From d20642f4e053ee30bc6e82f5f631af8019d3ff15 Mon Sep 17 00:00:00 2001
From: ismaelsadeeq <abubakarsadiqismail@proton.me>
Date: Thu, 21 May 2026 20:15:34 +0100
Subject: [PATCH 1/6] validation: extract block import into node/blockimport

ImportBlocks, which loads block files from disk during startup (-reindex
and -loadblock), does not belong in blockstorage.cpp alongside the
BlockManager class it merely uses. Move it to node/blockimport.{cpp,h}
so that each file has a single clear responsibility.

This is a pure move: no logic is changed. blockimport.cpp is given only
the includes it directly requires; util/result.h is removed from
blockstorage.cpp where it became unused once ImportBlocks left.
---
 src/CMakeLists.txt           |   1 +
 src/init.cpp                 |   1 +
 src/kernel/CMakeLists.txt    |   1 +
 src/kernel/bitcoinkernel.cpp |   1 +
 src/node/blockimport.cpp     | 101 +++++++++++++++++++++++++++++++++++
 src/node/blockimport.h       |  21 ++++++++
 src/node/blockstorage.cpp    |  74 -------------------------
 src/node/blockstorage.h      |   3 --
 8 files changed, 126 insertions(+), 77 deletions(-)
 create mode 100644 src/node/blockimport.cpp
 create mode 100644 src/node/blockimport.h

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 7bfa5a89bcfa..f9bc43494796 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -171,6 +171,7 @@ add_library(bitcoin_node STATIC EXCLUDE_FROM_ALL
   net_processing.cpp
   netgroup.cpp
   node/abort.cpp
+  node/blockimport.cpp
   node/blockmanager_args.cpp
   node/blockstorage.cpp
   node/caches.cpp
diff --git a/src/init.cpp b/src/init.cpp
index 2f1367dd4807..01a06e919147 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -40,6 +40,7 @@
 #include <net_processing.h>
 #include <netbase.h>
 #include <netgroup.h>
+#include <node/blockimport.h>
 #include <node/blockmanager_args.h>
 #include <node/blockstorage.h>
 #include <node/caches.h>
diff --git a/src/kernel/CMakeLists.txt b/src/kernel/CMakeLists.txt
index 5d7db3e6cf8f..11c39b383ef0 100644
--- a/src/kernel/CMakeLists.txt
+++ b/src/kernel/CMakeLists.txt
@@ -31,6 +31,7 @@ add_library(bitcoinkernel
   ../flatfile.cpp
   ../hash.cpp
   ../logging.cpp
+  ../node/blockimport.cpp
   ../node/blockstorage.cpp
   ../node/chainstate.cpp
   ../policy/ephemeral_policy.cpp
diff --git a/src/kernel/bitcoinkernel.cpp b/src/kernel/bitcoinkernel.cpp
index 9ec51351c439..c6b1f6259ac8 100644
--- a/src/kernel/bitcoinkernel.cpp
+++ b/src/kernel/bitcoinkernel.cpp
@@ -18,6 +18,7 @@
 #include <kernel/notifications_interface.h>
 #include <kernel/warning.h>
 #include <logging.h>
+#include <node/blockimport.h>
 #include <node/blockstorage.h>
 #include <node/chainstate.h>
 #include <primitives/block.h>
diff --git a/src/node/blockimport.cpp b/src/node/blockimport.cpp
new file mode 100644
index 000000000000..3e784f76d030
--- /dev/null
+++ b/src/node/blockimport.cpp
@@ -0,0 +1,101 @@
+// Copyright (c) 2011-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <node/blockimport.h>
+
+#include <flatfile.h>
+#include <kernel/cs_main.h>
+#include <logging.h>
+#include <node/blockstorage.h>
+#include <streams.h>
+#include <sync.h>
+#include <uint256.h>
+#include <util/fs.h>
+#include <util/fs_helpers.h>
+#include <util/result.h>
+#include <util/signalinterrupt.h>
+#include <validation.h>
+
+#include <atomic>
+#include <cassert>
+#include <map>
+#include <span>
+
+namespace node {
+
+class ImportingNow
+{
+    std::atomic<bool>& m_importing;
+
+public:
+    ImportingNow(std::atomic<bool>& importing) : m_importing{importing}
+    {
+        assert(m_importing == false);
+        m_importing = true;
+    }
+    ~ImportingNow()
+    {
+        assert(m_importing == true);
+        m_importing = false;
+    }
+};
+
+void ImportBlocks(ChainstateManager& chainman, std::span<const fs::path> import_paths)
+{
+    ImportingNow imp{chainman.m_blockman.m_importing};
+
+    // -reindex
+    if (!chainman.m_blockman.m_blockfiles_indexed) {
+        int total_files{0};
+        while (fs::exists(chainman.m_blockman.GetBlockPosFilename(FlatFilePos(total_files, 0)))) {
+            total_files++;
+        }
+
+        // Map of disk positions for blocks with unknown parent (only used for reindex);
+        // parent hash -> child disk position, multiple children can have the same parent.
+        std::multimap<uint256, FlatFilePos> blocks_with_unknown_parent;
+
+        for (int nFile{0}; nFile < total_files; ++nFile) {
+            FlatFilePos pos(nFile, 0);
+            AutoFile file{chainman.m_blockman.OpenBlockFile(pos, /*fReadOnly=*/true)};
+            if (file.IsNull()) {
+                break; // This error is logged in OpenBlockFile
+            }
+            LogInfo("Reindexing block file blk%05u.dat (%d%% complete)...", (unsigned int)nFile, nFile * 100 / total_files);
+            chainman.LoadExternalBlockFile(file, &pos, &blocks_with_unknown_parent);
+            if (chainman.m_interrupt) {
+                LogInfo("Interrupt requested. Exit reindexing.");
+                return;
+            }
+        }
+        WITH_LOCK(::cs_main, chainman.m_blockman.m_block_tree_db->WriteReindexing(false));
+        chainman.m_blockman.m_blockfiles_indexed = true;
+        LogInfo("Reindexing finished");
+        // To avoid ending up in a situation without genesis block, re-try initializing (no-op if reindexing worked):
+        chainman.ActiveChainstate().LoadGenesisBlock();
+    }
+
+    // -loadblock=
+    for (const fs::path& path : import_paths) {
+        AutoFile file{fsbridge::fopen(path, "rb")};
+        if (!file.IsNull()) {
+            LogInfo("Importing blocks file %s...", fs::PathToString(path));
+            chainman.LoadExternalBlockFile(file);
+            if (chainman.m_interrupt) {
+                LogInfo("Interrupt requested. Exit block importing.");
+                return;
+            }
+        } else {
+            LogWarning("Could not open blocks file %s", fs::PathToString(path));
+        }
+    }
+
+    // scan for better chains in the block chain database, that are not yet connected in the active best chain
+    if (auto result = chainman.ActivateBestChains(); !result) {
+        chainman.GetNotifications().fatalError(util::ErrorString(result));
+    }
+    // End scope of ImportingNow
+}
+
+} // namespace node
diff --git a/src/node/blockimport.h b/src/node/blockimport.h
new file mode 100644
index 000000000000..759cc15888eb
--- /dev/null
+++ b/src/node/blockimport.h
@@ -0,0 +1,21 @@
+// Copyright (c) 2011-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_NODE_BLOCKIMPORT_H
+#define BITCOIN_NODE_BLOCKIMPORT_H
+
+#include <util/fs.h>
+
+#include <span>
+
+class ChainstateManager;
+
+namespace node {
+
+// Calls ActivateBestChain() even if no blocks are imported.
+void ImportBlocks(ChainstateManager& chainman, std::span<const fs::path> import_paths);
+
+} // namespace node
+
+#endif // BITCOIN_NODE_BLOCKIMPORT_H
diff --git a/src/node/blockstorage.cpp b/src/node/blockstorage.cpp
index 42bf15154c91..0743d80f22f8 100644
--- a/src/node/blockstorage.cpp
+++ b/src/node/blockstorage.cpp
@@ -32,7 +32,6 @@
 #include <util/log.h>
 #include <util/obfuscation.h>
 #include <util/overflow.h>
-#include <util/result.h>
 #include <util/signalinterrupt.h>
 #include <util/strencodings.h>
 #include <util/syserror.h>
@@ -1180,79 +1179,6 @@ BlockManager::BlockManager(const util::SignalInterrupt& interrupt, Options opts)
     }
 }
 
-class ImportingNow
-{
-    std::atomic<bool>& m_importing;
-
-public:
-    ImportingNow(std::atomic<bool>& importing) : m_importing{importing}
-    {
-        assert(m_importing == false);
-        m_importing = true;
-    }
-    ~ImportingNow()
-    {
-        assert(m_importing == true);
-        m_importing = false;
-    }
-};
-
-void ImportBlocks(ChainstateManager& chainman, std::span<const fs::path> import_paths)
-{
-    ImportingNow imp{chainman.m_blockman.m_importing};
-
-    // -reindex
-    if (!chainman.m_blockman.m_blockfiles_indexed) {
-        int total_files{0};
-        while (fs::exists(chainman.m_blockman.GetBlockPosFilename(FlatFilePos(total_files, 0)))) {
-            total_files++;
-        }
-
-        // Map of disk positions for blocks with unknown parent (only used for reindex);
-        // parent hash -> child disk position, multiple children can have the same parent.
-        std::multimap<uint256, FlatFilePos> blocks_with_unknown_parent;
-
-        for (int nFile{0}; nFile < total_files; ++nFile) {
-            FlatFilePos pos(nFile, 0);
-            AutoFile file{chainman.m_blockman.OpenBlockFile(pos, /*fReadOnly=*/true)};
-            if (file.IsNull()) {
-                break; // This error is logged in OpenBlockFile
-            }
-            LogInfo("Reindexing block file blk%05u.dat (%d%% complete)...", (unsigned int)nFile, nFile * 100 / total_files);
-            chainman.LoadExternalBlockFile(file, &pos, &blocks_with_unknown_parent);
-            if (chainman.m_interrupt) {
-                LogInfo("Interrupt requested. Exit reindexing.");
-                return;
-            }
-        }
-        WITH_LOCK(::cs_main, chainman.m_blockman.m_block_tree_db->WriteReindexing(false));
-        chainman.m_blockman.m_blockfiles_indexed = true;
-        LogInfo("Reindexing finished");
-        // To avoid ending up in a situation without genesis block, re-try initializing (no-op if reindexing worked):
-        chainman.ActiveChainstate().LoadGenesisBlock();
-    }
-
-    // -loadblock=
-    for (const fs::path& path : import_paths) {
-        AutoFile file{fsbridge::fopen(path, "rb")};
-        if (!file.IsNull()) {
-            LogInfo("Importing blocks file %s...", fs::PathToString(path));
-            chainman.LoadExternalBlockFile(file);
-            if (chainman.m_interrupt) {
-                LogInfo("Interrupt requested. Exit block importing.");
-                return;
-            }
-        } else {
-            LogWarning("Could not open blocks file %s", fs::PathToString(path));
-        }
-    }
-
-    // scan for better chains in the block chain database, that are not yet connected in the active best chain
-    if (auto result = chainman.ActivateBestChains(); !result) {
-        chainman.GetNotifications().fatalError(util::ErrorString(result));
-    }
-    // End scope of ImportingNow
-}
 
 std::ostream& operator<<(std::ostream& os, const BlockfileCursor& cursor) {
     os << strprintf("BlockfileCursor(file_num=%d, undo_height=%d)", cursor.file_num, cursor.undo_height);
diff --git a/src/node/blockstorage.h b/src/node/blockstorage.h
index 1acc60d011d6..b08a45a366e6 100644
--- a/src/node/blockstorage.h
+++ b/src/node/blockstorage.h
@@ -37,7 +37,6 @@
 #include <memory>
 #include <optional>
 #include <set>
-#include <span>
 #include <string>
 #include <unordered_map>
 #include <utility>
@@ -443,8 +442,6 @@ class BlockManager
     void CleanupBlockRevFiles() const;
 };
 
-// Calls ActivateBestChain() even if no blocks are imported.
-void ImportBlocks(ChainstateManager& chainman, std::span<const fs::path> import_paths);
 } // namespace node
 
 #endif // BITCOIN_NODE_BLOCKSTORAGE_H

From ebba7bbb0f9d5d0bfa80dd37dca9d2814e43329e Mon Sep 17 00:00:00 2001
From: ismaelsadeeq <abubakarsadiqismail@proton.me>
Date: Thu, 21 May 2026 20:19:39 +0100
Subject: [PATCH 2/6] validation: split consensus helpers out of validation.cpp

CheckFinalTxAtTip is a pure transaction finality check with no
dependency on chainstate. Move it to consensus/tx_verify.{cpp,h}
where it sits alongside the other transaction verification helpers.

DisconnectResult, ApplyTxInUndo, and UpdateCoins are UTXO mutation
primitives called during block (dis)connection. They depend only on
CCoinsViewCache and CTransaction, with no chainstate coupling. Move
them to coins.{cpp,h} alongside the existing AddCoins/SpendCoin
helpers they naturally extend.

These moves eliminate the need for validation.cpp callers to reach
into validation.h solely for these low-level helpers.

Moving ApplyTxInUndo and UpdateCoins into coins.h introduces a new
expected circular dependency: coins -> undo -> coins. undo.h includes
coins.h for Coin, and coins.h now includes undo.h for BlockUndo.
---
 src/coins.cpp                           | 44 +++++++++++++++
 src/coins.h                             | 21 +++++++
 src/consensus/tx_verify.cpp             | 20 +++++++
 src/consensus/tx_verify.h               |  3 +
 src/test/coins_tests.cpp                |  4 +-
 src/validation.cpp                      | 74 +------------------------
 src/validation.h                        | 13 +----
 test/lint/lint-circular-dependencies.py |  1 +
 8 files changed, 92 insertions(+), 88 deletions(-)

diff --git a/src/coins.cpp b/src/coins.cpp
index c403e006c85c..c30e69fdf82d 100644
--- a/src/coins.cpp
+++ b/src/coins.cpp
@@ -7,6 +7,7 @@
 #include <consensus/consensus.h>
 #include <random.h>
 #include <uint256.h>
+#include <undo.h>
 #include <util/log.h>
 #include <util/trace.h>
 
@@ -407,3 +408,46 @@ std::optional<Coin> CCoinsViewErrorCatcher::PeekCoin(const COutPoint& outpoint)
 {
     return ExecuteBackedWrapper<std::optional<Coin>>([&]() { return CCoinsViewBacked::PeekCoin(outpoint); }, m_err_callbacks);
 }
+
+DisconnectResult ApplyTxInUndo(Coin&& undo, CCoinsViewCache& view, const COutPoint& out)
+{
+    bool fClean = true;
+
+    if (view.HaveCoin(out)) fClean = false; // overwriting transaction output
+
+    if (undo.nHeight == 0) {
+        // Missing undo metadata (height and coinbase). Older versions included this
+        // information only in undo records for the last spend of a transactions'
+        // outputs. This implies that it must be present for some other output of the same tx.
+        const Coin& alternate = AccessByTxid(view, out.hash);
+        if (!alternate.IsSpent()) {
+            undo.nHeight = alternate.nHeight;
+            undo.fCoinBase = alternate.fCoinBase;
+        } else {
+            return DISCONNECT_FAILED; // adding output for transaction without known metadata
+        }
+    }
+    // If the coin already exists as an unspent coin in the cache, then the
+    // possible_overwrite parameter to AddCoin must be set to true. We have
+    // already checked whether an unspent coin exists above using HaveCoin, so
+    // we don't need to guess. When fClean is false, an unspent coin already
+    // existed and it is an overwrite.
+    view.AddCoin(out, std::move(undo), !fClean);
+
+    return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
+}
+
+void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo& txundo, int nHeight)
+{
+    // mark inputs spent
+    if (!tx.IsCoinBase()) {
+        txundo.vprevout.reserve(tx.vin.size());
+        for (const CTxIn& txin : tx.vin) {
+            txundo.vprevout.emplace_back();
+            bool is_spent = inputs.SpendCoin(txin.prevout, &txundo.vprevout.back());
+            assert(is_spent);
+        }
+    }
+    // add outputs
+    AddCoins(inputs, tx, nHeight);
+}
diff --git a/src/coins.h b/src/coins.h
index fd781fb74369..d19581b4b420 100644
--- a/src/coins.h
+++ b/src/coins.h
@@ -24,6 +24,8 @@
 #include <functional>
 #include <unordered_map>
 
+class CTxUndo;
+
 /**
  * A UTXO entry.
  *
@@ -613,4 +615,23 @@ class CCoinsViewErrorCatcher final : public CCoinsViewBacked
 
 };
 
+enum DisconnectResult
+{
+    DISCONNECT_OK,      // All good.
+    DISCONNECT_UNCLEAN, // Rolled back, but UTXO set was inconsistent with block.
+    DISCONNECT_FAILED   // Something else went wrong.
+};
+
+/**
+ * Restore the UTXO in a Coin at a given COutPoint
+ * @param undo The Coin to be restored.
+ * @param view The coins view to which to apply the changes.
+ * @param out The out point that corresponds to the tx input.
+ * @return A DisconnectResult.
+ */
+DisconnectResult ApplyTxInUndo(Coin&& undo, CCoinsViewCache& view, const COutPoint& out);
+
+/** Apply the effects of this transaction on the UTXO set represented by view */
+void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo& txundo, int nHeight);
+
 #endif // BITCOIN_COINS_H
diff --git a/src/consensus/tx_verify.cpp b/src/consensus/tx_verify.cpp
index 4efed70fd411..c91a676b6df0 100644
--- a/src/consensus/tx_verify.cpp
+++ b/src/consensus/tx_verify.cpp
@@ -212,3 +212,23 @@ bool Consensus::CheckTxInputs(const CTransaction& tx, TxValidationState& state,
     txfee = txfee_aux;
     return true;
 }
+
+bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx)
+{
+    // CheckFinalTxAtTip() uses active_chain_tip.Height()+1 to evaluate
+    // nLockTime because when IsFinalTx() is called within
+    // AcceptBlock(), the height of the block *being*
+    // evaluated is what is used. Thus if we want to know if a
+    // transaction can be part of the *next* block, we need to call
+    // IsFinalTx() with one more than active_chain_tip.Height().
+    const int nBlockHeight = active_chain_tip.nHeight + 1;
+
+    // BIP113 requires that time-locked transactions have nLockTime set to
+    // less than the median time of the previous block they're contained in.
+    // When the next block is created its previous block will be the current
+    // chain tip, so we use that to calculate the median time passed to
+    // IsFinalTx().
+    const int64_t nBlockTime{active_chain_tip.GetMedianTimePast()};
+
+    return IsFinalTx(tx, nBlockHeight, nBlockTime);
+}
diff --git a/src/consensus/tx_verify.h b/src/consensus/tx_verify.h
index ed44d435c1b9..2ccb9cdc5eab 100644
--- a/src/consensus/tx_verify.h
+++ b/src/consensus/tx_verify.h
@@ -76,4 +76,7 @@ bool EvaluateSequenceLocks(const CBlockIndex& block, std::pair<int, int64_t> loc
  */
 bool SequenceLocks(const CTransaction &tx, int flags, std::vector<int>& prevHeights, const CBlockIndex& block);
 
+/** Check if transaction will be final in the next block to be created. */
+bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx);
+
 #endif // BITCOIN_CONSENSUS_TX_VERIFY_H
diff --git a/src/test/coins_tests.cpp b/src/test/coins_tests.cpp
index 14ccb1c443c4..5ae46b3badf4 100644
--- a/src/test/coins_tests.cpp
+++ b/src/test/coins_tests.cpp
@@ -5,6 +5,7 @@
 #include <addresstype.h>
 #include <clientversion.h>
 #include <coins.h>
+#include <consensus/tx_verify.h>
 #include <streams.h>
 #include <test/util/common.h>
 #include <test/util/poolresourcetester.h>
@@ -25,9 +26,6 @@
 
 using namespace util::hex_literals;
 
-int ApplyTxInUndo(Coin&& undo, CCoinsViewCache& view, const COutPoint& out);
-void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo &txundo, int nHeight);
-
 namespace
 {
 //! equality test
diff --git a/src/validation.cpp b/src/validation.cpp
index 056b3baa5713..d9350ba9624c 100644
--- a/src/validation.cpp
+++ b/src/validation.cpp
@@ -138,28 +138,6 @@ bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
                        std::vector<CScriptCheck>* pvChecks = nullptr)
                        EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
-bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx)
-{
-    AssertLockHeld(cs_main);
-
-    // CheckFinalTxAtTip() uses active_chain_tip.Height()+1 to evaluate
-    // nLockTime because when IsFinalTx() is called within
-    // AcceptBlock(), the height of the block *being*
-    // evaluated is what is used. Thus if we want to know if a
-    // transaction can be part of the *next* block, we need to call
-    // IsFinalTx() with one more than active_chain_tip.Height().
-    const int nBlockHeight = active_chain_tip.nHeight + 1;
-
-    // BIP113 requires that time-locked transactions have nLockTime set to
-    // less than the median time of the previous block they're contained in.
-    // When the next block is created its previous block will be the current
-    // chain tip, so we use that to calculate the median time passed to
-    // IsFinalTx().
-    const int64_t nBlockTime{active_chain_tip.GetMedianTimePast()};
-
-    return IsFinalTx(tx, nBlockHeight, nBlockTime);
-}
-
 namespace {
 /**
  * A helper which calculates heights of inputs of a given transaction.
@@ -1945,21 +1923,6 @@ void Chainstate::InvalidBlockFound(CBlockIndex* pindex, const BlockValidationSta
     }
 }
 
-void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo &txundo, int nHeight)
-{
-    // mark inputs spent
-    if (!tx.IsCoinBase()) {
-        txundo.vprevout.reserve(tx.vin.size());
-        for (const CTxIn &txin : tx.vin) {
-            txundo.vprevout.emplace_back();
-            bool is_spent = inputs.SpendCoin(txin.prevout, &txundo.vprevout.back());
-            assert(is_spent);
-        }
-    }
-    // add outputs
-    AddCoins(inputs, tx, nHeight);
-}
-
 std::optional<std::pair<ScriptError, std::string>> CScriptCheck::operator()() {
     const CScript &scriptSig = ptxTo->vin[nIn].scriptSig;
     const CScriptWitness *witness = &ptxTo->vin[nIn].scriptWitness;
@@ -2088,41 +2051,6 @@ bool FatalError(Notifications& notifications, BlockValidationState& state, const
     return state.Error(message.original);
 }
 
-/**
- * Restore the UTXO in a Coin at a given COutPoint
- * @param undo The Coin to be restored.
- * @param view The coins view to which to apply the changes.
- * @param out The out point that corresponds to the tx input.
- * @return A DisconnectResult as an int
- */
-int ApplyTxInUndo(Coin&& undo, CCoinsViewCache& view, const COutPoint& out)
-{
-    bool fClean = true;
-
-    if (view.HaveCoin(out)) fClean = false; // overwriting transaction output
-
-    if (undo.nHeight == 0) {
-        // Missing undo metadata (height and coinbase). Older versions included this
-        // information only in undo records for the last spend of a transactions'
-        // outputs. This implies that it must be present for some other output of the same tx.
-        const Coin& alternate = AccessByTxid(view, out.hash);
-        if (!alternate.IsSpent()) {
-            undo.nHeight = alternate.nHeight;
-            undo.fCoinBase = alternate.fCoinBase;
-        } else {
-            return DISCONNECT_FAILED; // adding output for transaction without known metadata
-        }
-    }
-    // If the coin already exists as an unspent coin in the cache, then the
-    // possible_overwrite parameter to AddCoin must be set to true. We have
-    // already checked whether an unspent coin exists above using HaveCoin, so
-    // we don't need to guess. When fClean is false, an unspent coin already
-    // existed and it is an overwrite.
-    view.AddCoin(out, std::move(undo), !fClean);
-
-    return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
-}
-
 /** Undo the effects of this block (with given index) on the UTXO set represented by coins.
  *  When FAILED is returned, view is left in an indeterminate state. */
 DisconnectResult Chainstate::DisconnectBlock(const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
@@ -2182,7 +2110,7 @@ DisconnectResult Chainstate::DisconnectBlock(const CBlock& block, const CBlockIn
             for (unsigned int j = tx.vin.size(); j > 0;) {
                 --j;
                 const COutPoint& out = tx.vin[j].prevout;
-                int res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
+                DisconnectResult res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
                 if (res == DISCONNECT_FAILED) return DISCONNECT_FAILED;
                 fClean = fClean && res != DISCONNECT_UNCLEAN;
             }
diff --git a/src/validation.h b/src/validation.h
index 840240ce355f..dce35f39468a 100644
--- a/src/validation.h
+++ b/src/validation.h
@@ -12,6 +12,7 @@
 #include <checkqueue.h>
 #include <coins.h>
 #include <consensus/amount.h>
+#include <consensus/tx_verify.h>
 #include <cuckoocache.h>
 #include <deploymentstatus.h>
 #include <kernel/chain.h>
@@ -284,11 +285,6 @@ PackageMempoolAcceptResult ProcessNewPackage(Chainstate& active_chainstate, CTxM
 
 /* Mempool validation helper functions */
 
-/**
- * Check if transaction will be final in the next block to be created.
- */
-bool CheckFinalTxAtTip(const CBlockIndex& active_chain_tip, const CTransaction& tx) EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
-
 /**
  * Calculate LockPoints required to check if transaction will be BIP68 final in the next block
  * to be created on top of tip.
@@ -441,13 +437,6 @@ class CVerifyDB
         int nCheckDepth) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 };
 
-enum DisconnectResult
-{
-    DISCONNECT_OK,      // All good.
-    DISCONNECT_UNCLEAN, // Rolled back, but UTXO set was inconsistent with block.
-    DISCONNECT_FAILED   // Something else went wrong.
-};
-
 struct ConnectedBlock;
 
 /** @see Chainstate::FlushStateToDisk */
diff --git a/test/lint/lint-circular-dependencies.py b/test/lint/lint-circular-dependencies.py
index b7b23776002e..eac609d16822 100755
--- a/test/lint/lint-circular-dependencies.py
+++ b/test/lint/lint-circular-dependencies.py
@@ -15,6 +15,7 @@
     "chainparamsbase -> common/args -> chainparamsbase",
     "node/blockstorage -> validation -> node/blockstorage",
     "kernel/coinstats -> validation -> kernel/coinstats",
+    "coins -> undo -> coins",
     "versionbits -> versionbits_impl -> versionbits",
 )
 

From 38b01a921cc59fb6c164d16491ba0592688ca748 Mon Sep 17 00:00:00 2001
From: ismaelsadeeq <abubakarsadiqismail@proton.me>
Date: Thu, 21 May 2026 20:31:38 +0100
Subject: [PATCH 3/6] validation: extract mempool validation into
 mempool_validation.{h,cpp}

Extract mempool-related validation functions from validation.cpp into
new files mempool_validation.{h,cpp}:
- MempoolAcceptResult and PackageMempoolAcceptResult result types
- ProcessTransaction, AcceptToMemoryPool, ProcessNewPackage
- LimitMempoolSize, CalculateLockPointsAtTip, CheckSequenceLocksAtTip
- MaybeUpdateMempoolForReorg

Behavioral change: MaybeUpdateMempoolForReorg now takes an explicit
CTxMemPool& mempool parameter instead of obtaining it via
chainstate.GetMempool(). This is required because the Clang Thread
Safety Analyzer cannot alias *chainstate.MempoolMutex() to mempool.cs
when they are obtained via different expressions. The four call sites in
validation.cpp are guarded with `if (m_mempool)` null checks.

Introduces circular dependency:
  mempool_validation -> validation -> mempool_validation
(validation.cpp still includes mempool_validation.h for the transition
period; to be resolved in a follow-up)
---
 src/CMakeLists.txt                      |    1 +
 src/bench/block_assemble.cpp            |    3 +-
 src/kernel/CMakeLists.txt               |    1 +
 src/mempool_validation.cpp              | 1731 +++++++++++++++++++++++
 src/mempool_validation.h                |  278 ++++
 src/net_processing.cpp                  |    7 +-
 src/node/mempool_persist.cpp            |    1 +
 src/node/transaction.cpp                |    8 +-
 src/test/fuzz/package_eval.cpp          |    1 +
 src/test/fuzz/tx_pool.cpp               |    1 +
 src/test/miner_tests.cpp                |    1 +
 src/test/txdownload_tests.cpp           |    3 +-
 src/test/txpackage_tests.cpp            |    3 +-
 src/test/txvalidation_tests.cpp         |    3 +-
 src/test/txvalidationcache_tests.cpp    |    9 +-
 src/test/util/setup_common.cpp          |    3 +-
 src/test/util/txmempool.cpp             |    1 +
 src/test/validation_block_tests.cpp     |    3 +-
 src/validation.cpp                      | 1701 +---------------------
 src/validation.h                        |  232 +--
 test/lint/lint-circular-dependencies.py |    1 +
 21 files changed, 2053 insertions(+), 1939 deletions(-)
 create mode 100644 src/mempool_validation.cpp
 create mode 100644 src/mempool_validation.h

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index f9bc43494796..3df11154f2eb 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -215,6 +215,7 @@ add_library(bitcoin_node STATIC EXCLUDE_FROM_ALL
   txgraph.cpp
   txmempool.cpp
   txrequest.cpp
+  mempool_validation.cpp
   validation.cpp
   validationinterface.cpp
   versionbits.cpp
diff --git a/src/bench/block_assemble.cpp b/src/bench/block_assemble.cpp
index 297465be80f5..2815cdc0f4f3 100644
--- a/src/bench/block_assemble.cpp
+++ b/src/bench/block_assemble.cpp
@@ -4,6 +4,7 @@
 
 #include <bench/bench.h>
 #include <consensus/consensus.h>
+#include <mempool_validation.h>
 #include <node/miner.h>
 #include <primitives/transaction.h>
 #include <random.h>
@@ -46,7 +47,7 @@ static void AssembleBlock(benchmark::Bench& bench)
         LOCK(::cs_main);
 
