From 18582d7b654382473a831eda59dc3d5139b39efe Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Fri, 30 Jun 2017 11:26:09 +0300
Subject: [PATCH 001/112] do not cache ACL storage contract

---
 secret_store/src/acl_storage.rs | 54 ++++++++++++++++++++++++++-------
 1 file changed, 43 insertions(+), 11 deletions(-)

diff --git a/secret_store/src/acl_storage.rs b/secret_store/src/acl_storage.rs
index 816d100dc..8ddc9a6e3 100644
--- a/secret_store/src/acl_storage.rs
+++ b/secret_store/src/acl_storage.rs
@@ -20,6 +20,7 @@ use parking_lot::Mutex;
 use ethkey::public_to_address;
 use ethcore::client::{Client, BlockChainClient, BlockId};
 use native_contracts::SecretStoreAclStorage;
+use util::{H256, Address};
 use types::all::{Error, ServerKeyId, Public};
 
 const ACL_CHECKER_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_acl_checker";
@@ -32,33 +33,64 @@ pub trait AclStorage: Send + Sync {
 
 /// On-chain ACL storage implementation.
 pub struct OnChainAclStorage {
+	/// Cached on-chain contract.
+	contract: Mutex<CachedContract>,
+}
+
+/// Cached on-chain ACL storage contract.
+struct CachedContract {
 	/// Blockchain client.
 	client: Arc<Client>,
-	/// On-chain contract.
-	contract: Mutex<Option<SecretStoreAclStorage>>,
+	/// Hash of best block, when contract address has been read.
+	best_block_hash: Option<H256>,
+	/// Contract address.
+	contract_addr: Option<Address>,
+	/// Contract at given address.
+	contract: Option<SecretStoreAclStorage>,
 }
 
 impl OnChainAclStorage {
 	pub fn new(client: Arc<Client>) -> Self {
 		OnChainAclStorage {
-			client: client,
-			contract: Mutex::new(None),
+			contract: Mutex::new(CachedContract::new(client)),
 		}
 	}
 }
 
 impl AclStorage for OnChainAclStorage {
 	fn check(&self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
-		let mut contract = self.contract.lock();
-		if !contract.is_some() {
-			*contract = self.client.registry_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.to_owned())
-				.and_then(|contract_addr| {
+		self.contract.lock().check(public, document)
+	}
+}
+
+impl CachedContract {
+	pub fn new(client: Arc<Client>) -> Self {
+		CachedContract {
+			client: client,
+			best_block_hash: None,
+			contract_addr: None,
+			contract: None,
+		}
+	}
+
+	pub fn check(&mut self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
+		let new_best_block_hash = self.client.best_block_header().hash();
+		if self.best_block_hash.as_ref() != Some(&new_best_block_hash) {
+			let new_contract_addr = self.client.registry_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.to_owned());
+			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
+				self.contract = new_contract_addr.map(|contract_addr| {
 					trace!(target: "secretstore", "Configuring for ACL checker contract from {}", contract_addr);
 
-					Some(SecretStoreAclStorage::new(contract_addr))
-				})
+					SecretStoreAclStorage::new(contract_addr)
+				});
+
+				self.contract_addr = new_contract_addr;
+			}
+
+			self.best_block_hash = Some(new_best_block_hash);
 		}
-		if let Some(ref contract) = *contract {
+
+		if let Some(contract) = self.contract.as_ref() {
 			let address = public_to_address(&public);
 			let do_call = |a, d| future::done(self.client.call_contract(BlockId::Latest, a, d));
 			contract.check_permissions(do_call, address, document.clone())

From 5cc40d45251196353bf2b99dd0ad09c38c9ecae1 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Fri, 14 Jul 2017 14:51:24 +0300
Subject: [PATCH 002/112] when error comes before initialization

---
 .../key_server_cluster/jobs/job_session.rs    | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/secret_store/src/key_server_cluster/jobs/job_session.rs b/secret_store/src/key_server_cluster/jobs/job_session.rs
index 7ae1da42a..6608397dd 100644
--- a/secret_store/src/key_server_cluster/jobs/job_session.rs
+++ b/secret_store/src/key_server_cluster/jobs/job_session.rs
@@ -299,22 +299,22 @@ impl<Executor, Transport> JobSession<Executor, Transport> where Executor: JobExe
 			return Err(Error::ConsensusUnreachable);
 		}
 
-		let active_data = self.data.active_data.as_mut()
-			.expect("we have checked that we are on master node; on master nodes active_data is filled during initialization; qed");
-		if active_data.rejects.contains(node) {
-			return Ok(());
-		}
-		if active_data.requests.remove(node) || active_data.responses.remove(node).is_some() {
-			active_data.rejects.insert(node.clone());
-			if self.data.state == JobSessionState::Finished && active_data.responses.len() < self.meta.threshold + 1 {
-				self.data.state = JobSessionState::Active;
-			}
-			if active_data.requests.len() + active_data.responses.len() >= self.meta.threshold + 1 {
+		if let Some(active_data) = self.data.active_data.as_mut() {
+			if active_data.rejects.contains(node) {
 				return Ok(());
 			}
+			if active_data.requests.remove(node) || active_data.responses.remove(node).is_some() {
+				active_data.rejects.insert(node.clone());
+				if self.data.state == JobSessionState::Finished && active_data.responses.len() < self.meta.threshold + 1 {
+					self.data.state = JobSessionState::Active;
+				}
+				if active_data.requests.len() + active_data.responses.len() >= self.meta.threshold + 1 {
+					return Ok(());
+				}
 
-			self.data.state = JobSessionState::Failed;
-			return Err(Error::ConsensusUnreachable);
+				self.data.state = JobSessionState::Failed;
+				return Err(Error::ConsensusUnreachable);
+			}
 		}
 
 		Ok(())

From 81de7e1075600dbaca46bc14baab6cf56ec7c4e0 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 19 Jul 2017 11:35:17 +0300
Subject: [PATCH 003/112] initial KeyServerSet commit

---
 Cargo.lock                                    |   1 +
 ethcore/native_contracts/build.rs             |   2 +
 .../native_contracts/res/key_server_set.json  |   1 +
 .../native_contracts/src/key_server_set.rs    |  21 +++
 ethcore/native_contracts/src/lib.rs           |   2 +
 secret_store/Cargo.toml                       |   1 +
 secret_store/src/acl_storage.rs               |  61 ++++----
 secret_store/src/key_server.rs                |  11 +-
 .../src/key_server_cluster/cluster.rs         |  13 +-
 .../key_server_cluster/cluster_sessions.rs    |   2 +-
 secret_store/src/key_server_cluster/mod.rs    |   1 +
 secret_store/src/key_server_set.rs            | 145 ++++++++++++++++++
 secret_store/src/lib.rs                       |  10 +-
 13 files changed, 230 insertions(+), 41 deletions(-)
 create mode 100644 ethcore/native_contracts/res/key_server_set.json
 create mode 100644 ethcore/native_contracts/src/key_server_set.rs
 create mode 100644 secret_store/src/key_server_set.rs

diff --git a/Cargo.lock b/Cargo.lock
index ad3cca5c7..ae33d7590 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -669,6 +669,7 @@ dependencies = [
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures-cpupool 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "hyper 0.10.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lazy_static 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
  "native-contracts 0.1.0",
  "parking_lot 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/ethcore/native_contracts/build.rs b/ethcore/native_contracts/build.rs
index cec830929..bcb64067c 100644
--- a/ethcore/native_contracts/build.rs
+++ b/ethcore/native_contracts/build.rs
@@ -21,6 +21,7 @@ use std::fs::File;
 use std::io::Write;
 
 // TODO: just walk the "res" directory and generate whole crate automatically.
+const KEY_SERVER_SET_ABI: &'static str = include_str!("res/key_server_set.json");
 const REGISTRY_ABI: &'static str = include_str!("res/registrar.json");
 const URLHINT_ABI: &'static str = include_str!("res/urlhint.json");
 const SERVICE_TRANSACTION_ABI: &'static str = include_str!("res/service_transaction.json");
@@ -45,6 +46,7 @@ fn build_test_contracts() {
 }
 
 fn main() {
+	build_file("KeyServerSet", KEY_SERVER_SET_ABI, "key_server_set.rs");
 	build_file("Registry", REGISTRY_ABI, "registry.rs");
 	build_file("Urlhint", URLHINT_ABI, "urlhint.rs");
 	build_file("ServiceTransactionChecker", SERVICE_TRANSACTION_ABI, "service_transaction.rs");
diff --git a/ethcore/native_contracts/res/key_server_set.json b/ethcore/native_contracts/res/key_server_set.json
new file mode 100644
index 000000000..93f68837a
--- /dev/null
+++ b/ethcore/native_contracts/res/key_server_set.json
@@ -0,0 +1 @@
+[{"constant":true,"inputs":[{"name":"","type":"uint256"}],"name":"keyServersList","outputs":[{"name":"","type":"address"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"_new","type":"address"}],"name":"setOwner","outputs":[],"payable":false,"type":"function"},{"constant":true,"inputs":[{"name":"keyServer","type":"address"}],"name":"getKeyServerPublic","outputs":[{"name":"","type":"bytes"}],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"getKeyServers","outputs":[{"name":"","type":"address[]"}],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"owner","outputs":[{"name":"","type":"address"}],"payable":false,"type":"function"},{"constant":true,"inputs":[{"name":"keyServer","type":"address"}],"name":"getKeyServerAddress","outputs":[{"name":"","type":"string"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"keyServer","type":"address"}],"name":"removeKeyServer","outputs":[],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"keyServerPublic","type":"bytes"},{"name":"keyServerIp","type":"string"}],"name":"addKeyServer","outputs":[],"payable":false,"type":"function"},{"anonymous":false,"inputs":[{"indexed":false,"name":"keyServer","type":"address"}],"name":"KeyServerAdded","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"keyServer","type":"address"}],"name":"KeyServerRemoved","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"name":"old","type":"address"},{"indexed":true,"name":"current","type":"address"}],"name":"NewOwner","type":"event"}]
\ No newline at end of file
diff --git a/ethcore/native_contracts/src/key_server_set.rs b/ethcore/native_contracts/src/key_server_set.rs
new file mode 100644
index 000000000..60b137aae
--- /dev/null
+++ b/ethcore/native_contracts/src/key_server_set.rs
@@ -0,0 +1,21 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+#![allow(unused_mut, unused_variables, unused_imports)]
+
+//! Secret store Key Server set contract.
+
+include!(concat!(env!("OUT_DIR"), "/key_server_set.rs"));
diff --git a/ethcore/native_contracts/src/lib.rs b/ethcore/native_contracts/src/lib.rs
index e35a4ec19..33cb91563 100644
--- a/ethcore/native_contracts/src/lib.rs
+++ b/ethcore/native_contracts/src/lib.rs
@@ -23,6 +23,7 @@ extern crate byteorder;
 extern crate ethabi;
 extern crate ethcore_util as util;
 
+mod key_server_set;
 mod registry;
 mod urlhint;
 mod service_transaction;
@@ -32,6 +33,7 @@ mod validator_report;
 
 pub mod test_contracts;
 
+pub use self::key_server_set::KeyServerSet;
 pub use self::registry::Registry;
 pub use self::urlhint::Urlhint;
 pub use self::service_transaction::ServiceTransactionChecker;
diff --git a/secret_store/Cargo.toml b/secret_store/Cargo.toml
index eea49978d..19f342aa9 100644
--- a/secret_store/Cargo.toml
+++ b/secret_store/Cargo.toml
@@ -35,3 +35,4 @@ ethcore-logger = { path = "../logger" }
 ethcrypto = { path = "../ethcrypto" }
 ethkey = { path = "../ethkey" }
 native-contracts = { path = "../ethcore/native_contracts" }
+lazy_static = "0.2"
diff --git a/secret_store/src/acl_storage.rs b/secret_store/src/acl_storage.rs
index 8ddc9a6e3..7ae72cbfc 100644
--- a/secret_store/src/acl_storage.rs
+++ b/secret_store/src/acl_storage.rs
@@ -14,13 +14,13 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
-use std::sync::Arc;
+use std::sync::{Arc, Weak};
 use futures::{future, Future};
 use parking_lot::Mutex;
 use ethkey::public_to_address;
-use ethcore::client::{Client, BlockChainClient, BlockId};
+use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify};
 use native_contracts::SecretStoreAclStorage;
-use util::{H256, Address};
+use util::{H256, Address, Bytes};
 use types::all::{Error, ServerKeyId, Public};
 
 const ACL_CHECKER_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_acl_checker";
@@ -40,9 +40,7 @@ pub struct OnChainAclStorage {
 /// Cached on-chain ACL storage contract.
 struct CachedContract {
 	/// Blockchain client.
-	client: Arc<Client>,
-	/// Hash of best block, when contract address has been read.
-	best_block_hash: Option<H256>,
+	client: Weak<Client>,
 	/// Contract address.
 	contract_addr: Option<Address>,
 	/// Contract at given address.
@@ -50,10 +48,12 @@ struct CachedContract {
 }
 
 impl OnChainAclStorage {
-	pub fn new(client: Arc<Client>) -> Self {
-		OnChainAclStorage {
+	pub fn new(client: &Arc<Client>) -> Arc<Self> {
+		let acl_storage = Arc::new(OnChainAclStorage {
 			contract: Mutex::new(CachedContract::new(client)),
-		}
+		});
+		client.add_notify(acl_storage.clone());
+		acl_storage
 	}
 }
 
@@ -63,20 +63,24 @@ impl AclStorage for OnChainAclStorage {
 	}
 }
 
+impl ChainNotify for OnChainAclStorage {
+	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, _enacted: Vec<H256>, _retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
+		self.contract.lock().update()
+	}
+}
+
 impl CachedContract {
-	pub fn new(client: Arc<Client>) -> Self {
+	pub fn new(client: &Arc<Client>) -> Self {
 		CachedContract {
-			client: client,
-			best_block_hash: None,
+			client: Arc::downgrade(client),
 			contract_addr: None,
 			contract: None,
 		}
 	}
 
-	pub fn check(&mut self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
-		let new_best_block_hash = self.client.best_block_header().hash();
-		if self.best_block_hash.as_ref() != Some(&new_best_block_hash) {
-			let new_contract_addr = self.client.registry_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.to_owned());
+	pub fn update(&mut self) {
+		if let Some(client) = self.client.upgrade() {
+			let new_contract_addr = client.registry_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.to_owned());
 			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
 				self.contract = new_contract_addr.map(|contract_addr| {
 					trace!(target: "secretstore", "Configuring for ACL checker contract from {}", contract_addr);
@@ -86,18 +90,23 @@ impl CachedContract {
 
 				self.contract_addr = new_contract_addr;
 			}
-
-			self.best_block_hash = Some(new_best_block_hash);
 		}
+	}
 
-		if let Some(contract) = self.contract.as_ref() {
-			let address = public_to_address(&public);
-			let do_call = |a, d| future::done(self.client.call_contract(BlockId::Latest, a, d));
-			contract.check_permissions(do_call, address, document.clone())
-				.map_err(|err| Error::Internal(err))
-				.wait()
-		} else {
-			Err(Error::Internal("ACL checker contract is not configured".to_owned()))
+	pub fn check(&mut self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
+		match self.contract.as_ref() {
+			Some(contract) => {
+				let address = public_to_address(&public);
+				let do_call = |a, d| future::done(
+					self.client
+						.upgrade()
+						.ok_or("Calling contract without client".into())
+						.and_then(|c| c.call_contract(BlockId::Latest, a, d)));
+				contract.check_permissions(do_call, address, document.clone())
+					.map_err(|err| Error::Internal(err))
+					.wait()
+			},
+			None => Err(Error::Internal("ACL checker contract is not configured".to_owned())),
 		}
 	}
 }
diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index fd4e154fa..969782ca2 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -24,6 +24,7 @@ use ethcrypto;
 use ethkey;
 use super::acl_storage::AclStorage;
 use super::key_storage::KeyStorage;
+use super::key_server_set::KeyServerSet;
 use key_server_cluster::{math, ClusterCore};
 use traits::{ServerKeyGenerator, DocumentKeyServer, MessageSigner, KeyServer};
 use types::all::{Error, Public, RequestSignature, ServerKeyId, EncryptedDocumentKey, EncryptedDocumentKeyShadow,
@@ -44,9 +45,9 @@ pub struct KeyServerCore {
 
 impl KeyServerImpl {
 	/// Create new key server instance
-	pub fn new(config: &ClusterConfiguration, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		Ok(KeyServerImpl {
-			data: Arc::new(Mutex::new(KeyServerCore::new(config, acl_storage, key_storage)?)),
+			data: Arc::new(Mutex::new(KeyServerCore::new(config, key_server_set, acl_storage, key_storage)?)),
 		})
 	}
 
@@ -143,14 +144,12 @@ impl MessageSigner for KeyServerImpl {
 }
 
 impl KeyServerCore {
-	pub fn new(config: &ClusterConfiguration, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		let config = NetClusterConfiguration {
 			threads: config.threads,
 			self_key_pair: ethkey::KeyPair::from_secret_slice(&config.self_private)?,
 			listen_address: (config.listener_address.address.clone(), config.listener_address.port),
-			nodes: config.nodes.iter()
-				.map(|(node_id, node_address)| (node_id.clone(), (node_address.address.clone(), node_address.port)))
-				.collect(),
+			key_server_set: key_server_set,
 			allow_connecting_to_higher_nodes: config.allow_connecting_to_higher_nodes,
 			acl_storage: acl_storage,
 			key_storage: key_storage,
diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index c86f30267..b929e835d 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -28,7 +28,7 @@ use tokio_core::reactor::{Handle, Remote, Interval};
 use tokio_core::net::{TcpListener, TcpStream};
 use ethkey::{Public, KeyPair, Signature, Random, Generator};
 use util::H256;
-use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage};
+use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage, KeyServerSet};
 use key_server_cluster::cluster_sessions::{ClusterSession, ClusterSessions, GenerationSessionWrapper, EncryptionSessionWrapper,
 	DecryptionSessionWrapper, SigningSessionWrapper};
 use key_server_cluster::message::{self, Message, ClusterMessage, GenerationMessage, EncryptionMessage, DecryptionMessage,
@@ -102,8 +102,8 @@ pub struct ClusterConfiguration {
 	pub self_key_pair: KeyPair,
 	/// Interface to listen to.
 	pub listen_address: (String, u16),
-	/// Cluster nodes.
-	pub nodes: BTreeMap<NodeId, (String, u16)>,
+	/// Cluster nodes set.
+	pub key_server_set: Arc<KeyServerSet>,
 	/// Reference to key storage
 	pub key_storage: Arc<KeyStorage>,
 	/// Reference to ACL storage
@@ -671,9 +671,10 @@ impl ClusterConnections {
 			connections: RwLock::new(BTreeMap::new()),
 		};
 
-		for (node_id, &(ref node_addr, node_port)) in config.nodes.iter().filter(|&(node_id, _)| node_id != config.self_key_pair.public()) {
-			let socket_address = make_socket_address(&node_addr, node_port)?;
-			connections.nodes.insert(node_id.clone(), socket_address);
+		let nodes = config.key_server_set.get();
+		for (node_id, socket_address) in nodes.iter().filter(|&(node_id, _)| node_id != config.self_key_pair.public()) {
+			//let socket_address = make_socket_address(&node_addr, node_port)?;
+			connections.nodes.insert(node_id.clone(), socket_address.clone());
 		}
 
 		Ok(connections)
diff --git a/secret_store/src/key_server_cluster/cluster_sessions.rs b/secret_store/src/key_server_cluster/cluster_sessions.rs
index f66ad972f..f8e4974b1 100644
--- a/secret_store/src/key_server_cluster/cluster_sessions.rs
+++ b/secret_store/src/key_server_cluster/cluster_sessions.rs
@@ -135,7 +135,7 @@ impl ClusterSessions {
 	pub fn new(config: &ClusterConfiguration) -> Self {
 		ClusterSessions {
 			self_node_id: config.self_key_pair.public().clone(),
-			nodes: config.nodes.keys().cloned().collect(),
+			nodes: config.key_server_set.get().keys().cloned().collect(),
 			acl_storage: config.acl_storage.clone(),
 			key_storage: config.key_storage.clone(),
 			generation_sessions: ClusterSessionsContainer::new(),
diff --git a/secret_store/src/key_server_cluster/mod.rs b/secret_store/src/key_server_cluster/mod.rs
index 71c505f95..11c32d528 100644
--- a/secret_store/src/key_server_cluster/mod.rs
+++ b/secret_store/src/key_server_cluster/mod.rs
@@ -23,6 +23,7 @@ use super::types::all::ServerKeyId;
 pub use super::types::all::{NodeId, EncryptedDocumentKeyShadow};
 pub use super::acl_storage::AclStorage;
 pub use super::key_storage::{KeyStorage, DocumentKeyShare};
+pub use super::key_server_set::KeyServerSet;
 pub use super::serialization::{SerializableSignature, SerializableH256, SerializableSecret, SerializablePublic, SerializableMessageHash};
 pub use self::cluster::{ClusterCore, ClusterConfiguration, ClusterClient};
 pub use self::generation_session::Session as GenerationSession;
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
new file mode 100644
index 000000000..22ffbdb07
--- /dev/null
+++ b/secret_store/src/key_server_set.rs
@@ -0,0 +1,145 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::sync::{Arc, Weak};
+use std::net::SocketAddr;
+use std::collections::HashMap;
+use futures::{future, Future};
+use parking_lot::Mutex;
+use ethcore::filter::Filter;
+use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify};
+use native_contracts::KeyServerSet as KeyServerSetContract;
+use util::{H256, Address, Bytes, Hashable};
+use types::all::Public;
+
+const KEY_SERVER_SET_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_server_set";
+
+// TODO: ethabi should be able to generate this.
+const ADDED_EVENT_NAME: &'static [u8] = &*b"KeyServerAdded()";
+const REMOVED_EVENT_NAME: &'static [u8] = &*b"KeyServerRemoved()";
+
+lazy_static! {
+	static ref ADDED_EVENT_NAME_HASH: H256 = ADDED_EVENT_NAME.sha3();
+	static ref REMOVED_EVENT_NAME_HASH: H256 = REMOVED_EVENT_NAME.sha3();
+}
+
+/// Key Server set
+pub trait KeyServerSet: Send + Sync {
+	/// Get set of configured key servers
+	fn get(&self) -> HashMap<Public, SocketAddr>;
+}
+
+/// On-chain Key Server set implementation.
+pub struct OnChainKeyServerSet {
+	/// Cached on-chain contract.
+	contract: Mutex<CachedContract>,
+}
+
+/// Cached on-chain Key Server set contract.
+struct CachedContract {
+	/// Blockchain client.
+	client: Weak<Client>,
+	/// Contract address.
+	contract_addr: Option<Address>,
+	/// Active set of key servers.
+	key_servers: HashMap<Public, SocketAddr>,
+}
+
+impl OnChainKeyServerSet {
+	pub fn new(client: &Arc<Client>, key_servers: HashMap<Public, SocketAddr>) -> Arc<Self> {
+		let key_server_set = Arc::new(OnChainKeyServerSet {
+			contract: Mutex::new(CachedContract::new(client, key_servers)),
+		});
+		client.add_notify(key_server_set.clone());
+		key_server_set
+	}
+}
+
+impl KeyServerSet for OnChainKeyServerSet {
+	fn get(&self) -> HashMap<Public, SocketAddr> {
+		self.contract.lock().get()
+	}
+}
+
+impl ChainNotify for OnChainKeyServerSet {
+	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, enacted: Vec<H256>, retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
+		self.contract.lock().update(enacted, retracted)
+	}
+}
+
+impl CachedContract {
+	pub fn new(client: &Arc<Client>, key_servers: HashMap<Public, SocketAddr>) -> Self {
+		CachedContract {
+			client: Arc::downgrade(client),
+			contract_addr: None,
+			key_servers: key_servers,
+		}
+	}
+
+	pub fn update(&mut self, enacted: Vec<H256>, _retracted: Vec<H256>) {
+		if let Some(client) = self.client.upgrade() {
+			let new_contract_addr = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
+
+			// new contract installed
+			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
+println!("=== Installing contract from address: {:?}", new_contract_addr);
+				self.key_servers = new_contract_addr.map(|contract_addr| {
+					trace!(target: "secretstore", "Configuring for key server set contract from {}", contract_addr);
+
+					KeyServerSetContract::new(contract_addr)
+				})
+				.map(|contract| {
+					let mut key_servers = HashMap::new();
+					let do_call = |a, d| future::done(self.client.upgrade().ok_or("Calling contract without client".into()).and_then(|c| c.call_contract(BlockId::Latest, a, d)));
+					let key_servers_list = contract.get_key_servers(do_call).wait()
+						.map_err(|err| { trace!(target: "secretstore", "Error {} reading list of key servers from contract", err); err })
+						.unwrap_or_default();
+					for key_server in key_servers_list {
+						let key_server_public = contract.get_key_server_public(
+							|a, d| future::done(self.client.upgrade().ok_or("Calling contract without client".into()).and_then(|c| c.call_contract(BlockId::Latest, a, d))), key_server).wait()
+							.and_then(|p| if p.len() == 64 { Ok(Public::from_slice(&p)) } else { Err(format!("Invalid public length {}", p.len())) });
+						let key_server_ip = contract.get_key_server_address(
+							|a, d| future::done(self.client.upgrade().ok_or("Calling contract without client".into()).and_then(|c| c.call_contract(BlockId::Latest, a, d))), key_server).wait()
+							.and_then(|a| a.parse().map_err(|e| format!("Invalid ip address: {}", e)));
+						if let (Ok(key_server_public), Ok(key_server_ip)) = (key_server_public, key_server_ip) {
+							key_servers.insert(key_server_public, key_server_ip);
+						}
+					}
+					key_servers
+				})
+				.unwrap_or_default();
+
+				return;
+			}
+
+			// check for events
+			for enacted_hash in enacted {
+				let filter = Filter {
+					from_block: BlockId::Hash(enacted_hash.clone()),
+					to_block: BlockId::Hash(enacted_hash.clone()),
+					address: self.contract_addr.clone().map(|a| vec![a]),
+					topics: vec![Some(vec![*ADDED_EVENT_NAME_HASH]), Some(vec![*REMOVED_EVENT_NAME_HASH])],
+					limit: None,
+				};
+				println!("=== Number of filtered log entries: {}", client.logs(filter).len());
+			}
+		}
+	}
+
+	fn get(&self) -> HashMap<Public, SocketAddr> {
+		self.key_servers.clone()
+	}
+}
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index f8a74dd1a..235d0edd9 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -21,6 +21,8 @@ extern crate log;
 extern crate futures;
 extern crate futures_cpupool;
 extern crate hyper;
+#[macro_use]
+extern crate lazy_static;
 extern crate parking_lot;
 extern crate rustc_hex;
 extern crate serde;
@@ -56,6 +58,7 @@ mod http_listener;
 mod key_server;
 mod key_storage;
 mod serialization;
+mod key_server_set;
 
 use std::sync::Arc;
 use ethcore::client::Client;
@@ -68,9 +71,12 @@ pub use traits::{KeyServer};
 pub fn start(client: Arc<Client>, config: ServiceConfiguration) -> Result<Box<KeyServer>, Error> {
 	use std::sync::Arc;
 
-	let acl_storage = Arc::new(acl_storage::OnChainAclStorage::new(client));
+	let acl_storage = acl_storage::OnChainAclStorage::new(&client);
+	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone()
+		.into_iter()
+		.map(|a| (a.0, format!("{}:{}", a.1.address, a.1.port).parse().unwrap())).collect()); // TODO: remove after switching to enode:///
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
-	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, acl_storage, key_storage)?;
+	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, acl_storage, key_storage)?;
 	let listener = http_listener::KeyServerHttpListener::start(&config.listener_address, key_server)?;
 	Ok(Box::new(listener))
 }

From 5080cc3c9edd822d3436df989bf453f89336a89d Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 19 Jul 2017 12:36:40 +0300
Subject: [PATCH 004/112] update_nodes_set in maintain

---
 .../src/key_server_cluster/cluster.rs         | 70 ++++++++++++-------
 secret_store/src/key_server_set.rs            | 16 ++---
 2 files changed, 52 insertions(+), 34 deletions(-)

diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index b929e835d..3f381b6f0 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -158,9 +158,17 @@ pub struct ClusterConnections {
 	/// Self node id.
 	pub self_node_id: NodeId,
 	/// All known other key servers.
-	pub nodes: BTreeMap<NodeId, SocketAddr>,
+	pub key_server_set: Arc<KeyServerSet>,
+	/// Connections data.
+	pub data: RwLock<ClusterConnectionsData>,
+}
+
+/// Cluster connections data.
+pub struct ClusterConnectionsData {
+	/// Active key servers set.
+	pub nodes: BTreeMap<Public, SocketAddr>,
 	/// Active connections to key servers.
-	pub connections: RwLock<BTreeMap<NodeId, Arc<Connection>>>,
+	pub connections: BTreeMap<NodeId, Arc<Connection>>,
 }
 
 /// Cluster view core.
@@ -354,6 +362,7 @@ impl ClusterCore {
 
 	/// Try to connect to every disconnected node.
 	fn connect_disconnected_nodes(data: Arc<ClusterData>) {
+		data.connections.update_nodes_set();
 		for (node_id, node_address) in data.connections.disconnected_nodes() {
 			if data.config.allow_connecting_to_higher_nodes || data.self_key_pair.public() < &node_id {
 				ClusterCore::connect(data.clone(), node_address);
@@ -665,34 +674,29 @@ impl ClusterCore {
 
 impl ClusterConnections {
 	pub fn new(config: &ClusterConfiguration) -> Result<Self, Error> {
-		let mut connections = ClusterConnections {
+		Ok(ClusterConnections {
 			self_node_id: config.self_key_pair.public().clone(),
-			nodes: BTreeMap::new(),
-			connections: RwLock::new(BTreeMap::new()),
-		};
-
-		let nodes = config.key_server_set.get();
-		for (node_id, socket_address) in nodes.iter().filter(|&(node_id, _)| node_id != config.self_key_pair.public()) {
-			//let socket_address = make_socket_address(&node_addr, node_port)?;
-			connections.nodes.insert(node_id.clone(), socket_address.clone());
-		}
-
-		Ok(connections)
+			key_server_set: config.key_server_set.clone(),
+			data: RwLock::new(ClusterConnectionsData {
+				nodes: config.key_server_set.get(),
+				connections: BTreeMap::new(),
+			}),
+		})
 	}
 
 	pub fn cluster_state(&self) -> ClusterState {
 		ClusterState {
-			connected: self.connections.read().keys().cloned().collect(),
+			connected: self.data.read().connections.keys().cloned().collect(),
 		}
 	}
 
 	pub fn get(&self, node: &NodeId) -> Option<Arc<Connection>> {
-		self.connections.read().get(node).cloned()
+		self.data.read().connections.get(node).cloned()
 	}
 
 	pub fn insert(&self, connection: Arc<Connection>) -> bool {
-		let mut connections = self.connections.write();
-		if connections.contains_key(connection.node_id()) {
+		let mut data = self.data.write();
+		if data.connections.contains_key(connection.node_id()) {
 			// we have already connected to the same node
 			// the agreement is that node with lower id must establish connection to node with higher id
 			if (&self.self_node_id < connection.node_id() && connection.is_inbound())
@@ -702,13 +706,13 @@ impl ClusterConnections {
 		}
 
 		trace!(target: "secretstore_net", "{}: inserting connection to {} at {}", self.self_node_id, connection.node_id(), connection.node_address());
-		connections.insert(connection.node_id().clone(), connection);
+		data.connections.insert(connection.node_id().clone(), connection);
 		true
 	}
 
 	pub fn remove(&self, node: &NodeId, is_inbound: bool) {
-		let mut connections = self.connections.write();
-		if let Entry::Occupied(entry) = connections.entry(node.clone()) {
+		let mut data = self.data.write();
+		if let Entry::Occupied(entry) = data.connections.entry(node.clone()) {
 			if entry.get().is_inbound() != is_inbound {
 				return;
 			}
@@ -719,20 +723,34 @@ impl ClusterConnections {
 	}
 
 	pub fn connected_nodes(&self) -> BTreeSet<NodeId> {
-		self.connections.read().keys().cloned().collect()
+		self.data.read().connections.keys().cloned().collect()
 	}
 
 	pub fn active_connections(&self)-> Vec<Arc<Connection>> {
-		self.connections.read().values().cloned().collect()
+		self.data.read().connections.values().cloned().collect()
 	}
 
 	pub fn disconnected_nodes(&self) -> BTreeMap<NodeId, SocketAddr> {
-		let connections = self.connections.read();
-		self.nodes.iter()
-			.filter(|&(node_id, _)| !connections.contains_key(node_id))
+		let data = self.data.read();
+		data.nodes.iter()
+			.filter(|&(node_id, _)| !data.connections.contains_key(node_id))
 			.map(|(node_id, node_address)| (node_id.clone(), node_address.clone()))
 			.collect()
 	}
+
+	pub fn update_nodes_set(&self) {
+		let mut data = self.data.write();
+		let new_nodes = self.key_server_set.get();
+		for obsolete_node in data.nodes.keys().cloned().collect::<Vec<_>>() {
+			if !new_nodes.contains_key(&obsolete_node) {
+				data.nodes.remove(&obsolete_node);
+				data.connections.remove(&obsolete_node);
+			}
+		}
+		for (new_node_public, new_node_addr) in new_nodes {
+			data.nodes.insert(new_node_public, new_node_addr);
+		}
+	}
 }
 
 impl ClusterData {
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index 22ffbdb07..eecfa3091 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -16,7 +16,7 @@
 
 use std::sync::{Arc, Weak};
 use std::net::SocketAddr;
-use std::collections::HashMap;
+use std::collections::BTreeMap;
 use futures::{future, Future};
 use parking_lot::Mutex;
 use ethcore::filter::Filter;
@@ -39,7 +39,7 @@ lazy_static! {
 /// Key Server set
 pub trait KeyServerSet: Send + Sync {
 	/// Get set of configured key servers
-	fn get(&self) -> HashMap<Public, SocketAddr>;
+	fn get(&self) -> BTreeMap<Public, SocketAddr>;
 }
 
 /// On-chain Key Server set implementation.
@@ -55,11 +55,11 @@ struct CachedContract {
 	/// Contract address.
 	contract_addr: Option<Address>,
 	/// Active set of key servers.
-	key_servers: HashMap<Public, SocketAddr>,
+	key_servers: BTreeMap<Public, SocketAddr>,
 }
 
 impl OnChainKeyServerSet {
-	pub fn new(client: &Arc<Client>, key_servers: HashMap<Public, SocketAddr>) -> Arc<Self> {
+	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, SocketAddr>) -> Arc<Self> {
 		let key_server_set = Arc::new(OnChainKeyServerSet {
 			contract: Mutex::new(CachedContract::new(client, key_servers)),
 		});
@@ -69,7 +69,7 @@ impl OnChainKeyServerSet {
 }
 
 impl KeyServerSet for OnChainKeyServerSet {
-	fn get(&self) -> HashMap<Public, SocketAddr> {
+	fn get(&self) -> BTreeMap<Public, SocketAddr> {
 		self.contract.lock().get()
 	}
 }
@@ -81,7 +81,7 @@ impl ChainNotify for OnChainKeyServerSet {
 }
 
 impl CachedContract {
-	pub fn new(client: &Arc<Client>, key_servers: HashMap<Public, SocketAddr>) -> Self {
+	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, SocketAddr>) -> Self {
 		CachedContract {
 			client: Arc::downgrade(client),
 			contract_addr: None,
@@ -102,7 +102,7 @@ println!("=== Installing contract from address: {:?}", new_contract_addr);
 					KeyServerSetContract::new(contract_addr)
 				})
 				.map(|contract| {
-					let mut key_servers = HashMap::new();
+					let mut key_servers = BTreeMap::new();
 					let do_call = |a, d| future::done(self.client.upgrade().ok_or("Calling contract without client".into()).and_then(|c| c.call_contract(BlockId::Latest, a, d)));
 					let key_servers_list = contract.get_key_servers(do_call).wait()
 						.map_err(|err| { trace!(target: "secretstore", "Error {} reading list of key servers from contract", err); err })
@@ -139,7 +139,7 @@ println!("=== Installing contract from address: {:?}", new_contract_addr);
 		}
 	}
 
-	fn get(&self) -> HashMap<Public, SocketAddr> {
+	fn get(&self) -> BTreeMap<Public, SocketAddr> {
 		self.key_servers.clone()
 	}
 }

From 7664ff5acd26d781eb9c4d5708d37735b9da01fc Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 19 Jul 2017 15:14:37 +0300
Subject: [PATCH 005/112] do not connect to self

---
 .../src/key_server_cluster/cluster.rs         |  9 ++-
 secret_store/src/key_server_set.rs            | 74 +++++++++++--------
 2 files changed, 51 insertions(+), 32 deletions(-)

diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index 3f381b6f0..87c602eae 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -674,11 +674,14 @@ impl ClusterCore {
 
 impl ClusterConnections {
 	pub fn new(config: &ClusterConfiguration) -> Result<Self, Error> {
+		let mut nodes = config.key_server_set.get();
+		nodes.remove(config.self_key_pair.public());
+
 		Ok(ClusterConnections {
 			self_node_id: config.self_key_pair.public().clone(),
 			key_server_set: config.key_server_set.clone(),
 			data: RwLock::new(ClusterConnectionsData {
-				nodes: config.key_server_set.get(),
+				nodes: nodes,
 				connections: BTreeMap::new(),
 			}),
 		})
@@ -740,7 +743,9 @@ impl ClusterConnections {
 
 	pub fn update_nodes_set(&self) {
 		let mut data = self.data.write();
-		let new_nodes = self.key_server_set.get();
+		let mut new_nodes = self.key_server_set.get();
+		new_nodes.remove(&self.self_node_id);
+
 		for obsolete_node in data.nodes.keys().cloned().collect::<Vec<_>>() {
 			if !new_nodes.contains_key(&obsolete_node) {
 				data.nodes.remove(&obsolete_node);
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index eecfa3091..f9ec120fd 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -60,8 +60,15 @@ struct CachedContract {
 
 impl OnChainKeyServerSet {
 	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, SocketAddr>) -> Arc<Self> {
+		let mut cached_contract = CachedContract::new(client, key_servers);
+		let key_server_contract_address = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
+		// only initialize from contract if it is installed. otherwise - use default nodes
+		if key_server_contract_address.is_some() {
+			cached_contract.read_from_registry(&*client, key_server_contract_address);
+		}
+
 		let key_server_set = Arc::new(OnChainKeyServerSet {
-			contract: Mutex::new(CachedContract::new(client, key_servers)),
+			contract: Mutex::new(cached_contract),
 		});
 		client.add_notify(key_server_set.clone());
 		key_server_set
@@ -76,6 +83,7 @@ impl KeyServerSet for OnChainKeyServerSet {
 
 impl ChainNotify for OnChainKeyServerSet {
 	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, enacted: Vec<H256>, retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
+println!("=== new_blocks: imported {}, invalid: {}, enactd: {}, retracted: {}, sealed: {}, proposed: {}", _imported.len(), _invalid.len(), enacted.len(), retracted.len(), _sealed.len(), _proposed.len());
 		self.contract.lock().update(enacted, retracted)
 	}
 }
@@ -92,36 +100,10 @@ impl CachedContract {
 	pub fn update(&mut self, enacted: Vec<H256>, _retracted: Vec<H256>) {
 		if let Some(client) = self.client.upgrade() {
 			let new_contract_addr = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
-
+println!("=== Registry address = {:?}", new_contract_addr);
 			// new contract installed
 			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
-println!("=== Installing contract from address: {:?}", new_contract_addr);
-				self.key_servers = new_contract_addr.map(|contract_addr| {
-					trace!(target: "secretstore", "Configuring for key server set contract from {}", contract_addr);
-
-					KeyServerSetContract::new(contract_addr)
-				})
-				.map(|contract| {
-					let mut key_servers = BTreeMap::new();
-					let do_call = |a, d| future::done(self.client.upgrade().ok_or("Calling contract without client".into()).and_then(|c| c.call_contract(BlockId::Latest, a, d)));
-					let key_servers_list = contract.get_key_servers(do_call).wait()
-						.map_err(|err| { trace!(target: "secretstore", "Error {} reading list of key servers from contract", err); err })
-						.unwrap_or_default();
-					for key_server in key_servers_list {
-						let key_server_public = contract.get_key_server_public(
-							|a, d| future::done(self.client.upgrade().ok_or("Calling contract without client".into()).and_then(|c| c.call_contract(BlockId::Latest, a, d))), key_server).wait()
-							.and_then(|p| if p.len() == 64 { Ok(Public::from_slice(&p)) } else { Err(format!("Invalid public length {}", p.len())) });
-						let key_server_ip = contract.get_key_server_address(
-							|a, d| future::done(self.client.upgrade().ok_or("Calling contract without client".into()).and_then(|c| c.call_contract(BlockId::Latest, a, d))), key_server).wait()
-							.and_then(|a| a.parse().map_err(|e| format!("Invalid ip address: {}", e)));
-						if let (Ok(key_server_public), Ok(key_server_ip)) = (key_server_public, key_server_ip) {
-							key_servers.insert(key_server_public, key_server_ip);
-						}
-					}
-					key_servers
-				})
-				.unwrap_or_default();
-
+				self.read_from_registry(&*client, new_contract_addr);
 				return;
 			}
 
@@ -139,7 +121,39 @@ println!("=== Installing contract from address: {:?}", new_contract_addr);
 		}
 	}
 
-	fn get(&self) -> BTreeMap<Public, SocketAddr> {
+	pub fn get(&self) -> BTreeMap<Public, SocketAddr> {
 		self.key_servers.clone()
 	}
+
+	fn read_from_registry(&mut self, client: &Client, new_contract_address: Option<Address>) {
+println!("=== Installing contract from address: {:?}", new_contract_address);
+		self.key_servers = new_contract_address.map(|contract_addr| {
+			trace!(target: "secretstore", "Configuring for key server set contract from {}", contract_addr);
+
+			KeyServerSetContract::new(contract_addr)
+		})
+		.map(|contract| {
+			let mut key_servers = BTreeMap::new();
+			let do_call = |a, d| future::done(client.call_contract(BlockId::Latest, a, d));
+			let key_servers_list = contract.get_key_servers(do_call).wait()
+				.map_err(|err| { trace!(target: "secretstore", "Error {} reading list of key servers from contract", err); err })
+				.unwrap_or_default();
+			for key_server in key_servers_list {
+				let key_server_public = contract.get_key_server_public(
+					|a, d| future::done(client.call_contract(BlockId::Latest, a, d)), key_server).wait()
+					.and_then(|p| if p.len() == 64 { Ok(Public::from_slice(&p)) } else { Err(format!("Invalid public length {}", p.len())) });
+				let key_server_ip = contract.get_key_server_address(
+					|a, d| future::done(client.call_contract(BlockId::Latest, a, d)), key_server).wait()
+					.and_then(|a| a.parse().map_err(|e| format!("Invalid ip address: {}", e)));
+				if let (Ok(key_server_public), Ok(key_server_ip)) = (key_server_public, key_server_ip) {
+println!("=== PARSED {:?} {:?}", key_server_public, key_server_ip);
+					key_servers.insert(key_server_public, key_server_ip);
+				}
+else { println!("=== ERROR parsing"); }
+			}
+			key_servers
+		})
+		.unwrap_or_default();
+		self.contract_addr = new_contract_address;
+	}
 }

From 80b9e931f55f06034fc597a49174d13683f6288e Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 20 Jul 2017 12:19:29 +0300
Subject: [PATCH 006/112] fixed connection establishing

---
 .../src/key_server_cluster/cluster.rs         | 44 ++++++++++++++++---
 .../src/key_server_cluster/io/handshake.rs    | 13 +++---
 .../net/accept_connection.rs                  |  7 ++-
 secret_store/src/key_server_set.rs            | 37 +++++++++-------
 4 files changed, 67 insertions(+), 34 deletions(-)

diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index 87c602eae..ff9ff9b22 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -289,8 +289,7 @@ impl ClusterCore {
 
 	/// Accept connection future.
 	fn accept_connection_future(handle: &Handle, data: Arc<ClusterData>, stream: TcpStream, node_address: SocketAddr) -> BoxedEmptyFuture {
-		let disconnected_nodes = data.connections.disconnected_nodes().keys().cloned().collect();
-		net_accept_connection(node_address, stream, handle, data.self_key_pair.clone(), disconnected_nodes)
+		net_accept_connection(node_address, stream, handle, data.self_key_pair.clone())
 			.then(move |result| ClusterCore::process_connection_result(data, true, result))
 			.then(|_| finished(()))
 			.boxed()
@@ -381,14 +380,16 @@ impl ClusterCore {
 					finished(Ok(())).boxed()
 				}
 			},
-			Ok(DeadlineStatus::Meet(Err(_))) => {
+			Ok(DeadlineStatus::Meet(Err(err))) => {
+				warn!(target: "secretstore_net", "{}: protocol error {} when establishind connection", data.self_key_pair.public(), err);
 				finished(Ok(())).boxed()
 			},
 			Ok(DeadlineStatus::Timeout) => {
+				warn!(target: "secretstore_net", "{}: timeout when establishind connection", data.self_key_pair.public());
 				finished(Ok(())).boxed()
 			},
-			Err(_) => {
-				// network error
+			Err(err) => {
+				warn!(target: "secretstore_net", "{}: network error {} when establishind connection", data.self_key_pair.public(), err);
 				finished(Ok(())).boxed()
 			},
 		}
@@ -699,6 +700,12 @@ impl ClusterConnections {
 
 	pub fn insert(&self, connection: Arc<Connection>) -> bool {
 		let mut data = self.data.write();
+		if !data.nodes.contains_key(connection.node_id()) {
+			// incoming connections are checked here
+			trace!(target: "secretstore_net", "{}: ignoring unknown connection from {} at {}", self.self_node_id, connection.node_id(), connection.node_address());
+			debug_assert!(connection.is_inbound());
+			return false;
+		}
 		if data.connections.contains_key(connection.node_id()) {
 			// we have already connected to the same node
 			// the agreement is that node with lower id must establish connection to node with higher id
@@ -746,14 +753,37 @@ impl ClusterConnections {
 		let mut new_nodes = self.key_server_set.get();
 		new_nodes.remove(&self.self_node_id);
 
+		let mut num_added_nodes = 0;
+		let mut num_removed_nodes = 0;
+		let mut num_changed_nodes = 0;
+
 		for obsolete_node in data.nodes.keys().cloned().collect::<Vec<_>>() {
 			if !new_nodes.contains_key(&obsolete_node) {
+				if let Entry::Occupied(entry) = data.connections.entry(obsolete_node) {
+					trace!(target: "secretstore_net", "{}: removing connection to {} at {}", self.self_node_id, entry.get().node_id(), entry.get().node_address());
+					entry.remove();
+				}
+
 				data.nodes.remove(&obsolete_node);
-				data.connections.remove(&obsolete_node);
+				num_removed_nodes += 1;
 			}
 		}
+
 		for (new_node_public, new_node_addr) in new_nodes {
-			data.nodes.insert(new_node_public, new_node_addr);
+			match data.nodes.insert(new_node_public, new_node_addr) {
+				None => num_added_nodes += 1,
+				Some(old_node_addr) => if new_node_addr != old_node_addr {
+					if let Entry::Occupied(entry) = data.connections.entry(new_node_public) {
+						trace!(target: "secretstore_net", "{}: removing connection to {} at {}", self.self_node_id, entry.get().node_id(), entry.get().node_address());
+						entry.remove();
+					}
+					num_changed_nodes += 1;
+				},
+			}
+		}
+
+		if num_added_nodes != 0 || num_removed_nodes != 0 || num_changed_nodes != 0 {
+			trace!(target: "secretstore_net", "{}: updated nodes set: removed {}, added {}, changed {}", self.self_node_id, num_removed_nodes, num_added_nodes, num_changed_nodes);
 		}
 	}
 }
diff --git a/secret_store/src/key_server_cluster/io/handshake.rs b/secret_store/src/key_server_cluster/io/handshake.rs
index 38d8a6ac1..90f4d04cc 100644
--- a/secret_store/src/key_server_cluster/io/handshake.rs
+++ b/secret_store/src/key_server_cluster/io/handshake.rs
@@ -45,7 +45,7 @@ pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Resul
 		state: state,
 		self_key_pair: self_key_pair,
 		self_confirmation_plain: self_confirmation_plain.unwrap_or(Default::default()),
-		trusted_nodes: trusted_nodes,
+		trusted_nodes: Some(trusted_nodes),
 		other_node_id: None,
 		other_confirmation_plain: None,
 		shared_key: None,
@@ -53,7 +53,7 @@ pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Resul
 }
 
 /// Wait for handshake procedure to be started by another node from the cluster.
-pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let self_confirmation_plain = Random.generate().map(|kp| *kp.secret().clone()).map_err(Into::into);
 	let (error, state) = match self_confirmation_plain.clone() {
 		Ok(_) => (None, HandshakeState::ReceivePublicKey(read_message(a))),
@@ -66,7 +66,7 @@ pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair, trusted_nodes: BTreeSet
 		state: state,
 		self_key_pair: self_key_pair,
 		self_confirmation_plain: self_confirmation_plain.unwrap_or(Default::default()),
-		trusted_nodes: trusted_nodes,
+		trusted_nodes: None,
 		other_node_id: None,
 		other_confirmation_plain: None,
 		shared_key: None,
@@ -89,7 +89,7 @@ pub struct Handshake<A> {
 	state: HandshakeState<A>,
 	self_key_pair: KeyPair,
 	self_confirmation_plain: H256,
-	trusted_nodes: BTreeSet<NodeId>,
+	trusted_nodes: Option<BTreeSet<NodeId>>,
 	other_node_id: Option<NodeId>,
 	other_confirmation_plain: Option<H256>,
 	shared_key: Option<KeyPair>,
@@ -172,7 +172,8 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 					Err(err) => return Ok((stream, Err(err.into())).into()),
 				};
 
-				if !self.trusted_nodes.contains(&*message.node_id) {
+				if !self.trusted_nodes.as_ref().map(|tn| tn.contains(&*message.node_id)).unwrap_or(true) {
+println!("=== HANDSHAKE - INVALID NODE: self.trusted_nodes = {:?}, message.node_id = {:?}", self.trusted_nodes, message.node_id);
 					return Ok((stream, Err(Error::InvalidNodeId)).into());
 				}
 
@@ -300,7 +301,7 @@ mod tests {
 		let trusted_nodes: BTreeSet<_> = vec![io.peer_public().clone()].into_iter().collect();
 		let shared_key = compute_shared_key(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap();
 
-		let mut handshake = accept_handshake(io, self_key_pair, trusted_nodes);
+		let mut handshake = accept_handshake(io, self_key_pair);
 		handshake.set_self_confirmation_plain(self_confirmation_plain);
 
 		let handshake_result = handshake.wait().unwrap();
diff --git a/secret_store/src/key_server_cluster/net/accept_connection.rs b/secret_store/src/key_server_cluster/net/accept_connection.rs
index 0daa8b2da..339625f3f 100644
--- a/secret_store/src/key_server_cluster/net/accept_connection.rs
+++ b/secret_store/src/key_server_cluster/net/accept_connection.rs
@@ -17,19 +17,18 @@
 use std::io;
 use std::net::SocketAddr;
 use std::time::Duration;
-use std::collections::BTreeSet;
 use futures::{Future, Poll};
 use tokio_core::reactor::Handle;
 use tokio_core::net::TcpStream;
 use ethkey::KeyPair;
-use key_server_cluster::{Error, NodeId};
+use key_server_cluster::Error;
 use key_server_cluster::io::{accept_handshake, Handshake, Deadline, deadline};
 use key_server_cluster::net::Connection;
 
 /// Create future for accepting incoming connection.
-pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Deadline<AcceptConnection> {
+pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: KeyPair) -> Deadline<AcceptConnection> {
 	let accept = AcceptConnection {
-		handshake: accept_handshake(stream, self_key_pair, trusted_nodes),
+		handshake: accept_handshake(stream, self_key_pair),
 		address: address,
 	};
 
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index f9ec120fd..7b0bd5c9f 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -28,8 +28,8 @@ use types::all::Public;
 const KEY_SERVER_SET_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_server_set";
 
 // TODO: ethabi should be able to generate this.
-const ADDED_EVENT_NAME: &'static [u8] = &*b"KeyServerAdded()";
-const REMOVED_EVENT_NAME: &'static [u8] = &*b"KeyServerRemoved()";
+const ADDED_EVENT_NAME: &'static [u8] = &*b"KeyServerAdded(address)";
+const REMOVED_EVENT_NAME: &'static [u8] = &*b"KeyServerRemoved(address)";
 
 lazy_static! {
 	static ref ADDED_EVENT_NAME_HASH: H256 = ADDED_EVENT_NAME.sha3();
@@ -83,7 +83,6 @@ impl KeyServerSet for OnChainKeyServerSet {
 
 impl ChainNotify for OnChainKeyServerSet {
 	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, enacted: Vec<H256>, retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
-println!("=== new_blocks: imported {}, invalid: {}, enactd: {}, retracted: {}, sealed: {}, proposed: {}", _imported.len(), _invalid.len(), enacted.len(), retracted.len(), _sealed.len(), _proposed.len());
 		self.contract.lock().update(enacted, retracted)
 	}
 }
@@ -97,26 +96,33 @@ impl CachedContract {
 		}
 	}
 
-	pub fn update(&mut self, enacted: Vec<H256>, _retracted: Vec<H256>) {
+	pub fn update(&mut self, enacted: Vec<H256>, retracted: Vec<H256>) {
 		if let Some(client) = self.client.upgrade() {
 			let new_contract_addr = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
-println!("=== Registry address = {:?}", new_contract_addr);
+
 			// new contract installed
 			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
 				self.read_from_registry(&*client, new_contract_addr);
 				return;
 			}
 
-			// check for events
-			for enacted_hash in enacted {
-				let filter = Filter {
-					from_block: BlockId::Hash(enacted_hash.clone()),
-					to_block: BlockId::Hash(enacted_hash.clone()),
+			// check for contract events
+			let is_set_changed = self.contract_addr.is_some() && enacted.iter()
+				.chain(retracted.iter())
+				.any(|block_hash| !client.logs(Filter {
+					from_block: BlockId::Hash(block_hash.clone()),
+					to_block: BlockId::Hash(block_hash.clone()),
 					address: self.contract_addr.clone().map(|a| vec![a]),
-					topics: vec![Some(vec![*ADDED_EVENT_NAME_HASH]), Some(vec![*REMOVED_EVENT_NAME_HASH])],
-					limit: None,
-				};
-				println!("=== Number of filtered log entries: {}", client.logs(filter).len());
+					topics: vec![
+						Some(vec![*ADDED_EVENT_NAME_HASH, *REMOVED_EVENT_NAME_HASH]),
+						None,
+						None,
+						None,
+					],
+					limit: Some(1),
+				}).is_empty());
+			if is_set_changed {
+				self.read_from_registry(&*client, new_contract_addr);
 			}
 		}
 	}
@@ -126,7 +132,6 @@ println!("=== Registry address = {:?}", new_contract_addr);
 	}
 
 	fn read_from_registry(&mut self, client: &Client, new_contract_address: Option<Address>) {
-println!("=== Installing contract from address: {:?}", new_contract_address);
 		self.key_servers = new_contract_address.map(|contract_addr| {
 			trace!(target: "secretstore", "Configuring for key server set contract from {}", contract_addr);
 
@@ -146,10 +151,8 @@ println!("=== Installing contract from address: {:?}", new_contract_address);
 					|a, d| future::done(client.call_contract(BlockId::Latest, a, d)), key_server).wait()
 					.and_then(|a| a.parse().map_err(|e| format!("Invalid ip address: {}", e)));
 				if let (Ok(key_server_public), Ok(key_server_ip)) = (key_server_public, key_server_ip) {
-println!("=== PARSED {:?} {:?}", key_server_public, key_server_ip);
 					key_servers.insert(key_server_public, key_server_ip);
 				}
-else { println!("=== ERROR parsing"); }
 			}
 			key_servers
 		})

From 9a9c4f6ad6ee6e6beda9820ade823191987b98f9 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 20 Jul 2017 12:25:41 +0300
Subject: [PATCH 007/112] removed println

---
 secret_store/src/key_server_cluster/io/handshake.rs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/secret_store/src/key_server_cluster/io/handshake.rs b/secret_store/src/key_server_cluster/io/handshake.rs
index 90f4d04cc..df8f6cbf7 100644
--- a/secret_store/src/key_server_cluster/io/handshake.rs
+++ b/secret_store/src/key_server_cluster/io/handshake.rs
@@ -173,7 +173,6 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 				};
 
 				if !self.trusted_nodes.as_ref().map(|tn| tn.contains(&*message.node_id)).unwrap_or(true) {
-println!("=== HANDSHAKE - INVALID NODE: self.trusted_nodes = {:?}, message.node_id = {:?}", self.trusted_nodes, message.node_id);
 					return Ok((stream, Err(Error::InvalidNodeId)).into());
 				}
 

From a35db9f45476d44d77870f5cd1e52764a7676d07 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 20 Jul 2017 12:55:52 +0300
Subject: [PATCH 008/112] improved KeyServerSet tracing

---
 secret_store/src/key_server_set.rs | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index 7b0bd5c9f..6b58e54de 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -27,8 +27,9 @@ use types::all::Public;
 
 const KEY_SERVER_SET_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_server_set";
 
-// TODO: ethabi should be able to generate this.
+/// Key server has been added to the set.
 const ADDED_EVENT_NAME: &'static [u8] = &*b"KeyServerAdded(address)";
+/// Key server has been removed from the set.
 const REMOVED_EVENT_NAME: &'static [u8] = &*b"KeyServerRemoved(address)";
 
 lazy_static! {
@@ -63,6 +64,7 @@ impl OnChainKeyServerSet {
 		let mut cached_contract = CachedContract::new(client, key_servers);
 		let key_server_contract_address = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
 		// only initialize from contract if it is installed. otherwise - use default nodes
+		// once the contract is installed, all default nodes are lost (if not in the contract' set)
 		if key_server_contract_address.is_some() {
 			cached_contract.read_from_registry(&*client, key_server_contract_address);
 		}
@@ -100,7 +102,7 @@ impl CachedContract {
 		if let Some(client) = self.client.upgrade() {
 			let new_contract_addr = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
 
-			// new contract installed
+			// new contract installed => read nodes set from the contract
 			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
 				self.read_from_registry(&*client, new_contract_addr);
 				return;
@@ -121,6 +123,7 @@ impl CachedContract {
 					],
 					limit: Some(1),
 				}).is_empty());
+			// to simplify processing - just re-read the whole nodes set from the contract
 			if is_set_changed {
 				self.read_from_registry(&*client, new_contract_addr);
 			}
@@ -150,8 +153,12 @@ impl CachedContract {
 				let key_server_ip = contract.get_key_server_address(
 					|a, d| future::done(client.call_contract(BlockId::Latest, a, d)), key_server).wait()
 					.and_then(|a| a.parse().map_err(|e| format!("Invalid ip address: {}", e)));
-				if let (Ok(key_server_public), Ok(key_server_ip)) = (key_server_public, key_server_ip) {
-					key_servers.insert(key_server_public, key_server_ip);
+
+				// only add successfully parsed nodes
+				match (key_server_public, key_server_ip) {
+					(Ok(key_server_public), Ok(key_server_ip)) => { key_servers.insert(key_server_public, key_server_ip); },
+					(Err(public_err), _) => warn!(target: "secretstore_net", "received invalid public from key server set contract: {}", public_err),
+					(_, Err(ip_err)) => warn!(target: "secretstore_net", "received invalid IP from key server set contract: {}", ip_err),
 				}
 			}
 			key_servers

From b9ad093d06fc11f1dba8d30d5986a4aa8dd93cbe Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 20 Jul 2017 13:15:16 +0300
Subject: [PATCH 009/112] moved parsing to KeyServerSet

---
 secret_store/src/key_server_set.rs | 22 ++++++++++++++--------
 secret_store/src/lib.rs            |  4 +---
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index 6b58e54de..302f76196 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -23,7 +23,7 @@ use ethcore::filter::Filter;
 use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify};
 use native_contracts::KeyServerSet as KeyServerSetContract;
 use util::{H256, Address, Bytes, Hashable};
-use types::all::Public;
+use types::all::{Error, Public, NodeAddress};
 
 const KEY_SERVER_SET_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_server_set";
 
@@ -60,8 +60,8 @@ struct CachedContract {
 }
 
 impl OnChainKeyServerSet {
-	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, SocketAddr>) -> Arc<Self> {
-		let mut cached_contract = CachedContract::new(client, key_servers);
+	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Arc<Self>, Error> {
+		let mut cached_contract = CachedContract::new(client, key_servers)?;
 		let key_server_contract_address = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
 		// only initialize from contract if it is installed. otherwise - use default nodes
 		// once the contract is installed, all default nodes are lost (if not in the contract' set)
@@ -73,7 +73,7 @@ impl OnChainKeyServerSet {
 			contract: Mutex::new(cached_contract),
 		});
 		client.add_notify(key_server_set.clone());
-		key_server_set
+		Ok(key_server_set)
 	}
 }
 
@@ -90,12 +90,18 @@ impl ChainNotify for OnChainKeyServerSet {
 }
 
 impl CachedContract {
-	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, SocketAddr>) -> Self {
-		CachedContract {
+	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Self, Error> {
+		Ok(CachedContract {
 			client: Arc::downgrade(client),
 			contract_addr: None,
-			key_servers: key_servers,
-		}
+			key_servers: key_servers.into_iter()
+				.map(|(p, addr)| {
+					let addr = format!("{}:{}", addr.address, addr.port).parse()
+						.map_err(|err| Error::Internal(format!("error parsing node address: {}", err)))?;
+					Ok((p, addr))
+				})
+				.collect::<Result<BTreeMap<_, _>, Error>>()?,
+		})
 	}
 
 	pub fn update(&mut self, enacted: Vec<H256>, retracted: Vec<H256>) {
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index 235d0edd9..9750f7223 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -72,9 +72,7 @@ pub fn start(client: Arc<Client>, config: ServiceConfiguration) -> Result<Box<Ke
 	use std::sync::Arc;
 
 	let acl_storage = acl_storage::OnChainAclStorage::new(&client);
-	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone()
-		.into_iter()
-		.map(|a| (a.0, format!("{}:{}", a.1.address, a.1.port).parse().unwrap())).collect()); // TODO: remove after switching to enode:///
+	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone())?;
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
 	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, acl_storage, key_storage)?;
 	let listener = http_listener::KeyServerHttpListener::start(&config.listener_address, key_server)?;

From c94c799347a0a9e6803d5a6f224d37c8a90f533c Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 20 Jul 2017 13:28:31 +0300
Subject: [PATCH 010/112] re-read only when blockchain is changed

---
 secret_store/src/acl_storage.rs    | 6 ++++--
 secret_store/src/key_server_set.rs | 4 +++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/secret_store/src/acl_storage.rs b/secret_store/src/acl_storage.rs
index 7ae72cbfc..37d5bcd25 100644
--- a/secret_store/src/acl_storage.rs
+++ b/secret_store/src/acl_storage.rs
@@ -64,8 +64,10 @@ impl AclStorage for OnChainAclStorage {
 }
 
 impl ChainNotify for OnChainAclStorage {
-	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, _enacted: Vec<H256>, _retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
-		self.contract.lock().update()
+	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, enacted: Vec<H256>, retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
+		if !enacted.is_empty() || !retracted.is_empty() {
+			self.contract.lock().update()
+		}
 	}
 }
 
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index 302f76196..47f033db1 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -85,7 +85,9 @@ impl KeyServerSet for OnChainKeyServerSet {
 
 impl ChainNotify for OnChainKeyServerSet {
 	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, enacted: Vec<H256>, retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
-		self.contract.lock().update(enacted, retracted)
+		if !enacted.is_empty() || !retracted.is_empty() {
+			self.contract.lock().update(enacted, retracted)
+		}
 	}
 }
 

From 023e5b4b9086c85405746dc38b95fcd8c9786746 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Fri, 21 Jul 2017 10:49:10 +0300
Subject: [PATCH 011/112] do not try to connect if not a part of cluster

---
 secret_store/src/key_server_cluster/cluster.rs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index ff9ff9b22..831867029 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -751,7 +751,11 @@ impl ClusterConnections {
 	pub fn update_nodes_set(&self) {
 		let mut data = self.data.write();
 		let mut new_nodes = self.key_server_set.get();
-		new_nodes.remove(&self.self_node_id);
+		// we do not need to connect to self
+		// + we do not need to try to connect to any other node if we are not the part of a cluster
+		if new_nodes.remove(&self.self_node_id).is_none() {
+			new_nodes.clear();
+		}
 
 		let mut num_added_nodes = 0;
 		let mut num_removed_nodes = 0;

From 5fb9652af56410a805da24e4f2177578f062be53 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Fri, 21 Jul 2017 11:25:26 +0300
Subject: [PATCH 012/112] improved logging

---
 secret_store/src/key_server_cluster/cluster.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index 831867029..649ad4bc9 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -715,7 +715,8 @@ impl ClusterConnections {
 			}
 		}
 
-		trace!(target: "secretstore_net", "{}: inserting connection to {} at {}", self.self_node_id, connection.node_id(), connection.node_address());
+		trace!(target: "secretstore_net", "{}: inserting connection to {} at {}. Connected to {} of {} nodes",
+			self.self_node_id, connection.node_id(), connection.node_address(), data.connections.len() + 1, data.nodes.len());
 		data.connections.insert(connection.node_id().clone(), connection);
 		true
 	}
@@ -787,7 +788,8 @@ impl ClusterConnections {
 		}
 
 		if num_added_nodes != 0 || num_removed_nodes != 0 || num_changed_nodes != 0 {
-			trace!(target: "secretstore_net", "{}: updated nodes set: removed {}, added {}, changed {}", self.self_node_id, num_removed_nodes, num_added_nodes, num_changed_nodes);
+			trace!(target: "secretstore_net", "{}: updated nodes set: removed {}, added {}, changed {}. Connected to {} of {} nodes",
+				self.self_node_id, num_removed_nodes, num_added_nodes, num_changed_nodes, data.connections.len(), data.nodes.len());
 		}
 	}
 }

From b31b067743a62068425a9e87eee6edd9864c83f5 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Mon, 24 Jul 2017 12:36:31 +0300
Subject: [PATCH 013/112] fixed tests

