Cardano Updates

State machine (StIdle/StBusy/StDone), CBOR codec, client helpers
(request_next, done), and security audit. Protocol ID 18. All Leios
types are opaque blobs. 19 new tests including allocation bounds,
codec round-trips, and MemBearer integration. 191 total tests pass.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Convert WrappedHeader from opaque tuple struct to named-field struct
with parsed HeaderInfo. Parser navigates era-tagged #6.24-wrapped CBOR
to extract block_number, slot, prev_hash, issuer_vkey, body_size, and
block_body_hash, plus CIP-0164 optional Leios fields (announced_eb,
certified_eb). Array length alone disambiguates which optional fields
are present (10=none, 11=certified_eb, 12=announced_eb, 13=both).

Convert BlockBody similarly with parsed LeiosBlockInfo. Block parser
extracts the optional eb_certificate from the 5th element of the
Shelley+ block array. Byron headers/blocks return None gracefully.

Box InjectBlock header to fix large_enum_variant. Update all call
sites (~20 files). 238 total tests, 17 new parser tests.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Thread-per-peer coordinator with peer-agnostic application interface.
Each peer runs independent tokio task tree (ChainSync, BlockFetch,
KeepAlive, PeerSharing sub-tasks). Coordinator aggregates tips with
deduplication, routes fetch requests to best peer by RTT, and
reconnects failed peers with exponential backoff (1s-30s).

New modules: net-core/src/peer/ (types, peer_task, coordinator,
connect). Connection helpers moved from net-cli to net-core.
New CLI: multi-follow --host <addr> [--host <addr>...].
ConnectionMode enum supports future ResponderOnly/Duplex modes.

153 tests (147 existing + 6 new). Live-tested against mainnet.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Hierarchical documentation: top-level README links to net-core/ and
net-cli/, net-core links to bearer/mux/types/protocols/peer modules,
protocols/ links to each of the 8 protocol subdirectories. Each
protocol README includes Mermaid state machine diagram, agency table,
limits, and API entry points. All links point to directories (not
README.md) so GitHub shows files alongside docs.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

The server-side Request/Response enums were 1:1 mappings of Message
variants, and receive_request()/send_response() were pure conversion
boilerplate. The Runner already enforces agency and state transitions,
so these types added no safety.

Server code now uses runner.recv()/runner.send() with Message directly,
matching the simplicity of the protocol framework design.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Document all Phase 2 deliverables: shared types, ChainSync/BlockFetch/
KeepAlive protocols (client + server), persistent chain follower, fake
server with Poisson blocks/rollbacks, serve.rs in workspace structure,
server-uses-Message-directly design decision. Add Phase 3 detail for
TxSubmission and PeerSharing protocols.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Refactor the 1086-line types.rs into a directory module:
- types/mod.rs: Point, Tip, encode/decode_points, constants, re-exports
- types/header.rs: WrappedHeader, HeaderInfo, Shelley+ header parser
- types/block.rs: BlockBody, LeiosBlockInfo, block body parser

All import paths preserved via re-exports. 238 tests pass.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Returns fake peers (192.0.2.x documentation addresses) when
a client requests peer sharing.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Mux now supports both directions on one connection via composite
(ProtocolId, u16) channel keys. register_with_mode() lets callers
specify direction explicitly; register() remains backward compatible.
Demuxer routes by (protocol_id, mode) — no single-mode validation.
Scheduler stays keyed by ProtocolId (both directions share priority).

New: DuplexConnection, connect_duplex(), accept_duplex() for
bidirectional connection setup. DuplexTask combines client + server
protocol sub-tasks on one mux. Coordinator spawns duplex tasks when
config.duplex is set. multi-follow --duplex flag.

All three ConnectionMode variants now implemented:
- InitiatorOnly: outbound, client protocols
- ResponderOnly: inbound, server protocols
- Duplex: both on one connection

172 tests. Live-tested duplex against mainnet (version 15).

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Configurable maximum rollback depth (default 3), always capped at
chain length - 1 to avoid rolling back past genesis.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Replace stub-forwarded Leios events with smart coordinator logic:
- Slot-bounded dedup for EB, TX, and vote offers across peers
- Per-offer peer tracking for RTT-based smart fetch routing
- Pending fetch dedup and cleanup on peer failure
- Separate LeiosBlockTxsOffered/LeiosBlockTxsReceived events
- FetchLeiosBlockTxs (with bitmap) and FetchLeiosVotes commands
- leios_dedup_window config (default 1000 slots)
- 8 new coordinator tests (255 total)
- Live-tested: serve --leios → multi-follow --leios (two connections)

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Implement PeerSharing mini-protocol (protocol ID 10) — simple
request/reply for peer discovery with IPv4/IPv6 address support.
CLI 'peer-share' command with peer_sharing=1 handshake negotiation
and graceful rejection when node doesn't support it.
18 new tests (147 total), live-tested against mainnet relays.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Add server-side peer support to the multi-peer coordinator:
- ChainStore: shared in-memory chain state (VecDeque with capacity
  eviction, watch::channel notification) for responder peers
- Server handlers: extract serve_chainsync/blockfetch/keepalive/
  txsubmission/peersharing from net-cli into net-core, parameterized
  on Arc<ChainStore>
- ResponderTask: per-inbound-connection task spawning server handlers
- Accept loop: coordinator spawns background accept task if
  listen_address configured
- InjectBlock/InjectRollback commands for external block injection
- TransactionReceived event from TxSubmission server

Refactor serve.rs from 660 lines of ad-hoc peer management to 130
lines using the coordinator with InjectBlock commands from a Poisson
block generator.

