Cardano Updates

Document the parity contract between the legacy `mkUnsignedTx`
(cardano-api builder) and the extended `Transaction.Ledger`
builder for native-script inputs, staking script, mint/burn
script sources, and output reference scripts. Byte-equivalence
on six representative scenarios is the acceptance criterion;
non-script behaviour and `ledgerMintPlumbingSpec` invariants
from #5287 remain green. `mkUnsignedTransaction` itself is
explicitly out of scope (tracked by #5285), as are signing
(#5289), Dijkstra-era extensions (#5209), and cardano-api
dependency removal (#5290).

This is the ephemeral mechanical gate that every subagent and
review pass must run before the PR is marked ready. It is removed
in a final `chore: drop gate.sh` commit at finalization.

Tasks: T000

Stacked follow-up for issue #5285, based on
[#5287](https://github.com/cardano-foundation/cardano-wallet/pull/5287)
/ branch `007-ledger-minting`.

## What changed

This PR now contains one narrow API-removal source slice:

- `Cardano.Wallet.buildAndSignTransaction` uses
`Cardano.Wallet.Shelley.Transaction.Ledger.mkTransaction`.
- The obsolete `Cardano.Wallet.Shelley.Transaction.mkTransaction`
cardano-api wrapper was removed.
- The ledger constructor was renamed from `mkTransactionLedger` to
`mkTransaction` now that it owns the production signed path.
- The #5285 and #5287 spec artifacts were aligned with the real state:
mint plumbing is present; script-witness parity remains the blocker for
the unsigned body-builder migration and cert-helper deletion.

## Still out of scope

- `mkUnsignedTransaction` still uses the cardano-api body builder.
- `Transaction/Voting.hs` and `Transaction/Delegation.hs` are not
deleted yet, because their remaining caller still needs the full
unsigned body-builder migration first.
- Script-witness support remains the next blocker.

## Local verification

- `rg -n "mkTransactionLedger" . -S` -> no matches
- `rg -n "\\bmkTransaction\\b"
lib/wallet/src/Cardano/Wallet/Shelley/Transaction.hs -S` -> no matches
- `fourmolu --mode check lib/wallet/src/Cardano/Wallet.hs
lib/wallet/src/Cardano/Wallet/Shelley/Transaction.hs
lib/wallet/src/Cardano/Wallet/Shelley/Transaction/Ledger.hs` -> pass
- `hlint lib/wallet/src/Cardano/Wallet.hs
lib/wallet/src/Cardano/Wallet/Shelley/Transaction.hs
lib/wallet/src/Cardano/Wallet/Shelley/Transaction/Ledger.hs` -> `No
hints`
- `git diff --check` -> pass
- `nix build
.#legacyPackages.x86_64-linux.hsPkgs.cardano-wallet.components.library
--no-link` -> exit 0

Refs: #5285, #5243, #5237, #5287.

## Summary

Implements the smallest first slice toward unblocking
[#5285](https://github.com/cardano-foundation/cardano-wallet/issues/5285)
Story 1: the ledger-native transaction builders no longer silently drop
minting.

This PR now includes both the spec artifacts and implementation for
[#5243](https://github.com/cardano-foundation/cardano-wallet/issues/5243):

- adds `toLedgerMintValue :: TokenMap -> TokenMap -> MultiAsset`,
netting wallet mint/burn maps into signed ledger quantities and dropping
zero entries and empty policy buckets
- threads explicit `MultiAsset` mint values through `buildLedgerTx` and
`buildLedgerTxRaw`
- extracts `txAssetsToMint` / `txAssetsToBurn` from `TransactionCtx` for
`mkTransactionLedger`
- extends `constructUnsignedTxLedger` to accept mint/burn maps and
updates the `Cardano.Wallet` call sites
- keeps script-witness support out of scope; that remains the documented
next blocker before non-empty mint transactions can validate on-chain

Follows PR
[#5286](https://github.com/cardano-foundation/cardano-wallet/pull/5286),
which documented why #5285 Story 2 has to land before Story 1.

## Artifacts

- `specs/007-ledger-minting/spec.md` — user stories, requirements,
success criteria, out-of-scope
- `specs/007-ledger-minting/plan.md` — design decisions and
implementation plan
- `specs/007-ledger-minting/research.md` — existing builder/converter
findings
- `specs/007-ledger-minting/data-model.md` — mint/burn netting rules and
invariants
- `specs/007-ledger-minting/contracts/ledger-mint-translation.md` —
converter and builder contracts
- `specs/007-ledger-minting/tasks.md` — planned task breakdown
- `specs/007-ledger-minting/quickstart.md` — reviewer commands

