Skip to content

DO NOT MERGE - Quanstamp audit nr2 scope preview#5553

Draft
meiersi-da wants to merge 114 commits into
mainfrom
quanstamp-audit-nr2-scope-preview
Draft

DO NOT MERGE - Quanstamp audit nr2 scope preview#5553
meiersi-da wants to merge 114 commits into
mainfrom
quanstamp-audit-nr2-scope-preview

Conversation

@meiersi-da
Copy link
Copy Markdown
Contributor

@meiersi-da meiersi-da commented May 15, 2026

Preview branch maintained by @meiersi-da for the purpose of scoping the Quanstamp audit.

Pull Request Checklist

Cluster Testing

  • If a cluster test is required, comment /cluster_test on this PR to request it, and ping someone with access to the DA-internal system to approve it.
  • If a hard-migration test is required (from the latest release), comment /hdm_test on this PR to request it, and ping someone with access to the DA-internal system to approve it.
  • If a logical synchronizer upgrade test is required (from canton-3.5), comment /lsu_test on this PR to request it, and ping someone with access to the DA-internal system to approve it.

PR Guidelines

  • Include any change that might be observable by our partners or affect their deployment in the release notes.
  • Specify fixed issues with Fixes #n, and mention issues worked on using #n
  • Include a screenshot for frontend-related PRs - see README or use your favorite screenshot tool

Merge Guidelines

  • Make the git commit message look sensible when squash-merging on GitHub (most likely: just copy your PR description).

OriolMunoz-da and others added 30 commits March 26, 2026 11:45
@OriolMunoz-da
Add token standard v2 devnet connection docs (#4651)
1c6ec3c 
---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@meiersi-da
Add token standard V2 stubs by copying v1 (#4291)
423dd8a 
Signed-off-by: Simon Meier <simon@digitalasset.com>
@OriolMunoz-da
Merge branch 'canton-3.5' into oriol/bump-3.5-270326
61f1434
@OriolMunoz-da
[ci] run
b4f46ca 
Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
[static] ci already run
1596eae 
Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge latest canton-3.5 to token-standard-v2-upcoming (#4699)
013db01
@meiersi-da
Add draft of token standard v2 APIs and amulet implementation (#4436)
fb7d4f0 
Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Move trading-app-v2 into its own .dar package (#4657)
c0fb2d6 
Fixes #4619

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Support token standard V2 in WalletAppInstall (#4698)
d13ee2a 
Fixes #4620 [ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@OriolMunoz-da
Merge branch 'canton-3.5' into oriol/bump-3.5-300326
35e2a1d 
[ci]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Fix DarResources
f3b6533 
[ci]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Bump Canton 3.5 on token-standard-v2-upcoming (#4730)
af821ae
@OriolMunoz-da
Update splice version in TOKEN_STANDARD_V2_DEVNET.md (#4759)
e1838e9 
---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@meiersi-da
Switch ts v2 devent comms from Slack to CN forum [static] (#4820)
cb3defa 
Signed-off-by: Simon Meier <simon@digitalasset.com>
@OriolMunoz-da
Merge branch 'main' into oriol/bump-main-07-04-26
ca6dba4 
[ci]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge main (now with 3.5) onto token-standard-v2-upcoming (#4867)
98974cc
@OriolMunoz-da
Update splice version in TOKEN_STANDARD_V2_DEVNET.md (#4877)
686bae9 
---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Add release bundle to TOKEN_STANDARD_V2_DEVNET.md (#4893)
8f16dad 
---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge branch 'main' into oriol/main-to-tstdupcoming-080426
0b960d7 
[ci]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@meiersi-da
Add TS2 batching utility with test infrastructure (#4742)
5f3eaf7 
Token standard API changes:
- return 'TextMap [ContractId Holding]' as change
- clarify that input holdings can be passed through the
  allocation and transfer choices

Token standard utility changes:
- add BatchinUtilityV2 with support for allocations,
  and partial support for transfers. Completion is
  postponed into a follow-up ticket.

Include test infrastructure changes:
- add a V1-only TestToken with multiple instrument-ids
- add a V2 TestToken with instrument ids and accounts
- add WalletClientV2 support for batching actions via
  the BatchingUtilityV2

[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Add choice observers to TransferInstructionV2 choices (#4884)
462c01e 
including
- improve comments on `V2.AllocationRequest` choices.
- improve error message on missing authorizations in default
  settlement implementations
- use plural for `_extraObserversDefaultImpl` methods
- make default observers for for Allocation_Settle include
  the accountParties of the authorizer

[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@OriolMunoz-da
Merge branch 'main' into oriol/main-to-tstdupcoming-080426
547df62 
[ci]
@OriolMunoz-da
Merge branch 'token-standard-v2-upcoming' into oriol/main-to-tstdupco…
44c57a0 
…ming-080426

[ci]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge main onto token-standard-v2-upcoming (#4900)
7658f3f
@meiersi-da
Implement V2.TransferFactory for TestTokenV2 (#4939)
70bea40 
Includes:
- Clarify that input holdings for `V2.TransferFactory_Transfer` must be
of the transferred instrument
- Add `WalletClientV2` support for listing and accepting V1 and V2
transfer offers using the same functions
- Extend `BatchingUtilityV2` with support for accepting V2 transfer
instructions
- Add utility functions to create metadata for V1 transaction history
parsing to `Splice.TokenStandard.Utils`

[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@OriolMunoz-da @meiersi-da
Implement "Settle a DvP using allocations" v2 test (#4918)
62f6a1c 
Includes all necessary pieces for it to work (mostly OpenAPI definitions and implementations)

---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
Co-authored-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Improve default implementations for SettlementFactory_SettleBatch (#4972
1cdda48 
)

- check uniqueness of transfer leg ids
- add default extra observer implementations
- improve commentary on API methods

[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Use Account.id : Text for token standard V2 (#4990)
ad1b3a9 
to avoid having two different kinds of default accounts (None vs Some "").

