Merge remote-tracking branch 'upstream/develop' into pr/test_fixes

* upstream/develop:
  Set version to 2.3.0-rc1
  Replace Uint192 with Hash192 in server_definitions response (5177)
  Fix potential deadlock (5124)
  Introduce Credentials support (XLS-70d): (5103)
  Fix token comparison in Payment (5172)
  Add fixAMMv1_2 amendment (5176)

include/xrpl/basics/scope.h

@@ -21,6 +21,7 @@
 #define RIPPLE_BASICS_SCOPE_H_INCLUDED
 
 #include <exception>
+#include <mutex>
 #include <type_traits>
 #include <utility>
 
@@ -186,6 +187,70 @@ class scope_success
 template <class EF>
 scope_success(EF) -> scope_success<EF>;
 
+/**
+    Automatically unlocks and re-locks a unique_lock object.
+
+    This is the reverse of a std::unique_lock object - instead of locking the
+   mutex for the lifetime of this object, it unlocks it.
+
+    Make sure you don't try to unlock mutexes that aren't actually locked!
+
+    This is essentially a less-versatile boost::reverse_lock.
+
+    e.g. @code
+
+    std::mutex mut;
+
+    for (;;)
+    {
+        std::unique_lock myScopedLock{mut};
+        // mut is now locked
+
+        ... do some stuff with it locked ..
+
+        while (xyz)
+        {
+            ... do some stuff with it locked ..
+
+            scope_unlock unlocker{myScopedLock};
+
+            // mut is now unlocked for the remainder of this block,
+            // and re-locked at the end.
+
+            ...do some stuff with it unlocked ...
+        }  // mut gets locked here.
+
+    }  // mut gets unlocked here
+    @endcode
+*/
+
+template <class Mutex>
+class scope_unlock
+{
+    std::unique_lock<Mutex>* plock;
+
+public:
+    explicit scope_unlock(std::unique_lock<Mutex>& lock) noexcept(true)
+        : plock(&lock)
+    {
+        assert(plock->owns_lock());
+        plock->unlock();
+    }
+
+    // Immovable type
+    scope_unlock(scope_unlock const&) = delete;
+    scope_unlock&
+    operator=(scope_unlock const&) = delete;
+
+    ~scope_unlock() noexcept(true)
+    {
+        plock->lock();
+    }
+};
+
+template <class Mutex>
+scope_unlock(std::unique_lock<Mutex>&) -> scope_unlock<Mutex>;
+
 }  // namespace ripple
 
 #endif

include/xrpl/protocol/Asset.h

@@ -97,6 +97,12 @@ class Asset
 
     friend constexpr bool
     operator==(Currency const& lhs, Asset const& rhs);
+
+    /** Return true if both assets refer to the same currency (regardless of
+     * issuer) or MPT issuance. Otherwise return false.
+     */
+    friend constexpr bool
+    equalTokens(Asset const& lhs, Asset const& rhs);
 };
 
 template <ValidIssueType TIss>
@@ -157,6 +163,26 @@ operator==(Currency const& lhs, Asset const& rhs)
     return rhs.holds<Issue>() && rhs.get<Issue>().currency == lhs;
 }
 
+constexpr bool
+equalTokens(Asset const& lhs, Asset const& rhs)
+{
+    return std::visit(
+        [&]<typename TLhs, typename TRhs>(
+            TLhs const& issLhs, TRhs const& issRhs) {
+            if constexpr (
+                std::is_same_v<TLhs, Issue> && std::is_same_v<TRhs, Issue>)
+                return issLhs.currency == issRhs.currency;
+            else if constexpr (
+                std::is_same_v<TLhs, MPTIssue> &&
+                std::is_same_v<TRhs, MPTIssue>)
+                return issLhs.getMptID() == issRhs.getMptID();
+            else
+                return false;
+        },
+        lhs.issue_,
+        rhs.issue_);
+}
+
 inline bool
 isXRP(Asset const& asset)
 {
@@ -172,6 +198,9 @@ validJSONAsset(Json::Value const& jv);
 Asset
 assetFromJson(Json::Value const& jv);
 
+Json::Value
+to_json(Asset const& asset);
+
 }  // namespace ripple
 
 #endif  // RIPPLE_PROTOCOL_ASSET_H_INCLUDED

include/xrpl/protocol/ErrorCodes.h

@@ -148,7 +148,10 @@ enum error_code_i {
     // Oracle
     rpcORACLE_MALFORMED = 94,
 
-    rpcLAST = rpcORACLE_MALFORMED  // rpcLAST should always equal the last code.
+    // deposit_authorized + credentials
+    rpcBAD_CREDENTIALS = 95,
+
+    rpcLAST = rpcBAD_CREDENTIALS  // rpcLAST should always equal the last code.
 };
 
 /** Codes returned in the `warnings` array of certain RPC commands.

include/xrpl/protocol/Feature.h

@@ -80,7 +80,7 @@ namespace detail {
 // Feature.cpp. Because it's only used to reserve storage, and determine how
 // large to make the FeatureBitset, it MAY be larger. It MUST NOT be less than
 // the actual number of amendments. A LogicError on startup will verify this.
-static constexpr std::size_t numFeatures = 81;
+static constexpr std::size_t numFeatures = 83;
 