## Verification

- [x] `cabal test cardano-wallet-primitive:test -O0 -v0
--test-show-details=streaming --test-options='--match
toLedgerMintValue'` — 8 examples, 0 failures; each property passed 1000
tests
- [x] `cabal test cardano-wallet-unit:unit -O0 -v0
--test-show-details=streaming --test-options='--match explicit'` — 3
examples, 0 failures
- [x] `fourmolu --mode check` on touched Haskell files
- [x] `git diff --check`
- [x] `rg 'mempty -- TODO: minting support' lib/wallet/src` returns zero
matches
- [x] `rg '^toLedgerMintValue' lib/primitive` returns matches in
`Convert.hs`
- [x] FR-008 guard: `git diff origin/master --
lib/wallet/src/Cardano/Wallet/Shelley/Transaction/Ledger.hs | rg -i
'ScriptSource'` returns zero matches

## Out of Scope

- Script witnesses for mint scripts
- The `mkUnsignedTransaction` migration itself, tracked under #5285
- Dijkstra-era support in `mkLedgerTx`, unchanged from the existing
Conway-only behaviour

Use the ledger-native mkTransaction from Cardano.Wallet.buildAndSignTransaction now that the stacked minting prerequisite preserves mint and burn values there.

Remove the obsolete cardano-api mkTransaction wrapper from Shelley.Transaction and align the specs with the remaining script-witness blocker.

Tasks: #5285

Spec under specs/006-drop-api-shelley-tx/ covering issue #5285:
three independently-shippable vertical stories (P1 cert helpers,
P2 body construction, P3 signTransaction) under parent epic #5237.

Pre-flight grep on the implementation pass showed lib/wallet/src/Cardano/
Wallet.hs already imports certificateFrom{Delegation,Voting}ActionLedger
from Cardano.Wallet.Shelley.Transaction.Ledger and its 4 callsites at
2729, 2738, 3533, 3542 already use the *Ledger variants. The Phase-0
research had it wrong; plan.md, quickstart.md, and tasks.md inherited
the error. Spec.md was correct (line 18 already named the single
caller).

Slice scope shrinks from 'edit two files + delete two + cabal prune' to
'edit Shelley/Transaction.hs + delete two + cabal prune'. SC-001/SC-002,
FR-003, and the byte-equivalence proof are unaffected.

Implementation pre-flight on dce6abbbf1 showed that swapping the cert
callsites in Shelley/Transaction.hs to the *Ledger variants does not
compile: mkUnsignedTransaction passes the cert lists into
constructUnsignedTx (the cardano-api body builder) at line ~834, which
expects [ApiCert.Certificate (CardanoApiEra era)]. The *Ledger builders
return [Ledger.TxCert era]. The two are not interchangeable at this
callsite.

Cardano/Wallet.hs works on *Ledger because it routes through
constructUnsignedTxLedger — a different code path. The original Phase-0
inventory missed which body builder consumed the certs in
Shelley/Transaction.hs.

Net: Story 1 is blocked transitively on Story 2 (the body-construction
migration to constructUnsignedTxLedger), which is itself blocked on the
minting + script-witness AC in #5243. When Story 2 lands, the helper
deletion + cabal prune fold into Story 2's commit; there is no
standalone Story 1 PR. PR #5286 becomes documentation-only.

Files updated:
- spec.md: Story 1 marked BLOCKED on Story 2; assumption section corrected.
- plan.md: Status block reflects all three stories deferred; Vertical
  Slice Contract rewritten so Story 1 folds into Story 2.
- research.md: new §G "Cert flow in Shelley/Transaction.hs — what
  blocks Story 1" with the GHC error and the call-graph analysis.
- data-model.md: Story 1 row corrected to note it is not downstream-
  compatible at the Shelley/Transaction.hs callsites today.
- contracts/module-interface-invariants.md: helper-deletion invariants
  re-pegged to Story 2.
- quickstart.md: stub explaining the deferral and what to do when
  Story 2 unblocks.
- tasks.md: no work tasks; the prior T001-T014 are removed in favour of
  a deferral notice.

Refs: #5285, #5243, #5237

Phase 0 + Phase 1 speckit artifacts for issue #5285.

- plan.md (109 lines): three vertical slices, constitution check clean,
  Story 1 unblocked, Stories 2-3 blocked on Transaction.Ledger
  prerequisite ACs in #5243.
- research.md: full cardano-api symbol inventory in
  Shelley/Transaction.hs (~40 symbols across 4 imports), per-Story
  grouping, ledger replacements located.
- data-model.md: cardano-api -> ledger type map per Story.
- contracts/module-interface-invariants.md: exports that MUST stay
  signature-stable across all three slices.
- quickstart.md: ordered implementation walkthrough for Story 1
  (the unblocked slice; 5 callsites in Shelley/Transaction.hs,
  4 in Cardano/Wallet.hs, plus cabal prune and helper deletion).

Add toLedgerMintValue for wallet mint/burn TokenMaps and feed the signed ledger MultiAsset through mkTransactionLedger, constructUnsignedTxLedger, buildLedgerTx, and buildLedgerTxRaw.

The converter properties cover totality, empty input, mint-only, burn-only, netting, phantom-key absence, empty-bucket absence, and disjoint roundtrip. The builder specs cover buildLedgerTx and both buildLedgerTxRaw input branches.

