-    # there are a number of UBs caught currently that need triage
-    - name: ubsan, clang-8
-    # this one often runs out of memory:
-    - name: manual tests, gcc-8, release
-    # The Windows build may fail if any of the dependencies fail, but
-    # allow the rest of the builds to continue. They may succeed if the
-    # dependency is already cached. These do not need to be retried if
-    # _any_ of the Windows builds succeed.
-    - stage: windep-vcpkg
-    - stage: windep-boost
-
-  # https://docs.travis-ci.com/user/build-config-yaml#usage-of-yaml-anchors-and-aliases
-  include:
-    # debug builds
-    - &linux
-      stage: build
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/
-      compiler: gcc-8
-      name: gcc-8, debug
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-      script:
-        - sudo chmod -R a+rw ${CACHE_DIR}
-        - ccache -s
-        - travis_wait ${MAX_TIME_MIN} bin/ci/ubuntu/build-in-docker.sh
-        - ccache -s
-    - <<: *linux
-      compiler: clang-8
-      name: clang-8, debug
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Debug
-    - <<: *linux
-      compiler: clang-8
-      name: reporting, clang-8, debug
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dreporting=ON"
-    # coverage builds
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_cov/
-      compiler: gcc-8
-      name: coverage, gcc-8
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dcoverage=ON"
-        - TARGET=coverage_report
-        - SKIP_TESTS=true
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_cov/
-      compiler: clang-8
-      name: coverage, clang-8
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dcoverage=ON"
-        - TARGET=coverage_report
-        - SKIP_TESTS=true
-    # test-free builds
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/
-      compiler: gcc-8
-      name: no-tests-unity, gcc-8
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dtests=OFF"
-        - SKIP_TESTS=true
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/
-      compiler: clang-8
-      name: no-tests-non-unity, clang-8
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dtests=OFF -Dunity=OFF"
-        - SKIP_TESTS=true
-    # nounity
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_nounity/
-      compiler: gcc-8
-      name: non-unity, gcc-8
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dunity=OFF"
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_nounity/
-      compiler: clang-8
-      name: non-unity, clang-8
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dunity=OFF"
-    # manual tests
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_man/
-      compiler: gcc-8
-      name: manual tests, gcc-8, debug
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - MANUAL_TESTS=true
-    # manual tests
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_man/
-      compiler: gcc-8
-      name: manual tests, gcc-8, release
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Release
-        - CMAKE_ADD="-Dassert=ON -Dunity=OFF"
-        - MANUAL_TESTS=true
-    # release builds
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_release/
-      compiler: gcc-8
-      name: gcc-8, release
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Release
-        - CMAKE_ADD="-Dassert=ON -Dunity=OFF"
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_release/
-      compiler: clang-8
-      name: clang-8, release
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Release
-        - CMAKE_ADD="-Dassert=ON"
-    # asan
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_san/
-      compiler: clang-8
-      name: asan, clang-8
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Release
-        - CMAKE_ADD="-Dsan=address"
-        - ASAN_OPTIONS="print_stats=true:atexit=true"
-        #- LSAN_OPTIONS="verbosity=1:log_threads=1"
-        - PARALLEL_TESTS=false
-    # ubsan
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_san/
-      compiler: clang-8
-      name: ubsan, clang-8
-      env:
-        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-        - BUILD_TYPE=Release
-        - CMAKE_ADD="-Dsan=undefined"
-        # once we can run clean under ubsan, add halt_on_error=1 to options below
-        - UBSAN_OPTIONS="print_stacktrace=1:report_error_type=1"
-        - PARALLEL_TESTS=false
-    # tsan
-    # current tsan failure *might* be related to:
-    # https://github.com/google/sanitizers/issues/1104
-    #  but we can't get it to run, so leave it disabled for now
-    #    - <<: *linux
-    #      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_linux/ OR commit_message =~ /travis_run_san/
-    #      compiler: clang-8
-    #      name: tsan, clang-8
-    #      env:
-    #        - MATRIX_EVAL="CC=clang-8 && CXX=clang++-8"
-    #        - BUILD_TYPE=Release
-    #        - CMAKE_ADD="-Dsan=thread"
-    #        - TSAN_OPTIONS="history_size=3 external_symbolizer_path=/usr/bin/llvm-symbolizer verbosity=1"
-    #        - PARALLEL_TESTS=false
-    # dynamic lib builds
-    - <<: *linux
-      compiler: gcc-8
-      name: non-static, gcc-8
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dstatic=OFF"
-    - <<: *linux
-      compiler: gcc-8
-      name: non-static + BUILD_SHARED_LIBS, gcc-8
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dstatic=OFF -DBUILD_SHARED_LIBS=ON"
-    # makefile
-    - <<: *linux
-      compiler: gcc-8
-      name: makefile generator, gcc-8
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - NINJA_BUILD=false
-    # misc alternative compilers
-    - <<: *linux
-      compiler: gcc-9
-      name: gcc-9
-      env:
-        - MATRIX_EVAL="CC=gcc-9 && CXX=g++-9"
-        - BUILD_TYPE=Debug
-    - <<: *linux
-      compiler: clang-9
-      name: clang-9, debug
-      env:
-        - MATRIX_EVAL="CC=clang-9 && CXX=clang++-9"
-        - BUILD_TYPE=Debug
-    - <<: *linux
-      compiler: clang-9
-      name: clang-9, release
-      env:
-        - MATRIX_EVAL="CC=clang-9 && CXX=clang++-9"
-        - BUILD_TYPE=Release
-    # verify build with min version of cmake
-    - <<: *linux
-      compiler: gcc-8
-      name: min cmake version
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_EXE=/opt/local/cmake/bin/cmake
-        - SKIP_TESTS=true
-    # validator keys project as subproj of rippled
-    - <<: *linux
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_vkeys/
-      compiler: gcc-8
-      name: validator-keys
-      env:
-        - MATRIX_EVAL="CC=gcc-8 && CXX=g++-8"
-        - BUILD_TYPE=Debug
-        - CMAKE_ADD="-Dvalidator_keys=ON"
-        - TARGET=validator-keys
-    # macos
-    - &macos
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_mac/
-      stage: build
-      os: osx
-      osx_image: xcode13.1
-      name: xcode13.1, debug
-      env:
-        # put NIH in non-cache location since it seems to
-        # cause failures when homebrew updates
-        - NIH_CACHE_ROOT=${TRAVIS_BUILD_DIR}/nih_c
-        - BLD_CONFIG=Debug
-        - TEST_EXTRA_ARGS=""
-        - BOOST_ROOT=${CACHE_DIR}/boost_1_75_0
-        - >-
-          CMAKE_ADD="
-          -DBOOST_ROOT=${BOOST_ROOT}/_INSTALLED_
-          -DBoost_ARCHITECTURE=-x64
-          -DBoost_NO_SYSTEM_PATHS=ON
-          -DCMAKE_VERBOSE_MAKEFILE=ON"
-      addons:
-        homebrew:
-          packages:
-            - protobuf
-            - grpc
-            - pkg-config
-            - bash
-            - ninja
-            - cmake
-            - wget
-            - zstd
-            - libarchive
-            - openssl@1.1
-          update: true
-      install:
-        - export OPENSSL_ROOT=$(brew --prefix openssl@1.1)
-        - travis_wait ${MAX_TIME_MIN} Builds/containers/shared/install_boost.sh
-        - brew uninstall --ignore-dependencies boost
-      script:
-        - mkdir -p build.macos && cd build.macos
-        - cmake -G Ninja ${CMAKE_EXTRA_ARGS} -DCMAKE_BUILD_TYPE=${BLD_CONFIG} ..
-        - travis_wait ${MAX_TIME_MIN} cmake --build . --parallel --verbose
-        - ./rippled --unittest --quiet --unittest-log --unittest-jobs ${NUM_PROCESSORS} ${TEST_EXTRA_ARGS}
-    - <<: *macos
-      name: xcode13.1, release
-      before_script:
-        - export BLD_CONFIG=Release
-        - export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} -Dassert=ON"
-    - <<: *macos
-      name: ipv6 (macos)
-      before_script:
-        - export TEST_EXTRA_ARGS="--unittest-ipv6"
-    - <<: *macos
-      osx_image: xcode13.1
-      name: xcode13.1, debug
-    # windows
-    - &windows
-      if: commit_message !~ /travis_run_/ OR commit_message =~ /travis_run_win/
-      os: windows
-      env:
-        # put NIH in a non-cached location until
-        # we come up with a way to stabilize that
-        # cache on windows (minimize incremental changes)
-        - CACHE_NAME=win_01
-        - NIH_CACHE_ROOT=${TRAVIS_BUILD_DIR}/nih_c
-        - VCPKG_DEFAULT_TRIPLET="x64-windows-static"
-        - MATRIX_EVAL="CC=cl.exe && CXX=cl.exe"
-        - BOOST_ROOT=${CACHE_DIR}/boost_1_75
-        - >-
-          CMAKE_ADD="
-          -DCMAKE_PREFIX_PATH=${BOOST_ROOT}/_INSTALLED_
-          -DBOOST_ROOT=${BOOST_ROOT}/_INSTALLED_
-          -DBoost_ROOT=${BOOST_ROOT}/_INSTALLED_
-          -DBoost_DIR=${BOOST_ROOT}/_INSTALLED_/lib/cmake/Boost-1.75.0
-          -DBoost_COMPILER=vc141
-          -DCMAKE_VERBOSE_MAKEFILE=ON
-          -DCMAKE_TOOLCHAIN_FILE=${VCPKG_DIR}/scripts/buildsystems/vcpkg.cmake
-          -DVCPKG_TARGET_TRIPLET=x64-windows-static"
-      stage: windep-vcpkg
-      name: prereq-vcpkg
-      install:
-        - choco upgrade cmake.install
-        - choco install ninja visualstudio2017-workload-vctools -y
-      script:
-        - df -h
-        - env
-        - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh openssl
-        - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh grpc
-        - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh libarchive[lz4]
-        # TBD consider rocksdb via vcpkg if/when we can build with the
-        # vcpkg version
-        # - travis_wait ${MAX_TIME_MIN} bin/sh/install-vcpkg.sh rocksdb[snappy,lz4,zlib]
-    - <<: *windows
-      stage: windep-boost
-      name: prereq-keep-boost
-      install:
-        - choco upgrade cmake.install
-        - choco install ninja visualstudio2017-workload-vctools -y
-        - choco install visualstudio2019buildtools visualstudio2019community visualstudio2019-workload-vctools -y
-      script:
-        - export BOOST_TOOLSET=msvc-14.1
-        - travis_wait ${MAX_TIME_MIN} Builds/containers/shared/install_boost.sh
-    - &windows-bld
-      <<: *windows
-      stage: build
-      name: windows, debug
-      before_script:
-        - export BLD_CONFIG=Debug
-      script:
-        - df -h
-        - . ./bin/sh/setup-msvc.sh
-        - mkdir -p build.ms && cd build.ms
-        - cmake -G Ninja ${CMAKE_EXTRA_ARGS} -DCMAKE_BUILD_TYPE=${BLD_CONFIG} ..
-        - travis_wait ${MAX_TIME_MIN} cmake --build . --parallel --verbose
-        # override num procs to force fewer unit test jobs
-        - export NUM_PROCESSORS=2
-        - travis_wait ${MAX_TIME_MIN} ./rippled.exe --unittest --quiet --unittest-log --unittest-jobs ${NUM_PROCESSORS}
-    - <<: *windows-bld
-      name: windows, release
-      before_script:
-        - export BLD_CONFIG=Release
-    - <<: *windows-bld
-      name: windows, visual studio, debug
-      script:
-        - mkdir -p build.ms && cd build.ms
-        - export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} -DCMAKE_GENERATOR_TOOLSET=host=x64"
-        - cmake -G "Visual Studio 15 2017 Win64" ${CMAKE_EXTRA_ARGS} ..
-        - export DESTDIR=${PWD}/_installed_
-        - travis_wait ${MAX_TIME_MIN} cmake --build . --parallel --verbose --config ${BLD_CONFIG} --target install
-        # override num procs to force fewer unit test jobs
-        - export NUM_PROCESSORS=2
-        - >-
-          travis_wait ${MAX_TIME_MIN} "./_installed_/Program Files/rippled/bin/rippled.exe" --unittest --quiet --unittest-log --unittest-jobs ${NUM_PROCESSORS}
-    - <<: *windows-bld
-      name: windows, vc2019
-      install:
-        - choco upgrade cmake.install
-        - choco install ninja -y
-        - choco install visualstudio2019buildtools visualstudio2019community visualstudio2019-workload-vctools -y
-      before_script:
-        - export BLD_CONFIG=Release
-        # we want to use the boost build from cache, which was built using the
-        # vs2017 compiler so we need to specify the Boost_COMPILER. BUT, we
-        # can't use the cmake config files generated by boost b/c they are
-        # broken for Boost_COMPILER override, so we need to specify both
-        # Boost_NO_BOOST_CMAKE and a slightly different Boost_COMPILER string
-        # to make the legacy find module work for us. If the cmake configs are
-        # fixed in the future, it should be possible to remove these
-        # workarounds.
-        - export CMAKE_EXTRA_ARGS="${CMAKE_EXTRA_ARGS} -DBoost_NO_BOOST_CMAKE=ON -DBoost_COMPILER=-vc141"
-
-before_cache:
-  - if [ $(uname) = "Linux" ] ; then SUDO="sudo"; else SUDO=""; fi
-  - cd ${TRAVIS_HOME}
-  - if [ -f cache_ignore.tar ] ; then $SUDO tar xvf cache_ignore.tar; fi
-  - cd ${TRAVIS_BUILD_DIR}
-
-cache:
-  timeout: 900
-  directories:
-    - $CACHE_DIR
-
-notifications:
-  email: false

.vscode/settings.json

@@ -1,13 +1,13 @@
 {
   "C_Cpp.formatting": "clangFormat",
-  "C_Cpp.clang_format_path": "/Users/dustedfloor/projects/transia-rnd/rippled-icv2/.clang-format",
+  "C_Cpp.clang_format_path": ".clang-format",
   "C_Cpp.clang_format_fallbackStyle": "{ ColumnLimit: 0 }",
   "[cpp]":{
-    "editor.wordBasedSuggestions": false,
+    "editor.wordBasedSuggestions": "off",
     "editor.suggest.insertMode": "replace",
     "editor.semanticHighlighting.enabled": true,
     "editor.tabSize": 4,
     "editor.defaultFormatter": "xaver.clang-format",
     "editor.formatOnSave": false
   }
-}
+}

BUILD.md

@@ -0,0 +1,442 @@
+> These instructions assume you have a C++ development environment ready
+> with Git, Python, Conan, CMake, and a C++ compiler. For help setting one up
+> on Linux, macOS, or Windows, see [our guide](./docs/build/environment.md).
+>
+> These instructions also assume a basic familiarity with Conan and CMake.
+> If you are unfamiliar with Conan,
+> you can read our [crash course](./docs/build/conan.md)
+> or the official [Getting Started][3] walkthrough.
+
+## Branches
+
+For a stable release, choose the `master` branch or one of the [tagged
+releases](https://github.com/ripple/rippled/releases).
+
+```
+git checkout master
+```
+
+For the latest release candidate, choose the `release` branch.
+
+```
+git checkout release
+```
+
+For the latest set of untested features, or to contribute, choose the `develop`
+branch.
+
+```
+git checkout develop
+```
+
+
+## Minimum Requirements
+
+- [Python 3.7](https://www.python.org/downloads/)
+- [Conan 1.55](https://conan.io/downloads.html)
+- [CMake 3.16](https://cmake.org/download/)
+
+`rippled` is written in the C++20 dialect and includes the `<concepts>` header.
+The [minimum compiler versions][2] required are:
+
+| Compiler    | Version |
+|-------------|---------|
+| GCC         | 10      |
+| Clang       | 13      |
+| Apple Clang | 13.1.6  |
+| MSVC        | 19.23   |
+
+We don't recommend Windows for `rippled` production at this time. As of
+January 2023, Ubuntu has the highest level of quality assurance, testing,
+and support.
+
+Windows developers should use Visual Studio 2019. `rippled` isn't
+compatible with [Boost](https://www.boost.org/) 1.78 or 1.79, and Conan
+can't build earlier Boost versions.
+
+**Note:** 32-bit Windows development isn't supported.
+
+
+## Steps
+
+
+### Set Up Conan
+
+1. (Optional) If you've never used Conan, use autodetect to set up a default profile.
+
+   ```
+   conan profile new default --detect
+   ```
+
+2. Update the compiler settings.
+
+   ```
+   conan profile update settings.compiler.cppstd=20 default
+   ```
+
+   Linux developers will commonly have a default Conan [profile][] that compiles
+   with GCC and links with libstdc++.
+   If you are linking with libstdc++ (see profile setting `compiler.libcxx`),
+   then you will need to choose the `libstdc++11` ABI.
+
+   ```
+   conan profile update settings.compiler.libcxx=libstdc++11 default
+   ```
+
+   On Windows, you should use the x64 native build tools.
+   An easy way to do that is to run the shortcut "x64 Native Tools Command
+   Prompt" for the version of Visual Studio that you have installed.
+
+   Windows developers must also build `rippled` and its dependencies for the x64
+   architecture.
+
+   ```
+   conan profile update settings.arch=x86_64 default
+   ```
+
+3. (Optional) If you have multiple compilers installed on your platform,
+   make sure that Conan and CMake select the one you want to use.
+   This setting will set the correct variables (`CMAKE_<LANG>_COMPILER`)
+   in the generated CMake toolchain file.
+
+   ```
+   conan profile update 'conf.tools.build:compiler_executables={"c": "<path>", "cpp": "<path>"}' default
+   ```
+
+   It should choose the compiler for dependencies as well,
+   but not all of them have a Conan recipe that respects this setting (yet).
+   For the rest, you can set these environment variables:
+
+   ```
+   conan profile update env.CC=<path> default
+   conan profile update env.CXX=<path> default
+   ```
+
+4. Export our [Conan recipe for Snappy](./external/snappy).
+   It doesn't explicitly link the C++ standard library,
+   which allows you to statically link it with GCC, if you want.
+
+   ```
+   conan export external/snappy snappy/1.1.9@
+   ```
+
+5. Export our [Conan recipe for SOCI](./external/soci).
+   It patches their CMake to correctly import its dependencies.
+
+   ```
+   conan export external/soci soci/4.0.3@
+   ```
+
+### Build and Test
+
+1. Create a build directory and move into it.
+
+   ```
+   mkdir .build
+   cd .build
+   ```
+
+   You can use any directory name. Conan treats your working directory as an
+   install folder and generates files with implementation details.
+   You don't need to worry about these files, but make sure to change
+   your working directory to your build directory before calling Conan.
+
+   **Note:** You can specify a directory for the installation files by adding
+   the `install-folder` or `-if` option to every `conan install` command
+   in the next step.
+
+2. Generate CMake files for every configuration you want to build. 
+
+    ```
+    conan install .. --output-folder . --build missing --settings build_type=Release
+    conan install .. --output-folder . --build missing --settings build_type=Debug
+    ```
+
+    For a single-configuration generator, e.g. `Unix Makefiles` or `Ninja`,
+    you only need to run this command once.
+    For a multi-configuration generator, e.g. `Visual Studio`, you may want to
+    run it more than once.
+
+    Each of these commands should also have a different `build_type` setting.
+    A second command with the same `build_type` setting will overwrite the files
+    generated by the first. You can pass the build type on the command line with
+    `--settings build_type=$BUILD_TYPE` or in the profile itself,
+    under the section `[settings]` with the key `build_type`.
+    
+    If you are using a Microsoft Visual C++ compiler,
+    then you will need to ensure consistency between the `build_type` setting
+    and the `compiler.runtime` setting.
+    
+    When `build_type` is `Release`, `compiler.runtime` should be `MT`.
+    
+    When `build_type` is `Debug`, `compiler.runtime` should be `MTd`.
+
+    ```
+    conan install .. --output-folder . --build missing --settings build_type=Release --settings compiler.runtime=MT
+    conan install .. --output-folder . --build missing --settings build_type=Debug --settings compiler.runtime=MTd
+    ```
+
+3. Configure CMake and pass the toolchain file generated by Conan, located at
+   `$OUTPUT_FOLDER/build/generators/conan_toolchain.cmake`.
+
+    Single-config generators:
+    
+    ```
+    cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake -DCMAKE_BUILD_TYPE=Release ..
+    ```
+
+    Pass the CMake variable [`CMAKE_BUILD_TYPE`][build_type]
+    and make sure it matches the `build_type` setting you chose in the previous
+    step.
+
+    Multi-config gnerators:
+
+    ```
+    cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake ..
+    ```
+
+    **Note:** You can pass build options for `rippled` in this step.
+
+4. Build `rippled`.
+
+   For a single-configuration generator, it will build whatever configuration
+   you passed for `CMAKE_BUILD_TYPE`. For a multi-configuration generator,
+   you must pass the option `--config` to select the build configuration. 
+
+   Single-config generators:
+
+   ```
+   cmake --build .
+   ```
+
+   Multi-config generators:
+    
+   ```
+   cmake --build . --config Release
+   cmake --build . --config Debug
+   ```
+
+5. Test rippled.
+
+   Single-config generators:
+
+   ```
+   ./rippled --unittest
+   ```
+
+   Multi-config generators:
+
+   ```
+   ./Release/rippled --unittest
+   ./Debug/rippled --unittest
+   ```
+
+   The location of `rippled` in your build directory depends on your CMake
+   generator. Pass `--help` to see the rest of the command line options.
+
+
+## Options
+
+| Option | Default Value | Description |
+| --- | ---| ---|
+| `assert` | OFF | Enable assertions.
+| `reporting` | OFF | Build the reporting mode feature. |
+| `tests` | ON | Build tests. |
+| `unity` | ON | Configure a unity build. |
+| `san` | N/A | Enable a sanitizer with Clang. Choices are `thread` and `address`. |
+
+[Unity builds][5] may be faster for the first build
+(at the cost of much more memory) since they concatenate sources into fewer
+translation units. Non-unity builds may be faster for incremental builds,
+and can be helpful for detecting `#include` omissions.
+
+
+## Troubleshooting
+
+
+### Conan
+
+If you have trouble building dependencies after changing Conan settings,
+try removing the Conan cache.
+
+```
+rm -rf ~/.conan/data
+```
+
+
+### no std::result_of
+
+If your compiler version is recent enough to have removed `std::result_of` as
+part of C++20, e.g. Apple Clang 15.0, then you might need to add a preprocessor
+definition to your build.
+
+```
+conan profile update 'options.boost:extra_b2_flags="define=BOOST_ASIO_HAS_STD_INVOKE_RESULT"' default
+conan profile update 'env.CFLAGS="-DBOOST_ASIO_HAS_STD_INVOKE_RESULT"' default
+conan profile update 'env.CXXFLAGS="-DBOOST_ASIO_HAS_STD_INVOKE_RESULT"' default
+conan profile update 'conf.tools.build:cflags+=["-DBOOST_ASIO_HAS_STD_INVOKE_RESULT"]' default
+conan profile update 'conf.tools.build:cxxflags+=["-DBOOST_ASIO_HAS_STD_INVOKE_RESULT"]' default
+```
+
+
+### recompile with -fPIC
+
+If you get a linker error suggesting that you recompile Boost with
+position-independent code, such as:
+
+```
+/usr/bin/ld.gold: error: /home/username/.conan/data/boost/1.77.0/_/_/package/.../lib/libboost_container.a(alloc_lib.o):
+  requires unsupported dynamic reloc 11; recompile with -fPIC
+```
+
+Conan most likely downloaded a bad binary distribution of the dependency.
+This seems to be a [bug][1] in Conan just for Boost 1.77.0 compiled with GCC
+for Linux. The solution is to build the dependency locally by passing
+`--build boost` when calling `conan install`.
+
+```
+/usr/bin/ld.gold: error: /home/username/.conan/data/boost/1.77.0/_/_/package/dc8aedd23a0f0a773a5fcdcfe1ae3e89c4205978/lib/libboost_container.a(alloc_lib.o): requires unsupported dynamic reloc 11; recompile with -fPIC
+```
+
+
+## Add a Dependency
+
+If you want to experiment with a new package, follow these steps:
+
+1. Search for the package on [Conan Center](https://conan.io/center/).
+2. Modify [`conanfile.py`](./conanfile.py):
+    - Add a version of the package to the `requires` property.
+    - Change any default options for the package by adding them to the
+    `default_options` property (with syntax `'$package:$option': $value`).
+3. Modify [`CMakeLists.txt`](./CMakeLists.txt):
+    - Add a call to `find_package($package REQUIRED)`.
+    - Link a library from the package to the target `ripple_libs`
+    (search for the existing call to `target_link_libraries(ripple_libs INTERFACE ...)`).
+4. Start coding! Don't forget to include whatever headers you need from the package.
+
+
+## A crash course in CMake and Conan
+
+To better understand how to use Conan,
+we should first understand _why_ we use Conan,
+and to understand that,
+we need to understand how we use CMake.
+
+
+### CMake
+
+Technically, you don't need CMake to build this project.
+You could manually compile every translation unit into an object file,
+using the right compiler options,
+and then manually link all those objects together,
+using the right linker options.
+However, that is very tedious and error-prone,
+which is why we lean on tools like CMake.
+
+We have written CMake configuration files
+([`CMakeLists.txt`](./CMakeLists.txt) and friends)
+for this project so that CMake can be used to correctly compile and link
+all of the translation units in it.
+Or rather, CMake will generate files for a separate build system
+(e.g. Make, Ninja, Visual Studio, Xcode, etc.)
+that compile and link all of the translation units.
+Even then, CMake has parameters, some of which are platform-specific.
+In CMake's parlance, parameters are specially-named **variables** like
+[`CMAKE_BUILD_TYPE`][build_type] or
+[`CMAKE_MSVC_RUNTIME_LIBRARY`][runtime].
+Parameters include:
+
+- what build system to generate files for
+- where to find the compiler and linker
+- where to find dependencies, e.g. libraries and headers
+- how to link dependencies, e.g. any special compiler or linker flags that
+    need to be used with them, including preprocessor definitions
+- how to compile translation units, e.g. with optimizations, debug symbols,
+    position-independent code, etc.
+- on Windows, which runtime library to link with
+
+For some of these parameters, like the build system and compiler,
+CMake goes through a complicated search process to choose default values.
+For others, like the dependencies,
+_we_ had written in the CMake configuration files of this project
+our own complicated process to choose defaults.
+For most developers, things "just worked"... until they didn't, and then
+you were left trying to debug one of these complicated processes, instead of
+choosing and manually passing the parameter values yourself.
+
+You can pass every parameter to CMake on the command line,
+but writing out these parameters every time we want to configure CMake is
+a pain.
+Most humans prefer to put them into a configuration file, once, that
+CMake can read every time it is configured.
+For CMake, that file is a [toolchain file][toolchain].
+
+
+### Conan
+
+These next few paragraphs on Conan are going to read much like the ones above
+for CMake.
+
+Technically, you don't need Conan to build this project.
+You could manually download, configure, build, and install all of the
+dependencies yourself, and then pass all of the parameters necessary for
+CMake to link to those dependencies.
+To guarantee ABI compatibility, you must be sure to use the same set of
+compiler and linker options for all dependencies _and_ this project.
+However, that is very tedious and error-prone, which is why we lean on tools
+like Conan.
+
+We have written a Conan configuration file ([`conanfile.py`](./conanfile.py))
+so that Conan can be used to correctly download, configure, build, and install
+all of the dependencies for this project,
+using a single set of compiler and linker options for all of them.
+It generates files that contain almost all of the parameters that CMake
+expects.
+Those files include:
+
+- A single toolchain file.
+- For every dependency, a CMake [package configuration file][pcf],
+    [package version file][pvf], and for every build type, a package
+    targets file.
+    Together, these files implement version checking and define `IMPORTED`
+    targets for the dependencies.
+
+The toolchain file itself amends the search path
+([`CMAKE_PREFIX_PATH`][prefix_path]) so that [`find_package()`][find_package]
+will [discover][search] the generated package configuration files.
+
+**Nearly all we must do to properly configure CMake is pass the toolchain
+file.**
+What CMake parameters are left out?
+You'll still need to pick a build system generator,
+and if you choose a single-configuration generator,
+you'll need to pass the `CMAKE_BUILD_TYPE`,
+which should match the `build_type` setting you gave to Conan.
+
+Even then, Conan has parameters, some of which are platform-specific.
+In Conan's parlance, parameters are either settings or options.
+**Settings** are shared by all packages, e.g. the build type.
+**Options** are specific to a given package, e.g. whether to build and link
+OpenSSL as a shared library.
+
+For settings, Conan goes through a complicated search process to choose
+defaults.
+For options, each package recipe defines its own defaults.
+
+You can pass every parameter to Conan on the command line,
+but it is more convenient to put them in a [profile][profile].
+**All we must do to properly configure Conan is edit and pass the profile.**
+
+
+[1]: https://github.com/conan-io/conan-center-index/issues/13168
+[5]: https://en.wikipedia.org/wiki/Unity_build
+[build_type]: https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html
+[runtime]: https://cmake.org/cmake/help/latest/variable/CMAKE_MSVC_RUNTIME_LIBRARY.html
+[toolchain]: https://cmake.org/cmake/help/latest/manual/cmake-toolchains.7.html
+[pcf]: https://cmake.org/cmake/help/latest/manual/cmake-packages.7.html#package-configuration-file
+[pvf]: https://cmake.org/cmake/help/latest/manual/cmake-packages.7.html#package-version-file
+[find_package]: https://cmake.org/cmake/help/latest/command/find_package.html
+[search]: https://cmake.org/cmake/help/latest/command/find_package.html#search-procedure
+[prefix_path]: https://cmake.org/cmake/help/latest/variable/CMAKE_PREFIX_PATH.html
+[profile]: https://docs.conan.io/en/latest/reference/profiles.html
+