[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@OriolMunoz-da
Merge branch 'main' into oriol/main-to-tstdupcoming-130426
2308963 
[ci]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge main onto token-standard-v2-upcoming (#4995)
d34fbda
dfordivam and others added 30 commits May 5, 2026 04:37
@dfordivam
Bump versions
7a05614 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
Add dars
b1d39b4 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
Update dars.lock
b5f520c 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
Update DarResources
951f687 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
rewardConfig fixes
fe5fd3f 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
Bump versions in package.json
e843270 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
RewardConfig UI fixes
d58aa6b 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
SvDsoStore: Ingest RewardCouponV2, CalculateRewardsV2, ProcessRewardsV2
f342494 
- Note that beneficiary is rewardParty (and not the provider)

Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
Remove fixme, to make CI green
e12d796 
Signed-off-by: Divam <dfordivam@gmail.com>
@dfordivam
[ci]
4fbf77a 
Signed-off-by: Divam <dfordivam@gmail.com>
@meiersi-da
Define and implement token standard V2 tx history API (#4638)
7c5fc60 
Introduce and use TransferEventsV2 interface, which tracks all 
changes to holdings and all transfers between accounts.
It is fully implemented for Amulet and TestTokenV2.

Fixes #4550, #746, #5001

[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Clarify expected use of AllocationRequest_Accept (#5392)
3111865 
and address some typos and minor cleanup.

[ci]

Fixes #5031

Signed-off-by: Simon Meier <simon@digitalasset.com>
@dfordivam
Daml: Remove beneficiary from RewardCouponV2 (#5058)
526019b 
in ClaimExpiredRewardsV2 require actual expiryObservers


---------

Signed-off-by: Divam <dfordivam@gmail.com>
@OriolMunoz-da
Merge branch 'main' into oriol/main-to-stdv2-060526
d77b791 
[ci]
Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge branch 'main' into oriol/main-to-stdv2-060526
9a89cfa 
[ci]
@OriolMunoz-da
Merge main to token-standard-v2-upcoming (#5417)
83f2264
@OriolMunoz-da
Implement frontend for Cancel/Withdraw/Reject Allocation v2 (#5390)
e19855e 
---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@meiersi-da
Allow reporting paused instruments in token metadata (#5405)
eeb3543 
Fixes #5401 [ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@OriolMunoz-da
Create TokenStandardTransferIntegrationTest equivalent using token st…
d27f2ed 
…andard v2 (#5439)

---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge branch 'main' into oriol/main-to-stdv2-110526
e10b12b 
[ci]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Merge latest main to token-standard-v2-upcoming (#5482)
c0dc7ce
@OriolMunoz-da
Update tstd docs to 0.6.4-snapshot.20260511.2808.0.vc0dc7ce8 (#5484)
c08b357 
[static]

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@meiersi-da @bame-da
Implement account authorization for TestTokenV2 (#4965)
d4f7f45 
- add rich account authorization options to TestTokenV2
  together with a comprehensive test-suite.
- adjust V2 token standard Daml APIs to include
  `AllocationInstruction_Accept` and support
  using a token standard wallet to drive jointly
  authorized workflows

Part of #4542 [ci]

Co-authored-by: Bernhard Elsner <bernhard.elsner@digitalasset.com>
Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da @OriolMunoz-da
Add API for iterated settlement (#5333)
67ccbbb 
See V2_VALIDATION.md for an explanation of the changes.

Signed-off-by: Simon Meier <simon@digitalasset.com>
Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
Co-authored-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@OriolMunoz-da
Implement accept / withdraw / reject of transfers v2 (#5527)
c39cf3a 
---------

Signed-off-by: Oriol Muñoz <oriol.munoz@digitalasset.com>
@meiersi-da
Introduce special accounts and use them for burn and mint (#5515)
7e20ff3 
[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Add expiresAt to allocation instruction and transfer instruction (#5525)
4f843ba 
[ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Cleanup representation of available actions (#5537)
4fce592 
Fixes #4978

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Review and polish doc comments on V2 APIs (#5544)
71b4258 
Fixes #5504, #4976, #4608.

Signed-off-by: Simon Meier <simon@digitalasset.com>
@meiersi-da
Merge branch 'dfordivam/cip-104-sv-app-rewards' into quanstamp-audit-…
4a944fa 
…nr2-scope-preview [ci]

Signed-off-by: Simon Meier <simon@digitalasset.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@meiersi-da @OriolMunoz-da @dfordivam