Cardano Updates

The cancel/reject heuristic matched any wallet error message containing
"user" (etc.) and rewrote it to "Signing cancelled", which hid the real
UTXOS signData failure even after we started surfacing it. Show the raw
provider message verbatim so the true cause is visible.

Co-Authored-By: Claude Fable 5 <[email protected]>

WalletAuthModal swallowed the wallet's actual signData exception and
replaced it with "Failed to sign nonce. Please try again." On the UTXOS
smart wallet, signData fails inside the provider with a specific error
("Etwas ist schiefgelaufen") that we were discarding, leaving no way to
diagnose why authorization fails on mobile while getNonce succeeds
server-side.

Surface the underlying message in both the toast and console.error,
while keeping the friendly cancel/reject handling on top.

Co-authored-by: Claude Fable 5 <[email protected]>

WalletAuthModal swallowed the wallet's actual signData exception and
replaced it with "Failed to sign nonce. Please try again." On the UTXOS
smart wallet, signData fails inside the provider with a specific error
("Etwas ist schiefgelaufen") that we were discarding, leaving no way to
diagnose why authorization fails on mobile while getNonce succeeds
server-side.

Surface the underlying message in both the toast and console.error,
while keeping the friendly cancel/reject handling on top.

Co-Authored-By: Claude Fable 5 <[email protected]>

* feat(midnight): Added acropolis midnightState protobuf codegen

Signed-off-by: Akhil Repala <[email protected]>

* feat(midnight): Made changes to pin the protoc version used by make proto instead of relying on whichever protoc binary is available on PATH.

Signed-off-by: Akhil Repala <[email protected]>

* feat(midnight): Made changes to verify the downloaded protoc archive used by make proto with platform-specific SHA-256 checksums before extraction

Signed-off-by: Akhil Repala <[email protected]>

* feat(midnight): Made changes where checksum verification now uses sha256sum when available and falls back to shasum for macOS/other environments.

Signed-off-by: Akhil Repala <[email protected]>

---------

Signed-off-by: Akhil Repala <[email protected]>
Signed-off-by: Chris Gianelloni <[email protected]>
Co-authored-by: Chris Gianelloni <[email protected]>

The final ledger-state query cardano-cli issues while balancing a
transaction. Return the chain's treasury and reserves pots (from the network
state) wrapped in the single-element result array, so the wire shape is
[ [treasury, reserves] ], matching cardano-node. Values are signed because
Coin is an Integer in the ledger.

With this, GetStakePools + GetDRepState + GetAccountState cover the full
query set cardano-cli sends, and `cardano-cli conway transaction build`
completes against Dingo, producing a valid Tx ConwayEra (verified on a Conway
devnet with cardano-cli 11.0.0.0).

Depends on the gouroboros GetAccountState query type; requires a gouroboros
release and a go.mod bump before this builds in CI.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Signed-off-by: Chris Guiney <[email protected]>

GetAccountState (Shelley/Conway block sub-query 29) was an unimplemented gap
in the query registry, so the server could not decode it and any client that
sent it (e.g. cardano-cli while balancing a transaction) had its connection
torn down.

Add the query type, register it for decoding, and add the result type and
client method. The result is the account state pots wrapped in the
single-element result array — on the wire [ [treasury, reserves] ] — both
signed, since Coin is an Integer in the ledger (a misconfigured network can
drive reserves negative). Verified against cardano-node's GetAccountState
reply on a Conway devnet.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Signed-off-by: Chris Guiney <[email protected]>

The second ledger-state query cardano-cli issues while balancing a
transaction (after GetStakePools). Like the others, leaving it unhandled
tore down the local-state-query connection.

Return the registration state of the requested DReps — or of all DReps when
the credential set is empty (matching the Haskell ledger's "empty means
all") — as a map of stake credential -> {expiry epoch, optional anchor,
deposit}, wrapped in the single-element result array cardano-cli expects.
The wire shape was verified against cardano-node: an empty result is the
CBOR `81 a0` ([ {} ]) — note gouroboros' own DRepStateResult client type
omits that wrapper, so cardano-node's bytes are the reference, not the type.

Verified with cardano-cli 11.0.0.0 against the Conway devnet:
`query drep-state --all-dreps` now returns `[]`, matching cardano-node, and
`transaction build` progresses past GetDRepState.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Signed-off-by: Chris Guiney <[email protected]>

cardano-cli issues the GetStakePools ledger-state query while balancing a
transaction (e.g. `transaction build`). Dingo did not handle it, so the
query returned an "unsupported query type" error, which tears down the
local-state-query connection — the client sees
`BearerClosed "<socket: 11> closed when reading data"`.

Implement the query: return the key hashes of the currently active
(registered, non-retired) stake pools as a CBOR set (tag 258) of pool IDs.
cardano-cli is strict about the encoding — a plain (untagged) array fails to
decode with "expected tag", and an unsorted set fails with "Canonicity
violation while decoding Set" — so the IDs are emitted in ascending
canonical byte order, wrapped in the single-element result array the
query's result type decodes from.

Adds a Database.GetActivePoolKeyHashes wrapper over the existing metadata
store method. Verified end-to-end against a Conway devnet with cardano-cli
11.0.0.0: `query stake-pools` now returns the pool set and decodes
successfully, matching cardano-node.

Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
Signed-off-by: Chris Guiney <[email protected]>

Koz/976

Signed-off-by: cryptodj413 <[email protected]>

Convert demand analysis to annotate ANF

Signed-off-by: Chris Gianelloni <[email protected]>