BUILD_LEDGER.md

@@ -0,0 +1,465 @@
+# Hash Migration Implementation via BuildLedger
+
+## Overview
+
+This document outlines the approach for implementing SHA-512 Half to BLAKE3 hash migration by performing the state map rekeying operation in the ledger building process, bypassing the metadata generation problem inherent in the transaction processing pipeline.
+
+## The Core Problem
+
+When switching from SHA-512 Half to BLAKE3, every object in the state map needs to be rekeyed because the hash (which IS the key in the SHAMap) changes. This would generate metadata showing:
+- Every object deleted at its old SHA-512 key
+- Every object created at its new BLAKE3 key
+- Total metadata size: 2× the entire state size (potentially gigabytes)
+
+## The Solution: Bypass Transaction Processing
+
+Instead of trying to rekey within the transaction processor (which tracks all changes for metadata), perform the rekeying AFTER transaction processing but BEFORE ledger finalization.
+
+## Implementation Location
+
+The key intervention point is in `buildLedgerImpl()` at line 63 of `BuildLedger.cpp`:
+
+```cpp
+// BuildLedger.cpp, lines 58-65
+{
+    OpenView accum(&*built);
+    assert(!accum.open());
+    applyTxs(accum, built);  // Apply transactions (including pseudo-txns)
+    accum.apply(*built);      // Apply accumulated changes to the ledger
+}
+// <-- INTERVENTION POINT HERE
+built->updateSkipList();
+```
+
+## Detailed Implementation
+
+### 1. Pseudo-Transaction Role (Simple Flag Setting)
+
+```cpp
+// In Change.cpp
+TER Change::applyHashMigration()
+{
+    // The pseudo-transaction just sets a flag
+    // The actual migration happens in BuildLedger
+    
+    JLOG(j_.warn()) << "Hash migration pseudo transaction triggered at ledger "
+                    << view().seq();
+    
+    // Create a migration flag object
+    auto migrationFlag = std::make_shared<SLE>(
+        keylet::hashMigrationFlag(
+            hash_options{view().seq(), KEYLET_MIGRATION_FLAG}));
+    
+    migrationFlag->setFieldU32(sfLedgerSequence, view().seq());
+    migrationFlag->setFieldU8(sfMigrationStatus, 1); // 1 = pending
+    
+    view().insert(migrationFlag);
+    
+    return tesSUCCESS;
+}
+```
+
+### 2. BuildLedger Modification
+
+```cpp
+// In BuildLedger.cpp, after line 63
+template <class ApplyTxs>
+std::shared_ptr<Ledger>
+buildLedgerImpl(
+    std::shared_ptr<Ledger const> const& parent,
+    NetClock::time_point closeTime,
+    const bool closeTimeCorrect,
+    NetClock::duration closeResolution,
+    Application& app,
+    beast::Journal j,
+    ApplyTxs&& applyTxs)
+{
+    auto built = std::make_shared<Ledger>(*parent, closeTime);
+
+    if (built->isFlagLedger() && built->rules().enabled(featureNegativeUNL))
+    {
+        built->updateNegativeUNL();
+    }
+
+    {
+        OpenView accum(&*built);
+        assert(!accum.open());
+        applyTxs(accum, built);
+        accum.apply(*built);
+    }
+    
+    // NEW: Check for hash migration flag
+    if (shouldPerformHashMigration(built, app, j))
+    {
+        performHashMigration(built, app, j);
+    }
+
+    built->updateSkipList();
+    // ... rest of function
+}
+
+// New helper functions
+bool shouldPerformHashMigration(
+    std::shared_ptr<Ledger> const& ledger,
+    Application& app,
+    beast::Journal j)
+{
+    // Check if we're in the migration window
+    constexpr LedgerIndex MIGRATION_START = 20'000'000;
+    constexpr LedgerIndex MIGRATION_END = 20'000'010;
+    
+    if (ledger->seq() < MIGRATION_START || ledger->seq() >= MIGRATION_END)
+        return false;
+    
+    // Check for migration flag
+    auto const flag = ledger->read(keylet::hashMigrationFlag(
+        hash_options{ledger->seq(), KEYLET_MIGRATION_FLAG}));
+    
+    if (!flag)
+        return false;
+    
+    return flag->getFieldU8(sfMigrationStatus) == 1; // 1 = pending
+}
+
+void performHashMigration(
+    std::shared_ptr<Ledger> const& ledger,
+    Application& app,
+    beast::Journal j)
+{
+    JLOG(j.warn()) << "PERFORMING HASH MIGRATION at ledger " << ledger->seq();
+    
+    auto& oldStateMap = ledger->stateMap();
+    
+    // Create new state map with BLAKE3 hashing
+    SHAMap newStateMap(SHAMapType::STATE, ledger->family());
+    newStateMap.setLedgerSeq(ledger->seq());
+    
+    // Track statistics
+    std::size_t objectCount = 0;
+    auto startTime = std::chrono::steady_clock::now();
+    
+    // Walk the entire state map and rekey everything
+    oldStateMap.visitLeaves([&](SHAMapItem const& item) {
+        try {
+            // Deserialize the ledger entry
+            SerialIter sit(item.slice());
+            auto sle = std::make_shared<SLE>(sit, item.key());
+            
+            // The new key would be calculated with BLAKE3
+            // For now, we'd need the actual BLAKE3 implementation
+            // uint256 newKey = calculateBlake3Key(sle);
+            
+            // For this example, let's assume we have a function that 
+            // computes the new key based on the SLE type and contents
+            uint256 newKey = computeNewHashKey(sle, ledger->seq());
+            
+            // Re-serialize the SLE
+            Serializer s;
+            sle->add(s);
+            
+            // Add to new map with new key
+            newStateMap.addGiveItem(
+                SHAMapNodeType::tnACCOUNT_STATE,
+                make_shamapitem(newKey, s.slice()));
+            
+            objectCount++;
+            
+            if (objectCount % 10000 == 0) {
+                JLOG(j.info()) << "Migration progress: " << objectCount 
+                              << " objects rekeyed";
+            }
+        }
+        catch (std::exception const& e) {
+            JLOG(j.error()) << "Failed to migrate object " << item.key()
+                           << ": " << e.what();
+            throw;
+        }
+    });
+    
+    auto endTime = std::chrono::steady_clock::now();
+    auto duration = std::chrono::duration_cast<std::chrono::milliseconds>(
+        endTime - startTime);
+    
+    JLOG(j.warn()) << "Hash migration completed: " << objectCount 
+                   << " objects rekeyed in " << duration.count() << "ms";
+    
+    // Swap the state maps
+    oldStateMap = std::move(newStateMap);
+    
+    // Update the migration flag to completed
+    auto flag = ledger->peek(keylet::hashMigrationFlag(
+        hash_options{ledger->seq(), KEYLET_MIGRATION_FLAG}));
+    if (flag) {
+        flag->setFieldU8(sfMigrationStatus, 2); // 2 = completed
+        ledger->rawReplace(flag);
+    }
+}
+
+uint256 computeNewHashKey(
+    std::shared_ptr<SLE const> const& sle,
+    LedgerIndex ledgerSeq)
+{
+    // This would use BLAKE3 instead of SHA-512 Half
+    // Implementation depends on the BLAKE3 integration
+    // For now, this is a placeholder
+    
+    // The actual implementation would:
+    // 1. Determine the object type
+    // 2. Extract the identifying fields
+    // 3. Hash them with BLAKE3
+    // 4. Return the new key
+    
+    return uint256(); // Placeholder
+}
+```
+
+## Why This Approach Works
+
+### 1. No Metadata Explosion
+- The rekeying happens AFTER the `OpenView` is destroyed
+- No change tracking occurs during the rekeying
+- Only the migration flag generates metadata (minimal)
+
+### 2. Direct SHAMap Access
+- We have direct access to `built->stateMap()`
+- Can manipulate the raw data structure without going through ApplyView
+- Can create a new SHAMap and swap it in
+
+### 3. Clean Separation of Concerns
+- Pseudo-transaction: "Signal that migration should happen"
+- BuildLedger: "Actually perform the migration"
+- Transaction processor: Unchanged, doesn't need to handle massive rekeying
+
+### 4. Timing is Perfect
+- After all transactions are applied
+- Before the ledger is finalized
+- Before the skip list is updated
+- Before the SHAMap is flushed to disk
+
+## Files Referenced in This Analysis
+
+### Core Implementation Files
+- `src/ripple/app/ledger/impl/BuildLedger.cpp` - Main implementation location
+- `src/ripple/app/ledger/BuildLedger.h` - Header for build functions
+- `src/ripple/app/tx/impl/Change.cpp` - Pseudo-transaction handler
+- `src/ripple/app/tx/impl/Change.h` - Change transactor header
+
+### Transaction Processing Pipeline (analyzed but bypassed)
+- `src/ripple/app/tx/impl/Transactor.cpp` - Base transaction processor
+- `src/ripple/app/tx/impl/Transactor.h` - Transactor header
+- `src/ripple/app/tx/impl/apply.cpp` - Transaction application
+- `src/ripple/app/tx/impl/applySteps.cpp` - Transaction routing
+- `src/ripple/app/tx/impl/ApplyContext.h` - Application context
+
+### Ledger and View Classes
+- `src/ripple/app/ledger/Ledger.h` - Ledger class definition
+- `src/ripple/app/ledger/Ledger.cpp` - Ledger implementation
+- `src/ripple/ledger/ApplyView.h` - View interface
+- `src/ripple/ledger/ApplyViewImpl.h` - View implementation header
+- `src/ripple/ledger/impl/ApplyViewImpl.cpp` - View implementation
+- `src/ripple/ledger/impl/ApplyViewBase.cpp` - Base view implementation
+- `src/ripple/ledger/detail/ApplyViewBase.h` - Base view header
+- `src/ripple/ledger/OpenView.h` - Open ledger view
+- `src/ripple/ledger/RawView.h` - Raw view interface
+
+### SHAMap and Data Structures
+- `src/ripple/shamap/SHAMap.h` - SHAMap class definition
+
+### Metadata Generation
+- `src/ripple/protocol/TxMeta.h` - Transaction metadata header
+- `src/ripple/protocol/impl/TxMeta.cpp` - Metadata implementation
+
+### Consensus and Pseudo-Transaction Injection
+- `src/ripple/app/consensus/RCLConsensus.cpp` - Consensus implementation
+
+### Supporting Documents
+- `PSEUDO_TRANSACTIONS.md` - Documentation on pseudo-transactions
+- `HASH_MIGRATION_CONTEXT.md` - Context for hash migration work
+
+## Key Advantages
+
+1. **Architecturally Clean**: Works within existing ledger building framework
+2. **No Metadata Issues**: Completely bypasses the metadata generation problem
+3. **Atomic Operation**: Either the entire state is rekeyed or none of it is
+4. **Fail-Safe**: Can be wrapped in try-catch for error handling
+5. **Observable**: Can log progress for large state maps
+6. **Testable**: Can be tested independently of transaction processing
+
+## Challenges and Considerations
+
+1. **Performance**: Rekeying millions of objects will take time
+   - Solution: This happens during consensus, all nodes do it simultaneously
+   
+2. **Memory Usage**: Need to hold both old and new SHAMaps temporarily
+   - Solution: Could potentially do in-place updates with careful ordering
+   
+3. **Verification**: Need to ensure all nodes get the same result
+   - Solution: Deterministic rekeying based on ledger sequence
+
+4. **Rollback**: If migration fails, need to handle gracefully
+   - Solution: Keep old map until new map is fully built and verified
+
+## Conclusion
+
+By performing the hash migration at the ledger building level rather than within the transaction processing pipeline, we can successfully rekey the entire state map without generating massive metadata. This approach leverages the existing architecture's separation between transaction processing and ledger construction, providing a clean and efficient solution to what initially appeared to be an intractable problem.
+
+---
+
+## APPENDIX: Revised Implementation Following Ledger Pattern
+
+After reviewing the existing pattern in `BuildLedger.cpp`, it's clear that special ledger operations are implemented as methods on the `Ledger` class itself (e.g., `built->updateNegativeUNL()`). Following this pattern, the hash migration should be implemented as `Ledger::migrateToBlake3()`.
+
+### Updated BuildLedger.cpp Implementation
+
+```cpp
+// In BuildLedger.cpp, following the existing pattern
+template <class ApplyTxs>
+std::shared_ptr<Ledger>
+buildLedgerImpl(
+    std::shared_ptr<Ledger const> const& parent,
+    NetClock::time_point closeTime,
+    const bool closeTimeCorrect,
+    NetClock::duration closeResolution,
+    Application& app,
+    beast::Journal j,
+    ApplyTxs&& applyTxs)
+{
+    auto built = std::make_shared<Ledger>(*parent, closeTime);
+
+    if (built->isFlagLedger() && built->rules().enabled(featureNegativeUNL))
+    {
+        built->updateNegativeUNL();
+    }
+
+    {
+        OpenView accum(&*built);
+        assert(!accum.open());
+        applyTxs(accum, built);
+        accum.apply(*built);
+    }
+    
+    // NEW: Check and perform hash migration following the pattern
+    if (built->rules().enabled(featureBLAKE3Migration) && 
+        built->shouldMigrateToBlake3())
+    {
+        built->migrateToBlake3();
+    }
+
+    built->updateSkipList();
+    // ... rest of function
+}
+```
+
+### Ledger.h Addition
+
+```cpp
+// In src/ripple/app/ledger/Ledger.h
+class Ledger final : public std::enable_shared_from_this<Ledger>,
+                     public DigestAwareReadView,
+                     public TxsRawView,
+                     public CountedObject<Ledger>
+{
+public:
+    // ... existing methods ...
+
+    /** Update the Negative UNL ledger component. */
+    void
+    updateNegativeUNL();
+
+    /** Check if hash migration to BLAKE3 should be performed */
+    bool
+    shouldMigrateToBlake3() const;
+
+    /** Perform hash migration from SHA-512 Half to BLAKE3
+     *  This rekeys all objects in the state map with new BLAKE3 hashes.
+     *  Must be called after transactions are applied but before the
+     *  ledger is finalized.
+     */
+    void
+    migrateToBlake3();
+
+    // ... rest of class ...
+};
+```
+
+### Ledger.cpp Implementation
+
+```cpp
+// In src/ripple/app/ledger/Ledger.cpp
+
+bool
+Ledger::shouldMigrateToBlake3() const
+{
+    // Check if we're in the migration window
+    constexpr LedgerIndex MIGRATION_START = 20'000'000;
+    constexpr LedgerIndex MIGRATION_END = 20'000'010;
+    
+    if (seq() < MIGRATION_START || seq() >= MIGRATION_END)
+        return false;
+    
+    // Check for migration flag set by pseudo-transaction
+    auto const flag = read(keylet::hashMigrationFlag(
+        hash_options{seq(), KEYLET_MIGRATION_FLAG}));
+    
+    if (!flag)
+        return false;
+    
+    return flag->getFieldU8(sfMigrationStatus) == 1; // 1 = pending
+}
+
+void
+Ledger::migrateToBlake3()
+{
+    JLOG(j_.warn()) << "Performing BLAKE3 hash migration at ledger " << seq();
+    
+    // Create new state map with BLAKE3 hashing
+    SHAMap newStateMap(SHAMapType::STATE, stateMap_.family());
+    newStateMap.setLedgerSeq(seq());
+    
+    std::size_t objectCount = 0;
+    auto startTime = std::chrono::steady_clock::now();
+    
+    // Walk the entire state map and rekey everything
+    stateMap_.visitLeaves([&](SHAMapItem const& item) {
+        // Deserialize the ledger entry
+        SerialIter sit(item.slice());
+        auto sle = std::make_shared<SLE>(sit, item.key());
+        
+        // Calculate new BLAKE3-based key
+        // This would use the actual BLAKE3 implementation
+        uint256 newKey = computeBlake3Key(sle);
+        
+        // Re-serialize and add to new map
+        Serializer s;
+        sle->add(s);
+        
+        newStateMap.addGiveItem(
+            SHAMapNodeType::tnACCOUNT_STATE,
+            make_shamapitem(newKey, s.slice()));
+        
+        if (++objectCount % 10000 == 0) {
+            JLOG(j_.info()) << "Migration progress: " << objectCount 
+                          << " objects rekeyed";
+        }
+    });
+    
+    auto duration = std::chrono::duration_cast<std::chrono::milliseconds>(
+        std::chrono::steady_clock::now() - startTime);
+    
+    JLOG(j_.warn()) << "BLAKE3 migration completed: " << objectCount 
+                   << " objects rekeyed in " << duration.count() << "ms";
+    
+    // Swap the state maps
+    stateMap_ = std::move(newStateMap);
+    
+    // Update the migration flag to completed
+    auto flag = peek(keylet::hashMigrationFlag(
+        hash_options{seq(), KEYLET_MIGRATION_FLAG}));
+    if (flag) {
+        flag->setFieldU8(sfMigrationStatus, 2); // 2 = completed
+        rawReplace(flag);
+    }
+}
+```
+
+This approach follows the established pattern in the codebase where special ledger operations are encapsulated as methods on the `Ledger` class itself, making the code more maintainable and consistent with the existing architecture.

Builds/CMake/RippledCore.cmake

@@ -23,6 +23,11 @@ else()
   message(STATUS "ACL not found, continuing without ACL support")
 endif()
 
+add_library(libxrpl INTERFACE)
+target_link_libraries(libxrpl INTERFACE xrpl_core)
+add_library(xrpl::libxrpl ALIAS libxrpl)
+
+
 #[===============================[
     beast/legacy FILES:
     TODO: review these sources for removal or replacement
@@ -144,10 +149,11 @@ target_link_libraries (xrpl_core
   PUBLIC
     OpenSSL::Crypto
     Ripple::boost
-    NIH::WasmEdge
+    wasmedge::wasmedge
     Ripple::syslibs
-    NIH::secp256k1
-    NIH::ed25519-donna
+    secp256k1::secp256k1
+    ed25519::ed25519
+    BLAKE3::blake3
     date::date
     Ripple::opts)
 #[=================================[
@@ -392,6 +398,7 @@ target_sources (rippled PRIVATE
   src/ripple/app/misc/NegativeUNLVote.cpp
   src/ripple/app/misc/NetworkOPs.cpp
   src/ripple/app/misc/SHAMapStoreImp.cpp
+  src/ripple/app/misc/StateAccounting.cpp
   src/ripple/app/misc/detail/impl/WorkSSL.cpp
   src/ripple/app/misc/impl/AccountTxPaging.cpp
   src/ripple/app/misc/impl/AmendmentTable.cpp
@@ -433,13 +440,18 @@ target_sources (rippled PRIVATE
   src/ripple/app/tx/impl/CancelOffer.cpp
   src/ripple/app/tx/impl/CashCheck.cpp
   src/ripple/app/tx/impl/Change.cpp
+  src/ripple/app/tx/impl/ClaimReward.cpp
+  src/ripple/app/tx/impl/Clawback.cpp
   src/ripple/app/tx/impl/CreateCheck.cpp
   src/ripple/app/tx/impl/CreateOffer.cpp
   src/ripple/app/tx/impl/CreateTicket.cpp
   src/ripple/app/tx/impl/DeleteAccount.cpp
   src/ripple/app/tx/impl/DepositPreauth.cpp
   src/ripple/app/tx/impl/Escrow.cpp
+  src/ripple/app/tx/impl/GenesisMint.cpp
+  src/ripple/app/tx/impl/Import.cpp
   src/ripple/app/tx/impl/InvariantCheck.cpp
+  src/ripple/app/tx/impl/Invoke.cpp
   src/ripple/app/tx/impl/NFTokenAcceptOffer.cpp
   src/ripple/app/tx/impl/NFTokenBurn.cpp
   src/ripple/app/tx/impl/NFTokenCancelOffer.cpp
@@ -448,13 +460,11 @@ target_sources (rippled PRIVATE
   src/ripple/app/tx/impl/OfferStream.cpp
   src/ripple/app/tx/impl/PayChan.cpp
   src/ripple/app/tx/impl/Payment.cpp
+  src/ripple/app/tx/impl/Remit.cpp
   src/ripple/app/tx/impl/SetAccount.cpp
-  src/ripple/app/tx/impl/SetRegularKey.cpp
   src/ripple/app/tx/impl/SetHook.cpp
-  src/ripple/app/tx/impl/ClaimReward.cpp
-  src/ripple/app/tx/impl/GenesisMint.cpp
-  src/ripple/app/tx/impl/Import.cpp
-  src/ripple/app/tx/impl/Invoke.cpp
+  src/ripple/app/tx/impl/SetRemarks.cpp
+  src/ripple/app/tx/impl/SetRegularKey.cpp
   src/ripple/app/tx/impl/SetSignerList.cpp
   src/ripple/app/tx/impl/SetTrust.cpp
   src/ripple/app/tx/impl/SignerEntries.cpp
@@ -537,7 +547,9 @@ target_sources (rippled PRIVATE
        subdir: nodestore
   #]===============================]
   src/ripple/nodestore/backend/CassandraFactory.cpp
+  src/ripple/nodestore/backend/RWDBFactory.cpp
   src/ripple/nodestore/backend/MemoryFactory.cpp
+  src/ripple/nodestore/backend/FlatmapFactory.cpp
   src/ripple/nodestore/backend/NuDBFactory.cpp
   src/ripple/nodestore/backend/NullFactory.cpp
   src/ripple/nodestore/backend/RocksDBFactory.cpp
@@ -602,6 +614,7 @@ target_sources (rippled PRIVATE
   src/ripple/rpc/handlers/BlackList.cpp
   src/ripple/rpc/handlers/BookOffers.cpp
   src/ripple/rpc/handlers/CanDelete.cpp
+  src/ripple/rpc/handlers/Catalogue.cpp
   src/ripple/rpc/handlers/Connect.cpp
   src/ripple/rpc/handlers/ConsensusInfo.cpp
   src/ripple/rpc/handlers/CrawlShards.cpp
@@ -625,6 +638,7 @@ target_sources (rippled PRIVATE
   src/ripple/rpc/handlers/LogLevel.cpp
   src/ripple/rpc/handlers/LogRotate.cpp
   src/ripple/rpc/handlers/Manifest.cpp
+  src/ripple/rpc/handlers/MapStats.cpp
   src/ripple/rpc/handlers/NFTOffers.cpp
   src/ripple/rpc/handlers/NodeToShard.cpp
   src/ripple/rpc/handlers/NoRippleCheck.cpp
@@ -637,6 +651,7 @@ target_sources (rippled PRIVATE
   src/ripple/rpc/handlers/Random.cpp
   src/ripple/rpc/handlers/Reservations.cpp
   src/ripple/rpc/handlers/RipplePathFind.cpp
+  src/ripple/rpc/handlers/ServerDefinitions.cpp
   src/ripple/rpc/handlers/ServerInfo.cpp
   src/ripple/rpc/handlers/ServerState.cpp
   src/ripple/rpc/handlers/SignFor.cpp
@@ -656,6 +671,7 @@ target_sources (rippled PRIVATE
   src/ripple/rpc/handlers/ValidatorListSites.cpp
   src/ripple/rpc/handlers/Validators.cpp
   src/ripple/rpc/handlers/WalletPropose.cpp
+  src/ripple/rpc/handlers/Catalogue.cpp
   src/ripple/rpc/impl/DeliveredAmount.cpp
   src/ripple/rpc/impl/Handler.cpp
   src/ripple/rpc/impl/LegacyPathFind.cpp
@@ -667,6 +683,9 @@ target_sources (rippled PRIVATE
   src/ripple/rpc/impl/ShardVerificationScheduler.cpp
   src/ripple/rpc/impl/Status.cpp
   src/ripple/rpc/impl/TransactionSign.cpp
+  src/ripple/rpc/impl/NFTokenID.cpp
+  src/ripple/rpc/impl/NFTokenOfferID.cpp
+  src/ripple/rpc/impl/NFTSyntheticSerializer.cpp
   #[===============================[
      main sources:
        subdir: perflog
@@ -702,8 +721,10 @@ if (tests)
     src/test/app/AccountDelete_test.cpp
     src/test/app/AccountTxPaging_test.cpp
     src/test/app/AmendmentTable_test.cpp
+    src/test/app/BaseFee_test.cpp
     src/test/app/Check_test.cpp
     src/test/app/ClaimReward_test.cpp
+    src/test/app/Clawback_test.cpp
     src/test/app/CrossingLimits_test.cpp
     src/test/app/DeliverMin_test.cpp
     src/test/app/DepositAuth_test.cpp
@@ -713,6 +734,7 @@ if (tests)
     src/test/app/FeeVote_test.cpp
     src/test/app/Flow_test.cpp
     src/test/app/Freeze_test.cpp
+    src/test/app/GenesisMint_test.cpp
     src/test/app/HashRouter_test.cpp
     src/test/app/Import_test.cpp
     src/test/app/Invoke_test.cpp
@@ -733,26 +755,31 @@ if (tests)
     src/test/app/Path_test.cpp
     src/test/app/PayChan_test.cpp
     src/test/app/PayStrand_test.cpp
+    src/test/app/PreviousTxn_test.cpp
     src/test/app/PseudoTx_test.cpp
     src/test/app/RCLCensorshipDetector_test.cpp
     src/test/app/RCLValidations_test.cpp
     src/test/app/Regression_test.cpp
+    src/test/app/Remit_test.cpp
     src/test/app/SHAMapStore_test.cpp
     src/test/app/SetAuth_test.cpp
+    src/test/app/SetHook_test.cpp
+    src/test/app/SetHookTSH_test.cpp
     src/test/app/SetRegularKey_test.cpp
+    src/test/app/SetRemarks_test.cpp
     src/test/app/SetTrust_test.cpp
     src/test/app/Taker_test.cpp
     src/test/app/TheoreticalQuality_test.cpp
     src/test/app/Ticket_test.cpp
+    src/test/app/Touch_test.cpp
     src/test/app/Transaction_ordering_test.cpp
     src/test/app/TrustAndBalance_test.cpp
     src/test/app/TxQ_test.cpp
-    src/test/app/UNLReport_test.cpp
     src/test/app/URIToken_test.cpp
     src/test/app/ValidatorKeys_test.cpp
     src/test/app/ValidatorList_test.cpp
     src/test/app/ValidatorSite_test.cpp
-    src/test/app/SetHook_test.cpp
+    src/test/app/Wildcard_test.cpp
     src/test/app/XahauGenesis_test.cpp
     src/test/app/tx/apply_test.cpp
     #[===============================[
@@ -813,6 +840,7 @@ if (tests)
     src/test/consensus/LedgerTrie_test.cpp
     src/test/consensus/NegativeUNL_test.cpp
     src/test/consensus/ScaleFreeSim_test.cpp
+    src/test/consensus/UNLReport_test.cpp
     src/test/consensus/Validations_test.cpp
     #[===============================[
        test sources:
@@ -863,28 +891,40 @@ if (tests)
     src/test/jtx/impl/delivermin.cpp
     src/test/jtx/impl/deposit.cpp
     src/test/jtx/impl/envconfig.cpp
+    src/test/jtx/impl/escrow.cpp
     src/test/jtx/impl/fee.cpp
     src/test/jtx/impl/flags.cpp
+    src/test/jtx/impl/genesis.cpp
+    src/test/jtx/impl/import.cpp
     src/test/jtx/impl/invoice_id.cpp
+    src/test/jtx/impl/invoke.cpp
     src/test/jtx/impl/jtx_json.cpp
     src/test/jtx/impl/last_ledger_sequence.cpp
     src/test/jtx/impl/memo.cpp
     src/test/jtx/impl/multisign.cpp
+    src/test/jtx/impl/network.cpp
     src/test/jtx/impl/offer.cpp
     src/test/jtx/impl/owners.cpp
     src/test/jtx/impl/paths.cpp
     src/test/jtx/impl/pay.cpp
+    src/test/jtx/impl/paychan.cpp
     src/test/jtx/impl/quality2.cpp
     src/test/jtx/impl/rate.cpp
     src/test/jtx/impl/regkey.cpp
+    src/test/jtx/impl/reward.cpp
+    src/test/jtx/impl/remarks.cpp
+    src/test/jtx/impl/remit.cpp
     src/test/jtx/impl/sendmax.cpp
     src/test/jtx/impl/seq.cpp
     src/test/jtx/impl/sig.cpp
     src/test/jtx/impl/tag.cpp
+    src/test/jtx/impl/TestHelpers.cpp
     src/test/jtx/impl/ticket.cpp
     src/test/jtx/impl/token.cpp
     src/test/jtx/impl/trust.cpp
     src/test/jtx/impl/txflags.cpp
+    src/test/jtx/impl/unl.cpp
+    src/test/jtx/impl/uritoken.cpp
     src/test/jtx/impl/utility.cpp
 
     #[===============================[
@@ -935,6 +975,7 @@ if (tests)
        test sources:
          subdir: protocol
     #]===============================]
+    src/test/protocol/blake3_test.cpp
     src/test/protocol/BuildInfo_test.cpp
     src/test/protocol/InnerObjectFormats_test.cpp
     src/test/protocol/Issue_test.cpp
@@ -966,10 +1007,12 @@ if (tests)
     src/test/rpc/AccountLinesRPC_test.cpp
     src/test/rpc/AccountObjects_test.cpp
     src/test/rpc/AccountOffers_test.cpp
+    src/test/rpc/AccountNamespace_test.cpp
     src/test/rpc/AccountSet_test.cpp
     src/test/rpc/AccountTx_test.cpp
     src/test/rpc/AmendmentBlocked_test.cpp
     src/test/rpc/Book_test.cpp
+    src/test/rpc/Catalogue_test.cpp
     src/test/rpc/DepositAuthorized_test.cpp
     src/test/rpc/DeliveredAmount_test.cpp
     src/test/rpc/Feature_test.cpp
@@ -992,6 +1035,7 @@ if (tests)
     src/test/rpc/RPCCall_test.cpp
     src/test/rpc/RPCOverload_test.cpp
     src/test/rpc/RobustTransaction_test.cpp
+    src/test/rpc/ServerDefinitions_test.cpp
     src/test/rpc/ServerInfo_test.cpp
     src/test/rpc/ShardArchiveHandler_test.cpp
     src/test/rpc/Status_test.cpp
@@ -1027,6 +1071,9 @@ target_link_libraries (rippled
   Ripple::opts
   Ripple::libs
   Ripple::xrpl_core
+  BLAKE3::blake3
+  # Workaround for a Conan 1.x bug...
+  m
   )
 exclude_if_included (rippled)
 # define a macro for tests that might need to

Builds/CMake/RippledDocs.cmake

@@ -1,6 +1,13 @@
 #[===================================================================[
    docs target (optional)
 #]===================================================================]
+
+# Early return if the `docs` directory is missing,
+# e.g. when we are building a Conan package.
+if(NOT EXISTS docs)
+  return()
+endif()
+
 if (tests)
   find_package (Doxygen)
   if (NOT TARGET Doxygen::doxygen)

Builds/CMake/RippledInstall.cmake

@@ -4,7 +4,6 @@
 
 install (
   TARGETS
-    ed25519-donna
     common
     opts
     ripple_syslibs
@@ -16,17 +15,6 @@ install (
   RUNTIME DESTINATION bin
   INCLUDES DESTINATION include)
 
-if(${INSTALL_SECP256K1})
-install (
-  TARGETS
-    secp256k1
-  EXPORT RippleExports
-  LIBRARY DESTINATION lib
-  ARCHIVE DESTINATION lib
-  RUNTIME DESTINATION bin
-  INCLUDES DESTINATION include)
-endif()
-
 install (EXPORT RippleExports
   FILE RippleTargets.cmake
   NAMESPACE Ripple::

Builds/CMake/RippledMultiConfig.cmake

@@ -14,7 +14,7 @@ if (is_multiconfig)
   file(GLOB md_files RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} CONFIGURE_DEPENDS
     *.md)
   LIST(APPEND all_sources ${md_files})
-  foreach (_target secp256k1 ed25519-donna pbufs xrpl_core rippled)
+  foreach (_target secp256k1::secp256k1 ed25519::ed25519 pbufs xrpl_core rippled)
     get_target_property (_type ${_target} TYPE)
     if(_type STREQUAL "INTERFACE_LIBRARY")
       continue()

Builds/CMake/RippledRelease.cmake

@@ -1,197 +0,0 @@
-#[===================================================================[
-   package/container targets - (optional)
-#]===================================================================]
-
-if (is_root_project)
-  if (NOT DOCKER)
-    find_program (DOCKER docker)
-  endif ()
-
-  if (DOCKER)
-    # if no container label is provided, use current git hash
-    git_hash (commit_hash)
-    if (NOT container_label)
-      set (container_label ${commit_hash})
-    endif ()
-    message (STATUS "using [${container_label}] as build container tag...")
-
-    file (MAKE_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/packages)
-    file (MAKE_DIRECTORY ${NIH_CACHE_ROOT}/pkgbuild)
-    if (is_linux)
-      execute_process (COMMAND id -u
-        OUTPUT_VARIABLE DOCKER_USER_ID
-        OUTPUT_STRIP_TRAILING_WHITESPACE)
-      message (STATUS "docker local user id: ${DOCKER_USER_ID}")
-      execute_process (COMMAND id -g
-        OUTPUT_VARIABLE DOCKER_GROUP_ID
-        OUTPUT_STRIP_TRAILING_WHITESPACE)
-      message (STATUS "docker local group id: ${DOCKER_GROUP_ID}")
-    endif ()
-    if (DOCKER_USER_ID AND DOCKER_GROUP_ID)
-      set(map_user TRUE)
-    endif ()
-    #[===================================================================[
-        rpm
-    #]===================================================================]
-    add_custom_target (rpm_container
-      docker build
-        --pull
-        --build-arg GIT_COMMIT=${commit_hash}
-        -t rippleci/rippled-rpm-builder:${container_label}
-        $<$<BOOL:${rpm_cache_from}>:--cache-from=${rpm_cache_from}>
-        -f centos-builder/Dockerfile .
-      WORKING_DIRECTORY  ${CMAKE_CURRENT_SOURCE_DIR}/Builds/containers
-      VERBATIM
-      USES_TERMINAL
-      COMMAND_EXPAND_LISTS
-      SOURCES
-        Builds/containers/centos-builder/Dockerfile
-        Builds/containers/centos-builder/centos_setup.sh
-        Builds/containers/shared/update-rippled.sh
-        Builds/containers/shared/update_sources.sh
-        Builds/containers/shared/rippled.service
-        Builds/containers/shared/rippled-reporting.service
-        Builds/containers/packaging/rpm/rippled.spec
-        Builds/containers/packaging/rpm/build_rpm.sh
-        Builds/containers/packaging/rpm/50-rippled.preset
-        Builds/containers/packaging/rpm/50-rippled-reporting.preset
-        bin/getRippledInfo
-    )
-    exclude_from_default (rpm_container)
-    add_custom_target (rpm
-      docker run
-        -e NIH_CACHE_ROOT=/opt/rippled_bld/pkg/.nih_c
-        -v ${NIH_CACHE_ROOT}/pkgbuild:/opt/rippled_bld/pkg/.nih_c
-        -v ${CMAKE_CURRENT_SOURCE_DIR}:/opt/rippled_bld/pkg/rippled
-        -v ${CMAKE_CURRENT_BINARY_DIR}/packages:/opt/rippled_bld/pkg/out
-        -t rippleci/rippled-rpm-builder:${container_label}
-        /bin/bash -c "cp -fpu rippled/Builds/containers/packaging/rpm/build_rpm.sh . && ./build_rpm.sh"
-      VERBATIM
-      USES_TERMINAL
-      COMMAND_EXPAND_LISTS
-      SOURCES
-        Builds/containers/packaging/rpm/rippled.spec
-    )
-    exclude_from_default (rpm)
-    if (NOT have_package_container)
-      add_dependencies(rpm rpm_container)
-    endif ()
-    #[===================================================================[
-        dpkg
-    #]===================================================================]
-    # currently use ubuntu 18.04 as a base b/c it has one of
-    # the lower versions of libc among ubuntu and debian releases.
-    # we could change this in the future and build with some other deb
-    # based system.
-    add_custom_target (dpkg_container
-      docker build
-        --pull
-        --build-arg DIST_TAG=18.04
-        --build-arg GIT_COMMIT=${commit_hash}
-        -t rippled-dpkg-builder:${container_label}
-        $<$<BOOL:${dpkg_cache_from}>:--cache-from=${dpkg_cache_from}>
-        -f ubuntu-builder/Dockerfile .
-      WORKING_DIRECTORY  ${CMAKE_CURRENT_SOURCE_DIR}/Builds/containers
-      VERBATIM
-      USES_TERMINAL
-      COMMAND_EXPAND_LISTS
-      SOURCES
-        Builds/containers/packaging/dpkg/debian/rippled-reporting.links
-        Builds/containers/packaging/dpkg/debian/copyright
-        Builds/containers/packaging/dpkg/debian/rules
-        Builds/containers/packaging/dpkg/debian/rippled-reporting.install
-        Builds/containers/packaging/dpkg/debian/rippled-reporting.postinst
-        Builds/containers/packaging/dpkg/debian/rippled.links
-        Builds/containers/packaging/dpkg/debian/rippled.prerm
-        Builds/containers/packaging/dpkg/debian/rippled.postinst
-        Builds/containers/packaging/dpkg/debian/rippled-dev.install
-        Builds/containers/packaging/dpkg/debian/dirs
-        Builds/containers/packaging/dpkg/debian/rippled.postrm
-        Builds/containers/packaging/dpkg/debian/rippled.conffiles
-        Builds/containers/packaging/dpkg/debian/compat
-        Builds/containers/packaging/dpkg/debian/source/format
-        Builds/containers/packaging/dpkg/debian/source/local-options
-        Builds/containers/packaging/dpkg/debian/README.Debian
-        Builds/containers/packaging/dpkg/debian/rippled.install
-        Builds/containers/packaging/dpkg/debian/rippled.preinst
-        Builds/containers/packaging/dpkg/debian/docs
-        Builds/containers/packaging/dpkg/debian/control
-        Builds/containers/packaging/dpkg/debian/rippled-reporting.dirs
-        Builds/containers/packaging/dpkg/build_dpkg.sh
-        Builds/containers/ubuntu-builder/Dockerfile
-        Builds/containers/ubuntu-builder/ubuntu_setup.sh
-        bin/getRippledInfo
-        Builds/containers/shared/install_cmake.sh
-        Builds/containers/shared/update-rippled.sh
-        Builds/containers/shared/update_sources.sh
-        Builds/containers/shared/rippled.service
-        Builds/containers/shared/rippled-reporting.service
-        Builds/containers/shared/rippled-logrotate
-        Builds/containers/shared/update-rippled-cron
-    )
-    exclude_from_default (dpkg_container)
-    add_custom_target (dpkg
-      docker run
-        -e NIH_CACHE_ROOT=/opt/rippled_bld/pkg/.nih_c
-        -v ${NIH_CACHE_ROOT}/pkgbuild:/opt/rippled_bld/pkg/.nih_c
-        -v ${CMAKE_CURRENT_SOURCE_DIR}:/opt/rippled_bld/pkg/rippled
-        -v ${CMAKE_CURRENT_BINARY_DIR}/packages:/opt/rippled_bld/pkg/out
-        -t rippled-dpkg-builder:${container_label}
-        /bin/bash -c "cp -fpu rippled/Builds/containers/packaging/dpkg/build_dpkg.sh . && ./build_dpkg.sh"
-      VERBATIM
-      USES_TERMINAL
-      COMMAND_EXPAND_LISTS
-      SOURCES
-        Builds/containers/packaging/dpkg/debian/control
-    )
-    exclude_from_default (dpkg)
-    if (NOT have_package_container)
-      add_dependencies(dpkg dpkg_container)
-    endif ()
-    #[===================================================================[
-        ci container
-    #]===================================================================]
-    # now use the same ubuntu image for our travis-ci docker images,
-    # but we use a newer distro (18.04 vs 16.04).
-    #
-    # the following steps assume the github pkg repo, but it's possible to
-    # adapt these for other docker hub repositories.
-    #
-    # steps for publishing a new CI image when you make changes:
-    #
-    #   mkdir bld.ci && cd bld.ci && cmake -Dpackages_only=ON -Dcontainer_label=CI_LATEST
-    #   cmake --build . --target ci_container --verbose
-    #   docker tag rippled-ci-builder:CI_LATEST <HUB REPO PATH>/rippled-ci-builder:YYYY-MM-DD
-    #      (NOTE: change YYYY-MM-DD to match current date, or use a different
-    #             tag/version scheme if you prefer)
-    #   docker push <HUB REPO PATH>/rippled-ci-builder:YYYY-MM-DD
-    #      (NOTE: <HUB REPO PATH> is probably your user or org name if using
-    #             docker hub, or it might be something like
-    #             docker.pkg.github.com/ripple/rippled if using the github pkg
-    #             registry. for any registry, you will need to be logged-in via
-    #             docker and have push access.)
-    #
-    # ...then change the DOCKER_IMAGE line in .travis.yml :
-    #     - DOCKER_IMAGE="<HUB REPO PATH>/rippled-ci-builder:YYYY-MM-DD"
-    add_custom_target (ci_container
-      docker build
-        --pull
-        --build-arg DIST_TAG=18.04
-        --build-arg GIT_COMMIT=${commit_hash}
-        --build-arg CI_USE=true
-        -t rippled-ci-builder:${container_label}
-        $<$<BOOL:${ci_cache_from}>:--cache-from=${ci_cache_from}>
-        -f ubuntu-builder/Dockerfile .
-      WORKING_DIRECTORY  ${CMAKE_CURRENT_SOURCE_DIR}/Builds/containers
-      VERBATIM
-      USES_TERMINAL
-      COMMAND_EXPAND_LISTS
-      SOURCES
-        Builds/containers/ubuntu-builder/Dockerfile
-        Builds/containers/ubuntu-builder/ubuntu_setup.sh
-    )
-    exclude_from_default (ci_container)
-  else ()
-    message (STATUS "docker NOT found -- won't be able to build containers for packaging")
-  endif ()
-endif ()