         for (const auto& txr : txs) {
-            const MempoolAcceptResult res = test_setup->m_node.chainman->ProcessTransaction(txr);
+            const MempoolAcceptResult res = ProcessTransaction(*test_setup->m_node.chainman, txr);
             assert(res.m_result_type == MempoolAcceptResult::ResultType::VALID);
         }
     }
diff --git a/src/kernel/CMakeLists.txt b/src/kernel/CMakeLists.txt
index 11c39b383ef0..b2cfd9131a82 100644
--- a/src/kernel/CMakeLists.txt
+++ b/src/kernel/CMakeLists.txt
@@ -73,6 +73,7 @@ add_library(bitcoinkernel
   ../util/threadnames.cpp
   ../util/time.cpp
   ../util/tokenpipe.cpp
+  ../mempool_validation.cpp
   ../validation.cpp
   ../validationinterface.cpp
   ../versionbits.cpp
diff --git a/src/mempool_validation.cpp b/src/mempool_validation.cpp
new file mode 100644
index 000000000000..5a49d66d22d3
--- /dev/null
+++ b/src/mempool_validation.cpp
@@ -0,0 +1,1731 @@
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2009-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <mempool_validation.h>
+
+#include <chain.h>
+#include <validation.h>
+#include <consensus/consensus.h>
+#include <consensus/tx_check.h>
+#include <consensus/tx_verify.h>
+#include <kernel/chainparams.h>
+#include <kernel/disconnected_transactions.h>
+#include <kernel/mempool_entry.h>
+#include <kernel/notifications_interface.h>
+#include <node/blockstorage.h>
+#include <policy/ephemeral_policy.h>
+#include <policy/policy.h>
+#include <policy/rbf.h>
+#include <policy/settings.h>
+#include <policy/truc_policy.h>
+#include <primitives/transaction.h>
+#include <script/sigcache.h>
+#include <tinyformat.h>
+#include <txmempool.h>
+#include <uint256.h>
+#include <util/check.h>
+#include <util/moneystr.h>
+#include <util/rbf.h>
+#include <util/result.h>
+#include <util/string.h>
+#include <util/time.h>
+#include <util/trace.h>
+#include <validationinterface.h>
+
+#include <algorithm>
+#include <cassert>
+#include <chrono>
+#include <numeric>
+#include <optional>
+#include <string>
+#include <utility>
+
+/** Maximum age of our tip for us to be considered current for fee estimation */
+static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE{3};
+
+TRACEPOINT_SEMAPHORE(mempool, replaced);
+TRACEPOINT_SEMAPHORE(mempool, rejected);
+
+namespace {
+/**
+ * A helper which calculates heights of inputs of a given transaction.
+ *
+ * @param[in] tip    The current chain tip. If an input belongs to a mempool
+ *                   transaction, we assume it will be confirmed in the next block.
+ * @param[in] coins  Any CCoinsView that provides access to the relevant coins.
+ * @param[in] tx     The transaction being evaluated.
+ *
+ * @returns A vector of input heights or nullopt, in case of an error.
+ */
+std::optional<std::vector<int>> CalculatePrevHeights(
+    const CBlockIndex& tip,
+    const CCoinsView& coins,
+    const CTransaction& tx)
+{
+    std::vector<int> prev_heights;
+    prev_heights.resize(tx.vin.size());
+    for (size_t i = 0; i < tx.vin.size(); ++i) {
+        if (auto coin{coins.GetCoin(tx.vin[i].prevout)}) {
+            prev_heights[i] = coin->nHeight == MEMPOOL_HEIGHT ? tip.nHeight + 1 // Assume all mempool transaction confirm in the next block.
+                                                                :
+                                                                coin->nHeight;
+        } else {
+            LogInfo("ERROR: %s: Missing input %d in transaction \'%s\'\n", __func__, i, tx.GetHash().GetHex());
+            return std::nullopt;
+        }
+    }
+    return prev_heights;
+}
+} // namespace
+std::optional<LockPoints> CalculateLockPointsAtTip(
+    CBlockIndex* tip,
+    const CCoinsView& coins_view,
+    const CTransaction& tx)
+{
+    assert(tip);
+
+    auto prev_heights{CalculatePrevHeights(*tip, coins_view, tx)};
+    if (!prev_heights.has_value()) return std::nullopt;
+
+    CBlockIndex next_tip;
+    next_tip.pprev = tip;
+    // When SequenceLocks() is called within ConnectBlock(), the height
+    // of the block *being* evaluated is what is used.
+    // Thus if we want to know if a transaction can be part of the
+    // *next* block, we need to use one more than active_chainstate.m_chain.Height()
+    next_tip.nHeight = tip->nHeight + 1;
+    const auto [min_height, min_time] = CalculateSequenceLocks(tx, STANDARD_LOCKTIME_VERIFY_FLAGS, prev_heights.value(), next_tip);
+
+    // Also store the hash of the block with the highest height of
+    // all the blocks which have sequence locked prevouts.
+    // This hash needs to still be on the chain
+    // for these LockPoint calculations to be valid
+    // Note: It is impossible to correctly calculate a maxInputBlock
+    // if any of the sequence locked inputs depend on unconfirmed txs,
+    // except in the special case where the relative lock time/height
+    // is 0, which is equivalent to no sequence lock. Since we assume
+    // input height of tip+1 for mempool txs and test the resulting
+    // min_height and min_time from CalculateSequenceLocks against tip+1.
+    int max_input_height{0};
+    for (const int height : prev_heights.value()) {
+        // Can ignore mempool inputs since we'll fail if they had non-zero locks
+        if (height != next_tip.nHeight) {
+            max_input_height = std::max(max_input_height, height);
+        }
+    }
+
+    // tip->GetAncestor(max_input_height) should never return a nullptr
+    // because max_input_height is always less than the tip height.
+    // It would, however, be a bad bug to continue execution, since a
+    // LockPoints object with the maxInputBlock member set to nullptr
+    // signifies no relative lock time.
+    return LockPoints{min_height, min_time, Assert(tip->GetAncestor(max_input_height))};
+}
+
+bool CheckSequenceLocksAtTip(CBlockIndex* tip,
+                             const LockPoints& lock_points)
+{
+    assert(tip != nullptr);
+
+    CBlockIndex index;
+    index.pprev = tip;
+    // CheckSequenceLocksAtTip() uses active_chainstate.m_chain.Height()+1 to evaluate
+    // height based locks because when SequenceLocks() is called within
+    // ConnectBlock(), the height of the block *being*
+    // evaluated is what is used.
+    // Thus if we want to know if a transaction can be part of the
+    // *next* block, we need to use one more than active_chainstate.m_chain.Height()
+    index.nHeight = tip->nHeight + 1;
+
+    return EvaluateSequenceLocks(index, {lock_points.height, lock_points.time});
+}
+
+void LimitMempoolSize(CTxMemPool& pool, CCoinsViewCache& coins_cache)
+    EXCLUSIVE_LOCKS_REQUIRED(::cs_main, pool.cs)
+{
+    AssertLockHeld(::cs_main);
+    AssertLockHeld(pool.cs);
+    int expired = pool.Expire(GetTime<std::chrono::seconds>() - pool.m_opts.expiry);
+    if (expired != 0) {
+        LogDebug(BCLog::MEMPOOL, "Expired %i transactions from the memory pool\n", expired);
+    }
+
+    std::vector<COutPoint> vNoSpendsRemaining;
+    pool.TrimToSize(pool.m_opts.max_size_bytes, &vNoSpendsRemaining);
+    for (const COutPoint& removed : vNoSpendsRemaining)
+        coins_cache.Uncache(removed);
+}
+
+static bool IsCurrentForFeeEstimation(Chainstate& active_chainstate) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
+{
+    AssertLockHeld(cs_main);
+    if (active_chainstate.m_chainman.IsInitialBlockDownload()) {
+        return false;
+    }
+    if (active_chainstate.m_chain.Tip()->GetBlockTime() < count_seconds(GetTime<std::chrono::seconds>() - MAX_FEE_ESTIMATION_TIP_AGE))
+        return false;
+    if (active_chainstate.m_chain.Height() < active_chainstate.m_chainman.m_best_header->nHeight - 1) {
+        return false;
+    }
+    return true;
+}
+/**
+ * Checks to avoid mempool polluting consensus critical paths since cached
+ * signature and script validity results will be reused if we validate this
+ * transaction again during block validation.
+ * */
+static bool CheckInputsFromMempoolAndCache(const CTransaction& tx, TxValidationState& state,
+                                           const CCoinsViewCache& view, const CTxMemPool& pool,
+                                           script_verify_flags flags, PrecomputedTransactionData& txdata, CCoinsViewCache& coins_tip,
+                                           ValidationCache& validation_cache)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main, pool.cs)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(pool.cs);
+
+    assert(!tx.IsCoinBase());
+    for (const CTxIn& txin : tx.vin) {
+        const Coin& coin = view.AccessCoin(txin.prevout);
+
+        // This coin was checked in PreChecks and MemPoolAccept
+        // has been holding cs_main since then.
+        Assume(!coin.IsSpent());
+        if (coin.IsSpent()) return false;
+
+        // If the Coin is available, there are 2 possibilities:
+        // it is available in our current ChainstateActive UTXO set,
+        // or it's a UTXO provided by a transaction in our mempool.
+        // Ensure the scriptPubKeys in Coins from CoinsView are correct.
+        const CTransactionRef& txFrom = pool.get(txin.prevout.hash);
+        if (txFrom) {
+            assert(txFrom->GetHash() == txin.prevout.hash);
+            assert(txFrom->vout.size() > txin.prevout.n);
+            assert(txFrom->vout[txin.prevout.n] == coin.out);
+        } else {
+            const Coin& coinFromUTXOSet = coins_tip.AccessCoin(txin.prevout);
+            assert(!coinFromUTXOSet.IsSpent());
+            assert(coinFromUTXOSet.out == coin.out);
+        }
+    }
+
+    // Call CheckInputScripts() to cache signature and script validity against current tip consensus rules.
+    return CheckInputScripts(tx, state, view, flags, /* cacheSigStore= */ true, /* cacheFullScriptStore= */ true, txdata, validation_cache);
+}
+
+namespace {
+
+class MemPoolAccept
+{
+public:
+    explicit MemPoolAccept(CTxMemPool& mempool, Chainstate& active_chainstate) : m_pool(mempool),
+                                                                                 m_view(&CoinsViewEmpty::Get()),
+                                                                                 m_viewmempool(&active_chainstate.CoinsTip(), m_pool),
+                                                                                 m_active_chainstate(active_chainstate)
+    {
+    }
+
+    // We put the arguments we're handed into a struct, so we can pass them
+    // around easier.
+    struct ATMPArgs {
+        const CChainParams& m_chainparams;
+        const int64_t m_accept_time;
+        const bool m_bypass_limits;
+        /*
+         * Return any outpoints which were not previously present in the coins
+         * cache, but were added as a result of validating the tx for mempool
+         * acceptance. This allows the caller to optionally remove the cache
+         * additions if the associated transaction ends up being rejected by
+         * the mempool.
+         */
+        std::vector<COutPoint>& m_coins_to_uncache;
+        /** When true, the transaction or package will not be submitted to the mempool. */
+        const bool m_test_accept;
+        /** Whether we allow transactions to replace mempool transactions. If false,
+         * any transaction spending the same inputs as a transaction in the mempool is considered
+         * a conflict. */
+        const bool m_allow_replacement;
+        /** When true, allow sibling eviction. This only occurs in single transaction package settings. */
+        const bool m_allow_sibling_eviction;
+        /** Used to skip the LimitMempoolSize() call within AcceptSingleTransaction(). This should be used when multiple
+         * AcceptSubPackage calls are expected and the mempool will be trimmed at the end of AcceptPackage(). */
+        const bool m_package_submission;
+        /** When true, use package feerates instead of individual transaction feerates for fee-based
+         * policies such as mempool min fee and min relay fee.
+         */
+        const bool m_package_feerates;
+        /** Used for local submission of transactions to catch "absurd" fees
+         * due to fee miscalculation by wallets. std:nullopt implies unset, allowing any feerates.
+         * Any individual transaction failing this check causes immediate failure.
+         */
+        const std::optional<CFeeRate> m_client_maxfeerate;
+
+        /** Parameters for single transaction mempool validation. */
+        static ATMPArgs SingleAccept(const CChainParams& chainparams, int64_t accept_time,
+                                     bool bypass_limits, std::vector<COutPoint>& coins_to_uncache,
+                                     bool test_accept)
+        {
+            return ATMPArgs{
+                /*chainparams=*/chainparams,
+                /*accept_time=*/accept_time,
+                /*bypass_limits=*/bypass_limits,
+                /*coins_to_uncache=*/coins_to_uncache,
+                /*test_accept=*/test_accept,
+                /*allow_replacement=*/true,
+                /*allow_sibling_eviction=*/true,
+                /*package_submission=*/false,
+                /*package_feerates=*/false,
+                /*client_maxfeerate=*/{}, // checked by caller
+            };
+        }
+
+        /** Parameters for test package mempool validation through testmempoolaccept. */
+        static ATMPArgs PackageTestAccept(const CChainParams& chainparams, int64_t accept_time,
+                                          std::vector<COutPoint>& coins_to_uncache)
+        {
+            return ATMPArgs{
+                /*chainparams=*/chainparams,
+                /*accept_time=*/accept_time,
+                /*bypass_limits=*/false,
+                /*coins_to_uncache=*/coins_to_uncache,
+                /*test_accept=*/true,
+                /*allow_replacement=*/false,
+                /*allow_sibling_eviction=*/false,
+                /*package_submission=*/false, // not submitting to mempool
+                /*package_feerates=*/false,
+                /*client_maxfeerate=*/{}, // checked by caller
+            };
+        }
+
+        /** Parameters for child-with-parents package validation. */
+        static ATMPArgs PackageChildWithParents(const CChainParams& chainparams, int64_t accept_time,
+                                                std::vector<COutPoint>& coins_to_uncache, const std::optional<CFeeRate>& client_maxfeerate)
+        {
+            return ATMPArgs{
+                /*chainparams=*/chainparams,
+                /*accept_time=*/accept_time,
+                /*bypass_limits=*/false,
+                /*coins_to_uncache=*/coins_to_uncache,
+                /*test_accept=*/false,
+                /*allow_replacement=*/true,
+                /*allow_sibling_eviction=*/false,
+                /*package_submission=*/true,
+                /*package_feerates=*/true,
+                /*client_maxfeerate=*/client_maxfeerate,
+            };
+        }
+
+        /** Parameters for a single transaction within a package. */
+        static ATMPArgs SingleInPackageAccept(const ATMPArgs& package_args)
+        {
+            return ATMPArgs{
+                /*chainparams=*/package_args.m_chainparams,
+                /*accept_time=*/package_args.m_accept_time,
+                /*bypass_limits=*/false,
+                /*coins_to_uncache=*/package_args.m_coins_to_uncache,
+                /*test_accept=*/package_args.m_test_accept,
+                /*allow_replacement=*/true,
+                /*allow_sibling_eviction=*/true,
+                /*package_submission=*/true, // trim at the end of AcceptPackage()
+                /*package_feerates=*/false,  // only 1 transaction
+                /*client_maxfeerate=*/package_args.m_client_maxfeerate,
+            };
+        }
+
+    private:
+        // Private ctor to avoid exposing details to clients and allowing the possibility of
+        // mixing up the order of the arguments. Use static functions above instead.
+        ATMPArgs(const CChainParams& chainparams,
+                 int64_t accept_time,
+                 bool bypass_limits,
+                 std::vector<COutPoint>& coins_to_uncache,
+                 bool test_accept,
+                 bool allow_replacement,
+                 bool allow_sibling_eviction,
+                 bool package_submission,
+                 bool package_feerates,
+                 std::optional<CFeeRate> client_maxfeerate)
+            : m_chainparams{chainparams},
+              m_accept_time{accept_time},
+              m_bypass_limits{bypass_limits},
+              m_coins_to_uncache{coins_to_uncache},
+              m_test_accept{test_accept},
+              m_allow_replacement{allow_replacement},
+              m_allow_sibling_eviction{allow_sibling_eviction},
+              m_package_submission{package_submission},
+              m_package_feerates{package_feerates},
+              m_client_maxfeerate{client_maxfeerate}
+        {
+            // If we are using package feerates, we must be doing package submission.
+            // It also means sibling eviction is not permitted.
+            if (m_package_feerates) {
+                Assume(m_package_submission);
+                Assume(!m_allow_sibling_eviction);
+            }
+            if (m_allow_sibling_eviction) Assume(m_allow_replacement);
+        }
+    };
+
+    /** Clean up all non-chainstate coins from m_view and m_viewmempool. */
+    void CleanupTemporaryCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    // Single transaction acceptance
+    MempoolAcceptResult AcceptSingleTransactionAndCleanup(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
+    {
+        LOCK(m_pool.cs);
+        MempoolAcceptResult result = AcceptSingleTransactionInternal(ptx, args);
+        ClearSubPackageState();
+        return result;
+    }
+    MempoolAcceptResult AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    /**
+     * Multiple transaction acceptance. Transactions may or may not be interdependent, but must not
+     * conflict with each other, and the transactions cannot already be in the mempool. Parents must
+     * come before children if any dependencies exist.
+     */
+    PackageMempoolAcceptResult AcceptMultipleTransactionsAndCleanup(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
+    {
+        LOCK(m_pool.cs);
+        PackageMempoolAcceptResult result = AcceptMultipleTransactionsInternal(txns, args);
+        ClearSubPackageState();
+        return result;
+    }
+    PackageMempoolAcceptResult AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    /**
+     * Submission of a subpackage.
+     * If subpackage size == 1, calls AcceptSingleTransaction() with adjusted ATMPArgs to
+     * enable sibling eviction and creates a PackageMempoolAcceptResult
+     * wrapping the result.
+     *
+     * If subpackage size > 1, calls AcceptMultipleTransactions() with the provided ATMPArgs.
+     *
+     * Also cleans up all non-chainstate coins from m_view at the end.
+     */
+    PackageMempoolAcceptResult AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
+        EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    /**
+     * Package (more specific than just multiple transactions) acceptance. Package must be a child
+     * with all of its unconfirmed parents, and topologically sorted.
+     */
+    PackageMempoolAcceptResult AcceptPackage(const Package& package, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
+private:
+    // All the intermediate state that gets passed between the various levels
+    // of checking a given transaction.
+    struct Workspace {
+        explicit Workspace(const CTransactionRef& ptx) : m_ptx(ptx), m_hash(ptx->GetHash()) {}
+        /** Txids of mempool transactions that this transaction directly conflicts with or may
+         * replace via sibling eviction. */
+        std::set<Txid> m_conflicts;
+        /** Iterators to mempool entries that this transaction directly conflicts with or may
+         * replace via sibling eviction. */
+        CTxMemPool::setEntries m_iters_conflicting;
+        /** All mempool parents of this transaction. */
+        std::vector<CTxMemPoolEntry::CTxMemPoolEntryRef> m_parents;
+        /* Handle to the tx in the changeset */
+        CTxMemPool::ChangeSet::TxHandle m_tx_handle;
+        /** Whether RBF-related data structures (m_conflicts, m_iters_conflicting,
+         * m_replaced_transactions) include a sibling in addition to txns with conflicting inputs. */
+        bool m_sibling_eviction{false};
+
+        /** Virtual size of the transaction as used by the mempool, calculated using serialized size
+         * of the transaction and sigops. */
+        int64_t m_vsize;
+        /** Fees paid by this transaction: total input amounts subtracted by total output amounts. */
+        CAmount m_base_fees;
+        /** Base fees + any fee delta set by the user with prioritisetransaction. */
+        CAmount m_modified_fees;
+
+        /** If we're doing package validation (i.e. m_package_feerates=true), the "effective"
+         * package feerate of this transaction is the total fees divided by the total size of
+         * transactions (which may include its ancestors and/or descendants). */
+        CFeeRate m_package_feerate{0};
+
+        const CTransactionRef& m_ptx;
+        /** Txid. */
+        const Txid& m_hash;
+        TxValidationState m_state;
+        /** A temporary cache containing serialized transaction data for signature verification.
+         * Reused across PolicyScriptChecks and ConsensusScriptChecks. */
+        PrecomputedTransactionData m_precomputed_txdata;
+    };
+
+    // Run the policy checks on a given transaction, excluding any script checks.
+    // Looks up inputs, calculates feerate, considers replacement, evaluates
+    // package limits, etc. As this function can be invoked for "free" by a peer,
+    // only tests that are fast should be done here (to avoid CPU DoS).
+    bool PreChecks(ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    // Run checks for mempool replace-by-fee, only used in AcceptSingleTransaction.
+    bool ReplacementChecks(Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    bool PackageRBFChecks(const std::vector<CTransactionRef>& txns,
+                          std::vector<Workspace>& workspaces,
+                          int64_t total_vsize,
+                          PackageValidationState& package_state) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    // Run the script checks using our policy flags. As this can be slow, we should
+    // only invoke this on transactions that have otherwise passed policy checks.
+    bool PolicyScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    // Re-run the script checks, using consensus flags, and try to cache the
+    // result in the scriptcache. This should be done after
+    // PolicyScriptChecks(). This requires that all inputs either be in our
+    // utxo set or in the mempool.
+    bool ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    // Try to add the transaction to the mempool, removing any conflicts first.
+    void FinalizeSubpackage(const ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    // Submit all transactions to the mempool and call ConsensusScriptChecks to add to the script
+    // cache - should only be called after successful validation of all transactions in the package.
+    // Does not call LimitMempoolSize(), so mempool max_size_bytes may be temporarily exceeded.
+    bool SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces, PackageValidationState& package_state,
+                       std::map<Wtxid, MempoolAcceptResult>& results)
+        EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
+
+    // Compare a package's feerate against minimum allowed.
+    bool CheckFeeRate(size_t package_size, CAmount package_fee, TxValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs)
+    {
+        AssertLockHeld(::cs_main);
+        AssertLockHeld(m_pool.cs);
+        CAmount mempoolRejectFee = m_pool.GetMinFee().GetFee(package_size);
+        if (mempoolRejectFee > 0 && package_fee < mempoolRejectFee) {
+            return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool min fee not met", strprintf("%d < %d", package_fee, mempoolRejectFee));
+        }
+
+        if (package_fee < m_pool.m_opts.min_relay_feerate.GetFee(package_size)) {
+            return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "min relay fee not met",
+                                 strprintf("%d < %d", package_fee, m_pool.m_opts.min_relay_feerate.GetFee(package_size)));
+        }
+        return true;
+    }
+
+    ValidationCache& GetValidationCache()
+    {
+        return m_active_chainstate.m_chainman.m_validation_cache;
+    }
+
+private:
+    CTxMemPool& m_pool;
+
+    /** Holds a cached view of available coins from the UTXO set, mempool, and artificial temporary coins (to enable package validation).
+     * The view doesn't track whether a coin previously existed but has now been spent. We detect conflicts in other ways:
+     * - conflicts within a transaction are checked in CheckTransaction (bad-txns-inputs-duplicate)
+     * - conflicts within a package are checked in IsWellFormedPackage (conflict-in-package)
+     * - conflicts with an existing mempool transaction are found in CTxMemPool::GetConflictTx and replacements are allowed
+     * The temporary coins should persist between individual transaction checks so that package validation is possible,
+     * but must be cleaned up when we finish validating a subpackage, whether accepted or rejected. The cache must also
+     * be cleared when mempool contents change (when a changeset is applied or when the mempool trims itself) because it
+     * can return cached coins that no longer exist in the backend. Use CleanupTemporaryCoins() anytime you are finished
+     * with a SubPackageState or call LimitMempoolSize().
+     */
+    CCoinsViewCache m_view;
+
+    // These are the two possible backends for m_view.
+    /** When m_view is connected to m_viewmempool as its backend, it can pull coins from the mempool and from the UTXO
+     * set. This is also where temporary coins are stored. */
+    CCoinsViewMemPool m_viewmempool;
+
+    Chainstate& m_active_chainstate;
+
+    // Fields below are per *sub*package state and must be reset prior to subsequent
+    // AcceptSingleTransaction and AcceptMultipleTransactions invocations
+    struct SubPackageState {
+        /** Aggregated modified fees of all transactions, used to calculate package feerate. */
+        CAmount m_total_modified_fees{0};
+        /** Aggregated virtual size of all transactions, used to calculate package feerate. */
+        int64_t m_total_vsize{0};
+
+        // RBF-related members
+        /** Whether the transaction(s) would replace any mempool transactions and/or evict any siblings.
+         * If so, RBF rules apply. */
+        bool m_rbf{false};
+        /** Mempool transactions that were replaced. */
+        std::list<CTransactionRef> m_replaced_transactions;
+        /* Changeset representing adding transactions and removing their conflicts. */
+        std::unique_ptr<CTxMemPool::ChangeSet> m_changeset;
+
+        /** Total modified fees of mempool transactions being replaced. */
+        CAmount m_conflicting_fees{0};
+        /** Total size (in virtual bytes) of mempool transactions being replaced. */
+        size_t m_conflicting_size{0};
+    };
+
+    struct SubPackageState m_subpackage;
+
+    /** Re-set sub-package state to not leak between evaluations */
+    void ClearSubPackageState() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs)
+    {
+        m_subpackage = SubPackageState{};
+
+        // And clean coins while at it
+        CleanupTemporaryCoins();
+    }
+};
+
+bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+    const CTransactionRef& ptx = ws.m_ptx;
+    const CTransaction& tx = *ws.m_ptx;
+    const Txid& hash = ws.m_hash;
+
+    // Copy/alias what we need out of args
+    const int64_t nAcceptTime = args.m_accept_time;
+    const bool bypass_limits = args.m_bypass_limits;
+    std::vector<COutPoint>& coins_to_uncache = args.m_coins_to_uncache;
+
+    // Alias what we need out of ws
+    TxValidationState& state = ws.m_state;
+
+    if (!CheckTransaction(tx, state)) {
+        return false; // state filled in by CheckTransaction
+    }
+
+    // Coinbase is only valid in a block, not as a loose transaction
+    if (tx.IsCoinBase())
+        return state.Invalid(TxValidationResult::TX_CONSENSUS, "coinbase");
+
+    // Rather not work on nonstandard transactions (unless -testnet/-regtest)
+    std::string reason;
+    if (m_pool.m_opts.require_standard && !IsStandardTx(tx, m_pool.m_opts.max_datacarrier_bytes, m_pool.m_opts.permit_bare_multisig, m_pool.m_opts.dust_relay_feerate, reason)) {
+        return state.Invalid(TxValidationResult::TX_NOT_STANDARD, reason);
+    }
+
+    // Transactions smaller than 65 non-witness bytes are not relayed to mitigate CVE-2017-12842.
+    if (::GetSerializeSize(TX_NO_WITNESS(tx)) < MIN_STANDARD_TX_NONWITNESS_SIZE)
+        return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "tx-size-small");
+
+    // Only accept nLockTime-using transactions that can be mined in the next
+    // block; we don't want our mempool filled up with transactions that can't
+    // be mined yet.
+    if (!CheckFinalTxAtTip(*Assert(m_active_chainstate.m_chain.Tip()), tx)) {
+        return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-final");
+    }
+
+    if (m_pool.exists(tx.GetWitnessHash())) {
+        // Exact transaction already exists in the mempool.
+        return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-in-mempool");
+    } else if (m_pool.exists(tx.GetHash())) {
+        // Transaction with the same non-witness data but different witness (same txid, different
+        // wtxid) already exists in the mempool.
+        return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-same-nonwitness-data-in-mempool");
+    }
+
+    // Check for conflicts with in-memory transactions
+    for (const CTxIn& txin : tx.vin) {
+        const CTransaction* ptxConflicting = m_pool.GetConflictTx(txin.prevout);
+        if (ptxConflicting) {
+            if (!args.m_allow_replacement) {
+                // Transaction conflicts with a mempool tx, but we're not allowing replacements in this context.
+                return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "bip125-replacement-disallowed");
+            }
+            ws.m_conflicts.insert(ptxConflicting->GetHash());
+        }
+    }
+
+    m_view.SetBackend(m_viewmempool);
+
+    const CCoinsViewCache& coins_cache = m_active_chainstate.CoinsTip();
+    // do all inputs exist?
+    for (const CTxIn& txin : tx.vin) {
+        if (!coins_cache.HaveCoinInCache(txin.prevout)) {
+            coins_to_uncache.push_back(txin.prevout);
+        }
+
+        // Note: this call may add txin.prevout to the coins cache
+        // (coins_cache.cacheCoins) by way of FetchCoin(). It should be removed
+        // later (via coins_to_uncache) if this tx turns out to be invalid.
+        if (!m_view.HaveCoin(txin.prevout)) {
+            // Are inputs missing because we already have the tx?
+            for (size_t out = 0; out < tx.vout.size(); out++) {
+                // Optimistically just do efficient check of cache for outputs
+                if (coins_cache.HaveCoinInCache(COutPoint(hash, out))) {
+                    return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-known");
+                }
+            }
+            // Otherwise assume this might be an orphan tx for which we just haven't seen parents yet
+            return state.Invalid(TxValidationResult::TX_MISSING_INPUTS, "bad-txns-inputs-missingorspent");
+        }
+    }
+
+    // This is const, but calls into `CCoinsViewCache::GetBestBlock()` to refresh
+    // the cached best block through `m_viewmempool` after caching inputs.
+    (void)m_view.GetBestBlock();
+
+    // All required inputs are cached now, so switch m_view to the empty backend.
+    // This keeps already-fetched cache entries for later checks and prevents new
+    // backend lookups (which would avoid coins_to_uncache tracking).
+    m_view.SetBackend(CoinsViewEmpty::Get());
+
+    assert(m_active_chainstate.m_blockman.LookupBlockIndex(m_view.GetBestBlock()) == m_active_chainstate.m_chain.Tip());
+
+    // Only accept BIP68 sequence locked transactions that can be mined in the next
+    // block; we don't want our mempool filled up with transactions that can't
+    // be mined yet.
+    // Pass in m_view which has all of the relevant inputs cached. Note that, since m_view's
+    // backend was removed, it no longer pulls coins from the mempool.
+    const std::optional<LockPoints> lock_points{CalculateLockPointsAtTip(m_active_chainstate.m_chain.Tip(), m_view, tx)};
+    if (!lock_points.has_value() || !CheckSequenceLocksAtTip(m_active_chainstate.m_chain.Tip(), *lock_points)) {
+        return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-BIP68-final");
+    }
+
+    // The mempool holds txs for the next block, so pass height+1 to CheckTxInputs
+    if (!Consensus::CheckTxInputs(tx, state, m_view, m_active_chainstate.m_chain.Height() + 1, ws.m_base_fees)) {
+        return false; // state filled in by CheckTxInputs
+    }
+
+    if (m_pool.m_opts.require_standard) {
+        state = ValidateInputsStandardness(tx, m_view);
+        if (state.IsInvalid()) {
+            return false;
+        }
+    }
+
+    // Check for non-standard witnesses.
+    if (tx.HasWitness() && m_pool.m_opts.require_standard && !IsWitnessStandard(tx, m_view)) {
+        return state.Invalid(TxValidationResult::TX_WITNESS_MUTATED, "bad-witness-nonstandard");
+    }
+
+    int64_t nSigOpsCost = GetTransactionSigOpCost(tx, m_view, STANDARD_SCRIPT_VERIFY_FLAGS);
+
+    // Keep track of transactions that spend a coinbase, which we re-scan
+    // during reorgs to ensure COINBASE_MATURITY is still met.
+    bool fSpendsCoinbase = false;
+    for (const CTxIn& txin : tx.vin) {
+        const Coin& coin = m_view.AccessCoin(txin.prevout);
+        if (coin.IsCoinBase()) {
+            fSpendsCoinbase = true;
+            break;
+        }
+    }
+
+    // Set entry_sequence to 0 when bypass_limits is used; this allows txs from a block
+    // reorg to be marked earlier than any child txs that were already in the mempool.
+    const uint64_t entry_sequence = bypass_limits ? 0 : m_pool.GetSequence();
+    if (!m_subpackage.m_changeset) {
+        m_subpackage.m_changeset = m_pool.GetChangeSet();
+    }
+    ws.m_tx_handle = m_subpackage.m_changeset->StageAddition(ptx, ws.m_base_fees, nAcceptTime, m_active_chainstate.m_chain.Height(), entry_sequence, fSpendsCoinbase, nSigOpsCost, lock_points.value());
+
+    // ws.m_modified_fees includes any fee deltas from PrioritiseTransaction
+    ws.m_modified_fees = ws.m_tx_handle->GetModifiedFee();
+
+    ws.m_vsize = ws.m_tx_handle->GetTxSize();
+
+    // Enforces 0-fee for dust transactions, no incentive to be mined alone
+    if (m_pool.m_opts.require_standard) {
+        if (!PreCheckEphemeralTx(*ptx, m_pool.m_opts.dust_relay_feerate, ws.m_base_fees, ws.m_modified_fees, state)) {
+            return false; // state filled in by PreCheckEphemeralTx
+        }
+    }
+
+    if (nSigOpsCost > MAX_STANDARD_TX_SIGOPS_COST)
+        return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "bad-txns-too-many-sigops",
+                             strprintf("%d", nSigOpsCost));
+
+    // No individual transactions are allowed below the mempool min feerate except from disconnected
+    // blocks and transactions in a package. Package transactions will be checked using package
+    // feerate later.
+    if (!bypass_limits && !args.m_package_feerates && !CheckFeeRate(ws.m_vsize, ws.m_modified_fees, state)) return false;
+
+    ws.m_iters_conflicting = m_pool.GetIterSet(ws.m_conflicts);
+
+    ws.m_parents = m_pool.GetParents(*ws.m_tx_handle);
+
+    if (!args.m_bypass_limits) {
+        // Perform the TRUC checks, using the in-mempool parents.
+        if (const auto err{SingleTRUCChecks(m_pool, ws.m_ptx, ws.m_parents, ws.m_conflicts, ws.m_vsize)}) {
+            // Single transaction contexts only.
+            if (args.m_allow_sibling_eviction && err->second != nullptr) {
+                // We should only be considering where replacement is considered valid as well.
+                Assume(args.m_allow_replacement);
+                // Potential sibling eviction. Add the sibling to our list of mempool conflicts to be
+                // included in RBF checks.
+                ws.m_conflicts.insert(err->second->GetHash());
+                // Adding the sibling to m_iters_conflicting here means that it doesn't count towards
+                // RBF Carve Out above. This is correct, since removing to-be-replaced transactions from
+                // the descendant count is done separately in SingleTRUCChecks for TRUC transactions.
+                ws.m_iters_conflicting.insert(m_pool.GetIter(err->second->GetHash()).value());
+                ws.m_sibling_eviction = true;
+                // The sibling will be treated as part of the to-be-replaced set in ReplacementChecks.
+                // Note that we are not checking whether it opts in to replaceability via BIP125 or TRUC
+                // (which is normally done in PreChecks). However, the only way a TRUC transaction can
+                // have a non-TRUC and non-BIP125 descendant is due to a reorg.
+            } else {
+                return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "TRUC-violation", err->first);
+            }
+        }
+    }
+
+    // We want to detect conflicts in any tx in a package to trigger package RBF logic
+    m_subpackage.m_rbf |= !ws.m_conflicts.empty();
+    return true;
+}
+
+bool MemPoolAccept::ReplacementChecks(Workspace& ws)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+
+    const CTransaction& tx = *ws.m_ptx;
+    const Txid& hash = ws.m_hash;
+    TxValidationState& state = ws.m_state;
+
+    CFeeRate newFeeRate(ws.m_modified_fees, ws.m_vsize);
+
+    CTxMemPool::setEntries all_conflicts;
+
+    // Calculate all conflicting entries and enforce Rule #5.
+    if (const auto err_string{GetEntriesForConflicts(tx, m_pool, ws.m_iters_conflicting, all_conflicts)}) {
+        return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY,
+                             strprintf("too many potential replacements%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
+    }
+
+    // Check if it's economically rational to mine this transaction rather than the ones it
+    // replaces and pays for its own relay fees. Enforce Rules #3 and #4.
+    for (CTxMemPool::txiter it : all_conflicts) {
+        m_subpackage.m_conflicting_fees += it->GetModifiedFee();
+        m_subpackage.m_conflicting_size += it->GetTxSize();
+    }
+
+    if (const auto err_string{PaysForRBF(m_subpackage.m_conflicting_fees, ws.m_modified_fees, ws.m_vsize,
+                                         m_pool.m_opts.incremental_relay_feerate, hash)}) {
+        // Result may change in a package context
+        return state.Invalid(TxValidationResult::TX_RECONSIDERABLE,
+                             strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
+    }
+
+    // Add all the to-be-removed transactions to the changeset.
+    for (auto it : all_conflicts) {
+        m_subpackage.m_changeset->StageRemoval(it);
+    }
+
+    // Run cluster size limit checks and fail if we exceed them.
+    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
+        return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
+    }
+
+    if (const auto err_string{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
+        // We checked above for the cluster size limits being respected, so a
+        // failure here can only be due to an insufficient fee.
+        Assume(err_string->first == DiagramCheckError::FAILURE);
+        return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "replacement-failed", err_string->second);
+    }
+
+    return true;
+}
+
+bool MemPoolAccept::PackageRBFChecks(const std::vector<CTransactionRef>& txns,
+                                     std::vector<Workspace>& workspaces,
+                                     const int64_t total_vsize,
+                                     PackageValidationState& package_state)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+
+    assert(std::all_of(txns.cbegin(), txns.cend(), [this](const auto& tx) { return !m_pool.exists(tx->GetHash()); }));
+
+    assert(txns.size() == workspaces.size());
+
+    // We're in package RBF context; replacement proposal must be size 2
+    if (workspaces.size() != 2 || !Assume(IsChildWithParents(txns))) {
+        return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: package must be 1-parent-1-child");
+    }
+
+    // If the package has in-mempool parents, we won't consider a package RBF
+    // since it would result in a cluster larger than 2.
+    // N.B. To relax this constraint we will need to revisit how CCoinsViewMemPool::PackageAddTransaction
+    // is being used inside AcceptMultipleTransactions to track available inputs while processing a package.
+    // Specifically we would need to check that the ancestors of the new
+    // transactions don't intersect with the set of transactions to be removed
+    // due to RBF, which is not checked at all in the package acceptance
+    // context.
+    for (const auto& ws : workspaces) {
+        if (!ws.m_parents.empty()) {
+            return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: new transaction cannot have mempool ancestors");
+        }
+    }
+
+    // Aggregate all conflicts into one set.
+    CTxMemPool::setEntries direct_conflict_iters;
+    for (Workspace& ws : workspaces) {
+        // Aggregate all conflicts into one set.
+        direct_conflict_iters.merge(ws.m_iters_conflicting);
+    }
+
+    const auto& parent_ws = workspaces[0];
+    const auto& child_ws = workspaces[1];
+
+    // Don't consider replacements that would cause us to remove a large number of mempool entries.
+    // This limit is not increased in a package RBF. Use the aggregate number of transactions.
+    CTxMemPool::setEntries all_conflicts;
+    if (const auto err_string{GetEntriesForConflicts(*child_ws.m_ptx, m_pool, direct_conflict_iters,
+                                                     all_conflicts)}) {
+        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
+                                     "package RBF failed: too many potential replacements", *err_string);
+    }
+
+    for (CTxMemPool::txiter it : all_conflicts) {
+        m_subpackage.m_changeset->StageRemoval(it);
+        m_subpackage.m_conflicting_fees += it->GetModifiedFee();
+        m_subpackage.m_conflicting_size += it->GetTxSize();
+    }
+
+    // Use the child as the transaction for attributing errors to.
+    const Txid& child_hash = child_ws.m_ptx->GetHash();
+    if (const auto err_string{PaysForRBF(/*original_fees=*/m_subpackage.m_conflicting_fees,
+                                         /*replacement_fees=*/m_subpackage.m_total_modified_fees,
+                                         /*replacement_vsize=*/m_subpackage.m_total_vsize,
+                                         m_pool.m_opts.incremental_relay_feerate, child_hash)}) {
+        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
+                                     "package RBF failed: insufficient anti-DoS fees", *err_string);
+    }
+
+    // Ensure this two transaction package is a "chunk" on its own; we don't want the child
+    // to be only paying anti-DoS fees
+    const CFeeRate parent_feerate(parent_ws.m_modified_fees, parent_ws.m_vsize);
+    const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
+    if (package_feerate <= parent_feerate) {
+        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
+                                     "package RBF failed: package feerate is less than or equal to parent feerate",
+                                     strprintf("package feerate %s <= parent feerate is %s", package_feerate.ToString(), parent_feerate.ToString()));
+    }
+
+    // Run cluster size limit checks and fail if we exceed them.
+    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
+        return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
+    }
+
+    // Check if it's economically rational to mine this package rather than the ones it replaces.
+    if (const auto err_tup{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
+        Assume(err_tup->first == DiagramCheckError::FAILURE);
+        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
+                                     "package RBF failed: " + err_tup.value().second, "");
+    }
+
+    LogDebug(BCLog::TXPACKAGES, "package RBF checks passed: parent %s (wtxid=%s), child %s (wtxid=%s), package hash (%s)\n",
+             txns.front()->GetHash().ToString(), txns.front()->GetWitnessHash().ToString(),
+             txns.back()->GetHash().ToString(), txns.back()->GetWitnessHash().ToString(),
+             GetPackageHash(txns).ToString());
+
+
+    return true;
+}
+
+bool MemPoolAccept::PolicyScriptChecks(const ATMPArgs& args, Workspace& ws)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+    const CTransaction& tx = *ws.m_ptx;
+    TxValidationState& state = ws.m_state;
+
+    constexpr script_verify_flags scriptVerifyFlags = STANDARD_SCRIPT_VERIFY_FLAGS;
+
+    // Check input scripts and signatures.
+    // This is done last to help prevent CPU exhaustion denial-of-service attacks.
+    if (!CheckInputScripts(tx, state, m_view, scriptVerifyFlags, true, false, ws.m_precomputed_txdata, GetValidationCache())) {
+        // Detect a failure due to a missing witness so that p2p code can handle rejection caching appropriately.
+        if (!tx.HasWitness() && SpendsNonAnchorWitnessProg(tx, m_view)) {
+            state.Invalid(TxValidationResult::TX_WITNESS_STRIPPED,
+                          state.GetRejectReason(), state.GetDebugMessage());
+        }
+        return false; // state filled in by CheckInputScripts
+    }
+
+    return true;
+}
+
+bool MemPoolAccept::ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+    const CTransaction& tx = *ws.m_ptx;
+    const Txid& hash = ws.m_hash;
+    TxValidationState& state = ws.m_state;
+
+    // Check again against the current block tip's script verification
+    // flags to cache our script execution flags. This is, of course,
+    // useless if the next block has different script flags from the
+    // previous one, but because the cache tracks script flags for us it
+    // will auto-invalidate and we'll just have a few blocks of extra
+    // misses on soft-fork activation.
+    //
+    // This is also useful in case of bugs in the standard flags that cause
+    // transactions to pass as valid when they're actually invalid. For
+    // instance the STRICTENC flag was incorrectly allowing certain
+    // CHECKSIG NOT scripts to pass, even though they were invalid.
+    //
+    // There is a similar check in CreateNewBlock() to prevent creating
+    // invalid blocks (using TestBlockValidity), however allowing such
+    // transactions into the mempool can be exploited as a DoS attack.
+    script_verify_flags currentBlockScriptVerifyFlags{GetBlockScriptFlags(*m_active_chainstate.m_chain.Tip(), m_active_chainstate.m_chainman)};
+    if (!CheckInputsFromMempoolAndCache(tx, state, m_view, m_pool, currentBlockScriptVerifyFlags,
+                                        ws.m_precomputed_txdata, m_active_chainstate.CoinsTip(), GetValidationCache())) {
+        LogError("BUG! PLEASE REPORT THIS! CheckInputScripts failed against latest-block but not STANDARD flags %s, %s", hash.ToString(), state.ToString());
+        return Assume(false);
+    }
+
+    return true;
+}
+
+void MemPoolAccept::FinalizeSubpackage(const ATMPArgs& args)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+
+    if (!m_subpackage.m_changeset->GetRemovals().empty()) Assume(args.m_allow_replacement);
+    // Remove conflicting transactions from the mempool
+    for (CTxMemPool::txiter it : m_subpackage.m_changeset->GetRemovals()) {
+        std::string log_string = strprintf("replacing mempool tx %s (wtxid=%s, fees=%s, vsize=%s). ",
+                                           it->GetTx().GetHash().ToString(),
+                                           it->GetTx().GetWitnessHash().ToString(),
+                                           it->GetFee(),
+                                           it->GetTxSize());
+        FeeFrac feerate{m_subpackage.m_total_modified_fees, int32_t(m_subpackage.m_total_vsize)};
+        uint256 tx_or_package_hash{};
+        const bool replaced_with_tx{m_subpackage.m_changeset->GetTxCount() == 1};
+        if (replaced_with_tx) {
+            const CTransaction& tx = m_subpackage.m_changeset->GetAddedTxn(0);
+            tx_or_package_hash = tx.GetHash().ToUint256();
+            log_string += strprintf("New tx %s (wtxid=%s, fees=%s, vsize=%s)",
+                                    tx.GetHash().ToString(),
+                                    tx.GetWitnessHash().ToString(),
+                                    feerate.fee,
+                                    feerate.size);
+        } else {
+            tx_or_package_hash = GetPackageHash(m_subpackage.m_changeset->GetAddedTxns());
+            log_string += strprintf("New package %s with %lu txs, fees=%s, vsize=%s",
+                                    tx_or_package_hash.ToString(),
+                                    m_subpackage.m_changeset->GetTxCount(),
+                                    feerate.fee,
+                                    feerate.size);
+        }
+        LogDebug(BCLog::MEMPOOL, "%s\n", log_string);
+        TRACEPOINT(mempool, replaced,
+                   it->GetTx().GetHash().data(),
+                   it->GetTxSize(),
+                   it->GetFee(),
+                   std::chrono::duration_cast<std::chrono::duration<std::uint64_t>>(it->GetTime()).count(),
+                   tx_or_package_hash.data(),
+                   feerate.size,
+                   feerate.fee,
+                   replaced_with_tx);
+        m_subpackage.m_replaced_transactions.push_back(it->GetSharedTx());
+    }
+    m_subpackage.m_changeset->Apply();
+    m_subpackage.m_changeset.reset();
+}
+
+bool MemPoolAccept::SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces,
+                                  PackageValidationState& package_state,
+                                  std::map<Wtxid, MempoolAcceptResult>& results)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+    // Sanity check: none of the transactions should be in the mempool, and none of the transactions
+    // should have a same-txid-different-witness equivalent in the mempool.
+    assert(std::all_of(workspaces.cbegin(), workspaces.cend(), [this](const auto& ws) { return !m_pool.exists(ws.m_ptx->GetHash()); }));
+
+    bool all_submitted = true;
+    FinalizeSubpackage(args);
+    // ConsensusScriptChecks adds to the script cache and is therefore consensus-critical;
+    // CheckInputsFromMempoolAndCache asserts that transactions only spend coins available from the
+    // mempool or UTXO set. Submit each transaction to the mempool immediately after calling
+    // ConsensusScriptChecks to make the outputs available for subsequent transactions.
+    for (Workspace& ws : workspaces) {
+        if (!ConsensusScriptChecks(args, ws)) {
+            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
+            // Since PolicyScriptChecks() passed, this should never fail.
+            Assume(false);
+            all_submitted = false;
+            package_state.Invalid(PackageValidationResult::PCKG_MEMPOOL_ERROR,
+                                  strprintf("BUG! PolicyScriptChecks succeeded but ConsensusScriptChecks failed: %s",
+                                            ws.m_ptx->GetHash().ToString()));
+            // Remove the transaction from the mempool.
+            if (!m_subpackage.m_changeset) m_subpackage.m_changeset = m_pool.GetChangeSet();
+            m_subpackage.m_changeset->StageRemoval(m_pool.GetIter(ws.m_ptx->GetHash()).value());
+        }
+    }
+    if (!all_submitted) {
+        Assume(m_subpackage.m_changeset);
+        // This code should be unreachable; it's here as belt-and-suspenders
+        // to try to ensure we have no consensus-invalid transactions in the
+        // mempool.
+        m_subpackage.m_changeset->Apply();
+        m_subpackage.m_changeset.reset();
+        return false;
+    }
+
+    std::vector<Wtxid> all_package_wtxids;
+    all_package_wtxids.reserve(workspaces.size());
+    std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
+                   [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
+
+    if (!m_subpackage.m_replaced_transactions.empty()) {
+        LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with %u new one(s) for %s additional fees, %d delta bytes\n",
+                 m_subpackage.m_replaced_transactions.size(), workspaces.size(),
+                 m_subpackage.m_total_modified_fees - m_subpackage.m_conflicting_fees,
+                 m_subpackage.m_total_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
+    }
+
+    // Add successful results. The returned results may change later if LimitMempoolSize() evicts them.
+    for (Workspace& ws : workspaces) {
+        auto iter = m_pool.GetIter(ws.m_ptx->GetHash());
+        Assume(iter.has_value());
+        const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
+                                                                 CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
+        const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
+                                                                        std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
+        results.emplace(ws.m_ptx->GetWitnessHash(),
+                        MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
+                                                     ws.m_base_fees, effective_feerate, effective_feerate_wtxids));
+        if (!m_pool.m_opts.signals) continue;
+        const CTransaction& tx = *ws.m_ptx;
+        const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
+                                                       ws.m_vsize, (*iter)->GetHeight(),
+                                                       args.m_bypass_limits, args.m_package_submission,
+                                                       IsCurrentForFeeEstimation(m_active_chainstate),
+                                                       m_pool.HasNoInputsOf(tx));
+        m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
+    }
+    return all_submitted;
+}
+
+MempoolAcceptResult MemPoolAccept::AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+
+    Workspace ws(ptx);
+    const std::vector<Wtxid> single_wtxid{ws.m_ptx->GetWitnessHash()};
+
+    if (!PreChecks(args, ws)) {
+        if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
+            // Failed for fee reasons. Provide the effective feerate and which tx was included.
+            return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
+        }
+        return MempoolAcceptResult::Failure(ws.m_state);
+    }
+
+    if (m_subpackage.m_rbf && !ReplacementChecks(ws)) {
+        if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
+            // Failed for incentives-based fee reasons. Provide the effective feerate and which tx was included.
+            return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
+        }
+        return MempoolAcceptResult::Failure(ws.m_state);
+    }
+
+    // Check if the transaction would exceed the cluster size limit.
+    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
+        ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
+        return MempoolAcceptResult::Failure(ws.m_state);
+    }
+
+    // Now that we've verified the cluster limit is respected, we can perform
+    // calculations involving the full ancestors of the tx.
+    if (ws.m_conflicts.size()) {
+        auto ancestors = m_subpackage.m_changeset->CalculateMemPoolAncestors(ws.m_tx_handle);
+
+        // A transaction that spends outputs that would be replaced by it is invalid. Now
+        // that we have the set of all ancestors we can detect this
+        // pathological case by making sure ws.m_conflicts and this tx's ancestors don't
+        // intersect.
+        if (const auto err_string{EntriesAndTxidsDisjoint(ancestors, ws.m_conflicts, ptx->GetHash())}) {
+            // We classify this as a consensus error because a transaction depending on something it
+            // conflicts with would be inconsistent.
+            ws.m_state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-spends-conflicting-tx", *err_string);
+            return MempoolAcceptResult::Failure(ws.m_state);
+        }
+    }
+
+    m_subpackage.m_total_vsize = ws.m_vsize;
+    m_subpackage.m_total_modified_fees = ws.m_modified_fees;
+
+    // Individual modified feerate exceeded caller-defined max; abort
+    if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
+        ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
+        return MempoolAcceptResult::Failure(ws.m_state);
+    }
+
+    if (!args.m_bypass_limits && m_pool.m_opts.require_standard) {
+        Wtxid dummy_wtxid;
+        if (!CheckEphemeralSpends(/*package=*/{ptx}, m_pool.m_opts.dust_relay_feerate, m_pool, ws.m_state, dummy_wtxid)) {
+            return MempoolAcceptResult::Failure(ws.m_state);
+        }
+    }
+
+    // Perform the inexpensive checks first and avoid hashing and signature verification unless
+    // those checks pass, to mitigate CPU exhaustion denial-of-service attacks.
+    if (!PolicyScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
+
+    if (!ConsensusScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
+
+    const CFeeRate effective_feerate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
+    // Tx was accepted, but not added
+    if (args.m_test_accept) {
+        return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
+                                            ws.m_base_fees, effective_feerate, single_wtxid);
+    }
+
+    FinalizeSubpackage(args);
+
+    // Limit the mempool, if appropriate.
+    if (!args.m_package_submission && !args.m_bypass_limits) {
+        LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
+        // If mempool contents change, then the m_view cache is dirty. Given this isn't a package
+        // submission, we won't be using the cache anymore, but clear it anyway for clarity.
+        CleanupTemporaryCoins();
+
+        if (!m_pool.exists(ws.m_hash)) {
+            // The tx no longer meets our (new) mempool minimum feerate but could be reconsidered in a package.
+            ws.m_state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool full");
+            return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), {ws.m_ptx->GetWitnessHash()});
+        }
+    }
+
+    if (m_pool.m_opts.signals) {
+        const CTransaction& tx = *ws.m_ptx;
+        auto iter = m_pool.GetIter(tx.GetHash());
+        Assume(iter.has_value());
+        const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
+                                                       ws.m_vsize, (*iter)->GetHeight(),
+                                                       args.m_bypass_limits, args.m_package_submission,
+                                                       IsCurrentForFeeEstimation(m_active_chainstate),
+                                                       m_pool.HasNoInputsOf(tx));
+        m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
+    }
+
+    if (!m_subpackage.m_replaced_transactions.empty()) {
+        LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with 1 new transaction for %s additional fees, %d delta bytes\n",
+                 m_subpackage.m_replaced_transactions.size(),
+                 ws.m_modified_fees - m_subpackage.m_conflicting_fees,
+                 ws.m_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
+    }
+
+    return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize, ws.m_base_fees,
+                                        effective_feerate, single_wtxid);
+}
+
+PackageMempoolAcceptResult MemPoolAccept::AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(m_pool.cs);
+
+    // These context-free package limits can be done before taking the mempool lock.
+    PackageValidationState package_state;
+    if (!IsWellFormedPackage(txns, package_state)) return PackageMempoolAcceptResult(package_state, {});
+
+    std::vector<Workspace> workspaces{};
+    workspaces.reserve(txns.size());
+    std::transform(txns.cbegin(), txns.cend(), std::back_inserter(workspaces),
+                   [](const auto& tx) { return Workspace(tx); });
+    std::map<Wtxid, MempoolAcceptResult> results;
+
+    // Do all PreChecks first and fail fast to avoid running expensive script checks when unnecessary.
+    for (Workspace& ws : workspaces) {
+        if (!PreChecks(args, ws)) {
+            package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+            // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
+            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
+            return PackageMempoolAcceptResult(package_state, std::move(results));
+        }
+
+        // Individual modified feerate exceeded caller-defined max; abort
+        // N.B. this doesn't take into account CPFPs. Chunk-aware validation may be more robust.
+        if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
+            // Need to set failure here both individually and at package level
+            ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
+            package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+            // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
+            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
+            return PackageMempoolAcceptResult(package_state, std::move(results));
+        }
+
+        // Make the coins created by this transaction available for subsequent transactions in the
+        // package to spend. If there are no conflicts within the package, no transaction can spend a coin
+        // needed by another transaction in the package. We also need to make sure that no package
+        // tx replaces (or replaces the ancestor of) the parent of another package tx. As long as we
+        // check these two things, we don't need to track the coins spent.
+        // If a package tx conflicts with a mempool tx, PackageRBFChecks() ensures later that any package RBF attempt
+        // has *no* in-mempool ancestors, so we don't have to worry about subsequent transactions in
+        // same package spending the same in-mempool outpoints. This needs to be revisited for general
+        // package RBF.
+        m_viewmempool.PackageAddTransaction(ws.m_ptx);
+    }
+
+    // At this point we have all in-mempool parents, and we know every transaction's vsize.
+    // Run the TRUC checks on the package.
+    for (Workspace& ws : workspaces) {
+        if (auto err{PackageTRUCChecks(m_pool, ws.m_ptx, ws.m_vsize, txns, ws.m_parents)}) {
+            package_state.Invalid(PackageValidationResult::PCKG_POLICY, "TRUC-violation", err.value());
+            return PackageMempoolAcceptResult(package_state, {});
+        }
+    }
+
+    // Transactions must meet two minimum feerates: the mempool minimum fee and min relay fee.
+    // For transactions consisting of exactly one child and its parents, it suffices to use the
+    // package feerate (total modified fees / total virtual size) to check this requirement.
+    // Note that this is an aggregate feerate; this function has not checked that there are transactions
+    // too low feerate to pay for themselves, or that the child transactions are higher feerate than
+    // their parents. Using aggregate feerate may allow "parents pay for child" behavior and permit
+    // a child that is below mempool minimum feerate. To avoid these behaviors, callers of
+    // AcceptMultipleTransactions need to restrict txns topology (e.g. to ancestor sets) and check
+    // the feerates of individuals and subsets.
+    m_subpackage.m_total_vsize = std::accumulate(workspaces.cbegin(), workspaces.cend(), int64_t{0},
+                                                 [](int64_t sum, auto& ws) { return sum + ws.m_vsize; });
+    m_subpackage.m_total_modified_fees = std::accumulate(workspaces.cbegin(), workspaces.cend(), CAmount{0},
+                                                         [](CAmount sum, auto& ws) { return sum + ws.m_modified_fees; });
+    const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
+    std::vector<Wtxid> all_package_wtxids;
+    all_package_wtxids.reserve(workspaces.size());
+    std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
+                   [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
+    TxValidationState placeholder_state;
+    if (args.m_package_feerates &&
+        !CheckFeeRate(m_subpackage.m_total_vsize, m_subpackage.m_total_modified_fees, placeholder_state)) {
+        package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+        return PackageMempoolAcceptResult(package_state, {{workspaces.back().m_ptx->GetWitnessHash(),
+                                                           MempoolAcceptResult::FeeFailure(placeholder_state, CFeeRate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize), all_package_wtxids)}});
+    }
+
+    // Apply package mempool RBF checks.
+    if (m_subpackage.m_rbf && !PackageRBFChecks(txns, workspaces, m_subpackage.m_total_vsize, package_state)) {
+        return PackageMempoolAcceptResult(package_state, std::move(results));
+    }
+
+    // Check if the transactions would exceed the cluster size limit.
+    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
+        package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
+        return PackageMempoolAcceptResult(package_state, std::move(results));
+    }
+
+    // Now that we've bounded the resulting possible ancestry count, check package for dust spends
+    if (m_pool.m_opts.require_standard) {
+        TxValidationState child_state;
+        Wtxid child_wtxid;
+        if (!CheckEphemeralSpends(txns, m_pool.m_opts.dust_relay_feerate, m_pool, child_state, child_wtxid)) {
+            package_state.Invalid(PackageValidationResult::PCKG_TX, "unspent-dust");
+            results.emplace(child_wtxid, MempoolAcceptResult::Failure(child_state));
+            return PackageMempoolAcceptResult(package_state, std::move(results));
+        }
+    }
+
+    for (Workspace& ws : workspaces) {
+        ws.m_package_feerate = package_feerate;
+        if (!PolicyScriptChecks(args, ws)) {
+            // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
+            package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
+            return PackageMempoolAcceptResult(package_state, std::move(results));
+        }
+        if (args.m_test_accept) {
+            const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
+                                                                     CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
+            const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
+                                                                            std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
+            results.emplace(ws.m_ptx->GetWitnessHash(),
+                            MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions),
+                                                         ws.m_vsize, ws.m_base_fees, effective_feerate,
+                                                         effective_feerate_wtxids));
+        }
+    }
+
+    if (args.m_test_accept) return PackageMempoolAcceptResult(package_state, std::move(results));
+
+    if (!SubmitPackage(args, workspaces, package_state, results)) {
+        // PackageValidationState filled in by SubmitPackage().
+        return PackageMempoolAcceptResult(package_state, std::move(results));
+    }
+
+    return PackageMempoolAcceptResult(package_state, std::move(results));
+}
+
+void MemPoolAccept::CleanupTemporaryCoins()
+{
+    // There are 3 kinds of coins in m_view:
+    // (1) Temporary coins from the transactions in subpackage, constructed by m_viewmempool.
+    // (2) Mempool coins from transactions in the mempool, constructed by m_viewmempool.
+    // (3) Confirmed coins fetched from our current UTXO set.
+    //
+    // (1) Temporary coins need to be removed, regardless of whether the transaction was submitted.
+    // If the transaction was submitted to the mempool, m_viewmempool will be able to fetch them from
+    // there. If it wasn't submitted to mempool, it is incorrect to keep them - future calls may try
+    // to spend those coins that don't actually exist.
+    // (2) Mempool coins also need to be removed. If the mempool contents have changed as a result
+    // of submitting or replacing transactions, coins previously fetched from mempool may now be
+    // spent or nonexistent. Those coins need to be deleted from m_view.
+    // (3) Confirmed coins don't need to be removed. The chainstate has not changed (we are
+    // holding cs_main and no blocks have been processed) so the confirmed tx cannot disappear like
+    // a mempool tx can. The coin may now be spent after we submitted a tx to mempool, but
+    // we have already checked that the package does not have 2 transactions spending the same coin
+    // and we check whether a mempool transaction spends conflicting coins (CTxMemPool::GetConflictTx).
+    // Keeping them in m_view is an optimization to not re-fetch confirmed coins if we later look up
+    // inputs for this transaction again.
+    for (const auto& outpoint : m_viewmempool.GetNonBaseCoins()) {
+        // In addition to resetting m_viewmempool, we also need to manually delete these coins from
+        // m_view because it caches copies of the coins it fetched from m_viewmempool previously.
+        m_view.Uncache(outpoint);
+    }
+    // This deletes the temporary and mempool coins.
+    m_viewmempool.Reset();
+}
+
+PackageMempoolAcceptResult MemPoolAccept::AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
+{
+    AssertLockHeld(::cs_main);
+    AssertLockHeld(m_pool.cs);
+    auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs) {
+        if (subpackage.size() > 1) {
+            return AcceptMultipleTransactionsInternal(subpackage, args);
+        }
+        const auto& tx = subpackage.front();
+        ATMPArgs single_args = ATMPArgs::SingleInPackageAccept(args);
+        const auto single_res = AcceptSingleTransactionInternal(tx, single_args);
+        PackageValidationState package_state_wrapped;
+        if (single_res.m_result_type != MempoolAcceptResult::ResultType::VALID) {
+            package_state_wrapped.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+        }
+        return PackageMempoolAcceptResult(package_state_wrapped, {{tx->GetWitnessHash(), single_res}});
+    }();
+
+    // Clean up m_view and m_viewmempool so that other subpackage evaluations don't have access to
+    // coins they shouldn't. Keep some coins in order to minimize re-fetching coins from the UTXO set.
+    // Clean up package feerate and rbf calculations
+    ClearSubPackageState();
+
+    return result;
+}
+
+PackageMempoolAcceptResult MemPoolAccept::AcceptPackage(const Package& package, ATMPArgs& args)
+{
+    Assert(!package.empty());
+    AssertLockHeld(cs_main);
+    // Used if returning a PackageMempoolAcceptResult directly from this function.
+    PackageValidationState package_state_quit_early;
+
+    // There are two topologies we are able to handle through this function:
+    // (1) A single transaction
+    // (2) A child-with-parents package.
+    // Check that the package is well-formed. If it isn't, we won't try to validate any of the
+    // transactions and thus won't return any MempoolAcceptResults, just a package-wide error.
+
+    // Context-free package checks.
+    if (!IsWellFormedPackage(package, package_state_quit_early)) {
+        return PackageMempoolAcceptResult(package_state_quit_early, {});
+    }
+
+    if (package.size() > 1 && !IsChildWithParents(package)) {
+        // All transactions in the package must be a parent of the last transaction. This is just an
+        // opportunity for us to fail fast on a context-free check without taking the mempool lock.
+        package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-parents");
+        return PackageMempoolAcceptResult(package_state_quit_early, {});
+    }
+
+    LOCK(m_pool.cs);
+    // Stores results from which we will create the returned PackageMempoolAcceptResult.
+    // A result may be changed if a mempool transaction is evicted later due to LimitMempoolSize().
+    std::map<Wtxid, MempoolAcceptResult> results_final;
+    // Results from individual validation which will be returned if no other result is available for
+    // this transaction. "Nonfinal" because if a transaction fails by itself but succeeds later
+    // (i.e. when evaluated with a fee-bumping child), the result in this map may be discarded.
+    std::map<Wtxid, MempoolAcceptResult> individual_results_nonfinal;
+    // Tracks whether we think package submission could result in successful entry to the mempool
+    bool quit_early{false};
+    std::vector<CTransactionRef> txns_package_eval;
+    for (const auto& tx : package) {
+        const auto& wtxid = tx->GetWitnessHash();
+        const auto& txid = tx->GetHash();
+        // There are 3 possibilities: already in mempool, same-txid-diff-wtxid already in mempool,
+        // or not in mempool. An already confirmed tx is treated as one not in mempool, because all
+        // we know is that the inputs aren't available.
+        if (m_pool.exists(wtxid)) {
+            // Exact transaction already exists in the mempool.
+            // Node operators are free to set their mempool policies however they please, nodes may receive
+            // transactions in different orders, and malicious counterparties may try to take advantage of
+            // policy differences to pin or delay propagation of transactions. As such, it's possible for
+            // some package transaction(s) to already be in the mempool, and we don't want to reject the
+            // entire package in that case (as that could be a censorship vector). De-duplicate the
+            // transactions that are already in the mempool, and only call AcceptMultipleTransactions() with
+            // the new transactions. This ensures we don't double-count transaction counts and sizes when
+            // checking ancestor/descendant limits, or double-count transaction fees for fee-related policy.
+            const auto& entry{*Assert(m_pool.GetEntry(txid))};
+            results_final.emplace(wtxid, MempoolAcceptResult::MempoolTx(entry.GetTxSize(), entry.GetFee()));
+        } else if (m_pool.exists(txid)) {
+            // Transaction with the same non-witness data but different witness (same txid,
+            // different wtxid) already exists in the mempool.
+            //
+            // We don't allow replacement transactions right now, so just swap the package
+            // transaction for the mempool one. Note that we are ignoring the validity of the
+            // package transaction passed in.
+            // TODO: allow witness replacement in packages.
+            const auto& entry{*Assert(m_pool.GetEntry(txid))};
+            // Provide the wtxid of the mempool tx so that the caller can look it up in the mempool.
+            results_final.emplace(wtxid, MempoolAcceptResult::MempoolTxDifferentWitness(entry.GetTx().GetWitnessHash()));
+        } else {
+            // Transaction does not already exist in the mempool.
+            // Try submitting the transaction on its own.
+            const auto single_package_res = AcceptSubPackage({tx}, args);
+            const auto& single_res = single_package_res.m_tx_results.at(wtxid);
+            if (single_res.m_result_type == MempoolAcceptResult::ResultType::VALID) {
+                // The transaction succeeded on its own and is now in the mempool. Don't include it
+                // in package validation, because its fees should only be "used" once.
+                assert(m_pool.exists(wtxid));
+                results_final.emplace(wtxid, single_res);
+            } else if (package.size() == 1 || // If there is only one transaction, no need to retry it "as a package"
+                       (single_res.m_state.GetResult() != TxValidationResult::TX_RECONSIDERABLE &&
+                        single_res.m_state.GetResult() != TxValidationResult::TX_MISSING_INPUTS)) {
+                // Package validation policy only differs from individual policy in its evaluation
+                // of feerate. For example, if a transaction fails here due to violation of a
+                // consensus rule, the result will not change when it is submitted as part of a
+                // package. To minimize the amount of repeated work, unless the transaction fails
+                // due to feerate or missing inputs (its parent is a previous transaction in the
+                // package that failed due to feerate), don't run package validation. Note that this
+                // decision might not make sense if different types of packages are allowed in the
+                // future.  Continue individually validating the rest of the transactions, because
+                // some of them may still be valid.
+                quit_early = true;
+                package_state_quit_early.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+                individual_results_nonfinal.emplace(wtxid, single_res);
+            } else {
+                individual_results_nonfinal.emplace(wtxid, single_res);
+                txns_package_eval.push_back(tx);
+            }
+        }
+    }
+
+    auto multi_submission_result = quit_early || txns_package_eval.empty() ? PackageMempoolAcceptResult(package_state_quit_early, {}) :
+                                                                             AcceptSubPackage(txns_package_eval, args);
+    PackageValidationState& package_state_final = multi_submission_result.m_state;
+
+    // This is invoked by AcceptSubPackage() already, so this is just here for
+    // clarity (since it's not permitted to invoke LimitMempoolSize() while a
+    // changeset is outstanding).
+    ClearSubPackageState();
+
+    // Make sure we haven't exceeded max mempool size.
+    // Package transactions that were submitted to mempool or already in mempool may be evicted.
+    // If mempool contents change, then the m_view cache is dirty. It has already been cleared above.
+    LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
+
+    for (const auto& tx : package) {
+        const auto& wtxid = tx->GetWitnessHash();
+        if (multi_submission_result.m_tx_results.contains(wtxid)) {
+            // We shouldn't have re-submitted if the tx result was already in results_final.
+            Assume(!results_final.contains(wtxid));
+            // If it was submitted, check to see if the tx is still in the mempool. It could have
+            // been evicted due to LimitMempoolSize() above.
+            const auto& txresult = multi_submission_result.m_tx_results.at(wtxid);
+            if (txresult.m_result_type == MempoolAcceptResult::ResultType::VALID && !m_pool.exists(wtxid)) {
+                package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+                TxValidationState mempool_full_state;
+                mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
+                results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
+            } else {
+                results_final.emplace(wtxid, txresult);
+            }
+        } else if (const auto it{results_final.find(wtxid)}; it != results_final.end()) {
+            // Already-in-mempool transaction. Check to see if it's still there, as it could have
+            // been evicted when LimitMempoolSize() was called.
+            Assume(it->second.m_result_type != MempoolAcceptResult::ResultType::INVALID);
+            Assume(!individual_results_nonfinal.contains(wtxid));
+            // Query by txid to include the same-txid-different-witness ones.
+            if (!m_pool.exists(tx->GetHash())) {
+                package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
+                TxValidationState mempool_full_state;
+                mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
+                // Replace the previous result.
+                results_final.erase(wtxid);
+                results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
+            }
+        } else if (const auto it{individual_results_nonfinal.find(wtxid)}; it != individual_results_nonfinal.end()) {
+            Assume(it->second.m_result_type == MempoolAcceptResult::ResultType::INVALID);
+            // Interesting result from previous processing.
+            results_final.emplace(wtxid, it->second);
+        }
+    }
+    Assume(results_final.size() == package.size());
+    return PackageMempoolAcceptResult(package_state_final, std::move(results_final));
+}
+
+} // namespace
+
+MempoolAcceptResult AcceptToMemoryPool(Chainstate& active_chainstate, const CTransactionRef& tx,
+                                       int64_t accept_time, bool bypass_limits, bool test_accept)
+{
+    AssertLockHeld(::cs_main);
+    const CChainParams& chainparams{active_chainstate.m_chainman.GetParams()};
+    assert(active_chainstate.GetMempool() != nullptr);
+    CTxMemPool& pool{*active_chainstate.GetMempool()};
+
+    std::vector<COutPoint> coins_to_uncache;
+
+    auto args = MemPoolAccept::ATMPArgs::SingleAccept(chainparams, accept_time, bypass_limits, coins_to_uncache, test_accept);
+    MempoolAcceptResult result = MemPoolAccept(pool, active_chainstate).AcceptSingleTransactionAndCleanup(tx, args);
+
+    if (result.m_result_type != MempoolAcceptResult::ResultType::VALID) {
+        // Remove coins that were not present in the coins cache before calling
+        // AcceptSingleTransaction(); this is to prevent memory DoS in case we receive a large
+        // number of invalid transactions that attempt to overrun the in-memory coins cache
+        // (`CCoinsViewCache::cacheCoins`).
+
+        for (const COutPoint& hashTx : coins_to_uncache)
+            active_chainstate.CoinsTip().Uncache(hashTx);
+        TRACEPOINT(mempool, rejected,
+                   tx->GetHash().data(),
+                   result.m_state.GetRejectReason().c_str());
+    }
+    // After we've (potentially) uncached entries, ensure our coins cache is still within its size limits
+    BlockValidationState state_dummy;
+    active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
+    return result;
+}
+
+PackageMempoolAcceptResult ProcessNewPackage(Chainstate& active_chainstate, CTxMemPool& pool,
+                                             const Package& package, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
+{
+    AssertLockHeld(cs_main);
+    assert(!package.empty());
+    assert(std::all_of(package.cbegin(), package.cend(), [](const auto& tx) { return tx != nullptr; }));
+
+    std::vector<COutPoint> coins_to_uncache;
+    const CChainParams& chainparams = active_chainstate.m_chainman.GetParams();
+    auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
+        AssertLockHeld(cs_main);
+        if (test_accept) {
+            auto args = MemPoolAccept::ATMPArgs::PackageTestAccept(chainparams, GetTime(), coins_to_uncache);
+            return MemPoolAccept(pool, active_chainstate).AcceptMultipleTransactionsAndCleanup(package, args);
+        } else {
+            auto args = MemPoolAccept::ATMPArgs::PackageChildWithParents(chainparams, GetTime(), coins_to_uncache, client_maxfeerate);
+            return MemPoolAccept(pool, active_chainstate).AcceptPackage(package, args);
+        }
+    }();
+
+    // Uncache coins pertaining to transactions that were not submitted to the mempool.
+    if (test_accept || result.m_state.IsInvalid()) {
+        for (const COutPoint& hashTx : coins_to_uncache) {
+            active_chainstate.CoinsTip().Uncache(hashTx);
+        }
+    }
+    // Ensure the coins cache is still within limits.
+    BlockValidationState state_dummy;
+    active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
+    return result;
+}
+
+void MaybeUpdateMempoolForReorg(
+    Chainstate& chainstate,
+    CTxMemPool& mempool,
+    DisconnectedBlockTransactions& disconnectpool,
+    bool fAddToMempool) EXCLUSIVE_LOCKS_REQUIRED(cs_main, mempool.cs)
+{
+    AssertLockHeld(cs_main);
+    AssertLockHeld(mempool.cs);
+    std::vector<Txid> vHashUpdate;
+    {
+        // disconnectpool is ordered so that the front is the most recently-confirmed
+        // transaction (the last tx of the block at the tip) in the disconnected chain.
+        // Iterate disconnectpool in reverse, so that we add transactions
+        // back to the mempool starting with the earliest transaction that had
+        // been previously seen in a block.
+        const auto queuedTx = disconnectpool.take();
+        auto it = queuedTx.rbegin();
+        while (it != queuedTx.rend()) {
+            // ignore validation errors in resurrected transactions
+            if (!fAddToMempool || (*it)->IsCoinBase() ||
+                AcceptToMemoryPool(chainstate, *it, GetTime(),
+                                   /*bypass_limits=*/true, /*test_accept=*/false)
+                        .m_result_type !=
+                    MempoolAcceptResult::ResultType::VALID) {
+                // If the transaction doesn't make it in to the mempool, remove any
+                // transactions that depend on it (which would now be orphans).
+                mempool.removeRecursive(**it, MemPoolRemovalReason::REORG);
+            } else if (mempool.exists((*it)->GetHash())) {
+                vHashUpdate.push_back((*it)->GetHash());
+            }
+            ++it;
+        }
+    }
+
+    // AcceptToMemoryPool/addNewTransaction all assume that new mempool entries have
+    // no in-mempool children, which is generally not true when adding
+    // previously-confirmed transactions back to the mempool.
+    // UpdateTransactionsFromBlock finds descendants of any transactions in
+    // the disconnectpool that were added back and cleans up the mempool state.
+    mempool.UpdateTransactionsFromBlock(vHashUpdate);
+
+    // Predicate to use for filtering transactions in removeForReorg.
+    // Checks whether the transaction is still final and, if it spends a coinbase output, mature.
+    // Also updates valid entries' cached LockPoints if needed.
+    // If false, the tx is still valid and its lockpoints are updated.
+    // If true, the tx would be invalid in the next block; remove this entry and all of its descendants.
+    // Note that TRUC rules are not applied here, so reorgs may cause violations of TRUC inheritance or
+    // topology restrictions.
+    const auto filter_final_and_mature = [&](CTxMemPool::txiter it)
+                                             EXCLUSIVE_LOCKS_REQUIRED(mempool.cs, ::cs_main) {
+                                                 AssertLockHeld(mempool.cs);
+                                                 AssertLockHeld(::cs_main);
+                                                 const CTransaction& tx = it->GetTx();
+
+                                                 // The transaction must be final.
+                                                 if (!CheckFinalTxAtTip(*Assert(chainstate.m_chain.Tip()), tx)) return true;
+
+                                                 const LockPoints& lp = it->GetLockPoints();
+                                                 // CheckSequenceLocksAtTip checks if the transaction will be final in the next block to be
+                                                 // created on top of the new chain.
+                                                 if (TestLockPointValidity(chainstate.m_chain, lp)) {
+                                                     if (!CheckSequenceLocksAtTip(chainstate.m_chain.Tip(), lp)) {
+                                                         return true;
+                                                     }
+                                                 } else {
+                                                     const CCoinsViewMemPool view_mempool{&chainstate.CoinsTip(), mempool};
+                                                     const std::optional<LockPoints> new_lock_points{CalculateLockPointsAtTip(chainstate.m_chain.Tip(), view_mempool, tx)};
+                                                     if (new_lock_points.has_value() && CheckSequenceLocksAtTip(chainstate.m_chain.Tip(), *new_lock_points)) {
+                                                         // Now update the mempool entry lockpoints as well.
+                                                         it->UpdateLockPoints(*new_lock_points);
+                                                     } else {
+                                                         return true;
+                                                     }
+                                                 }
+
+                                                 // If the transaction spends any coinbase outputs, it must be mature.
+                                                 if (it->GetSpendsCoinbase()) {
+                                                     for (const CTxIn& txin : tx.vin) {
+                                                         if (mempool.exists(txin.prevout.hash)) continue;
+                                                         const Coin& coin{chainstate.CoinsTip().AccessCoin(txin.prevout)};
+                                                         assert(!coin.IsSpent());
+                                                         const auto mempool_spend_height{chainstate.m_chain.Tip()->nHeight + 1};
+                                                         if (coin.IsCoinBase() && mempool_spend_height - coin.nHeight < COINBASE_MATURITY) {
+                                                             return true;
+                                                         }
+                                                     }
+                                                 }
+                                                 // Transaction is still valid and cached LockPoints are updated.
+                                                 return false;
+                                             };
+
+    // We also need to remove any now-immature transactions
+    mempool.removeForReorg(chainstate.m_chain, filter_final_and_mature);
+    // Re-limit mempool size, in case we added any transactions
+    LimitMempoolSize(mempool, chainstate.CoinsTip());
+}
+
+MempoolAcceptResult ProcessTransaction(ChainstateManager& chainman, const CTransactionRef& tx, bool test_accept)
+{
+    AssertLockHeld(cs_main);
+    Chainstate& active_chainstate = chainman.ActiveChainstate();
+    if (!active_chainstate.GetMempool()) {
+        TxValidationState state;
+        state.Invalid(TxValidationResult::TX_NO_MEMPOOL, "no-mempool");
+        return MempoolAcceptResult::Failure(state);
+    }
+    auto result = AcceptToMemoryPool(active_chainstate, tx, GetTime(), /*bypass_limits=*/false, test_accept);
+    active_chainstate.GetMempool()->check(active_chainstate.CoinsTip(), active_chainstate.m_chain.Height() + 1);
+    return result;
+}
diff --git a/src/mempool_validation.h b/src/mempool_validation.h
new file mode 100644
index 000000000000..6ef70a68560d
--- /dev/null
+++ b/src/mempool_validation.h
@@ -0,0 +1,278 @@
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2009-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_MEMPOOL_VALIDATION_H
+#define BITCOIN_MEMPOOL_VALIDATION_H
+
+#include <kernel/cs_main.h>
+#include <kernel/mempool_entry.h>
+#include <policy/feerate.h>
+#include <policy/packages.h>
+#include <primitives/transaction.h>
+#include <txmempool.h>
+
+#include <list>
+#include <map>
+#include <optional>
+#include <vector>
+
+class CBlockIndex;
+class Chainstate;
+class ChainstateManager;
+class CCoinsView;
+class CCoinsViewCache;
+class DisconnectedBlockTransactions;
+
+/**
+ * Validation result for a transaction evaluated by MemPoolAccept (single or package).
+ * Here are the expected fields and properties of a result depending on its ResultType, applicable to
+ * results returned from package evaluation:
+ *+---------------------------+----------------+-------------------+------------------+----------------+-------------------+
+ *| Field or property         |    VALID       |                 INVALID              |  MEMPOOL_ENTRY | DIFFERENT_WITNESS |
+ *|                           |                |--------------------------------------|                |                   |
+ *|                           |                | TX_RECONSIDERABLE |     Other        |                |                   |
+ *+---------------------------+----------------+-------------------+------------------+----------------+-------------------+
+ *| txid in mempool?          | yes            | no                | no*              | yes            | yes               |
+ *| wtxid in mempool?         | yes            | no                | no*              | yes            | no                |
+ *| m_state                   | yes, IsValid() | yes, IsInvalid()  | yes, IsInvalid() | yes, IsValid() | yes, IsValid()    |
+ *| m_vsize                   | yes            | no                | no               | yes            | no                |
+ *| m_base_fees               | yes            | no                | no               | yes            | no                |
+ *| m_effective_feerate       | yes            | yes               | no               | no             | no                |
+ *| m_wtxids_fee_calculations | yes            | yes               | no               | no             | no                |
+ *| m_other_wtxid             | no             | no                | no               | no             | yes               |
+ *+---------------------------+----------------+-------------------+------------------+----------------+-------------------+
+ * (*) Individual transaction acceptance doesn't return MEMPOOL_ENTRY and DIFFERENT_WITNESS. It returns
+ * INVALID, with the errors txn-already-in-mempool and txn-same-nonwitness-data-in-mempool
+ * respectively. In those cases, the txid or wtxid may be in the mempool for a TX_CONFLICT.
+ */
+struct MempoolAcceptResult {
+    /** Used to indicate the results of mempool validation. */
+    enum class ResultType {
+        VALID,             //!> Fully validated, valid.
+        INVALID,           //!> Invalid.
+        MEMPOOL_ENTRY,     //!> Valid, transaction was already in the mempool.
+        DIFFERENT_WITNESS, //!> Not validated. A same-txid-different-witness tx (see m_other_wtxid) already exists in the mempool and was not replaced.
+    };
+    /** Result type. Present in all MempoolAcceptResults. */
+    const ResultType m_result_type;
+
+    /** Contains information about why the transaction failed. */
+    const TxValidationState m_state;
+
+    /** Mempool transactions replaced by the tx. */
+    const std::list<CTransactionRef> m_replaced_transactions;
+    /** Virtual size as used by the mempool, calculated using serialized size and sigops. */
+    const std::optional<int64_t> m_vsize;
+    /** Raw base fees in satoshis. */
+    const std::optional<CAmount> m_base_fees;
+    /** The feerate at which this transaction was considered. This includes any fee delta added
+     * using prioritisetransaction (i.e. modified fees). If this transaction was submitted as a
+     * package, this is the package feerate, which may also include its descendants and/or
+     * ancestors (see m_wtxids_fee_calculations below).
+     */
+    const std::optional<CFeeRate> m_effective_feerate;
+    /** Contains the wtxids of the transactions used for fee-related checks. Includes this
+     * transaction's wtxid and may include others if this transaction was validated as part of a
+     * package. This is not necessarily equivalent to the list of transactions passed to
+     * ProcessNewPackage().
+     * Only present when m_result_type = ResultType::VALID. */
+    const std::optional<std::vector<Wtxid>> m_wtxids_fee_calculations;
+
+    /** The wtxid of the transaction in the mempool which has the same txid but different witness. */
+    const std::optional<Wtxid> m_other_wtxid;
+
+    static MempoolAcceptResult Failure(TxValidationState state)
+    {
+        return MempoolAcceptResult(state);
+    }
+
+    static MempoolAcceptResult FeeFailure(TxValidationState state,
+                                          CFeeRate effective_feerate,
+                                          const std::vector<Wtxid>& wtxids_fee_calculations)
+    {
+        return MempoolAcceptResult(state, effective_feerate, wtxids_fee_calculations);
+    }
+
+    static MempoolAcceptResult Success(std::list<CTransactionRef>&& replaced_txns,
+                                       int64_t vsize,
+                                       CAmount fees,
+                                       CFeeRate effective_feerate,
+                                       const std::vector<Wtxid>& wtxids_fee_calculations)
+    {
+        return MempoolAcceptResult(std::move(replaced_txns), vsize, fees,
+                                   effective_feerate, wtxids_fee_calculations);
+    }
+
+    static MempoolAcceptResult MempoolTx(int64_t vsize, CAmount fees)
+    {
+        return MempoolAcceptResult(vsize, fees);
+    }
+
+    static MempoolAcceptResult MempoolTxDifferentWitness(const Wtxid& other_wtxid)
+    {
+        return MempoolAcceptResult(other_wtxid);
+    }
+
+    // Private constructors. Use static methods MempoolAcceptResult::Success, etc. to construct.
+private:
+    /** Constructor for failure case */
+    explicit MempoolAcceptResult(TxValidationState state)
+        : m_result_type(ResultType::INVALID), m_state(state)
+    {
+        Assume(!state.IsValid()); // Can be invalid or error
+    }
+
+    /** Constructor for success case */
+    explicit MempoolAcceptResult(std::list<CTransactionRef>&& replaced_txns,
+                                 int64_t vsize,
+                                 CAmount fees,
+                                 CFeeRate effective_feerate,
+                                 const std::vector<Wtxid>& wtxids_fee_calculations)
+        : m_result_type(ResultType::VALID),
+          m_replaced_transactions(std::move(replaced_txns)),
+          m_vsize{vsize},
+          m_base_fees(fees),
+          m_effective_feerate(effective_feerate),
+          m_wtxids_fee_calculations(wtxids_fee_calculations) {}
+
+    /** Constructor for fee-related failure case */
+    explicit MempoolAcceptResult(TxValidationState state,
+                                 CFeeRate effective_feerate,
+                                 const std::vector<Wtxid>& wtxids_fee_calculations)
+        : m_result_type(ResultType::INVALID),
+          m_state(state),
+          m_effective_feerate(effective_feerate),
+          m_wtxids_fee_calculations(wtxids_fee_calculations) {}
+
+    /** Constructor for already-in-mempool case. It wouldn't replace any transactions. */
+    explicit MempoolAcceptResult(int64_t vsize, CAmount fees)
+        : m_result_type(ResultType::MEMPOOL_ENTRY), m_vsize{vsize}, m_base_fees(fees) {}
+
+    /** Constructor for witness-swapped case. */
+    explicit MempoolAcceptResult(const Wtxid& other_wtxid)
+        : m_result_type(ResultType::DIFFERENT_WITNESS), m_other_wtxid(other_wtxid) {}
+};
+
+/**
+ * Validation result for package mempool acceptance.
+ */
+struct PackageMempoolAcceptResult {
+    PackageValidationState m_state;
+    /**
+     * Map from wtxid to finished MempoolAcceptResults. The client is responsible
+     * for keeping track of the transaction objects themselves. If a result is not
+     * present, it means validation was unfinished for that transaction. If there
+     * was a package-wide error (see result in m_state), m_tx_results will be empty.
+     */
+    std::map<Wtxid, MempoolAcceptResult> m_tx_results;
+
+    explicit PackageMempoolAcceptResult(PackageValidationState state,
+                                        std::map<Wtxid, MempoolAcceptResult>&& results)
+        : m_state{state}, m_tx_results(std::move(results)) {}
+
+    /** Constructor to create a PackageMempoolAcceptResult from a single MempoolAcceptResult */
+    explicit PackageMempoolAcceptResult(const Wtxid& wtxid, const MempoolAcceptResult& result)
+        : m_tx_results{{wtxid, result}} {}
+};
+
+/**
+ * Process a transaction: validate and (optionally) submit it to the mempool.
+ *
+ * @param[in]  chainman     The chain manager.
+ * @param[in]  tx           The transaction to validate.
+ * @param[in]  test_accept  When true, run validation checks but don't submit to mempool.
+ * @returns a MempoolAcceptResult indicating whether the transaction was accepted/rejected with reason.
+ */
+MempoolAcceptResult ProcessTransaction(ChainstateManager& chainman, const CTransactionRef& tx, bool test_accept = false)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
+/**
+ * Try to add a transaction to the mempool. This is an internal function and is exposed only for testing.
+ * Client code should use ProcessTransaction()
+ *
+ * @param[in]  active_chainstate  Reference to the active chainstate.
+ * @param[in]  tx                 The transaction to submit for mempool acceptance.
+ * @param[in]  accept_time        The timestamp for adding the transaction to the mempool.
+ *                                It is also used to determine when the entry expires.
+ * @param[in]  bypass_limits      When true, don't enforce mempool fee and capacity limits,
+ *                                and set entry_sequence to zero.
+ * @param[in]  test_accept        When true, run validation checks but don't submit to mempool.
+ *
+ * @returns a MempoolAcceptResult indicating whether the transaction was accepted/rejected with reason.
+ */
+MempoolAcceptResult AcceptToMemoryPool(Chainstate& active_chainstate, const CTransactionRef& tx,
+                                       int64_t accept_time, bool bypass_limits, bool test_accept)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
+/**
+ * Validate (and maybe submit) a package to the mempool. See doc/policy/packages.md for full details
+ * on package validation rules.
+ * @param[in]    test_accept         When true, run validation checks but don't submit to mempool.
+ * @param[in]    client_maxfeerate    If exceeded by an individual transaction, rest of (sub)package evaluation is aborted.
+ *                                   Only for sanity checks against local submission of transactions.
+ * @returns a PackageMempoolAcceptResult which includes a MempoolAcceptResult for each transaction.
+ * If a transaction fails, validation will exit early and some results may be missing. It is also
+ * possible for the package to be partially submitted.
+ */
+PackageMempoolAcceptResult ProcessNewPackage(Chainstate& active_chainstate, CTxMemPool& pool,
+                                             const Package& txns, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
+/**
+ * Expire old mempool transactions and trim to max size.
+ */
+void LimitMempoolSize(CTxMemPool& pool, CCoinsViewCache& coins_cache)
+    EXCLUSIVE_LOCKS_REQUIRED(::cs_main, pool.cs);
+
+/**
+ * Calculate LockPoints required to check if transaction will be BIP68 final in the next block
+ * to be created on top of tip.
+ *
+ * @param[in]   tip             Chain tip for which tx sequence locks are calculated. For
+ *                              example, the tip of the current active chain.
+ * @param[in]   coins_view      Any CCoinsView that provides access to the relevant coins for
+ *                              checking sequence locks. For example, it can be a CCoinsViewCache
+ *                              that isn't connected to anything but contains all the relevant
+ *                              coins, or a CCoinsViewMemPool that is connected to the
+ *                              mempool and chainstate UTXO set. In the latter case, the caller
+ *                              is responsible for holding the appropriate locks to ensure that
+ *                              calls to GetCoin() return correct coins.
+ * @param[in]   tx              The transaction being evaluated.
+ *
+ * @returns The resulting height and time calculated and the hash of the block needed for
+ *          calculation, or std::nullopt if there is an error.
+ */
+std::optional<LockPoints> CalculateLockPointsAtTip(
+    CBlockIndex* tip,
+    const CCoinsView& coins_view,
+    const CTransaction& tx);
+
+/**
+ * Check if transaction will be BIP68 final in the next block to be created on top of tip.
+ * @param[in]   tip             Chain tip to check tx sequence locks against. For example,
+ *                              the tip of the current active chain.
+ * @param[in]   lock_points     LockPoints containing the height and time at which this
+ *                              transaction is final.
+ * Simulates calling SequenceLocks() with data from the tip passed in.
+ * The LockPoints should not be considered valid if CheckSequenceLocksAtTip returns false.
+ */
+bool CheckSequenceLocksAtTip(CBlockIndex* tip,
+                             const LockPoints& lock_points);
+
+/**
+ * Re-add disconnected transactions to the mempool after a reorg.
+ *
+ * @param[in]  chainstate      The chainstate whose mempool to update.
+ * @param[in]  mempool         The mempool to update.
+ * @param[in]  disconnectpool  Transactions disconnected during reorg.
+ * @param[in]  fAddToMempool   When true, attempt to re-add transactions to the mempool.
+ */
+void MaybeUpdateMempoolForReorg(
+    Chainstate& chainstate,
+    CTxMemPool& mempool,
+    DisconnectedBlockTransactions& disconnectpool,
+    bool fAddToMempool) EXCLUSIVE_LOCKS_REQUIRED(cs_main, mempool.cs);
+
+#endif // BITCOIN_MEMPOOL_VALIDATION_H
diff --git a/src/net_processing.cpp b/src/net_processing.cpp
index f9720b02c2af..90deb039df04 100644
--- a/src/net_processing.cpp
+++ b/src/net_processing.cpp
@@ -21,6 +21,7 @@
 #include <flatfile.h>
 #include <headerssync.h>
 #include <logging.h>
+#include <mempool_validation.h>
 #include <merkleblock.h>
 #include <net.h>
 #include <net_permissions.h>
@@ -1547,7 +1548,7 @@ void PeerManagerImpl::ReattemptPrivateBroadcast(CScheduler& scheduler)
     if (!stale_txs.empty()) {
         LOCK(cs_main);
         for (const auto& stale_tx : stale_txs) {
-            auto mempool_acceptable = m_chainman.ProcessTransaction(stale_tx, /*test_accept=*/true);
+            auto mempool_acceptable = ProcessTransaction(m_chainman, stale_tx, /*test_accept=*/true);
             if (mempool_acceptable.m_result_type == MempoolAcceptResult::ResultType::VALID) {
                 LogDebug(BCLog::PRIVBROADCAST,
                          "Reattempting broadcast of stale txid=%s wtxid=%s",
@@ -3124,7 +3125,7 @@ bool PeerManagerImpl::ProcessOrphanTx(Peer& peer)
     CTransactionRef porphanTx = nullptr;
 
     while (CTransactionRef porphanTx = m_txdownloadman.GetTxToReconsider(peer.m_id)) {
-        const MempoolAcceptResult result = m_chainman.ProcessTransaction(porphanTx);
+        const MempoolAcceptResult result = ProcessTransaction(m_chainman, porphanTx);
         const TxValidationState& state = result.m_state;
         const Txid& orphanHash = porphanTx->GetHash();
         const Wtxid& orphan_wtxid = porphanTx->GetWitnessHash();
@@ -4176,7 +4177,7 @@ void PeerManagerImpl::ProcessMessage(Peer& peer, CNode& pfrom, const std::string
         // ReceivedTx should not be telling us to validate the tx and a package.
         Assume(!package_to_validate.has_value());
 