Verification:

cabal test cardano-wallet-primitive:test -O0 -v0 --test-show-details=streaming --test-options='--match toLedgerMintValue'

cabal test cardano-wallet-unit:unit -O0 -v0 --test-show-details=streaming --test-options='--match explicit'

hlint lib

fourmolu --mode check touched Haskell files

git diff --check

Add toLedgerMintValue for wallet mint/burn TokenMaps and feed the signed ledger MultiAsset through mkTransactionLedger, constructUnsignedTxLedger, buildLedgerTx, and buildLedgerTxRaw.

The converter properties cover totality, empty input, mint-only, burn-only, netting, phantom-key absence, empty-bucket absence, and disjoint roundtrip. The builder specs cover buildLedgerTx and both buildLedgerTxRaw input branches.

Verification:

cabal test cardano-wallet-primitive:test -O0 -v0 --test-show-details=streaming --test-options='--match toLedgerMintValue'

cabal test cardano-wallet-unit:unit -O0 -v0 --test-show-details=streaming --test-options='--match explicit'

fourmolu --mode check touched Haskell files

git diff --check

Implementation pre-flight on dce6abbbf1 showed that swapping the cert
callsites in Shelley/Transaction.hs to the *Ledger variants does not
compile: mkUnsignedTransaction passes the cert lists into
constructUnsignedTx (the cardano-api body builder) at line ~834, which
expects [ApiCert.Certificate (CardanoApiEra era)]. The *Ledger builders
return [Ledger.TxCert era]. The two are not interchangeable at this
callsite.

Cardano/Wallet.hs works on *Ledger because it routes through
constructUnsignedTxLedger — a different code path. The original Phase-0
inventory missed which body builder consumed the certs in
Shelley/Transaction.hs.

Net: Story 1 is blocked transitively on Story 2 (the body-construction
migration to constructUnsignedTxLedger), which is itself blocked on the
minting + script-witness AC in #5243. When Story 2 lands, the helper
deletion + cabal prune fold into Story 2's commit; there is no
standalone Story 1 PR. PR #5286 becomes documentation-only.

Files updated:
- spec.md: Story 1 marked BLOCKED on Story 2; assumption section corrected.
- plan.md: Status block reflects all three stories deferred; Vertical
  Slice Contract rewritten so Story 1 folds into Story 2.
- research.md: new §G "Cert flow in Shelley/Transaction.hs — what
  blocks Story 1" with the GHC error and the call-graph analysis.
- data-model.md: Story 1 row corrected to note it is not downstream-
  compatible at the Shelley/Transaction.hs callsites today.
- contracts/module-interface-invariants.md: helper-deletion invariants
  re-pegged to Story 2.
- quickstart.md: stub explaining the deferral and what to do when
  Story 2 unblocks.
- tasks.md: no work tasks; the prior T001-T014 are removed in favour of
  a deferral notice.

Refs: #5285, #5243, #5237

Spec under specs/006-drop-api-shelley-tx/ covering issue #5285:
three independently-shippable vertical stories (P1 cert helpers,
P2 body construction, P3 signTransaction) under parent epic #5237.

Use a short mktemp directory under /tmp for the Linux Memory Benchmark before running the existing benchmark command. This avoids the cardano-node Unix socket path limit while keeping other benchmark jobs on runner.temp.

Ignore local llm review artifacts and remove the tracked llm review file inherited from the rebased base so the repository keeps llm out of tracked source.

Verification: actionlint accepted linux-benchmarks.yml with repository custom runner-label warnings ignored. The representative issue path is 120 bytes, and the new representative socket path is 94 bytes.

Live verification: Linux Benchmarks workflow dispatch 25724369765 passed end to end and uploaded memory-bench-results.csv, memory.hp, memory.svg, memory.log, and memory.error.log.

Fixes #5283

Closes #5278.

Reworks `.github/workflows/restoration-benchmarks.yml` so every
restoration benchmark run starts from a fresh Mithril-provisioned node
database instead of relying on whatever the self-hosted runner happens
to have on disk. Each matrix leg (`base`, `seq0`, `seq1`, `rnd5`) gets
an isolated node DB so legs can run in parallel without sharing mutable
state. Mithril download/extraction/node startup/sync are timed and
logged separately from the wallet restoration benchmark.

## Status

Draft. Only the feature spec is in so far
(`specs/005-mithril-bench-snapshots/spec.md`). Plan, tasks, and
implementation follow as separate commits on this branch.

Record the solo PR gate, plan review, task review, code handoff, and ReadyForExternalReview state for issue #5283.

The reviewed code commit is 60805e8907c38eeb4027ce399d881e7756914510.

Use a short mktemp directory under /tmp for the Linux Memory Benchmark before running the existing benchmark command. This avoids the cardano-node Unix socket path limit while keeping other benchmark jobs on runner.temp.

Gate: llm/reviews/local-5283-linux-memory-benchmark-tmpdir/gate.sh (old path 120 bytes, new path 94 bytes).

Fixes #5283