Builds/CMake/conan/Boost.cmake

@@ -0,0 +1,52 @@
+find_package(Boost 1.83 REQUIRED
+  COMPONENTS
+    chrono
+    container
+    context
+    coroutine
+    date_time
+    filesystem
+    program_options
+    regex
+    system
+    thread
+)
+
+add_library(ripple_boost INTERFACE)
+add_library(Ripple::boost ALIAS ripple_boost)
+if(XCODE)
+  target_include_directories(ripple_boost BEFORE INTERFACE ${Boost_INCLUDE_DIRS})
+  target_compile_options(ripple_boost INTERFACE --system-header-prefix="boost/")
+else()
+  target_include_directories(ripple_boost SYSTEM BEFORE INTERFACE ${Boost_INCLUDE_DIRS})
+endif()
+
+target_link_libraries(ripple_boost
+  INTERFACE
+    Boost::boost
+    Boost::chrono
+    Boost::container
+    Boost::coroutine
+    Boost::date_time
+    Boost::filesystem
+    Boost::program_options
+    Boost::regex
+    Boost::system
+    Boost::iostreams
+    Boost::thread)
+if(Boost_COMPILER)
+  target_link_libraries(ripple_boost INTERFACE Boost::disable_autolinking)
+endif()
+if(san AND is_clang)
+  # TODO: gcc does not support -fsanitize-blacklist...can we do something else
+  # for gcc ?
+  if(NOT Boost_INCLUDE_DIRS AND TARGET Boost::headers)
+    get_target_property(Boost_INCLUDE_DIRS Boost::headers INTERFACE_INCLUDE_DIRECTORIES)
+  endif()
+  message(STATUS "Adding [${Boost_INCLUDE_DIRS}] to sanitizer blacklist")
+  file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt "src:${Boost_INCLUDE_DIRS}/*")
+  target_compile_options(opts
+    INTERFACE
+      # ignore boost headers for sanitizing
+      -fsanitize-blacklist=${CMAKE_CURRENT_BINARY_DIR}/san_bl.txt)
+endif()

Builds/CMake/conan/Protobuf.cmake

@@ -0,0 +1,22 @@
+find_package(Protobuf 3.8)
+
+file(MAKE_DIRECTORY ${CMAKE_BINARY_DIR}/proto_gen)
+set(ccbd ${CMAKE_CURRENT_BINARY_DIR})
+set(CMAKE_CURRENT_BINARY_DIR ${CMAKE_BINARY_DIR}/proto_gen)
+protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS src/ripple/proto/ripple.proto)
+set(CMAKE_CURRENT_BINARY_DIR ${ccbd})
+
+add_library(pbufs STATIC ${PROTO_SRCS} ${PROTO_HDRS})
+target_include_directories(pbufs SYSTEM PUBLIC
+  ${CMAKE_BINARY_DIR}/proto_gen
+  ${CMAKE_BINARY_DIR}/proto_gen/src/ripple/proto
+)
+target_link_libraries(pbufs protobuf::libprotobuf)
+target_compile_options(pbufs
+  PUBLIC
+    $<$<BOOL:${XCODE}>:
+      --system-header-prefix="google/protobuf"
+      -Wno-deprecated-dynamic-exception-spec
+    >
+)
+add_library(Ripple::pbufs ALIAS pbufs)

Builds/CMake/conan/gRPC.cmake

@@ -0,0 +1,62 @@
+find_package(gRPC 1.23)
+
+#[=================================[
+   generate protobuf sources for
+   grpc defs and bundle into a
+   static lib
+#]=================================]
+set(GRPC_GEN_DIR "${CMAKE_BINARY_DIR}/proto_gen_grpc")
+file(MAKE_DIRECTORY ${GRPC_GEN_DIR})
+set(GRPC_PROTO_SRCS)
+set(GRPC_PROTO_HDRS)
+set(GRPC_PROTO_ROOT "${CMAKE_CURRENT_SOURCE_DIR}/src/ripple/proto/org")
+file(GLOB_RECURSE GRPC_DEFINITION_FILES LIST_DIRECTORIES false "${GRPC_PROTO_ROOT}/*.proto")
+foreach(file ${GRPC_DEFINITION_FILES})
+  get_filename_component(_abs_file ${file} ABSOLUTE)
+  get_filename_component(_abs_dir ${_abs_file} DIRECTORY)
+  get_filename_component(_basename ${file} NAME_WE)
+  get_filename_component(_proto_inc ${GRPC_PROTO_ROOT} DIRECTORY) # updir one level
+  file(RELATIVE_PATH _rel_root_file ${_proto_inc} ${_abs_file})
+  get_filename_component(_rel_root_dir ${_rel_root_file} DIRECTORY)
+  file(RELATIVE_PATH _rel_dir ${CMAKE_CURRENT_SOURCE_DIR} ${_abs_dir})
+
+  set(src_1 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.grpc.pb.cc")
+  set(src_2 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.pb.cc")
+  set(hdr_1 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.grpc.pb.h")
+  set(hdr_2 "${GRPC_GEN_DIR}/${_rel_root_dir}/${_basename}.pb.h")
+  add_custom_command(
+    OUTPUT ${src_1} ${src_2} ${hdr_1} ${hdr_2}
+    COMMAND protobuf::protoc
+    ARGS --grpc_out=${GRPC_GEN_DIR}
+         --cpp_out=${GRPC_GEN_DIR}
+         --plugin=protoc-gen-grpc=$<TARGET_FILE:gRPC::grpc_cpp_plugin>
+         -I ${_proto_inc} -I ${_rel_dir}
+         ${_abs_file}
+    DEPENDS ${_abs_file} protobuf::protoc gRPC::grpc_cpp_plugin
+    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+    COMMENT "Running gRPC C++ protocol buffer compiler on ${file}"
+    VERBATIM)
+    set_source_files_properties(${src_1} ${src_2} ${hdr_1} ${hdr_2} PROPERTIES GENERATED TRUE)
+    list(APPEND GRPC_PROTO_SRCS ${src_1} ${src_2})
+    list(APPEND GRPC_PROTO_HDRS ${hdr_1} ${hdr_2})
+endforeach()
+
+add_library(grpc_pbufs STATIC ${GRPC_PROTO_SRCS} ${GRPC_PROTO_HDRS})
+#target_include_directories(grpc_pbufs PRIVATE src)
+target_include_directories(grpc_pbufs SYSTEM PUBLIC ${GRPC_GEN_DIR})
+target_link_libraries(grpc_pbufs
+  "gRPC::grpc++"
+  # libgrpc is missing references.
+  absl::random_random
+)
+target_compile_options(grpc_pbufs
+  PRIVATE
+    $<$<BOOL:${MSVC}>:-wd4065>
+    $<$<NOT:$<BOOL:${MSVC}>>:-Wno-deprecated-declarations>
+  PUBLIC
+    $<$<BOOL:${MSVC}>:-wd4996>
+    $<$<BOOL:${XCODE}>:
+      --system-header-prefix="google/protobuf"
+      -Wno-deprecated-dynamic-exception-spec
+    >)
+add_library(Ripple::grpc_pbufs ALIAS grpc_pbufs)

Builds/CMake/deps/Boost.cmake

@@ -1,14 +1,16 @@
 #[===================================================================[
    NIH dep: boost
 #]===================================================================]
-
 if((NOT DEFINED BOOST_ROOT) AND(DEFINED ENV{BOOST_ROOT}))
   set(BOOST_ROOT $ENV{BOOST_ROOT})
 endif()
+if((NOT DEFINED BOOST_LIBRARYDIR) AND(DEFINED ENV{BOOST_LIBRARYDIR}))
+  set(BOOST_LIBRARYDIR $ENV{BOOST_LIBRARYDIR})
+endif()
 file(TO_CMAKE_PATH "${BOOST_ROOT}" BOOST_ROOT)
 if(WIN32 OR CYGWIN)
   # Workaround for MSVC having two boost versions - x86 and x64 on same PC in stage folders
-  if(DEFINED BOOST_ROOT)
+  if((NOT DEFINED BOOST_LIBRARYDIR) AND (DEFINED BOOST_ROOT))
     if(IS_DIRECTORY ${BOOST_ROOT}/stage64/lib)
       set(BOOST_LIBRARYDIR ${BOOST_ROOT}/stage64/lib)
     elseif(IS_DIRECTORY ${BOOST_ROOT}/stage/lib)
@@ -44,7 +46,7 @@ else()
 endif()
 # TBD:
 # Boost_USE_DEBUG_RUNTIME:  When ON, uses Boost libraries linked against the
-find_package(Boost 1.70 REQUIRED
+find_package(Boost 1.86 REQUIRED
   COMPONENTS
     chrono
     container
@@ -55,6 +57,7 @@ find_package(Boost 1.70 REQUIRED
     program_options
     regex
     system
+    iostreams
     thread)
 
 add_library(ripple_boost INTERFACE)
@@ -74,6 +77,7 @@ target_link_libraries(ripple_boost
     Boost::coroutine
     Boost::date_time
     Boost::filesystem
+    Boost::iostreams
     Boost::program_options
     Boost::regex
     Boost::system

Builds/CMake/deps/FindBoost.cmake

@@ -248,6 +248,7 @@ include(FindPackageHandleStandardArgs)
 # Save project's policies
 cmake_policy(PUSH)
 cmake_policy(SET CMP0057 NEW) # if IN_LIST
+#cmake_policy(SET CMP0144 NEW)
 
 #-------------------------------------------------------------------------------
 # Before we go searching, check whether a boost cmake package is available, unless
@@ -969,7 +970,24 @@ function(_Boost_COMPONENT_DEPENDENCIES component _ret)
       set(_Boost_WAVE_DEPENDENCIES filesystem serialization thread chrono date_time atomic)
       set(_Boost_WSERIALIZATION_DEPENDENCIES serialization)
     endif()
-    if(NOT Boost_VERSION_STRING VERSION_LESS 1.77.0)
+    
+    # Special handling for Boost 1.86.0 and higher
+    if(NOT Boost_VERSION_STRING VERSION_LESS 1.86.0)
+      # Explicitly set these for Boost 1.86
+      set(_Boost_IOSTREAMS_DEPENDENCIES "")  # No dependencies for iostreams in 1.86
+      
+      # Debug output to help diagnose the issue
+      if(Boost_DEBUG)
+        message(STATUS "Using special dependency settings for Boost 1.86.0+")
+        message(STATUS "Component: ${component}, uppercomponent: ${uppercomponent}")
+        message(STATUS "Boost_VERSION_STRING: ${Boost_VERSION_STRING}")
+        message(STATUS "BOOST_ROOT: $ENV{BOOST_ROOT}")
+        message(STATUS "BOOST_LIBRARYDIR: $ENV{BOOST_LIBRARYDIR}")
+      endif()
+    endif()
+    
+    # Only show warning for versions beyond what we've defined
+    if(NOT Boost_VERSION_STRING VERSION_LESS 1.87.0)
       message(WARNING "New Boost version may have incorrect or missing dependencies and imported targets")
     endif()
   endif()
@@ -1879,6 +1897,18 @@ foreach(COMPONENT ${Boost_FIND_COMPONENTS})
     list(INSERT _boost_LIBRARY_SEARCH_DIRS_RELEASE 0 ${Boost_LIBRARY_DIR_DEBUG})
   endif()
 
+  if(NOT Boost_VERSION_STRING VERSION_LESS 1.86.0)
+    if(BOOST_LIBRARYDIR AND EXISTS "${BOOST_LIBRARYDIR}")
+      # Clear existing search paths and use only BOOST_LIBRARYDIR 
+      set(_boost_LIBRARY_SEARCH_DIRS_RELEASE "${BOOST_LIBRARYDIR}" NO_DEFAULT_PATH)
+      set(_boost_LIBRARY_SEARCH_DIRS_DEBUG "${BOOST_LIBRARYDIR}" NO_DEFAULT_PATH)
+        
+      if(Boost_DEBUG)
+        message(STATUS "Boost 1.86: Setting library search dirs to BOOST_LIBRARYDIR: ${BOOST_LIBRARYDIR}")
+      endif()
+    endif()
+  endif()
+
   # Avoid passing backslashes to _Boost_FIND_LIBRARY due to macro re-parsing.
   string(REPLACE "\\" "/" _boost_LIBRARY_SEARCH_DIRS_tmp "${_boost_LIBRARY_SEARCH_DIRS_RELEASE}")
 

Builds/CMake/deps/WasmEdge.cmake

@@ -81,4 +81,4 @@ if(XAR_LIBRARY)
 else()
   message(WARNING "xar library not found... (only important for mac builds)")
 endif()
-add_library (NIH::WasmEdge ALIAS wasmedge)
+add_library (wasmedge::wasmedge ALIAS wasmedge)

Builds/CMake/deps/gRPC.cmake

@@ -74,7 +74,11 @@ else ()
       if (NOT _location)
         message (FATAL_ERROR "using pkg-config for grpc, can't find c-ares")
       endif ()
-      add_library (c-ares::cares ${_static} IMPORTED GLOBAL)
+      if(${_location} MATCHES "\\.a$")
+        add_library(c-ares::cares STATIC IMPORTED GLOBAL)
+      else()
+        add_library(c-ares::cares SHARED IMPORTED GLOBAL)
+      endif()      
       set_target_properties (c-ares::cares PROPERTIES
         IMPORTED_LOCATION ${_location}
         INTERFACE_INCLUDE_DIRECTORIES "${${_prefix}_INCLUDE_DIRS}"
@@ -204,6 +208,7 @@ else ()
       CMAKE_ARGS
         -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
         -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+        -DCMAKE_CXX_STANDARD=17
         $<$<BOOL:${CMAKE_VERBOSE_MAKEFILE}>:-DCMAKE_VERBOSE_MAKEFILE=ON>
         $<$<BOOL:${CMAKE_TOOLCHAIN_FILE}>:-DCMAKE_TOOLCHAIN_FILE=${CMAKE_TOOLCHAIN_FILE}>
         $<$<BOOL:${VCPKG_TARGET_TRIPLET}>:-DVCPKG_TARGET_TRIPLET=${VCPKG_TARGET_TRIPLET}>

Builds/Test.py

@@ -1,405 +0,0 @@
-#!/usr/bin/env python
-
-#    This file is part of rippled: https://github.com/ripple/rippled
-#    Copyright (c) 2012 - 2017 Ripple Labs Inc.
-#
-#    Permission to use, copy, modify, and/or distribute this software for any
-#    purpose  with  or without fee is hereby granted, provided that the above
-#    copyright notice and this permission notice appear in all copies.
-#
-#    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-#    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
-#    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-#    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-#    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
-#    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-#    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-"""
-Invocation:
-
-    ./Builds/Test.py - builds and tests all configurations
-
-The build must succeed without shell aliases for this to work.
-
-To pass flags to cmake, put them at the very end of the command line, after
-the -- flag - like this:
-
-    ./Builds/Test.py -- -j4  # Pass -j4 to cmake --build
-
-
-Common problems:
-
-1) Boost not found. Solution: export BOOST_ROOT=[path to boost folder]
-
-2) OpenSSL not found. Solution: export OPENSSL_ROOT=[path to OpenSSL folder]
-
-3) cmake is not found. Solution: Be sure cmake directory is on your $PATH
-
-"""
-from __future__ import absolute_import, division, print_function, unicode_literals
-
-import argparse
-import itertools
-import os
-import platform
-import re
-import shutil
-import sys
-import subprocess
-
-
-def powerset(iterable):
-    """powerset([1,2,3]) --> () (1,) (2,) (3,) (1,2) (1,3) (2,3) (1,2,3)"""
-    s = list(iterable)
-    return itertools.chain.from_iterable(itertools.combinations(s, r) for r in range(len(s) + 1))
-
-IS_WINDOWS = platform.system().lower() == 'windows'
-IS_OS_X = platform.system().lower() == 'darwin'
-
-# CMake
-if IS_WINDOWS:
-    CMAKE_UNITY_CONFIGS = ['Debug', 'Release']
-    CMAKE_NONUNITY_CONFIGS = ['Debug', 'Release']
-else:
-    CMAKE_UNITY_CONFIGS = []
-    CMAKE_NONUNITY_CONFIGS = []
-CMAKE_UNITY_COMBOS = { '' : [['rippled'], CMAKE_UNITY_CONFIGS],
-    '.nounity' : [['rippled'], CMAKE_NONUNITY_CONFIGS] }
-
-if IS_WINDOWS:
-    CMAKE_DIR_TARGETS = { ('msvc' + unity,) : targets for unity, targets in
-        CMAKE_UNITY_COMBOS.items() }
-elif IS_OS_X:
-    CMAKE_DIR_TARGETS = { (build + unity,) : targets
-                   for build in ['debug', 'release']
-                   for unity, targets in CMAKE_UNITY_COMBOS.items() }
-else:
-    CMAKE_DIR_TARGETS = { (cc + "." + build + unity,) : targets
-                   for cc in ['gcc', 'clang']
-                   for build in ['debug', 'release', 'coverage', 'profile']
-                   for unity, targets in CMAKE_UNITY_COMBOS.items() }
-
-# list of tuples of all possible options
-if IS_WINDOWS or IS_OS_X:
-    CMAKE_ALL_GENERATE_OPTIONS = [tuple(x) for x in powerset(['-GNinja', '-Dassert=true'])]
-else:
-    CMAKE_ALL_GENERATE_OPTIONS = list(set(
-        [tuple(x) for x in powerset(['-GNinja', '-Dstatic=true', '-Dassert=true', '-Dsan=address'])] +
-        [tuple(x) for x in powerset(['-GNinja', '-Dstatic=true', '-Dassert=true', '-Dsan=thread'])]))
-
-parser = argparse.ArgumentParser(
-    description='Test.py - run ripple tests'
-)
-
-parser.add_argument(
-    '--all', '-a',
-    action='store_true',
-    help='Build all configurations.',
-)
-
-parser.add_argument(
-    '--keep_going', '-k',
-    action='store_true',
-    help='Keep going after one configuration has failed.',
-)
-
-parser.add_argument(
-    '--silent', '-s',
-    action='store_true',
-    help='Silence all messages except errors',
-)
-
-parser.add_argument(
-    '--verbose', '-v',
-    action='store_true',
-    help=('Report more information about which commands are executed and the '
-          'results.'),
-)
-
-parser.add_argument(
-    '--test', '-t',
-    default='',
-    help='Add a prefix for unit tests',
-)
-
-parser.add_argument(
-    '--testjobs',
-    default='0',
-    type=int,
-    help='Run tests in parallel'
-)
-
-parser.add_argument(
-    '--ipv6',
-    action='store_true',
-    help='Use IPv6 localhost when running unit tests.',
-)
-
-parser.add_argument(
-    '--clean', '-c',
-    action='store_true',
-    help='delete all build artifacts after testing',
-)
-
-parser.add_argument(
-    '--quiet', '-q',
-    action='store_true',
-    help='Reduce output where possible (unit tests)',
-)
-
-parser.add_argument(
-    '--dir', '-d',
-    default=(),
-    nargs='*',
-    help='Specify one or more CMake dir names. '
-        'Will also be used as -Dtarget=<dir> running cmake.'
-)
-
-parser.add_argument(
-    '--target',
-    default=(),
-    nargs='*',
-    help='Specify one or more CMake build targets. '
-        'Will be used as --target <target> running cmake --build.'
-    )
-
-parser.add_argument(
-    '--config',
-    default=(),
-    nargs='*',
-    help='Specify one or more CMake build configs. '
-        'Will be used as --config <config> running cmake --build.'
-    )
-
-parser.add_argument(
-    '--generator_option',
-    action='append',
-    help='Specify a CMake generator option. Repeat for multiple options. '
-        'Will be passed to the cmake generator. '
-        'Due to limits of the argument parser, arguments starting with \'-\' '
-        'must be attached to this option. e.g. --generator_option=-GNinja.')
-
-parser.add_argument(
-    '--build_option',
-    action='append',
-    help='Specify a build option. Repeat for multiple options. '
-        'Will be passed to the build tool via cmake --build. '
-        'Due to limits of the argument parser, arguments starting with \'-\' '
-        'must be attached to this option. e.g. --build_option=-j8.')
-
-parser.add_argument(
-    'extra_args',
-    default=(),
-    nargs='*',
-    help='Extra arguments are passed through to the tools'
-)
-
-ARGS = parser.parse_args()
-
-def decodeString(line):
-    # Python 2 vs. Python 3
-    if isinstance(line, str):
-        return line
-    else:
-        return line.decode()
-
-def shell(cmd, args=(), silent=False, cust_env=None):
-    """"Execute a shell command and return the output."""
-    silent = ARGS.silent or silent
-    verbose = not silent and ARGS.verbose
-    if verbose:
-        print('$' + cmd, *args)
-
-    command = (cmd,) + args
-
-    # shell is needed in Windows to find executable in the path
-    process = subprocess.Popen(
-        command,
-        stdin=subprocess.PIPE,
-        stdout=subprocess.PIPE,
-        stderr=subprocess.STDOUT,
-        env=cust_env,
-        shell=IS_WINDOWS)
-    lines = []
-    count = 0
-    # readline returns '' at EOF
-    for line in iter(process.stdout.readline, ''):
-        if process.poll() is None:
-            decoded = decodeString(line)
-            lines.append(decoded)
-            if verbose:
-                print(decoded, end='')
-            elif not silent:
-                count += 1
-                if count >= 80:
-                    print()
-                    count = 0
-                else:
-                    print('.', end='')
-        else:
-            break
-
-    if not verbose and count:
-        print()
-    process.wait()
-    return process.returncode, lines
-
-def get_cmake_dir(cmake_dir):
-    return os.path.join('build' , 'cmake' , cmake_dir)
-
-def run_cmake(directory, cmake_dir, args):
-    print('Generating build in', directory, 'with', *args or ('default options',))
-    old_dir = os.getcwd()
-    if not os.path.exists(directory):
-        os.makedirs(directory)
-    os.chdir(directory)
-    if IS_WINDOWS and not any(arg.startswith("-G") for arg in args) and not os.path.exists("CMakeCache.txt"):
-        if '--ninja' in args:
-            args += ( '-GNinja', )
-        else:
-            args += ( '-GVisual Studio 14 2015 Win64', )
-    # hack to extract cmake options/args from the legacy target format
-    if re.search('\.unity', cmake_dir):
-        args += ( '-Dunity=ON', )
-    if re.search('\.nounity', cmake_dir):
-        args += ( '-Dunity=OFF', )
-    if re.search('coverage', cmake_dir):
-        args += ( '-Dcoverage=ON', )
-    if re.search('profile', cmake_dir):
-        args += ( '-Dprofile=ON', )
-    if re.search('debug', cmake_dir):
-        args += ( '-DCMAKE_BUILD_TYPE=Debug', )
-    if re.search('release', cmake_dir):
-        args += ( '-DCMAKE_BUILD_TYPE=Release', )
-    m = re.search('gcc(-[^.]*)', cmake_dir)
-    if m:
-        args += ( '-DCMAKE_C_COMPILER=' + m.group(0),
-          '-DCMAKE_CXX_COMPILER=g++' + m.group(1), )
-    elif re.search('gcc', cmake_dir):
-        args += ( '-DCMAKE_C_COMPILER=gcc', '-DCMAKE_CXX_COMPILER=g++', )
-    m = re.search('clang(-[^.]*)', cmake_dir)
-    if m:
-        args += ( '-DCMAKE_C_COMPILER=' + m.group(0),
-          '-DCMAKE_CXX_COMPILER=clang++' + m.group(1), )
-    elif re.search('clang', cmake_dir):
-        args += ( '-DCMAKE_C_COMPILER=clang', '-DCMAKE_CXX_COMPILER=clang++', )
-
-    args += ( os.path.join('..', '..', '..'), )
-    resultcode, lines = shell('cmake', args)
-
-    if resultcode:
-        print('Generating FAILED:')
-        if not ARGS.verbose:
-            print(*lines, sep='')
-        sys.exit(1)
-
-    os.chdir(old_dir)
-
-def run_cmake_build(directory, target, config, args):
-    print('Building', target, config, 'in', directory, 'with', *args or ('default options',))
-    build_args=('--build', directory)
-    if target:
-      build_args += ('--target', target)
-    if config:
-      build_args += ('--config', config)
-    if args:
-        build_args += ('--',)
-        build_args += tuple(args)
-    resultcode, lines = shell('cmake', build_args)
-
-    if resultcode:
-        print('Build FAILED:')
-        if not ARGS.verbose:
-            print(*lines, sep='')
-        sys.exit(1)
-
-def run_cmake_tests(directory, target, config):
-    failed = []
-    if IS_WINDOWS:
-        target += '.exe'
-    executable = os.path.join(directory, config if config else 'Debug', target)
-    if(not os.path.exists(executable)):
-        executable = os.path.join(directory, target)
-    print('Unit tests for', executable)
-    testflag = '--unittest'
-    quiet = ''
-    testjobs = ''
-    ipv6 = ''
-    if ARGS.test:
-        testflag += ('=' + ARGS.test)
-    if ARGS.quiet:
-        quiet = '-q'
-    if ARGS.ipv6:
-        ipv6 = '--unittest-ipv6'
-    if ARGS.testjobs:
-        testjobs = ('--unittest-jobs=' + str(ARGS.testjobs))
-    resultcode, lines = shell(executable, (testflag, quiet, testjobs, ipv6))
-
-    if resultcode:
-        if not ARGS.verbose:
-            print('ERROR:', *lines, sep='')
-        failed.append([target, 'unittest'])
-
-    return failed
-
-def main():
-    all_failed = []
-    if ARGS.all:
-        build_dir_targets = CMAKE_DIR_TARGETS
-        generator_options = CMAKE_ALL_GENERATE_OPTIONS
-    else:
-        build_dir_targets = { tuple(ARGS.dir) : [ARGS.target, ARGS.config] }
-        if ARGS.generator_option:
-            generator_options = [tuple(ARGS.generator_option)]
-        else:
-            generator_options = [tuple()]
-
-    if not build_dir_targets:
-        # Let CMake choose the build tool.
-        build_dir_targets = { () : [] }
-
-    if ARGS.build_option:
-        ARGS.build_option = ARGS.build_option + list(ARGS.extra_args)
-    else:
-        ARGS.build_option = list(ARGS.extra_args)
-
-    for args in generator_options:
-        for build_dirs, (build_targets, build_configs) in build_dir_targets.items():
-            if not build_dirs:
-                build_dirs = ('default',)
-            if not build_targets:
-                build_targets = ('rippled',)
-            if not build_configs:
-                build_configs = ('',)
-            for cmake_dir in build_dirs:
-                cmake_full_dir = get_cmake_dir(cmake_dir)
-                run_cmake(cmake_full_dir, cmake_dir, args)
-
-                for target in build_targets:
-                    for config in build_configs:
-                        run_cmake_build(cmake_full_dir, target, config, ARGS.build_option)
-                        failed = run_cmake_tests(cmake_full_dir, target, config)
-
-                        if failed:
-                            print('FAILED:', *(':'.join(f) for f in failed))
-                            if not ARGS.keep_going:
-                                sys.exit(1)
-                            else:
-                                all_failed.extend([decodeString(cmake_dir +
-                                        "." + target + "." + config), ':'.join(f)]
-                                    for f in failed)
-                        else:
-                            print('Success')
-                if ARGS.clean:
-                    shutil.rmtree(cmake_full_dir)
-
-    if all_failed:
-        if len(all_failed) > 1:
-            print()
-            print('FAILED:', *(':'.join(f) for f in all_failed))
-        sys.exit(1)
-
-if __name__ == '__main__':
-    main()
-    sys.exit(0)

Builds/VisualStudio2017/README.md

@@ -1 +0,0 @@
-[Build instructions are currently located in `BUILD.md`](../../BUILD.md)

Builds/VisualStudio2019/CMakeSettings-example.json

@@ -1,45 +0,0 @@
-{
-  // See https://go.microsoft.com//fwlink//?linkid=834763 for more information about this file.
-  "configurations": [
-    {
-      "name": "x64-Debug",
-      "generator": "Visual Studio 16 2019",
-      "configurationType": "Debug",
-      "inheritEnvironments": [ "msvc_x64_x64" ],
-      "buildRoot": "${thisFileDir}\\build\\${name}",
-      "cmakeCommandArgs": "",
-      "buildCommandArgs": "-v:minimal",
-      "ctestCommandArgs": "",
-      "variables": [
-        {
-          "name": "BOOST_ROOT",
-          "value": "C:\\lib\\boost"
-        },
-        {
-          "name": "OPENSSL_ROOT",
-          "value": "C:\\lib\\OpenSSL-Win64"
-        }
-      ]
-    },
-    {
-      "name": "x64-Release",
-      "generator": "Visual Studio 16 2019",
-      "configurationType": "Release",
-      "inheritEnvironments": [ "msvc_x64_x64" ],
-      "buildRoot": "${thisFileDir}\\build\\${name}",
-      "cmakeCommandArgs": "",
-      "buildCommandArgs": "-v:minimal",
-      "ctestCommandArgs": "",
-      "variables": [
-        {
-          "name": "BOOST_ROOT",
-          "value": "C:\\lib\\boost"
-        },
-        {
-          "name": "OPENSSL_ROOT",
-          "value": "C:\\lib\\OpenSSL-Win64"
-        }
-      ]
-    }
-  ]
-}