Add --listen flag to multi-follow for relay mode.

171 tests (153 + 14 chain_store + 3 server_handlers + 1 responder).
Live-tested: serve → multi-follow --listen → follow relay chain.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

State machine (6 states, 10 messages), CBOR codec with bitmap TX
addressing, client helpers (fetch_block, fetch_block_txs, fetch_votes,
fetch_block_range, done), and security audit. Protocol ID 19. 16 MB
max EB size. All types opaque blobs. 30 new tests including allocation
bounds, bitmap encoding, and MemBearer integration. 221 total tests.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

- Cap seen sets and offer maps at 100k entries (fail-open on overflow)
- Dedup Vec<PeerId> in offer maps (prevent repeated push from same peer)
- Add Phase 4e section to security-audit.md
- Note coordinator .send().await blocking issue in CLAUDE.md for future fix

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

New --rollback-rate flag for the serve command generates random chain
rollbacks (depth 1-3) on an independent Poisson schedule. The ChainSync
server detects when a client's read pointer is invalidated by a rollback
and sends MsgRollBackward. Default rate is 0 (no rollbacks).

Example: --block-rate 1.0 --rollback-rate 0.1

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Overview, feature list, architecture diagram, build instructions,
CLI usage examples, dependency table, and future work.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Add per-protocol security audit sections for the six Praos protocols
(Handshake, ChainSync, BlockFetch, TxSubmission, KeepAlive, PeerSharing)
covering allocation bounds, timeout coverage, and test coverage. Reorder
sections by protocol ID and remove Phase markers from all headings. Link
README "Security hardened" note to the audit doc.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Add shared Cardano types (Point, Tip, WrappedHeader, BlockBody), ChainSync
protocol (intersection finding, tip following with AwaitReply handling), and
BlockFetch protocol (range requests, block streaming). Both protocols include
full state machines, CBOR codecs with allocation bounds, composable client
helpers, and integration tests over MemBearer. CLI commands added for live
testing. Verified against Cardano mainnet (backbone.cardano.iog.io:3001).

98 tests total, security-audited per CLAUDE.md checklist.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Phase 1 steps 7-11: protocol framework, handshake protocol, and live test.

- protocol.rs: Protocol trait (state machine definition), Runner with
  agency-checked send/recv over codec, Role (Client/Server)
- protocols/handshake: full N2N handshake implementation
  - State machine: Propose -> Confirm -> Done
  - CBOR codec matching spec section 3.6.9 (ProposeVersions, AcceptVersion,
    Refuse with 3 reason variants, QueryReply)
  - Version table uses BTreeMap for ascending key order per spec
  - Version data stored as opaque CBOR bytes in the table, decoded lazily
  - n2n: VersionData (magic, diffusion, peerSharing, query), version table
    builder for V14/V15, negotiate() implementing spec algorithm
  - run_client/run_server async functions
- net-cli: subcommand-based CLI with `handshake` command
  - Connects to a Cardano node, proposes V14/V15, prints result
  - Tested live against backbone.cardano.iog.io:3001 -- V15 accepted

29 tests covering codec round-trips, negotiation logic (success, magic
mismatch, no common version), and full client<->server integration over
MemBearer.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Add symmetric Request/Response enum pairs with receive_request() and
send_response() functions for ChainSync, BlockFetch, and KeepAlive
protocols. Add accept_and_handshake() server connection helper.

New `serve` CLI command runs a fake Cardano node that generates blocks
on a Poisson schedule (configurable rate), serves ChainSync/BlockFetch/
KeepAlive to connecting clients. Live-tested with the `follow` command.

Also fix all pre-existing clippy warnings (matches! macro, io::Error::other,
map key iteration).

109 tests, zero clippy warnings.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

- CLAUDE.md: project overview, code standards, architecture notes, doc index
- docs/praos-network.md: complete N2N protocol reference from spec + blueprint
  (mux wire format, all 6 mini-protocols with state machines, CDDL, timeouts,
  concrete Cardano era-tagged types)
- docs/implementation-haskell.md: ouroboros-network architecture survey
  (typed-protocols framework, mux Wanton scheduling, connection manager)
- docs/implementation-pallas-v1.md: pallas-network v1 survey
  (facade API, runtime agency checks, design assessment)
- docs/implementation-pallas-v2.md: pallas-network2 survey
  (Interface/Behavior/Manager pattern, pure state machines, promotion system)
- docs/leios-changes.md: CIP-0164 Leios network additions
  (LeiosNotify/LeiosFetch protocols, EB/vote/certificate types, QoS requirements,
  structural implications for net-rs)
- plans/masterplan.md: project vision, requirements, design areas
- plans/implementation-plan.md: Phase 1 plan (bearer, mux, codec, handshake, CLI)

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

CLAUDE.md: add workspace structure, key design decisions (HRTB codecs,
Runner pattern, try_send demuxer, IngressCounter, supervisor), update
phase list to show Phase 1 complete with 4 phases total.

implementation-plan.md: mark Phase 1 complete with notes on what was
built vs planned (supervisor, security hardening, capture command, test
vectors -- all additions beyond the original plan).

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>