---
 secret_store/src/key_server.rs                |  8 +++++-
 .../src/key_server_cluster/cluster.rs         | 10 +++----
 secret_store/src/key_server_cluster/mod.rs    |  2 ++
 secret_store/src/key_server_set.rs            | 27 +++++++++++++++++++
 4 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index 969782ca2..c83e460f3 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -192,10 +192,13 @@ impl Drop for KeyServerCore {
 pub mod tests {
 	use std::time;
 	use std::sync::Arc;
+	use std::net::SocketAddr;
+	use std::collections::BTreeMap;
 	use ethcrypto;
 	use ethkey::{self, Secret, Random, Generator};
 	use acl_storage::tests::DummyAclStorage;
 	use key_storage::tests::DummyKeyStorage;
+	use key_server_set::tests::MapKeyServerSet;
 	use key_server_cluster::math;
 	use util::H256;
 	use types::all::{Error, Public, ClusterConfiguration, NodeAddress, RequestSignature, ServerKeyId,
@@ -253,8 +256,11 @@ pub mod tests {
 					})).collect(),
 				allow_connecting_to_higher_nodes: false,
 			}).collect();
+		let key_servers_set: BTreeMap<Public, SocketAddr> = configs[0].nodes.iter()
+			.map(|(k, a)| (k.clone(), format!("{}:{}", a.address, a.port).parse().unwrap()))
+			.collect();
 		let key_servers: Vec<_> = configs.into_iter().map(|cfg|
-			KeyServerImpl::new(&cfg, Arc::new(DummyAclStorage::default()), Arc::new(DummyKeyStorage::default())).unwrap()
+			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(key_servers_set.clone())), Arc::new(DummyAclStorage::default()), Arc::new(DummyKeyStorage::default())).unwrap()
 		).collect();
 
 		// wait until connections are established. It is fast => do not bother with events here
diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index 649ad4bc9..d77a82431 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -989,7 +989,7 @@ pub mod tests {
 	use parking_lot::Mutex;
 	use tokio_core::reactor::Core;
 	use ethkey::{Random, Generator, Public};
-	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage};
+	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage, MapKeyServerSet};
 	use key_server_cluster::message::Message;
 	use key_server_cluster::cluster::{Cluster, ClusterCore, ClusterConfiguration};
 	use key_server_cluster::generation_session::{Session as GenerationSession, SessionState as GenerationSessionState};
@@ -1059,7 +1059,7 @@ pub mod tests {
 	}
 
 	pub fn all_connections_established(cluster: &Arc<ClusterCore>) -> bool {
-		cluster.config().nodes.keys()
+		cluster.config().key_server_set.get().keys()
 			.filter(|p| *p != cluster.config().self_key_pair.public())
 			.all(|p| cluster.connection(p).is_some())
 	}
@@ -1070,9 +1070,9 @@ pub mod tests {
 			threads: 1,
 			self_key_pair: key_pairs[i].clone(),
 			listen_address: ("127.0.0.1".to_owned(), ports_begin + i as u16),
-			nodes: key_pairs.iter().enumerate()
-				.map(|(j, kp)| (kp.public().clone(), ("127.0.0.1".into(), ports_begin + j as u16)))
-				.collect(),
+			key_server_set: Arc::new(MapKeyServerSet::new(key_pairs.iter().enumerate()
+				.map(|(j, kp)| (kp.public().clone(), format!("127.0.0.1:{}", ports_begin + j as u16).parse().unwrap()))
+				.collect())),
 			allow_connecting_to_higher_nodes: false,
 			key_storage: Arc::new(DummyKeyStorage::default()),
 			acl_storage: Arc::new(DummyAclStorage::default()),
diff --git a/secret_store/src/key_server_cluster/mod.rs b/secret_store/src/key_server_cluster/mod.rs
index 11c32d528..8f6ae4add 100644
--- a/secret_store/src/key_server_cluster/mod.rs
+++ b/secret_store/src/key_server_cluster/mod.rs
@@ -34,6 +34,8 @@ pub use self::decryption_session::Session as DecryptionSession;
 pub use super::key_storage::tests::DummyKeyStorage;
 #[cfg(test)]
 pub use super::acl_storage::tests::DummyAclStorage;
+#[cfg(test)]
+pub use super::key_server_set::tests::MapKeyServerSet;
 
 pub type SessionId = ServerKeyId;
 
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index 47f033db1..e17dceed5 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -175,3 +175,30 @@ impl CachedContract {
 		self.contract_addr = new_contract_address;
 	}
 }
+
+#[cfg(test)]
+pub mod tests {
+	use std::collections::BTreeMap;
+	use std::net::SocketAddr;
+	use ethkey::Public;
+	use super::KeyServerSet;
+
+	#[derive(Default)]
+	pub struct MapKeyServerSet {
+		nodes: BTreeMap<Public, SocketAddr>,
+	}
+
+	impl MapKeyServerSet {
+		pub fn new(nodes: BTreeMap<Public, SocketAddr>) -> Self {
+			MapKeyServerSet {
+				nodes: nodes,
+			}
+		}
+	}
+
+	impl KeyServerSet for MapKeyServerSet {
+		fn get(&self) -> BTreeMap<Public, SocketAddr> {
+			self.nodes.clone()
+		}
+	}
+}

From 45f2b824110e1f7378217e8d6b73cffd261b6755 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Tue, 25 Jul 2017 09:24:54 +0300
Subject: [PATCH 014/112] NodeKeyPAir trait

---
 secret_store/src/key_server.rs                | 20 +++---
 .../src/key_server_cluster/cluster.rs         | 10 +--
 .../src/key_server_cluster/io/handshake.rs    | 48 +++++++------
 .../src/key_server_cluster/io/message.rs      | 15 ++---
 secret_store/src/key_server_cluster/io/mod.rs |  2 +-
 secret_store/src/key_server_cluster/mod.rs    |  3 +
 .../net/accept_connection.rs                  |  6 +-
 .../src/key_server_cluster/net/connect.rs     |  8 +--
 secret_store/src/key_storage.rs               |  2 +-
 secret_store/src/lib.rs                       |  8 ++-
 secret_store/src/node_key_pair.rs             | 67 +++++++++++++++++++
 secret_store/src/traits.rs                    | 12 ++++
 secret_store/src/types/all.rs                 |  2 -
 13 files changed, 146 insertions(+), 57 deletions(-)
 create mode 100644 secret_store/src/node_key_pair.rs

diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index c83e460f3..0944dd37c 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -26,7 +26,7 @@ use super::acl_storage::AclStorage;
 use super::key_storage::KeyStorage;
 use super::key_server_set::KeyServerSet;
 use key_server_cluster::{math, ClusterCore};
-use traits::{ServerKeyGenerator, DocumentKeyServer, MessageSigner, KeyServer};
+use traits::{ServerKeyGenerator, DocumentKeyServer, MessageSigner, KeyServer, NodeKeyPair};
 use types::all::{Error, Public, RequestSignature, ServerKeyId, EncryptedDocumentKey, EncryptedDocumentKeyShadow,
 	ClusterConfiguration, MessageHash, EncryptedMessageSignature};
 use key_server_cluster::{ClusterClient, ClusterConfiguration as NetClusterConfiguration};
@@ -45,9 +45,9 @@ pub struct KeyServerCore {
 
 impl KeyServerImpl {
 	/// Create new key server instance
-	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, self_key_pair: Arc<NodeKeyPair>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		Ok(KeyServerImpl {
-			data: Arc::new(Mutex::new(KeyServerCore::new(config, key_server_set, acl_storage, key_storage)?)),
+			data: Arc::new(Mutex::new(KeyServerCore::new(config, key_server_set, self_key_pair, acl_storage, key_storage)?)),
 		})
 	}
 
@@ -144,10 +144,10 @@ impl MessageSigner for KeyServerImpl {
 }
 
 impl KeyServerCore {
-	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, self_key_pair: Arc<NodeKeyPair>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		let config = NetClusterConfiguration {
 			threads: config.threads,
-			self_key_pair: ethkey::KeyPair::from_secret_slice(&config.self_private)?,
+			self_key_pair: self_key_pair,
 			listen_address: (config.listener_address.address.clone(), config.listener_address.port),
 			key_server_set: key_server_set,
 			allow_connecting_to_higher_nodes: config.allow_connecting_to_higher_nodes,
@@ -198,6 +198,7 @@ pub mod tests {
 	use ethkey::{self, Secret, Random, Generator};
 	use acl_storage::tests::DummyAclStorage;
 	use key_storage::tests::DummyKeyStorage;
+	use node_key_pair::PlainNodeKeyPair;
 	use key_server_set::tests::MapKeyServerSet;
 	use key_server_cluster::math;
 	use util::H256;
@@ -244,7 +245,7 @@ pub mod tests {
 		let key_pairs: Vec<_> = (0..num_nodes).map(|_| Random.generate().unwrap()).collect();
 		let configs: Vec<_> = (0..num_nodes).map(|i| ClusterConfiguration {
 				threads: 1,
-				self_private: (***key_pairs[i].secret()).into(),
+//				self_key_pair: Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
 				listener_address: NodeAddress {
 					address: "127.0.0.1".into(),
 					port: start_port + (i as u16),
@@ -259,8 +260,11 @@ pub mod tests {
 		let key_servers_set: BTreeMap<Public, SocketAddr> = configs[0].nodes.iter()
 			.map(|(k, a)| (k.clone(), format!("{}:{}", a.address, a.port).parse().unwrap()))
 			.collect();
-		let key_servers: Vec<_> = configs.into_iter().map(|cfg|
-			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(key_servers_set.clone())), Arc::new(DummyAclStorage::default()), Arc::new(DummyKeyStorage::default())).unwrap()
+		let key_servers: Vec<_> = configs.into_iter().enumerate().map(|(i, cfg)|
+			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(key_servers_set.clone())),
+				Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
+				Arc::new(DummyAclStorage::default()),
+				Arc::new(DummyKeyStorage::default())).unwrap()
 		).collect();
 
 		// wait until connections are established. It is fast => do not bother with events here
diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index d77a82431..155dd4a01 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -28,7 +28,7 @@ use tokio_core::reactor::{Handle, Remote, Interval};
 use tokio_core::net::{TcpListener, TcpStream};
 use ethkey::{Public, KeyPair, Signature, Random, Generator};
 use util::H256;
-use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage, KeyServerSet};
+use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage, KeyServerSet, NodeKeyPair};
 use key_server_cluster::cluster_sessions::{ClusterSession, ClusterSessions, GenerationSessionWrapper, EncryptionSessionWrapper,
 	DecryptionSessionWrapper, SigningSessionWrapper};
 use key_server_cluster::message::{self, Message, ClusterMessage, GenerationMessage, EncryptionMessage, DecryptionMessage,
@@ -99,7 +99,7 @@ pub struct ClusterConfiguration {
 	/// Allow connecting to 'higher' nodes.
 	pub allow_connecting_to_higher_nodes: bool,
 	/// KeyPair this node holds.
-	pub self_key_pair: KeyPair,
+	pub self_key_pair: Arc<NodeKeyPair>,
 	/// Interface to listen to.
 	pub listen_address: (String, u16),
 	/// Cluster nodes set.
@@ -146,7 +146,7 @@ pub struct ClusterData {
 	/// Handle to the cpu thread pool.
 	pool: CpuPool,
 	/// KeyPair this node holds.
-	self_key_pair: KeyPair,
+	self_key_pair: Arc<NodeKeyPair>,
 	/// Connections data.
 	connections: ClusterConnections,
 	/// Active sessions data.
@@ -989,7 +989,7 @@ pub mod tests {
 	use parking_lot::Mutex;
 	use tokio_core::reactor::Core;
 	use ethkey::{Random, Generator, Public};
-	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage, MapKeyServerSet};
+	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage, MapKeyServerSet, PlainNodeKeyPair};
 	use key_server_cluster::message::Message;
 	use key_server_cluster::cluster::{Cluster, ClusterCore, ClusterConfiguration};
 	use key_server_cluster::generation_session::{Session as GenerationSession, SessionState as GenerationSessionState};
@@ -1068,7 +1068,7 @@ pub mod tests {
 		let key_pairs: Vec<_> = (0..num_nodes).map(|_| Random.generate().unwrap()).collect();
 		let cluster_params: Vec<_> = (0..num_nodes).map(|i| ClusterConfiguration {
 			threads: 1,
-			self_key_pair: key_pairs[i].clone(),
+			self_key_pair: Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
 			listen_address: ("127.0.0.1".to_owned(), ports_begin + i as u16),
 			key_server_set: Arc::new(MapKeyServerSet::new(key_pairs.iter().enumerate()
 				.map(|(j, kp)| (kp.public().clone(), format!("127.0.0.1:{}", ports_begin + j as u16).parse().unwrap()))
diff --git a/secret_store/src/key_server_cluster/io/handshake.rs b/secret_store/src/key_server_cluster/io/handshake.rs
index df8f6cbf7..bf52ab798 100644
--- a/secret_store/src/key_server_cluster/io/handshake.rs
+++ b/secret_store/src/key_server_cluster/io/handshake.rs
@@ -15,24 +15,25 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::io;
+use std::sync::Arc;
 use std::collections::BTreeSet;
 use futures::{Future, Poll, Async};
 use tokio_io::{AsyncRead, AsyncWrite};
-use ethkey::{Random, Generator, KeyPair, Secret, sign, verify_public};
+use ethkey::{Random, Generator, KeyPair, verify_public};
 use util::H256;
-use key_server_cluster::{NodeId, Error};
+use key_server_cluster::{NodeId, Error, NodeKeyPair};
 use key_server_cluster::message::{Message, ClusterMessage, NodePublicKey, NodePrivateKeySignature};
 use key_server_cluster::io::{write_message, write_encrypted_message, WriteMessage, ReadMessage,
-	read_message, read_encrypted_message, compute_shared_key};
+	read_message, read_encrypted_message, fix_shared_key};
 
 /// Start handshake procedure with another node from the cluster.
-pub fn handshake<A>(a: A, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn handshake<A>(a: A, self_key_pair: Arc<NodeKeyPair>, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let self_confirmation_plain = Random.generate().map(|kp| *kp.secret().clone()).map_err(Into::into);
 	handshake_with_plain_confirmation(a, self_confirmation_plain, self_key_pair, trusted_nodes)
 }
 
 /// Start handshake procedure with another node from the cluster and given plain confirmation.
-pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Result<H256, Error>, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Result<H256, Error>, self_key_pair: Arc<NodeKeyPair>, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let (error, state) = match self_confirmation_plain.clone()
 		.and_then(|c| Handshake::<A>::make_public_key_message(self_key_pair.public().clone(), c)) {
 		Ok(message) => (None, HandshakeState::SendPublicKey(write_message(a, message))),
@@ -53,7 +54,7 @@ pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Resul
 }
 
 /// Wait for handshake procedure to be started by another node from the cluster.
-pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn accept_handshake<A>(a: A, self_key_pair: Arc<NodeKeyPair>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let self_confirmation_plain = Random.generate().map(|kp| *kp.secret().clone()).map_err(Into::into);
 	let (error, state) = match self_confirmation_plain.clone() {
 		Ok(_) => (None, HandshakeState::ReceivePublicKey(read_message(a))),
@@ -87,7 +88,7 @@ pub struct Handshake<A> {
 	is_active: bool,
 	error: Option<(A, Result<HandshakeResult, Error>)>,
 	state: HandshakeState<A>,
-	self_key_pair: KeyPair,
+	self_key_pair: Arc<NodeKeyPair>,
 	self_confirmation_plain: H256,
 	trusted_nodes: Option<BTreeSet<NodeId>>,
 	other_node_id: Option<NodeId>,
@@ -117,9 +118,9 @@ impl<A> Handshake<A> where A: AsyncRead + AsyncWrite {
 		})))
 	}
 
-	fn make_private_key_signature_message(secret: &Secret, confirmation_plain: &H256) -> Result<Message, Error> {
+	fn make_private_key_signature_message(self_key_pair: &NodeKeyPair, confirmation_plain: &H256) -> Result<Message, Error> {
 		Ok(Message::Cluster(ClusterMessage::NodePrivateKeySignature(NodePrivateKeySignature {
-			confirmation_signed: sign(secret, confirmation_plain)?.into(),
+			confirmation_signed: self_key_pair.sign(confirmation_plain)?.into(),
 		})))
 	}
 }
@@ -142,15 +143,15 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 						read_message(stream)
 					), Async::NotReady)
 				} else {
-					self.shared_key = match compute_shared_key(self.self_key_pair.secret(),
+					self.shared_key = match self.self_key_pair.compute_shared_key(
 						self.other_node_id.as_ref().expect("we are in passive mode; in passive mode SendPublicKey follows ReceivePublicKey; other_node_id is filled in ReceivePublicKey; qed")
-					) {
+					).map_err(Into::into).and_then(|sk| fix_shared_key(sk.secret())) {
 						Ok(shared_key) => Some(shared_key),
-						Err(err) => return Ok((stream, Err(err)).into()),
+						Err(err) => return Ok((stream, Err(err.into())).into()),
 					};
 
 					let message = match Handshake::<A>::make_private_key_signature_message(
-						self.self_key_pair.secret(),
+						&*self.self_key_pair,
 						self.other_confirmation_plain.as_ref().expect("we are in passive mode; in passive mode SendPublicKey follows ReceivePublicKey; other_confirmation_plain is filled in ReceivePublicKey; qed")
 					) {
 						Ok(message) => message,
@@ -179,15 +180,15 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 				self.other_node_id = Some(message.node_id.into());
 				self.other_confirmation_plain = Some(message.confirmation_plain.into());
 				if self.is_active {
-					self.shared_key = match compute_shared_key(self.self_key_pair.secret(),
+					self.shared_key = match self.self_key_pair.compute_shared_key(
 						self.other_node_id.as_ref().expect("filled couple of lines above; qed")
-					) {
+					).map_err(Into::into).and_then(|sk| fix_shared_key(sk.secret())) {
 						Ok(shared_key) => Some(shared_key),
-						Err(err) => return Ok((stream, Err(err)).into()),
+						Err(err) => return Ok((stream, Err(err.into())).into()),
 					};
 
 					let message = match Handshake::<A>::make_private_key_signature_message(
-						self.self_key_pair.secret(),
+						&*self.self_key_pair,
 						self.other_confirmation_plain.as_ref().expect("filled couple of lines above; qed")
 					) {
 						Ok(message) => message,
@@ -248,11 +249,14 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 
 #[cfg(test)]
 mod tests {
+	use std::sync::Arc;
 	use std::collections::BTreeSet;
 	use futures::Future;
 	use ethkey::{Random, Generator, sign};
+	use ethcrypto::ecdh::agree;
 	use util::H256;
-	use key_server_cluster::io::message::compute_shared_key;
+	use key_server_cluster::PlainNodeKeyPair;
+	use key_server_cluster::io::message::fix_shared_key;
 	use key_server_cluster::io::message::tests::TestIo;
 	use key_server_cluster::message::{Message, ClusterMessage, NodePublicKey, NodePrivateKeySignature};
 	use super::{handshake_with_plain_confirmation, accept_handshake, HandshakeResult};
@@ -283,9 +287,9 @@ mod tests {
 		let (self_confirmation_plain, io) = prepare_test_io();
 		let self_key_pair = io.self_key_pair().clone();
 		let trusted_nodes: BTreeSet<_> = vec![io.peer_public().clone()].into_iter().collect();
-		let shared_key = compute_shared_key(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap();
+		let shared_key = fix_shared_key(&agree(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap()).unwrap();
 
-		let handshake = handshake_with_plain_confirmation(io, Ok(self_confirmation_plain), self_key_pair, trusted_nodes);
+		let handshake = handshake_with_plain_confirmation(io, Ok(self_confirmation_plain), Arc::new(PlainNodeKeyPair::new(self_key_pair)), trusted_nodes);
 		let handshake_result = handshake.wait().unwrap();
 		assert_eq!(handshake_result.1, Ok(HandshakeResult {
 			node_id: handshake_result.0.peer_public().clone(),
@@ -298,9 +302,9 @@ mod tests {
 		let (self_confirmation_plain, io) = prepare_test_io();
 		let self_key_pair = io.self_key_pair().clone();
 		let trusted_nodes: BTreeSet<_> = vec![io.peer_public().clone()].into_iter().collect();
-		let shared_key = compute_shared_key(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap();
+		let shared_key = fix_shared_key(&agree(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap()).unwrap();
 
-		let mut handshake = accept_handshake(io, self_key_pair);
+		let mut handshake = accept_handshake(io, Arc::new(PlainNodeKeyPair::new(self_key_pair)));
 		handshake.set_self_confirmation_plain(self_confirmation_plain);
 
 		let handshake_result = handshake.wait().unwrap();
diff --git a/secret_store/src/key_server_cluster/io/message.rs b/secret_store/src/key_server_cluster/io/message.rs
index 49b71e39d..5a6b50a3e 100644
--- a/secret_store/src/key_server_cluster/io/message.rs
+++ b/secret_store/src/key_server_cluster/io/message.rs
@@ -19,9 +19,8 @@ use std::u16;
 use std::ops::Deref;
 use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
 use serde_json;
-use ethcrypto::ecdh::agree;
 use ethcrypto::ecies::{encrypt_single_message, decrypt_single_message};
-use ethkey::{Public, Secret, KeyPair};
+use ethkey::{Secret, KeyPair};
 use ethkey::math::curve_order;
 use util::{H256, U256};
 use key_server_cluster::Error;
@@ -154,12 +153,11 @@ pub fn decrypt_message(key: &KeyPair, payload: Vec<u8>) -> Result<Vec<u8>, Error
 	Ok(decrypt_single_message(key.secret(), &payload)?)
 }
 
-/// Compute shared encryption key.
-pub fn compute_shared_key(self_secret: &Secret, other_public: &Public) -> Result<KeyPair, Error> {
+/// Fix shared encryption key.
+pub fn fix_shared_key(shared_secret: &Secret) -> Result<KeyPair, Error> {
 	// secret key created in agree function is invalid, as it is not calculated mod EC.field.n
 	// => let's do it manually
-	let shared_secret = agree(self_secret, other_public)?;
-	let shared_secret: H256 = (*shared_secret).into();
+	let shared_secret: H256 = (**shared_secret).into();
 	let shared_secret: U256 = shared_secret.into();
 	let shared_secret: H256 = (shared_secret % curve_order()).into();
 	let shared_key_pair = KeyPair::from_secret_slice(&*shared_secret)?;
@@ -204,8 +202,9 @@ pub mod tests {
 	use futures::Poll;
 	use tokio_io::{AsyncRead, AsyncWrite};
 	use ethkey::{KeyPair, Public};
+	use ethcrypto::ecdh::agree;
 	use key_server_cluster::message::Message;
-	use super::{MESSAGE_HEADER_SIZE, MessageHeader, compute_shared_key, encrypt_message, serialize_message,
+	use super::{MESSAGE_HEADER_SIZE, MessageHeader, fix_shared_key, encrypt_message, serialize_message,
 		serialize_header, deserialize_header};
 
 	pub struct TestIo {
@@ -217,7 +216,7 @@ pub mod tests {
 
 	impl TestIo {
 		pub fn new(self_key_pair: KeyPair, peer_public: Public) -> Self {
-			let shared_key_pair = compute_shared_key(self_key_pair.secret(), &peer_public).unwrap();
+			let shared_key_pair = fix_shared_key(&agree(self_key_pair.secret(), &peer_public).unwrap()).unwrap();
 			TestIo {
 				self_key_pair: self_key_pair,
 				peer_public: peer_public,
diff --git a/secret_store/src/key_server_cluster/io/mod.rs b/secret_store/src/key_server_cluster/io/mod.rs
index 57071038e..dfea33683 100644
--- a/secret_store/src/key_server_cluster/io/mod.rs
+++ b/secret_store/src/key_server_cluster/io/mod.rs
@@ -26,7 +26,7 @@ mod write_message;
 pub use self::deadline::{deadline, Deadline, DeadlineStatus};
 pub use self::handshake::{handshake, accept_handshake, Handshake, HandshakeResult};
 pub use self::message::{MessageHeader, SerializedMessage, serialize_message, deserialize_message,
-	encrypt_message, compute_shared_key};
+	encrypt_message, fix_shared_key};
 pub use self::read_header::{read_header, ReadHeader};
 pub use self::read_payload::{read_payload, read_encrypted_payload, ReadPayload};
 pub use self::read_message::{read_message, read_encrypted_message, ReadMessage};
diff --git a/secret_store/src/key_server_cluster/mod.rs b/secret_store/src/key_server_cluster/mod.rs
index 8f6ae4add..102c3672f 100644
--- a/secret_store/src/key_server_cluster/mod.rs
+++ b/secret_store/src/key_server_cluster/mod.rs
@@ -20,6 +20,7 @@ use ethkey;
 use ethcrypto;
 use super::types::all::ServerKeyId;
 
+pub use super::traits::NodeKeyPair;
 pub use super::types::all::{NodeId, EncryptedDocumentKeyShadow};
 pub use super::acl_storage::AclStorage;
 pub use super::key_storage::{KeyStorage, DocumentKeyShare};
@@ -30,6 +31,8 @@ pub use self::generation_session::Session as GenerationSession;
 pub use self::encryption_session::Session as EncryptionSession;
 pub use self::decryption_session::Session as DecryptionSession;
 
+#[cfg(test)]
+pub use super::node_key_pair::PlainNodeKeyPair;
 #[cfg(test)]
 pub use super::key_storage::tests::DummyKeyStorage;
 #[cfg(test)]
diff --git a/secret_store/src/key_server_cluster/net/accept_connection.rs b/secret_store/src/key_server_cluster/net/accept_connection.rs
index 339625f3f..d85e492dd 100644
--- a/secret_store/src/key_server_cluster/net/accept_connection.rs
+++ b/secret_store/src/key_server_cluster/net/accept_connection.rs
@@ -15,18 +15,18 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::io;
+use std::sync::Arc;
 use std::net::SocketAddr;
 use std::time::Duration;
 use futures::{Future, Poll};
 use tokio_core::reactor::Handle;
 use tokio_core::net::TcpStream;
-use ethkey::KeyPair;
-use key_server_cluster::Error;
+use key_server_cluster::{Error, NodeKeyPair};
 use key_server_cluster::io::{accept_handshake, Handshake, Deadline, deadline};
 use key_server_cluster::net::Connection;
 
 /// Create future for accepting incoming connection.
-pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: KeyPair) -> Deadline<AcceptConnection> {
+pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: Arc<NodeKeyPair>) -> Deadline<AcceptConnection> {
 	let accept = AcceptConnection {
 		handshake: accept_handshake(stream, self_key_pair),
 		address: address,
diff --git a/secret_store/src/key_server_cluster/net/connect.rs b/secret_store/src/key_server_cluster/net/connect.rs
index 449168ab2..7515494e4 100644
--- a/secret_store/src/key_server_cluster/net/connect.rs
+++ b/secret_store/src/key_server_cluster/net/connect.rs
@@ -14,6 +14,7 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+use std::sync::Arc;
 use std::collections::BTreeSet;
 use std::io;
 use std::time::Duration;
@@ -21,13 +22,12 @@ use std::net::SocketAddr;
 use futures::{Future, Poll, Async};
 use tokio_core::reactor::Handle;
 use tokio_core::net::{TcpStream, TcpStreamNew};
-use ethkey::KeyPair;
-use key_server_cluster::{Error, NodeId};
+use key_server_cluster::{Error, NodeId, NodeKeyPair};
 use key_server_cluster::io::{handshake, Handshake, Deadline, deadline};
 use key_server_cluster::net::Connection;
 
 /// Create future for connecting to other node.
-pub fn connect(address: &SocketAddr, handle: &Handle, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Deadline<Connect> {
+pub fn connect(address: &SocketAddr, handle: &Handle, self_key_pair: Arc<NodeKeyPair>, trusted_nodes: BTreeSet<NodeId>) -> Deadline<Connect> {
 	let connect = Connect {
 		state: ConnectState::TcpConnect(TcpStream::connect(address, handle)),
 		address: address.clone(),
@@ -48,7 +48,7 @@ enum ConnectState {
 pub struct Connect {
 	state: ConnectState,
 	address: SocketAddr,
-	self_key_pair: KeyPair,
+	self_key_pair: Arc<NodeKeyPair>,
 	trusted_nodes: BTreeSet<NodeId>,
 }
 
diff --git a/secret_store/src/key_storage.rs b/secret_store/src/key_storage.rs
index d5af7a5fa..18c61c1bf 100644
--- a/secret_store/src/key_storage.rs
+++ b/secret_store/src/key_storage.rs
@@ -241,7 +241,7 @@ pub mod tests {
 			data_path: path.as_str().to_owned(),
 			cluster_config: ClusterConfiguration {
 				threads: 1,
-				self_private: (**Random.generate().unwrap().secret().clone()).into(),
+				//self_private: (**Random.generate().unwrap().secret().clone()).into(),
 				listener_address: NodeAddress {
 					address: "0.0.0.0".to_owned(),
 					port: 8083,
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index 9750f7223..7e9897e60 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -59,22 +59,24 @@ mod key_server;
 mod key_storage;
 mod serialization;
 mod key_server_set;
+mod node_key_pair;
 
 use std::sync::Arc;
 use ethcore::client::Client;
 
 pub use types::all::{ServerKeyId, EncryptedDocumentKey, RequestSignature, Public,
 	Error, NodeAddress, ServiceConfiguration, ClusterConfiguration};
-pub use traits::{KeyServer};
+pub use traits::{NodeKeyPair, KeyServer};
+pub use self::node_key_pair::{PlainNodeKeyPair, KeyStoreNodeKeyPair};
 
 /// Start new key server instance
-pub fn start(client: Arc<Client>, config: ServiceConfiguration) -> Result<Box<KeyServer>, Error> {
+pub fn start(client: Arc<Client>, self_key_pair: Arc<NodeKeyPair>, config: ServiceConfiguration) -> Result<Box<KeyServer>, Error> {
 	use std::sync::Arc;
 
 	let acl_storage = acl_storage::OnChainAclStorage::new(&client);
 	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone())?;
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
-	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, acl_storage, key_storage)?;
+	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, self_key_pair, acl_storage, key_storage)?;
 	let listener = http_listener::KeyServerHttpListener::start(&config.listener_address, key_server)?;
 	Ok(Box::new(listener))
 }
diff --git a/secret_store/src/node_key_pair.rs b/secret_store/src/node_key_pair.rs
new file mode 100644
index 000000000..8676dd16d
--- /dev/null
+++ b/secret_store/src/node_key_pair.rs
@@ -0,0 +1,67 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::sync::Arc;
+use ethcrypto::ecdh::agree;
+use ethkey::{KeyPair, Public, Signature, Error as EthKeyError, sign};
+use ethcore::account_provider::AccountProvider;
+use util::H256;
+use traits::NodeKeyPair;
+
+pub struct PlainNodeKeyPair {
+	key_pair: KeyPair,
+}
+
+pub struct KeyStoreNodeKeyPair {
+	_account_provider: Arc<AccountProvider>,
+}
+
+impl PlainNodeKeyPair {
+	pub fn new(key_pair: KeyPair) -> Self {
+		PlainNodeKeyPair {
+			key_pair: key_pair,
+		}
+	}
+}
+
+impl NodeKeyPair for PlainNodeKeyPair {
+	fn public(&self) -> &Public {
+		self.key_pair.public()
+	}
+
+	fn sign(&self, data: &H256) -> Result<Signature, EthKeyError> {
+		sign(self.key_pair.secret(), data)
+	}
+
+	fn compute_shared_key(&self, peer_public: &Public) -> Result<KeyPair, EthKeyError> {
+		agree(self.key_pair.secret(), peer_public).map_err(|e| EthKeyError::Custom(e.into()))
+			.and_then(KeyPair::from_secret)
+	}
+}
+
+impl NodeKeyPair for KeyStoreNodeKeyPair {
+	fn public(&self) -> &Public {
+		unimplemented!()
+	}
+
+	fn sign(&self, _data: &H256) -> Result<Signature, EthKeyError> {
+		unimplemented!()
+	}
+
+	fn compute_shared_key(&self, _peer_public: &Public) -> Result<KeyPair, EthKeyError> {
+		unimplemented!()
+	}
+}
diff --git a/secret_store/src/traits.rs b/secret_store/src/traits.rs
index 33a4eff3c..31da748e0 100644
--- a/secret_store/src/traits.rs
+++ b/secret_store/src/traits.rs
@@ -14,9 +14,21 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+use ethkey::{KeyPair, Signature, Error as EthKeyError};
+use util::H256;
 use types::all::{Error, Public, ServerKeyId, MessageHash, EncryptedMessageSignature, RequestSignature, EncryptedDocumentKey,
 	EncryptedDocumentKeyShadow};
 
+/// Node key pair.
+pub trait NodeKeyPair: Send + Sync {
+	/// Public portion of key.
+	fn public(&self) -> &Public;
+	/// Sign data with node key.
+	fn sign(&self, data: &H256) -> Result<Signature, EthKeyError>;
+	/// Compute shared key to encrypt channel between two nodes.
+	fn compute_shared_key(&self, peer_public: &Public) -> Result<KeyPair, EthKeyError>;
+}
+
 /// Server key (SK) generator.
 pub trait ServerKeyGenerator {
 	/// Generate new SK.
diff --git a/secret_store/src/types/all.rs b/secret_store/src/types/all.rs
index 54fc8acae..8dc92f175 100644
--- a/secret_store/src/types/all.rs
+++ b/secret_store/src/types/all.rs
@@ -83,8 +83,6 @@ pub struct ServiceConfiguration {
 pub struct ClusterConfiguration {
 	/// Number of threads reserved by cluster.
 	pub threads: usize,
-	/// Private key this node holds.
-	pub self_private: Vec<u8>, // holds ethkey::Secret
 	/// This node address.
 	pub listener_address: NodeAddress,
 	/// All cluster nodes addresses.

From fb68b0924ab7902f301d697643a10d27f50fb739 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Tue, 25 Jul 2017 09:56:23 +0300
Subject: [PATCH 015/112] fixed parity to use new trait

---
 parity/secretstore.rs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index f215c937c..b29f43479 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -65,6 +65,7 @@ mod server {
 
 #[cfg(feature="secretstore")]
 mod server {
+	use std::sync::Arc;
 	use ethcore_secretstore;
 	use ethkey::KeyPair;
 	use super::{Configuration, Dependencies};
@@ -86,7 +87,6 @@ mod server {
 				data_path: conf.data_path.clone(),
 				cluster_config: ethcore_secretstore::ClusterConfiguration {
 					threads: 4,
-					self_private: (**self_secret).into(),
 					listener_address: ethcore_secretstore::NodeAddress {
 						address: conf.interface.clone(),
 						port: conf.port,
@@ -103,7 +103,8 @@ mod server {
 				.map_err(|e| format!("valid secret is required when using secretstore. Error: {}", e))?;
 			conf.cluster_config.nodes.insert(self_key_pair.public().clone(), conf.cluster_config.listener_address.clone());
 
-			let key_server = ethcore_secretstore::start(deps.client, conf)
+			let node_key_pair = Arc::new(ethcore_secretstore::PlainNodeKeyPair::new(self_key_pair));
+			let key_server = ethcore_secretstore::start(deps.client, node_key_pair, conf)
 				.map_err(Into::<String>::into)?;
 
 			Ok(KeyServer {

From 9e30d85fdc4c2c76d7fc0bada8302cff9b66a383 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Tue, 25 Jul 2017 10:19:48 +0300
Subject: [PATCH 016/112] continue integrating with parity

---
 parity/configuration.rs |  8 ++++----
 parity/secretstore.rs   | 29 +++++++++++++++++++----------
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/parity/configuration.rs b/parity/configuration.rs
index fe397dff5..e037defa2 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -41,7 +41,7 @@ use ethcore_logger::Config as LogConfig;
 use dir::{self, Directories, default_hypervisor_path, default_local_path, default_data_path};
 use dapps::Configuration as DappsConfiguration;
 use ipfs::Configuration as IpfsConfiguration;
-use secretstore::Configuration as SecretStoreConfiguration;
+use secretstore::{Configuration as SecretStoreConfiguration, NodeSecretKey};
 use updater::{UpdatePolicy, UpdateFilter, ReleaseTrack};
 use run::RunCmd;
 use blockchain::{BlockchainCmd, ImportBlockchain, ExportBlockchain, KillBlockchain, ExportState, DataFormat};
@@ -995,10 +995,10 @@ impl Configuration {
 		self.interface(&self.args.flag_secretstore_http_interface)
 	}
 
-	fn secretstore_self_secret(&self) -> Result<Option<Secret>, String> {
+	fn secretstore_self_secret(&self) -> Result<Option<NodeSecretKey>, String> {
 		match self.args.flag_secretstore_secret {
-			Some(ref s) => Ok(Some(s.parse()
-				.map_err(|e| format!("Invalid secret store secret: {}. Error: {:?}", s, e))?)),
+			Some(ref s) => Ok(Some(NodeSecretKey::Plain(s.parse()
+				.map_err(|e| format!("Invalid secret store secret: {}. Error: {:?}", s, e))?))),
 			None => Ok(None),
 		}
 	}
diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index b29f43479..7cdd26377 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -21,13 +21,20 @@ use ethcore::client::Client;
 use ethkey::{Secret, Public};
 use helpers::replace_home;
 
+#[derive(Debug, PartialEq, Clone)]
+/// This node secret key.
+pub enum NodeSecretKey {
+	/// Stored as plain text in configuration file.
+	Plain(Secret),
+}
+
 #[derive(Debug, PartialEq, Clone)]
 /// Secret store configuration
 pub struct Configuration {
 	/// Is secret store functionality enabled?
 	pub enabled: bool,
 	/// This node secret.
-	pub self_secret: Option<Secret>,
+	pub self_secret: Option<NodeSecretKey>,
 	/// Other nodes IDs + addresses.
 	pub nodes: BTreeMap<Public, (String, u16)>,
 	/// Interface to listen to
@@ -66,9 +73,9 @@ mod server {
 #[cfg(feature="secretstore")]
 mod server {
 	use std::sync::Arc;
-	use ethcore_secretstore;
+	use ethcore_secretstore::{self, NodeKeyPair};
 	use ethkey::KeyPair;
-	use super::{Configuration, Dependencies};
+	use super::{Configuration, Dependencies, NodeSecretKey};
 
 	/// Key server
 	pub struct KeyServer {
@@ -77,8 +84,13 @@ mod server {
 
 	impl KeyServer {
 		/// Create new key server
-		pub fn new(conf: Configuration, deps: Dependencies) -> Result<Self, String> {
-			let self_secret = conf.self_secret.ok_or("self secret is required when using secretstore")?;
+		pub fn new(mut conf: Configuration, deps: Dependencies) -> Result<Self, String> {
+			let self_secret = match conf.self_secret.take() {
+				Some(NodeSecretKey::Plain(secret)) => Arc::new(ethcore_secretstore::PlainNodeKeyPair::new(
+					KeyPair::from_secret(secret).map_err(|e| format!("invalid secret: {}", e))?)),
+				None => return Err("self secret is required when using secretstore".into()),
+			};
+
 			let mut conf = ethcore_secretstore::ServiceConfiguration {
 				listener_address: ethcore_secretstore::NodeAddress {
 					address: conf.http_interface.clone(),
@@ -99,12 +111,9 @@ mod server {
 				},
 			};
 
-			let self_key_pair = KeyPair::from_secret(self_secret.clone())
-				.map_err(|e| format!("valid secret is required when using secretstore. Error: {}", e))?;
-			conf.cluster_config.nodes.insert(self_key_pair.public().clone(), conf.cluster_config.listener_address.clone());
+			conf.cluster_config.nodes.insert(self_secret.public().clone(), conf.cluster_config.listener_address.clone());
 
-			let node_key_pair = Arc::new(ethcore_secretstore::PlainNodeKeyPair::new(self_key_pair));
-			let key_server = ethcore_secretstore::start(deps.client, node_key_pair, conf)
+			let key_server = ethcore_secretstore::start(deps.client, self_secret, conf)
 				.map_err(Into::<String>::into)?;
 
 			Ok(KeyServer {

From 2e9df2c39dbb6790d6c43befcf5214bcf650eeb7 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Tue, 25 Jul 2017 16:30:24 +0300
Subject: [PATCH 017/112] updated parity for NodeKeyPair

---
 ethcore/src/account_provider/mod.rs |  5 +++++
 parity/configuration.rs             |  5 ++++-
 parity/run.rs                       |  4 +++-
 parity/secretstore.rs               | 32 ++++++++++++++++++++++++++---
 secret_store/src/node_key_pair.rs   | 26 ++++++++++++++++++-----
 5 files changed, 62 insertions(+), 10 deletions(-)

diff --git a/ethcore/src/account_provider/mod.rs b/ethcore/src/account_provider/mod.rs
index 249ca40af..769db692c 100755
--- a/ethcore/src/account_provider/mod.rs
+++ b/ethcore/src/account_provider/mod.rs
@@ -519,6 +519,11 @@ impl AccountProvider {
 		}
 	}
 
+	/// Returns account public key.
+	pub fn account_public(&self, address: Address, password: &str) -> Result<Public, Error> {
+		self.sstore.public(&self.sstore.account_ref(&address)?, password)
+	}
+
 	/// Returns each account along with name and meta.
 	pub fn set_account_name(&self, address: Address, name: String) -> Result<(), Error> {
 		self.sstore.set_name(&self.sstore.account_ref(&address)?, name)?;
diff --git a/parity/configuration.rs b/parity/configuration.rs
index e037defa2..09dbfeedf 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -997,8 +997,11 @@ impl Configuration {
 
 	fn secretstore_self_secret(&self) -> Result<Option<NodeSecretKey>, String> {
 		match self.args.flag_secretstore_secret {
-			Some(ref s) => Ok(Some(NodeSecretKey::Plain(s.parse()
+			Some(ref s) if s.len() == 64 => Ok(Some(NodeSecretKey::Plain(s.parse()
 				.map_err(|e| format!("Invalid secret store secret: {}. Error: {:?}", s, e))?))),
+			Some(ref s) if s.len() == 40 => Ok(Some(NodeSecretKey::KeyStore(s.parse()
+				.map_err(|e| format!("Invalid secret store secret address: {}. Error: {:?}", s, e))?))),
+			Some(_) => Err(format!("Invalid secret store secret. Must be either existing account address, or hex-encoded private key")),
 			None => Ok(None),
 		}
 	}
diff --git a/parity/run.rs b/parity/run.rs
index 30f4c8759..8fc5da405 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -489,7 +489,7 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 		}
 
 		// Attempt to sign in the engine signer.
-		if !passwords.into_iter().any(|p| miner.set_engine_signer(engine_signer, p).is_ok()) {
+		if !passwords.iter().any(|p| miner.set_engine_signer(engine_signer, (*p).clone()).is_ok()) {
 			return Err(format!("No valid password for the consensus signer {}. {}", engine_signer, VERIFY_PASSWORD_HINT));
 		}
 	}
@@ -705,6 +705,8 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 	// secret store key server
 	let secretstore_deps = secretstore::Dependencies {
 		client: client.clone(),
+		account_provider: account_provider,
+		accounts_passwords: &passwords,
 	};
 	let secretstore_key_server = secretstore::start(cmd.secretstore_conf.clone(), secretstore_deps)?;
 
diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index 7cdd26377..def2cd1a6 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -17,15 +17,19 @@
 use std::collections::BTreeMap;
 use std::sync::Arc;
 use dir::default_data_path;
+use ethcore::account_provider::AccountProvider;
 use ethcore::client::Client;
 use ethkey::{Secret, Public};
 use helpers::replace_home;
+use util::Address;
 
 #[derive(Debug, PartialEq, Clone)]
 /// This node secret key.
 pub enum NodeSecretKey {
 	/// Stored as plain text in configuration file.
 	Plain(Secret),
+	/// Stored as account in key store.
+	KeyStore(Address),
 }
 
 #[derive(Debug, PartialEq, Clone)]
@@ -50,9 +54,13 @@ pub struct Configuration {
 }
 
 /// Secret store dependencies
-pub struct Dependencies {
+pub struct Dependencies<'a> {
 	/// Blockchain client.
 	pub client: Arc<Client>,
+	/// Account provider.
+	pub account_provider: Arc<AccountProvider>,
+	/// Passed accounts passwords.
+	pub accounts_passwords: &'a [String],
 }
 
 #[cfg(not(feature = "secretstore"))]
@@ -73,7 +81,7 @@ mod server {
 #[cfg(feature="secretstore")]
 mod server {
 	use std::sync::Arc;
-	use ethcore_secretstore::{self, NodeKeyPair};
+	use ethcore_secretstore;
 	use ethkey::KeyPair;
 	use super::{Configuration, Dependencies, NodeSecretKey};
 
@@ -85,9 +93,27 @@ mod server {
 	impl KeyServer {
 		/// Create new key server
 		pub fn new(mut conf: Configuration, deps: Dependencies) -> Result<Self, String> {
-			let self_secret = match conf.self_secret.take() {
+			let self_secret: Arc<ethcore_secretstore::NodeKeyPair> = match conf.self_secret.take() {
 				Some(NodeSecretKey::Plain(secret)) => Arc::new(ethcore_secretstore::PlainNodeKeyPair::new(
 					KeyPair::from_secret(secret).map_err(|e| format!("invalid secret: {}", e))?)),
+				Some(NodeSecretKey::KeyStore(account)) => {
+					// Check if account exists
+					if !deps.account_provider.has_account(account.clone()).unwrap_or(false) {
+						return Err(format!("Account {} passed as secret store node key is not found", account));
+					}
+
+					// Check if any passwords have been read from the password file(s)
+					if deps.accounts_passwords.is_empty() {
+						return Err(format!("No password found for the secret store node account {}", account));
+					}
+
+					// Attempt to sign in the engine signer.
+					let password = deps.accounts_passwords.iter()
+						.find(|p| deps.account_provider.sign(account.clone(), Some((*p).clone()), Default::default()).is_ok())
+						.ok_or(format!("No valid password for the secret store node account {}", account))?;
+					Arc::new(ethcore_secretstore::KeyStoreNodeKeyPair::new(deps.account_provider, account, password.clone())
+						.map_err(|e| format!("{}", e))?)
+				},
 				None => return Err("self secret is required when using secretstore".into()),
 			};
 
diff --git a/secret_store/src/node_key_pair.rs b/secret_store/src/node_key_pair.rs
index 8676dd16d..556625079 100644
--- a/secret_store/src/node_key_pair.rs
+++ b/secret_store/src/node_key_pair.rs
@@ -18,7 +18,7 @@ use std::sync::Arc;
 use ethcrypto::ecdh::agree;
 use ethkey::{KeyPair, Public, Signature, Error as EthKeyError, sign};
 use ethcore::account_provider::AccountProvider;
-use util::H256;
+use util::{Address, H256};
 use traits::NodeKeyPair;
 
 pub struct PlainNodeKeyPair {
@@ -26,7 +26,10 @@ pub struct PlainNodeKeyPair {
 }
 
 pub struct KeyStoreNodeKeyPair {
-	_account_provider: Arc<AccountProvider>,
+	account_provider: Arc<AccountProvider>,
+	address: Address,
+	public: Public,
+	password: String,
 }
 
 impl PlainNodeKeyPair {
@@ -52,13 +55,26 @@ impl NodeKeyPair for PlainNodeKeyPair {
 	}
 }
 
+impl KeyStoreNodeKeyPair {
+	pub fn new(account_provider: Arc<AccountProvider>, address: Address, password: String) -> Result<Self, EthKeyError> {
+		let public = account_provider.account_public(address.clone(), &password).map_err(|e| EthKeyError::Custom(format!("{}", e)))?;
+		Ok(KeyStoreNodeKeyPair {
+			account_provider: account_provider,
+			address: address,
+			public: public,
+			password: password,
+		})
+	}
+}
+
 impl NodeKeyPair for KeyStoreNodeKeyPair {
 	fn public(&self) -> &Public {
-		unimplemented!()
+		&self.public
 	}
 
-	fn sign(&self, _data: &H256) -> Result<Signature, EthKeyError> {
-		unimplemented!()
+	fn sign(&self, data: &H256) -> Result<Signature, EthKeyError> {
+		self.account_provider.sign(self.address.clone(), Some(self.password.clone()), data.clone())
+			.map_err(|e| EthKeyError::Custom(format!("{}", e)))
 	}
 
 	fn compute_shared_key(&self, _peer_public: &Public) -> Result<KeyPair, EthKeyError> {

From eb895fbb3199cd81c887c3048ba2c2090f927ac6 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Tue, 25 Jul 2017 17:54:32 +0300
Subject: [PATCH 018/112] completed KeyStoreNodeKeyPair

---
 Cargo.lock                           |  1 +
 ethcore/src/account_provider/mod.rs  |  7 +++++++
 ethstore/Cargo.toml                  |  1 +
 ethstore/src/account/safe_account.rs |  9 ++++++++-
 ethstore/src/ethstore.rs             | 12 ++++++++++++
 ethstore/src/lib.rs                  |  1 +
 ethstore/src/secret_store.rs         |  2 ++
 secret_store/src/key_server.rs       |  1 -
 secret_store/src/node_key_pair.rs    |  5 +++--
 9 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index ae33d7590..0c049c948 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -794,6 +794,7 @@ name = "ethstore"
 version = "0.1.0"
 dependencies = [
  "ethcore-bigint 0.1.3",
+ "ethcore-util 1.8.0",
  "ethcrypto 0.1.0",
  "ethkey 0.2.0",
  "itertools 0.5.9 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/ethcore/src/account_provider/mod.rs b/ethcore/src/account_provider/mod.rs
index 769db692c..752cec964 100755
--- a/ethcore/src/account_provider/mod.rs
+++ b/ethcore/src/account_provider/mod.rs
@@ -702,6 +702,13 @@ impl AccountProvider {
 		Ok(self.sstore.decrypt(&account, &password, shared_mac, message)?)
 	}
 
+	/// Agree on shared key.
+	pub fn agree(&self, address: Address, password: Option<String>, other_public: &Public) -> Result<Secret, SignError> {
+		let account = self.sstore.account_ref(&address)?;
+		let password = password.map(Ok).unwrap_or_else(|| self.password(&account))?;
+		Ok(self.sstore.agree(&account, &password, other_public)?)
+	}
+
 	/// Returns the underlying `SecretStore` reference if one exists.
 	pub fn list_geth_accounts(&self, testnet: bool) -> Vec<Address> {
 		self.sstore.list_geth_accounts(testnet).into_iter().map(|a| Address::from(a).into()).collect()
diff --git a/ethstore/Cargo.toml b/ethstore/Cargo.toml
index 117332022..9d8d2fce5 100755
--- a/ethstore/Cargo.toml
+++ b/ethstore/Cargo.toml
@@ -19,6 +19,7 @@ itertools = "0.5"
 parking_lot = "0.4"
 ethcrypto = { path = "../ethcrypto" }
 ethcore-bigint = { path = "../util/bigint" }
+ethcore-util = { path = "../util" }
 smallvec = "0.4"
 parity-wordlist = "1.0"
 tempdir = "0.3"
diff --git a/ethstore/src/account/safe_account.rs b/ethstore/src/account/safe_account.rs
index e0512fe8d..478b796e6 100755
--- a/ethstore/src/account/safe_account.rs
+++ b/ethstore/src/account/safe_account.rs
@@ -14,7 +14,8 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
-use ethkey::{KeyPair, sign, Address, Signature, Message, Public};
+use ethkey::{KeyPair, sign, Address, Signature, Message, Public, Secret};
+use crypto::ecdh::agree;
 use {json, Error, crypto};
 use account::Version;
 use super::crypto::Crypto;
@@ -135,6 +136,12 @@ impl SafeAccount {
 		crypto::ecies::decrypt(&secret, shared_mac, message).map_err(From::from)
 	}
 
+	/// Agree on shared key.
+	pub fn agree(&self, password: &str, other: &Public) -> Result<Secret, Error> {
+		let secret = self.crypto.secret(password)?;
+		agree(&secret, other).map_err(From::from)
+	}
+
 	/// Derive public key.
 	pub fn public(&self, password: &str) -> Result<Public, Error> {
 		let secret = self.crypto.secret(password)?;
diff --git a/ethstore/src/ethstore.rs b/ethstore/src/ethstore.rs
index 246671990..d32fa9f62 100755
--- a/ethstore/src/ethstore.rs
+++ b/ethstore/src/ethstore.rs
@@ -97,6 +97,10 @@ impl SimpleSecretStore for EthStore {
 		self.store.sign_derived(account_ref, password, derivation, message)
 	}
 
+	fn agree(&self, account: &StoreAccountRef, password: &str, other: &Public) -> Result<Secret, Error> {
+		self.store.agree(account, password, other)
+	}
+
 	fn decrypt(&self, account: &StoreAccountRef, password: &str, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error> {
 		let account = self.get(account)?;
 		account.decrypt(password, shared_mac, message)
@@ -509,6 +513,14 @@ impl SimpleSecretStore for EthMultiStore {
 		Err(Error::InvalidPassword)
 	}
 
+	fn agree(&self, account: &StoreAccountRef, password: &str, other: &Public) -> Result<Secret, Error> {
+		let accounts = self.get_matching(account, password)?;
+		for account in accounts {
+			return account.agree(password, other);
+		}
+		Err(Error::InvalidPassword)
+	}
+
 	fn create_vault(&self, name: &str, password: &str) -> Result<(), Error> {
 		let is_vault_created = { // lock border
 			let mut vaults = self.vaults.lock();
diff --git a/ethstore/src/lib.rs b/ethstore/src/lib.rs
index 65935f89c..311e9e73a 100755
--- a/ethstore/src/lib.rs
+++ b/ethstore/src/lib.rs
@@ -35,6 +35,7 @@ extern crate ethcore_bigint as bigint;
 extern crate ethcrypto as crypto;
 extern crate ethkey as _ethkey;
 extern crate parity_wordlist;
+extern crate ethcore_util as util;
 
 #[macro_use]
 extern crate log;
diff --git a/ethstore/src/secret_store.rs b/ethstore/src/secret_store.rs
index 2deae023e..e364245b7 100755
--- a/ethstore/src/secret_store.rs
+++ b/ethstore/src/secret_store.rs
@@ -60,6 +60,8 @@ pub trait SimpleSecretStore: Send + Sync {
 	fn sign_derived(&self, account_ref: &StoreAccountRef, password: &str, derivation: Derivation, message: &Message) -> Result<Signature, Error>;
 	/// Decrypt a messages with given account.
 	fn decrypt(&self, account: &StoreAccountRef, password: &str, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error>;
+	/// Agree on shared key.
+	fn agree(&self, account: &StoreAccountRef, password: &str, other: &Public) -> Result<Secret, Error>;
 
 	/// Returns all accounts in this secret store.
 	fn accounts(&self) -> Result<Vec<StoreAccountRef>, Error>;
diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index 0944dd37c..6526bff68 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -245,7 +245,6 @@ pub mod tests {
 		let key_pairs: Vec<_> = (0..num_nodes).map(|_| Random.generate().unwrap()).collect();
 		let configs: Vec<_> = (0..num_nodes).map(|i| ClusterConfiguration {
 				threads: 1,
-//				self_key_pair: Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
 				listener_address: NodeAddress {
 					address: "127.0.0.1".into(),
 					port: start_port + (i as u16),
diff --git a/secret_store/src/node_key_pair.rs b/secret_store/src/node_key_pair.rs
index 556625079..ce6c88a07 100644
--- a/secret_store/src/node_key_pair.rs
+++ b/secret_store/src/node_key_pair.rs
@@ -77,7 +77,8 @@ impl NodeKeyPair for KeyStoreNodeKeyPair {
 			.map_err(|e| EthKeyError::Custom(format!("{}", e)))
 	}
 
-	fn compute_shared_key(&self, _peer_public: &Public) -> Result<KeyPair, EthKeyError> {
-		unimplemented!()
+	fn compute_shared_key(&self, peer_public: &Public) -> Result<KeyPair, EthKeyError> {
+		KeyPair::from_secret(self.account_provider.agree(self.address.clone(), Some(self.password.clone()), peer_public)
+			.map_err(|e| EthKeyError::Custom(format!("{}", e)))?)
 	}
 }

From 4938dfd971a6524310611fbb0da0f0fdd02e1a72 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Tue, 25 Jul 2017 17:57:27 +0300
Subject: [PATCH 019/112] removed comment

---
 secret_store/src/key_storage.rs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/secret_store/src/key_storage.rs b/secret_store/src/key_storage.rs
index 18c61c1bf..08ebe6e1c 100644
--- a/secret_store/src/key_storage.rs
+++ b/secret_store/src/key_storage.rs
@@ -241,7 +241,6 @@ pub mod tests {
 			data_path: path.as_str().to_owned(),
 			cluster_config: ClusterConfiguration {
 				threads: 1,
-				//self_private: (**Random.generate().unwrap().secret().clone()).into(),
 				listener_address: NodeAddress {
 					address: "0.0.0.0".to_owned(),
 					port: 8083,

From 417a037ac517d1e783f6c42c4fbc9e475a7ffffc Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 26 Jul 2017 14:09:41 +0300
Subject: [PATCH 020/112] improved logging

---
 .../src/key_server_cluster/cluster.rs         | 20 ++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index 155dd4a01..c267d1259 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -262,7 +262,7 @@ impl ClusterCore {
 	fn connect_future(handle: &Handle, data: Arc<ClusterData>, node_address: SocketAddr) -> BoxedEmptyFuture {
 		let disconnected_nodes = data.connections.disconnected_nodes().keys().cloned().collect();
 		net_connect(&node_address, handle, data.self_key_pair.clone(), disconnected_nodes)
-			.then(move |result| ClusterCore::process_connection_result(data, false, result))
+			.then(move |result| ClusterCore::process_connection_result(data, Some(node_address), result))
 			.then(|_| finished(()))
 			.boxed()
 	}
@@ -290,7 +290,7 @@ impl ClusterCore {
 	/// Accept connection future.
 	fn accept_connection_future(handle: &Handle, data: Arc<ClusterData>, stream: TcpStream, node_address: SocketAddr) -> BoxedEmptyFuture {
 		net_accept_connection(node_address, stream, handle, data.self_key_pair.clone())
-			.then(move |result| ClusterCore::process_connection_result(data, true, result))
+			.then(move |result| ClusterCore::process_connection_result(data, None, result))
 			.then(|_| finished(()))
 			.boxed()
 	}
@@ -370,10 +370,10 @@ impl ClusterCore {
 	}
 
 	/// Process connection future result.
-	fn process_connection_result(data: Arc<ClusterData>, is_inbound: bool, result: Result<DeadlineStatus<Result<NetConnection, Error>>, io::Error>) -> IoFuture<Result<(), Error>> {
+	fn process_connection_result(data: Arc<ClusterData>, outbound_addr: Option<SocketAddr>, result: Result<DeadlineStatus<Result<NetConnection, Error>>, io::Error>) -> IoFuture<Result<(), Error>> {
 		match result {
 			Ok(DeadlineStatus::Meet(Ok(connection))) => {
-				let connection = Connection::new(is_inbound, connection);
+				let connection = Connection::new(outbound_addr.is_none(), connection);
 				if data.connections.insert(connection.clone()) {
 					ClusterCore::process_connection_messages(data.clone(), connection)
 				} else {
@@ -381,15 +381,21 @@ impl ClusterCore {
 				}
 			},
 			Ok(DeadlineStatus::Meet(Err(err))) => {
-				warn!(target: "secretstore_net", "{}: protocol error {} when establishind connection", data.self_key_pair.public(), err);
+				warn!(target: "secretstore_net", "{}: protocol error {} when establishing {} connection{}",
+					data.self_key_pair.public(), err, if outbound_addr.is_some() { "outbound" } else { "inbound" },
+					outbound_addr.map(|a| format!(" with {}", a)).unwrap_or_default());
 				finished(Ok(())).boxed()
 			},
 			Ok(DeadlineStatus::Timeout) => {
-				warn!(target: "secretstore_net", "{}: timeout when establishind connection", data.self_key_pair.public());
+				warn!(target: "secretstore_net", "{}: timeout when establishing {} connection{}",
+					data.self_key_pair.public(), if outbound_addr.is_some() { "outbound" } else { "inbound" },
+					outbound_addr.map(|a| format!(" with {}", a)).unwrap_or_default());
 				finished(Ok(())).boxed()
 			},
 			Err(err) => {
-				warn!(target: "secretstore_net", "{}: network error {} when establishind connection", data.self_key_pair.public(), err);
+				warn!(target: "secretstore_net", "{}: network error {} when establishing {} connection{}",
+					data.self_key_pair.public(), err, if outbound_addr.is_some() { "outbound" } else { "inbound" },
+					outbound_addr.map(|a| format!(" with {}", a)).unwrap_or_default());
 				finished(Ok(())).boxed()
 			},
 		}

From dcfb8c1a10f6590c5b565e71ec491fb9fba038dc Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 26 Jul 2017 14:09:52 +0300
Subject: [PATCH 021/112] fixed generation session lags

---
 secret_store/src/key_server_cluster/generation_session.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/secret_store/src/key_server_cluster/generation_session.rs b/secret_store/src/key_server_cluster/generation_session.rs
index e94d5bd35..0ba82524e 100644
--- a/secret_store/src/key_server_cluster/generation_session.rs
+++ b/secret_store/src/key_server_cluster/generation_session.rs
@@ -399,7 +399,7 @@ impl SessionImpl {
 		// check state
 		if data.state != SessionState::WaitingForKeysDissemination {
 			match data.state {
-				SessionState::WaitingForInitializationComplete => return Err(Error::TooEarlyForRequest),
+				SessionState::WaitingForInitializationComplete | SessionState::WaitingForInitializationConfirm(_) => return Err(Error::TooEarlyForRequest),
 				_ => return Err(Error::InvalidStateForRequest),
 			}
 		}

From c466def1e8bc2e9a25c1cf5434cd18134200be68 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 27 Jul 2017 11:33:09 +0300
Subject: [PATCH 022/112] improved logging

---
 parity/secretstore.rs | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index def2cd1a6..0f23ffdf5 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -117,7 +117,8 @@ mod server {
 				None => return Err("self secret is required when using secretstore".into()),
 			};
 
-			let mut conf = ethcore_secretstore::ServiceConfiguration {
+			let key_server_name = format!("{}:{}", conf.interface, conf.port);
+			let mut cconf = ethcore_secretstore::ServiceConfiguration {
 				listener_address: ethcore_secretstore::NodeAddress {
 					address: conf.http_interface.clone(),
 					port: conf.http_port,
@@ -137,10 +138,10 @@ mod server {
 				},
 			};
 
-			conf.cluster_config.nodes.insert(self_secret.public().clone(), conf.cluster_config.listener_address.clone());
+			cconf.cluster_config.nodes.insert(self_secret.public().clone(), cconf.cluster_config.listener_address.clone());
 
-			let key_server = ethcore_secretstore::start(deps.client, self_secret, conf)
-				.map_err(Into::<String>::into)?;
+			let key_server = ethcore_secretstore::start(deps.client, self_secret, cconf)
+				.map_err(|e| format!("Error starting KeyServer {}: {}", key_server_name, e))?;
 
 			Ok(KeyServer {
 				_key_server: key_server,

From 7c05a906d095a0e1c0f6cac16eec88247612856c Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 27 Jul 2017 13:29:09 +0300
Subject: [PATCH 023/112] cli option to disable SS HTTP API

---
 parity/cli/config.full.toml                   |  3 ++-
 parity/cli/mod.rs                             |  5 ++++
 parity/cli/usage.txt                          |  1 +
 parity/configuration.rs                       |  6 +++++
 parity/secretstore.rs                         |  7 ++++--
 secret_store/src/http_listener.rs             | 25 ++++++++++++-------
 .../key_server_cluster/generation_session.rs  |  2 +-
 secret_store/src/key_storage.rs               |  5 +---
 secret_store/src/lib.rs                       |  2 +-
 secret_store/src/types/all.rs                 |  4 +--
 10 files changed, 40 insertions(+), 20 deletions(-)

diff --git a/parity/cli/config.full.toml b/parity/cli/config.full.toml
index 581871997..47ca9ffd8 100644
--- a/parity/cli/config.full.toml
+++ b/parity/cli/config.full.toml
@@ -76,8 +76,9 @@ path = "$HOME/.parity/dapps"
 user = "test_user"
 pass = "test_pass"
 
-[secretstore]
+[secretstore]	
 disable = false
+disable_http = false
 nodes = []
 http_interface = "local"
 http_port = 8082
diff --git a/parity/cli/mod.rs b/parity/cli/mod.rs
index 262e054a2..27c5c40ff 100644
--- a/parity/cli/mod.rs
+++ b/parity/cli/mod.rs
@@ -216,6 +216,8 @@ usage! {
 		// Secret Store
 		flag_no_secretstore: bool = false,
 			or |c: &Config| otry!(c.secretstore).disable.clone(),
+		flag_no_secretstore_http: bool = false,
+			or |c: &Config| otry!(c.secretstore).disable_http.clone(),
 		flag_secretstore_secret: Option<String> = None,
 			or |c: &Config| otry!(c.secretstore).self_secret.clone().map(Some),
 		flag_secretstore_nodes: String = "",
@@ -510,6 +512,7 @@ struct Dapps {
 #[derive(Default, Debug, PartialEq, Deserialize)]
 struct SecretStore {
 	disable: Option<bool>,
+	disable_http: Option<bool>,
 	self_secret: Option<String>,
 	nodes: Option<Vec<String>>,
 	interface: Option<String>,
@@ -779,6 +782,7 @@ mod tests {
 			flag_no_dapps: false,
 
 			flag_no_secretstore: false,
+			flag_no_secretstore_http: false,
 			flag_secretstore_secret: None,
 			flag_secretstore_nodes: "".into(),
 			flag_secretstore_interface: "local".into(),
@@ -1009,6 +1013,7 @@ mod tests {
 			}),
 			secretstore: Some(SecretStore {
 				disable: None,
+				disable_http: None,
 				self_secret: None,
 				nodes: None,
 				interface: None,
diff --git a/parity/cli/usage.txt b/parity/cli/usage.txt
index dc4796e05..38c76b71f 100644
--- a/parity/cli/usage.txt
+++ b/parity/cli/usage.txt
@@ -228,6 +228,7 @@ API and Console Options:
 
 Secret Store Options:
   --no-secretstore                 Disable Secret Store functionality. (default: {flag_no_secretstore})
+  --no-secretstore-http            Disable Secret Store HTTP API. (default: {flag_no_secretstore_http})
   --secretstore-secret SECRET      Hex-encoded secret key of this node.
                                    (required, default: {flag_secretstore_secret:?}).
   --secretstore-nodes NODES        Comma-separated list of other secret store cluster nodes in form
diff --git a/parity/configuration.rs b/parity/configuration.rs
index 09dbfeedf..b17eeadef 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -586,6 +586,7 @@ impl Configuration {
 	fn secretstore_config(&self) -> Result<SecretStoreConfiguration, String> {
 		Ok(SecretStoreConfiguration {
 			enabled: self.secretstore_enabled(),
+			http_enabled: self.secretstore_http_enabled(),
 			self_secret: self.secretstore_self_secret()?,
 			nodes: self.secretstore_nodes()?,
 			interface: self.secretstore_interface(),
@@ -1050,6 +1051,10 @@ impl Configuration {
 		!self.args.flag_no_secretstore && cfg!(feature = "secretstore")
 	}
 
+	fn secretstore_http_enabled(&self) -> bool {
+		!self.args.flag_no_secretstore_http && cfg!(feature = "secretstore")
+	}
+
 	fn ui_enabled(&self) -> bool {
 		if self.args.flag_force_ui {
 			return true;
@@ -1331,6 +1336,7 @@ mod tests {
 			no_persistent_txqueue: false,
 		};
 		expected.secretstore_conf.enabled = cfg!(feature = "secretstore");
+		expected.secretstore_conf.http_enabled = cfg!(feature = "secretstore");
 		assert_eq!(conf.into_command().unwrap().cmd, Cmd::Run(expected));
 	}
 
diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index 0f23ffdf5..ef577c988 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -37,6 +37,8 @@ pub enum NodeSecretKey {
 pub struct Configuration {
 	/// Is secret store functionality enabled?
 	pub enabled: bool,
+	/// Is HTTP API enabled?
+	pub http_enabled: bool,
 	/// This node secret.
 	pub self_secret: Option<NodeSecretKey>,
 	/// Other nodes IDs + addresses.
@@ -119,10 +121,10 @@ mod server {
 
 			let key_server_name = format!("{}:{}", conf.interface, conf.port);
 			let mut cconf = ethcore_secretstore::ServiceConfiguration {
-				listener_address: ethcore_secretstore::NodeAddress {
+				listener_address: if conf.http_enabled { Some(ethcore_secretstore::NodeAddress {
 					address: conf.http_interface.clone(),
 					port: conf.http_port,
-				},
+				}) } else { None },
 				data_path: conf.data_path.clone(),
 				cluster_config: ethcore_secretstore::ClusterConfiguration {
 					threads: 4,
@@ -157,6 +159,7 @@ impl Default for Configuration {
 		let data_dir = default_data_path();
 		Configuration {
 			enabled: true,
+			http_enabled: true,
 			self_secret: None,
 			nodes: BTreeMap::new(),
 			interface: "127.0.0.1".to_owned(),
diff --git a/secret_store/src/http_listener.rs b/secret_store/src/http_listener.rs
index 1f7f14ede..86688618a 100644
--- a/secret_store/src/http_listener.rs
+++ b/secret_store/src/http_listener.rs
@@ -39,7 +39,7 @@ use types::all::{Error, Public, MessageHash, EncryptedMessageSignature, NodeAddr
 /// To sign message with server key:				GET			/{server_key_id}/{signature}/{message_hash}
 
 pub struct KeyServerHttpListener<T: KeyServer + 'static> {
-	_http_server: HttpListening,
+	http_server: Option<HttpListening>,
 	handler: Arc<KeyServerSharedHttpHandler<T>>,
 }
 
@@ -74,19 +74,26 @@ struct KeyServerSharedHttpHandler<T: KeyServer + 'static> {
 
 impl<T> KeyServerHttpListener<T> where T: KeyServer + 'static {
 	/// Start KeyServer http listener
-	pub fn start(listener_address: &NodeAddress, key_server: T) -> Result<Self, Error> {
+	pub fn start(listener_address: Option<NodeAddress>, key_server: T) -> Result<Self, Error> {
 		let shared_handler = Arc::new(KeyServerSharedHttpHandler {
 			key_server: key_server,
 		});
-		let handler = KeyServerHttpHandler {
+		/*let handler = KeyServerHttpHandler {
 			handler: shared_handler.clone(),
-		};
+		};*/
 
-		let listener_addr: &str = &format!("{}:{}", listener_address.address, listener_address.port);
+		let http_server = listener_address
+			.map(|listener_address| format!("{}:{}", listener_address.address, listener_address.port))
+			.map(|listener_address| HttpServer::http(&listener_address).expect("cannot start HttpServer"))
+			.map(|http_server| http_server.handle(KeyServerHttpHandler {
+				handler: shared_handler.clone(),
+			}).expect("cannot start HttpServer"));
+
+		/*let listener_addr: &str = &format!("{}:{}", listener_address.address, listener_address.port);
 		let http_server = HttpServer::http(&listener_addr).expect("cannot start HttpServer");
-		let http_server = http_server.handle(handler).expect("cannot start HttpServer");
+		let http_server = http_server.handle(handler).expect("cannot start HttpServer");*/
 		let listener = KeyServerHttpListener {
-			_http_server: http_server,
+			http_server: http_server,
 			handler: shared_handler,
 		};
 		Ok(listener)
@@ -128,7 +135,7 @@ impl <T> MessageSigner for KeyServerHttpListener<T> where T: KeyServer + 'static
 impl<T> Drop for KeyServerHttpListener<T> where T: KeyServer + 'static {
 	fn drop(&mut self) {
 		// ignore error as we are dropping anyway
-		let _ = self._http_server.close();
+		self.http_server.take().map(|mut s| { let _ = s.close(); });
 	}
 }
 
@@ -318,7 +325,7 @@ mod tests {
 	fn http_listener_successfully_drops() {
 		let key_server = DummyKeyServer;
 		let address = NodeAddress { address: "127.0.0.1".into(), port: 9000 };
-		let listener = KeyServerHttpListener::start(&address, key_server).unwrap();
+		let listener = KeyServerHttpListener::start(Some(address), key_server).unwrap();
 		drop(listener);
 	}
 
diff --git a/secret_store/src/key_server_cluster/generation_session.rs b/secret_store/src/key_server_cluster/generation_session.rs
index 0ba82524e..ade78bc57 100644
--- a/secret_store/src/key_server_cluster/generation_session.rs
+++ b/secret_store/src/key_server_cluster/generation_session.rs
@@ -1104,7 +1104,7 @@ pub mod tests {
 			secret1: math::generate_random_scalar().unwrap().into(),
 			secret2: math::generate_random_scalar().unwrap().into(),
 			publics: vec![math::generate_random_point().unwrap().into()],
-		}).unwrap_err(), Error::InvalidStateForRequest);
+		}).unwrap_err(), Error::TooEarlyForRequest);
 	}
 
 	#[test]
diff --git a/secret_store/src/key_storage.rs b/secret_store/src/key_storage.rs
index 08ebe6e1c..20b5eaf6c 100644
--- a/secret_store/src/key_storage.rs
+++ b/secret_store/src/key_storage.rs
@@ -234,10 +234,7 @@ pub mod tests {
 	fn persistent_key_storage() {
 		let path = RandomTempPath::create_dir();
 		let config = ServiceConfiguration {
-			listener_address: NodeAddress {
-				address: "0.0.0.0".to_owned(),
-				port: 8082,
-			},
+			listener_address: None,
 			data_path: path.as_str().to_owned(),
 			cluster_config: ClusterConfiguration {
 				threads: 1,
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index 7e9897e60..6ead7c657 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -77,6 +77,6 @@ pub fn start(client: Arc<Client>, self_key_pair: Arc<NodeKeyPair>, config: Servi
 	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone())?;
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
 	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, self_key_pair, acl_storage, key_storage)?;
-	let listener = http_listener::KeyServerHttpListener::start(&config.listener_address, key_server)?;
+	let listener = http_listener::KeyServerHttpListener::start(config.listener_address, key_server)?;
 	Ok(Box::new(listener))
 }
diff --git a/secret_store/src/types/all.rs b/secret_store/src/types/all.rs
index 8dc92f175..6bc0d9c87 100644
--- a/secret_store/src/types/all.rs
+++ b/secret_store/src/types/all.rs
@@ -69,8 +69,8 @@ pub struct NodeAddress {
 #[binary]
 /// Secret store configuration
 pub struct ServiceConfiguration {
-	/// HTTP listener address.
-	pub listener_address: NodeAddress,
+	/// HTTP listener address. If None, HTTP API is disabled.
+	pub listener_address: Option<NodeAddress>,
 	/// Data directory path for secret store
 	pub data_path: String,
 	/// Cluster configuration.