 /** Amendments that this server supports and the default voting behavior.
    Whether they are enabled depends on the Rules defined in the validated

include/xrpl/protocol/HashPrefix.h

@@ -84,6 +84,9 @@ enum class HashPrefix : std::uint32_t {
 
     /** Payment Channel Claim */
     paymentChannelClaim = detail::make_hash_prefix('C', 'L', 'M'),
+
+    /** Credentials signature */
+    credential = detail::make_hash_prefix('C', 'R', 'D'),
 };
 
 template <class Hasher>

include/xrpl/protocol/Indexes.h

@@ -30,6 +30,7 @@
 #include <xrpl/protocol/Serializer.h>
 #include <xrpl/protocol/UintTypes.h>
 #include <xrpl/protocol/jss.h>
+
 #include <cstdint>
 
 namespace ripple {
@@ -189,6 +190,11 @@ check(uint256 const& key) noexcept
 Keylet
 depositPreauth(AccountID const& owner, AccountID const& preauthorized) noexcept;
 
+Keylet
+depositPreauth(
+    AccountID const& owner,
+    std::set<std::pair<AccountID, Slice>> const& authCreds) noexcept;
+
 inline Keylet
 depositPreauth(uint256 const& key) noexcept
 {
@@ -287,6 +293,18 @@ did(AccountID const& account) noexcept;
 Keylet
 oracle(AccountID const& account, std::uint32_t const& documentID) noexcept;
 
+Keylet
+credential(
+    AccountID const& subject,
+    AccountID const& issuer,
+    Slice const& credType) noexcept;
+
+inline Keylet
+credential(uint256 const& key) noexcept
+{
+    return {ltCREDENTIAL, key};
+}
+
 Keylet
 mptIssuance(std::uint32_t seq, AccountID const& issuer) noexcept;
 

include/xrpl/protocol/LedgerFormats.h

@@ -186,6 +186,9 @@ enum LedgerSpecificFlags {
 
     // ltMPTOKEN
     lsfMPTAuthorized = 0x00000002,
+
+    // ltCREDENTIAL
+    lsfAccepted = 0x00010000,
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/Protocol.h

@@ -95,6 +95,15 @@ std::size_t constexpr maxDIDAttestationLength = 256;
 /** The maximum length of a domain */
 std::size_t constexpr maxDomainLength = 256;
 
+/** The maximum length of a URI inside a Credential */
+std::size_t constexpr maxCredentialURILength = 256;
+
+/** The maximum length of a CredentialType inside a Credential */
+std::size_t constexpr maxCredentialTypeLength = 64;
+
+/** The maximum number of credentials can be passed in array */
+std::size_t constexpr maxCredentialsArraySize = 8;
+
 /** The maximum length of MPTokenMetadata */
 std::size_t constexpr maxMPTokenMetadataLength = 1024;
 

include/xrpl/protocol/TER.h

@@ -343,6 +343,7 @@ enum TECcodes : TERUnderlyingType {
     tecARRAY_EMPTY = 190,
     tecARRAY_TOO_LARGE = 191,
     tecLOCKED = 192,
+    tecBAD_CREDENTIALS = 193,
 };
 
 //------------------------------------------------------------------------------

include/xrpl/protocol/UintTypes.h

@@ -134,6 +134,12 @@ struct hash<ripple::Directory> : ripple::Directory::hasher
     explicit hash() = default;
 };
 
+template <>
+struct hash<ripple::uint256> : ripple::uint256::hasher
+{
+    explicit hash() = default;
+};
+
 }  // namespace std
 
 #endif

include/xrpl/protocol/detail/features.macro

@@ -29,6 +29,9 @@
 // If you add an amendment here, then do not forget to increment `numFeatures`
 // in include/xrpl/protocol/Feature.h.
 
+XRPL_FEATURE(Credentials,                Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FEATURE(AMMClawback,                Supported::yes, VoteBehavior::DefaultNo)
+XRPL_FIX    (AMMv1_2,                    Supported::yes, VoteBehavior::DefaultNo)
 // InvariantsV1_1 will be changes to Supported::yes when all the
 // invariants expected to be included under it are complete.
 XRPL_FEATURE(MPTokensV1,                 Supported::yes, VoteBehavior::DefaultNo)
@@ -95,7 +98,7 @@ XRPL_FIX    (1513,                       Supported::yes, VoteBehavior::DefaultYe
 XRPL_FEATURE(FlowCross,                  Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(Flow,                       Supported::yes, VoteBehavior::DefaultYes)
 XRPL_FEATURE(OwnerPaysFee,               Supported::no,  VoteBehavior::DefaultNo)
-XRPL_FEATURE(AMMClawback,                Supported::yes,  VoteBehavior::DefaultYes)
+
 
 // The following amendments are obsolete, but must remain supported
 // because they could potentially get enabled.