-        const MempoolAcceptResult result = m_chainman.ProcessTransaction(ptx);
+        const MempoolAcceptResult result = ProcessTransaction(m_chainman, ptx);
         const TxValidationState& state = result.m_state;
 
         if (result.m_result_type == MempoolAcceptResult::ResultType::VALID) {
diff --git a/src/node/mempool_persist.cpp b/src/node/mempool_persist.cpp
index dcb05267edda..e126af48e95e 100644
--- a/src/node/mempool_persist.cpp
+++ b/src/node/mempool_persist.cpp
@@ -4,6 +4,7 @@
 
 #include <node/mempool_persist.h>
 
+#include <mempool_validation.h>
 #include <clientversion.h>
 #include <consensus/amount.h>
 #include <logging.h>
diff --git a/src/node/transaction.cpp b/src/node/transaction.cpp
index 97a1857cbef7..fe1b54ee0dc5 100644
--- a/src/node/transaction.cpp
+++ b/src/node/transaction.cpp
@@ -3,6 +3,9 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
+#include <node/transaction.h>
+
+#include <mempool_validation.h>
 #include <consensus/validation.h>
 #include <net.h>
 #include <net_processing.h>
@@ -12,7 +15,6 @@
 #include <txmempool.h>
 #include <validation.h>
 #include <validationinterface.h>
-#include <node/transaction.h>
 
 namespace node {
 static TransactionError HandleATMPError(const TxValidationState& state, std::string& err_string_out)
@@ -74,7 +76,7 @@ TransactionError BroadcastTransaction(NodeContext& node,
             if (check_max_fee || broadcast_method == TxBroadcast::NO_MEMPOOL_PRIVATE_BROADCAST) {
                 // First, call ATMP with test_accept and check the fee. If ATMP
                 // fails here, return error immediately.
-                const MempoolAcceptResult result = node.chainman->ProcessTransaction(tx, /*test_accept=*/ true);
+                const MempoolAcceptResult result = ProcessTransaction(*node.chainman, tx, /*test_accept=*/true);
                 if (result.m_result_type != MempoolAcceptResult::ResultType::VALID) {
                     return HandleATMPError(result.m_state, err_string);
                 } else if (check_max_fee && result.m_base_fees.value() > max_tx_fee) {
@@ -88,7 +90,7 @@ TransactionError BroadcastTransaction(NodeContext& node,
                 // Try to submit the transaction to the mempool.
                 {
                     const MempoolAcceptResult result =
-                        node.chainman->ProcessTransaction(tx, /*test_accept=*/false);
+                        ProcessTransaction(*node.chainman, tx, /*test_accept=*/false);
                     if (result.m_result_type != MempoolAcceptResult::ResultType::VALID) {
                         return HandleATMPError(result.m_state, err_string);
                     }
diff --git a/src/test/fuzz/package_eval.cpp b/src/test/fuzz/package_eval.cpp
index 1cc2caa396e9..20276a9f9315 100644
--- a/src/test/fuzz/package_eval.cpp
+++ b/src/test/fuzz/package_eval.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <consensus/validation.h>
+#include <mempool_validation.h>
 #include <node/context.h>
 #include <node/mempool_args.h>
 #include <node/miner.h>
diff --git a/src/test/fuzz/tx_pool.cpp b/src/test/fuzz/tx_pool.cpp
index f70dd710b356..0286ad80e69f 100644
--- a/src/test/fuzz/tx_pool.cpp
+++ b/src/test/fuzz/tx_pool.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <consensus/validation.h>
+#include <mempool_validation.h>
 #include <node/context.h>
 #include <node/mempool_args.h>
 #include <node/miner.h>
diff --git a/src/test/miner_tests.cpp b/src/test/miner_tests.cpp
index 124ef08500ce..d029bb9f640d 100644
--- a/src/test/miner_tests.cpp
+++ b/src/test/miner_tests.cpp
@@ -9,6 +9,7 @@
 #include <consensus/merkle.h>
 #include <consensus/tx_verify.h>
 #include <interfaces/mining.h>
+#include <mempool_validation.h>
 #include <node/miner.h>
 #include <policy/policy.h>
 #include <test/util/random.h>
diff --git a/src/test/txdownload_tests.cpp b/src/test/txdownload_tests.cpp
index 296daf5fcfd9..86768b4c259e 100644
--- a/src/test/txdownload_tests.cpp
+++ b/src/test/txdownload_tests.cpp
@@ -4,6 +4,7 @@
 
 #include <addresstype.h>
 #include <consensus/validation.h>
+#include <mempool_validation.h>
 #include <net_processing.h>
 #include <node/txdownloadman_impl.h>
 #include <primitives/transaction.h>
@@ -222,7 +223,7 @@ BOOST_FIXTURE_TEST_CASE(handle_missing_inputs, TestChain100Setup)
         if (parent_recent_rej_recon) txdownload_impl.RecentRejectsReconsiderableFilter().insert(single_parent->GetHash().ToUint256());
         if (parent_recent_conf) txdownload_impl.RecentConfirmedTransactionsFilter().insert(single_parent->GetHash().ToUint256());
         if (parent_in_mempool) {
-            const auto mempool_result = WITH_LOCK(::cs_main, return m_node.chainman->ProcessTransaction(single_parent));
+            const auto mempool_result = WITH_LOCK(::cs_main, return ProcessTransaction(*m_node.chainman, single_parent));
             BOOST_CHECK(mempool_result.m_result_type == MempoolAcceptResult::ResultType::VALID);
             coinbase_idx += 1;
             assert(coinbase_idx < m_coinbase_txns.size());
diff --git a/src/test/txpackage_tests.cpp b/src/test/txpackage_tests.cpp
index 06c5816b72d8..05ebdd40ad4d 100644
--- a/src/test/txpackage_tests.cpp
+++ b/src/test/txpackage_tests.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <consensus/validation.h>
+#include <mempool_validation.h>
 #include <key_io.h>
 #include <policy/packages.h>
 #include <policy/policy.h>
@@ -804,7 +805,7 @@ BOOST_AUTO_TEST_CASE(package_witness_swap_tests)
     CTransactionRef ptx_parent2_v1 = MakeTransactionRef(mtx_parent2_v1);
     CTransactionRef ptx_parent2_v2 = MakeTransactionRef(mtx_parent2_v2);
     // Put parent2_v1 in the package, submit parent2_v2 to the mempool.
-    const MempoolAcceptResult parent2_v2_result = m_node.chainman->ProcessTransaction(ptx_parent2_v2);
+    const MempoolAcceptResult parent2_v2_result = ProcessTransaction(*m_node.chainman, ptx_parent2_v2);
     BOOST_CHECK(parent2_v2_result.m_result_type == MempoolAcceptResult::ResultType::VALID);
     package_mixed.push_back(ptx_parent2_v1);
 
diff --git a/src/test/txvalidation_tests.cpp b/src/test/txvalidation_tests.cpp
index 2a4f213c4bed..ac52a8801451 100644
--- a/src/test/txvalidation_tests.cpp
+++ b/src/test/txvalidation_tests.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <consensus/validation.h>
+#include <mempool_validation.h>
 #include <key_io.h>
 #include <policy/packages.h>
 #include <policy/policy.h>
@@ -41,7 +42,7 @@ BOOST_FIXTURE_TEST_CASE(tx_mempool_reject_coinbase, TestChain100Setup)
     LOCK(cs_main);
 
     unsigned int initialPoolSize = m_node.mempool->size();
-    const MempoolAcceptResult result = m_node.chainman->ProcessTransaction(MakeTransactionRef(coinbaseTx));
+    const MempoolAcceptResult result = ProcessTransaction(*m_node.chainman, MakeTransactionRef(coinbaseTx));
 
     BOOST_CHECK(result.m_result_type == MempoolAcceptResult::ResultType::INVALID);
 
diff --git a/src/test/txvalidationcache_tests.cpp b/src/test/txvalidationcache_tests.cpp
index d695e08f5f50..1281821ae180 100644
--- a/src/test/txvalidationcache_tests.cpp
+++ b/src/test/txvalidationcache_tests.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <consensus/validation.h>
+#include <mempool_validation.h>
 #include <key.h>
 #include <random.h>
 #include <script/sigcache.h>
@@ -20,12 +21,6 @@ struct Dersig100Setup : public TestChain100Setup {
         : TestChain100Setup{ChainType::REGTEST, {.extra_args = {"-testactivationheight=dersig@102"}}} {}
 };
 
-bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
-                       const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
-                       bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
-                       ValidationCache& validation_cache,
-                       std::vector<CScriptCheck>* pvChecks) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
 BOOST_AUTO_TEST_SUITE(txvalidationcache_tests)
 
 BOOST_FIXTURE_TEST_CASE(tx_mempool_block_doublespend, Dersig100Setup)
@@ -39,7 +34,7 @@ BOOST_FIXTURE_TEST_CASE(tx_mempool_block_doublespend, Dersig100Setup)
     const auto ToMemPool = [this](const CMutableTransaction& tx) {
         LOCK(cs_main);
 
-        const MempoolAcceptResult result = m_node.chainman->ProcessTransaction(MakeTransactionRef(tx));
+        const MempoolAcceptResult result = ProcessTransaction(*m_node.chainman, MakeTransactionRef(tx));
         return result.m_result_type == MempoolAcceptResult::ResultType::VALID;
     };
 
diff --git a/src/test/util/setup_common.cpp b/src/test/util/setup_common.cpp
index ed1741987861..1723a88235ab 100644
--- a/src/test/util/setup_common.cpp
+++ b/src/test/util/setup_common.cpp
@@ -14,6 +14,7 @@
 #include <crypto/sha256.h>
 #include <init.h>
 #include <init/common.h>
+#include <mempool_validation.h>
 #include <interfaces/chain.h>
 #include <kernel/mempool_entry.h>
 #include <logging.h>
@@ -505,7 +506,7 @@ CMutableTransaction TestChain100Setup::CreateValidMempoolTransaction(const std::
     // If submit=true, add transaction to the mempool.
     if (submit) {
         LOCK(cs_main);
-        const MempoolAcceptResult result = m_node.chainman->ProcessTransaction(MakeTransactionRef(mempool_txn));
+        const MempoolAcceptResult result = ProcessTransaction(*m_node.chainman, MakeTransactionRef(mempool_txn));
         assert(result.m_result_type == MempoolAcceptResult::ResultType::VALID);
     }
     return mempool_txn;
diff --git a/src/test/util/txmempool.cpp b/src/test/util/txmempool.cpp
index 3c7eb87ccc2e..cb3b00c84bb8 100644
--- a/src/test/util/txmempool.cpp
+++ b/src/test/util/txmempool.cpp
@@ -4,6 +4,7 @@
 
 #include <test/util/txmempool.h>
 
+#include <mempool_validation.h>
 #include <chainparams.h>
 #include <node/context.h>
 #include <node/mempool_args.h>
diff --git a/src/test/validation_block_tests.cpp b/src/test/validation_block_tests.cpp
index 9ede19a18057..730d2632cfec 100644
--- a/src/test/validation_block_tests.cpp
+++ b/src/test/validation_block_tests.cpp
@@ -6,6 +6,7 @@
 
 #include <chainparams.h>
 #include <consensus/merkle.h>
+#include <mempool_validation.h>
 #include <consensus/validation.h>
 #include <node/miner.h>
 #include <pow.h>
@@ -282,7 +283,7 @@ BOOST_AUTO_TEST_CASE(mempool_locks_reorg)
         {
             LOCK(cs_main);
             for (const auto& tx : txs) {
-                const MempoolAcceptResult result = m_node.chainman->ProcessTransaction(tx);
+                const MempoolAcceptResult result = ProcessTransaction(*m_node.chainman, tx);
                 BOOST_REQUIRE(result.m_result_type == MempoolAcceptResult::ResultType::VALID);
             }
         }
diff --git a/src/validation.cpp b/src/validation.cpp
index d9350ba9624c..134fcf4be028 100644
--- a/src/validation.cpp
+++ b/src/validation.cpp
@@ -28,6 +28,7 @@
 #include <kernel/notifications_interface.h>
 #include <kernel/warning.h>
 #include <logging/timer.h>
+#include <mempool_validation.h>
 #include <node/blockstorage.h>
 #include <policy/ephemeral_policy.h>
 #include <policy/policy.h>
@@ -89,8 +90,6 @@ using node::CBlockIndexWorkComparator;
 */
 static constexpr auto DATABASE_WRITE_INTERVAL_MIN{50min};
 static constexpr auto DATABASE_WRITE_INTERVAL_MAX{70min};
-/** Maximum age of our tip for us to be considered current for fee estimation */
-static constexpr std::chrono::hours MAX_FEE_ESTIMATION_TIP_AGE{3};
 const std::vector<std::string> CHECKLEVEL_DOC {
     "level 0 reads the blocks from disk",
     "level 1 verifies block validity",
@@ -108,8 +107,6 @@ static constexpr int PRUNE_LOCK_BUFFER{10};
 
 TRACEPOINT_SEMAPHORE(validation, block_connected);
 TRACEPOINT_SEMAPHORE(utxocache, flush);
-TRACEPOINT_SEMAPHORE(mempool, replaced);
-TRACEPOINT_SEMAPHORE(mempool, rejected);
 
 const CBlockIndex* Chainstate::FindForkInGlobalIndex(const CBlockLocator& locator) const
 {
@@ -131,1679 +128,6 @@ const CBlockIndex* Chainstate::FindForkInGlobalIndex(const CBlockLocator& locato
     return m_chain.Genesis();
 }
 
-bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
-                       const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
-                       bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
-                       ValidationCache& validation_cache,
-                       std::vector<CScriptCheck>* pvChecks = nullptr)
-                       EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
-namespace {
-/**
- * A helper which calculates heights of inputs of a given transaction.
- *
- * @param[in] tip    The current chain tip. If an input belongs to a mempool
- *                   transaction, we assume it will be confirmed in the next block.
- * @param[in] coins  Any CCoinsView that provides access to the relevant coins.
- * @param[in] tx     The transaction being evaluated.
- *
- * @returns A vector of input heights or nullopt, in case of an error.
- */
-std::optional<std::vector<int>> CalculatePrevHeights(
-    const CBlockIndex& tip,
-    const CCoinsView& coins,
-    const CTransaction& tx)
-{
-    std::vector<int> prev_heights;
-    prev_heights.resize(tx.vin.size());
-    for (size_t i = 0; i < tx.vin.size(); ++i) {
-        if (auto coin{coins.GetCoin(tx.vin[i].prevout)}) {
-            prev_heights[i] = coin->nHeight == MEMPOOL_HEIGHT
-                              ? tip.nHeight + 1 // Assume all mempool transaction confirm in the next block.
-                              : coin->nHeight;
-        } else {
-            LogInfo("ERROR: %s: Missing input %d in transaction \'%s\'\n", __func__, i, tx.GetHash().GetHex());
-            return std::nullopt;
-        }
-    }
-    return prev_heights;
-}
-} // namespace
-
-std::optional<LockPoints> CalculateLockPointsAtTip(
-    CBlockIndex* tip,
-    const CCoinsView& coins_view,
-    const CTransaction& tx)
-{
-    assert(tip);
-
-    auto prev_heights{CalculatePrevHeights(*tip, coins_view, tx)};
-    if (!prev_heights.has_value()) return std::nullopt;
-
-    CBlockIndex next_tip;
-    next_tip.pprev = tip;
-    // When SequenceLocks() is called within ConnectBlock(), the height
-    // of the block *being* evaluated is what is used.
-    // Thus if we want to know if a transaction can be part of the
-    // *next* block, we need to use one more than active_chainstate.m_chain.Height()
-    next_tip.nHeight = tip->nHeight + 1;
-    const auto [min_height, min_time] = CalculateSequenceLocks(tx, STANDARD_LOCKTIME_VERIFY_FLAGS, prev_heights.value(), next_tip);
-
-    // Also store the hash of the block with the highest height of
-    // all the blocks which have sequence locked prevouts.
-    // This hash needs to still be on the chain
-    // for these LockPoint calculations to be valid
-    // Note: It is impossible to correctly calculate a maxInputBlock
-    // if any of the sequence locked inputs depend on unconfirmed txs,
-    // except in the special case where the relative lock time/height
-    // is 0, which is equivalent to no sequence lock. Since we assume
-    // input height of tip+1 for mempool txs and test the resulting
-    // min_height and min_time from CalculateSequenceLocks against tip+1.
-    int max_input_height{0};
-    for (const int height : prev_heights.value()) {
-        // Can ignore mempool inputs since we'll fail if they had non-zero locks
-        if (height != next_tip.nHeight) {
-            max_input_height = std::max(max_input_height, height);
-        }
-    }
-
-    // tip->GetAncestor(max_input_height) should never return a nullptr
-    // because max_input_height is always less than the tip height.
-    // It would, however, be a bad bug to continue execution, since a
-    // LockPoints object with the maxInputBlock member set to nullptr
-    // signifies no relative lock time.
-    return LockPoints{min_height, min_time, Assert(tip->GetAncestor(max_input_height))};
-}
-
-bool CheckSequenceLocksAtTip(CBlockIndex* tip,
-                             const LockPoints& lock_points)
-{
-    assert(tip != nullptr);
-
-    CBlockIndex index;
-    index.pprev = tip;
-    // CheckSequenceLocksAtTip() uses active_chainstate.m_chain.Height()+1 to evaluate
-    // height based locks because when SequenceLocks() is called within
-    // ConnectBlock(), the height of the block *being*
-    // evaluated is what is used.
-    // Thus if we want to know if a transaction can be part of the
-    // *next* block, we need to use one more than active_chainstate.m_chain.Height()
-    index.nHeight = tip->nHeight + 1;
-
-    return EvaluateSequenceLocks(index, {lock_points.height, lock_points.time});
-}
-
-static void LimitMempoolSize(CTxMemPool& pool, CCoinsViewCache& coins_cache)
-    EXCLUSIVE_LOCKS_REQUIRED(::cs_main, pool.cs)
-{
-    AssertLockHeld(::cs_main);
-    AssertLockHeld(pool.cs);
-    int expired = pool.Expire(GetTime<std::chrono::seconds>() - pool.m_opts.expiry);
-    if (expired != 0) {
-        LogDebug(BCLog::MEMPOOL, "Expired %i transactions from the memory pool\n", expired);
-    }
-
-    std::vector<COutPoint> vNoSpendsRemaining;
-    pool.TrimToSize(pool.m_opts.max_size_bytes, &vNoSpendsRemaining);
-    for (const COutPoint& removed : vNoSpendsRemaining)
-        coins_cache.Uncache(removed);
-}
-
-static bool IsCurrentForFeeEstimation(Chainstate& active_chainstate) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
-{
-    AssertLockHeld(cs_main);
-    if (active_chainstate.m_chainman.IsInitialBlockDownload()) {
-        return false;
-    }
-    if (active_chainstate.m_chain.Tip()->GetBlockTime() < count_seconds(GetTime<std::chrono::seconds>() - MAX_FEE_ESTIMATION_TIP_AGE))
-        return false;
-    if (active_chainstate.m_chain.Height() < active_chainstate.m_chainman.m_best_header->nHeight - 1) {
-        return false;
-    }
-    return true;
-}
-
-void Chainstate::MaybeUpdateMempoolForReorg(
-    DisconnectedBlockTransactions& disconnectpool,
-    bool fAddToMempool)
-{
-    if (!m_mempool) return;
-
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_mempool->cs);
-    std::vector<Txid> vHashUpdate;
-    {
-        // disconnectpool is ordered so that the front is the most recently-confirmed
-        // transaction (the last tx of the block at the tip) in the disconnected chain.
-        // Iterate disconnectpool in reverse, so that we add transactions
-        // back to the mempool starting with the earliest transaction that had
-        // been previously seen in a block.
-        const auto queuedTx = disconnectpool.take();
-        auto it = queuedTx.rbegin();
-        while (it != queuedTx.rend()) {
-            // ignore validation errors in resurrected transactions
-            if (!fAddToMempool || (*it)->IsCoinBase() ||
-                AcceptToMemoryPool(*this, *it, GetTime(),
-                    /*bypass_limits=*/true, /*test_accept=*/false).m_result_type !=
-                        MempoolAcceptResult::ResultType::VALID) {
-                // If the transaction doesn't make it in to the mempool, remove any
-                // transactions that depend on it (which would now be orphans).
-                m_mempool->removeRecursive(**it, MemPoolRemovalReason::REORG);
-            } else if (m_mempool->exists((*it)->GetHash())) {
-                vHashUpdate.push_back((*it)->GetHash());
-            }
-            ++it;
-        }
-    }
-
-    // AcceptToMemoryPool/addNewTransaction all assume that new mempool entries have
-    // no in-mempool children, which is generally not true when adding
-    // previously-confirmed transactions back to the mempool.
-    // UpdateTransactionsFromBlock finds descendants of any transactions in
-    // the disconnectpool that were added back and cleans up the mempool state.
-    m_mempool->UpdateTransactionsFromBlock(vHashUpdate);
-
-    // Predicate to use for filtering transactions in removeForReorg.
-    // Checks whether the transaction is still final and, if it spends a coinbase output, mature.
-    // Also updates valid entries' cached LockPoints if needed.
-    // If false, the tx is still valid and its lockpoints are updated.
-    // If true, the tx would be invalid in the next block; remove this entry and all of its descendants.
-    // Note that TRUC rules are not applied here, so reorgs may cause violations of TRUC inheritance or
-    // topology restrictions.
-    const auto filter_final_and_mature = [&](CTxMemPool::txiter it)
-        EXCLUSIVE_LOCKS_REQUIRED(m_mempool->cs, ::cs_main) {
-        AssertLockHeld(m_mempool->cs);
-        AssertLockHeld(::cs_main);
-        const CTransaction& tx = it->GetTx();
-
-        // The transaction must be final.
-        if (!CheckFinalTxAtTip(*Assert(m_chain.Tip()), tx)) return true;
-
-        const LockPoints& lp = it->GetLockPoints();
-        // CheckSequenceLocksAtTip checks if the transaction will be final in the next block to be
-        // created on top of the new chain.
-        if (TestLockPointValidity(m_chain, lp)) {
-            if (!CheckSequenceLocksAtTip(m_chain.Tip(), lp)) {
-                return true;
-            }
-        } else {
-            const CCoinsViewMemPool view_mempool{&CoinsTip(), *m_mempool};
-            const std::optional<LockPoints> new_lock_points{CalculateLockPointsAtTip(m_chain.Tip(), view_mempool, tx)};
-            if (new_lock_points.has_value() && CheckSequenceLocksAtTip(m_chain.Tip(), *new_lock_points)) {
-                // Now update the mempool entry lockpoints as well.
-                it->UpdateLockPoints(*new_lock_points);
-            } else {
-                return true;
-            }
-        }
-
-        // If the transaction spends any coinbase outputs, it must be mature.
-        if (it->GetSpendsCoinbase()) {
-            for (const CTxIn& txin : tx.vin) {
-                if (m_mempool->exists(txin.prevout.hash)) continue;
-                const Coin& coin{CoinsTip().AccessCoin(txin.prevout)};
-                assert(!coin.IsSpent());
-                const auto mempool_spend_height{m_chain.Tip()->nHeight + 1};
-                if (coin.IsCoinBase() && mempool_spend_height - coin.nHeight < COINBASE_MATURITY) {
-                    return true;
-                }
-            }
-        }
-        // Transaction is still valid and cached LockPoints are updated.
-        return false;
-    };
-
-    // We also need to remove any now-immature transactions
-    m_mempool->removeForReorg(m_chain, filter_final_and_mature);
-    // Re-limit mempool size, in case we added any transactions
-    LimitMempoolSize(*m_mempool, this->CoinsTip());
-}
-
-/**
-* Checks to avoid mempool polluting consensus critical paths since cached
-* signature and script validity results will be reused if we validate this
-* transaction again during block validation.
-* */
-static bool CheckInputsFromMempoolAndCache(const CTransaction& tx, TxValidationState& state,
-                const CCoinsViewCache& view, const CTxMemPool& pool,
-                script_verify_flags flags, PrecomputedTransactionData& txdata, CCoinsViewCache& coins_tip,
-                ValidationCache& validation_cache)
-                EXCLUSIVE_LOCKS_REQUIRED(cs_main, pool.cs)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(pool.cs);
-
-    assert(!tx.IsCoinBase());
-    for (const CTxIn& txin : tx.vin) {
-        const Coin& coin = view.AccessCoin(txin.prevout);
-
-        // This coin was checked in PreChecks and MemPoolAccept
-        // has been holding cs_main since then.
-        Assume(!coin.IsSpent());
-        if (coin.IsSpent()) return false;
-
-        // If the Coin is available, there are 2 possibilities:
-        // it is available in our current ChainstateActive UTXO set,
-        // or it's a UTXO provided by a transaction in our mempool.
-        // Ensure the scriptPubKeys in Coins from CoinsView are correct.
-        const CTransactionRef& txFrom = pool.get(txin.prevout.hash);
-        if (txFrom) {
-            assert(txFrom->GetHash() == txin.prevout.hash);
-            assert(txFrom->vout.size() > txin.prevout.n);
-            assert(txFrom->vout[txin.prevout.n] == coin.out);
-        } else {
-            const Coin& coinFromUTXOSet = coins_tip.AccessCoin(txin.prevout);
-            assert(!coinFromUTXOSet.IsSpent());
-            assert(coinFromUTXOSet.out == coin.out);
-        }
-    }
-
-    // Call CheckInputScripts() to cache signature and script validity against current tip consensus rules.
-    return CheckInputScripts(tx, state, view, flags, /* cacheSigStore= */ true, /* cacheFullScriptStore= */ true, txdata, validation_cache);
-}
-
-namespace {
-
-class MemPoolAccept
-{
-public:
-    explicit MemPoolAccept(CTxMemPool& mempool, Chainstate& active_chainstate) :
-        m_pool(mempool),
-        m_view(&CoinsViewEmpty::Get()),
-        m_viewmempool(&active_chainstate.CoinsTip(), m_pool),
-        m_active_chainstate(active_chainstate)
-    {
-    }
-
-    // We put the arguments we're handed into a struct, so we can pass them
-    // around easier.
-    struct ATMPArgs {
-        const CChainParams& m_chainparams;
-        const int64_t m_accept_time;
-        const bool m_bypass_limits;
-        /*
-         * Return any outpoints which were not previously present in the coins
-         * cache, but were added as a result of validating the tx for mempool
-         * acceptance. This allows the caller to optionally remove the cache
-         * additions if the associated transaction ends up being rejected by
-         * the mempool.
-         */
-        std::vector<COutPoint>& m_coins_to_uncache;
-        /** When true, the transaction or package will not be submitted to the mempool. */
-        const bool m_test_accept;
-        /** Whether we allow transactions to replace mempool transactions. If false,
-         * any transaction spending the same inputs as a transaction in the mempool is considered
-         * a conflict. */
-        const bool m_allow_replacement;
-        /** When true, allow sibling eviction. This only occurs in single transaction package settings. */
-        const bool m_allow_sibling_eviction;
-        /** Used to skip the LimitMempoolSize() call within AcceptSingleTransaction(). This should be used when multiple
-         * AcceptSubPackage calls are expected and the mempool will be trimmed at the end of AcceptPackage(). */
-        const bool m_package_submission;
-        /** When true, use package feerates instead of individual transaction feerates for fee-based
-         * policies such as mempool min fee and min relay fee.
-         */
-        const bool m_package_feerates;
-        /** Used for local submission of transactions to catch "absurd" fees
-         * due to fee miscalculation by wallets. std:nullopt implies unset, allowing any feerates.
-         * Any individual transaction failing this check causes immediate failure.
-         */
-        const std::optional<CFeeRate> m_client_maxfeerate;
-
-        /** Parameters for single transaction mempool validation. */
-        static ATMPArgs SingleAccept(const CChainParams& chainparams, int64_t accept_time,
-                                     bool bypass_limits, std::vector<COutPoint>& coins_to_uncache,
-                                     bool test_accept) {
-            return ATMPArgs{/*chainparams=*/ chainparams,
-                            /*accept_time=*/ accept_time,
-                            /*bypass_limits=*/ bypass_limits,
-                            /*coins_to_uncache=*/ coins_to_uncache,
-                            /*test_accept=*/ test_accept,
-                            /*allow_replacement=*/ true,
-                            /*allow_sibling_eviction=*/ true,
-                            /*package_submission=*/ false,
-                            /*package_feerates=*/ false,
-                            /*client_maxfeerate=*/ {}, // checked by caller
-            };
-        }
-
-        /** Parameters for test package mempool validation through testmempoolaccept. */
-        static ATMPArgs PackageTestAccept(const CChainParams& chainparams, int64_t accept_time,
-                                          std::vector<COutPoint>& coins_to_uncache) {
-            return ATMPArgs{/*chainparams=*/ chainparams,
-                            /*accept_time=*/ accept_time,
-                            /*bypass_limits=*/ false,
-                            /*coins_to_uncache=*/ coins_to_uncache,
-                            /*test_accept=*/ true,
-                            /*allow_replacement=*/ false,
-                            /*allow_sibling_eviction=*/ false,
-                            /*package_submission=*/ false, // not submitting to mempool
-                            /*package_feerates=*/ false,
-                            /*client_maxfeerate=*/ {}, // checked by caller
-            };
-        }
-
-        /** Parameters for child-with-parents package validation. */
-        static ATMPArgs PackageChildWithParents(const CChainParams& chainparams, int64_t accept_time,
-                                                std::vector<COutPoint>& coins_to_uncache, const std::optional<CFeeRate>& client_maxfeerate) {
-            return ATMPArgs{/*chainparams=*/ chainparams,
-                            /*accept_time=*/ accept_time,
-                            /*bypass_limits=*/ false,
-                            /*coins_to_uncache=*/ coins_to_uncache,
-                            /*test_accept=*/ false,
-                            /*allow_replacement=*/ true,
-                            /*allow_sibling_eviction=*/ false,
-                            /*package_submission=*/ true,
-                            /*package_feerates=*/ true,
-                            /*client_maxfeerate=*/ client_maxfeerate,
-            };
-        }
-
-        /** Parameters for a single transaction within a package. */
-        static ATMPArgs SingleInPackageAccept(const ATMPArgs& package_args) {
-            return ATMPArgs{/*chainparams=*/ package_args.m_chainparams,
-                            /*accept_time=*/ package_args.m_accept_time,
-                            /*bypass_limits=*/ false,
-                            /*coins_to_uncache=*/ package_args.m_coins_to_uncache,
-                            /*test_accept=*/ package_args.m_test_accept,
-                            /*allow_replacement=*/ true,
-                            /*allow_sibling_eviction=*/ true,
-                            /*package_submission=*/ true, // trim at the end of AcceptPackage()
-                            /*package_feerates=*/ false, // only 1 transaction
-                            /*client_maxfeerate=*/ package_args.m_client_maxfeerate,
-            };
-        }
-
-    private:
-        // Private ctor to avoid exposing details to clients and allowing the possibility of
-        // mixing up the order of the arguments. Use static functions above instead.
-        ATMPArgs(const CChainParams& chainparams,
-                 int64_t accept_time,
-                 bool bypass_limits,
-                 std::vector<COutPoint>& coins_to_uncache,
-                 bool test_accept,
-                 bool allow_replacement,
-                 bool allow_sibling_eviction,
-                 bool package_submission,
-                 bool package_feerates,
-                 std::optional<CFeeRate> client_maxfeerate)
-            : m_chainparams{chainparams},
-              m_accept_time{accept_time},
-              m_bypass_limits{bypass_limits},
-              m_coins_to_uncache{coins_to_uncache},
-              m_test_accept{test_accept},
-              m_allow_replacement{allow_replacement},
-              m_allow_sibling_eviction{allow_sibling_eviction},
-              m_package_submission{package_submission},
-              m_package_feerates{package_feerates},
-              m_client_maxfeerate{client_maxfeerate}
-        {
-            // If we are using package feerates, we must be doing package submission.
-            // It also means sibling eviction is not permitted.
-            if (m_package_feerates) {
-                Assume(m_package_submission);
-                Assume(!m_allow_sibling_eviction);
-            }
-            if (m_allow_sibling_eviction) Assume(m_allow_replacement);
-        }
-    };
-
-    /** Clean up all non-chainstate coins from m_view and m_viewmempool. */
-    void CleanupTemporaryCoins() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    // Single transaction acceptance
-    MempoolAcceptResult AcceptSingleTransactionAndCleanup(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
-        LOCK(m_pool.cs);
-        MempoolAcceptResult result = AcceptSingleTransactionInternal(ptx, args);
-        ClearSubPackageState();
-        return result;
-    }
-    MempoolAcceptResult AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    /**
-    * Multiple transaction acceptance. Transactions may or may not be interdependent, but must not
-    * conflict with each other, and the transactions cannot already be in the mempool. Parents must
-    * come before children if any dependencies exist.
-    */
-    PackageMempoolAcceptResult AcceptMultipleTransactionsAndCleanup(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
-        LOCK(m_pool.cs);
-        PackageMempoolAcceptResult result = AcceptMultipleTransactionsInternal(txns, args);
-        ClearSubPackageState();
-        return result;
-    }
-    PackageMempoolAcceptResult AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    /**
-     * Submission of a subpackage.
-     * If subpackage size == 1, calls AcceptSingleTransaction() with adjusted ATMPArgs to
-     * enable sibling eviction and creates a PackageMempoolAcceptResult
-     * wrapping the result.
-     *
-     * If subpackage size > 1, calls AcceptMultipleTransactions() with the provided ATMPArgs.
-     *
-     * Also cleans up all non-chainstate coins from m_view at the end.
-    */
-    PackageMempoolAcceptResult AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
-        EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    /**
-     * Package (more specific than just multiple transactions) acceptance. Package must be a child
-     * with all of its unconfirmed parents, and topologically sorted.
-     */
-    PackageMempoolAcceptResult AcceptPackage(const Package& package, ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
-private:
-    // All the intermediate state that gets passed between the various levels
-    // of checking a given transaction.
-    struct Workspace {
-        explicit Workspace(const CTransactionRef& ptx) : m_ptx(ptx), m_hash(ptx->GetHash()) {}
-        /** Txids of mempool transactions that this transaction directly conflicts with or may
-         * replace via sibling eviction. */
-        std::set<Txid> m_conflicts;
-        /** Iterators to mempool entries that this transaction directly conflicts with or may
-         * replace via sibling eviction. */
-        CTxMemPool::setEntries m_iters_conflicting;
-        /** All mempool parents of this transaction. */
-        std::vector<CTxMemPoolEntry::CTxMemPoolEntryRef> m_parents;
-        /* Handle to the tx in the changeset */
-        CTxMemPool::ChangeSet::TxHandle m_tx_handle;
-        /** Whether RBF-related data structures (m_conflicts, m_iters_conflicting,
-         * m_replaced_transactions) include a sibling in addition to txns with conflicting inputs. */
-        bool m_sibling_eviction{false};
-
-        /** Virtual size of the transaction as used by the mempool, calculated using serialized size
-         * of the transaction and sigops. */
-        int64_t m_vsize;
-        /** Fees paid by this transaction: total input amounts subtracted by total output amounts. */
-        CAmount m_base_fees;
-        /** Base fees + any fee delta set by the user with prioritisetransaction. */
-        CAmount m_modified_fees;
-
-        /** If we're doing package validation (i.e. m_package_feerates=true), the "effective"
-         * package feerate of this transaction is the total fees divided by the total size of
-         * transactions (which may include its ancestors and/or descendants). */
-        CFeeRate m_package_feerate{0};
-
-        const CTransactionRef& m_ptx;
-        /** Txid. */
-        const Txid& m_hash;
-        TxValidationState m_state;
-        /** A temporary cache containing serialized transaction data for signature verification.
-         * Reused across PolicyScriptChecks and ConsensusScriptChecks. */
-        PrecomputedTransactionData m_precomputed_txdata;
-    };
-
-    // Run the policy checks on a given transaction, excluding any script checks.
-    // Looks up inputs, calculates feerate, considers replacement, evaluates
-    // package limits, etc. As this function can be invoked for "free" by a peer,
-    // only tests that are fast should be done here (to avoid CPU DoS).
-    bool PreChecks(ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    // Run checks for mempool replace-by-fee, only used in AcceptSingleTransaction.
-    bool ReplacementChecks(Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    bool PackageRBFChecks(const std::vector<CTransactionRef>& txns,
-                          std::vector<Workspace>& workspaces,
-                          int64_t total_vsize,
-                          PackageValidationState& package_state) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    // Run the script checks using our policy flags. As this can be slow, we should
-    // only invoke this on transactions that have otherwise passed policy checks.
-    bool PolicyScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    // Re-run the script checks, using consensus flags, and try to cache the
-    // result in the scriptcache. This should be done after
-    // PolicyScriptChecks(). This requires that all inputs either be in our
-    // utxo set or in the mempool.
-    bool ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    // Try to add the transaction to the mempool, removing any conflicts first.
-    void FinalizeSubpackage(const ATMPArgs& args) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    // Submit all transactions to the mempool and call ConsensusScriptChecks to add to the script
-    // cache - should only be called after successful validation of all transactions in the package.
-    // Does not call LimitMempoolSize(), so mempool max_size_bytes may be temporarily exceeded.
-    bool SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces, PackageValidationState& package_state,
-                       std::map<Wtxid, MempoolAcceptResult>& results)
-         EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs);
-
-    // Compare a package's feerate against minimum allowed.
-    bool CheckFeeRate(size_t package_size, CAmount package_fee, TxValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs)
-    {
-        AssertLockHeld(::cs_main);
-        AssertLockHeld(m_pool.cs);
-        CAmount mempoolRejectFee = m_pool.GetMinFee().GetFee(package_size);
-        if (mempoolRejectFee > 0 && package_fee < mempoolRejectFee) {
-            return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool min fee not met", strprintf("%d < %d", package_fee, mempoolRejectFee));
-        }
-
-        if (package_fee < m_pool.m_opts.min_relay_feerate.GetFee(package_size)) {
-            return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "min relay fee not met",
-                                 strprintf("%d < %d", package_fee, m_pool.m_opts.min_relay_feerate.GetFee(package_size)));
-        }
-        return true;
-    }
-
-    ValidationCache& GetValidationCache()
-    {
-        return m_active_chainstate.m_chainman.m_validation_cache;
-    }
-
-private:
-    CTxMemPool& m_pool;
-
-    /** Holds a cached view of available coins from the UTXO set, mempool, and artificial temporary coins (to enable package validation).
-     * The view doesn't track whether a coin previously existed but has now been spent. We detect conflicts in other ways:
-     * - conflicts within a transaction are checked in CheckTransaction (bad-txns-inputs-duplicate)
-     * - conflicts within a package are checked in IsWellFormedPackage (conflict-in-package)
-     * - conflicts with an existing mempool transaction are found in CTxMemPool::GetConflictTx and replacements are allowed
-     * The temporary coins should persist between individual transaction checks so that package validation is possible,
-     * but must be cleaned up when we finish validating a subpackage, whether accepted or rejected. The cache must also
-     * be cleared when mempool contents change (when a changeset is applied or when the mempool trims itself) because it
-     * can return cached coins that no longer exist in the backend. Use CleanupTemporaryCoins() anytime you are finished
-     * with a SubPackageState or call LimitMempoolSize().
-     */
-    CCoinsViewCache m_view;
-
-    // These are the two possible backends for m_view.
-    /** When m_view is connected to m_viewmempool as its backend, it can pull coins from the mempool and from the UTXO
-     * set. This is also where temporary coins are stored. */
-    CCoinsViewMemPool m_viewmempool;
-
-    Chainstate& m_active_chainstate;
-
-    // Fields below are per *sub*package state and must be reset prior to subsequent
-    // AcceptSingleTransaction and AcceptMultipleTransactions invocations
-    struct SubPackageState {
-        /** Aggregated modified fees of all transactions, used to calculate package feerate. */
-        CAmount m_total_modified_fees{0};
-        /** Aggregated virtual size of all transactions, used to calculate package feerate. */
-        int64_t m_total_vsize{0};
-
-        // RBF-related members
-        /** Whether the transaction(s) would replace any mempool transactions and/or evict any siblings.
-         * If so, RBF rules apply. */
-        bool m_rbf{false};
-        /** Mempool transactions that were replaced. */
-        std::list<CTransactionRef> m_replaced_transactions;
-        /* Changeset representing adding transactions and removing their conflicts. */
-        std::unique_ptr<CTxMemPool::ChangeSet> m_changeset;
-
-        /** Total modified fees of mempool transactions being replaced. */
-        CAmount m_conflicting_fees{0};
-        /** Total size (in virtual bytes) of mempool transactions being replaced. */
-        size_t m_conflicting_size{0};
-    };
-
-    struct SubPackageState m_subpackage;
-
-    /** Re-set sub-package state to not leak between evaluations */
-    void ClearSubPackageState() EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_pool.cs)
-    {
-        m_subpackage = SubPackageState{};
-
-        // And clean coins while at it
-        CleanupTemporaryCoins();
-    }
-};
-
-bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-    const CTransactionRef& ptx = ws.m_ptx;
-    const CTransaction& tx = *ws.m_ptx;
-    const Txid& hash = ws.m_hash;
-
-    // Copy/alias what we need out of args
-    const int64_t nAcceptTime = args.m_accept_time;
-    const bool bypass_limits = args.m_bypass_limits;
-    std::vector<COutPoint>& coins_to_uncache = args.m_coins_to_uncache;
-
-    // Alias what we need out of ws
-    TxValidationState& state = ws.m_state;
-
-    if (!CheckTransaction(tx, state)) {
-        return false; // state filled in by CheckTransaction
-    }
-
-    // Coinbase is only valid in a block, not as a loose transaction
-    if (tx.IsCoinBase())
-        return state.Invalid(TxValidationResult::TX_CONSENSUS, "coinbase");
-
-    // Rather not work on nonstandard transactions (unless -testnet/-regtest)
-    std::string reason;
-    if (m_pool.m_opts.require_standard && !IsStandardTx(tx, m_pool.m_opts.max_datacarrier_bytes, m_pool.m_opts.permit_bare_multisig, m_pool.m_opts.dust_relay_feerate, reason)) {
-        return state.Invalid(TxValidationResult::TX_NOT_STANDARD, reason);
-    }
-
-    // Transactions smaller than 65 non-witness bytes are not relayed to mitigate CVE-2017-12842.
-    if (::GetSerializeSize(TX_NO_WITNESS(tx)) < MIN_STANDARD_TX_NONWITNESS_SIZE)
-        return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "tx-size-small");
-
-    // Only accept nLockTime-using transactions that can be mined in the next
-    // block; we don't want our mempool filled up with transactions that can't
-    // be mined yet.
-    if (!CheckFinalTxAtTip(*Assert(m_active_chainstate.m_chain.Tip()), tx)) {
-        return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-final");
-    }
-
-    if (m_pool.exists(tx.GetWitnessHash())) {
-        // Exact transaction already exists in the mempool.
-        return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-in-mempool");
-    } else if (m_pool.exists(tx.GetHash())) {
-        // Transaction with the same non-witness data but different witness (same txid, different
-        // wtxid) already exists in the mempool.
-        return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-same-nonwitness-data-in-mempool");
-    }
-
-    // Check for conflicts with in-memory transactions
-    for (const CTxIn &txin : tx.vin)
-    {
-        const CTransaction* ptxConflicting = m_pool.GetConflictTx(txin.prevout);
-        if (ptxConflicting) {
-            if (!args.m_allow_replacement) {
-                // Transaction conflicts with a mempool tx, but we're not allowing replacements in this context.
-                return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "bip125-replacement-disallowed");
-            }
-            ws.m_conflicts.insert(ptxConflicting->GetHash());
-        }
-    }
-
-    m_view.SetBackend(m_viewmempool);
-
-    const CCoinsViewCache& coins_cache = m_active_chainstate.CoinsTip();
-    // do all inputs exist?
-    for (const CTxIn& txin : tx.vin) {
-        if (!coins_cache.HaveCoinInCache(txin.prevout)) {
-            coins_to_uncache.push_back(txin.prevout);
-        }
-
-        // Note: this call may add txin.prevout to the coins cache
-        // (coins_cache.cacheCoins) by way of FetchCoin(). It should be removed
-        // later (via coins_to_uncache) if this tx turns out to be invalid.
-        if (!m_view.HaveCoin(txin.prevout)) {
-            // Are inputs missing because we already have the tx?
-            for (size_t out = 0; out < tx.vout.size(); out++) {
-                // Optimistically just do efficient check of cache for outputs
-                if (coins_cache.HaveCoinInCache(COutPoint(hash, out))) {
-                    return state.Invalid(TxValidationResult::TX_CONFLICT, "txn-already-known");
-                }
-            }
-            // Otherwise assume this might be an orphan tx for which we just haven't seen parents yet
-            return state.Invalid(TxValidationResult::TX_MISSING_INPUTS, "bad-txns-inputs-missingorspent");
-        }
-    }
-
-    // This is const, but calls into `CCoinsViewCache::GetBestBlock()` to refresh
-    // the cached best block through `m_viewmempool` after caching inputs.
-    (void)m_view.GetBestBlock();
-
-    // All required inputs are cached now, so switch m_view to the empty backend.
-    // This keeps already-fetched cache entries for later checks and prevents new
-    // backend lookups (which would avoid coins_to_uncache tracking).
-    m_view.SetBackend(CoinsViewEmpty::Get());
-
-    assert(m_active_chainstate.m_blockman.LookupBlockIndex(m_view.GetBestBlock()) == m_active_chainstate.m_chain.Tip());
-
-    // Only accept BIP68 sequence locked transactions that can be mined in the next
-    // block; we don't want our mempool filled up with transactions that can't
-    // be mined yet.
-    // Pass in m_view which has all of the relevant inputs cached. Note that, since m_view's
-    // backend was removed, it no longer pulls coins from the mempool.
-    const std::optional<LockPoints> lock_points{CalculateLockPointsAtTip(m_active_chainstate.m_chain.Tip(), m_view, tx)};
-    if (!lock_points.has_value() || !CheckSequenceLocksAtTip(m_active_chainstate.m_chain.Tip(), *lock_points)) {
-        return state.Invalid(TxValidationResult::TX_PREMATURE_SPEND, "non-BIP68-final");
-    }
-
-    // The mempool holds txs for the next block, so pass height+1 to CheckTxInputs
-    if (!Consensus::CheckTxInputs(tx, state, m_view, m_active_chainstate.m_chain.Height() + 1, ws.m_base_fees)) {
-        return false; // state filled in by CheckTxInputs
-    }
-
-    if (m_pool.m_opts.require_standard) {
-        state = ValidateInputsStandardness(tx, m_view);
-        if (state.IsInvalid()) {
-            return false;
-        }
-    }
-
-    // Check for non-standard witnesses.
-    if (tx.HasWitness() && m_pool.m_opts.require_standard && !IsWitnessStandard(tx, m_view)) {
-        return state.Invalid(TxValidationResult::TX_WITNESS_MUTATED, "bad-witness-nonstandard");
-    }
-
-    int64_t nSigOpsCost = GetTransactionSigOpCost(tx, m_view, STANDARD_SCRIPT_VERIFY_FLAGS);
-
-    // Keep track of transactions that spend a coinbase, which we re-scan
-    // during reorgs to ensure COINBASE_MATURITY is still met.
-    bool fSpendsCoinbase = false;
-    for (const CTxIn &txin : tx.vin) {
-        const Coin &coin = m_view.AccessCoin(txin.prevout);
-        if (coin.IsCoinBase()) {
-            fSpendsCoinbase = true;
-            break;
-        }
-    }
-
-    // Set entry_sequence to 0 when bypass_limits is used; this allows txs from a block
-    // reorg to be marked earlier than any child txs that were already in the mempool.
-    const uint64_t entry_sequence = bypass_limits ? 0 : m_pool.GetSequence();
-    if (!m_subpackage.m_changeset) {
-        m_subpackage.m_changeset = m_pool.GetChangeSet();
-    }
-    ws.m_tx_handle = m_subpackage.m_changeset->StageAddition(ptx, ws.m_base_fees, nAcceptTime, m_active_chainstate.m_chain.Height(), entry_sequence, fSpendsCoinbase, nSigOpsCost, lock_points.value());
-
-    // ws.m_modified_fees includes any fee deltas from PrioritiseTransaction
-    ws.m_modified_fees = ws.m_tx_handle->GetModifiedFee();
-
-    ws.m_vsize = ws.m_tx_handle->GetTxSize();
-
-    // Enforces 0-fee for dust transactions, no incentive to be mined alone
-    if (m_pool.m_opts.require_standard) {
-        if (!PreCheckEphemeralTx(*ptx, m_pool.m_opts.dust_relay_feerate, ws.m_base_fees, ws.m_modified_fees, state)) {
-            return false; // state filled in by PreCheckEphemeralTx
-        }
-    }
-
-    if (nSigOpsCost > MAX_STANDARD_TX_SIGOPS_COST)
-        return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "bad-txns-too-many-sigops",
-                strprintf("%d", nSigOpsCost));
-
-    // No individual transactions are allowed below the mempool min feerate except from disconnected
-    // blocks and transactions in a package. Package transactions will be checked using package
-    // feerate later.
-    if (!bypass_limits && !args.m_package_feerates && !CheckFeeRate(ws.m_vsize, ws.m_modified_fees, state)) return false;
-
-    ws.m_iters_conflicting = m_pool.GetIterSet(ws.m_conflicts);
-
-    ws.m_parents = m_pool.GetParents(*ws.m_tx_handle);
-
-    if (!args.m_bypass_limits) {
-        // Perform the TRUC checks, using the in-mempool parents.
-        if (const auto err{SingleTRUCChecks(m_pool, ws.m_ptx, ws.m_parents, ws.m_conflicts, ws.m_vsize)}) {
-            // Single transaction contexts only.
-            if (args.m_allow_sibling_eviction && err->second != nullptr) {
-                // We should only be considering where replacement is considered valid as well.
-                Assume(args.m_allow_replacement);
-                // Potential sibling eviction. Add the sibling to our list of mempool conflicts to be
-                // included in RBF checks.
-                ws.m_conflicts.insert(err->second->GetHash());
-                // Adding the sibling to m_iters_conflicting here means that it doesn't count towards
-                // RBF Carve Out above. This is correct, since removing to-be-replaced transactions from
-                // the descendant count is done separately in SingleTRUCChecks for TRUC transactions.
-                ws.m_iters_conflicting.insert(m_pool.GetIter(err->second->GetHash()).value());
-                ws.m_sibling_eviction = true;
-                // The sibling will be treated as part of the to-be-replaced set in ReplacementChecks.
-                // Note that we are not checking whether it opts in to replaceability via BIP125 or TRUC
-                // (which is normally done in PreChecks). However, the only way a TRUC transaction can
-                // have a non-TRUC and non-BIP125 descendant is due to a reorg.
-            } else {
-                return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "TRUC-violation", err->first);
-            }
-        }
-    }
-
-    // We want to detect conflicts in any tx in a package to trigger package RBF logic
-    m_subpackage.m_rbf |= !ws.m_conflicts.empty();
-    return true;
-}
-
-bool MemPoolAccept::ReplacementChecks(Workspace& ws)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-
-    const CTransaction& tx = *ws.m_ptx;
-    const Txid& hash = ws.m_hash;
-    TxValidationState& state = ws.m_state;
-
-    CFeeRate newFeeRate(ws.m_modified_fees, ws.m_vsize);
-
-    CTxMemPool::setEntries all_conflicts;
-
-    // Calculate all conflicting entries and enforce Rule #5.
-    if (const auto err_string{GetEntriesForConflicts(tx, m_pool, ws.m_iters_conflicting, all_conflicts)}) {
-        return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY,
-                             strprintf("too many potential replacements%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
-    }
-
-    // Check if it's economically rational to mine this transaction rather than the ones it
-    // replaces and pays for its own relay fees. Enforce Rules #3 and #4.
-    for (CTxMemPool::txiter it : all_conflicts) {
-        m_subpackage.m_conflicting_fees += it->GetModifiedFee();
-        m_subpackage.m_conflicting_size += it->GetTxSize();
-    }
-
-    if (const auto err_string{PaysForRBF(m_subpackage.m_conflicting_fees, ws.m_modified_fees, ws.m_vsize,
-                                         m_pool.m_opts.incremental_relay_feerate, hash)}) {
-        // Result may change in a package context
-        return state.Invalid(TxValidationResult::TX_RECONSIDERABLE,
-                             strprintf("insufficient fee%s", ws.m_sibling_eviction ? " (including sibling eviction)" : ""), *err_string);
-    }
-
-    // Add all the to-be-removed transactions to the changeset.
-    for (auto it : all_conflicts) {
-        m_subpackage.m_changeset->StageRemoval(it);
-    }
-
-    // Run cluster size limit checks and fail if we exceed them.
-    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
-        return state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
-    }
-
-    if (const auto err_string{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
-        // We checked above for the cluster size limits being respected, so a
-        // failure here can only be due to an insufficient fee.
-        Assume(err_string->first == DiagramCheckError::FAILURE);
-        return state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "replacement-failed", err_string->second);
-    }
-
-    return true;
-}
-
-bool MemPoolAccept::PackageRBFChecks(const std::vector<CTransactionRef>& txns,
-                                     std::vector<Workspace>& workspaces,
-                                     const int64_t total_vsize,
-                                     PackageValidationState& package_state)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-
-    assert(std::all_of(txns.cbegin(), txns.cend(), [this](const auto& tx)
-                       { return !m_pool.exists(tx->GetHash());}));
-
-    assert(txns.size() == workspaces.size());
-
-    // We're in package RBF context; replacement proposal must be size 2
-    if (workspaces.size() != 2 || !Assume(IsChildWithParents(txns))) {
-        return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: package must be 1-parent-1-child");
-    }
-
-    // If the package has in-mempool parents, we won't consider a package RBF
-    // since it would result in a cluster larger than 2.
-    // N.B. To relax this constraint we will need to revisit how CCoinsViewMemPool::PackageAddTransaction
-    // is being used inside AcceptMultipleTransactions to track available inputs while processing a package.
-    // Specifically we would need to check that the ancestors of the new
-    // transactions don't intersect with the set of transactions to be removed
-    // due to RBF, which is not checked at all in the package acceptance
-    // context.
-    for (const auto& ws : workspaces) {
-        if (!ws.m_parents.empty()) {
-            return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "package RBF failed: new transaction cannot have mempool ancestors");
-        }
-    }
-
-    // Aggregate all conflicts into one set.
-    CTxMemPool::setEntries direct_conflict_iters;
-    for (Workspace& ws : workspaces) {
-        // Aggregate all conflicts into one set.
-        direct_conflict_iters.merge(ws.m_iters_conflicting);
-    }
-
-    const auto& parent_ws = workspaces[0];
-    const auto& child_ws = workspaces[1];
-
-    // Don't consider replacements that would cause us to remove a large number of mempool entries.
-    // This limit is not increased in a package RBF. Use the aggregate number of transactions.
-    CTxMemPool::setEntries all_conflicts;
-    if (const auto err_string{GetEntriesForConflicts(*child_ws.m_ptx, m_pool, direct_conflict_iters,
-                                                     all_conflicts)}) {
-        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
-                                     "package RBF failed: too many potential replacements", *err_string);
-    }
-
-    for (CTxMemPool::txiter it : all_conflicts) {
-        m_subpackage.m_changeset->StageRemoval(it);
-        m_subpackage.m_conflicting_fees += it->GetModifiedFee();
-        m_subpackage.m_conflicting_size += it->GetTxSize();
-    }
-
-    // Use the child as the transaction for attributing errors to.
-    const Txid& child_hash = child_ws.m_ptx->GetHash();
-    if (const auto err_string{PaysForRBF(/*original_fees=*/m_subpackage.m_conflicting_fees,
-                                         /*replacement_fees=*/m_subpackage.m_total_modified_fees,
-                                         /*replacement_vsize=*/m_subpackage.m_total_vsize,
-                                         m_pool.m_opts.incremental_relay_feerate, child_hash)}) {
-        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
-                                     "package RBF failed: insufficient anti-DoS fees", *err_string);
-    }
-
-    // Ensure this two transaction package is a "chunk" on its own; we don't want the child
-    // to be only paying anti-DoS fees
-    const CFeeRate parent_feerate(parent_ws.m_modified_fees, parent_ws.m_vsize);
-    const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
-    if (package_feerate <= parent_feerate) {
-        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
-                                     "package RBF failed: package feerate is less than or equal to parent feerate",
-                                     strprintf("package feerate %s <= parent feerate is %s", package_feerate.ToString(), parent_feerate.ToString()));
-    }
-
-    // Run cluster size limit checks and fail if we exceed them.
-    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
-        return package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
-    }
-
-    // Check if it's economically rational to mine this package rather than the ones it replaces.
-    if (const auto err_tup{ImprovesFeerateDiagram(*m_subpackage.m_changeset)}) {
-        Assume(err_tup->first == DiagramCheckError::FAILURE);
-        return package_state.Invalid(PackageValidationResult::PCKG_POLICY,
-                                     "package RBF failed: " + err_tup.value().second, "");
-    }
-
-    LogDebug(BCLog::TXPACKAGES, "package RBF checks passed: parent %s (wtxid=%s), child %s (wtxid=%s), package hash (%s)\n",
-        txns.front()->GetHash().ToString(), txns.front()->GetWitnessHash().ToString(),
-        txns.back()->GetHash().ToString(), txns.back()->GetWitnessHash().ToString(),
-        GetPackageHash(txns).ToString());
-
-
-    return true;
-}
-
-bool MemPoolAccept::PolicyScriptChecks(const ATMPArgs& args, Workspace& ws)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-    const CTransaction& tx = *ws.m_ptx;
-    TxValidationState& state = ws.m_state;
-
-    constexpr script_verify_flags scriptVerifyFlags = STANDARD_SCRIPT_VERIFY_FLAGS;
-
-    // Check input scripts and signatures.
-    // This is done last to help prevent CPU exhaustion denial-of-service attacks.
-    if (!CheckInputScripts(tx, state, m_view, scriptVerifyFlags, true, false, ws.m_precomputed_txdata, GetValidationCache())) {
-        // Detect a failure due to a missing witness so that p2p code can handle rejection caching appropriately.
-        if (!tx.HasWitness() && SpendsNonAnchorWitnessProg(tx, m_view)) {
-            state.Invalid(TxValidationResult::TX_WITNESS_STRIPPED,
-                    state.GetRejectReason(), state.GetDebugMessage());
-        }
-        return false; // state filled in by CheckInputScripts
-    }
-
-    return true;
-}
-
-bool MemPoolAccept::ConsensusScriptChecks(const ATMPArgs& args, Workspace& ws)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-    const CTransaction& tx = *ws.m_ptx;
-    const Txid& hash = ws.m_hash;
-    TxValidationState& state = ws.m_state;
-
-    // Check again against the current block tip's script verification
-    // flags to cache our script execution flags. This is, of course,
-    // useless if the next block has different script flags from the
-    // previous one, but because the cache tracks script flags for us it
-    // will auto-invalidate and we'll just have a few blocks of extra
-    // misses on soft-fork activation.
-    //
-    // This is also useful in case of bugs in the standard flags that cause
-    // transactions to pass as valid when they're actually invalid. For
-    // instance the STRICTENC flag was incorrectly allowing certain
-    // CHECKSIG NOT scripts to pass, even though they were invalid.
-    //
-    // There is a similar check in CreateNewBlock() to prevent creating
-    // invalid blocks (using TestBlockValidity), however allowing such
-    // transactions into the mempool can be exploited as a DoS attack.
-    script_verify_flags currentBlockScriptVerifyFlags{GetBlockScriptFlags(*m_active_chainstate.m_chain.Tip(), m_active_chainstate.m_chainman)};
-    if (!CheckInputsFromMempoolAndCache(tx, state, m_view, m_pool, currentBlockScriptVerifyFlags,
-                                        ws.m_precomputed_txdata, m_active_chainstate.CoinsTip(), GetValidationCache())) {
-        LogError("BUG! PLEASE REPORT THIS! CheckInputScripts failed against latest-block but not STANDARD flags %s, %s", hash.ToString(), state.ToString());
-        return Assume(false);
-    }
-
-    return true;
-}
-
-void MemPoolAccept::FinalizeSubpackage(const ATMPArgs& args)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-
-    if (!m_subpackage.m_changeset->GetRemovals().empty()) Assume(args.m_allow_replacement);
-    // Remove conflicting transactions from the mempool
-    for (CTxMemPool::txiter it : m_subpackage.m_changeset->GetRemovals())
-    {
-        std::string log_string = strprintf("replacing mempool tx %s (wtxid=%s, fees=%s, vsize=%s). ",
-                                      it->GetTx().GetHash().ToString(),
-                                      it->GetTx().GetWitnessHash().ToString(),
-                                      it->GetFee(),
-                                      it->GetTxSize());
-        FeeFrac feerate{m_subpackage.m_total_modified_fees, int32_t(m_subpackage.m_total_vsize)};
-        uint256 tx_or_package_hash{};
-        const bool replaced_with_tx{m_subpackage.m_changeset->GetTxCount() == 1};
-        if (replaced_with_tx) {
-            const CTransaction& tx = m_subpackage.m_changeset->GetAddedTxn(0);
-            tx_or_package_hash = tx.GetHash().ToUint256();
-            log_string += strprintf("New tx %s (wtxid=%s, fees=%s, vsize=%s)",
-                                    tx.GetHash().ToString(),
-                                    tx.GetWitnessHash().ToString(),
-                                    feerate.fee,
-                                    feerate.size);
-        } else {
-            tx_or_package_hash = GetPackageHash(m_subpackage.m_changeset->GetAddedTxns());
-            log_string += strprintf("New package %s with %lu txs, fees=%s, vsize=%s",
-                                    tx_or_package_hash.ToString(),
-                                    m_subpackage.m_changeset->GetTxCount(),
-                                    feerate.fee,
-                                    feerate.size);
-
-        }
-        LogDebug(BCLog::MEMPOOL, "%s\n", log_string);
-        TRACEPOINT(mempool, replaced,
-                it->GetTx().GetHash().data(),
-                it->GetTxSize(),
-                it->GetFee(),
-                std::chrono::duration_cast<std::chrono::duration<std::uint64_t>>(it->GetTime()).count(),
-                tx_or_package_hash.data(),
-                feerate.size,
-                feerate.fee,
-                replaced_with_tx
-        );
-        m_subpackage.m_replaced_transactions.push_back(it->GetSharedTx());
-    }
-    m_subpackage.m_changeset->Apply();
-    m_subpackage.m_changeset.reset();
-}
-
-bool MemPoolAccept::SubmitPackage(const ATMPArgs& args, std::vector<Workspace>& workspaces,
-                                  PackageValidationState& package_state,
-                                  std::map<Wtxid, MempoolAcceptResult>& results)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-    // Sanity check: none of the transactions should be in the mempool, and none of the transactions
-    // should have a same-txid-different-witness equivalent in the mempool.
-    assert(std::all_of(workspaces.cbegin(), workspaces.cend(), [this](const auto& ws) { return !m_pool.exists(ws.m_ptx->GetHash()); }));
-
-    bool all_submitted = true;
-    FinalizeSubpackage(args);
-    // ConsensusScriptChecks adds to the script cache and is therefore consensus-critical;
-    // CheckInputsFromMempoolAndCache asserts that transactions only spend coins available from the
-    // mempool or UTXO set. Submit each transaction to the mempool immediately after calling
-    // ConsensusScriptChecks to make the outputs available for subsequent transactions.
-    for (Workspace& ws : workspaces) {
-        if (!ConsensusScriptChecks(args, ws)) {
-            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
-            // Since PolicyScriptChecks() passed, this should never fail.
-            Assume(false);
-            all_submitted = false;
-            package_state.Invalid(PackageValidationResult::PCKG_MEMPOOL_ERROR,
-                                  strprintf("BUG! PolicyScriptChecks succeeded but ConsensusScriptChecks failed: %s",
-                                            ws.m_ptx->GetHash().ToString()));
-            // Remove the transaction from the mempool.
-            if (!m_subpackage.m_changeset) m_subpackage.m_changeset = m_pool.GetChangeSet();
-            m_subpackage.m_changeset->StageRemoval(m_pool.GetIter(ws.m_ptx->GetHash()).value());
-        }
-    }
-    if (!all_submitted) {
-        Assume(m_subpackage.m_changeset);
-        // This code should be unreachable; it's here as belt-and-suspenders
-        // to try to ensure we have no consensus-invalid transactions in the
-        // mempool.
-        m_subpackage.m_changeset->Apply();
-        m_subpackage.m_changeset.reset();
-        return false;
-    }
-
-    std::vector<Wtxid> all_package_wtxids;
-    all_package_wtxids.reserve(workspaces.size());
-    std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
-                   [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
-
-    if (!m_subpackage.m_replaced_transactions.empty()) {
-        LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with %u new one(s) for %s additional fees, %d delta bytes\n",
-                 m_subpackage.m_replaced_transactions.size(), workspaces.size(),
-                 m_subpackage.m_total_modified_fees - m_subpackage.m_conflicting_fees,
-                 m_subpackage.m_total_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
-    }
-
-    // Add successful results. The returned results may change later if LimitMempoolSize() evicts them.
-    for (Workspace& ws : workspaces) {
-        auto iter = m_pool.GetIter(ws.m_ptx->GetHash());
-        Assume(iter.has_value());
-        const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
-            CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
-        const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
-            std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
-        results.emplace(ws.m_ptx->GetWitnessHash(),
-                        MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
-                                         ws.m_base_fees, effective_feerate, effective_feerate_wtxids));
-        if (!m_pool.m_opts.signals) continue;
-        const CTransaction& tx = *ws.m_ptx;
-        const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
-                                                       ws.m_vsize, (*iter)->GetHeight(),
-                                                       args.m_bypass_limits, args.m_package_submission,
-                                                       IsCurrentForFeeEstimation(m_active_chainstate),
-                                                       m_pool.HasNoInputsOf(tx));
-        m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
-    }
-    return all_submitted;
-}
-
-MempoolAcceptResult MemPoolAccept::AcceptSingleTransactionInternal(const CTransactionRef& ptx, ATMPArgs& args)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-
-    Workspace ws(ptx);
-    const std::vector<Wtxid> single_wtxid{ws.m_ptx->GetWitnessHash()};
-
-    if (!PreChecks(args, ws)) {
-        if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
-            // Failed for fee reasons. Provide the effective feerate and which tx was included.
-            return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
-        }
-        return MempoolAcceptResult::Failure(ws.m_state);
-    }
-
-    if (m_subpackage.m_rbf && !ReplacementChecks(ws)) {
-        if (ws.m_state.GetResult() == TxValidationResult::TX_RECONSIDERABLE) {
-            // Failed for incentives-based fee reasons. Provide the effective feerate and which tx was included.
-            return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), single_wtxid);
-        }
-        return MempoolAcceptResult::Failure(ws.m_state);
-    }
-
-    // Check if the transaction would exceed the cluster size limit.
-    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
-        ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "too-large-cluster", "");
-        return MempoolAcceptResult::Failure(ws.m_state);
-    }
-
-    // Now that we've verified the cluster limit is respected, we can perform
-    // calculations involving the full ancestors of the tx.
-    if (ws.m_conflicts.size()) {
-        auto ancestors = m_subpackage.m_changeset->CalculateMemPoolAncestors(ws.m_tx_handle);
-
-        // A transaction that spends outputs that would be replaced by it is invalid. Now
-        // that we have the set of all ancestors we can detect this
-        // pathological case by making sure ws.m_conflicts and this tx's ancestors don't
-        // intersect.
-        if (const auto err_string{EntriesAndTxidsDisjoint(ancestors, ws.m_conflicts, ptx->GetHash())}) {
-            // We classify this as a consensus error because a transaction depending on something it
-            // conflicts with would be inconsistent.
-            ws.m_state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-spends-conflicting-tx", *err_string);
-            return MempoolAcceptResult::Failure(ws.m_state);
-        }
-    }
-
-    m_subpackage.m_total_vsize = ws.m_vsize;
-    m_subpackage.m_total_modified_fees = ws.m_modified_fees;
-
-    // Individual modified feerate exceeded caller-defined max; abort
-    if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
-        ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
-        return MempoolAcceptResult::Failure(ws.m_state);
-    }
-
-    if (!args.m_bypass_limits && m_pool.m_opts.require_standard) {
-        Wtxid dummy_wtxid;
-        if (!CheckEphemeralSpends(/*package=*/{ptx}, m_pool.m_opts.dust_relay_feerate, m_pool, ws.m_state, dummy_wtxid)) {
-            return MempoolAcceptResult::Failure(ws.m_state);
-        }
-    }
-
-    // Perform the inexpensive checks first and avoid hashing and signature verification unless
-    // those checks pass, to mitigate CPU exhaustion denial-of-service attacks.
-    if (!PolicyScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
-
-    if (!ConsensusScriptChecks(args, ws)) return MempoolAcceptResult::Failure(ws.m_state);
-
-    const CFeeRate effective_feerate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
-    // Tx was accepted, but not added
-    if (args.m_test_accept) {
-        return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize,
-                                            ws.m_base_fees, effective_feerate, single_wtxid);
-    }
-
-    FinalizeSubpackage(args);
-
-    // Limit the mempool, if appropriate.
-    if (!args.m_package_submission && !args.m_bypass_limits) {
-        LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
-        // If mempool contents change, then the m_view cache is dirty. Given this isn't a package
-        // submission, we won't be using the cache anymore, but clear it anyway for clarity.
-        CleanupTemporaryCoins();
-
-        if (!m_pool.exists(ws.m_hash)) {
-            // The tx no longer meets our (new) mempool minimum feerate but could be reconsidered in a package.
-            ws.m_state.Invalid(TxValidationResult::TX_RECONSIDERABLE, "mempool full");
-            return MempoolAcceptResult::FeeFailure(ws.m_state, CFeeRate(ws.m_modified_fees, ws.m_vsize), {ws.m_ptx->GetWitnessHash()});
-        }
-    }
-
-    if (m_pool.m_opts.signals) {
-        const CTransaction& tx = *ws.m_ptx;
-        auto iter = m_pool.GetIter(tx.GetHash());
-        Assume(iter.has_value());
-        const auto tx_info = NewMempoolTransactionInfo(ws.m_ptx, ws.m_base_fees,
-                                                       ws.m_vsize, (*iter)->GetHeight(),
-                                                       args.m_bypass_limits, args.m_package_submission,
-                                                       IsCurrentForFeeEstimation(m_active_chainstate),
-                                                       m_pool.HasNoInputsOf(tx));
-        m_pool.m_opts.signals->TransactionAddedToMempool(tx_info, m_pool.GetAndIncrementSequence());
-    }
-
-    if (!m_subpackage.m_replaced_transactions.empty()) {
-        LogDebug(BCLog::MEMPOOL, "replaced %u mempool transactions with 1 new transaction for %s additional fees, %d delta bytes\n",
-                 m_subpackage.m_replaced_transactions.size(),
-                 ws.m_modified_fees - m_subpackage.m_conflicting_fees,
-                 ws.m_vsize - static_cast<int>(m_subpackage.m_conflicting_size));
-    }
-
-    return MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions), ws.m_vsize, ws.m_base_fees,
-                                        effective_feerate, single_wtxid);
-}
-
-PackageMempoolAcceptResult MemPoolAccept::AcceptMultipleTransactionsInternal(const std::vector<CTransactionRef>& txns, ATMPArgs& args)
-{
-    AssertLockHeld(cs_main);
-    AssertLockHeld(m_pool.cs);
-
-    // These context-free package limits can be done before taking the mempool lock.
-    PackageValidationState package_state;
-    if (!IsWellFormedPackage(txns, package_state)) return PackageMempoolAcceptResult(package_state, {});
-
-    std::vector<Workspace> workspaces{};
-    workspaces.reserve(txns.size());
-    std::transform(txns.cbegin(), txns.cend(), std::back_inserter(workspaces),
-                   [](const auto& tx) { return Workspace(tx); });
-    std::map<Wtxid, MempoolAcceptResult> results;
-
-    // Do all PreChecks first and fail fast to avoid running expensive script checks when unnecessary.
-    for (Workspace& ws : workspaces) {
-        if (!PreChecks(args, ws)) {
-            package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-            // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
-            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
-            return PackageMempoolAcceptResult(package_state, std::move(results));
-        }
-
-        // Individual modified feerate exceeded caller-defined max; abort
-        // N.B. this doesn't take into account CPFPs. Chunk-aware validation may be more robust.
-        if (args.m_client_maxfeerate && CFeeRate(ws.m_modified_fees, ws.m_vsize) > args.m_client_maxfeerate.value()) {
-            // Need to set failure here both individually and at package level
-            ws.m_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "max feerate exceeded", "");
-            package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-            // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
-            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
-            return PackageMempoolAcceptResult(package_state, std::move(results));
-        }
-
-        // Make the coins created by this transaction available for subsequent transactions in the
-        // package to spend. If there are no conflicts within the package, no transaction can spend a coin
-        // needed by another transaction in the package. We also need to make sure that no package
-        // tx replaces (or replaces the ancestor of) the parent of another package tx. As long as we
-        // check these two things, we don't need to track the coins spent.
-        // If a package tx conflicts with a mempool tx, PackageRBFChecks() ensures later that any package RBF attempt
-        // has *no* in-mempool ancestors, so we don't have to worry about subsequent transactions in
-        // same package spending the same in-mempool outpoints. This needs to be revisited for general
-        // package RBF.
-        m_viewmempool.PackageAddTransaction(ws.m_ptx);
-    }
-
-    // At this point we have all in-mempool parents, and we know every transaction's vsize.
-    // Run the TRUC checks on the package.
-    for (Workspace& ws : workspaces) {
-        if (auto err{PackageTRUCChecks(m_pool, ws.m_ptx, ws.m_vsize, txns, ws.m_parents)}) {
-            package_state.Invalid(PackageValidationResult::PCKG_POLICY, "TRUC-violation", err.value());
-            return PackageMempoolAcceptResult(package_state, {});
-        }
-    }
-
-    // Transactions must meet two minimum feerates: the mempool minimum fee and min relay fee.
-    // For transactions consisting of exactly one child and its parents, it suffices to use the
-    // package feerate (total modified fees / total virtual size) to check this requirement.
-    // Note that this is an aggregate feerate; this function has not checked that there are transactions
-    // too low feerate to pay for themselves, or that the child transactions are higher feerate than
-    // their parents. Using aggregate feerate may allow "parents pay for child" behavior and permit
-    // a child that is below mempool minimum feerate. To avoid these behaviors, callers of
-    // AcceptMultipleTransactions need to restrict txns topology (e.g. to ancestor sets) and check
-    // the feerates of individuals and subsets.
-    m_subpackage.m_total_vsize = std::accumulate(workspaces.cbegin(), workspaces.cend(), int64_t{0},
-        [](int64_t sum, auto& ws) { return sum + ws.m_vsize; });
-    m_subpackage.m_total_modified_fees = std::accumulate(workspaces.cbegin(), workspaces.cend(), CAmount{0},
-        [](CAmount sum, auto& ws) { return sum + ws.m_modified_fees; });
-    const CFeeRate package_feerate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize);
-    std::vector<Wtxid> all_package_wtxids;
-    all_package_wtxids.reserve(workspaces.size());
-    std::transform(workspaces.cbegin(), workspaces.cend(), std::back_inserter(all_package_wtxids),
-                   [](const auto& ws) { return ws.m_ptx->GetWitnessHash(); });
-    TxValidationState placeholder_state;
-    if (args.m_package_feerates &&
-        !CheckFeeRate(m_subpackage.m_total_vsize, m_subpackage.m_total_modified_fees, placeholder_state)) {
-        package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-        return PackageMempoolAcceptResult(package_state, {{workspaces.back().m_ptx->GetWitnessHash(),
-            MempoolAcceptResult::FeeFailure(placeholder_state, CFeeRate(m_subpackage.m_total_modified_fees, m_subpackage.m_total_vsize), all_package_wtxids)}});
-    }
-
-    // Apply package mempool RBF checks.
-    if (m_subpackage.m_rbf && !PackageRBFChecks(txns, workspaces, m_subpackage.m_total_vsize, package_state)) {
-        return PackageMempoolAcceptResult(package_state, std::move(results));
-    }
-
-    // Check if the transactions would exceed the cluster size limit.
-    if (!m_subpackage.m_changeset->CheckMemPoolPolicyLimits()) {
-        package_state.Invalid(PackageValidationResult::PCKG_POLICY, "too-large-cluster", "");
-        return PackageMempoolAcceptResult(package_state, std::move(results));
-    }
-
-    // Now that we've bounded the resulting possible ancestry count, check package for dust spends
-    if (m_pool.m_opts.require_standard) {
-        TxValidationState child_state;
-        Wtxid child_wtxid;
-        if (!CheckEphemeralSpends(txns, m_pool.m_opts.dust_relay_feerate, m_pool, child_state, child_wtxid)) {
-            package_state.Invalid(PackageValidationResult::PCKG_TX, "unspent-dust");
-            results.emplace(child_wtxid, MempoolAcceptResult::Failure(child_state));
-            return PackageMempoolAcceptResult(package_state, std::move(results));
-        }
-    }
-
-    for (Workspace& ws : workspaces) {
-        ws.m_package_feerate = package_feerate;
-        if (!PolicyScriptChecks(args, ws)) {
-            // Exit early to avoid doing pointless work. Update the failed tx result; the rest are unfinished.
-            package_state.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-            results.emplace(ws.m_ptx->GetWitnessHash(), MempoolAcceptResult::Failure(ws.m_state));
-            return PackageMempoolAcceptResult(package_state, std::move(results));
-        }
-        if (args.m_test_accept) {
-            const auto effective_feerate = args.m_package_feerates ? ws.m_package_feerate :
-                CFeeRate{ws.m_modified_fees, static_cast<int32_t>(ws.m_vsize)};
-            const auto effective_feerate_wtxids = args.m_package_feerates ? all_package_wtxids :
-                std::vector<Wtxid>{ws.m_ptx->GetWitnessHash()};
-            results.emplace(ws.m_ptx->GetWitnessHash(),
-                            MempoolAcceptResult::Success(std::move(m_subpackage.m_replaced_transactions),
-                                                         ws.m_vsize, ws.m_base_fees, effective_feerate,
-                                                         effective_feerate_wtxids));
-        }
-    }
-
-    if (args.m_test_accept) return PackageMempoolAcceptResult(package_state, std::move(results));
-
-    if (!SubmitPackage(args, workspaces, package_state, results)) {
-        // PackageValidationState filled in by SubmitPackage().
-        return PackageMempoolAcceptResult(package_state, std::move(results));
-    }
-
-    return PackageMempoolAcceptResult(package_state, std::move(results));
-}
-
-void MemPoolAccept::CleanupTemporaryCoins()
-{
-    // There are 3 kinds of coins in m_view:
-    // (1) Temporary coins from the transactions in subpackage, constructed by m_viewmempool.
-    // (2) Mempool coins from transactions in the mempool, constructed by m_viewmempool.
-    // (3) Confirmed coins fetched from our current UTXO set.
-    //
-    // (1) Temporary coins need to be removed, regardless of whether the transaction was submitted.
-    // If the transaction was submitted to the mempool, m_viewmempool will be able to fetch them from
-    // there. If it wasn't submitted to mempool, it is incorrect to keep them - future calls may try
-    // to spend those coins that don't actually exist.
-    // (2) Mempool coins also need to be removed. If the mempool contents have changed as a result
-    // of submitting or replacing transactions, coins previously fetched from mempool may now be
-    // spent or nonexistent. Those coins need to be deleted from m_view.
-    // (3) Confirmed coins don't need to be removed. The chainstate has not changed (we are
-    // holding cs_main and no blocks have been processed) so the confirmed tx cannot disappear like
-    // a mempool tx can. The coin may now be spent after we submitted a tx to mempool, but
-    // we have already checked that the package does not have 2 transactions spending the same coin
-    // and we check whether a mempool transaction spends conflicting coins (CTxMemPool::GetConflictTx).
-    // Keeping them in m_view is an optimization to not re-fetch confirmed coins if we later look up
-    // inputs for this transaction again.
-    for (const auto& outpoint : m_viewmempool.GetNonBaseCoins()) {
-        // In addition to resetting m_viewmempool, we also need to manually delete these coins from
-        // m_view because it caches copies of the coins it fetched from m_viewmempool previously.
-        m_view.Uncache(outpoint);
-    }
-    // This deletes the temporary and mempool coins.
-    m_viewmempool.Reset();
-}
-
-PackageMempoolAcceptResult MemPoolAccept::AcceptSubPackage(const std::vector<CTransactionRef>& subpackage, ATMPArgs& args)
-{
-    AssertLockHeld(::cs_main);
-    AssertLockHeld(m_pool.cs);
-    auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(::cs_main, m_pool.cs) {
-        if (subpackage.size() > 1) {
-            return AcceptMultipleTransactionsInternal(subpackage, args);
-        }
-        const auto& tx = subpackage.front();
-        ATMPArgs single_args = ATMPArgs::SingleInPackageAccept(args);
-        const auto single_res = AcceptSingleTransactionInternal(tx, single_args);
-        PackageValidationState package_state_wrapped;
-        if (single_res.m_result_type != MempoolAcceptResult::ResultType::VALID) {
-            package_state_wrapped.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-        }
-        return PackageMempoolAcceptResult(package_state_wrapped, {{tx->GetWitnessHash(), single_res}});
-    }();
-
-    // Clean up m_view and m_viewmempool so that other subpackage evaluations don't have access to
-    // coins they shouldn't. Keep some coins in order to minimize re-fetching coins from the UTXO set.
-    // Clean up package feerate and rbf calculations
-    ClearSubPackageState();
-
-    return result;
-}
-
-PackageMempoolAcceptResult MemPoolAccept::AcceptPackage(const Package& package, ATMPArgs& args)
-{
-    Assert(!package.empty());
-    AssertLockHeld(cs_main);
-    // Used if returning a PackageMempoolAcceptResult directly from this function.
-    PackageValidationState package_state_quit_early;
-
-    // There are two topologies we are able to handle through this function:
-    // (1) A single transaction
-    // (2) A child-with-parents package.
-    // Check that the package is well-formed. If it isn't, we won't try to validate any of the
-    // transactions and thus won't return any MempoolAcceptResults, just a package-wide error.
-
-    // Context-free package checks.
-    if (!IsWellFormedPackage(package, package_state_quit_early)) {
-        return PackageMempoolAcceptResult(package_state_quit_early, {});
-    }
-
-    if (package.size() > 1 && !IsChildWithParents(package)) {
-        // All transactions in the package must be a parent of the last transaction. This is just an
-        // opportunity for us to fail fast on a context-free check without taking the mempool lock.
-        package_state_quit_early.Invalid(PackageValidationResult::PCKG_POLICY, "package-not-child-with-parents");
-        return PackageMempoolAcceptResult(package_state_quit_early, {});
-    }
-
-    LOCK(m_pool.cs);
-    // Stores results from which we will create the returned PackageMempoolAcceptResult.
-    // A result may be changed if a mempool transaction is evicted later due to LimitMempoolSize().
-    std::map<Wtxid, MempoolAcceptResult> results_final;
-    // Results from individual validation which will be returned if no other result is available for
-    // this transaction. "Nonfinal" because if a transaction fails by itself but succeeds later
-    // (i.e. when evaluated with a fee-bumping child), the result in this map may be discarded.
-    std::map<Wtxid, MempoolAcceptResult> individual_results_nonfinal;
-    // Tracks whether we think package submission could result in successful entry to the mempool
-    bool quit_early{false};
-    std::vector<CTransactionRef> txns_package_eval;
-    for (const auto& tx : package) {
-        const auto& wtxid = tx->GetWitnessHash();
-        const auto& txid = tx->GetHash();
-        // There are 3 possibilities: already in mempool, same-txid-diff-wtxid already in mempool,
-        // or not in mempool. An already confirmed tx is treated as one not in mempool, because all
-        // we know is that the inputs aren't available.
-        if (m_pool.exists(wtxid)) {
-            // Exact transaction already exists in the mempool.
-            // Node operators are free to set their mempool policies however they please, nodes may receive
-            // transactions in different orders, and malicious counterparties may try to take advantage of
-            // policy differences to pin or delay propagation of transactions. As such, it's possible for
-            // some package transaction(s) to already be in the mempool, and we don't want to reject the
-            // entire package in that case (as that could be a censorship vector). De-duplicate the
-            // transactions that are already in the mempool, and only call AcceptMultipleTransactions() with
-            // the new transactions. This ensures we don't double-count transaction counts and sizes when
-            // checking ancestor/descendant limits, or double-count transaction fees for fee-related policy.
-            const auto& entry{*Assert(m_pool.GetEntry(txid))};
-            results_final.emplace(wtxid, MempoolAcceptResult::MempoolTx(entry.GetTxSize(), entry.GetFee()));
-        } else if (m_pool.exists(txid)) {
-            // Transaction with the same non-witness data but different witness (same txid,
-            // different wtxid) already exists in the mempool.
-            //
-            // We don't allow replacement transactions right now, so just swap the package
-            // transaction for the mempool one. Note that we are ignoring the validity of the
-            // package transaction passed in.
-            // TODO: allow witness replacement in packages.
-            const auto& entry{*Assert(m_pool.GetEntry(txid))};
-            // Provide the wtxid of the mempool tx so that the caller can look it up in the mempool.
-            results_final.emplace(wtxid, MempoolAcceptResult::MempoolTxDifferentWitness(entry.GetTx().GetWitnessHash()));
-        } else {
-            // Transaction does not already exist in the mempool.
-            // Try submitting the transaction on its own.
-            const auto single_package_res = AcceptSubPackage({tx}, args);
-            const auto& single_res = single_package_res.m_tx_results.at(wtxid);
-            if (single_res.m_result_type == MempoolAcceptResult::ResultType::VALID) {
-                // The transaction succeeded on its own and is now in the mempool. Don't include it
-                // in package validation, because its fees should only be "used" once.
-                assert(m_pool.exists(wtxid));
-                results_final.emplace(wtxid, single_res);
-            } else if (package.size() == 1 || // If there is only one transaction, no need to retry it "as a package"
-                       (single_res.m_state.GetResult() != TxValidationResult::TX_RECONSIDERABLE &&
-                       single_res.m_state.GetResult() != TxValidationResult::TX_MISSING_INPUTS)) {
-                // Package validation policy only differs from individual policy in its evaluation
-                // of feerate. For example, if a transaction fails here due to violation of a
-                // consensus rule, the result will not change when it is submitted as part of a
-                // package. To minimize the amount of repeated work, unless the transaction fails
-                // due to feerate or missing inputs (its parent is a previous transaction in the
-                // package that failed due to feerate), don't run package validation. Note that this
-                // decision might not make sense if different types of packages are allowed in the
-                // future.  Continue individually validating the rest of the transactions, because
-                // some of them may still be valid.
-                quit_early = true;
-                package_state_quit_early.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-                individual_results_nonfinal.emplace(wtxid, single_res);
-            } else {
-                individual_results_nonfinal.emplace(wtxid, single_res);
-                txns_package_eval.push_back(tx);
-            }
-        }
-    }
-
-    auto multi_submission_result = quit_early || txns_package_eval.empty() ? PackageMempoolAcceptResult(package_state_quit_early, {}) :
-        AcceptSubPackage(txns_package_eval, args);
-    PackageValidationState& package_state_final = multi_submission_result.m_state;
-
-    // This is invoked by AcceptSubPackage() already, so this is just here for
-    // clarity (since it's not permitted to invoke LimitMempoolSize() while a
-    // changeset is outstanding).
-    ClearSubPackageState();
-
-    // Make sure we haven't exceeded max mempool size.
-    // Package transactions that were submitted to mempool or already in mempool may be evicted.
-    // If mempool contents change, then the m_view cache is dirty. It has already been cleared above.
-    LimitMempoolSize(m_pool, m_active_chainstate.CoinsTip());
-
-    for (const auto& tx : package) {
-        const auto& wtxid = tx->GetWitnessHash();
-        if (multi_submission_result.m_tx_results.contains(wtxid)) {
-            // We shouldn't have re-submitted if the tx result was already in results_final.
-            Assume(!results_final.contains(wtxid));
-            // If it was submitted, check to see if the tx is still in the mempool. It could have
-            // been evicted due to LimitMempoolSize() above.
-            const auto& txresult = multi_submission_result.m_tx_results.at(wtxid);
-            if (txresult.m_result_type == MempoolAcceptResult::ResultType::VALID && !m_pool.exists(wtxid)) {
-                package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-                TxValidationState mempool_full_state;
-                mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
-                results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
-            } else {
-                results_final.emplace(wtxid, txresult);
-            }
-        } else if (const auto it{results_final.find(wtxid)}; it != results_final.end()) {
-            // Already-in-mempool transaction. Check to see if it's still there, as it could have
-            // been evicted when LimitMempoolSize() was called.
-            Assume(it->second.m_result_type != MempoolAcceptResult::ResultType::INVALID);
-            Assume(!individual_results_nonfinal.contains(wtxid));
-            // Query by txid to include the same-txid-different-witness ones.
-            if (!m_pool.exists(tx->GetHash())) {
-                package_state_final.Invalid(PackageValidationResult::PCKG_TX, "transaction failed");
-                TxValidationState mempool_full_state;
-                mempool_full_state.Invalid(TxValidationResult::TX_MEMPOOL_POLICY, "mempool full");
-                // Replace the previous result.
-                results_final.erase(wtxid);
-                results_final.emplace(wtxid, MempoolAcceptResult::Failure(mempool_full_state));
-            }
-        } else if (const auto it{individual_results_nonfinal.find(wtxid)}; it != individual_results_nonfinal.end()) {
-            Assume(it->second.m_result_type == MempoolAcceptResult::ResultType::INVALID);
-            // Interesting result from previous processing.
-            results_final.emplace(wtxid, it->second);
-        }
-    }
-    Assume(results_final.size() == package.size());
-    return PackageMempoolAcceptResult(package_state_final, std::move(results_final));
-}
-
-} // anon namespace
-
-MempoolAcceptResult AcceptToMemoryPool(Chainstate& active_chainstate, const CTransactionRef& tx,
-                                       int64_t accept_time, bool bypass_limits, bool test_accept)
-{
-    AssertLockHeld(::cs_main);
-    const CChainParams& chainparams{active_chainstate.m_chainman.GetParams()};
-    assert(active_chainstate.GetMempool() != nullptr);
-    CTxMemPool& pool{*active_chainstate.GetMempool()};
-
-    std::vector<COutPoint> coins_to_uncache;
-
-    auto args = MemPoolAccept::ATMPArgs::SingleAccept(chainparams, accept_time, bypass_limits, coins_to_uncache, test_accept);
-    MempoolAcceptResult result = MemPoolAccept(pool, active_chainstate).AcceptSingleTransactionAndCleanup(tx, args);
-
-    if (result.m_result_type != MempoolAcceptResult::ResultType::VALID) {
-        // Remove coins that were not present in the coins cache before calling
-        // AcceptSingleTransaction(); this is to prevent memory DoS in case we receive a large
-        // number of invalid transactions that attempt to overrun the in-memory coins cache
-        // (`CCoinsViewCache::cacheCoins`).
-
-        for (const COutPoint& hashTx : coins_to_uncache)
-            active_chainstate.CoinsTip().Uncache(hashTx);
-        TRACEPOINT(mempool, rejected,
-                tx->GetHash().data(),
-                result.m_state.GetRejectReason().c_str()
-        );
-    }
-    // After we've (potentially) uncached entries, ensure our coins cache is still within its size limits
-    BlockValidationState state_dummy;
-    active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
-    return result;
-}
-
-PackageMempoolAcceptResult ProcessNewPackage(Chainstate& active_chainstate, CTxMemPool& pool,
-                                                   const Package& package, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
-{
-    AssertLockHeld(cs_main);
-    assert(!package.empty());
-    assert(std::all_of(package.cbegin(), package.cend(), [](const auto& tx){return tx != nullptr;}));
-
-    std::vector<COutPoint> coins_to_uncache;
-    const CChainParams& chainparams = active_chainstate.m_chainman.GetParams();
-    auto result = [&]() EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
-        AssertLockHeld(cs_main);
-        if (test_accept) {
-            auto args = MemPoolAccept::ATMPArgs::PackageTestAccept(chainparams, GetTime(), coins_to_uncache);
-            return MemPoolAccept(pool, active_chainstate).AcceptMultipleTransactionsAndCleanup(package, args);
-        } else {
-            auto args = MemPoolAccept::ATMPArgs::PackageChildWithParents(chainparams, GetTime(), coins_to_uncache, client_maxfeerate);
-            return MemPoolAccept(pool, active_chainstate).AcceptPackage(package, args);
-        }
-    }();
-
-    // Uncache coins pertaining to transactions that were not submitted to the mempool.
-    if (test_accept || result.m_state.IsInvalid()) {
-        for (const COutPoint& hashTx : coins_to_uncache) {
-            active_chainstate.CoinsTip().Uncache(hashTx);
-        }
-    }
-    // Ensure the coins cache is still within limits.
-    BlockValidationState state_dummy;
-    active_chainstate.FlushStateToDisk(state_dummy, FlushStateMode::PERIODIC);
-    return result;
-}
-
 CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams)
 {
     int halvings = nHeight / consensusParams.nSubsidyHalvingInterval;
@@ -3047,7 +1371,7 @@ bool Chainstate::ActivateBestChainStep(BlockValidationState& state, CBlockIndex&
         if (!DisconnectTip(state, &disconnectpool)) {
             // This is likely a fatal error, but keep the mempool consistent,
             // just in case. Only remove from the mempool in this case.
-            MaybeUpdateMempoolForReorg(disconnectpool, false);
+            if (m_mempool) MaybeUpdateMempoolForReorg(*this, *m_mempool, disconnectpool, false);
 