From c345bc3d856e48c3c37f0a56bbea7cc1eabc74dc Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Thu, 27 Jul 2017 15:48:07 +0300
Subject: [PATCH 024/112] cli option to disable SS ACL check

---
 parity/cli/config.full.toml                   |  1 +
 parity/cli/mod.rs                             |  5 ++
 parity/cli/usage.txt                          |  1 +
 parity/configuration.rs                       |  5 ++
 parity/secretstore.rs                         |  4 ++
 secret_store/src/acl_storage.rs               | 57 ++++++++-----------
 secret_store/src/key_server.rs                |  2 +-
 .../key_server_cluster/decryption_session.rs  |  2 +-
 secret_store/src/key_server_cluster/mod.rs    |  2 +-
 .../src/key_server_cluster/signing_session.rs |  2 +-
 secret_store/src/key_storage.rs               |  1 +
 secret_store/src/lib.rs                       |  6 +-
 secret_store/src/types/all.rs                 |  2 +
 13 files changed, 53 insertions(+), 37 deletions(-)

diff --git a/parity/cli/config.full.toml b/parity/cli/config.full.toml
index 47ca9ffd8..75677ed6c 100644
--- a/parity/cli/config.full.toml
+++ b/parity/cli/config.full.toml
@@ -79,6 +79,7 @@ pass = "test_pass"
 [secretstore]	
 disable = false
 disable_http = false
+disable_acl_check = false
 nodes = []
 http_interface = "local"
 http_port = 8082
diff --git a/parity/cli/mod.rs b/parity/cli/mod.rs
index 27c5c40ff..50032767a 100644
--- a/parity/cli/mod.rs
+++ b/parity/cli/mod.rs
@@ -218,6 +218,8 @@ usage! {
 			or |c: &Config| otry!(c.secretstore).disable.clone(),
 		flag_no_secretstore_http: bool = false,
 			or |c: &Config| otry!(c.secretstore).disable_http.clone(),
+		flag_no_secretstore_acl_check: bool = false,
+			or |c: &Config| otry!(c.secretstore).disable_acl_check.clone(),
 		flag_secretstore_secret: Option<String> = None,
 			or |c: &Config| otry!(c.secretstore).self_secret.clone().map(Some),
 		flag_secretstore_nodes: String = "",
@@ -513,6 +515,7 @@ struct Dapps {
 struct SecretStore {
 	disable: Option<bool>,
 	disable_http: Option<bool>,
+	disable_acl_check: Option<bool>,
 	self_secret: Option<String>,
 	nodes: Option<Vec<String>>,
 	interface: Option<String>,
@@ -783,6 +786,7 @@ mod tests {
 
 			flag_no_secretstore: false,
 			flag_no_secretstore_http: false,
+			flag_no_secretstore_acl_check: false,
 			flag_secretstore_secret: None,
 			flag_secretstore_nodes: "".into(),
 			flag_secretstore_interface: "local".into(),
@@ -1014,6 +1018,7 @@ mod tests {
 			secretstore: Some(SecretStore {
 				disable: None,
 				disable_http: None,
+				disable_acl_check: None,
 				self_secret: None,
 				nodes: None,
 				interface: None,
diff --git a/parity/cli/usage.txt b/parity/cli/usage.txt
index 38c76b71f..da36c4a2b 100644
--- a/parity/cli/usage.txt
+++ b/parity/cli/usage.txt
@@ -229,6 +229,7 @@ API and Console Options:
 Secret Store Options:
   --no-secretstore                 Disable Secret Store functionality. (default: {flag_no_secretstore})
   --no-secretstore-http            Disable Secret Store HTTP API. (default: {flag_no_secretstore_http})
+  --no-acl-check                   Disable ACL check (useful for test environments). (default: {flag_no_secretstore_acl_check})
   --secretstore-secret SECRET      Hex-encoded secret key of this node.
                                    (required, default: {flag_secretstore_secret:?}).
   --secretstore-nodes NODES        Comma-separated list of other secret store cluster nodes in form
diff --git a/parity/configuration.rs b/parity/configuration.rs
index b17eeadef..0583bdb81 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -587,6 +587,7 @@ impl Configuration {
 		Ok(SecretStoreConfiguration {
 			enabled: self.secretstore_enabled(),
 			http_enabled: self.secretstore_http_enabled(),
+			acl_check_enabled: self.secretstore_acl_check_enabled(),
 			self_secret: self.secretstore_self_secret()?,
 			nodes: self.secretstore_nodes()?,
 			interface: self.secretstore_interface(),
@@ -1055,6 +1056,10 @@ impl Configuration {
 		!self.args.flag_no_secretstore_http && cfg!(feature = "secretstore")
 	}
 
+	fn secretstore_acl_check_enabled(&self) -> bool {
+		!self.args.flag_no_secretstore_acl_check
+	}
+
 	fn ui_enabled(&self) -> bool {
 		if self.args.flag_force_ui {
 			return true;
diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index ef577c988..8094ef323 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -39,6 +39,8 @@ pub struct Configuration {
 	pub enabled: bool,
 	/// Is HTTP API enabled?
 	pub http_enabled: bool,
+	/// Is ACL check enabled.
+	pub acl_check_enabled: bool,
 	/// This node secret.
 	pub self_secret: Option<NodeSecretKey>,
 	/// Other nodes IDs + addresses.
@@ -126,6 +128,7 @@ mod server {
 					port: conf.http_port,
 				}) } else { None },
 				data_path: conf.data_path.clone(),
+				acl_check_enabled: conf.acl_check_enabled,
 				cluster_config: ethcore_secretstore::ClusterConfiguration {
 					threads: 4,
 					listener_address: ethcore_secretstore::NodeAddress {
@@ -160,6 +163,7 @@ impl Default for Configuration {
 		Configuration {
 			enabled: true,
 			http_enabled: true,
+			acl_check_enabled: true,
 			self_secret: None,
 			nodes: BTreeMap::new(),
 			interface: "127.0.0.1".to_owned(),
diff --git a/secret_store/src/acl_storage.rs b/secret_store/src/acl_storage.rs
index 37d5bcd25..0a3ee9276 100644
--- a/secret_store/src/acl_storage.rs
+++ b/secret_store/src/acl_storage.rs
@@ -15,8 +15,9 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::sync::{Arc, Weak};
+use std::collections::{HashMap, HashSet};
 use futures::{future, Future};
-use parking_lot::Mutex;
+use parking_lot::{Mutex, RwLock};
 use ethkey::public_to_address;
 use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify};
 use native_contracts::SecretStoreAclStorage;
@@ -47,6 +48,12 @@ struct CachedContract {
 	contract: Option<SecretStoreAclStorage>,
 }
 
+#[derive(Default, Debug)]
+/// Dummy ACL storage implementation (check always passed).
+pub struct DummyAclStorage {
+	prohibited: RwLock<HashMap<Public, HashSet<ServerKeyId>>>,
+}
+
 impl OnChainAclStorage {
 	pub fn new(client: &Arc<Client>) -> Arc<Self> {
 		let acl_storage = Arc::new(OnChainAclStorage {
@@ -113,36 +120,22 @@ impl CachedContract {
 	}
 }
 
-#[cfg(test)]
-pub mod tests {
-	use std::collections::{HashMap, HashSet};
-	use parking_lot::RwLock;
-	use types::all::{Error, ServerKeyId, Public};
-	use super::AclStorage;
-
-	#[derive(Default, Debug)]
-	/// Dummy ACL storage implementation
-	pub struct DummyAclStorage {
-		prohibited: RwLock<HashMap<Public, HashSet<ServerKeyId>>>,
-	}
-
-	impl DummyAclStorage {
-		#[cfg(test)]
-		/// Prohibit given requestor access to given document
-		pub fn prohibit(&self, public: Public, document: ServerKeyId) {
-			self.prohibited.write()
-				.entry(public)
-				.or_insert_with(Default::default)
-				.insert(document);
-		}
-	}
-
-	impl AclStorage for DummyAclStorage {
-		fn check(&self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
-			Ok(self.prohibited.read()
-				.get(public)
-				.map(|docs| !docs.contains(document))
-				.unwrap_or(true))
-		}
+impl DummyAclStorage {
+	#[cfg(test)]
+	/// Prohibit given requestor access to given document
+	pub fn prohibit(&self, public: Public, document: ServerKeyId) {
+		self.prohibited.write()
+			.entry(public)
+			.or_insert_with(Default::default)
+			.insert(document);
+	}
+}
+
+impl AclStorage for DummyAclStorage {
+	fn check(&self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
+		Ok(self.prohibited.read()
+			.get(public)
+			.map(|docs| !docs.contains(document))
+			.unwrap_or(true))
 	}
 }
diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index 6526bff68..f9fad19df 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -196,7 +196,7 @@ pub mod tests {
 	use std::collections::BTreeMap;
 	use ethcrypto;
 	use ethkey::{self, Secret, Random, Generator};
-	use acl_storage::tests::DummyAclStorage;
+	use acl_storage::DummyAclStorage;
 	use key_storage::tests::DummyKeyStorage;
 	use node_key_pair::PlainNodeKeyPair;
 	use key_server_set::tests::MapKeyServerSet;
diff --git a/secret_store/src/key_server_cluster/decryption_session.rs b/secret_store/src/key_server_cluster/decryption_session.rs
index 6a806bb92..afc73f858 100644
--- a/secret_store/src/key_server_cluster/decryption_session.rs
+++ b/secret_store/src/key_server_cluster/decryption_session.rs
@@ -467,7 +467,7 @@ impl Ord for DecryptionSessionId {
 mod tests {
 	use std::sync::Arc;
 	use std::collections::BTreeMap;
-	use super::super::super::acl_storage::tests::DummyAclStorage;
+	use super::super::super::acl_storage::DummyAclStorage;
 	use ethkey::{self, KeyPair, Random, Generator, Public, Secret};
 	use key_server_cluster::{NodeId, DocumentKeyShare, SessionId, Error, EncryptedDocumentKeyShadow, SessionMeta};
 	use key_server_cluster::cluster::tests::DummyCluster;
diff --git a/secret_store/src/key_server_cluster/mod.rs b/secret_store/src/key_server_cluster/mod.rs
index 102c3672f..4fcda1539 100644
--- a/secret_store/src/key_server_cluster/mod.rs
+++ b/secret_store/src/key_server_cluster/mod.rs
@@ -36,7 +36,7 @@ pub use super::node_key_pair::PlainNodeKeyPair;
 #[cfg(test)]
 pub use super::key_storage::tests::DummyKeyStorage;
 #[cfg(test)]
-pub use super::acl_storage::tests::DummyAclStorage;
+pub use super::acl_storage::DummyAclStorage;
 #[cfg(test)]
 pub use super::key_server_set::tests::MapKeyServerSet;
 
diff --git a/secret_store/src/key_server_cluster/signing_session.rs b/secret_store/src/key_server_cluster/signing_session.rs
index 00246ae64..e647c8b14 100644
--- a/secret_store/src/key_server_cluster/signing_session.rs
+++ b/secret_store/src/key_server_cluster/signing_session.rs
@@ -572,7 +572,7 @@ mod tests {
 	use std::collections::{BTreeMap, VecDeque};
 	use ethkey::{self, Random, Generator, Public};
 	use util::H256;
-	use super::super::super::acl_storage::tests::DummyAclStorage;
+	use super::super::super::acl_storage::DummyAclStorage;
 	use key_server_cluster::{NodeId, SessionId, SessionMeta, Error, KeyStorage};
 	use key_server_cluster::cluster::tests::DummyCluster;
 	use key_server_cluster::generation_session::{Session as GenerationSession};
diff --git a/secret_store/src/key_storage.rs b/secret_store/src/key_storage.rs
index 20b5eaf6c..2fad4cdf7 100644
--- a/secret_store/src/key_storage.rs
+++ b/secret_store/src/key_storage.rs
@@ -235,6 +235,7 @@ pub mod tests {
 		let path = RandomTempPath::create_dir();
 		let config = ServiceConfiguration {
 			listener_address: None,
+			acl_check_enabled: true,
 			data_path: path.as_str().to_owned(),
 			cluster_config: ClusterConfiguration {
 				threads: 1,
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index 6ead7c657..d7f35a55a 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -73,7 +73,11 @@ pub use self::node_key_pair::{PlainNodeKeyPair, KeyStoreNodeKeyPair};
 pub fn start(client: Arc<Client>, self_key_pair: Arc<NodeKeyPair>, config: ServiceConfiguration) -> Result<Box<KeyServer>, Error> {
 	use std::sync::Arc;
 
-	let acl_storage = acl_storage::OnChainAclStorage::new(&client);
+	let acl_storage: Arc<acl_storage::AclStorage> = if config.acl_check_enabled {
+			acl_storage::OnChainAclStorage::new(&client)
+		} else {
+			Arc::new(acl_storage::DummyAclStorage::default())
+		};
 	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone())?;
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
 	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, self_key_pair, acl_storage, key_storage)?;
diff --git a/secret_store/src/types/all.rs b/secret_store/src/types/all.rs
index 6bc0d9c87..6867c82f3 100644
--- a/secret_store/src/types/all.rs
+++ b/secret_store/src/types/all.rs
@@ -71,6 +71,8 @@ pub struct NodeAddress {
 pub struct ServiceConfiguration {
 	/// HTTP listener address. If None, HTTP API is disabled.
 	pub listener_address: Option<NodeAddress>,
+	/// Is ACL check enabled. If false, everyone has access to all keys. Useful for tests only.
+	pub acl_check_enabled: bool,
 	/// Data directory path for secret store
 	pub data_path: String,
 	/// Cluster configuration.

From 47c058a337f760e7f3435fc6d5dbaca12340da66 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 2 Aug 2017 12:05:47 +0300
Subject: [PATCH 025/112] fixed warning

---
 secret_store/src/key_server_cluster/io/deadline.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/secret_store/src/key_server_cluster/io/deadline.rs b/secret_store/src/key_server_cluster/io/deadline.rs
index 501a69057..10f485b7d 100644
--- a/secret_store/src/key_server_cluster/io/deadline.rs
+++ b/secret_store/src/key_server_cluster/io/deadline.rs
@@ -19,7 +19,7 @@ use std::time::Duration;
 use futures::{Future, Select, BoxFuture, Poll, Async};
 use tokio_core::reactor::{Handle, Timeout};
 
-type DeadlineBox<F> where F: Future = BoxFuture<DeadlineStatus<F::Item>, F::Error>;
+type DeadlineBox<F> = BoxFuture<DeadlineStatus<<F as Future>::Item>, <F as Future>::Error>;
 
 /// Complete a passed future or fail if it is not completed within timeout.
 pub fn deadline<F, T>(duration: Duration, handle: &Handle, future: F) -> Result<Deadline<F>, io::Error>

From b0f9d73f6a55e705d96317f2ccdb011b6fedd1da Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Thu, 3 Aug 2017 16:42:56 +0200
Subject: [PATCH 026/112] InstantSeal fix

---
 ethcore/src/engines/instant_seal.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ethcore/src/engines/instant_seal.rs b/ethcore/src/engines/instant_seal.rs
index 114e27549..976f815e0 100644
--- a/ethcore/src/engines/instant_seal.rs
+++ b/ethcore/src/engines/instant_seal.rs
@@ -19,7 +19,7 @@ use util::Address;
 use builtin::Builtin;
 use engines::{Engine, Seal};
 use spec::CommonParams;
-use block::ExecutedBlock;
+use block::{ExecutedBlock, IsBlock};
 
 /// An engine which does not provide any consensus mechanism, just seals blocks internally.
 pub struct InstantSeal {
@@ -56,8 +56,8 @@ impl Engine for InstantSeal {
 
 	fn seals_internally(&self) -> Option<bool> { Some(true) }
 
-	fn generate_seal(&self, _block: &ExecutedBlock) -> Seal {
-		Seal::Regular(Vec::new())
+	fn generate_seal(&self, block: &ExecutedBlock) -> Seal {
+		if block.transactions().is_empty() { Seal::None } else { Seal::Regular(Vec::new()) }
 	}
 }
 

From 6b3f5c977aafb753a360830cd1a797430a76ae8a Mon Sep 17 00:00:00 2001
From: NikVolf <nikvolf@gmail.com>
Date: Thu, 3 Aug 2017 21:35:51 +0300
Subject: [PATCH 027/112] overflow check in addition

---
 util/rlp/src/error.rs         | 2 ++
 util/rlp/src/untrusted_rlp.rs | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/util/rlp/src/error.rs b/util/rlp/src/error.rs
index 6b15ea8a6..5113fdc17 100644
--- a/util/rlp/src/error.rs
+++ b/util/rlp/src/error.rs
@@ -30,6 +30,8 @@ pub enum DecoderError {
 	RlpInvalidIndirection,
 	/// Declared length is inconsistent with data specified after.
 	RlpInconsistentLengthAndData,
+	/// Declared length is invalid and results in overflow
+	RlpInvalidLength,
 	/// Custom rlp decoding error.
 	Custom(&'static str),
 }
diff --git a/util/rlp/src/untrusted_rlp.rs b/util/rlp/src/untrusted_rlp.rs
index 16714fe98..e7eb44f5d 100644
--- a/util/rlp/src/untrusted_rlp.rs
+++ b/util/rlp/src/untrusted_rlp.rs
@@ -371,7 +371,8 @@ impl<'a> BasicDecoder<'a> {
 				}
 				let len = decode_usize(&bytes[1..begin_of_value])?;
 
-				let last_index_of_value = begin_of_value + len;
+				let last_index_of_value = begin_of_value.overflowing_add(len)
+					.ok_or(DecoderError::RlpInvalidLength)?;
 				if bytes.len() < last_index_of_value {
 					return Err(DecoderError::RlpInconsistentLengthAndData);
 				}

From d30e47a50e73cb8c7c1298615e431877a153c1b0 Mon Sep 17 00:00:00 2001
From: NikVolf <nikvolf@gmail.com>
Date: Thu, 3 Aug 2017 21:40:16 +0300
Subject: [PATCH 028/112] add test

---
 util/rlp/src/untrusted_rlp.rs | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/util/rlp/src/untrusted_rlp.rs b/util/rlp/src/untrusted_rlp.rs
index e7eb44f5d..41149606c 100644
--- a/util/rlp/src/untrusted_rlp.rs
+++ b/util/rlp/src/untrusted_rlp.rs
@@ -371,7 +371,7 @@ impl<'a> BasicDecoder<'a> {
 				}
 				let len = decode_usize(&bytes[1..begin_of_value])?;
 
-				let last_index_of_value = begin_of_value.overflowing_add(len)
+				let last_index_of_value = begin_of_value.checked_add(len)
 					.ok_or(DecoderError::RlpInvalidLength)?;
 				if bytes.len() < last_index_of_value {
 					return Err(DecoderError::RlpInconsistentLengthAndData);
@@ -386,7 +386,7 @@ impl<'a> BasicDecoder<'a> {
 
 #[cfg(test)]
 mod tests {
-	use UntrustedRlp;
+	use {UntrustedRlp, DecoderError};
 
 	#[test]
 	fn test_rlp_display() {
@@ -395,4 +395,12 @@ mod tests {
 		let rlp = UntrustedRlp::new(&data);
 		assert_eq!(format!("{}", rlp), "[\"0x05\", \"0x010efbef67941f79b2\", \"0x56e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b421\", \"0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470\"]");
 	}
+
+	#[test]
+	fn length_overflow() {
+		let bs = [0xbf, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xe5];
+		let rlp = UntrustedRlp::new(&bs);
+		let res: Result<u8, DecoderError> = rlp.as_val();
+		assert_eq!(Err(DecoderError::RlpInvalidLength), res);
+	}
 }

From 63f8cc350384b106741868a8b807a0516f1af741 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Fri, 4 Aug 2017 13:06:01 +0200
Subject: [PATCH 029/112] price-info does not depend on util

---
 Cargo.lock                   |   2 +-
 price-info/Cargo.toml        |   2 +-
 price-info/src/lib.rs        | 205 +++++++++++++++++++++++++++++++-
 price-info/src/price_info.rs | 222 -----------------------------------
 4 files changed, 205 insertions(+), 226 deletions(-)
 delete mode 100644 price-info/src/price_info.rs

diff --git a/Cargo.lock b/Cargo.lock
index cc8c7d3c7..2487579d5 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2208,10 +2208,10 @@ dependencies = [
 name = "price-info"
 version = "1.7.0"
 dependencies = [
- "ethcore-util 1.8.0",
  "fetch 0.1.0",
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "parking_lot 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde_json 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
diff --git a/price-info/Cargo.toml b/price-info/Cargo.toml
index b0226df8e..a6cc13eb7 100644
--- a/price-info/Cargo.toml
+++ b/price-info/Cargo.toml
@@ -13,4 +13,4 @@ log = "0.3"
 serde_json = "1.0"
 
 [dev-dependencies]
-ethcore-util = { path = "../util" }
+parking_lot = "0.4"
diff --git a/price-info/src/lib.rs b/price-info/src/lib.rs
index ec6fcfb5d..198711bb1 100644
--- a/price-info/src/lib.rs
+++ b/price-info/src/lib.rs
@@ -26,6 +26,207 @@ extern crate log;
 
 pub extern crate fetch;
 
-mod price_info;
+use std::cmp;
+use std::fmt;
+use std::io;
+use std::io::Read;
+use std::str::FromStr;
 
-pub use price_info::*;
+use fetch::{Client as FetchClient, Fetch};
+use futures::Future;
+use serde_json::Value;
+
+/// Current ETH price information.
+#[derive(Debug)]
+pub struct PriceInfo {
+	/// Current ETH price in USD.
+	pub ethusd: f32,
+}
+
+/// Price info error.
+#[derive(Debug)]
+pub enum Error {
+	/// The API returned an unexpected status code or content.
+	UnexpectedResponse(&'static str, String),
+	/// There was an error when trying to reach the API.
+	Fetch(fetch::Error),
+	/// IO error when reading API response.
+	Io(io::Error),
+}
+
+impl From<io::Error> for Error {
+	fn from(err: io::Error) -> Self { Error::Io(err) }
+}
+
+impl From<fetch::Error> for Error {
+	fn from(err: fetch::Error) -> Self { Error::Fetch(err) }
+}
+
+/// A client to get the current ETH price using an external API.
+pub struct Client<F = FetchClient> {
+	api_endpoint: String,
+	fetch: F,
+}
+
+impl<F> fmt::Debug for Client<F> {
+	fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+		fmt.debug_struct("price_info::Client")
+		   .field("api_endpoint", &self.api_endpoint)
+		   .finish()
+	}
+}
+
+impl<F> cmp::PartialEq for Client<F> {
+	fn eq(&self, other: &Client<F>) -> bool {
+		self.api_endpoint == other.api_endpoint
+	}
+}
+
+impl<F: Fetch> Client<F> {
+	/// Creates a new instance of the `Client` given a `fetch::Client`.
+	pub fn new(fetch: F) -> Client<F> {
+		let api_endpoint = "http://api.etherscan.io/api?module=stats&action=ethprice".to_owned();
+		Client { api_endpoint, fetch }
+	}
+
+	/// Gets the current ETH price and calls `set_price` with the result.
+	pub fn get<G: Fn(PriceInfo) + Sync + Send + 'static>(&self, set_price: G) {
+		self.fetch.forget(self.fetch.fetch(&self.api_endpoint)
+			.map_err(|err| Error::Fetch(err))
+			.and_then(move |mut response| {
+				let mut result = String::new();
+				response.read_to_string(&mut result)?;
+
+				if response.is_success() {
+					let value: Result<Value, _> = serde_json::from_str(&result);
+					if let Ok(v) = value {
+						let obj = v.pointer("/result/ethusd").and_then(|obj| {
+							match *obj {
+								Value::String(ref s) => FromStr::from_str(s).ok(),
+								_ => None,
+							}
+						});
+
+						if let Some(ethusd) = obj {
+							set_price(PriceInfo { ethusd });
+							return Ok(());
+						}
+					}
+				}
+
+				let status = response.status().canonical_reason().unwrap_or("unknown");
+				Err(Error::UnexpectedResponse(status, result))
+			})
+			.map_err(|err| {
+				warn!("Failed to auto-update latest ETH price: {:?}", err);
+				err
+			})
+		);
+	}
+}
+
+#[cfg(test)]
+mod test {
+	extern crate parking_lot;
+
+	use self::parking_lot::Mutex;
+	use std::sync::Arc;
+	use std::sync::atomic::{AtomicBool, Ordering};
+	use fetch;
+	use fetch::Fetch;
+	use futures;
+	use futures::future::{Future, FutureResult};
+	use Client;
+
+	#[derive(Clone)]
+	struct FakeFetch(Option<String>, Arc<Mutex<u64>>);
+	impl Fetch for FakeFetch {
+		type Result = FutureResult<fetch::Response, fetch::Error>;
+		fn new() -> Result<Self, fetch::Error> where Self: Sized { Ok(FakeFetch(None, Default::default())) }
+		fn fetch_with_abort(&self, url: &str, _abort: fetch::Abort) -> Self::Result {
+			assert_eq!(url, "http://api.etherscan.io/api?module=stats&action=ethprice");
+			let mut val = self.1.lock();
+			*val = *val + 1;
+			if let Some(ref response) = self.0 {
+				let data = ::std::io::Cursor::new(response.clone());
+				futures::future::ok(fetch::Response::from_reader(data))
+			} else {
+				futures::future::ok(fetch::Response::not_found())
+			}
+		}
+
+		// this guarantees that the calls to price_info::Client::get will block for execution
+		fn forget<F, I, E>(&self, f: F) where
+			F: Future<Item=I, Error=E> + Send + 'static,
+			I: Send + 'static,
+			E: Send + 'static {
+			let _ = f.wait();
+		}
+	}
+
+	fn price_info_ok(response: &str) -> Client<FakeFetch> {
+		Client::new(FakeFetch(Some(response.to_owned()), Default::default()))
+	}
+
+	fn price_info_not_found() -> Client<FakeFetch> {
+		Client::new(FakeFetch::new().unwrap())
+	}
+
+	#[test]
+	fn should_get_price_info() {
+		// given
+		let response = r#"{
+			"status": "1",
+			"message": "OK",
+			"result": {
+				"ethbtc": "0.0891",
+				"ethbtc_timestamp": "1499894236",
+				"ethusd": "209.55",
+				"ethusd_timestamp": "1499894229"
+			}
+		}"#;
+
+		let price_info = price_info_ok(response);
+
+		// when
+		price_info.get(|price| {
+
+			// then
+			assert_eq!(price.ethusd, 209.55);
+		});
+	}
+
+	#[test]
+	fn should_not_call_set_price_if_response_is_malformed() {
+		// given
+		let response = "{}";
+
+		let price_info = price_info_ok(response);
+		let b = Arc::new(AtomicBool::new(false));
+
+		// when
+		let bb = b.clone();
+		price_info.get(move |_| {
+			bb.store(true, Ordering::Relaxed);
+		});
+
+		// then
+		assert_eq!(b.load(Ordering::Relaxed), false);
+	}
+
+	#[test]
+	fn should_not_call_set_price_if_response_is_invalid() {
+		// given
+		let price_info = price_info_not_found();
+		let b = Arc::new(AtomicBool::new(false));
+
+		// when
+		let bb = b.clone();
+		price_info.get(move |_| {
+			bb.store(true, Ordering::Relaxed);
+		});
+
+		// then
+		assert_eq!(b.load(Ordering::Relaxed), false);
+	}
+}
diff --git a/price-info/src/price_info.rs b/price-info/src/price_info.rs
deleted file mode 100644
index 36ca033d2..000000000
--- a/price-info/src/price_info.rs
+++ /dev/null
@@ -1,222 +0,0 @@
-// Copyright 2015-2017 Parity Technologies (UK) Ltd.
-// This file is part of Parity.
-
-// Parity is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-
-// Parity is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-
-// You should have received a copy of the GNU General Public License
-// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
-
-use std::cmp;
-use std::fmt;
-use std::io;
-use std::io::Read;
-use std::str::FromStr;
-
-use fetch;
-use fetch::{Client as FetchClient, Fetch};
-use futures::Future;
-use serde_json;
-use serde_json::Value;
-
-/// Current ETH price information.
-#[derive(Debug)]
-pub struct PriceInfo {
-	/// Current ETH price in USD.
-	pub ethusd: f32,
-}
-
-/// Price info error.
-#[derive(Debug)]
-pub enum Error {
-	/// The API returned an unexpected status code or content.
-	UnexpectedResponse(&'static str, String),
-	/// There was an error when trying to reach the API.
-	Fetch(fetch::Error),
-	/// IO error when reading API response.
-	Io(io::Error),
-}
-
-impl From<io::Error> for Error {
-	fn from(err: io::Error) -> Self { Error::Io(err) }
-}
-
-impl From<fetch::Error> for Error {
-	fn from(err: fetch::Error) -> Self { Error::Fetch(err) }
-}
-
-/// A client to get the current ETH price using an external API.
-pub struct Client<F = FetchClient> {
-	api_endpoint: String,
-	fetch: F,
-}
-
-impl<F> fmt::Debug for Client<F> {
-	fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
-		fmt.debug_struct("price_info::Client")
-		   .field("api_endpoint", &self.api_endpoint)
-		   .finish()
-	}
-}
-
-impl<F> cmp::PartialEq for Client<F> {
-	fn eq(&self, other: &Client<F>) -> bool {
-		self.api_endpoint == other.api_endpoint
-	}
-}
-
-impl<F: Fetch> Client<F> {
-	/// Creates a new instance of the `Client` given a `fetch::Client`.
-	pub fn new(fetch: F) -> Client<F> {
-		let api_endpoint = "http://api.etherscan.io/api?module=stats&action=ethprice".to_owned();
-		Client { api_endpoint, fetch }
-	}
-
-	/// Gets the current ETH price and calls `set_price` with the result.
-	pub fn get<G: Fn(PriceInfo) + Sync + Send + 'static>(&self, set_price: G) {
-		self.fetch.forget(self.fetch.fetch(&self.api_endpoint)
-			.map_err(|err| Error::Fetch(err))
-			.and_then(move |mut response| {
-				let mut result = String::new();
-				response.read_to_string(&mut result)?;
-
-				if response.is_success() {
-					let value: Result<Value, _> = serde_json::from_str(&result);
-					if let Ok(v) = value {
-						let obj = v.pointer("/result/ethusd").and_then(|obj| {
-							match *obj {
-								Value::String(ref s) => FromStr::from_str(s).ok(),
-								_ => None,
-							}
-						});
-
-						if let Some(ethusd) = obj {
-							set_price(PriceInfo { ethusd });
-							return Ok(());
-						}
-					}
-				}
-
-				let status = response.status().canonical_reason().unwrap_or("unknown");
-				Err(Error::UnexpectedResponse(status, result))
-			})
-			.map_err(|err| {
-				warn!("Failed to auto-update latest ETH price: {:?}", err);
-				err
-			})
-		);
-	}
-}
-
-#[cfg(test)]
-mod test {
-	extern crate ethcore_util as util;
-
-	use self::util::Mutex;
-	use std::sync::Arc;
-	use std::sync::atomic::{AtomicBool, Ordering};
-	use fetch;
-	use fetch::Fetch;
-	use futures;
-	use futures::future::{Future, FutureResult};
-	use price_info::Client;
-
-	#[derive(Clone)]
-	struct FakeFetch(Option<String>, Arc<Mutex<u64>>);
-	impl Fetch for FakeFetch {
-		type Result = FutureResult<fetch::Response, fetch::Error>;
-		fn new() -> Result<Self, fetch::Error> where Self: Sized { Ok(FakeFetch(None, Default::default())) }
-		fn fetch_with_abort(&self, url: &str, _abort: fetch::Abort) -> Self::Result {
-			assert_eq!(url, "http://api.etherscan.io/api?module=stats&action=ethprice");
-			let mut val = self.1.lock();
-			*val = *val + 1;
-			if let Some(ref response) = self.0 {
-				let data = ::std::io::Cursor::new(response.clone());
-				futures::future::ok(fetch::Response::from_reader(data))
-			} else {
-				futures::future::ok(fetch::Response::not_found())
-			}
-		}
-
-		// this guarantees that the calls to price_info::Client::get will block for execution
-		fn forget<F, I, E>(&self, f: F) where
-			F: Future<Item=I, Error=E> + Send + 'static,
-			I: Send + 'static,
-			E: Send + 'static {
-			let _ = f.wait();
-		}
-	}
-
-	fn price_info_ok(response: &str) -> Client<FakeFetch> {
-		Client::new(FakeFetch(Some(response.to_owned()), Default::default()))
-	}
-
-	fn price_info_not_found() -> Client<FakeFetch> {
-		Client::new(FakeFetch::new().unwrap())
-	}
-
-	#[test]
-	fn should_get_price_info() {
-		// given
-		let response = r#"{
-			"status": "1",
-			"message": "OK",
-			"result": {
-				"ethbtc": "0.0891",
-				"ethbtc_timestamp": "1499894236",
-				"ethusd": "209.55",
-				"ethusd_timestamp": "1499894229"
-			}
-		}"#;
-
-		let price_info = price_info_ok(response);
-
-		// when
-		price_info.get(|price| {
-
-			// then
-			assert_eq!(price.ethusd, 209.55);
-		});
-	}
-
-	#[test]
-	fn should_not_call_set_price_if_response_is_malformed() {
-		// given
-		let response = "{}";
-
-		let price_info = price_info_ok(response);
-		let b = Arc::new(AtomicBool::new(false));
-
-		// when
-		let bb = b.clone();
-		price_info.get(move |_| {
-			bb.store(true, Ordering::Relaxed);
-		});
-
-		// then
-		assert_eq!(b.load(Ordering::Relaxed), false);
-	}
-
-	#[test]
-	fn should_not_call_set_price_if_response_is_invalid() {
-		// given
-		let price_info = price_info_not_found();
-		let b = Arc::new(AtomicBool::new(false));
-
-		// when
-		let bb = b.clone();
-		price_info.get(move |_| {
-			bb.store(true, Ordering::Relaxed);
-		});
-
-		// then
-		assert_eq!(b.load(Ordering::Relaxed), false);
-	}
-}

From f72196f1bb904a2f8337af73c02e80f4d44c33b1 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Fri, 4 Aug 2017 13:39:57 +0200
Subject: [PATCH 030/112] a bit more idiomatic price-info

---
 price-info/src/lib.rs    | 40 ++++++++++++++++++++--------------------
 util/fetch/src/client.rs |  2 +-
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/price-info/src/lib.rs b/price-info/src/lib.rs
index 198711bb1..ba5719f40 100644
--- a/price-info/src/lib.rs
+++ b/price-info/src/lib.rs
@@ -30,7 +30,6 @@ use std::cmp;
 use std::fmt;
 use std::io;
 use std::io::Read;
-use std::str::FromStr;
 
 use fetch::{Client as FetchClient, Fetch};
 use futures::Future;
@@ -46,8 +45,10 @@ pub struct PriceInfo {
 /// Price info error.
 #[derive(Debug)]
 pub enum Error {
-	/// The API returned an unexpected status code or content.
-	UnexpectedResponse(&'static str, String),
+	/// The API returned an unexpected status code.
+	StatusCode(&'static str),
+	/// The API returned an unexpected status content.
+	UnexpectedResponse(String),
 	/// There was an error when trying to reach the API.
 	Fetch(fetch::Error),
 	/// IO error when reading API response.
@@ -94,28 +95,27 @@ impl<F: Fetch> Client<F> {
 		self.fetch.forget(self.fetch.fetch(&self.api_endpoint)
 			.map_err(|err| Error::Fetch(err))
 			.and_then(move |mut response| {
+				if !response.is_success() {
+					return Err(Error::StatusCode(response.status().canonical_reason().unwrap_or("unknown")));
+				}
 				let mut result = String::new();
 				response.read_to_string(&mut result)?;
 
-				if response.is_success() {
-					let value: Result<Value, _> = serde_json::from_str(&result);
-					if let Ok(v) = value {
-						let obj = v.pointer("/result/ethusd").and_then(|obj| {
-							match *obj {
-								Value::String(ref s) => FromStr::from_str(s).ok(),
-								_ => None,
-							}
-						});
+				let value: Option<Value> = serde_json::from_str(&result).ok();
 
-						if let Some(ethusd) = obj {
-							set_price(PriceInfo { ethusd });
-							return Ok(());
-						}
-					}
+				let ethusd = value
+					.as_ref()
+					.and_then(|value| value.pointer("/result/ethusd"))
+					.and_then(|obj| obj.as_str())
+					.and_then(|s| s.parse().ok());
+
+				match ethusd {
+					Some(ethusd) => {
+						set_price(PriceInfo { ethusd });
+						Ok(())
+					},
+					None => Err(Error::UnexpectedResponse(result)),
 				}
-
-				let status = response.status().canonical_reason().unwrap_or("unknown");
-				Err(Error::UnexpectedResponse(status, result))
 			})
 			.map_err(|err| {
 				warn!("Failed to auto-update latest ETH price: {:?}", err);
diff --git a/util/fetch/src/client.rs b/util/fetch/src/client.rs
index 64193639a..a8edcf482 100644
--- a/util/fetch/src/client.rs
+++ b/util/fetch/src/client.rs
@@ -297,7 +297,7 @@ impl Response {
 
 	/// Returns `true` if response status code is successful.
 	pub fn is_success(&self) -> bool {
-		self.status() == reqwest::StatusCode::Ok
+		self.status().is_success()
 	}
 
 	/// Returns `true` if content type of this response is `text/html`

From 7ddfd2f0301b85c847df4bdaa1545a36d6533942 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Fri, 4 Aug 2017 14:12:27 +0200
Subject: [PATCH 031/112] revert fetch is_success changes

---
 util/fetch/src/client.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/util/fetch/src/client.rs b/util/fetch/src/client.rs
index a8edcf482..64193639a 100644
--- a/util/fetch/src/client.rs
+++ b/util/fetch/src/client.rs
@@ -297,7 +297,7 @@ impl Response {
 
 	/// Returns `true` if response status code is successful.
 	pub fn is_success(&self) -> bool {
-		self.status().is_success()
+		self.status() == reqwest::StatusCode::Ok
 	}
 
 	/// Returns `true` if content type of this response is `text/html`

From 35bfbc39f858f82961ccfa2bb3024dea90d5ca1e Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Fri, 4 Aug 2017 15:45:47 +0200
Subject: [PATCH 032/112] native-contracts crate does not depend on util any
 more

---
 Cargo.lock                                    |  2 +-
 ethcore/native_contracts/Cargo.toml           |  2 +-
 ethcore/native_contracts/generator/src/lib.rs | 42 +++++++++----------
 ethcore/native_contracts/src/lib.rs           |  2 +-
 4 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index cc8c7d3c7..92d3bd5c5 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1580,7 +1580,7 @@ version = "0.1.0"
 dependencies = [
  "byteorder 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "ethabi 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "ethcore-util 1.8.0",
+ "ethcore-bigint 0.1.3",
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "native-contract-generator 0.1.0",
 ]
diff --git a/ethcore/native_contracts/Cargo.toml b/ethcore/native_contracts/Cargo.toml
index 5dc18c8f5..2f91a4848 100644
--- a/ethcore/native_contracts/Cargo.toml
+++ b/ethcore/native_contracts/Cargo.toml
@@ -9,7 +9,7 @@ build = "build.rs"
 ethabi = "2.0"
 futures = "0.1"
 byteorder = "1.0"
-ethcore-util = { path = "../../util" }
+ethcore-bigint = { path = "../../util/bigint" }
 
 [build-dependencies]
 native-contract-generator = { path = "generator" }
diff --git a/ethcore/native_contracts/generator/src/lib.rs b/ethcore/native_contracts/generator/src/lib.rs
index 793ad6085..996ee4969 100644
--- a/ethcore/native_contracts/generator/src/lib.rs
+++ b/ethcore/native_contracts/generator/src/lib.rs
@@ -15,7 +15,7 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 //! Rust code contract generator.
-//! The code generated will require a dependence on the `ethcore-util`,
+//! The code generated will require a dependence on the `ethcore-bigint::prelude`,
 //! `ethabi`, `byteorder`, and `futures` crates.
 //! This currently isn't hygienic, so compilation of generated code may fail
 //! due to missing crates or name collisions. This will change when
@@ -48,14 +48,14 @@ pub fn generate_module(struct_name: &str, abi: &str) -> Result<String, Error> {
 use byteorder::{{BigEndian, ByteOrder}};
 use futures::{{future, Future, IntoFuture, BoxFuture}};
 use ethabi::{{Contract, Interface, Token, Event}};
-use util;
+use bigint;
 
 /// Generated Rust bindings to an Ethereum contract.
 #[derive(Clone, Debug)]
 pub struct {name} {{
 	contract: Contract,
 	/// Address to make calls to.
-	pub address: util::Address,
+	pub address: bigint::prelude::H160,
 }}
 
 const ABI: &'static str = r#"{abi_str}"#;
@@ -63,7 +63,7 @@ const ABI: &'static str = r#"{abi_str}"#;
 impl {name} {{
 	/// Create a new instance of `{name}` with an address.
 	/// Calls can be made, given a callback for dispatching calls asynchronously.
-	pub fn new(address: util::Address) -> Self {{
+	pub fn new(address: bigint::prelude::H160) -> Self {{
 		let contract = Contract::new(Interface::load(ABI.as_bytes())
 			.expect("ABI checked at generation-time; qed"));
 		{name} {{
@@ -108,7 +108,7 @@ fn generate_functions(contract: &Contract) -> Result<String, Error> {
 /// Outputs: {abi_outputs:?}
 pub fn {snake_name}<F, U>(&self, call: F, {params}) -> BoxFuture<{output_type}, String>
 	where
-	    F: FnOnce(util::Address, Vec<u8>) -> U,
+	    F: FnOnce(bigint::prelude::H160, Vec<u8>) -> U,
 	    U: IntoFuture<Item=Vec<u8>, Error=String>,
 		U::Future: Send + 'static
 {{
@@ -217,8 +217,8 @@ fn output_params_codegen(outputs: &[ParamType]) -> Result<(String, String), Para
 // create code for an argument type from param type.
 fn rust_type(input: ParamType) -> Result<String, ParamType> {
 	Ok(match input {
-		ParamType::Address => "util::Address".into(),
-		ParamType::FixedBytes(len) if len <= 32 => format!("util::H{}", len * 8),
+		ParamType::Address => "bigint::prelude::H160".into(),
+		ParamType::FixedBytes(len) if len <= 32 => format!("bigint::prelude::H{}", len * 8),
 		ParamType::Bytes | ParamType::FixedBytes(_) => "Vec<u8>".into(),
 		ParamType::Int(width) => match width {
 			8 | 16 | 32 | 64 => format!("i{}", width),
@@ -226,7 +226,7 @@ fn rust_type(input: ParamType) -> Result<String, ParamType> {
 		},
 		ParamType::Uint(width) => match width {
 			8 | 16 | 32 | 64 => format!("u{}", width),
-			128 | 160 | 256 => format!("util::U{}", width),
+			128 | 160 | 256 => format!("bigint::prelude::U{}", width),
 			_ => return Err(ParamType::Uint(width)),
 		},
 		ParamType::Bool => "bool".into(),
@@ -259,8 +259,8 @@ fn tokenize(name: &str, input: ParamType) -> (bool, String) {
 		},
 		ParamType::Uint(width) => format!(
 			"let mut r = [0; 32]; {}.to_big_endian(&mut r); Token::Uint(r)",
-			if width <= 64 { format!("util::U256::from({} as u64)", name) }
-			else { format!("util::U256::from({})", name) }
+			if width <= 64 { format!("bigint::prelude::U256::from({} as u64)", name) }
+			else { format!("bigint::prelude::U256::from({})", name) }
 		),
 		ParamType::Bool => format!("Token::Bool({})", name),
 		ParamType::String => format!("Token::String({})", name),
@@ -281,11 +281,11 @@ fn tokenize(name: &str, input: ParamType) -> (bool, String) {
 // panics on unsupported types.
 fn detokenize(name: &str, output_type: ParamType) -> String {
 	match output_type {
-		ParamType::Address => format!("{}.to_address().map(util::H160)", name),
+		ParamType::Address => format!("{}.to_address().map(bigint::prelude::H160)", name),
 		ParamType::Bytes => format!("{}.to_bytes()", name),
 		ParamType::FixedBytes(len) if len <= 32 => {
 			// ensure no panic on slice too small.
-			let read_hash = format!("b.resize({}, 0); util::H{}::from_slice(&b[..{}])",
+			let read_hash = format!("b.resize({}, 0); bigint::prelude::H{}::from_slice(&b[..{}])",
 				len, len * 8, len);
 
 			format!("{}.to_fixed_bytes().map(|mut b| {{ {} }})",
@@ -302,8 +302,8 @@ fn detokenize(name: &str, output_type: ParamType) -> String {
 		}
 		ParamType::Uint(width) => {
 			let read_uint = match width {
-				8 | 16 | 32 | 64 => format!("util::U256(u).low_u64() as u{}", width),
-				_ => format!("util::U{}::from(&u[..])", width),
+				8 | 16 | 32 | 64 => format!("bigint::prelude::U256(u).low_u64() as u{}", width),
+				_ => format!("bigint::prelude::U{}::from(&u[..])", width),
 			};
 
 			format!("{}.to_uint().map(|u| {})", name, read_uint)
@@ -328,30 +328,30 @@ mod tests {
 	#[test]
 	fn input_types() {
 		assert_eq!(::input_params_codegen(&[]).unwrap().0, "");
-		assert_eq!(::input_params_codegen(&[ParamType::Address]).unwrap().0, "param_0: util::Address, ");
+		assert_eq!(::input_params_codegen(&[ParamType::Address]).unwrap().0, "param_0: bigint::prelude::H160, ");
 		assert_eq!(::input_params_codegen(&[ParamType::Address, ParamType::Bytes]).unwrap().0,
-			"param_0: util::Address, param_1: Vec<u8>, ");
+			"param_0: bigint::prelude::H160, param_1: Vec<u8>, ");
 	}
 
 	#[test]
 	fn output_types() {
 		assert_eq!(::output_params_codegen(&[]).unwrap().0, "()");
-		assert_eq!(::output_params_codegen(&[ParamType::Address]).unwrap().0, "(util::Address)");
+		assert_eq!(::output_params_codegen(&[ParamType::Address]).unwrap().0, "(bigint::prelude::H160)");
 		assert_eq!(::output_params_codegen(&[ParamType::Address, ParamType::Array(Box::new(ParamType::Bytes))]).unwrap().0,
-			"(util::Address, Vec<Vec<u8>>)");
+			"(bigint::prelude::H160, Vec<Vec<u8>>)");
 	}
 
 	#[test]
 	fn rust_type() {
-		assert_eq!(::rust_type(ParamType::FixedBytes(32)).unwrap(), "util::H256");
+		assert_eq!(::rust_type(ParamType::FixedBytes(32)).unwrap(), "bigint::prelude::H256");
 		assert_eq!(::rust_type(ParamType::Array(Box::new(ParamType::FixedBytes(32)))).unwrap(),
-			"Vec<util::H256>");
+			"Vec<bigint::prelude::H256>");
 
 		assert_eq!(::rust_type(ParamType::Uint(64)).unwrap(), "u64");
 		assert!(::rust_type(ParamType::Uint(63)).is_err());
 
 		assert_eq!(::rust_type(ParamType::Int(32)).unwrap(), "i32");
-		assert_eq!(::rust_type(ParamType::Uint(256)).unwrap(), "util::U256");
+		assert_eq!(::rust_type(ParamType::Uint(256)).unwrap(), "bigint::prelude::U256");
 	}
 
 	// codegen tests will need bootstrapping of some kind.
diff --git a/ethcore/native_contracts/src/lib.rs b/ethcore/native_contracts/src/lib.rs
index e35a4ec19..9b73ace79 100644
--- a/ethcore/native_contracts/src/lib.rs
+++ b/ethcore/native_contracts/src/lib.rs
@@ -21,7 +21,7 @@
 extern crate futures;
 extern crate byteorder;
 extern crate ethabi;
-extern crate ethcore_util as util;
+extern crate ethcore_bigint as bigint;
 
 mod registry;
 mod urlhint;

From f157461ee19740c8d013bb9885d3aa0aa5f91a8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Fri, 4 Aug 2017 15:58:14 +0200
Subject: [PATCH 033/112] Multi-call RPC (#6195)

* Removing duplicated pending state accessors in miner.

* Merge miner+client call.

* Multicall & multicall RPC.

* Sensible defaults.

