Cardano Updates

Signed-off-by: Sasha Bogicevic <[email protected]>

Bumps [github.com/blinklabs-io/gouroboros](https://github.com/blinklabs-io/gouroboros) from 0.153.1 to 0.170.1.
- [Release notes](https://github.com/blinklabs-io/gouroboros/releases)
- [Changelog](https://github.com/blinklabs-io/gouroboros/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/blinklabs-io/gouroboros/compare/v0.153.1...v0.170.1)

---
updated-dependencies:
- dependency-name: github.com/blinklabs-io/gouroboros
  dependency-version: 0.170.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

The consensus Leios chunks added four fields to the consensus tracer
records that cardano-node assembles in 'Cardano.Tracing.Tracers' (old
style) and 'Cardano.Node.Tracing.Tracers' (new style):

  - Consensus.Tracers'      gained 'leiosKernelTracer' and 'leiosPeerTracer'
  - NodeToNode.Tracers'     gained 'tLeiosNotifyTracer' and 'tLeiosFetchTracer'

This commit populates those fields in both 'mkTracers' code paths so
the record-construction sites are total. All four are wired to
'nullTracer' for now; the corresponding 'Transformable' / 'MetaTrace'
instances and EKG metrics are left as TODO. The new-style tracing
system will accordingly emit a 'TracerConsistencyWarnings' for the
four Leios namespaces declared in the config.yaml — that surfaces the
gap explicitly rather than silently dropping the configuration.

Adds the corresponding selectors to 'TraceSelection' / 'PartialTraceSelection'
and their JSON parsing:

  - traceLeiosKernel          / Consensus.LeiosKernel
  - traceLeiosPeer            / Consensus.LeiosPeer
  - traceLeiosNotifyProtocol  / LeiosNotify.Remote
  - traceLeiosFetchProtocol   / LeiosFetch.Remote

Also drops the duplicate 'LogFormatting (Simple/Stateful.TraceSendRecv)'
and 'MetaTrace (Simple/Stateful.TraceSendRecv)' instances that the
upstream leios-prototype branch carried in
'Cardano/Node/Tracing/Tracers/NodeToClient.hs' — they are now provided
by 'ouroboros-network:framework-tracing' and would collide if redefined
here.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

Updates cabal.project to point at the three rebased Leios forks that
ship with this cardano-node 11.0.1 build:

  - ouroboros-consensus  @  IntersectMBO/ouroboros-consensus
    branch leios-prototype-remake-3.0.1.0
    Single squashed Leios commit on top of release-3.0.1.0
    (mempool + diffusion + chain inclusion + voting + demo).
  - ouroboros-network    @  IntersectMBO/ouroboros-network
    branch leios-prototype-remake-1.1.0.0
    Three Leios commits on top of ouroboros-network-1.1.0.0
    (BearerBytes, Reception arrival-time, drop unused imports)
    + a trace-dispatcher version bump for compat with cardano-node 11.0.1.
  - cardano-ledger       @  IntersectMBO/cardano-ledger
    branch leios-prototype-remake
    Adds 'Maybe LeiosCert' on the Dijkstra block body
    (Dijkstra-only, mirrors 'Maybe PerasCert').

Also drops the 'dmq-node' extra-package (its latest CHaP release
requires ouroboros-network:framework-tracing, a sublib name that
the remade network fork doesn't carry).

Vendors a one-line 'ekg-forward' source patch (left untouched here)
to match the network's pre-bump 'ConnectToArgs' shape.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

The consensus Leios chunks extended 'NTN.Codecs' with two extra type
parameters ('bLN' / 'bLF', for LeiosNotify and LeiosFetch), and the
network-side BearerBytes/Reception work changed 'runPeerWithLimits' to
return 'Maybe (Reception bytes)' (instead of 'Maybe bytes') and made
'byteLimitsKeepAlive' parameter-less.