             // If we're unable to disconnect a block during normal operation,
             // then that is a failure of our local system -- we should abort
@@ -3091,7 +1415,7 @@ bool Chainstate::ActivateBestChainStep(BlockValidationState& state, CBlockIndex&
                     // A system error occurred (disk space, database error, ...).
                     // Make the mempool consistent with the current tip, just in case
                     // any observers try to use it before shutdown.
-                    MaybeUpdateMempoolForReorg(disconnectpool, false);
+                    if (m_mempool) MaybeUpdateMempoolForReorg(*this, *m_mempool, disconnectpool, false);
                     return false;
                 }
             } else {
@@ -3108,7 +1432,7 @@ bool Chainstate::ActivateBestChainStep(BlockValidationState& state, CBlockIndex&
     if (fBlocksDisconnected) {
         // If any blocks were disconnected, disconnectpool may be non empty.  Add
         // any disconnected transactions back to the mempool.
-        MaybeUpdateMempoolForReorg(disconnectpool, true);
+        if (m_mempool) MaybeUpdateMempoolForReorg(*this, *m_mempool, disconnectpool, true);
     }
     if (m_mempool) m_mempool->check(this->CoinsTip(), this->m_chain.Height() + 1);
 
@@ -3393,7 +1717,7 @@ bool Chainstate::InvalidateBlock(BlockValidationState& state, CBlockIndex* const
         // transactions back to the mempool if disconnecting was successful,
         // and we're not doing a very deep invalidation (in which case
         // keeping the mempool up to date is probably futile anyway).
-        MaybeUpdateMempoolForReorg(disconnectpool, /* fAddToMempool = */ (++disconnected <= 10) && ret);
+        if (m_mempool) MaybeUpdateMempoolForReorg(*this, *m_mempool, disconnectpool, /* fAddToMempool = */ (++disconnected <= 10) && ret);
         if (!ret) return false;
         CBlockIndex* new_tip{m_chain.Tip()};
         assert(disconnected_tip->pprev == new_tip);
@@ -4219,21 +2543,6 @@ bool ChainstateManager::ProcessNewBlock(const std::shared_ptr<const CBlock>& blo
     return true;
 }
 
-MempoolAcceptResult ChainstateManager::ProcessTransaction(const CTransactionRef& tx, bool test_accept)
-{
-    AssertLockHeld(cs_main);
-    Chainstate& active_chainstate = ActiveChainstate();
-    if (!active_chainstate.GetMempool()) {
-        TxValidationState state;
-        state.Invalid(TxValidationResult::TX_NO_MEMPOOL, "no-mempool");
-        return MempoolAcceptResult::Failure(state);
-    }
-    auto result = AcceptToMemoryPool(active_chainstate, tx, GetTime(), /*bypass_limits=*/ false, test_accept);
-    active_chainstate.GetMempool()->check(active_chainstate.CoinsTip(), active_chainstate.m_chain.Height() + 1);
-    return result;
-}
-
-
 BlockValidationState TestBlockValidity(
     Chainstate& chainstate,
     const CBlock& block,
diff --git a/src/validation.h b/src/validation.h
index dce35f39468a..5d2b50334144 100644
--- a/src/validation.h
+++ b/src/validation.h
@@ -13,6 +13,7 @@
 #include <coins.h>
 #include <consensus/amount.h>
 #include <consensus/tx_verify.h>
+#include <mempool_validation.h>
 #include <cuckoocache.h>
 #include <deploymentstatus.h>
 #include <kernel/chain.h>
@@ -100,225 +101,6 @@ bool FatalError(kernel::Notifications& notifications, BlockValidationState& stat
 /** Prune block files up to a given height */
 void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight);
 
-/**
-* Validation result for a transaction evaluated by MemPoolAccept (single or package).
-* Here are the expected fields and properties of a result depending on its ResultType, applicable to
-* results returned from package evaluation:
-*+---------------------------+----------------+-------------------+------------------+----------------+-------------------+
-*| Field or property         |    VALID       |                 INVALID              |  MEMPOOL_ENTRY | DIFFERENT_WITNESS |
-*|                           |                |--------------------------------------|                |                   |
-*|                           |                | TX_RECONSIDERABLE |     Other        |                |                   |
-*+---------------------------+----------------+-------------------+------------------+----------------+-------------------+
-*| txid in mempool?          | yes            | no                | no*              | yes            | yes               |
-*| wtxid in mempool?         | yes            | no                | no*              | yes            | no                |
-*| m_state                   | yes, IsValid() | yes, IsInvalid()  | yes, IsInvalid() | yes, IsValid() | yes, IsValid()    |
-*| m_vsize                   | yes            | no                | no               | yes            | no                |
-*| m_base_fees               | yes            | no                | no               | yes            | no                |
-*| m_effective_feerate       | yes            | yes               | no               | no             | no                |
-*| m_wtxids_fee_calculations | yes            | yes               | no               | no             | no                |
-*| m_other_wtxid             | no             | no                | no               | no             | yes               |
-*+---------------------------+----------------+-------------------+------------------+----------------+-------------------+
-* (*) Individual transaction acceptance doesn't return MEMPOOL_ENTRY and DIFFERENT_WITNESS. It returns
-* INVALID, with the errors txn-already-in-mempool and txn-same-nonwitness-data-in-mempool
-* respectively. In those cases, the txid or wtxid may be in the mempool for a TX_CONFLICT.
-*/
-struct MempoolAcceptResult {
-    /** Used to indicate the results of mempool validation. */
-    enum class ResultType {
-        VALID, //!> Fully validated, valid.
-        INVALID, //!> Invalid.
-        MEMPOOL_ENTRY, //!> Valid, transaction was already in the mempool.
-        DIFFERENT_WITNESS, //!> Not validated. A same-txid-different-witness tx (see m_other_wtxid) already exists in the mempool and was not replaced.
-    };
-    /** Result type. Present in all MempoolAcceptResults. */
-    const ResultType m_result_type;
-
-    /** Contains information about why the transaction failed. */
-    const TxValidationState m_state;
-
-    /** Mempool transactions replaced by the tx. */
-    const std::list<CTransactionRef> m_replaced_transactions;
-    /** Virtual size as used by the mempool, calculated using serialized size and sigops. */
-    const std::optional<int64_t> m_vsize;
-    /** Raw base fees in satoshis. */
-    const std::optional<CAmount> m_base_fees;
-    /** The feerate at which this transaction was considered. This includes any fee delta added
-     * using prioritisetransaction (i.e. modified fees). If this transaction was submitted as a
-     * package, this is the package feerate, which may also include its descendants and/or
-     * ancestors (see m_wtxids_fee_calculations below).
-     */
-    const std::optional<CFeeRate> m_effective_feerate;
-    /** Contains the wtxids of the transactions used for fee-related checks. Includes this
-     * transaction's wtxid and may include others if this transaction was validated as part of a
-     * package. This is not necessarily equivalent to the list of transactions passed to
-     * ProcessNewPackage().
-     * Only present when m_result_type = ResultType::VALID. */
-    const std::optional<std::vector<Wtxid>> m_wtxids_fee_calculations;
-
-    /** The wtxid of the transaction in the mempool which has the same txid but different witness. */
-    const std::optional<Wtxid> m_other_wtxid;
-
-    static MempoolAcceptResult Failure(TxValidationState state) {
-        return MempoolAcceptResult(state);
-    }
-
-    static MempoolAcceptResult FeeFailure(TxValidationState state,
-                                          CFeeRate effective_feerate,
-                                          const std::vector<Wtxid>& wtxids_fee_calculations) {
-        return MempoolAcceptResult(state, effective_feerate, wtxids_fee_calculations);
-    }
-
-    static MempoolAcceptResult Success(std::list<CTransactionRef>&& replaced_txns,
-                                       int64_t vsize,
-                                       CAmount fees,
-                                       CFeeRate effective_feerate,
-                                       const std::vector<Wtxid>& wtxids_fee_calculations) {
-        return MempoolAcceptResult(std::move(replaced_txns), vsize, fees,
-                                   effective_feerate, wtxids_fee_calculations);
-    }
-
-    static MempoolAcceptResult MempoolTx(int64_t vsize, CAmount fees) {
-        return MempoolAcceptResult(vsize, fees);
-    }
-
-    static MempoolAcceptResult MempoolTxDifferentWitness(const Wtxid& other_wtxid) {
-        return MempoolAcceptResult(other_wtxid);
-    }
-
-// Private constructors. Use static methods MempoolAcceptResult::Success, etc. to construct.
-private:
-    /** Constructor for failure case */
-    explicit MempoolAcceptResult(TxValidationState state)
-        : m_result_type(ResultType::INVALID), m_state(state) {
-            Assume(!state.IsValid()); // Can be invalid or error
-        }
-
-    /** Constructor for success case */
-    explicit MempoolAcceptResult(std::list<CTransactionRef>&& replaced_txns,
-                                 int64_t vsize,
-                                 CAmount fees,
-                                 CFeeRate effective_feerate,
-                                 const std::vector<Wtxid>& wtxids_fee_calculations)
-        : m_result_type(ResultType::VALID),
-        m_replaced_transactions(std::move(replaced_txns)),
-        m_vsize{vsize},
-        m_base_fees(fees),
-        m_effective_feerate(effective_feerate),
-        m_wtxids_fee_calculations(wtxids_fee_calculations) {}
-
-    /** Constructor for fee-related failure case */
-    explicit MempoolAcceptResult(TxValidationState state,
-                                 CFeeRate effective_feerate,
-                                 const std::vector<Wtxid>& wtxids_fee_calculations)
-        : m_result_type(ResultType::INVALID),
-        m_state(state),
-        m_effective_feerate(effective_feerate),
-        m_wtxids_fee_calculations(wtxids_fee_calculations) {}
-
-    /** Constructor for already-in-mempool case. It wouldn't replace any transactions. */
-    explicit MempoolAcceptResult(int64_t vsize, CAmount fees)
-        : m_result_type(ResultType::MEMPOOL_ENTRY), m_vsize{vsize}, m_base_fees(fees) {}
-
-    /** Constructor for witness-swapped case. */
-    explicit MempoolAcceptResult(const Wtxid& other_wtxid)
-        : m_result_type(ResultType::DIFFERENT_WITNESS), m_other_wtxid(other_wtxid) {}
-};
-
-/**
-* Validation result for package mempool acceptance.
-*/
-struct PackageMempoolAcceptResult
-{
-    PackageValidationState m_state;
-    /**
-    * Map from wtxid to finished MempoolAcceptResults. The client is responsible
-    * for keeping track of the transaction objects themselves. If a result is not
-    * present, it means validation was unfinished for that transaction. If there
-    * was a package-wide error (see result in m_state), m_tx_results will be empty.
-    */
-    std::map<Wtxid, MempoolAcceptResult> m_tx_results;
-
-    explicit PackageMempoolAcceptResult(PackageValidationState state,
-                                        std::map<Wtxid, MempoolAcceptResult>&& results)
-        : m_state{state}, m_tx_results(std::move(results)) {}
-
-    explicit PackageMempoolAcceptResult(PackageValidationState state, CFeeRate feerate,
-                                        std::map<Wtxid, MempoolAcceptResult>&& results)
-        : m_state{state}, m_tx_results(std::move(results)) {}
-
-    /** Constructor to create a PackageMempoolAcceptResult from a single MempoolAcceptResult */
-    explicit PackageMempoolAcceptResult(const Wtxid& wtxid, const MempoolAcceptResult& result)
-        : m_tx_results{ {wtxid, result} } {}
-};
-
-/**
- * Try to add a transaction to the mempool. This is an internal function and is exposed only for testing.
- * Client code should use ChainstateManager::ProcessTransaction()
- *
- * @param[in]  active_chainstate  Reference to the active chainstate.
- * @param[in]  tx                 The transaction to submit for mempool acceptance.
- * @param[in]  accept_time        The timestamp for adding the transaction to the mempool.
- *                                It is also used to determine when the entry expires.
- * @param[in]  bypass_limits      When true, don't enforce mempool fee and capacity limits,
- *                                and set entry_sequence to zero.
- * @param[in]  test_accept        When true, run validation checks but don't submit to mempool.
- *
- * @returns a MempoolAcceptResult indicating whether the transaction was accepted/rejected with reason.
- */
-MempoolAcceptResult AcceptToMemoryPool(Chainstate& active_chainstate, const CTransactionRef& tx,
-                                       int64_t accept_time, bool bypass_limits, bool test_accept)
-    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
-/**
-* Validate (and maybe submit) a package to the mempool. See doc/policy/packages.md for full details
-* on package validation rules.
-* @param[in]    test_accept         When true, run validation checks but don't submit to mempool.
-* @param[in]    client_maxfeerate    If exceeded by an individual transaction, rest of (sub)package evaluation is aborted.
-*                                   Only for sanity checks against local submission of transactions.
-* @returns a PackageMempoolAcceptResult which includes a MempoolAcceptResult for each transaction.
-* If a transaction fails, validation will exit early and some results may be missing. It is also
-* possible for the package to be partially submitted.
-*/
-PackageMempoolAcceptResult ProcessNewPackage(Chainstate& active_chainstate, CTxMemPool& pool,
-                                                   const Package& txns, bool test_accept, const std::optional<CFeeRate>& client_maxfeerate)
-                                                   EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
-/* Mempool validation helper functions */
-
-/**
- * Calculate LockPoints required to check if transaction will be BIP68 final in the next block
- * to be created on top of tip.
- *
- * @param[in]   tip             Chain tip for which tx sequence locks are calculated. For
- *                              example, the tip of the current active chain.
- * @param[in]   coins_view      Any CCoinsView that provides access to the relevant coins for
- *                              checking sequence locks. For example, it can be a CCoinsViewCache
- *                              that isn't connected to anything but contains all the relevant
- *                              coins, or a CCoinsViewMemPool that is connected to the
- *                              mempool and chainstate UTXO set. In the latter case, the caller
- *                              is responsible for holding the appropriate locks to ensure that
- *                              calls to GetCoin() return correct coins.
- * @param[in]   tx              The transaction being evaluated.
- *
- * @returns The resulting height and time calculated and the hash of the block needed for
- *          calculation, or std::nullopt if there is an error.
- */
-std::optional<LockPoints> CalculateLockPointsAtTip(
-    CBlockIndex* tip,
-    const CCoinsView& coins_view,
-    const CTransaction& tx);
-
-/**
- * Check if transaction will be BIP68 final in the next block to be created on top of tip.
- * @param[in]   tip             Chain tip to check tx sequence locks against. For example,
- *                              the tip of the current active chain.
- * @param[in]   lock_points     LockPoints containing the height and time at which this
- *                              transaction is final.
- * Simulates calling SequenceLocks() with data from the tip passed in.
- * The LockPoints should not be considered valid if CheckSequenceLocksAtTip returns false.
- */
-bool CheckSequenceLocksAtTip(CBlockIndex* tip,
-                             const LockPoints& lock_points);
 
 /**
  * Closure representing one script verification
@@ -784,9 +566,6 @@ class Chainstate
      * Passing fAddToMempool=false will skip trying to add the transactions back,
      * and instead just erase from the mempool as needed.
      */
-    void MaybeUpdateMempoolForReorg(
-        DisconnectedBlockTransactions& disconnectpool,
-        bool fAddToMempool) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_mempool->cs);
 
     /** Check warning conditions and do some notifications on new chain tip set. */
     void UpdateTip(const CBlockIndex* pindexNew)
@@ -1079,8 +858,6 @@ class ChainstateManager
      * @param[in]  tx              The transaction to submit for mempool acceptance.
      * @param[in]  test_accept     When true, run validation checks but don't submit to mempool.
      */
-    [[nodiscard]] MempoolAcceptResult ProcessTransaction(const CTransactionRef& tx, bool test_accept=false)
-        EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
     //! Load the block tree and coins database from disk, initializing state if we're running with -reindex
     bool LoadBlockIndex() EXCLUSIVE_LOCKS_REQUIRED(cs_main);
@@ -1157,4 +934,11 @@ bool IsBIP30Unspendable(const uint256& block_hash, int block_height);
 // Returns the script flags which should be checked for a given block
 script_verify_flags GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman);
 
+bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
+                       const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
+                       bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
+                       ValidationCache& validation_cache,
+                       std::vector<CScriptCheck>* pvChecks = nullptr)
+    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
 #endif // BITCOIN_VALIDATION_H
diff --git a/test/lint/lint-circular-dependencies.py b/test/lint/lint-circular-dependencies.py
index eac609d16822..dc850541ec06 100755
--- a/test/lint/lint-circular-dependencies.py
+++ b/test/lint/lint-circular-dependencies.py
@@ -15,6 +15,7 @@
     "chainparamsbase -> common/args -> chainparamsbase",
     "node/blockstorage -> validation -> node/blockstorage",
     "kernel/coinstats -> validation -> kernel/coinstats",
+    "mempool_validation -> validation -> mempool_validation",
     "coins -> undo -> coins",
     "versionbits -> versionbits_impl -> versionbits",
 )

From 286242889397d6f3bcac1a738e7a956cc2a36ed8 Mon Sep 17 00:00:00 2001
From: ismaelsadeeq <abubakarsadiqismail@proton.me>
Date: Thu, 21 May 2026 21:01:20 +0100
Subject: [PATCH 4/6] validation: extract block validation into
 block_validation.{h,cpp}

Extract block-related validation functions from validation.cpp into
new files block_validation.{h,cpp}:
- CheckBlockHeader, CheckBlock, BlockManuallyRequested
- ConnectBlock, DisconnectBlock, UpdateTip
- ActivateBestChainStep, ActivateBestChain
- InvalidateBlock, ReconsiderBlock
- GetSpendHeight, GetUTXOStats, VerifyScript helpers
- TestBlockValidity, BuildChainState

Also extract script checking infrastructure into script/script_check.{h,cpp}.