include/xrpl/protocol/detail/ledger_entries.macro

@@ -245,10 +245,11 @@ LEDGER_ENTRY(ltOFFER, 0x006f, Offer, ({
  */
 LEDGER_ENTRY(ltDEPOSIT_PREAUTH, 0x0070, DepositPreauth, ({
     {sfAccount,              soeREQUIRED},
-    {sfAuthorize,            soeREQUIRED},
+    {sfAuthorize,            soeOPTIONAL},
     {sfOwnerNode,            soeREQUIRED},
     {sfPreviousTxnID,        soeREQUIRED},
     {sfPreviousTxnLgrSeq,    soeREQUIRED},
+    {sfAuthorizeCredentials, soeOPTIONAL},
 }))
 
 /** A claim id for a cross chain transaction.
@@ -420,3 +421,18 @@ LEDGER_ENTRY(ltMPTOKEN, 0x007f, MPToken, ({
     {sfPreviousTxnID,            soeREQUIRED},
     {sfPreviousTxnLgrSeq,        soeREQUIRED},
 }))
+
+/** A ledger object which tracks Credential
+    \sa keylet::credential
+ */
+LEDGER_ENTRY(ltCREDENTIAL, 0x0081, Credential, ({
+    {sfSubject,              soeREQUIRED},
+    {sfIssuer,               soeREQUIRED},
+    {sfCredentialType,       soeREQUIRED},
+    {sfExpiration,           soeOPTIONAL},
+    {sfURI,                  soeOPTIONAL},
+    {sfIssuerNode,           soeREQUIRED},
+    {sfSubjectNode,          soeREQUIRED},
+    {sfPreviousTxnID,        soeREQUIRED},
+    {sfPreviousTxnLgrSeq,    soeREQUIRED},
+}))

include/xrpl/protocol/detail/sfields.macro

@@ -140,6 +140,8 @@ TYPED_SFIELD(sfAssetPrice,               UINT64,    23)
 TYPED_SFIELD(sfMaximumAmount,            UINT64,    24, SField::sMD_BaseTen|SField::sMD_Default)
 TYPED_SFIELD(sfOutstandingAmount,        UINT64,    25, SField::sMD_BaseTen|SField::sMD_Default)
 TYPED_SFIELD(sfMPTAmount,                UINT64,    26, SField::sMD_BaseTen|SField::sMD_Default)
+TYPED_SFIELD(sfIssuerNode,               UINT64,    27)
+TYPED_SFIELD(sfSubjectNode,              UINT64,    28)
 
 // 128-bit
 TYPED_SFIELD(sfEmailHash,                UINT128,    1)
@@ -258,6 +260,7 @@ TYPED_SFIELD(sfData,                     VL,        27)
 TYPED_SFIELD(sfAssetClass,               VL,        28)
 TYPED_SFIELD(sfProvider,                 VL,        29)
 TYPED_SFIELD(sfMPTokenMetadata,          VL,        30)
+TYPED_SFIELD(sfCredentialType,           VL,        31)
 
 // account (common)
 TYPED_SFIELD(sfAccount,                  ACCOUNT,    1)
@@ -280,12 +283,14 @@ TYPED_SFIELD(sfAttestationSignerAccount, ACCOUNT,   20)
 TYPED_SFIELD(sfAttestationRewardAccount, ACCOUNT,   21)
 TYPED_SFIELD(sfLockingChainDoor,         ACCOUNT,   22)
 TYPED_SFIELD(sfIssuingChainDoor,         ACCOUNT,   23)
+TYPED_SFIELD(sfSubject,                  ACCOUNT,   24)
 
 // vector of 256-bit
 TYPED_SFIELD(sfIndexes,                  VECTOR256,  1, SField::sMD_Never)
 TYPED_SFIELD(sfHashes,                   VECTOR256,  2)
 TYPED_SFIELD(sfAmendments,               VECTOR256,  3)
 TYPED_SFIELD(sfNFTokenOffers,            VECTOR256,  4)
+TYPED_SFIELD(sfCredentialIDs,            VECTOR256,  5)
 
 // path set
 UNTYPED_SFIELD(sfPaths,                  PATHSET,    1)
@@ -337,6 +342,7 @@ UNTYPED_SFIELD(sfXChainCreateAccountProofSig, OBJECT, 29)
 UNTYPED_SFIELD(sfXChainClaimAttestationCollectionElement, OBJECT, 30)
 UNTYPED_SFIELD(sfXChainCreateAccountAttestationCollectionElement, OBJECT, 31)
 UNTYPED_SFIELD(sfPriceData,              OBJECT,    32)
+UNTYPED_SFIELD(sfCredential,             OBJECT,    33)
 
 // array of objects (common)
 // ARRAY/1 is reserved for end of array
@@ -364,3 +370,5 @@ UNTYPED_SFIELD(sfXChainCreateAccountAttestations, ARRAY, 22)
 //                                                  23 unused
 UNTYPED_SFIELD(sfPriceDataSeries,        ARRAY,     24)
 UNTYPED_SFIELD(sfAuthAccounts,           ARRAY,     25)
+UNTYPED_SFIELD(sfAuthorizeCredentials,   ARRAY,     26)
+UNTYPED_SFIELD(sfUnauthorizeCredentials, ARRAY,     27)