Update 'tx-generator' to compile against the rebased stack:

  - Pull in 'ouroboros-network:framework-tracing' as a sublib dependency.
  - Extend the local 'myCodecs' type to 9 'ByteString' parameters (was 7).
  - Update 'kaClient' return type to 'IO ((), Maybe (Mux.Reception ByteString))'.
  - Drop the size-function argument from 'byteLimitsKeepAlive'.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

Introduces 'Cardano.Node.Configuration.Leios.LeiosDbConfig' with two
constructors:

  - LeiosDbInMemory          (matches 'LeiosDbConnection's in-memory backend)
  - LeiosDbSQLite !FilePath  (SQLite backend, file relative to node CWD)

Wired through 'PartialNodeConfiguration' / 'NodeConfiguration' as
'ncLeiosDbConfig' with JSON parsing ('"LeiosDbConfig":{"Backend":...,
"Filepath":...}') and a default of 'LeiosDbSQLite "leios.db"'.

At node startup ('Cardano.Node.Run.handleSimpleNode'), the configured
backend is materialised into a 'LeiosDbHandle' (via 'newLeiosDBInMemory'
/ 'newLeiosDBSQLite') and passed into 'RunNodeArgs' through a new
'rnLeiosDb :: Maybe (LeiosDbHandle m)' field, which consensus's
'runWith' threads into the Leios kernel's shared connection.
'Nothing' falls back to the in-memory default.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

- blockio-uring -> 0.2.0.0
- blockio -> 0.2.0.0
- lsm-trees -> 1.1.0.0

- QuickCheck -> 2.18.0.0
  - quickcheck-state-machine -> 0.10.4
  - fs-sim -> 0.5.0.1

- Move the subagent brief out of tasks.md into
  specs/008-script-witness-parity/briefs/T010-T013.md so the
  task list stays scannable. tasks.md now points at the brief
  rather than embedding it.
- Add T013 (US3): one QuickCheck property
  prop_buildLedgerTx_matches_mkUnsignedTx_on_script_witnesses
  over random (SelectionOf TxOut, ScriptWitnesses) pairs within
  documented generator bounds. The property is acceptance-gating;
  withMaxSuccess 100; same equality assertions as the six
  enumerated cases.
- Revise research.md D6 (property was "optional"; now mandatory)
  and plan.md "Tests" (was "optional/deferred"; now mandatory)
  so all artifacts agree.

Upstream cleanup, not Leios-specific: eight unused-import warnings that
upstream's own ghc-options promote to errors via 'nix/ouroboros-network.nix'
('-Werror' on forAllProjectPackages). They've been present at the
'main-peras-5202-merged' SHA that cardano-node and ouroboros-consensus
master both consume; surface when downstream haskell.nix builds also
inherit `-Werror`.

Affected files (one unused qualified import each):
- framework/lib/Ouroboros/Network/Protocol/Handshake/Codec.hs (BL)
- framework/tests-lib/.../ConnectionManager/Experiments.hs (LBS)
- framework/io-tests/.../Driver.hs (List)
- framework/io-tests/.../Socket.hs (IntMap)
- tests/lib/.../TxSubmission/AppV1.hs (BSL)
- tests/lib/.../TxSubmission/AppV2.hs (BSL)
- protocols/tests-lib/.../KeepAlive/Test.hs (BL)
- protocols/tests-lib/.../PeerSharing/Test.hs (BL)

Verified with 'cabal clean && cabal build all --ghc-options=-Werror' →
exit 0.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

Replace the `dataSize :: bytes -> Word` field of `ProtocolSizeLimits`
with a `BearerBytes` class:

    class BearerBytes bytes where
        bearerBytesSize :: bytes -> Word

Default instances cover `BS.ByteString`, `BL.ByteString`, `[Char]` and
`AnyMessage msg` (for tests).  Driver/Limits gains a `BearerBytes bytes`
constraint on the public entry points (`runPeerWithLimits` and friends).
The seven `byteLimits*` codec helpers no longer take a
`(bytes -> Word)` argument — call sites drop the `(fromIntegral .
LBS.length)` boilerplate.  Two test predicates that previously used
`dataSize` now call `bearerBytesSize` directly.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

The 1.1.0.0 release of 'ouroboros-network' and the 1.0.0.0 release of
'cardano-diffusion' both pin 'trace-dispatcher ^>=2.11.0', but
cardano-node 11.0.1 pulls in trace-dispatcher 2.12.x. Bump the bounds
in both cabal files so the rebased Leios fork builds against the
trace-dispatcher version shipped with cardano-node 11.0.1.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

Wrap `Channel m a` recv values in a new `Reception a = MkReception
!(IntMap Time) !a`, recording per-chunk arrival times.  In the mux
demuxer the chunk's arrival time is paired with its starting byte
offset; codec/driver layers either strip the time map (the codec sees
only bytes) or propagate it through `wrapMiniProtocolTrailing` at the
mini-protocol callback boundary.  Tests/demos/benches use `IntMap.empty`
when synthesising trailing.