* Fix tests.
---
 ethcore/src/client/client.rs                  | 126 ++++++++++++++----
 ethcore/src/client/test_client.rs             |  31 +++--
 ethcore/src/client/traits.rs                  |   6 +-
 ethcore/src/engines/tendermint/mod.rs         |   2 +-
 ethcore/src/miner/miner.rs                    | 113 ++++------------
 ethcore/src/miner/mod.rs                      |  21 +--
 ethcore/types/src/block_status.rs             |   2 +
 rpc/src/v1/impls/eth.rs                       |  75 +++--------
 rpc/src/v1/impls/light/parity.rs              |   6 +-
 rpc/src/v1/impls/light/trace.rs               |  12 +-
 rpc/src/v1/impls/parity.rs                    |  28 +++-
 rpc/src/v1/impls/traces.rs                    |  30 ++++-
 rpc/src/v1/tests/helpers/miner_service.rs     |  41 +-----
 rpc/src/v1/tests/mocked/eth.rs                |   5 +-
 rpc/src/v1/tests/mocked/parity.rs             |  41 +++++-
 rpc/src/v1/tests/mocked/traces.rs             |  10 ++
 rpc/src/v1/traits/parity.rs                   |   6 +-
 rpc/src/v1/traits/traces.rs                   |  12 +-
 rpc/src/v1/types/mod.rs                       |   4 +
 .../src/key_server_cluster/io/deadline.rs     |   4 +-
 sync/src/block_sync.rs                        |   2 +-
 sync/src/chain.rs                             |   2 +-
 22 files changed, 308 insertions(+), 271 deletions(-)

diff --git a/ethcore/src/client/client.rs b/ethcore/src/client/client.rs
index 94a5e09f3..7141c7bdb 100644
--- a/ethcore/src/client/client.rs
+++ b/ethcore/src/client/client.rs
@@ -906,7 +906,7 @@ impl Client {
 	pub fn state_at(&self, id: BlockId) -> Option<State<StateDB>> {
 		// fast path for latest state.
 		match id.clone() {
-			BlockId::Pending => return self.miner.pending_state().or_else(|| Some(self.state())),
+			BlockId::Pending => return self.miner.pending_state(self.chain.read().best_block_number()).or_else(|| Some(self.state())),
 			BlockId::Latest => return Some(self.state()),
 			_ => {},
 		}
@@ -1055,19 +1055,20 @@ impl Client {
 		self.history
 	}
 
-	fn block_hash(chain: &BlockChain, id: BlockId) -> Option<H256> {
+	fn block_hash(chain: &BlockChain, miner: &Miner, id: BlockId) -> Option<H256> {
 		match id {
 			BlockId::Hash(hash) => Some(hash),
 			BlockId::Number(number) => chain.block_hash(number),
 			BlockId::Earliest => chain.block_hash(0),
-			BlockId::Latest | BlockId::Pending => Some(chain.best_block_hash()),
+			BlockId::Latest => Some(chain.best_block_hash()),
+			BlockId::Pending => miner.pending_block_header(chain.best_block_number()).map(|header| header.hash())
 		}
 	}
 
 	fn transaction_address(&self, id: TransactionId) -> Option<TransactionAddress> {
 		match id {
 			TransactionId::Hash(ref hash) => self.chain.read().transaction_address(hash),
-			TransactionId::Location(id, index) => Self::block_hash(&self.chain.read(), id).map(|hash| TransactionAddress {
+			TransactionId::Location(id, index) => Self::block_hash(&self.chain.read(), &self.miner, id).map(|hash| TransactionAddress {
 				block_hash: hash,
 				index: index,
 			})
@@ -1110,6 +1111,31 @@ impl Client {
 			data: data,
 		}.fake_sign(from)
 	}
+
+	fn do_call(&self, env_info: &EnvInfo, state: &mut State<StateDB>, increase_balance: bool, t: &SignedTransaction, analytics: CallAnalytics) -> Result<Executed, CallError> {
+		let original_state = if analytics.state_diffing { Some(state.clone()) } else { None };
+
+		// give the sender a sufficient balance (if calling in pending block)
+		if increase_balance {
+			let sender = t.sender();
+			let balance = state.balance(&sender).map_err(ExecutionError::from)?;
+			let needed_balance = t.value + t.gas * t.gas_price;
+			if balance < needed_balance {
+				state.add_balance(&sender, &(needed_balance - balance), state::CleanupMode::NoEmpty)
+					.map_err(ExecutionError::from)?;
+			}
+		}
+
+		let options = TransactOptions { tracing: analytics.transaction_tracing, vm_tracing: analytics.vm_tracing, check_nonce: false };
+		let mut ret = Executive::new(state, env_info, &*self.engine).transact_virtual(t, options)?;
+
+		// TODO gav move this into Executive.
+		if let Some(original) = original_state {
+			ret.state_diff = Some(state.diff_from(original).map_err(ExecutionError::from)?);
+		}
+
+		Ok(ret)
+	}
 }
 
 impl snapshot::DatabaseRestore for Client {
@@ -1134,23 +1160,31 @@ impl snapshot::DatabaseRestore for Client {
 }
 
 impl BlockChainClient for Client {
-	fn call(&self, t: &SignedTransaction, block: BlockId, analytics: CallAnalytics) -> Result<Executed, CallError> {
+	fn call(&self, transaction: &SignedTransaction, analytics: CallAnalytics, block: BlockId) -> Result<Executed, CallError> {
 		let mut env_info = self.env_info(block).ok_or(CallError::StatePruned)?;
 		env_info.gas_limit = U256::max_value();
 
 		// that's just a copy of the state.
 		let mut state = self.state_at(block).ok_or(CallError::StatePruned)?;
-		let original_state = if analytics.state_diffing { Some(state.clone()) } else { None };
 
-		let options = TransactOptions { tracing: analytics.transaction_tracing, vm_tracing: analytics.vm_tracing, check_nonce: false };
-		let mut ret = Executive::new(&mut state, &env_info, &*self.engine).transact_virtual(t, options)?;
+		self.do_call(&env_info, &mut state, block == BlockId::Pending, transaction, analytics)
+	}
 
-		// TODO gav move this into Executive.
-		if let Some(original) = original_state {
-			ret.state_diff = Some(state.diff_from(original).map_err(ExecutionError::from)?);
+	fn call_many(&self, transactions: &[(SignedTransaction, CallAnalytics)], block: BlockId) -> Result<Vec<Executed>, CallError> {
+		let mut env_info = self.env_info(block).ok_or(CallError::StatePruned)?;
+		env_info.gas_limit = U256::max_value();
+
+		// that's just a copy of the state.
+		let mut state = self.state_at(block).ok_or(CallError::StatePruned)?;
+		let mut results = Vec::with_capacity(transactions.len());
+
+		for &(ref t, analytics) in transactions {
+			let ret = self.do_call(&env_info, &mut state, block == BlockId::Pending, t, analytics)?;
+			env_info.gas_used = ret.cumulative_gas_used;
+			results.push(ret);
 		}
 
-		Ok(ret)
+		Ok(results)
 	}
 
 	fn estimate_gas(&self, t: &SignedTransaction, block: BlockId) -> Result<U256, CallError> {
@@ -1303,7 +1337,16 @@ impl BlockChainClient for Client {
 
 	fn block_header(&self, id: BlockId) -> Option<::encoded::Header> {
 		let chain = self.chain.read();
-		Self::block_hash(&chain, id).and_then(|hash| chain.block_header_data(&hash))
+
+		if let BlockId::Pending = id {
+			if let Some(block) = self.miner.pending_block(chain.best_block_number()) {
+				return Some(encoded::Header::new(block.header.rlp(Seal::Without)));
+			}
+			// fall back to latest
+			return self.block_header(BlockId::Latest);
+		}
+
+		Self::block_hash(&chain, &self.miner, id).and_then(|hash| chain.block_header_data(&hash))
 	}
 
 	fn block_number(&self, id: BlockId) -> Option<BlockNumber> {
@@ -1311,30 +1354,48 @@ impl BlockChainClient for Client {
 			BlockId::Number(number) => Some(number),
 			BlockId::Hash(ref hash) => self.chain.read().block_number(hash),
 			BlockId::Earliest => Some(0),
-			BlockId::Latest | BlockId::Pending => Some(self.chain.read().best_block_number()),
+			BlockId::Latest => Some(self.chain.read().best_block_number()),
+			BlockId::Pending => Some(self.chain.read().best_block_number() + 1),
 		}
 	}
 
 	fn block_body(&self, id: BlockId) -> Option<encoded::Body> {
 		let chain = self.chain.read();
-		Self::block_hash(&chain, id).and_then(|hash| chain.block_body(&hash))
+
+		if let BlockId::Pending = id {
+			if let Some(block) = self.miner.pending_block(chain.best_block_number()) {
+				return Some(encoded::Body::new(BlockChain::block_to_body(&block.rlp_bytes(Seal::Without))));
+			}
+			// fall back to latest
+			return self.block_body(BlockId::Latest);
+		}
+
+		Self::block_hash(&chain, &self.miner, id).and_then(|hash| chain.block_body(&hash))
 	}
 
 	fn block(&self, id: BlockId) -> Option<encoded::Block> {
+		let chain = self.chain.read();
+
 		if let BlockId::Pending = id {
-			if let Some(block) = self.miner.pending_block() {
+			if let Some(block) = self.miner.pending_block(chain.best_block_number()) {
 				return Some(encoded::Block::new(block.rlp_bytes(Seal::Without)));
 			}
+			// fall back to latest
+			return self.block(BlockId::Latest);
 		}
-		let chain = self.chain.read();
-		Self::block_hash(&chain, id).and_then(|hash| {
+
+		Self::block_hash(&chain, &self.miner, id).and_then(|hash| {
 			chain.block(&hash)
 		})
 	}
 
 	fn block_status(&self, id: BlockId) -> BlockStatus {
+		if let BlockId::Pending = id {
+			return BlockStatus::Pending;
+		}
+
 		let chain = self.chain.read();
-		match Self::block_hash(&chain, id) {
+		match Self::block_hash(&chain, &self.miner, id) {
 			Some(ref hash) if chain.is_known(hash) => BlockStatus::InChain,
 			Some(hash) => self.block_queue.status(&hash).into(),
 			None => BlockStatus::Unknown
@@ -1342,13 +1403,18 @@ impl BlockChainClient for Client {
 	}
 
 	fn block_total_difficulty(&self, id: BlockId) -> Option<U256> {
-		if let BlockId::Pending = id {
-			if let Some(block) = self.miner.pending_block() {
-				return Some(*block.header.difficulty() + self.block_total_difficulty(BlockId::Latest).expect("blocks in chain have details; qed"));
-			}
-		}
 		let chain = self.chain.read();
-		Self::block_hash(&chain, id).and_then(|hash| chain.block_details(&hash)).map(|d| d.total_difficulty)
+		if let BlockId::Pending = id {
+			let latest_difficulty = self.block_total_difficulty(BlockId::Latest).expect("blocks in chain have details; qed");
+			let pending_difficulty = self.miner.pending_block_header(chain.best_block_number()).map(|header| *header.difficulty());
+			if let Some(difficulty) = pending_difficulty {
+				return Some(difficulty + latest_difficulty);
+			}
+			// fall back to latest
+			return Some(latest_difficulty);
+		}
+
+		Self::block_hash(&chain, &self.miner, id).and_then(|hash| chain.block_details(&hash)).map(|d| d.total_difficulty)
 	}
 
 	fn nonce(&self, address: &Address, id: BlockId) -> Option<U256> {
@@ -1361,7 +1427,7 @@ impl BlockChainClient for Client {
 
 	fn block_hash(&self, id: BlockId) -> Option<H256> {
 		let chain = self.chain.read();
-		Self::block_hash(&chain, id)
+		Self::block_hash(&chain, &self.miner, id)
 	}
 
 	fn code(&self, address: &Address, id: BlockId) -> Option<Option<Bytes>> {
@@ -1526,7 +1592,8 @@ impl BlockChainClient for Client {
 			if self.chain.read().is_known(&unverified.hash()) {
 				return Err(BlockImportError::Import(ImportError::AlreadyInChain));
 			}
-			if self.block_status(BlockId::Hash(unverified.parent_hash())) == BlockStatus::Unknown {
+			let status = self.block_status(BlockId::Hash(unverified.parent_hash()));
+			if status == BlockStatus::Unknown || status == BlockStatus::Pending {
 				return Err(BlockImportError::Block(BlockError::UnknownParent(unverified.parent_hash())));
 			}
 		}
@@ -1540,7 +1607,8 @@ impl BlockChainClient for Client {
 			if self.chain.read().is_known(&header.hash()) {
 				return Err(BlockImportError::Import(ImportError::AlreadyInChain));
 			}
-			if self.block_status(BlockId::Hash(header.parent_hash())) == BlockStatus::Unknown {
+			let status = self.block_status(BlockId::Hash(header.parent_hash()));
+			if  status == BlockStatus::Unknown || status == BlockStatus::Pending {
 				return Err(BlockImportError::Block(BlockError::UnknownParent(header.parent_hash())));
 			}
 		}
@@ -1686,7 +1754,7 @@ impl BlockChainClient for Client {
 	fn call_contract(&self, block_id: BlockId, address: Address, data: Bytes) -> Result<Bytes, String> {
 		let transaction = self.contract_call_tx(block_id, address, data);
 
-		self.call(&transaction, block_id, Default::default())
+		self.call(&transaction, Default::default(), block_id)
 			.map_err(|e| format!("{:?}", e))
 			.map(|executed| {
 				executed.output
diff --git a/ethcore/src/client/test_client.rs b/ethcore/src/client/test_client.rs
index 38b0b50f4..2a205868d 100644
--- a/ethcore/src/client/test_client.rs
+++ b/ethcore/src/client/test_client.rs
@@ -401,10 +401,18 @@ impl MiningBlockChainClient for TestBlockChainClient {
 }
 
 impl BlockChainClient for TestBlockChainClient {
-	fn call(&self, _t: &SignedTransaction, _block: BlockId, _analytics: CallAnalytics) -> Result<Executed, CallError> {
+	fn call(&self, _t: &SignedTransaction, _analytics: CallAnalytics, _block: BlockId) -> Result<Executed, CallError> {
 		self.execution_result.read().clone().unwrap()
 	}
 
+	fn call_many(&self, txs: &[(SignedTransaction, CallAnalytics)], block: BlockId) -> Result<Vec<Executed>, CallError> {
+		let mut res = Vec::with_capacity(txs.len());
+		for &(ref tx, analytics) in txs {
+			res.push(self.call(tx, analytics, block)?);
+		}
+		Ok(res)
+	}
+
 	fn estimate_gas(&self, _t: &SignedTransaction, _block: BlockId) -> Result<U256, CallError> {
 		Ok(21000.into())
 	}
@@ -423,7 +431,7 @@ impl BlockChainClient for TestBlockChainClient {
 
 	fn nonce(&self, address: &Address, id: BlockId) -> Option<U256> {
 		match id {
-			BlockId::Latest => Some(self.nonces.read().get(address).cloned().unwrap_or(self.spec.params().account_start_nonce)),
+			BlockId::Latest | BlockId::Pending => Some(self.nonces.read().get(address).cloned().unwrap_or(self.spec.params().account_start_nonce)),
 			_ => None,
 		}
 	}
@@ -438,16 +446,15 @@ impl BlockChainClient for TestBlockChainClient {
 
 	fn code(&self, address: &Address, id: BlockId) -> Option<Option<Bytes>> {
 		match id {
-			BlockId::Latest => Some(self.code.read().get(address).cloned()),
+			BlockId::Latest | BlockId::Pending => Some(self.code.read().get(address).cloned()),
 			_ => None,
 		}
 	}
 
 	fn balance(&self, address: &Address, id: BlockId) -> Option<U256> {
-		if let BlockId::Latest = id {
-			Some(self.balances.read().get(address).cloned().unwrap_or_else(U256::zero))
-		} else {
-			None
+		match id {
+			BlockId::Latest | BlockId::Pending => Some(self.balances.read().get(address).cloned().unwrap_or_else(U256::zero)),
+			_ => None,
 		}
 	}
 
@@ -456,10 +463,9 @@ impl BlockChainClient for TestBlockChainClient {
 	}
 
 	fn storage_at(&self, address: &Address, position: &H256, id: BlockId) -> Option<H256> {
-		if let BlockId::Latest = id {
-			Some(self.storage.read().get(&(address.clone(), position.clone())).cloned().unwrap_or_else(H256::new))
-		} else {
-			None
+		match id {
+			BlockId::Latest | BlockId::Pending => Some(self.storage.read().get(&(address.clone(), position.clone())).cloned().unwrap_or_else(H256::new)),
+			_ => None,
 		}
 	}
 
@@ -548,7 +554,8 @@ impl BlockChainClient for TestBlockChainClient {
 		match id {
 			BlockId::Number(number) if (number as usize) < self.blocks.read().len() => BlockStatus::InChain,
 			BlockId::Hash(ref hash) if self.blocks.read().get(hash).is_some() => BlockStatus::InChain,
-			BlockId::Latest | BlockId::Pending | BlockId::Earliest => BlockStatus::InChain,
+			BlockId::Latest | BlockId::Earliest => BlockStatus::InChain,
+			BlockId::Pending => BlockStatus::Pending,
 			_ => BlockStatus::Unknown,
 		}
 	}
diff --git a/ethcore/src/client/traits.rs b/ethcore/src/client/traits.rs
index e76da60bd..8e1bd8b18 100644
--- a/ethcore/src/client/traits.rs
+++ b/ethcore/src/client/traits.rs
@@ -182,7 +182,11 @@ pub trait BlockChainClient : Sync + Send {
 	fn logs(&self, filter: Filter) -> Vec<LocalizedLogEntry>;
 
 	/// Makes a non-persistent transaction call.
-	fn call(&self, t: &SignedTransaction, block: BlockId, analytics: CallAnalytics) -> Result<Executed, CallError>;
+	fn call(&self, tx: &SignedTransaction, analytics: CallAnalytics, block: BlockId) -> Result<Executed, CallError>;
+
+	/// Makes multiple non-persistent but dependent transaction calls.
+	/// Returns a vector of successes or a failure if any of the transaction fails.
+	fn call_many(&self, txs: &[(SignedTransaction, CallAnalytics)], block: BlockId) -> Result<Vec<Executed>, CallError>;
 
 	/// Estimates how much gas will be necessary for a call.
 	fn estimate_gas(&self, t: &SignedTransaction, block: BlockId) -> Result<U256, CallError>;
diff --git a/ethcore/src/engines/tendermint/mod.rs b/ethcore/src/engines/tendermint/mod.rs
index b65c79204..1c962d633 100644
--- a/ethcore/src/engines/tendermint/mod.rs
+++ b/ethcore/src/engines/tendermint/mod.rs
@@ -1050,7 +1050,7 @@ mod tests {
 		client.miner().import_own_transaction(client.as_ref(), transaction.into()).unwrap();
 
 		// Propose
-		let proposal = Some(client.miner().pending_block().unwrap().header.bare_hash());
+		let proposal = Some(client.miner().pending_block(0).unwrap().header.bare_hash());
 		// Propose timeout
 		engine.step();
 
diff --git a/ethcore/src/miner/miner.rs b/ethcore/src/miner/miner.rs
index 7256f2ff5..02463d929 100644
--- a/ethcore/src/miner/miner.rs
+++ b/ethcore/src/miner/miner.rs
@@ -21,8 +21,8 @@ use std::sync::Arc;
 use util::*;
 use using_queue::{UsingQueue, GetAction};
 use account_provider::{AccountProvider, SignError as AccountError};
-use state::{State, CleanupMode};
-use client::{MiningBlockChainClient, Executive, Executed, EnvInfo, TransactOptions, BlockId, CallAnalytics, TransactionId};
+use state::State;
+use client::{MiningBlockChainClient, BlockId, TransactionId};
 use client::TransactionImportResult;
 use executive::contract_address;
 use block::{ClosedBlock, IsBlock, Block};
@@ -39,7 +39,7 @@ use miner::local_transactions::{Status as LocalTransactionStatus};
 use miner::service_transaction_checker::ServiceTransactionChecker;
 use price_info::{Client as PriceInfoClient, PriceInfo};
 use price_info::fetch::Client as FetchClient;
-use header::BlockNumber;
+use header::{Header, BlockNumber};
 
 /// Different possible definitions for pending transaction set.
 #[derive(Debug, PartialEq)]
@@ -331,13 +331,28 @@ impl Miner {
 	}
 
 	/// Get `Some` `clone()` of the current pending block's state or `None` if we're not sealing.
-	pub fn pending_state(&self) -> Option<State<::state_db::StateDB>> {
-		self.sealing_work.lock().queue.peek_last_ref().map(|b| b.block().fields().state.clone())
+	pub fn pending_state(&self, latest_block_number: BlockNumber) -> Option<State<::state_db::StateDB>> {
+		self.map_pending_block(|b| b.state().clone(), latest_block_number)
 	}
 
 	/// Get `Some` `clone()` of the current pending block or `None` if we're not sealing.
-	pub fn pending_block(&self) -> Option<Block> {
-		self.sealing_work.lock().queue.peek_last_ref().map(|b| b.to_base())
+	pub fn pending_block(&self, latest_block_number: BlockNumber) -> Option<Block> {
+		self.map_pending_block(|b| b.to_base(), latest_block_number)
+	}
+
+	/// Get `Some` `clone()` of the current pending block header or `None` if we're not sealing.
+	pub fn pending_block_header(&self, latest_block_number: BlockNumber) -> Option<Header> {
+		self.map_pending_block(|b| b.header().clone(), latest_block_number)
+	}
+
+	fn map_pending_block<F, T>(&self, f: F, latest_block_number: BlockNumber) -> Option<T> where
+		F: FnOnce(&ClosedBlock) -> T,
+	{
+		self.from_pending_block(
+			latest_block_number,
+			|| None,
+			|block| Some(f(block)),
+		)
 	}
 
 	#[cfg_attr(feature="dev", allow(match_same_arms))]
@@ -679,7 +694,7 @@ impl Miner {
 	#[cfg_attr(feature="dev", allow(wrong_self_convention))]
 	#[cfg_attr(feature="dev", allow(redundant_closure))]
 	fn from_pending_block<H, F, G>(&self, latest_block_number: BlockNumber, from_chain: F, map_block: G) -> H
-		where F: Fn() -> H, G: Fn(&ClosedBlock) -> H {
+		where F: Fn() -> H, G: FnOnce(&ClosedBlock) -> H {
 		let sealing_work = self.sealing_work.lock();
 		sealing_work.queue.peek_last_ref().map_or_else(
 			|| from_chain(),
@@ -717,84 +732,6 @@ impl MinerService for Miner {
 		}
 	}
 
-	fn call(&self, client: &MiningBlockChainClient, t: &SignedTransaction, analytics: CallAnalytics) -> Result<Executed, CallError> {
-		let sealing_work = self.sealing_work.lock();
-		match sealing_work.queue.peek_last_ref() {
-			Some(work) => {
-				let block = work.block();
-
-				// TODO: merge this code with client.rs's fn call somwhow.
-				let header = block.header();
-				let last_hashes = Arc::new(client.last_hashes());
-				let env_info = EnvInfo {
-					number: header.number(),
-					author: *header.author(),
-					timestamp: header.timestamp(),
-					difficulty: *header.difficulty(),
-					last_hashes: last_hashes,
-					gas_used: U256::zero(),
-					gas_limit: U256::max_value(),
-				};
-				// that's just a copy of the state.
-				let mut state = block.state().clone();
-				let original_state = if analytics.state_diffing { Some(state.clone()) } else { None };
-
-				let sender = t.sender();
-				let balance = state.balance(&sender).map_err(ExecutionError::from)?;
-				let needed_balance = t.value + t.gas * t.gas_price;
-				if balance < needed_balance {
-					// give the sender a sufficient balance
-					state.add_balance(&sender, &(needed_balance - balance), CleanupMode::NoEmpty)
-						.map_err(ExecutionError::from)?;
-				}
-				let options = TransactOptions { tracing: analytics.transaction_tracing, vm_tracing: analytics.vm_tracing, check_nonce: false };
-				let mut ret = Executive::new(&mut state, &env_info, &*self.engine).transact(t, options)?;
-
-				// TODO gav move this into Executive.
-				if let Some(original) = original_state {
-					ret.state_diff = Some(state.diff_from(original).map_err(ExecutionError::from)?);
-				}
-
-				Ok(ret)
-			},
-			None => client.call(t, BlockId::Latest, analytics)
-		}
-	}
-
-	// TODO: The `chain.latest_x` actually aren't infallible, they just panic on corruption.
-	// TODO: return trie::Result<T> here, or other.
-	fn balance(&self, chain: &MiningBlockChainClient, address: &Address) -> Option<U256> {
-		self.from_pending_block(
-			chain.chain_info().best_block_number,
-			|| Some(chain.latest_balance(address)),
-			|b| b.block().fields().state.balance(address).ok(),
-		)
-	}
-
-	fn storage_at(&self, chain: &MiningBlockChainClient, address: &Address, position: &H256) -> Option<H256> {
-		self.from_pending_block(
-			chain.chain_info().best_block_number,
-			|| Some(chain.latest_storage_at(address, position)),
-			|b| b.block().fields().state.storage_at(address, position).ok(),
-		)
-	}
-
-	fn nonce(&self, chain: &MiningBlockChainClient, address: &Address) -> Option<U256> {
-		self.from_pending_block(
-			chain.chain_info().best_block_number,
-			|| Some(chain.latest_nonce(address)),
-			|b| b.block().fields().state.nonce(address).ok(),
-		)
-	}
-
-	fn code(&self, chain: &MiningBlockChainClient, address: &Address) -> Option<Option<Bytes>> {
-		self.from_pending_block(
-			chain.chain_info().best_block_number,
-			|| Some(chain.latest_code(address)),
-			|b| b.block().fields().state.code(address).ok().map(|c| c.map(|c| (&*c).clone()))
-		)
-	}
-
 	fn set_author(&self, author: Address) {
 		if self.engine.seals_internally().is_some() {
 			let mut sealing_work = self.sealing_work.lock();
@@ -1466,14 +1403,14 @@ mod tests {
 
 		miner.update_sealing(&*client);
 		client.flush_queue();
-		assert!(miner.pending_block().is_none());
+		assert!(miner.pending_block(0).is_none());
 		assert_eq!(client.chain_info().best_block_number, 3 as BlockNumber);
 
 		assert_eq!(miner.import_own_transaction(&*client, PendingTransaction::new(transaction_with_network_id(spec.network_id()).into(), None)).unwrap(), TransactionImportResult::Current);
 
 		miner.update_sealing(&*client);
 		client.flush_queue();
-		assert!(miner.pending_block().is_none());
+		assert!(miner.pending_block(0).is_none());
 		assert_eq!(client.chain_info().best_block_number, 4 as BlockNumber);
 	}
 
diff --git a/ethcore/src/miner/mod.rs b/ethcore/src/miner/mod.rs
index 1c07f4fab..b4cb065fd 100644
--- a/ethcore/src/miner/mod.rs
+++ b/ethcore/src/miner/mod.rs
@@ -62,12 +62,12 @@ pub use self::stratum::{Stratum, Error as StratumError, Options as StratumOption
 
 use std::collections::BTreeMap;
 use util::{H256, U256, Address, Bytes};
-use client::{MiningBlockChainClient, Executed, CallAnalytics};
+use client::{MiningBlockChainClient};
 use block::ClosedBlock;
 use header::BlockNumber;
 use receipt::{RichReceipt, Receipt};
-use error::{Error, CallError};
-use transaction::{UnverifiedTransaction, PendingTransaction, SignedTransaction};
+use error::{Error};
+use transaction::{UnverifiedTransaction, PendingTransaction};
 
 /// Miner client API
 pub trait MinerService : Send + Sync {
@@ -185,21 +185,6 @@ pub trait MinerService : Send + Sync {
 
 	/// Suggested gas limit.
 	fn sensible_gas_limit(&self) -> U256 { 21000.into() }
-
-	/// Latest account balance in pending state.
-	fn balance(&self, chain: &MiningBlockChainClient, address: &Address) -> Option<U256>;
-
-	/// Call into contract code using pending state.
-	fn call(&self, chain: &MiningBlockChainClient, t: &SignedTransaction, analytics: CallAnalytics) -> Result<Executed, CallError>;
-
-	/// Get storage value in pending state.
-	fn storage_at(&self, chain: &MiningBlockChainClient, address: &Address, position: &H256) -> Option<H256>;
-
-	/// Get account nonce in pending state.
-	fn nonce(&self, chain: &MiningBlockChainClient, address: &Address) -> Option<U256>;
-
-	/// Get contract code in pending state.
-	fn code(&self, chain: &MiningBlockChainClient, address: &Address) -> Option<Option<Bytes>>;
 }
 
 /// Mining status
diff --git a/ethcore/types/src/block_status.rs b/ethcore/types/src/block_status.rs
index 937077795..d330b9ed1 100644
--- a/ethcore/types/src/block_status.rs
+++ b/ethcore/types/src/block_status.rs
@@ -23,6 +23,8 @@ pub enum BlockStatus {
 	Queued,
 	/// Known as bad.
 	Bad,
+	/// Pending block.
+	Pending,
 	/// Unknown.
 	Unknown,
 }
diff --git a/rpc/src/v1/impls/eth.rs b/rpc/src/v1/impls/eth.rs
index 6ae614db1..7c656c752 100644
--- a/rpc/src/v1/impls/eth.rs
+++ b/rpc/src/v1/impls/eth.rs
@@ -264,6 +264,7 @@ fn check_known<C>(client: &C, number: BlockNumber) -> Result<(), Error> where C:
 
 	match client.block_status(number.into()) {
 		BlockStatus::InChain => Ok(()),
+		BlockStatus::Pending => Ok(()),
 		_ => Err(errors::unknown_block()),
 	}
 }
@@ -361,20 +362,12 @@ impl<C, SN: ?Sized, S: ?Sized, M, EM> Eth for EthClient<C, SN, S, M, EM> where
 	fn balance(&self, address: RpcH160, num: Trailing<BlockNumber>) -> BoxFuture<RpcU256, Error> {
 		let address = address.into();
 
-		let res = match num.unwrap_or_default() {
-			BlockNumber::Pending => {
-				match self.miner.balance(&*self.client, &address) {
-					Some(balance) => Ok(balance.into()),
-					None => Err(errors::database("latest balance missing"))
-				}
-			}
-			id => {
-				try_bf!(check_known(&*self.client, id.clone()));
-				match self.client.balance(&address, id.into()) {
-					Some(balance) => Ok(balance.into()),
-					None => Err(errors::state_pruned()),
-				}
-			}
+		let id = num.unwrap_or_default();
+
+		try_bf!(check_known(&*self.client, id.clone()));
+		let res = match self.client.balance(&address, id.into()) {
+			Some(balance) => Ok(balance.into()),
+			None => Err(errors::state_pruned()),
 		};
 
 		future::done(res).boxed()
@@ -384,20 +377,12 @@ impl<C, SN: ?Sized, S: ?Sized, M, EM> Eth for EthClient<C, SN, S, M, EM> where
 		let address: Address = RpcH160::into(address);
 		let position: U256 = RpcU256::into(pos);
 
-		let res = match num.unwrap_or_default() {
-			BlockNumber::Pending => {
-				match self.miner.storage_at(&*self.client, &address, &H256::from(position)) {
-					Some(s) => Ok(s.into()),
-					None => Err(errors::database("latest storage missing"))
-				}
-			}
-			id => {
-				try_bf!(check_known(&*self.client, id.clone()));
-				match self.client.storage_at(&address, &H256::from(position), id.into()) {
-					Some(s) => Ok(s.into()),
-					None => Err(errors::state_pruned()),
-				}
-			}
+		let id = num.unwrap_or_default();
+
+		try_bf!(check_known(&*self.client, id.clone()));
+		let res = match self.client.storage_at(&address, &H256::from(position), id.into()) {
+			Some(s) => Ok(s.into()),
+			None => Err(errors::state_pruned()),
 		};
 
 		future::done(res).boxed()
@@ -410,18 +395,12 @@ impl<C, SN: ?Sized, S: ?Sized, M, EM> Eth for EthClient<C, SN, S, M, EM> where
 			BlockNumber::Pending if self.options.pending_nonce_from_queue => {
 				let nonce = self.miner.last_nonce(&address)
 					.map(|n| n + 1.into())
-					.or_else(|| self.miner.nonce(&*self.client, &address));
+					.or_else(|| self.client.nonce(&address, BlockNumber::Pending.into()));
 				match nonce {
 					Some(nonce) => Ok(nonce.into()),
 					None => Err(errors::database("latest nonce missing"))
 				}
 			}
-			BlockNumber::Pending => {
-				match self.miner.nonce(&*self.client, &address) {
-					Some(nonce) => Ok(nonce.into()),
-					None => Err(errors::database("latest nonce missing"))
-				}
-			}
 			id => {
 				try_bf!(check_known(&*self.client, id.clone()));
 				match self.client.nonce(&address, id.into()) {
@@ -468,20 +447,12 @@ impl<C, SN: ?Sized, S: ?Sized, M, EM> Eth for EthClient<C, SN, S, M, EM> where
 	fn code_at(&self, address: RpcH160, num: Trailing<BlockNumber>) -> BoxFuture<Bytes, Error> {
 		let address: Address = RpcH160::into(address);
 
-		let res = match num.unwrap_or_default() {
-			BlockNumber::Pending => {
-				match self.miner.code(&*self.client, &address) {
-					Some(code) => Ok(code.map_or_else(Bytes::default, Bytes::new)),
-					None => Err(errors::database("latest code missing"))
-				}
-			}
-			id => {
-				try_bf!(check_known(&*self.client, id.clone()));
-				match self.client.code(&address, id.into()) {
-					Some(code) => Ok(code.map_or_else(Bytes::default, Bytes::new)),
-					None => Err(errors::state_pruned()),
-				}
-			}
+		let id = num.unwrap_or_default();
+		try_bf!(check_known(&*self.client, id.clone()));
+
+		let res = match self.client.code(&address, id.into()) {
+			Some(code) => Ok(code.map_or_else(Bytes::default, Bytes::new)),
+			None => Err(errors::state_pruned()),
 		};
 
 		future::done(res).boxed()
@@ -648,10 +619,8 @@ impl<C, SN: ?Sized, S: ?Sized, M, EM> Eth for EthClient<C, SN, S, M, EM> where
 			Err(e) => return future::err(e).boxed(),
 		};
 
-		let result = match num.unwrap_or_default() {
-			BlockNumber::Pending => self.miner.call(&*self.client, &signed, Default::default()),
-			num => self.client.call(&signed, num.into(), Default::default()),
-		};
+		let num = num.unwrap_or_default();
+		let result = self.client.call(&signed, Default::default(), num.into());
 
 		future::done(result
 			.map(|b| b.output.into())
diff --git a/rpc/src/v1/impls/light/parity.rs b/rpc/src/v1/impls/light/parity.rs
index 481cdb136..62a7721fc 100644
--- a/rpc/src/v1/impls/light/parity.rs
+++ b/rpc/src/v1/impls/light/parity.rs
@@ -39,7 +39,7 @@ use v1::helpers::light_fetch::LightFetch;
 use v1::metadata::Metadata;
 use v1::traits::Parity;
 use v1::types::{
-	Bytes, U256, H160, H256, H512,
+	Bytes, U256, H160, H256, H512, CallRequest,
 	Peers, Transaction, RpcSettings, Histogram,
 	TransactionStats, LocalTransactionStatus,
 	BlockNumber, ConsensusCapability, VersionInfo,
@@ -389,4 +389,8 @@ impl Parity for ParityClient {
 	fn ipfs_cid(&self, content: Bytes) -> Result<String, Error> {
 		ipfs::cid(content)
 	}
+
+	fn call(&self, _requests: Vec<CallRequest>, _block: Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error> {
+		future::err(errors::light_unimplemented(None)).boxed()
+	}
 }
diff --git a/rpc/src/v1/impls/light/trace.rs b/rpc/src/v1/impls/light/trace.rs
index 00d19dc24..81ed592c5 100644
--- a/rpc/src/v1/impls/light/trace.rs
+++ b/rpc/src/v1/impls/light/trace.rs
@@ -20,7 +20,7 @@ use jsonrpc_core::Error;
 use jsonrpc_macros::Trailing;
 use v1::traits::Traces;
 use v1::helpers::errors;
-use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, H256};
+use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, TraceOptions, H256};
 
 /// Traces api implementation.
 // TODO: all calling APIs should be possible w. proved remote TX execution.
@@ -43,15 +43,19 @@ impl Traces for TracesClient {
 		Err(errors::light_unimplemented(None))
 	}
 
-	fn call(&self, _request: CallRequest, _flags: Vec<String>, _block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
+	fn call(&self, _request: CallRequest, _flags: TraceOptions, _block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
 		Err(errors::light_unimplemented(None))
 	}
 
-	fn raw_transaction(&self, _raw_transaction: Bytes, _flags: Vec<String>, _block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
+	fn call_many(&self, _request: Vec<(CallRequest, TraceOptions)>, _block: Trailing<BlockNumber>) -> Result<Vec<TraceResults>, Error> {
 		Err(errors::light_unimplemented(None))
 	}
 
-	fn replay_transaction(&self, _transaction_hash: H256, _flags: Vec<String>) -> Result<TraceResults, Error> {
+	fn raw_transaction(&self, _raw_transaction: Bytes, _flags: TraceOptions, _block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
+		Err(errors::light_unimplemented(None))
+	}
+
+	fn replay_transaction(&self, _transaction_hash: H256, _flags: TraceOptions) -> Result<TraceResults, Error> {
 		Err(errors::light_unimplemented(None))
 	}
 }
diff --git a/rpc/src/v1/impls/parity.rs b/rpc/src/v1/impls/parity.rs
index 2cffdd4e6..d855d7e17 100644
--- a/rpc/src/v1/impls/parity.rs
+++ b/rpc/src/v1/impls/parity.rs
@@ -28,22 +28,23 @@ use crypto::ecies;
 use ethkey::{Brain, Generator};
 use ethstore::random_phrase;
 use ethsync::{SyncProvider, ManageNetwork};
+use ethcore::account_provider::AccountProvider;
+use ethcore::client::{MiningBlockChainClient};
 use ethcore::ids::BlockId;
 use ethcore::miner::MinerService;
-use ethcore::client::{MiningBlockChainClient};
 use ethcore::mode::Mode;
-use ethcore::account_provider::AccountProvider;
+use ethcore::transaction::SignedTransaction;
 use updater::{Service as UpdateService};
 use crypto::DEFAULT_MAC;
 
 use jsonrpc_core::Error;
 use jsonrpc_macros::Trailing;
-use v1::helpers::{self, errors, ipfs, SigningQueue, SignerService, NetworkSettings};
+use v1::helpers::{self, errors, fake_sign, ipfs, SigningQueue, SignerService, NetworkSettings};
 use v1::helpers::accounts::unwrap_provider;
 use v1::metadata::Metadata;
 use v1::traits::Parity;
 use v1::types::{
-	Bytes, U256, H160, H256, H512,
+	Bytes, U256, H160, H256, H512, CallRequest,
 	Peers, Transaction, RpcSettings, Histogram,
 	TransactionStats, LocalTransactionStatus,
 	BlockNumber, ConsensusCapability, VersionInfo,
@@ -409,4 +410,23 @@ impl<C, M, S: ?Sized, U> Parity for ParityClient<C, M, S, U> where
 	fn ipfs_cid(&self, content: Bytes) -> Result<String, Error> {
 		ipfs::cid(content)
 	}
+
+	fn call(&self, requests: Vec<CallRequest>, block: Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error> {
+		let requests: Result<Vec<(SignedTransaction, _)>, Error> = requests
+			.into_iter()
+			.map(|request| Ok((
+				fake_sign::sign_call(&self.client, &self.miner, request.into())?,
+				Default::default()
+			)))
+			.collect();
+
+		let block = block.unwrap_or_default();
+		let requests = try_bf!(requests);
+
+		let result = self.client.call_many(&requests, block.into())
+				.map(|res| res.into_iter().map(|res| res.output.into()).collect())
+				.map_err(errors::call);
+
+		future::done(result).boxed()
+	}
 }
diff --git a/rpc/src/v1/impls/traces.rs b/rpc/src/v1/impls/traces.rs
index 2c65f4403..31a0e889e 100644
--- a/rpc/src/v1/impls/traces.rs
+++ b/rpc/src/v1/impls/traces.rs
@@ -27,9 +27,9 @@ use jsonrpc_core::Error;
 use jsonrpc_macros::Trailing;
 use v1::traits::Traces;
 use v1::helpers::{errors, fake_sign};
-use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, H256};
+use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, TraceOptions, H256};
 
-fn to_call_analytics(flags: Vec<String>) -> CallAnalytics {
+fn to_call_analytics(flags: TraceOptions) -> CallAnalytics {
 	CallAnalytics {
 		transaction_tracing: flags.contains(&("trace".to_owned())),
 		vm_tracing: flags.contains(&("vmTrace".to_owned())),
@@ -79,29 +79,45 @@ impl<C, M> Traces for TracesClient<C, M> where C: MiningBlockChainClient + 'stat
 			.map(LocalizedTrace::from))
 	}
 
-	fn call(&self, request: CallRequest, flags: Vec<String>, block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
+	fn call(&self, request: CallRequest, flags: TraceOptions, block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
 		let block = block.unwrap_or_default();
 
 		let request = CallRequest::into(request);
 		let signed = fake_sign::sign_call(&self.client, &self.miner, request)?;
 
-		self.client.call(&signed, block.into(), to_call_analytics(flags))
+		self.client.call(&signed, to_call_analytics(flags), block.into())
 			.map(TraceResults::from)
 			.map_err(errors::call)
 	}
 
-	fn raw_transaction(&self, raw_transaction: Bytes, flags: Vec<String>, block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
+	fn call_many(&self, requests: Vec<(CallRequest, TraceOptions)>, block: Trailing<BlockNumber>) -> Result<Vec<TraceResults>, Error> {
+		let block = block.unwrap_or_default();
+
+		let requests = requests.into_iter()
+			.map(|(request, flags)| {
+				let request = CallRequest::into(request);
+				let signed = fake_sign::sign_call(&self.client, &self.miner, request)?;
+				Ok((signed, to_call_analytics(flags)))
+			})
+			.collect::<Result<Vec<_>, _>>()?;
+
+		self.client.call_many(&requests, block.into())
+			.map(|results| results.into_iter().map(TraceResults::from).collect())
+			.map_err(errors::call)
+	}
+
+	fn raw_transaction(&self, raw_transaction: Bytes, flags: TraceOptions, block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
 		let block = block.unwrap_or_default();
 
 		let tx = UntrustedRlp::new(&raw_transaction.into_vec()).as_val().map_err(|e| errors::invalid_params("Transaction is not valid RLP", e))?;
 		let signed = SignedTransaction::new(tx).map_err(errors::transaction)?;
 
-		self.client.call(&signed, block.into(), to_call_analytics(flags))
+		self.client.call(&signed, to_call_analytics(flags), block.into())
 			.map(TraceResults::from)
 			.map_err(errors::call)
 	}
 
-	fn replay_transaction(&self, transaction_hash: H256, flags: Vec<String>) -> Result<TraceResults, Error> {
+	fn replay_transaction(&self, transaction_hash: H256, flags: TraceOptions) -> Result<TraceResults, Error> {
 		self.client.replay(TransactionId::Hash(transaction_hash.into()), to_call_analytics(flags))
 			.map(TraceResults::from)
 			.map_err(errors::call)
diff --git a/rpc/src/v1/tests/helpers/miner_service.rs b/rpc/src/v1/tests/helpers/miner_service.rs
index ef9b5724b..7139d636b 100644
--- a/rpc/src/v1/tests/helpers/miner_service.rs
+++ b/rpc/src/v1/tests/helpers/miner_service.rs
@@ -19,9 +19,9 @@
 use std::collections::{BTreeMap, HashMap};
 use std::collections::hash_map::Entry;
 use util::{Address, H256, Bytes, U256, RwLock, Mutex};
-use ethcore::error::{Error, CallError};
-use ethcore::client::{MiningBlockChainClient, Executed, CallAnalytics};
-use ethcore::block::{ClosedBlock, IsBlock};
+use ethcore::error::Error;
+use ethcore::client::MiningBlockChainClient;
+use ethcore::block::ClosedBlock;
 use ethcore::header::BlockNumber;
 use ethcore::transaction::{UnverifiedTransaction, SignedTransaction, PendingTransaction};
 use ethcore::receipt::{Receipt, RichReceipt};
@@ -280,41 +280,6 @@ impl MinerService for TestMinerService {
 		unimplemented!();
 	}
 
-	fn balance(&self, _chain: &MiningBlockChainClient, address: &Address) -> Option<U256> {
-		self.latest_closed_block.lock()
-			.as_ref()
-			.map(|b| b.block().fields().state.balance(address))
-			.map(|b| b.ok())
-			.unwrap_or(Some(U256::default()))
-	}
-
-	fn call(&self, _chain: &MiningBlockChainClient, _t: &SignedTransaction, _analytics: CallAnalytics) -> Result<Executed, CallError> {
-		unimplemented!();
-	}
-
-	fn storage_at(&self, _chain: &MiningBlockChainClient, address: &Address, position: &H256) -> Option<H256> {
-		self.latest_closed_block.lock()
-			.as_ref()
-			.map(|b| b.block().fields().state.storage_at(address, position))
-			.map(|s| s.ok())
-			.unwrap_or(Some(H256::default()))
-	}
-
-	fn nonce(&self, _chain: &MiningBlockChainClient, address: &Address) -> Option<U256> {
-		// we assume all transactions are in a pending block, ignoring the
-		// reality of gas limits.
-		Some(self.last_nonce(address).unwrap_or(U256::zero()))
-	}
-
-	fn code(&self, _chain: &MiningBlockChainClient, address: &Address) -> Option<Option<Bytes>> {
-		self.latest_closed_block.lock()
-			.as_ref()
-			.map(|b| b.block().fields().state.code(address))
-			.map(|c| c.ok())
-			.unwrap_or(None)
-			.map(|c| c.map(|c| (&*c).clone()))
-	}
-
 	fn sensible_gas_price(&self) -> U256 {
 		20000000000u64.into()
 	}
diff --git a/rpc/src/v1/tests/mocked/eth.rs b/rpc/src/v1/tests/mocked/eth.rs
index eb5a7d4e9..f935b93e2 100644
--- a/rpc/src/v1/tests/mocked/eth.rs
+++ b/rpc/src/v1/tests/mocked/eth.rs
@@ -432,10 +432,7 @@ fn rpc_eth_balance_pending() {
 		"id": 1
 	}"#;
 
-	// the TestMinerService doesn't communicate with the the TestBlockChainClient in any way.
-	// if this returns zero, we know that the "pending" call is being properly forwarded to the
-	// miner.
-	let response = r#"{"jsonrpc":"2.0","result":"0x0","id":1}"#;
+	let response = r#"{"jsonrpc":"2.0","result":"0x5","id":1}"#;
 
 	assert_eq!(tester.io.handle_request_sync(request), Some(response.to_owned()));
 }
diff --git a/rpc/src/v1/tests/mocked/parity.rs b/rpc/src/v1/tests/mocked/parity.rs
index aeeb7902d..b5cdada6f 100644
--- a/rpc/src/v1/tests/mocked/parity.rs
+++ b/rpc/src/v1/tests/mocked/parity.rs
@@ -16,10 +16,10 @@
 
 use std::sync::Arc;
 use ethcore_logger::RotatingLogger;
-use util::Address;
+use util::{Address, U256};
 use ethsync::ManageNetwork;
 use ethcore::account_provider::AccountProvider;
-use ethcore::client::{TestBlockChainClient};
+use ethcore::client::{TestBlockChainClient, Executed};
 use ethcore::miner::LocalTransactionStatus;
 use ethstore::ethkey::{Generator, Random};
 
@@ -504,3 +504,40 @@ fn rpc_parity_cid() {
 
 	assert_eq!(io.handle_request_sync(request), Some(response.to_owned()));
 }
+
+#[test]
+fn rpc_parity_call() {
+	let deps = Dependencies::new();
+	deps.client.set_execution_result(Ok(Executed {
+		exception: None,
+		gas: U256::zero(),
+		gas_used: U256::from(0xff30),
+		refunded: U256::from(0x5),
+		cumulative_gas_used: U256::zero(),
+		logs: vec![],
+		contracts_created: vec![],
+		output: vec![0x12, 0x34, 0xff],
+		trace: vec![],
+		vm_trace: None,
+		state_diff: None,
+	}));
+	let io = deps.default_client();
+
+	let request = r#"{
+		"jsonrpc": "2.0",
+		"method": "parity_call",
+		"params": [[{
+			"from": "0xb60e8dd61c5d32be8058bb8eb970870f07233155",
+			"to": "0xd46e8dd67c5d32be8058bb8eb970870f07244567",
+			"gas": "0x76c0",
+			"gasPrice": "0x9184e72a000",
+			"value": "0x9184e72a",
+			"data": "0xd46e8dd67c5d32be8d46e8dd67c5d32be8058bb8eb970870f072445675058bb8eb970870f072445675"
+		}],
+		"latest"],
+		"id": 1
+	}"#;
+	let response = r#"{"jsonrpc":"2.0","result":["0x1234ff"],"id":1}"#;
+
+	assert_eq!(io.handle_request_sync(request), Some(response.to_owned()));
+}
diff --git a/rpc/src/v1/tests/mocked/traces.rs b/rpc/src/v1/tests/mocked/traces.rs
index f64142f8c..50890648c 100644
--- a/rpc/src/v1/tests/mocked/traces.rs
+++ b/rpc/src/v1/tests/mocked/traces.rs
@@ -170,6 +170,16 @@ fn rpc_trace_call() {
 	assert_eq!(tester.io.handle_request_sync(request), Some(response.to_owned()));
 }
 
+#[test]
+fn rpc_trace_multi_call() {
+	let tester = io();
+
+	let request = r#"{"jsonrpc":"2.0","method":"trace_callMany","params":[[[{}, ["stateDiff", "vmTrace", "trace"]]]],"id":1}"#;
+	let response = r#"{"jsonrpc":"2.0","result":[{"output":"0x010203","stateDiff":null,"trace":[],"vmTrace":null}],"id":1}"#;
+
+	assert_eq!(tester.io.handle_request_sync(request), Some(response.to_owned()));
+}
+
 #[test]
 fn rpc_trace_call_state_pruned() {
 	let tester = io();
diff --git a/rpc/src/v1/traits/parity.rs b/rpc/src/v1/traits/parity.rs
index 92904aa40..a0b1a6e99 100644
--- a/rpc/src/v1/traits/parity.rs
+++ b/rpc/src/v1/traits/parity.rs
@@ -23,7 +23,7 @@ use jsonrpc_macros::Trailing;
 use futures::BoxFuture;
 
 use v1::types::{
-	H160, H256, H512, U256, Bytes,
+	H160, H256, H512, U256, Bytes, CallRequest,
 	Peers, Transaction, RpcSettings, Histogram,
 	TransactionStats, LocalTransactionStatus,
 	BlockNumber, ConsensusCapability, VersionInfo,
@@ -203,5 +203,9 @@ build_rpc_trait! {
 		/// Get IPFS CIDv0 given protobuf encoded bytes.
 		#[rpc(name = "parity_cidV0")]
 		fn ipfs_cid(&self, Bytes) -> Result<String, Error>;
+
+		/// Call contract, returning the output data.
+		#[rpc(async, name = "parity_call")]
+		fn call(&self, Vec<CallRequest>, Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error>;
 	}
 }
diff --git a/rpc/src/v1/traits/traces.rs b/rpc/src/v1/traits/traces.rs
index 64b37ac1d..568788af2 100644
--- a/rpc/src/v1/traits/traces.rs
+++ b/rpc/src/v1/traits/traces.rs
@@ -18,7 +18,7 @@
 
 use jsonrpc_core::Error;
 use jsonrpc_macros::Trailing;
-use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, H256};
+use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, H256, TraceOptions};
 
 build_rpc_trait! {
 	/// Traces specific rpc interface.
@@ -41,14 +41,18 @@ build_rpc_trait! {
 
 		/// Executes the given call and returns a number of possible traces for it.
 		#[rpc(name = "trace_call")]
-		fn call(&self, CallRequest, Vec<String>, Trailing<BlockNumber>) -> Result<TraceResults, Error>;
+		fn call(&self, CallRequest, TraceOptions, Trailing<BlockNumber>) -> Result<TraceResults, Error>;
+
+		/// Executes all given calls and returns a number of possible traces for each of it.
+		#[rpc(name = "trace_callMany")]
+		fn call_many(&self, Vec<(CallRequest, TraceOptions)>, Trailing<BlockNumber>) -> Result<Vec<TraceResults>, Error>;
 
 		/// Executes the given raw transaction and returns a number of possible traces for it.
 		#[rpc(name = "trace_rawTransaction")]
-		fn raw_transaction(&self, Bytes, Vec<String>, Trailing<BlockNumber>) -> Result<TraceResults, Error>;
+		fn raw_transaction(&self, Bytes, TraceOptions, Trailing<BlockNumber>) -> Result<TraceResults, Error>;
 
 		/// Executes the transaction with the given hash and returns a number of possible traces for it.
 		#[rpc(name = "trace_replayTransaction")]
-		fn replay_transaction(&self, H256, Vec<String>) -> Result<TraceResults, Error>;
+		fn replay_transaction(&self, H256, TraceOptions) -> Result<TraceResults, Error>;
 	}
 }
diff --git a/rpc/src/v1/types/mod.rs b/rpc/src/v1/types/mod.rs
index 3e463f958..1407ebcf2 100644
--- a/rpc/src/v1/types/mod.rs
+++ b/rpc/src/v1/types/mod.rs
@@ -78,3 +78,7 @@ pub use self::transaction_request::TransactionRequest;
 pub use self::transaction_condition::TransactionCondition;
 pub use self::uint::{U128, U256};
 pub use self::work::Work;
+
+// TODO [ToDr] Refactor to a proper type Vec of enums?
+/// Expected tracing type.
+pub type TraceOptions = Vec<String>;
diff --git a/secret_store/src/key_server_cluster/io/deadline.rs b/secret_store/src/key_server_cluster/io/deadline.rs
index 501a69057..aea339ca9 100644
--- a/secret_store/src/key_server_cluster/io/deadline.rs
+++ b/secret_store/src/key_server_cluster/io/deadline.rs
@@ -19,7 +19,7 @@ use std::time::Duration;
 use futures::{Future, Select, BoxFuture, Poll, Async};
 use tokio_core::reactor::{Handle, Timeout};
 
-type DeadlineBox<F> where F: Future = BoxFuture<DeadlineStatus<F::Item>, F::Error>;
+type DeadlineBox<F> = BoxFuture<DeadlineStatus<<F as Future>::Item>, <F as Future>::Error>;
 
 /// Complete a passed future or fail if it is not completed within timeout.
 pub fn deadline<F, T>(duration: Duration, handle: &Handle, future: F) -> Result<Deadline<F>, io::Error>
@@ -82,4 +82,4 @@ mod tests {
 		core.turn(Some(Duration::from_millis(3)));
 		assert_eq!(deadline.wait().unwrap(), DeadlineStatus::Meet(()));
 	}
-}
\ No newline at end of file
+}
diff --git a/sync/src/block_sync.rs b/sync/src/block_sync.rs
index 8215b775b..92c8df429 100644
--- a/sync/src/block_sync.rs
+++ b/sync/src/block_sync.rs
@@ -267,7 +267,7 @@ impl BlockDownloader {
 				BlockStatus::Bad => {
 					return Err(BlockDownloaderImportError::Invalid);
 				},
-				BlockStatus::Unknown => {
+				BlockStatus::Unknown | BlockStatus::Pending => {
 					headers.push(hdr.as_raw().to_vec());
 					hashes.push(hash);
 				}
diff --git a/sync/src/chain.rs b/sync/src/chain.rs
index 38872b24f..d6937381c 100644
--- a/sync/src/chain.rs
+++ b/sync/src/chain.rs
@@ -995,7 +995,7 @@ impl ChainSync {
 				BlockStatus::Queued => {
 					trace!(target: "sync", "New hash block already queued {:?}", hash);
 				},
-				BlockStatus::Unknown => {
+				BlockStatus::Unknown | BlockStatus::Pending => {
 					new_hashes.push(hash.clone());
 					if number > max_height {
 						trace!(target: "sync", "New unknown block hash {:?}", hash);

From e43b1084c325e32a2ec73ae313b8ac0bcb38538c Mon Sep 17 00:00:00 2001
From: Robert Habermeier <rphmeier@gmail.com>
Date: Fri, 4 Aug 2017 21:43:31 +0200
Subject: [PATCH 034/112] format instant change proofs correctly

---
 ethcore/src/engines/authority_round/mod.rs | 1 +
 ethcore/src/engines/tendermint/mod.rs      | 1 +
 2 files changed, 2 insertions(+)

diff --git a/ethcore/src/engines/authority_round/mod.rs b/ethcore/src/engines/authority_round/mod.rs
index 18389f168..e7284bfbe 100644
--- a/ethcore/src/engines/authority_round/mod.rs
+++ b/ethcore/src/engines/authority_round/mod.rs
@@ -690,6 +690,7 @@ impl Engine for AuthorityRound {
 
 		// apply immediate transitions.
 		if let Some(change) = self.validators.is_epoch_end(first, chain_head) {
+			let change = combine_proofs(chain_head.number(), &change, &[]);
 			return Some(change)
 		}
 
diff --git a/ethcore/src/engines/tendermint/mod.rs b/ethcore/src/engines/tendermint/mod.rs
index 1c962d633..cc75e99c3 100644
--- a/ethcore/src/engines/tendermint/mod.rs
+++ b/ethcore/src/engines/tendermint/mod.rs
@@ -643,6 +643,7 @@ impl Engine for Tendermint {
 		let first = chain_head.number() == 0;
 
 		if let Some(change) = self.validators.is_epoch_end(first, chain_head) {
+			let change = combine_proofs(chain_head.number(), &change, &[]);
 			return Some(change)
 		} else if let Some(pending) = transition_store(chain_head.hash()) {
 			let signal_number = chain_head.number();

From ee07bf29ce8bf12db7bed261f61d928f8d526994 Mon Sep 17 00:00:00 2001
From: Pieter Vander Vennet <pietervdvn@gmail.com>
Date: Sun, 6 Aug 2017 18:33:54 +0200
Subject: [PATCH 035/112] Fixed typo (s/seems is/seems)

---
 js/src/dapps/localtx/Application/application.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/src/dapps/localtx/Application/application.js b/js/src/dapps/localtx/Application/application.js
index 8efadcf1a..27dc41b3e 100644
--- a/js/src/dapps/localtx/Application/application.js
+++ b/js/src/dapps/localtx/Application/application.js
@@ -151,7 +151,7 @@ export default class Application extends Component {
 
     if (!transactions.length) {
       return (
-        <h3>The queue seems is empty.</h3>
+        <h3>The queue seems empty.</h3>
       );
     }
 

From 82f90085ee6f5496db7af3b8873f48cf3258ead8 Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Mon, 7 Aug 2017 00:53:11 +0000
Subject: [PATCH 036/112] [ci skip] js-precompiled 20170807-004826

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index cc8c7d3c7..48ab1e4ac 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2052,7 +2052,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#06f77d96f1b1a771d643f07b60c802d448b6415c"
+source = "git+https://github.com/paritytech/js-precompiled.git#dfb9367a495d5ca3eac3c92a4197cf8652756d37"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index 6324f5ab8..46c7ae176 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.9",
+  "version": "1.8.10",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index e317ee6c1..d0f8a037b 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.9",
+  "version": "1.8.10",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From 455ecf700ca57d5b2d9c0bd27a95cef799cd0ea1 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Mon, 7 Aug 2017 10:06:02 +0200
Subject: [PATCH 037/112] updated tiny-keccak to 1.3

---
 Cargo.lock                | 24 ++++++++++++------------
 ethcrypto/Cargo.toml      |  2 +-
 ethkey/Cargo.toml         |  2 +-
 ethstore/Cargo.toml       |  2 +-
 evmjit/Cargo.toml         |  2 +-
 js/wasm/ethkey/Cargo.toml |  2 +-
 util/bloomable/Cargo.toml |  2 +-
 util/network/Cargo.toml   |  2 +-
 whisper/Cargo.toml        |  2 +-
 9 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index cc8c7d3c7..f07073354 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -195,7 +195,7 @@ name = "bloomable"
 version = "0.1.0"
 dependencies = [
  "ethcore-bigint 0.1.3",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -470,7 +470,7 @@ dependencies = [
  "serde 1.0.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde_derive 1.0.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde_json 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -702,7 +702,7 @@ dependencies = [
  "rustc-serialize 0.3.19 (registry+https://github.com/rust-lang/crates.io-index)",
  "slab 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "time 0.1.35 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -787,7 +787,7 @@ dependencies = [
  "sha3 0.1.0",
  "target_info 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "time 0.1.35 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "vergen 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -800,7 +800,7 @@ dependencies = [
  "ethkey 0.2.0",
  "rust-crypto 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
  "subtle 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -826,7 +826,7 @@ dependencies = [
  "rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
  "rust-crypto 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -862,7 +862,7 @@ dependencies = [
  "smallvec 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "tempdir 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)",
  "time 0.1.35 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -943,7 +943,7 @@ dependencies = [
 name = "evmjit"
 version = "1.8.0"
 dependencies = [
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -1545,7 +1545,7 @@ version = "0.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
  "ring 0.9.5 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -2113,7 +2113,7 @@ dependencies = [
  "slab 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "smallvec 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "time 0.1.35 (registry+https://github.com/rust-lang/crates.io-index)",
- "tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -2863,7 +2863,7 @@ dependencies = [
 
 [[package]]
 name = "tiny-keccak"
-version = "1.2.1"
+version = "1.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
@@ -3446,7 +3446,7 @@ dependencies = [
 "checksum thread-id 3.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "4437c97558c70d129e40629a5b385b3fb1ffac301e63941335e4d354081ec14a"
 "checksum thread_local 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "c85048c6260d17cf486ceae3282d9fb6b90be220bf5b28c400f5485ffc29f0c7"
 "checksum time 0.1.35 (registry+https://github.com/rust-lang/crates.io-index)" = "3c7ec6d62a20df54e07ab3b78b9a3932972f4b7981de295563686849eb3989af"
-"checksum tiny-keccak 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "0b50173faa6ee499206f77b189d7ff3bef40f6969f228c9ec22b82080df9aa41"
+"checksum tiny-keccak 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "d52d12ad79e4063e0cb0ca5efa202ed7244b6ce4d25f4d3abe410b2a66128292"
 "checksum tokio-core 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "99e958104a67877907c1454386d5482fe8e965a55d60be834a15a44328e7dc76"
 "checksum tokio-io 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "48f55df1341bb92281f229a6030bc2abffde2c7a44c6d6b802b7687dd8be0775"
 "checksum tokio-minihttp 0.1.0 (git+https://github.com/tomusdrw/tokio-minihttp)" = "<none>"
diff --git a/ethcrypto/Cargo.toml b/ethcrypto/Cargo.toml
index 8e5131974..a84032f26 100644
--- a/ethcrypto/Cargo.toml
+++ b/ethcrypto/Cargo.toml
@@ -5,7 +5,7 @@ authors = ["Parity Technologies <admin@parity.io>"]
 
 [dependencies]
 rust-crypto = "0.2.36"
-tiny-keccak = "1.2"
+tiny-keccak = "1.3"
 eth-secp256k1 = { git = "https://github.com/paritytech/rust-secp256k1" }
 ethkey = { path = "../ethkey" }
 ethcore-bigint = { path = "../util/bigint" }
diff --git a/ethkey/Cargo.toml b/ethkey/Cargo.toml
index 342410adc..519accadf 100644
--- a/ethkey/Cargo.toml
+++ b/ethkey/Cargo.toml
@@ -6,7 +6,7 @@ authors = ["Parity Technologies <admin@parity.io>"]
 [dependencies]
 rand = "0.3.14"
 lazy_static = "0.2"
-tiny-keccak = "1.2"
+tiny-keccak = "1.3"
 eth-secp256k1 = { git = "https://github.com/paritytech/rust-secp256k1" }
 rustc-hex = "1.0"
 ethcore-bigint = { path = "../util/bigint" }
diff --git a/ethstore/Cargo.toml b/ethstore/Cargo.toml
index 117332022..200dec366 100755
--- a/ethstore/Cargo.toml
+++ b/ethstore/Cargo.toml
@@ -13,7 +13,7 @@ serde_json = "1.0"
 serde_derive = "1.0"
 rustc-hex = "1.0"
 rust-crypto = "0.2.36"
-tiny-keccak = "1.0"
+tiny-keccak = "1.3"
 time = "0.1.34"
 itertools = "0.5"
 parking_lot = "0.4"
diff --git a/evmjit/Cargo.toml b/evmjit/Cargo.toml
index e4daf3dae..dbc0cd51a 100644
--- a/evmjit/Cargo.toml
+++ b/evmjit/Cargo.toml
@@ -7,4 +7,4 @@ authors = ["Parity Technologies <admin@parity.io>"]
 crate-type = ["dylib"]
 
 [dependencies]
-tiny-keccak = "1.2"
+tiny-keccak = "1.3"
diff --git a/js/wasm/ethkey/Cargo.toml b/js/wasm/ethkey/Cargo.toml
index 8391f8b0b..8eb9159e9 100644
--- a/js/wasm/ethkey/Cargo.toml
+++ b/js/wasm/ethkey/Cargo.toml
@@ -9,7 +9,7 @@ authors = ["Parity Technologies <admin@parity.io>"]
 members = []
 
 [dependencies]
-tiny-keccak = "1.0"
+tiny-keccak = "1.3"
 tiny-secp256k1 = "0.1"
 libc = { version = "0.2.14", default-features = false }
 
diff --git a/util/bloomable/Cargo.toml b/util/bloomable/Cargo.toml
index 46009d381..f85b67943 100644
--- a/util/bloomable/Cargo.toml
+++ b/util/bloomable/Cargo.toml
@@ -7,4 +7,4 @@ authors = ["debris <marek.kotewicz@gmail.com>"]
 ethcore-bigint = { path = "../bigint" }
 
 [dev-dependencies]
-tiny-keccak = "1.2.1"
+tiny-keccak = "1.3"
diff --git a/util/network/Cargo.toml b/util/network/Cargo.toml
index 7c44aff7f..2d571d632 100644
--- a/util/network/Cargo.toml
+++ b/util/network/Cargo.toml
@@ -12,7 +12,7 @@ mio = "0.6.8"
 bytes = "0.4"
 rand = "0.3.12"
 time = "0.1.34"
-tiny-keccak = "1.0"
+tiny-keccak = "1.3"
 rust-crypto = "0.2.34"
 slab = "0.2"
 clippy = { version = "0.0.103", optional = true}
diff --git a/whisper/Cargo.toml b/whisper/Cargo.toml
index 7b74c2990..b4898f00d 100644
--- a/whisper/Cargo.toml
+++ b/whisper/Cargo.toml
@@ -25,7 +25,7 @@ serde_json = "1.0"
 slab = "0.3"
 smallvec = "0.4"
 time = "0.1"
-tiny-keccak = "1.2.1"
+tiny-keccak = "1.3"
 
 jsonrpc-core = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }
 jsonrpc-macros = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }

From 67ccfa1da1b8f228bf6e9f460551baaaf913177d Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Mon, 7 Aug 2017 09:43:01 +0000
Subject: [PATCH 038/112] [ci skip] js-precompiled 20170807-093816

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 946507428..a66df64da 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2052,7 +2052,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#dfb9367a495d5ca3eac3c92a4197cf8652756d37"
+source = "git+https://github.com/paritytech/js-precompiled.git#dd9b92d9d8c244678e15163347f9adb2e2560959"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index 46c7ae176..7514c3c29 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.10",
+  "version": "1.8.11",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index d0f8a037b..3c399db87 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.10",
+  "version": "1.8.11",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From a20892e5e61439bccc16ea1901e5fc81dd1baabd Mon Sep 17 00:00:00 2001
From: Afri <5chdn@users.noreply.github.com>
Date: Mon, 7 Aug 2017 18:12:00 +0200
Subject: [PATCH 039/112] Fix the README badges (#6229)

* Update README.md

* Set latest release to 1.7
---
 README.md | 48 +++++++++++++++++-------------------------------
 1 file changed, 17 insertions(+), 31 deletions(-)

diff --git a/README.md b/README.md
index 37b06f01c..16758bc27 100644
--- a/README.md
+++ b/README.md
@@ -1,55 +1,41 @@
-# [Parity](https://parity.io/parity.html)
-### Fast, light, and robust Ethereum implementation
+# [Parity](https://parity.io/parity.html) - fast, light, and robust Ethereum client
 
-### [Download latest release](https://github.com/paritytech/parity/releases)
+[![build status](https://gitlab.parity.io/parity/parity/badges/master/build.svg)](https://gitlab.parity.io/parity/parity/commits/master)
+[![Snap Status](https://build.snapcraft.io/badge/paritytech/parity.svg)](https://build.snapcraft.io/user/paritytech/parity)
+[![GPLv3](https://img.shields.io/badge/license-GPL%20v3-green.svg)](https://www.gnu.org/licenses/gpl-3.0.en.html)
 
-[![build status](https://gitlab.parity.io/parity/parity/badges/master/build.svg)](https://gitlab.parity.io/parity/parity/commits/master) [![Coverage Status][coveralls-image]][coveralls-url]  [![GPLv3][license-image]][license-url] [![Snap Status](https://build.snapcraft.io/badge/paritytech/parity.svg)](https://build.snapcraft.io/user/paritytech/parity)
+- [Download the latest release here.](https://github.com/paritytech/parity/releases)
 
 ### Join the chat!
 
-Parity [![Join the chat at https://gitter.im/ethcore/parity][gitter-image]][gitter-url] and
-parity.js [![Join the chat at https://gitter.im/ethcore/parity.js](https://badges.gitter.im/ethcore/parity.js.svg)](https://gitter.im/ethcore/parity.js?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-
-[Internal Documentation][doc-url]
-
-
-Be sure to check out [our wiki][wiki-url] for more information.
-
-[coveralls-image]: https://coveralls.io/repos/github/paritytech/parity/badge.svg?branch=master
-[coveralls-url]: https://coveralls.io/github/paritytech/parity?branch=master
-[gitter-image]: https://badges.gitter.im/Join%20Chat.svg
-[gitter-url]: https://gitter.im/ethcore/parity?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
-[license-image]: https://img.shields.io/badge/license-GPL%20v3-green.svg
-[license-url]: https://www.gnu.org/licenses/gpl-3.0.en.html
-[doc-url]: https://paritytech.github.io/parity/ethcore/index.html
-[wiki-url]: https://github.com/paritytech/parity/wiki
+Get in touch with us on Gitter:
+[![Gitter: Parity](https://img.shields.io/badge/gitter-parity-4AB495.svg)](https://gitter.im/paritytech/parity)
+[![Gitter: Parity.js](https://img.shields.io/badge/gitter-parity.js-4AB495.svg)](https://gitter.im/paritytech/parity.js)
+[![Gitter: Parity/Miners](https://img.shields.io/badge/gitter-parity/miners-4AB495.svg)](https://gitter.im/paritytech/parity/miners)
+[![Gitter: Parity-PoA](https://img.shields.io/badge/gitter-parity--poa-4AB495.svg)](https://gitter.im/paritytech/parity-poa)
 
+Be sure to check out [our wiki](https://github.com/paritytech/parity/wiki) and the [internal documentation](https://paritytech.github.io/parity/ethcore/index.html) for more information.
 
 ----
 
-
 ## About Parity
 
-Parity's goal is to be the fastest, lightest, and most secure Ethereum client. We are developing Parity using the sophisticated and
-cutting-edge Rust programming language. Parity is licensed under the GPLv3, and can be used for all your Ethereum needs.
+Parity's goal is to be the fastest, lightest, and most secure Ethereum client. We are developing Parity using the sophisticated and cutting-edge Rust programming language. Parity is licensed under the GPLv3, and can be used for all your Ethereum needs.
+
+Parity comes with a built-in wallet. To access [Parity Wallet](http://web3.site/) simply go to http://web3.site/ (if you don't have access to the internet, but still want to use the service, you can also use http://127.0.0.1:8180/). It includes various functionality allowing you to:
 
-Parity comes with a built-in wallet. To access [Parity Wallet](http://web3.site/) simply go to http://web3.site/ (if you don't have access to the internet, but still want to use the service, you can also use http://127.0.0.1:8180/). It
-includes various functionality allowing you to:
 - create and manage your Ethereum accounts;
 - manage your Ether and any Ethereum tokens;
 - create and register your own tokens;
 - and much more.
 
-By default, Parity will also run a JSONRPC server on `127.0.0.1:8545`. This is fully configurable and supports a number
-of RPC APIs.
+By default, Parity will also run a JSONRPC server on `127.0.0.1:8545`. This is fully configurable and supports a number of RPC APIs.
 
-If you run into an issue while using parity, feel free to file one in this repository
-or hop on our [gitter chat room][gitter-url] to ask a question. We are glad to help!
+If you run into an issue while using parity, feel free to file one in this repository or hop on our [gitter chat room](https://gitter.im/paritytech/parity) to ask a question. We are glad to help!
 
 **For security-critical issues**, please refer to the security policy outlined in `SECURITY.MD`.
 
-Parity's current release is 1.6. You can download it at https://github.com/paritytech/parity/releases or follow the instructions
-below to build from source.
+Parity's current release is 1.7. You can download it at https://github.com/paritytech/parity/releases or follow the instructions below to build from source.
 
