Cardano Updates

Bare relative paths broke under Hydra where the working directory is a
build sandbox unrelated to the source tree. Declare the example YAML and
trace files as cabal data-files and resolve their location at runtime via
Paths_cardano_recon_framework.getDataDir, which cabal/Nix wire up to the
correct installed path in every environment.

Co-Authored-By: Claude Sonnet 4.6 <[email protected]>

Yaci 0.4.1 fixes a CBOR parsing error for blocks using definite-length
arrays (>23 txs), which broke chain sync on preview. Also adds
configurable TipFinder timeouts.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

## Summary

Bump all dependencies to cardano-node 10.7.1 and adapt wallet code to
upstream API changes.

## Upstream pins (both on main)

- **cardano-ledger-read**:
cardano-foundation/cardano-ledger-read@cc9ca75 (10.7.1)
- **cardano-balance-tx**:
cardano-foundation/cardano-balance-transaction@5d69cc9 (main HEAD — [PR
#40](https://github.com/cardano-foundation/cardano-balance-transaction/pull/40)
merged 2026-04-17, added `SafeToHash (NativeScript era)` to
`RecentEraConstraints`)

## Code changes

### Deprecated API migrations
- `ppMinFeeAL` → `ppTxFeePerByteL` (returns `CoinPerByte`, unwrap with
`fromCompact . unCoinPerByte`)
- `ppMinFeeBL` → `ppTxFeeFixedL`
- `StakeCredential` → `Credential Staking`
- `PaymentCredential` → `Credential Payment`
- `RewardAccount` → `AccountAddress` with `AccountId` wrapper
- `decodeRewardAccount` → `decodeAccountAddress`
- `serialiseRewardAccount` → `serialiseAccountAddress`
- `raNetwork` → `aaNetworkId`, `raCredential` → `unAccountId . aaId`
- `PoolParams` pattern `pp*` fields → `StakePoolParams` with `spp*`
fields
- `Ouroboros.Network.NodeToClient` →
`Cardano.Network.NodeToClient.Version`

### Other fixes
- Removed redundant imports (`Cardano.Ledger.Plutus.Language`,
`Cardano.Ledger.Shelley.API`, `Cardano.Ledger.Keys`,
`Cardano.Ledger.MemoBytes`)
- Added `BangPatterns` for unbanged strict patterns (`SBS.SBS ba`,
`BA.ByteArray ba`)
- Added `GuardNativeScriptNotSupportedInConway` pattern match in API
error handler
- Fixed `HF.Bound` construction (new `boundPerasRound` field via record
update from `initBound`)
- Replaced `ouroboros-network` dep with `cardano-diffusion:api` /
`ouroboros-network:api` where needed
- cabal-fmt applied to all changed `.cabal` files
- Dijkstra era stubs remain (`error "TODO"`)

## nix/haskell.nix changes

Three distinct concerns, kept in separate commits:

**1. `28a9e5f9` — Adapt nix shell for ouroboros-consensus 1.0**

ouroboros-consensus 1.0.0.0 absorbed `consensus-cardano`, `protocol`,
`diffusion` into sublibraries
(`ouroboros-consensus:{cardano,protocol,diffusion}`), and
ouroboros-network 1.1.0.0 absorbed `network-api`, `framework`,
`protocols` (`ouroboros-network:{api,framework,protocols}`). Two
problems:

- **Sublibraries missing in the dev shell's GHC package db**
(haskell.nix
[#1662](https://github.com/input-output-hk/haskell.nix/issues/1662)).
Added `shell.additional` to explicitly register the sublibraries we
consume. Also switched `withHoogle = false` because Hoogle index
generation trips on the sublibrary resolution.
- **`lmdb` / `liburing` system libs**. haskell.nix evaluates every
sublibrary of `ouroboros-consensus` during plan resolution (including
`lmdb` and `lsm`), even though the wallet doesn't use them. Without the
C libs on `nativeBuildInputs` via `pkg-config`, nix eval fails. The libs
are not linked into the wallet binary.
- **shellHook CHaP workaround**. Even with `additional`, `cabal build`
inside `nix develop` still fails to resolve the sublibraries against the
installed package db. Workaround: materialize CHaP as a local repo via
`mkLocalHackageRepo` and write a `cabal.project.local` that points cabal
at it, bypassing the broken GHC package db. Added `cabal.project.local`
to `.gitignore`.