Builds/VisualStudio2019/README.md

@@ -1,263 +0,0 @@
-# Visual Studio 2019 Build Instructions
-
-## Important
-
-We do not recommend Windows for rippled production use at this time. Currently,
-the Ubuntu platform has received the highest level of quality assurance,
-testing, and support. Additionally, 32-bit Windows versions are not supported.
-
-## Prerequisites
-
-To clone the source code repository, create branches for inspection or
-modification, build rippled under Visual Studio, and run the unit tests you will
-need these software components
-
-| Component | Minimum Recommended Version |
-|-----------|-----------------------|
-| [Visual Studio 2019](README.md#install-visual-studio-2019)| 15.5.4 |
-| [Git for Windows](README.md#install-git-for-windows)| 2.16.1 |
-| [OpenSSL Library](README.md#install-openssl) | 1.1.1L |
-| [Boost library](README.md#build-boost) | 1.70.0 |
-| [CMake for Windows](README.md#optional-install-cmake-for-windows)* | 3.12 |
-
-\* Only needed if not using the integrated CMake in VS 2019 and prefer generating dedicated project/solution files.
-
-## Install Software
-
-### Install Visual Studio 2019
-
-If not already installed on your system, download your choice of installer from
-the [Visual Studio 2019
-Download](https://www.visualstudio.com/downloads/download-visual-studio-vs)
-page, run the installer, and follow the directions. **You may need to choose the
-`Desktop development with C++` workload to install all necessary C++ features.**
-
-Any version of Visual Studio 2019 may be used to build rippled. The **Visual
-Studio 2019 Community** edition is available free of charge (see [the product
-page](https://www.visualstudio.com/products/visual-studio-community-vs) for
-licensing details), while paid editions may be used for an initial free-trial
-period.
-
-### Install Git for Windows
-
-Git is a distributed revision control system. The Windows version also provides
-the bash shell and many Windows versions of Unix commands. While there are other
-varieties of Git (such as TortoiseGit, which has a native Windows interface and
-integrates with the Explorer shell), we recommend installing [Git for
-Windows](https://git-scm.com/) since it provides a Unix-like command line
-environment useful for running shell scripts. Use of the bash shell under
-Windows is mandatory for running the unit tests.
-
-### Install OpenSSL
-
-[Download the latest version of
-OpenSSL.](http://slproweb.com/products/Win32OpenSSL.html) There will
-several `Win64` bit variants available, you want the non-light
-`v1.1` line. As of this writing, you **should** select
-
-* Win64 OpenSSL v1.1.1q
-
-and should **not** select
-
-* Anything with "Win32" in the name
-* Anything with "light" in the name
-* Anything with "EXPERIMENTAL" in the name
-* Anything in the 3.0 line - rippled won't currently build with this version.
-
-Run the installer, and choose an appropriate location for your OpenSSL
-installation. In this guide we use `C:\lib\OpenSSL-Win64` as the destination
-location.
-
-You may be informed on running the installer that "Visual C++ 2008
-Redistributables" must first be installed first. If so, download it from the
-[same page](http://slproweb.com/products/Win32OpenSSL.html), again making sure
-to get the correct 32-/64-bit variant.
-
-* NOTE: Since rippled links statically to OpenSSL, it does not matter where the
-  OpenSSL .DLL files are placed, or what version they are. rippled does not use
-  or require any external .DLL files to run other than the standard operating
-  system ones.
-
-### Build Boost
-
-Boost 1.70 or later is required.
-
-[Download boost](http://www.boost.org/users/download/) and unpack it
-to `c:\lib`. As of this writing, the most recent version of boost is 1.80.0,
-which will unpack into a directory named `boost_1_80_0`. We recommended either
-renaming this directory to `boost`, or creating a junction link `mklink /J boost
-boost_1_80_0`, so that you can more easily switch between versions.
-
-Next, open **Developer Command Prompt** and type the following commands
-
-```powershell
-cd C:\lib\boost
-bootstrap
-```
-
-The rippled application is linked statically to the standard runtimes and
-external dependencies on Windows, to ensure that the behavior of the executable
-is not affected by changes in outside files. Therefore, it is necessary to build
-the required boost static libraries using this command:
-
-```powershell
-b2 -j<Num Parallel> --toolset=msvc-14.2 address-model=64 architecture=x86 link=static threading=multi runtime-link=shared,static stage
-```
-
-where you should replace `<Num Parallel>` with the number of parallel
-invocations to use build, e.g. `bjam -j8 ...` would use up to 8 concurrent build
-shell commands for the build.
-
-Building the boost libraries may take considerable time. When the build process
-is completed, take note of both the reported compiler include paths and linker
-library paths as they will be required later.
-
-### (Optional) Install CMake for Windows
-
-[CMake](http://cmake.org) is a cross platform build system generator. Visual
-Studio 2019 includes an integrated version of CMake that avoids having to
-manually run CMake, but it is undergoing continuous improvement. Users that
-prefer to use standard Visual Studio project and solution files need to install
-a dedicated version of CMake to generate them.  The latest version can be found
-at the [CMake download site](https://cmake.org/download/). It is recommended you
-select the install option to add CMake to your path.
-
-## Clone the rippled repository
-
-If you are familiar with cloning github repositories, just follow your normal
-process and clone `git@github.com:ripple/rippled.git`. Otherwise follow this
-section for instructions.
-
-1. If you don't have a github account, sign up for one at
-   [github.com](https://github.com/).
-2. Make sure you have Github ssh keys. For help see
-   [generating-ssh-keys](https://help.github.com/articles/generating-ssh-keys).
-
-Open the "Git Bash" shell that was installed with "Git for Windows" in the step
-above. Navigate to the directory where you want to clone rippled (git bash uses
-`/c` for windows's `C:` and forward slash where windows uses backslash, so
-`C:\Users\joe\projs` would be `/c/Users/joe/projs` in git bash). Now clone the
-repository and optionally switch to the *master* branch. Type the following at
-the bash prompt:
-
-```powershell
-git clone git@github.com:XRPLF/rippled.git
-cd rippled
-```
-If you receive an error about not having the "correct access rights" make sure
-you have Github ssh keys, as described above.
-
-For a stable release, choose the `master` branch or one of the tagged releases
-listed on [rippled's GitHub page](https://github.com/ripple/rippled/releases).
-
-```
-git checkout master
-```
-
-To test the latest release candidate, choose the `release` branch.
-
-```
-git checkout release
-```
-
-If you are doing development work and want the latest set of beta features,
-you can consider using the `develop` branch instead.
-
-```
-git checkout develop
-```
-
-# Build using Visual Studio integrated CMake
-
-In Visual Studio 2017, Microsoft added [integrated IDE support for
-cmake](https://blogs.msdn.microsoft.com/vcblog/2016/10/05/cmake-support-in-visual-studio/).
-To begin, simply:
-
-1. Launch Visual Studio and choose **File | Open | Folder**, navigating to the
-   cloned rippled folder.
-2. Right-click on `CMakeLists.txt` in the **Solution Explorer - Folder View** to
-   generate a `CMakeSettings.json` file. A sample settings file is provided
-   [here](/Builds/VisualStudio2019/CMakeSettings-example.json). Customize the
-   settings for `BOOST_ROOT`, `OPENSSL_ROOT` to match the install paths if they
-   differ from those in the file.
-4. Select either the `x64-Release` or `x64-Debug` configuration from the
-   **Project Settings** drop-down. This should invoke the built-in CMake project
-   generator. If not, you can right-click on the `CMakeLists.txt` file and
-   choose **Configure rippled**.
-5. Select the `rippled.exe`
-   option in the **Select Startup Item** drop-down. This will be the target
-   built when you press F7. Alternatively, you can choose a target to build from
-   the top-level **CMake | Build** menu. Note that at this time, there are other
-   targets listed that come from third party visual studio files embedded in the
-   rippled repo, e.g. `datagen.vcxproj`. Please ignore them.
-
-For details on configuring debugging sessions or further customization of CMake,
-please refer to the [CMake tools for VS
-documentation](https://docs.microsoft.com/en-us/cpp/ide/cmake-tools-for-visual-cpp).
-
-If using the provided `CMakeSettings.json` file, the executable will be in
-```
-.\build\x64-Release\Release\rippled.exe
-```
-or
-```
-.\build\x64-Debug\Debug\rippled.exe
-```
-These paths are relative to your cloned git repository.
-
-# Build using stand-alone CMake
-
-This requires having installed [CMake for
-Windows](README.md#optional-install-cmake-for-windows). We do not recommend
-mixing this method with the integrated CMake method for the same repository
-clone. Assuming you included the cmake executable folder in your path,
-execute the following commands within your `rippled` cloned repository:
-
-```
-mkdir build\cmake
-cd build\cmake
-cmake ..\.. -G"Visual Studio 16 2019" -Ax64 -DBOOST_ROOT="C:\lib\boost" -DOPENSSL_ROOT="C:\lib\OpenSSL-Win64" -DCMAKE_GENERATOR_TOOLSET=host=x64
-```
-Now launch Visual Studio 2019 and select **File | Open | Project/Solution**.
-Navigate to the `build\cmake` folder created above and select the `rippled.sln`
-file. You can then choose whether to build the `Debug` or `Release` solution
-configuration.
-
-The executable will be in
-```
-.\build\cmake\Release\rippled.exe
-```
-or
-```
-.\build\cmake\Debug\rippled.exe
-```
-These paths are relative to your cloned git repository.
-
-# Unity/No-Unity Builds
-
-The rippled build system defaults to using
-[unity source files](http://onqtam.com/programming/2018-07-07-unity-builds/)
-to improve build times. In some cases it might be desirable to disable the
-unity build and compile individual translation units. Here is how you can
-switch to a "no-unity" build configuration:
-
-## Visual Studio Integrated CMake
-
-Edit your `CmakeSettings.json` (described above) by adding `-Dunity=OFF`
-to the `cmakeCommandArgs` entry for each build configuration.
-
-## Standalone CMake Builds
-
-When running cmake to generate the Visual Studio project files, add
-`-Dunity=OFF` to the command line options passed to cmake.
-
-**Note:** you will need to re-run the cmake configuration step anytime you
-want to switch between unity/no-unity builds.
-
-# Unit Test (Recommended)
-
-`rippled` builds a set of unit tests into the server executable. To run these
-unit tests after building, pass the `--unittest` option to the compiled
-`rippled` executable. The executable will exit with summary info after running
-the unit tests.
-

Builds/build_all.sh

@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-num_procs=$(lscpu -p | grep -v '^#' | sort -u -t, -k 2,4 | wc -l) # number of physical cores
-
-path=$(cd $(dirname $0) && pwd)
-cd $(dirname $path)
-${path}/Test.py -a -c --testjobs=${num_procs} -- -j${num_procs}

Builds/containers/README.md

@@ -1,31 +0,0 @@
-
-# rippled Packaging and Containers
-
-This folder contains docker container definitions and configuration
-files to support building rpm and deb packages of rippled. The container
-definitions include some additional software/packages that are used
-for general build/test CI workflows of rippled but are not explicitly
-needed for the package building workflow.
-
-## CMake Targets
-
-If you have docker installed on your local system, then the main 
-CMake file will enable several targets related to building packages:
-`rpm_container`, `rpm`, `dpkg_container`, and `dpkg`. The package targets
-depend on the container targets and will trigger a build of those first.
-The container builds can take several dozen minutes to complete (depending
-on hardware specs), so quick build cycles are not possible currently. As
-such, these targets are often best suited to CI/automated build systems.
-
-The package build can be invoked like any other cmake target from the 
-rippled root folder:
-```
-mkdir -p build/pkg && cd build/pkg
-cmake -Dpackages_only=ON ../..
-cmake --build . --target rpm
-```
-Upon successful completion, the generated package files will be in 
-the `build/pkg/packages` directory. For deb packages, simply replace
-`rpm` with `dpkg` in the build command above.
-
-

Builds/containers/centos-builder/Dockerfile

@@ -1,26 +0,0 @@
-FROM rippleci/centos:7
-ARG GIT_COMMIT=unknown
-ARG CI_USE=false
-
-LABEL git-commit=$GIT_COMMIT
-
-COPY centos-builder/centos_setup.sh /tmp/
-COPY shared/install_cmake.sh /tmp/
-RUN chmod +x /tmp/centos_setup.sh && \
-    chmod +x /tmp/install_cmake.sh
-RUN /tmp/centos_setup.sh
-
-RUN /tmp/install_cmake.sh 3.16.3 /opt/local/cmake-3.16
-RUN ln -s /opt/local/cmake-3.16 /opt/local/cmake
-ENV PATH="/opt/local/cmake/bin:$PATH"
-# TODO: Install latest CMake for testing
-RUN if [ "${CI_USE}" = true ] ; then /tmp/install_cmake.sh 3.16.3 /opt/local/cmake-3.16; fi
-
-RUN mkdir -m 777 -p /opt/rippled_bld/pkg
-
-WORKDIR /opt/rippled_bld/pkg
-RUN mkdir -m 777 ./rpmbuild
-RUN mkdir -m 777 ./rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
-
-COPY packaging/rpm/build_rpm.sh ./
-CMD ./build_rpm.sh

Builds/containers/centos-builder/centos_setup.sh

@@ -1,22 +0,0 @@
-#!/usr/bin/env bash
-set -ex
-
-source /etc/os-release
-
-yum -y upgrade
-yum -y update
-yum -y install epel-release centos-release-scl
-yum -y install \
-    wget curl time gcc-c++ yum-utils autoconf automake pkgconfig libtool \
-    libstdc++-static rpm-build gnupg which make cmake \
-    devtoolset-11 devtoolset-11-gdb devtoolset-11-binutils devtoolset-11-libstdc++-devel \
-    devtoolset-11-libasan-devel devtoolset-11-libtsan-devel devtoolset-11-libubsan-devel devtoolset-11-liblsan-devel \
-    flex flex-devel bison bison-devel parallel \
-    ncurses ncurses-devel ncurses-libs graphviz graphviz-devel \
-    lzip p7zip bzip2 bzip2-devel lzma-sdk lzma-sdk-devel xz-devel \
-    zlib zlib-devel zlib-static texinfo openssl openssl-static \
-    jemalloc jemalloc-devel \
-    libicu-devel htop \
-    rh-python38 \
-    ninja-build git svn \
-    swig perl-Digest-MD5

Builds/containers/gitlab-ci/build_container.sh

@@ -1,28 +0,0 @@
-#!/usr/bin/env sh
-set -ex
-pkgtype=$1
-if [ "${pkgtype}" = "rpm" ] ; then
-    container_name="${RPM_CONTAINER_NAME}"
-elif [ "${pkgtype}" = "dpkg" ] ; then
-    container_name="${DPKG_CONTAINER_NAME}"
-else
-    echo "invalid package type"
-    exit 1
-fi
-
-if docker pull "${ARTIFACTORY_HUB}/${container_name}:latest_${CI_COMMIT_REF_SLUG}"; then
-    echo "found container for latest - using as cache."
-    docker tag \
-       "${ARTIFACTORY_HUB}/${container_name}:latest_${CI_COMMIT_REF_SLUG}" \
-       "${container_name}:latest_${CI_COMMIT_REF_SLUG}"
-    CMAKE_EXTRA="-D${pkgtype}_cache_from=${container_name}:latest_${CI_COMMIT_REF_SLUG}"
-fi
-
-cmake --version
-test -d build && rm -rf build
-mkdir -p build/container && cd build/container
-eval time \
-    cmake -Dpackages_only=ON -DCMAKE_VERBOSE_MAKEFILE=ON ${CMAKE_EXTRA} \
-    -G Ninja ../..
-time cmake --build . --target "${pkgtype}_container" -- -v
-

Builds/containers/gitlab-ci/build_package.sh

@@ -1,28 +0,0 @@
-#!/usr/bin/env sh
-set -ex
-pkgtype=$1
-if [ "${pkgtype}" = "rpm" ] ; then
-    container_name="${RPM_CONTAINER_FULLNAME}"
-    container_tag="${RPM_CONTAINER_TAG}"
-elif [ "${pkgtype}" = "dpkg" ] ; then
-    container_name="${DPKG_CONTAINER_FULLNAME}"
-    container_tag="${DPKG_CONTAINER_TAG}"
-else
-    echo "invalid package type"
-    exit 1
-fi
-time docker pull "${ARTIFACTORY_HUB}/${container_name}"
-docker tag \
-  "${ARTIFACTORY_HUB}/${container_name}" \
-  "${container_name}"
-docker images
-test -d build && rm -rf build
-mkdir -p build/${pkgtype} && cd build/${pkgtype}
-time cmake \
-  -Dpackages_only=ON \
-  -Dcontainer_label="${container_tag}" \
-  -Dhave_package_container=ON \
-  -DCMAKE_VERBOSE_MAKEFILE=ON \
-  -Dunity=OFF \
-  -G Ninja ../..
-time cmake --build . --target ${pkgtype} -- -v

Builds/containers/gitlab-ci/docker_alpine_setup.sh

@@ -1,15 +0,0 @@
-#!/usr/bin/env sh
-set -e
-# used as a before/setup script for docker steps in gitlab-ci
-# expects to be run in standard alpine/dind image
-echo $(nproc)
-docker login -u rippled \
-    -p ${ARTIFACTORY_DEPLOY_KEY_RIPPLED} ${ARTIFACTORY_HUB}
-apk add --update py-pip
-apk add \
-    bash util-linux coreutils binutils grep \
-    make ninja cmake build-base gcc g++ abuild git \
-    python3 python3-dev
-pip3 install awscli
-# list curdir contents to build log:
-ls -la

Builds/containers/gitlab-ci/get_component.sh

@@ -1,16 +0,0 @@
-#!/usr/bin/env sh
-case ${CI_COMMIT_REF_NAME} in
-    develop)
-        export COMPONENT="nightly"
-        ;;
-    release)
-        export COMPONENT="unstable"
-        ;;
-    master)
-        export COMPONENT="stable"
-        ;;
-    *)
-        export COMPONENT="_unknown_"
-        ;;
-esac
-

Builds/containers/gitlab-ci/pkgbuild.yml

@@ -1,646 +0,0 @@
-#########################################################################
-##                                                                     ##
-##  gitlab CI defintition for rippled build containers and distro      ##
-##  packages (rpm and dpkg).                                           ##
-##                                                                     ##
-#########################################################################
-
-# NOTE: these are sensible defaults for Ripple pipelines. These
-# can be overridden by project or group variables as needed.
-variables:
-  # these containers are built manually using the rippled
-  # cmake build (container targets) and tagged/pushed so they
-  # can be used here
-  RPM_CONTAINER_TAG: "2023-02-13"
-  RPM_CONTAINER_NAME: "rippled-rpm-builder"
-  RPM_CONTAINER_FULLNAME: "${RPM_CONTAINER_NAME}:${RPM_CONTAINER_TAG}"
-  DPKG_CONTAINER_TAG: "2023-03-20"
-  DPKG_CONTAINER_NAME: "rippled-dpkg-builder"
-  DPKG_CONTAINER_FULLNAME: "${DPKG_CONTAINER_NAME}:${DPKG_CONTAINER_TAG}"
-  ARTIFACTORY_HOST: "artifactory.ops.ripple.com"
-  ARTIFACTORY_HUB: "${ARTIFACTORY_HOST}:6555"
-  GIT_SIGN_PUBKEYS_URL: "https://gitlab.ops.ripple.com/xrpledger/rippled-packages/snippets/49/raw"
-  PUBLIC_REPO_ROOT: "https://repos.ripple.com/repos"
-  # also need to define this variable ONLY for the primary
-  # build/publish pipeline on the mainline repo:
-  #   IS_PRIMARY_REPO = "true"
-
-stages:
-  - build_packages
-  - sign_packages
-  - smoketest
-  - verify_sig
-  - tag_images
-  - push_to_test
-  - verify_from_test
-  - wait_approval_prod
-  - push_to_prod
-  - verify_from_prod
-  - get_final_hashes
-  - build_containers
-
-.dind_template: &dind_param
-  before_script:
-    - . ./Builds/containers/gitlab-ci/docker_alpine_setup.sh
-  variables:
-    docker_driver: overlay2
-    DOCKER_TLS_CERTDIR: ""
-  image:
-    name: artifactory.ops.ripple.com/docker:latest
-  services:
-    # workaround for TLS issues - consider going back
-    # back to unversioned `dind` when issues are resolved
-    - name: artifactory.ops.ripple.com/docker:stable-dind
-      alias: docker
-  tags:
-    - 4xlarge
-
-.only_primary_template: &only_primary
-  only:
-    refs:
-      - /^(master|release|develop)$/
-    variables:
-      - $IS_PRIMARY_REPO == "true"
-
-.smoketest_local_template: &run_local_smoketest
-  tags:
-    - xlarge
-  script:
-    - . ./Builds/containers/gitlab-ci/smoketest.sh local
-
-.smoketest_repo_template: &run_repo_smoketest
-  tags:
-    - xlarge
-  script:
-    - . ./Builds/containers/gitlab-ci/smoketest.sh repo
-
-#########################################################################
-##                                                                     ##
-##  stage: build_packages                                              ##
-##                                                                     ##
-##  build packages using containers from previous stage.               ##
-##                                                                     ##
-#########################################################################
-
-rpm_build:
-  timeout: "1h 30m"
-  stage: build_packages
-  <<: *dind_param
-  artifacts:
-    paths:
-      - build/rpm/packages/
-  script:
-    - . ./Builds/containers/gitlab-ci/build_package.sh rpm
-
-dpkg_build:
-  timeout: "1h 30m"
-  stage: build_packages
-  <<: *dind_param
-  artifacts:
-    paths:
-      - build/dpkg/packages/
-  script:
-    - . ./Builds/containers/gitlab-ci/build_package.sh dpkg
-
-#########################################################################
-##                                                                     ##
-##  stage: sign_packages                                               ##
-##                                                                     ##
-##  build packages using containers from previous stage.               ##
-##                                                                     ##
-#########################################################################
-
-rpm_sign:
-  stage: sign_packages
-  dependencies:
-    - rpm_build
-  image:
-    name: artifactory.ops.ripple.com/centos:7
-  <<: *only_primary
-  before_script:
-  - |
-    # Make sure GnuPG is installed
-    yum -y install gnupg rpm-sign
-    # checking GPG signing support
-    if [ -n "$GPG_KEY_B64" ]; then
-      echo "$GPG_KEY_B64"| base64 -d | gpg --batch --no-tty --allow-secret-key-import --import -
-      unset GPG_KEY_B64
-      export GPG_PASSPHRASE=$(echo $GPG_KEY_PASS_B64 | base64 -di)
-      unset GPG_KEY_PASS_B64
-      export GPG_KEYID=$(gpg --with-colon --list-secret-keys | head -n1 | cut -d : -f 5)
-    else
-      echo -e "\033[0;31m****** GPG signing disabled ******\033[0m"
-      exit 1
-    fi
-  artifacts:
-    paths:
-      - build/rpm/packages/
-  script:
-    - ls -alh build/rpm/packages
-    - . ./Builds/containers/gitlab-ci/sign_package.sh rpm
-
-dpkg_sign:
-  stage: sign_packages
-  dependencies:
-    - dpkg_build
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:18.04
-  <<: *only_primary
-  before_script:
-  - |
-    # make sure we have GnuPG
-    apt update
-    apt install -y gpg dpkg-sig
-    # checking GPG signing support
-    if [ -n "$GPG_KEY_B64" ]; then
-      echo "$GPG_KEY_B64"| base64 -d | gpg --batch --no-tty --allow-secret-key-import --import -
-      unset GPG_KEY_B64
-      export GPG_PASSPHRASE=$(echo $GPG_KEY_PASS_B64 | base64 -di)
-      unset GPG_KEY_PASS_B64
-      export GPG_KEYID=$(gpg --with-colon --list-secret-keys | head -n1 | cut -d : -f 5)
-    else
-      echo -e "\033[0;31m****** GPG signing disabled ******\033[0m"
-      exit 1
-    fi
-  artifacts:
-    paths:
-      - build/dpkg/packages/
-  script:
-    - ls -alh build/dpkg/packages
-    - . ./Builds/containers/gitlab-ci/sign_package.sh dpkg
-
-#########################################################################
-##                                                                     ##
-##  stage: smoketest                                                   ##
-##                                                                     ##
-##  install unsigned packages from previous step and run unit tests.   ##
-##                                                                     ##
-#########################################################################
-
-centos_7_smoketest:
-  stage: smoketest
-  dependencies:
-    - rpm_build
-  image:
-    name: artifactory.ops.ripple.com/centos:7
-  <<: *run_local_smoketest
-
-rocky_8_smoketest:
-  stage: smoketest
-  dependencies:
-    - rpm_build
-  image:
-    name: artifactory.ops.ripple.com/rockylinux/rockylinux:8
-  <<: *run_local_smoketest
-
-fedora_37_smoketest:
-  stage: smoketest
-  dependencies:
-    - rpm_build
-  image:
-    name: artifactory.ops.ripple.com/fedora:37
-  <<: *run_local_smoketest
-
-fedora_38_smoketest:
-  stage: smoketest
-  dependencies:
-    - rpm_build
-  image:
-    name: artifactory.ops.ripple.com/fedora:38
-  <<: *run_local_smoketest
-
-ubuntu_18_smoketest:
-  stage: smoketest
-  dependencies:
-    - dpkg_build
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:18.04
-  <<: *run_local_smoketest
-
-ubuntu_20_smoketest:
-  stage: smoketest
-  dependencies:
-    - dpkg_build
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:20.04
-  <<: *run_local_smoketest
-
-ubuntu_22_smoketest:
-  stage: smoketest
-  dependencies:
-    - dpkg_build
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:22.04
-  <<: *run_local_smoketest
-
-debian_10_smoketest:
-  stage: smoketest
-  dependencies:
-    - dpkg_build
-  image:
-    name: artifactory.ops.ripple.com/debian:10
-  <<: *run_local_smoketest
-
-debian_11_smoketest:
-  stage: smoketest
-  dependencies:
-    - dpkg_build
-  image:
-    name: artifactory.ops.ripple.com/debian:11
-  <<: *run_local_smoketest
-
-#########################################################################
-##                                                                     ##
-##  stage: verify_sig                                                  ##
-##                                                                     ##
-##  use git/gpg to verify that HEAD is signed by an approved           ##
-##  committer. The whitelist of pubkeys is manually mantained          ##
-##  and fetched from GIT_SIGN_PUBKEYS_URL (currently a snippet         ##
-##  link).                                                             ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-
-verify_head_signed:
-  stage: verify_sig
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:latest
-  <<: *only_primary
-  script:
-    - . ./Builds/containers/gitlab-ci/verify_head_commit.sh
-
-#########################################################################
-##                                                                     ##
-##  stage: tag_images                                                  ##
-##                                                                     ##
-##  apply rippled version tag to containers from previous stage.       ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-
-tag_bld_images:
-  stage: tag_images
-  variables:
-    docker_driver: overlay2
-    DOCKER_TLS_CERTDIR: ""
-  image:
-    name: artifactory.ops.ripple.com/docker:latest
-  services:
-    # workaround for TLS issues - consider going back
-    # back to unversioned `dind` when issues are resolved
-    - name: artifactory.ops.ripple.com/docker:stable-dind
-      alias: docker
-  tags:
-    - large
-  dependencies:
-    - rpm_sign
-    - dpkg_sign
-  <<: *only_primary
-  script:
-    - . ./Builds/containers/gitlab-ci/tag_docker_image.sh
-
-#########################################################################
-##                                                                     ##
-##  stage: push_to_test                                                ##
-##                                                                     ##
-##  push packages to artifactory repositories (test)                   ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-
-push_test:
-  stage: push_to_test
-  variables:
-    DEB_REPO: "rippled-deb-test-mirror"
-    RPM_REPO: "rippled-rpm-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/alpine:latest
-  artifacts:
-    paths:
-      - files.info
-  dependencies:
-    - rpm_sign
-    - dpkg_sign
-  <<: *only_primary
-  script:
-    - . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "PUT" "."
-
-#########################################################################
-##                                                                     ##
-##  stage: verify_from_test                                            ##
-##                                                                     ##
-##  install/test packages from test repos.                             ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-
-centos_7_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    RPM_REPO: "rippled-rpm-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/centos:7
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-
-rocky_8_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    RPM_REPO: "rippled-rpm-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/rockylinux/rockylinux:8
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-fedora_37_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    RPM_REPO: "rippled-rpm-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/fedora:37
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-fedora_38_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    RPM_REPO: "rippled-rpm-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/fedora:38
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-ubuntu_18_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    DISTRO: "bionic"
-    DEB_REPO: "rippled-deb-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:18.04
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-ubuntu_20_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    DISTRO: "focal"
-    DEB_REPO: "rippled-deb-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:20.04
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-ubuntu_22_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    DISTRO: "jammy"
-    DEB_REPO: "rippled-deb-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:22.04
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-debian_10_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    DISTRO: "buster"
-    DEB_REPO: "rippled-deb-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/debian:10
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-debian_11_verify_repo_test:
-  stage: verify_from_test
-  variables:
-    DISTRO: "bullseye"
-    DEB_REPO: "rippled-deb-test-mirror"
-  image:
-    name: artifactory.ops.ripple.com/debian:11
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-#########################################################################
-##                                                                     ##
-##  stage: wait_approval_prod                                          ##
-##                                                                     ##
-##  wait for manual approval before proceeding to next stage           ##
-##  which pushes to prod repo.                                         ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-wait_before_push_prod:
-  stage: wait_approval_prod
-  image:
-    name: artifactory.ops.ripple.com/alpine:latest
-  <<: *only_primary
-  script:
-    - echo "proceeding to next stage"
-  when: manual
-  allow_failure: false
-
-#########################################################################
-##                                                                     ##
-##  stage: push_to_prod                                                ##
-##                                                                     ##
-##  push packages to artifactory repositories (prod)                   ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-
-push_prod:
-  variables:
-    DEB_REPO: "rippled-deb"
-    RPM_REPO: "rippled-rpm"
-  image:
-    name: artifactory.ops.ripple.com/alpine:latest
-  stage: push_to_prod
-  artifacts:
-    paths:
-      - files.info
-  dependencies:
-    - rpm_sign
-    - dpkg_sign
-  <<: *only_primary
-  script:
-    - . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "PUT" "."
-
-#########################################################################
-##                                                                     ##
-##  stage: verify_from_prod                                            ##
-##                                                                     ##
-##  install/test packages from prod repos.                             ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-
-centos_7_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    RPM_REPO: "rippled-rpm"
-  image:
-    name: artifactory.ops.ripple.com/centos:7
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-rocky_8_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    RPM_REPO: "rippled-rpm"
-  image:
-    name: artifactory.ops.ripple.com/rockylinux/rockylinux:8
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-fedora_37_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    RPM_REPO: "rippled-rpm"
-  image:
-    name: artifactory.ops.ripple.com/fedora:37
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-fedora_38_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    RPM_REPO: "rippled-rpm"
-  image:
-    name: artifactory.ops.ripple.com/fedora:38
-  dependencies:
-    - rpm_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-ubuntu_18_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    DISTRO: "bionic"
-    DEB_REPO: "rippled-deb"
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:18.04
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-ubuntu_20_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    DISTRO: "focal"
-    DEB_REPO: "rippled-deb"
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:20.04
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-ubuntu_22_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    DISTRO: "jammy"
-    DEB_REPO: "rippled-deb"
-  image:
-    name: artifactory.ops.ripple.com/ubuntu:22.04
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-debian_10_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    DISTRO: "buster"
-    DEB_REPO: "rippled-deb"
-  image:
-    name: artifactory.ops.ripple.com/debian:10
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-debian_11_verify_repo_prod:
-  stage: verify_from_prod
-  variables:
-    DISTRO: "bullseye"
-    DEB_REPO: "rippled-deb"
-  image:
-    name: artifactory.ops.ripple.com/debian:11
-  dependencies:
-    - dpkg_sign
-  <<: *only_primary
-  <<: *run_repo_smoketest
-
-#########################################################################
-##                                                                     ##
-##  stage: get_final_hashes                                            ##
-##                                                                     ##
-##  fetch final hashes from artifactory.                               ##
-##  ONLY RUNS FOR PRIMARY BRANCHES/REPO                                ##
-##                                                                     ##
-#########################################################################
-
-get_prod_hashes:
-  variables:
-    DEB_REPO: "rippled-deb"
-    RPM_REPO: "rippled-rpm"
-  image:
-    name: artifactory.ops.ripple.com/alpine:latest
-  stage: get_final_hashes
-  artifacts:
-    paths:
-      - files.info
-  dependencies:
-    - rpm_sign
-    - dpkg_sign
-  <<: *only_primary
-  script:
-    - . ./Builds/containers/gitlab-ci/push_to_artifactory.sh "GET" ".checksums"
-
-#########################################################################
-##                                                                     ##
-##  stage: build_containers                                            ##
-##                                                                     ##
-##  build containers from docker definitions. These containers are NOT ##
-##  used for the package build. This step is only used to ensure that  ##
-##  the package build targets and files are still working properly.    ##
-##                                                                     ##
-#########################################################################
-
-build_centos_container:
-  stage: build_containers
-  <<: *dind_param
-  script:
-    - . ./Builds/containers/gitlab-ci/build_container.sh rpm
-
-build_ubuntu_container:
-  stage: build_containers
-  <<: *dind_param
-  script:
-    - . ./Builds/containers/gitlab-ci/build_container.sh dpkg

Builds/containers/gitlab-ci/push_to_artifactory.sh

@@ -1,92 +0,0 @@
-#!/usr/bin/env sh
-set -e
-action=$1
-filter=$2
-
-. ./Builds/containers/gitlab-ci/get_component.sh
-
-apk add curl jq coreutils util-linux
-TOPDIR=$(pwd)
-
-# DPKG
-
-cd $TOPDIR
-cd build/dpkg/packages
-CURLARGS="-sk -X${action} -urippled:${ARTIFACTORY_DEPLOY_KEY_RIPPLED}"
-RIPPLED_PKG=$(ls rippled_*.deb)
-RIPPLED_REPORTING_PKG=$(ls rippled-reporting_*.deb)
-RIPPLED_DBG_PKG=$(ls rippled-dbgsym_*.*deb)
-RIPPLED_REPORTING_DBG_PKG=$(ls rippled-reporting-dbgsym_*.*deb)
-# TODO - where to upload src tgz?
-RIPPLED_SRC=$(ls rippled_*.orig.tar.gz)
-DEB_MATRIX=";deb.component=${COMPONENT};deb.architecture=amd64"
-for dist in buster bullseye bionic focal jammy; do
-    DEB_MATRIX="${DEB_MATRIX};deb.distribution=${dist}"
-done
-echo "{ \"debs\": {" > "${TOPDIR}/files.info"
-for deb in ${RIPPLED_PKG} ${RIPPLED_DBG_PKG} ${RIPPLED_REPORTING_PKG} ${RIPPLED_REPORTING_DBG_PKG}; do
-    # first item doesn't get a comma separator
-    if [ $deb != $RIPPLED_PKG ] ; then
-        echo "," >> "${TOPDIR}/files.info"
-    fi
-    echo "\"${deb}\"": | tee -a "${TOPDIR}/files.info"
-    ca="${CURLARGS}"
-    if [ "${action}" = "PUT" ] ; then
-        url="https://${ARTIFACTORY_HOST}/artifactory/${DEB_REPO}/pool/${COMPONENT}/${deb}${DEB_MATRIX}"
-        ca="${ca} -T${deb}"
-    elif [ "${action}" = "GET" ] ; then
-        url="https://${ARTIFACTORY_HOST}/artifactory/api/storage/${DEB_REPO}/pool/${COMPONENT}/${deb}"
-    fi
-    echo "file info request url --> ${url}"
-    eval "curl ${ca} \"${url}\"" | jq -M "${filter}" | tee -a "${TOPDIR}/files.info"
-done
-echo "}," >> "${TOPDIR}/files.info"
-
-# RPM
-
-cd $TOPDIR
-cd build/rpm/packages
-RIPPLED_PKG=$(ls rippled-[0-9]*.x86_64.rpm)
-RIPPLED_DEV_PKG=$(ls rippled-devel*.rpm)
-RIPPLED_DBG_PKG=$(ls rippled-debuginfo*.rpm)
-RIPPLED_REPORTING_PKG=$(ls rippled-reporting*.rpm)
-# TODO - where to upload src rpm ?
-RIPPLED_SRC=$(ls rippled-[0-9]*.src.rpm)
-echo "\"rpms\": {" >> "${TOPDIR}/files.info"
-for rpm in ${RIPPLED_PKG} ${RIPPLED_DEV_PKG} ${RIPPLED_DBG_PKG} ${RIPPLED_REPORTING_PKG}; do
-    # first item doesn't get a comma separator
-    if [ $rpm != $RIPPLED_PKG ] ; then
-        echo "," >> "${TOPDIR}/files.info"
-    fi
-    echo "\"${rpm}\"": | tee -a "${TOPDIR}/files.info"
-    ca="${CURLARGS}"
-    if [ "${action}" = "PUT" ] ; then
-        url="https://${ARTIFACTORY_HOST}/artifactory/${RPM_REPO}/${COMPONENT}/"
-        ca="${ca} -T${rpm}"
-    elif [ "${action}" = "GET" ] ; then
-        url="https://${ARTIFACTORY_HOST}/artifactory/api/storage/${RPM_REPO}/${COMPONENT}/${rpm}"
-    fi
-    echo "file info request url --> ${url}"
-    eval "curl ${ca} \"${url}\"" | jq -M "${filter}" | tee -a "${TOPDIR}/files.info"
-done
-echo "}}" >> "${TOPDIR}/files.info"
-jq '.' "${TOPDIR}/files.info" > "${TOPDIR}/files.info.tmp"
-mv "${TOPDIR}/files.info.tmp" "${TOPDIR}/files.info"
-
-if [ ! -z "${SLACK_NOTIFY_URL}" ] && [ "${action}" = "GET" ] ; then
-    # extract files.info content to variable and sanitize so it can
-    # be interpolated into a slack text field below
-    finfo=$(cat ${TOPDIR}/files.info | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/\\n/g' | sed -E 's/"/\\"/g')
-    # try posting file info to slack.
-    # can add channel field to payload if the
-    # default channel is incorrect. Get rid of
-    # newlines in payload json since slack doesn't accept them
-    CONTENT=$(tr -d '[\n]' <<JSON
-       payload={
-         "username": "GitlabCI",
-         "text": "The package build for branch \`${CI_COMMIT_REF_NAME}\` is complete. File hashes are: \`\`\`${finfo}\`\`\`",
-         "icon_emoji": ":package:"}
-JSON
-)
-    curl ${SLACK_NOTIFY_URL} --data-urlencode "${CONTENT}"
-fi

