feat(verification): TSS Integration on verification path

[AlfredoG87]

Context

Starting with HAPI 0.72.0, Consensus Nodes sign block proofs using TSS (Threshold Signature Scheme) instead of the legacy hash of hash signature. Verifying these proofs requires three components: a ledger ID, an address book (node public keys, weights, and IDs), and a WRAPS verification key. All three are published together in block 0 via a LedgerIdPublicationTransactionBody embedded in a signed transaction.

This PR wires that bootstrap into the live verification path so that block nodes can verify TSS-signed blocks end-to-end.

How It Works

Block 0 bootstrap: When the session processes block 0, it scans SIGNED_TRANSACTION items for a LedgerIdPublicationTransactionBody. When found, it calls VerificationServicePlugin.initializeTssParameters(), which sets the native TSS state (address book, WRAPS VK) and stores the publication on the plugin. If block 0 verification then succeeds, the full publication is persisted to disk as a serialized protobuf.

Restart recovery: On startup, if the TSS parameters file exists, the plugin loads and restores the full publication — ledger ID, address book, and WRAPS VK — before any blocks are processed.

Retry semantics: If block 0 fails verification (e.g., tampered items), TSS parameters are not locked in. Any subsequent block 0 can overwrite them and try again. Once parameters are persisted after a successful verification, they are locked — initializeTssParameters() becomes a no-op, preventing a corrupt block 0 from poisoning verified state.

Session design: Each session is short-lived (one per block) and receives the current ledgerId via constructor. The plugin — which owns process-level state — is the right home for TSS parameters.

Key Changes

• VerificationServicePlugin owns TSS state as public static fields (activeLedgerId, activeTssPublication, tssParametersPersisted)
• ExtendedMerkleTreeSession receives ledgerId via constructor and calls VerificationServicePlugin.initializeTssParameters() when it discovers the publication in block 0
• Persist/restore the full LedgerIdPublicationTransactionBody protobuf instead of just raw ledger ID bytes (fixes incomplete state restoration on restart)
• Rename verification.ledgerIdFilePath → verification.tssParametersFilePath to reflect that it stores more than just the ledger ID
• Remove verification.ledgerId config property — a ledger ID alone is useless without the address book and WRAPS VK
• Fix backfill handler that was persisting TSS parameters for block 0 without checking backfillNotification.success()
• Add hedera-cryptography-wraps dependency for WRAPS VK initialization
• Add real TssWraps block fixtures (block 0 and block 50) with unit and integration tests covering the full bootstrap-to-verify flow

Follow-up

TSS state currently lives as static fields on the plugin as a pragmatic starting point (the native TSS library is itself a singleton). Moving it into BlockNodeContext so other plugins can access it is tracked in #2321.

Fixes #1660
Fixes #1659
Fixes #2008

[jsync-swirlds]

This is a good design, but there are some areas we could still improve.

[Nana-EC]

Started, will circle back

[Nana-EC]

Q: Should we capture the block number and ensure that we're only ever setting assuming the block number is incrementing.
I'm curious about a backfill scenario that included the LedgerIdPublicationTransactionBody and overwrites the more recent values?

[AlfredoG87]

Good question. TSS initialization only triggers for block 0 (if (blockItemsMessage.blockNumber() == 0)), so backfill of other blocks won't attempt to overwrite. Additionally, the tssParametersPersisted guard on initializeTssParameters() prevents any overwrite once the parameters have been successfully
verified and persisted. A backfilled block 0 would only initialize TSS parameters if they haven't been persisted yet, which is the correct behavior for a node that doesn't have block 0 locally.
However unlikely since such cases most likely manually copy/pasted the /opt/hiero/block-node/verification/tss-parameters.bin file for that network, similar as we are planing to do with the TSS Cutover EPIC.

[codecov]

Codecov Report

❌ Patch coverage is 81.57895% with 14 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
...k/node/verification/VerificationServicePlugin.java	80.39%	8 Missing and 2 partials ⚠️
...cation/session/impl/ExtendedMerkleTreeSession.java	83.33%	3 Missing and 1 partial ⚠️

@@             Coverage Diff              @@
##               main    #2305      +/-   ##
============================================
+ Coverage     80.74%   80.81%   +0.06%     
- Complexity     1461     1472      +11     
============================================
  Files           139      139              
  Lines          6766     6837      +71     
  Branches        728      738      +10     
============================================
+ Hits           5463     5525      +62     
- Misses          984      990       +6     
- Partials        319      322       +3     

Files with missing lines	Coverage Δ	Complexity Δ
...lock/node/verification/AllBlocksHasherHandler.java	90.55% <100.00%> (ø)	29.00 <0.00> (ø)
...ro/block/node/verification/VerificationConfig.java	100.00% <ø> (ø)	1.00 <0.00> (ø)
...erification/session/HapiVersionSessionFactory.java	90.00% <ø> (ø)	9.00 <0.00> (ø)
...cation/session/impl/ExtendedMerkleTreeSession.java	81.48% <83.33%> (-0.19%)	22.00 <5.00> (+6.00)	⬇️
...k/node/verification/VerificationServicePlugin.java	85.22% <80.39%> (-2.08%)	24.00 <5.00> (+7.00)	⬇️

... and 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.