**2. `24a4c552` — cabal 3.16 / haskell.nix index mismatch**

cabal 3.16 expects `00-index.tar.gz` in a local repo, but
`mkLocalHackageRepo` only writes `01-index.tar.gz`. Two workarounds:

- In the shell hook, clear
`~/.cache/cabal/packages/cardano-haskell-packages-local` before
recreating the project.local — stale caches referenced the old
(non-existent) tarball path and caused cabal to try to download packages
that only live as an index.
- In `scripts/ci/check-haskell-nix-cabal.sh`, copy the CHaP repo to a
writable temp dir and symlink `00-index.tar.gz` → `01-index.tar.gz` so
`cabal update` succeeds under 3.16.

**3. `68166a09` — balance-tx pin bump**

cabal.project tag + sha256, plus the matching `inputMap` /
`extra-hackages` references in `nix/haskell.nix`.

**4. `3fb88c5e` — HLS CI step fix**

The "Check HLS Works" CI step was loading the shellHook-generated
`cabal.project.local` and re-running resolution against the local CHaP
repo, which HLS can't load. Remove the file before invoking HLS.

## Known issues (follow-ups, not blockers)

- haskell.nix sublibrary resolution bug:
https://github.com/input-output-hk/haskell.nix/issues/1662 (the
shellHook workaround above is in place until fixed upstream)
- ProtocolParameters type alignment:
https://github.com/cardano-foundation/cardano-wallet/issues/5252

Closes https://github.com/cardano-foundation/cardano-wallet/issues/5247

This makes is less surprising that a nix develop or direnv works
differently from within analysis/deltaq/linear-leios

- Bump cardano-node version to 11.0
- Unconditionally enable ProtVer 11
- Unconditionally parse Dijkstra Genesis

Bumps the default sync grace window from 100 to 200 slots across env files,
Spring config, Helm values, and docs. The previous value caused the synced
flag on /network/status to flap when the HTTP link between rosetta-api and
yaci-indexer was briefly unstable.

Enriches the logs in YaciHttpGatewayImpl for both getStakeAccountRewards
and getDiscoveredPeers: non-2xx branches now include the target URL and
response body alongside the status code, and IOException/InterruptedException
branches include the URL plus the exception (full cause chain) so SSL and
connection errors are visible in the logs.

Co-authored-by: Mateusz Czeladka <[email protected]>
Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>

  When a node restarts and catches up with the chain, all network messages
  (including ReqTx) are rejected with WaitOnNodeInSync and re-enqueued with
  decremented TTL. Since ReqTx has TTL=5 (500ms of retries) while chain
  catch-up typically takes longer, ReqTx messages are dropped before the
  node finishes syncing. This means the node never receives transactions
  referenced by subsequent ReqSn messages, causing WaitOnTxs and permanent
  snapshot deadlock.

  Fix: preserve TTL when the wait reason is WaitOnNodeInSync, since the
  message cannot be processed yet and burning retries is wasteful.

Signed-off-by: Sasha Bogicevic <[email protected]>

This PR implements a generic interface that can be used to instantiate
multiple voting committee schemes using multiple crypto backends for
vote and certificate signing and validation.

The main `CryptoSupportsVotingCommittee` type class allows
implementations to define abstract votes and certificate types, check
when a node should vote, and forge and verify certificates and votes.

In addition, it provides a wrapper that allows us to keep track of two
simultaneous voting committees, the one corresponding to the current
epoch, and the one from the previous one. This is needed to validate
votes and certificates arriving slightly late at the beginning of a new
epoch.

Both hydraPkgs (via grapesy/grpc) and cardanoNodePrePkg (10.7.0) depend on
proto-lens-protobuf-types, which invokes protoc at build time through its
custom Setup.hs.  Upstream hydra (nix/hydra/project.nix) and upstream
cardano-node 10.7.0 (nix/haskell.nix) both inject pkgs.buildPackages.protobuf
into build-tools — this project was missing that module, causing all hydra and
cardano-node-pre builds to fail with "couldn't find the executable protoc".

NixOS lacks the glibc/nspr/etc. libs agent-browser's bundled Chrome
needs. Workaround: install chromium via nix and connect agent-browser
to it via CDP. Ships scripts/agent-browser-nixos.sh that automates it.

Signed-off-by: Yummy-Yums <[email protected]>
Signed-off-by: Yummy-Yums <[email protected]>

Aggregator below '0.8.46' is incompatible with Cardano from '10.7.0'.

* mithril-end-to-end from `0.4.129` to `0.4.130`

Publishes the current state of programmatic access to Antithesis test
reports: no REST API or MCP server, reports arrive as signed HTML URLs
via email, and the official path for AI-agent triage is the
antithesis-triage skill plus snouty/agent-browser/jq.

Adds docs/triage.md with the full story and how it ties into the moog
workflow we use to request and decrypt report URLs.