Introduces circular dependencies:
  block_validation -> validation -> block_validation
  block_validation -> validation -> mempool_validation -> block_validation
(validation.cpp still includes block_validation.h for the transition
period; to be resolved in a follow-up)
---
 src/CMakeLists.txt                       |    2 +
 src/bench/connectblock.cpp               |    3 +-
 src/block_validation.cpp                 | 1586 +++++++++++++++++++++
 src/block_validation.h                   |   96 ++
 src/blockencodings.cpp                   |    2 +
 src/kernel/CMakeLists.txt                |    2 +
 src/kernel/bitcoinkernel.cpp             |    5 +-
 src/net_processing.cpp                   |   11 +-
 src/node/blockstorage.h                  |    1 +
 src/node/chainstate.cpp                  |    3 +-
 src/node/interfaces.cpp                  |    3 +-
 src/node/miner.cpp                       |    5 +-
 src/script/script_check.cpp              |   22 +
 src/script/script_check.h                |   52 +
 src/test/fuzz/block.cpp                  |    1 +
 src/test/fuzz/cmpctblock.cpp             |    3 +-
 src/test/fuzz/headerssync.cpp            |    1 +
 src/test/fuzz/p2p_headers_presync.cpp    |    1 +
 src/test/miner_tests.cpp                 |    3 +-
 src/test/peerman_tests.cpp               |    3 +-
 src/test/util/mining.cpp                 |    3 +-
 src/test/util/setup_common.cpp           |    3 +-
 src/test/validation_block_tests.cpp      |   13 +-
 src/test/validation_chainstate_tests.cpp |    3 +-
 src/test/validation_tests.cpp            |    1 +
 src/validation.cpp                       | 1611 +---------------------
 src/validation.h                         |  220 +--
 test/lint/lint-circular-dependencies.py  |    1 +
 28 files changed, 1857 insertions(+), 1803 deletions(-)
 create mode 100644 src/block_validation.cpp
 create mode 100644 src/block_validation.h
 create mode 100644 src/script/script_check.cpp
 create mode 100644 src/script/script_check.h

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 3df11154f2eb..90fb329da9a6 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -208,6 +208,7 @@ add_library(bitcoin_node STATIC EXCLUDE_FROM_ALL
   policy/settings.cpp
   policy/truc_policy.cpp
   private_broadcast.cpp
+  script/script_check.cpp
   script/sigcache.cpp
   signet.cpp
   torcontrol.cpp
@@ -215,6 +216,7 @@ add_library(bitcoin_node STATIC EXCLUDE_FROM_ALL
   txgraph.cpp
   txmempool.cpp
   txrequest.cpp
+  block_validation.cpp
   mempool_validation.cpp
   validation.cpp
   validationinterface.cpp
diff --git a/src/bench/connectblock.cpp b/src/bench/connectblock.cpp
index 434bcdcbfe2c..2ad1941fc70c 100644
--- a/src/bench/connectblock.cpp
+++ b/src/bench/connectblock.cpp
@@ -4,6 +4,7 @@
 
 #include <addresstype.h>
 #include <bench/bench.h>
+#include <block_validation.h>
 #include <interfaces/chain.h>
 #include <kernel/cs_main.h>
 #include <script/interpreter.h>
@@ -100,7 +101,7 @@ void BenchmarkConnectBlock(benchmark::Bench& bench, std::vector<CKey>& keys, std
         auto* pindex{chainman->m_blockman.AddToBlockIndex(test_block, chainman->m_best_header)}; // Doing this here doesn't impact the benchmark
         CCoinsViewCache viewNew{&chainstate.CoinsTip()};
 
-        assert(chainstate.ConnectBlock(test_block, test_block_state, pindex, viewNew));
+        assert(ConnectBlock(chainstate, test_block, test_block_state, pindex, viewNew));
     });
 }
 
diff --git a/src/block_validation.cpp b/src/block_validation.cpp
new file mode 100644
index 000000000000..c449e1cecd99
--- /dev/null
+++ b/src/block_validation.cpp
@@ -0,0 +1,1586 @@
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2009-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <block_validation.h>
+
+#include <arith_uint256.h>
+#include <chain.h>
+#include <validation.h>
+#include <checkqueue.h>
+#include <consensus/amount.h>
+#include <consensus/consensus.h>
+#include <consensus/merkle.h>
+#include <consensus/tx_check.h>
+#include <consensus/tx_verify.h>
+#include <consensus/validation.h>
+#include <flatfile.h>
+#include <hash.h>
+#include <kernel/chainparams.h>
+#include <kernel/notifications_interface.h>
+#include <node/blockstorage.h>
+#include <pow.h>
+#include <primitives/block.h>
+#include <primitives/transaction.h>
+#include <script/script.h>
+#include <script/sigcache.h>
+#include <signet.h>
+#include <tinyformat.h>
+#include <txdb.h>
+#include <uint256.h>
+#include <undo.h>
+#include <util/check.h>
+#include <util/log.h>
+#include <util/moneystr.h>
+#include <util/signalinterrupt.h>
+#include <util/time.h>
+#include <util/trace.h>
+#include <util/translation.h>
+#include <validationinterface.h>
+
+#include <algorithm>
+#include <cassert>
+#include <chrono>
+#include <optional>
+#include <ranges>
+#include <span>
+#include <string>
+#include <utility>
+
+using kernel::Notifications;
+
+using fsbridge::FopenFn;
+using node::BlockMap;
+
+TRACEPOINT_SEMAPHORE(validation, block_connected);
+
+/** Undo the effects of this block (with given index) on the UTXO set represented by coins.
+ *  When FAILED is returned, view is left in an indeterminate state. */
+DisconnectResult DisconnectBlock(Chainstate& chainstate, const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
+{
+    AssertLockHeld(::cs_main);
+    bool fClean = true;
+
+    CBlockUndo blockUndo;
+    if (!chainstate.m_blockman.ReadBlockUndo(blockUndo, *pindex)) {
+        LogError("DisconnectBlock(): failure reading undo data\n");
+        return DISCONNECT_FAILED;
+    }
+
+    if (blockUndo.vtxundo.size() + 1 != block.vtx.size()) {
+        LogError("DisconnectBlock(): block and undo data inconsistent\n");
+        return DISCONNECT_FAILED;
+    }
+
+    // Ignore blocks that contain transactions which are 'overwritten' by later transactions,
+    // unless those are already completely spent.
+    // See https://github.com/bitcoin/bitcoin/issues/22596 for additional information.
+    // Note: the blocks specified here are different than the ones used in ConnectBlock because DisconnectBlock
+    // unwinds the blocks in reverse. As a result, the inconsistency is not discovered until the earlier
+    // blocks with the duplicate coinbase transactions are disconnected.
+    bool fEnforceBIP30 = !((pindex->nHeight == 91722 && pindex->GetBlockHash() == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
+                           (pindex->nHeight == 91812 && pindex->GetBlockHash() == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"}));
+
+    // undo transactions in reverse order
+    for (int i = block.vtx.size() - 1; i >= 0; i--) {
+        const CTransaction& tx = *(block.vtx[i]);
+        Txid hash = tx.GetHash();
+        bool is_coinbase = tx.IsCoinBase();
+        bool is_bip30_exception = (is_coinbase && !fEnforceBIP30);
+
+        // Check that all outputs are available and match the outputs in the block itself
+        // exactly.
+        for (size_t o = 0; o < tx.vout.size(); o++) {
+            if (!tx.vout[o].scriptPubKey.IsUnspendable()) {
+                COutPoint out(hash, o);
+                Coin coin;
+                bool is_spent = view.SpendCoin(out, &coin);
+                if (!is_spent || tx.vout[o] != coin.out || pindex->nHeight != coin.nHeight || is_coinbase != coin.IsCoinBase()) {
+                    if (!is_bip30_exception) {
+                        fClean = false; // transaction output mismatch
+                    }
+                }
+            }
+        }
+
+        // restore inputs
+        if (i > 0) { // not coinbases
+            CTxUndo& txundo = blockUndo.vtxundo[i - 1];
+            if (txundo.vprevout.size() != tx.vin.size()) {
+                LogError("DisconnectBlock(): transaction and undo data inconsistent\n");
+                return DISCONNECT_FAILED;
+            }
+            for (unsigned int j = tx.vin.size(); j > 0;) {
+                --j;
+                const COutPoint& out = tx.vin[j].prevout;
+                int res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
+                if (res == DISCONNECT_FAILED) return DISCONNECT_FAILED;
+                fClean = fClean && res != DISCONNECT_UNCLEAN;
+            }
+            // At this point, all of txundo.vprevout should have been moved out.
+        }
+    }
+
+    // move best block pointer to prevout block
+    view.SetBestBlock(pindex->pprev->GetBlockHash());
+
+    return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
+}
+
+script_verify_flags GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman)
+{
+    const Consensus::Params& consensusparams = chainman.GetConsensus();
+
+    // BIP16 didn't become active until Apr 1 2012 (on mainnet, and
+    // retroactively applied to testnet)
+    // However, only one historical block violated the P2SH rules (on both
+    // mainnet and testnet).
+    // Similarly, only one historical block violated the TAPROOT rules on
+    // mainnet.
+    // For simplicity, always leave P2SH+WITNESS+TAPROOT on except for the two
+    // violating blocks.
+    script_verify_flags flags{SCRIPT_VERIFY_P2SH | SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_TAPROOT};
+    const auto it{consensusparams.script_flag_exceptions.find(*Assert(block_index.phashBlock))};
+    if (it != consensusparams.script_flag_exceptions.end()) {
+        flags = it->second;
+    }
+
+    // Enforce the DERSIG (BIP66) rule
+    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_DERSIG)) {
+        flags |= SCRIPT_VERIFY_DERSIG;
+    }
+
+    // Enforce CHECKLOCKTIMEVERIFY (BIP65)
+    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CLTV)) {
+        flags |= SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY;
+    }
+
+    // Enforce CHECKSEQUENCEVERIFY (BIP112)
+    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CSV)) {
+        flags |= SCRIPT_VERIFY_CHECKSEQUENCEVERIFY;
+    }
+
+    // Enforce BIP147 NULLDUMMY (activated simultaneously with segwit)
+    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_SEGWIT)) {
+        flags |= SCRIPT_VERIFY_NULLDUMMY;
+    }
+
+    return flags;
+}
+
+
+/** Apply the effects of this block (with given index) on the UTXO set represented by coins.
+ *  Validity checks that depend on the UTXO set are also done; ConnectBlock()
+ *  can fail if those validity checks fail (among other reasons). */
+bool ConnectBlock(Chainstate& chainstate, const CBlock& block, BlockValidationState& state, CBlockIndex* pindex,
+                  CCoinsViewCache& view, bool fJustCheck)
+{
+    AssertLockHeld(cs_main);
+    assert(pindex);
+
+    uint256 block_hash{block.GetHash()};
+    assert(*pindex->phashBlock == block_hash);
+
+    const auto time_start{SteadyClock::now()};
+    const CChainParams& params{chainstate.m_chainman.GetParams()};
+
+    // Check it again in case a previous version let a bad block in
+    // NOTE: We don't currently (re-)invoke ContextualCheckBlock() or
+    // ContextualCheckBlockHeader() here. This means that if we add a new
+    // consensus rule that is enforced in one of those two functions, then we
+    // may have let in a block that violates the rule prior to updating the
+    // software, and we would NOT be enforcing the rule here. Fully solving
+    // upgrade from one software version to the next after a consensus rule
+    // change is potentially tricky and issue-specific (see NeedsRedownload()
+    // for one approach that was used for BIP 141 deployment).
+    // Also, currently the rule against blocks more than 2 hours in the future
+    // is enforced in ContextualCheckBlockHeader(); we wouldn't want to
+    // re-enforce that rule here (at least until we make it impossible for
+    // the clock to go backward).
+    if (!CheckBlock(block, state, params.GetConsensus(), !fJustCheck, !fJustCheck)) {
+        if (state.GetResult() == BlockValidationResult::BLOCK_MUTATED) {
+            // We don't write down blocks to disk if they may have been
+            // corrupted, so this should be impossible unless we're having hardware
+            // problems.
+            return FatalError(chainstate.m_chainman.GetNotifications(), state, _("Corrupt block found indicating potential hardware failure."));
+        }
+        LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
+        return false;
+    }
+
+    // verify that the view's current state corresponds to the previous block
+    uint256 hashPrevBlock = pindex->pprev == nullptr ? uint256() : pindex->pprev->GetBlockHash();
+    assert(hashPrevBlock == view.GetBestBlock());
+
+    chainstate.m_chainman.NumBlocksTotal()++;
+
+    // Special case for the genesis block, skipping connection of its transactions
+    // (its coinbase is unspendable)
+    if (block_hash == params.GetConsensus().hashGenesisBlock) {
+        if (!fJustCheck)
+            view.SetBestBlock(pindex->GetBlockHash());
+        return true;
+    }
+
+    const char* script_check_reason;
+    if (chainstate.m_chainman.AssumedValidBlock().IsNull()) {
+        script_check_reason = "assumevalid=0 (always verify)";
+    } else {
+        constexpr int64_t TWO_WEEKS_IN_SECONDS{60 * 60 * 24 * 7 * 2};
+        // We've been configured with the hash of a block which has been externally verified to have a valid history.
+        // A suitable default value is included with the software and updated from time to time.  Because validity
+        //  relative to a piece of software is an objective fact these defaults can be easily reviewed.
+        // This setting doesn't force the selection of any particular chain but makes validating some faster by
+        //  effectively caching the result of part of the verification.
+        BlockMap::const_iterator it{chainstate.m_blockman.m_block_index.find(chainstate.m_chainman.AssumedValidBlock())};
+        if (it == chainstate.m_blockman.m_block_index.end()) {
+            script_check_reason = "assumevalid hash not in headers";
+        } else if (it->second.GetAncestor(pindex->nHeight) != pindex) {
+            script_check_reason = (pindex->nHeight > it->second.nHeight) ? "block height above assumevalid height" : "block not in assumevalid chain";
+        } else if (chainstate.m_chainman.m_best_header->GetAncestor(pindex->nHeight) != pindex) {
+            script_check_reason = "block not in best header chain";
+        } else if (chainstate.m_chainman.m_best_header->nChainWork < chainstate.m_chainman.MinimumChainWork()) {
+            script_check_reason = "best header chainwork below minimumchainwork";
+        } else if (GetBlockProofEquivalentTime(*chainstate.m_chainman.m_best_header, *pindex, *chainstate.m_chainman.m_best_header, params.GetConsensus()) <= TWO_WEEKS_IN_SECONDS) {
+            script_check_reason = "block too recent relative to best header";
+        } else {
+            // This block is a member of the assumed verified chain and an ancestor of the best header.
+            // Script verification is skipped when connecting blocks under the
+            //  assumevalid block. Assuming the assumevalid block is valid this
+            //  is safe because block merkle hashes are still computed and checked,
+            // Of course, if an assumed valid block is invalid due to false scriptSigs
+            //  this optimization would allow an invalid chain to be accepted.
+            // The equivalent time check discourages hash power from extorting the network via DOS attack
+            //  into accepting an invalid block through telling users they must manually set assumevalid.
+            //  Requiring a software change or burying the invalid block, regardless of the setting, makes
+            //  it hard to hide the implication of the demand. This also avoids having release candidates
+            //  that are hardly doing any signature verification at all in testing without having to
+            //  artificially set the default assumed verified block further back.
+            // The test against the minimum chain work prevents the skipping when denied access to any chain at
+            //  least as good as the expected chain.
+            script_check_reason = nullptr;
+        }
+    }
+
+    const auto time_1{SteadyClock::now()};
+    chainstate.m_chainman.TimeCheck() += time_1 - time_start;
+    LogDebug(BCLog::BENCH, "    - Sanity checks: %.2fms [%.2fs (%.2fms/blk)]\n",
+             Ticks<MillisecondsDouble>(time_1 - time_start),
+             Ticks<SecondsDouble>(chainstate.m_chainman.TimeCheck()),
+             Ticks<MillisecondsDouble>(chainstate.m_chainman.TimeCheck()) / chainstate.m_chainman.NumBlocksTotal());
+
+    // Do not allow blocks that contain transactions which 'overwrite' older transactions,
+    // unless those are already completely spent.
+    // If such overwrites are allowed, coinbases and transactions depending upon those
+    // can be duplicated to remove the ability to spend the first instance -- even after
+    // being sent to another address.
+    // See BIP30, CVE-2012-1909, and https://r6.ca/blog/20120206T005236Z.html for more information.
+    // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC.
+    // Now that the whole chain is irreversibly beyond that time it is applied to all blocks except the
+    // two in the chain that violate it. This prevents exploiting the issue against nodes during their
+    // initial block download.
+    bool fEnforceBIP30 = !IsBIP30Repeat(*pindex);
+
+    // Once BIP34 activated it was not possible to create new duplicate coinbases and thus other than starting
+    // with the 2 existing duplicate coinbase pairs, not possible to create overwriting txs.  But by the
+    // time BIP34 activated, in each of the existing pairs the duplicate coinbase had overwritten the first
+    // before the first had been spent.  Since those coinbases are sufficiently buried it's no longer possible to create further
+    // duplicate transactions descending from the known pairs either.
+    // If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
+
+    // BIP34 requires that a block at height X (block X) has its coinbase
+    // scriptSig start with a CScriptNum of X (indicated height X).  The above
+    // logic of no longer requiring BIP30 once BIP34 activates is flawed in the
+    // case that there is a block X before the BIP34 height of 227,931 which has
+    // an indicated height Y where Y is greater than X.  The coinbase for block
+    // X would also be a valid coinbase for block Y, which could be a BIP30
+    // violation.  An exhaustive search of all mainnet coinbases before the
+    // BIP34 height which have an indicated height greater than the block height
+    // reveals many occurrences. The 3 lowest indicated heights found are
+    // 209,921, 490,897, and 1,983,702 and thus coinbases for blocks at these 3
+    // heights would be the first opportunity for BIP30 to be violated.
+
+    // The search reveals a great many blocks which have an indicated height
+    // greater than 1,983,702, so we simply remove the optimization to skip
+    // BIP30 checking for blocks at height 1,983,702 or higher.  Before we reach
+    // that block in another 25 years or so, we should take advantage of a
+    // future consensus change to do a new and improved version of BIP34 that
+    // will actually prevent ever creating any duplicate coinbases in the
+    // future.
+    static constexpr int BIP34_IMPLIES_BIP30_LIMIT = 1983702;
+
+    // There is no potential to create a duplicate coinbase at block 209,921
+    // because this is still before the BIP34 height and so explicit BIP30
+    // checking is still active.
+
+    // The final case is block 176,684 which has an indicated height of
+    // 490,897. Unfortunately, this issue was not discovered until about 2 weeks
+    // before block 490,897 so there was not much opportunity to address this
+    // case other than to carefully analyze it and determine it would not be a
+    // problem. Block 490,897 was, in fact, mined with a different coinbase than
+    // block 176,684, but it is important to note that even if it hadn't been or
+    // is remined on an alternate fork with a duplicate coinbase, we would still
+    // not run into a BIP30 violation.  This is because the coinbase for 176,684
+    // is spent in block 185,956 in transaction
+    // d4f7fbbf92f4a3014a230b2dc70b8058d02eb36ac06b4a0736d9d60eaa9e8781.  This
+    // spending transaction can't be duplicated because it also spends coinbase
+    // 0328dd85c331237f18e781d692c92de57649529bd5edf1d01036daea32ffde29.  This
+    // coinbase has an indicated height of over 4.2 billion, and wouldn't be
+    // duplicatable until that height, and it's currently impossible to create a
+    // chain that long. Nevertheless we may wish to consider a future soft fork
+    // which retroactively prevents block 490,897 from creating a duplicate
+    // coinbase. The two historical BIP30 violations often provide a confusing
+    // edge case when manipulating the UTXO and it would be simpler not to have
+    // another edge case to deal with.
+
+    // testnet3 has no blocks before the BIP34 height with indicated heights
+    // post BIP34 before approximately height 486,000,000. After block
+    // 1,983,702 testnet3 starts doing unnecessary BIP30 checking again.
+    assert(pindex->pprev);
+    CBlockIndex* pindexBIP34height = pindex->pprev->GetAncestor(params.GetConsensus().BIP34Height);
+    // Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
+    fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == params.GetConsensus().BIP34Hash));
+
+    // TODO: Remove BIP30 checking from block height 1,983,702 on, once we have a
+    // consensus change that ensures coinbases at those heights cannot
+    // duplicate earlier coinbases.
+    if (fEnforceBIP30 || pindex->nHeight >= BIP34_IMPLIES_BIP30_LIMIT) {
+        for (const auto& tx : block.vtx) {
+            for (size_t o = 0; o < tx->vout.size(); o++) {
+                if (view.HaveCoin(COutPoint(tx->GetHash(), o))) {
+                    state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-BIP30",
+                                  "tried to overwrite transaction");
+                }
+            }
+        }
+    }
+
+    // Enforce BIP68 (sequence locks)
+    int nLockTimeFlags = 0;
+    if (DeploymentActiveAt(*pindex, chainstate.m_chainman, Consensus::DEPLOYMENT_CSV)) {
+        nLockTimeFlags |= LOCKTIME_VERIFY_SEQUENCE;
+    }
+
+    // Get the script flags for this block
+    script_verify_flags flags{GetBlockScriptFlags(*pindex, chainstate.m_chainman)};
+
+    const auto time_2{SteadyClock::now()};
+    chainstate.m_chainman.TimeForks() += time_2 - time_1;
+    LogDebug(BCLog::BENCH, "    - Fork checks: %.2fms [%.2fs (%.2fms/blk)]\n",
+             Ticks<MillisecondsDouble>(time_2 - time_1),
+             Ticks<SecondsDouble>(chainstate.m_chainman.TimeForks()),
+             Ticks<MillisecondsDouble>(chainstate.m_chainman.TimeForks()) / chainstate.m_chainman.NumBlocksTotal());
+
+    const bool fScriptChecks{!!script_check_reason};
+    if (script_check_reason != chainstate.LastScriptCheckReasonLogged()) {
+        if (fScriptChecks) {
+            LogInfo("Enabling script verification at block #%d (%s): %s.",
+                    pindex->nHeight, block_hash.ToString(), script_check_reason);
+        } else {
+            LogInfo("Disabling script verification at block #%d (%s).",
+                    pindex->nHeight, block_hash.ToString());
+        }
+        chainstate.LastScriptCheckReasonLogged() = script_check_reason;
+    }
+
+    CBlockUndo blockundo;
+
+    // Precomputed transaction data pointers must not be invalidated
+    // until after `control` has run the script checks (potentially
+    // in multiple threads). Preallocate the vector size so a new allocation
+    // doesn't invalidate pointers into the vector, and keep txsdata in scope
+    // for as long as `control`.
+    std::vector<PrecomputedTransactionData> txsdata(block.vtx.size());
+    std::optional<CCheckQueueControl<CScriptCheck>> control;
+    if (auto& queue = chainstate.m_chainman.GetCheckQueue(); queue.HasThreads() && fScriptChecks) control.emplace(queue);
+
+    std::vector<int> prevheights;
+    CAmount nFees = 0;
+    int nInputs = 0;
+    int64_t nSigOpsCost = 0;
+    blockundo.vtxundo.reserve(block.vtx.size() - 1);
+    for (unsigned int i = 0; i < block.vtx.size(); i++) {
+        if (!state.IsValid()) break;
+        const CTransaction& tx = *(block.vtx[i]);
+
+        nInputs += tx.vin.size();
+
+        if (!tx.IsCoinBase()) {
+            CAmount txfee = 0;
+            TxValidationState tx_state;
+            if (!Consensus::CheckTxInputs(tx, tx_state, view, pindex->nHeight, txfee)) {
+                // Any transaction validation failure in ConnectBlock is a block consensus failure
+                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS,
+                              tx_state.GetRejectReason(),
+                              tx_state.GetDebugMessage() + " in transaction " + tx.GetHash().ToString());
+                break;
+            }
+            nFees += txfee;
+            if (!MoneyRange(nFees)) {
+                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-accumulated-fee-outofrange",
+                              "accumulated fee in the block out of range");
+                break;
+            }
+
+            // Check that transaction is BIP68 final
+            // BIP68 lock checks (as opposed to nLockTime checks) must
+            // be in ConnectBlock because they require the UTXO set
+            prevheights.resize(tx.vin.size());
+            for (size_t j = 0; j < tx.vin.size(); j++) {
+                prevheights[j] = view.AccessCoin(tx.vin[j].prevout).nHeight;
+            }
+
+            if (!SequenceLocks(tx, nLockTimeFlags, prevheights, *pindex)) {
+                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal",
+                              "contains a non-BIP68-final transaction " + tx.GetHash().ToString());
+                break;
+            }
+        }
+
+        // GetTransactionSigOpCost counts 3 types of sigops:
+        // * legacy (always)
+        // * p2sh (when P2SH enabled in flags and excludes coinbase)
+        // * witness (when witness enabled in flags and excludes coinbase)
+        nSigOpsCost += GetTransactionSigOpCost(tx, view, flags);
+        if (nSigOpsCost > MAX_BLOCK_SIGOPS_COST) {
+            state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "too many sigops");
+            break;
+        }
+
+        if (!tx.IsCoinBase() && fScriptChecks) {
+            bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
+            bool tx_ok;
+            TxValidationState tx_state;
+            // If CheckInputScripts is called with a pointer to a checks vector, the resulting checks are appended to it. In that case
+            // they need to be added to control which runs them asynchronously. Otherwise, CheckInputScripts runs the checks before returning.
+            if (control) {
+                std::vector<CScriptCheck> vChecks;
+                tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], chainstate.m_chainman.m_validation_cache, &vChecks);
+                if (tx_ok) control->Add(std::move(vChecks));
+            } else {
+                tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], chainstate.m_chainman.m_validation_cache);
+            }
+            if (!tx_ok) {
+                // Any transaction validation failure in ConnectBlock is a block consensus failure
+                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS,
+                              tx_state.GetRejectReason(), tx_state.GetDebugMessage());
+                break;
+            }
+        }
+
+        CTxUndo undoDummy;
+        if (i > 0) {
+            blockundo.vtxundo.emplace_back();
+        }
+        UpdateCoins(tx, view, i == 0 ? undoDummy : blockundo.vtxundo.back(), pindex->nHeight);
+    }
+    const auto time_3{SteadyClock::now()};
+    chainstate.m_chainman.TimeConnect() += time_3 - time_2;
+    LogDebug(BCLog::BENCH, "      - Connect %u transactions: %.2fms (%.3fms/tx, %.3fms/txin) [%.2fs (%.2fms/blk)]\n", (unsigned)block.vtx.size(),
+             Ticks<MillisecondsDouble>(time_3 - time_2), Ticks<MillisecondsDouble>(time_3 - time_2) / block.vtx.size(),
+             nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_3 - time_2) / (nInputs - 1),
+             Ticks<SecondsDouble>(chainstate.m_chainman.TimeConnect()),
+             Ticks<MillisecondsDouble>(chainstate.m_chainman.TimeConnect()) / chainstate.m_chainman.NumBlocksTotal());
+
+    CAmount blockReward = nFees + GetBlockSubsidy(pindex->nHeight, params.GetConsensus());
+    if (block.vtx[0]->GetValueOut() > blockReward && state.IsValid()) {
+        state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-amount",
+                      strprintf("coinbase pays too much (actual=%d vs limit=%d)", block.vtx[0]->GetValueOut(), blockReward));
+    }
+    if (control) {
+        auto parallel_result = control->Complete();
+        if (parallel_result.has_value() && state.IsValid()) {
+            state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(parallel_result->first)), parallel_result->second);
+        }
+    }
+    if (!state.IsValid()) {
+        LogInfo("Block validation error: %s", state.ToString());
+        return false;
+    }
+    const auto time_4{SteadyClock::now()};
+    chainstate.m_chainman.TimeVerify() += time_4 - time_2;
+    LogDebug(BCLog::BENCH, "    - Verify %u txins: %.2fms (%.3fms/txin) [%.2fs (%.2fms/blk)]\n", nInputs - 1,
+             Ticks<MillisecondsDouble>(time_4 - time_2),
+             nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_4 - time_2) / (nInputs - 1),
+             Ticks<SecondsDouble>(chainstate.m_chainman.TimeVerify()),
+             Ticks<MillisecondsDouble>(chainstate.m_chainman.TimeVerify()) / chainstate.m_chainman.NumBlocksTotal());
+
+    if (fJustCheck) {
+        return true;
+    }
+
+    if (!chainstate.m_blockman.WriteBlockUndo(blockundo, state, *pindex)) {
+        return false;
+    }
+
+    const auto time_5{SteadyClock::now()};
+    chainstate.m_chainman.TimeUndo() += time_5 - time_4;
+    LogDebug(BCLog::BENCH, "    - Write undo data: %.2fms [%.2fs (%.2fms/blk)]\n",
+             Ticks<MillisecondsDouble>(time_5 - time_4),
+             Ticks<SecondsDouble>(chainstate.m_chainman.TimeUndo()),
+             Ticks<MillisecondsDouble>(chainstate.m_chainman.TimeUndo()) / chainstate.m_chainman.NumBlocksTotal());
+
+    if (!pindex->IsValid(BLOCK_VALID_SCRIPTS)) {
+        pindex->RaiseValidity(BLOCK_VALID_SCRIPTS);
+        chainstate.m_blockman.DirtyBlockIndex().insert(pindex);
+    }
+
+    // add this block to the view's block chain
+    view.SetBestBlock(pindex->GetBlockHash());
+
+    const auto time_6{SteadyClock::now()};
+    chainstate.m_chainman.TimeIndex() += time_6 - time_5;
+    LogDebug(BCLog::BENCH, "    - Index writing: %.2fms [%.2fs (%.2fms/blk)]\n",
+             Ticks<MillisecondsDouble>(time_6 - time_5),
+             Ticks<SecondsDouble>(chainstate.m_chainman.TimeIndex()),
+             Ticks<MillisecondsDouble>(chainstate.m_chainman.TimeIndex()) / chainstate.m_chainman.NumBlocksTotal());
+
+    TRACEPOINT(validation, block_connected,
+               block_hash.data(),
+               pindex->nHeight,
+               block.vtx.size(),
+               nInputs,
+               nSigOpsCost,
+               Ticks<std::chrono::nanoseconds>(time_5 - time_start));
+
+    return true;
+}
+
+static bool CheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true)
+{
+    // Check proof of work matches claimed amount
+    if (fCheckPOW && !CheckProofOfWork(block.GetHash(), block.nBits, consensusParams))
+        return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "high-hash", "proof of work failed");
+
+    return true;
+}
+
+static bool CheckMerkleRoot(const CBlock& block, BlockValidationState& state)
+{
+    if (block.m_checked_merkle_root) return true;
+
+    bool mutated;
+    uint256 merkle_root = BlockMerkleRoot(block, &mutated);
+    if (block.hashMerkleRoot != merkle_root) {
+        return state.Invalid(
+            /*result=*/BlockValidationResult::BLOCK_MUTATED,
+            /*reject_reason=*/"bad-txnmrklroot",
+            /*debug_message=*/"hashMerkleRoot mismatch");
+    }
+
+    // Check for merkle tree malleability (CVE-2012-2459): repeating sequences
+    // of transactions in a block without affecting the merkle root of a block,
+    // while still invalidating it.
+    if (mutated) {
+        return state.Invalid(
+            /*result=*/BlockValidationResult::BLOCK_MUTATED,
+            /*reject_reason=*/"bad-txns-duplicate",
+            /*debug_message=*/"duplicate transaction");
+    }
+
+    block.m_checked_merkle_root = true;
+    return true;
+}
+
+/** CheckWitnessMalleation performs checks for block malleation with regard to
+ * its witnesses.
+ *
+ * Note: If the witness commitment is expected (i.e. `expect_witness_commitment
+ * = true`), then the block is required to have at least one transaction and the
+ * first transaction needs to have at least one input. */
+static bool CheckWitnessMalleation(const CBlock& block, bool expect_witness_commitment, BlockValidationState& state)
+{
+    if (expect_witness_commitment) {
+        if (block.m_checked_witness_commitment) return true;
+
+        int commitpos = GetWitnessCommitmentIndex(block);
+        if (commitpos != NO_WITNESS_COMMITMENT) {
+            assert(!block.vtx.empty() && !block.vtx[0]->vin.empty());
+            const auto& witness_stack{block.vtx[0]->vin[0].scriptWitness.stack};
+
+            if (witness_stack.size() != 1 || witness_stack[0].size() != 32) {
+                return state.Invalid(
+                    /*result=*/BlockValidationResult::BLOCK_MUTATED,
+                    /*reject_reason=*/"bad-witness-nonce-size",
+                    /*debug_message=*/strprintf("%s : invalid witness reserved value size", __func__));
+            }
+
+            // The malleation check is ignored; as the transaction tree itself
+            // already does not permit it, it is impossible to trigger in the
+            // witness tree.
+            uint256 hash_witness = BlockWitnessMerkleRoot(block);
+
+            CHash256().Write(hash_witness).Write(witness_stack[0]).Finalize(hash_witness);
+            if (memcmp(hash_witness.begin(), &block.vtx[0]->vout[commitpos].scriptPubKey[6], 32)) {
+                return state.Invalid(
+                    /*result=*/BlockValidationResult::BLOCK_MUTATED,
+                    /*reject_reason=*/"bad-witness-merkle-match",
+                    /*debug_message=*/strprintf("%s : witness merkle commitment mismatch", __func__));
+            }
+
+            block.m_checked_witness_commitment = true;
+            return true;
+        }
+    }
+
+    // No witness data is allowed in blocks that don't commit to witness data, as this would otherwise leave room for spam
+    for (const auto& tx : block.vtx) {
+        if (tx->HasWitness()) {
+            return state.Invalid(
+                /*result=*/BlockValidationResult::BLOCK_MUTATED,
+                /*reject_reason=*/"unexpected-witness",
+                /*debug_message=*/strprintf("%s : unexpected witness data found", __func__));
+        }
+    }
+
+    return true;
+}
+
+bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
+{
+    // These are checks that are independent of context.
+
+    if (block.fChecked)
+        return true;
+
+    // Check that the header is valid (particularly PoW).  This is mostly
+    // redundant with the call in AcceptBlockHeader.
+    if (!CheckBlockHeader(block, state, consensusParams, fCheckPOW))
+        return false;
+
+    // Signet only: check block solution
+    if (consensusParams.signet_blocks && fCheckPOW && !CheckSignetBlockSolution(block, consensusParams)) {
+        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-signet-blksig", "signet block signature validation failure");
+    }
+
+    // Check the merkle root.
+    if (fCheckMerkleRoot && !CheckMerkleRoot(block, state)) {
+        return false;
+    }
+
+    // All potential-corruption validation must be done before we do any
+    // transaction validation, as otherwise we may mark the header as invalid
+    // because we receive the wrong transactions for it.
+    // Note that witness malleability is checked in ContextualCheckBlock, so no
+    // checks that use witness data may be performed here.
+
+    // Size limits
+    if (block.vtx.empty() || block.vtx.size() * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT || ::GetSerializeSize(TX_NO_WITNESS(block)) * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT)
+        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-length", "size limits failed");
+
+    // First transaction must be coinbase, the rest must not be
+    if (block.vtx.empty() || !block.vtx[0]->IsCoinBase())
+        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-missing", "first tx is not coinbase");
+    for (unsigned int i = 1; i < block.vtx.size(); i++)
+        if (block.vtx[i]->IsCoinBase())
+            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-multiple", "more than one coinbase");
+
+    // Check transactions
+    // Must check for duplicate inputs (see CVE-2018-17144)
+    for (const auto& tx : block.vtx) {
+        TxValidationState tx_state;
+        if (!CheckTransaction(*tx, tx_state)) {
+            // CheckBlock() does context-free validation checks. The only
+            // possible failures are consensus failures.
+            assert(tx_state.GetResult() == TxValidationResult::TX_CONSENSUS);
+            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, tx_state.GetRejectReason(),
+                                 strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), tx_state.GetDebugMessage()));
+        }
+    }
+    // This underestimates the number of sigops, because unlike ConnectBlock it
+    // does not count witness and p2sh sigops.
+    unsigned int nSigOps = 0;
+    for (const auto& tx : block.vtx) {
+        nSigOps += GetLegacySigOpCount(*tx);
+    }
+    if (nSigOps * WITNESS_SCALE_FACTOR > MAX_BLOCK_SIGOPS_COST)
+        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "out-of-bounds SigOpCount");
+
+    if (fCheckPOW && fCheckMerkleRoot)
+        block.fChecked = true;
+
+    return true;
+}
+
+void UpdateUncommittedBlockStructures(const ChainstateManager& chainman, CBlock& block, const CBlockIndex* pindexPrev)
+{
+    int commitpos = GetWitnessCommitmentIndex(block);
+    static const std::vector<unsigned char> nonce(32, 0x00);
+    if (commitpos != NO_WITNESS_COMMITMENT && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_SEGWIT) && !block.vtx[0]->HasWitness()) {
+        CMutableTransaction tx(*block.vtx[0]);
+        tx.vin[0].scriptWitness.stack.resize(1);
+        tx.vin[0].scriptWitness.stack[0] = nonce;
+        block.vtx[0] = MakeTransactionRef(std::move(tx));
+    }
+}
+
+CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams)
+{
+    int halvings = nHeight / consensusParams.nSubsidyHalvingInterval;
+    // Force block reward to zero when right shift is undefined.
+    if (halvings >= 64)
+        return 0;
+
+    CAmount nSubsidy = 50 * COIN;
+    // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years.
+    nSubsidy >>= halvings;
+    return nSubsidy;
+}
+
+bool HasValidProofOfWork(std::span<const CBlockHeader> headers, const Consensus::Params& consensusParams)
+{
+    return std::ranges::all_of(headers,
+                               [&](const auto& header) { return CheckProofOfWork(header.GetHash(), header.nBits, consensusParams); });
+}
+
+void GenerateCoinbaseCommitment(const ChainstateManager& chainman, CBlock& block, const CBlockIndex* pindexPrev)
+{
+    int commitpos = GetWitnessCommitmentIndex(block);
+    std::vector<unsigned char> ret(32, 0x00);
+    if (commitpos == NO_WITNESS_COMMITMENT) {
+        uint256 witnessroot = BlockWitnessMerkleRoot(block);
+        CHash256().Write(witnessroot).Write(ret).Finalize(witnessroot);
+        CTxOut out;
+        out.nValue = 0;
+        out.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
+        out.scriptPubKey[0] = OP_RETURN;
+        out.scriptPubKey[1] = 0x24;
+        out.scriptPubKey[2] = 0xaa;
+        out.scriptPubKey[3] = 0x21;
+        out.scriptPubKey[4] = 0xa9;
+        out.scriptPubKey[5] = 0xed;
+        memcpy(&out.scriptPubKey[6], witnessroot.begin(), 32);
+        CMutableTransaction tx(*block.vtx[0]);
+        tx.vout.push_back(out);
+        block.vtx[0] = MakeTransactionRef(std::move(tx));
+    }
+    UpdateUncommittedBlockStructures(chainman, block, pindexPrev);
+}
+
+bool IsBlockMutated(const CBlock& block, bool check_witness_root)
+{
+    BlockValidationState state;
+    if (!CheckMerkleRoot(block, state)) {
+        LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
+        return true;
+    }
+
+    if (block.vtx.empty() || !block.vtx[0]->IsCoinBase()) {
+        // Consider the block mutated if any transaction is 64 bytes in size (see 3.1
+        // in "Weaknesses in Bitcoin's Merkle Root Construction":
+        // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190225/a27d8837/attachment-0001.pdf).
+        //
+        // Note: This is not a consensus change as this only applies to blocks that
+        // don't have a coinbase transaction and would therefore already be invalid.
+        return std::any_of(block.vtx.begin(), block.vtx.end(),
+                           [](auto& tx) { return GetSerializeSize(TX_NO_WITNESS(tx)) == 64; });
+    } else {
+        // Theoretically it is still possible for a block with a 64 byte
+        // coinbase transaction to be mutated but we neglect that possibility
+        // here as it requires at least 224 bits of work.
+    }
+
+    if (!CheckWitnessMalleation(block, check_witness_root, state)) {
+        LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
+        return true;
+    }
+
+    return false;
+}
+
+arith_uint256 CalculateClaimedHeadersWork(std::span<const CBlockHeader> headers)
+{
+    arith_uint256 total_work{0};
+    for (const CBlockHeader& header : headers) {
+        total_work += GetBlockProof(header);
+    }
+    return total_work;
+}
+
+/** Context-dependent validity checks.
+ *  By "context", we mean only the previous block headers, but not the UTXO
+ *  set; UTXO-related validity checks are done in ConnectBlock().
+ *  NOTE: This function is not currently invoked by ConnectBlock(), so we
+ *  should consider upgrade issues if we change which consensus rules are
+ *  enforced in this function (eg by adding a new consensus rule). See comment
+ *  in ConnectBlock().
+ *  Note that -reindex-chainstate skips the validation that happens here!
+ *
+ *  NOTE: failing to check the header's height against the last checkpoint's opened a DoS vector between
+ *  v0.12 and v0.15 (when no additional protection was in place) whereby an attacker could unboundedly
+ *  grow our in-memory block index. See https://bitcoincore.org/en/2024/07/03/disclose-header-spam.
+ */
+static bool ContextualCheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev) EXCLUSIVE_LOCKS_REQUIRED(::cs_main)
+{
+    AssertLockHeld(::cs_main);
+    assert(pindexPrev != nullptr);
+    const int nHeight = pindexPrev->nHeight + 1;
+
+    // Check proof of work
+    const Consensus::Params& consensusParams = chainman.GetConsensus();
+    if (block.nBits != GetNextWorkRequired(pindexPrev, &block, consensusParams))
+        return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "bad-diffbits", "incorrect proof of work");
+
+    // Check timestamp against prev
+    if (block.GetBlockTime() <= pindexPrev->GetMedianTimePast())
+        return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-too-old", "block's timestamp is too early");
+
+    // Testnet4 and regtest only: Check timestamp against prev for difficulty-adjustment
+    // blocks to prevent timewarp attacks (see https://github.com/bitcoin/bitcoin/pull/15482).
+    if (consensusParams.enforce_BIP94) {
+        // Check timestamp for the first block of each difficulty adjustment
+        // interval, except the genesis block.
+        if (nHeight % consensusParams.DifficultyAdjustmentInterval() == 0) {
+            if (block.GetBlockTime() < pindexPrev->GetBlockTime() - MAX_TIMEWARP) {
+                return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-timewarp-attack", "block's timestamp is too early on diff adjustment block");
+            }
+        }
+    }
+
+    // Check timestamp
+    if (block.Time() > NodeClock::now() + std::chrono::seconds{MAX_FUTURE_BLOCK_TIME}) {
+        return state.Invalid(BlockValidationResult::BLOCK_TIME_FUTURE, "time-too-new", "block timestamp too far in the future");
+    }
+
+    // Reject blocks with outdated version
+    if ((block.nVersion < 2 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB)) ||
+        (block.nVersion < 3 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_DERSIG)) ||
+        (block.nVersion < 4 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CLTV))) {
+        return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, strprintf("bad-version(0x%08x)", block.nVersion),
+                             strprintf("rejected nVersion=0x%08x block", block.nVersion));
+    }
+
+    return true;
+}
+
+/** NOTE: This function is not currently invoked by ConnectBlock(), so we
+ *  should consider upgrade issues if we change which consensus rules are
+ *  enforced in this function (eg by adding a new consensus rule). See comment
+ *  in ConnectBlock().
+ *  Note that -reindex-chainstate skips the validation that happens here!
+ */
+static bool ContextualCheckBlock(const CBlock& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev)
+{
+    const int nHeight = pindexPrev == nullptr ? 0 : pindexPrev->nHeight + 1;
+
+    // Enforce BIP113 (Median Time Past).
+    bool enforce_locktime_median_time_past{false};
+    if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CSV)) {
+        assert(pindexPrev != nullptr);
+        enforce_locktime_median_time_past = true;
+    }
+
+    const int64_t nLockTimeCutoff{enforce_locktime_median_time_past ?
+                                      pindexPrev->GetMedianTimePast() :
+                                      block.GetBlockTime()};
+
+    // Check that all transactions are finalized
+    for (const auto& tx : block.vtx) {
+        if (!IsFinalTx(*tx, nHeight, nLockTimeCutoff)) {
+            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal", "non-final transaction");
+        }
+    }
+
+    // Enforce rule that the coinbase starts with serialized block height
+    if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB)) {
+        CScript expect = CScript() << nHeight;
+        if (block.vtx[0]->vin[0].scriptSig.size() < expect.size() ||
+            !std::equal(expect.begin(), expect.end(), block.vtx[0]->vin[0].scriptSig.begin())) {
+            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-height", "block height mismatch in coinbase");
+        }
+    }
+
+    // Validation for witness commitments.
+    // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the
+    //   coinbase (where 0x0000....0000 is used instead).
+    // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness reserved value (unconstrained).
+    // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header).
+    // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are
+    //   {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness reserved value). In case there are
+    //   multiple, the last one is used.
+    if (!CheckWitnessMalleation(block, DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_SEGWIT), state)) {
+        return false;
+    }
+
+    // After the coinbase witness reserved value and commitment are verified,
+    // we can check if the block weight passes (before we've checked the
+    // coinbase witness, it would be possible for the weight to be too
+    // large by filling up the coinbase witness, which doesn't change
+    // the block hash, so we couldn't mark the block as permanently
+    // failed).
+    if (GetBlockWeight(block) > MAX_BLOCK_WEIGHT) {
+        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-weight", strprintf("%s : weight limit failed", __func__));
+    }
+
+    return true;
+}
+
+static bool AcceptBlockHeader(ChainstateManager& chainman, const CBlockHeader& block, BlockValidationState& state, CBlockIndex** ppindex, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
+{
+    AssertLockHeld(cs_main);
+
+    // Check for duplicate
+    uint256 hash = block.GetHash();
+    BlockMap::iterator miSelf{chainman.m_blockman.m_block_index.find(hash)};
+    if (hash != chainman.GetConsensus().hashGenesisBlock) {
+        if (miSelf != chainman.m_blockman.m_block_index.end()) {
+            // Block header is already known.
+            CBlockIndex* pindex = &(miSelf->second);
+            if (ppindex)
+                *ppindex = pindex;
+            if (pindex->nStatus & BLOCK_FAILED_VALID) {
+                LogDebug(BCLog::VALIDATION, "%s: block %s is marked invalid\n", __func__, hash.ToString());
+                return state.Invalid(BlockValidationResult::BLOCK_CACHED_INVALID, "duplicate-invalid",
+                                     strprintf("block %s was previously marked invalid", hash.ToString()));
+            }
+            return true;
+        }
+
+        if (!CheckBlockHeader(block, state, chainman.GetConsensus())) {
+            LogDebug(BCLog::VALIDATION, "%s: Consensus::CheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
+            return false;
+        }
+
+        // Get prev block index
+        CBlockIndex* pindexPrev = nullptr;
+        BlockMap::iterator mi{chainman.m_blockman.m_block_index.find(block.hashPrevBlock)};
+        if (mi == chainman.m_blockman.m_block_index.end()) {
+            LogDebug(BCLog::VALIDATION, "header %s has prev block not found: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
+            return state.Invalid(BlockValidationResult::BLOCK_MISSING_PREV, "prev-blk-not-found");
+        }
+        pindexPrev = &((*mi).second);
+        if (pindexPrev->nStatus & BLOCK_FAILED_VALID) {
+            LogDebug(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
+            return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
+        }
+        if (!ContextualCheckBlockHeader(block, state, chainman, pindexPrev)) {
+            LogDebug(BCLog::VALIDATION, "%s: Consensus::ContextualCheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
+            return false;
+        }
+    }
+    if (!min_pow_checked) {
+        LogDebug(BCLog::VALIDATION, "%s: not adding new block header %s, missing anti-dos proof-of-work validation\n", __func__, hash.ToString());
+        return state.Invalid(BlockValidationResult::BLOCK_HEADER_LOW_WORK, "too-little-chainwork");
+    }
+    CBlockIndex* pindex{chainman.m_blockman.AddToBlockIndex(block, chainman.m_best_header)};
+
+    if (ppindex)
+        *ppindex = pindex;
+
+    return true;
+}
+
+// Exposed wrapper for AcceptBlockHeader
+bool ProcessNewBlockHeaders(ChainstateManager& chainman, std::span<const CBlockHeader> headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex)
+{
+    AssertLockNotHeld(cs_main);
+    {
+        LOCK(cs_main);
+        for (const CBlockHeader& header : headers) {
+            CBlockIndex* pindex = nullptr; // Use a temp pindex instead of ppindex to avoid a const_cast
+            bool accepted{AcceptBlockHeader(chainman, header, state, &pindex, min_pow_checked)};
+            chainman.CheckBlockIndex();
+
+            if (!accepted) {
+                return false;
+            }
+            if (ppindex) {
+                *ppindex = pindex;
+            }
+        }
+    }
+    if (chainman.NotifyHeaderTip()) {
+        if (chainman.IsInitialBlockDownload() && ppindex && *ppindex) {
+            const CBlockIndex& last_accepted{**ppindex};
+            int64_t blocks_left{(NodeClock::now() - last_accepted.Time()) / chainman.GetConsensus().PowTargetSpacing()};
+            blocks_left = std::max<int64_t>(0, blocks_left);
+            const double progress{100.0 * last_accepted.nHeight / (last_accepted.nHeight + blocks_left)};
+            LogInfo("Synchronizing blockheaders, height: %d (~%.2f%%)\n", last_accepted.nHeight, progress);
+        }
+    }
+    return true;
+}
+
+
+/** Store block on disk. If dbp is non-nullptr, the file is known to already reside on disk */
+bool AcceptBlock(ChainstateManager& chainman, const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked)
+{
+    const CBlock& block = *pblock;
+
+    if (fNewBlock) *fNewBlock = false;
+    AssertLockHeld(cs_main);
+
+    CBlockIndex* pindexDummy = nullptr;
+    CBlockIndex*& pindex = ppindex ? *ppindex : pindexDummy;
+
+    bool accepted_header{AcceptBlockHeader(chainman, block, state, &pindex, min_pow_checked)};
+    chainman.CheckBlockIndex();
+
+    if (!accepted_header)
+        return false;
+
+    // Check all requested blocks that we do not already have for validity and
+    // save them to disk. Skip processing of unrequested blocks as an anti-DoS
+    // measure, unless the blocks have more work than the active chain tip, and
+    // aren't too far ahead of it, so are likely to be attached soon.
+    bool fAlreadyHave = pindex->nStatus & BLOCK_HAVE_DATA;
+    bool fHasMoreOrSameWork = (chainman.ActiveTip() ? pindex->nChainWork >= chainman.ActiveTip()->nChainWork : true);
+    // Blocks that are too out-of-order needlessly limit the effectiveness of
+    // pruning, because pruning will not delete block files that contain any
+    // blocks which are too close in height to the tip.  Apply this test
+    // regardless of whether pruning is enabled; it should generally be safe to
+    // not process unrequested blocks.
+    bool fTooFarAhead{pindex->nHeight > chainman.ActiveHeight() + int(MIN_BLOCKS_TO_KEEP)};
+
+    // TODO: Decouple this function from the block download logic by removing fRequested
+    // This requires some new chain data structure to efficiently look up if a
+    // block is in a chain leading to a candidate for best tip, despite not
+    // being such a candidate itself.
+    // Note that this would break the getblockfrompeer RPC
+
+    // TODO: deal better with return value and error conditions for duplicate
+    // and unrequested blocks.
+    if (fAlreadyHave) return true;
+    if (!fRequested) {                        // If we didn't ask for it:
+        if (pindex->nTx != 0) return true;    // This is a previously-processed block that was pruned
+        if (!fHasMoreOrSameWork) return true; // Don't process less-work chains
+        if (fTooFarAhead) return true;        // Block height is too high
+
+        // Protect against DoS attacks from low-work chains.
+        // If our tip is behind, a peer could try to send us
+        // low-work blocks on a fake chain that we would never
+        // request; don't process these.
+        if (pindex->nChainWork < chainman.MinimumChainWork()) return true;
+    }
+
+    const CChainParams& params{chainman.GetParams()};
+
+    if (!CheckBlock(block, state, params.GetConsensus()) ||
+        !ContextualCheckBlock(block, state, chainman, pindex->pprev)) {
+        if (Assume(state.IsInvalid())) {
+            chainman.ActiveChainstate().InvalidBlockFound(pindex, state);
+        }
+        LogError("%s: %s\n", __func__, state.ToString());
+        return false;
+    }
+
+    // Header is valid/has work, merkle tree and segwit merkle tree are good...RELAY NOW
+    // (but if it does not build on our best tip, let the SendMessages loop relay it)
+    if (!chainman.IsInitialBlockDownload() && chainman.ActiveTip() == pindex->pprev && chainman.m_options.signals) {
+        chainman.m_options.signals->NewPoWValidBlock(pindex, pblock);
+    }
+
+    // Write block to history file
+    if (fNewBlock) *fNewBlock = true;
+    try {
+        FlatFilePos blockPos{};
+        if (dbp) {
+            blockPos = *dbp;
+            chainman.m_blockman.UpdateBlockInfo(block, pindex->nHeight, blockPos);
+        } else {
+            blockPos = chainman.m_blockman.WriteBlock(block, pindex->nHeight);
+            if (blockPos.IsNull()) {
+                state.Error(strprintf("%s: Failed to find position to write new block to disk", __func__));
+                return false;
+            }
+        }
+        chainman.ReceivedBlockTransactions(block, pindex, blockPos);
+    } catch (const std::runtime_error& e) {
+        return FatalError(chainman.GetNotifications(), state, strprintf(_("System error while saving block to disk: %s"), e.what()));
+    }
+
+    // TODO: FlushStateToDisk() handles flushing of both block and chainstate
+    // data, so we should move this to ChainstateManager so that we can be more
+    // intelligent about how we flush.
+    // For now, since FlushStateMode::NONE is used, all that can happen is that
+    // the block files may be pruned, so we can just call this on one
+    // chainstate (particularly if we haven't implemented pruning with
+    // background validation yet).
+    chainman.ActiveChainstate().FlushStateToDisk(state, FlushStateMode::NONE);
+
+    chainman.CheckBlockIndex();
+
+    return true;
+}
+
+bool ProcessNewBlock(ChainstateManager& chainman, const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block)
+{
+    AssertLockNotHeld(cs_main);
+
+    {
+        CBlockIndex* pindex = nullptr;
+        if (new_block) *new_block = false;
+        BlockValidationState state;
+
+        // CheckBlock() does not support multi-threaded block validation because CBlock::fChecked can cause data race.
+        // Therefore, the following critical section must include the CheckBlock() call as well.
+        LOCK(cs_main);
+
+        // Skipping AcceptBlock() for CheckBlock() failures means that we will never mark a block as invalid if
+        // CheckBlock() fails.  This is protective against consensus failure if there are any unknown forms of block
+        // malleability that cause CheckBlock() to fail; see e.g. CVE-2012-2459 and
+        // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html.  Because CheckBlock() is
+        // not very expensive, the anti-DoS benefits of caching failure (of a definitely-invalid block) are not substantial.
+        bool ret = CheckBlock(*block, state, chainman.GetConsensus());
+        if (ret) {
+            // Store to disk
+            ret = AcceptBlock(chainman, block, state, &pindex, force_processing, nullptr, new_block, min_pow_checked);
+        }
+        if (!ret) {
+            if (chainman.m_options.signals) {
+                chainman.m_options.signals->BlockChecked(block, state);
+            }
+            LogError("%s: AcceptBlock FAILED (%s)\n", __func__, state.ToString());
+            return false;
+        }
+    }
+
+    chainman.NotifyHeaderTip();
+
+    BlockValidationState state; // Only used to report errors, not invalidity - ignore it
+    if (!chainman.ActiveChainstate().ActivateBestChain(state, block)) {
+        LogError("%s: ActivateBestChain failed (%s)\n", __func__, state.ToString());
+        return false;
+    }
+
+    return true;
+}
+
+BlockValidationState TestBlockValidity(
+    Chainstate& chainstate,
+    const CBlock& block,
+    const bool check_pow,
+    const bool check_merkle_root)
+{
+    // Lock must be held throughout this function for two reasons:
+    // 1. We don't want the tip to change during several of the validation steps
+    // 2. To prevent a CheckBlock() race condition for fChecked, see ProcessNewBlock()
+    AssertLockHeld(chainstate.m_chainman.GetMutex());
+
+    BlockValidationState state;
+    CBlockIndex* tip{Assert(chainstate.m_chain.Tip())};
+
+    if (block.hashPrevBlock != *Assert(tip->phashBlock)) {
+        state.Invalid({}, "inconclusive-not-best-prevblk");
+        return state;
+    }
+
+    // For signets CheckBlock() verifies the challenge iff fCheckPow is set.
+    if (!CheckBlock(block, state, chainstate.m_chainman.GetConsensus(), /*fCheckPow=*/check_pow, /*fCheckMerkleRoot=*/check_merkle_root)) {
+        // This should never happen, but belt-and-suspenders don't approve the
+        // block if it does.
+        if (state.IsValid()) NONFATAL_UNREACHABLE();
+        return state;
+    }
+
+    /**
+     * At this point ProcessNewBlock would call AcceptBlock(), but we
+     * don't want to store the block or its header. Run individual checks
+     * instead:
+     * - skip AcceptBlockHeader() because:
+     *   - we don't want to update the block index
+     *   - we do not care about duplicates
+     *   - we already ran CheckBlockHeader() via CheckBlock()
+     *   - we already checked for prev-blk-not-found
+     *   - we know the tip is valid, so no need to check bad-prevblk
+     * - we already ran CheckBlock()
+     * - do run ContextualCheckBlockHeader()
+     * - do run ContextualCheckBlock()
+     */
+
+    if (!ContextualCheckBlockHeader(block, state, chainstate.m_chainman, tip)) {
+        if (state.IsValid()) NONFATAL_UNREACHABLE();
+        return state;
+    }
+
+    if (!ContextualCheckBlock(block, state, chainstate.m_chainman, tip)) {
+        if (state.IsValid()) NONFATAL_UNREACHABLE();
+        return state;
+    }
+
+    // We don't want ConnectBlock to update the actual chainstate, so create
+    // a cache on top of it, along with a dummy block index.
+    CBlockIndex index_dummy{block};
+    uint256 block_hash(block.GetHash());
+    index_dummy.pprev = tip;
+    index_dummy.nHeight = tip->nHeight + 1;
+    index_dummy.phashBlock = &block_hash;
+    CCoinsViewCache view_dummy(&chainstate.CoinsTip());
+
+    // Set fJustCheck to true in order to update, and not clear, validation caches.
+    if (!ConnectBlock(chainstate, block, state, &index_dummy, view_dummy, /*fJustCheck=*/true)) {
+        if (state.IsValid()) NONFATAL_UNREACHABLE();
+        return state;
+    }
+
+    // Ensure no check returned successfully while also setting an invalid state.
+    if (!state.IsValid()) NONFATAL_UNREACHABLE();
+
+    return state;
+}
+
+CVerifyDB::CVerifyDB(Notifications& notifications)
+    : m_notifications{notifications}
+{
+    m_notifications.progress(_("Verifying blocks…"), 0, false);
+}
+
+CVerifyDB::~CVerifyDB()
+{
+    m_notifications.progress(bilingual_str{}, 100, false);
+}
+
+VerifyDBResult CVerifyDB::VerifyDB(
+    Chainstate& chainstate,
+    const Consensus::Params& consensus_params,
+    CCoinsView& coinsview,
+    int nCheckLevel, int nCheckDepth)
+{
+    AssertLockHeld(cs_main);
+
+    if (chainstate.m_chain.Tip() == nullptr || chainstate.m_chain.Tip()->pprev == nullptr) {
+        return VerifyDBResult::SUCCESS;
+    }
+
+    // Verify blocks in the best chain
+    if (nCheckDepth <= 0 || nCheckDepth > chainstate.m_chain.Height()) {
+        nCheckDepth = chainstate.m_chain.Height();
+    }
+    nCheckLevel = std::max(0, std::min(4, nCheckLevel));
+    LogInfo("Verifying last %i blocks at level %i", nCheckDepth, nCheckLevel);
+    CCoinsViewCache coins(&coinsview);
+    CBlockIndex* pindex;
+    CBlockIndex* pindexFailure = nullptr;
+    int nGoodTransactions = 0;
+    BlockValidationState state;
+    int reportDone = 0;
+    bool skipped_no_block_data{false};
+    bool skipped_l3_checks{false};
+    LogInfo("Verification progress: 0%%");
+
+    for (pindex = chainstate.m_chain.Tip(); pindex && pindex->pprev; pindex = pindex->pprev) {
+        const int percentageDone = std::max(1, std::min(99, (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * (nCheckLevel >= 4 ? 50 : 100))));
+        if (reportDone < percentageDone / 10) {
+            // report every 10% step
+            LogInfo("Verification progress: %d%%", percentageDone);
+            reportDone = percentageDone / 10;
+        }
+        m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
+        if (pindex->nHeight <= chainstate.m_chain.Height() - nCheckDepth) {
+            break;
+        }
+        if (chainstate.m_blockman.IsPruneMode() && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
+            // If pruning, only go back as far as we have data.
+            LogInfo("Block verification stopping at height %d (no data). This could be due to pruning.", pindex->nHeight);
+            skipped_no_block_data = true;
+            break;
+        }
+        CBlock block;
+        // check level 0: read from disk
+        if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
+            LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
+            return VerifyDBResult::CORRUPTED_BLOCK_DB;
+        }
+        // check level 1: verify block validity
+        if (nCheckLevel >= 1 && !CheckBlock(block, state, consensus_params)) {
+            LogError("Verification error: found bad block at %d, hash=%s (%s)",
+                     pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
+            return VerifyDBResult::CORRUPTED_BLOCK_DB;
+        }
+        // check level 2: verify undo validity
+        if (nCheckLevel >= 2 && pindex) {
+            CBlockUndo undo;
+            if (!pindex->GetUndoPos().IsNull()) {
+                if (!chainstate.m_blockman.ReadBlockUndo(undo, *pindex)) {
+                    LogError("Verification error: found bad undo data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
+                    return VerifyDBResult::CORRUPTED_BLOCK_DB;
+                }
+            }
+        }
+        // check level 3: check for inconsistencies during memory-only disconnect of tip blocks
+        size_t curr_coins_usage = coins.DynamicMemoryUsage() + chainstate.CoinsTip().DynamicMemoryUsage();
+
+        if (nCheckLevel >= 3) {
+            if (curr_coins_usage <= chainstate.m_coinstip_cache_size_bytes) {
+                assert(coins.GetBestBlock() == pindex->GetBlockHash());
+                DisconnectResult res = DisconnectBlock(chainstate, block, pindex, coins);
+                if (res == DISCONNECT_FAILED) {
+                    LogError("Verification error: irrecoverable inconsistency in block data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
+                    return VerifyDBResult::CORRUPTED_BLOCK_DB;
+                }
+                if (res == DISCONNECT_UNCLEAN) {
+                    nGoodTransactions = 0;
+                    pindexFailure = pindex;
+                } else {
+                    nGoodTransactions += block.vtx.size();
+                }
+            } else {
+                skipped_l3_checks = true;
+            }
+        }
+        if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
+    }
+    if (pindexFailure) {
+        LogError("Verification error: coin database inconsistencies found (last %i blocks, %i good transactions before that)", chainstate.m_chain.Height() - pindexFailure->nHeight + 1, nGoodTransactions);
+        return VerifyDBResult::CORRUPTED_BLOCK_DB;
+    }
+    if (skipped_l3_checks) {
+        LogWarning("Skipped verification of level >=3 (insufficient database cache size). Consider increasing -dbcache.");
+    }
+
+    // store block count as we move pindex at check level >= 4
+    int block_count = chainstate.m_chain.Height() - pindex->nHeight;
+
+    // check level 4: try reconnecting blocks
+    if (nCheckLevel >= 4 && !skipped_l3_checks) {
+        while (pindex != chainstate.m_chain.Tip()) {
+            const int percentageDone = std::max(1, std::min(99, 100 - (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * 50)));
+            if (reportDone < percentageDone / 10) {
+                // report every 10% step
+                LogInfo("Verification progress: %d%%", percentageDone);
+                reportDone = percentageDone / 10;
+            }
+            m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
+            pindex = chainstate.m_chain.Next(*pindex);
+            CBlock block;
+            if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
+                LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
+                return VerifyDBResult::CORRUPTED_BLOCK_DB;
+            }
+            if (!ConnectBlock(chainstate, block, state, pindex, coins)) {
+                LogError("Verification error: found unconnectable block at %d, hash=%s (%s)", pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
+                return VerifyDBResult::CORRUPTED_BLOCK_DB;
+            }
+            if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
+        }
+    }
+
+    LogInfo("Verification: No coin database inconsistencies in last %i blocks (%i transactions)", block_count, nGoodTransactions);
+
+    if (skipped_l3_checks) {
+        return VerifyDBResult::SKIPPED_L3_CHECKS;
+    }
+    if (skipped_no_block_data) {
+        return VerifyDBResult::SKIPPED_MISSING_BLOCKS;
+    }
+    return VerifyDBResult::SUCCESS;
+}
+
+/** Apply the effects of a block on the utxo cache, ignoring that it may already have been applied. */
+bool RollforwardBlock(Chainstate& chainstate, const CBlockIndex* pindex, CCoinsViewCache& inputs)
+{
+    AssertLockHeld(cs_main);
+    // TODO: merge with ConnectBlock
+    CBlock block;
+    if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
+        LogError("ReplayBlock(): ReadBlock failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
+        return false;
+    }
+
+    for (const CTransactionRef& tx : block.vtx) {
+        if (!tx->IsCoinBase()) {
+            for (const CTxIn& txin : tx->vin) {
+                inputs.SpendCoin(txin.prevout);
+            }
+        }
+        // Pass check = true as every addition may be an overwrite.
+        AddCoins(inputs, *tx, pindex->nHeight, true);
+    }
+    return true;
+}
+
+bool ReplayBlocks(Chainstate& chainstate)
+{
+    LOCK(cs_main);
+
+    CCoinsView& db = chainstate.CoinsDB();
+    CCoinsViewCache cache(&db);
+
+    std::vector<uint256> hashHeads = db.GetHeadBlocks();
+    if (hashHeads.empty()) return true; // We're already in a consistent state.
+    if (hashHeads.size() != 2) {
+        LogError("ReplayBlocks(): unknown inconsistent state\n");
+        return false;
+    }
+
+    chainstate.m_chainman.GetNotifications().progress(_("Replaying blocks…"), 0, false);
+    LogInfo("Replaying blocks");
+
+    const CBlockIndex* pindexOld = nullptr;  // Old tip during the interrupted flush.
+    const CBlockIndex* pindexNew;            // New tip during the interrupted flush.
+    const CBlockIndex* pindexFork = nullptr; // Latest block common to both the old and the new tip.
+
+    if (!chainstate.m_blockman.m_block_index.contains(hashHeads[0])) {
+        LogError("ReplayBlocks(): reorganization to unknown block requested\n");
+        return false;
+    }
+    pindexNew = &(chainstate.m_blockman.m_block_index[hashHeads[0]]);
+
+    if (!hashHeads[1].IsNull()) { // The old tip is allowed to be 0, indicating it's the first flush.
+        if (!chainstate.m_blockman.m_block_index.contains(hashHeads[1])) {
+            LogError("ReplayBlocks(): reorganization from unknown block requested\n");
+            return false;
+        }
+        pindexOld = &(chainstate.m_blockman.m_block_index[hashHeads[1]]);
+        pindexFork = LastCommonAncestor(pindexOld, pindexNew);
+        assert(pindexFork != nullptr);
+    }
+
+    // Rollback along the old branch.
+    const int nForkHeight{pindexFork ? pindexFork->nHeight : 0};
+    if (pindexOld != pindexFork) {
+        LogInfo("Rolling back from %s (%i to %i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight, nForkHeight);
+        while (pindexOld != pindexFork) {
+            if (pindexOld->nHeight > 0) { // Never disconnect the genesis block.
+                CBlock block;
+                if (!chainstate.m_blockman.ReadBlock(block, *pindexOld)) {
+                    LogError("RollbackBlock(): ReadBlock() failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
+                    return false;
+                }
+                if (pindexOld->nHeight % 10'000 == 0) {
+                    LogInfo("Rolling back %s (%i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight);
+                }
+                DisconnectResult res = DisconnectBlock(chainstate, block, pindexOld, cache);
+                if (res == DISCONNECT_FAILED) {
+                    LogError("RollbackBlock(): DisconnectBlock failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
+                    return false;
+                }
+                // If DISCONNECT_UNCLEAN is returned, it means a non-existing UTXO was deleted, or an existing UTXO was
+                // overwritten. It corresponds to cases where the block-to-be-disconnect never had all its operations
+                // applied to the UTXO set. However, as both writing a UTXO and deleting a UTXO are idempotent operations,
+                // the result is still a version of the UTXO set with the effects of that block undone.
+            }
+            pindexOld = pindexOld->pprev;
+        }
+        LogInfo("Rolled back to %s", pindexFork->GetBlockHash().ToString());
+    }
+
+    // Roll forward from the forking point to the new tip.
+    if (nForkHeight < pindexNew->nHeight) {
+        LogInfo("Rolling forward to %s (%i to %i)", pindexNew->GetBlockHash().ToString(), nForkHeight, pindexNew->nHeight);
+        for (int nHeight = nForkHeight + 1; nHeight <= pindexNew->nHeight; ++nHeight) {
+            const CBlockIndex& pindex{*Assert(pindexNew->GetAncestor(nHeight))};
+
+            if (nHeight % 10'000 == 0) {
+                LogInfo("Rolling forward %s (%i)", pindex.GetBlockHash().ToString(), nHeight);
+            }
+            chainstate.m_chainman.GetNotifications().progress(_("Replaying blocks…"), (int)((nHeight - nForkHeight) * 100.0 / (pindexNew->nHeight - nForkHeight)), false);
+            if (!RollforwardBlock(chainstate, &pindex, cache)) return false;
+        }
+        LogInfo("Rolled forward to %s", pindexNew->GetBlockHash().ToString());
+    }
+
+    cache.SetBestBlock(pindexNew->GetBlockHash());
+    cache.Flush(/*reallocate_cache=*/false); // local CCoinsViewCache goes out of scope
+    chainstate.m_chainman.GetNotifications().progress(bilingual_str{}, 100, false);
+    return true;
+}
+
+/**
+ * Check whether all of this transaction's input scripts succeed.
+ *
+ * This involves ECDSA signature checks so can be computationally intensive. This function should
+ * only be called after the cheap sanity checks in CheckTxInputs passed.
+ *
+ * If pvChecks is not nullptr, script checks are pushed onto it instead of being performed inline. Any
+ * script checks which are not necessary (eg due to script execution cache hits) are, obviously,
+ * not pushed onto pvChecks/run.
+ *
+ * Setting cacheSigStore/cacheFullScriptStore to false will remove elements from the corresponding cache
+ * which are matched. This is useful for checking blocks where we will likely never need the cache
+ * entry again.
+ *
+ * Note that we may set state.reason to NOT_STANDARD for extra soft-fork flags in flags, block-checking
+ * callers should probably reset it to CONSENSUS in such cases.
+ *
+ * Non-static (and redeclared) in src/test/txvalidationcache_tests.cpp
+ */
+bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
+                       const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
+                       bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
+                       ValidationCache& validation_cache,
+                       std::vector<CScriptCheck>* pvChecks)
+{
+    if (tx.IsCoinBase()) return true;
+
+    if (pvChecks) {
+        pvChecks->reserve(tx.vin.size());
+    }
+
+    // First check if script executions have been cached with the same
+    // flags. Note that this assumes that the inputs provided are
+    // correct (ie that the transaction hash which is in tx's prevouts
+    // properly commits to the scriptPubKey in the inputs view of that
+    // transaction).
+    uint256 hashCacheEntry;
+    CSHA256 hasher = validation_cache.ScriptExecutionCacheHasher();
+    hasher.Write(UCharCast(tx.GetWitnessHash().begin()), 32).Write((unsigned char*)&flags, sizeof(flags)).Finalize(hashCacheEntry.begin());
+    AssertLockHeld(cs_main); // TODO: Remove this requirement by making CuckooCache not require external locks
+    if (validation_cache.m_script_execution_cache.contains(hashCacheEntry, !cacheFullScriptStore)) {
+        return true;
+    }
+
+    if (!txdata.m_spent_outputs_ready) {
+        std::vector<CTxOut> spent_outputs;
+        spent_outputs.reserve(tx.vin.size());
+
+        for (const auto& txin : tx.vin) {
+            const COutPoint& prevout = txin.prevout;
+            const Coin& coin = inputs.AccessCoin(prevout);
+            assert(!coin.IsSpent());
+            spent_outputs.emplace_back(coin.out);
+        }
+        txdata.Init(tx, std::move(spent_outputs));
+    }
+    assert(txdata.m_spent_outputs.size() == tx.vin.size());
+
+    for (unsigned int i = 0; i < tx.vin.size(); i++) {
+        // We very carefully only pass in things to CScriptCheck which
+        // are clearly committed to by tx' witness hash. This provides
+        // a sanity check that our caching is not introducing consensus
+        // failures through additional data in, eg, the coins being
+        // spent being checked as a part of CScriptCheck.
+
+        // Verify signature
+        CScriptCheck check(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i, flags, cacheSigStore, &txdata);
+        if (pvChecks) {
+            pvChecks->emplace_back(std::move(check));
+        } else if (auto result = check(); result.has_value()) {
+            // Tx failures never trigger disconnections/bans.
+            // This is so that network splits aren't triggered
+            // either due to non-consensus relay policies (such as
+            // non-standard DER encodings or non-null dummy
+            // arguments) or due to new consensus rules introduced in
+            // soft forks.
+            if (flags & STANDARD_NOT_MANDATORY_VERIFY_FLAGS) {
+                return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("mempool-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
+            } else {
+                return state.Invalid(TxValidationResult::TX_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
+            }
+        }
+    }
+
+    if (cacheFullScriptStore && !pvChecks) {
+        // We executed all of the provided scripts, and were told to
+        // cache the result. Do so now.
+        validation_cache.m_script_execution_cache.insert(hashCacheEntry);
+    }
+
+    return true;
+}
+
+
+/** Mark a block as having its data received and checked (up to BLOCK_VALID_TRANSACTIONS). */
+
+bool IsBIP30Repeat(const CBlockIndex& block_index)
+{
+    return (block_index.nHeight == 91842 && block_index.GetBlockHash() == uint256{"00000000000a4d0a398161ffc163c503763b1f4360639393e0e4c8e300e0caec"}) ||
+           (block_index.nHeight == 91880 && block_index.GetBlockHash() == uint256{"00000000000743f190a18c5577a3c2d2a1f610ae9601ac046a38084ccb7cd721"});
+}
+
+bool IsBIP30Unspendable(const uint256& block_hash, int block_height)
+{
+    return (block_height == 91722 && block_hash == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
+           (block_height == 91812 && block_hash == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"});
+}
diff --git a/src/block_validation.h b/src/block_validation.h
new file mode 100644
index 000000000000..ad64aba927aa
--- /dev/null
+++ b/src/block_validation.h
@@ -0,0 +1,96 @@
+// Copyright (c) 2009-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_BLOCK_VALIDATION_H
+#define BITCOIN_BLOCK_VALIDATION_H
+
+#include <arith_uint256.h>
+#include <coins.h>
+#include <consensus/amount.h>
+#include <consensus/params.h>
+#include <consensus/validation.h>
+#include <kernel/cs_main.h>
+#include <primitives/block.h>
+#include <script/script_check.h>
+#include <script/verify_flags.h>
+
+#include <memory>
+#include <span>
+#include <vector>
+
+class CBlockIndex;
+class Chainstate;
+class ChainstateManager;
+class ValidationCache;
+class ValidationSignals;
+class CTransaction;
+
+/** Identifies blocks that overwrote an existing coinbase output in the UTXO set (see BIP30) */
+bool IsBIP30Repeat(const CBlockIndex& block_index);
+
+/** Identifies blocks which coinbase output was subsequently overwritten in the UTXO set (see BIP30) */
+bool IsBIP30Unspendable(const uint256& block_hash, int block_height);
+
+struct FlatFilePos;
+
+DisconnectResult DisconnectBlock(Chainstate& chainstate, const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view) EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
+bool ConnectBlock(Chainstate& chainstate, const CBlock& block, BlockValidationState& state, CBlockIndex* pindex, CCoinsViewCache& view, bool fJustCheck = false) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+bool RollforwardBlock(Chainstate& chainstate, const CBlockIndex* pindex, CCoinsViewCache& inputs) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+bool ReplayBlocks(Chainstate& chainstate);
+void UpdateUncommittedBlockStructures(const ChainstateManager& chainman, CBlock& block, const CBlockIndex* pindexPrev);
+void GenerateCoinbaseCommitment(const ChainstateManager& chainman, CBlock& block, const CBlockIndex* pindexPrev);
+bool ProcessNewBlockHeaders(ChainstateManager& chainman, std::span<const CBlockHeader> headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex = nullptr) LOCKS_EXCLUDED(cs_main);
+bool AcceptBlock(ChainstateManager& chainman, const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+bool ProcessNewBlock(ChainstateManager& chainman, const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block) LOCKS_EXCLUDED(cs_main);
+
+/** Context-independent validity checks */
+bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true, bool fCheckMerkleRoot = true);
+
+/** Check that the proof of work on each block header matches the value in nBits */
+bool HasValidProofOfWork(std::span<const CBlockHeader> headers, const Consensus::Params& consensusParams);
+
+/** Compute the block subsidy at a given height. */
+CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams);
+
+/** Check if a block has been mutated (with respect to its merkle root and witness commitments). */
+bool IsBlockMutated(const CBlock& block, bool check_witness_root);
+
+/** Return the sum of the claimed work on a given set of headers. No verification of PoW is done. */
+arith_uint256 CalculateClaimedHeadersWork(std::span<const CBlockHeader> headers);
+
+/**
+ * Verify a block, including transactions.
+ *
+ * @param[in]   block       The block we want to process. Must connect to the
+ *                          current tip.
+ * @param[in]   chainstate  The chainstate to connect to.
+ * @param[in]   check_pow   perform proof-of-work check, nBits in the header
+ *                          is always checked
+ * @param[in]   check_merkle_root check the merkle root
+ *
+ * @return Valid or Invalid state. This doesn't currently return an Error state,
+ *         and shouldn't unless there is something wrong with the existing
+ *         chainstate. (This is different from functions like AcceptBlock which
+ *         can fail trying to save new data.)
+ *
+ * For signets the challenge verification is skipped when check_pow is false.
+ */
+BlockValidationState TestBlockValidity(
+    Chainstate& chainstate,
+    const CBlock& block,
+    bool check_pow,
+    bool check_merkle_root) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
+/** Return the script verification flags which should be checked for a given block */
+script_verify_flags GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman);
+
+void LimitValidationInterfaceQueue(ValidationSignals& signals) LOCKS_EXCLUDED(cs_main);
+
+bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
+                       const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
+                       bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
+                       ValidationCache& validation_cache,
+                       std::vector<CScriptCheck>* pvChecks = nullptr) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
+#endif // BITCOIN_BLOCK_VALIDATION_H
diff --git a/src/blockencodings.cpp b/src/blockencodings.cpp
index 18799cd80833..4ca3b7e9030c 100644
--- a/src/blockencodings.cpp
+++ b/src/blockencodings.cpp
@@ -3,6 +3,8 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <blockencodings.h>
+
+#include <block_validation.h>
 #include <chainparams.h>
 #include <common/system.h>
 #include <consensus/consensus.h>
diff --git a/src/kernel/CMakeLists.txt b/src/kernel/CMakeLists.txt
index b2cfd9131a82..537cb7aaaee0 100644
--- a/src/kernel/CMakeLists.txt
+++ b/src/kernel/CMakeLists.txt
@@ -73,7 +73,9 @@ add_library(bitcoinkernel
   ../util/threadnames.cpp
   ../util/time.cpp
   ../util/tokenpipe.cpp
+  ../block_validation.cpp
   ../mempool_validation.cpp
+  ../script/script_check.cpp
   ../validation.cpp
   ../validationinterface.cpp
   ../versionbits.cpp
diff --git a/src/kernel/bitcoinkernel.cpp b/src/kernel/bitcoinkernel.cpp
index c6b1f6259ac8..68084d561d99 100644
--- a/src/kernel/bitcoinkernel.cpp
+++ b/src/kernel/bitcoinkernel.cpp
@@ -6,6 +6,7 @@
 