Builds/containers/gitlab-ci/sign_package.sh

@@ -1,38 +0,0 @@
-#!/usr/bin/env bash
-
-set -eo pipefail
-
-sign_dpkg() {
-  if [ -n "${GPG_KEYID}" ]; then
-    dpkg-sig \
-      -g "--no-tty --digest-algo 'sha512' --passphrase '${GPG_PASSPHRASE}' --pinentry-mode=loopback" \
-			-k "${GPG_KEYID}" \
-			--sign builder \
-			"build/dpkg/packages/*.deb"
-	fi
-}
-
-sign_rpm() {
-  if [ -n "${GPG_KEYID}" ] ; then
-    find build/rpm/packages -name "*.rpm" -exec bash -c '
-	echo "yes" | setsid rpm \
-			--define "_gpg_name ${GPG_KEYID}" \
-			--define "_signature gpg" \
-			--define "__gpg_check_password_cmd /bin/true" \
-			--define "__gpg_sign_cmd %{__gpg} gpg --batch --no-armor --digest-algo 'sha512' --passphrase '${GPG_PASSPHRASE}' --no-secmem-warning -u '%{_gpg_name}' --sign --detach-sign --output %{__signature_filename} %{__plaintext_filename}" \
-			--addsign '{} \;
-	fi
-}
-
-case "${1}" in
-    dpkg)
-        sign_dpkg
-        ;;
-    rpm)
-        sign_rpm
-        ;;
-    *)
-        echo "Usage: ${0} (dpkg|rpm)"
-        ;;
-esac
-

Builds/containers/gitlab-ci/smoketest.sh

@@ -1,108 +0,0 @@
-#!/usr/bin/env sh
-set -e
-install_from=$1
-use_private=${2:-0} # this option not currently needed by any CI scripts,
-                    # reserved for possible future use
-if [ "$use_private" -gt 0 ] ; then
-    REPO_ROOT="https://rippled:${ARTIFACTORY_DEPLOY_KEY_RIPPLED}@${ARTIFACTORY_HOST}/artifactory"
-else
-    REPO_ROOT="${PUBLIC_REPO_ROOT}"
-fi
-
-. ./Builds/containers/gitlab-ci/get_component.sh
-
-. /etc/os-release
-case ${ID} in
-    ubuntu|debian)
-        pkgtype="dpkg"
-        ;;
-    fedora|centos|rhel|scientific|rocky)
-        pkgtype="rpm"
-        ;;
-    *)
-        echo "unrecognized distro!"
-        exit 1
-        ;;
-esac
-
-# this script provides info variables about pkg version
-. build/${pkgtype}/packages/build_vars
-
-if [ "${pkgtype}" = "dpkg" ] ; then
-    # sometimes update fails and requires a cleanup
-    updateWithRetry()
-    {
-        if ! apt-get -y update ; then
-            rm -rvf /var/lib/apt/lists/*
-            apt-get -y clean
-            apt-get -y update
-        fi
-    }
-    if [ "${install_from}" = "repo" ] ; then
-        apt-get -y upgrade
-        updateWithRetry
-        apt-get -y install apt apt-transport-https ca-certificates coreutils util-linux wget gnupg
-        wget -q -O - "${REPO_ROOT}/api/gpg/key/public" | apt-key add -
-        echo "deb ${REPO_ROOT}/${DEB_REPO} ${DISTRO} ${COMPONENT}" >> /etc/apt/sources.list
-        updateWithRetry
-        # uncomment this next line if you want to see the available package versions
-        # apt-cache policy rippled
-        apt-get -y install rippled=${dpkg_full_version}
-    elif [ "${install_from}" = "local" ] ; then
-        # cached pkg install
-        updateWithRetry
-        apt-get -y install libprotobuf-dev libprotoc-dev protobuf-compiler libssl-dev
-        rm -f build/dpkg/packages/rippled-dbgsym*.*
-        dpkg --no-debsig -i build/dpkg/packages/*.deb
-    else
-        echo "unrecognized pkg source!"
-        exit 1
-    fi
-else
-    yum -y update
-    if [ "${install_from}" = "repo" ] ; then
-        pkgs=("yum-utils coreutils util-linux")
-        if [ "$ID" = "rocky" ]; then
-            pkgs="${pkgs[@]/coreutils}"
-        fi
-        yum install -y $pkgs
-        REPOFILE="/etc/yum.repos.d/artifactory.repo"
-        echo "[Artifactory]" > ${REPOFILE}
-        echo "name=Artifactory" >> ${REPOFILE}
-        echo "baseurl=${REPO_ROOT}/${RPM_REPO}/${COMPONENT}/" >> ${REPOFILE}
-        echo "enabled=1" >> ${REPOFILE}
-        echo "gpgcheck=0" >> ${REPOFILE}
-        echo "gpgkey=${REPO_ROOT}/${RPM_REPO}/${COMPONENT}/repodata/repomd.xml.key" >> ${REPOFILE}
-        echo "repo_gpgcheck=1" >> ${REPOFILE}
-        yum -y update
-        # uncomment this next line if you want to see the available package versions
-        # yum --showduplicates list rippled
-        yum -y install ${rpm_version_release}
-    elif [ "${install_from}" = "local" ] ; then
-        # cached pkg install
-        pkgs=("yum-utils openssl-static zlib-static")
-        if [[ "$ID" =~ rocky|fedora ]]; then
-            if [[ "$ID" =~ "rocky" ]]; then
-                sed -i 's/enabled=0/enabled=1/g' /etc/yum.repos.d/Rocky-PowerTools.repo
-            fi
-            pkgs="${pkgs[@]/openssl-static}"
-        fi
-        yum install -y $pkgs
-        rm -f build/rpm/packages/rippled-debug*.rpm
-        rm -f build/rpm/packages/*.src.rpm
-        rpm -i build/rpm/packages/*.rpm
-    else
-        echo "unrecognized pkg source!"
-        exit 1
-    fi
-fi
-
-# verify installed version
-INSTALLED=$(/opt/ripple/bin/rippled --version | awk '{print $NF}')
-if [ "${rippled_version}" != "${INSTALLED}" ] ; then
-    echo "INSTALLED version ${INSTALLED} does not match ${rippled_version}"
-    exit 1
-fi
-# run unit tests
-/opt/ripple/bin/rippled --unittest --unittest-jobs $(nproc)
-/opt/ripple/bin/validator-keys --unittest

Builds/containers/gitlab-ci/tag_docker_image.sh

@@ -1,21 +0,0 @@
-#!/usr/bin/env sh
-set -e
-docker login -u rippled \
-    -p ${ARTIFACTORY_DEPLOY_KEY_RIPPLED} "${ARTIFACTORY_HUB}"
-# this gives us rippled_version :
-source build/rpm/packages/build_vars
-docker pull "${ARTIFACTORY_HUB}/${RPM_CONTAINER_FULLNAME}"
-docker pull "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_FULLNAME}"
-# tag/push two labels...one using the current rippled version and one just using "latest"
-for label in ${rippled_version} latest ; do
-    docker tag \
-        "${ARTIFACTORY_HUB}/${RPM_CONTAINER_FULLNAME}" \
-        "${ARTIFACTORY_HUB}/${RPM_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
-    docker push \
-        "${ARTIFACTORY_HUB}/${RPM_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
-    docker tag \
-        "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_FULLNAME}" \
-        "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
-    docker push \
-        "${ARTIFACTORY_HUB}/${DPKG_CONTAINER_NAME}:${label}_${CI_COMMIT_REF_SLUG}"
-done

Builds/containers/gitlab-ci/verify_head_commit.sh

@@ -1,17 +0,0 @@
-#!/usr/bin/env sh
-set -ex
-apt -y update
-DEBIAN_FRONTEND="noninteractive" apt-get -y install tzdata
-apt -y install software-properties-common curl git gnupg
-curl -sk -o rippled-pubkeys.txt "${GIT_SIGN_PUBKEYS_URL}"
-gpg --import rippled-pubkeys.txt
-if git verify-commit HEAD; then
-    echo "git commit signature check passed"
-else
-    echo "git commit signature check failed"
-    git log -n 5 --color \
-        --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an> [%G?]%Creset' \
-        --abbrev-commit
-    exit 1
-fi
-

Builds/containers/packaging/dpkg/build_dpkg.sh

@@ -1,95 +0,0 @@
-#!/usr/bin/env bash
-set -ex
-
-# make sure pkg source files are up to date with repo
-cd /opt/rippled_bld/pkg
-cp -fpru rippled/Builds/containers/packaging/dpkg/debian/. debian/
-cp -fpu rippled/Builds/containers/shared/rippled*.service debian/
-cp -fpu rippled/Builds/containers/shared/update_sources.sh .
-source update_sources.sh
-
-# Build the dpkg
-
-#dpkg uses - as separator, so we need to change our -bN versions to tilde
-RIPPLED_DPKG_VERSION=$(echo "${RIPPLED_VERSION}" | sed 's!-!~!g')
-# TODO - decide how to handle the trailing/release
-# version here (hardcoded to 1). Does it ever need to change?
-RIPPLED_DPKG_FULL_VERSION="${RIPPLED_DPKG_VERSION}-1"
-git config --global --add safe.directory /opt/rippled_bld/pkg/rippled
-cd /opt/rippled_bld/pkg/rippled
-if [[ -n $(git status --porcelain) ]]; then
-    git status
-    error "Unstaged changes in this repo - please commit first"
-fi
-git archive --format tar.gz --prefix rippled-${RIPPLED_DPKG_VERSION}/ -o ../rippled-${RIPPLED_DPKG_VERSION}.tar.gz HEAD
-cd ..
-# dpkg debmake would normally create this link, but we do it manually
-ln -s ./rippled-${RIPPLED_DPKG_VERSION}.tar.gz rippled_${RIPPLED_DPKG_VERSION}.orig.tar.gz
-tar xvf rippled-${RIPPLED_DPKG_VERSION}.tar.gz
-cd rippled-${RIPPLED_DPKG_VERSION}
-cp -pr ../debian .
-
-# dpkg requires a changelog. We don't currently maintain
-# a useable one, so let's just fake it with our current version
-# TODO : not sure if the "unstable" will need to change for
-# release packages (?)
-NOWSTR=$(TZ=UTC date -R)
-cat << CHANGELOG > ./debian/changelog
-rippled (${RIPPLED_DPKG_FULL_VERSION}) unstable; urgency=low
-
-  * see RELEASENOTES
-
- -- Ripple Labs Inc. <support@ripple.com>  ${NOWSTR}
-CHANGELOG
-
-# PATH must be preserved for our more modern cmake in /opt/local
-# TODO : consider allowing lintian to run in future ?
-export DH_BUILD_DDEBS=1
-debuild --no-lintian --preserve-envvar PATH --preserve-env -us -uc
-rc=$?; if [[ $rc != 0 ]]; then
-    error "error building dpkg"
-fi
-cd ..
-
-# copy artifacts
-cp rippled-reporting_${RIPPLED_DPKG_FULL_VERSION}_amd64.deb ${PKG_OUTDIR}
-cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.deb ${PKG_OUTDIR}
-cp rippled_${RIPPLED_DPKG_FULL_VERSION}.dsc ${PKG_OUTDIR}
-# dbgsym suffix is ddeb under newer debuild, but just deb under earlier
-cp rippled-dbgsym_${RIPPLED_DPKG_FULL_VERSION}_amd64.* ${PKG_OUTDIR}
-cp rippled-reporting-dbgsym_${RIPPLED_DPKG_FULL_VERSION}_amd64.* ${PKG_OUTDIR}
-cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.changes ${PKG_OUTDIR}
-cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.build ${PKG_OUTDIR}
-cp rippled_${RIPPLED_DPKG_VERSION}.orig.tar.gz ${PKG_OUTDIR}
-cp rippled_${RIPPLED_DPKG_FULL_VERSION}.debian.tar.xz ${PKG_OUTDIR}
-# buildinfo is only generated by later version of debuild
-if [ -e rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.buildinfo ] ; then
-    cp rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.buildinfo ${PKG_OUTDIR}
-fi
-
-cat rippled_${RIPPLED_DPKG_FULL_VERSION}_amd64.changes
-# extract the text in the .changes file that appears between
-#    Checksums-Sha256:  ...
-# and
-#    Files: ...
-awk '/Checksums-Sha256:/{hit=1;next}/Files:/{hit=0}hit' \
-    rippled_${RIPPLED_DPKG_VERSION}-1_amd64.changes | \
-        sed -E 's!^[[:space:]]+!!' > shasums
-DEB_SHA256=$(cat shasums | \
-    grep "rippled_${RIPPLED_DPKG_VERSION}-1_amd64.deb" | cut -d " " -f 1)
-DBG_SHA256=$(cat shasums | \
-    grep "rippled-dbgsym_${RIPPLED_DPKG_VERSION}-1_amd64.*" | cut -d " " -f 1)
-REPORTING_DBG_SHA256=$(cat shasums | \
-    grep "rippled-reporting-dbgsym_${RIPPLED_DPKG_VERSION}-1_amd64.*" | cut -d " " -f 1)
-REPORTING_SHA256=$(cat shasums | \
-    grep "rippled-reporting_${RIPPLED_DPKG_VERSION}-1_amd64.deb" | cut -d " " -f 1)
-SRC_SHA256=$(cat shasums | \
-    grep "rippled_${RIPPLED_DPKG_VERSION}.orig.tar.gz" | cut -d " " -f 1)
-echo "deb_sha256=${DEB_SHA256}" >> ${PKG_OUTDIR}/build_vars
-echo "dbg_sha256=${DBG_SHA256}" >> ${PKG_OUTDIR}/build_vars
-echo "reporting_sha256=${REPORTING_SHA256}" >> ${PKG_OUTDIR}/build_vars
-echo "reporting_dbg_sha256=${REPORTING_DBG_SHA256}" >> ${PKG_OUTDIR}/build_vars
-echo "src_sha256=${SRC_SHA256}" >> ${PKG_OUTDIR}/build_vars
-echo "rippled_version=${RIPPLED_VERSION}" >> ${PKG_OUTDIR}/build_vars
-echo "dpkg_version=${RIPPLED_DPKG_VERSION}" >> ${PKG_OUTDIR}/build_vars
-echo "dpkg_full_version=${RIPPLED_DPKG_FULL_VERSION}" >> ${PKG_OUTDIR}/build_vars

Builds/containers/packaging/dpkg/debian/README.Debian

@@ -1,3 +0,0 @@
-rippled daemon
-
- -- Mike Ellery <mellery451@gmail.com>  Tue, 04 Dec 2018 18:19:03 +0000

Builds/containers/packaging/dpkg/debian/compat

@@ -1 +0,0 @@
-10

Builds/containers/packaging/dpkg/debian/control

@@ -1,19 +0,0 @@
-Source: rippled
-Section: misc
-Priority: extra
-Maintainer: Ripple Labs Inc. <support@ripple.com>
-Build-Depends: cmake, debhelper (>=9), zlib1g-dev, dh-systemd, ninja-build
-Standards-Version: 3.9.7
-Homepage: http://ripple.com/
-
-Package: rippled
-Architecture: any
-Multi-Arch: foreign
-Depends: ${misc:Depends}, ${shlibs:Depends}
-Description: rippled daemon
-
-Package: rippled-reporting
-Architecture: any
-Multi-Arch: foreign
-Depends: ${misc:Depends}, ${shlibs:Depends}
-Description: rippled reporting daemon

Builds/containers/packaging/dpkg/debian/copyright

@@ -1,86 +0,0 @@
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: rippled
-Source: https://github.com/ripple/rippled 
-
-Files: *
-Copyright: 2012-2019 Ripple Labs Inc.
-
-License:   __UNKNOWN__
-
-The accompanying files under various copyrights.
-
-Copyright (c) 2012, 2013, 2014 Ripple Labs Inc.
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-The accompanying files incorporate work covered by the following copyright
-and previous license notice:
-
-Copyright (c) 2011 Arthur Britto, David Schwartz, Jed McCaleb,
-Vinnie Falco, Bob Way, Eric Lombrozo, Nikolaos D. Bougalis, Howard Hinnant
-
-Some code from Raw Material Software, Ltd., provided under the terms of the
-  ISC License. See the corresponding source files for more details.
-  Copyright (c) 2013 - Raw Material Software Ltd.
-  Please visit http://www.juce.com
-
-Some code from ASIO examples:
-// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
-//
-// Distributed under the Boost Software License, Version 1.0. (See accompanying
-// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
-
-Some code from Bitcoin:
-// Copyright (c) 2009-2010 Satoshi Nakamoto
-// Copyright (c) 2011 The Bitcoin developers
-// Distributed under the MIT/X11 software license, see the accompanying
-// file license.txt or http://www.opensource.org/licenses/mit-license.php.
-
-Some code from Tom Wu:
-This software is covered under the following copyright:
-
-/*
- * Copyright (c) 2003-2005  Tom Wu
- * All Rights Reserved.
- *
- * Permission is hereby granted, free of charge, to any person obtaining
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY 
- * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  
- *
- * IN NO EVENT SHALL TOM WU BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
- * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
- * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
- * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
- * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- *
- * In addition, the following condition applies:
- *
- * All redistributions must retain an intact copy of this copyright notice
- * and disclaimer.
- */
-
-Address all questions regarding this license to:
-
-  Tom Wu
-  tjw@cs.Stanford.EDU

Builds/containers/packaging/dpkg/debian/dirs

@@ -1,3 +0,0 @@
-/var/log/rippled/
-/var/lib/rippled/
-/etc/systemd/system/rippled.service.d/

Builds/containers/packaging/dpkg/debian/docs

@@ -1,3 +0,0 @@
-README.md
-LICENSE.md
-RELEASENOTES.md

Builds/containers/packaging/dpkg/debian/rippled-dev.install

@@ -1,3 +0,0 @@
-opt/ripple/include
-opt/ripple/lib/*.a
-opt/ripple/lib/cmake/ripple

Builds/containers/packaging/dpkg/debian/rippled-reporting.dirs

@@ -1,3 +0,0 @@
-/var/log/rippled-reporting/
-/var/lib/rippled-reporting/
-/etc/systemd/system/rippled-reporting.service.d/

Builds/containers/packaging/dpkg/debian/rippled-reporting.install

@@ -1,8 +0,0 @@
-bld/rippled-reporting/rippled-reporting opt/rippled-reporting/bin
-cfg/rippled-reporting.cfg opt/rippled-reporting/etc
-debian/tmp/opt/rippled-reporting/etc/validators.txt opt/rippled-reporting/etc
-
-opt/rippled-reporting/bin/update-rippled-reporting.sh
-opt/rippled-reporting/bin/getRippledReportingInfo
-opt/rippled-reporting/etc/update-rippled-reporting-cron
-etc/logrotate.d/rippled-reporting

Builds/containers/packaging/dpkg/debian/rippled-reporting.links

@@ -1,3 +0,0 @@
-opt/rippled-reporting/etc/rippled-reporting.cfg etc/opt/rippled-reporting/rippled-reporting.cfg
-opt/rippled-reporting/etc/validators.txt etc/opt/rippled-reporting/validators.txt
-opt/rippled-reporting/bin/rippled-reporting usr/local/bin/rippled-reporting

Builds/containers/packaging/dpkg/debian/rippled-reporting.postinst

@@ -1,33 +0,0 @@
-#!/bin/sh
-set -e
-
-USER_NAME=rippled-reporting
-GROUP_NAME=rippled-reporting
-case "$1" in
-    configure)
-        id -u $USER_NAME >/dev/null 2>&1 || \
-        adduser --system --quiet \
-            --home /nonexistent --no-create-home \
-            --disabled-password \
-            --group "$GROUP_NAME"
-        chown -R $USER_NAME:$GROUP_NAME /var/log/rippled-reporting/
-        chown -R $USER_NAME:$GROUP_NAME /var/lib/rippled-reporting/
-        chmod 755 /var/log/rippled-reporting/
-        chmod 755 /var/lib/rippled-reporting/
-        chown -R $USER_NAME:$GROUP_NAME /opt/rippled-reporting
-
-    ;;
-
-    abort-upgrade|abort-remove|abort-deconfigure)
-    ;;
-
-    *)
-        echo "postinst called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
-esac
-
-
-#DEBHELPER#
-
-exit 0

Builds/containers/packaging/dpkg/debian/rippled.conffiles

@@ -1,2 +0,0 @@
-/opt/ripple/etc/rippled.cfg
-/opt/ripple/etc/validators.txt

Builds/containers/packaging/dpkg/debian/rippled.install

@@ -1,8 +0,0 @@
-opt/ripple/bin/rippled
-opt/ripple/bin/validator-keys
-opt/ripple/bin/update-rippled.sh
-opt/ripple/bin/getRippledInfo
-opt/ripple/etc/rippled.cfg
-opt/ripple/etc/validators.txt
-opt/ripple/etc/update-rippled-cron
-etc/logrotate.d/rippled

Builds/containers/packaging/dpkg/debian/rippled.links

@@ -1,3 +0,0 @@
-opt/ripple/etc/rippled.cfg etc/opt/ripple/rippled.cfg
-opt/ripple/etc/validators.txt etc/opt/ripple/validators.txt
-opt/ripple/bin/rippled usr/local/bin/rippled

Builds/containers/packaging/dpkg/debian/rippled.postinst

@@ -1,35 +0,0 @@
-#!/bin/sh
-set -e
-
-USER_NAME=rippled
-GROUP_NAME=rippled
-case "$1" in
-    configure)
-        id -u $USER_NAME >/dev/null 2>&1 || \
-        adduser --system --quiet \
-            --home /nonexistent --no-create-home \
-            --disabled-password \
-            --group "$GROUP_NAME"
-        chown -R $USER_NAME:$GROUP_NAME /var/log/rippled/
-        chown -R $USER_NAME:$GROUP_NAME /var/lib/rippled/
-        chown -R $USER_NAME:$GROUP_NAME /opt/ripple
-        chmod 755 /var/log/rippled/
-        chmod 755 /var/lib/rippled/
-        chmod 644 /opt/ripple/etc/update-rippled-cron
-        chmod 644 /etc/logrotate.d/rippled
-        chown -R root:$GROUP_NAME /opt/ripple/etc/update-rippled-cron
-    ;;
-
-    abort-upgrade|abort-remove|abort-deconfigure)
-    ;;
-
-    *)
-        echo "postinst called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
-esac
-
-
-#DEBHELPER#
-
-exit 0

Builds/containers/packaging/dpkg/debian/rippled.postrm

@@ -1,17 +0,0 @@
-#!/bin/sh
-set -e
-
-case "$1" in
-    purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
-    ;;
-
-    *)
-        echo "postrm called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
-esac
-
-
-#DEBHELPER#
-
-exit 0

Builds/containers/packaging/dpkg/debian/rippled.preinst

@@ -1,20 +0,0 @@
-#!/bin/sh
-set -e
-
-case "$1" in
-    install|upgrade)
-    ;;
-
-    abort-upgrade)
-    ;;
-
-    *)
-        echo "preinst called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
-esac
-
-
-#DEBHELPER#
-
-exit 0

Builds/containers/packaging/dpkg/debian/rippled.prerm

@@ -1,20 +0,0 @@
-#!/bin/sh
-set -e
-
-case "$1" in
-    remove|upgrade|deconfigure)
-    ;;
-
-    failed-upgrade)
-    ;;
-
-    *)
-        echo "prerm called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
-esac
-
-
-#DEBHELPER#
-
-exit 0

Builds/containers/packaging/dpkg/debian/rules

@@ -1,80 +0,0 @@
-#!/usr/bin/make -f
-export DH_VERBOSE = 1
-export DH_OPTIONS = -v
-# debuild sets some warnings that don't work well
-# for our curent build..so try to remove those flags here:
-export CFLAGS:=$(subst -Wformat,,$(CFLAGS))
-export CFLAGS:=$(subst -Werror=format-security,,$(CFLAGS))
-export CXXFLAGS:=$(subst -Wformat,,$(CXXFLAGS))
-export CXXFLAGS:=$(subst -Werror=format-security,,$(CXXFLAGS))
-
-%:
-	dh $@ --with systemd
-
-override_dh_systemd_start:
-	dh_systemd_start --no-restart-on-upgrade
-
-override_dh_auto_configure:
-	env
-	rm -rf bld
-
-	conan export external/snappy snappy/1.1.9@
-
-	conan install . \
-		--install-folder bld/rippled  \
-		--build missing \
-		--build boost \
-		--build sqlite3 \
-		--settings build_type=Release
-
-	cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
-		-G Ninja \
-		-DCMAKE_BUILD_TYPE=Release \
-		-DCMAKE_INSTALL_PREFIX=/opt/ripple \
-		-Dstatic=ON \
-		-Dunity=OFF \
-		-DCMAKE_VERBOSE_MAKEFILE=ON \
-		-Dvalidator_keys=ON \
-		-B bld/rippled
-
-	conan install . \
-		--install-folder bld/rippled-reporting \
-		--build missing \
-		--build boost \
-		--build sqlite3 \
-		--build libuv \
-		--settings build_type=Release \
-		--options reporting=True
-
-	cmake -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
-		-G Ninja \
-		-DCMAKE_BUILD_TYPE=Release \
-		-DCMAKE_INSTALL_PREFIX=/opt/rippled-reporting \
-		-Dstatic=ON \
-		-Dunity=OFF \
-		-DCMAKE_VERBOSE_MAKEFILE=ON \
-		-Dreporting=ON \
-		-B bld/rippled-reporting
-
-override_dh_auto_build:
-	cmake --build bld/rippled --target rippled --target validator-keys -j${nproc}
-
-	cmake --build bld/rippled-reporting --target rippled -j${nproc}
-
-override_dh_auto_install:
-	cmake --install bld/rippled --prefix debian/tmp/opt/ripple
-	install -D bld/rippled/validator-keys/validator-keys debian/tmp/opt/ripple/bin/validator-keys
-	install -D Builds/containers/shared/update-rippled.sh debian/tmp/opt/ripple/bin/update-rippled.sh
-	install -D bin/getRippledInfo debian/tmp/opt/ripple/bin/getRippledInfo
-	install -D Builds/containers/shared/update-rippled-cron debian/tmp/opt/ripple/etc/update-rippled-cron
-	install -D Builds/containers/shared/rippled-logrotate debian/tmp/etc/logrotate.d/rippled
-	rm -rf debian/tmp/opt/ripple/lib64/cmake/date
-
-	mkdir -p debian/tmp/opt/rippled-reporting/etc
-	mkdir -p debian/tmp/opt/rippled-reporting/bin
-	cp cfg/validators-example.txt debian/tmp/opt/rippled-reporting/etc/validators.txt
-
-	sed -E 's/rippled?/rippled-reporting/g' Builds/containers/shared/update-rippled.sh > debian/tmp/opt/rippled-reporting/bin/update-rippled-reporting.sh
-	sed -E 's/rippled?/rippled-reporting/g' bin/getRippledInfo > debian/tmp/opt/rippled-reporting/bin/getRippledReportingInfo
-	sed -E 's/rippled?/rippled-reporting/g' Builds/containers/shared/update-rippled-cron > debian/tmp/opt/rippled-reporting/etc/update-rippled-reporting-cron
-	sed -E 's/rippled?/rippled-reporting/g' Builds/containers/shared/rippled-logrotate > debian/tmp/etc/logrotate.d/rippled-reporting

Builds/containers/packaging/dpkg/debian/source/format

@@ -1 +0,0 @@
-3.0 (quilt)

Builds/containers/packaging/dpkg/debian/source/local-options

@@ -1,2 +0,0 @@
-#abort-on-upstream-changes
-#unapply-patches

Builds/containers/packaging/rpm/50-rippled-reporting.preset

@@ -1 +0,0 @@
-enable rippled-reporting.service

Builds/containers/packaging/rpm/50-rippled.preset

@@ -1 +0,0 @@
-enable rippled.service

Builds/containers/packaging/rpm/build_rpm.sh

@@ -1,82 +0,0 @@
-#!/usr/bin/env bash
-set -ex
-
-cd /opt/rippled_bld/pkg
-cp -fpu rippled/Builds/containers/packaging/rpm/rippled.spec .
-cp -fpu rippled/Builds/containers/shared/update_sources.sh .
-source update_sources.sh
-
-# Build the rpm
-
-IFS='-' read -r RIPPLED_RPM_VERSION RELEASE <<< "$RIPPLED_VERSION"
-export RIPPLED_RPM_VERSION
-
-RPM_RELEASE=${RPM_RELEASE-1}
-
-# post-release version
-if [ "hf" = "$(echo "$RELEASE" | cut -c -2)" ]; then
-    RPM_RELEASE="${RPM_RELEASE}.${RELEASE}"
-# pre-release version (-b or -rc)
-elif [[ $RELEASE ]]; then
-    RPM_RELEASE="0.${RPM_RELEASE}.${RELEASE}"
-fi
-
-export RPM_RELEASE
-
-if [[ $RPM_PATCH ]]; then
-    RPM_PATCH=".${RPM_PATCH}"
-    export RPM_PATCH
-fi
-
-cd /opt/rippled_bld/pkg/rippled
-
-if [[ -n $(git status --porcelain) ]]; then
-   git status
-   error "Unstaged changes in this repo - please commit first"
-fi
-
-git archive --format tar.gz --prefix rippled/ -o ../rpmbuild/SOURCES/rippled.tar.gz HEAD
-
-cd ..
-
-source /opt/rh/devtoolset-11/enable
-
-rpmbuild --define "_topdir ${PWD}/rpmbuild" -ba rippled.spec
-
-rc=$?; if [[ $rc != 0 ]]; then
-    error "error building rpm"
-fi
-
-# Make a tar of the rpm and source rpm
-RPM_VERSION_RELEASE=$(rpm -qp --qf='%{NAME}-%{VERSION}-%{RELEASE}' ./rpmbuild/RPMS/x86_64/rippled-[0-9]*.rpm)
-tar_file=$RPM_VERSION_RELEASE.tar.gz
-
-cp ./rpmbuild/RPMS/x86_64/* ${PKG_OUTDIR}
-cp ./rpmbuild/SRPMS/* ${PKG_OUTDIR}
-
-RPM_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/RPMS/x86_64/rippled-[0-9]*.rpm 2>/dev/null)
-DBG_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/RPMS/x86_64/rippled-debuginfo*.rpm 2>/dev/null)
-DEV_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/RPMS/x86_64/rippled-devel*.rpm 2>/dev/null)
-REP_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/RPMS/x86_64/rippled-reporting*.rpm 2>/dev/null)
-SRC_MD5SUM=$(rpm -q --queryformat '%{SIGMD5}\n' -p ./rpmbuild/SRPMS/*.rpm 2>/dev/null)
-
-RPM_SHA256="$(sha256sum ./rpmbuild/RPMS/x86_64/rippled-[0-9]*.rpm | awk '{ print $1}')"
-DBG_SHA256="$(sha256sum ./rpmbuild/RPMS/x86_64/rippled-debuginfo*.rpm | awk '{ print $1}')"
-REP_SHA256="$(sha256sum ./rpmbuild/RPMS/x86_64/rippled-reporting*.rpm | awk '{ print $1}')"
-DEV_SHA256="$(sha256sum ./rpmbuild/RPMS/x86_64/rippled-devel*.rpm | awk '{ print $1}')"
-SRC_SHA256="$(sha256sum ./rpmbuild/SRPMS/*.rpm | awk '{ print $1}')"
-
-echo "rpm_md5sum=$RPM_MD5SUM" >  ${PKG_OUTDIR}/build_vars
-echo "rep_md5sum=$REP_MD5SUM" >> ${PKG_OUTDIR}/build_vars
-echo "dbg_md5sum=$DBG_MD5SUM" >> ${PKG_OUTDIR}/build_vars
-echo "dev_md5sum=$DEV_MD5SUM" >> ${PKG_OUTDIR}/build_vars
-echo "src_md5sum=$SRC_MD5SUM" >> ${PKG_OUTDIR}/build_vars
-echo "rpm_sha256=$RPM_SHA256" >> ${PKG_OUTDIR}/build_vars
-echo "rep_sha256=$REP_SHA256" >> ${PKG_OUTDIR}/build_vars
-echo "dbg_sha256=$DBG_SHA256" >> ${PKG_OUTDIR}/build_vars
-echo "dev_sha256=$DEV_SHA256" >> ${PKG_OUTDIR}/build_vars
-echo "src_sha256=$SRC_SHA256" >> ${PKG_OUTDIR}/build_vars
-echo "rippled_version=$RIPPLED_VERSION" >> ${PKG_OUTDIR}/build_vars
-echo "rpm_version=$RIPPLED_RPM_VERSION" >> ${PKG_OUTDIR}/build_vars
-echo "rpm_file_name=$tar_file" >> ${PKG_OUTDIR}/build_vars
-echo "rpm_version_release=$RPM_VERSION_RELEASE" >> ${PKG_OUTDIR}/build_vars

