Cardano Updates

Bumps the pip-demo-deps group with 4 updates in the /examples/st-oid4vci/demo directory: [certifi](https://github.com/certifi/python-certifi), [cryptography](https://github.com/pyca/cryptography), [idna](https://github.com/kjd/idna) and [wheel](https://github.com/pypa/wheel).


Updates `certifi` from 2026.2.25 to 2026.4.22
- [Commits](https://github.com/certifi/python-certifi/compare/2026.02.25...2026.04.22)

Updates `cryptography` from 46.0.7 to 47.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/46.0.7...47.0.0)

Updates `idna` from 3.11 to 3.13
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](https://github.com/kjd/idna/compare/v3.11...v3.13)

Updates `wheel` from 0.46.3 to 0.47.0
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](https://github.com/pypa/wheel/compare/0.46.3...0.47.0)

---
updated-dependencies:
- dependency-name: certifi
  dependency-version: 2026.4.22
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-demo-deps
- dependency-name: cryptography
  dependency-version: 47.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-demo-deps
- dependency-name: idna
  dependency-version: '3.13'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-demo-deps
- dependency-name: wheel
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-demo-deps
...

Signed-off-by: dependabot[bot] <[email protected]>

Snapshot of input-output-hk/lace-platform @ 41023af13f1bc23298d4b40f1147782fef2b7b94
Produced by open-source-release-publish.yml.

See PROVENANCE for the allowlist hash that controlled this snapshot.

Co-authored-by: lace-publish-bot <[email protected]>

Signed-off-by: Eric Torreborre <[email protected]>

After the first spawn, the genesis wallet has two UTxOs at its
address: a small change output (~9.5 ADA) and the original genesis
UTxO. The previous "first UTxO" selection picked the change one
on subsequent passes, and the spawn tx then failed
@BalanceFailed InsufficientFee@ because the change output's
lovelace was below the required fee + outputs.

New rank: pure-ada UTxOs first (so balanceTx's change doesn't
have to carry token dust), then by descending lovelace. With this,
back-to-back spawn passes now both succeed and ship_counter
advances 1 → 2 in sdk.jsonl on the local cluster.

(Concurrent passes within the same slot can still race on
ConwayMempoolFailure "All inputs are spent" — that's a pacing
artifact of the local-test cadence, not a problem under the
Antithesis composer's natural per-driver gap.)

* fix: add tombstone record during prune actions

Signed-off-by: Chris Guiney <[email protected]>

* fix(bark): add bark iterator to intercept tombstoned values

Signed-off-by: Chris Guiney <[email protected]>

---------

Signed-off-by: Chris Guiney <[email protected]>

Snapshot of input-output-hk/lace-platform @ 41023af13f1bc23298d4b40f1147782fef2b7b94
Produced by open-source-release-publish.yml.

See PROVENANCE for the allowlist hash that controlled this snapshot.

Signed-off-by: Chris Gianelloni <[email protected]>

Nixpkgs expects to drop support for intel macs in 26.11.

Add golden tests for `queryConstitution`

added:
* github:input-output-hk/mithril/7783c68a9efacea8aa75e46801b0b9b3eaf3e911#mithril-client-cli
* github:input-output-hk/mithril/7783c68a9efacea8aa75e46801b0b9b3eaf3e911#mithril-signer
removed:
* github:input-output-hk/mithril/0393cfadb53c98cb60501fee0c451f0c90c929f7#mithril-client-cli
* github:input-output-hk/mithril/0393cfadb53c98cb60501fee0c451f0c90c929f7#mithril-signer

In `conwayGovTransition`, we remove the condition on `hardforkConwayBootstrapPhase` for checking `ZeroTreasuryWithdrawals`.

We then replayed the preview, preprod and mainnet public chains with
this change which guarentees there were no empty treasury withdrawals
pre-Conway era.

Signed-off-by: Eric Torreborre <[email protected]>

cabal.project SRP + flake input cardano-node-clients tag
5707836b → 9db6672a (merge commit of upstream PR #113,
"fix: evaluate exunits after balancing").

Resolves #112: spawnShip submission no longer rejected with
"PlutusV3 script failed: overspending the budget". The asteria
AddNewShip validator's three list.filter outputs passes are now
evaluated against the post-balance TxInfo (which includes the
change output balanceTx adds), so the patched ExUnits cover the
real cpu cost.

Locally validated on testnets/asteria_game/ compose:
  - cold bootstrap: asteria_bootstrap_asteria_created (success)
  - player pass id=1: asteria_player_ship_spawned_1 (success, was
    asteria_player_ship_spawn_failed_1 before the bump)
  - ship_counter advances 0 → 1 in sdk.jsonl

Subsequent spawn attempts now fail with BalanceFailed
InsufficientFee — a separate wallet-UTxO selection concern on
follow-up txs, not the validator budget bug.

Tracks:
  - cardano-foundation/cardano-node-antithesis#112 (closed by this commit)
  - lambdasistemi/cardano-node-clients#112 / #113 (upstream root cause)

Gate the tx-generator section on `tx-generator` appearing in the
resolved compose services. Keeps full probe coverage when the daemon
is in the cluster (current behaviour, or when the disabled override is
layered in) and turns the probes into a no-op for testnets that have
parked the service.

Comment out the service block in docker-compose.yaml and park the
original definition in tx-generator.disabled.yaml as a compose
override fragment so it can be re-enabled with `-f`.

Signed-off-by: Chris Gianelloni <[email protected]>