 ----
 

From 872e5537bb8a42a1ed1088e569276c3f30cc976f Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Mon, 7 Aug 2017 19:54:05 +0300
Subject: [PATCH 040/112] SecretStore: do not cache ACL contract + on-chain key
 servers configuration (#6107)

* do not cache ACL storage contract

* when error comes before initialization

* initial KeyServerSet commit

* update_nodes_set in maintain

* do not connect to self

* fixed connection establishing

* removed println

* improved KeyServerSet tracing

* moved parsing to KeyServerSet

* re-read only when blockchain is changed

* do not try to connect if not a part of cluster

* improved logging

* fixed tests
---
 Cargo.lock                                    |   1 +
 ethcore/native_contracts/build.rs             |   2 +
 .../native_contracts/res/key_server_set.json  |   1 +
 .../native_contracts/src/key_server_set.rs    |  21 ++
 ethcore/native_contracts/src/lib.rs           |   2 +
 secret_store/Cargo.toml                       |   1 +
 secret_store/src/acl_storage.rs               |  91 +++++---
 secret_store/src/key_server.rs                |  19 +-
 .../src/key_server_cluster/cluster.rs         | 138 ++++++++----
 .../key_server_cluster/cluster_sessions.rs    |   2 +-
 .../src/key_server_cluster/io/handshake.rs    |  12 +-
 .../key_server_cluster/jobs/job_session.rs    |  26 +--
 secret_store/src/key_server_cluster/mod.rs    |   3 +
 .../net/accept_connection.rs                  |   7 +-
 secret_store/src/key_server_set.rs            | 204 ++++++++++++++++++
 secret_store/src/lib.rs                       |   8 +-
 16 files changed, 442 insertions(+), 96 deletions(-)
 create mode 100644 ethcore/native_contracts/res/key_server_set.json
 create mode 100644 ethcore/native_contracts/src/key_server_set.rs
 create mode 100644 secret_store/src/key_server_set.rs

diff --git a/Cargo.lock b/Cargo.lock
index a66df64da..e705e39f9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -723,6 +723,7 @@ dependencies = [
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures-cpupool 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
  "hyper 0.10.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lazy_static 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
  "native-contracts 0.1.0",
  "parking_lot 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/ethcore/native_contracts/build.rs b/ethcore/native_contracts/build.rs
index cec830929..bcb64067c 100644
--- a/ethcore/native_contracts/build.rs
+++ b/ethcore/native_contracts/build.rs
@@ -21,6 +21,7 @@ use std::fs::File;
 use std::io::Write;
 
 // TODO: just walk the "res" directory and generate whole crate automatically.
+const KEY_SERVER_SET_ABI: &'static str = include_str!("res/key_server_set.json");
 const REGISTRY_ABI: &'static str = include_str!("res/registrar.json");
 const URLHINT_ABI: &'static str = include_str!("res/urlhint.json");
 const SERVICE_TRANSACTION_ABI: &'static str = include_str!("res/service_transaction.json");
@@ -45,6 +46,7 @@ fn build_test_contracts() {
 }
 
 fn main() {
+	build_file("KeyServerSet", KEY_SERVER_SET_ABI, "key_server_set.rs");
 	build_file("Registry", REGISTRY_ABI, "registry.rs");
 	build_file("Urlhint", URLHINT_ABI, "urlhint.rs");
 	build_file("ServiceTransactionChecker", SERVICE_TRANSACTION_ABI, "service_transaction.rs");
diff --git a/ethcore/native_contracts/res/key_server_set.json b/ethcore/native_contracts/res/key_server_set.json
new file mode 100644
index 000000000..93f68837a
--- /dev/null
+++ b/ethcore/native_contracts/res/key_server_set.json
@@ -0,0 +1 @@
+[{"constant":true,"inputs":[{"name":"","type":"uint256"}],"name":"keyServersList","outputs":[{"name":"","type":"address"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"_new","type":"address"}],"name":"setOwner","outputs":[],"payable":false,"type":"function"},{"constant":true,"inputs":[{"name":"keyServer","type":"address"}],"name":"getKeyServerPublic","outputs":[{"name":"","type":"bytes"}],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"getKeyServers","outputs":[{"name":"","type":"address[]"}],"payable":false,"type":"function"},{"constant":true,"inputs":[],"name":"owner","outputs":[{"name":"","type":"address"}],"payable":false,"type":"function"},{"constant":true,"inputs":[{"name":"keyServer","type":"address"}],"name":"getKeyServerAddress","outputs":[{"name":"","type":"string"}],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"keyServer","type":"address"}],"name":"removeKeyServer","outputs":[],"payable":false,"type":"function"},{"constant":false,"inputs":[{"name":"keyServerPublic","type":"bytes"},{"name":"keyServerIp","type":"string"}],"name":"addKeyServer","outputs":[],"payable":false,"type":"function"},{"anonymous":false,"inputs":[{"indexed":false,"name":"keyServer","type":"address"}],"name":"KeyServerAdded","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"keyServer","type":"address"}],"name":"KeyServerRemoved","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"name":"old","type":"address"},{"indexed":true,"name":"current","type":"address"}],"name":"NewOwner","type":"event"}]
\ No newline at end of file
diff --git a/ethcore/native_contracts/src/key_server_set.rs b/ethcore/native_contracts/src/key_server_set.rs
new file mode 100644
index 000000000..60b137aae
--- /dev/null
+++ b/ethcore/native_contracts/src/key_server_set.rs
@@ -0,0 +1,21 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+#![allow(unused_mut, unused_variables, unused_imports)]
+
+//! Secret store Key Server set contract.
+
+include!(concat!(env!("OUT_DIR"), "/key_server_set.rs"));
diff --git a/ethcore/native_contracts/src/lib.rs b/ethcore/native_contracts/src/lib.rs
index e35a4ec19..33cb91563 100644
--- a/ethcore/native_contracts/src/lib.rs
+++ b/ethcore/native_contracts/src/lib.rs
@@ -23,6 +23,7 @@ extern crate byteorder;
 extern crate ethabi;
 extern crate ethcore_util as util;
 
+mod key_server_set;
 mod registry;
 mod urlhint;
 mod service_transaction;
@@ -32,6 +33,7 @@ mod validator_report;
 
 pub mod test_contracts;
 
+pub use self::key_server_set::KeyServerSet;
 pub use self::registry::Registry;
 pub use self::urlhint::Urlhint;
 pub use self::service_transaction::ServiceTransactionChecker;
diff --git a/secret_store/Cargo.toml b/secret_store/Cargo.toml
index eea49978d..19f342aa9 100644
--- a/secret_store/Cargo.toml
+++ b/secret_store/Cargo.toml
@@ -35,3 +35,4 @@ ethcore-logger = { path = "../logger" }
 ethcrypto = { path = "../ethcrypto" }
 ethkey = { path = "../ethkey" }
 native-contracts = { path = "../ethcore/native_contracts" }
+lazy_static = "0.2"
diff --git a/secret_store/src/acl_storage.rs b/secret_store/src/acl_storage.rs
index 816d100dc..37d5bcd25 100644
--- a/secret_store/src/acl_storage.rs
+++ b/secret_store/src/acl_storage.rs
@@ -14,12 +14,13 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
-use std::sync::Arc;
+use std::sync::{Arc, Weak};
 use futures::{future, Future};
 use parking_lot::Mutex;
 use ethkey::public_to_address;
-use ethcore::client::{Client, BlockChainClient, BlockId};
+use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify};
 use native_contracts::SecretStoreAclStorage;
+use util::{H256, Address, Bytes};
 use types::all::{Error, ServerKeyId, Public};
 
 const ACL_CHECKER_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_acl_checker";
@@ -32,40 +33,82 @@ pub trait AclStorage: Send + Sync {
 
 /// On-chain ACL storage implementation.
 pub struct OnChainAclStorage {
+	/// Cached on-chain contract.
+	contract: Mutex<CachedContract>,
+}
+
+/// Cached on-chain ACL storage contract.
+struct CachedContract {
 	/// Blockchain client.
-	client: Arc<Client>,
-	/// On-chain contract.
-	contract: Mutex<Option<SecretStoreAclStorage>>,
+	client: Weak<Client>,
+	/// Contract address.
+	contract_addr: Option<Address>,
+	/// Contract at given address.
+	contract: Option<SecretStoreAclStorage>,
 }
 
 impl OnChainAclStorage {
-	pub fn new(client: Arc<Client>) -> Self {
-		OnChainAclStorage {
-			client: client,
-			contract: Mutex::new(None),
-		}
+	pub fn new(client: &Arc<Client>) -> Arc<Self> {
+		let acl_storage = Arc::new(OnChainAclStorage {
+			contract: Mutex::new(CachedContract::new(client)),
+		});
+		client.add_notify(acl_storage.clone());
+		acl_storage
 	}
 }
 
 impl AclStorage for OnChainAclStorage {
 	fn check(&self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
-		let mut contract = self.contract.lock();
-		if !contract.is_some() {
-			*contract = self.client.registry_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.to_owned())
-				.and_then(|contract_addr| {
+		self.contract.lock().check(public, document)
+	}
+}
+
+impl ChainNotify for OnChainAclStorage {
+	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, enacted: Vec<H256>, retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
+		if !enacted.is_empty() || !retracted.is_empty() {
+			self.contract.lock().update()
+		}
+	}
+}
+
+impl CachedContract {
+	pub fn new(client: &Arc<Client>) -> Self {
+		CachedContract {
+			client: Arc::downgrade(client),
+			contract_addr: None,
+			contract: None,
+		}
+	}
+
+	pub fn update(&mut self) {
+		if let Some(client) = self.client.upgrade() {
+			let new_contract_addr = client.registry_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.to_owned());
+			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
+				self.contract = new_contract_addr.map(|contract_addr| {
 					trace!(target: "secretstore", "Configuring for ACL checker contract from {}", contract_addr);
 
-					Some(SecretStoreAclStorage::new(contract_addr))
-				})
+					SecretStoreAclStorage::new(contract_addr)
+				});
+
+				self.contract_addr = new_contract_addr;
+			}
 		}
-		if let Some(ref contract) = *contract {
-			let address = public_to_address(&public);
-			let do_call = |a, d| future::done(self.client.call_contract(BlockId::Latest, a, d));
-			contract.check_permissions(do_call, address, document.clone())
-				.map_err(|err| Error::Internal(err))
-				.wait()
-		} else {
-			Err(Error::Internal("ACL checker contract is not configured".to_owned()))
+	}
+
+	pub fn check(&mut self, public: &Public, document: &ServerKeyId) -> Result<bool, Error> {
+		match self.contract.as_ref() {
+			Some(contract) => {
+				let address = public_to_address(&public);
+				let do_call = |a, d| future::done(
+					self.client
+						.upgrade()
+						.ok_or("Calling contract without client".into())
+						.and_then(|c| c.call_contract(BlockId::Latest, a, d)));
+				contract.check_permissions(do_call, address, document.clone())
+					.map_err(|err| Error::Internal(err))
+					.wait()
+			},
+			None => Err(Error::Internal("ACL checker contract is not configured".to_owned())),
 		}
 	}
 }
diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index fd4e154fa..c83e460f3 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -24,6 +24,7 @@ use ethcrypto;
 use ethkey;
 use super::acl_storage::AclStorage;
 use super::key_storage::KeyStorage;
+use super::key_server_set::KeyServerSet;
 use key_server_cluster::{math, ClusterCore};
 use traits::{ServerKeyGenerator, DocumentKeyServer, MessageSigner, KeyServer};
 use types::all::{Error, Public, RequestSignature, ServerKeyId, EncryptedDocumentKey, EncryptedDocumentKeyShadow,
@@ -44,9 +45,9 @@ pub struct KeyServerCore {
 
 impl KeyServerImpl {
 	/// Create new key server instance
-	pub fn new(config: &ClusterConfiguration, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		Ok(KeyServerImpl {
-			data: Arc::new(Mutex::new(KeyServerCore::new(config, acl_storage, key_storage)?)),
+			data: Arc::new(Mutex::new(KeyServerCore::new(config, key_server_set, acl_storage, key_storage)?)),
 		})
 	}
 
@@ -143,14 +144,12 @@ impl MessageSigner for KeyServerImpl {
 }
 
 impl KeyServerCore {
-	pub fn new(config: &ClusterConfiguration, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		let config = NetClusterConfiguration {
 			threads: config.threads,
 			self_key_pair: ethkey::KeyPair::from_secret_slice(&config.self_private)?,
 			listen_address: (config.listener_address.address.clone(), config.listener_address.port),
-			nodes: config.nodes.iter()
-				.map(|(node_id, node_address)| (node_id.clone(), (node_address.address.clone(), node_address.port)))
-				.collect(),
+			key_server_set: key_server_set,
 			allow_connecting_to_higher_nodes: config.allow_connecting_to_higher_nodes,
 			acl_storage: acl_storage,
 			key_storage: key_storage,
@@ -193,10 +192,13 @@ impl Drop for KeyServerCore {
 pub mod tests {
 	use std::time;
 	use std::sync::Arc;
+	use std::net::SocketAddr;
+	use std::collections::BTreeMap;
 	use ethcrypto;
 	use ethkey::{self, Secret, Random, Generator};
 	use acl_storage::tests::DummyAclStorage;
 	use key_storage::tests::DummyKeyStorage;
+	use key_server_set::tests::MapKeyServerSet;
 	use key_server_cluster::math;
 	use util::H256;
 	use types::all::{Error, Public, ClusterConfiguration, NodeAddress, RequestSignature, ServerKeyId,
@@ -254,8 +256,11 @@ pub mod tests {
 					})).collect(),
 				allow_connecting_to_higher_nodes: false,
 			}).collect();
+		let key_servers_set: BTreeMap<Public, SocketAddr> = configs[0].nodes.iter()
+			.map(|(k, a)| (k.clone(), format!("{}:{}", a.address, a.port).parse().unwrap()))
+			.collect();
 		let key_servers: Vec<_> = configs.into_iter().map(|cfg|
-			KeyServerImpl::new(&cfg, Arc::new(DummyAclStorage::default()), Arc::new(DummyKeyStorage::default())).unwrap()
+			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(key_servers_set.clone())), Arc::new(DummyAclStorage::default()), Arc::new(DummyKeyStorage::default())).unwrap()
 		).collect();
 
 		// wait until connections are established. It is fast => do not bother with events here
diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index c86f30267..d77a82431 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -28,7 +28,7 @@ use tokio_core::reactor::{Handle, Remote, Interval};
 use tokio_core::net::{TcpListener, TcpStream};
 use ethkey::{Public, KeyPair, Signature, Random, Generator};
 use util::H256;
-use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage};
+use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage, KeyServerSet};
 use key_server_cluster::cluster_sessions::{ClusterSession, ClusterSessions, GenerationSessionWrapper, EncryptionSessionWrapper,
 	DecryptionSessionWrapper, SigningSessionWrapper};
 use key_server_cluster::message::{self, Message, ClusterMessage, GenerationMessage, EncryptionMessage, DecryptionMessage,
@@ -102,8 +102,8 @@ pub struct ClusterConfiguration {
 	pub self_key_pair: KeyPair,
 	/// Interface to listen to.
 	pub listen_address: (String, u16),
-	/// Cluster nodes.
-	pub nodes: BTreeMap<NodeId, (String, u16)>,
+	/// Cluster nodes set.
+	pub key_server_set: Arc<KeyServerSet>,
 	/// Reference to key storage
 	pub key_storage: Arc<KeyStorage>,
 	/// Reference to ACL storage
@@ -158,9 +158,17 @@ pub struct ClusterConnections {
 	/// Self node id.
 	pub self_node_id: NodeId,
 	/// All known other key servers.
-	pub nodes: BTreeMap<NodeId, SocketAddr>,
+	pub key_server_set: Arc<KeyServerSet>,
+	/// Connections data.
+	pub data: RwLock<ClusterConnectionsData>,
+}
+
+/// Cluster connections data.
+pub struct ClusterConnectionsData {
+	/// Active key servers set.
+	pub nodes: BTreeMap<Public, SocketAddr>,
 	/// Active connections to key servers.
-	pub connections: RwLock<BTreeMap<NodeId, Arc<Connection>>>,
+	pub connections: BTreeMap<NodeId, Arc<Connection>>,
 }
 
 /// Cluster view core.
@@ -281,8 +289,7 @@ impl ClusterCore {
 
 	/// Accept connection future.
 	fn accept_connection_future(handle: &Handle, data: Arc<ClusterData>, stream: TcpStream, node_address: SocketAddr) -> BoxedEmptyFuture {
-		let disconnected_nodes = data.connections.disconnected_nodes().keys().cloned().collect();
-		net_accept_connection(node_address, stream, handle, data.self_key_pair.clone(), disconnected_nodes)
+		net_accept_connection(node_address, stream, handle, data.self_key_pair.clone())
 			.then(move |result| ClusterCore::process_connection_result(data, true, result))
 			.then(|_| finished(()))
 			.boxed()
@@ -354,6 +361,7 @@ impl ClusterCore {
 
 	/// Try to connect to every disconnected node.
 	fn connect_disconnected_nodes(data: Arc<ClusterData>) {
+		data.connections.update_nodes_set();
 		for (node_id, node_address) in data.connections.disconnected_nodes() {
 			if data.config.allow_connecting_to_higher_nodes || data.self_key_pair.public() < &node_id {
 				ClusterCore::connect(data.clone(), node_address);
@@ -372,14 +380,16 @@ impl ClusterCore {
 					finished(Ok(())).boxed()
 				}
 			},
-			Ok(DeadlineStatus::Meet(Err(_))) => {
+			Ok(DeadlineStatus::Meet(Err(err))) => {
+				warn!(target: "secretstore_net", "{}: protocol error {} when establishind connection", data.self_key_pair.public(), err);
 				finished(Ok(())).boxed()
 			},
 			Ok(DeadlineStatus::Timeout) => {
+				warn!(target: "secretstore_net", "{}: timeout when establishind connection", data.self_key_pair.public());
 				finished(Ok(())).boxed()
 			},
-			Err(_) => {
-				// network error
+			Err(err) => {
+				warn!(target: "secretstore_net", "{}: network error {} when establishind connection", data.self_key_pair.public(), err);
 				finished(Ok(())).boxed()
 			},
 		}
@@ -665,33 +675,38 @@ impl ClusterCore {
 
 impl ClusterConnections {
 	pub fn new(config: &ClusterConfiguration) -> Result<Self, Error> {
-		let mut connections = ClusterConnections {
+		let mut nodes = config.key_server_set.get();
+		nodes.remove(config.self_key_pair.public());
+
+		Ok(ClusterConnections {
 			self_node_id: config.self_key_pair.public().clone(),
-			nodes: BTreeMap::new(),
-			connections: RwLock::new(BTreeMap::new()),
-		};
-
-		for (node_id, &(ref node_addr, node_port)) in config.nodes.iter().filter(|&(node_id, _)| node_id != config.self_key_pair.public()) {
-			let socket_address = make_socket_address(&node_addr, node_port)?;
-			connections.nodes.insert(node_id.clone(), socket_address);
-		}
-
-		Ok(connections)
+			key_server_set: config.key_server_set.clone(),
+			data: RwLock::new(ClusterConnectionsData {
+				nodes: nodes,
+				connections: BTreeMap::new(),
+			}),
+		})
 	}
 
 	pub fn cluster_state(&self) -> ClusterState {
 		ClusterState {
-			connected: self.connections.read().keys().cloned().collect(),
+			connected: self.data.read().connections.keys().cloned().collect(),
 		}
 	}
 
 	pub fn get(&self, node: &NodeId) -> Option<Arc<Connection>> {
-		self.connections.read().get(node).cloned()
+		self.data.read().connections.get(node).cloned()
 	}
 
 	pub fn insert(&self, connection: Arc<Connection>) -> bool {
-		let mut connections = self.connections.write();
-		if connections.contains_key(connection.node_id()) {
+		let mut data = self.data.write();
+		if !data.nodes.contains_key(connection.node_id()) {
+			// incoming connections are checked here
+			trace!(target: "secretstore_net", "{}: ignoring unknown connection from {} at {}", self.self_node_id, connection.node_id(), connection.node_address());
+			debug_assert!(connection.is_inbound());
+			return false;
+		}
+		if data.connections.contains_key(connection.node_id()) {
 			// we have already connected to the same node
 			// the agreement is that node with lower id must establish connection to node with higher id
 			if (&self.self_node_id < connection.node_id() && connection.is_inbound())
@@ -700,14 +715,15 @@ impl ClusterConnections {
 			}
 		}
 
-		trace!(target: "secretstore_net", "{}: inserting connection to {} at {}", self.self_node_id, connection.node_id(), connection.node_address());
-		connections.insert(connection.node_id().clone(), connection);
+		trace!(target: "secretstore_net", "{}: inserting connection to {} at {}. Connected to {} of {} nodes",
+			self.self_node_id, connection.node_id(), connection.node_address(), data.connections.len() + 1, data.nodes.len());
+		data.connections.insert(connection.node_id().clone(), connection);
 		true
 	}
 
 	pub fn remove(&self, node: &NodeId, is_inbound: bool) {
-		let mut connections = self.connections.write();
-		if let Entry::Occupied(entry) = connections.entry(node.clone()) {
+		let mut data = self.data.write();
+		if let Entry::Occupied(entry) = data.connections.entry(node.clone()) {
 			if entry.get().is_inbound() != is_inbound {
 				return;
 			}
@@ -718,20 +734,64 @@ impl ClusterConnections {
 	}
 
 	pub fn connected_nodes(&self) -> BTreeSet<NodeId> {
-		self.connections.read().keys().cloned().collect()
+		self.data.read().connections.keys().cloned().collect()
 	}
 
 	pub fn active_connections(&self)-> Vec<Arc<Connection>> {
-		self.connections.read().values().cloned().collect()
+		self.data.read().connections.values().cloned().collect()
 	}
 
 	pub fn disconnected_nodes(&self) -> BTreeMap<NodeId, SocketAddr> {
-		let connections = self.connections.read();
-		self.nodes.iter()
-			.filter(|&(node_id, _)| !connections.contains_key(node_id))
+		let data = self.data.read();
+		data.nodes.iter()
+			.filter(|&(node_id, _)| !data.connections.contains_key(node_id))
 			.map(|(node_id, node_address)| (node_id.clone(), node_address.clone()))
 			.collect()
 	}
+
+	pub fn update_nodes_set(&self) {
+		let mut data = self.data.write();
+		let mut new_nodes = self.key_server_set.get();
+		// we do not need to connect to self
+		// + we do not need to try to connect to any other node if we are not the part of a cluster
+		if new_nodes.remove(&self.self_node_id).is_none() {
+			new_nodes.clear();
+		}
+
+		let mut num_added_nodes = 0;
+		let mut num_removed_nodes = 0;
+		let mut num_changed_nodes = 0;
+
+		for obsolete_node in data.nodes.keys().cloned().collect::<Vec<_>>() {
+			if !new_nodes.contains_key(&obsolete_node) {
+				if let Entry::Occupied(entry) = data.connections.entry(obsolete_node) {
+					trace!(target: "secretstore_net", "{}: removing connection to {} at {}", self.self_node_id, entry.get().node_id(), entry.get().node_address());
+					entry.remove();
+				}
+
+				data.nodes.remove(&obsolete_node);
+				num_removed_nodes += 1;
+			}
+		}
+
+		for (new_node_public, new_node_addr) in new_nodes {
+			match data.nodes.insert(new_node_public, new_node_addr) {
+				None => num_added_nodes += 1,
+				Some(old_node_addr) => if new_node_addr != old_node_addr {
+					if let Entry::Occupied(entry) = data.connections.entry(new_node_public) {
+						trace!(target: "secretstore_net", "{}: removing connection to {} at {}", self.self_node_id, entry.get().node_id(), entry.get().node_address());
+						entry.remove();
+					}
+					num_changed_nodes += 1;
+				},
+			}
+		}
+
+		if num_added_nodes != 0 || num_removed_nodes != 0 || num_changed_nodes != 0 {
+			trace!(target: "secretstore_net", "{}: updated nodes set: removed {}, added {}, changed {}. Connected to {} of {} nodes",
+				self.self_node_id, num_removed_nodes, num_added_nodes, num_changed_nodes, data.connections.len(), data.nodes.len());
+		}
+	}
 }
 
 impl ClusterData {
@@ -929,7 +989,7 @@ pub mod tests {
 	use parking_lot::Mutex;
 	use tokio_core::reactor::Core;
 	use ethkey::{Random, Generator, Public};
-	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage};
+	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage, MapKeyServerSet};
 	use key_server_cluster::message::Message;
 	use key_server_cluster::cluster::{Cluster, ClusterCore, ClusterConfiguration};
 	use key_server_cluster::generation_session::{Session as GenerationSession, SessionState as GenerationSessionState};
@@ -999,7 +1059,7 @@ pub mod tests {
 	}
 
 	pub fn all_connections_established(cluster: &Arc<ClusterCore>) -> bool {
-		cluster.config().nodes.keys()
+		cluster.config().key_server_set.get().keys()
 			.filter(|p| *p != cluster.config().self_key_pair.public())
 			.all(|p| cluster.connection(p).is_some())
 	}
@@ -1010,9 +1070,9 @@ pub mod tests {
 			threads: 1,
 			self_key_pair: key_pairs[i].clone(),
 			listen_address: ("127.0.0.1".to_owned(), ports_begin + i as u16),
-			nodes: key_pairs.iter().enumerate()
-				.map(|(j, kp)| (kp.public().clone(), ("127.0.0.1".into(), ports_begin + j as u16)))
-				.collect(),
+			key_server_set: Arc::new(MapKeyServerSet::new(key_pairs.iter().enumerate()
+				.map(|(j, kp)| (kp.public().clone(), format!("127.0.0.1:{}", ports_begin + j as u16).parse().unwrap()))
+				.collect())),
 			allow_connecting_to_higher_nodes: false,
 			key_storage: Arc::new(DummyKeyStorage::default()),
 			acl_storage: Arc::new(DummyAclStorage::default()),
diff --git a/secret_store/src/key_server_cluster/cluster_sessions.rs b/secret_store/src/key_server_cluster/cluster_sessions.rs
index f66ad972f..f8e4974b1 100644
--- a/secret_store/src/key_server_cluster/cluster_sessions.rs
+++ b/secret_store/src/key_server_cluster/cluster_sessions.rs
@@ -135,7 +135,7 @@ impl ClusterSessions {
 	pub fn new(config: &ClusterConfiguration) -> Self {
 		ClusterSessions {
 			self_node_id: config.self_key_pair.public().clone(),
-			nodes: config.nodes.keys().cloned().collect(),
+			nodes: config.key_server_set.get().keys().cloned().collect(),
 			acl_storage: config.acl_storage.clone(),
 			key_storage: config.key_storage.clone(),
 			generation_sessions: ClusterSessionsContainer::new(),
diff --git a/secret_store/src/key_server_cluster/io/handshake.rs b/secret_store/src/key_server_cluster/io/handshake.rs
index 38d8a6ac1..df8f6cbf7 100644
--- a/secret_store/src/key_server_cluster/io/handshake.rs
+++ b/secret_store/src/key_server_cluster/io/handshake.rs
@@ -45,7 +45,7 @@ pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Resul
 		state: state,
 		self_key_pair: self_key_pair,
 		self_confirmation_plain: self_confirmation_plain.unwrap_or(Default::default()),
-		trusted_nodes: trusted_nodes,
+		trusted_nodes: Some(trusted_nodes),
 		other_node_id: None,
 		other_confirmation_plain: None,
 		shared_key: None,
@@ -53,7 +53,7 @@ pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Resul
 }
 
 /// Wait for handshake procedure to be started by another node from the cluster.
-pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let self_confirmation_plain = Random.generate().map(|kp| *kp.secret().clone()).map_err(Into::into);
 	let (error, state) = match self_confirmation_plain.clone() {
 		Ok(_) => (None, HandshakeState::ReceivePublicKey(read_message(a))),
@@ -66,7 +66,7 @@ pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair, trusted_nodes: BTreeSet
 		state: state,
 		self_key_pair: self_key_pair,
 		self_confirmation_plain: self_confirmation_plain.unwrap_or(Default::default()),
-		trusted_nodes: trusted_nodes,
+		trusted_nodes: None,
 		other_node_id: None,
 		other_confirmation_plain: None,
 		shared_key: None,
@@ -89,7 +89,7 @@ pub struct Handshake<A> {
 	state: HandshakeState<A>,
 	self_key_pair: KeyPair,
 	self_confirmation_plain: H256,
-	trusted_nodes: BTreeSet<NodeId>,
+	trusted_nodes: Option<BTreeSet<NodeId>>,
 	other_node_id: Option<NodeId>,
 	other_confirmation_plain: Option<H256>,
 	shared_key: Option<KeyPair>,
@@ -172,7 +172,7 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 					Err(err) => return Ok((stream, Err(err.into())).into()),
 				};
 
-				if !self.trusted_nodes.contains(&*message.node_id) {
+				if !self.trusted_nodes.as_ref().map(|tn| tn.contains(&*message.node_id)).unwrap_or(true) {
 					return Ok((stream, Err(Error::InvalidNodeId)).into());
 				}
 
@@ -300,7 +300,7 @@ mod tests {
 		let trusted_nodes: BTreeSet<_> = vec![io.peer_public().clone()].into_iter().collect();
 		let shared_key = compute_shared_key(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap();
 
-		let mut handshake = accept_handshake(io, self_key_pair, trusted_nodes);
+		let mut handshake = accept_handshake(io, self_key_pair);
 		handshake.set_self_confirmation_plain(self_confirmation_plain);
 
 		let handshake_result = handshake.wait().unwrap();
diff --git a/secret_store/src/key_server_cluster/jobs/job_session.rs b/secret_store/src/key_server_cluster/jobs/job_session.rs
index 7ae1da42a..6608397dd 100644
--- a/secret_store/src/key_server_cluster/jobs/job_session.rs
+++ b/secret_store/src/key_server_cluster/jobs/job_session.rs
@@ -299,22 +299,22 @@ impl<Executor, Transport> JobSession<Executor, Transport> where Executor: JobExe
 			return Err(Error::ConsensusUnreachable);
 		}
 
-		let active_data = self.data.active_data.as_mut()
-			.expect("we have checked that we are on master node; on master nodes active_data is filled during initialization; qed");
-		if active_data.rejects.contains(node) {
-			return Ok(());
-		}
-		if active_data.requests.remove(node) || active_data.responses.remove(node).is_some() {
-			active_data.rejects.insert(node.clone());
-			if self.data.state == JobSessionState::Finished && active_data.responses.len() < self.meta.threshold + 1 {
-				self.data.state = JobSessionState::Active;
-			}
-			if active_data.requests.len() + active_data.responses.len() >= self.meta.threshold + 1 {
+		if let Some(active_data) = self.data.active_data.as_mut() {
+			if active_data.rejects.contains(node) {
 				return Ok(());
 			}
+			if active_data.requests.remove(node) || active_data.responses.remove(node).is_some() {
+				active_data.rejects.insert(node.clone());
+				if self.data.state == JobSessionState::Finished && active_data.responses.len() < self.meta.threshold + 1 {
+					self.data.state = JobSessionState::Active;
+				}
+				if active_data.requests.len() + active_data.responses.len() >= self.meta.threshold + 1 {
+					return Ok(());
+				}
 
-			self.data.state = JobSessionState::Failed;
-			return Err(Error::ConsensusUnreachable);
+				self.data.state = JobSessionState::Failed;
+				return Err(Error::ConsensusUnreachable);
+			}
 		}
 
 		Ok(())
diff --git a/secret_store/src/key_server_cluster/mod.rs b/secret_store/src/key_server_cluster/mod.rs
index 71c505f95..8f6ae4add 100644
--- a/secret_store/src/key_server_cluster/mod.rs
+++ b/secret_store/src/key_server_cluster/mod.rs
@@ -23,6 +23,7 @@ use super::types::all::ServerKeyId;
 pub use super::types::all::{NodeId, EncryptedDocumentKeyShadow};
 pub use super::acl_storage::AclStorage;
 pub use super::key_storage::{KeyStorage, DocumentKeyShare};
+pub use super::key_server_set::KeyServerSet;
 pub use super::serialization::{SerializableSignature, SerializableH256, SerializableSecret, SerializablePublic, SerializableMessageHash};
 pub use self::cluster::{ClusterCore, ClusterConfiguration, ClusterClient};
 pub use self::generation_session::Session as GenerationSession;
@@ -33,6 +34,8 @@ pub use self::decryption_session::Session as DecryptionSession;
 pub use super::key_storage::tests::DummyKeyStorage;
 #[cfg(test)]
 pub use super::acl_storage::tests::DummyAclStorage;
+#[cfg(test)]
+pub use super::key_server_set::tests::MapKeyServerSet;
 
 pub type SessionId = ServerKeyId;
 
diff --git a/secret_store/src/key_server_cluster/net/accept_connection.rs b/secret_store/src/key_server_cluster/net/accept_connection.rs
index 0daa8b2da..339625f3f 100644
--- a/secret_store/src/key_server_cluster/net/accept_connection.rs
+++ b/secret_store/src/key_server_cluster/net/accept_connection.rs
@@ -17,19 +17,18 @@
 use std::io;
 use std::net::SocketAddr;
 use std::time::Duration;
-use std::collections::BTreeSet;
 use futures::{Future, Poll};
 use tokio_core::reactor::Handle;
 use tokio_core::net::TcpStream;
 use ethkey::KeyPair;
-use key_server_cluster::{Error, NodeId};
+use key_server_cluster::Error;
 use key_server_cluster::io::{accept_handshake, Handshake, Deadline, deadline};
 use key_server_cluster::net::Connection;
 
 /// Create future for accepting incoming connection.
-pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Deadline<AcceptConnection> {
+pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: KeyPair) -> Deadline<AcceptConnection> {
 	let accept = AcceptConnection {
-		handshake: accept_handshake(stream, self_key_pair, trusted_nodes),
+		handshake: accept_handshake(stream, self_key_pair),
 		address: address,
 	};
 
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
new file mode 100644
index 000000000..e17dceed5
--- /dev/null
+++ b/secret_store/src/key_server_set.rs
@@ -0,0 +1,204 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::sync::{Arc, Weak};
+use std::net::SocketAddr;
+use std::collections::BTreeMap;
+use futures::{future, Future};
+use parking_lot::Mutex;
+use ethcore::filter::Filter;
+use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify};
+use native_contracts::KeyServerSet as KeyServerSetContract;
+use util::{H256, Address, Bytes, Hashable};
+use types::all::{Error, Public, NodeAddress};
+
+const KEY_SERVER_SET_CONTRACT_REGISTRY_NAME: &'static str = "secretstore_server_set";
+
+/// Key server has been added to the set.
+const ADDED_EVENT_NAME: &'static [u8] = &*b"KeyServerAdded(address)";
+/// Key server has been removed from the set.
+const REMOVED_EVENT_NAME: &'static [u8] = &*b"KeyServerRemoved(address)";
+
+lazy_static! {
+	static ref ADDED_EVENT_NAME_HASH: H256 = ADDED_EVENT_NAME.sha3();
+	static ref REMOVED_EVENT_NAME_HASH: H256 = REMOVED_EVENT_NAME.sha3();
+}
+
+/// Key Server set
+pub trait KeyServerSet: Send + Sync {
+	/// Get set of configured key servers
+	fn get(&self) -> BTreeMap<Public, SocketAddr>;
+}
+
+/// On-chain Key Server set implementation.
+pub struct OnChainKeyServerSet {
+	/// Cached on-chain contract.
+	contract: Mutex<CachedContract>,
+}
+
+/// Cached on-chain Key Server set contract.
+struct CachedContract {
+	/// Blockchain client.
+	client: Weak<Client>,
+	/// Contract address.
+	contract_addr: Option<Address>,
+	/// Active set of key servers.
+	key_servers: BTreeMap<Public, SocketAddr>,
+}
+
+impl OnChainKeyServerSet {
+	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Arc<Self>, Error> {
+		let mut cached_contract = CachedContract::new(client, key_servers)?;
+		let key_server_contract_address = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
+		// only initialize from contract if it is installed. otherwise - use default nodes
+		// once the contract is installed, all default nodes are lost (if not in the contract' set)
+		if key_server_contract_address.is_some() {
+			cached_contract.read_from_registry(&*client, key_server_contract_address);
+		}
+
+		let key_server_set = Arc::new(OnChainKeyServerSet {
+			contract: Mutex::new(cached_contract),
+		});
+		client.add_notify(key_server_set.clone());
+		Ok(key_server_set)
+	}
+}
+
+impl KeyServerSet for OnChainKeyServerSet {
+	fn get(&self) -> BTreeMap<Public, SocketAddr> {
+		self.contract.lock().get()
+	}
+}
+
+impl ChainNotify for OnChainKeyServerSet {
+	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, enacted: Vec<H256>, retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
+		if !enacted.is_empty() || !retracted.is_empty() {
+			self.contract.lock().update(enacted, retracted)
+		}
+	}
+}
+
+impl CachedContract {
+	pub fn new(client: &Arc<Client>, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Self, Error> {
+		Ok(CachedContract {
+			client: Arc::downgrade(client),
+			contract_addr: None,
+			key_servers: key_servers.into_iter()
+				.map(|(p, addr)| {
+					let addr = format!("{}:{}", addr.address, addr.port).parse()
+						.map_err(|err| Error::Internal(format!("error parsing node address: {}", err)))?;
+					Ok((p, addr))
+				})
+				.collect::<Result<BTreeMap<_, _>, Error>>()?,
+		})
+	}
+
+	pub fn update(&mut self, enacted: Vec<H256>, retracted: Vec<H256>) {
+		if let Some(client) = self.client.upgrade() {
+			let new_contract_addr = client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned());
+
+			// new contract installed => read nodes set from the contract
+			if self.contract_addr.as_ref() != new_contract_addr.as_ref() {
+				self.read_from_registry(&*client, new_contract_addr);
+				return;
+			}
+
+			// check for contract events
+			let is_set_changed = self.contract_addr.is_some() && enacted.iter()
+				.chain(retracted.iter())
+				.any(|block_hash| !client.logs(Filter {
+					from_block: BlockId::Hash(block_hash.clone()),
+					to_block: BlockId::Hash(block_hash.clone()),
+					address: self.contract_addr.clone().map(|a| vec![a]),
+					topics: vec![
+						Some(vec![*ADDED_EVENT_NAME_HASH, *REMOVED_EVENT_NAME_HASH]),
+						None,
+						None,
+						None,
+					],
+					limit: Some(1),
+				}).is_empty());
+			// to simplify processing - just re-read the whole nodes set from the contract
+			if is_set_changed {
+				self.read_from_registry(&*client, new_contract_addr);
+			}
+		}
+	}
+
+	pub fn get(&self) -> BTreeMap<Public, SocketAddr> {
+		self.key_servers.clone()
+	}
+
+	fn read_from_registry(&mut self, client: &Client, new_contract_address: Option<Address>) {
+		self.key_servers = new_contract_address.map(|contract_addr| {
+			trace!(target: "secretstore", "Configuring for key server set contract from {}", contract_addr);
+
+			KeyServerSetContract::new(contract_addr)
+		})
+		.map(|contract| {
+			let mut key_servers = BTreeMap::new();
+			let do_call = |a, d| future::done(client.call_contract(BlockId::Latest, a, d));
+			let key_servers_list = contract.get_key_servers(do_call).wait()
+				.map_err(|err| { trace!(target: "secretstore", "Error {} reading list of key servers from contract", err); err })
+				.unwrap_or_default();
+			for key_server in key_servers_list {
+				let key_server_public = contract.get_key_server_public(
+					|a, d| future::done(client.call_contract(BlockId::Latest, a, d)), key_server).wait()
+					.and_then(|p| if p.len() == 64 { Ok(Public::from_slice(&p)) } else { Err(format!("Invalid public length {}", p.len())) });
+				let key_server_ip = contract.get_key_server_address(
+					|a, d| future::done(client.call_contract(BlockId::Latest, a, d)), key_server).wait()
+					.and_then(|a| a.parse().map_err(|e| format!("Invalid ip address: {}", e)));
+
+				// only add successfully parsed nodes
+				match (key_server_public, key_server_ip) {
+					(Ok(key_server_public), Ok(key_server_ip)) => { key_servers.insert(key_server_public, key_server_ip); },
+					(Err(public_err), _) => warn!(target: "secretstore_net", "received invalid public from key server set contract: {}", public_err),
+					(_, Err(ip_err)) => warn!(target: "secretstore_net", "received invalid IP from key server set contract: {}", ip_err),
+				}
+			}
+			key_servers
+		})
+		.unwrap_or_default();
+		self.contract_addr = new_contract_address;
+	}
+}
+
+#[cfg(test)]
+pub mod tests {
+	use std::collections::BTreeMap;
+	use std::net::SocketAddr;
+	use ethkey::Public;
+	use super::KeyServerSet;
+
+	#[derive(Default)]
+	pub struct MapKeyServerSet {
+		nodes: BTreeMap<Public, SocketAddr>,
+	}
+
+	impl MapKeyServerSet {
+		pub fn new(nodes: BTreeMap<Public, SocketAddr>) -> Self {
+			MapKeyServerSet {
+				nodes: nodes,
+			}
+		}
+	}
+
+	impl KeyServerSet for MapKeyServerSet {
+		fn get(&self) -> BTreeMap<Public, SocketAddr> {
+			self.nodes.clone()
+		}
+	}
+}
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index f8a74dd1a..9750f7223 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -21,6 +21,8 @@ extern crate log;
 extern crate futures;
 extern crate futures_cpupool;
 extern crate hyper;
+#[macro_use]
+extern crate lazy_static;
 extern crate parking_lot;
 extern crate rustc_hex;
 extern crate serde;
@@ -56,6 +58,7 @@ mod http_listener;
 mod key_server;
 mod key_storage;
 mod serialization;
+mod key_server_set;
 
 use std::sync::Arc;
 use ethcore::client::Client;
@@ -68,9 +71,10 @@ pub use traits::{KeyServer};
 pub fn start(client: Arc<Client>, config: ServiceConfiguration) -> Result<Box<KeyServer>, Error> {
 	use std::sync::Arc;
 
-	let acl_storage = Arc::new(acl_storage::OnChainAclStorage::new(client));
+	let acl_storage = acl_storage::OnChainAclStorage::new(&client);
+	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone())?;
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
-	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, acl_storage, key_storage)?;
+	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, acl_storage, key_storage)?;
 	let listener = http_listener::KeyServerHttpListener::start(&config.listener_address, key_server)?;
 	Ok(Box::new(listener))
 }

From afbda7baa8a17add547d7b39635bb8d29a88716f Mon Sep 17 00:00:00 2001
From: Afri <5chdn@users.noreply.github.com>
Date: Tue, 8 Aug 2017 20:18:00 +0200
Subject: [PATCH 041/112] Bump master to 1.8.0 (#6256)

* Bump master to 1.8.0

* Use jsonrpc-core to avoid breaking master

* Update Cargo.lock
---
 Cargo.lock            | 2 +-
 Cargo.toml            | 2 +-
 mac/Parity.pkgproj    | 2 +-
 mac/Parity/Info.plist | 2 +-
 nsis/installer.nsi    | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index e705e39f9..82fbf0ae9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1787,7 +1787,7 @@ dependencies = [
 
 [[package]]
 name = "parity"
-version = "1.7.0"
+version = "1.8.0"
 dependencies = [
  "ansi_term 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "app_dirs 1.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/Cargo.toml b/Cargo.toml
index 03d9c9664..3adaf62d4 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 description = "Parity Ethereum client"
 name = "parity"
-version = "1.7.0"
+version = "1.8.0"
 license = "GPL-3.0"
 authors = ["Parity Technologies <admin@parity.io>"]
 build = "build.rs"
diff --git a/mac/Parity.pkgproj b/mac/Parity.pkgproj
index cc7810dba..1c87af629 100755
--- a/mac/Parity.pkgproj
+++ b/mac/Parity.pkgproj
@@ -462,7 +462,7 @@
 				<key>OVERWRITE_PERMISSIONS</key>
 				<false/>
 				<key>VERSION</key>
-				<string>1.7.0</string>
+				<string>1.8.0</string>
 			</dict>
 			<key>UUID</key>
 			<string>2DCD5B81-7BAF-4DA1-9251-6274B089FD36</string>
diff --git a/mac/Parity/Info.plist b/mac/Parity/Info.plist
index 017939aec..dba951778 100644
--- a/mac/Parity/Info.plist
+++ b/mac/Parity/Info.plist
@@ -17,7 +17,7 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.6</string>
+	<string>1.8</string>
 	<key>CFBundleVersion</key>
 	<string>1</string>
 	<key>LSApplicationCategoryType</key>
diff --git a/nsis/installer.nsi b/nsis/installer.nsi
index 7173beccc..5b7940302 100644
--- a/nsis/installer.nsi
+++ b/nsis/installer.nsi
@@ -9,7 +9,7 @@
 !define COMPANYNAME "Parity"
 !define DESCRIPTION "Fast, light, robust Ethereum implementation"
 !define VERSIONMAJOR 1
-!define VERSIONMINOR 7
+!define VERSIONMINOR 8
 !define VERSIONBUILD 0
 !define ARGS "--warp"
 !define FIRST_START_ARGS "ui --warp --mode=passive"

From 72fa6a79a244d6aa396704a59c935f21e99d39c0 Mon Sep 17 00:00:00 2001
From: Afri <5chdn@users.noreply.github.com>
Date: Wed, 9 Aug 2017 08:43:40 +0200
Subject: [PATCH 042/112] Add GitHub issue templates. (#6259)

* Prepare GH templates for contributors

* Add GH issue template

* Add homebrew as option
---
 .github/ISSUE_TEMPLATE.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 .github/ISSUE_TEMPLATE.md

diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md
new file mode 100644
index 000000000..f4b5311d5
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,12 @@
+_Before filing a new issue, please **provide the following information**._
+
+> I'm running:
+>
+> - **Parity version**: 0.0.0
+> - **Operating system**: Windows / MacOS / Linux
+> - **And installed**: via installer / homebrew / binaries / from source
+
+_Your issue description goes here below. Try to include **actual** vs. **expected behavior** and **steps to reproduce** the issue._
+
+---
+

From e93466c897bf2a2eeb8e47b916417bf1f7e0990b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Wed, 9 Aug 2017 08:45:07 +0200
Subject: [PATCH 043/112] Using multiple NTP servers (#6173)

* Small improvements to time estimation.

* Allow multiple NTP servers to be used.

* Removing boxing.

* Be nice.

* Be nicer.

* Update list of servers and add reference.
---
 dapps/src/api/api.rs           |   3 +-
 dapps/src/api/time.rs          | 158 +++++++++++++++++++++++++--------
 dapps/src/lib.rs               |  14 +--
 dapps/src/tests/helpers/mod.rs |   2 +-
 parity/cli/config.toml         |   2 +-
 parity/cli/mod.rs              |  10 +--
 parity/cli/usage.txt           |   8 +-
 parity/configuration.rs        |  29 ++++--
 parity/dapps.rs                |  27 +++---
 parity/rpc.rs                  |   9 +-
 parity/run.rs                  |   4 +-
 11 files changed, 188 insertions(+), 78 deletions(-)

diff --git a/dapps/src/api/api.rs b/dapps/src/api/api.rs
index 3f1c50de8..7bd7fa049 100644
--- a/dapps/src/api/api.rs
+++ b/dapps/src/api/api.rs
@@ -21,7 +21,7 @@ use hyper::method::Method;
 use hyper::status::StatusCode;
 
 use api::{response, types};
-use api::time::TimeChecker;
+use api::time::{TimeChecker, MAX_DRIFT};
 use apps::fetcher::Fetcher;
 use handlers::{self, extract_url};
 use endpoint::{Endpoint, Handler, EndpointPath};
@@ -122,7 +122,6 @@ impl RestApiRouter {
 
 			// Check time
 			let time = {
-				const MAX_DRIFT: i64 = 500;
 				let (status, message, details) = match time {
 					Ok(Ok(diff)) if diff < MAX_DRIFT && diff > -MAX_DRIFT => {
 						(HealthStatus::Ok, "".into(), diff)
diff --git a/dapps/src/api/time.rs b/dapps/src/api/time.rs
index 3117f4cc9..06b9cee7f 100644
--- a/dapps/src/api/time.rs
+++ b/dapps/src/api/time.rs
@@ -33,11 +33,13 @@
 
 use std::io;
 use std::{fmt, mem, time};
-use std::sync::Arc;
 use std::collections::VecDeque;
+use std::sync::atomic::{self, AtomicUsize};
+use std::sync::Arc;
 
 use futures::{self, Future, BoxFuture};
-use futures_cpupool::CpuPool;
+use futures::future::{self, IntoFuture};
+use futures_cpupool::{CpuPool, CpuFuture};
 use ntp;
 use time::{Duration, Timespec};
 use util::RwLock;
@@ -45,6 +47,8 @@ use util::RwLock;
 /// Time checker error.
 #[derive(Debug, Clone, PartialEq)]
 pub enum Error {
+	/// No servers are currently available for a query.
+	NoServersAvailable,
 	/// There was an error when trying to reach the NTP server.
 	Ntp(String),
 	/// IO error when reading NTP response.
@@ -56,6 +60,7 @@ impl fmt::Display for Error {
 		use self::Error::*;
 
 		match *self {
+			NoServersAvailable => write!(fmt, "No NTP servers available"),
 			Ntp(ref err) => write!(fmt, "NTP error: {}", err),
 			Io(ref err) => write!(fmt, "Connection Error: {}", err),
 		}
@@ -72,58 +77,123 @@ impl From<ntp::errors::Error> for Error {
 
 /// NTP time drift checker.
 pub trait Ntp {
+	/// Returned Future.
+	type Future: IntoFuture<Item=Duration, Error=Error>;
+
 	/// Returns the current time drift.
-	fn drift(&self) -> BoxFuture<Duration, Error>;
+	fn drift(&self) -> Self::Future;
+}
+
+const SERVER_MAX_POLL_INTERVAL_SECS: u64 = 60;
+#[derive(Debug)]
+struct Server {
+	pub address: String,
+	next_call: RwLock<time::Instant>,
+	failures: AtomicUsize,
+}
+
+impl Server {
+	pub fn is_available(&self) -> bool {
+		*self.next_call.read() < time::Instant::now()
+	}
+
+	pub fn report_success(&self) {
+		self.failures.store(0, atomic::Ordering::SeqCst);
+		self.update_next_call(1)
+	}
+
+	pub fn report_failure(&self) {
+		let errors = self.failures.fetch_add(1, atomic::Ordering::SeqCst);
+		self.update_next_call(1 << errors)
+	}
+
+	fn update_next_call(&self, delay: usize) {
+		*self.next_call.write() = time::Instant::now() + time::Duration::from_secs(delay as u64 * SERVER_MAX_POLL_INTERVAL_SECS);
+	}
+}
+
+impl<T: AsRef<str>> From<T> for Server {
+	fn from(t: T) -> Self {
+		Server {
+			address: t.as_ref().to_owned(),
+			next_call: RwLock::new(time::Instant::now()),
+			failures: Default::default(),
+		}
+	}
 }
 
 /// NTP client using the SNTP algorithm for calculating drift.
 #[derive(Clone)]
 pub struct SimpleNtp {
-	address: Arc<String>,
+	addresses: Vec<Arc<Server>>,
 	pool: CpuPool,
 }
 
 impl fmt::Debug for SimpleNtp {
 	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-		write!(f, "Ntp {{ address: {} }}", self.address)
+		f
+			.debug_struct("SimpleNtp")
+			.field("addresses", &self.addresses)
+			.finish()
 	}
 }
 
 impl SimpleNtp {
-	fn new(address: &str, pool: CpuPool) -> SimpleNtp {
+	fn new<T: AsRef<str>>(addresses: &[T], pool: CpuPool) -> SimpleNtp {
 		SimpleNtp {
-			address: Arc::new(address.to_owned()),
+			addresses: addresses.iter().map(Server::from).map(Arc::new).collect(),
 			pool: pool,
 		}
 	}
 }
 
 impl Ntp for SimpleNtp {
-	fn drift(&self) -> BoxFuture<Duration, Error> {
-		let address = self.address.clone();
-		if &*address == "none" {
-			return futures::future::err(Error::Ntp("NTP server is not provided.".into())).boxed();
-		}
+	type Future = future::Either<
+		CpuFuture<Duration, Error>,
+		future::FutureResult<Duration, Error>,
+	>;
 
-		self.pool.spawn_fn(move || {
-			let packet = ntp::request(&*address)?;
-			let dest_time = ::time::now_utc().to_timespec();
-			let orig_time = Timespec::from(packet.orig_time);
-			let recv_time = Timespec::from(packet.recv_time);
-			let transmit_time = Timespec::from(packet.transmit_time);
+	fn drift(&self) -> Self::Future {
+		use self::future::Either::{A, B};
 
-			let drift = ((recv_time - orig_time) + (transmit_time - dest_time)) / 2;
+		let server = self.addresses.iter().find(|server| server.is_available());
+		server.map(|server| {
+			let server = server.clone();
+			A(self.pool.spawn_fn(move || {
+				debug!(target: "dapps", "Fetching time from {}.", server.address);
 
-			Ok(drift)
-		}).boxed()
+				match ntp::request(&server.address) {
+					Ok(packet) => {
+						let dest_time = ::time::now_utc().to_timespec();
+						let orig_time = Timespec::from(packet.orig_time);
+						let recv_time = Timespec::from(packet.recv_time);
+						let transmit_time = Timespec::from(packet.transmit_time);
+
+						let drift = ((recv_time - orig_time) + (transmit_time - dest_time)) / 2;
+
+						server.report_success();
+						Ok(drift)
+					},
+					Err(err) => {
+						server.report_failure();
+						Err(err.into())
+					},
+				}
+			}))
+		}).unwrap_or_else(|| B(future::err(Error::NoServersAvailable)))
 	}
 }
 
 // NOTE In a positive scenario first results will be seen after:
-// MAX_RESULTS * UPDATE_TIMEOUT_OK_SECS seconds.
-const MAX_RESULTS: usize = 7;
-const UPDATE_TIMEOUT_OK_SECS: u64 = 30;
-const UPDATE_TIMEOUT_ERR_SECS: u64 = 2;
+// MAX_RESULTS * UPDATE_TIMEOUT_INCOMPLETE_SECS seconds.
+const MAX_RESULTS: usize = 4;
+const UPDATE_TIMEOUT_OK_SECS: u64 = 6 * 60 * 60;
+const UPDATE_TIMEOUT_WARN_SECS: u64 = 15 * 60;
+const UPDATE_TIMEOUT_ERR_SECS: u64 = 60;
+const UPDATE_TIMEOUT_INCOMPLETE_SECS: u64 = 10;
+
+/// Maximal valid time drift.
+pub const MAX_DRIFT: i64 = 500;
 
 #[derive(Debug, Clone)]
 /// A time checker.
@@ -134,13 +204,13 @@ pub struct TimeChecker<N: Ntp = SimpleNtp> {
 
 impl TimeChecker<SimpleNtp> {
 	/// Creates new time checker given the NTP server address.
-	pub fn new(ntp_address: String, pool: CpuPool) -> Self {
+	pub fn new<T: AsRef<str>>(ntp_addresses: &[T], pool: CpuPool) -> Self {
 		let last_result = Arc::new(RwLock::new(
 			// Assume everything is ok at the very beginning.
 			(time::Instant::now(), vec![Ok(0)].into())
 		));
 
-		let ntp = SimpleNtp::new(&ntp_address, pool);
+		let ntp = SimpleNtp::new(ntp_addresses, pool);
 
 		TimeChecker {
 			ntp,
@@ -149,22 +219,34 @@ impl TimeChecker<SimpleNtp> {
 	}
 }
 
-impl<N: Ntp> TimeChecker<N> {
+impl<N: Ntp> TimeChecker<N> where <N::Future as IntoFuture>::Future: Send + 'static {
 	/// Updates the time
 	pub fn update(&self) -> BoxFuture<i64, Error> {
+		trace!(target: "dapps", "Updating time from NTP.");
 		let last_result = self.last_result.clone();
-		self.ntp.drift().then(move |res| {
+		self.ntp.drift().into_future().then(move |res| {
+			let res = res.map(|d| d.num_milliseconds());
+
+			if let Err(Error::NoServersAvailable) = res {
+				debug!(target: "dapps", "No NTP servers available. Selecting an older result.");
+				return select_result(last_result.read().1.iter());
+			}
+
+			// Update the results.
 			let mut results = mem::replace(&mut last_result.write().1, VecDeque::new());
+			let has_all_results = results.len() >= MAX_RESULTS;
 			let valid_till = time::Instant::now() + time::Duration::from_secs(
-				if res.is_ok() && results.len() == MAX_RESULTS {
-					UPDATE_TIMEOUT_OK_SECS
-				} else {
-					UPDATE_TIMEOUT_ERR_SECS
+				match res {
+					Ok(time) if has_all_results && time < MAX_DRIFT => UPDATE_TIMEOUT_OK_SECS,
+					Ok(_) if has_all_results => UPDATE_TIMEOUT_WARN_SECS,
+					Err(_) if has_all_results => UPDATE_TIMEOUT_ERR_SECS,
+					_ => UPDATE_TIMEOUT_INCOMPLETE_SECS,
 				}
 			);
 
+			trace!(target: "dapps", "New time drift received: {:?}", res);
 			// Push the result.
-			results.push_back(res.map(|d| d.num_milliseconds()));
+			results.push_back(res);
 			while results.len() > MAX_RESULTS {
 				results.pop_front();
 			}
@@ -209,7 +291,7 @@ mod tests {
 	use std::cell::{Cell, RefCell};
 	use std::time::Instant;
 	use time::Duration;
-	use futures::{self, BoxFuture, Future};
+	use futures::{future, Future};
 	use super::{Ntp, TimeChecker, Error};
 	use util::RwLock;
 
@@ -224,9 +306,11 @@ mod tests {
 	}
 
 	impl Ntp for FakeNtp {
-		fn drift(&self) -> BoxFuture<Duration, Error> {
+		type Future = future::FutureResult<Duration, Error>;
+
+		fn drift(&self) -> Self::Future {
 			self.1.set(self.1.get() + 1);
-			futures::future::ok(self.0.borrow_mut().pop().expect("Unexpected call to drift().")).boxed()
+			future::ok(self.0.borrow_mut().pop().expect("Unexpected call to drift()."))
 		}
 	}
 
diff --git a/dapps/src/lib.rs b/dapps/src/lib.rs
index 0cb7024cc..f34c24cae 100644
--- a/dapps/src/lib.rs
+++ b/dapps/src/lib.rs
@@ -130,7 +130,7 @@ impl Middleware {
 
 	/// Creates new middleware for UI server.
 	pub fn ui<F: Fetch>(
-		ntp_server: &str,
+		ntp_servers: &[String],
 		pool: CpuPool,
 		remote: Remote,
 		dapps_domain: &str,
@@ -146,7 +146,7 @@ impl Middleware {
 		).embeddable_on(None).allow_dapps(false));
 		let special = {
 			let mut special = special_endpoints(
-				ntp_server,
+				ntp_servers,
 				pool,
 				content_fetcher.clone(),
 				remote.clone(),
@@ -171,7 +171,7 @@ impl Middleware {
 
 	/// Creates new Dapps server middleware.
 	pub fn dapps<F: Fetch>(
-		ntp_server: &str,
+		ntp_servers: &[String],
 		pool: CpuPool,
 		remote: Remote,
 		ui_address: Option<(String, u16)>,
@@ -203,7 +203,7 @@ impl Middleware {
 
 		let special = {
 			let mut special = special_endpoints(
-				ntp_server,
+				ntp_servers,
 				pool,
 				content_fetcher.clone(),
 				remote.clone(),
@@ -237,8 +237,8 @@ impl http::RequestMiddleware for Middleware {
 	}
 }
 
-fn special_endpoints(
-	ntp_server: &str,
+fn special_endpoints<T: AsRef<str>>(
+	ntp_servers: &[T],
 	pool: CpuPool,
 	content_fetcher: Arc<apps::fetcher::Fetcher>,
 	remote: Remote,
@@ -250,7 +250,7 @@ fn special_endpoints(
 	special.insert(router::SpecialEndpoint::Api, Some(api::RestApi::new(
 		content_fetcher,
 		sync_status,
-		api::TimeChecker::new(ntp_server.into(), pool),
+		api::TimeChecker::new(ntp_servers, pool),
 		remote,
 	)));
 	special
diff --git a/dapps/src/tests/helpers/mod.rs b/dapps/src/tests/helpers/mod.rs
index 2d9d5f341..38dd82de6 100644
--- a/dapps/src/tests/helpers/mod.rs
+++ b/dapps/src/tests/helpers/mod.rs
@@ -255,7 +255,7 @@ impl Server {
 		fetch: F,
 	) -> Result<Server, http::Error> {
 		let middleware = Middleware::dapps(
-			"pool.ntp.org:123",
+			&["0.pool.ntp.org:123".into(), "1.pool.ntp.org:123".into()],
 			CpuPool::new(4),
 			remote,
 			signer_address,
diff --git a/parity/cli/config.toml b/parity/cli/config.toml
index 4af4ca076..08da653de 100644
--- a/parity/cli/config.toml
+++ b/parity/cli/config.toml
@@ -78,7 +78,7 @@ disable_periodic = true
 jit = false
 
 [misc]
-ntp_server = "pool.ntp.org:123"
+ntp_servers = ["0.parity.pool.ntp.org:123"]
 logging = "own_tx=trace"
 log_file = "/var/log/parity.log"
 color = true
diff --git a/parity/cli/mod.rs b/parity/cli/mod.rs
index c10069b02..b978918ce 100644
--- a/parity/cli/mod.rs
+++ b/parity/cli/mod.rs
@@ -359,8 +359,8 @@ usage! {
 			or |c: &Config| otry!(c.vm).jit.clone(),
 
 		// -- Miscellaneous Options
-		flag_ntp_server: String = "none",
-			or |c: &Config| otry!(c.misc).ntp_server.clone(),
+		flag_ntp_servers: String = "0.parity.pool.ntp.org:123,1.parity.pool.ntp.org:123,2.parity.pool.ntp.org:123,3.parity.pool.ntp.org:123",
+			or |c: &Config| otry!(c.misc).ntp_servers.clone().map(|vec| vec.join(",")),
 		flag_logging: Option<String> = None,
 			or |c: &Config| otry!(c.misc).logging.clone().map(Some),
 		flag_log_file: Option<String> = None,
@@ -606,7 +606,7 @@ struct VM {
 
 #[derive(Default, Debug, PartialEq, Deserialize)]
 struct Misc {
-	ntp_server: Option<String>,
+	ntp_servers: Option<Vec<String>>,
 	logging: Option<String>,
 	log_file: Option<String>,
 	color: Option<bool>,
@@ -919,7 +919,7 @@ mod tests {
 			flag_dapps_apis_all: None,
 
 			// -- Miscellaneous Options
-			flag_ntp_server: "none".into(),
+			flag_ntp_servers: "0.parity.pool.ntp.org:123,1.parity.pool.ntp.org:123,2.parity.pool.ntp.org:123,3.parity.pool.ntp.org:123".into(),
 			flag_version: false,
 			flag_logging: Some("own_tx=trace".into()),
 			flag_log_file: Some("/var/log/parity.log".into()),
@@ -1098,7 +1098,7 @@ mod tests {
 				jit: Some(false),
 			}),
 			misc: Some(Misc {
-				ntp_server: Some("pool.ntp.org:123".into()),
+				ntp_servers: Some(vec!["0.parity.pool.ntp.org:123".into()]),
 				logging: Some("own_tx=trace".into()),
 				log_file: Some("/var/log/parity.log".into()),
 				color: Some(true),
diff --git a/parity/cli/usage.txt b/parity/cli/usage.txt
index c1d1ab9de..cb090dced 100644
--- a/parity/cli/usage.txt
+++ b/parity/cli/usage.txt
@@ -78,7 +78,7 @@ Operating Options:
 
 Convenience Options:
 -c --config CONFIG                 Specify a configuration. CONFIG may be either a
-                                   configuration file or a preset: dev, insecure, dev-insecure, 
+                                   configuration file or a preset: dev, insecure, dev-insecure,
                                    mining, or non-standard-ports.
                                    (default: {flag_config}).
   --ports-shift SHIFT              Add SHIFT to all port numbers Parity is listening on.
@@ -483,8 +483,10 @@ Internal Options:
   --can-restart                    Executable will auto-restart if exiting with 69.
 