Builds/containers/packaging/rpm/rippled.spec

@@ -1,236 +0,0 @@
-%define rippled_version %(echo $RIPPLED_RPM_VERSION)
-%define rpm_release %(echo $RPM_RELEASE)
-%define rpm_patch %(echo $RPM_PATCH)
-%define _prefix /opt/ripple
-
-Name:           rippled
-# Dashes in Version extensions must be converted to underscores
-Version:        %{rippled_version}
-Release:        %{rpm_release}%{?dist}%{rpm_patch}
-Summary:        rippled daemon
-
-License:        MIT
-URL:            http://ripple.com/
-Source0:        rippled.tar.gz
-
-BuildRequires:  cmake zlib-static ninja-build
-
-%description
-rippled
-
-%package devel
-Summary: Files for development of applications using xrpl core library
-Group: Development/Libraries
-Requires: zlib-static
-
-%description devel
-core library for development of standalone applications that sign transactions.
-
-%package reporting
-Summary: Reporting Server for rippled
-
-%description reporting
-History server for XRP Ledger
-
-%prep
-%setup -c -n rippled
-
-%build
-rm -rf ~/.conan/profiles/default
-
-cp /opt/libcstd/libstdc++.so.6.0.22 /usr/lib64
-cp /opt/libcstd/libstdc++.so.6.0.22 /lib64
-ln -sf /usr/lib64/libstdc++.so.6.0.22 /usr/lib64/libstdc++.so.6
-ln -sf /lib64/libstdc++.so.6.0.22 /usr/lib64/libstdc++.so.6
-
-source /opt/rh/rh-python38/enable
-pip install "conan<2"
-conan profile new default --detect
-conan profile update settings.compiler.libcxx=libstdc++11 default
-conan profile update settings.compiler.cppstd=20 default
-
-cd rippled
-
-mkdir -p bld.rippled
-conan export external/snappy snappy/1.1.9@
-
-pushd bld.rippled
-conan install .. \
-     --settings build_type=Release \
-     --output-folder . \
-     --build missing
-
-cmake -G Ninja \
-     -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
-     -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-     -DCMAKE_BUILD_TYPE=Release \
-     -Dunity=OFF \
-     -Dstatic=ON \
-     -Dvalidator_keys=ON \
-     -DCMAKE_VERBOSE_MAKEFILE=ON \
-     ..
-
-cmake --build . --parallel $(nproc) --target rippled --target validator-keys
-popd
-
-mkdir -p bld.rippled-reporting
-pushd bld.rippled-reporting
-
-conan install .. \
-     --settings build_type=Release \
-     --output-folder . \
-     --build missing \
-     --settings compiler.cppstd=17 \
-     --options reporting=True
-
-cmake -G Ninja \
-     -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake \
-     -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-     -DCMAKE_BUILD_TYPE=Release \
-     -Dunity=OFF \
-     -Dstatic=ON \
-     -Dvalidator_keys=ON \
-     -Dreporting=ON \
-     -DCMAKE_VERBOSE_MAKEFILE=ON \
-     ..
-
-cmake --build . --parallel $(nproc) --target rippled
-
-%pre
-test -e /etc/pki/tls || { mkdir -p /etc/pki; ln -s /usr/lib/ssl /etc/pki/tls; }
-
-%install
-rm -rf $RPM_BUILD_ROOT
-DESTDIR=$RPM_BUILD_ROOT cmake --build rippled/bld.rippled --target install #-- -v
-mkdir -p $RPM_BUILD_ROOT
-rm -rf ${RPM_BUILD_ROOT}/%{_prefix}/lib64/
-install -d ${RPM_BUILD_ROOT}/etc/opt/ripple
-install -d ${RPM_BUILD_ROOT}/usr/local/bin
-
-install -D ./rippled/cfg/rippled-example.cfg ${RPM_BUILD_ROOT}/%{_prefix}/etc/rippled.cfg
-install -D ./rippled/cfg/validators-example.txt ${RPM_BUILD_ROOT}/%{_prefix}/etc/validators.txt
-
-ln -sf %{_prefix}/etc/rippled.cfg ${RPM_BUILD_ROOT}/etc/opt/ripple/rippled.cfg
-ln -sf %{_prefix}/etc/validators.txt ${RPM_BUILD_ROOT}/etc/opt/ripple/validators.txt
-ln -sf %{_prefix}/bin/rippled ${RPM_BUILD_ROOT}/usr/local/bin/rippled
-install -D rippled/bld.rippled/validator-keys/validator-keys ${RPM_BUILD_ROOT}%{_bindir}/validator-keys
-install -D ./rippled/Builds/containers/shared/rippled.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/rippled.service
-install -D ./rippled/Builds/containers/packaging/rpm/50-rippled.preset ${RPM_BUILD_ROOT}/usr/lib/systemd/system-preset/50-rippled.preset
-install -D ./rippled/Builds/containers/shared/update-rippled.sh ${RPM_BUILD_ROOT}%{_bindir}/update-rippled.sh
-install -D ./rippled/bin/getRippledInfo ${RPM_BUILD_ROOT}%{_bindir}/getRippledInfo
-install -D ./rippled/Builds/containers/shared/update-rippled-cron ${RPM_BUILD_ROOT}%{_prefix}/etc/update-rippled-cron
-install -D ./rippled/Builds/containers/shared/rippled-logrotate ${RPM_BUILD_ROOT}/etc/logrotate.d/rippled
-install -d $RPM_BUILD_ROOT/var/log/rippled
-install -d $RPM_BUILD_ROOT/var/lib/rippled
-
-# reporting mode
-%define _prefix /opt/rippled-reporting
-mkdir -p ${RPM_BUILD_ROOT}/etc/opt/rippled-reporting/
-install -D rippled/bld.rippled-reporting/rippled-reporting ${RPM_BUILD_ROOT}%{_bindir}/rippled-reporting
-install -D ./rippled/cfg/rippled-reporting.cfg ${RPM_BUILD_ROOT}%{_prefix}/etc/rippled-reporting.cfg
-install -D ./rippled/cfg/validators-example.txt ${RPM_BUILD_ROOT}%{_prefix}/etc/validators.txt
-install -D ./rippled/Builds/containers/packaging/rpm/50-rippled-reporting.preset ${RPM_BUILD_ROOT}/usr/lib/systemd/system-preset/50-rippled-reporting.preset
-ln -s %{_prefix}/bin/rippled-reporting ${RPM_BUILD_ROOT}/usr/local/bin/rippled-reporting
-ln -s %{_prefix}/etc/rippled-reporting.cfg ${RPM_BUILD_ROOT}/etc/opt/rippled-reporting/rippled-reporting.cfg
-ln -s %{_prefix}/etc/validators.txt ${RPM_BUILD_ROOT}/etc/opt/rippled-reporting/validators.txt
-install -d $RPM_BUILD_ROOT/var/log/rippled-reporting
-install -d $RPM_BUILD_ROOT/var/lib/rippled-reporting
-install -D ./rippled/Builds/containers/shared/rippled-reporting.service ${RPM_BUILD_ROOT}/usr/lib/systemd/system/rippled-reporting.service
-sed -E 's/rippled?/rippled-reporting/g' ./rippled/Builds/containers/shared/update-rippled.sh > ${RPM_BUILD_ROOT}%{_bindir}/update-rippled-reporting.sh
-sed -E 's/rippled?/rippled-reporting/g' ./rippled/bin/getRippledInfo > ${RPM_BUILD_ROOT}%{_bindir}/getRippledReportingInfo
-sed -E 's/rippled?/rippled-reporting/g' ./rippled/Builds/containers/shared/update-rippled-cron > ${RPM_BUILD_ROOT}%{_prefix}/etc/update-rippled-reporting-cron
-sed -E 's/rippled?/rippled-reporting/g' ./rippled/Builds/containers/shared/rippled-logrotate > ${RPM_BUILD_ROOT}/etc/logrotate.d/rippled-reporting
-
-
-%post
-%define _prefix /opt/ripple
-USER_NAME=rippled
-GROUP_NAME=rippled
-
-getent passwd $USER_NAME &>/dev/null || useradd $USER_NAME
-getent group $GROUP_NAME &>/dev/null || groupadd $GROUP_NAME
-
-chown -R $USER_NAME:$GROUP_NAME /var/log/rippled/
-chown -R $USER_NAME:$GROUP_NAME /var/lib/rippled/
-chown -R $USER_NAME:$GROUP_NAME %{_prefix}/
-
-chmod 755 /var/log/rippled/
-chmod 755 /var/lib/rippled/
-
-chmod 644 %{_prefix}/etc/update-rippled-cron
-chmod 644 /etc/logrotate.d/rippled
-chown -R root:$GROUP_NAME %{_prefix}/etc/update-rippled-cron
-
-%post reporting
-%define _prefix /opt/rippled-reporting
-USER_NAME=rippled-reporting
-GROUP_NAME=rippled-reporting
-
-getent passwd $USER_NAME &>/dev/null || useradd -r $USER_NAME
-getent group $GROUP_NAME &>/dev/null || groupadd $GROUP_NAME
-
-chown -R $USER_NAME:$GROUP_NAME /var/log/rippled-reporting/
-chown -R $USER_NAME:$GROUP_NAME /var/lib/rippled-reporting/
-chown -R $USER_NAME:$GROUP_NAME %{_prefix}/
-
-chmod 755 /var/log/rippled-reporting/
-chmod 755 /var/lib/rippled-reporting/
-chmod -x /usr/lib/systemd/system/rippled-reporting.service
-
-
-%files
-%define _prefix /opt/ripple
-%doc rippled/README.md rippled/LICENSE.md
-%{_bindir}/rippled
-/usr/local/bin/rippled
-%{_bindir}/update-rippled.sh
-%{_bindir}/getRippledInfo
-%{_prefix}/etc/update-rippled-cron
-%{_bindir}/validator-keys
-%config(noreplace) %{_prefix}/etc/rippled.cfg
-%config(noreplace) /etc/opt/ripple/rippled.cfg
-%config(noreplace) %{_prefix}/etc/validators.txt
-%config(noreplace) /etc/opt/ripple/validators.txt
-%config(noreplace) /etc/logrotate.d/rippled
-%config(noreplace) /usr/lib/systemd/system/rippled.service
-%config(noreplace) /usr/lib/systemd/system-preset/50-rippled.preset
-
-%dir /var/log/rippled/
-%dir /var/lib/rippled/
-
-%files devel
-%{_prefix}/include
-%{_prefix}/lib/*.a
-%{_prefix}/lib/cmake/ripple
-
-%files reporting
-%define _prefix /opt/rippled-reporting
-%doc rippled/README.md rippled/LICENSE.md
-
-%{_bindir}/rippled-reporting
-/usr/local/bin/rippled-reporting
-%config(noreplace) /etc/opt/rippled-reporting/rippled-reporting.cfg
-%config(noreplace) %{_prefix}/etc/rippled-reporting.cfg
-%config(noreplace) %{_prefix}/etc/validators.txt
-%config(noreplace) /etc/opt/rippled-reporting/validators.txt
-%config(noreplace) /usr/lib/systemd/system/rippled-reporting.service
-%config(noreplace) /usr/lib/systemd/system-preset/50-rippled-reporting.preset
-%dir /var/log/rippled-reporting/
-%dir /var/lib/rippled-reporting/
-%{_bindir}/update-rippled-reporting.sh
-%{_bindir}/getRippledReportingInfo
-%{_prefix}/etc/update-rippled-reporting-cron
-%config(noreplace) /etc/logrotate.d/rippled-reporting
-
-%changelog
-* Wed Aug 28 2019 Mike Ellery <mellery451@gmail.com>
-- Switch to subproject build for validator-keys
-
-* Wed May 15 2019 Mike Ellery <mellery451@gmail.com>
-- Make validator-keys use local rippled build for core lib
-
-* Wed Aug 01 2018 Mike Ellery <mellery451@gmail.com>
-- add devel package for signing library
-
-* Thu Jun 02 2016 Brandon Wilson <bwilson@ripple.com>
-- Install validators.txt

Builds/containers/shared/install_cmake.sh

@@ -1,37 +0,0 @@
-#!/usr/bin/env bash
-set -e
-
-IFS=. read cm_maj cm_min cm_rel <<<"$1"
-: ${cm_rel:-0}
-CMAKE_ROOT=${2:-"${HOME}/cmake"}
-
-function cmake_version ()
-{
-    if [[ -d ${CMAKE_ROOT} ]] ; then
-        local perms=$(test $(uname) = "Linux" && echo "/111" || echo "+111")
-        local installed=$(find ${CMAKE_ROOT} -perm ${perms} -type f -name cmake)
-        if [[ "${installed}" != "" ]] ; then
-            echo "$(${installed} --version | head -1)"
-        fi
-    fi
-}
-
-installed=$(cmake_version)
-if [[ "${installed}" != "" && ${installed} =~ ${cm_maj}.${cm_min}.${cm_rel} ]] ; then
-    echo "cmake already installed: ${installed}"
-    exit
-fi
-# From CMake 20+ "Linux" is lowercase so using `uname` won't create be the correct path
-if [ ${cm_min} -gt 19 ]; then
-    linux="linux"
-else
-    linux=$(uname)
-fi
-pkgname="cmake-${cm_maj}.${cm_min}.${cm_rel}-${linux}-x86_64.tar.gz"
-tmppkg="/tmp/cmake.tar.gz"
-wget --quiet https://cmake.org/files/v${cm_maj}.${cm_min}/${pkgname} -O ${tmppkg}
-mkdir -p ${CMAKE_ROOT}
-cd ${CMAKE_ROOT}
-tar --strip-components 1 -xf ${tmppkg}
-rm -f ${tmppkg}
-echo "installed: $(cmake_version)"

Builds/containers/shared/rippled-logrotate

@@ -1,15 +0,0 @@
-/var/log/rippled/*.log {
-  daily
-  minsize 200M
-  rotate 7
-  nocreate
-  missingok
-  notifempty
-  compress
-  compresscmd /usr/bin/nice
-  compressoptions -n19 ionice -c3 gzip
-  compressext .gz
-  postrotate
-    /opt/ripple/bin/rippled --conf /opt/ripple/etc/rippled.cfg logrotate
-  endscript
-}

Builds/containers/shared/rippled-reporting.service

@@ -1,15 +0,0 @@
-[Unit]
-Description=Ripple Daemon
-After=network-online.target
-Wants=network-online.target
-
-[Service]
-Type=simple
-ExecStart=/opt/rippled-reporting/bin/rippled-reporting --silent --conf /etc/opt/rippled-reporting/rippled-reporting.cfg
-Restart=on-failure
-User=rippled-reporting
-Group=rippled-reporting
-LimitNOFILE=65536
-
-[Install]
-WantedBy=multi-user.target

Builds/containers/shared/rippled.service

@@ -1,15 +0,0 @@
-[Unit]
-Description=Ripple Daemon
-After=network-online.target
-Wants=network-online.target
-
-[Service]
-Type=simple
-ExecStart=/opt/ripple/bin/rippled --net --silent --conf /etc/opt/ripple/rippled.cfg
-Restart=on-failure
-User=rippled
-Group=rippled
-LimitNOFILE=65536
-
-[Install]
-WantedBy=multi-user.target

Builds/containers/shared/update-rippled-cron

@@ -1,10 +0,0 @@
-# For automatic updates, symlink this file to /etc/cron.d/
-# Do not remove the newline at the end of this cron script
-
-# bash required for use of RANDOM below.
-SHELL=/bin/bash
-PATH=/sbin;/bin;/usr/sbin;/usr/bin
-
-# invoke check/update script with random delay up to 59 mins
-0 * * * * root sleep $((RANDOM*3540/32768)) && /opt/ripple/bin/update-rippled.sh
-

Builds/containers/shared/update-rippled.sh

@@ -1,65 +0,0 @@
-#!/usr/bin/env bash
-
-# auto-update script for rippled daemon
-
-# Check for sudo/root permissions
-if [[ $(id -u) -ne 0 ]] ; then
-   echo "This update script must be run as root or sudo"
-   exit 1
-fi
-
-LOCKDIR=/tmp/rippleupdate.lock
-UPDATELOG=/var/log/rippled/update.log
-
-function cleanup {
-  # If this directory isn't removed, future updates will fail.
-  rmdir $LOCKDIR
-}
-
-# Use mkdir to check if process is already running. mkdir is atomic, as against file create.
-if ! mkdir $LOCKDIR 2>/dev/null; then
-  echo $(date -u) "lockdir exists - won't proceed." >> $UPDATELOG
-  exit 1
-fi
-trap cleanup EXIT
-
-source /etc/os-release
-can_update=false
-
-if [[ "$ID" == "ubuntu" || "$ID" == "debian" ]] ; then
-  # Silent update
-  apt-get update -qq
-
-  # The next line is an "awk"ward way to check if the package needs to be updated.
-  RIPPLE=$(apt-get install -s --only-upgrade rippled | awk '/^Inst/ { print $2 }')
-  test "$RIPPLE" == "rippled" && can_update=true
-
-  function apply_update {
-    apt-get install rippled -qq
-  }
-elif [[ "$ID" == "fedora" || "$ID" == "centos" || "$ID" == "rhel" || "$ID" == "scientific" ]] ; then
-  RIPPLE_REPO=${RIPPLE_REPO-stable}
-  yum --disablerepo=* --enablerepo=ripple-$RIPPLE_REPO clean expire-cache
-
-  yum check-update -q --enablerepo=ripple-$RIPPLE_REPO rippled || can_update=true
-
-  function apply_update {
-    yum update -y --enablerepo=ripple-$RIPPLE_REPO rippled
-  }
-else
-  echo "unrecognized distro!"
-  exit 1
-fi
-
-# Do the actual update and restart the service after reloading systemctl daemon.
-if [ "$can_update" = true ] ; then
-  exec 3>&1 1>>${UPDATELOG} 2>&1
-  set -e
-  apply_update
-  systemctl daemon-reload
-  systemctl restart rippled.service
-  echo $(date -u) "rippled daemon updated."
-else
-  echo $(date -u) "no updates available" >> $UPDATELOG
-fi
-

Builds/containers/shared/update_sources.sh

@@ -1,20 +0,0 @@
-#!/usr/bin/env bash
-
-function error {
-    echo $1
-    exit 1
-}
-
-cd /opt/rippled_bld/pkg/rippled
-export RIPPLED_VERSION=$(egrep -i -o "\b(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(-[0-9a-z\-]+(\.[0-9a-z\-]+)*)?(\+[0-9a-z\-]+(\.[0-9a-z\-]+)*)?\b" src/ripple/protocol/impl/BuildInfo.cpp)
-
-: ${PKG_OUTDIR:=/opt/rippled_bld/pkg/out}
-export PKG_OUTDIR
-if [ ! -d ${PKG_OUTDIR} ]; then
-    error "${PKG_OUTDIR} is not mounted"
-fi
-
-if [ -x ${OPENSSL_ROOT}/bin/openssl ]; then
-    LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:${OPENSSL_ROOT}/lib ${OPENSSL_ROOT}/bin/openssl version -a
-fi
-

Builds/containers/ubuntu-builder/Dockerfile

@@ -1,15 +0,0 @@
-ARG DIST_TAG=18.04
-FROM ubuntu:$DIST_TAG
-ARG GIT_COMMIT=unknown
-ARG CI_USE=false
-LABEL git-commit=$GIT_COMMIT
-
-WORKDIR /root
-COPY ubuntu-builder/ubuntu_setup.sh .
-RUN ./ubuntu_setup.sh && rm ubuntu_setup.sh
-
-RUN mkdir -m 777 -p /opt/rippled_bld/pkg/
-WORKDIR /opt/rippled_bld/pkg
-
-COPY packaging/dpkg/build_dpkg.sh ./
-CMD ./build_dpkg.sh

Builds/containers/ubuntu-builder/ubuntu_setup.sh

@@ -1,76 +0,0 @@
-#!/usr/bin/env bash
-
-set -o errexit
-set -o nounset
-set -o xtrace
-
-# Parameters
-
-gcc_version=${GCC_VERSION:-10}
-cmake_version=${CMAKE_VERSION:-3.25.1}
-conan_version=${CONAN_VERSION:-1.59}
-
-apt update
-# Iteratively build the list of packages to install so that we can interleave
-# the lines with comments explaining their inclusion.
-dependencies=''
-# - to identify the Ubuntu version
-dependencies+=' lsb-release'
-# - for add-apt-repository
-dependencies+=' software-properties-common'
-# - to download CMake
-dependencies+=' curl'
-# - to build CMake
-dependencies+=' libssl-dev'
-# - Python headers for Boost.Python
-dependencies+=' python3-dev'
-# - to install Conan
-dependencies+=' python3-pip'
-# - to download rippled
-dependencies+=' git'
-# - CMake generators (but not CMake itself)
-dependencies+=' make ninja-build'
-apt install --yes ${dependencies}
-
-add-apt-repository --yes ppa:ubuntu-toolchain-r/test
-apt install --yes gcc-${gcc_version} g++-${gcc_version} \
-  debhelper debmake debsums gnupg dh-buildinfo dh-make dh-systemd cmake \
-  ninja-build zlib1g-dev make cmake ninja-build autoconf automake \
-  pkg-config apt-transport-https
-
-# Give us nice unversioned aliases for gcc and company.
-update-alternatives --install \
-  /usr/bin/gcc gcc /usr/bin/gcc-${gcc_version} 100 \
-  --slave /usr/bin/g++ g++ /usr/bin/g++-${gcc_version} \
-  --slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-${gcc_version} \
-  --slave /usr/bin/gcc-nm gcc-nm /usr/bin/gcc-nm-${gcc_version} \
-  --slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-${gcc_version} \
-  --slave /usr/bin/gcov gcov /usr/bin/gcov-${gcc_version} \
-  --slave /usr/bin/gcov-tool gcov-tool /usr/bin/gcov-dump-${gcc_version} \
-  --slave /usr/bin/gcov-dump gcov-dump /usr/bin/gcov-tool-${gcc_version}
-update-alternatives --auto gcc
-
-# Download and unpack CMake.
-cmake_slug="cmake-${cmake_version}"
-curl --location --remote-name \
-  "https://github.com/Kitware/CMake/releases/download/v${cmake_version}/${cmake_slug}.tar.gz"
-tar xzf ${cmake_slug}.tar.gz
-rm ${cmake_slug}.tar.gz
-
-# Build and install CMake.
-cd ${cmake_slug}
-./bootstrap --parallel=$(nproc)
-make --jobs $(nproc)
-make install
-cd ..
-rm --recursive --force ${cmake_slug}
-
-# Install Conan.
-pip3 install conan==${conan_version}
-
-conan profile new --detect gcc
-conan profile update settings.compiler=gcc gcc
-conan profile update settings.compiler.version=${gcc_version} gcc
-conan profile update settings.compiler.libcxx=libstdc++11 gcc
-conan profile update env.CC=/usr/bin/gcc gcc
-conan profile update env.CXX=/usr/bin/g++ gcc

Builds/levelization/results/loops.txt

@@ -16,6 +16,9 @@ Loop: ripple.app ripple.overlay
 Loop: ripple.app ripple.peerfinder
   ripple.app > ripple.peerfinder
 
+Loop: ripple.app ripple.protocol
+  ripple.app > ripple.protocol
+
 Loop: ripple.app ripple.rpc
   ripple.rpc > ripple.app
 
@@ -46,6 +49,12 @@ Loop: ripple.nodestore ripple.overlay
 Loop: ripple.overlay ripple.rpc
   ripple.rpc ~= ripple.overlay
 
+Loop: test.app test.jtx
+  test.app > test.jtx
+
+Loop: test.app test.rpc
+  test.rpc ~= test.app
+
 Loop: test.jtx test.toplevel
   test.toplevel > test.jtx
 

Builds/levelization/results/ordering.txt

@@ -4,7 +4,6 @@ ripple.app > ripple.conditions
 ripple.app > ripple.consensus
 ripple.app > ripple.crypto
 ripple.app > ripple.json
-ripple.app > ripple.protocol
 ripple.app > ripple.resource
 ripple.app > test.unit_test
 ripple.basics > ripple.beast
@@ -91,8 +90,6 @@ test.app > ripple.overlay
 test.app > ripple.protocol
 test.app > ripple.resource
 test.app > ripple.rpc
-test.app > test.jtx
-test.app > test.rpc
 test.app > test.toplevel
 test.app > test.unit_test
 test.basics > ripple.basics
@@ -111,7 +108,9 @@ test.consensus > ripple.app
 test.consensus > ripple.basics
 test.consensus > ripple.beast
 test.consensus > ripple.consensus
+test.consensus > ripple.core
 test.consensus > ripple.ledger
+test.consensus > ripple.protocol
 test.consensus > test.csf
 test.consensus > test.toplevel
 test.consensus > test.unit_test
@@ -185,7 +184,6 @@ test.protocol > ripple.basics
 test.protocol > ripple.beast
 test.protocol > ripple.crypto
 test.protocol > ripple.json
-test.protocol > ripple.ledger
 test.protocol > ripple.protocol
 test.protocol > test.toplevel
 test.resource > ripple.basics

Builds/linux/README.md

@@ -1 +0,0 @@
-[Build instructions are currently located in `BUILD.md`](../../BUILD.md)

Builds/macos/README.md

@@ -1 +0,0 @@
-[Build instructions are currently located in `BUILD.md`](../../BUILD.md)

CMakeLists.txt

@@ -1,14 +1,24 @@
 cmake_minimum_required (VERSION 3.16)
-
-if (POLICY CMP0074)
-  cmake_policy(SET CMP0074 NEW)
-endif ()
-
-project (rippled)
 set(CMAKE_CXX_EXTENSIONS OFF)
 set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
+if(POLICY CMP0074)
+  cmake_policy(SET CMP0074 NEW)
+endif()
+if(POLICY CMP0077)
+  cmake_policy(SET CMP0077 NEW)
+endif()
+
+# Fix "unrecognized escape" issues when passing CMAKE_MODULE_PATH on Windows.
+file(TO_CMAKE_PATH "${CMAKE_MODULE_PATH}" CMAKE_MODULE_PATH)
+list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake")
+
+if(POLICY CMP0144)
+  cmake_policy(SET CMP0144 NEW)
+endif()
+
+project (rippled)
 set(Boost_NO_BOOST_CMAKE ON)
 
 # make GIT_COMMIT_HASH define available to all sources
@@ -23,14 +33,27 @@ if(Git_FOUND)
     endif()
 endif() #git
 
-if (thread_safety_analysis)
+if(thread_safety_analysis)
   add_compile_options(-Wthread-safety -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS -DRIPPLE_ENABLE_THREAD_SAFETY_ANNOTATIONS)
   add_compile_options("-stdlib=libc++")
   add_link_options("-stdlib=libc++")
 endif()
 
-list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake")
-list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake/deps")
+option(USE_CONAN "Use Conan package manager for dependencies" OFF)
+# Then, auto-detect if conan_toolchain.cmake is being used
+if(CMAKE_TOOLCHAIN_FILE)
+  # Check if the toolchain file path contains "conan_toolchain"
+  if(CMAKE_TOOLCHAIN_FILE MATCHES "conan_toolchain")
+    set(USE_CONAN ON CACHE BOOL "Using Conan detected from toolchain file" FORCE)
+    message(STATUS "Conan toolchain detected: ${CMAKE_TOOLCHAIN_FILE}")
+    message(STATUS "Building with Conan dependencies")
+  endif()
+endif()
+
+if (NOT USE_CONAN)
+  list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake")
+  list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/Builds/CMake/deps")
+endif()
 
 include (CheckCXXCompilerFlag)
 include (FetchContent)
@@ -44,8 +67,9 @@ endif ()
 include(RippledSanity)
 include(RippledVersion)
 include(RippledSettings)
-include(RippledNIH)
-include(RippledRelease)
+if (NOT USE_CONAN)
+  include(RippledNIH)
+endif()
 # this check has to remain in the top-level cmake
 # because of the early return statement
 if (packages_only)
@@ -58,24 +82,86 @@ include(RippledCompiler)
 include(RippledInterface)
 
 ###
+if (NOT USE_CONAN)
+  add_subdirectory(src/secp256k1)
+  add_subdirectory(src/ed25519-donna)
+  include(deps/Boost)
+  include(deps/OpenSSL)
+  # include(deps/Secp256k1)
+  # include(deps/Ed25519-donna)
+  include(deps/Lz4)
+  include(deps/Libarchive)
+  include(deps/Sqlite)
+  include(deps/Soci)
+  include(deps/Snappy)
+  include(deps/Rocksdb)
+  include(deps/Nudb)
+  include(deps/date)
+  include(deps/Protobuf)
+  include(deps/gRPC)
+  include(deps/cassandra)
+  include(deps/Postgres)
+  include(deps/WasmEdge)
+else()
+  include(conan/Boost)
+  find_package(OpenSSL 1.1.1 REQUIRED)
+  set_target_properties(OpenSSL::SSL PROPERTIES
+    INTERFACE_COMPILE_DEFINITIONS OPENSSL_NO_SSL2
+  )
+  add_subdirectory(src/secp256k1)
+  add_subdirectory(src/ed25519-donna)
+  find_package(lz4 REQUIRED)
+  # Target names with :: are not allowed in a generator expression.
+  # We need to pull the include directories and imported location properties
+  # from separate targets.
+  find_package(LibArchive REQUIRED)
+  find_package(SOCI REQUIRED)
+  find_package(SQLite3 REQUIRED)
+  find_package(Snappy REQUIRED)
+  find_package(wasmedge REQUIRED)
+  option(rocksdb "Enable RocksDB" ON)
+  if(rocksdb)
+    find_package(RocksDB REQUIRED)
+    set_target_properties(RocksDB::rocksdb PROPERTIES
+      INTERFACE_COMPILE_DEFINITIONS RIPPLE_ROCKSDB_AVAILABLE=1
+    )
+    target_link_libraries(ripple_libs INTERFACE RocksDB::rocksdb)
+  endif()
+  find_package(nudb REQUIRED)
+  find_package(date REQUIRED)
+  find_package(BLAKE3 REQUIRED)
+  include(conan/Protobuf)
+  include(conan/gRPC)
+    if(TARGET nudb::core)
+    set(nudb nudb::core)
+  elseif(TARGET NuDB::nudb)
+    set(nudb NuDB::nudb)
+  else()
+    message(FATAL_ERROR "unknown nudb target")
+  endif()
+  target_link_libraries(ripple_libs INTERFACE ${nudb})
 
-include(deps/Boost)
-include(deps/OpenSSL)
-include(deps/Secp256k1)
-include(deps/Ed25519-donna)
-include(deps/Lz4)
-include(deps/Libarchive)
-include(deps/Sqlite)
-include(deps/Soci)
-include(deps/Snappy)
-include(deps/Rocksdb)
-include(deps/Nudb)
-include(deps/date)
-include(deps/Protobuf)
-include(deps/gRPC)
-include(deps/cassandra)
-include(deps/Postgres)
-include(deps/WasmEdge)
+  if(reporting)
+    find_package(cassandra-cpp-driver REQUIRED)
+    find_package(PostgreSQL REQUIRED)
+    target_link_libraries(ripple_libs INTERFACE
+      cassandra-cpp-driver::cassandra-cpp-driver
+      PostgreSQL::PostgreSQL
+    )
+  endif()
+  target_link_libraries(ripple_libs INTERFACE
+    ed25519::ed25519
+    LibArchive::LibArchive
+    lz4::lz4
+    OpenSSL::Crypto
+    OpenSSL::SSL
+    Ripple::grpc_pbufs
+    Ripple::pbufs
+    secp256k1::secp256k1
+    soci::soci
+    SQLite::SQLite3
+  )
+endif()
 
 ###
 

CONTRIBUTING.md

@@ -1,67 +1,185 @@
-# Contributing
-The XRP Ledger has many and diverse stakeholders, and everyone deserves a chance to contribute meaningful changes to the code that runs the XRPL.
-To contribute, please:
-1. Fork the repository under your own user.
-2. Create a new branch on which to write your changes. Please note that changes which alter transaction processing must be composed via and guarded using [Amendments](https://xrpl.org/amendments.html). Changes which are _read only_ i.e. RPC, or changes which are only refactors and maintain the existing behaviour do not need to be made through an Amendment.
-3. Write and test your code.
-4. Ensure that your code compiles with the provided build engine and update the provided build engine as part of your PR where needed and where appropriate.
-5. Write test cases for your code and include those in `src/test` such that they are runnable from the command line using `./rippled -u`. (Some changes will not be able to be tested this way.)
-6. Ensure your code passes automated checks (e.g. clang-format and levelization.)
-7. Squash your commits (i.e. rebase) into as few commits as is reasonable to describe your changes at a high level (typically a single commit for a small change.)
-8. Open a PR to the main repository onto the _develop_ branch, and follow the provided template.
+Xahau has many and diverse stakeholders, and everyone deserves
+a chance to contribute meaningful changes to the code that runs Xahau.
+
+# Contributing
+
+We assume you are familiar with the general practice of [making
+contributions on GitHub][1]. This file includes only special
+instructions specific to this project.
+
+
+## Before you start
+
+In general, contributions should be developed in your personal
+[fork](https://github.com/xahau/xahaud/fork).
+
+The following branches exist in the main project repository:
+
+- `dev`: The latest set of unreleased features, and the most common
+    starting point for contributions.
+- `candidate`: The latest beta release or release candidate.
+- `release`: The latest stable release.
+
+The tip of each branch must be signed. In order for GitHub to sign a
+squashed commit that it builds from your pull request, GitHub must know
+your verifying key. Please set up [signature verification][signing].
+
+[rippled]: https://github.com/xahau/xahaud
+[signing]:
+    https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification
+
+
+## Major contributions
+
+If your contribution is a major feature or breaking change, then you
+must first write a Xahau Standard (XLS) describing it. Go to
+[Standards](https://github.com/XRPLF/XRPL-Standards/discussions),
+choose the next available standard number, and open a discussion with an
+appropriate title to propose your draft standard.
+
+When you submit a pull request, please link the corresponding XLS in the
+description. An XLS still in draft status is considered a
+work-in-progress and open for discussion. Please allow time for
+questions, suggestions, and changes to the XLS draft. It is the
+responsibility of the XLS author to update the draft to match the final
+implementation when its corresponding pull request is merged, unless the
+author delegates that responsibility to others.
+
+
+## Before making a pull request
+
+Changes that alter transaction processing must be guarded by an
+[Amendment](https://docs.xahau.network/features/amendments).
+All other changes that maintain the existing behavior do not need an
+Amendment.
+
+Ensure that your code compiles according to the build instructions in the
+[`documentation`](https://docs.xahau.network/infrastructure/building-xahau).
+If you create new source files, they must go under `src/ripple`.
+You will need to add them to one of the
+[source lists](./Builds/CMake/RippledCore.cmake) in CMake.
+
+Please write tests for your code.
+If you create new test source files, they must go under `src/test`.
+You will need to add them to one of the
+[source lists](./Builds/CMake/RippledCore.cmake) in CMake.
+If your test can be run offline, in under 60 seconds, then it can be an
+automatic test run by `rippled --unittest`.
+Otherwise, it must be a manual test.
+
+The source must be formatted according to the style guide below.
+
+Header includes must be [levelized](./Builds/levelization).
+
+
+## Pull requests
+
+In general, pull requests use `develop` as the base branch.
+
+(Hotfixes are an exception.)
+
+Changes to pull requests must be added as new commits.
+Once code reviewers have started looking at your code, please avoid
+force-pushing a branch in a pull request.
+This preserves the ability for reviewers to filter changes since their last
+review.
+
+A pull request must obtain **approvals from at least two reviewers** before it
+can be considered for merge by a Maintainer.
+Maintainers retain discretion to require more approvals if they feel the
+credibility of the existing approvals is insufficient.
+
+Pull requests must be merged by [squash-and-merge][2]
+to preserve a linear history for the `develop` branch.
 