 #include <kernel/bitcoinkernel.h>
 
+#include <block_validation.h>
 #include <chain.h>
 #include <coins.h>
 #include <consensus/tx_check.h>
@@ -1332,7 +1333,7 @@ int btck_chainstate_manager_process_block(
     int* _new_block)
 {
     bool new_block;
-    auto result = btck_ChainstateManager::get(chainman).m_chainman->ProcessNewBlock(btck_Block::get(block), /*force_processing=*/true, /*min_pow_checked=*/true, /*new_block=*/&new_block);
+    auto result = ProcessNewBlock(*btck_ChainstateManager::get(chainman).m_chainman, btck_Block::get(block), /*force_processing=*/true, /*min_pow_checked=*/true, /*new_block=*/&new_block);
     if (_new_block) {
         *_new_block = new_block ? 1 : 0;
     }
@@ -1346,7 +1347,7 @@ int btck_chainstate_manager_process_block_header(
 {
     try {
         auto& chainman = btck_ChainstateManager::get(chainstate_manager).m_chainman;
-        auto result = chainman->ProcessNewBlockHeaders({&btck_BlockHeader::get(header), 1}, /*min_pow_checked=*/true, btck_BlockValidationState::get(state), /*ppindex=*/nullptr);
+        auto result = ProcessNewBlockHeaders(*chainman, {&btck_BlockHeader::get(header), 1}, /*min_pow_checked=*/true, btck_BlockValidationState::get(state), /*ppindex=*/nullptr);
 
         return result ? 0 : -1;
     } catch (const std::exception& e) {
diff --git a/src/net_processing.cpp b/src/net_processing.cpp
index 90deb039df04..8990c88d2c58 100644
--- a/src/net_processing.cpp
+++ b/src/net_processing.cpp
@@ -7,6 +7,7 @@
 
 #include <addrman.h>
 #include <arith_uint256.h>
+#include <block_validation.h>
 #include <banman.h>
 #include <blockencodings.h>
 #include <chain.h>
@@ -2973,9 +2974,9 @@ void PeerManagerImpl::ProcessHeadersMessage(CNode& pfrom, Peer& peer,
 
     // Now process all the headers.
     BlockValidationState state;
-    const bool processed{m_chainman.ProcessNewBlockHeaders(headers,
-                                                           /*min_pow_checked=*/true,
-                                                           state, &pindexLast)};
+    const bool processed{ProcessNewBlockHeaders(m_chainman, headers,
+                                                /*min_pow_checked=*/true,
+                                                state, &pindexLast)};
     if (!processed) {
         if (state.IsInvalid()) {
             if (!pfrom.IsInboundConn() && state.GetResult() == BlockValidationResult::BLOCK_CACHED_INVALID) {
@@ -3157,7 +3158,7 @@ bool PeerManagerImpl::ProcessOrphanTx(Peer& peer)
 void PeerManagerImpl::ProcessBlock(CNode& node, const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked)
 {
     bool new_block{false};
-    m_chainman.ProcessNewBlock(block, force_processing, min_pow_checked, &new_block);
+    ProcessNewBlock(m_chainman, block, force_processing, min_pow_checked, &new_block);
     if (new_block) {
         node.m_last_block_time = GetTime<std::chrono::seconds>();
         // In case this block came from a different peer than we requested
@@ -4233,7 +4234,7 @@ void PeerManagerImpl::ProcessMessage(Peer& peer, CNode& pfrom, const std::string
 
         const CBlockIndex *pindex = nullptr;
         BlockValidationState state;
-        if (!m_chainman.ProcessNewBlockHeaders({{cmpctblock.header}}, /*min_pow_checked=*/true, state, &pindex)) {
+        if (!ProcessNewBlockHeaders(m_chainman, {{cmpctblock.header}}, /*min_pow_checked=*/true, state, &pindex)) {
             if (state.IsInvalid()) {
                 MaybePunishNodeForBlock(pfrom.GetId(), state, /*via_compact_block=*/true, "invalid header via cmpctblock");
                 return;
diff --git a/src/node/blockstorage.h b/src/node/blockstorage.h
index b08a45a366e6..99a0c5919210 100644
--- a/src/node/blockstorage.h
+++ b/src/node/blockstorage.h
@@ -318,6 +318,7 @@ class BlockManager
 
     std::unique_ptr<BlockTreeDB> m_block_tree_db GUARDED_BY(::cs_main);
 
+    std::set<CBlockIndex*>& DirtyBlockIndex() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return m_dirty_blockindex; }
     void WriteBlockIndexDB() EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
     bool LoadBlockIndexDB()
         EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
diff --git a/src/node/chainstate.cpp b/src/node/chainstate.cpp
index 0f2ae59b7551..6a9f51a281eb 100644
--- a/src/node/chainstate.cpp
+++ b/src/node/chainstate.cpp
@@ -4,6 +4,7 @@
 
 #include <node/chainstate.h>
 
+#include <block_validation.h>
 #include <arith_uint256.h>
 #include <chain.h>
 #include <coins.h>
@@ -102,7 +103,7 @@ static ChainstateLoadResult CompleteChainstateInitialization(
     }
 
     // ReplayBlocks is a no-op if we cleared the coinsviewdb with -reindex or -reindex-chainstate
-    if (!chainstate.ReplayBlocks()) {
+    if (!ReplayBlocks(chainstate)) {
         return {ChainstateLoadStatus::FAILURE, _("Unable to replay blocks. You will need to rebuild the database using -reindex-chainstate.")};
     }
 
diff --git a/src/node/interfaces.cpp b/src/node/interfaces.cpp
index dd3cb483d957..236aedfed493 100644
--- a/src/node/interfaces.cpp
+++ b/src/node/interfaces.cpp
@@ -4,6 +4,7 @@
 
 #include <addrdb.h>
 #include <banman.h>
+#include <block_validation.h>
 #include <btcsignals.h>
 #include <chain.h>
 #include <chainparams.h>
@@ -787,7 +788,7 @@ class BlockTemplateImpl : public BlockTemplate
     bool submitSolution(uint32_t version, uint32_t timestamp, uint32_t nonce, CTransactionRef coinbase) override
     {
         AddMerkleRootAndCoinbase(m_block_template->block, std::move(coinbase), version, timestamp, nonce);
-        return chainman().ProcessNewBlock(std::make_shared<const CBlock>(m_block_template->block), /*force_processing=*/true, /*min_pow_checked=*/true, /*new_block=*/nullptr);
+        return ProcessNewBlock(chainman(), std::make_shared<const CBlock>(m_block_template->block), /*force_processing=*/true, /*min_pow_checked=*/true, /*new_block=*/nullptr);
     }
 
     std::unique_ptr<BlockTemplate> waitNext(BlockWaitOptions options) override
diff --git a/src/node/miner.cpp b/src/node/miner.cpp
index 7fc19deeb79a..16bd57a57dc8 100644
--- a/src/node/miner.cpp
+++ b/src/node/miner.cpp
@@ -5,6 +5,7 @@
 
 #include <node/miner.h>
 
+#include <block_validation.h>
 #include <chain.h>
 #include <chainparams.h>
 #include <coins.h>
@@ -71,7 +72,7 @@ void RegenerateCommitments(CBlock& block, ChainstateManager& chainman)
     block.vtx.at(0) = MakeTransactionRef(tx);
 
     const CBlockIndex* prev_block = WITH_LOCK(::cs_main, return chainman.m_blockman.LookupBlockIndex(block.hashPrevBlock));
-    chainman.GenerateCoinbaseCommitment(block, prev_block);
+    GenerateCoinbaseCommitment(chainman, block, prev_block);
 
     block.hashMerkleRoot = BlockMerkleRoot(block);
 }
@@ -201,7 +202,7 @@ std::unique_ptr<CBlockTemplate> BlockAssembler::CreateNewBlock()
     coinbase_tx.lock_time = coinbaseTx.nLockTime;
 
     pblock->vtx[0] = MakeTransactionRef(std::move(coinbaseTx));
-    m_chainstate.m_chainman.GenerateCoinbaseCommitment(*pblock, pindexPrev);
+    GenerateCoinbaseCommitment(m_chainstate.m_chainman, *pblock, pindexPrev);
 
     const CTransactionRef& final_coinbase{pblock->vtx[0]};
     if (final_coinbase->HasWitness()) {
diff --git a/src/script/script_check.cpp b/src/script/script_check.cpp
new file mode 100644
index 000000000000..5eaccf461430
--- /dev/null
+++ b/src/script/script_check.cpp
@@ -0,0 +1,22 @@
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2009-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <script/script_check.h>
+
+#include <script/interpreter.h>
+#include <tinyformat.h>
+
+std::optional<std::pair<ScriptError, std::string>> CScriptCheck::operator()()
+{
+    const CScript& scriptSig = ptxTo->vin[nIn].scriptSig;
+    const CScriptWitness* witness = &ptxTo->vin[nIn].scriptWitness;
+    ScriptError error{SCRIPT_ERR_UNKNOWN_ERROR};
+    if (VerifyScript(scriptSig, m_tx_out.scriptPubKey, witness, m_flags, CachingTransactionSignatureChecker(ptxTo, nIn, m_tx_out.nValue, cacheStore, *m_signature_cache, *txdata), &error)) {
+        return std::nullopt;
+    } else {
+        auto debug_str = strprintf("input %i of %s (wtxid %s), spending %s:%i", nIn, ptxTo->GetHash().ToString(), ptxTo->GetWitnessHash().ToString(), ptxTo->vin[nIn].prevout.hash.ToString(), ptxTo->vin[nIn].prevout.n);
+        return std::make_pair(error, std::move(debug_str));
+    }
+}
diff --git a/src/script/script_check.h b/src/script/script_check.h
new file mode 100644
index 000000000000..97679aa87946
--- /dev/null
+++ b/src/script/script_check.h
@@ -0,0 +1,52 @@
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2009-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_SCRIPT_SCRIPT_CHECK_H
+#define BITCOIN_SCRIPT_SCRIPT_CHECK_H
+
+#include <primitives/transaction.h>
+#include <script/script_error.h>
+#include <script/sigcache.h>
+#include <script/verify_flags.h>
+
+#include <optional>
+#include <string>
+#include <type_traits>
+#include <utility>
+
+struct PrecomputedTransactionData;
+
+/**
+ * Closure representing one script verification
+ * Note that this stores references to the spending transaction
+ */
+class CScriptCheck
+{
+private:
+    CTxOut m_tx_out;
+    const CTransaction* ptxTo;
+    unsigned int nIn;
+    script_verify_flags m_flags;
+    bool cacheStore;
+    PrecomputedTransactionData* txdata;
+    SignatureCache* m_signature_cache;
+
+public:
+    CScriptCheck(const CTxOut& outIn, const CTransaction& txToIn, SignatureCache& signature_cache, unsigned int nInIn, script_verify_flags flags, bool cacheIn, PrecomputedTransactionData* txdataIn) : m_tx_out(outIn), ptxTo(&txToIn), nIn(nInIn), m_flags(flags), cacheStore(cacheIn), txdata(txdataIn), m_signature_cache(&signature_cache) {}
+
+    CScriptCheck(const CScriptCheck&) = delete;
+    CScriptCheck& operator=(const CScriptCheck&) = delete;
+    CScriptCheck(CScriptCheck&&) = default;
+    CScriptCheck& operator=(CScriptCheck&&) = default;
+
+    std::optional<std::pair<ScriptError, std::string>> operator()();
+};
+
+// CScriptCheck is used a lot in std::vector, make sure that's efficient
+static_assert(std::is_nothrow_move_assignable_v<CScriptCheck>);
+static_assert(std::is_nothrow_move_constructible_v<CScriptCheck>);
+static_assert(std::is_nothrow_destructible_v<CScriptCheck>);
+
+#endif // BITCOIN_SCRIPT_SCRIPT_CHECK_H
diff --git a/src/test/fuzz/block.cpp b/src/test/fuzz/block.cpp
index 7b874429852a..37c03a4835c2 100644
--- a/src/test/fuzz/block.cpp
+++ b/src/test/fuzz/block.cpp
@@ -2,6 +2,7 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
+#include <block_validation.h>
 #include <chainparams.h>
 #include <consensus/merkle.h>
 #include <consensus/validation.h>
diff --git a/src/test/fuzz/cmpctblock.cpp b/src/test/fuzz/cmpctblock.cpp
index 85e3bedfe924..c24f5168c722 100644
--- a/src/test/fuzz/cmpctblock.cpp
+++ b/src/test/fuzz/cmpctblock.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <addrman.h>
+#include <block_validation.h>
 #include <blockencodings.h>
 #include <chain.h>
 #include <chainparams.h>
@@ -309,7 +310,7 @@ FUZZ_TARGET(cmpctblock, .init = initialize_cmpctblock)
         }
 
         CBlockIndex* pindexPrev{WITH_LOCK(::cs_main, return chainman.m_blockman.LookupBlockIndex(prev))};
-        chainman.GenerateCoinbaseCommitment(*block, pindexPrev);
+        GenerateCoinbaseCommitment(chainman, *block, pindexPrev);
 
         bool mutated;
         block->hashMerkleRoot = BlockMerkleRoot(*block, &mutated);
diff --git a/src/test/fuzz/headerssync.cpp b/src/test/fuzz/headerssync.cpp
index f54ea980e4e5..3804543a8990 100644
--- a/src/test/fuzz/headerssync.cpp
+++ b/src/test/fuzz/headerssync.cpp
@@ -3,6 +3,7 @@
 // file COPYING or https://opensource.org/license/mit.
 
 #include <arith_uint256.h>
+#include <block_validation.h>
 #include <chain.h>
 #include <chainparams.h>
 #include <headerssync.h>
diff --git a/src/test/fuzz/p2p_headers_presync.cpp b/src/test/fuzz/p2p_headers_presync.cpp
index 0e60cb2aded0..05b7a84f899f 100644
--- a/src/test/fuzz/p2p_headers_presync.cpp
+++ b/src/test/fuzz/p2p_headers_presync.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <arith_uint256.h>
+#include <block_validation.h>
 #include <blockencodings.h>
 #include <net.h>
 #include <net_processing.h>
diff --git a/src/test/miner_tests.cpp b/src/test/miner_tests.cpp
index d029bb9f640d..9c49c5679952 100644
--- a/src/test/miner_tests.cpp
+++ b/src/test/miner_tests.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <addresstype.h>
+#include <block_validation.h>
 #include <coins.h>
 #include <common/system.h>
 #include <consensus/consensus.h>
@@ -831,7 +832,7 @@ BOOST_AUTO_TEST_CASE(CreateNewBlock_validity)
         // via the Mining interface. The former is used by net_processing as well
         // as the submitblock RPC.
         if (current_height % 2 == 0) {
-            BOOST_REQUIRE(Assert(m_node.chainman)->ProcessNewBlock(shared_pblock, /*force_processing=*/true, /*min_pow_checked=*/true, nullptr));
+            BOOST_REQUIRE(ProcessNewBlock(*Assert(m_node.chainman), shared_pblock, /*force_processing=*/true, /*min_pow_checked=*/true, nullptr));
         } else {
             BOOST_REQUIRE(block_template->submitSolution(block.nVersion, block.nTime, block.nNonce, MakeTransactionRef(txCoinbase)));
         }
diff --git a/src/test/peerman_tests.cpp b/src/test/peerman_tests.cpp
index 36a66b14eb58..4159d574075a 100644
--- a/src/test/peerman_tests.cpp
+++ b/src/test/peerman_tests.cpp
@@ -2,6 +2,7 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or https://www.opensource.org/licenses/mit-license.php.
 
+#include <block_validation.h>
 #include <chainparams.h>
 #include <node/miner.h>
 #include <net_processing.h>
@@ -25,7 +26,7 @@ static void mineBlock(const node::NodeContext& node, std::chrono::seconds block_
     while (!CheckProofOfWork(block.GetHash(), block.nBits, node.chainman->GetConsensus())) ++block.nNonce;
     block.fChecked = true; // little speedup
     SetMockTime(curr_time); // process block at current time
-    Assert(node.chainman->ProcessNewBlock(std::make_shared<const CBlock>(block), /*force_processing=*/true, /*min_pow_checked=*/true, nullptr));
+    Assert(ProcessNewBlock(*node.chainman, std::make_shared<const CBlock>(block), /*force_processing=*/true, /*min_pow_checked=*/true, nullptr));
     node.validation_signals->SyncWithValidationInterfaceQueue(); // drain events queue
 }
 
diff --git a/src/test/util/mining.cpp b/src/test/util/mining.cpp
index 05f1be77ee29..d44a3ec9ccda 100644
--- a/src/test/util/mining.cpp
+++ b/src/test/util/mining.cpp
@@ -4,6 +4,7 @@
 
 #include <test/util/mining.h>
 
+#include <block_validation.h>
 #include <chainparams.h>
 #include <consensus/merkle.h>
 #include <consensus/validation.h>
@@ -109,7 +110,7 @@ COutPoint ProcessBlock(const NodeContext& node, const std::shared_ptr<CBlock>& b
     bool new_block;
     BlockValidationStateCatcher bvsc{block->GetHash()};
     node.validation_signals->RegisterValidationInterface(&bvsc);
-    const bool processed{chainman.ProcessNewBlock(block, true, true, &new_block)};
+    const bool processed{ProcessNewBlock(chainman, block, true, true, &new_block)};
     const bool duplicate{!new_block && processed};
     assert(!duplicate);
     node.validation_signals->UnregisterValidationInterface(&bvsc);
diff --git a/src/test/util/setup_common.cpp b/src/test/util/setup_common.cpp
index 1723a88235ab..e720d198f6c5 100644
--- a/src/test/util/setup_common.cpp
+++ b/src/test/util/setup_common.cpp
@@ -6,6 +6,7 @@
 
 #include <addrman.h>
 #include <banman.h>
+#include <block_validation.h>
 #include <chainparams.h>
 #include <common/system.h>
 #include <consensus/consensus.h>
@@ -427,7 +428,7 @@ CBlock TestChain100Setup::CreateAndProcessBlock(
 
     CBlock block = this->CreateBlock(txns, scriptPubKey, *chainstate);
     std::shared_ptr<const CBlock> shared_pblock = std::make_shared<const CBlock>(block);
-    Assert(m_node.chainman)->ProcessNewBlock(shared_pblock, true, true, nullptr);
+    ProcessNewBlock(*Assert(m_node.chainman), shared_pblock, true, true, nullptr);
 
     return block;
 }
diff --git a/src/test/validation_block_tests.cpp b/src/test/validation_block_tests.cpp
index 730d2632cfec..df6a714d7ed6 100644
--- a/src/test/validation_block_tests.cpp
+++ b/src/test/validation_block_tests.cpp
@@ -4,6 +4,7 @@
 
 #include <boost/test/unit_test.hpp>
 
+#include <block_validation.h>
 #include <chainparams.h>
 #include <consensus/merkle.h>
 #include <mempool_validation.h>
@@ -95,7 +96,7 @@ std::shared_ptr<CBlock> MinerTestingSetup::Block(const uint256& prev_hash)
 std::shared_ptr<CBlock> MinerTestingSetup::FinalizeBlock(std::shared_ptr<CBlock> pblock)
 {
     const CBlockIndex* prev_block{WITH_LOCK(::cs_main, return m_node.chainman->m_blockman.LookupBlockIndex(pblock->hashPrevBlock))};
-    m_node.chainman->GenerateCoinbaseCommitment(*pblock, prev_block);
+    GenerateCoinbaseCommitment(*m_node.chainman, *pblock, prev_block);
 
     pblock->hashMerkleRoot = BlockMerkleRoot(*pblock);
 
@@ -106,7 +107,7 @@ std::shared_ptr<CBlock> MinerTestingSetup::FinalizeBlock(std::shared_ptr<CBlock>
     // submit block header, so that miner can get the block height from the
     // global state and the node has the topology of the chain
     BlockValidationState ignored;
-    BOOST_CHECK(Assert(m_node.chainman)->ProcessNewBlockHeaders({{*pblock}}, true, ignored));
+    BOOST_CHECK(ProcessNewBlockHeaders(*Assert(m_node.chainman), {{*pblock}}, true, ignored));
 
     return pblock;
 }
@@ -164,7 +165,7 @@ BOOST_AUTO_TEST_CASE(processnewblock_signals_ordering)
 
     bool ignored;
     // Connect the genesis block and drain any outstanding events
-    BOOST_CHECK(Assert(m_node.chainman)->ProcessNewBlock(std::make_shared<CBlock>(Params().GenesisBlock()), true, true, &ignored));
+    BOOST_CHECK(ProcessNewBlock(*Assert(m_node.chainman), std::make_shared<CBlock>(Params().GenesisBlock()), true, true, &ignored));
     m_node.validation_signals->SyncWithValidationInterfaceQueue();
 
     // subscribe to events (this subscriber will validate event ordering)
@@ -187,13 +188,13 @@ BOOST_AUTO_TEST_CASE(processnewblock_signals_ordering)
             FastRandomContext insecure;
             for (int i = 0; i < 1000; i++) {
                 const auto& block = blocks[insecure.randrange(blocks.size() - 1)];
-                Assert(m_node.chainman)->ProcessNewBlock(block, true, true, &ignored);
+                ProcessNewBlock(*Assert(m_node.chainman), block, true, true, &ignored);
             }
 
             // to make sure that eventually we process the full chain - do it here
             for (const auto& block : blocks) {
                 if (block->vtx.size() == 1) {
-                    bool processed = Assert(m_node.chainman)->ProcessNewBlock(block, true, true, &ignored);
+                    bool processed = ProcessNewBlock(*Assert(m_node.chainman), block, true, true, &ignored);
                     assert(processed);
                 }
             }
@@ -232,7 +233,7 @@ BOOST_AUTO_TEST_CASE(mempool_locks_reorg)
 {
     bool ignored;
     auto ProcessBlock = [&](std::shared_ptr<const CBlock> block) -> bool {
-        return Assert(m_node.chainman)->ProcessNewBlock(block, /*force_processing=*/true, /*min_pow_checked=*/true, /*new_block=*/&ignored);
+        return ProcessNewBlock(*Assert(m_node.chainman), block, /*force_processing=*/true, /*min_pow_checked=*/true, /*new_block=*/&ignored);
     };
 
     // Process all mined blocks
diff --git a/src/test/validation_chainstate_tests.cpp b/src/test/validation_chainstate_tests.cpp
index 09403654baa3..865d403cea74 100644
--- a/src/test/validation_chainstate_tests.cpp
+++ b/src/test/validation_chainstate_tests.cpp
@@ -2,6 +2,7 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 //
+#include <block_validation.h>
 #include <chainparams.h>
 #include <consensus/amount.h>
 #include <consensus/validation.h>
@@ -83,7 +84,7 @@ BOOST_FIXTURE_TEST_CASE(connect_tip_does_not_cache_inputs_on_failed_connect, Tes
 
     const auto tip{WITH_LOCK(cs_main, return chainstate.m_chain.Tip()->GetBlockHash())};
     const CBlock block{CreateBlock({tx}, CScript{} << OP_TRUE, chainstate)};
-    BOOST_CHECK(Assert(m_node.chainman)->ProcessNewBlock(std::make_shared<CBlock>(block), true, true, nullptr));
+    BOOST_CHECK(ProcessNewBlock(*Assert(m_node.chainman), std::make_shared<CBlock>(block), true, true, nullptr));
 
     LOCK(cs_main);
     BOOST_CHECK_EQUAL(tip, chainstate.m_chain.Tip()->GetBlockHash()); // block rejected
diff --git a/src/test/validation_tests.cpp b/src/test/validation_tests.cpp
index e5c8b4c554a6..f571667af9bf 100644
--- a/src/test/validation_tests.cpp
+++ b/src/test/validation_tests.cpp
@@ -2,6 +2,7 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
+#include <block_validation.h>
 #include <chainparams.h>
 #include <consensus/amount.h>
 #include <consensus/merkle.h>
diff --git a/src/validation.cpp b/src/validation.cpp
index 134fcf4be028..7a929f1a0c64 100644
--- a/src/validation.cpp
+++ b/src/validation.cpp
@@ -8,45 +8,32 @@
 #include <validation.h>
 
 #include <arith_uint256.h>
+#include <block_validation.h>
 #include <chain.h>
-#include <checkqueue.h>
 #include <clientversion.h>
 #include <consensus/amount.h>
 #include <consensus/consensus.h>
-#include <consensus/merkle.h>
-#include <consensus/tx_check.h>
-#include <consensus/tx_verify.h>
 #include <consensus/validation.h>
-#include <cuckoocache.h>
 #include <flatfile.h>
-#include <hash.h>
 #include <kernel/chainparams.h>
 #include <kernel/coinstats.h>
 #include <kernel/disconnected_transactions.h>
-#include <kernel/mempool_entry.h>
 #include <kernel/messagestartchars.h>
 #include <kernel/notifications_interface.h>
 #include <kernel/warning.h>
 #include <logging/timer.h>
 #include <mempool_validation.h>
 #include <node/blockstorage.h>
-#include <policy/ephemeral_policy.h>
 #include <policy/policy.h>
-#include <policy/rbf.h>
 #include <policy/settings.h>
-#include <policy/truc_policy.h>
 #include <pow.h>
 #include <primitives/block.h>
 #include <primitives/transaction.h>
 #include <random.h>
-#include <script/script.h>
-#include <script/sigcache.h>
-#include <signet.h>
 #include <tinyformat.h>
 #include <txdb.h>
 #include <txmempool.h>
 #include <uint256.h>
-#include <undo.h>
 #include <util/byte_units.h>
 #include <util/check.h>
 #include <util/fs.h>
@@ -54,7 +41,6 @@
 #include <util/hasher.h>
 #include <util/log.h>
 #include <util/moneystr.h>
-#include <util/rbf.h>
 #include <util/result.h>
 #include <util/signalinterrupt.h>
 #include <util/strencodings.h>
@@ -73,7 +59,6 @@
 #include <ranges>
 #include <span>
 #include <string>
-#include <tuple>
 #include <utility>
 
 using kernel::Notifications;
@@ -105,7 +90,6 @@ const std::vector<std::string> CHECKLEVEL_DOC {
  * */
 static constexpr int PRUNE_LOCK_BUFFER{10};
 
-TRACEPOINT_SEMAPHORE(validation, block_connected);
 TRACEPOINT_SEMAPHORE(utxocache, flush);
 
 const CBlockIndex* Chainstate::FindForkInGlobalIndex(const CBlockLocator& locator) const
@@ -128,18 +112,6 @@ const CBlockIndex* Chainstate::FindForkInGlobalIndex(const CBlockLocator& locato
     return m_chain.Genesis();
 }
 
-CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams)
-{
-    int halvings = nHeight / consensusParams.nSubsidyHalvingInterval;
-    // Force block reward to zero when right shift is undefined.
-    if (halvings >= 64)
-        return 0;
-
-    CAmount nSubsidy = 50 * COIN;
-    // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years.
-    nSubsidy >>= halvings;
-    return nSubsidy;
-}
 
 CoinsViews::CoinsViews(DBParams db_params, CoinsViewOptions options)
     : m_dbview{std::move(db_params), std::move(options)},
@@ -247,17 +219,6 @@ void Chainstate::InvalidBlockFound(CBlockIndex* pindex, const BlockValidationSta
     }
 }
 
-std::optional<std::pair<ScriptError, std::string>> CScriptCheck::operator()() {
-    const CScript &scriptSig = ptxTo->vin[nIn].scriptSig;
-    const CScriptWitness *witness = &ptxTo->vin[nIn].scriptWitness;
-    ScriptError error{SCRIPT_ERR_UNKNOWN_ERROR};
-    if (VerifyScript(scriptSig, m_tx_out.scriptPubKey, witness, m_flags, CachingTransactionSignatureChecker(ptxTo, nIn, m_tx_out.nValue, cacheStore, *m_signature_cache, *txdata), &error)) {
-        return std::nullopt;
-    } else {
-        auto debug_str = strprintf("input %i of %s (wtxid %s), spending %s:%i", nIn, ptxTo->GetHash().ToString(), ptxTo->GetWitnessHash().ToString(), ptxTo->vin[nIn].prevout.hash.ToString(), ptxTo->vin[nIn].prevout.n);
-        return std::make_pair(error, std::move(debug_str));
-    }
-}
 
 ValidationCache::ValidationCache(const size_t script_execution_cache_bytes, const size_t signature_cache_bytes)
     : m_signature_cache{signature_cache_bytes}
@@ -275,99 +236,6 @@ ValidationCache::ValidationCache(const size_t script_execution_cache_bytes, cons
               approx_size_bytes >> 20, script_execution_cache_bytes >> 20, num_elems);
 }
 
-/**
- * Check whether all of this transaction's input scripts succeed.
- *
- * This involves ECDSA signature checks so can be computationally intensive. This function should
- * only be called after the cheap sanity checks in CheckTxInputs passed.
- *
- * If pvChecks is not nullptr, script checks are pushed onto it instead of being performed inline. Any
- * script checks which are not necessary (eg due to script execution cache hits) are, obviously,
- * not pushed onto pvChecks/run.
- *
- * Setting cacheSigStore/cacheFullScriptStore to false will remove elements from the corresponding cache
- * which are matched. This is useful for checking blocks where we will likely never need the cache
- * entry again.
- *
- * Note that we may set state.reason to NOT_STANDARD for extra soft-fork flags in flags, block-checking
- * callers should probably reset it to CONSENSUS in such cases.
- *
- * Non-static (and redeclared) in src/test/txvalidationcache_tests.cpp
- */
-bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
-                       const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
-                       bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
-                       ValidationCache& validation_cache,
-                       std::vector<CScriptCheck>* pvChecks)
-{
-    if (tx.IsCoinBase()) return true;
-
-    if (pvChecks) {
-        pvChecks->reserve(tx.vin.size());
-    }
-
-    // First check if script executions have been cached with the same
-    // flags. Note that this assumes that the inputs provided are
-    // correct (ie that the transaction hash which is in tx's prevouts
-    // properly commits to the scriptPubKey in the inputs view of that
-    // transaction).
-    uint256 hashCacheEntry;
-    CSHA256 hasher = validation_cache.ScriptExecutionCacheHasher();
-    hasher.Write(UCharCast(tx.GetWitnessHash().begin()), 32).Write((unsigned char*)&flags, sizeof(flags)).Finalize(hashCacheEntry.begin());
-    AssertLockHeld(cs_main); //TODO: Remove this requirement by making CuckooCache not require external locks
-    if (validation_cache.m_script_execution_cache.contains(hashCacheEntry, !cacheFullScriptStore)) {
-        return true;
-    }
-
-    if (!txdata.m_spent_outputs_ready) {
-        std::vector<CTxOut> spent_outputs;
-        spent_outputs.reserve(tx.vin.size());
-
-        for (const auto& txin : tx.vin) {
-            const COutPoint& prevout = txin.prevout;
-            const Coin& coin = inputs.AccessCoin(prevout);
-            assert(!coin.IsSpent());
-            spent_outputs.emplace_back(coin.out);
-        }
-        txdata.Init(tx, std::move(spent_outputs));
-    }
-    assert(txdata.m_spent_outputs.size() == tx.vin.size());
-
-    for (unsigned int i = 0; i < tx.vin.size(); i++) {
-
-        // We very carefully only pass in things to CScriptCheck which
-        // are clearly committed to by tx' witness hash. This provides
-        // a sanity check that our caching is not introducing consensus
-        // failures through additional data in, eg, the coins being
-        // spent being checked as a part of CScriptCheck.
-
-        // Verify signature
-        CScriptCheck check(txdata.m_spent_outputs[i], tx, validation_cache.m_signature_cache, i, flags, cacheSigStore, &txdata);
-        if (pvChecks) {
-            pvChecks->emplace_back(std::move(check));
-        } else if (auto result = check(); result.has_value()) {
-            // Tx failures never trigger disconnections/bans.
-            // This is so that network splits aren't triggered
-            // either due to non-consensus relay policies (such as
-            // non-standard DER encodings or non-null dummy
-            // arguments) or due to new consensus rules introduced in
-            // soft forks.
-            if (flags & STANDARD_NOT_MANDATORY_VERIFY_FLAGS) {
-                return state.Invalid(TxValidationResult::TX_NOT_STANDARD, strprintf("mempool-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
-            } else {
-                return state.Invalid(TxValidationResult::TX_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(result->first)), result->second);
-            }
-        }
-    }
-
-    if (cacheFullScriptStore && !pvChecks) {
-        // We executed all of the provided scripts, and were told to
-        // cache the result. Do so now.
-        validation_cache.m_script_execution_cache.insert(hashCacheEntry);
-    }
-
-    return true;
-}
 
 bool FatalError(Notifications& notifications, BlockValidationState& state, const bilingual_str& message)
 {
@@ -377,499 +245,8 @@ bool FatalError(Notifications& notifications, BlockValidationState& state, const
 
 /** Undo the effects of this block (with given index) on the UTXO set represented by coins.
  *  When FAILED is returned, view is left in an indeterminate state. */
-DisconnectResult Chainstate::DisconnectBlock(const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
-{
-    AssertLockHeld(::cs_main);
-    bool fClean = true;
-
-    CBlockUndo blockUndo;
-    if (!m_blockman.ReadBlockUndo(blockUndo, *pindex)) {
-        LogError("DisconnectBlock(): failure reading undo data\n");
-        return DISCONNECT_FAILED;
-    }
-
-    if (blockUndo.vtxundo.size() + 1 != block.vtx.size()) {
-        LogError("DisconnectBlock(): block and undo data inconsistent\n");
-        return DISCONNECT_FAILED;
-    }
-
-    // Ignore blocks that contain transactions which are 'overwritten' by later transactions,
-    // unless those are already completely spent.
-    // See https://github.com/bitcoin/bitcoin/issues/22596 for additional information.
-    // Note: the blocks specified here are different than the ones used in ConnectBlock because DisconnectBlock
-    // unwinds the blocks in reverse. As a result, the inconsistency is not discovered until the earlier
-    // blocks with the duplicate coinbase transactions are disconnected.
-    bool fEnforceBIP30 = !((pindex->nHeight==91722 && pindex->GetBlockHash() == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
-                           (pindex->nHeight==91812 && pindex->GetBlockHash() == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"}));
-
-    // undo transactions in reverse order
-    for (int i = block.vtx.size() - 1; i >= 0; i--) {
-        const CTransaction &tx = *(block.vtx[i]);
-        Txid hash = tx.GetHash();
-        bool is_coinbase = tx.IsCoinBase();
-        bool is_bip30_exception = (is_coinbase && !fEnforceBIP30);
-
-        // Check that all outputs are available and match the outputs in the block itself
-        // exactly.
-        for (size_t o = 0; o < tx.vout.size(); o++) {
-            if (!tx.vout[o].scriptPubKey.IsUnspendable()) {
-                COutPoint out(hash, o);
-                Coin coin;
-                bool is_spent = view.SpendCoin(out, &coin);
-                if (!is_spent || tx.vout[o] != coin.out || pindex->nHeight != coin.nHeight || is_coinbase != coin.IsCoinBase()) {
-                    if (!is_bip30_exception) {
-                        fClean = false; // transaction output mismatch
-                    }
-                }
-            }
-        }
-
-        // restore inputs
-        if (i > 0) { // not coinbases
-            CTxUndo &txundo = blockUndo.vtxundo[i-1];
-            if (txundo.vprevout.size() != tx.vin.size()) {
-                LogError("DisconnectBlock(): transaction and undo data inconsistent\n");
-                return DISCONNECT_FAILED;
-            }
-            for (unsigned int j = tx.vin.size(); j > 0;) {
-                --j;
-                const COutPoint& out = tx.vin[j].prevout;
-                DisconnectResult res = ApplyTxInUndo(std::move(txundo.vprevout[j]), view, out);
-                if (res == DISCONNECT_FAILED) return DISCONNECT_FAILED;
-                fClean = fClean && res != DISCONNECT_UNCLEAN;
-            }
-            // At this point, all of txundo.vprevout should have been moved out.
-        }
-    }
-
-    // move best block pointer to prevout block
-    view.SetBestBlock(pindex->pprev->GetBlockHash());
 
-    return fClean ? DISCONNECT_OK : DISCONNECT_UNCLEAN;
-}
-
-script_verify_flags GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman)
-{
-    const Consensus::Params& consensusparams = chainman.GetConsensus();
-
-    // BIP16 didn't become active until Apr 1 2012 (on mainnet, and
-    // retroactively applied to testnet)
-    // However, only one historical block violated the P2SH rules (on both
-    // mainnet and testnet).
-    // Similarly, only one historical block violated the TAPROOT rules on
-    // mainnet.
-    // For simplicity, always leave P2SH+WITNESS+TAPROOT on except for the two
-    // violating blocks.
-    script_verify_flags flags{SCRIPT_VERIFY_P2SH | SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_TAPROOT};
-    const auto it{consensusparams.script_flag_exceptions.find(*Assert(block_index.phashBlock))};
-    if (it != consensusparams.script_flag_exceptions.end()) {
-        flags = it->second;
-    }
-
-    // Enforce the DERSIG (BIP66) rule
-    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_DERSIG)) {
-        flags |= SCRIPT_VERIFY_DERSIG;
-    }
 