 Miscellaneous Options:
-  --ntp-server HOST                NTP server to provide current time (host:port). Used to verify node health.
-                                   (default: {flag_ntp_server})
+  --ntp-servers HOSTS              Comma separated list of NTP servers to provide current time (host:port).
+                                   Used to verify node health. Parity uses pool.ntp.org NTP servers,
+                                   consider joining the pool: http://www.pool.ntp.org/join.html
+                                   (default: {flag_ntp_servers})
   -l --logging LOGGING             Specify the logging level. Must conform to the same
                                    format as RUST_LOG. (default: {flag_logging:?})
   --log-file FILENAME              Specify a filename into which logging should be
diff --git a/parity/configuration.rs b/parity/configuration.rs
index 7a80f8f93..b28d2608e 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -551,10 +551,14 @@ impl Configuration {
 		Ok(options)
 	}
 
+	fn ntp_servers(&self) -> Vec<String> {
+		self.args.flag_ntp_servers.split(",").map(str::to_owned).collect()
+	}
+
 	fn ui_config(&self) -> UiConfiguration {
 		UiConfiguration {
 			enabled: self.ui_enabled(),
-			ntp_server: self.args.flag_ntp_server.clone(),
+			ntp_servers: self.ntp_servers(),
 			interface: self.ui_interface(),
 			port: self.args.flag_ports_shift + self.args.flag_ui_port,
 			hosts: self.ui_hosts(),
@@ -564,7 +568,7 @@ impl Configuration {
 	fn dapps_config(&self) -> DappsConfiguration {
 		DappsConfiguration {
 			enabled: self.dapps_enabled(),
-			ntp_server: self.args.flag_ntp_server.clone(),
+			ntp_servers: self.ntp_servers(),
 			dapps_path: PathBuf::from(self.directories().dapps),
 			extra_dapps: if self.args.cmd_dapp {
 				self.args.arg_path.iter().map(|path| PathBuf::from(path)).collect()
@@ -1278,7 +1282,12 @@ mod tests {
 			support_token_api: true
 		}, UiConfiguration {
 			enabled: true,
-			ntp_server: "none".into(),
+			ntp_servers: vec![
+				"0.parity.pool.ntp.org:123".into(),
+				"1.parity.pool.ntp.org:123".into(),
+				"2.parity.pool.ntp.org:123".into(),
+				"3.parity.pool.ntp.org:123".into(),
+			],
 			interface: "127.0.0.1".into(),
 			port: 8180,
 			hosts: Some(vec![]),
@@ -1521,10 +1530,16 @@ mod tests {
 		let conf3 = parse(&["parity", "--ui-path", "signer", "--ui-interface", "test"]);
 
 		// then
+		let ntp_servers = vec![
+			"0.parity.pool.ntp.org:123".into(),
+			"1.parity.pool.ntp.org:123".into(),
+			"2.parity.pool.ntp.org:123".into(),
+			"3.parity.pool.ntp.org:123".into(),
+		];
 		assert_eq!(conf0.directories().signer, "signer".to_owned());
 		assert_eq!(conf0.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_server: "none".into(),
+			ntp_servers: ntp_servers.clone(),
 			interface: "127.0.0.1".into(),
 			port: 8180,
 			hosts: Some(vec![]),
@@ -1533,7 +1548,7 @@ mod tests {
 		assert_eq!(conf1.directories().signer, "signer".to_owned());
 		assert_eq!(conf1.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_server: "none".into(),
+			ntp_servers: ntp_servers.clone(),
 			interface: "127.0.0.1".into(),
 			port: 8180,
 			hosts: Some(vec![]),
@@ -1543,7 +1558,7 @@ mod tests {
 		assert_eq!(conf2.directories().signer, "signer".to_owned());
 		assert_eq!(conf2.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_server: "none".into(),
+			ntp_servers: ntp_servers.clone(),
 			interface: "127.0.0.1".into(),
 			port: 3123,
 			hosts: Some(vec![]),
@@ -1552,7 +1567,7 @@ mod tests {
 		assert_eq!(conf3.directories().signer, "signer".to_owned());
 		assert_eq!(conf3.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_server: "none".into(),
+			ntp_servers: ntp_servers.clone(),
 			interface: "test".into(),
 			port: 8180,
 			hosts: Some(vec![]),
diff --git a/parity/dapps.rs b/parity/dapps.rs
index cec3765f2..a67b3fe3a 100644
--- a/parity/dapps.rs
+++ b/parity/dapps.rs
@@ -36,7 +36,7 @@ use util::{Bytes, Address};
 #[derive(Debug, PartialEq, Clone)]
 pub struct Configuration {
 	pub enabled: bool,
-	pub ntp_server: String,
+	pub ntp_servers: Vec<String>,
 	pub dapps_path: PathBuf,
 	pub extra_dapps: Vec<PathBuf>,
 	pub extra_embed_on: Vec<(String, u16)>,
@@ -47,7 +47,12 @@ impl Default for Configuration {
 		let data_dir = default_data_path();
 		Configuration {
 			enabled: true,
-			ntp_server: "none".into(),
+			ntp_servers: vec![
+				"0.parity.pool.ntp.org:123".into(),
+				"1.parity.pool.ntp.org:123".into(),
+				"2.parity.pool.ntp.org:123".into(),
+				"3.parity.pool.ntp.org:123".into(),
+			],
 			dapps_path: replace_home(&data_dir, "$BASE/dapps").into(),
 			extra_dapps: vec![],
 			extra_embed_on: vec![],
@@ -158,7 +163,7 @@ pub fn new(configuration: Configuration, deps: Dependencies) -> Result<Option<Mi
 
 	server::dapps_middleware(
 		deps,
-		&configuration.ntp_server,
+		&configuration.ntp_servers,
 		configuration.dapps_path,
 		configuration.extra_dapps,
 		rpc::DAPPS_DOMAIN,
@@ -166,14 +171,14 @@ pub fn new(configuration: Configuration, deps: Dependencies) -> Result<Option<Mi
 	).map(Some)
 }
 
-pub fn new_ui(enabled: bool, ntp_server: &str, deps: Dependencies) -> Result<Option<Middleware>, String> {
+pub fn new_ui(enabled: bool, ntp_servers: &[String], deps: Dependencies) -> Result<Option<Middleware>, String> {
 	if !enabled {
 		return Ok(None);
 	}
 
 	server::ui_middleware(
 		deps,
-		ntp_server,
+		ntp_servers,
 		rpc::DAPPS_DOMAIN,
 	).map(Some)
 }
@@ -204,7 +209,7 @@ mod server {
 
 	pub fn dapps_middleware(
 		_deps: Dependencies,
-		_ntp_server: &str,
+		_ntp_servers: &[String],
 		_dapps_path: PathBuf,
 		_extra_dapps: Vec<PathBuf>,
 		_dapps_domain: &str,
@@ -215,7 +220,7 @@ mod server {
 
 	pub fn ui_middleware(
 		_deps: Dependencies,
-		_ntp_server: &str,
+		_ntp_servers: &[String],
 		_dapps_domain: &str,
 	) -> Result<Middleware, String> {
 		Err("Your Parity version has been compiled without UI support.".into())
@@ -241,7 +246,7 @@ mod server {
 
 	pub fn dapps_middleware(
 		deps: Dependencies,
-		ntp_server: &str,
+		ntp_servers: &[String],
 		dapps_path: PathBuf,
 		extra_dapps: Vec<PathBuf>,
 		dapps_domain: &str,
@@ -252,7 +257,7 @@ mod server {
 		let web_proxy_tokens = Arc::new(move |token| signer.web_proxy_access_token_domain(&token));
 
 		Ok(parity_dapps::Middleware::dapps(
-			ntp_server,
+			ntp_servers,
 			deps.pool,
 			parity_remote,
 			deps.ui_address,
@@ -269,12 +274,12 @@ mod server {
 
 	pub fn ui_middleware(
 		deps: Dependencies,
-		ntp_server: &str,
+		ntp_servers: &[String],
 		dapps_domain: &str,
 	) -> Result<Middleware, String> {
 		let parity_remote = parity_reactor::Remote::new(deps.remote.clone());
 		Ok(parity_dapps::Middleware::ui(
-			ntp_server,
+			ntp_servers,
 			deps.pool,
 			parity_remote,
 			dapps_domain,
diff --git a/parity/rpc.rs b/parity/rpc.rs
index b15c331d6..9173e7b2f 100644
--- a/parity/rpc.rs
+++ b/parity/rpc.rs
@@ -73,7 +73,7 @@ impl Default for HttpConfiguration {
 #[derive(Debug, PartialEq, Clone)]
 pub struct UiConfiguration {
 	pub enabled: bool,
-	pub ntp_server: String,
+	pub ntp_servers: Vec<String>,
 	pub interface: String,
 	pub port: u16,
 	pub hosts: Option<Vec<String>>,
@@ -107,7 +107,12 @@ impl Default for UiConfiguration {
 	fn default() -> Self {
 		UiConfiguration {
 			enabled: true && cfg!(feature = "ui-enabled"),
-			ntp_server: "none".into(),
+			ntp_servers: vec![
+				"0.parity.pool.ntp.org:123".into(),
+				"1.parity.pool.ntp.org:123".into(),
+				"2.parity.pool.ntp.org:123".into(),
+				"3.parity.pool.ntp.org:123".into(),
+			],
 			port: 8180,
 			interface: "127.0.0.1".into(),
 			hosts: Some(vec![]),
diff --git a/parity/run.rs b/parity/run.rs
index c08294a42..0c5f11bbb 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -311,7 +311,7 @@ fn execute_light(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) ->
 	};
 
 	let dapps_middleware = dapps::new(cmd.dapps_conf.clone(), dapps_deps.clone())?;
-	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, &cmd.ui_conf.ntp_server, dapps_deps)?;
+	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, &cmd.ui_conf.ntp_servers, dapps_deps)?;
 
 	// start RPCs
 	let dapps_service = dapps::service(&dapps_middleware);
@@ -687,7 +687,7 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 		}
 	};
 	let dapps_middleware = dapps::new(cmd.dapps_conf.clone(), dapps_deps.clone())?;
-	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, &cmd.ui_conf.ntp_server, dapps_deps)?;
+	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, &cmd.ui_conf.ntp_servers, dapps_deps)?;
 
 	let dapps_service = dapps::service(&dapps_middleware);
 	let deps_for_rpc_apis = Arc::new(rpc_apis::FullDependencies {

From 78b3d71745776606aa592f2fbc6819c9d2dd12bc Mon Sep 17 00:00:00 2001
From: Marek Kotewicz <marek.kotewicz@gmail.com>
Date: Wed, 9 Aug 2017 10:57:23 +0200
Subject: [PATCH 044/112] propagate stratum submit share error upstream, fixes
 #6258 (#6260)

---
 ethcore/src/miner/stratum.rs | 34 +++++++++++++++++++---------------
 1 file changed, 19 insertions(+), 15 deletions(-)

diff --git a/ethcore/src/miner/stratum.rs b/ethcore/src/miner/stratum.rs
index e419247f0..0031bb715 100644
--- a/ethcore/src/miner/stratum.rs
+++ b/ethcore/src/miner/stratum.rs
@@ -32,7 +32,6 @@ use util::Mutex;
 use miner::{self, Miner, MinerService};
 use client::Client;
 use block::IsBlock;
-use std::str::FromStr;
 use rlp::encode;
 
 /// Configures stratum server options.
@@ -60,7 +59,7 @@ impl SubmitPayload {
 			return Err(PayloadError::ArgumentsAmountUnexpected(payload.len()));
 		}
 
-		let nonce = match H64::from_str(clean_0x(&payload[0])) {
+		let nonce = match clean_0x(&payload[0]).parse::<H64>() {
 			Ok(nonce) => nonce,
 			Err(e) => {
 				warn!(target: "stratum", "submit_work ({}): invalid nonce ({:?})", &payload[0], e);
@@ -68,7 +67,7 @@ impl SubmitPayload {
 			}
 		};
 
-		let pow_hash = match H256::from_str(clean_0x(&payload[1])) {
+		let pow_hash = match clean_0x(&payload[1]).parse::<H256>() {
 			Ok(pow_hash) => pow_hash,
 			Err(e) => {
 				warn!(target: "stratum", "submit_work ({}): invalid hash ({:?})", &payload[1], e);
@@ -76,7 +75,7 @@ impl SubmitPayload {
 			}
 		};
 
-		let mix_hash = match H256::from_str(clean_0x(&payload[2])) {
+		let mix_hash = match clean_0x(&payload[2]).parse::<H256>() {
 			Ok(mix_hash) => mix_hash,
 			Err(e) => {
 				warn!(target: "stratum", "submit_work ({}): invalid mix-hash ({:?})",  &payload[2], e);
@@ -133,7 +132,7 @@ impl JobDispatcher for StratumJobDispatcher {
 
 	fn submit(&self, payload: Vec<String>) -> Result<(), StratumServiceError> {
 		let payload = SubmitPayload::from_args(payload).map_err(|e|
-			StratumServiceError::Dispatch(format!("{}", e))
+			StratumServiceError::Dispatch(e.to_string())
 		)?;
 
 		trace!(
@@ -144,14 +143,16 @@ impl JobDispatcher for StratumJobDispatcher {
 			payload.mix_hash,
 		);
 
-		self.with_core_void(|client, miner| {
+		self.with_core_result(|client, miner| {
 			let seal = vec![encode(&payload.mix_hash).into_vec(), encode(&payload.nonce).into_vec()];
-			if let Err(e) = miner.submit_seal(&*client, payload.pow_hash, seal) {
-				warn!(target: "stratum", "submit_seal error: {:?}", e);
-			};
-		});
-
-		Ok(())
+			match miner.submit_seal(&*client, payload.pow_hash, seal) {
+				Ok(_) => Ok(()),
+				Err(e) => {
+					warn!(target: "stratum", "submit_seal error: {:?}", e);
+					Err(StratumServiceError::Dispatch(e.to_string()))
+				}
+			}
+		})
 	}
 }
 
@@ -181,8 +182,11 @@ impl StratumJobDispatcher {
 		self.client.upgrade().and_then(|client| self.miner.upgrade().and_then(|miner| (f)(client, miner)))
 	}
 
-	fn with_core_void<F>(&self, f: F) where F: Fn(Arc<Client>, Arc<Miner>) {
-		self.client.upgrade().map(|client| self.miner.upgrade().map(|miner| (f)(client, miner)));
+	fn with_core_result<F>(&self, f: F) -> Result<(), StratumServiceError> where F: Fn(Arc<Client>, Arc<Miner>) -> Result<(), StratumServiceError> {
+		match (self.client.upgrade(), self.miner.upgrade()) {
+			(Some(client), Some(miner)) => f(client, miner),
+			_ => Ok(()),
+		}
 	}
 }
 
@@ -230,7 +234,7 @@ impl Stratum {
 		let dispatcher = Arc::new(StratumJobDispatcher::new(miner, client));
 
 		let stratum_svc = StratumService::start(
-			&SocketAddr::new(IpAddr::from_str(&options.listen_addr)?, options.port),
+			&SocketAddr::new(options.listen_addr.parse::<IpAddr>()?, options.port),
 			dispatcher.clone(),
 			options.secret.clone(),
 		)?;

From d209100a60ed7d4f2dcaa1d2b8e0e510ff95fe34 Mon Sep 17 00:00:00 2001
From: Alexey <frol.rage@gmail.com>
Date: Wed, 9 Aug 2017 11:57:54 +0300
Subject: [PATCH 045/112] Wasm storage read test (#6255)

* Test for read from prepopulated storage implemented

* wasm-tests submodule update

* fix identation

* comment for storage_read added
---
 ethcore/res/wasm-tests    |  2 +-
 ethcore/wasm/src/tests.rs | 38 ++++++++++++++++++++++++++++++++------
 2 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/ethcore/res/wasm-tests b/ethcore/res/wasm-tests
index 04c9d84c5..18dad7912 160000
--- a/ethcore/res/wasm-tests
+++ b/ethcore/res/wasm-tests
@@ -1 +1 @@
-Subproject commit 04c9d84c5fe5c3ad707be58664c7e72b97cc9996
+Subproject commit 18dad7912cf42937ff725ffd944d01ff7ca1cce7
diff --git a/ethcore/wasm/src/tests.rs b/ethcore/wasm/src/tests.rs
index c12dc8935..401b4db09 100644
--- a/ethcore/wasm/src/tests.rs
+++ b/ethcore/wasm/src/tests.rs
@@ -378,13 +378,39 @@ fn realloc() {
 	let mut ext = FakeExt::new();
 
 	let (gas_left, result) = {
-			let mut interpreter = wasm_interpreter();
-			let result = interpreter.exec(params, &mut ext).expect("Interpreter to execute without any errors");
-			match result {
-					GasLeft::Known(_) => { panic!("Realloc should return payload"); },
-					GasLeft::NeedsReturn { gas_left: gas, data: result, apply_state: _apply } => (gas, result.to_vec()),
-			}
+		let mut interpreter = wasm_interpreter();
+		let result = interpreter.exec(params, &mut ext).expect("Interpreter to execute without any errors");
+		match result {
+				GasLeft::Known(_) => { panic!("Realloc should return payload"); },
+				GasLeft::NeedsReturn { gas_left: gas, data: result, apply_state: _apply } => (gas, result.to_vec()),
+		}
 	};
 	assert_eq!(gas_left, U256::from(98326));
 	assert_eq!(result, vec![0u8; 2]);
 }
+
+// Tests that contract's ability to read from a storage
+// Test prepopulates address into storage, than executes a contract which read that address from storage and write this address into result
+#[test]
+fn storage_read() {
+	let code = load_sample!("storage_read.wasm");
+	let address: Address = "0f572e5295c57f15886f9b263e2f6d2d6c7b5ec6".parse().unwrap();
+	
+	let mut params = ActionParams::default();
+	params.gas = U256::from(100_000);
+	params.code = Some(Arc::new(code));
+	let mut ext = FakeExt::new();
+	ext.store.insert("0100000000000000000000000000000000000000000000000000000000000000".into(), address.into());
+
+	let (gas_left, result) = {
+		let mut interpreter = wasm_interpreter();
+		let result = interpreter.exec(params, &mut ext).expect("Interpreter to execute without any errors");
+		match result {
+				GasLeft::Known(_) => { panic!("storage_read should return payload"); },
+				GasLeft::NeedsReturn { gas_left: gas, data: result, apply_state: _apply } => (gas, result.to_vec()),
+		}
+	};
+
+	assert_eq!(gas_left, U256::from(99752));
+	assert_eq!(Address::from(&result[12..32]), address);
+}

From 33ba5b63f394a83619d5288e4b94f3f5a82351cb Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 9 Aug 2017 12:09:40 +0300
Subject: [PATCH 046/112] SecretStore: encrypt messages using private key from
 key store (#6146)

* do not cache ACL storage contract

* when error comes before initialization

* initial KeyServerSet commit

* update_nodes_set in maintain

* do not connect to self

* fixed connection establishing

* removed println

* improved KeyServerSet tracing

* moved parsing to KeyServerSet

* re-read only when blockchain is changed

* do not try to connect if not a part of cluster

* improved logging

* fixed tests

* NodeKeyPAir trait

* fixed parity to use new trait

* continue integrating with parity

* updated parity for NodeKeyPair

* completed KeyStoreNodeKeyPair

* removed comment

* removed dependency && style
---
 ethcore/src/account_provider/mod.rs           | 12 +++
 ethstore/src/account/safe_account.rs          |  9 +-
 ethstore/src/ethstore.rs                      | 24 ++++--
 ethstore/src/secret_store.rs                  |  2 +
 parity/configuration.rs                       | 11 ++-
 parity/run.rs                                 |  4 +-
 parity/secretstore.rs                         | 56 ++++++++++---
 secret_store/src/key_server.rs                | 19 +++--
 .../src/key_server_cluster/cluster.rs         | 10 +--
 .../src/key_server_cluster/io/handshake.rs    | 48 ++++++-----
 .../src/key_server_cluster/io/message.rs      | 15 ++--
 secret_store/src/key_server_cluster/io/mod.rs |  2 +-
 secret_store/src/key_server_cluster/mod.rs    |  3 +
 .../net/accept_connection.rs                  |  6 +-
 .../src/key_server_cluster/net/connect.rs     |  8 +-
 secret_store/src/key_storage.rs               |  1 -
 secret_store/src/lib.rs                       |  8 +-
 secret_store/src/node_key_pair.rs             | 84 +++++++++++++++++++
 secret_store/src/traits.rs                    | 12 +++
 secret_store/src/types/all.rs                 |  2 -
 20 files changed, 257 insertions(+), 79 deletions(-)
 create mode 100644 secret_store/src/node_key_pair.rs

diff --git a/ethcore/src/account_provider/mod.rs b/ethcore/src/account_provider/mod.rs
index 249ca40af..752cec964 100755
--- a/ethcore/src/account_provider/mod.rs
+++ b/ethcore/src/account_provider/mod.rs
@@ -519,6 +519,11 @@ impl AccountProvider {
 		}
 	}
 
+	/// Returns account public key.
+	pub fn account_public(&self, address: Address, password: &str) -> Result<Public, Error> {
+		self.sstore.public(&self.sstore.account_ref(&address)?, password)
+	}
+
 	/// Returns each account along with name and meta.
 	pub fn set_account_name(&self, address: Address, name: String) -> Result<(), Error> {
 		self.sstore.set_name(&self.sstore.account_ref(&address)?, name)?;
@@ -697,6 +702,13 @@ impl AccountProvider {
 		Ok(self.sstore.decrypt(&account, &password, shared_mac, message)?)
 	}
 
+	/// Agree on shared key.
+	pub fn agree(&self, address: Address, password: Option<String>, other_public: &Public) -> Result<Secret, SignError> {
+		let account = self.sstore.account_ref(&address)?;
+		let password = password.map(Ok).unwrap_or_else(|| self.password(&account))?;
+		Ok(self.sstore.agree(&account, &password, other_public)?)
+	}
+
 	/// Returns the underlying `SecretStore` reference if one exists.
 	pub fn list_geth_accounts(&self, testnet: bool) -> Vec<Address> {
 		self.sstore.list_geth_accounts(testnet).into_iter().map(|a| Address::from(a).into()).collect()
diff --git a/ethstore/src/account/safe_account.rs b/ethstore/src/account/safe_account.rs
index e0512fe8d..478b796e6 100755
--- a/ethstore/src/account/safe_account.rs
+++ b/ethstore/src/account/safe_account.rs
@@ -14,7 +14,8 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
-use ethkey::{KeyPair, sign, Address, Signature, Message, Public};
+use ethkey::{KeyPair, sign, Address, Signature, Message, Public, Secret};
+use crypto::ecdh::agree;
 use {json, Error, crypto};
 use account::Version;
 use super::crypto::Crypto;
@@ -135,6 +136,12 @@ impl SafeAccount {
 		crypto::ecies::decrypt(&secret, shared_mac, message).map_err(From::from)
 	}
 
+	/// Agree on shared key.
+	pub fn agree(&self, password: &str, other: &Public) -> Result<Secret, Error> {
+		let secret = self.crypto.secret(password)?;
+		agree(&secret, other).map_err(From::from)
+	}
+
 	/// Derive public key.
 	pub fn public(&self, password: &str) -> Result<Public, Error> {
 		let secret = self.crypto.secret(password)?;
diff --git a/ethstore/src/ethstore.rs b/ethstore/src/ethstore.rs
index 246671990..f3bb24071 100755
--- a/ethstore/src/ethstore.rs
+++ b/ethstore/src/ethstore.rs
@@ -97,6 +97,10 @@ impl SimpleSecretStore for EthStore {
 		self.store.sign_derived(account_ref, password, derivation, message)
 	}
 
+	fn agree(&self, account: &StoreAccountRef, password: &str, other: &Public) -> Result<Secret, Error> {
+		self.store.agree(account, password, other)
+	}
+
 	fn decrypt(&self, account: &StoreAccountRef, password: &str, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error> {
 		let account = self.get(account)?;
 		account.decrypt(password, shared_mac, message)
@@ -495,18 +499,26 @@ impl SimpleSecretStore for EthMultiStore {
 
 	fn sign(&self, account: &StoreAccountRef, password: &str, message: &Message) -> Result<Signature, Error> {
 		let accounts = self.get_matching(account, password)?;
-		for account in accounts {
-			return account.sign(password, message);
+		match accounts.first() {
+			Some(ref account) => account.sign(password, message),
+			None => Err(Error::InvalidPassword),
 		}
-		Err(Error::InvalidPassword)
 	}
 
 	fn decrypt(&self, account: &StoreAccountRef, password: &str, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error> {
 		let accounts = self.get_matching(account, password)?;
-		for account in accounts {
-			return account.decrypt(password, shared_mac, message);
+		match accounts.first() {
+			Some(ref account) => account.decrypt(password, shared_mac, message),
+			None => Err(Error::InvalidPassword),
+		}
+	}
+
+	fn agree(&self, account: &StoreAccountRef, password: &str, other: &Public) -> Result<Secret, Error> {
+		let accounts = self.get_matching(account, password)?;
+		match accounts.first() {
+			Some(ref account) => account.agree(password, other),
+			None => Err(Error::InvalidPassword),
 		}
-		Err(Error::InvalidPassword)
 	}
 
 	fn create_vault(&self, name: &str, password: &str) -> Result<(), Error> {
diff --git a/ethstore/src/secret_store.rs b/ethstore/src/secret_store.rs
index 2deae023e..e364245b7 100755
--- a/ethstore/src/secret_store.rs
+++ b/ethstore/src/secret_store.rs
@@ -60,6 +60,8 @@ pub trait SimpleSecretStore: Send + Sync {
 	fn sign_derived(&self, account_ref: &StoreAccountRef, password: &str, derivation: Derivation, message: &Message) -> Result<Signature, Error>;
 	/// Decrypt a messages with given account.
 	fn decrypt(&self, account: &StoreAccountRef, password: &str, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error>;
+	/// Agree on shared key.
+	fn agree(&self, account: &StoreAccountRef, password: &str, other: &Public) -> Result<Secret, Error>;
 
 	/// Returns all accounts in this secret store.
 	fn accounts(&self) -> Result<Vec<StoreAccountRef>, Error>;
diff --git a/parity/configuration.rs b/parity/configuration.rs
index b28d2608e..be355f394 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -41,7 +41,7 @@ use ethcore_logger::Config as LogConfig;
 use dir::{self, Directories, default_hypervisor_path, default_local_path, default_data_path};
 use dapps::Configuration as DappsConfiguration;
 use ipfs::Configuration as IpfsConfiguration;
-use secretstore::Configuration as SecretStoreConfiguration;
+use secretstore::{Configuration as SecretStoreConfiguration, NodeSecretKey};
 use updater::{UpdatePolicy, UpdateFilter, ReleaseTrack};
 use run::RunCmd;
 use blockchain::{BlockchainCmd, ImportBlockchain, ExportBlockchain, KillBlockchain, ExportState, DataFormat};
@@ -993,10 +993,13 @@ impl Configuration {
 		self.interface(&self.args.flag_secretstore_http_interface)
 	}
 
-	fn secretstore_self_secret(&self) -> Result<Option<Secret>, String> {
+	fn secretstore_self_secret(&self) -> Result<Option<NodeSecretKey>, String> {
 		match self.args.flag_secretstore_secret {
-			Some(ref s) => Ok(Some(s.parse()
-				.map_err(|e| format!("Invalid secret store secret: {}. Error: {:?}", s, e))?)),
+			Some(ref s) if s.len() == 64 => Ok(Some(NodeSecretKey::Plain(s.parse()
+				.map_err(|e| format!("Invalid secret store secret: {}. Error: {:?}", s, e))?))),
+			Some(ref s) if s.len() == 40 => Ok(Some(NodeSecretKey::KeyStore(s.parse()
+				.map_err(|e| format!("Invalid secret store secret address: {}. Error: {:?}", s, e))?))),
+			Some(_) => Err(format!("Invalid secret store secret. Must be either existing account address, or hex-encoded private key")),
 			None => Ok(None),
 		}
 	}
diff --git a/parity/run.rs b/parity/run.rs
index 0c5f11bbb..fbf59e680 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -507,7 +507,7 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 		}
 
 		// Attempt to sign in the engine signer.
-		if !passwords.into_iter().any(|p| miner.set_engine_signer(engine_signer, p).is_ok()) {
+		if !passwords.iter().any(|p| miner.set_engine_signer(engine_signer, (*p).clone()).is_ok()) {
 			return Err(format!("No valid password for the consensus signer {}. {}", engine_signer, VERIFY_PASSWORD_HINT));
 		}
 	}
@@ -734,6 +734,8 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 	// secret store key server
 	let secretstore_deps = secretstore::Dependencies {
 		client: client.clone(),
+		account_provider: account_provider,
+		accounts_passwords: &passwords,
 	};
 	let secretstore_key_server = secretstore::start(cmd.secretstore_conf.clone(), secretstore_deps)?;
 
diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index f215c937c..def2cd1a6 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -17,9 +17,20 @@
 use std::collections::BTreeMap;
 use std::sync::Arc;
 use dir::default_data_path;
+use ethcore::account_provider::AccountProvider;
 use ethcore::client::Client;
 use ethkey::{Secret, Public};
 use helpers::replace_home;
+use util::Address;
+
+#[derive(Debug, PartialEq, Clone)]
+/// This node secret key.
+pub enum NodeSecretKey {
+	/// Stored as plain text in configuration file.
+	Plain(Secret),
+	/// Stored as account in key store.
+	KeyStore(Address),
+}
 
 #[derive(Debug, PartialEq, Clone)]
 /// Secret store configuration
@@ -27,7 +38,7 @@ pub struct Configuration {
 	/// Is secret store functionality enabled?
 	pub enabled: bool,
 	/// This node secret.
-	pub self_secret: Option<Secret>,
+	pub self_secret: Option<NodeSecretKey>,
 	/// Other nodes IDs + addresses.
 	pub nodes: BTreeMap<Public, (String, u16)>,
 	/// Interface to listen to
@@ -43,9 +54,13 @@ pub struct Configuration {
 }
 
 /// Secret store dependencies
-pub struct Dependencies {
+pub struct Dependencies<'a> {
 	/// Blockchain client.
 	pub client: Arc<Client>,
+	/// Account provider.
+	pub account_provider: Arc<AccountProvider>,
+	/// Passed accounts passwords.
+	pub accounts_passwords: &'a [String],
 }
 
 #[cfg(not(feature = "secretstore"))]
@@ -65,9 +80,10 @@ mod server {
 
 #[cfg(feature="secretstore")]
 mod server {
+	use std::sync::Arc;
 	use ethcore_secretstore;
 	use ethkey::KeyPair;
-	use super::{Configuration, Dependencies};
+	use super::{Configuration, Dependencies, NodeSecretKey};
 
 	/// Key server
 	pub struct KeyServer {
@@ -76,8 +92,31 @@ mod server {
 
 	impl KeyServer {
 		/// Create new key server
-		pub fn new(conf: Configuration, deps: Dependencies) -> Result<Self, String> {
-			let self_secret = conf.self_secret.ok_or("self secret is required when using secretstore")?;
+		pub fn new(mut conf: Configuration, deps: Dependencies) -> Result<Self, String> {
+			let self_secret: Arc<ethcore_secretstore::NodeKeyPair> = match conf.self_secret.take() {
+				Some(NodeSecretKey::Plain(secret)) => Arc::new(ethcore_secretstore::PlainNodeKeyPair::new(
+					KeyPair::from_secret(secret).map_err(|e| format!("invalid secret: {}", e))?)),
+				Some(NodeSecretKey::KeyStore(account)) => {
+					// Check if account exists
+					if !deps.account_provider.has_account(account.clone()).unwrap_or(false) {
+						return Err(format!("Account {} passed as secret store node key is not found", account));
+					}
+
+					// Check if any passwords have been read from the password file(s)
+					if deps.accounts_passwords.is_empty() {
+						return Err(format!("No password found for the secret store node account {}", account));
+					}
+
+					// Attempt to sign in the engine signer.
+					let password = deps.accounts_passwords.iter()
+						.find(|p| deps.account_provider.sign(account.clone(), Some((*p).clone()), Default::default()).is_ok())
+						.ok_or(format!("No valid password for the secret store node account {}", account))?;
+					Arc::new(ethcore_secretstore::KeyStoreNodeKeyPair::new(deps.account_provider, account, password.clone())
+						.map_err(|e| format!("{}", e))?)
+				},
+				None => return Err("self secret is required when using secretstore".into()),
+			};
+
 			let mut conf = ethcore_secretstore::ServiceConfiguration {
 				listener_address: ethcore_secretstore::NodeAddress {
 					address: conf.http_interface.clone(),
@@ -86,7 +125,6 @@ mod server {
 				data_path: conf.data_path.clone(),
 				cluster_config: ethcore_secretstore::ClusterConfiguration {
 					threads: 4,
-					self_private: (**self_secret).into(),
 					listener_address: ethcore_secretstore::NodeAddress {
 						address: conf.interface.clone(),
 						port: conf.port,
@@ -99,11 +137,9 @@ mod server {
 				},
 			};
 
-			let self_key_pair = KeyPair::from_secret(self_secret.clone())
-				.map_err(|e| format!("valid secret is required when using secretstore. Error: {}", e))?;
-			conf.cluster_config.nodes.insert(self_key_pair.public().clone(), conf.cluster_config.listener_address.clone());
+			conf.cluster_config.nodes.insert(self_secret.public().clone(), conf.cluster_config.listener_address.clone());
 
-			let key_server = ethcore_secretstore::start(deps.client, conf)
+			let key_server = ethcore_secretstore::start(deps.client, self_secret, conf)
 				.map_err(Into::<String>::into)?;
 
 			Ok(KeyServer {
diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index c83e460f3..6526bff68 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -26,7 +26,7 @@ use super::acl_storage::AclStorage;
 use super::key_storage::KeyStorage;
 use super::key_server_set::KeyServerSet;
 use key_server_cluster::{math, ClusterCore};
-use traits::{ServerKeyGenerator, DocumentKeyServer, MessageSigner, KeyServer};
+use traits::{ServerKeyGenerator, DocumentKeyServer, MessageSigner, KeyServer, NodeKeyPair};
 use types::all::{Error, Public, RequestSignature, ServerKeyId, EncryptedDocumentKey, EncryptedDocumentKeyShadow,
 	ClusterConfiguration, MessageHash, EncryptedMessageSignature};
 use key_server_cluster::{ClusterClient, ClusterConfiguration as NetClusterConfiguration};
@@ -45,9 +45,9 @@ pub struct KeyServerCore {
 
 impl KeyServerImpl {
 	/// Create new key server instance
-	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, self_key_pair: Arc<NodeKeyPair>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		Ok(KeyServerImpl {
-			data: Arc::new(Mutex::new(KeyServerCore::new(config, key_server_set, acl_storage, key_storage)?)),
+			data: Arc::new(Mutex::new(KeyServerCore::new(config, key_server_set, self_key_pair, acl_storage, key_storage)?)),
 		})
 	}
 
@@ -144,10 +144,10 @@ impl MessageSigner for KeyServerImpl {
 }
 
 impl KeyServerCore {
-	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
+	pub fn new(config: &ClusterConfiguration, key_server_set: Arc<KeyServerSet>, self_key_pair: Arc<NodeKeyPair>, acl_storage: Arc<AclStorage>, key_storage: Arc<KeyStorage>) -> Result<Self, Error> {
 		let config = NetClusterConfiguration {
 			threads: config.threads,
-			self_key_pair: ethkey::KeyPair::from_secret_slice(&config.self_private)?,
+			self_key_pair: self_key_pair,
 			listen_address: (config.listener_address.address.clone(), config.listener_address.port),
 			key_server_set: key_server_set,
 			allow_connecting_to_higher_nodes: config.allow_connecting_to_higher_nodes,
@@ -198,6 +198,7 @@ pub mod tests {
 	use ethkey::{self, Secret, Random, Generator};
 	use acl_storage::tests::DummyAclStorage;
 	use key_storage::tests::DummyKeyStorage;
+	use node_key_pair::PlainNodeKeyPair;
 	use key_server_set::tests::MapKeyServerSet;
 	use key_server_cluster::math;
 	use util::H256;
@@ -244,7 +245,6 @@ pub mod tests {
 		let key_pairs: Vec<_> = (0..num_nodes).map(|_| Random.generate().unwrap()).collect();
 		let configs: Vec<_> = (0..num_nodes).map(|i| ClusterConfiguration {
 				threads: 1,
-				self_private: (***key_pairs[i].secret()).into(),
 				listener_address: NodeAddress {
 					address: "127.0.0.1".into(),
 					port: start_port + (i as u16),
@@ -259,8 +259,11 @@ pub mod tests {
 		let key_servers_set: BTreeMap<Public, SocketAddr> = configs[0].nodes.iter()
 			.map(|(k, a)| (k.clone(), format!("{}:{}", a.address, a.port).parse().unwrap()))
 			.collect();
-		let key_servers: Vec<_> = configs.into_iter().map(|cfg|
-			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(key_servers_set.clone())), Arc::new(DummyAclStorage::default()), Arc::new(DummyKeyStorage::default())).unwrap()
+		let key_servers: Vec<_> = configs.into_iter().enumerate().map(|(i, cfg)|
+			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(key_servers_set.clone())),
+				Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
+				Arc::new(DummyAclStorage::default()),
+				Arc::new(DummyKeyStorage::default())).unwrap()
 		).collect();
 
 		// wait until connections are established. It is fast => do not bother with events here
diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index d77a82431..155dd4a01 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -28,7 +28,7 @@ use tokio_core::reactor::{Handle, Remote, Interval};
 use tokio_core::net::{TcpListener, TcpStream};
 use ethkey::{Public, KeyPair, Signature, Random, Generator};
 use util::H256;
-use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage, KeyServerSet};
+use key_server_cluster::{Error, NodeId, SessionId, AclStorage, KeyStorage, KeyServerSet, NodeKeyPair};
 use key_server_cluster::cluster_sessions::{ClusterSession, ClusterSessions, GenerationSessionWrapper, EncryptionSessionWrapper,
 	DecryptionSessionWrapper, SigningSessionWrapper};
 use key_server_cluster::message::{self, Message, ClusterMessage, GenerationMessage, EncryptionMessage, DecryptionMessage,
@@ -99,7 +99,7 @@ pub struct ClusterConfiguration {
 	/// Allow connecting to 'higher' nodes.
 	pub allow_connecting_to_higher_nodes: bool,
 	/// KeyPair this node holds.
-	pub self_key_pair: KeyPair,
+	pub self_key_pair: Arc<NodeKeyPair>,
 	/// Interface to listen to.
 	pub listen_address: (String, u16),
 	/// Cluster nodes set.
@@ -146,7 +146,7 @@ pub struct ClusterData {
 	/// Handle to the cpu thread pool.
 	pool: CpuPool,
 	/// KeyPair this node holds.
-	self_key_pair: KeyPair,
+	self_key_pair: Arc<NodeKeyPair>,
 	/// Connections data.
 	connections: ClusterConnections,
 	/// Active sessions data.
@@ -989,7 +989,7 @@ pub mod tests {
 	use parking_lot::Mutex;
 	use tokio_core::reactor::Core;
 	use ethkey::{Random, Generator, Public};
-	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage, MapKeyServerSet};
+	use key_server_cluster::{NodeId, SessionId, Error, DummyAclStorage, DummyKeyStorage, MapKeyServerSet, PlainNodeKeyPair};
 	use key_server_cluster::message::Message;
 	use key_server_cluster::cluster::{Cluster, ClusterCore, ClusterConfiguration};
 	use key_server_cluster::generation_session::{Session as GenerationSession, SessionState as GenerationSessionState};
@@ -1068,7 +1068,7 @@ pub mod tests {
 		let key_pairs: Vec<_> = (0..num_nodes).map(|_| Random.generate().unwrap()).collect();
 		let cluster_params: Vec<_> = (0..num_nodes).map(|i| ClusterConfiguration {
 			threads: 1,
-			self_key_pair: key_pairs[i].clone(),
+			self_key_pair: Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
 			listen_address: ("127.0.0.1".to_owned(), ports_begin + i as u16),
 			key_server_set: Arc::new(MapKeyServerSet::new(key_pairs.iter().enumerate()
 				.map(|(j, kp)| (kp.public().clone(), format!("127.0.0.1:{}", ports_begin + j as u16).parse().unwrap()))
diff --git a/secret_store/src/key_server_cluster/io/handshake.rs b/secret_store/src/key_server_cluster/io/handshake.rs
index df8f6cbf7..bf52ab798 100644
--- a/secret_store/src/key_server_cluster/io/handshake.rs
+++ b/secret_store/src/key_server_cluster/io/handshake.rs
@@ -15,24 +15,25 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::io;
+use std::sync::Arc;
 use std::collections::BTreeSet;
 use futures::{Future, Poll, Async};
 use tokio_io::{AsyncRead, AsyncWrite};
-use ethkey::{Random, Generator, KeyPair, Secret, sign, verify_public};
+use ethkey::{Random, Generator, KeyPair, verify_public};
 use util::H256;
-use key_server_cluster::{NodeId, Error};
+use key_server_cluster::{NodeId, Error, NodeKeyPair};
 use key_server_cluster::message::{Message, ClusterMessage, NodePublicKey, NodePrivateKeySignature};
 use key_server_cluster::io::{write_message, write_encrypted_message, WriteMessage, ReadMessage,
-	read_message, read_encrypted_message, compute_shared_key};
+	read_message, read_encrypted_message, fix_shared_key};
 
 /// Start handshake procedure with another node from the cluster.
-pub fn handshake<A>(a: A, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn handshake<A>(a: A, self_key_pair: Arc<NodeKeyPair>, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let self_confirmation_plain = Random.generate().map(|kp| *kp.secret().clone()).map_err(Into::into);
 	handshake_with_plain_confirmation(a, self_confirmation_plain, self_key_pair, trusted_nodes)
 }
 
 /// Start handshake procedure with another node from the cluster and given plain confirmation.
-pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Result<H256, Error>, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Result<H256, Error>, self_key_pair: Arc<NodeKeyPair>, trusted_nodes: BTreeSet<NodeId>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let (error, state) = match self_confirmation_plain.clone()
 		.and_then(|c| Handshake::<A>::make_public_key_message(self_key_pair.public().clone(), c)) {
 		Ok(message) => (None, HandshakeState::SendPublicKey(write_message(a, message))),
@@ -53,7 +54,7 @@ pub fn handshake_with_plain_confirmation<A>(a: A, self_confirmation_plain: Resul
 }
 
 /// Wait for handshake procedure to be started by another node from the cluster.
-pub fn accept_handshake<A>(a: A, self_key_pair: KeyPair) -> Handshake<A> where A: AsyncWrite + AsyncRead {
+pub fn accept_handshake<A>(a: A, self_key_pair: Arc<NodeKeyPair>) -> Handshake<A> where A: AsyncWrite + AsyncRead {
 	let self_confirmation_plain = Random.generate().map(|kp| *kp.secret().clone()).map_err(Into::into);
 	let (error, state) = match self_confirmation_plain.clone() {
 		Ok(_) => (None, HandshakeState::ReceivePublicKey(read_message(a))),
@@ -87,7 +88,7 @@ pub struct Handshake<A> {
 	is_active: bool,
 	error: Option<(A, Result<HandshakeResult, Error>)>,
 	state: HandshakeState<A>,
-	self_key_pair: KeyPair,
+	self_key_pair: Arc<NodeKeyPair>,
 	self_confirmation_plain: H256,
 	trusted_nodes: Option<BTreeSet<NodeId>>,
 	other_node_id: Option<NodeId>,
@@ -117,9 +118,9 @@ impl<A> Handshake<A> where A: AsyncRead + AsyncWrite {
 		})))
 	}
 
-	fn make_private_key_signature_message(secret: &Secret, confirmation_plain: &H256) -> Result<Message, Error> {
+	fn make_private_key_signature_message(self_key_pair: &NodeKeyPair, confirmation_plain: &H256) -> Result<Message, Error> {
 		Ok(Message::Cluster(ClusterMessage::NodePrivateKeySignature(NodePrivateKeySignature {
-			confirmation_signed: sign(secret, confirmation_plain)?.into(),
+			confirmation_signed: self_key_pair.sign(confirmation_plain)?.into(),
 		})))
 	}
 }
@@ -142,15 +143,15 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 						read_message(stream)
 					), Async::NotReady)
 				} else {
-					self.shared_key = match compute_shared_key(self.self_key_pair.secret(),
+					self.shared_key = match self.self_key_pair.compute_shared_key(
 						self.other_node_id.as_ref().expect("we are in passive mode; in passive mode SendPublicKey follows ReceivePublicKey; other_node_id is filled in ReceivePublicKey; qed")
-					) {
+					).map_err(Into::into).and_then(|sk| fix_shared_key(sk.secret())) {
 						Ok(shared_key) => Some(shared_key),
-						Err(err) => return Ok((stream, Err(err)).into()),
+						Err(err) => return Ok((stream, Err(err.into())).into()),
 					};
 
 					let message = match Handshake::<A>::make_private_key_signature_message(
-						self.self_key_pair.secret(),
+						&*self.self_key_pair,
 						self.other_confirmation_plain.as_ref().expect("we are in passive mode; in passive mode SendPublicKey follows ReceivePublicKey; other_confirmation_plain is filled in ReceivePublicKey; qed")
 					) {
 						Ok(message) => message,
@@ -179,15 +180,15 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 				self.other_node_id = Some(message.node_id.into());
 				self.other_confirmation_plain = Some(message.confirmation_plain.into());
 				if self.is_active {
-					self.shared_key = match compute_shared_key(self.self_key_pair.secret(),
+					self.shared_key = match self.self_key_pair.compute_shared_key(
 						self.other_node_id.as_ref().expect("filled couple of lines above; qed")
-					) {
+					).map_err(Into::into).and_then(|sk| fix_shared_key(sk.secret())) {
 						Ok(shared_key) => Some(shared_key),
-						Err(err) => return Ok((stream, Err(err)).into()),
+						Err(err) => return Ok((stream, Err(err.into())).into()),
 					};
 
 					let message = match Handshake::<A>::make_private_key_signature_message(
-						self.self_key_pair.secret(),
+						&*self.self_key_pair,
 						self.other_confirmation_plain.as_ref().expect("filled couple of lines above; qed")
 					) {
 						Ok(message) => message,
@@ -248,11 +249,14 @@ impl<A> Future for Handshake<A> where A: AsyncRead + AsyncWrite {
 
 #[cfg(test)]
 mod tests {
+	use std::sync::Arc;
 	use std::collections::BTreeSet;
 	use futures::Future;
 	use ethkey::{Random, Generator, sign};
+	use ethcrypto::ecdh::agree;
 	use util::H256;
-	use key_server_cluster::io::message::compute_shared_key;
+	use key_server_cluster::PlainNodeKeyPair;
+	use key_server_cluster::io::message::fix_shared_key;
 	use key_server_cluster::io::message::tests::TestIo;
 	use key_server_cluster::message::{Message, ClusterMessage, NodePublicKey, NodePrivateKeySignature};
 	use super::{handshake_with_plain_confirmation, accept_handshake, HandshakeResult};
@@ -283,9 +287,9 @@ mod tests {
 		let (self_confirmation_plain, io) = prepare_test_io();
 		let self_key_pair = io.self_key_pair().clone();
 		let trusted_nodes: BTreeSet<_> = vec![io.peer_public().clone()].into_iter().collect();
-		let shared_key = compute_shared_key(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap();
+		let shared_key = fix_shared_key(&agree(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap()).unwrap();
 
-		let handshake = handshake_with_plain_confirmation(io, Ok(self_confirmation_plain), self_key_pair, trusted_nodes);
+		let handshake = handshake_with_plain_confirmation(io, Ok(self_confirmation_plain), Arc::new(PlainNodeKeyPair::new(self_key_pair)), trusted_nodes);
 		let handshake_result = handshake.wait().unwrap();
 		assert_eq!(handshake_result.1, Ok(HandshakeResult {
 			node_id: handshake_result.0.peer_public().clone(),
@@ -298,9 +302,9 @@ mod tests {
 		let (self_confirmation_plain, io) = prepare_test_io();
 		let self_key_pair = io.self_key_pair().clone();
 		let trusted_nodes: BTreeSet<_> = vec![io.peer_public().clone()].into_iter().collect();
-		let shared_key = compute_shared_key(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap();
+		let shared_key = fix_shared_key(&agree(self_key_pair.secret(), trusted_nodes.iter().nth(0).unwrap()).unwrap()).unwrap();
 
-		let mut handshake = accept_handshake(io, self_key_pair);
+		let mut handshake = accept_handshake(io, Arc::new(PlainNodeKeyPair::new(self_key_pair)));
 		handshake.set_self_confirmation_plain(self_confirmation_plain);
 
 		let handshake_result = handshake.wait().unwrap();
diff --git a/secret_store/src/key_server_cluster/io/message.rs b/secret_store/src/key_server_cluster/io/message.rs
index 49b71e39d..5a6b50a3e 100644
--- a/secret_store/src/key_server_cluster/io/message.rs
+++ b/secret_store/src/key_server_cluster/io/message.rs
@@ -19,9 +19,8 @@ use std::u16;
 use std::ops::Deref;
 use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
 use serde_json;
-use ethcrypto::ecdh::agree;
 use ethcrypto::ecies::{encrypt_single_message, decrypt_single_message};
-use ethkey::{Public, Secret, KeyPair};
+use ethkey::{Secret, KeyPair};
 use ethkey::math::curve_order;
 use util::{H256, U256};
 use key_server_cluster::Error;
@@ -154,12 +153,11 @@ pub fn decrypt_message(key: &KeyPair, payload: Vec<u8>) -> Result<Vec<u8>, Error
 	Ok(decrypt_single_message(key.secret(), &payload)?)
 }
 
-/// Compute shared encryption key.
-pub fn compute_shared_key(self_secret: &Secret, other_public: &Public) -> Result<KeyPair, Error> {
+/// Fix shared encryption key.
+pub fn fix_shared_key(shared_secret: &Secret) -> Result<KeyPair, Error> {
 	// secret key created in agree function is invalid, as it is not calculated mod EC.field.n
 	// => let's do it manually
-	let shared_secret = agree(self_secret, other_public)?;
-	let shared_secret: H256 = (*shared_secret).into();
+	let shared_secret: H256 = (**shared_secret).into();
 	let shared_secret: U256 = shared_secret.into();
 	let shared_secret: H256 = (shared_secret % curve_order()).into();
 	let shared_key_pair = KeyPair::from_secret_slice(&*shared_secret)?;
@@ -204,8 +202,9 @@ pub mod tests {
 	use futures::Poll;
 	use tokio_io::{AsyncRead, AsyncWrite};
 	use ethkey::{KeyPair, Public};
+	use ethcrypto::ecdh::agree;
 	use key_server_cluster::message::Message;
-	use super::{MESSAGE_HEADER_SIZE, MessageHeader, compute_shared_key, encrypt_message, serialize_message,
+	use super::{MESSAGE_HEADER_SIZE, MessageHeader, fix_shared_key, encrypt_message, serialize_message,
 		serialize_header, deserialize_header};
 
 	pub struct TestIo {
@@ -217,7 +216,7 @@ pub mod tests {
 
 	impl TestIo {
 		pub fn new(self_key_pair: KeyPair, peer_public: Public) -> Self {
-			let shared_key_pair = compute_shared_key(self_key_pair.secret(), &peer_public).unwrap();
+			let shared_key_pair = fix_shared_key(&agree(self_key_pair.secret(), &peer_public).unwrap()).unwrap();
 			TestIo {
 				self_key_pair: self_key_pair,
 				peer_public: peer_public,
diff --git a/secret_store/src/key_server_cluster/io/mod.rs b/secret_store/src/key_server_cluster/io/mod.rs
index 57071038e..dfea33683 100644
--- a/secret_store/src/key_server_cluster/io/mod.rs
+++ b/secret_store/src/key_server_cluster/io/mod.rs
@@ -26,7 +26,7 @@ mod write_message;
 pub use self::deadline::{deadline, Deadline, DeadlineStatus};
 pub use self::handshake::{handshake, accept_handshake, Handshake, HandshakeResult};
 pub use self::message::{MessageHeader, SerializedMessage, serialize_message, deserialize_message,
-	encrypt_message, compute_shared_key};
+	encrypt_message, fix_shared_key};
 pub use self::read_header::{read_header, ReadHeader};
 pub use self::read_payload::{read_payload, read_encrypted_payload, ReadPayload};
 pub use self::read_message::{read_message, read_encrypted_message, ReadMessage};
diff --git a/secret_store/src/key_server_cluster/mod.rs b/secret_store/src/key_server_cluster/mod.rs
index 8f6ae4add..102c3672f 100644
--- a/secret_store/src/key_server_cluster/mod.rs
+++ b/secret_store/src/key_server_cluster/mod.rs
@@ -20,6 +20,7 @@ use ethkey;
 use ethcrypto;
 use super::types::all::ServerKeyId;
 
+pub use super::traits::NodeKeyPair;
 pub use super::types::all::{NodeId, EncryptedDocumentKeyShadow};
 pub use super::acl_storage::AclStorage;
 pub use super::key_storage::{KeyStorage, DocumentKeyShare};
@@ -30,6 +31,8 @@ pub use self::generation_session::Session as GenerationSession;
 pub use self::encryption_session::Session as EncryptionSession;
 pub use self::decryption_session::Session as DecryptionSession;
 
+#[cfg(test)]
+pub use super::node_key_pair::PlainNodeKeyPair;
 #[cfg(test)]
 pub use super::key_storage::tests::DummyKeyStorage;
 #[cfg(test)]
diff --git a/secret_store/src/key_server_cluster/net/accept_connection.rs b/secret_store/src/key_server_cluster/net/accept_connection.rs
index 339625f3f..d85e492dd 100644
--- a/secret_store/src/key_server_cluster/net/accept_connection.rs
+++ b/secret_store/src/key_server_cluster/net/accept_connection.rs
@@ -15,18 +15,18 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::io;
+use std::sync::Arc;
 use std::net::SocketAddr;
 use std::time::Duration;
 use futures::{Future, Poll};
 use tokio_core::reactor::Handle;
 use tokio_core::net::TcpStream;
-use ethkey::KeyPair;
-use key_server_cluster::Error;
+use key_server_cluster::{Error, NodeKeyPair};
 use key_server_cluster::io::{accept_handshake, Handshake, Deadline, deadline};
 use key_server_cluster::net::Connection;
 
 /// Create future for accepting incoming connection.
-pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: KeyPair) -> Deadline<AcceptConnection> {
+pub fn accept_connection(address: SocketAddr, stream: TcpStream, handle: &Handle, self_key_pair: Arc<NodeKeyPair>) -> Deadline<AcceptConnection> {
 	let accept = AcceptConnection {
 		handshake: accept_handshake(stream, self_key_pair),
 		address: address,
diff --git a/secret_store/src/key_server_cluster/net/connect.rs b/secret_store/src/key_server_cluster/net/connect.rs
index 449168ab2..7515494e4 100644
--- a/secret_store/src/key_server_cluster/net/connect.rs
+++ b/secret_store/src/key_server_cluster/net/connect.rs
@@ -14,6 +14,7 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+use std::sync::Arc;
 use std::collections::BTreeSet;
 use std::io;
 use std::time::Duration;
@@ -21,13 +22,12 @@ use std::net::SocketAddr;
 use futures::{Future, Poll, Async};
 use tokio_core::reactor::Handle;
 use tokio_core::net::{TcpStream, TcpStreamNew};
-use ethkey::KeyPair;
-use key_server_cluster::{Error, NodeId};
+use key_server_cluster::{Error, NodeId, NodeKeyPair};
 use key_server_cluster::io::{handshake, Handshake, Deadline, deadline};
 use key_server_cluster::net::Connection;
 
 /// Create future for connecting to other node.
-pub fn connect(address: &SocketAddr, handle: &Handle, self_key_pair: KeyPair, trusted_nodes: BTreeSet<NodeId>) -> Deadline<Connect> {
+pub fn connect(address: &SocketAddr, handle: &Handle, self_key_pair: Arc<NodeKeyPair>, trusted_nodes: BTreeSet<NodeId>) -> Deadline<Connect> {
 	let connect = Connect {
 		state: ConnectState::TcpConnect(TcpStream::connect(address, handle)),
 		address: address.clone(),
@@ -48,7 +48,7 @@ enum ConnectState {
 pub struct Connect {
 	state: ConnectState,
 	address: SocketAddr,
-	self_key_pair: KeyPair,
+	self_key_pair: Arc<NodeKeyPair>,
 	trusted_nodes: BTreeSet<NodeId>,
 }
 
diff --git a/secret_store/src/key_storage.rs b/secret_store/src/key_storage.rs
index d5af7a5fa..08ebe6e1c 100644
--- a/secret_store/src/key_storage.rs
+++ b/secret_store/src/key_storage.rs
@@ -241,7 +241,6 @@ pub mod tests {
 			data_path: path.as_str().to_owned(),
 			cluster_config: ClusterConfiguration {
 				threads: 1,
-				self_private: (**Random.generate().unwrap().secret().clone()).into(),
 				listener_address: NodeAddress {
 					address: "0.0.0.0".to_owned(),
 					port: 8083,
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index 9750f7223..7e9897e60 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -59,22 +59,24 @@ mod key_server;
 mod key_storage;
 mod serialization;
 mod key_server_set;
+mod node_key_pair;
 
 use std::sync::Arc;
 use ethcore::client::Client;
 
 pub use types::all::{ServerKeyId, EncryptedDocumentKey, RequestSignature, Public,
 	Error, NodeAddress, ServiceConfiguration, ClusterConfiguration};
-pub use traits::{KeyServer};
+pub use traits::{NodeKeyPair, KeyServer};
+pub use self::node_key_pair::{PlainNodeKeyPair, KeyStoreNodeKeyPair};
 
 /// Start new key server instance
-pub fn start(client: Arc<Client>, config: ServiceConfiguration) -> Result<Box<KeyServer>, Error> {
+pub fn start(client: Arc<Client>, self_key_pair: Arc<NodeKeyPair>, config: ServiceConfiguration) -> Result<Box<KeyServer>, Error> {
 	use std::sync::Arc;
 
 	let acl_storage = acl_storage::OnChainAclStorage::new(&client);
 	let key_server_set = key_server_set::OnChainKeyServerSet::new(&client, config.cluster_config.nodes.clone())?;
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(&config)?);
-	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, acl_storage, key_storage)?;
+	let key_server = key_server::KeyServerImpl::new(&config.cluster_config, key_server_set, self_key_pair, acl_storage, key_storage)?;
 	let listener = http_listener::KeyServerHttpListener::start(&config.listener_address, key_server)?;
 	Ok(Box::new(listener))
 }
diff --git a/secret_store/src/node_key_pair.rs b/secret_store/src/node_key_pair.rs
new file mode 100644
index 000000000..ce6c88a07
--- /dev/null
+++ b/secret_store/src/node_key_pair.rs
@@ -0,0 +1,84 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::sync::Arc;
+use ethcrypto::ecdh::agree;
+use ethkey::{KeyPair, Public, Signature, Error as EthKeyError, sign};
+use ethcore::account_provider::AccountProvider;
+use util::{Address, H256};
+use traits::NodeKeyPair;
+
+pub struct PlainNodeKeyPair {
+	key_pair: KeyPair,
+}
+
+pub struct KeyStoreNodeKeyPair {
+	account_provider: Arc<AccountProvider>,
+	address: Address,
+	public: Public,
+	password: String,
+}
+
+impl PlainNodeKeyPair {
+	pub fn new(key_pair: KeyPair) -> Self {
+		PlainNodeKeyPair {
+			key_pair: key_pair,
+		}
+	}
+}
+
+impl NodeKeyPair for PlainNodeKeyPair {
+	fn public(&self) -> &Public {
+		self.key_pair.public()
+	}
+
+	fn sign(&self, data: &H256) -> Result<Signature, EthKeyError> {
+		sign(self.key_pair.secret(), data)
+	}
+
+	fn compute_shared_key(&self, peer_public: &Public) -> Result<KeyPair, EthKeyError> {
+		agree(self.key_pair.secret(), peer_public).map_err(|e| EthKeyError::Custom(e.into()))
+			.and_then(KeyPair::from_secret)
+	}
+}
+
+impl KeyStoreNodeKeyPair {
+	pub fn new(account_provider: Arc<AccountProvider>, address: Address, password: String) -> Result<Self, EthKeyError> {
+		let public = account_provider.account_public(address.clone(), &password).map_err(|e| EthKeyError::Custom(format!("{}", e)))?;
+		Ok(KeyStoreNodeKeyPair {
+			account_provider: account_provider,
+			address: address,
+			public: public,
+			password: password,
+		})
+	}
+}
+
+impl NodeKeyPair for KeyStoreNodeKeyPair {
+	fn public(&self) -> &Public {
+		&self.public
+	}
+
+	fn sign(&self, data: &H256) -> Result<Signature, EthKeyError> {
+		self.account_provider.sign(self.address.clone(), Some(self.password.clone()), data.clone())
+			.map_err(|e| EthKeyError::Custom(format!("{}", e)))
+	}
+
+	fn compute_shared_key(&self, peer_public: &Public) -> Result<KeyPair, EthKeyError> {
+		KeyPair::from_secret(self.account_provider.agree(self.address.clone(), Some(self.password.clone()), peer_public)
+			.map_err(|e| EthKeyError::Custom(format!("{}", e)))?)
+	}
+}
diff --git a/secret_store/src/traits.rs b/secret_store/src/traits.rs
index 33a4eff3c..31da748e0 100644
--- a/secret_store/src/traits.rs
+++ b/secret_store/src/traits.rs
@@ -14,9 +14,21 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+use ethkey::{KeyPair, Signature, Error as EthKeyError};
+use util::H256;
 use types::all::{Error, Public, ServerKeyId, MessageHash, EncryptedMessageSignature, RequestSignature, EncryptedDocumentKey,
 	EncryptedDocumentKeyShadow};
 
+/// Node key pair.
+pub trait NodeKeyPair: Send + Sync {
+	/// Public portion of key.
+	fn public(&self) -> &Public;
+	/// Sign data with node key.
+	fn sign(&self, data: &H256) -> Result<Signature, EthKeyError>;
+	/// Compute shared key to encrypt channel between two nodes.
+	fn compute_shared_key(&self, peer_public: &Public) -> Result<KeyPair, EthKeyError>;
+}
+
 /// Server key (SK) generator.
 pub trait ServerKeyGenerator {
 	/// Generate new SK.
diff --git a/secret_store/src/types/all.rs b/secret_store/src/types/all.rs
index 54fc8acae..8dc92f175 100644
--- a/secret_store/src/types/all.rs
+++ b/secret_store/src/types/all.rs
@@ -83,8 +83,6 @@ pub struct ServiceConfiguration {
 pub struct ClusterConfiguration {
 	/// Number of threads reserved by cluster.
 	pub threads: usize,
-	/// Private key this node holds.
-	pub self_private: Vec<u8>, // holds ethkey::Secret
 	/// This node address.
 	pub listener_address: NodeAddress,
 	/// All cluster nodes addresses.