-# Major Changes
-If your code change is a major feature, a breaking change or in some other way makes a significant alteration to the way the XRPL will operate, then you must first write an XLS document (XRP Ledger Standard) describing your change.
-To do this:
-1. Go to [XLS Standards](https://github.com/XRPLF/XRPL-Standards/discussions).
-2. Choose the next available standard number.
-3. Open a discussion with the appropriate title to propose your draft standard.
-4. Link your XLS in your PR.
 
 # Style guide
-This is a non-exhaustive list of recommended style guidelines. These are not always strictly enforced and serve as a way to keep the codebase coherent rather than a set of _thou shalt not_ commandments.
+
+This is a non-exhaustive list of recommended style guidelines. These are
+not always strictly enforced and serve as a way to keep the codebase
+coherent rather than a set of _thou shalt not_ commandments.
+
 
 ## Formatting
-All code must conform to `clang-format` version 10, unless the result would be unreasonably difficult to read or maintain.
-To change your code to conform use `clang-format -i <your changed files>`.
+
+All code must conform to `clang-format` version 10,
+according to the settings in [`.clang-format`](./.clang-format),
+unless the result would be unreasonably difficult to read or maintain.
+To demarcate lines that should be left as-is, surround them with comments like
+this:
+
+```
+// clang-format off
+...
+// clang-format on
+```
+
+You can format individual files in place by running `clang-format -i <file>...`
+from any directory within this project.
+
+You can install a pre-commit hook to automatically run `clang-format` before every commit:
+```
+pip3 install pre-commit
+pre-commit install
+```
 
 ## Avoid
+
 1. Proliferation of nearly identical code.
 2. Proliferation of new files and classes.
 3. Complex inheritance and complex OOP patterns.
 4. Unmanaged memory allocation and raw pointers.
-5. Macros and non-trivial templates (unless they add significant value.)
-6. Lambda patterns (unless these add significant value.)
-7. CPU or architecture-specific code unless there is a good reason to include it, and where it is used guard it with macros and provide explanatory comments.
+5. Macros and non-trivial templates (unless they add significant value).
+6. Lambda patterns (unless these add significant value).
+7. CPU or architecture-specific code unless there is a good reason to
+   include it, and where it is used, guard it with macros and provide
+   explanatory comments.
 8. Importing new libraries unless there is a very good reason to do so.
 
+
 ## Seek to
+
 9. Extend functionality of existing code rather than creating new code.
-10. Prefer readability over terseness where important logic is concerned.
-11. Inline functions that are not used or are not likely to be used elsewhere in the codebase.
-12. Use clear and self-explanatory names for functions, variables, structs and classes.
-13. Use TitleCase for classes, structs and filenames, camelCase for function and variable names, lower case for namespaces and folders.
-14. Provide as many comments as you feel that a competent programmer would need to understand what your code does.
+10. Prefer readability over terseness where important logic is
+    concerned.
+11. Inline functions that are not used or are not likely to be used
+    elsewhere in the codebase.
+12. Use clear and self-explanatory names for functions, variables,
+    structs and classes.
+13. Use TitleCase for classes, structs and filenames, camelCase for
+    function and variable names, lower case for namespaces and folders.
+14. Provide as many comments as you feel that a competent programmer
+    would need to understand what your code does.
+
 
 # Maintainers
-Maintainers are ecosystem participants with elevated access to the repository. They are able to push new code, make decisions on when a release should be made, etc.
 
-## Code Review
-New contributors' PRs must be reviewed by at least two of the maintainers. Well established prior contributors can be reviewed by a single maintainer.
+Maintainers are ecosystem participants with elevated access to the repository.
+They are able to push new code, make decisions on when a release should be
+made, etc.
 
-## Adding and Removing
-New maintainers can be proposed by two existing maintainers, subject to a vote by a quorum of the existing maintainers. A minimum of 50% support and a 50% participation is required. In the event of a tie vote, the addition of the new maintainer will be rejected.
 
-Existing maintainers can resign, or be subject to a vote for removal at the behest of two existing maintainers. A minimum of 60% agreement and 50% participation are required. The XRP Ledger Foundation will have the ability, for cause, to remove an existing maintainer without a vote.
+## Adding and removing
 
-## Existing Maintainers
-* [JoelKatz](https://github.com/JoelKatz) (Ripple)
-* [Manojsdoshi](https://github.com/manojsdoshi) (Ripple)
-* [N3tc4t](https://github.com/n3tc4t) (XRPL Labs)
-* [Nikolaos D Bougalis](https://github.com/nbougalis)
-* [Nixer89](https://github.com/nixer89) (XRP Ledger Foundation)
-* [RichardAH](https://github.com/RichardAH) (XRPL Labs + XRP Ledger Foundation)
-* [Seelabs](https://github.com/seelabs) (Ripple)
-* [Silkjaer](https://github.com/Silkjaer) (XRP Ledger Foundation)
-* [WietseWind](https://github.com/WietseWind) (XRPL Labs + XRP Ledger Foundation)
-* [Ximinez](https://github.com/ximinez) (Ripple)
+New maintainers can be proposed by two existing maintainers, subject to a vote
+by a quorum of the existing maintainers.
+A minimum of 50% support and a 50% participation is required.
+In the event of a tie vote, the addition of the new maintainer will be
+rejected.
+
+Existing maintainers can resign, or be subject to a vote for removal at the
+behest of two existing maintainers.
+A minimum of 60% agreement and 50% participation are required.
+The XRP Ledger Foundation will have the ability, for cause, to remove an
+existing maintainer without a vote.
+
+
+## Current Maintainers
+
+* [Richard Holland](https://github.com/RichardAH) (XRPL Labs + XRP Ledger Foundation)
+* [Denis Angell](https://github.com/dangell7) (XRPL Labs + XRP Ledger Foundation)
+* [Wietse Wind](https://github.com/WietseWind) (XRPL Labs + XRP Ledger Foundation)
+
+
+[1]: https://docs.github.com/en/get-started/quickstart/contributing-to-projects
+[2]: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges#squash-and-merge-your-commits

DISABLE_OLD_ENTRIES.md

@@ -0,0 +1,217 @@
+# Auto-Disable Strategy for Hash Migration
+
+## Core Concept
+Instead of trying to fix entries with hardcoded old keys, **automatically disable them** during migration. If it contains old keys, it's broken anyway - make that explicit.
+
+## The Algorithm
+
+### Phase 1: Build Complete Old Key Set
+```cpp
+std::unordered_set<uint256> all_old_keys;
+
+// Collect ALL SHA-512 keys from current state
+stateMap_.visitLeaves([&](SHAMapItem const& item) {
+    all_old_keys.insert(item.key());
+    
+    // Also collect keys from reference fields
+    SerialIter sit(item.slice());
+    auto sle = std::make_shared<SLE>(sit, item.key());
+    
+    // Collect from vector fields
+    if (sle->isFieldPresent(sfIndexes)) {
+        for (auto& key : sle->getFieldV256(sfIndexes)) {
+            all_old_keys.insert(key);
+        }
+    }
+    // ... check all other reference fields
+});
+```
+
+### Phase 2: Scan and Disable
+
+#### Hook Definitions (WASM Code)
+```cpp
+bool scanWASMForKeys(Blob const& wasm_code, std::unordered_set<uint256> const& keys) {
+    // Scan for 32-byte sequences matching known keys
+    for (size_t i = 0; i <= wasm_code.size() - 32; i++) {
+        uint256 potential_key = extract32Bytes(wasm_code, i);
+        if (keys.count(potential_key)) {
+            return true;  // Found hardcoded key!
+        }
+    }
+    return false;
+}
+
+// During migration
+for (auto& hookDef : allHookDefinitions) {
+    if (scanWASMForKeys(hookDef->getFieldBlob(sfCreateCode), all_old_keys)) {
+        hookDef->setFieldU32(sfFlags, hookDef->getFlags() | HOOK_DISABLED_OLD_KEYS);
+        disabled_hooks.push_back(hookDef->key());
+    }
+}
+```
+
+#### Hook State (Arbitrary Data)
+```cpp
+for (auto& hookState : allHookStates) {
+    auto data = hookState->getFieldBlob(sfHookStateData);
+    if (containsAnyKey(data, all_old_keys)) {
+        hookState->setFieldU32(sfFlags, STATE_INVALID_OLD_KEYS);
+        disabled_states.push_back(hookState->key());
+    }
+}
+```
+
+#### Other Vulnerable Entry Types
+```cpp
+void disableEntriesWithOldKeys(SLE& sle) {
+    switch(sle.getType()) {
+        case ltHOOK:
+            if (hasOldKeys(sle)) {
+                sle.setFlag(HOOK_DISABLED_MIGRATION);
+            }
+            break;
+            
+        case ltESCROW:
+            // Check if destination/condition contains old keys
+            if (containsOldKeyReferences(sle)) {
+                sle.setFlag(ESCROW_FROZEN_MIGRATION);
+            }
+            break;
+            
+        case ltPAYCHAN:
+            // Payment channels with old key references
+            if (hasOldKeyInFields(sle)) {
+                sle.setFlag(PAYCHAN_SUSPENDED_MIGRATION);
+            }
+            break;
+            
+        case ltHOOK_STATE:
+            // Already handled above
+            break;
+    }
+}
+```
+
+## Flag Definitions
+
+```cpp
+// New flags for migration-disabled entries
+constexpr uint32_t HOOK_DISABLED_OLD_KEYS     = 0x00100000;
+constexpr uint32_t STATE_INVALID_OLD_KEYS     = 0x00200000;
+constexpr uint32_t ESCROW_FROZEN_MIGRATION    = 0x00400000;
+constexpr uint32_t PAYCHAN_SUSPENDED_MIGRATION = 0x00800000;
+constexpr uint32_t ENTRY_BROKEN_MIGRATION     = 0x01000000;
+```
+
+## Execution Prevention
+
+```cpp
+// In transaction processing
+TER HookExecutor::executeHook(Hook const& hook) {
+    if (hook.isFieldPresent(sfFlags)) {
+        if (hook.getFlags() & HOOK_DISABLED_OLD_KEYS) {
+            return tecHOOK_DISABLED_MIGRATION;
+        }
+    }
+    // Normal execution
+}
+
+TER processEscrow(Escrow const& escrow) {
+    if (escrow.getFlags() & ESCROW_FROZEN_MIGRATION) {
+        return tecESCROW_FROZEN_MIGRATION;
+    }
+    // Normal processing
+}
+```
+
+## Re-enabling Process
+
+### For Hooks
+Developer must submit a new SetHook transaction with updated WASM:
+```cpp
+TER SetHook::doApply() {
+    // If hook was disabled for migration
+    if (oldHook->getFlags() & HOOK_DISABLED_OLD_KEYS) {
+        // Verify new WASM doesn't contain old keys
+        if (scanWASMForKeys(newWasm, all_old_keys)) {
+            return tecSTILL_CONTAINS_OLD_KEYS;
+        }
+        // Clear the disabled flag
+        newHook->clearFlag(HOOK_DISABLED_OLD_KEYS);
+    }
+}
+```
+
+### For Hook State
+Must be cleared and rebuilt:
+```cpp
+TER HookStateModify::doApply() {
+    if (state->getFlags() & STATE_INVALID_OLD_KEYS) {
+        // Can only delete, not modify
+        if (operation != DELETE) {
+            return tecSTATE_REQUIRES_REBUILD;
+        }
+    }
+}
+```
+
+## Migration Report
+
+```json
+{
+    "migration_ledger": 20000000,
+    "entries_scanned": 620000,
+    "entries_disabled": {
+        "hooks": 12,
+        "hook_definitions": 3,
+        "hook_states": 1847,
+        "escrows": 5,
+        "payment_channels": 2
+    },
+    "disabled_by_reason": {
+        "wasm_contains_keys": 3,
+        "state_contains_keys": 1847,
+        "reference_old_keys": 19
+    },
+    "action_required": [
+        {
+            "type": "HOOK_DEFINITION",
+            "key": "0xABCD...",
+            "owner": "rXXX...",
+            "reason": "WASM contains 3 hardcoded SHA-512 keys",
+            "action": "Recompile hook with new keys or remove hardcoding"
+        }
+    ]
+}
+```
+
+## Benefits
+
+1. **Safety**: Broken things explicitly disabled, not silently failing
+2. **Transparency**: Clear record of what was disabled and why
+3. **Natural Cleanup**: Abandoned entries stay disabled forever
+4. **Developer Responsibility**: Owners must actively fix and re-enable
+5. **No Silent Corruption**: Better to disable than corrupt
+6. **Audit Trail**: Complete record of migration casualties
+
+## Implementation Complexity
+
+- **Scanning**: O(n×m) where n=entries, m=data size
+- **Memory**: Need all old keys in memory (~40MB)
+- **False Positives**: Extremely unlikely (2^-256 probability)
+- **Recovery**: Clear path to re-enable fixed entries
+
+## The Nuclear Option
+
+If too many critical entries would be disabled:
+```cpp
+if (disabled_count > ACCEPTABLE_THRESHOLD) {
+    // Abort migration
+    return temMIGRATION_TOO_DESTRUCTIVE;
+}
+```
+
+## Summary
+
+Instead of attempting impossible fixes for hardcoded keys, acknowledge reality: **if it contains old keys, it's broken**. Make that brokenness explicit through disabling, forcing conscious action to repair and re-enable. This turns an impossible problem (fixing hardcoded keys in WASM) into a manageable one (identifying and disabling broken entries).

HASH_MIGRATION_CONTEXT.md

@@ -0,0 +1,663 @@
+# Hash Migration to Blake3 - Work Context
+
+## Build Commands
+- **To build**: `ninja -C build`
+- **To count errors**: `ninja -C build 2>&1 | grep "error:" | wc -l`
+- **To see failed files**: `ninja -C build 2>&1 | grep "^FAILED:" | head -20`
+- **DO NOT USE**: `cmake --build` or `make`
+
+## Test Compilation of Single Files
+
+### Quick Method (basic errors only)
+```bash
+clang++ -std=c++20 -I/Users/nicholasdudfield/projects/xahaud-worktrees/xahaud-map-stats-rpc/src \
+  -c src/test/app/NFToken_test.cpp -o /tmp/test.o 2>&1 | head -50
+```
+
+### Full Compilation Command (from compile_commands.json)
+Extract the exact compilation command for any file:
+```bash
+# For any specific file:
+jq -r '.[] | select(.file | endswith("NFToken_test.cpp")) | .command' build/compile_commands.json
+
+# Or simplified with just the file path:
+FILE="src/test/app/NFToken_test.cpp"
+jq -r --arg file "$FILE" '.[] | select(.file | endswith($file)) | .command' build/compile_commands.json
+```
+
+### compile_commands.json location
+- **Location**: `build/compile_commands.json`
+- Contains exact compilation commands with all include paths and flags for each source file
+- Generated by CMake during configuration
+
+## Objective
+Modify Xahaud to pass ledger_index through all hash functions to enable switching from SHA512-Half to Blake3 at a specific ledger index.
+
+## Current Approach
+Using a `hash_options` struct containing `ledger_index` that must be passed to all hash functions.
+
+## Structure Added
+```cpp
+struct hash_options {
+    std::uint32_t ledger_index;
+    explicit hash_options(std::uint32_t li) : ledger_index(li) {}
+};
+```
+
+## CRITICAL: Hash Function Classification Required
+
+### The Historical Ledger Problem
+**EVERY** hash operation needs proper classification because even "content hashing" (like transaction IDs, validator manifests, signatures) depends on WHEN it was created:
+- Transaction from ledger 10M (pre-transition) → Must use SHA-512 Half
+- Transaction from ledger 20M (post-transition) → Must use BLAKE3
+- You cannot mix hash algorithms for the same ledger - it's all or nothing
+
+### Classification Constants (to be added to digest.h)
+As an interim step, introduce classification constants to make intent explicit:
+```cpp
+// Special ledger_index values for hash operations
+constexpr uint32_t LEDGER_INDEX_UNKNOWN = 0;  // DANGEROUS - avoid!
+constexpr uint32_t LEDGER_INDEX_TEST_ONLY = std::numeric_limits<uint32_t>::max();
+constexpr uint32_t LEDGER_INDEX_NETWORK_PROTOCOL = std::numeric_limits<uint32_t>::max() - 1;
+constexpr uint32_t LEDGER_INDEX_CURRENT = std::numeric_limits<uint32_t>::max() - 2;  // Use current ledger
+```
+
+### Classification Categories
+
+1. **Ledger Object Indexing** (MUST use actual ledger_index)
+   - All `indexHash()` calls determining WHERE objects live
+   - All keylet functions creating/finding ledger objects
+   - SHAMap node hashing (builds the Merkle tree)
+
+2. **Historical Content Hashing** (MUST use ledger_index from when it was created)
+   - Transaction IDs (use ledger where tx was included)
+   - Validator manifests (use ledger when signed)
+   - Hook code hashing (use ledger when deployed)
+   - Signatures referencing ledger data
+
+3. **Test Code** (use LEDGER_INDEX_TEST_ONLY)
+   - Unit tests
+   - Mock objects
+   - Test fixtures
+
+4. **Network Protocol** (special handling needed)
+   - Peer handshakes
+   - Protocol messages
+   - May need to support both algorithms during transition
+
+### Why hash_options{0} is Dangerous
+Using `hash_options{0}` assumes everything is pre-transition (SHA-512 Half forever), which breaks after the transition point. Every usage must be classified and given the appropriate context.
+
+## SHAMap Hash Architecture Analysis
+
+### Current State
+- SHAMap stores `ledgerSeq_` and knows which ledger it represents
+- Nodes compute hashes WITHOUT ledger context (just use sha512Half directly)
+- Nodes can be SHARED between SHAMaps via canonicalization/caching
+- Node's `hash_` member stores only ONE hash value
+
+### The Fundamental Problem: Node Sharing vs Hash Migration
+
+When nodes are shared between ledgers through canonicalization:
+- A node from ledger 19,999,999 (SHA-512) has hash H1
+- Same node referenced by ledger 20,000,000 (BLAKE3) needs hash H2
+- **Cannot store both hashes without major memory overhead**
+
+### Merkle Tree Constraint
+The Merkle tree structure requires homogeneous hashing:
+```
+Root (BLAKE3)
+├── Child1 (BLAKE3) ✓
+└── Child2 (SHA-512) ✗ IMPOSSIBLE - breaks tree integrity
+```
+You cannot mix hash algorithms within a single tree - all nodes must use the same algorithm.
+
+### Migration Strategies Considered
+
+#### Option 1: Lazy/Gradual Migration ✗
+- Store both SHA-512 and BLAKE3 hashes in each node
+- Problems:
+  - Double memory usage per node
+  - Complex cache invalidation logic  
+  - Still can't mix algorithms in same tree
+  - Node sharing between ledgers becomes impossible
+
+#### Option 2: Big Bang Migration ✓ (Recommended)
+- At transition ledger:
+  - Invalidate ALL cached/stored nodes
+  - Rebuild entire state with new hash algorithm
+  - Maintain separate caches for pre/post transition
+- Benefits:
+  - Clean separation of hash epochs
+  - Easier to reason about
+  - No memory overhead
+  - Maintains tree integrity
+
+### Implementation Requirements for Big Bang
+
+1. **Pass ledger_index through all hash operations:**
+   ```cpp
+   void updateHash(std::uint32_t ledgerSeq);
+   SHAMapHash getHash(std::uint32_t ledgerSeq) const;
+   ```
+
+2. **Separate node caches by hash epoch:**
+   - Pre-transition: SHA-512 node cache
+   - Post-transition: BLAKE3 node cache
+   - Never share nodes between epochs
+
+3. **Critical functions needing updates:**
+   - `SHAMapInnerNode::updateHash()`
+   - `SHAMapInnerNode::updateHashDeep()`
+   - All `SHAMapLeafNode` subclass hash computations
+   - `SHAMap::flushDirty()` and `walkSubTree()`
+
+### Why Big Bang is Preferred
+- **Correctness**: Guarantees Merkle tree integrity
+- **Simplicity**: No complex dual-hash logic
+- **Performance**: No overhead of maintaining multiple hashes
+- **Clear boundaries**: Pre-transition and post-transition are completely separate
+
+The transition point becomes a hard boundary where the entire ledger state is rehashed with the new algorithm.
+
+### Alternative: Heterogeneous Tree - Deep Dive
+
+After deeper analysis, heterogeneous trees are more complex but potentially viable. Here's a comprehensive examination:
+
+#### The Core Insight: Hash Values Are Algorithm-Agnostic
+
+When `SHAMapInnerNode::updateHash()` computes a hash:
+```cpp
+void updateHash(hash_options const& opts) {
+    sha512_half_hasher h(opts);  
+    hash_append(h, HashPrefix::innerNode);
+    iterChildren([&](SHAMapHash const& hh) { hash_append(h, hh); });
+    // Parent hashes the HASH VALUES of children, not the raw data
+}
+```
+
+**Key realization**: Parent nodes hash their children's hash values (256-bit numbers), NOT the children's data. This means a BLAKE3 parent can hash SHA-512 child hashes without issue.
+
+#### How Heterogeneous Trees Would Work
+
+Post-transition rule: **Any NEW hash uses BLAKE3**
+
+```
+Ledger 19,999,999 (SHA-512):
+Root_SHA512
+├── Child1_SHA512
+└── Child2_SHA512
+
+Ledger 20,000,000 (BLAKE3) - Child1 modified:
+Root_BLAKE3 = BLAKE3(Child1_BLAKE3_hash || Child2_SHA512_hash)
+├── Child1_BLAKE3 (NEW hash due to modification)
+└── Child2_SHA512 (unchanged, keeps old hash)
+```
+
+#### The Canonical Structure Ensures Determinism
+
+**Critical insight**: SHAMap trees are **canonical** - the structure is deterministic based on keys:
+- Alice's account always goes in the same tree position
+- Bob's account always goes in the same position
+- Tree shape is fully determined by the set of keys
+
+Therefore:
+- Same modifications → Same tree structure
+- Same tree structure → Same nodes get rehashed
+- Same rehashing → Same final root hash
+- **Consensus is maintained!**
+
+#### The "NEW vs OLD" Detection Problem
+
+The killer issue: How do you know if you're computing a NEW hash vs verifying an OLD one?
+
+```cpp
+void updateHash(hash_options const& opts) {
+    // Am I computing a NEW hash (use BLAKE3)?
+    // Or verifying an OLD hash (could be SHA-512)?
+    // This function doesn't know WHY it was called!
+}
+```
+
+Without explicit context about NEW vs OLD:
+- Loading from DB: Don't know if it's SHA-512 or BLAKE3
+- Modifying a node: Should use BLAKE3
+- Verifying from network: Could be either
+
+Potential solutions:
+1. **Try-both approach**: Verify with BLAKE3, fallback to SHA-512
+2. **Version tracking**: Store algorithm version with each node
+3. **Context passing**: Thread NEW/OLD context through all calls
+
+#### Canonical Nodes (cowid=0) - A Complication
+
+Canonical nodes are immutable and shared, BUT:
+- They ARE verified when loaded from DB or network
+- The verification needs to compute the hash to check integrity
+- This means we need to know WHICH algorithm was used
+- Can't just trust the hash - must verify data matches
+
+This actually makes heterogeneous trees HARDER because:
+```cpp
+// When loading a canonical node from DB:
+auto node = SHAMapTreeNode::makeFromPrefix(data, hash);
+// Need to verify: does hash(data) == provided_hash?
+// But which hash function? SHA-512 or BLAKE3?
+// Must try both, adding complexity and ambiguity
+```
+
+#### System-Wide Implications
+
+##### Database Layer
+- Heterogeneous: Same data might have 2 entries (SHA-512 and BLAKE3 versions)
+- Big Bang: Clean cutover, old entries become invalid
+
+##### Network Sync
+- Heterogeneous: Ambiguous - "I need node 0xABC..." (which algorithm?)
+- Big Bang: Clear - algorithm determined by ledger context
+
+##### Consensus
+- Heterogeneous: Works IF all validators make same NEW/OLD decisions
+- Big Bang: Simple - everyone uses same algorithm
+
+##### External Proof Verification
+- Heterogeneous: Complex - mixed algorithms in Merkle paths
+- Big Bang: Simple - "before ledger X use SHA-512, after use BLAKE3"
+
+##### Performance
+- Heterogeneous: Double verification attempts for old nodes
+- Big Bang: One-time rehash cost
+
+#### Gradual Migration Pattern
+
+With heterogeneous trees, migration happens naturally:
+```
+Ledger 20,000,000: 5% BLAKE3, 95% SHA512
+Ledger 20,001,000: 30% BLAKE3, 70% SHA512  
+Ledger 20,010,000: 60% BLAKE3, 40% SHA512
+Ledger 20,100,000: 90% BLAKE3, 10% SHA512
+Eventually: ~100% BLAKE3 (dormant nodes may remain SHA-512)
+```
+
+#### Remaining Challenges
+
+1. **Context Plumbing**: Need to distinguish NEW vs OLD operations everywhere
+2. **Verification Ambiguity**: Failures could be corruption OR wrong algorithm
+3. **Testing Complexity**: Many more edge cases to test
+4. **Protocol Complexity**: Merkle proofs need algorithm information
+5. **Developer Cognitive Load**: Harder to reason about
+
+### Conclusion: Trade-offs
+
+**Heterogeneous Trees**:
+- ✅ No "big bang" transition
+- ✅ Natural, incremental migration
+- ✅ Maintains consensus (with careful implementation)
+- ❌ Permanent complexity throughout codebase
+- ❌ Ambiguous verification
+- ❌ Complex testing
+
+**Big Bang Migration**:
+- ✅ Clean, simple mental model
+- ✅ Clear algorithm boundaries
+- ✅ Easier testing and debugging
+- ❌ One-time massive performance hit
+- ❌ Requires careful coordination
+- ❌ Can't easily roll back
+
+The heterogeneous approach is **theoretically viable** but adds significant permanent complexity. Big Bang is simpler but has a painful transition. The choice depends on whether you prefer one-time pain (Big Bang) or permanent complexity (heterogeneous).
+
+## Files Modified So Far
+1. `src/ripple/protocol/digest.h` - Added hash_options struct and modified sha512Half signatures
+2. `src/ripple/protocol/impl/Indexes.cpp` - Updated indexHash and all keylet functions to accept hash_options
+3. `src/ripple/protocol/Indexes.h` - Updated all function declarations to include hash_options
+
+## Current Status
+- Core hash functions modified with backward-compatible overloads
+- All keylet functions updated to require hash_options
+- Propagating hash_options through codebase - MASSIVE undertaking
+- 91+ compilation errors remaining after fixing ~20 files
+- Every fix exposes more errors as headers propagate changes
+
+## SHAMap Node Factory Methods - Missing Ledger Context
+
+### The Problem with makeFromWire and makeFromPrefix
+These factory methods create SHAMap nodes from serialized data but **don't have ledger context**:
+
+```cpp
+// Called when receiving nodes from peers over network
+SHAMapTreeNode::makeFromWire(Slice rawNode)  
+
+// Called when loading nodes from database
+SHAMapTreeNode::makeFromPrefix(Slice rawNode, SHAMapHash const& hash)
+```
+
+These methods:
+- Parse serialized node data (from network or database)
+- Create `SHAMapInnerNode` or leaf nodes
+- Need to call `updateHash()` if hash isn't provided
+- **BUT** don't know which ledger they're building for!
+
+### Why This Is Critical
+When a node is loaded from database or received from network:
+1. The serialized data doesn't include ledger_index
+2. The node might be shared across multiple ledgers (pre-transition)
+3. After transition, we need to know if this node uses SHA-512 or BLAKE3
+4. Currently using `LEDGER_INDEX_UNKNOWN` as placeholder
+
+### Implications for P2P Protocol
+The network protocol would need changes:
+- `TMGetLedger` messages would need to specify ledger_index
+- Node responses would need hash algorithm version
+- Database storage would need to track which hash was used
+
+This reinforces why **Big Bang migration** is simpler - no protocol changes needed!
+
+## Next Steps
+1. Add hash_options{0} to all keylet call sites (using 0 as placeholder ledger_index)
+2. Get the code compiling first
+3. Later: Thread actual ledger_index values through from Views/transactions
+4. Eventually: Add Blake3 switching logic based on ledger_index threshold
+
+## Key Insight
+Every place that creates a ledger key needs to know what ledger it's operating on. This is a massive change touching:
+- All View classes
+- All transaction processors
+- All RPC handlers  
+- All tests
+- Consensus code
+
+## Compilation Strategy
+NEVER use hash_options{0} - always use proper classification from the HashContext enum in digest.h!
+
+## Quick Reference for Fixing Test Files
+
+### Essential Files to Reference
+1. **@src/ripple/protocol/digest.h** - Lines 37-107 contain the HashContext enum with ALL valid classifiers
+2. **@src/ripple/protocol/Indexes.h** - Shows all keylet function signatures that need hash_options
+
+### Keylet Function Mapping to HashContext
+When you see a keylet function, use the corresponding KEYLET_* enum value:
+```cpp
+keylet::account()        → KEYLET_ACCOUNT
+keylet::amendments()     → KEYLET_AMENDMENTS  
+keylet::book()          → KEYLET_BOOK
+keylet::check()         → KEYLET_CHECK
+keylet::child()         → KEYLET_CHILD
+keylet::depositPreauth() → KEYLET_DEPOSIT_PREAUTH
+keylet::dirPage()       → KEYLET_DIR_PAGE
+keylet::emittedDir()    → KEYLET_EMITTED_DIR
+keylet::emittedTxn()    → KEYLET_EMITTED_TXN
+keylet::escrow()        → KEYLET_ESCROW
+keylet::fees()          → KEYLET_FEES
+keylet::hook()          → KEYLET_HOOK
+keylet::hookDefinition() → KEYLET_HOOK_DEFINITION
+keylet::hookState()     → KEYLET_HOOK_STATE
+keylet::hookStateDir()  → KEYLET_HOOK_STATE_DIR
+keylet::importVLSeq()   → KEYLET_IMPORT_VLSEQ
+keylet::negativeUNL()   → KEYLET_NEGATIVE_UNL
+keylet::nftBuys()       → KEYLET_NFT_BUYS
+keylet::nftOffer()      → KEYLET_NFT_OFFER
+keylet::nftPage()       → KEYLET_NFT_PAGE
+keylet::nftSells()      → KEYLET_NFT_SELLS
+keylet::offer()         → KEYLET_OFFER
+keylet::ownerDir()      → KEYLET_OWNER_DIR
+keylet::payChan()       → KEYLET_PAYCHAN
+keylet::signers()       → KEYLET_SIGNERS
+keylet::skip()          → KEYLET_SKIP_LIST
+keylet::ticket()        → KEYLET_TICKET
+keylet::trustline()     → KEYLET_TRUSTLINE
+keylet::unchecked()     → KEYLET_UNCHECKED
+keylet::UNLReport()     → KEYLET_UNL_REPORT
+keylet::uriToken()      → KEYLET_URI_TOKEN
+```
+
+### Non-Keylet Hash Classifications
+```cpp
+sha512Half() for validator data     → VALIDATOR_LIST_HASH
+sha512Half() for hook code          → HOOK_DEFINITION or LEDGER_INDEX_UNNEEDED
+sha512Half() for signatures         → CRYPTO_SIGNATURE_HASH
+sha512Half() for network protocol   → NETWORK_HANDSHAKE_HASH
+sha512Half_s() for secure hashing   → Same rules apply
+```
+
+## Key Insights
+
+### The Scale Problem
+Every place that creates a ledger key needs to know what ledger it's operating on:
+- All View classes
+- All transaction processors (50+ files)
+- All RPC handlers (30+ files)  
+- All tests (hundreds of files)
+- Consensus code
+- Path finding code
+- Payment processing pipelines
+
+### Why This Is Hard
+1. **Cascading changes**: Fixing one header file exposes dozens of new errors
+2. **Deep call chains**: Ledger index must be threaded through multiple layers
+3. **Protocol implications**: Network messages would need to include ledger sequences
+4. **No gradual migration**: Can't mix hash algorithms - it's all or nothing
+5. **Testing nightmare**: Every test that creates mock ledger objects needs updating
+
+### The Fundamental Challenge
+The hash function is so deeply embedded in the architecture that changing it is like replacing the foundation of a building while people are living in it. This is why most blockchains never change their hash functions after launch.
+
+## Key Learnings - Where to Get ledger_index
+
+### 1. ReadView/ApplyView Classes
+- `view.seq()` returns the LedgerIndex (found in ReadView.h:193)
+- ReadView has `info()` method that returns LedgerInfo struct
+- LedgerInfo contains `seq` field which is the ledger sequence number
+- Cast to uint32_t: `static_cast<std::uint32_t>(view.seq())`
+
+### 2. Common Patterns Found
+- Functions that take `ReadView const& view` can access `view.seq()`
+- Functions that take `ApplyView& view` can also access `view.seq()` (ApplyView inherits from ReadView)
+
+### 3. Files That Need Updates
+- View.h - DONE - all 6 keylet calls updated to use view.seq()
+- Any file with keylet:: namespace calls
+- Transaction processors that create/lookup ledger objects
+
+### 4. Progress Log
+
+#### Stats (Updated: 2025-09-09)
+- Total files with keylet:: calls: 126
+- Files fixed so far: **100+** (including all core files, transaction processors, RPC handlers, and most tests)
+- Started with 7 errors, peaked at 105+ as fixes propagate through headers  
+- **Currently down to 113 errors across 11 test files** (from hundreds of files!)
+- ALL keylet function signatures updated to require hash_options
+- Pattern emerging: Every transaction processor, every RPC handler, every test needs updating
+
+#### Major Milestone Achieved
+- Successfully fixed ALL non-test source files
+- Fixed majority of test files using parallel agents
+- Demonstrated that the hash migration IS possible despite being a massive undertaking
+
+#### Major Files Fixed
+- All core ledger files (View.cpp, ApplyView.cpp, ReadView.cpp, etc.)
+- Most transaction processors (Payment, Escrow, CreateOffer, NFToken*, etc.)
+- Hook implementation files (applyHook.cpp, SetHook.cpp)
+- Infrastructure files (Transactor.cpp, BookDirs.cpp, Directory.cpp)
+
+#### Key Milestone
+- Updated ALL keylet function signatures in Indexes.h/cpp to require hash_options
+- Even functions that take pre-existing uint256 keys now require hash_options for consistency
+- This causes massive cascading compilation errors but ensures consistency
+
+#### Files Fixed So Far
+1. **View.h** - Fixed using `view.seq()`
+2. **Ledger.cpp** - Fixed using `info_.seq` in constructor, `seq()` in methods
+3. **LocalTxs.cpp** - Fixed using `view.seq()`
+4. **NegativeUNLVote.cpp** - Fixed using `prevLedger->seq()`
+5. **TxQ.cpp** - Fixed 5 calls using `view.seq()`
+6. **SkipListAcquire.cpp** - Fixed (with protocol issue on line 90)
+7. **LedgerReplayMsgHandler.cpp** - Fixed using `info.seq`
+8. **RCLValidations.cpp** - Fixed using `ledger->seq()`
+9. **Credit.cpp** - Fixed using `view.seq()`
+10. **StepChecks.h** - Fixed using `view.seq()`
+11. **BookTip.cpp** - Fixed using `view.seq()`
+12. **XRPEndpointStep.cpp** - Fixed using `ctx.view.seq()`
+13. **DirectStep.cpp** - Fixed using `sb.seq()` and `ctx.view.seq()`
+14. **BookStep.cpp** - Fixed using `afView.seq()` and `view.seq()`
+15. **CancelCheck.cpp** - Fixed using `ctx.view.seq()` and `view().seq()`
+16. **Pathfinder.cpp** - Fixed using `mLedger->seq()`
+17. More coming...
+
+#### Common Patterns Found
+- **ReadView/ApplyView**: Use `.seq()`
+- **Ledger pointer**: Use `->seq()`
+- **Transactor classes**: Use `view().seq()`
+- **PaymentSandbox**: Use `sb.seq()`
+- **StrandContext**: Use `ctx.view.seq()`
+- **LedgerInfo struct**: Use `.seq` field directly
+
+### 5. Architectural Questions
+
+#### Keylets with pre-existing keys
+- Functions like `keylet::check(uint256 const& key)` just wrap an existing key
+- They don't compute a new hash, just interpret the key as a specific ledger type
+- **Question**: Do these really need hash_options? 
+- **Current approach**: Include hash_options for consistency, might store ledger_index in Keylet for future use
+- **Note**: This could be revisited - might be unnecessary overhead for simple key wrapping
+
+### 6. Known Issues
+- SkipListAcquire.cpp line 90: Requesting skip list by hash without knowing ledger seq yet
+  - Can't know the sequence until we GET the ledger
+  - Using hash_options{0} as placeholder 
+  - Would need to refactor to fetch ledger first, THEN request skip list with proper seq
+  - Or protocol change to handle "skip list for whatever ledger this hash is"
+
+### 7. Network Protocol Has Ledger Sequence!
+
+**Critical Discovery**: The protobuf definitions show that network messages DO carry ledger sequence in many places:
+
+#### TMLedgerData (what InboundLedger::processData receives):
+```protobuf
+message TMLedgerData {
+    required bytes ledgerHash       = 1;
+    required uint32 ledgerSeq       = 2;  // <-- HAS THE SEQUENCE!
+    required TMLedgerInfoType type  = 3;
+    repeated TMLedgerNode nodes     = 4;
+}
+```
+
+#### TMGetLedger (the request):
+```protobuf
+message TMGetLedger {
+    optional uint32 ledgerSeq       = 4;  // Can request by sequence
+}
+```
+
+#### TMIndexedObject (per-object context):
+```protobuf
+message TMIndexedObject {
+    optional uint32 ledgerSeq   = 5;  // Per-object sequence!
+}
+```
+
+**Implications**:
+- The protocol already has infrastructure for ledger context
+- `InboundLedger` can use `packet.ledgerseq()` from TMLedgerData
+- Network sync might be solvable WITHOUT major protocol changes
+- The ledger sequence just needs to be threaded through to hash functions
+
+**Key Flow**:
+```cpp
+InboundLedger::processData(protocol::TMLedgerData& packet)
+    packet.ledgerseq()  // <-- Extract sequence from protocol message
+    <- SHAMap::addKnownNode(..., ledgerSeq)
+      <- SHAMapTreeNode::makeFromWire(data, ledgerSeq)
+        <- updateHash(hash_options{ledgerSeq})
+```
+
+This solves a major piece of the puzzle - the network layer CAN provide context for hash verification!
+
+### 8. Test File Patterns
+
+**Key Discovery**: Tests should use actual ledger sequences, NOT placeholders!
+
+#### Getting Ledger Sequence in Tests
+Tests typically use `test::jtx::Env` which provides access to ledger context:
+- `env.current()` - Returns a ReadView pointer
+- `env.current()->seq()` - Gets the current ledger sequence (already uint32_t)
+
+#### Common Test Patterns
+
+##### Pattern 1: Direct keylet calls
+```cpp
+// OLD
+env.le(keylet::line(alice, bob, currency));
+
+// NEW
+env.le(keylet::line(hash_options{env.current()->seq(), KEYLET_TRUSTLINE}, alice, bob, currency));
+```
+
+##### Pattern 2: Helper functions need env parameter
+```cpp
+// OLD
+static uint256 getCheckIndex(AccountID const& account, uint32_t seq) {
+    return keylet::check(account, seq).key;
+}
+// Called as: getCheckIndex(alice, seq)
+
+// NEW
+static uint256 getCheckIndex(test::jtx::Env& env, AccountID const& account, uint32_t seq) {
+    return keylet::check(hash_options{env.current()->seq(), KEYLET_CHECK}, account, seq).key;
+}
+// Called as: getCheckIndex(env, alice, seq)
+```
+
+##### Pattern 3: Fee calculations
+```cpp
+// Uses env.current() to get fee information
+XRPAmount const baseFeeDrops{env.current()->fees().base};
+```
+
+#### Test Files Status
+- **Total test files needing fixes**: ~12-15
+- **Pattern**: All test files that create or look up ledger objects need updating
+- **Common test files**:
+  - Check_test.cpp - PARTIALLY FIXED
+  - AccountDelete_test.cpp
+  - Escrow_test.cpp  
+  - NFToken_test.cpp
+  - Flow_test.cpp
+  - Import_test.cpp
+  - etc.
+
+#### Why NOT to use placeholders in tests
+- Tests verify actual ledger behavior
+- Using `hash_options{0}` would test wrong behavior after transition
+- Tests need to work both pre and post hash migration
+- `env.current()->seq()` gives the actual test ledger sequence
+
+### 6. Ways to Get Ledger Sequence
+
+#### From Application (app_):
+- `app_.getLedgerMaster()` gives you LedgerMaster
+
+#### From LedgerMaster:
+- `getLedgerByHash(hash)` - Get ledger by hash, then call `->seq()` on it
+- `getLedgerBySeq(index)` - Get ledger by sequence directly
+- `getCurrentLedger()` - Current open ledger, call `->seq()`
+- `getClosedLedger()` - Last closed ledger, call `->seq()`
+- `getValidatedLedger()` - Last validated ledger, call `->seq()`
+- `getPublishedLedger()` - Last published ledger, call `->seq()`
+- `getCurrentLedgerIndex()` - Direct sequence number
+- `getValidLedgerIndex()` - Direct sequence number
+- `walkHashBySeq()` - Walk ledger chain to find hash by sequence
+
+#### From Ledger object:
+- `ledger->seq()` - Direct method
+- `ledger->info().seq` - Through LedgerInfo
+
+#### From ReadView/OpenView/ApplyView:
+- `view.seq()` - All views have this method
+- `view.info().seq` - Through LedgerInfo
+
+#### Special Case - SkipListAcquire:
+- Line 67: `app_.getLedgerMaster().getLedgerByHash(hash_)` 
+- If ledger exists locally, we get it and can use its seq()
+- If not, we're requesting it from peers - don't know seq yet!