-    // Enforce CHECKLOCKTIMEVERIFY (BIP65)
-    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CLTV)) {
-        flags |= SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY;
-    }
-
-    // Enforce CHECKSEQUENCEVERIFY (BIP112)
-    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_CSV)) {
-        flags |= SCRIPT_VERIFY_CHECKSEQUENCEVERIFY;
-    }
-
-    // Enforce BIP147 NULLDUMMY (activated simultaneously with segwit)
-    if (DeploymentActiveAt(block_index, chainman, Consensus::DEPLOYMENT_SEGWIT)) {
-        flags |= SCRIPT_VERIFY_NULLDUMMY;
-    }
-
-    return flags;
-}
-
-
-/** Apply the effects of this block (with given index) on the UTXO set represented by coins.
- *  Validity checks that depend on the UTXO set are also done; ConnectBlock()
- *  can fail if those validity checks fail (among other reasons). */
-bool Chainstate::ConnectBlock(const CBlock& block, BlockValidationState& state, CBlockIndex* pindex,
-                               CCoinsViewCache& view, bool fJustCheck)
-{
-    AssertLockHeld(cs_main);
-    assert(pindex);
-
-    uint256 block_hash{block.GetHash()};
-    assert(*pindex->phashBlock == block_hash);
-
-    const auto time_start{SteadyClock::now()};
-    const CChainParams& params{m_chainman.GetParams()};
-
-    // Check it again in case a previous version let a bad block in
-    // NOTE: We don't currently (re-)invoke ContextualCheckBlock() or
-    // ContextualCheckBlockHeader() here. This means that if we add a new
-    // consensus rule that is enforced in one of those two functions, then we
-    // may have let in a block that violates the rule prior to updating the
-    // software, and we would NOT be enforcing the rule here. Fully solving
-    // upgrade from one software version to the next after a consensus rule
-    // change is potentially tricky and issue-specific (see NeedsRedownload()
-    // for one approach that was used for BIP 141 deployment).
-    // Also, currently the rule against blocks more than 2 hours in the future
-    // is enforced in ContextualCheckBlockHeader(); we wouldn't want to
-    // re-enforce that rule here (at least until we make it impossible for
-    // the clock to go backward).
-    if (!CheckBlock(block, state, params.GetConsensus(), !fJustCheck, !fJustCheck)) {
-        if (state.GetResult() == BlockValidationResult::BLOCK_MUTATED) {
-            // We don't write down blocks to disk if they may have been
-            // corrupted, so this should be impossible unless we're having hardware
-            // problems.
-            return FatalError(m_chainman.GetNotifications(), state, _("Corrupt block found indicating potential hardware failure."));
-        }
-        LogError("%s: Consensus::CheckBlock: %s\n", __func__, state.ToString());
-        return false;
-    }
-
-    // verify that the view's current state corresponds to the previous block
-    uint256 hashPrevBlock = pindex->pprev == nullptr ? uint256() : pindex->pprev->GetBlockHash();
-    assert(hashPrevBlock == view.GetBestBlock());
-
-    m_chainman.num_blocks_total++;
-
-    // Special case for the genesis block, skipping connection of its transactions
-    // (its coinbase is unspendable)
-    if (block_hash == params.GetConsensus().hashGenesisBlock) {
-        if (!fJustCheck)
-            view.SetBestBlock(pindex->GetBlockHash());
-        return true;
-    }
-
-    const char* script_check_reason;
-    if (m_chainman.AssumedValidBlock().IsNull()) {
-        script_check_reason = "assumevalid=0 (always verify)";
-    } else {
-        constexpr int64_t TWO_WEEKS_IN_SECONDS{60 * 60 * 24 * 7 * 2};
-        // We've been configured with the hash of a block which has been externally verified to have a valid history.
-        // A suitable default value is included with the software and updated from time to time.  Because validity
-        //  relative to a piece of software is an objective fact these defaults can be easily reviewed.
-        // This setting doesn't force the selection of any particular chain but makes validating some faster by
-        //  effectively caching the result of part of the verification.
-        BlockMap::const_iterator it{m_blockman.m_block_index.find(m_chainman.AssumedValidBlock())};
-        if (it == m_blockman.m_block_index.end()) {
-            script_check_reason = "assumevalid hash not in headers";
-        } else if (it->second.GetAncestor(pindex->nHeight) != pindex) {
-            script_check_reason = (pindex->nHeight > it->second.nHeight) ? "block height above assumevalid height" : "block not in assumevalid chain";
-        } else if (m_chainman.m_best_header->GetAncestor(pindex->nHeight) != pindex) {
-            script_check_reason = "block not in best header chain";
-        } else if (m_chainman.m_best_header->nChainWork < m_chainman.MinimumChainWork()) {
-            script_check_reason = "best header chainwork below minimumchainwork";
-        } else if (GetBlockProofEquivalentTime(*m_chainman.m_best_header, *pindex, *m_chainman.m_best_header, params.GetConsensus()) <= TWO_WEEKS_IN_SECONDS) {
-            script_check_reason = "block too recent relative to best header";
-        } else {
-            // This block is a member of the assumed verified chain and an ancestor of the best header.
-            // Script verification is skipped when connecting blocks under the
-            //  assumevalid block. Assuming the assumevalid block is valid this
-            //  is safe because block merkle hashes are still computed and checked,
-            // Of course, if an assumed valid block is invalid due to false scriptSigs
-            //  this optimization would allow an invalid chain to be accepted.
-            // The equivalent time check discourages hash power from extorting the network via DOS attack
-            //  into accepting an invalid block through telling users they must manually set assumevalid.
-            //  Requiring a software change or burying the invalid block, regardless of the setting, makes
-            //  it hard to hide the implication of the demand. This also avoids having release candidates
-            //  that are hardly doing any signature verification at all in testing without having to
-            //  artificially set the default assumed verified block further back.
-            // The test against the minimum chain work prevents the skipping when denied access to any chain at
-            //  least as good as the expected chain.
-            script_check_reason = nullptr;
-        }
-    }
-
-    const auto time_1{SteadyClock::now()};
-    m_chainman.time_check += time_1 - time_start;
-    LogDebug(BCLog::BENCH, "    - Sanity checks: %.2fms [%.2fs (%.2fms/blk)]\n",
-             Ticks<MillisecondsDouble>(time_1 - time_start),
-             Ticks<SecondsDouble>(m_chainman.time_check),
-             Ticks<MillisecondsDouble>(m_chainman.time_check) / m_chainman.num_blocks_total);
-
-    // Do not allow blocks that contain transactions which 'overwrite' older transactions,
-    // unless those are already completely spent.
-    // If such overwrites are allowed, coinbases and transactions depending upon those
-    // can be duplicated to remove the ability to spend the first instance -- even after
-    // being sent to another address.
-    // See BIP30, CVE-2012-1909, and https://r6.ca/blog/20120206T005236Z.html for more information.
-    // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC.
-    // Now that the whole chain is irreversibly beyond that time it is applied to all blocks except the
-    // two in the chain that violate it. This prevents exploiting the issue against nodes during their
-    // initial block download.
-    bool fEnforceBIP30 = !IsBIP30Repeat(*pindex);
-
-    // Once BIP34 activated it was not possible to create new duplicate coinbases and thus other than starting
-    // with the 2 existing duplicate coinbase pairs, not possible to create overwriting txs.  But by the
-    // time BIP34 activated, in each of the existing pairs the duplicate coinbase had overwritten the first
-    // before the first had been spent.  Since those coinbases are sufficiently buried it's no longer possible to create further
-    // duplicate transactions descending from the known pairs either.
-    // If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
-
-    // BIP34 requires that a block at height X (block X) has its coinbase
-    // scriptSig start with a CScriptNum of X (indicated height X).  The above
-    // logic of no longer requiring BIP30 once BIP34 activates is flawed in the
-    // case that there is a block X before the BIP34 height of 227,931 which has
-    // an indicated height Y where Y is greater than X.  The coinbase for block
-    // X would also be a valid coinbase for block Y, which could be a BIP30
-    // violation.  An exhaustive search of all mainnet coinbases before the
-    // BIP34 height which have an indicated height greater than the block height
-    // reveals many occurrences. The 3 lowest indicated heights found are
-    // 209,921, 490,897, and 1,983,702 and thus coinbases for blocks at these 3
-    // heights would be the first opportunity for BIP30 to be violated.
-
-    // The search reveals a great many blocks which have an indicated height
-    // greater than 1,983,702, so we simply remove the optimization to skip
-    // BIP30 checking for blocks at height 1,983,702 or higher.  Before we reach
-    // that block in another 25 years or so, we should take advantage of a
-    // future consensus change to do a new and improved version of BIP34 that
-    // will actually prevent ever creating any duplicate coinbases in the
-    // future.
-    static constexpr int BIP34_IMPLIES_BIP30_LIMIT = 1983702;
-
-    // There is no potential to create a duplicate coinbase at block 209,921
-    // because this is still before the BIP34 height and so explicit BIP30
-    // checking is still active.
-
-    // The final case is block 176,684 which has an indicated height of
-    // 490,897. Unfortunately, this issue was not discovered until about 2 weeks
-    // before block 490,897 so there was not much opportunity to address this
-    // case other than to carefully analyze it and determine it would not be a
-    // problem. Block 490,897 was, in fact, mined with a different coinbase than
-    // block 176,684, but it is important to note that even if it hadn't been or
-    // is remined on an alternate fork with a duplicate coinbase, we would still
-    // not run into a BIP30 violation.  This is because the coinbase for 176,684
-    // is spent in block 185,956 in transaction
-    // d4f7fbbf92f4a3014a230b2dc70b8058d02eb36ac06b4a0736d9d60eaa9e8781.  This
-    // spending transaction can't be duplicated because it also spends coinbase
-    // 0328dd85c331237f18e781d692c92de57649529bd5edf1d01036daea32ffde29.  This
-    // coinbase has an indicated height of over 4.2 billion, and wouldn't be
-    // duplicatable until that height, and it's currently impossible to create a
-    // chain that long. Nevertheless we may wish to consider a future soft fork
-    // which retroactively prevents block 490,897 from creating a duplicate
-    // coinbase. The two historical BIP30 violations often provide a confusing
-    // edge case when manipulating the UTXO and it would be simpler not to have
-    // another edge case to deal with.
-
-    // testnet3 has no blocks before the BIP34 height with indicated heights
-    // post BIP34 before approximately height 486,000,000. After block
-    // 1,983,702 testnet3 starts doing unnecessary BIP30 checking again.
-    assert(pindex->pprev);
-    CBlockIndex* pindexBIP34height = pindex->pprev->GetAncestor(params.GetConsensus().BIP34Height);
-    //Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
-    fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == params.GetConsensus().BIP34Hash));
-
-    // TODO: Remove BIP30 checking from block height 1,983,702 on, once we have a
-    // consensus change that ensures coinbases at those heights cannot
-    // duplicate earlier coinbases.
-    if (fEnforceBIP30 || pindex->nHeight >= BIP34_IMPLIES_BIP30_LIMIT) {
-        for (const auto& tx : block.vtx) {
-            for (size_t o = 0; o < tx->vout.size(); o++) {
-                if (view.HaveCoin(COutPoint(tx->GetHash(), o))) {
-                    state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-BIP30",
-                                  "tried to overwrite transaction");
-                }
-            }
-        }
-    }
-
-    // Enforce BIP68 (sequence locks)
-    int nLockTimeFlags = 0;
-    if (DeploymentActiveAt(*pindex, m_chainman, Consensus::DEPLOYMENT_CSV)) {
-        nLockTimeFlags |= LOCKTIME_VERIFY_SEQUENCE;
-    }
-
-    // Get the script flags for this block
-    script_verify_flags flags{GetBlockScriptFlags(*pindex, m_chainman)};
-
-    const auto time_2{SteadyClock::now()};
-    m_chainman.time_forks += time_2 - time_1;
-    LogDebug(BCLog::BENCH, "    - Fork checks: %.2fms [%.2fs (%.2fms/blk)]\n",
-             Ticks<MillisecondsDouble>(time_2 - time_1),
-             Ticks<SecondsDouble>(m_chainman.time_forks),
-             Ticks<MillisecondsDouble>(m_chainman.time_forks) / m_chainman.num_blocks_total);
-
-    const bool fScriptChecks{!!script_check_reason};
-    if (script_check_reason != m_last_script_check_reason_logged) {
-        if (fScriptChecks) {
-            LogInfo("Enabling script verification at block #%d (%s): %s.",
-                    pindex->nHeight, block_hash.ToString(), script_check_reason);
-        } else {
-            LogInfo("Disabling script verification at block #%d (%s).",
-                    pindex->nHeight, block_hash.ToString());
-        }
-        m_last_script_check_reason_logged = script_check_reason;
-    }
-
-    CBlockUndo blockundo;
-
-    // Precomputed transaction data pointers must not be invalidated
-    // until after `control` has run the script checks (potentially
-    // in multiple threads). Preallocate the vector size so a new allocation
-    // doesn't invalidate pointers into the vector, and keep txsdata in scope
-    // for as long as `control`.
-    std::vector<PrecomputedTransactionData> txsdata(block.vtx.size());
-    std::optional<CCheckQueueControl<CScriptCheck>> control;
-    if (auto& queue = m_chainman.GetCheckQueue(); queue.HasThreads() && fScriptChecks) control.emplace(queue);
-
-    std::vector<int> prevheights;
-    CAmount nFees = 0;
-    int nInputs = 0;
-    int64_t nSigOpsCost = 0;
-    blockundo.vtxundo.reserve(block.vtx.size() - 1);
-    for (unsigned int i = 0; i < block.vtx.size(); i++)
-    {
-        if (!state.IsValid()) break;
-        const CTransaction &tx = *(block.vtx[i]);
-
-        nInputs += tx.vin.size();
-
-        if (!tx.IsCoinBase())
-        {
-            CAmount txfee = 0;
-            TxValidationState tx_state;
-            if (!Consensus::CheckTxInputs(tx, tx_state, view, pindex->nHeight, txfee)) {
-                // Any transaction validation failure in ConnectBlock is a block consensus failure
-                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS,
-                              tx_state.GetRejectReason(),
-                              tx_state.GetDebugMessage() + " in transaction " + tx.GetHash().ToString());
-                break;
-            }
-            nFees += txfee;
-            if (!MoneyRange(nFees)) {
-                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-accumulated-fee-outofrange",
-                              "accumulated fee in the block out of range");
-                break;
-            }
-
-            // Check that transaction is BIP68 final
-            // BIP68 lock checks (as opposed to nLockTime checks) must
-            // be in ConnectBlock because they require the UTXO set
-            prevheights.resize(tx.vin.size());
-            for (size_t j = 0; j < tx.vin.size(); j++) {
-                prevheights[j] = view.AccessCoin(tx.vin[j].prevout).nHeight;
-            }
-
-            if (!SequenceLocks(tx, nLockTimeFlags, prevheights, *pindex)) {
-                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal",
-                              "contains a non-BIP68-final transaction " + tx.GetHash().ToString());
-                break;
-            }
-        }
-
-        // GetTransactionSigOpCost counts 3 types of sigops:
-        // * legacy (always)
-        // * p2sh (when P2SH enabled in flags and excludes coinbase)
-        // * witness (when witness enabled in flags and excludes coinbase)
-        nSigOpsCost += GetTransactionSigOpCost(tx, view, flags);
-        if (nSigOpsCost > MAX_BLOCK_SIGOPS_COST) {
-            state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "too many sigops");
-            break;
-        }
-
-        if (!tx.IsCoinBase() && fScriptChecks)
-        {
-            bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
-            bool tx_ok;
-            TxValidationState tx_state;
-            // If CheckInputScripts is called with a pointer to a checks vector, the resulting checks are appended to it. In that case
-            // they need to be added to control which runs them asynchronously. Otherwise, CheckInputScripts runs the checks before returning.
-            if (control) {
-                std::vector<CScriptCheck> vChecks;
-                tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache, &vChecks);
-                if (tx_ok) control->Add(std::move(vChecks));
-            } else {
-                tx_ok = CheckInputScripts(tx, tx_state, view, flags, fCacheResults, fCacheResults, txsdata[i], m_chainman.m_validation_cache);
-            }
-            if (!tx_ok) {
-                // Any transaction validation failure in ConnectBlock is a block consensus failure
-                state.Invalid(BlockValidationResult::BLOCK_CONSENSUS,
-                              tx_state.GetRejectReason(), tx_state.GetDebugMessage());
-                break;
-            }
-        }
-
-        CTxUndo undoDummy;
-        if (i > 0) {
-            blockundo.vtxundo.emplace_back();
-        }
-        UpdateCoins(tx, view, i == 0 ? undoDummy : blockundo.vtxundo.back(), pindex->nHeight);
-    }
-    const auto time_3{SteadyClock::now()};
-    m_chainman.time_connect += time_3 - time_2;
-    LogDebug(BCLog::BENCH, "      - Connect %u transactions: %.2fms (%.3fms/tx, %.3fms/txin) [%.2fs (%.2fms/blk)]\n", (unsigned)block.vtx.size(),
-             Ticks<MillisecondsDouble>(time_3 - time_2), Ticks<MillisecondsDouble>(time_3 - time_2) / block.vtx.size(),
-             nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_3 - time_2) / (nInputs - 1),
-             Ticks<SecondsDouble>(m_chainman.time_connect),
-             Ticks<MillisecondsDouble>(m_chainman.time_connect) / m_chainman.num_blocks_total);
-
-    CAmount blockReward = nFees + GetBlockSubsidy(pindex->nHeight, params.GetConsensus());
-    if (block.vtx[0]->GetValueOut() > blockReward && state.IsValid()) {
-        state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-amount",
-                      strprintf("coinbase pays too much (actual=%d vs limit=%d)", block.vtx[0]->GetValueOut(), blockReward));
-    }
-    if (control) {
-        auto parallel_result = control->Complete();
-        if (parallel_result.has_value() && state.IsValid()) {
-            state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, strprintf("block-script-verify-flag-failed (%s)", ScriptErrorString(parallel_result->first)), parallel_result->second);
-        }
-    }
-    if (!state.IsValid()) {
-        LogInfo("Block validation error: %s", state.ToString());
-        return false;
-    }
-    const auto time_4{SteadyClock::now()};
-    m_chainman.time_verify += time_4 - time_2;
-    LogDebug(BCLog::BENCH, "    - Verify %u txins: %.2fms (%.3fms/txin) [%.2fs (%.2fms/blk)]\n", nInputs - 1,
-             Ticks<MillisecondsDouble>(time_4 - time_2),
-             nInputs <= 1 ? 0 : Ticks<MillisecondsDouble>(time_4 - time_2) / (nInputs - 1),
-             Ticks<SecondsDouble>(m_chainman.time_verify),
-             Ticks<MillisecondsDouble>(m_chainman.time_verify) / m_chainman.num_blocks_total);
-
-    if (fJustCheck) {
-        return true;
-    }
-
-    if (!m_blockman.WriteBlockUndo(blockundo, state, *pindex)) {
-        return false;
-    }
-
-    const auto time_5{SteadyClock::now()};
-    m_chainman.time_undo += time_5 - time_4;
-    LogDebug(BCLog::BENCH, "    - Write undo data: %.2fms [%.2fs (%.2fms/blk)]\n",
-             Ticks<MillisecondsDouble>(time_5 - time_4),
-             Ticks<SecondsDouble>(m_chainman.time_undo),
-             Ticks<MillisecondsDouble>(m_chainman.time_undo) / m_chainman.num_blocks_total);
-
-    if (!pindex->IsValid(BLOCK_VALID_SCRIPTS)) {
-        pindex->RaiseValidity(BLOCK_VALID_SCRIPTS);
-        m_blockman.m_dirty_blockindex.insert(pindex);
-    }
-
-    // add this block to the view's block chain
-    view.SetBestBlock(pindex->GetBlockHash());
-
-    const auto time_6{SteadyClock::now()};
-    m_chainman.time_index += time_6 - time_5;
-    LogDebug(BCLog::BENCH, "    - Index writing: %.2fms [%.2fs (%.2fms/blk)]\n",
-             Ticks<MillisecondsDouble>(time_6 - time_5),
-             Ticks<SecondsDouble>(m_chainman.time_index),
-             Ticks<MillisecondsDouble>(m_chainman.time_index) / m_chainman.num_blocks_total);
-
-    TRACEPOINT(validation, block_connected,
-        block_hash.data(),
-        pindex->nHeight,
-        block.vtx.size(),
-        nInputs,
-        nSigOpsCost,
-        Ticks<std::chrono::nanoseconds>(time_5 - time_start)
-    );
-
-    return true;
-}
 
 CoinsCacheSizeState Chainstate::GetCoinsCacheSizeState()
 {
@@ -1133,7 +510,7 @@ bool Chainstate::DisconnectTip(BlockValidationState& state, DisconnectedBlockTra
     {
         CCoinsViewCache view(&CoinsTip());
         assert(view.GetBestBlock() == pindexDelete->GetBlockHash());
-        if (DisconnectBlock(block, pindexDelete, view) != DISCONNECT_OK) {
+        if (DisconnectBlock(*this, block, pindexDelete, view) != DISCONNECT_OK) {
             LogError("DisconnectTip(): DisconnectBlock %s failed\n", pindexDelete->GetBlockHash().ToString());
             return false;
         }
@@ -1221,7 +598,7 @@ bool Chainstate::ConnectTip(
     {
         CCoinsViewCache& view{*m_coins_views->m_connect_block_view};
         const auto reset_guard{view.CreateResetGuard()};
-        bool rv = ConnectBlock(*block_to_connect, state, pindexNew, view);
+        bool rv = ConnectBlock(*this, *block_to_connect, state, pindexNew, view);
         if (m_chainman.m_options.signals) {
             m_chainman.m_options.signals->BlockChecked(block_to_connect, state);
         }
@@ -1480,7 +857,7 @@ bool ChainstateManager::NotifyHeaderTip()
     return fNotify;
 }
 
-static void LimitValidationInterfaceQueue(ValidationSignals& signals) LOCKS_EXCLUDED(cs_main) {
+void LimitValidationInterfaceQueue(ValidationSignals& signals) LOCKS_EXCLUDED(cs_main) {
     AssertLockNotHeld(cs_main);
 
     if (signals.CallbacksPending() > 10) {
@@ -1930,701 +1307,10 @@ void ChainstateManager::ReceivedBlockTransactions(const CBlock& block, CBlockInd
     }
 }
 
-static bool CheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true)
-{
-    // Check proof of work matches claimed amount
-    if (fCheckPOW && !CheckProofOfWork(block.GetHash(), block.nBits, consensusParams))
-        return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "high-hash", "proof of work failed");
-
-    return true;
-}
-
-static bool CheckMerkleRoot(const CBlock& block, BlockValidationState& state)
-{
-    if (block.m_checked_merkle_root) return true;
-
-    bool mutated;
-    uint256 merkle_root = BlockMerkleRoot(block, &mutated);
-    if (block.hashMerkleRoot != merkle_root) {
-        return state.Invalid(
-            /*result=*/BlockValidationResult::BLOCK_MUTATED,
-            /*reject_reason=*/"bad-txnmrklroot",
-            /*debug_message=*/"hashMerkleRoot mismatch");
-    }
-
-    // Check for merkle tree malleability (CVE-2012-2459): repeating sequences
-    // of transactions in a block without affecting the merkle root of a block,
-    // while still invalidating it.
-    if (mutated) {
-        return state.Invalid(
-            /*result=*/BlockValidationResult::BLOCK_MUTATED,
-            /*reject_reason=*/"bad-txns-duplicate",
-            /*debug_message=*/"duplicate transaction");
-    }
-
-    block.m_checked_merkle_root = true;
-    return true;
-}
-
-/** CheckWitnessMalleation performs checks for block malleation with regard to
- * its witnesses.
- *
- * Note: If the witness commitment is expected (i.e. `expect_witness_commitment
- * = true`), then the block is required to have at least one transaction and the
- * first transaction needs to have at least one input. */
-static bool CheckWitnessMalleation(const CBlock& block, bool expect_witness_commitment, BlockValidationState& state)
-{
-    if (expect_witness_commitment) {
-        if (block.m_checked_witness_commitment) return true;
-
-        int commitpos = GetWitnessCommitmentIndex(block);
-        if (commitpos != NO_WITNESS_COMMITMENT) {
-            assert(!block.vtx.empty() && !block.vtx[0]->vin.empty());
-            const auto& witness_stack{block.vtx[0]->vin[0].scriptWitness.stack};
-
-            if (witness_stack.size() != 1 || witness_stack[0].size() != 32) {
-                return state.Invalid(
-                    /*result=*/BlockValidationResult::BLOCK_MUTATED,
-                    /*reject_reason=*/"bad-witness-nonce-size",
-                    /*debug_message=*/strprintf("%s : invalid witness reserved value size", __func__));
-            }
-
-            // The malleation check is ignored; as the transaction tree itself
-            // already does not permit it, it is impossible to trigger in the
-            // witness tree.
-            uint256 hash_witness = BlockWitnessMerkleRoot(block);
-
-            CHash256().Write(hash_witness).Write(witness_stack[0]).Finalize(hash_witness);
-            if (memcmp(hash_witness.begin(), &block.vtx[0]->vout[commitpos].scriptPubKey[6], 32)) {
-                return state.Invalid(
-                    /*result=*/BlockValidationResult::BLOCK_MUTATED,
-                    /*reject_reason=*/"bad-witness-merkle-match",
-                    /*debug_message=*/strprintf("%s : witness merkle commitment mismatch", __func__));
-            }
-
-            block.m_checked_witness_commitment = true;
-            return true;
-        }
-    }
-
-    // No witness data is allowed in blocks that don't commit to witness data, as this would otherwise leave room for spam
-    for (const auto& tx : block.vtx) {
-        if (tx->HasWitness()) {
-            return state.Invalid(
-                /*result=*/BlockValidationResult::BLOCK_MUTATED,
-                /*reject_reason=*/"unexpected-witness",
-                /*debug_message=*/strprintf("%s : unexpected witness data found", __func__));
-        }
-    }
-
-    return true;
-}
-
-bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
-{
-    // These are checks that are independent of context.
-
-    if (block.fChecked)
-        return true;
-
-    // Check that the header is valid (particularly PoW).  This is mostly
-    // redundant with the call in AcceptBlockHeader.
-    if (!CheckBlockHeader(block, state, consensusParams, fCheckPOW))
-        return false;
-
-    // Signet only: check block solution
-    if (consensusParams.signet_blocks && fCheckPOW && !CheckSignetBlockSolution(block, consensusParams)) {
-        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-signet-blksig", "signet block signature validation failure");
-    }
-
-    // Check the merkle root.
-    if (fCheckMerkleRoot && !CheckMerkleRoot(block, state)) {
-        return false;
-    }
-
-    // All potential-corruption validation must be done before we do any
-    // transaction validation, as otherwise we may mark the header as invalid
-    // because we receive the wrong transactions for it.
-    // Note that witness malleability is checked in ContextualCheckBlock, so no
-    // checks that use witness data may be performed here.
-
-    // Size limits
-    if (block.vtx.empty() || block.vtx.size() * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT || ::GetSerializeSize(TX_NO_WITNESS(block)) * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT)
-        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-length", "size limits failed");
-
-    // First transaction must be coinbase, the rest must not be
-    if (block.vtx.empty() || !block.vtx[0]->IsCoinBase())
-        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-missing", "first tx is not coinbase");
-    for (unsigned int i = 1; i < block.vtx.size(); i++)
-        if (block.vtx[i]->IsCoinBase())
-            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-multiple", "more than one coinbase");
-
-    // Check transactions
-    // Must check for duplicate inputs (see CVE-2018-17144)
-    for (const auto& tx : block.vtx) {
-        TxValidationState tx_state;
-        if (!CheckTransaction(*tx, tx_state)) {
-            // CheckBlock() does context-free validation checks. The only
-            // possible failures are consensus failures.
-            assert(tx_state.GetResult() == TxValidationResult::TX_CONSENSUS);
-            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, tx_state.GetRejectReason(),
-                                 strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), tx_state.GetDebugMessage()));
-        }
-    }
-    // This underestimates the number of sigops, because unlike ConnectBlock it
-    // does not count witness and p2sh sigops.
-    unsigned int nSigOps = 0;
-    for (const auto& tx : block.vtx)
-    {
-        nSigOps += GetLegacySigOpCount(*tx);
-    }
-    if (nSigOps * WITNESS_SCALE_FACTOR > MAX_BLOCK_SIGOPS_COST)
-        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-sigops", "out-of-bounds SigOpCount");
-
-    if (fCheckPOW && fCheckMerkleRoot)
-        block.fChecked = true;
-
-    return true;
-}
-
-void ChainstateManager::UpdateUncommittedBlockStructures(CBlock& block, const CBlockIndex* pindexPrev) const
-{
-    int commitpos = GetWitnessCommitmentIndex(block);
-    static const std::vector<unsigned char> nonce(32, 0x00);
-    if (commitpos != NO_WITNESS_COMMITMENT && DeploymentActiveAfter(pindexPrev, *this, Consensus::DEPLOYMENT_SEGWIT) && !block.vtx[0]->HasWitness()) {
-        CMutableTransaction tx(*block.vtx[0]);
-        tx.vin[0].scriptWitness.stack.resize(1);
-        tx.vin[0].scriptWitness.stack[0] = nonce;
-        block.vtx[0] = MakeTransactionRef(std::move(tx));
-    }
-}
-
-void ChainstateManager::GenerateCoinbaseCommitment(CBlock& block, const CBlockIndex* pindexPrev) const
-{
-    int commitpos = GetWitnessCommitmentIndex(block);
-    std::vector<unsigned char> ret(32, 0x00);
-    if (commitpos == NO_WITNESS_COMMITMENT) {
-        uint256 witnessroot = BlockWitnessMerkleRoot(block);
-        CHash256().Write(witnessroot).Write(ret).Finalize(witnessroot);
-        CTxOut out;
-        out.nValue = 0;
-        out.scriptPubKey.resize(MINIMUM_WITNESS_COMMITMENT);
-        out.scriptPubKey[0] = OP_RETURN;
-        out.scriptPubKey[1] = 0x24;
-        out.scriptPubKey[2] = 0xaa;
-        out.scriptPubKey[3] = 0x21;
-        out.scriptPubKey[4] = 0xa9;
-        out.scriptPubKey[5] = 0xed;
-        memcpy(&out.scriptPubKey[6], witnessroot.begin(), 32);
-        CMutableTransaction tx(*block.vtx[0]);
-        tx.vout.push_back(out);
-        block.vtx[0] = MakeTransactionRef(std::move(tx));
-    }
-    UpdateUncommittedBlockStructures(block, pindexPrev);
-}
-
-bool HasValidProofOfWork(std::span<const CBlockHeader> headers, const Consensus::Params& consensusParams)
-{
-    return std::ranges::all_of(headers,
-                               [&](const auto& header) { return CheckProofOfWork(header.GetHash(), header.nBits, consensusParams); });
-}
-
-bool IsBlockMutated(const CBlock& block, bool check_witness_root)
-{
-    BlockValidationState state;
-    if (!CheckMerkleRoot(block, state)) {
-        LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
-        return true;
-    }
-
-    if (block.vtx.empty() || !block.vtx[0]->IsCoinBase()) {
-        // Consider the block mutated if any transaction is 64 bytes in size (see 3.1
-        // in "Weaknesses in Bitcoin’s Merkle Root Construction":
-        // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190225/a27d8837/attachment-0001.pdf).
-        //
-        // Note: This is not a consensus change as this only applies to blocks that
-        // don't have a coinbase transaction and would therefore already be invalid.
-        return std::any_of(block.vtx.begin(), block.vtx.end(),
-                           [](auto& tx) { return GetSerializeSize(TX_NO_WITNESS(tx)) == 64; });
-    } else {
-        // Theoretically it is still possible for a block with a 64 byte
-        // coinbase transaction to be mutated but we neglect that possibility
-        // here as it requires at least 224 bits of work.
-    }
-
-    if (!CheckWitnessMalleation(block, check_witness_root, state)) {
-        LogDebug(BCLog::VALIDATION, "Block mutated: %s\n", state.ToString());
-        return true;
-    }
-
-    return false;
-}
-
-arith_uint256 CalculateClaimedHeadersWork(std::span<const CBlockHeader> headers)
-{
-    arith_uint256 total_work{0};
-    for (const CBlockHeader& header : headers) {
-        total_work += GetBlockProof(header);
-    }
-    return total_work;
-}
-
-/** Context-dependent validity checks.
- *  By "context", we mean only the previous block headers, but not the UTXO
- *  set; UTXO-related validity checks are done in ConnectBlock().
- *  NOTE: This function is not currently invoked by ConnectBlock(), so we
- *  should consider upgrade issues if we change which consensus rules are
- *  enforced in this function (eg by adding a new consensus rule). See comment
- *  in ConnectBlock().
- *  Note that -reindex-chainstate skips the validation that happens here!
- *
- *  NOTE: failing to check the header's height against the last checkpoint's opened a DoS vector between
- *  v0.12 and v0.15 (when no additional protection was in place) whereby an attacker could unboundedly
- *  grow our in-memory block index. See https://bitcoincore.org/en/2024/07/03/disclose-header-spam.
- */
-static bool ContextualCheckBlockHeader(const CBlockHeader& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev) EXCLUSIVE_LOCKS_REQUIRED(::cs_main)
-{
-    AssertLockHeld(::cs_main);
-    assert(pindexPrev != nullptr);
-    const int nHeight = pindexPrev->nHeight + 1;
-
-    // Check proof of work
-    const Consensus::Params& consensusParams = chainman.GetConsensus();
-    if (block.nBits != GetNextWorkRequired(pindexPrev, &block, consensusParams))
-        return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "bad-diffbits", "incorrect proof of work");
-
-    // Check timestamp against prev
-    if (block.GetBlockTime() <= pindexPrev->GetMedianTimePast())
-        return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-too-old", "block's timestamp is too early");
-
-    // Testnet4 and regtest only: Check timestamp against prev for difficulty-adjustment
-    // blocks to prevent timewarp attacks (see https://github.com/bitcoin/bitcoin/pull/15482).
-    if (consensusParams.enforce_BIP94) {
-        // Check timestamp for the first block of each difficulty adjustment
-        // interval, except the genesis block.
-        if (nHeight % consensusParams.DifficultyAdjustmentInterval() == 0) {
-            if (block.GetBlockTime() < pindexPrev->GetBlockTime() - MAX_TIMEWARP) {
-                return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, "time-timewarp-attack", "block's timestamp is too early on diff adjustment block");
-            }
-        }
-    }
-
-    // Check timestamp
-    if (block.Time() > NodeClock::now() + std::chrono::seconds{MAX_FUTURE_BLOCK_TIME}) {
-        return state.Invalid(BlockValidationResult::BLOCK_TIME_FUTURE, "time-too-new", "block timestamp too far in the future");
-    }
-
-    // Reject blocks with outdated version
-    if ((block.nVersion < 2 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB)) ||
-        (block.nVersion < 3 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_DERSIG)) ||
-        (block.nVersion < 4 && DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CLTV))) {
-            return state.Invalid(BlockValidationResult::BLOCK_INVALID_HEADER, strprintf("bad-version(0x%08x)", block.nVersion),
-                                 strprintf("rejected nVersion=0x%08x block", block.nVersion));
-    }
-
-    return true;
-}
-
-/** NOTE: This function is not currently invoked by ConnectBlock(), so we
- *  should consider upgrade issues if we change which consensus rules are
- *  enforced in this function (eg by adding a new consensus rule). See comment
- *  in ConnectBlock().
- *  Note that -reindex-chainstate skips the validation that happens here!
- */
-static bool ContextualCheckBlock(const CBlock& block, BlockValidationState& state, const ChainstateManager& chainman, const CBlockIndex* pindexPrev)
-{
-    const int nHeight = pindexPrev == nullptr ? 0 : pindexPrev->nHeight + 1;
 
-    // Enforce BIP113 (Median Time Past).
-    bool enforce_locktime_median_time_past{false};
-    if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_CSV)) {
-        assert(pindexPrev != nullptr);
-        enforce_locktime_median_time_past = true;
-    }
 
-    const int64_t nLockTimeCutoff{enforce_locktime_median_time_past ?
-                                      pindexPrev->GetMedianTimePast() :
-                                      block.GetBlockTime()};
 
-    // Check that all transactions are finalized
-    for (const auto& tx : block.vtx) {
-        if (!IsFinalTx(*tx, nHeight, nLockTimeCutoff)) {
-            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-txns-nonfinal", "non-final transaction");
-        }
-    }
 
-    // Enforce rule that the coinbase starts with serialized block height
-    if (DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_HEIGHTINCB))
-    {
-        CScript expect = CScript() << nHeight;
-        if (block.vtx[0]->vin[0].scriptSig.size() < expect.size() ||
-            !std::equal(expect.begin(), expect.end(), block.vtx[0]->vin[0].scriptSig.begin())) {
-            return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-cb-height", "block height mismatch in coinbase");
-        }
-    }
-
-    // Validation for witness commitments.
-    // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the
-    //   coinbase (where 0x0000....0000 is used instead).
-    // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness reserved value (unconstrained).
-    // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header).
-    // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are
-    //   {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness reserved value). In case there are
-    //   multiple, the last one is used.
-    if (!CheckWitnessMalleation(block, DeploymentActiveAfter(pindexPrev, chainman, Consensus::DEPLOYMENT_SEGWIT), state)) {
-        return false;
-    }
-
-    // After the coinbase witness reserved value and commitment are verified,
-    // we can check if the block weight passes (before we've checked the
-    // coinbase witness, it would be possible for the weight to be too
-    // large by filling up the coinbase witness, which doesn't change
-    // the block hash, so we couldn't mark the block as permanently
-    // failed).
-    if (GetBlockWeight(block) > MAX_BLOCK_WEIGHT) {
-        return state.Invalid(BlockValidationResult::BLOCK_CONSENSUS, "bad-blk-weight", strprintf("%s : weight limit failed", __func__));
-    }
-
-    return true;
-}
-
-bool ChainstateManager::AcceptBlockHeader(const CBlockHeader& block, BlockValidationState& state, CBlockIndex** ppindex, bool min_pow_checked)
-{
-    AssertLockHeld(cs_main);
-
-    // Check for duplicate
-    uint256 hash = block.GetHash();
-    BlockMap::iterator miSelf{m_blockman.m_block_index.find(hash)};
-    if (hash != GetConsensus().hashGenesisBlock) {
-        if (miSelf != m_blockman.m_block_index.end()) {
-            // Block header is already known.
-            CBlockIndex* pindex = &(miSelf->second);
-            if (ppindex)
-                *ppindex = pindex;
-            if (pindex->nStatus & BLOCK_FAILED_VALID) {
-                LogDebug(BCLog::VALIDATION, "%s: block %s is marked invalid\n", __func__, hash.ToString());
-                return state.Invalid(BlockValidationResult::BLOCK_CACHED_INVALID, "duplicate-invalid",
-                                     strprintf("block %s was previously marked invalid", hash.ToString()));
-            }
-            return true;
-        }
-
-        if (!CheckBlockHeader(block, state, GetConsensus())) {
-            LogDebug(BCLog::VALIDATION, "%s: Consensus::CheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
-            return false;
-        }
-
-        // Get prev block index
-        CBlockIndex* pindexPrev = nullptr;
-        BlockMap::iterator mi{m_blockman.m_block_index.find(block.hashPrevBlock)};
-        if (mi == m_blockman.m_block_index.end()) {
-            LogDebug(BCLog::VALIDATION, "header %s has prev block not found: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
-            return state.Invalid(BlockValidationResult::BLOCK_MISSING_PREV, "prev-blk-not-found");
-        }
-        pindexPrev = &((*mi).second);
-        if (pindexPrev->nStatus & BLOCK_FAILED_VALID) {
-            LogDebug(BCLog::VALIDATION, "header %s has prev block invalid: %s\n", hash.ToString(), block.hashPrevBlock.ToString());
-            return state.Invalid(BlockValidationResult::BLOCK_INVALID_PREV, "bad-prevblk");
-        }
-        if (!ContextualCheckBlockHeader(block, state, *this, pindexPrev)) {
-            LogDebug(BCLog::VALIDATION, "%s: Consensus::ContextualCheckBlockHeader: %s, %s\n", __func__, hash.ToString(), state.ToString());
-            return false;
-        }
-    }
-    if (!min_pow_checked) {
-        LogDebug(BCLog::VALIDATION, "%s: not adding new block header %s, missing anti-dos proof-of-work validation\n", __func__, hash.ToString());
-        return state.Invalid(BlockValidationResult::BLOCK_HEADER_LOW_WORK, "too-little-chainwork");
-    }
-    CBlockIndex* pindex{m_blockman.AddToBlockIndex(block, m_best_header)};
-
-    if (ppindex)
-        *ppindex = pindex;
-
-    return true;
-}
-
-// Exposed wrapper for AcceptBlockHeader
-bool ChainstateManager::ProcessNewBlockHeaders(std::span<const CBlockHeader> headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex)
-{
-    AssertLockNotHeld(cs_main);
-    {
-        LOCK(cs_main);
-        for (const CBlockHeader& header : headers) {
-            CBlockIndex *pindex = nullptr; // Use a temp pindex instead of ppindex to avoid a const_cast
-            bool accepted{AcceptBlockHeader(header, state, &pindex, min_pow_checked)};
-            CheckBlockIndex();
-
-            if (!accepted) {
-                return false;
-            }
-            if (ppindex) {
-                *ppindex = pindex;
-            }
-        }
-    }
-    if (NotifyHeaderTip()) {
-        if (IsInitialBlockDownload() && ppindex && *ppindex) {
-            const CBlockIndex& last_accepted{**ppindex};
-            int64_t blocks_left{(NodeClock::now() - last_accepted.Time()) / GetConsensus().PowTargetSpacing()};
-            blocks_left = std::max<int64_t>(0, blocks_left);
-            const double progress{100.0 * last_accepted.nHeight / (last_accepted.nHeight + blocks_left)};
-            LogInfo("Synchronizing blockheaders, height: %d (~%.2f%%)\n", last_accepted.nHeight, progress);
-        }
-    }
-    return true;
-}
-
-void ChainstateManager::ReportHeadersPresync(int64_t height, int64_t timestamp)
-{
-    AssertLockNotHeld(GetMutex());
-    {
-        LOCK(GetMutex());
-        // Don't report headers presync progress if we already have a post-minchainwork header chain.
-        // This means we lose reporting for potentially legitimate, but unlikely, deep reorgs, but
-        // prevent attackers that spam low-work headers from filling our logs.
-        if (m_best_header->nChainWork >= UintToArith256(GetConsensus().nMinimumChainWork)) return;
-        // Rate limit headers presync updates to 4 per second, as these are not subject to DoS
-        // protection.
-        auto now = MockableSteadyClock::now();
-        if (now < m_last_presync_update + std::chrono::milliseconds{250}) return;
-        m_last_presync_update = now;
-    }
-    bool initial_download = IsInitialBlockDownload();
-    GetNotifications().headerTip(GetSynchronizationState(initial_download, m_blockman.m_blockfiles_indexed), height, timestamp, /*presync=*/true);
-    if (initial_download) {
-        int64_t blocks_left{(NodeClock::now() - NodeSeconds{std::chrono::seconds{timestamp}}) / GetConsensus().PowTargetSpacing()};
-        blocks_left = std::max<int64_t>(0, blocks_left);
-        const double progress{100.0 * height / (height + blocks_left)};
-        LogInfo("Pre-synchronizing blockheaders, height: %d (~%.2f%%)\n", height, progress);
-    }
-}
-
-/** Store block on disk. If dbp is non-nullptr, the file is known to already reside on disk */
-bool ChainstateManager::AcceptBlock(const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked)
-{
-    const CBlock& block = *pblock;
-
-    if (fNewBlock) *fNewBlock = false;
-    AssertLockHeld(cs_main);
-
-    CBlockIndex *pindexDummy = nullptr;
-    CBlockIndex *&pindex = ppindex ? *ppindex : pindexDummy;
-
-    bool accepted_header{AcceptBlockHeader(block, state, &pindex, min_pow_checked)};
-    CheckBlockIndex();
-
-    if (!accepted_header)
-        return false;
-
-    // Check all requested blocks that we do not already have for validity and
-    // save them to disk. Skip processing of unrequested blocks as an anti-DoS
-    // measure, unless the blocks have more work than the active chain tip, and
-    // aren't too far ahead of it, so are likely to be attached soon.
-    bool fAlreadyHave = pindex->nStatus & BLOCK_HAVE_DATA;
-    bool fHasMoreOrSameWork = (ActiveTip() ? pindex->nChainWork >= ActiveTip()->nChainWork : true);
-    // Blocks that are too out-of-order needlessly limit the effectiveness of
-    // pruning, because pruning will not delete block files that contain any
-    // blocks which are too close in height to the tip.  Apply this test
-    // regardless of whether pruning is enabled; it should generally be safe to
-    // not process unrequested blocks.
-    bool fTooFarAhead{pindex->nHeight > ActiveHeight() + int(MIN_BLOCKS_TO_KEEP)};
-
-    // TODO: Decouple this function from the block download logic by removing fRequested
-    // This requires some new chain data structure to efficiently look up if a
-    // block is in a chain leading to a candidate for best tip, despite not
-    // being such a candidate itself.
-    // Note that this would break the getblockfrompeer RPC
-
-    // TODO: deal better with return value and error conditions for duplicate
-    // and unrequested blocks.
-    if (fAlreadyHave) return true;
-    if (!fRequested) {  // If we didn't ask for it:
-        if (pindex->nTx != 0) return true;    // This is a previously-processed block that was pruned
-        if (!fHasMoreOrSameWork) return true; // Don't process less-work chains
-        if (fTooFarAhead) return true;        // Block height is too high
-
-        // Protect against DoS attacks from low-work chains.
-        // If our tip is behind, a peer could try to send us
-        // low-work blocks on a fake chain that we would never
-        // request; don't process these.
-        if (pindex->nChainWork < MinimumChainWork()) return true;
-    }
-
-    const CChainParams& params{GetParams()};
-
-    if (!CheckBlock(block, state, params.GetConsensus()) ||
-        !ContextualCheckBlock(block, state, *this, pindex->pprev)) {
-        if (Assume(state.IsInvalid())) {
-            ActiveChainstate().InvalidBlockFound(pindex, state);
-        }
-        LogError("%s: %s\n", __func__, state.ToString());
-        return false;
-    }
-
-    // Header is valid/has work, merkle tree and segwit merkle tree are good...RELAY NOW
-    // (but if it does not build on our best tip, let the SendMessages loop relay it)
-    if (!IsInitialBlockDownload() && ActiveTip() == pindex->pprev && m_options.signals) {
-        m_options.signals->NewPoWValidBlock(pindex, pblock);
-    }
-
-    // Write block to history file
-    if (fNewBlock) *fNewBlock = true;
-    try {
-        FlatFilePos blockPos{};
-        if (dbp) {
-            blockPos = *dbp;
-            m_blockman.UpdateBlockInfo(block, pindex->nHeight, blockPos);
-        } else {
-            blockPos = m_blockman.WriteBlock(block, pindex->nHeight);
-            if (blockPos.IsNull()) {
-                state.Error(strprintf("%s: Failed to find position to write new block to disk", __func__));
-                return false;
-            }
-        }
-        ReceivedBlockTransactions(block, pindex, blockPos);
-    } catch (const std::runtime_error& e) {
-        return FatalError(GetNotifications(), state, strprintf(_("System error while saving block to disk: %s"), e.what()));
-    }
-
-    // TODO: FlushStateToDisk() handles flushing of both block and chainstate
-    // data, so we should move this to ChainstateManager so that we can be more
-    // intelligent about how we flush.
-    // For now, since FlushStateMode::NONE is used, all that can happen is that
-    // the block files may be pruned, so we can just call this on one
-    // chainstate (particularly if we haven't implemented pruning with
-    // background validation yet).
-    ActiveChainstate().FlushStateToDisk(state, FlushStateMode::NONE);
-
-    CheckBlockIndex();
-
-    return true;
-}
-
-bool ChainstateManager::ProcessNewBlock(const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block)
-{
-    AssertLockNotHeld(cs_main);
-
-    {
-        CBlockIndex *pindex = nullptr;
-        if (new_block) *new_block = false;
-        BlockValidationState state;
-
-        // CheckBlock() does not support multi-threaded block validation because CBlock::fChecked can cause data race.
-        // Therefore, the following critical section must include the CheckBlock() call as well.
-        LOCK(cs_main);
-
-        // Skipping AcceptBlock() for CheckBlock() failures means that we will never mark a block as invalid if
-        // CheckBlock() fails.  This is protective against consensus failure if there are any unknown forms of block
-        // malleability that cause CheckBlock() to fail; see e.g. CVE-2012-2459 and
-        // https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016697.html.  Because CheckBlock() is
-        // not very expensive, the anti-DoS benefits of caching failure (of a definitely-invalid block) are not substantial.
-        bool ret = CheckBlock(*block, state, GetConsensus());
-        if (ret) {
-            // Store to disk
-            ret = AcceptBlock(block, state, &pindex, force_processing, nullptr, new_block, min_pow_checked);
-        }
-        if (!ret) {
-            if (m_options.signals) {
-                m_options.signals->BlockChecked(block, state);
-            }
-            LogError("%s: AcceptBlock FAILED (%s)\n", __func__, state.ToString());
-            return false;
-        }
-    }
-
-    NotifyHeaderTip();
-
-    BlockValidationState state; // Only used to report errors, not invalidity - ignore it
-    if (!ActiveChainstate().ActivateBestChain(state, block)) {
-        LogError("%s: ActivateBestChain failed (%s)\n", __func__, state.ToString());
-        return false;
-    }
-
-    return true;
-}
-
-BlockValidationState TestBlockValidity(
-    Chainstate& chainstate,
-    const CBlock& block,
-    const bool check_pow,
-    const bool check_merkle_root)
-{
-    // Lock must be held throughout this function for two reasons:
-    // 1. We don't want the tip to change during several of the validation steps
-    // 2. To prevent a CheckBlock() race condition for fChecked, see ProcessNewBlock()
-    AssertLockHeld(chainstate.m_chainman.GetMutex());
-
-    BlockValidationState state;
-    CBlockIndex* tip{Assert(chainstate.m_chain.Tip())};
-
-    if (block.hashPrevBlock != *Assert(tip->phashBlock)) {
-        state.Invalid({}, "inconclusive-not-best-prevblk");
-        return state;
-    }
-
-    // For signets CheckBlock() verifies the challenge iff fCheckPow is set.
-    if (!CheckBlock(block, state, chainstate.m_chainman.GetConsensus(), /*fCheckPow=*/check_pow, /*fCheckMerkleRoot=*/check_merkle_root)) {
-        // This should never happen, but belt-and-suspenders don't approve the
-        // block if it does.
-        if (state.IsValid()) NONFATAL_UNREACHABLE();
-        return state;
-    }
-
-    /**
-     * At this point ProcessNewBlock would call AcceptBlock(), but we
-     * don't want to store the block or its header. Run individual checks
-     * instead:
-     * - skip AcceptBlockHeader() because:
-     *   - we don't want to update the block index
-     *   - we do not care about duplicates
-     *   - we already ran CheckBlockHeader() via CheckBlock()
-     *   - we already checked for prev-blk-not-found
-     *   - we know the tip is valid, so no need to check bad-prevblk
-     * - we already ran CheckBlock()
-     * - do run ContextualCheckBlockHeader()
-     * - do run ContextualCheckBlock()
-     */
-
-    if (!ContextualCheckBlockHeader(block, state, chainstate.m_chainman, tip)) {
-        if (state.IsValid()) NONFATAL_UNREACHABLE();
-        return state;
-    }
-
-    if (!ContextualCheckBlock(block, state, chainstate.m_chainman, tip)) {
-        if (state.IsValid()) NONFATAL_UNREACHABLE();
-        return state;
-    }
-
-    // We don't want ConnectBlock to update the actual chainstate, so create
-    // a cache on top of it, along with a dummy block index.
-    CBlockIndex index_dummy{block};
-    uint256 block_hash(block.GetHash());
-    index_dummy.pprev = tip;
-    index_dummy.nHeight = tip->nHeight + 1;
-    index_dummy.phashBlock = &block_hash;
-    CCoinsViewCache view_dummy(&chainstate.CoinsTip());
-
-    // Set fJustCheck to true in order to update, and not clear, validation caches.
-    if(!chainstate.ConnectBlock(block, state, &index_dummy, view_dummy, /*fJustCheck=*/true)) {
-        if (state.IsValid()) NONFATAL_UNREACHABLE();
-        return state;
-    }
-
-    // Ensure no check returned successfully while also setting an invalid state.
-    if (!state.IsValid()) NONFATAL_UNREACHABLE();
-
-    return state;
-}
-
-/* This function is called from the RPC code for pruneblockchain */
-void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight)
-{
-    BlockValidationState state;
-    if (!active_chainstate.FlushStateToDisk(
-            state, FlushStateMode::NONE, nManualPruneHeight)) {
-        LogWarning("Failed to flush state after manual prune (%s)", state.ToString());
-    }
-}
 
 bool Chainstate::LoadChainTip()
 {
@@ -2678,262 +1364,7 @@ bool Chainstate::LoadChainTip()
     return true;
 }
 
-CVerifyDB::CVerifyDB(Notifications& notifications)
-    : m_notifications{notifications}
-{
-    m_notifications.progress(_("Verifying blocks…"), 0, false);
-}
-
-CVerifyDB::~CVerifyDB()
-{
-    m_notifications.progress(bilingual_str{}, 100, false);
-}
-
-VerifyDBResult CVerifyDB::VerifyDB(
-    Chainstate& chainstate,
-    const Consensus::Params& consensus_params,
-    CCoinsView& coinsview,
-    int nCheckLevel, int nCheckDepth)
-{
-    AssertLockHeld(cs_main);
-
-    if (chainstate.m_chain.Tip() == nullptr || chainstate.m_chain.Tip()->pprev == nullptr) {
-        return VerifyDBResult::SUCCESS;
-    }
-
-    // Verify blocks in the best chain
-    if (nCheckDepth <= 0 || nCheckDepth > chainstate.m_chain.Height()) {
-        nCheckDepth = chainstate.m_chain.Height();
-    }
-    nCheckLevel = std::max(0, std::min(4, nCheckLevel));
-    LogInfo("Verifying last %i blocks at level %i", nCheckDepth, nCheckLevel);
-    CCoinsViewCache coins(&coinsview);
-    CBlockIndex* pindex;
-    CBlockIndex* pindexFailure = nullptr;
-    int nGoodTransactions = 0;
-    BlockValidationState state;
-    int reportDone = 0;
-    bool skipped_no_block_data{false};
-    bool skipped_l3_checks{false};
-    LogInfo("Verification progress: 0%%");
-
-    for (pindex = chainstate.m_chain.Tip(); pindex && pindex->pprev; pindex = pindex->pprev) {
-        const int percentageDone = std::max(1, std::min(99, (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * (nCheckLevel >= 4 ? 50 : 100))));
-        if (reportDone < percentageDone / 10) {
-            // report every 10% step
-            LogInfo("Verification progress: %d%%", percentageDone);
-            reportDone = percentageDone / 10;
-        }
-        m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
-        if (pindex->nHeight <= chainstate.m_chain.Height() - nCheckDepth) {
-            break;
-        }
-        if (chainstate.m_blockman.IsPruneMode() && !(pindex->nStatus & BLOCK_HAVE_DATA)) {
-            // If pruning, only go back as far as we have data.
-            LogInfo("Block verification stopping at height %d (no data). This could be due to pruning.", pindex->nHeight);
-            skipped_no_block_data = true;
-            break;
-        }
-        CBlock block;
-        // check level 0: read from disk
-        if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
-            LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
-            return VerifyDBResult::CORRUPTED_BLOCK_DB;
-        }
-        // check level 1: verify block validity
-        if (nCheckLevel >= 1 && !CheckBlock(block, state, consensus_params)) {
-            LogError("Verification error: found bad block at %d, hash=%s (%s)",
-                      pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
-            return VerifyDBResult::CORRUPTED_BLOCK_DB;
-        }
-        // check level 2: verify undo validity
-        if (nCheckLevel >= 2 && pindex) {
-            CBlockUndo undo;
-            if (!pindex->GetUndoPos().IsNull()) {
-                if (!chainstate.m_blockman.ReadBlockUndo(undo, *pindex)) {
-                    LogError("Verification error: found bad undo data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
-                    return VerifyDBResult::CORRUPTED_BLOCK_DB;
-                }
-            }
-        }
-        // check level 3: check for inconsistencies during memory-only disconnect of tip blocks
-        size_t curr_coins_usage = coins.DynamicMemoryUsage() + chainstate.CoinsTip().DynamicMemoryUsage();
-
-        if (nCheckLevel >= 3) {
-            if (curr_coins_usage <= chainstate.m_coinstip_cache_size_bytes) {
-                assert(coins.GetBestBlock() == pindex->GetBlockHash());
-                DisconnectResult res = chainstate.DisconnectBlock(block, pindex, coins);
-                if (res == DISCONNECT_FAILED) {
-                    LogError("Verification error: irrecoverable inconsistency in block data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
-                    return VerifyDBResult::CORRUPTED_BLOCK_DB;
-                }
-                if (res == DISCONNECT_UNCLEAN) {
-                    nGoodTransactions = 0;
-                    pindexFailure = pindex;
-                } else {
-                    nGoodTransactions += block.vtx.size();
-                }
-            } else {
-                skipped_l3_checks = true;
-            }
-        }
-        if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
-    }
-    if (pindexFailure) {
-        LogError("Verification error: coin database inconsistencies found (last %i blocks, %i good transactions before that)", chainstate.m_chain.Height() - pindexFailure->nHeight + 1, nGoodTransactions);
-        return VerifyDBResult::CORRUPTED_BLOCK_DB;
-    }
-    if (skipped_l3_checks) {
-        LogWarning("Skipped verification of level >=3 (insufficient database cache size). Consider increasing -dbcache.");
-    }
-
-    // store block count as we move pindex at check level >= 4
-    int block_count = chainstate.m_chain.Height() - pindex->nHeight;
-
-    // check level 4: try reconnecting blocks
-    if (nCheckLevel >= 4 && !skipped_l3_checks) {
-        while (pindex != chainstate.m_chain.Tip()) {
-            const int percentageDone = std::max(1, std::min(99, 100 - (int)(((double)(chainstate.m_chain.Height() - pindex->nHeight)) / (double)nCheckDepth * 50)));
-            if (reportDone < percentageDone / 10) {
-                // report every 10% step
-                LogInfo("Verification progress: %d%%", percentageDone);
-                reportDone = percentageDone / 10;
-            }
-            m_notifications.progress(_("Verifying blocks…"), percentageDone, false);
-            pindex = chainstate.m_chain.Next(*pindex);
-            CBlock block;
-            if (!chainstate.m_blockman.ReadBlock(block, *pindex)) {
-                LogError("Verification error: ReadBlock failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
-                return VerifyDBResult::CORRUPTED_BLOCK_DB;
-            }
-            if (!chainstate.ConnectBlock(block, state, pindex, coins)) {
-                LogError("Verification error: found unconnectable block at %d, hash=%s (%s)", pindex->nHeight, pindex->GetBlockHash().ToString(), state.ToString());
-                return VerifyDBResult::CORRUPTED_BLOCK_DB;
-            }
-            if (chainstate.m_chainman.m_interrupt) return VerifyDBResult::INTERRUPTED;
-        }
-    }
-
-    LogInfo("Verification: No coin database inconsistencies in last %i blocks (%i transactions)", block_count, nGoodTransactions);
-
-    if (skipped_l3_checks) {
-        return VerifyDBResult::SKIPPED_L3_CHECKS;
-    }
-    if (skipped_no_block_data) {
-        return VerifyDBResult::SKIPPED_MISSING_BLOCKS;
-    }
-    return VerifyDBResult::SUCCESS;
-}
-
-/** Apply the effects of a block on the utxo cache, ignoring that it may already have been applied. */
-bool Chainstate::RollforwardBlock(const CBlockIndex* pindex, CCoinsViewCache& inputs)
-{
-    AssertLockHeld(cs_main);
-    // TODO: merge with ConnectBlock
-    CBlock block;
-    if (!m_blockman.ReadBlock(block, *pindex)) {
-        LogError("ReplayBlock(): ReadBlock failed at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
-        return false;
-    }
-
-    for (const CTransactionRef& tx : block.vtx) {
-        if (!tx->IsCoinBase()) {
-            for (const CTxIn &txin : tx->vin) {
-                inputs.SpendCoin(txin.prevout);
-            }
-        }
-        // Pass check = true as every addition may be an overwrite.
-        AddCoins(inputs, *tx, pindex->nHeight, true);
-    }
-    return true;
-}
-
-bool Chainstate::ReplayBlocks()
-{
-    LOCK(cs_main);
-
-    CCoinsView& db = this->CoinsDB();
-    CCoinsViewCache cache(&db);
-
-    std::vector<uint256> hashHeads = db.GetHeadBlocks();
-    if (hashHeads.empty()) return true; // We're already in a consistent state.
-    if (hashHeads.size() != 2) {
-        LogError("ReplayBlocks(): unknown inconsistent state\n");
-        return false;
-    }
 
-    m_chainman.GetNotifications().progress(_("Replaying blocks…"), 0, false);
-    LogInfo("Replaying blocks");
-
-    const CBlockIndex* pindexOld = nullptr;  // Old tip during the interrupted flush.
-    const CBlockIndex* pindexNew;            // New tip during the interrupted flush.
-    const CBlockIndex* pindexFork = nullptr; // Latest block common to both the old and the new tip.
-
-    if (!m_blockman.m_block_index.contains(hashHeads[0])) {
-        LogError("ReplayBlocks(): reorganization to unknown block requested\n");
-        return false;
-    }
-    pindexNew = &(m_blockman.m_block_index[hashHeads[0]]);
-
-    if (!hashHeads[1].IsNull()) { // The old tip is allowed to be 0, indicating it's the first flush.
-        if (!m_blockman.m_block_index.contains(hashHeads[1])) {
-            LogError("ReplayBlocks(): reorganization from unknown block requested\n");
-            return false;
-        }
-        pindexOld = &(m_blockman.m_block_index[hashHeads[1]]);
-        pindexFork = LastCommonAncestor(pindexOld, pindexNew);
-        assert(pindexFork != nullptr);
-    }
-
-    // Rollback along the old branch.
-    const int nForkHeight{pindexFork ? pindexFork->nHeight : 0};
-    if (pindexOld != pindexFork) {
-        LogInfo("Rolling back from %s (%i to %i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight, nForkHeight);
-        while (pindexOld != pindexFork) {
-            if (pindexOld->nHeight > 0) { // Never disconnect the genesis block.
-                CBlock block;
-                if (!m_blockman.ReadBlock(block, *pindexOld)) {
-                    LogError("RollbackBlock(): ReadBlock() failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
-                    return false;
-                }
-                if (pindexOld->nHeight % 10'000 == 0) {
-                    LogInfo("Rolling back %s (%i)", pindexOld->GetBlockHash().ToString(), pindexOld->nHeight);
-                }
-                DisconnectResult res = DisconnectBlock(block, pindexOld, cache);
-                if (res == DISCONNECT_FAILED) {
-                    LogError("RollbackBlock(): DisconnectBlock failed at %d, hash=%s\n", pindexOld->nHeight, pindexOld->GetBlockHash().ToString());
-                    return false;
-                }
-                // If DISCONNECT_UNCLEAN is returned, it means a non-existing UTXO was deleted, or an existing UTXO was
-                // overwritten. It corresponds to cases where the block-to-be-disconnect never had all its operations
-                // applied to the UTXO set. However, as both writing a UTXO and deleting a UTXO are idempotent operations,
-                // the result is still a version of the UTXO set with the effects of that block undone.
-            }
-            pindexOld = pindexOld->pprev;
-        }
-        LogInfo("Rolled back to %s", pindexFork->GetBlockHash().ToString());
-    }
-
-    // Roll forward from the forking point to the new tip.
-    if (nForkHeight < pindexNew->nHeight) {
-        LogInfo("Rolling forward to %s (%i to %i)", pindexNew->GetBlockHash().ToString(), nForkHeight, pindexNew->nHeight);
-        for (int nHeight = nForkHeight + 1; nHeight <= pindexNew->nHeight; ++nHeight) {
-            const CBlockIndex& pindex{*Assert(pindexNew->GetAncestor(nHeight))};
-
-            if (nHeight % 10'000 == 0) {
-                LogInfo("Rolling forward %s (%i)", pindex.GetBlockHash().ToString(), nHeight);
-            }
-            m_chainman.GetNotifications().progress(_("Replaying blocks…"), (int)((nHeight - nForkHeight) * 100.0 / (pindexNew->nHeight - nForkHeight)), false);
-            if (!RollforwardBlock(&pindex, cache)) return false;
-        }
-        LogInfo("Rolled forward to %s", pindexNew->GetBlockHash().ToString());
-    }
-
-    cache.SetBestBlock(pindexNew->GetBlockHash());
-    cache.Flush(/*reallocate_cache=*/false); // local CCoinsViewCache goes out of scope
-    m_chainman.GetNotifications().progress(bilingual_str{}, 100, false);
-    return true;
-}
 
 bool Chainstate::NeedsRedownload() const
 {
@@ -3107,7 +1538,7 @@ void ChainstateManager::LoadExternalBlockFile(
                         nRewind = blkdat.GetPos();
 
                         BlockValidationState state;
-                        if (AcceptBlock(pblock, state, nullptr, true, dbp, nullptr, true)) {
+                        if (AcceptBlock(*this, pblock, state, nullptr, true, dbp, nullptr, true)) {
                             nLoaded++;
                         }
                         if (state.IsError()) {
@@ -3165,7 +1596,7 @@ void ChainstateManager::LoadExternalBlockFile(
                             LogDebug(BCLog::REINDEX, "%s: Processing out of order child %s of %s", __func__, block_hash.ToString(), head.ToString());
                             LOCK(cs_main);
                             BlockValidationState dummy;
-                            if (AcceptBlock(pblockrecursive, dummy, nullptr, true, &it->second, nullptr, true)) {
+                            if (AcceptBlock(*this, pblockrecursive, dummy, nullptr, true, &it->second, nullptr, true)) {
                                 nLoaded++;
                                 queue.push_back(block_hash);
                             }
@@ -3601,16 +2032,30 @@ ChainstateManager::~ChainstateManager()
     m_versionbitscache.Clear();
 }
 
-bool IsBIP30Repeat(const CBlockIndex& block_index)
-{
-    return (block_index.nHeight==91842 && block_index.GetBlockHash() == uint256{"00000000000a4d0a398161ffc163c503763b1f4360639393e0e4c8e300e0caec"}) ||
-           (block_index.nHeight==91880 && block_index.GetBlockHash() == uint256{"00000000000743f190a18c5577a3c2d2a1f610ae9601ac046a38084ccb7cd721"});
-}
 
-bool IsBIP30Unspendable(const uint256& block_hash, int block_height)
+void ChainstateManager::ReportHeadersPresync(int64_t height, int64_t timestamp)
 {
-    return (block_height==91722 && block_hash == uint256{"00000000000271a2dc26e7667f8419f2e15416dc6955e5a6c6cdf3f2574dd08e"}) ||
-           (block_height==91812 && block_hash == uint256{"00000000000af0aed4792b1acee3d966af36cf5def14935db8de83d6f9306f2f"});
+    AssertLockNotHeld(GetMutex());
+    {
+        LOCK(GetMutex());
+        // Don't report headers presync progress if we already have a post-minchainwork header chain.
+        // This means we lose reporting for potentially legitimate, but unlikely, deep reorgs, but
+        // prevent attackers that spam low-work headers from filling our logs.
+        if (m_best_header->nChainWork >= UintToArith256(GetConsensus().nMinimumChainWork)) return;
+        // Rate limit headers presync updates to 4 per second, as these are not subject to DoS
+        // protection.
+        auto now = MockableSteadyClock::now();
+        if (now < m_last_presync_update + std::chrono::milliseconds{250}) return;
+        m_last_presync_update = now;
+    }
+    bool initial_download = IsInitialBlockDownload();
+    GetNotifications().headerTip(GetSynchronizationState(initial_download, m_blockman.m_blockfiles_indexed), height, timestamp, /*presync=*/true);
+    if (initial_download) {
+        int64_t blocks_left{(NodeClock::now() - NodeSeconds{std::chrono::seconds{timestamp}}) / GetConsensus().PowTargetSpacing()};
+        blocks_left = std::max<int64_t>(0, blocks_left);
+        const double progress{100.0 * height / (height + blocks_left)};
+        LogInfo("Pre-synchronizing blockheaders, height: %d (~%.2f%%)\n", height, progress);
+    }
 }
 
 void ChainstateManager::RecalculateBestHeader()
diff --git a/src/validation.h b/src/validation.h
index 5d2b50334144..c31c5db11a22 100644
--- a/src/validation.h
+++ b/src/validation.h
@@ -7,13 +7,11 @@
 #define BITCOIN_VALIDATION_H
 
 #include <arith_uint256.h>
-#include <attributes.h>
+#include <block_validation.h>
 #include <chain.h>
 #include <checkqueue.h>
 #include <coins.h>
 #include <consensus/amount.h>
-#include <consensus/tx_verify.h>
-#include <mempool_validation.h>
 #include <cuckoocache.h>
 #include <deploymentstatus.h>
 #include <kernel/chain.h>
@@ -21,12 +19,8 @@
 #include <kernel/chainstatemanager_opts.h>
 #include <kernel/cs_main.h> // IWYU pragma: export
 #include <node/blockstorage.h>
-#include <policy/feerate.h>
-#include <policy/packages.h>
-#include <policy/policy.h>
-#include <script/script_error.h>
+#include <script/script_check.h>
 #include <script/sigcache.h>
-#include <script/verify_flags.h>
 #include <sync.h>
 #include <txdb.h>
 #include <txmempool.h>
@@ -58,7 +52,6 @@ class CTxMemPool;
 class ChainstateManager;
 struct ChainTxData;
 class DisconnectedBlockTransactions;
-struct PrecomputedTransactionData;
 struct LockPoints;
 namespace Consensus {
 struct Params;
@@ -94,46 +87,11 @@ enum class SynchronizationState {
 /** Documentation for argument 'checklevel'. */
 extern const std::vector<std::string> CHECKLEVEL_DOC;
 