From 45087599efdf8ac5f80f6e1df112d747131b91c0 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 9 Aug 2017 12:33:41 +0300
Subject: [PATCH 047/112] lost commit

---
 Cargo.lock          | 1 -
 ethstore/Cargo.toml | 1 -
 ethstore/src/lib.rs | 1 -
 3 files changed, 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 2f5ed0a21..e2b4da1eb 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -847,7 +847,6 @@ name = "ethstore"
 version = "0.1.0"
 dependencies = [
  "ethcore-bigint 0.1.3",
- "ethcore-util 1.8.0",
  "ethcrypto 0.1.0",
  "ethkey 0.2.0",
  "itertools 0.5.9 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/ethstore/Cargo.toml b/ethstore/Cargo.toml
index 0f91a663c..200dec366 100755
--- a/ethstore/Cargo.toml
+++ b/ethstore/Cargo.toml
@@ -19,7 +19,6 @@ itertools = "0.5"
 parking_lot = "0.4"
 ethcrypto = { path = "../ethcrypto" }
 ethcore-bigint = { path = "../util/bigint" }
-ethcore-util = { path = "../util" }
 smallvec = "0.4"
 parity-wordlist = "1.0"
 tempdir = "0.3"
diff --git a/ethstore/src/lib.rs b/ethstore/src/lib.rs
index 311e9e73a..65935f89c 100755
--- a/ethstore/src/lib.rs
+++ b/ethstore/src/lib.rs
@@ -35,7 +35,6 @@ extern crate ethcore_bigint as bigint;
 extern crate ethcrypto as crypto;
 extern crate ethkey as _ethkey;
 extern crate parity_wordlist;
-extern crate ethcore_util as util;
 
 #[macro_use]
 extern crate log;

From a8a11e56dbd3f9727f741d65c0da381cb1e220c0 Mon Sep 17 00:00:00 2001
From: Marek Kotewicz <marek.kotewicz@gmail.com>
Date: Wed, 9 Aug 2017 16:40:52 +0200
Subject: [PATCH 048/112] updated jsonrpc (#6264)

---
 Cargo.lock | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index e2b4da1eb..fd472676c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1217,7 +1217,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 [[package]]
 name = "jsonrpc-core"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1229,7 +1229,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-http-server"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "hyper 0.10.0-a.0 (git+https://github.com/paritytech/hyper)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
@@ -1242,7 +1242,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-ipc-server"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "bytes 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
@@ -1255,7 +1255,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-macros"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "jsonrpc-pubsub 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
@@ -1265,7 +1265,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-minihttp-server"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "bytes 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
@@ -1280,7 +1280,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-pubsub"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1290,7 +1290,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-server-utils"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "bytes 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)",
  "globset 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1303,7 +1303,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-tcp-server"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "bytes 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
@@ -1317,7 +1317,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-ws-server"
 version = "7.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#4d3ec22c7aba426988a678b489b2791e95283699"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7#b5490782884218c5ccf74cd61e54904cb3a3aeed"
 dependencies = [
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "jsonrpc-server-utils 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",

From cc95edf4dce6cdc40ab013744837f5602d55a8cb Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 9 Aug 2017 18:17:28 +0300
Subject: [PATCH 049/112] fixed grumbles

---
 parity/secretstore.rs                                     | 5 +++++
 secret_store/src/http_listener.rs                         | 6 ------
 secret_store/src/key_server_cluster/decryption_session.rs | 2 +-
 secret_store/src/key_server_cluster/signing_session.rs    | 2 +-
 secret_store/src/key_storage.rs                           | 2 +-
 5 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index 8094ef323..eb5922540 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -87,6 +87,7 @@ mod server {
 	use std::sync::Arc;
 	use ethcore_secretstore;
 	use ethkey::KeyPair;
+	use ansi_term::Colour::Red;
 	use super::{Configuration, Dependencies, NodeSecretKey};
 
 	/// Key server
@@ -97,6 +98,10 @@ mod server {
 	impl KeyServer {
 		/// Create new key server
 		pub fn new(mut conf: Configuration, deps: Dependencies) -> Result<Self, String> {
+			if !conf.acl_check_enabled {
+				warn!("Running SecretStore with disabled ACL check: {}", Red.bold().paint("everyone has access to stored keys"));
+			}
+
 			let self_secret: Arc<ethcore_secretstore::NodeKeyPair> = match conf.self_secret.take() {
 				Some(NodeSecretKey::Plain(secret)) => Arc::new(ethcore_secretstore::PlainNodeKeyPair::new(
 					KeyPair::from_secret(secret).map_err(|e| format!("invalid secret: {}", e))?)),
diff --git a/secret_store/src/http_listener.rs b/secret_store/src/http_listener.rs
index 86688618a..883389365 100644
--- a/secret_store/src/http_listener.rs
+++ b/secret_store/src/http_listener.rs
@@ -78,9 +78,6 @@ impl<T> KeyServerHttpListener<T> where T: KeyServer + 'static {
 		let shared_handler = Arc::new(KeyServerSharedHttpHandler {
 			key_server: key_server,
 		});
-		/*let handler = KeyServerHttpHandler {
-			handler: shared_handler.clone(),
-		};*/
 
 		let http_server = listener_address
 			.map(|listener_address| format!("{}:{}", listener_address.address, listener_address.port))
@@ -89,9 +86,6 @@ impl<T> KeyServerHttpListener<T> where T: KeyServer + 'static {
 				handler: shared_handler.clone(),
 			}).expect("cannot start HttpServer"));
 
-		/*let listener_addr: &str = &format!("{}:{}", listener_address.address, listener_address.port);
-		let http_server = HttpServer::http(&listener_addr).expect("cannot start HttpServer");
-		let http_server = http_server.handle(handler).expect("cannot start HttpServer");*/
 		let listener = KeyServerHttpListener {
 			http_server: http_server,
 			handler: shared_handler,
diff --git a/secret_store/src/key_server_cluster/decryption_session.rs b/secret_store/src/key_server_cluster/decryption_session.rs
index afc73f858..bc3c6aad0 100644
--- a/secret_store/src/key_server_cluster/decryption_session.rs
+++ b/secret_store/src/key_server_cluster/decryption_session.rs
@@ -467,7 +467,7 @@ impl Ord for DecryptionSessionId {
 mod tests {
 	use std::sync::Arc;
 	use std::collections::BTreeMap;
-	use super::super::super::acl_storage::DummyAclStorage;
+	use acl_storage::DummyAclStorage;
 	use ethkey::{self, KeyPair, Random, Generator, Public, Secret};
 	use key_server_cluster::{NodeId, DocumentKeyShare, SessionId, Error, EncryptedDocumentKeyShadow, SessionMeta};
 	use key_server_cluster::cluster::tests::DummyCluster;
diff --git a/secret_store/src/key_server_cluster/signing_session.rs b/secret_store/src/key_server_cluster/signing_session.rs
index e647c8b14..e56306142 100644
--- a/secret_store/src/key_server_cluster/signing_session.rs
+++ b/secret_store/src/key_server_cluster/signing_session.rs
@@ -572,7 +572,7 @@ mod tests {
 	use std::collections::{BTreeMap, VecDeque};
 	use ethkey::{self, Random, Generator, Public};
 	use util::H256;
-	use super::super::super::acl_storage::DummyAclStorage;
+	use acl_storage::DummyAclStorage;
 	use key_server_cluster::{NodeId, SessionId, SessionMeta, Error, KeyStorage};
 	use key_server_cluster::cluster::tests::DummyCluster;
 	use key_server_cluster::generation_session::{Session as GenerationSession};
diff --git a/secret_store/src/key_storage.rs b/secret_store/src/key_storage.rs
index 2fad4cdf7..fdbb5fa40 100644
--- a/secret_store/src/key_storage.rs
+++ b/secret_store/src/key_storage.rs
@@ -200,7 +200,7 @@ pub mod tests {
 	use devtools::RandomTempPath;
 	use ethkey::{Random, Generator, Public, Secret};
 	use util::Database;
-	use super::super::types::all::{Error, NodeAddress, ServiceConfiguration, ClusterConfiguration, ServerKeyId};
+	use types::all::{Error, NodeAddress, ServiceConfiguration, ClusterConfiguration, ServerKeyId};
 	use super::{DB_META_KEY_VERSION, KeyStorage, PersistentKeyStorage, DocumentKeyShare,
 		SerializableDocumentKeyShareV0, SerializableDocumentKeyShareV1, upgrade_db};
 

From d6eb05382672e026545bf9a9ca2747c37f5c10a6 Mon Sep 17 00:00:00 2001
From: Nicolas Gotchac <ngotchac@gmail.com>
Date: Wed, 9 Aug 2017 19:06:14 +0200
Subject: [PATCH 050/112] Add support for ConsenSys multisig wallet (#6153)

* First draft of ConsenSys wallet

* Fix transfer store // WIP Consensys Wallet

* Rename walletABI JSON file

* Fix linting

* Fix wrong daylimit in wallet modal

* Confirm/Revoke ConsensysWallet txs

* Linting

* Change of settings for the Multisig Wallet
---
 .../abi/consensys-multisig-wallet.json        | 510 ++++++++++++++++++
 ...t.json => foundation-multisig-wallet.json} |   0
 js/src/contracts/abi/index.js                 |   2 +-
 js/src/modals/AddContract/types.js            |   4 +-
 .../modals/CreateWallet/createWalletStore.js  |   6 +-
 js/src/modals/Transfer/store.js               | 305 ++++-------
 .../WalletSettings/walletSettingsStore.js     |  86 +--
 js/src/redux/providers/personalActions.js     |   2 +-
 js/src/redux/providers/walletActions.js       | 260 ++-------
 js/src/util/tx.js                             |  74 +--
 js/src/util/wallets.js                        | 426 +++++----------
 js/src/util/wallets/consensys-wallet.js       | 354 ++++++++++++
 js/src/util/wallets/foundation-wallet.js      | 500 +++++++++++++++++
 js/src/util/wallets/pending-contracts.js      |  49 ++
 js/src/util/wallets/updates.js                |  21 +
 15 files changed, 1818 insertions(+), 781 deletions(-)
 create mode 100644 js/src/contracts/abi/consensys-multisig-wallet.json
 rename js/src/contracts/abi/{wallet.json => foundation-multisig-wallet.json} (100%)
 create mode 100644 js/src/util/wallets/consensys-wallet.js
 create mode 100644 js/src/util/wallets/foundation-wallet.js
 create mode 100644 js/src/util/wallets/pending-contracts.js
 create mode 100644 js/src/util/wallets/updates.js

diff --git a/js/src/contracts/abi/consensys-multisig-wallet.json b/js/src/contracts/abi/consensys-multisig-wallet.json
new file mode 100644
index 000000000..79623637d
--- /dev/null
+++ b/js/src/contracts/abi/consensys-multisig-wallet.json
@@ -0,0 +1,510 @@
+[
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "name": "owners",
+    "outputs": [
+      {
+        "name": "",
+        "type": "address"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "owner",
+        "type": "address"
+      }
+    ],
+    "name": "removeOwner",
+    "outputs": [],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "revokeConfirmation",
+    "outputs": [],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "",
+        "type": "address"
+      }
+    ],
+    "name": "isOwner",
+    "outputs": [
+      {
+        "name": "",
+        "type": "bool"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "",
+        "type": "uint256"
+      },
+      {
+        "name": "",
+        "type": "address"
+      }
+    ],
+    "name": "confirmations",
+    "outputs": [
+      {
+        "name": "",
+        "type": "bool"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "pending",
+        "type": "bool"
+      },
+      {
+        "name": "executed",
+        "type": "bool"
+      }
+    ],
+    "name": "getTransactionCount",
+    "outputs": [
+      {
+        "name": "count",
+        "type": "uint256"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "owner",
+        "type": "address"
+      }
+    ],
+    "name": "addOwner",
+    "outputs": [],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "isConfirmed",
+    "outputs": [
+      {
+        "name": "",
+        "type": "bool"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "getConfirmationCount",
+    "outputs": [
+      {
+        "name": "count",
+        "type": "uint256"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "name": "transactions",
+    "outputs": [
+      {
+        "name": "destination",
+        "type": "address"
+      },
+      {
+        "name": "value",
+        "type": "uint256"
+      },
+      {
+        "name": "data",
+        "type": "bytes"
+      },
+      {
+        "name": "executed",
+        "type": "bool"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [],
+    "name": "getOwners",
+    "outputs": [
+      {
+        "name": "",
+        "type": "address[]"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "from",
+        "type": "uint256"
+      },
+      {
+        "name": "to",
+        "type": "uint256"
+      },
+      {
+        "name": "pending",
+        "type": "bool"
+      },
+      {
+        "name": "executed",
+        "type": "bool"
+      }
+    ],
+    "name": "getTransactionIds",
+    "outputs": [
+      {
+        "name": "_transactionIds",
+        "type": "uint256[]"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [
+      {
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "getConfirmations",
+    "outputs": [
+      {
+        "name": "_confirmations",
+        "type": "address[]"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [],
+    "name": "transactionCount",
+    "outputs": [
+      {
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "_required",
+        "type": "uint256"
+      }
+    ],
+    "name": "changeRequirement",
+    "outputs": [],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "confirmTransaction",
+    "outputs": [],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "destination",
+        "type": "address"
+      },
+      {
+        "name": "value",
+        "type": "uint256"
+      },
+      {
+        "name": "data",
+        "type": "bytes"
+      }
+    ],
+    "name": "submitTransaction",
+    "outputs": [
+      {
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [],
+    "name": "MAX_OWNER_COUNT",
+    "outputs": [
+      {
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": true,
+    "inputs": [],
+    "name": "required",
+    "outputs": [
+      {
+        "name": "",
+        "type": "uint256"
+      }
+    ],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "owner",
+        "type": "address"
+      },
+      {
+        "name": "newOwner",
+        "type": "address"
+      }
+    ],
+    "name": "replaceOwner",
+    "outputs": [],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "constant": false,
+    "inputs": [
+      {
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "executeTransaction",
+    "outputs": [],
+    "payable": false,
+    "type": "function"
+  },
+  {
+    "inputs": [
+      {
+        "name": "_owners",
+        "type": "address[]"
+      },
+      {
+        "name": "_required",
+        "type": "uint256"
+      }
+    ],
+    "payable": false,
+    "type": "constructor"
+  },
+  {
+    "payable": true,
+    "type": "fallback"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "sender",
+        "type": "address"
+      },
+      {
+        "indexed": true,
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "Confirmation",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "sender",
+        "type": "address"
+      },
+      {
+        "indexed": true,
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "Revocation",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "Submission",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "Execution",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "transactionId",
+        "type": "uint256"
+      }
+    ],
+    "name": "ExecutionFailure",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "sender",
+        "type": "address"
+      },
+      {
+        "indexed": false,
+        "name": "value",
+        "type": "uint256"
+      }
+    ],
+    "name": "Deposit",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "owner",
+        "type": "address"
+      }
+    ],
+    "name": "OwnerAddition",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": true,
+        "name": "owner",
+        "type": "address"
+      }
+    ],
+    "name": "OwnerRemoval",
+    "type": "event"
+  },
+  {
+    "anonymous": false,
+    "inputs": [
+      {
+        "indexed": false,
+        "name": "required",
+        "type": "uint256"
+      }
+    ],
+    "name": "RequirementChange",
+    "type": "event"
+  }
+]
diff --git a/js/src/contracts/abi/wallet.json b/js/src/contracts/abi/foundation-multisig-wallet.json
similarity index 100%
rename from js/src/contracts/abi/wallet.json
rename to js/src/contracts/abi/foundation-multisig-wallet.json
diff --git a/js/src/contracts/abi/index.js b/js/src/contracts/abi/index.js
index 8985d869e..f475cce07 100644
--- a/js/src/contracts/abi/index.js
+++ b/js/src/contracts/abi/index.js
@@ -28,4 +28,4 @@ export registry2 from './registry2.json';
 export signaturereg from './signaturereg.json';
 export smsverification from './sms-verification.json';
 export tokenreg from './tokenreg.json';
-export wallet from './wallet.json';
+export foundationWallet from './foundation-multisig-wallet.json';
diff --git a/js/src/modals/AddContract/types.js b/js/src/modals/AddContract/types.js
index b229fc7ac..dd1e20fbc 100644
--- a/js/src/modals/AddContract/types.js
+++ b/js/src/modals/AddContract/types.js
@@ -17,7 +17,7 @@
 import React from 'react';
 import { FormattedMessage } from 'react-intl';
 
-import { eip20, wallet } from '~/contracts/abi';
+import { eip20, foundationWallet } from '~/contracts/abi';
 
 const ABI_TYPES = [
   {
@@ -72,7 +72,7 @@ const ABI_TYPES = [
     ),
     readOnly: true,
     type: 'multisig',
-    value: JSON.stringify(wallet)
+    value: JSON.stringify(foundationWallet)
   },
   {
     description: (
diff --git a/js/src/modals/CreateWallet/createWalletStore.js b/js/src/modals/CreateWallet/createWalletStore.js
index d614e8041..26ed5816c 100644
--- a/js/src/modals/CreateWallet/createWalletStore.js
+++ b/js/src/modals/CreateWallet/createWalletStore.js
@@ -21,7 +21,7 @@ import { FormattedMessage } from 'react-intl';
 
 import Contract from '~/api/contract';
 import Contracts from '~/contracts';
-import { wallet as walletAbi } from '~/contracts/abi';
+import { foundationWallet as walletAbi } from '~/contracts/abi';
 import { wallet as walletCode, walletLibrary as walletLibraryCode, walletLibraryRegKey, fullWalletCode } from '~/contracts/code/wallet';
 
 import { validateUint, validateAddress, validateName } from '~/util/validation';
@@ -163,11 +163,11 @@ export default class CreateWalletStore {
         WalletsUtils.fetchOwners(walletContract),
         WalletsUtils.fetchDailylimit(walletContract)
       ])
-      .then(([ require, owners, dailylimit ]) => {
+      .then(([ require, owners, daylimit ]) => {
         transaction(() => {
           this.wallet.owners = owners;
           this.wallet.required = require.toNumber();
-          this.wallet.dailylimit = dailylimit.limit;
+          this.wallet.daylimit = daylimit.limit;
 
           this.wallet = this.getWalletWithMeta(this.wallet);
         });
diff --git a/js/src/modals/Transfer/store.js b/js/src/modals/Transfer/store.js
index 737bab778..eaccf4f40 100644
--- a/js/src/modals/Transfer/store.js
+++ b/js/src/modals/Transfer/store.js
@@ -18,12 +18,12 @@ import { noop } from 'lodash';
 import { observable, computed, action, transaction } from 'mobx';
 import BigNumber from 'bignumber.js';
 
-import { eip20 as tokenAbi, wallet as walletAbi } from '~/contracts/abi';
+import { eip20 as tokenAbi } from '~/contracts/abi';
 import { fromWei } from '~/api/util/wei';
-import Contract from '~/api/contract';
 import ERRORS from './errors';
-import { DEFAULT_GAS, DEFAULT_GASPRICE, MAX_GAS_ESTIMATION } from '~/util/constants';
+import { DEFAULT_GAS } from '~/util/constants';
 import { ETH_TOKEN } from '~/util/tokens';
+import { getTxOptions } from '~/util/tx';
 import GasPriceStore from '~/ui/GasPriceEditor/store';
 import { getLogger, LOG_KEYS } from '~/config';
 
@@ -92,7 +92,6 @@ export default class TransferStore {
 
     if (this.isWallet) {
       this.wallet = props.wallet;
-      this.walletContract = new Contract(this.api, walletAbi);
     }
 
     if (senders) {
@@ -115,19 +114,13 @@ export default class TransferStore {
   @computed get isValid () {
     const detailsValid = !this.recipientError && !this.valueError && !this.totalError && !this.senderError;
     const extrasValid = !this.gasStore.errorGas && !this.gasStore.errorPrice && !this.gasStore.conditionBlockError && !this.totalError;
-    const verifyValid = !this.passwordError;
 
     switch (this.stage) {
       case 0:
         return detailsValid;
 
       case 1:
-        return this.extras
-          ? extrasValid
-          : verifyValid;
-
-      case 2:
-        return verifyValid;
+        return extrasValid;
     }
   }
 
@@ -263,16 +256,21 @@ export default class TransferStore {
 
     if (this.isWallet && !valueError) {
       const { last, limit, spent } = this.wallet.dailylimit;
-      const remains = fromWei(limit.minus(spent));
-      const today = Math.round(Date.now() / (24 * 3600 * 1000));
-      const isResetable = last.lt(today);
 
-      if ((!isResetable && remains.lt(value)) || fromWei(limit).lt(value)) {
-        // already spent too much today
-        this.walletWarning = WALLET_WARNING_SPENT_TODAY_LIMIT;
-      } else if (this.walletWarning) {
-        // all ok
-        this.walletWarning = null;
+      // Don't show a warning if the limit is 0
+      // (will always need confirmations)
+      if (limit.gt(0)) {
+        const remains = fromWei(limit.minus(spent));
+        const today = Math.round(Date.now() / (24 * 3600 * 1000));
+        const willResetLimit = last.lt(today);
+
+        if ((!willResetLimit && remains.lt(value)) || fromWei(limit).lt(value)) {
+          // already spent too much today
+          this.walletWarning = WALLET_WARNING_SPENT_TODAY_LIMIT;
+        } else if (this.walletWarning) {
+          // all ok
+          this.walletWarning = null;
+        }
       }
     }
 
@@ -312,24 +310,16 @@ export default class TransferStore {
       });
   }
 
-  getBalance (forceSender = false) {
-    if (this.isWallet && !forceSender) {
-      return this.balance;
-    }
-
-    const balance = this.senders
-      ? this.sendersBalances[this.sender]
-      : this.balance;
-
-    return balance;
-  }
-
   /**
    * Return the balance of the selected token
    * (in WEI for ETH, without formating for other tokens)
    */
-  getTokenBalance (token = this.token, forceSender = false) {
-    return new BigNumber(this.balance[token.id] || 0);
+  getTokenBalance (token = this.token, address = this.account.address) {
+    const balance = address === this.account.address
+      ? this.balance
+      : this.sendersBalances[address];
+
+    return new BigNumber(balance[token.id] || 0);
   }
 
   getTokenValue (token = this.token, value = this.value, inverse = false) {
@@ -348,54 +338,30 @@ export default class TransferStore {
     return _value.mul(token.format);
   }
 
-  getValues (_gasTotal) {
-    const gasTotal = new BigNumber(_gasTotal || 0);
+  getValue () {
     const { valueAll, isEth, isWallet } = this;
 
-    log.debug('@getValues', 'gas', gasTotal.toFormat());
-
     if (!valueAll) {
       const value = this.getTokenValue();
 
-      // If it's a token or a wallet, eth is the estimated gas,
-      // and value is the user input
-      if (!isEth || isWallet) {
-        return {
-          eth: gasTotal,
-          token: value
-        };
-      }
-
-      // Otherwise, eth is the sum of the gas and the user input
-      const totalEthValue = gasTotal.plus(value);
-
-      return {
-        eth: totalEthValue,
-        token: value
-      };
+      return value;
     }
 
-    // If it's the total balance that needs to be sent, send the total balance
-    // if it's not a proper ETH transfer
+    const balance = this.getTokenBalance();
+
     if (!isEth || isWallet) {
-      const tokenBalance = this.getTokenBalance();
-
-      return {
-        eth: gasTotal,
-        token: tokenBalance
-      };
+      return balance;
     }
 
-    // Otherwise, substract the gas estimate
-    const availableEth = this.getTokenBalance(ETH_TOKEN);
-    const totalEthValue = availableEth.gt(gasTotal)
-      ? availableEth.minus(gasTotal)
+    // substract the gas estimate
+    const gasTotal = new BigNumber(this.gasStore.price || 0)
+      .mul(new BigNumber(this.gasStore.gas || 0));
+
+    const totalEthValue = balance.gt(gasTotal)
+      ? balance.minus(gasTotal)
       : new BigNumber(0);
 
-    return {
-      eth: totalEthValue.plus(gasTotal),
-      token: totalEthValue
-    };
+    return totalEthValue;
   }
 
   getFormattedTokenValue (tokenValue) {
@@ -403,160 +369,125 @@ export default class TransferStore {
   }
 
   @action recalculate = (redo = false) => {
-    const { account } = this;
+    const { account, balance } = this;
 
-    if (!account || !this.balance) {
+    if (!account || !balance) {
       return;
     }
 
-    const balance = this.getBalance();
+    return this.getTransactionOptions()
+      .then((options) => {
+        const gasTotal = options.gas.mul(options.gasPrice);
 
-    if (!balance) {
-      return;
-    }
+        const tokenValue = this.getValue();
+        const ethValue = options.value.add(gasTotal);
 
-    const gasTotal = new BigNumber(this.gasStore.price || 0).mul(new BigNumber(this.gasStore.gas || 0));
+        const tokenBalance = this.getTokenBalance();
+        const ethBalance = this.getTokenBalance(ETH_TOKEN, options.from);
 
-    const ethBalance = this.getTokenBalance(ETH_TOKEN, true);
-    const tokenBalance = this.getTokenBalance();
-    const { eth, token } = this.getValues(gasTotal);
+        let totalError = null;
+        let valueError = null;
 
-    let totalError = null;
-    let valueError = null;
+        if (tokenValue.gt(tokenBalance)) {
+          valueError = ERRORS.largeAmount;
+        }
 
-    if (eth.gt(ethBalance)) {
-      totalError = ERRORS.largeAmount;
-    }
+        if (ethValue.gt(ethBalance)) {
+          totalError = ERRORS.largeAmount;
+        }
 
-    if (token && token.gt(tokenBalance)) {
-      valueError = ERRORS.largeAmount;
-    }
+        log.debug('@recalculate', {
+          eth: ethValue.toFormat(),
+          token: tokenValue.toFormat(),
+          ethBalance: ethBalance.toFormat(),
+          tokenBalance: tokenBalance.toFormat(),
+          gasTotal: gasTotal.toFormat()
+        });
 
-    log.debug('@recalculate', {
-      eth: eth.toFormat(),
-      token: token.toFormat(),
-      ethBalance: ethBalance.toFormat(),
-      tokenBalance: tokenBalance.toFormat(),
-      gasTotal: gasTotal.toFormat()
-    });
+        transaction(() => {
+          this.totalError = totalError;
+          this.valueError = valueError;
+          this.gasStore.setErrorTotal(totalError);
+          this.gasStore.setEthValue(options.value);
 
-    transaction(() => {
-      this.totalError = totalError;
-      this.valueError = valueError;
-      this.gasStore.setErrorTotal(totalError);
-      this.gasStore.setEthValue(eth.sub(gasTotal));
+          this.total = fromWei(ethValue).toFixed();
 
-      this.total = this.api.util.fromWei(eth).toFixed();
+          const nextValue = this.getFormattedTokenValue(tokenValue);
+          let prevValue;
 
-      const nextValue = this.getFormattedTokenValue(token);
-      let prevValue;
+          try {
+            prevValue = new BigNumber(this.value || 0);
+          } catch (error) {
+            prevValue = new BigNumber(0);
+          }
 
-      try {
-        prevValue = new BigNumber(this.value || 0);
-      } catch (error) {
-        prevValue = new BigNumber(0);
-      }
+          // Change the input only if necessary
+          if (!nextValue.eq(prevValue)) {
+            this.value = nextValue.toString();
+          }
 
-      // Change the input only if necessary
-      if (!nextValue.eq(prevValue)) {
-        this.value = nextValue.toString();
-      }
-
-      // Re Calculate gas once more to be sure
-      if (redo) {
-        return this.recalculateGas(false);
-      }
-    });
-  }
-
-  send () {
-    const { options, values } = this._getTransferParams();
-
-    log.debug('@send', 'transfer value', options.value && options.value.toFormat());
-
-    return this._getTransferMethod().postTransaction(options, values);
-  }
-
-  _estimateGas (forceToken = false) {
-    const { options, values } = this._getTransferParams(true, forceToken);
-
-    return this._getTransferMethod(true, forceToken).estimateGas(options, values);
+          // Re Calculate gas once more to be sure
+          if (redo) {
+            return this.recalculateGas(false);
+          }
+        });
+      });
   }
 
   estimateGas () {
-    return this._estimateGas();
+    return this.getTransactionOptions()
+      .then((options) => {
+        return this.api.eth.estimateGas(options);
+      });
   }
 
-  _getTransferMethod (gas = false, forceToken = false) {
-    const { isEth, isWallet } = this;
+  send () {
+    return this.getTransactionOptions()
+      .then((options) => {
+        log.debug('@send', 'transfer value', options.value && options.value.toFormat());
 
-    if (isEth && !isWallet && !forceToken) {
-      return gas ? this.api.eth : this.api.parity;
-    }
-
-    if (isWallet && !forceToken) {
-      return this.wallet.instance.execute;
-    }
-
-    return this.tokenContract.at(this.token.address).instance.transfer;
+        return this.api.parity.postTransaction(options);
+      });
   }
 
-  _getData (gas = false) {
-    const { isEth, isWallet } = this;
+  getTransactionOptions () {
+    const [ func, options, values ] = this._getTransactionArgs();
 
-    if (!isWallet || isEth) {
-      return this.data && this.data.length ? this.data : '';
-    }
-
-    const func = this._getTransferMethod(gas, true);
-    const { options, values } = this._getTransferParams(gas, true);
-
-    return this.tokenContract.at(this.token.address).getCallData(func, options, values);
+    return getTxOptions(this.api, func, options, values)
+      .then((_options) => {
+        delete _options.sender;
+        return _options;
+      });
   }
 
-  _getTransferParams (gas = false, forceToken = false) {
-    const { isEth, isWallet } = this;
-
-    const to = (isEth && !isWallet) ? this.recipient
-      : (this.isWallet ? this.wallet.address : this.token.address);
+  _getTransactionArgs () {
+    const { isEth } = this;
 
+    const value = this.getValue();
     const options = this.gasStore.overrideTransaction({
-      from: this.sender || this.account.address,
-      to
+      from: this.account.address,
+      sender: this.sender
     });
 
-    if (gas) {
-      options.gas = MAX_GAS_ESTIMATION;
-    }
-
-    const gasTotal = new BigNumber(options.gas || DEFAULT_GAS).mul(options.gasPrice || DEFAULT_GASPRICE);
-    const { token } = this.getValues(gasTotal);
-
-    if (isEth && !isWallet && !forceToken) {
-      options.value = token;
-      options.data = this._getData(gas);
-
-      return { options, values: [] };
-    }
-
-    if (isWallet && !forceToken) {
-      const to = isEth ? this.recipient : this.token.address;
-      const value = isEth ? token : new BigNumber(0);
-
-      const values = [
-        to, value,
-        this._getData(gas)
-      ];
-
-      return { options, values };
+    // A simple ETH transfer
+    if (isEth) {
+      options.value = value;
+      options.data = this.data || '';
+      options.to = this.recipient;
+
+      return [ null, options ];
     }
 
+    // A token transfer
+    const tokenContract = this.tokenContract.at(this.token.address);
     const values = [
       this.recipient,
-      token.toFixed(0)
+      value
     ];
 
-    return { options, values };
+    options.to = this.token.address;
+
+    return [ tokenContract.instance.transfer, options, values ];
   }
 
   _validatePositiveNumber (num) {
diff --git a/js/src/modals/WalletSettings/walletSettingsStore.js b/js/src/modals/WalletSettings/walletSettingsStore.js
index d31ec9eb2..c3adb812e 100644
--- a/js/src/modals/WalletSettings/walletSettingsStore.js
+++ b/js/src/modals/WalletSettings/walletSettingsStore.js
@@ -20,6 +20,7 @@ import BigNumber from 'bignumber.js';
 
 import { validateUint, validateAddress } from '~/util/validation';
 import { DEFAULT_GAS, MAX_GAS_ESTIMATION } from '~/util/constants';
+import WalletsUtils from '~/util/wallets';
 
 const STEPS = {
   EDIT: { title: 'wallet settings' },
@@ -220,8 +221,6 @@ export default class WalletSettingsStore {
     this.api = api;
     this.step = this.stepsKeys[0];
 
-    this.walletInstance = wallet.instance;
-
     this.initialWallet = {
       address: wallet.address,
       owners: wallet.owners,
@@ -280,72 +279,43 @@ export default class WalletSettingsStore {
 
   @action send = () => {
     const changes = this.changes;
-    const walletInstance = this.walletInstance;
 
-    Promise.all(changes.map((change) => this.sendChange(change, walletInstance)));
+    Promise.all(changes.map((change) => this.sendChange(change)));
     this.onClose();
   }
 
-  @action sendChange = (change, walletInstance) => {
-    const { method, values } = this.getChangeMethod(change, walletInstance);
+  @action sendChange = (change) => {
+    const { api, initialWallet } = this;
 
-    const options = {
-      from: this.wallet.sender,
-      to: this.initialWallet.address,
-      gas: MAX_GAS_ESTIMATION
-    };
-
-    return method
-      .estimateGas(options, values)
-      .then((gasEst) => {
-        let gas = gasEst;
-
-        if (gas.gt(DEFAULT_GAS)) {
-          gas = gas.mul(1.2);
+    WalletsUtils.getChangeMethod(api, initialWallet.address, change)
+      .then((changeMethod) => {
+        if (!changeMethod) {
+          return;
         }
-        options.gas = gas;
 
-        return method.postTransaction(options, values);
+        const { method, values } = changeMethod;
+
+        const options = {
+          from: this.wallet.sender,
+          to: initialWallet.address,
+          gas: MAX_GAS_ESTIMATION
+        };
+
+        return method
+          .estimateGas(options, values)
+          .then((gasEst) => {
+            let gas = gasEst;
+
+            if (gas.gt(DEFAULT_GAS)) {
+              gas = gas.mul(1.2);
+            }
+            options.gas = gas;
+
+            return method.postTransaction(options, values);
+          });
       });
   }
 
-  getChangeMethod = (change, walletInstance) => {
-    if (change.type === 'require') {
-      return {
-        method: walletInstance.changeRequirement,
-        values: [ change.value ]
-      };
-    }
-
-    if (change.type === 'dailylimit') {
-      return {
-        method: walletInstance.setDailyLimit,
-        values: [ change.value ]
-      };
-    }
-
-    if (change.type === 'add_owner') {
-      return {
-        method: walletInstance.addOwner,
-        values: [ change.value ]
-      };
-    }
-
-    if (change.type === 'change_owner') {
-      return {
-        method: walletInstance.changeOwner,
-        values: [ change.value.from, change.value.to ]
-      };
-    }
-
-    if (change.type === 'remove_owner') {
-      return {
-        method: walletInstance.removeOwner,
-        values: [ change.value ]
-      };
-    }
-  }
-
   @action validateWallet = (_wallet) => {
     const senderValidation = validateAddress(_wallet.sender);
     const requireValidation = validateUint(_wallet.require);
diff --git a/js/src/redux/providers/personalActions.js b/js/src/redux/providers/personalActions.js
index 6200537c3..f747fa92e 100644
--- a/js/src/redux/providers/personalActions.js
+++ b/js/src/redux/providers/personalActions.js
@@ -23,7 +23,7 @@ import { attachWallets } from './walletActions';
 import Contract from '~/api/contract';
 import MethodDecodingStore from '~/ui/MethodDecoding/methodDecodingStore';
 import WalletsUtils from '~/util/wallets';
-import { wallet as WalletAbi } from '~/contracts/abi';
+import { foundationWallet as WalletAbi } from '~/contracts/abi';
 
 export function personalAccountsInfo (accountsInfo) {
   const accounts = {};
diff --git a/js/src/redux/providers/walletActions.js b/js/src/redux/providers/walletActions.js
index b31a2b35b..58a8faca6 100644
--- a/js/src/redux/providers/walletActions.js
+++ b/js/src/redux/providers/walletActions.js
@@ -17,19 +17,17 @@
 import { isEqual, uniq } from 'lodash';
 
 import Contract from '~/api/contract';
-import { bytesToHex, toHex } from '~/api/util/format';
 import { ERROR_CODES } from '~/api/transport/error';
-import { wallet as WALLET_ABI } from '~/contracts/abi';
-import { MAX_GAS_ESTIMATION } from '~/util/constants';
+import { foundationWallet as WALLET_ABI } from '~/contracts/abi';
 import WalletsUtils from '~/util/wallets';
-
 import { newError } from '~/ui/Errors/actions';
-
-const UPDATE_OWNERS = 'owners';
-const UPDATE_REQUIRE = 'require';
-const UPDATE_DAILYLIMIT = 'dailylimit';
-const UPDATE_TRANSACTIONS = 'transactions';
-const UPDATE_CONFIRMATIONS = 'confirmations';
+import {
+  UPDATE_OWNERS,
+  UPDATE_REQUIRE,
+  UPDATE_DAILYLIMIT,
+  UPDATE_TRANSACTIONS,
+  UPDATE_CONFIRMATIONS
+} from '~/util/wallets/updates';
 
 export function confirmOperation (address, owner, operation) {
   return modifyOperation('confirm', address, owner, operation);
@@ -39,41 +37,25 @@ export function revokeOperation (address, owner, operation) {
   return modifyOperation('revoke', address, owner, operation);
 }
 
-function modifyOperation (method, address, owner, operation) {
+function modifyOperation (modification, address, owner, operation) {
   return (dispatch, getState) => {
     const { api } = getState();
-    const contract = new Contract(api, WALLET_ABI).at(address);
-
-    const options = {
-      from: owner,
-      gas: MAX_GAS_ESTIMATION
-    };
-
-    const values = [ operation ];
 
     dispatch(setOperationPendingState(address, operation, true));
 
-    contract.instance[method]
-      .estimateGas(options, values)
-      .then((gas) => {
-        options.gas = gas.mul(1.2);
-        return contract.instance[method].postTransaction(options, values);
-      })
+    WalletsUtils.postModifyOperation(api, address, modification, owner, operation)
       .then((requestId) => {
-        return api
-          .pollMethod('parity_checkRequest', requestId)
-          .catch((e) => {
-            dispatch(setOperationPendingState(address, operation, false));
-            if (e.code === ERROR_CODES.REQUEST_REJECTED) {
-              return;
-            }
-
-            throw e;
-          });
+        return api.pollMethod('parity_checkRequest', requestId);
       })
       .catch((error) => {
-        dispatch(setOperationPendingState(address, operation, false));
+        if (error.code === ERROR_CODES.REQUEST_REJECTED) {
+          return;
+        }
+
         dispatch(newError(error));
+      })
+      .then(() => {
+        dispatch(setOperationPendingState(address, operation, false));
       });
   };
 }
@@ -97,14 +79,18 @@ export function attachWallets (_wallets) {
       return dispatch(updateWallets({ wallets: {}, walletsAddresses: [], filterSubId: null }));
     }
 
-    const filterOptions = {
-      fromBlock: 0,
-      toBlock: 'latest',
-      address: nextAddresses
-    };
-
+    // Filter the logs from the current block
     api.eth
-      .newFilter(filterOptions)
+      .blockNumber()
+      .then((block) => {
+        const filterOptions = {
+          fromBlock: block,
+          toBlock: 'latest',
+          address: nextAddresses
+        };
+
+        return api.eth.newFilter(filterOptions);
+      })
       .then((filterId) => {
         dispatch(updateWallets({ wallets: _wallets, walletsAddresses: nextAddresses, filterSubId: filterId }));
       })
@@ -142,7 +128,6 @@ export function load (api) {
 
       api.eth
         .getFilterChanges(filterSubId)
-        .then((logs) => contract.parseEventLogs(logs))
         .then((logs) => {
           parseLogs(logs)(dispatch, getState);
         })
@@ -292,202 +277,57 @@ function fetchWalletDailylimit (contract) {
 }
 
 function fetchWalletConfirmations (contract, _operations, _owners = null, _transactions = null, getState) {
-  const walletInstance = contract.instance;
-
   const wallet = getState().wallet.wallets[contract.address];
 
   const owners = _owners || (wallet && wallet.owners) || null;
   const transactions = _transactions || (wallet && wallet.transactions) || null;
-  // Full load if no operations given, or if the one given aren't loaded yet
-  const fullLoad = !Array.isArray(_operations) || _operations
-    .filter((op) => !wallet.confirmations.find((conf) => conf.operation === op))
-    .length > 0;
+  const cache = { owners, transactions };
 
-  let promise;
-
-  if (fullLoad) {
-    promise = walletInstance
-      .ConfirmationNeeded
-      .getAllLogs()
-      .then((logs) => {
-        return logs.map((log) => ({
-          initiator: log.params.initiator.value,
-          to: log.params.to.value,
-          data: log.params.data.value,
-          value: log.params.value.value,
-          operation: bytesToHex(log.params.operation.value),
-          transactionIndex: log.transactionIndex,
-          transactionHash: log.transactionHash,
-          blockNumber: log.blockNumber,
-          confirmedBy: []
-        }));
-      })
-      .then((logs) => {
-        return logs.sort((logA, logB) => {
-          const comp = logA.blockNumber.comparedTo(logB.blockNumber);
-
-          if (comp !== 0) {
-            return comp;
-          }
-
-          return logA.transactionIndex.comparedTo(logB.transactionIndex);
-        });
-      })
-      .then((confirmations) => {
-        if (confirmations.length === 0) {
-          return confirmations;
-        }
-
-        // Only fetch confirmations for operations not
-        // yet confirmed (ie. not yet a transaction)
-        if (transactions) {
-          const operations = transactions
-            .filter((t) => t.operation)
-            .map((t) => t.operation);
-
-          return confirmations.filter((confirmation) => {
-            return !operations.includes(confirmation.operation);
-          });
-        }
-
-        return confirmations;
-      });
-  } else {
-    const { confirmations } = wallet;
-    const nextConfirmations = confirmations
-      .filter((conf) => _operations.includes(conf.operation));
-
-    promise = Promise.resolve(nextConfirmations);
-  }
-
-  return promise
+  return WalletsUtils.fetchPendingTransactions(contract, cache)
     .then((confirmations) => {
-      if (confirmations.length === 0) {
-        return confirmations;
-      }
-
-      const uniqConfirmations = Object.values(
-        confirmations.reduce((confirmations, confirmation) => {
-          confirmations[confirmation.operation] = confirmation;
-          return confirmations;
-        }, {})
-      );
-
-      const operations = uniqConfirmations.map((conf) => conf.operation);
-
-      return Promise
-        .all(operations.map((op) => fetchOperationConfirmations(contract, op, owners)))
-        .then((confirmedBys) => {
-          uniqConfirmations.forEach((_, index) => {
-            uniqConfirmations[index].confirmedBy = confirmedBys[index];
-          });
-
-          return uniqConfirmations;
-        });
-    })
-    .then((confirmations) => {
-      const prevConfirmations = wallet.confirmations || [];
-      const nextConfirmations = prevConfirmations
-        .filter((conA) => !confirmations.find((conB) => conB.operation === conA.operation))
-        .concat(confirmations)
-        .map((conf) => ({
-          ...conf,
-          pending: false
-        }));
-
       return {
         key: UPDATE_CONFIRMATIONS,
-        value: nextConfirmations
+        value: confirmations
       };
     });
 }
 
-function fetchOperationConfirmations (contract, operation, owners = null) {
-  if (!owners) {
-    console.warn('[fetchOperationConfirmations] try to provide the owners for the Wallet', contract.address);
-  }
-
-  const walletInstance = contract.instance;
-
-  const promise = owners
-    ? Promise.resolve({ value: owners })
-    : fetchWalletOwners(contract);
-
-  return promise
-    .then((result) => {
-      const owners = result.value;
-
-      return Promise
-        .all(owners.map((owner) => walletInstance.hasConfirmed.call({}, [ operation, owner ])))
-        .then((data) => {
-          return owners.filter((owner, index) => data[index]);
-        });
-    });
-}
-
 function parseLogs (logs) {
   return (dispatch, getState) => {
     if (!logs || logs.length === 0) {
       return;
     }
 
-    const WalletSignatures = WalletsUtils.getWalletSignatures();
-
+    const { api } = getState();
     const updates = {};
 
-    logs.forEach((log) => {
-      const { address, topics } = log;
-      const eventSignature = toHex(topics[0]);
-      const prev = updates[address] || {
-        [ UPDATE_DAILYLIMIT ]: true,
-        address
-      };
+    const promises = logs.map((log) => {
+      const { address } = log;
 
-      switch (eventSignature) {
-        case WalletSignatures.OwnerChanged:
-        case WalletSignatures.OwnerAdded:
-        case WalletSignatures.OwnerRemoved:
-          updates[address] = {
-            ...prev,
-            [ UPDATE_OWNERS ]: true
+      return WalletsUtils.logToUpdate(api, address, log)
+        .then((update) => {
+          const prev = updates[address] || {
+            [ UPDATE_DAILYLIMIT ]: true,
+            address
           };
-          return;
 
-        case WalletSignatures.RequirementChanged:
-          updates[address] = {
-            ...prev,
-            [ UPDATE_REQUIRE ]: true
-          };
-          return;
+          if (update[UPDATE_CONFIRMATIONS]) {
+            const operations = (prev[UPDATE_CONFIRMATIONS] || []).concat(update[UPDATE_CONFIRMATIONS]);
 
-        case WalletSignatures.ConfirmationNeeded:
-        case WalletSignatures.Confirmation:
-        case WalletSignatures.Revoke:
-          const operation = bytesToHex(log.params.operation.value);
+            update[UPDATE_CONFIRMATIONS] = uniq(operations);
+          }
 
           updates[address] = {
             ...prev,
-            [ UPDATE_CONFIRMATIONS ]: uniq(
-              (prev[UPDATE_CONFIRMATIONS] || []).concat(operation)
-            )
+            ...update
           };
-
-          return;
-
-        case WalletSignatures.Deposit:
-        case WalletSignatures.SingleTransact:
-        case WalletSignatures.MultiTransact:
-        case WalletSignatures.Old.SingleTransact:
-        case WalletSignatures.Old.MultiTransact:
-          updates[address] = {
-            ...prev,
-            [ UPDATE_TRANSACTIONS ]: true
-          };
-          return;
-      }
+        });
     });
 
-    fetchWalletsInfo(updates)(dispatch, getState);
+    return Promise.all(promises)
+      .then(() => {
+        fetchWalletsInfo(updates)(dispatch, getState);
+      });
   };
 }
 
diff --git a/js/src/util/tx.js b/js/src/util/tx.js
index 9ab8b6599..e325e6024 100644
--- a/js/src/util/tx.js
+++ b/js/src/util/tx.js
@@ -14,6 +14,8 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+import BigNumber from 'bignumber.js';
+
 import WalletsUtils from '~/util/wallets';
 
 /**
@@ -71,11 +73,14 @@ const isValidReceipt = (receipt) => {
   return receipt && receipt.blockNumber && receipt.blockNumber.gt(0);
 };
 
-function getTxArgs (func, options, values = []) {
-  const { contract } = func;
-  const { api } = contract;
+export function getTxOptions (api, func, _options, values = []) {
+  const options = { ..._options };
   const address = options.from;
 
+  if (func && func.contract) {
+    options.to = options.to || func.contract.address;
+  }
+
   if (!address) {
     return Promise.resolve({ func, options, values });
   }
@@ -87,8 +92,9 @@ function getTxArgs (func, options, values = []) {
         return { func, options, values };
       }
 
-      options.data = contract.getCallData(func, options, values);
-      options.to = options.to || contract.address;
+      if (func && func.contract) {
+        options.data = func.contract.getCallData(func, options, values);
+      }
 
       if (!options.to) {
         return { func, options, values };
@@ -103,24 +109,35 @@ function getTxArgs (func, options, values = []) {
 
           return callArgs;
         });
+    })
+    .then(({ func, options, values }) => {
+      if (func) {
+        options.data = func.contract.getCallData(func, options, values);
+      }
+
+      if (!options.value) {
+        options.value = new BigNumber(0);
+      }
+
+      return options;
     });
 }
 
 export function estimateGas (_func, _options, _values = []) {
-  return getTxArgs(_func, _options, _values)
-    .then((callArgs) => {
-      const { func, options, values } = callArgs;
+  const { api } = _func.contract;
 
-      return func._estimateGas(options, values);
+  return getTxOptions(api, _func, _options, _values)
+    .then((options) => {
+      return api.eth.estimateGas(options);
     });
 }
 
 export function postTransaction (_func, _options, _values = []) {
-  return getTxArgs(_func, _options, _values)
-    .then((callArgs) => {
-      const { func, options, values } = callArgs;
+  const { api } = _func.contract;
 
-      return func._postTransaction(options, values);
+  return getTxOptions(api, _func, _options, _values)
+    .then((options) => {
+      return api.parity.postTransaction(options);
     });
 }
 
@@ -182,42 +199,35 @@ export function deploy (contract, options, values, skipGasEstimate = false) {
 }
 
 export function parseTransactionReceipt (api, options, receipt) {
-  const { metadata } = options;
-  const address = options.from;
-
   if (receipt.gasUsed.eq(options.gas)) {
     const error = new Error(`Contract not deployed, gasUsed == ${options.gas.toFixed(0)}`);
 
     return Promise.reject(error);
   }
 
-  const logs = WalletsUtils.parseLogs(api, receipt.logs || []);
+  // If regular contract creation, only validate the contract
+  if (receipt.contractAddress) {
+    return validateContract(api, receipt.contractAddress);
+  }
 
-  const confirmationLog = logs.find((log) => log.event === 'ConfirmationNeeded');
-  const transactionLog = logs.find((log) => log.event === 'SingleTransact');
+  // Otherwise, needs to check for a contract deployment
+  // from a multisig wallet
+  const walletResult = WalletsUtils.parseTransactionLogs(api, options, receipt.logs || []);
 
-  if (!confirmationLog && !transactionLog && !receipt.contractAddress) {
+  if (!walletResult) {
     const error = new Error('Something went wrong in the contract deployment...');
 
     return Promise.reject(error);
   }
 
-  // Confirmations are needed from the other owners
-  if (confirmationLog) {
-    const operationHash = api.util.bytesToHex(confirmationLog.params.operation.value);
-
-    // Add the contract to pending contracts
-    WalletsUtils.addPendingContract(address, operationHash, metadata);
+  if (walletResult.pending) {
     return Promise.resolve(null);
   }
 
-  if (transactionLog) {
-    // Set the contract address in the receipt
-    receipt.contractAddress = transactionLog.params.created.value;
-  }
-
-  const contractAddress = receipt.contractAddress;
+  return validateContract(api, walletResult.contractAddress);
+}
 
+function validateContract (api, contractAddress) {
   return api.eth
     .getCode(contractAddress)
     .then((code) => {
diff --git a/js/src/util/wallets.js b/js/src/util/wallets.js
index e90f4115f..6b1c29d01 100644
--- a/js/src/util/wallets.js
+++ b/js/src/util/wallets.js
@@ -15,95 +15,96 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 import BigNumber from 'bignumber.js';
-import { intersection, range, uniq } from 'lodash';
-import store from 'store';
+import { intersection } from 'lodash';
 
-import Abi from '~/abi';
-import Contract from '~/api/contract';
-import { bytesToHex, toHex } from '~/api/util/format';
-import { validateAddress } from '~/util/validation';
-import WalletAbi from '~/contracts/abi/wallet.json';
-import OldWalletAbi from '~/contracts/abi/old-wallet.json';
+import ConsensysWalletUtils from './wallets/consensys-wallet';
+import FoundationWalletUtils from './wallets/foundation-wallet';
 
-const LS_PENDING_CONTRACTS_KEY = '_parity::wallets::pendingContracts';
+const CONSENSYS_WALLET = 'CONSENSYS_WALLET';
+const FOUNDATION_WALLET = 'FOUNDATION_WALLET';
 
 const _cachedWalletLookup = {};
+const _cachedWalletTypes = {};
 let _cachedAccounts = {};
 
-const walletAbi = new Abi(WalletAbi);
-const oldWalletAbi = new Abi(OldWalletAbi);
-
-const walletEvents = walletAbi.events.reduce((events, event) => {
-  events[event.name] = event;
-  return events;
-}, {});
-
-const oldWalletEvents = oldWalletAbi.events.reduce((events, event) => {
-  events[event.name] = event;
-  return events;
-}, {});
-
-const WalletSignatures = {
-  OwnerChanged: toHex(walletEvents.OwnerChanged.signature),
-  OwnerAdded: toHex(walletEvents.OwnerAdded.signature),
-  OwnerRemoved: toHex(walletEvents.OwnerRemoved.signature),
-  RequirementChanged: toHex(walletEvents.RequirementChanged.signature),
-  Confirmation: toHex(walletEvents.Confirmation.signature),
-  Revoke: toHex(walletEvents.Revoke.signature),
-  Deposit: toHex(walletEvents.Deposit.signature),
-  SingleTransact: toHex(walletEvents.SingleTransact.signature),
-  MultiTransact: toHex(walletEvents.MultiTransact.signature),
-  ConfirmationNeeded: toHex(walletEvents.ConfirmationNeeded.signature),
-
-  Old: {
-    SingleTransact: toHex(oldWalletEvents.SingleTransact.signature),
-    MultiTransact: toHex(oldWalletEvents.MultiTransact.signature)
-  }
-};
-
 export default class WalletsUtils {
-  static getWalletSignatures () {
-    return WalletSignatures;
-  }
-
-  static getPendingContracts () {
-    return store.get(LS_PENDING_CONTRACTS_KEY) || {};
-  }
-
-  static setPendingContracts (contracts = {}) {
-    return store.set(LS_PENDING_CONTRACTS_KEY, contracts);
-  }
-
-  static removePendingContract (operationHash) {
-    const nextContracts = WalletsUtils.getPendingContracts();
-
-    delete nextContracts[operationHash];
-    WalletsUtils.setPendingContracts(nextContracts);
-  }
-
-  static addPendingContract (address, operationHash, metadata) {
-    const nextContracts = {
-      ...WalletsUtils.getPendingContracts(),
-      [ operationHash ]: {
-        address,
-        metadata,
-        operationHash
-      }
-    };
-
-    WalletsUtils.setPendingContracts(nextContracts);
-  }
-
   static cacheAccounts (accounts) {
     _cachedAccounts = accounts;
   }
 
-  static getCallArgs (api, options, values = []) {
-    const walletContract = new Contract(api, WalletAbi);
-    const walletAddress = options.from;
+  static delegateCall (api, address, method, args = []) {
+    return WalletsUtils.getWalletType(api, address)
+      .then((walletType) => {
+        if (walletType === CONSENSYS_WALLET) {
+          return ConsensysWalletUtils[method].apply(null, args);
+        }
+
+        return FoundationWalletUtils[method].apply(null, args);
+      });
+  }
+
+  static fetchDailylimit (walletContract) {
+    const { api } = walletContract;
 
     return WalletsUtils
-      .fetchOwners(walletContract.at(walletAddress))
+      .delegateCall(api, walletContract.address, 'fetchDailylimit', [ walletContract ]);
+  }
+
+  static fetchOwners (walletContract) {
+    const { api } = walletContract;
+
+    return WalletsUtils
+      .delegateCall(api, walletContract.address, 'fetchOwners', [ walletContract ]);
+  }
+
+  static fetchRequire (walletContract) {
+    const { api } = walletContract;
+
+    return WalletsUtils
+      .delegateCall(api, walletContract.address, 'fetchRequire', [ walletContract ]);
+  }
+
+  static fetchPendingTransactions (walletContract, cache) {
+    const { api } = walletContract;
+
+    return WalletsUtils
+      .delegateCall(api, walletContract.address, 'fetchPendingTransactions', [ walletContract, cache ]);
+  }
+
+  static fetchTransactions (walletContract) {
+    const { api } = walletContract;
+
+    return WalletsUtils
+      .delegateCall(api, walletContract.address, 'fetchTransactions', [ walletContract ])
+      .then((transactions) => {
+        return transactions.sort((txA, txB) => {
+          const comp = txB.blockNumber.comparedTo(txA.blockNumber);
+
+          if (comp !== 0) {
+            return comp;
+          }
+
+          return txB.transactionIndex.comparedTo(txA.transactionIndex);
+        });
+      });
+  }
+
+  static getCallArgs (api, options, values = []) {
+    const walletAddress = options.from;
+    let walletContract;
+    let submitMethod;
+
+    return Promise
+      .all([
+        WalletsUtils.getWalletContract(api, walletAddress),
+        WalletsUtils.delegateCall(api, walletAddress, 'getSubmitMethod')
+      ])
+      .then(([ _walletContract, _submitMethod ]) => {
+        walletContract = _walletContract;
+        submitMethod = _submitMethod;
+
+        return WalletsUtils.fetchOwners(walletContract);
+      })
       .then((owners) => {
         const addresses = Object.keys(_cachedAccounts);
         const ownerAddress = intersection(addresses, owners).pop();
@@ -121,12 +122,12 @@ export default class WalletsUtils {
         const nextValues = [ to, value, data ];
         const nextOptions = {
           ..._options,
-          from: ownerAddress,
+          from: options.sender || ownerAddress,
           to: walletAddress,
           value: new BigNumber(0)
         };
 
-        const execFunc = walletContract.instance.execute;
+        const execFunc = walletContract.instance[submitMethod];
         const callArgs = { func: execFunc, options: nextOptions, values: nextValues };
 
         if (!account.wallet) {
@@ -139,6 +140,11 @@ export default class WalletsUtils {
       });
   }
 
+  static getChangeMethod (api, address, change) {
+    return WalletsUtils
+      .delegateCall(api, address, 'getChangeMethod', [ api, address, change ]);
+  }
+
   static getDeployArgs (contract, options, values) {
     const { api } = contract;
     const func = contract.constructors[0];
@@ -158,10 +164,41 @@ export default class WalletsUtils {
       });
   }
 
-  static parseLogs (api, logs = []) {
-    const walletContract = new Contract(api, WalletAbi);
+  static getWalletContract (api, address) {
+    return WalletsUtils
+      .delegateCall(api, address, 'getWalletContract', [ api ])
+      .then((walletContract) => {
+        return walletContract.at(address);
+      });
+  }
 
-    return walletContract.parseEventLogs(logs);
+  static getWalletType (api, address) {
+    if (_cachedWalletTypes[address] === undefined) {
+      _cachedWalletTypes[address] = Promise.resolve(null)
+        .then((result) => {
+          if (result) {
+            return result;
+          }
+
+          return FoundationWalletUtils.isWallet(api, address)
+            .then((isWallet) => isWallet && FOUNDATION_WALLET);
+        })
+        .then((result) => {
+          if (result) {
+            return result;
+          }
+
+          return ConsensysWalletUtils.isWallet(api, address)
+            .then((isWallet) => isWallet && CONSENSYS_WALLET);
+        })
+        .then((result) => {
+          _cachedWalletTypes[address] = result || null;
+
+          return _cachedWalletTypes[address];
+        });
+    }
+
+    return Promise.resolve(_cachedWalletTypes[address]);
   }
 
   /**
@@ -175,20 +212,8 @@ export default class WalletsUtils {
     }
 
     if (!_cachedWalletLookup[address]) {
-      const walletContract = new Contract(api, WalletAbi);
-
-      _cachedWalletLookup[address] = walletContract
-        .at(address)
-        .instance
-        .m_numOwners
-        .call()
-        .then((result) => {
-          if (!result || result.equals(0)) {
-            return false;
-          }
-
-          return true;
-        })
+      _cachedWalletLookup[address] = WalletsUtils.getWalletType(api, address)
+        .then((walletType) => walletType !== null)
         .then((bool) => {
           _cachedWalletLookup[address] = Promise.resolve(bool);
           return bool;
@@ -198,207 +223,34 @@ export default class WalletsUtils {
     return _cachedWalletLookup[address];
   }
 
-  static fetchRequire (walletContract) {
-    return walletContract.instance.m_required.call();
-  }
-
-  static fetchOwners (walletContract) {
-    const walletInstance = walletContract.instance;
-
-    return walletInstance
-      .m_numOwners.call()
-      .then((mNumOwners) => {
-        const promises = range(mNumOwners.toNumber())
-          .map((idx) => walletInstance.getOwner.call({}, [ idx ]));
-
-        return Promise
-          .all(promises)
-          .then((owners) => {
-            const uniqOwners = uniq(owners);
-
-            // If all owners are the zero account : must be Mist wallet contract
-            if (uniqOwners.length === 1 && /^(0x)?0*$/.test(owners[0])) {
-              return WalletsUtils.fetchMistOwners(walletContract, mNumOwners.toNumber());
-            }
-
-            return owners;
-          })
-          .then((owners) => uniq(owners));
-      });
-  }
-
-  static fetchMistOwners (walletContract, mNumOwners) {
-    const walletAddress = walletContract.address;
-
+  static logToUpdate (api, address, log) {
     return WalletsUtils
-      .getMistOwnersOffset(walletContract)
-      .then((result) => {
-        if (!result || result.offset === -1) {
-          return [];
-        }
-
-        const owners = [ result.address ];
-
-        if (mNumOwners === 1) {
-          return owners;
-        }
-
-        const initOffset = result.offset + 1;
-        let promise = Promise.resolve();
-
-        range(initOffset, initOffset + mNumOwners - 1).forEach((offset) => {
-          promise = promise
-            .then(() => {
-              return walletContract.api.eth.getStorageAt(walletAddress, offset);
-            })
-            .then((result) => {
-              const resultAddress = '0x' + (result || '').slice(-40);
-              const { address } = validateAddress(resultAddress);
-
-              owners.push(address);
-            });
-        });
-
-        return promise.then(() => owners);
-      });
+      .delegateCall(api, address, 'logToUpdate', [ log ]);
   }
 
-  static getMistOwnersOffset (walletContract, offset = 3) {
-    return walletContract.api.eth
-      .getStorageAt(walletContract.address, offset)
-      .then((result) => {
-        if (result && !/^(0x)?0*$/.test(result)) {
-          const resultAddress = '0x' + result.slice(-40);
-          const { address, addressError } = validateAddress(resultAddress);
-
-          if (!addressError) {
-            return { offset, address };
-          }
-        }
-
-        if (offset >= 100) {
-          return { offset: -1 };
-        }
-
-        return WalletsUtils.getMistOwnersOffset(walletContract, offset + 1);
-      });
+  static parseTransactionLogs (api, options, rawLogs) {
+    return WalletsUtils
+      .delegateCall(api, options.from, 'parseTransactionLogs', [ api, options, rawLogs ]);
   }
 
-  static fetchDailylimit (walletContract) {
-    const walletInstance = walletContract.instance;
+  static postModifyOperation (api, walletAddress, modification, owner, operation) {
+    const options = { from: owner };
+    const values = [ operation ];
 