LAST_TESTAMENT.md

@@ -0,0 +1,108 @@
+# Last Testament: SHA-512 to BLAKE3 Migration Deep Dive
+
+## The Journey
+Started with "just change the hash function" - ended up discovering why hash functions are permanent blockchain decisions.
+
+## Key Discoveries
+
+### 1. Ledger Implementation Added
+- `Ledger::shouldMigrateToBlake3()` - checks migration window/flags
+- `Ledger::migrateToBlake3()` - placeholder for actual migration
+- Hook in `BuildLedger.cpp` after transaction processing
+- Migration happens OUTSIDE transaction pipeline to avoid metadata explosion
+
+### 2. The Rekeying Nightmare (REKEYING_ISSUES.md)
+Every object key changes SHA512→BLAKE3, but keys are EVERYWHERE:
+- **DirectoryNode.sfIndexes** - vectors of keys
+- **sfPreviousTxnID, sfIndexNext, sfIndexPrevious** - direct key refs  
+- **Order books** - sorted by key value (order changes!)
+- **Hook state** - arbitrary blobs with embedded keys
+- **620k objects** with millions of interconnected references
+
+### 3. The LUT Approach
+```cpp
+// Build lookup table: old_key → new_key (40MB for 620k entries)
+// O(n) to build, O(n×m) to update all fields
+// Must check EVERY uint256 field in EVERY object
+```
+**Problems:**
+- LUT check on EVERY lookup forever (performance tax)
+- Can't know if key is old/new without checking
+- Might need bidirectional LUT (80MB)
+- Can NEVER remove it (WASM has hardcoded keys!)
+
+### 4. The WASM Hook Bomb
+Hook code can hardcode keys in compiled WASM:
+- Can't modify without changing hook hash
+- Changing hash breaks all references to hook
+- Literally unfixable without breaking hooks
+
+### 5. MapStats Enhancement
+Added ledger entry type tracking:
+- Count, total bytes, avg size per type
+- Uses `LedgerFormats::getInstance().findByType()` for names
+- Shows 124k HookState entries (potential key references!)
+
+### 6. Current Ledger Stats
+- 620k total objects, 98MB total
+- 117k DirectoryNodes (full of references)
+- 124k HookState entries (arbitrary data)
+- 80 HookDefinitions (WASM code)
+- Millions of internal key references
+
+## Why It's Impossible
+
+### The Lookup Problem
+```cpp
+auto key = keylet::account(Alice).key;
+// Which hash function? SHA512 or BLAKE3?
+// NO WAY TO KNOW without timestamp/LUT/double-lookup
+```
+
+### The Fundamental Issues
+1. **No key timestamp** - Can't tell if key is pre/post migration
+2. **Embedded references everywhere** - sfIndexes, hook state, WASM code
+3. **Permanent LUT required** - Check on every operation forever
+4. **Performance death** - 2x lookups or LUT check on everything
+5. **Dual-key SHAMap impossible** - Breaks ordering/structure
+
+### The "Solutions" That Don't Work
+- **Lazy migration**: LUT forever, complexity forever
+- **Big bang**: Still need permanent LUT for old references  
+- **Heterogeneous tree**: Can't mix hash functions in Merkle tree
+- **Binary search-replace**: Could corrupt data, no validation
+- **Import to v2 chain**: Same reference update problems
+
+## The Verdict
+
+After threading ledger_index through 1000+ functions for hash context, the migration faces insurmountable challenges:
+
+1. **WASM hooks** contain unfixable hardcoded keys
+2. **Every lookup** needs LUT check forever (performance tax)
+3. **Can't determine key age** from identifier alone
+4. **Millions of references** need perfect updating
+5. **One mistake** = corrupted ledger, lost funds
+
+**Conclusion**: This is a "v2 blockchain" problem, not a migration problem. SHA-512 is forever.
+
+## Lessons Learned
+
+- Hash functions are THE fundamental addressing system
+- Deeper than consensus, deeper than data structures
+- Once chosen, essentially permanent
+- The attempt revealed the true complexity of blockchain internals
+- Even 98MB of data has millions of interconnected references
+- WASM hooks make any migration effectively impossible
+
+**Final Status**: Technically possible with permanent LUT and massive complexity. Practically impossible due to hooks, performance, and risk. SHA-512 until heat death of universe.
+
+## Code Artifacts
+
+- Hash classification system in `digest.h`
+- `hash_options` threaded through Indexes/keylets
+- Ledger migration methods (placeholder)
+- MapStats with entry type breakdown
+- REKEYING_ISSUES.md with full analysis
+- 100+ files modified to thread ledger context
+
+The migration died not from lack of effort, but from the discovery that some architectural decisions are truly permanent.

LEDGER_INDEX_PREVIOUS.md

@@ -0,0 +1,71 @@
+Yes! You’re onto something quite elegant there. Let me break it down:
+
+---
+
+### 🔑 LedgerEntry “PriorKey” field
+
+If each SLE carried an **optional `LedgerIndexPriorSha512`** (or whatever name), then:
+
+* When you rekey at cutover, you don’t lose continuity.
+* Anyone walking the ledger can trivially build the old→new LUT on the fly.
+* For “day-to-day” operations, the node only needs the canonical keys.
+
+This basically lets you say:
+
+* **Canonical view** = new Blake3 keys.
+* **Continuity view** = traverse new keys, but if you need to resolve old references, follow the `LedgerIndexPriorSha512` link.
+
+---
+
+### 📊 For analysis and data science
+
+You can now reconstruct historical continuity without keeping a giant external LUT file. Just walk the ledger and collect `(old, new)` pairs from the entries.
+
+This means explorers, forensic tools, compliance, etc. can:
+
+* Map old keys to new at any point.
+* Handle partially migrated networks (some ledgers pre-cutover, some post).
+
+---
+
+### 🟢 Operational benefits
+
+* Validators don’t need to bloat memory with a global LUT — it’s **distributed inside the ledger itself**.
+* New ledgers “just work” for CRUD.
+* Old references (hooks, weird integrations) can be handled until people migrate.
+
+---
+
+### ⚠️ Caveats
+
+1. **Storage overhead**: each SLE gets \~32 bytes extra. But given only \~600k objects in the state tree, that’s trivial compared to the win.
+2. **Hardcoded keys in hooks/wasm**: still a landmine — if someone has *literally baked in* the old canonical key, they’ll need the LUT or breakage handling at ApplyView.
+3. **Consensus rules**: adding this field changes serialization — so it’s an amendment, not just an operator convenience.
+
+---
+
+### 🔄 Proposal workflow
+
+1. Cutover ledger → during bookkeeping, every object is rekeyed into the new canonical tree.
+2. At the same time, each new object gets `LedgerIndexPriorSha512 = old_key`.
+3. From then on, **every ledger post-cutover contains the LUT implicitly**.
+4. After some deprecation period, once nobody references `LedgerIndexPriorSha512`, you can prune support.
+
+---
+
+So in practice:
+
+* **Validators** only care about the canonical map.
+* **Explorers, auditors, backward-compat systems** can lazily reconstruct the LUT.
+* You don’t poison `succ()` or iteration with mixed domains.
+
+---
+
+This actually solves both your goals:
+
+* Day-to-day simplicity (Blake-only canonical).
+* Historical continuity (walk the field if you need).
+
+---
+
+Want me to sketch how `ReadView::read(Keylet)` could transparently try `LUT` lookups only if the canonical miss happens, using that new field? That would make it zero-effort for old call sites.

LICENSE.md

@@ -2,6 +2,7 @@ ISC License
 
 Copyright (c) 2011, Arthur Britto, David Schwartz, Jed McCaleb, Vinnie Falco, Bob Way, Eric Lombrozo, Nikolaos D. Bougalis, Howard Hinnant.
 Copyright (c) 2012-2020, the XRP Ledger developers.
+Copyright (c) 2020-2024, XRPL Labs.
 
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above

README.md

@@ -1,3 +1,71 @@
-# The Xahau Ledger
+# Xahau 
 
-TODO: Doco
+**Note:** Throughout this README, references to "we" or "our" pertain to the community and contributors involved in the Xahau network. It does not imply a legal entity or a specific collection of individuals.
+
+[Xahau](https://xahau.network/) is a decentralized cryptographic ledger that builds upon the robust foundation of the XRP Ledger. It inherits the XRP Ledger's Byzantine Fault Tolerant consensus algorithm and enhances it with additional features and functionalities. Developers and users familiar with the XRP Ledger will find that most documentation and tutorials available on [xrpl.org](https://xrpl.org) are relevant and applicable to Xahau, including those related to running validators and managing validator keys. For Xahau specific documentation you can visit our [documentation](https://docs.xahau.network/)
+
+## XAH
+XAH is the public, counterparty-free asset native to Xahau and functions primarily as network gas. Transactions submitted to the Xahau network must supply an appropriate amount of XAH, to be burnt by the network as a fee, in order to be successfully included in a validated ledger. In addition, XAH also acts as a bridge currency within the Xahau DEX. XAH is traded on the open-market and is available for anyone to access. Xahau was created in 2023 with a supply of 600 million units of XAH.
+
+## xahaud
+The server software that powers Xahau is called `xahaud` and is available in this repository under the permissive [ISC open-source license](LICENSE.md). The `xahaud` server software is written primarily in C++ and runs on a variety of platforms. The `xahaud` server software can run in several modes depending on its configuration.
+
+### Build from Source
+
+* [Read the build instructions in our documentation](https://docs.xahau.network/infrastructure/building-xahau)
+* If you encounter any issues, please [open an issue](https://github.com/xahau/xahaud/issues)
+
+## Highlights of Xahau
+
+1. **Hooks**: Hooks are small, efficient WebAssembly modules designed specifically for Xahau. They add a robust smart contract functionality to Xahau, allowing you to construct and deploy applications with bespoke functionalities. Hooks can block or allow transactions to and from the account, change and keep track of the hook’s internal state and logic, and autonomously initiate new transactions on the account’s behalf. They can be written in any language that can be compiled into WebAssembly.
+
+2. **Balance Rewards**: Xahau offers a Balance Rewards feature that provides a 4% per annum reward. This feature encourages users to maintain a balance in their accounts and rewards them for doing so.
+
+3. **URIToken**: The URIToken is a feature in Xahau that allows for the creation and management of non fungible tokens within the network. This feature can be used for a variety of purposes and specific use cases.
+
+4. **Import/B2M**: The Import/B2M feature in Xahau allows for the importation of assets into the network. This feature can be used to bring external assets into the Xahau network, expanding the range of assets that can be managed and traded within the network.
+
+5. **Governance Game**: The Governance Game is a feature in Xahau that allows for the decentralized governance of the network. This feature allows users to participate in the decision-making process of the network, ensuring that the network remains democratic and responsive to the needs of its users.
+
+## Binary Releases and Versioning System
+
+Xahau provides pre-compiled binary releases of its software, which are ready-to-run versions that users can download and execute without compiling the source code themselves. These binaries are built automatically using GitHub Actions whenever a new commit is pushed or a pull request is merged.
+
+The versioning system for Xahau binaries is based on the date of the build, the branch name, and a build number, following the format `YYYY.MM.DD-branch+buildnumber`. For example, `2023.10.30-release+443` indicates a binary built on October 30, 2023, from the `release` branch, and it is the 443rd build from that branch.
+
+Users can access these binaries on the [Xahau Build Server](https://build.xahau.tech/), which provides an organized list of releases along with release notes for each version. This system simplifies the deployment process for users and ensures they can easily identify and download the appropriate version for their needs.
+
+## Source Code
+
+Here are some good places to start learning the source code:
+
+- Read the markdown files in the source tree: `src/ripple/**/*.md`.
+- Read [the levelization document](./Builds/levelization) to get an idea of the internal dependency graph.
+- In the big picture, the `main` function constructs an `ApplicationImp` object, which implements the `Application` virtual interface. Almost every component in the application takes an `Application&` parameter in its constructor, typically named `app` and stored as a member variable `app_`. This allows most components to depend on any other component.
+
+### Repository Contents
+
+| Folder     | Contents                                         |
+|:-----------|:-------------------------------------------------|
+| `./Builds` | Platform-specific guides for building `xahaud`.  |
+| `./cfg`    | Example configuration files.                     |
+| `./src`    | Source code.                                     |
+
+Some of the directories under `src` are external repositories included using
+git-subtree. See those directories' README files for more details.
+
+## Resources
+
+- **Documentation**: Documentation for XRPL, Xahau and Hooks.
+  - [Xrpl Documentation](https://xrpl.org)
+  - [Xahau Documentation](https://docs.xahau.network/)
+  - [Hooks Technical Documentation](https://xrpl-hooks.readme.io/)
+- **Explorers**: Explore the Xahau ledger using various explorers:
+  - [xahauexplorer.com](https://xahauexplorer.com)
+  - [xahscan.com](https://xahscan.com)
+  - [xahau.xrpl.org](https://xahau.xrpl.org)
+  - [explorer.xahau.network](https://explorer.xahau.network)
+- **Testnet & Faucet**: Test applications and obtain test XAH at [xahau-test.net](https://xahau-test.net) and use the testnet explorer at [explorer.xahau.network](https://explorer.xahau.network).
+- **Supporting Wallets**: A list of wallets that support XAH and Xahau-based assets.
+  - [Xaman](https://xaman.app)
+  - [Crossmark](https://crossmark.io)

REKEYING_ISSUES.md

@@ -0,0 +1,332 @@
+# Hash Migration Rekeying Issues
+
+## The Fundamental Problem
+
+When migrating from SHA-512 Half to BLAKE3, we're not just changing a hash function - we're changing the **keys** that identify every object in the ledger's state map. Since the hash IS the key in the SHAMap, every object needs a new address.
+
+## What Needs to be Rekeyed
+
+### 1. Primary Ledger Objects
+Every SLE (STLedgerEntry) in the state map has its key computed from:
+- Its type (Account, Offer, RippleState, etc.)
+- Its identifying data (AccountID, offer sequence, etc.)
+
+When we change the hash function, EVERY object gets a new key.
+
+### 2. Directory Structures
+Directories are ledger objects that contain **lists of other objects' keys**:
+
+#### Owner Directories (`keylet::ownerDir`)
+- Contains keys of all objects owned by an account
+- Every offer, escrow, check, payment channel, etc. key stored here
+- When those objects are rekeyed, ALL these references must be updated
+
+#### Order Book Directories (`keylet::book`, `keylet::quality`)
+- Contains keys of offers at specific quality levels
+- All offer keys must be updated to their new BLAKE3 values
+
+#### NFT Directories (`keylet::nft_buys`, `keylet::nft_sells`)
+- Contains keys of NFT offers
+- All NFT offer keys must be updated
+
+#### Hook State Directories (`keylet::hookStateDir`)
+- Contains keys of hook state entries
+- All hook state keys must be updated
+
+### 3. Cross-References Between Objects
+Many objects contain direct references to other objects:
+
+#### Account Objects
+- `sfNFTokenPage` - References to NFT page keys
+- Previous/Next links in directory pages
+
+#### Directory Pages
+- `sfIndexes` - Vector of object keys
+- `sfPreviousTxnID` - Transaction hash references
+- `sfIndexPrevious`/`sfIndexNext` - Links to other directory pages
+
+#### NFT Pages
+- References to previous/next pages in the chain
+
+## The Cascade Effect
+
+Re-keying isn't a simple one-pass operation:
+
+```
+1. Rekey Account A (SHA512 → BLAKE3)
+   ↓
+2. Update Account A's owner directory
+   ↓
+3. Rekey the owner directory itself
+   ↓
+4. Update all objects IN the directory with new keys
+   ↓
+5. Update any directories THOSE objects appear in
+   ↓
+6. Continue cascading...
+```
+
+## Implementation Challenges
+
+### Challenge 1: Directory Entry Updates
+```cpp
+// Current directory structure
+STVector256 indexes = directory->getFieldV256(sfIndexes);
+// Contains: [sha512_key1, sha512_key2, sha512_key3, ...]
+
+// After migration needs to be:
+// [blake3_key1, blake3_key2, blake3_key3, ...]
+```
+
+### Challenge 2: Finding All References
+There's no reverse index - given an object's key, you can't easily find all directories that reference it. You'd need to:
+1. Walk the entire state map
+2. Check every directory's `sfIndexes` field
+3. Update any matching keys
+
+### Challenge 3: Maintaining Consistency
+During migration, you need to ensure:
+- No orphaned references (keys pointing to non-existent objects)
+- No duplicate entries
+- Proper ordering in sorted structures (offer books)
+
+### Challenge 4: Page Links
+Directory pages link to each other:
+```cpp
+uint256 prevPage = dir->getFieldU256(sfIndexPrevious);
+uint256 nextPage = dir->getFieldU256(sfIndexNext);
+```
+These links are also keys that need updating!
+
+## Why This Makes Migration Complex
+
+### Option A: Big Bang Migration
+- Must update EVERYTHING atomically
+- Need to track old→new key mappings for entire ledger
+- Memory requirements: ~2x the state size for mapping table
+- Risk: Any missed reference breaks the ledger
+
+### Option B: Heterogeneous Tree
+- Old nodes keep SHA-512 keys
+- New/modified nodes use BLAKE3
+- Problem: How do you know which hash to use for lookups?
+- Problem: Directory contains mix of old and new keys?
+
+### Option C: Double Storage
+- Store objects under BOTH keys temporarily
+- Gradually migrate references
+- Problem: Massive storage overhead
+- Problem: Synchronization between copies
+
+## Example: Rekeying an Offer
+
+Consider rekeying a single offer:
+
+1. **The Offer Itself**
+   - Old key: `sha512Half(OFFER, account, sequence)`
+   - New key: `blake3(OFFER, account, sequence)`
+
+2. **Owner Directory**
+   - Must update `sfIndexes` to replace old offer key with new
+
+3. **Order Book Directory**
+   - Must update `sfIndexes` in the quality directory
+   - May need to update multiple quality levels if offer moved
+
+4. **Account Object**
+   - Update offer count/reserve tracking if needed
+
+5. **The Directories Themselves**
+   - Owner directory key: `sha512Half(OWNER_DIR, account, page)`
+   - New key: `blake3(OWNER_DIR, account, page)`
+   - Order book key: `sha512Half(BOOK_DIR, ...)`
+   - New key: `blake3(BOOK_DIR, ...)`
+
+## Potential Solutions
+
+### 1. Migration Ledger Object
+Create a temporary "migration map" ledger object:
+```cpp
+sfOldKey → sfNewKey mappings
+```
+But this could be gigabytes for millions of objects.
+
+### 2. Deterministic Rekeying
+Since we can determine an object's type from its `LedgerEntryType`, we could:
+1. Load each SLE
+2. Determine its type
+3. Recompute its key with BLAKE3
+4. Track the mapping
+
+But we still need to update all references.
+
+### 3. Lazy Migration
+Only rekey objects when they're modified:
+- Pro: Spreads migration over time
+- Con: Permanent complexity in codebase
+- Con: Must support both hash types forever
+
+### 4. New State Structure
+Instead of migrating in-place, build an entirely new state map:
+1. Create new empty BLAKE3 SHAMap
+2. Walk old map, inserting with new keys
+3. Update all references during copy
+4. Atomically swap maps
+
+This is essentially what BUILD_LEDGER.md suggests, but the reference updating remains complex.
+
+## The Lookup Table Approach
+
+After further analysis, a lookup table (LUT) based approach might actually be feasible:
+
+### Algorithm Overview
+
+#### Phase 1: Build the LUT (O(n))
+```cpp
+std::unordered_map<uint256, uint256> old_to_new;
+
+stateMap_.visitLeaves([&](SHAMapItem const& item) {
+    SerialIter sit(item.slice());
+    auto sle = std::make_shared<SLE>(sit, item.key());
+    
+    // Determine type from the SLE
+    LedgerEntryType type = sle->getType();
+    
+    // Recompute key with BLAKE3 based on type
+    uint256 newKey = computeBlake3Key(sle, type);
+    old_to_new[item.key()] = newKey;
+});
+// Results in ~620k entries in the LUT
+```
+
+#### Phase 2: Update ALL uint256 Fields (O(n × m))
+Walk every object and check every uint256 field against the LUT:
+
+```cpp
+stateMap_.visitLeaves([&](SHAMapItem& item) {
+    SerialIter sit(item.slice());
+    auto sle = std::make_shared<SLE>(sit, item.key());
+    bool modified = false;
+    
+    // Check every possible uint256 field
+    modified |= updateField(sle, sfPreviousTxnID, old_to_new);
+    modified |= updateField(sle, sfIndexPrevious, old_to_new);
+    modified |= updateField(sle, sfIndexNext, old_to_new);
+    modified |= updateField(sle, sfBookNode, old_to_new);
+    
+    // Vector fields
+    modified |= updateVector(sle, sfIndexes, old_to_new);
+    modified |= updateVector(sle, sfHashes, old_to_new);
+    modified |= updateVector(sle, sfAmendments, old_to_new);
+    modified |= updateVector(sle, sfNFTokenOffers, old_to_new);
+    
+    if (modified) {
+        // Re-serialize with updated references
+        Serializer s;
+        sle->add(s);
+        // Create new item with new key
+        item = make_shamapitem(old_to_new[item.key()], s.slice());
+    }
+});
+```
+
+### Complexity Analysis
+- **Phase 1**: O(n) where n = number of objects (~620k)
+- **Phase 2**: O(n × m) where m = average fields per object
+- **Hash lookups**: O(1) average case
+- **Total**: Linear in the number of objects!
+
+### Memory Requirements
+- LUT size: 620k entries × (32 bytes + 32 bytes) = ~40 MB
+- Reasonable to keep in memory during migration
+
+### Implementation Challenges
+
+#### 1. Comprehensive Field Coverage
+Must check EVERY field that could contain a key:
+```cpp
+// Singleton uint256 fields
+sfPreviousTxnID, sfIndexPrevious, sfIndexNext, sfBookNode,
+sfNFTokenID, sfEmitParentTxnID, sfHookOn, sfHookStateKey...
+
+// Vector256 fields  
+sfIndexes, sfHashes, sfAmendments, sfNFTokenOffers,
+sfHookNamespaces, sfURITokenIDs...
+
+// Nested structures
+STArray fields containing STObjects with uint256 fields
+```
+
+#### 2. False Positive Risk
+Any uint256 that happens to match a key would be updated:
+- Could corrupt data if a non-key field matches
+- Mitigation: Only update known reference fields
+- Risk: Missing custom fields added by hooks
+
+#### 3. Order Book Sorting
+Order books are sorted by key value. After rekeying:
+- Sort order changes completely
+- Need to rebuild book directories
+- Quality levels might shift
+
+### Alternative: Persistent Migration Map
+
+Instead of one-time migration, store the mapping permanently:
+
+```cpp
+// Special ledger entries (one per ~1000 mappings)
+MigrationMap_0000: {
+    sfOldKeys: [old_hash_0, old_hash_1, ...],
+    sfNewKeys: [new_hash_0, new_hash_1, ...]
+}
+MigrationMap_0001: { ... }
+// ~620 of these objects
+```
+
+Pros:
+- Can verify historical references
+- Debugging is easier
+- Can be pruned later if needed
+
+Cons:
+- Permanent state bloat (~40MB)
+- Must be loaded on every node forever
+- Lookup overhead for historical operations
+
+### The Nuclear Option: Binary Search-Replace
+
+For maximum chaos (don't actually do this):
+```cpp
+// Build LUT
+std::map<std::array<uint8_t, 32>, std::array<uint8_t, 32>> binary_lut;
+
+// Scan serialized blobs and replace
+for (auto& node : shamap) {
+    auto data = node.getData();
+    for (size_t i = 0; i <= data.size() - 32; i++) {
+        if (binary_lut.count(data[i..i+31])) {
+            memcpy(&data[i], binary_lut[data[i..i+31]], 32);
+        }
+    }
+}
+```
+
+Why this is insane:
+- False positives would corrupt data
+- No validation of what you're replacing
+- Breaks all checksums and signatures
+- Impossible to debug when it goes wrong
+
+## Conclusion
+
+The rekeying problem is not just about changing hash functions - it's about maintaining referential integrity across millions of interlinked objects. Every key change cascades through the reference graph, making this one of the most complex migrations possible in a blockchain system.
+
+The lookup table approach makes it algorithmically feasible (linear time rather than quadratic), but the implementation complexity and risk remain enormous. You need to:
+1. Find every single field that could contain a key
+2. Update them all correctly
+3. Handle sorting changes in order books
+4. Avoid false positives
+5. Deal with custom fields from hooks
+6. Maintain consistency across the entire state
+
+This is likely why most blockchains never change their hash functions after genesis - even with an efficient algorithm, the complexity and risk are enormous.