-CAmount GetBlockSubsidy(int nHeight, const Consensus::Params& consensusParams);
-
 bool FatalError(kernel::Notifications& notifications, BlockValidationState& state, const bilingual_str& message);
 
 /** Prune block files up to a given height */
 void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight);
 
-
-/**
- * Closure representing one script verification
- * Note that this stores references to the spending transaction
- */
-class CScriptCheck
-{
-private:
-    CTxOut m_tx_out;
-    const CTransaction *ptxTo;
-    unsigned int nIn;
-    script_verify_flags m_flags;
-    bool cacheStore;
-    PrecomputedTransactionData *txdata;
-    SignatureCache* m_signature_cache;
-
-public:
-    CScriptCheck(const CTxOut& outIn, const CTransaction& txToIn, SignatureCache& signature_cache, unsigned int nInIn, script_verify_flags flags, bool cacheIn, PrecomputedTransactionData* txdataIn) :
-        m_tx_out(outIn), ptxTo(&txToIn), nIn(nInIn), m_flags(flags), cacheStore(cacheIn), txdata(txdataIn), m_signature_cache(&signature_cache) { }
-
-    CScriptCheck(const CScriptCheck&) = delete;
-    CScriptCheck& operator=(const CScriptCheck&) = delete;
-    CScriptCheck(CScriptCheck&&) = default;
-    CScriptCheck& operator=(CScriptCheck&&) = default;
-
-    std::optional<std::pair<ScriptError, std::string>> operator()();
-};
-
-// CScriptCheck is used a lot in std::vector, make sure that's efficient
-static_assert(std::is_nothrow_move_assignable_v<CScriptCheck>);
-static_assert(std::is_nothrow_move_constructible_v<CScriptCheck>);
-static_assert(std::is_nothrow_destructible_v<CScriptCheck>);
-
 /**
  * Convenience class for initializing and passing the script execution cache
  * and signature cache.
@@ -159,41 +117,6 @@ class ValidationCache
 
 /** Functions for validating blocks and updating the block tree */
 
-/** Context-independent validity checks */
-bool CheckBlock(const CBlock& block, BlockValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true, bool fCheckMerkleRoot = true);
-
-/**
- * Verify a block, including transactions.
- *
- * @param[in]   block       The block we want to process. Must connect to the
- *                          current tip.
- * @param[in]   chainstate  The chainstate to connect to.
- * @param[in]   check_pow   perform proof-of-work check, nBits in the header
- *                          is always checked
- * @param[in]   check_merkle_root check the merkle root
- *
- * @return Valid or Invalid state. This doesn't currently return an Error state,
- *         and shouldn't unless there is something wrong with the existing
- *         chainstate. (This is different from functions like AcceptBlock which
- *         can fail trying to save new data.)
- *
- * For signets the challenge verification is skipped when check_pow is false.
- */
-BlockValidationState TestBlockValidity(
-    Chainstate& chainstate,
-    const CBlock& block,
-    bool check_pow,
-    bool check_merkle_root) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
-/** Check that the proof of work on each blockheader matches the value in nBits */
-bool HasValidProofOfWork(std::span<const CBlockHeader> headers, const Consensus::Params& consensusParams);
-
-/** Check if a block has been mutated (with respect to its merkle root and witness commitments). */
-bool IsBlockMutated(const CBlock& block, bool check_witness_root);
-
-/** Return the sum of the claimed work on a given set of headers. No verification of PoW is done. */
-arith_uint256 CalculateClaimedHeadersWork(std::span<const CBlockHeader> headers);
-
 enum class VerifyDBResult {
     SUCCESS,
     CORRUPTED_BLOCK_DB,
@@ -321,6 +244,10 @@ class Chainstate
     std::optional<const char*> m_last_script_check_reason_logged GUARDED_BY(::cs_main){};
 
 public:
+    std::optional<const char*>& LastScriptCheckReasonLogged() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return m_last_script_check_reason_logged; }
+    const std::optional<const char*>& LastScriptCheckReasonLogged() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return m_last_script_check_reason_logged; }
+    void InvalidBlockFound(CBlockIndex* pindex, const BlockValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
+
     //! Reference to a BlockManager instance which itself is shared across all
     //! Chainstate instances.
     node::BlockManager& m_blockman;
@@ -461,12 +388,6 @@ class Chainstate
         EXCLUSIVE_LOCKS_REQUIRED(!m_chainstate_mutex)
         LOCKS_EXCLUDED(::cs_main);
 
-    // Block (dis)connection on a given view:
-    DisconnectResult DisconnectBlock(const CBlock& block, const CBlockIndex* pindex, CCoinsViewCache& view)
-        EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
-    bool ConnectBlock(const CBlock& block, BlockValidationState& state, CBlockIndex* pindex,
-                      CCoinsViewCache& view, bool fJustCheck = false) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
     // Apply the effects of a block disconnection on the UTXO set.
     bool DisconnectTip(BlockValidationState& state, DisconnectedBlockTransactions* disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_mempool->cs);
 
@@ -545,11 +466,8 @@ class Chainstate
         std::vector<ConnectedBlock>& connected_blocks,
         DisconnectedBlockTransactions& disconnectpool) EXCLUSIVE_LOCKS_REQUIRED(cs_main, m_mempool->cs);
 
-    void InvalidBlockFound(CBlockIndex* pindex, const BlockValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     CBlockIndex* FindMostWorkChain() EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
-    bool RollforwardBlock(const CBlockIndex* pindex, CCoinsViewCache& inputs) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
     void CheckForkWarningConditions() EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     void InvalidChainFound(CBlockIndex* pindexNew) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
@@ -589,20 +507,6 @@ class ChainstateManager
     /** The last header for which a headerTip notification was issued. */
     CBlockIndex* m_last_notified_header GUARDED_BY(GetMutex()){nullptr};
 
-    bool NotifyHeaderTip() LOCKS_EXCLUDED(GetMutex());
-
-    /**
-     * If a block header hasn't already been seen, call CheckBlockHeader on it, ensure
-     * that it doesn't descend from an invalid block, and then add it to m_block_index.
-     * Caller must set min_pow_checked=true in order to add a new header to the
-     * block index (permanent memory storage), indicating that the header is
-     * known to be part of a sufficiently high-work chain (anti-dos check).
-     */
-    bool AcceptBlockHeader(
-        const CBlockHeader& block,
-        BlockValidationState& state,
-        CBlockIndex** ppindex,
-        bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
     friend Chainstate;
 
     /** Most recent headers presync progress update, for rate-limiting. */
@@ -626,6 +530,23 @@ class ChainstateManager
     SteadyClock::duration GUARDED_BY(::cs_main) time_chainstate{};
     SteadyClock::duration GUARDED_BY(::cs_main) time_post_connect{};
 
+public:
+    // Accessors for timing counters (used by block_validation.cpp)
+    SteadyClock::duration& TimeCheck() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_check; }
+    const SteadyClock::duration& TimeCheck() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_check; }
+    SteadyClock::duration& TimeForks() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_forks; }
+    const SteadyClock::duration& TimeForks() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_forks; }
+    SteadyClock::duration& TimeConnect() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_connect; }
+    const SteadyClock::duration& TimeConnect() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_connect; }
+    SteadyClock::duration& TimeVerify() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_verify; }
+    const SteadyClock::duration& TimeVerify() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_verify; }
+    SteadyClock::duration& TimeUndo() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_undo; }
+    const SteadyClock::duration& TimeUndo() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_undo; }
+    SteadyClock::duration& TimeIndex() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_index; }
+    const SteadyClock::duration& TimeIndex() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return time_index; }
+    int64_t& NumBlocksTotal() EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return num_blocks_total; }
+    int64_t NumBlocksTotal() const EXCLUSIVE_LOCKS_REQUIRED(::cs_main) { return num_blocks_total; }
+
 protected:
     CBlockIndex* m_best_invalid GUARDED_BY(::cs_main){nullptr};
 
@@ -637,6 +558,7 @@ class ChainstateManager
     const CChainParams& GetParams() const { return m_options.chainparams; }
     const Consensus::Params& GetConsensus() const { return m_options.chainparams.GetConsensus(); }
     bool ShouldCheckBlockIndex() const;
+    bool NotifyHeaderTip() LOCKS_EXCLUDED(GetMutex());
     const arith_uint256& MinimumChainWork() const { return *Assert(m_options.minimum_chain_work); }
     const uint256& AssumedValidBlock() const { return *Assert(m_options.assumed_valid_block); }
     kernel::Notifications& GetNotifications() const { return m_options.notifications; };
@@ -789,76 +711,8 @@ class ChainstateManager
         FlatFilePos* dbp = nullptr,
         std::multimap<uint256, FlatFilePos>* blocks_with_unknown_parent = nullptr);
 
-    /**
-     * Process an incoming block. This only returns after the best known valid
-     * block is made active. Note that it does not, however, guarantee that the
-     * specific block passed to it has been checked for validity!
-     *
-     * If you want to *possibly* get feedback on whether block is valid, you must
-     * install a CValidationInterface (see validationinterface.h) - this will have
-     * its BlockChecked method called whenever *any* block completes validation.
-     *
-     * Note that we guarantee that either the proof-of-work is valid on block, or
-     * (and possibly also) BlockChecked will have been called.
-     *
-     * May not be called in a validationinterface callback.
-     *
-     * @param[in]   block The block we want to process.
-     * @param[in]   force_processing Process this block even if unrequested; used for non-network block sources.
-     * @param[in]   min_pow_checked  True if proof-of-work anti-DoS checks have
-     *                               been done by caller for headers chain
-     *                               (note: only affects headers acceptance; if
-     *                               block header is already present in block
-     *                               index then this parameter has no effect)
-     * @param[out]  new_block A boolean which is set to indicate if the block was first received via this call
-     * @returns     If the block was processed, independently of block validity
-     */
-    bool ProcessNewBlock(const std::shared_ptr<const CBlock>& block, bool force_processing, bool min_pow_checked, bool* new_block) LOCKS_EXCLUDED(cs_main);
-
-    /**
-     * Process incoming block headers.
-     *
-     * May not be called in a
-     * validationinterface callback.
-     *
-     * @param[in]  headers The block headers themselves
-     * @param[in]  min_pow_checked  True if proof-of-work anti-DoS checks have been done by caller for headers chain
-     * @param[out] state This may be set to an Error state if any error occurred processing them
-     * @param[out] ppindex If set, the pointer will be set to point to the last new block index object for the given headers
-     * @returns false if AcceptBlockHeader fails on any of the headers, true otherwise (including if headers were already known)
-     */
-    bool ProcessNewBlockHeaders(std::span<const CBlockHeader> headers, bool min_pow_checked, BlockValidationState& state, const CBlockIndex** ppindex = nullptr) LOCKS_EXCLUDED(cs_main);
-
-    /**
-     * Sufficiently validate a block for disk storage (and store on disk).
-     *
-     * @param[in]   pblock          The block we want to process.
-     * @param[in]   fRequested      Whether we requested this block from a
-     *                              peer.
-     * @param[in]   dbp             The location on disk, if we are importing
-     *                              this block from prior storage.
-     * @param[in]   min_pow_checked True if proof-of-work anti-DoS checks have
-     *                              been done by caller for headers chain
-     *
-     * @param[out]  state       The state of the block validation.
-     * @param[out]  ppindex     Optional return parameter to get the
-     *                          CBlockIndex pointer for this block.
-     * @param[out]  fNewBlock   Optional return parameter to indicate if the
-     *                          block is new to our storage.
-     *
-     * @returns   False if the block or header is invalid, or if saving to disk fails (likely a fatal error); true otherwise.
-     */
-    bool AcceptBlock(const std::shared_ptr<const CBlock>& pblock, BlockValidationState& state, CBlockIndex** ppindex, bool fRequested, const FlatFilePos* dbp, bool* fNewBlock, bool min_pow_checked) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
     void ReceivedBlockTransactions(const CBlock& block, CBlockIndex* pindexNew, const FlatFilePos& pos) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
-    /**
-     * Try to add a transaction to the memory pool.
-     *
-     * @param[in]  tx              The transaction to submit for mempool acceptance.
-     * @param[in]  test_accept     When true, run validation checks but don't submit to mempool.
-     */
-
     //! Load the block tree and coins database from disk, initializing state if we're running with -reindex
     bool LoadBlockIndex() EXCLUSIVE_LOCKS_REQUIRED(cs_main);
 
@@ -866,16 +720,6 @@ class ChainstateManager
     //! ResizeCoinsCaches() as needed.
     void MaybeRebalanceCaches() EXCLUSIVE_LOCKS_REQUIRED(::cs_main);
 
-    /**
-     * Update uncommitted block structures (currently: only the witness reserved
-     * value). This is safe for submitted blocks as long as they honor
-     * default_witness_commitment from the template.
-     */
-    void UpdateUncommittedBlockStructures(CBlock& block, const CBlockIndex* pindexPrev) const;
-
-    /** Produce the necessary coinbase commitment for a block (modifies the hash, don't call for mined blocks). */
-    void GenerateCoinbaseCommitment(CBlock& block, const CBlockIndex* pindexPrev) const;
-
     /** This is used by net_processing to report pre-synchronization progress of headers, as
      *  headers are not yet fed to validation during that time, but validation is (for now)
      *  responsible for logging and signalling through NotifyHeaderTip, so it needs this
@@ -925,20 +769,4 @@ bool DeploymentEnabled(const ChainstateManager& chainman, DEP dep)
     return DeploymentEnabled(chainman.GetConsensus(), dep);
 }
 
-/** Identifies blocks that overwrote an existing coinbase output in the UTXO set (see BIP30) */
-bool IsBIP30Repeat(const CBlockIndex& block_index);
-
-/** Identifies blocks which coinbase output was subsequently overwritten in the UTXO set (see BIP30) */
-bool IsBIP30Unspendable(const uint256& block_hash, int block_height);
-
-// Returns the script flags which should be checked for a given block
-script_verify_flags GetBlockScriptFlags(const CBlockIndex& block_index, const ChainstateManager& chainman);
-
-bool CheckInputScripts(const CTransaction& tx, TxValidationState& state,
-                       const CCoinsViewCache& inputs, script_verify_flags flags, bool cacheSigStore,
-                       bool cacheFullScriptStore, PrecomputedTransactionData& txdata,
-                       ValidationCache& validation_cache,
-                       std::vector<CScriptCheck>* pvChecks = nullptr)
-    EXCLUSIVE_LOCKS_REQUIRED(cs_main);
-
 #endif // BITCOIN_VALIDATION_H
diff --git a/test/lint/lint-circular-dependencies.py b/test/lint/lint-circular-dependencies.py
index dc850541ec06..a7b6e5d643c2 100755
--- a/test/lint/lint-circular-dependencies.py
+++ b/test/lint/lint-circular-dependencies.py
@@ -16,6 +16,7 @@
     "node/blockstorage -> validation -> node/blockstorage",
     "kernel/coinstats -> validation -> kernel/coinstats",
     "mempool_validation -> validation -> mempool_validation",
+    "block_validation -> validation -> block_validation",
     "coins -> undo -> coins",
     "versionbits -> versionbits_impl -> versionbits",
 )

From 388bc916311feeb575b4ff0c5d9e1cc33d734915 Mon Sep 17 00:00:00 2001
From: ismaelsadeeq <abubakarsadiqismail@proton.me>
Date: Thu, 21 May 2026 21:02:51 +0100
Subject: [PATCH 5/6] node: rename chainstate.{cpp,h} to
 chainstate_load.{cpp,h}

Rename node/chainstate.{cpp,h} to node/chainstate_load.{cpp,h} to avoid
a naming conflict with the upcoming rename of validation.{cpp,h} to
chainstate.{cpp,h}. The node/chainstate module hosts LoadChainstate()
and VerifyLoadedChainstate(), so chainstate_load better describes its
role.
---
 src/CMakeLists.txt                               | 2 +-
 src/init.cpp                                     | 2 +-
 src/kernel/CMakeLists.txt                        | 2 +-
 src/kernel/bitcoinkernel.cpp                     | 2 +-
 src/node/{chainstate.cpp => chainstate_load.cpp} | 2 +-
 src/node/{chainstate.h => chainstate_load.h}     | 6 +++---
 src/test/util/setup_common.cpp                   | 2 +-
 7 files changed, 9 insertions(+), 9 deletions(-)
 rename src/node/{chainstate.cpp => chainstate_load.cpp} (99%)
 rename src/node/{chainstate.h => chainstate_load.h} (95%)

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 90fb329da9a6..7526003951fb 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -175,7 +175,7 @@ add_library(bitcoin_node STATIC EXCLUDE_FROM_ALL
   node/blockmanager_args.cpp
   node/blockstorage.cpp
   node/caches.cpp
-  node/chainstate.cpp
+  node/chainstate_load.cpp
   node/chainstatemanager_args.cpp
   node/coin.cpp
   node/coins_view_args.cpp
diff --git a/src/init.cpp b/src/init.cpp
index 01a06e919147..fa986c285b7e 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -44,7 +44,7 @@
 #include <node/blockmanager_args.h>
 #include <node/blockstorage.h>
 #include <node/caches.h>
-#include <node/chainstate.h>
+#include <node/chainstate_load.h>
 #include <node/chainstatemanager_args.h>
 #include <node/context.h>
 #include <node/interface_ui.h>
diff --git a/src/kernel/CMakeLists.txt b/src/kernel/CMakeLists.txt
index 537cb7aaaee0..79d78246981b 100644
--- a/src/kernel/CMakeLists.txt
+++ b/src/kernel/CMakeLists.txt
@@ -33,7 +33,7 @@ add_library(bitcoinkernel
   ../logging.cpp
   ../node/blockimport.cpp
   ../node/blockstorage.cpp
-  ../node/chainstate.cpp
+  ../node/chainstate_load.cpp
   ../policy/ephemeral_policy.cpp
   ../policy/feerate.cpp
   ../policy/packages.cpp
diff --git a/src/kernel/bitcoinkernel.cpp b/src/kernel/bitcoinkernel.cpp
index 68084d561d99..17deefd4d642 100644
--- a/src/kernel/bitcoinkernel.cpp
+++ b/src/kernel/bitcoinkernel.cpp
@@ -21,7 +21,7 @@
 #include <logging.h>
 #include <node/blockimport.h>
 #include <node/blockstorage.h>
-#include <node/chainstate.h>
+#include <node/chainstate_load.h>
 #include <primitives/block.h>
 #include <primitives/transaction.h>
 #include <script/interpreter.h>
diff --git a/src/node/chainstate.cpp b/src/node/chainstate_load.cpp
similarity index 99%
rename from src/node/chainstate.cpp
rename to src/node/chainstate_load.cpp
index 6a9f51a281eb..87a044e08352 100644
--- a/src/node/chainstate.cpp
+++ b/src/node/chainstate_load.cpp
@@ -2,7 +2,7 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
-#include <node/chainstate.h>
+#include <node/chainstate_load.h>
 
 #include <block_validation.h>
 #include <arith_uint256.h>
diff --git a/src/node/chainstate.h b/src/node/chainstate_load.h
similarity index 95%
rename from src/node/chainstate.h
rename to src/node/chainstate_load.h
index 11484d5087b6..d8ab5fa2da23 100644
--- a/src/node/chainstate.h
+++ b/src/node/chainstate_load.h
@@ -2,8 +2,8 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
-#ifndef BITCOIN_NODE_CHAINSTATE_H
-#define BITCOIN_NODE_CHAINSTATE_H
+#ifndef BITCOIN_NODE_CHAINSTATE_LOAD_H
+#define BITCOIN_NODE_CHAINSTATE_LOAD_H
 
 #include <util/translation.h>
 #include <validation.h>
@@ -71,4 +71,4 @@ ChainstateLoadResult LoadChainstate(ChainstateManager& chainman, const kernel::C
 ChainstateLoadResult VerifyLoadedChainstate(ChainstateManager& chainman, const ChainstateLoadOptions& options);
 } // namespace node
 
-#endif // BITCOIN_NODE_CHAINSTATE_H
+#endif // BITCOIN_NODE_CHAINSTATE_LOAD_H
diff --git a/src/test/util/setup_common.cpp b/src/test/util/setup_common.cpp
index e720d198f6c5..f8e12106c17d 100644
--- a/src/test/util/setup_common.cpp
+++ b/src/test/util/setup_common.cpp
@@ -22,7 +22,7 @@
 #include <net.h>
 #include <net_processing.h>
 #include <node/blockstorage.h>
-#include <node/chainstate.h>
+#include <node/chainstate_load.h>
 #include <node/context.h>
 #include <node/kernel_notifications.h>
 #include <node/mempool_args.h>

From 140e894de6234aaed55d47771c6c2b16aba72372 Mon Sep 17 00:00:00 2001
From: ismaelsadeeq <abubakarsadiqismail@proton.me>
Date: Thu, 21 May 2026 21:05:47 +0100
Subject: [PATCH 6/6] validation: rename validation.{cpp,h} to
 chainstate.{cpp,h}

After extracting mempool validation and block validation into their own
files, the code remaining in validation.{cpp,h} is exclusively
chainstate management: Chainstate, ChainstateManager, and their
supporting infrastructure. Rename the files to match what they
actually contain and update all include directives accordingly.

The rename also updates the names of existing circular dependencies in
the lint allowlist: node/blockstorage -> validation -> node/blockstorage
becomes chainstate -> node/blockstorage -> chainstate, and likewise for
kernel/coinstats. The previously introduced
block_validation -> validation -> block_validation and
mempool_validation -> validation -> mempool_validation are updated to
reflect the new filename.
---
 src/CMakeLists.txt                              | 2 +-
 src/bench/block_assemble.cpp                    | 2 +-
 src/bench/checkblock.cpp                        | 2 +-
 src/bench/checkblockindex.cpp                   | 2 +-
 src/bench/connectblock.cpp                      | 2 +-
 src/bench/duplicate_inputs.cpp                  | 2 +-
 src/bench/load_external.cpp                     | 2 +-
 src/bench/mempool_stress.cpp                    | 2 +-
 src/bench/readwriteblock.cpp                    | 2 +-
 src/block_validation.cpp                        | 2 +-
 src/blockencodings.cpp                          | 2 +-
 src/{validation.cpp => chainstate.cpp}          | 2 +-
 src/{validation.h => chainstate.h}              | 9 +++------
 src/init.cpp                                    | 2 +-
 src/ipc/capnp/mining-types.h                    | 2 +-
 src/ipc/test/ipc_test.cpp                       | 2 +-
 src/ipc/test/ipc_test.h                         | 2 +-
 src/kernel/CMakeLists.txt                       | 2 +-
 src/kernel/bitcoinkernel.cpp                    | 2 +-
 src/kernel/coinstats.cpp                        | 2 +-
 src/mempool_validation.cpp                      | 2 +-
 src/net_processing.cpp                          | 2 +-
 src/node/README.md                              | 2 +-
 src/node/blockimport.cpp                        | 2 +-
 src/node/blockmanager_args.cpp                  | 2 +-
 src/node/blockstorage.cpp                       | 2 +-
 src/node/chainstate_load.cpp                    | 2 +-
 src/node/chainstate_load.h                      | 2 +-
 src/node/chainstatemanager_args.cpp             | 2 +-
 src/node/chainstatemanager_args.h               | 2 +-
 src/node/coin.cpp                               | 2 +-
 src/node/context.cpp                            | 2 +-
 src/node/interfaces.cpp                         | 2 +-
 src/node/mempool_persist.cpp                    | 2 +-
 src/node/mempool_persist_args.cpp               | 2 +-
 src/node/miner.cpp                              | 2 +-
 src/node/transaction.cpp                        | 2 +-
 src/node/txdownloadman_impl.cpp                 | 2 +-
 src/test/blockchain_tests.cpp                   | 2 +-
 src/test/blockmanager_tests.cpp                 | 2 +-
 src/test/chainstate_write_tests.cpp             | 2 +-
 src/test/denialofservice_tests.cpp              | 2 +-
 src/test/fuzz/block.cpp                         | 2 +-
 src/test/fuzz/block_index.cpp                   | 2 +-
 src/test/fuzz/block_index_tree.cpp              | 2 +-
 src/test/fuzz/cmpctblock.cpp                    | 2 +-
 src/test/fuzz/headerssync.cpp                   | 2 +-
 src/test/fuzz/load_external_block_file.cpp      | 2 +-
 src/test/fuzz/p2p_headers_presync.cpp           | 2 +-
 src/test/fuzz/package_eval.cpp                  | 2 +-
 src/test/fuzz/transaction.cpp                   | 2 +-
 src/test/fuzz/tx_pool.cpp                       | 2 +-
 src/test/fuzz/txdownloadman.cpp                 | 2 +-
 src/test/fuzz/util.h                            | 2 +-
 src/test/fuzz/util/mempool.h                    | 2 +-
 src/test/fuzz/utxo_total_supply.cpp             | 2 +-
 src/test/fuzz/validation_load_mempool.cpp       | 2 +-
 src/test/headers_sync_chainwork_tests.cpp       | 2 +-
 src/test/interfaces_tests.cpp                   | 2 +-
 src/test/miner_tests.cpp                        | 2 +-
 src/test/net_tests.cpp                          | 2 +-
 src/test/peerman_tests.cpp                      | 2 +-
 src/test/script_p2sh_tests.cpp                  | 2 +-
 src/test/testnet4_miner_tests.cpp               | 2 +-
 src/test/transaction_tests.cpp                  | 2 +-
 src/test/txdownload_tests.cpp                   | 2 +-
 src/test/txpackage_tests.cpp                    | 2 +-
 src/test/txvalidation_tests.cpp                 | 2 +-
 src/test/txvalidationcache_tests.cpp            | 2 +-
 src/test/util/mining.cpp                        | 2 +-
 src/test/util/setup_common.cpp                  | 2 +-
 src/test/util/txmempool.cpp                     | 2 +-
 src/test/util/validation.cpp                    | 2 +-
 src/test/util/validation.h                      | 2 +-
 src/test/validation_block_tests.cpp             | 2 +-
 src/test/validation_chainstate_tests.cpp        | 2 +-
 src/test/validation_chainstatemanager_tests.cpp | 2 +-
 src/test/validation_flush_tests.cpp             | 2 +-
 src/test/validation_tests.cpp                   | 2 +-
 test/lint/lint-circular-dependencies.py         | 8 ++++----
 80 files changed, 85 insertions(+), 88 deletions(-)
 rename src/{validation.cpp => chainstate.cpp} (99%)
 rename src/{validation.h => chainstate.h} (99%)

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 7526003951fb..ee66bb42aff6 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -218,7 +218,7 @@ add_library(bitcoin_node STATIC EXCLUDE_FROM_ALL
   txrequest.cpp
   block_validation.cpp
   mempool_validation.cpp
-  validation.cpp
+  chainstate.cpp
   validationinterface.cpp
   versionbits.cpp
 )
diff --git a/src/bench/block_assemble.cpp b/src/bench/block_assemble.cpp
index 2815cdc0f4f3..84af166abf3a 100644
--- a/src/bench/block_assemble.cpp
+++ b/src/bench/block_assemble.cpp
@@ -13,7 +13,7 @@
 #include <test/util/mining.h>
 #include <test/util/script.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <array>
 #include <cassert>
diff --git a/src/bench/checkblock.cpp b/src/bench/checkblock.cpp
index b943dc0f82b3..dc47d24536a4 100644
--- a/src/bench/checkblock.cpp
+++ b/src/bench/checkblock.cpp
@@ -8,7 +8,7 @@
 #include <primitives/block.h>
 #include <primitives/transaction.h>
 #include <streams.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cassert>
 #include <cstddef>
diff --git a/src/bench/checkblockindex.cpp b/src/bench/checkblockindex.cpp
index 78e70a8d6a6d..108628064005 100644
--- a/src/bench/checkblockindex.cpp
+++ b/src/bench/checkblockindex.cpp
@@ -4,7 +4,7 @@
 
 #include <bench/bench.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <memory>
 
diff --git a/src/bench/connectblock.cpp b/src/bench/connectblock.cpp
index 2ad1941fc70c..0757ba1c9249 100644
--- a/src/bench/connectblock.cpp
+++ b/src/bench/connectblock.cpp
@@ -10,7 +10,7 @@
 #include <script/interpreter.h>
 #include <sync.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cassert>
 #include <vector>
diff --git a/src/bench/duplicate_inputs.cpp b/src/bench/duplicate_inputs.cpp
index 5b1ca5f552f7..46042b479f68 100644
--- a/src/bench/duplicate_inputs.cpp
+++ b/src/bench/duplicate_inputs.cpp
@@ -16,7 +16,7 @@
 #include <sync.h>
 #include <test/util/setup_common.h>
 #include <uint256.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cassert>
 #include <cstdint>
diff --git a/src/bench/load_external.cpp b/src/bench/load_external.cpp
index 8e7201eaa520..ea4b6d22f1b1 100644
--- a/src/bench/load_external.cpp
+++ b/src/bench/load_external.cpp
@@ -12,7 +12,7 @@
 #include <test/util/setup_common.h>
 #include <uint256.h>
 #include <util/fs.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstdint>
 #include <cstdio>
diff --git a/src/bench/mempool_stress.cpp b/src/bench/mempool_stress.cpp
index 1f582081ea9c..1bbefa9832e5 100644
--- a/src/bench/mempool_stress.cpp
+++ b/src/bench/mempool_stress.cpp
@@ -12,7 +12,7 @@
 #include <test/util/setup_common.h>
 #include <test/util/txmempool.h>
 #include <txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstddef>
 #include <cstdint>
diff --git a/src/bench/readwriteblock.cpp b/src/bench/readwriteblock.cpp
index b8e226c6eb96..87551eb9a8e0 100644
--- a/src/bench/readwriteblock.cpp
+++ b/src/bench/readwriteblock.cpp
@@ -12,7 +12,7 @@
 #include <span.h>
 #include <streams.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cassert>
 #include <cstdint>
diff --git a/src/block_validation.cpp b/src/block_validation.cpp
index c449e1cecd99..90c58e428700 100644
--- a/src/block_validation.cpp
+++ b/src/block_validation.cpp
@@ -7,7 +7,7 @@
 
 #include <arith_uint256.h>
 #include <chain.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <checkqueue.h>
 #include <consensus/amount.h>
 #include <consensus/consensus.h>
diff --git a/src/blockencodings.cpp b/src/blockencodings.cpp
index 4ca3b7e9030c..c2140393ebd2 100644
--- a/src/blockencodings.cpp
+++ b/src/blockencodings.cpp
@@ -15,7 +15,7 @@
 #include <random.h>
 #include <streams.h>
 #include <txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <unordered_map>
 
diff --git a/src/validation.cpp b/src/chainstate.cpp
similarity index 99%
rename from src/validation.cpp
rename to src/chainstate.cpp
index 7a929f1a0c64..12b81ebc15be 100644
--- a/src/validation.cpp
+++ b/src/chainstate.cpp
@@ -5,7 +5,7 @@
 
 #include <bitcoin-build-config.h> // IWYU pragma: keep
 
-#include <validation.h>
+#include <chainstate.h>
 
 #include <arith_uint256.h>
 #include <block_validation.h>
diff --git a/src/validation.h b/src/chainstate.h
similarity index 99%
rename from src/validation.h
rename to src/chainstate.h
index c31c5db11a22..5242c4f9d742 100644
--- a/src/validation.h
+++ b/src/chainstate.h
@@ -3,8 +3,8 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
-#ifndef BITCOIN_VALIDATION_H
-#define BITCOIN_VALIDATION_H
+#ifndef BITCOIN_CHAINSTATE_H
+#define BITCOIN_CHAINSTATE_H
 
 #include <arith_uint256.h>
 #include <block_validation.h>
@@ -89,9 +89,6 @@ extern const std::vector<std::string> CHECKLEVEL_DOC;
 
 bool FatalError(kernel::Notifications& notifications, BlockValidationState& state, const bilingual_str& message);
 
-/** Prune block files up to a given height */
-void PruneBlockFilesManual(Chainstate& active_chainstate, int nManualPruneHeight);
-
 /**
  * Convenience class for initializing and passing the script execution cache
  * and signature cache.
@@ -769,4 +766,4 @@ bool DeploymentEnabled(const ChainstateManager& chainman, DEP dep)
     return DeploymentEnabled(chainman.GetConsensus(), dep);
 }
 
-#endif // BITCOIN_VALIDATION_H
+#endif // BITCOIN_CHAINSTATE_H
diff --git a/src/init.cpp b/src/init.cpp
index fa986c285b7e..15319413d583 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -83,7 +83,7 @@
 #include <util/threadnames.h>
 #include <util/time.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <algorithm>
diff --git a/src/ipc/capnp/mining-types.h b/src/ipc/capnp/mining-types.h
index 40b7487a35f5..8e3286f1304f 100644
--- a/src/ipc/capnp/mining-types.h
+++ b/src/ipc/capnp/mining-types.h
@@ -11,7 +11,7 @@
 #include <ipc/capnp/mining.capnp.proxy.h>
 #include <node/miner.h>
 #include <node/types.h>
-#include <validation.h>
+#include <chainstate.h>
 
 namespace mp {
 // Custom serializations
diff --git a/src/ipc/test/ipc_test.cpp b/src/ipc/test/ipc_test.cpp
index 5018c7f94607..45f5751487c8 100644
--- a/src/ipc/test/ipc_test.cpp
+++ b/src/ipc/test/ipc_test.cpp
@@ -13,7 +13,7 @@
 #include <ipc/test/ipc_test.capnp.proxy.h>
 #include <ipc/test/ipc_test.h>
 #include <tinyformat.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <atomic>
 #include <future>
diff --git a/src/ipc/test/ipc_test.h b/src/ipc/test/ipc_test.h
index 8ef3bc90fb31..c9e1d120cfc3 100644
--- a/src/ipc/test/ipc_test.h
+++ b/src/ipc/test/ipc_test.h
@@ -9,7 +9,7 @@
 #include <script/script.h>
 #include <univalue.h>
 #include <util/fs.h>
-#include <validation.h>
+#include <chainstate.h>
 
 class FooImplementation
 {
diff --git a/src/kernel/CMakeLists.txt b/src/kernel/CMakeLists.txt
index 79d78246981b..d68450cbcb3f 100644
--- a/src/kernel/CMakeLists.txt
+++ b/src/kernel/CMakeLists.txt
@@ -76,7 +76,7 @@ add_library(bitcoinkernel
   ../block_validation.cpp
   ../mempool_validation.cpp
   ../script/script_check.cpp
-  ../validation.cpp
+  ../chainstate.cpp
   ../validationinterface.cpp
   ../versionbits.cpp
   $<TARGET_OBJECTS:bitcoin_clientversion>
diff --git a/src/kernel/bitcoinkernel.cpp b/src/kernel/bitcoinkernel.cpp
index 17deefd4d642..c6357ccc8645 100644
--- a/src/kernel/bitcoinkernel.cpp
+++ b/src/kernel/bitcoinkernel.cpp
@@ -37,7 +37,7 @@
 #include <util/signalinterrupt.h>
 #include <util/task_runner.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <cstddef>
diff --git a/src/kernel/coinstats.cpp b/src/kernel/coinstats.cpp
index 4f2f3feaf40d..6763ddcf44fb 100644
--- a/src/kernel/coinstats.cpp
+++ b/src/kernel/coinstats.cpp
@@ -18,7 +18,7 @@
 #include <util/check.h>
 #include <util/log.h>
 #include <util/overflow.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstddef>
 #include <map>
diff --git a/src/mempool_validation.cpp b/src/mempool_validation.cpp
index 5a49d66d22d3..85dea503bd2b 100644
--- a/src/mempool_validation.cpp
+++ b/src/mempool_validation.cpp
@@ -6,7 +6,7 @@
 #include <mempool_validation.h>
 
 #include <chain.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <consensus/consensus.h>
 #include <consensus/tx_check.h>
 #include <consensus/tx_verify.h>
diff --git a/src/net_processing.cpp b/src/net_processing.cpp
index 8990c88d2c58..1e6d1a6a78e4 100644
--- a/src/net_processing.cpp
+++ b/src/net_processing.cpp
@@ -59,7 +59,7 @@
 #include <util/strencodings.h>
 #include <util/time.h>
 #include <util/trace.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <algorithm>
 #include <array>
diff --git a/src/node/README.md b/src/node/README.md
index c0fe6a889197..8ba3d12adc37 100644
--- a/src/node/README.md
+++ b/src/node/README.md
@@ -6,5 +6,5 @@ classes).
 
 This directory is at the moment
 sparsely populated. Eventually more substantial files like
-[`src/validation.cpp`](../validation.cpp) and
+[`src/chainstate.cpp`](../chainstate.cpp) and
 [`src/txmempool.cpp`](../txmempool.cpp) might be moved there.
diff --git a/src/node/blockimport.cpp b/src/node/blockimport.cpp
index 3e784f76d030..1d24516747e5 100644
--- a/src/node/blockimport.cpp
+++ b/src/node/blockimport.cpp
@@ -15,7 +15,7 @@
 #include <util/fs_helpers.h>
 #include <util/result.h>
 #include <util/signalinterrupt.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <atomic>
 #include <cassert>
diff --git a/src/node/blockmanager_args.cpp b/src/node/blockmanager_args.cpp
index 3a5f4d75f810..8ddf5395897b 100644
--- a/src/node/blockmanager_args.cpp
+++ b/src/node/blockmanager_args.cpp
@@ -11,7 +11,7 @@
 #include <util/byte_units.h>
 #include <util/result.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstdint>
 
diff --git a/src/node/blockstorage.cpp b/src/node/blockstorage.cpp
index 0743d80f22f8..f5f274cb9620 100644
--- a/src/node/blockstorage.cpp
+++ b/src/node/blockstorage.cpp
@@ -37,7 +37,7 @@
 #include <util/syserror.h>
 #include <util/time.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <algorithm>
 #include <array>
diff --git a/src/node/chainstate_load.cpp b/src/node/chainstate_load.cpp
index 87a044e08352..f73c5820876d 100644
--- a/src/node/chainstate_load.cpp
+++ b/src/node/chainstate_load.cpp
@@ -21,7 +21,7 @@
 #include <util/signalinterrupt.h>
 #include <util/time.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <algorithm>
 #include <cassert>
diff --git a/src/node/chainstate_load.h b/src/node/chainstate_load.h
index d8ab5fa2da23..f637928f8784 100644
--- a/src/node/chainstate_load.h
+++ b/src/node/chainstate_load.h
@@ -6,7 +6,7 @@
 #define BITCOIN_NODE_CHAINSTATE_LOAD_H
 
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstdint>
 #include <functional>
diff --git a/src/node/chainstatemanager_args.cpp b/src/node/chainstatemanager_args.cpp
index bf91a750c140..74e97ec07d46 100644
--- a/src/node/chainstatemanager_args.cpp
+++ b/src/node/chainstatemanager_args.cpp
@@ -16,7 +16,7 @@
 #include <util/result.h>
 #include <util/strencodings.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <algorithm>
 #include <chrono>
diff --git a/src/node/chainstatemanager_args.h b/src/node/chainstatemanager_args.h
index cbcbb6b47cac..f763c5ff29b1 100644
--- a/src/node/chainstatemanager_args.h
+++ b/src/node/chainstatemanager_args.h
@@ -6,7 +6,7 @@
 #define BITCOIN_NODE_CHAINSTATEMANAGER_ARGS_H
 
 #include <util/result.h>
-#include <validation.h>
+#include <chainstate.h>
 
 class ArgsManager;
 
diff --git a/src/node/coin.cpp b/src/node/coin.cpp
index a4ff9aed7025..b6cd90d2e2ce 100644
--- a/src/node/coin.cpp
+++ b/src/node/coin.cpp
@@ -6,7 +6,7 @@
 
 #include <node/context.h>
 #include <txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 
 namespace node {
 void FindCoins(const NodeContext& node, std::map<COutPoint, Coin>& coins)
diff --git a/src/node/context.cpp b/src/node/context.cpp
index 164361601f9b..096ad4040476 100644
--- a/src/node/context.cpp
+++ b/src/node/context.cpp
@@ -19,7 +19,7 @@
 #include <scheduler.h>
 #include <torcontrol.h>
 #include <txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 namespace node {
diff --git a/src/node/interfaces.cpp b/src/node/interfaces.cpp
index 236aedfed493..f3e8e45d0610 100644
--- a/src/node/interfaces.cpp
+++ b/src/node/interfaces.cpp
@@ -54,7 +54,7 @@
 #include <util/signalinterrupt.h>
 #include <util/string.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <any>
diff --git a/src/node/mempool_persist.cpp b/src/node/mempool_persist.cpp
index e126af48e95e..7792b1750d75 100644
--- a/src/node/mempool_persist.cpp
+++ b/src/node/mempool_persist.cpp
@@ -21,7 +21,7 @@
 #include <util/signalinterrupt.h>
 #include <util/syserror.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstdint>
 #include <cstdio>
diff --git a/src/node/mempool_persist_args.cpp b/src/node/mempool_persist_args.cpp
index adba56768ea3..85c30a25f4ed 100644
--- a/src/node/mempool_persist_args.cpp
+++ b/src/node/mempool_persist_args.cpp
@@ -6,7 +6,7 @@
 
 #include <common/args.h>
 #include <util/fs.h>
-#include <validation.h>
+#include <chainstate.h>
 
 namespace node {
 
diff --git a/src/node/miner.cpp b/src/node/miner.cpp
index 16bd57a57dc8..8dc58b39795d 100644
--- a/src/node/miner.cpp
+++ b/src/node/miner.cpp
@@ -26,7 +26,7 @@
 #include <util/moneystr.h>
 #include <util/signalinterrupt.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <algorithm>
 #include <utility>
diff --git a/src/node/transaction.cpp b/src/node/transaction.cpp
index fe1b54ee0dc5..f14c133029e3 100644
--- a/src/node/transaction.cpp
+++ b/src/node/transaction.cpp
@@ -13,7 +13,7 @@
 #include <node/context.h>
 #include <node/types.h>
 #include <txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 namespace node {
diff --git a/src/node/txdownloadman_impl.cpp b/src/node/txdownloadman_impl.cpp
index 91bc7f3bcbdf..3dce4e4f04a1 100644
--- a/src/node/txdownloadman_impl.cpp
+++ b/src/node/txdownloadman_impl.cpp
@@ -9,7 +9,7 @@
 #include <consensus/validation.h>
 #include <logging.h>
 #include <txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 namespace node {
diff --git a/src/test/blockchain_tests.cpp b/src/test/blockchain_tests.cpp
index e8a80fd93c2c..17cd5b6c2640 100644
--- a/src/test/blockchain_tests.cpp
+++ b/src/test/blockchain_tests.cpp
@@ -8,7 +8,7 @@
 #include <sync.h>
 #include <test/util/setup_common.h>
 #include <util/string.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/blockmanager_tests.cpp b/src/test/blockmanager_tests.cpp
index 6ca4eb9b07a5..04bfd20c06d7 100644
--- a/src/test/blockmanager_tests.cpp
+++ b/src/test/blockmanager_tests.cpp
@@ -11,7 +11,7 @@
 #include <script/solver.h>
 #include <primitives/block.h>
 #include <util/chaintype.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 #include <test/util/common.h>
diff --git a/src/test/chainstate_write_tests.cpp b/src/test/chainstate_write_tests.cpp
index 026d82cefc6d..cafadf38f528 100644
--- a/src/test/chainstate_write_tests.cpp
+++ b/src/test/chainstate_write_tests.cpp
@@ -4,7 +4,7 @@
 
 #include <test/util/setup_common.h>
 #include <test/util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <boost/test/unit_test.hpp>
diff --git a/src/test/denialofservice_tests.cpp b/src/test/denialofservice_tests.cpp
index 9709eacd8b7b..05dfcb1e2327 100644
--- a/src/test/denialofservice_tests.cpp
+++ b/src/test/denialofservice_tests.cpp
@@ -19,7 +19,7 @@
 #include <test/util/time.h>
 #include <util/string.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <array>
 #include <cstdint>
diff --git a/src/test/fuzz/block.cpp b/src/test/fuzz/block.cpp
index 37c03a4835c2..cf714f91e296 100644
--- a/src/test/fuzz/block.cpp
+++ b/src/test/fuzz/block.cpp
@@ -13,7 +13,7 @@
 #include <streams.h>
 #include <test/fuzz/fuzz.h>
 #include <util/chaintype.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cassert>
 #include <string>
diff --git a/src/test/fuzz/block_index.cpp b/src/test/fuzz/block_index.cpp
index 903d28d16848..21bf39e9d944 100644
--- a/src/test/fuzz/block_index.cpp
+++ b/src/test/fuzz/block_index.cpp
@@ -11,7 +11,7 @@
 #include <test/util/setup_common.h>
 #include <txdb.h>
 #include <util/byte_units.h>
-#include <validation.h>
+#include <chainstate.h>
 
 using kernel::CBlockFileInfo;
 
diff --git a/src/test/fuzz/block_index_tree.cpp b/src/test/fuzz/block_index_tree.cpp
index 2eac6d6bd264..6247ba756866 100644
--- a/src/test/fuzz/block_index_tree.cpp
+++ b/src/test/fuzz/block_index_tree.cpp
@@ -14,7 +14,7 @@
 #include <test/util/setup_common.h>
 #include <test/util/time.h>
 #include <test/util/validation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <ranges>
 #include <vector>
diff --git a/src/test/fuzz/cmpctblock.cpp b/src/test/fuzz/cmpctblock.cpp
index c24f5168c722..c5f320daf8bc 100644
--- a/src/test/fuzz/cmpctblock.cpp
+++ b/src/test/fuzz/cmpctblock.cpp
@@ -40,7 +40,7 @@
 #include <util/task_runner.h>
 #include <util/time.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <boost/multi_index/detail/hash_index_iterator.hpp>
diff --git a/src/test/fuzz/headerssync.cpp b/src/test/fuzz/headerssync.cpp
index 3804543a8990..cca89155c880 100644
--- a/src/test/fuzz/headerssync.cpp
+++ b/src/test/fuzz/headerssync.cpp
@@ -14,7 +14,7 @@
 #include <uint256.h>
 #include <util/chaintype.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <iterator>
 #include <vector>
diff --git a/src/test/fuzz/load_external_block_file.cpp b/src/test/fuzz/load_external_block_file.cpp
index 8b86f70dd237..e796bbf981e8 100644
--- a/src/test/fuzz/load_external_block_file.cpp
+++ b/src/test/fuzz/load_external_block_file.cpp
@@ -11,7 +11,7 @@
 #include <test/util/setup_common.h>
 #include <test/util/time.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstdint>
 #include <vector>
diff --git a/src/test/fuzz/p2p_headers_presync.cpp b/src/test/fuzz/p2p_headers_presync.cpp
index 05b7a84f899f..878249143e09 100644
--- a/src/test/fuzz/p2p_headers_presync.cpp
+++ b/src/test/fuzz/p2p_headers_presync.cpp
@@ -17,7 +17,7 @@
 #include <test/util/setup_common.h>
 #include <test/util/time.h>
 #include <uint256.h>
-#include <validation.h>
+#include <chainstate.h>
 
 namespace {
 constexpr uint32_t FUZZ_MAX_HEADERS_RESULTS{16};
diff --git a/src/test/fuzz/package_eval.cpp b/src/test/fuzz/package_eval.cpp
index 20276a9f9315..7dc63921c587 100644
--- a/src/test/fuzz/package_eval.cpp
+++ b/src/test/fuzz/package_eval.cpp
@@ -19,7 +19,7 @@
 #include <util/check.h>
 #include <util/rbf.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 using node::BlockAssembler;
diff --git a/src/test/fuzz/transaction.cpp b/src/test/fuzz/transaction.cpp
index 299db8c10c50..52c97e77065b 100644
--- a/src/test/fuzz/transaction.cpp
+++ b/src/test/fuzz/transaction.cpp
@@ -18,7 +18,7 @@
 #include <univalue.h>
 #include <util/chaintype.h>
 #include <util/rbf.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cassert>
 
diff --git a/src/test/fuzz/tx_pool.cpp b/src/test/fuzz/tx_pool.cpp
index 0286ad80e69f..08bace24b4fa 100644
--- a/src/test/fuzz/tx_pool.cpp
+++ b/src/test/fuzz/tx_pool.cpp
@@ -19,7 +19,7 @@
 #include <util/check.h>
 #include <util/rbf.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 using node::BlockAssembler;
diff --git a/src/test/fuzz/txdownloadman.cpp b/src/test/fuzz/txdownloadman.cpp
index a2c7fc562c9a..5256edd20fc6 100644
--- a/src/test/fuzz/txdownloadman.cpp
+++ b/src/test/fuzz/txdownloadman.cpp
@@ -21,7 +21,7 @@
 #include <util/hasher.h>
 #include <util/rbf.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 namespace {
diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h
index 335cefb710f5..c7bca8efef39 100644
--- a/src/test/fuzz/util.h
+++ b/src/test/fuzz/util.h
@@ -21,7 +21,7 @@
 #include <test/fuzz/FuzzedDataProvider.h>
 #include <test/fuzz/fuzz.h>
 #include <uint256.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <algorithm>
 #include <array>
diff --git a/src/test/fuzz/util/mempool.h b/src/test/fuzz/util/mempool.h
index 948e936c7507..42ac1995b95f 100644
--- a/src/test/fuzz/util/mempool.h
+++ b/src/test/fuzz/util/mempool.h
@@ -6,7 +6,7 @@
 #define BITCOIN_TEST_FUZZ_UTIL_MEMPOOL_H
 
 #include <kernel/mempool_entry.h>
-#include <validation.h>
+#include <chainstate.h>
 
 class CTransaction;
 class CTxMemPool;
diff --git a/src/test/fuzz/utxo_total_supply.cpp b/src/test/fuzz/utxo_total_supply.cpp
index b281f20028e7..8068232183ee 100644
--- a/src/test/fuzz/utxo_total_supply.cpp
+++ b/src/test/fuzz/utxo_total_supply.cpp
@@ -17,7 +17,7 @@
 #include <test/util/time.h>
 #include <util/chaintype.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 
 using node::BlockAssembler;
 
diff --git a/src/test/fuzz/validation_load_mempool.cpp b/src/test/fuzz/validation_load_mempool.cpp
index 9180945d0e7a..002524dac13d 100644
--- a/src/test/fuzz/validation_load_mempool.cpp
+++ b/src/test/fuzz/validation_load_mempool.cpp
@@ -17,7 +17,7 @@
 #include <util/check.h>
 #include <util/time.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstdint>
 #include <vector>
diff --git a/src/test/headers_sync_chainwork_tests.cpp b/src/test/headers_sync_chainwork_tests.cpp
index bba612f8b46b..f5b7b23eab46 100644
--- a/src/test/headers_sync_chainwork_tests.cpp
+++ b/src/test/headers_sync_chainwork_tests.cpp
@@ -10,7 +10,7 @@
 #include <pow.h>
 #include <test/util/common.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <cstddef>
 #include <vector>
diff --git a/src/test/interfaces_tests.cpp b/src/test/interfaces_tests.cpp
index 584a5cef2f6c..b34ac961c912 100644
--- a/src/test/interfaces_tests.cpp
+++ b/src/test/interfaces_tests.cpp
@@ -8,7 +8,7 @@
 #include <test/util/common.h>
 #include <test/util/setup_common.h>
 #include <script/solver.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/miner_tests.cpp b/src/test/miner_tests.cpp
index 9c49c5679952..d55f9175722c 100644
--- a/src/test/miner_tests.cpp
+++ b/src/test/miner_tests.cpp
@@ -23,7 +23,7 @@
 #include <util/strencodings.h>
 #include <util/time.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <versionbits.h>
 #include <pow.h>
 
diff --git a/src/test/net_tests.cpp b/src/test/net_tests.cpp
index 32801d97b8bd..946d77bbe675 100644
--- a/src/test/net_tests.cpp
+++ b/src/test/net_tests.cpp
@@ -23,7 +23,7 @@
 #include <test/util/validation.h>
 #include <util/strencodings.h>
 #include <util/string.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/peerman_tests.cpp b/src/test/peerman_tests.cpp
index 4159d574075a..88f33710095a 100644
--- a/src/test/peerman_tests.cpp
+++ b/src/test/peerman_tests.cpp
@@ -8,7 +8,7 @@
 #include <net_processing.h>
 #include <pow.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/script_p2sh_tests.cpp b/src/test/script_p2sh_tests.cpp
index f80090aa2b11..8dfdae860a55 100644
--- a/src/test/script_p2sh_tests.cpp
+++ b/src/test/script_p2sh_tests.cpp
@@ -12,7 +12,7 @@
 #include <script/signingprovider.h>
 #include <test/util/setup_common.h>
 #include <test/util/transaction_utils.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <vector>
 
diff --git a/src/test/testnet4_miner_tests.cpp b/src/test/testnet4_miner_tests.cpp
index c501b4eb0860..3375fa06362c 100644
--- a/src/test/testnet4_miner_tests.cpp
+++ b/src/test/testnet4_miner_tests.cpp
@@ -9,7 +9,7 @@
 #include <test/util/setup_common.h>
 #include <test/util/time.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/transaction_tests.cpp b/src/test/transaction_tests.cpp
index a8a596f5ad2a..600528f87824 100644
--- a/src/test/transaction_tests.cpp
+++ b/src/test/transaction_tests.cpp
@@ -33,7 +33,7 @@
 #include <test/util/transaction_utils.h>
 #include <util/strencodings.h>
 #include <util/string.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <functional>
 #include <map>
diff --git a/src/test/txdownload_tests.cpp b/src/test/txdownload_tests.cpp
index 86768b4c259e..fd0c58bd146e 100644
--- a/src/test/txdownload_tests.cpp
+++ b/src/test/txdownload_tests.cpp
@@ -12,7 +12,7 @@
 #include <test/util/common.h>
 #include <test/util/random.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <array>
 
diff --git a/src/test/txpackage_tests.cpp b/src/test/txpackage_tests.cpp
index 05ebdd40ad4d..9d9fee6100df 100644
--- a/src/test/txpackage_tests.cpp
+++ b/src/test/txpackage_tests.cpp
@@ -18,7 +18,7 @@
 #include <test/util/setup_common.h>
 #include <util/strencodings.h>
 #include <test/util/txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/txvalidation_tests.cpp b/src/test/txvalidation_tests.cpp
index ac52a8801451..22599f43c107 100644
--- a/src/test/txvalidation_tests.cpp
+++ b/src/test/txvalidation_tests.cpp
@@ -15,7 +15,7 @@
 #include <test/util/common.h>
 #include <test/util/setup_common.h>
 #include <test/util/txmempool.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/txvalidationcache_tests.cpp b/src/test/txvalidationcache_tests.cpp
index 1281821ae180..0e341c4a3506 100644
--- a/src/test/txvalidationcache_tests.cpp
+++ b/src/test/txvalidationcache_tests.cpp
@@ -12,7 +12,7 @@
 #include <test/util/setup_common.h>
 #include <txmempool.h>
 #include <util/chaintype.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/util/mining.cpp b/src/test/util/mining.cpp
index d44a3ec9ccda..38a3bad6cefb 100644
--- a/src/test/util/mining.cpp
+++ b/src/test/util/mining.cpp
@@ -14,7 +14,7 @@
 #include <primitives/transaction.h>
 #include <test/util/script.h>
 #include <util/check.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 #include <versionbits.h>
 
diff --git a/src/test/util/setup_common.cpp b/src/test/util/setup_common.cpp
index f8e12106c17d..f4a702bb015e 100644
--- a/src/test/util/setup_common.cpp
+++ b/src/test/util/setup_common.cpp
@@ -55,7 +55,7 @@
 #include <util/time.h>
 #include <util/translation.h>
 #include <util/vector.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <algorithm>
diff --git a/src/test/util/txmempool.cpp b/src/test/util/txmempool.cpp
index cb3b00c84bb8..bb27921e0d8f 100644
--- a/src/test/util/txmempool.cpp
+++ b/src/test/util/txmempool.cpp
@@ -15,7 +15,7 @@
 #include <util/check.h>
 #include <util/time.h>
 #include <util/translation.h>
-#include <validation.h>
+#include <chainstate.h>
 
 using node::NodeContext;
 
diff --git a/src/test/util/validation.cpp b/src/test/util/validation.cpp
index 7cca0f79532e..e4653fbdb735 100644
--- a/src/test/util/validation.cpp
+++ b/src/test/util/validation.cpp
@@ -7,7 +7,7 @@
 #include <node/blockstorage.h>
 #include <util/check.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 void TestBlockManager::CleanupForFuzzing()
diff --git a/src/test/util/validation.h b/src/test/util/validation.h
index b261950acd50..83781b8fc004 100644
--- a/src/test/util/validation.h
+++ b/src/test/util/validation.h
@@ -5,7 +5,7 @@
 #ifndef BITCOIN_TEST_UTIL_VALIDATION_H
 #define BITCOIN_TEST_UTIL_VALIDATION_H
 
-#include <validation.h>
+#include <chainstate.h>
 
 namespace node {
 class BlockManager;
diff --git a/src/test/validation_block_tests.cpp b/src/test/validation_block_tests.cpp
index df6a714d7ed6..6c7110c6caa7 100644
--- a/src/test/validation_block_tests.cpp
+++ b/src/test/validation_block_tests.cpp
@@ -17,7 +17,7 @@
 #include <test/util/script.h>
 #include <test/util/setup_common.h>
 #include <util/time.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <thread>
diff --git a/src/test/validation_chainstate_tests.cpp b/src/test/validation_chainstate_tests.cpp
index 865d403cea74..1b7aee03f5a6 100644
--- a/src/test/validation_chainstate_tests.cpp
+++ b/src/test/validation_chainstate_tests.cpp
@@ -18,7 +18,7 @@
 #include <uint256.h>
 #include <util/byte_units.h>
 #include <util/check.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <vector>
 
diff --git a/src/test/validation_chainstatemanager_tests.cpp b/src/test/validation_chainstatemanager_tests.cpp
index 57548bb9326f..6186f735140c 100644
--- a/src/test/validation_chainstatemanager_tests.cpp
+++ b/src/test/validation_chainstatemanager_tests.cpp
@@ -19,7 +19,7 @@
 #include <util/byte_units.h>
 #include <util/result.h>
 #include <util/vector.h>
-#include <validation.h>
+#include <chainstate.h>
 #include <validationinterface.h>
 
 #include <tinyformat.h>
diff --git a/src/test/validation_flush_tests.cpp b/src/test/validation_flush_tests.cpp
index c35cef7f45c5..7a444041dc0a 100644
--- a/src/test/validation_flush_tests.cpp
+++ b/src/test/validation_flush_tests.cpp
@@ -7,7 +7,7 @@
 #include <test/util/random.h>
 #include <test/util/common.h>
 #include <test/util/setup_common.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <boost/test/unit_test.hpp>
 
diff --git a/src/test/validation_tests.cpp b/src/test/validation_tests.cpp
index f571667af9bf..3b07782b0d4a 100644
--- a/src/test/validation_tests.cpp
+++ b/src/test/validation_tests.cpp
@@ -12,7 +12,7 @@
 #include <signet.h>
 #include <uint256.h>
 #include <util/chaintype.h>
-#include <validation.h>
+#include <chainstate.h>
 
 #include <string>
 
diff --git a/test/lint/lint-circular-dependencies.py b/test/lint/lint-circular-dependencies.py
index a7b6e5d643c2..ef48bf3f66bc 100755
--- a/test/lint/lint-circular-dependencies.py
+++ b/test/lint/lint-circular-dependencies.py
@@ -13,10 +13,10 @@
 
 EXPECTED_CIRCULAR_DEPENDENCIES = (
     "chainparamsbase -> common/args -> chainparamsbase",
-    "node/blockstorage -> validation -> node/blockstorage",
-    "kernel/coinstats -> validation -> kernel/coinstats",
-    "mempool_validation -> validation -> mempool_validation",
-    "block_validation -> validation -> block_validation",
+    "chainstate -> node/blockstorage -> chainstate",
+    "chainstate -> kernel/coinstats -> chainstate",
+    "chainstate -> mempool_validation -> chainstate",
+    "block_validation -> chainstate -> block_validation",
     "coins -> undo -> coins",
     "versionbits -> versionbits_impl -> versionbits",
 )