This is the network half of the November Leios demo's arrival-time
plumbing; consumers (e.g. Praos block-arrival tracing on the consensus
side) will be wired up separately.

Co-Authored-By: Claude Opus 4.7 <[email protected]>

The cleanup that follows `cabal v2-build` walks the slice's `$out` and
deletes the lndir-composed dep-slice content — those symlinks are
pure overhead (NAR scan, fixupPhase walk, reference scan all stat
them) and downstream consumers compose dep slices directly from
`nix-support/transitive-deps`.

GHC bakes `<this-slice>/store/.../<dep-uid>/lib` into the slice's own
shared libraries' DT_RUNPATH / LC_RPATH so iserv-dyn / dyld can find
each dep's transitive `.so` at TH-eval time.  Plain "wipe dep dirs"
breaks this: stdenv's `shrink-rpath` (Linux fixupPhase) sees the
entry's dir is empty / missing and drops it, and on Darwin
install_name_tool wasn't touching them either — at runtime dyld
fails with `No such file or directory`.

Before wiping, walk every ELF / Mach-O file in the slice's own
unit dirs and rewrite its rpath: for each entry pointing into
`$out/store/`, follow a symlink under it via `readlink -f` to find
the dep slice's actual `/nix/store/<dep-slice>/store/.../<dep-uid>/lib`
and substitute that.  Linux uses `patchelf --set-rpath`; Darwin uses
`install_name_tool -rpath`.  After the rewrite, `shrink-rpath` sees
populated dirs and keeps the entries.

Confirmed:
  * x86_64-linux native with-packages.run (paired with the awk fix
    in the v2-shell env-file generator)
  * x86_64-linux musl64 js-template-haskell.build — previously
    failed with `Error loading shared library libHSth-abstraction-…
    .so: No such file or directory` because shrink-rpath had
    stripped the dep-slice path
  * x86_64-linux native cabal-sublib-shell.run
  * armv7a-android-prebuilt c-ffi.run (cross)

One bisect-safe implementation slice folds T010 (RED: six failing
parity scenarios in TransactionLedgerSpec), T011 (GREEN:
ScriptWitnesses extension + plumbing in Transaction/Ledger.hs +
default updates at all five call sites), and T012 (regression
re-run of the broader TransactionLedger pattern) into a single
subagent commit. The brief in tasks.md is self-contained — the
subagent loads no process skill.

T000-T002 (bootstrap + spec + plan stops) are already done.
T020-T023 are orchestrator-owned finalisation chores (gate
re-run, PR body refresh, finalization audit, drop gate.sh +
mark ready) and do not require a subagent.

The previous SQL paginated by epoch_stake.id (an auto-increment assigned
at insertion time by db-sync). Two replicas with identical chain data
can have different epoch_stake.id ranges for the same epoch — db-sync
recomputes the snapshot per epoch, and rollback/replay can leave gaps
or reorder insertions. Result: page 1 returned a different subset of
stake_address rows on each backend.

Verified on two backends with bit-identical data (md5 of the full set
matched) but different id ranges (91359..92937 vs 93823..95434 for the
same epoch 121, 1579 rows each).

Fix: order by the slot_no of the `delegation` row that established the
(addr, pool) pairing effective in this epoch. slot_no is pure chain
data, stable across any replica. Tiebreak on addr_id.

Applied to:
- /epochs/:number/stakes              (paged + unpaged)
- /epochs/:number/stakes/:pool_id     (paged + unpaged)

Same response shape, same set of rows — just deterministic ordering.

Plan cost: a correlated subquery on `delegation` fires once per
epoch_stake row, served by `idx_delegation_addr_id`. ~7 ms total on
preview's epoch 121 (1579 rows), unchanged from the previous 6.5 ms.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

* cabal.project: Update index-states
* Update allow-newer section
* flat: Hide Arbitrary Semigroup instances if Quickeck >= 2.18
* Nix updates

Needed by GHC 9.6.7 and 9.8.4 to build ghc-lib-parser for stylish-haskell.