fix(config): honor legacy fullNodeAllowShieldedTransaction key

Address PR review from lvs0075 (2026-04-22, reference.conf:218).

reference.conf ships `allowShieldedTransactionApi = true`, so after the HOCON
`withFallback` merge, `section.hasPath("allowShieldedTransactionApi")` is
always true regardless of what the user wrote. That made the legacy-key
compatibility branch in NodeConfig.fromConfig() dead code: a user who wrote
only `node.fullNodeAllowShieldedTransaction = false` in their config.conf
silently got `true`, unintentionally enabling the shielded transaction API.

Fix: replace the unreachable else-if chain with a direct override. The legacy
key is intentionally not defaulted in reference.conf, so `hasPath` on it
reliably means "user supplied it". Same pattern as maxActiveNodesWithSameIp.

Also restores the deprecation warning develop's Args.java emits when a user
still uses the legacy key; this PR dropped it along with the rewrite.

Regression tests:
- testShieldedApiDefaultsToTrueWhenNeitherKeySet
- testShieldedApiModernKeyRespected
- testShieldedApiLegacyKeyRespected (guards the reported bug)
- testShieldedApiLegacyKeyTakesPriorityOverModern (mirrors
  testLegacyAliasTakesPriorityOverModernKey)

Author: vividctrlalt

common/src/main/java/org/tron/core/config/args/NodeConfig.java

@@ -391,11 +391,13 @@ public static NodeConfig fromConfig(Config config) {
       nc.maxConnectionsWithSameIp = section.getInt("maxActiveNodesWithSameIp");
     }
 
-    // Legacy key fallback: node.fullNodeAllowShieldedTransaction -> allowShieldedTransactionApi
-    if (section.hasPath("allowShieldedTransactionApi")) {
-      nc.allowShieldedTransactionApi = section.getBoolean("allowShieldedTransactionApi");
-    } else if (section.hasPath("fullNodeAllowShieldedTransaction")) {
+    // Legacy key fallback: node.fullNodeAllowShieldedTransaction -> allowShieldedTransactionApi.
+    // reference.conf does not ship the legacy key, so hasPath here reliably means the user
+    // set it in their config. When present, it overrides the modern key.
+    if (section.hasPath("fullNodeAllowShieldedTransaction")) {
       nc.allowShieldedTransactionApi = section.getBoolean("fullNodeAllowShieldedTransaction");
+      logger.warn("Configuring [node.fullNodeAllowShieldedTransaction] will be deprecated. "
+          + "Please use [node.allowShieldedTransactionApi] instead.");
     }
     // node.shutdown.* — PascalCase keys (BlockTime, BlockHeight), cannot auto-bind
     nc.shutdownBlockTime = config.hasPath("node.shutdown.BlockTime")

common/src/test/java/org/tron/core/config/args/NodeConfigTest.java

@@ -282,4 +282,38 @@ public void testLegacyAliasTakesPriorityOverModernKey() {
         withRef("node { maxActiveNodesWithSameIp = 5, maxConnectionsWithSameIp = 10 }"));
     assertEquals(5, nc.getMaxConnectionsWithSameIp());
   }
+
+  @Test
+  public void testShieldedApiDefaultsToTrueWhenNeitherKeySet() {
+    NodeConfig nc = NodeConfig.fromConfig(withRef());
+    assertTrue(nc.isAllowShieldedTransactionApi());
+  }
+
+  @Test
+  public void testShieldedApiModernKeyRespected() {
+    NodeConfig nc = NodeConfig.fromConfig(
+        withRef("node.allowShieldedTransactionApi = false"));
+    assertFalse(nc.isAllowShieldedTransactionApi());
+  }
+
+  @Test
+  public void testShieldedApiLegacyKeyRespected() {
+    // Regression guard: reference.conf ships `allowShieldedTransactionApi = true`, which
+    // used to make the legacy-key fallback dead code. A user who only set the legacy key
+    // must still have their value honored.
+    NodeConfig nc = NodeConfig.fromConfig(
+        withRef("node.fullNodeAllowShieldedTransaction = false"));
+    assertFalse(nc.isAllowShieldedTransactionApi());
+  }
+
+  @Test
+  public void testShieldedApiLegacyKeyTakesPriorityOverModern() {
+    // Consistent with maxActiveNodesWithSameIp: legacy key presence wins over modern.
+    NodeConfig nc = NodeConfig.fromConfig(
+        withRef("node {\n"
+            + "  allowShieldedTransactionApi = false\n"
+            + "  fullNodeAllowShieldedTransaction = true\n"
+            + "}"));
+    assertTrue(nc.isAllowShieldedTransactionApi());
+  }
 }