Cardano Updates

  Add `mkSeenSnapshot` as the single correct way to construct the
  `SeenSnapshot` variant, ensuring `signableBytes` is always derived
  from `snapshot`. Direct record construction could silently produce a
  stale bytes/snapshot mismatch, causing incorrect signature verification.

  Also remove code duplication in `verifyMultiSignatureBytes` by having
  `verifyMultiSignature` delegate to it after computing the bytes.

Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>

[2.0.0] - 2026.04.05

- **BREAKING** Directly open heads [#2536](https://github.com/cardano-scaling/hydra/pull/2536)
 - There is no `commit` phase anymore and hence any initialized head will be directly open.
 - This means that funds need to be added "incrementally" via `deposit` transactions.
 - Greatly simplifies the head protocol and life-cycle (no `collectCom` and `abort` transactions).
 - Resolves known issues about "not abortable heads" because of a participant committing too big UTxO.
 - Reduced overall life-cycle cost for most use cases. See [transaction cost benchmarks](https://hydra.family/head-protocol/unstable/benchmarks/transaction-cost) for details.
 - All on-chain scripts are affected by this change, as well as several API changes.
 - This decision is documented in [ADR-33](https://hydra.family/head-protocol/adr/33)
* Upgrade token name to HydraHeadV2 (from HydraHeadV1) [#2561](https://github.com/cardano-scaling/hydra/pull/2561)
* Continue encouraging conversative ADA deposits until partial fanout is completed [#2561](https://github.com/cardano-scaling/hydra/pull/2561)

- Remove head-initialization endpoint [#2564](https://github.com/cardano-scaling/hydra/pull/2564)

- Fix Plutus script evaluation on mainnet/testnet: L2 ledger `Globals` now uses era-aware `EpochInfo` (queried from chain) instead of `fixedEpochInfo`, ensuring correct `POSIXTime` values in Plutus `ScriptContext` for time-sensitive scripts on multi-era chains. Offline/devnet mode is unaffected. [#2564](https://github.com/cardano-scaling/hydra/pull/2564)

- Fix head getting permanently stuck in `RequestedSnapshot` when `CommitFinalized` races with an in-flight `ReqSn` — only `SeenSnapshot` (AckSns collecting) now blocks an immediate re-request, while `RequestedSnapshot` (stale echo) correctly retries with the new version. [#2564](https://github.com/cardano-scaling/hydra/pull/2564)

- Fix active deposit being silently dropped when it becomes active while a snapshot is in-flight - the next chained snapshot after confirmation now picks it up via `selectNextDeposit`. [#2564](https://github.com/cardano-scaling/hydra/pull/2564)

- Fix deposits from other heads being picked up when selecting the next deposit for `ReqSn` in the `ReqTx`, `OnDecrementTx`, and rollback repost handlers - `depositsForHead` is now applied consistently in all head-level handlers. [#2564](https://github.com/cardano-scaling/hydra/pull/2564)

- Guard deposit aggregate cases by headId to prevent one head's deposits from corrupting another head's state when multiple heads share the same network. [#2564](https://github.com/cardano-scaling/hydra/pull/2564)

- Remove the hard-coded 100 ADA commit limit on mainnet. The `rejectMoreThanMainnetLimit` safety cap and the `CommittedTooMuchADAForMainnet` error are no longer needed and have been removed. [#2564](https://github.com/cardano-scaling/hydra/pull/2564)

<!-- Describe your change here -->

---

<!-- Consider each and tick it off one way or the other -->
* [x] CHANGELOG updated or not needed
* [x] Documentation updated or not needed
* [x] Haddocks updated or not needed
* [x] No new TODOs introduced or explained herafter

Signed-off-by: Sasha Bogicevic <[email protected]>

Signed-off-by: Sasha Bogicevic <[email protected]>

Fixes #2388

Skips on CI job `tx-cost-diff` for PR's from external contributors; uploads an artifact always, so anyone can view what the difference is (only without the convenience of it being a GitHub comment.)

The CI job `tx-cost-diff` tries to add comments on PR and it fails for
external contributors PRs
([example](https://github.com/cardano-scaling/hydra/actions/runs/23140532889/job/67572643885?pr=2547))
with:

```text
403 Resource not accessible by integration
```

This change follows the same pattern as in `ci-nix.yaml` job
`publish-benchmark-results`:


https://github.com/cardano-scaling/hydra/blob/b7ad7a8b26991fab350a7403745cc07503ba9a9c/.github/workflows/ci-nix.yaml#L128-L128

If CI passes for this PR, it means the fix works.


---

* [x] CHANGELOG updated or not needed (CI-only change)
* [x] Documentation updated or not needed
* [x] Haddocks updated or not needed
* [x] No new TODOs introduced or explained hereafter

---------

Co-authored-by: Noon <[email protected]>

See:
https://github.com/cardano-scaling/hydra-formal-specification/pull/26

Signed-off-by: Sasha Bogicevic <[email protected]>