fix: PermissionedDEX (CreateOffer/Payment) never deletes expired credentials

[Kassaking7]

High Level Overview of Change

The PermissionedDEX code paths (CreateOffer and Payment) check credential validity via accountInDomain() in PermissionedDEXHelpers.cpp, but this function uses a ReadView — making it architecturally impossible to delete expired credential SLEs from the ledger. Expired credentials persist indefinitely, locking owner reserves and causing permanent ledger bloat.

Root Cause

The XRPL uses a two-phase cleanup pattern for expired credentials:

1. preclaim() (ReadView): identifies expired credentials, suppresses tecEXPIRED to allow doApply() to run

2. doApply() (ApplyView): calls verifyValidDomain() → removeExpired() → deleteSLE() to actually delete the expired credential from the ledger

This pattern is correctly implemented in VaultDeposit (via enforceMPTokenAuthorization → verifyValidDomain → removeExpired). However, the PermissionedDEX paths skip this entirely:

• accountInDomain() (PermissionedDEXHelpers.cpp:28-55) takes a ReadView const& parameter. It calls credentials::checkExpired() to skip expired credentials, but cannot call deleteSLE() because ReadView is immutable.

• Neither CreateOffer::doApply() nor Payment::doApply() have any call to verifyValidDomain() or removeExpired() for the PermissionedDEX credential check path.

Context of Change

Add a verifyValidDomain() call in the doApply() of both CreateOffer and Payment when a DomainID is present. This mirrors how VaultDeposit handles it. The pattern is:

1. In preclaim: accountInDomain(ReadView) checks validity, suppresses tecEXPIRED
2. In doApply: call verifyValidDomain(ApplyView) which triggers removeExpired → deleteSLE for any expired credentials encountered

API Impact

• Public API: New feature (new methods and/or new fields)
• Public API: Breaking change (in general, breaking changes should only impact the next api_version)
• libxrpl change (any change that may affect libxrpl or dependents of libxrpl)
• Peer protocol change (must be backward compatible or bump the peer protocol version)

[mvadari]

This needs to be amendment gated

[codecov]

Codecov Report

❌ Patch coverage is 92.85714% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 81.6%. Comparing base (6d1a5be) to head (85a808f).
⚠️ Report is 6 commits behind head on develop.

Files with missing lines	Patch %	Lines
src/libxrpl/tx/transactors/payment/Payment.cpp	86.2%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff            @@
##           develop   #6827     +/-   ##
=========================================
+ Coverage     81.4%   81.6%   +0.1%     
=========================================
  Files         1006    1010      +4     
  Lines        74463   76032   +1569     
  Branches      7578    7634     +56     
=========================================
+ Hits         60644   62025   +1381     
- Misses       13819   14007    +188     

Files with missing lines	Coverage Δ
src/libxrpl/tx/transactors/dex/OfferCreate.cpp	93.3% <100.0%> (-0.4%)	⬇️
src/libxrpl/tx/transactors/payment/Payment.cpp	93.9% <86.2%> (+0.3%)	⬆️

... and 114 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.