Cardano Updates

Bump the limit for waiting on hydra-node connection

Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>

:construction_worker_man: - Fix head getting permanently stuck when
CommitFinalized or DecommitFinalized bumps the snapshot version while a
ReqSn echo is still in-flight — only blocks re-request when AckSns are
actively collecting (isCollectingAcks), not during RequestedSnapshot.
:construction_worker_man: - Fix deposit activated while a snapshot is
in-flight being silently dropped — the next chained snapshot picks it up
via selectNextDeposit, and DepositActivated now sets currentDepositTxId
if unset.
:construction_worker_man: - Fix deposits from other heads being selected
for ReqSn in ReqTx, OnDecrementTx, and rollback repost handlers —
depositsForHead is now applied consistently in all head-level handlers.
:construction_worker_man: - Guard deposit aggregate cases by headId to
prevent one head's deposits from corrupting another head's state when
multiple heads share the same network.
:construction_worker_man: - Fix Plutus script evaluation on
mainnet/testnet: L2 ledger Globals now uses era-aware EpochInfo (queried
from chain) instead of fixedEpochInfo, ensuring correct POSIXTime values
in Plutus ScriptContext for time-sensitive scripts.
:construction_worker_man: - Fix Preproduction node not syncing due to
missing peer-snapshot.json bootstrap and stale config paths.
:construction_worker_man: - Remove the hard-coded 100 ADA commit limit
on mainnet.
:construction_worker_man: - Remove the GET /head-initialization
endpoint.


---

<!-- Consider each and tick it off one way or the other -->
* [x] CHANGELOG updated or not needed
* [x] Documentation updated or not needed
* [x] Haddocks updated or not needed
* [x] No new TODOs introduced or explained herafter

Signed-off-by: Sasha Bogicevic <[email protected]>

Fixes #2298

The `--peer` help text previously stated a limit of *N peers*.  
but it applies to **parties in a Hydra Head**, not to
network peers. With the introduction of mirror nodes, additional peers
may exist.

This change updates the CLI help text to refer to **parties** instead of
**peers**
and clarifies that mirror nodes may also connect.

Example output:
```
cabal run hydra-node -- --help | grep -A4 -- '--peer'
```

```text
 -P,--peer ARG            A peer address in the form <host>:<port>, where
                          <host> can be an IP address or a host name. Can be
                          provided multiple times, once for each peer. Heads
                          currently support at most 7 parties; mirror nodes may
                          also connect as peers.
```

Regression test was added in Hydra.OptionsSpec:
```sh
cabal test hydra-node --test-options='--match "Hydra Node RunOptions"' 
cabal test hydra-node --test-options='--match "shows --peer help in terms of parties"'
```

---

* [x] CHANGELOG updated or not needed
* [x] Documentation updated or not needed
* [x] Haddocks updated or not needed
* [x] No new TODOs introduced or explained herafter

- Change the token name to HydraHeadV2
- Don't have a maximum mainnet limit on deposits (we didn't have that
previously)

> [!IMPORTANT]
>
> Because we're dropping the mainnet maximum deposit check, there is now
_no_ limit on the amount of funds deposited into a hydra head. Please
note that until the partial fanout work is complete (sometime around
June), there is still a [known
problem](https://hydra.family/head-protocol/docs/known-issues) around
funds getting stuck in a head if the UTxO set is too large to fanout.
>
> We urge caution in comitting too much Ada before this limitation is
fully resolved!


### Todo

- [x] Decide if we want to move to V2 now, or wait for partial fanout.
- [x] Small change to changelog (don't broadcast widely about the limit
removal at the moment.)
- [x] [Include updated spec as flake
input](https://github.com/cardano-scaling/hydra-formal-specification/pull/24)

---

<!-- Consider each and tick it off one way or the other -->
* [x] CHANGELOG updated or not needed
* [x] Documentation updated or not needed
* [x] Haddocks updated or not needed
* [x] No new TODOs introduced or explained herafter

Signed-off-by: Sasha Bogicevic <[email protected]>

Remove the hard-coded 100 ADA commit limit on mainnet ('rejectMoreThanMainnetLimit').
This training-wheels restriction is no longer needed.

Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>

  ReqTx, OnDecrementTx, and the rollback repost path were passing unfiltered
  pendingDeposits, allowing deposits from other heads to be picked up when
  selecting the next deposit for ReqSn. Apply depositsForHead consistently,
  matching the existing filtering already done in ReqSn, AckSn, and onOpenChainTick.

Signed-off-by: Sasha Bogicevic <[email protected]>

  When CommitFinalized (or DecommitFinalized) arrives while a snapshot is
  in RequestedSnapshot state, the in-flight ReqSn carries the old version
  and will be rejected with ReqSvNumberInvalid once the version bumps.
  Since nothing re-triggers a fresh request, the head gets permanently
  stuck with pending localTxs.

  The guard added in ef0762bd5 used snapshotInFlight which returns True
  for both RequestedSnapshot and SeenSnapshot. This was correct for
  SeenSnapshot (AckSns in-flight, snapshot will complete naturally) but
  too broad for RequestedSnapshot (stale echo will be rejected).

  Replace the guard with isCollectingAcks which only blocks SeenSnapshot,
  allowing CommitFinalized/DecommitFinalized to immediately re-request
  with the new version when in RequestedSnapshot state.

Signed-off-by: Sasha Bogicevic <[email protected]>

  The old dumpTrace used say which in IO context dumps the entire IOSim
  trace (potentially thousands of JSON lines) to stdout on test failure.
  With slow-network tests generating much larger traces, this was very
  noisy. Now the trace is written to a temp file and only the path is
  printed.

Signed-off-by: Sasha Bogicevic <[email protected]>

  Rename "extracts correct snapshot number" to reflect that the test now
  verifies SeenSnapshot is preserved (not reset to LastSeenSnapshot) so
  AckSns can still be collected after DecommitFinalized arrives.

Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>

  When a deposit activates while a snapshot is in-flight, the tick cannot
  request a snapshot (blocked by snapshotInFlight). After the in-flight
  snapshot confirms, LocalStateCleared resets currentDepositTxId to Nothing,
  so setExistingDeposit returns Nothing and the deposit is never included in
  subsequent chained snapshots — eventually expiring unused.

  Fix by introducing selectNextDeposit which falls back to scanning
  pendingDeposits for the oldest active deposit when currentDepositTxId is
  unset, guarded by: no pending decommit and the last confirmed snapshot did
  not already include a deposit (to avoid double-posting IncrementTx before
  CommitFinalized removes the deposit). This fallback is used in both
  maybeRequestNextSnapshot and maybeRequestSnapshot in onOpenNetworkReqTx.

Signed-off-by: Sasha Bogicevic <[email protected]>

  After CommitFinalized or DecommitFinalized, the aggregate resets
  seenSnapshot to LastSeenSnapshot{lastSeen = confirmedSn}. Four tests
  were asserting lastSeen = requested (the in-flight snapshot number),
  which is incorrect — using the requested number would cause
  waitNoSnapshotInFlight to fail on followers when lastSeen exceeds
  confirmedSn, breaking the "does not get stuck" scenario.

  Rename tests and update comments to reflect actual behavior: the reset
  uses confirmedSn, which allows maybeRequestSnapshotAfterCommit/Decommit
  to fire immediately. Late AckSn messages for the abandoned snapshot may
  temporarily queue until a subsequent snapshot advances seenSnapshot.

Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>