     return Promise
       .all([
-        walletInstance.m_dailyLimit.call(),
-        walletInstance.m_spentToday.call(),
-        walletInstance.m_lastDay.call()
+        WalletsUtils
+          .getWalletContract(api, walletAddress),
+        WalletsUtils
+          .delegateCall(api, walletAddress, 'getModifyOperationMethod', [ modification ])
       ])
-      .then(([ limit, spent, last ]) => ({
-        limit, spent, last
-      }));
-  }
-
-  static fetchTransactions (walletContract) {
-    const { api } = walletContract;
-    const pendingContracts = WalletsUtils.getPendingContracts();
-
-    return walletContract
-      .getAllLogs({
-        topics: [ [
-          WalletSignatures.SingleTransact,
-          WalletSignatures.MultiTransact,
-          WalletSignatures.Deposit,
-          WalletSignatures.Old.SingleTransact,
-          WalletSignatures.Old.MultiTransact
-        ] ]
-      })
-      .then((logs) => {
-        return logs.sort((logA, logB) => {
-          const comp = logB.blockNumber.comparedTo(logA.blockNumber);
-
-          if (comp !== 0) {
-            return comp;
-          }
-
-          return logB.transactionIndex.comparedTo(logA.transactionIndex);
-        });
-      })
-      .then((logs) => {
-        const transactions = logs.map((log) => {
-          const signature = toHex(log.topics[0]);
-
-          const value = log.params.value.value;
-          const from = signature === WalletSignatures.Deposit
-            ? log.params['_from'].value
-            : walletContract.address;
-
-          const to = signature === WalletSignatures.Deposit
-            ? walletContract.address
-            : log.params.to.value;
-
-          const transaction = {
-            transactionHash: log.transactionHash,
-            blockNumber: log.blockNumber,
-            from, to, value
-          };
-
-          if (log.params.created && log.params.created.value && !/^(0x)?0*$/.test(log.params.created.value)) {
-            transaction.creates = log.params.created.value;
-            delete transaction.to;
-          }
-
-          if (log.params.operation) {
-            const operation = bytesToHex(log.params.operation.value);
-
-            // Add the pending contract to the contracts
-            if (pendingContracts[operation]) {
-              const { metadata } = pendingContracts[operation];
-              const contractName = metadata.name;
-
-              metadata.blockNumber = log.blockNumber;
-
-              // The contract creation might not be in the same log,
-              // but must be in the same transaction (eg. Contract creation
-              // from Wallet within a Wallet)
-              api.eth
-                .getTransactionReceipt(log.transactionHash)
-                .then((transactionReceipt) => {
-                  const transactionLogs = WalletsUtils.parseLogs(api, transactionReceipt.logs);
-                  const creationLog = transactionLogs.find((log) => {
-                    return log.params.created && !/^(0x)?0*$/.test(log.params.created.value);
-                  });
-
-                  if (!creationLog) {
-                    return false;
-                  }
-
-                  const contractAddress = creationLog.params.created.value;
-
-                  return Promise
-                    .all([
-                      api.parity.setAccountName(contractAddress, contractName),
-                      api.parity.setAccountMeta(contractAddress, metadata)
-                    ])
-                    .then(() => {
-                      WalletsUtils.removePendingContract(operation);
-                    });
-                })
-                .catch((error) => {
-                  console.error('adding wallet contract', error);
-                });
-            }
-
-            transaction.operation = operation;
-          }
-
-          if (log.params.data) {
-            transaction.data = log.params.data.value;
-          }
-
-          return transaction;
-        });
-
-        return transactions;
+      .then(([ wallet, method ]) => {
+        return wallet.instance[method]
+          .estimateGas(options, values)
+          .then((gas) => {
+            options.gas = gas.mul(1.5);
+            return wallet.instance[method].postTransaction(options, values);
+          });
       });
   }
 }
diff --git a/js/src/util/wallets/consensys-wallet.js b/js/src/util/wallets/consensys-wallet.js
new file mode 100644
index 000000000..9f9f9d5fa
--- /dev/null
+++ b/js/src/util/wallets/consensys-wallet.js
@@ -0,0 +1,354 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import BigNumber from 'bignumber.js';
+
+import Abi from '~/abi';
+import Contract from '~/api/contract';
+import { toHex } from '~/api/util/format';
+
+import WalletAbi from '~/contracts/abi/consensys-multisig-wallet.json';
+
+import {
+  UPDATE_OWNERS,
+  UPDATE_REQUIRE,
+  UPDATE_TRANSACTIONS,
+  UPDATE_CONFIRMATIONS
+} from './updates';
+
+const WALLET_CONTRACT = new Contract({}, WalletAbi);
+const WALLET_ABI = new Abi(WalletAbi);
+
+const walletEvents = WALLET_ABI.events.reduce((events, event) => {
+  events[event.name] = event;
+  return events;
+}, {});
+
+const WalletSignatures = {
+  Confirmation: toHex(walletEvents.Confirmation.signature),
+  Revocation: toHex(walletEvents.Revocation.signature),
+  Deposit: toHex(walletEvents.Deposit.signature),
+  Execution: toHex(walletEvents.Execution.signature),
+  OwnerAddition: toHex(walletEvents.OwnerAddition.signature),
+  OwnerRemoval: toHex(walletEvents.OwnerRemoval.signature),
+  RequirementChange: toHex(walletEvents.RequirementChange.signature),
+  Submission: toHex(walletEvents.Submission.signature)
+};
+
+export default class ConsensysWalletUtils {
+  static fetchOwners (inWallet) {
+    const wallet = new Contract(inWallet.api, WalletAbi).at(inWallet.address);
+
+    return wallet.instance.getOwners.call()
+      .then((owners) => {
+        return owners.map((token) => token.value);
+      });
+  }
+
+  static fetchPendingTransactions (inWallet) {
+    const wallet = new Contract(inWallet.api, WalletAbi).at(inWallet.address);
+
+    let transactions;
+    let txIds;
+
+    // Get pending and not exectued transactions
+    return wallet.instance.getTransactionCount
+      .call({}, [ true, false ])
+      .then((txCount) => {
+        // Get all the pending transactions
+        const fromId = 0;
+        const toId = txCount;
+
+        return wallet.instance.getTransactionIds
+          .call({}, [ fromId, toId, true, false ]);
+      })
+      .then((_txIds) => {
+        txIds = _txIds.map((token) => token.value);
+
+        const promises = txIds.map((txId) => {
+          return wallet.instance.transactions
+            .call({}, [ txId ]);
+        });
+
+        return Promise.all(promises);
+      })
+      .then((transactions) => {
+        return transactions.map((transaction, index) => {
+          const [ destination, value, data ] = transaction;
+          const id = toHex(txIds[index]);
+
+          return {
+            to: destination,
+            data,
+            value,
+            operation: id
+          };
+        });
+      })
+      .then((_transactions) => {
+        transactions = _transactions;
+
+        return wallet
+          .getAllLogs({
+            topics: [
+              WalletSignatures.Submission,
+              txIds.map((txId) => toHex(txId))
+            ]
+          });
+      })
+      .then((logs) => {
+        transactions.forEach((tx) => {
+          const log = logs
+            .find((log) => {
+              const id = toHex(log.params.transactionId.value);
+
+              return id === tx.operation;
+            });
+
+          if (!log) {
+            console.warn('could not find a Submission log for this operation', tx);
+            return;
+          }
+
+          tx.transactionIndex = log.transactionIndex;
+          tx.transactionHash = log.transactionHash;
+          tx.blockNumber = log.blockNumber;
+        });
+
+        const confirmationsPromises = transactions.map((tx) => {
+          return wallet.instance.getConfirmations
+            .call({}, [ tx.operation ])
+            .then((owners) => {
+              return owners.map((token) => token.value);
+            });
+        });
+
+        return Promise.all(confirmationsPromises);
+      })
+      .then((confirmations) => {
+        transactions.forEach((tx, index) => {
+          tx.confirmedBy = confirmations[index];
+        });
+
+        return transactions;
+      });
+  }
+
+  static fetchRequire (inWallet) {
+    const wallet = new Contract(inWallet.api, WalletAbi).at(inWallet.address);
+
+    return wallet.instance.required.call();
+  }
+
+  static fetchTransactions (inWallet) {
+    const wallet = new Contract(inWallet.api, WalletAbi).at(inWallet.address);
+
+    let transactions;
+    let txIds;
+
+    return wallet.instance.getTransactionCount
+      .call({}, [ false, true ])
+      .then((txCount) => {
+        // Get the 20 last transactions
+        const fromId = Math.max(0, txCount - 20);
+        const toId = txCount;
+
+        return wallet.instance.getTransactionIds
+          .call({}, [ fromId, toId, false, true ]);
+      })
+      .then((_txIds) => {
+        txIds = _txIds.map((token) => token.value);
+
+        const promises = txIds.map((txId) => {
+          return wallet.instance.transactions
+            .call({}, [ txId ]);
+        });
+
+        return Promise.all(promises);
+      })
+      .then((transactions) => {
+        return transactions.map((transaction, index) => {
+          const [ destination, value, data, executed ] = transaction;
+          const id = toHex(txIds[index]);
+
+          return {
+            destination, value, data, executed, id
+          };
+        });
+      })
+      .then((_transactions) => {
+        transactions = _transactions;
+
+        const depositLogs = wallet
+          .getAllLogs({
+            topics: [ WalletSignatures.Deposit ]
+          });
+
+        const executionLogs = wallet
+          .getAllLogs({
+            topics: [ WalletSignatures.Execution, txIds ]
+          });
+
+        return Promise.all([ depositLogs, executionLogs ]);
+      })
+      .then(([ depositLogs, executionLogs ]) => {
+        const logs = [].concat(depositLogs, executionLogs);
+
+        return logs.map((log) => {
+          const signature = toHex(log.topics[0]);
+
+          const transaction = {
+            transactionHash: log.transactionHash,
+            blockNumber: log.blockNumber
+          };
+
+          if (signature === WalletSignatures.Deposit) {
+            transaction.from = log.params.sender.value;
+            transaction.value = log.params.value.value;
+            transaction.to = wallet.address;
+          } else {
+            const txId = toHex(log.params.transactionId.value);
+            const tx = transactions.find((tx) => tx.id === txId);
+
+            transaction.from = wallet.address;
+            transaction.to = tx.destination;
+            transaction.value = tx.value;
+            transaction.data = tx.data;
+            transaction.operation = toHex(tx.id);
+          }
+
+          return transaction;
+        });
+      });
+  }
+
+  static getChangeMethod (api, address, change) {
+    const wallet = new Contract(api, WalletAbi).at(address);
+    const walletInstance = wallet.instance;
+
+    let data = '';
+
+    if (change.type === 'require') {
+      const func = walletInstance.changeRequirement;
+
+      data = wallet.getCallData(func, {}, [ change.value ]);
+    }
+
+    if (change.type === 'add_owner') {
+      const func = walletInstance.addOwner;
+
+      data = wallet.getCallData(func, {}, [ change.value ]);
+    }
+
+    if (change.type === 'change_owner') {
+      const func = walletInstance.replaceOwner;
+
+      data = wallet.getCallData(func, {}, [ change.value.from, change.value.to ]);
+    }
+
+    if (change.type === 'remove_owner') {
+      const func = walletInstance.removeOwner;
+
+      data = wallet.getCallData(func, {}, [ change.value ]);
+    }
+
+    const method = walletInstance.submitTransaction;
+    const values = [ address, 0, data ];
+
+    return { method, values };
+  }
+
+  static getModifyOperationMethod (modification) {
+    switch (modification) {
+      case 'confirm':
+        return 'confirmTransaction';
+
+      case 'revoke':
+        return 'revokeConfirmation';
+
+      default:
+        return '';
+    }
+  }
+
+  static getSubmitMethod () {
+    return 'submitTransaction';
+  }
+
+  static getWalletContract (api) {
+    return new Contract(api, WalletAbi);
+  }
+
+  static getWalletSignatures () {
+    return WalletSignatures;
+  }
+
+  static fetchDailylimit () {
+    return {
+      last: new BigNumber(0),
+      limit: new BigNumber(0),
+      spent: new BigNumber(0)
+    };
+  }
+
+  static isWallet (api, address) {
+    const wallet = new Contract(api, WalletAbi).at(address);
+
+    return ConsensysWalletUtils.fetchRequire(wallet)
+      .then((result) => {
+        if (!result || result.equals(0)) {
+          return false;
+        }
+
+        return true;
+      });
+  }
+
+  static logToUpdate (log) {
+    const eventSignature = toHex(log.topics[0]);
+
+    switch (eventSignature) {
+      case WalletSignatures.OwnerAddition:
+      case WalletSignatures.OwnerRemoval:
+        return { [ UPDATE_OWNERS ]: true };
+
+      case WalletSignatures.RequirementChange:
+        return { [ UPDATE_REQUIRE ]: true };
+
+      case WalletSignatures.Deposit:
+      case WalletSignatures.Execution:
+        return { [ UPDATE_TRANSACTIONS ]: true };
+
+      case WalletSignatures.Submission:
+      case WalletSignatures.Confirmation:
+      case WalletSignatures.Revocation:
+        const parsedLog = WALLET_CONTRACT.parseEventLogs([ log ])[0];
+        const operation = toHex(parsedLog.params.transactionId.value);
+
+        return { [ UPDATE_CONFIRMATIONS ]: operation };
+
+      default:
+        return {};
+    }
+  }
+
+  /**
+   * This type of wallet cannot create any contract...
+   */
+  static parseTransactionLogs (api, options, rawLogs) {
+    return null;
+  }
+}
diff --git a/js/src/util/wallets/foundation-wallet.js b/js/src/util/wallets/foundation-wallet.js
new file mode 100644
index 000000000..4fb1cfe22
--- /dev/null
+++ b/js/src/util/wallets/foundation-wallet.js
@@ -0,0 +1,500 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import { range, uniq } from 'lodash';
+
+import Abi from '~/abi';
+import Contract from '~/api/contract';
+import { bytesToHex, toHex } from '~/api/util/format';
+import { validateAddress } from '~/util/validation';
+
+import WalletAbi from '~/contracts/abi/foundation-multisig-wallet.json';
+import OldWalletAbi from '~/contracts/abi/old-wallet.json';
+
+import PendingContracts from './pending-contracts';
+import {
+  UPDATE_OWNERS,
+  UPDATE_REQUIRE,
+  UPDATE_TRANSACTIONS,
+  UPDATE_CONFIRMATIONS
+} from './updates';
+
+const WALLET_CONTRACT = new Contract({}, WalletAbi);
+const WALLET_ABI = new Abi(WalletAbi);
+const OLD_WALLET_ABI = new Abi(OldWalletAbi);
+
+const walletEvents = WALLET_ABI.events.reduce((events, event) => {
+  events[event.name] = event;
+  return events;
+}, {});
+
+const oldWalletEvents = OLD_WALLET_ABI.events.reduce((events, event) => {
+  events[event.name] = event;
+  return events;
+}, {});
+
+const WalletSignatures = {
+  OwnerChanged: toHex(walletEvents.OwnerChanged.signature),
+  OwnerAdded: toHex(walletEvents.OwnerAdded.signature),
+  OwnerRemoved: toHex(walletEvents.OwnerRemoved.signature),
+  RequirementChanged: toHex(walletEvents.RequirementChanged.signature),
+  Confirmation: toHex(walletEvents.Confirmation.signature),
+  Revoke: toHex(walletEvents.Revoke.signature),
+  Deposit: toHex(walletEvents.Deposit.signature),
+  SingleTransact: toHex(walletEvents.SingleTransact.signature),
+  MultiTransact: toHex(walletEvents.MultiTransact.signature),
+  ConfirmationNeeded: toHex(walletEvents.ConfirmationNeeded.signature),
+
+  Old: {
+    SingleTransact: toHex(oldWalletEvents.SingleTransact.signature),
+    MultiTransact: toHex(oldWalletEvents.MultiTransact.signature)
+  }
+};
+
+export default class FoundationWalletUtils {
+  static fetchConfirmations (walletContract, operation, _owners = null) {
+    const ownersPromise = _owners
+      ? Promise.resolve(_owners)
+      : FoundationWalletUtils.fetchOwners(walletContract);
+
+    return ownersPromise
+      .then((owners) => {
+        const promises = owners.map((owner) => {
+          return walletContract.instance.hasConfirmed.call({}, [ operation, owner ]);
+        });
+
+        return Promise
+          .all(promises)
+          .then((data) => {
+            return owners.filter((_, index) => data[index]);
+          });
+      });
+  }
+
+  static fetchDailylimit (walletContract) {
+    const walletInstance = walletContract.instance;
+
+    return Promise
+      .all([
+        walletInstance.m_dailyLimit.call(),
+        walletInstance.m_spentToday.call(),
+        walletInstance.m_lastDay.call()
+      ])
+      .then(([ limit, spent, last ]) => ({
+        limit, spent, last
+      }));
+  }
+
+  static fetchOwners (walletContract) {
+    const walletInstance = walletContract.instance;
+
+    return walletInstance
+      .m_numOwners.call()
+      .then((mNumOwners) => {
+        const promises = range(mNumOwners.toNumber())
+          .map((idx) => walletInstance.getOwner.call({}, [ idx ]));
+
+        return Promise
+          .all(promises)
+          .then((_owners) => {
+            const owners = validateOwners(_owners);
+
+            // If all owners are the zero account : must be Mist wallet contract
+            if (!owners) {
+              return fetchMistOwners(walletContract, mNumOwners.toNumber());
+            }
+
+            return owners;
+          });
+      });
+  }
+
+  static fetchPendingTransactions (walletContract, cache = {}) {
+    const { owners, transactions } = cache;
+
+    return walletContract
+      .instance
+      .ConfirmationNeeded
+      .getAllLogs()
+      .then((logs) => {
+        return logs.map((log) => ({
+          initiator: log.params.initiator.value,
+          to: log.params.to.value,
+          data: log.params.data.value,
+          value: log.params.value.value,
+          operation: bytesToHex(log.params.operation.value),
+          transactionIndex: log.transactionIndex,
+          transactionHash: log.transactionHash,
+          blockNumber: log.blockNumber,
+          confirmedBy: []
+        }));
+      })
+      .then((logs) => {
+        return logs.sort((logA, logB) => {
+          const comp = logA.blockNumber.comparedTo(logB.blockNumber);
+
+          if (comp !== 0) {
+            return comp;
+          }
+
+          return logA.transactionIndex.comparedTo(logB.transactionIndex);
+        });
+      })
+      .then((pendingTxs) => {
+        if (pendingTxs.length === 0) {
+          return pendingTxs;
+        }
+
+        // Only fetch confirmations for operations not
+        // yet confirmed (ie. not yet a transaction)
+        if (transactions) {
+          const operations = transactions
+            .filter((t) => t.operation)
+            .map((t) => t.operation);
+
+          return pendingTxs.filter((pendingTx) => {
+            return !operations.includes(pendingTx.operation);
+          });
+        }
+
+        return pendingTxs;
+      })
+      .then((pendingTxs) => {
+        const promises = pendingTxs.map((tx) => {
+          return FoundationWalletUtils
+            .fetchConfirmations(walletContract, tx.operation, owners)
+            .then((confirmedBy) => {
+              tx.confirmedBy = confirmedBy;
+
+              return tx;
+            });
+        });
+
+        return Promise.all(promises);
+      });
+  }
+
+  static fetchRequire (wallet) {
+    return wallet.instance.m_required.call();
+  }
+
+  static fetchTransactions (walletContract) {
+    const { api } = walletContract;
+
+    return walletContract
+      .getAllLogs({
+        topics: [ [
+          WalletSignatures.SingleTransact,
+          WalletSignatures.MultiTransact,
+          WalletSignatures.Deposit,
+          WalletSignatures.Old.SingleTransact,
+          WalletSignatures.Old.MultiTransact
+        ] ]
+      })
+      .then((logs) => {
+        const transactions = logs.map((log) => {
+          const signature = toHex(log.topics[0]);
+
+          const value = log.params.value.value;
+          const from = signature === WalletSignatures.Deposit
+            ? log.params['_from'].value
+            : walletContract.address;
+
+          const to = signature === WalletSignatures.Deposit
+            ? walletContract.address
+            : log.params.to.value;
+
+          const transaction = {
+            transactionHash: log.transactionHash,
+            blockNumber: log.blockNumber,
+            from, to, value
+          };
+
+          if (log.params.created && log.params.created.value && !/^(0x)?0*$/.test(log.params.created.value)) {
+            transaction.creates = log.params.created.value;
+            delete transaction.to;
+          }
+
+          if (log.params.operation) {
+            transaction.operation = bytesToHex(log.params.operation.value);
+            checkPendingOperation(api, log, transaction.operation);
+          }
+
+          if (log.params.data) {
+            transaction.data = log.params.data.value;
+          }
+
+          return transaction;
+        });
+
+        return transactions;
+      });
+  }
+
+  static getChangeMethod (api, address, change) {
+    const wallet = new Contract(api, WalletAbi).at(address);
+    const walletInstance = wallet.instance;
+
+    if (change.type === 'require') {
+      return {
+        method: walletInstance.changeRequirement,
+        values: [ change.value ]
+      };
+    }
+
+    if (change.type === 'dailylimit') {
+      return {
+        method: walletInstance.setDailyLimit,
+        values: [ change.value ]
+      };
+    }
+
+    if (change.type === 'add_owner') {
+      return {
+        method: walletInstance.addOwner,
+        values: [ change.value ]
+      };
+    }
+
+    if (change.type === 'change_owner') {
+      return {
+        method: walletInstance.changeOwner,
+        values: [ change.value.from, change.value.to ]
+      };
+    }
+
+    if (change.type === 'remove_owner') {
+      return {
+        method: walletInstance.removeOwner,
+        values: [ change.value ]
+      };
+    }
+  }
+
+  static getModifyOperationMethod (modification) {
+    switch (modification) {
+      case 'confirm':
+        return 'confirm';
+
+      case 'revoke':
+        return 'revoke';
+
+      default:
+        return '';
+    }
+  }
+
+  static getSubmitMethod () {
+    return 'execute';
+  }
+
+  static getWalletContract (api) {
+    return new Contract(api, WalletAbi);
+  }
+
+  static getWalletSignatures () {
+    return WalletSignatures;
+  }
+
+  static isWallet (api, address) {
+    const walletContract = new Contract(api, WalletAbi);
+
+    return walletContract
+      .at(address)
+      .instance
+      .m_numOwners
+      .call()
+      .then((result) => {
+        if (!result || result.equals(0)) {
+          return false;
+        }
+
+        return true;
+      });
+  }
+
+  static logToUpdate (log) {
+    const eventSignature = toHex(log.topics[0]);
+
+    switch (eventSignature) {
+      case WalletSignatures.OwnerChanged:
+      case WalletSignatures.OwnerAdded:
+      case WalletSignatures.OwnerRemoved:
+        return { [ UPDATE_OWNERS ]: true };
+
+      case WalletSignatures.RequirementChanged:
+        return { [ UPDATE_REQUIRE ]: true };
+
+      case WalletSignatures.ConfirmationNeeded:
+      case WalletSignatures.Confirmation:
+      case WalletSignatures.Revoke:
+        const parsedLog = WALLET_CONTRACT.parseEventLogs([ log ])[0];
+        const operation = bytesToHex(parsedLog.params.operation.value);
+
+        return { [ UPDATE_CONFIRMATIONS ]: operation };
+
+      case WalletSignatures.Deposit:
+      case WalletSignatures.SingleTransact:
+      case WalletSignatures.MultiTransact:
+      case WalletSignatures.Old.SingleTransact:
+      case WalletSignatures.Old.MultiTransact:
+        return { [ UPDATE_TRANSACTIONS ]: true };
+
+      default:
+        return {};
+    }
+  }
+
+  static parseLogs (api, logs = []) {
+    const walletContract = new Contract(api, WalletAbi);
+
+    return walletContract.parseEventLogs(logs);
+  }
+
+  static parseTransactionLogs (api, options, rawLogs) {
+    const { metadata } = options;
+    const address = options.from;
+    const logs = FoundationWalletUtils.parseLogs(api, rawLogs);
+
+    const confirmationLog = logs.find((log) => log.event === 'ConfirmationNeeded');
+    const transactionLog = logs.find((log) => log.event === 'SingleTransact');
+
+    if (!confirmationLog && !transactionLog) {
+      return null;
+    }
+
+    // Confirmations are needed from the other owners
+    if (confirmationLog) {
+      const operationHash = bytesToHex(confirmationLog.params.operation.value);
+
+      // Add the contract to pending contracts
+      PendingContracts.addPendingContract(address, operationHash, metadata);
+
+      return { pending: true };
+    }
+
+    return { contractAddress: transactionLog.params.created.value };
+  }
+}
+
+function checkPendingOperation (api, log, operation) {
+  const pendingContracts = PendingContracts.getPendingContracts();
+
+  // Add the pending contract to the contracts
+  if (pendingContracts[operation]) {
+    const { metadata } = pendingContracts[operation];
+    const contractName = metadata.name;
+
+    metadata.blockNumber = log.blockNumber;
+
+    // The contract creation might not be in the same log,
+    // but must be in the same transaction (eg. Contract creation
+    // from Wallet within a Wallet)
+    api.eth
+      .getTransactionReceipt(log.transactionHash)
+      .then((transactionReceipt) => {
+        const transactionLogs = FoundationWalletUtils.parseLogs(api, transactionReceipt.logs);
+        const creationLog = transactionLogs.find((log) => {
+          return log.params.created && !/^(0x)?0*$/.test(log.params.created.value);
+        });
+
+        if (!creationLog) {
+          return false;
+        }
+
+        const contractAddress = creationLog.params.created.value;
+
+        return Promise
+          .all([
+            api.parity.setAccountName(contractAddress, contractName),
+            api.parity.setAccountMeta(contractAddress, metadata)
+          ])
+          .then(() => {
+            PendingContracts.removePendingContract(operation);
+          });
+      })
+      .catch((error) => {
+        console.error('adding wallet contract', error);
+      });
+  }
+}
+
+function fetchMistOwners (walletContract, mNumOwners) {
+  const walletAddress = walletContract.address;
+
+  return getMistOwnersOffset(walletContract)
+    .then((result) => {
+      if (!result || result.offset === -1) {
+        return [];
+      }
+
+      const owners = [ result.address ];
+
+      if (mNumOwners === 1) {
+        return owners;
+      }
+
+      const initOffset = result.offset + 1;
+      let promise = Promise.resolve();
+
+      range(initOffset, initOffset + mNumOwners - 1).forEach((offset) => {
+        promise = promise
+          .then(() => {
+            return walletContract.api.eth.getStorageAt(walletAddress, offset);
+          })
+          .then((result) => {
+            const resultAddress = '0x' + (result || '').slice(-40);
+            const { address } = validateAddress(resultAddress);
+
+            owners.push(address);
+          });
+      });
+
+      return promise.then(() => owners);
+    });
+}
+
+function getMistOwnersOffset (walletContract, offset = 3) {
+  return walletContract.api.eth
+    .getStorageAt(walletContract.address, offset)
+    .then((result) => {
+      if (result && !/^(0x)?0*$/.test(result)) {
+        const resultAddress = '0x' + result.slice(-40);
+        const { address, addressError } = validateAddress(resultAddress);
+
+        if (!addressError) {
+          return { offset, address };
+        }
+      }
+
+      if (offset >= 100) {
+        return { offset: -1 };
+      }
+
+      return getMistOwnersOffset(walletContract, offset + 1);
+    });
+}
+
+function validateOwners (owners) {
+  const uniqOwners = uniq(owners);
+
+  // If all owners are the zero account : must be Mist wallet contract
+  if (uniqOwners.length === 1 && /^(0x)?0*$/.test(owners[0])) {
+    return null;
+  }
+
+  return uniqOwners;
+}
diff --git a/js/src/util/wallets/pending-contracts.js b/js/src/util/wallets/pending-contracts.js
new file mode 100644
index 000000000..8eef273e2
--- /dev/null
+++ b/js/src/util/wallets/pending-contracts.js
@@ -0,0 +1,49 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import store from 'store';
+
+const LS_PENDING_CONTRACTS_KEY = '_parity::wallets::pendingContracts';
+
+export default class PendingContracts {
+  static getPendingContracts () {
+    return store.get(LS_PENDING_CONTRACTS_KEY) || {};
+  }
+
+  static setPendingContracts (contracts = {}) {
+    return store.set(LS_PENDING_CONTRACTS_KEY, contracts);
+  }
+
+  static removePendingContract (operationHash) {
+    const nextContracts = PendingContracts.getPendingContracts();
+
+    delete nextContracts[operationHash];
+    PendingContracts.setPendingContracts(nextContracts);
+  }
+
+  static addPendingContract (address, operationHash, metadata) {
+    const nextContracts = {
+      ...PendingContracts.getPendingContracts(),
+      [ operationHash ]: {
+        address,
+        metadata,
+        operationHash
+      }
+    };
+
+    PendingContracts.setPendingContracts(nextContracts);
+  }
+}
diff --git a/js/src/util/wallets/updates.js b/js/src/util/wallets/updates.js
new file mode 100644
index 000000000..a739652fc
--- /dev/null
+++ b/js/src/util/wallets/updates.js
@@ -0,0 +1,21 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+export const UPDATE_OWNERS = 'owners';
+export const UPDATE_REQUIRE = 'require';
+export const UPDATE_DAILYLIMIT = 'dailylimit';
+export const UPDATE_TRANSACTIONS = 'transactions';
+export const UPDATE_CONFIRMATIONS = 'confirmations';

From 7d17d77254950a559f98ec8f3f941393a1863eca Mon Sep 17 00:00:00 2001
From: Craig O'Connor <oconnorct1@gmail.com>
Date: Wed, 9 Aug 2017 11:06:40 -0600
Subject: [PATCH 051/112] Dapp refresh (#5752)

* RwLock

* getting there

* argh

* parking_lot

* rpc

* wax on wax off

* almost there

* remove lock

* write over read

* works

* linting

* small updates

* dissapearing act

* router update

* complete

* one m

* grumbles1

* grumbles part II

* parking_lot->util

* missed test case

* fied package-lock.json

* small fixes

* 404 tests failing

* cleanup

* cleanup 2

* updates and the likes

* play

* simplify filter

* f-ing bugs

* read->write

* Address own grumbles.

* Fix test.
---
 dapps/src/apps/mod.rs                | 12 +++---
 dapps/src/endpoint.rs                |  3 +-
 dapps/src/lib.rs                     | 57 +++++++++++++++++++++-------
 dapps/src/router.rs                  | 51 ++++++++++++++++---------
 dapps/src/tests/fetch.rs             |  2 +-
 dapps/src/tests/redirection.rs       |  1 -
 dapps/src/web.rs                     |  2 -
 js/package-lock.json                 |  4 +-
 js/src/api/rpc/parity/parity.js      |  5 +++
 js/src/jsonrpc/interfaces/parity.js  | 11 ++++++
 js/src/views/Dapps/dapps.js          | 13 ++++++-
 js/src/views/Dapps/dappsStore.js     | 19 +++++++++-
 parity/dapps.rs                      |  7 +++-
 rpc/src/v1/helpers/dapps.rs          | 10 +----
 rpc/src/v1/impls/light/parity_set.rs |  4 ++
 rpc/src/v1/impls/parity_set.rs       |  4 ++
 rpc/src/v1/tests/helpers/dapps.rs    |  4 ++
 rpc/src/v1/traits/parity_set.rs      |  4 ++
 18 files changed, 157 insertions(+), 56 deletions(-)

diff --git a/dapps/src/apps/mod.rs b/dapps/src/apps/mod.rs
index 376b8a36f..c38c6784a 100644
--- a/dapps/src/apps/mod.rs
+++ b/dapps/src/apps/mod.rs
@@ -14,7 +14,6 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
-use std::collections::BTreeMap;
 use std::path::PathBuf;
 use std::sync::Arc;
 
@@ -30,8 +29,8 @@ use {WebProxyTokens, ParentFrameSettings};
 
 mod app;
 mod cache;
-mod fs;
 mod ui;
+pub mod fs;
 pub mod fetcher;
 pub mod manifest;
 
@@ -64,9 +63,10 @@ pub fn all_endpoints<F: Fetch>(
 	web_proxy_tokens: Arc<WebProxyTokens>,
 	remote: Remote,
 	fetch: F,
-) -> Endpoints {
+) -> (Vec<String>, Endpoints) {
 	// fetch fs dapps at first to avoid overwriting builtins
-	let mut pages = fs::local_endpoints(dapps_path, embeddable.clone());
+	let mut pages = fs::local_endpoints(dapps_path.clone(), embeddable.clone());
+	let local_endpoints: Vec<String> = pages.keys().cloned().collect();
 	for path in extra_dapps {
 		if let Some((id, endpoint)) = fs::local_endpoint(path.clone(), embeddable.clone()) {
 			pages.insert(id, endpoint);
@@ -80,10 +80,10 @@ pub fn all_endpoints<F: Fetch>(
 	pages.insert("proxy".into(), ProxyPac::boxed(embeddable.clone(), dapps_domain.to_owned()));
 	pages.insert(WEB_PATH.into(), Web::boxed(embeddable.clone(), web_proxy_tokens.clone(), remote.clone(), fetch.clone()));
 
-	Arc::new(pages)
+	(local_endpoints, pages)
 }
 
-fn insert<T : WebApp + Default + 'static>(pages: &mut BTreeMap<String, Box<Endpoint>>, id: &str, embed_at: Embeddable) {
+fn insert<T : WebApp + Default + 'static>(pages: &mut Endpoints, id: &str, embed_at: Embeddable) {
 	pages.insert(id.to_owned(), Box::new(match embed_at {
 		Embeddable::Yes(address) => PageEndpoint::new_safe_to_embed(T::default(), address),
 		Embeddable::No => PageEndpoint::new(T::default()),
diff --git a/dapps/src/endpoint.rs b/dapps/src/endpoint.rs
index ea8fd0a38..ea5825b74 100644
--- a/dapps/src/endpoint.rs
+++ b/dapps/src/endpoint.rs
@@ -16,7 +16,6 @@
 
 //! URL Endpoint traits
 
-use std::sync::Arc;
 use std::collections::BTreeMap;
 
 use hyper::{self, server, net};
@@ -39,7 +38,7 @@ pub struct EndpointInfo {
 	pub icon_url: String,
 }
 
-pub type Endpoints = Arc<BTreeMap<String, Box<Endpoint>>>;
+pub type Endpoints = BTreeMap<String, Box<Endpoint>>;
 pub type Handler = server::Handler<net::HttpStream> + Send;
 
 pub trait Endpoint : Send + Sync {
diff --git a/dapps/src/lib.rs b/dapps/src/lib.rs
index f34c24cae..412e69daf 100644
--- a/dapps/src/lib.rs
+++ b/dapps/src/lib.rs
@@ -69,9 +69,11 @@ mod web;
 #[cfg(test)]
 mod tests;
 
+use std::collections::HashMap;
+use std::mem;
 use std::path::PathBuf;
 use std::sync::Arc;
-use std::collections::HashMap;
+use util::RwLock;
 
 use jsonrpc_http_server::{self as http, hyper, Origin};
 
@@ -101,31 +103,54 @@ impl<F> WebProxyTokens for F where F: Fn(String) -> Option<Origin> + Send + Sync
 }
 
 /// Current supported endpoints.
+#[derive(Default, Clone)]
 pub struct Endpoints {
-	endpoints: endpoint::Endpoints,
+	local_endpoints: Arc<RwLock<Vec<String>>>,
+	endpoints: Arc<RwLock<endpoint::Endpoints>>,
+	dapps_path: PathBuf,
+	embeddable: Option<ParentFrameSettings>,
 }
 
 impl Endpoints {
 	/// Returns a current list of app endpoints.
 	pub fn list(&self) -> Vec<apps::App> {
-		self.endpoints.iter().filter_map(|(ref k, ref e)| {
+		self.endpoints.read().iter().filter_map(|(ref k, ref e)| {
 			e.info().map(|ref info| apps::App::from_info(k, info))
 		}).collect()
 	}
+
+	/// Check for any changes in the local dapps folder and update.
+	pub fn refresh_local_dapps(&self) {
+		let new_local = apps::fs::local_endpoints(&self.dapps_path, self.embeddable.clone());
+		let old_local = mem::replace(&mut *self.local_endpoints.write(), new_local.keys().cloned().collect());
+		let (_, to_remove): (_, Vec<_>) = old_local
+			.into_iter()
+			.partition(|k| new_local.contains_key(&k.clone()));
+
+		let mut endpoints = self.endpoints.write();
+		// remove the dead dapps
+		for k in to_remove {
+			endpoints.remove(&k);
+		}
+		// new dapps to be added
+		for (k, v) in new_local {
+			if !endpoints.contains_key(&k) {
+				endpoints.insert(k, v);
+			}
+		}
+	}
 }
 
 /// Dapps server as `jsonrpc-http-server` request middleware.
 pub struct Middleware {
+	endpoints: Endpoints,
 	router: router::Router,
-	endpoints: endpoint::Endpoints,
 }
 
 impl Middleware {
 	/// Get local endpoints handle.
-	pub fn endpoints(&self) -> Endpoints {
-		Endpoints {
-			endpoints: self.endpoints.clone(),
-		}
+	pub fn endpoints(&self) -> &Endpoints {
+		&self.endpoints
 	}
 
 	/// Creates new middleware for UI server.
@@ -164,8 +189,8 @@ impl Middleware {
 		);
 
 		Middleware {
-			router: router,
 			endpoints: Default::default(),
+			router: router,
 		}
 	}
 
@@ -191,8 +216,8 @@ impl Middleware {
 			remote.clone(),
 			fetch.clone(),
 		).embeddable_on(embeddable.clone()).allow_dapps(true));
-		let endpoints = apps::all_endpoints(
-			dapps_path,
+		let (local_endpoints, endpoints) = apps::all_endpoints(
+			dapps_path.clone(),
 			extra_dapps,
 			dapps_domain,
 			embeddable.clone(),
@@ -200,6 +225,12 @@ impl Middleware {
 			remote.clone(),
 			fetch.clone(),
 		);
+		let endpoints = Endpoints {
+			endpoints: Arc::new(RwLock::new(endpoints)),
+			dapps_path,
+			local_endpoints: Arc::new(RwLock::new(local_endpoints)),
+			embeddable: embeddable.clone(),
+		};
 
 		let special = {
 			let mut special = special_endpoints(
@@ -225,8 +256,8 @@ impl Middleware {
 		);
 
 		Middleware {
-			router: router,
-			endpoints: endpoints,
+			endpoints,
+			router,
 		}
 	}
 }
diff --git a/dapps/src/router.rs b/dapps/src/router.rs
index 5cf92ff7e..2b74d51df 100644
--- a/dapps/src/router.rs
+++ b/dapps/src/router.rs
@@ -28,7 +28,8 @@ use jsonrpc_http_server as http;
 
 use apps;
 use apps::fetcher::Fetcher;
-use endpoint::{Endpoint, Endpoints, EndpointPath, Handler};
+use endpoint::{Endpoint, EndpointPath, Handler};
+use Endpoints;
 use handlers;
 use Embeddable;
 
@@ -50,26 +51,27 @@ pub struct Router {
 	dapps_domain: String,
 }
 
-impl http::RequestMiddleware for Router {
-	fn on_request(&self, req: &server::Request<HttpStream>, control: &Control) -> http::RequestMiddlewareAction {
+impl Router {
+	fn resolve_request(&self, req: &server::Request<HttpStream>, control: Control, refresh_dapps: bool) -> (bool, Option<Box<Handler>>) {
 		// Choose proper handler depending on path / domain
 		let url = handlers::extract_url(req);
 		let endpoint = extract_endpoint(&url, &self.dapps_domain);
 		let referer = extract_referer_endpoint(req, &self.dapps_domain);
 		let is_utils = endpoint.1 == SpecialEndpoint::Utils;
-		let is_origin_set = req.headers().get::<header::Origin>().is_some();
 		let is_get_request = *req.method() == hyper::Method::Get;
 		let is_head_request = *req.method() == hyper::Method::Head;
+		let has_dapp = |dapp: &str| self.endpoints
+			.as_ref()
+			.map_or(false, |endpoints| endpoints.endpoints.read().contains_key(dapp));
 
 		trace!(target: "dapps", "Routing request to {:?}. Details: {:?}", url, req);
-
-		let control = control.clone();
 		debug!(target: "dapps", "Handling endpoint request: {:?}", endpoint);
-		let handler: Option<Box<Handler>> = match (endpoint.0, endpoint.1, referer) {
+
+		(is_utils, match (endpoint.0, endpoint.1, referer) {
 			// Handle invalid web requests that we can recover from
 			(ref path, SpecialEndpoint::None, Some((ref referer, ref referer_url)))
 				if referer.app_id == apps::WEB_PATH
-					&& self.endpoints.as_ref().map(|ep| ep.contains_key(apps::WEB_PATH)).unwrap_or(false)
+					&& has_dapp(apps::WEB_PATH)
 					&& !is_web_endpoint(path)
 				=>
 			{
@@ -88,11 +90,13 @@ impl http::RequestMiddleware for Router {
 					.map(|special| special.to_async_handler(path.clone().unwrap_or_default(), control))
 			},
 			// Then delegate to dapp
-			(Some(ref path), _, _) if self.endpoints.as_ref().map(|ep| ep.contains_key(&path.app_id)).unwrap_or(false) => {
+			(Some(ref path), _, _) if has_dapp(&path.app_id) => {
 				trace!(target: "dapps", "Resolving to local/builtin dapp.");
 				Some(self.endpoints
 					.as_ref()
 					.expect("endpoints known to be set; qed")
+					.endpoints
+					.read()
 					.get(&path.app_id)
 					.expect("endpoints known to contain key; qed")
 					.to_async_handler(path.clone(), control))
@@ -110,13 +114,19 @@ impl http::RequestMiddleware for Router {
 				=>
 			{
 				trace!(target: "dapps", "Resolving to 404.");
-				Some(Box::new(handlers::ContentHandler::error(
-					hyper::StatusCode::NotFound,
-					"404 Not Found",
-					"Requested content was not found.",
-					None,
-					self.embeddable_on.clone(),
-				)))
+				if refresh_dapps {
+					debug!(target: "dapps", "Refreshing dapps and re-trying.");
+					self.endpoints.as_ref().map(|endpoints| endpoints.refresh_local_dapps());
+					return self.resolve_request(req, control, false)
+				} else {
+					Some(Box::new(handlers::ContentHandler::error(
+						hyper::StatusCode::NotFound,
+						"404 Not Found",
+						"Requested content was not found.",
+						None,
+						self.embeddable_on.clone(),
+					)))
+				}
 			},
 			// Any other GET|HEAD requests to home page.
 			_ if (is_get_request || is_head_request) && self.special.contains_key(&SpecialEndpoint::Home) => {
@@ -130,8 +140,15 @@ impl http::RequestMiddleware for Router {
 				trace!(target: "dapps", "Resolving to RPC call.");
 				None
 			}
-		};
+		})
+	}
+}
 
+impl http::RequestMiddleware for Router {
+	fn on_request(&self, req: &server::Request<HttpStream>, control: &Control) -> http::RequestMiddlewareAction {
+		let control = control.clone();
+		let is_origin_set = req.headers().get::<header::Origin>().is_some();
+		let (is_utils, handler) = self.resolve_request(req, control, self.endpoints.is_some());
 		match handler {
 			Some(handler) => http::RequestMiddlewareAction::Respond {
 				should_validate_hosts: !is_utils,
diff --git a/dapps/src/tests/fetch.rs b/dapps/src/tests/fetch.rs
index 8abc86196..f12323155 100644
--- a/dapps/src/tests/fetch.rs
+++ b/dapps/src/tests/fetch.rs
@@ -39,7 +39,7 @@ fn should_resolve_dapp() {
 
 	// then
 	response.assert_status("HTTP/1.1 404 Not Found");
-	assert_eq!(registrar.calls.lock().len(), 2);
+	assert_eq!(registrar.calls.lock().len(), 4);
 	assert_security_headers_for_embed(&response.headers);
 }
 
diff --git a/dapps/src/tests/redirection.rs b/dapps/src/tests/redirection.rs
index 1e9b039e2..81d3ec76c 100644
--- a/dapps/src/tests/redirection.rs
+++ b/dapps/src/tests/redirection.rs
@@ -204,4 +204,3 @@ fn should_serve_utils() {
 	assert_eq!(response.body.contains("function(){"), true);
 	assert_security_headers(&response.headers);
 }
-
diff --git a/dapps/src/web.rs b/dapps/src/web.rs
index 637a5287e..5222f51b5 100644
--- a/dapps/src/web.rs
+++ b/dapps/src/web.rs
@@ -241,5 +241,3 @@ impl<F: Fetch> server::Handler<net::HttpStream> for WebHandler<F> {
 		}
 	}
 }
-
-
diff --git a/js/package-lock.json b/js/package-lock.json
index 7514c3c29..9573976da 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -7722,7 +7722,7 @@
     "minimatch": {
       "version": "3.0.4",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
-      "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==",
+      "integrity": "sha1-UWbihkV/AzBgZL5Ul+jbsMPTIIM=",
       "requires": {
         "brace-expansion": "1.1.8"
       }
@@ -10081,7 +10081,7 @@
     "react-qr-reader": {
       "version": "1.1.3",
       "resolved": "https://registry.npmjs.org/react-qr-reader/-/react-qr-reader-1.1.3.tgz",
-      "integrity": "sha512-ruBF8KaSwUW9nbzjO4rA7/HOCGYZuNUz9od7uBRy8SRBi24nwxWWmwa2z8R6vPGDRglA0y2Qk1aVBuC1olTnHw==",
+      "integrity": "sha1-dDmnZvyZPLj17u/HLCnblh1AswI=",
       "requires": {
         "jsqr": "git+https://github.com/JodusNodus/jsQR.git#5ba1acefa1cbb9b2bc92b49f503f2674e2ec212b",
         "prop-types": "15.5.10",
diff --git a/js/src/api/rpc/parity/parity.js b/js/src/api/rpc/parity/parity.js
index 4fdaf5b1b..c2681b3fb 100644
--- a/js/src/api/rpc/parity/parity.js
+++ b/js/src/api/rpc/parity/parity.js
@@ -95,6 +95,11 @@ export default class Parity {
       .execute('parity_dappsList');
   }
 
+  dappsRefresh () {
+    return this._transport
+      .execute('parity_dappsRefresh');
+  }
+
   dappsUrl () {
     return this._transport
       .execute('parity_dappsUrl');
diff --git a/js/src/jsonrpc/interfaces/parity.js b/js/src/jsonrpc/interfaces/parity.js
index d1ade602b..d80a0c5a2 100644
--- a/js/src/jsonrpc/interfaces/parity.js
+++ b/js/src/jsonrpc/interfaces/parity.js
@@ -164,6 +164,17 @@ export default {
     }
   },
 
+  dappsRefresh: {
+    subdoc: SUBDOC_SET,
+    desc: 'Returns a boolean value upon success and error upon failure',
+    params: [],
+    returns: {
+      type: Boolean,
+      desc: 'True for success. error details for failure',
+      example: true
+    }
+  },
+
   dappsUrl: {
     section: SECTION_NODE,
     desc: 'Returns the hostname and the port of dapps/rpc server, error if not enabled.',
diff --git a/js/src/views/Dapps/dapps.js b/js/src/views/Dapps/dapps.js
index 5e5efedf7..54706f352 100644
--- a/js/src/views/Dapps/dapps.js
+++ b/js/src/views/Dapps/dapps.js
@@ -24,7 +24,7 @@ import { connect } from 'react-redux';
 import { DappPermissions, DappsVisible } from '~/modals';
 import PermissionStore from '~/modals/DappPermissions/store';
 import { Actionbar, Button, DappCard, Page, SectionList } from '~/ui';
-import { LockedIcon, VisibleIcon } from '~/ui/Icons';
+import { LockedIcon, RefreshIcon, VisibleIcon } from '~/ui/Icons';
 
 import DappsStore from './dappsStore';
 
@@ -90,6 +90,17 @@ class Dapps extends Component {
             />
           }
           buttons={ [
+            <Button
+              icon={ <RefreshIcon /> }
+              key='refresh'
+              label={
+                <FormattedMessage
+                  id='dapps.button.dapp.refresh'
+                  defaultMessage='refresh'
+                />
+              }
+              onClick={ this.store.refreshDapps }
+            />,
             <Button
               icon={ <VisibleIcon /> }
               key='edit'
diff --git a/js/src/views/Dapps/dappsStore.js b/js/src/views/Dapps/dappsStore.js
index b0570dc8f..1a5e921ea 100644
--- a/js/src/views/Dapps/dappsStore.js
+++ b/js/src/views/Dapps/dappsStore.js
@@ -89,7 +89,7 @@ export default class DappsStore extends EventEmitter {
     return Promise
       .all([
         this.fetchBuiltinApps().then((apps) => this.addApps(apps)),
-        this.fetchLocalApps().then((apps) => this.addApps(apps))
+        this.fetchLocalApps().then((apps) => this.addApps(apps, true))
       ]);
   }
 
@@ -227,6 +227,20 @@ export default class DappsStore extends EventEmitter {
     return this.visibleApps.filter((app) => app.type === 'network');
   }
 
+  @action refreshDapps = () => {
+    const self = this;
+
+    self._api.parity.dappsRefresh()
+      .then((res) => {
+        if (res === true) {
+          self.loadAllApps();
+        }
+      })
+      .catch((err) => {
+        console.log(err);
+      });
+  }
+
   @action openModal = () => {
     this.modalOpen = true;
   }
@@ -266,7 +280,7 @@ export default class DappsStore extends EventEmitter {
     this.displayApps = Object.assign({}, this.displayApps, displayApps);
   };
 
-  @action addApps = (_apps = []) => {
+  @action addApps = (_apps = [], _local = false) => {
     transaction(() => {
       const apps = _apps.filter((app) => app);
 
@@ -277,6 +291,7 @@ export default class DappsStore extends EventEmitter {
 
       this.apps = this.apps
         .filter((app) => !app.id || !newAppsIds.includes(app.id))
+        .filter((app) => !(app.type === 'local' && _local && apps.indexOf(app) === -1))
         .concat(apps || [])
         .sort((a, b) => a.name.localeCompare(b.name));
 
diff --git a/parity/dapps.rs b/parity/dapps.rs
index a67b3fe3a..f048f69ca 100644
--- a/parity/dapps.rs
+++ b/parity/dapps.rs
@@ -291,7 +291,7 @@ mod server {
 
 	pub fn service(middleware: &Option<Middleware>) -> Option<Arc<rpc_apis::DappsService>> {
 		middleware.as_ref().map(|m| Arc::new(DappsServiceWrapper {
-			endpoints: m.endpoints()
+			endpoints: m.endpoints().clone(),
 		}) as Arc<rpc_apis::DappsService>)
 	}
 
@@ -313,5 +313,10 @@ mod server {
 				})
 				.collect()
 		}
+
+		fn refresh_local_dapps(&self) -> bool {
+			self.endpoints.refresh_local_dapps();
+			true
+		}
 	}
 }
diff --git a/rpc/src/v1/helpers/dapps.rs b/rpc/src/v1/helpers/dapps.rs
index 34f4fe1b5..391a12c82 100644
--- a/rpc/src/v1/helpers/dapps.rs
+++ b/rpc/src/v1/helpers/dapps.rs
@@ -22,12 +22,6 @@ use v1::types::LocalDapp;
 pub trait DappsService: Send + Sync + 'static {
 	/// List available local dapps.
 	fn list_dapps(&self) -> Vec<LocalDapp>;
-}
-
-impl<F> DappsService for F where
-	F: Fn() -> Vec<LocalDapp> + Send + Sync + 'static
-{
-	fn list_dapps(&self) -> Vec<LocalDapp> {
-		(*self)()
-	}
+	/// Refresh local dapps list
+	fn refresh_local_dapps(&self) -> bool;
 }
diff --git a/rpc/src/v1/impls/light/parity_set.rs b/rpc/src/v1/impls/light/parity_set.rs
index fdeee693f..b97327168 100644
--- a/rpc/src/v1/impls/light/parity_set.rs
+++ b/rpc/src/v1/impls/light/parity_set.rs
@@ -135,6 +135,10 @@ impl<F: Fetch> ParitySet for ParitySetClient<F> {
 		}))
 	}
 
+	fn dapps_refresh(&self) -> Result<bool, Error> {
+		self.dapps.as_ref().map(|dapps| dapps.refresh_local_dapps()).ok_or_else(errors::dapps_disabled)
+	}
+
 	fn dapps_list(&self) -> Result<Vec<LocalDapp>, Error> {
 		self.dapps.as_ref().map(|dapps| dapps.list_dapps()).ok_or_else(errors::dapps_disabled)
 	}
diff --git a/rpc/src/v1/impls/parity_set.rs b/rpc/src/v1/impls/parity_set.rs
index dc771c4f8..540964e63 100644
--- a/rpc/src/v1/impls/parity_set.rs
+++ b/rpc/src/v1/impls/parity_set.rs
@@ -176,6 +176,10 @@ impl<C, M, U, F> ParitySet for ParitySetClient<C, M, U, F> where
 		}))
 	}
 
+	fn dapps_refresh(&self) -> Result<bool, Error> {
+		self.dapps.as_ref().map(|dapps| dapps.refresh_local_dapps()).ok_or_else(errors::dapps_disabled)
+	}
+
 	fn dapps_list(&self) -> Result<Vec<LocalDapp>, Error> {
 		self.dapps.as_ref().map(|dapps| dapps.list_dapps()).ok_or_else(errors::dapps_disabled)
 	}
diff --git a/rpc/src/v1/tests/helpers/dapps.rs b/rpc/src/v1/tests/helpers/dapps.rs
index 44148ab0f..6a7182dd0 100644
--- a/rpc/src/v1/tests/helpers/dapps.rs
+++ b/rpc/src/v1/tests/helpers/dapps.rs
@@ -34,4 +34,8 @@ impl DappsService for TestDappsService {
 			icon_url: "title.png".into(),
 		}]
 	}
+
+	fn refresh_local_dapps(&self) -> bool {
+		true
+	}
 }
diff --git a/rpc/src/v1/traits/parity_set.rs b/rpc/src/v1/traits/parity_set.rs
index 1feb39718..15f35b671 100644
--- a/rpc/src/v1/traits/parity_set.rs
+++ b/rpc/src/v1/traits/parity_set.rs
@@ -96,6 +96,10 @@ build_rpc_trait! {
 		#[rpc(async, name = "parity_hashContent")]
 		fn hash_content(&self, String) -> BoxFuture<H256, Error>;
 
+		/// Returns true if refresh successful, error if unsuccessful or server is disabled.
+		#[rpc(name = "parity_dappsRefresh")]
+		fn dapps_refresh(&self) -> Result<bool, Error>;
+
 		/// Returns a list of local dapps
 		#[rpc(name = "parity_dappsList")]
 		fn dapps_list(&self) -> Result<Vec<LocalDapp>, Error>;

From e128285a779697c197bde02cb0430c9e1d847a0e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Wagner?= <bjornwgnr@users.noreply.github.com>
Date: Wed, 9 Aug 2017 19:07:15 +0200
Subject: [PATCH 052/112] Replace 'home.parity' with 'parity.web3.site' (#4771)

---
 js/src/views/Settings/Proxy/proxy.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/js/src/views/Settings/Proxy/proxy.js b/js/src/views/Settings/Proxy/proxy.js
index d5142e4a4..70a533d1d 100644
--- a/js/src/views/Settings/Proxy/proxy.js
+++ b/js/src/views/Settings/Proxy/proxy.js
@@ -51,9 +51,9 @@ export default class Proxy extends Component {
               <div>
                 <FormattedMessage
                   id='settings.proxy.details_0'
-                  defaultMessage='Instead of accessing Parity via the IP address and port, you will be able to access it via the .parity subdomain, by visiting {homeProxy}. To setup subdomain-based routing, you need to add the relevant proxy entries to your browser,'
+                  defaultMessage='Instead of accessing Parity via the IP address and port, you will be able to access it via the .web3.site subdomain, by visiting {homeProxy}. To setup subdomain-based routing, you need to add the relevant proxy entries to your browser,'
                   values={ {
-                    homeProxy: <span className={ layout.console }>http://home.parity/</span>
+                    homeProxy: <span className={ layout.console }>http://parity.web3.site/</span>
                   } }
                 />
               </div>

From b21932687a36d76e183018e836f4633f68850944 Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Wed, 9 Aug 2017 18:29:28 +0000
Subject: [PATCH 053/112] [ci skip] js-precompiled 20170809-182421

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index fd472676c..4cb19139e 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2053,7 +2053,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#dd9b92d9d8c244678e15163347f9adb2e2560959"
+source = "git+https://github.com/paritytech/js-precompiled.git#c8da9eef384de7a2911c317d47bb9f57c83f3f6b"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index 9573976da..d97c546da 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.11",
+  "version": "1.8.12",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index 3c399db87..618d82b47 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.11",
+  "version": "1.8.12",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From 30be0972b954ac9075e3a3caa6114802fdd81f5c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Thu, 10 Aug 2017 11:16:02 +0200
Subject: [PATCH 054/112] Add warning to web browser and fix links. (#6232)

---
 js/src/views/Home/Urls/urls.css |  1 +
 js/src/views/Home/Urls/urls.js  |  2 +-
 js/src/views/Web/store.js       |  7 ++-----
 js/src/views/Web/web.css        | 31 ++++++++++++++++++++++++++++++-
 js/src/views/Web/web.js         | 30 ++++++++++++++++++++++++++++++
 5 files changed, 64 insertions(+), 7 deletions(-)

diff --git a/js/src/views/Home/Urls/urls.css b/js/src/views/Home/Urls/urls.css
index 5b5deeb5b..81d3e8dc2 100644
--- a/js/src/views/Home/Urls/urls.css
+++ b/js/src/views/Home/Urls/urls.css
@@ -47,6 +47,7 @@
         color: rgb(0, 151, 167);
         overflow: hidden;
         text-overflow: ellipsis;
+        cursor: pointer;
       }
 
       .timestamp {
diff --git a/js/src/views/Home/Urls/urls.js b/js/src/views/Home/Urls/urls.js
index 7ded1ecda..acf4ae36f 100644
--- a/js/src/views/Home/Urls/urls.js
+++ b/js/src/views/Home/Urls/urls.js
@@ -127,7 +127,7 @@ export default class Urls extends Component {
     this.props.store.gotoUrl(url);
 
     if (extensionStore.hasExtension) {
-      window.open(this.props.store.currentUrl, '_blank');
+      window.open(url, '_blank');
     } else {
       router.push('/web');
     }
diff --git a/js/src/views/Web/store.js b/js/src/views/Web/store.js
index 9dd8ea3fe..99b9b4b48 100644
--- a/js/src/views/Web/store.js
+++ b/js/src/views/Web/store.js
@@ -64,12 +64,9 @@ export default class Store {
     if (!hasProtocol.test(url)) {
       url = `https://${url}`;
     }
-
+    this.setNextUrl(url);
     return this.generateToken(url).then(() => {
-      transaction(() => {
-        this.setNextUrl(url);
-        this.setCurrentUrl(this.nextUrl);
-      });
+      this.setCurrentUrl(this.nextUrl);
     });
   }
 
diff --git a/js/src/views/Web/web.css b/js/src/views/Web/web.css
index 3ea68bb6c..94e9d8e6f 100644
--- a/js/src/views/Web/web.css
+++ b/js/src/views/Web/web.css
@@ -21,10 +21,39 @@
   width: 100%;
 }
 
+:root .warningClose {
+  text-align: right;
+  a {
+    color: #fff;
+    text-decoration: underline;
+  }
+}
+
+.warning {
+  color: #fff;
+  background: #f80;
+  position: fixed;
+  bottom: 0;
+  left: 0;
+  right: 50%;
+  padding: 1.5em;
+  z-index: 100;
+  animation: fadein 0.3s;
+}
+
+@keyframes fadein {
+  from {
+    opacity: 0;
+  }
+  to {
+    opacity: 1;
+  }
+}
+
 .loading {
   text-align: center;
   margin-top: 5em;
-  color: #999;
+  color: #444;
   font-size: 2em;
 }
 
diff --git a/js/src/views/Web/web.js b/js/src/views/Web/web.js
index 8e81b43d5..9e3dbca54 100644
--- a/js/src/views/Web/web.js
+++ b/js/src/views/Web/web.js
@@ -35,6 +35,10 @@ export default class Web extends Component {
 
   store = Store.get(this.context.api);
 
+  state = {
+    isWarningDismissed: false
+  }
+
   componentDidMount () {
     this.store.gotoUrl(this.props.params.url);
   }
@@ -83,10 +87,36 @@ export default class Web extends Component {
           scrolling='auto'
           src={ encodedPath }
         />
+        { this.renderWarning() }
       </div>
     );
   }
 
+  renderWarning () {
+    if (this.state.isWarningDismissed) {
+      return null;
+    }
+
+    return (
+      <div className={ styles.warning }>
+        <p>
+          WARNING: The web browser dapp is not safe as a general purpose browser.
+          Make sure to only visit web3-enabled sites that you trust.
+          Do not use it to browse web2.0 and never log in to any service - web3 dapps should not require that.
+        </p>
+        <div className={ styles.warningClose }>
+          <a onClick={ this.dismissWarning }>Okay!</a>
+        </div>
+      </div>
+    );
+  }
+
+  dismissWarning = () => {
+    this.setState({
+      isWarningDismissed: true
+    });
+  };
+
   iframeOnLoad = () => {
     this.store.setLoading(false);
   };

From ecd880c8e7bda23afd6950901c0e3d69edb9349e Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Thu, 10 Aug 2017 10:16:01 +0000
Subject: [PATCH 055/112] [ci skip] js-precompiled 20170810-101054

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 4cb19139e..d4209ea5d 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2053,7 +2053,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#c8da9eef384de7a2911c317d47bb9f57c83f3f6b"
+source = "git+https://github.com/paritytech/js-precompiled.git#0768c834921c5ef52136337953eb3cd058d95850"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index d97c546da..380f48073 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.12",
+  "version": "1.8.13",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index 618d82b47..a01a6d38b 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.12",
+  "version": "1.8.13",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From 65482c5e9d0e098b1c2dd7457b212c0668b43730 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Thu, 10 Aug 2017 18:32:10 +0200
Subject: [PATCH 056/112] Fix dapps CSP when UI is exposed externally (#6178)

* Allow embeding on any page when ui-hosts=all and fix dev_ui

* Fix tests.
---
 dapps/src/handlers/mod.rs      | 18 ++++++++++++++----
 dapps/src/lib.rs               |  9 +++++++--
 dapps/src/tests/helpers/mod.rs |  1 +
 parity/configuration.rs        | 33 ++++++++++++++++++++++++++++-----
 parity/dapps.rs                |  6 ++++++
 5 files changed, 56 insertions(+), 11 deletions(-)

diff --git a/dapps/src/handlers/mod.rs b/dapps/src/handlers/mod.rs
index 7937ce667..65c2cbe27 100644
--- a/dapps/src/handlers/mod.rs
+++ b/dapps/src/handlers/mod.rs
@@ -67,10 +67,20 @@ pub fn add_security_headers(headers: &mut header::Headers, embeddable_on: Embedd
 		// Allow fonts from data: and HTTPS.
 		b"font-src 'self' data: https:;".to_vec(),
 		// Allow inline scripts and scripts eval (webpack/jsconsole)
-		b"script-src 'self' 'unsafe-inline' 'unsafe-eval';".to_vec(),
-		// Same restrictions as script-src (fallback) with additional
+		{
+			let script_src = embeddable_on.as_ref()
+				.map(|e| e.extra_script_src.iter()
+					 .map(|&(ref host, port)| address(host, port))
+					 .join(" ")
+				).unwrap_or_default();
+			format!(
+				"script-src 'self' 'unsafe-inline' 'unsafe-eval' {};",
+				script_src
+			).into_bytes()
+		},
+		// Same restrictions as script-src with additional
 		// blob: that is required for camera access (worker)
-		b"worker-src 'self' 'unsafe-inline' 'unsafe-eval' blob: ;".to_vec(),
+		b"worker-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:;".to_vec(),
 		// Restrict everything else to the same origin.
 		b"default-src 'self';".to_vec(),
 		// Run in sandbox mode (although it's not fully safe since we allow same-origin and script)
@@ -90,7 +100,7 @@ pub fn add_security_headers(headers: &mut header::Headers, embeddable_on: Embedd
 					.into_iter()
 					.chain(embed.extra_embed_on
 						.iter()
-						.map(|&(ref host, port)| format!("{}:{}", host, port))
+						.map(|&(ref host, port)| address(host, port))
 					);
 
 				let ancestors = if embed.host == "127.0.0.1" {
diff --git a/dapps/src/lib.rs b/dapps/src/lib.rs
index 412e69daf..3eda70ab5 100644
--- a/dapps/src/lib.rs
+++ b/dapps/src/lib.rs
@@ -201,6 +201,7 @@ impl Middleware {
 		remote: Remote,
 		ui_address: Option<(String, u16)>,
 		extra_embed_on: Vec<(String, u16)>,
+		extra_script_src: Vec<(String, u16)>,
 		dapps_path: PathBuf,
 		extra_dapps: Vec<PathBuf>,
 		dapps_domain: &str,
@@ -209,7 +210,7 @@ impl Middleware {
 		web_proxy_tokens: Arc<WebProxyTokens>,
 		fetch: F,
 	) -> Self {
-		let embeddable = as_embeddable(ui_address, extra_embed_on, dapps_domain);
+		let embeddable = as_embeddable(ui_address, extra_embed_on, extra_script_src, dapps_domain);
 		let content_fetcher = Arc::new(apps::fetcher::ContentFetcher::new(
 			hash_fetch::urlhint::URLHintContract::new(registrar),
 			sync_status.clone(),
@@ -294,12 +295,14 @@ fn address(host: &str, port: u16) -> String {
 fn as_embeddable(
 	ui_address: Option<(String, u16)>,
 	extra_embed_on: Vec<(String, u16)>,
+	extra_script_src: Vec<(String, u16)>,
 	dapps_domain: &str,
 ) -> Option<ParentFrameSettings> {
 	ui_address.map(|(host, port)| ParentFrameSettings {
 		host,
 		port,
 		extra_embed_on,
+		extra_script_src,
 		dapps_domain: dapps_domain.to_owned(),
 	})
 }
@@ -320,8 +323,10 @@ pub struct ParentFrameSettings {
 	pub host: String,
 	/// Port
 	pub port: u16,
-	/// Additional pages the pages can be embedded on.
+	/// Additional URLs the dapps can be embedded on.
 	pub extra_embed_on: Vec<(String, u16)>,
+	/// Additional URLs the dapp scripts can be loaded from.
+	pub extra_script_src: Vec<(String, u16)>,
 	/// Dapps Domain (web3.site)
 	pub dapps_domain: String,
 }
diff --git a/dapps/src/tests/helpers/mod.rs b/dapps/src/tests/helpers/mod.rs
index 38dd82de6..30d3ba8f9 100644
--- a/dapps/src/tests/helpers/mod.rs
+++ b/dapps/src/tests/helpers/mod.rs
@@ -260,6 +260,7 @@ impl Server {
 			remote,
 			signer_address,
 			vec![],
+			vec![],
 			dapps_path,
 			extra_dapps,
 			DAPPS_DOMAIN.into(),
diff --git a/parity/configuration.rs b/parity/configuration.rs
index be355f394..fda91e231 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -20,6 +20,7 @@ use std::net::SocketAddr;
 use std::path::{Path, PathBuf};
 use std::collections::BTreeMap;
 use std::cmp::max;
+use std::str::FromStr;
 use cli::{Args, ArgsError};
 use util::{Hashable, H256, U256, Bytes, version_data, Address};
 use util::journaldb::Algorithm;
@@ -551,6 +552,10 @@ impl Configuration {
 		Ok(options)
 	}
 
+	fn ui_port(&self) -> u16 {
+		self.args.flag_ports_shift + self.args.flag_ui_port
+	}
+
 	fn ntp_servers(&self) -> Vec<String> {
 		self.args.flag_ntp_servers.split(",").map(str::to_owned).collect()
 	}
@@ -560,12 +565,15 @@ impl Configuration {
 			enabled: self.ui_enabled(),
 			ntp_servers: self.ntp_servers(),
 			interface: self.ui_interface(),
-			port: self.args.flag_ports_shift + self.args.flag_ui_port,
+			port: self.ui_port(),
 			hosts: self.ui_hosts(),
 		}
 	}
 
 	fn dapps_config(&self) -> DappsConfiguration {
+		let dev_ui = if self.args.flag_ui_no_validation { vec![("localhost".to_owned(), 3000)] } else { vec![] };
+		let ui_port = self.ui_port();
+
 		DappsConfiguration {
 			enabled: self.dapps_enabled(),
 			ntp_servers: self.ntp_servers(),
@@ -575,11 +583,26 @@ impl Configuration {
 			} else {
 				vec![]
 			},
-			extra_embed_on: if self.args.flag_ui_no_validation {
-				vec![("localhost".to_owned(), 3000)]
-			} else {
-				vec![]
+			extra_embed_on: {
+				let mut extra_embed = dev_ui.clone();
+				match self.ui_hosts() {
+					// In case host validation is disabled allow all frame ancestors
+					None => extra_embed.push(("*".to_owned(), ui_port)),
+					Some(hosts) => extra_embed.extend(hosts.into_iter().filter_map(|host| {
+						let mut it = host.split(":");
+						let host = it.next();
+						let port = it.next().and_then(|v| u16::from_str(v).ok());
+
+						match (host, port) {
+							(Some(host), Some(port)) => Some((host.into(), port)),
+							(Some(host), None) => Some((host.into(), ui_port)),
+							_ => None,
+						}
+					})),
+				}
+				extra_embed
 			},
+			extra_script_src: dev_ui,
 		}
 	}
 
diff --git a/parity/dapps.rs b/parity/dapps.rs
index f048f69ca..fddd050f5 100644
--- a/parity/dapps.rs
+++ b/parity/dapps.rs
@@ -40,6 +40,7 @@ pub struct Configuration {
 	pub dapps_path: PathBuf,
 	pub extra_dapps: Vec<PathBuf>,
 	pub extra_embed_on: Vec<(String, u16)>,
+	pub extra_script_src: Vec<(String, u16)>,
 }
 
 impl Default for Configuration {
@@ -56,6 +57,7 @@ impl Default for Configuration {
 			dapps_path: replace_home(&data_dir, "$BASE/dapps").into(),
 			extra_dapps: vec![],
 			extra_embed_on: vec![],
+			extra_script_src: vec![],
 		}
 	}
 }
@@ -168,6 +170,7 @@ pub fn new(configuration: Configuration, deps: Dependencies) -> Result<Option<Mi
 		configuration.extra_dapps,
 		rpc::DAPPS_DOMAIN,
 		configuration.extra_embed_on,
+		configuration.extra_script_src,
 	).map(Some)
 }
 
@@ -214,6 +217,7 @@ mod server {
 		_extra_dapps: Vec<PathBuf>,
 		_dapps_domain: &str,
 		_extra_embed_on: Vec<(String, u16)>,
+		_extra_script_src: Vec<(String, u16)>,
 	) -> Result<Middleware, String> {
 		Err("Your Parity version has been compiled without WebApps support.".into())
 	}
@@ -251,6 +255,7 @@ mod server {
 		extra_dapps: Vec<PathBuf>,
 		dapps_domain: &str,
 		extra_embed_on: Vec<(String, u16)>,
+		extra_script_src: Vec<(String, u16)>,
 	) -> Result<Middleware, String> {
 		let signer = deps.signer;
 		let parity_remote = parity_reactor::Remote::new(deps.remote.clone());
@@ -262,6 +267,7 @@ mod server {
 			parity_remote,
 			deps.ui_address,
 			extra_embed_on,
+			extra_script_src,
 			dapps_path,
 			extra_dapps,
 			dapps_domain,

From 146feea4a65c5b3ad3eac1888e7f7c2fe91ae3b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Thu, 10 Aug 2017 18:47:23 +0200
Subject: [PATCH 057/112] Add --to and --gas-price (#6277)

---
 evmbin/src/main.rs | 38 +++++++++++++++++++++++++++++++++-----
 1 file changed, 33 insertions(+), 5 deletions(-)

diff --git a/evmbin/src/main.rs b/evmbin/src/main.rs
index 232642015..04314732a 100644
--- a/evmbin/src/main.rs
+++ b/evmbin/src/main.rs
@@ -35,7 +35,7 @@ use docopt::Docopt;
 use rustc_hex::FromHex;
 use util::{U256, Bytes, Address};
 use ethcore::spec;
-use vm::ActionParams;
+use vm::{ActionParams, CallType};
 
 mod info;
 mod display;
@@ -53,9 +53,11 @@ Usage:
 
 Transaction options:
     --code CODE        Contract code as hex (without 0x).
+    --to ADDRESS       Recipient address (without 0x).
     --from ADDRESS     Sender address (without 0x).
     --input DATA       Input data as hex (without 0x).
     --gas GAS          Supplied gas as hex (without 0x).
+    --gas-price WEI    Supplied gas price as hex (without 0x).
 
 General options:
     --json             Display verbose results in JSON.
@@ -78,16 +80,26 @@ fn main() {
 
 fn run<T: Informant>(args: Args, mut informant: T) {
 	let from = arg(args.from(), "--from");
+	let to = arg(args.to(), "--to");
 	let code = arg(args.code(), "--code");
 	let spec = arg(args.spec(), "--chain");
 	let gas = arg(args.gas(), "--gas");
+	let gas_price = arg(args.gas(), "--gas-price");
 	let data = arg(args.data(), "--input");
 
+	if code.is_none() && to == Address::default() {
+		die("Either --code or --to is required.");
+	}
+
 	let mut params = ActionParams::default();
+	params.call_type = if code.is_none() { CallType::Call } else { CallType::None };
+	params.code_address = to;
+	params.address = to;
 	params.sender = from;
 	params.origin = from;
 	params.gas = gas;
-	params.code = Some(Arc::new(code));
+	params.gas_price = gas_price;
+	params.code = code.map(Arc::new);
 	params.data = data;
 
 	informant.set_gas(gas);
@@ -99,8 +111,10 @@ fn run<T: Informant>(args: Args, mut informant: T) {
 struct Args {
 	cmd_stats: bool,
 	flag_from: Option<String>,
+	flag_to: Option<String>,
 	flag_code: Option<String>,
 	flag_gas: Option<String>,
+	flag_gas_price: Option<String>,
 	flag_input: Option<String>,
 	flag_spec: Option<String>,
 	flag_json: bool,
@@ -114,6 +128,13 @@ impl Args {
 		}
 	}
 
+	pub fn gas_price(&self) -> Result<U256, String> {
+		match self.flag_gas_price {
+			Some(ref gas_price) => gas_price.parse().map_err(to_string),
+			None => Ok(U256::zero()),
+		}
+	}
+
 	pub fn from(&self) -> Result<Address, String> {
 		match self.flag_from {
 			Some(ref from) => from.parse().map_err(to_string),
@@ -121,10 +142,17 @@ impl Args {
 		}
 	}
 
-	pub fn code(&self) -> Result<Bytes, String> {
+	pub fn to(&self) -> Result<Address, String> {
+		match self.flag_to {
+			Some(ref to) => to.parse().map_err(to_string),
+			None => Ok(Address::default()),
+		}
+	}
+
+	pub fn code(&self) -> Result<Option<Bytes>, String> {
 		match self.flag_code {
-			Some(ref code) => code.from_hex().map_err(to_string),
-			None => Err("Code is required!".into()),
+			Some(ref code) => code.from_hex().map(Some).map_err(to_string),
+			None => Ok(None),
 		}
 	}
 

From 604ea5d684b05f63ab2a32f68fdf50b8bbe38498 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Thu, 10 Aug 2017 18:48:03 +0200
Subject: [PATCH 058/112] Time should not contribue to overall status. (#6276)

---
 js/src/redux/providers/status.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/js/src/redux/providers/status.js b/js/src/redux/providers/status.js
index fc5dc38ba..e58fcf6c1 100644
--- a/js/src/redux/providers/status.js
+++ b/js/src/redux/providers/status.js
@@ -227,12 +227,12 @@ export default class Status {
   }
 
   _overallStatus = (health) => {
-    const all = [health.peers, health.sync, health.time].filter(x => x);
-    const allNoTime = [health.peers, health.sync].filter(x => x);
+    const allWithTime = [health.peers, health.sync, health.time].filter(x => x);
+    const all = [health.peers, health.sync].filter(x => x);
     const statuses = all.map(x => x.status);
     const bad = statuses.find(x => x === STATUS_BAD);
-    const needsAttention = allNoTime.map(x => x.status).find(x => x === STATUS_WARN);
-    const message = all.map(x => x.message).filter(x => x);
+    const needsAttention = statuses.find(x => x === STATUS_WARN);
+    const message = allWithTime.map(x => x.message).filter(x => x);
 
     if (all.length) {
       return {

From b5b6e3dd2a3796a4ad5fd058efc9a172fa18d8f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Sun, 13 Aug 2017 17:41:08 +0200
Subject: [PATCH 059/112] Fix a hash displayed in tooltip when signing
 arbitrary data (#6283)

* Allow connections from firefox extension.

* Displaying actual data that will be signed on hover.

* Display a tooltip.

* Revert "Allow connections from firefox extension."

This reverts commit d3323b76fe28564c2366ceec3d891de19884192f.
---
 js/src/api/util/format.js                     |  5 +-
 js/src/api/util/format.spec.js                |  1 +
 js/src/api/util/index.js                      |  3 +-
 .../components/SignRequest/signRequest.js     | 50 ++++++++++++++++++-
 .../SignRequest/signRequest.spec.js           | 11 +++-
 5 files changed, 65 insertions(+), 5 deletions(-)

diff --git a/js/src/api/util/format.js b/js/src/api/util/format.js
index 61fc9d32c..6a4a81d40 100644
--- a/js/src/api/util/format.js
+++ b/js/src/api/util/format.js
@@ -75,7 +75,10 @@ export function bytesToAscii (bytes) {
 }
 
 export function asciiToHex (string) {
-  return '0x' + string.split('').map((s) => s.charCodeAt(0).toString(16)).join('');
+  return '0x' + string.split('')
+    .map(s => s.charCodeAt(0))
+    .map(s => s < 0x10 ? '0' + s.toString(16) : s.toString(16))
+    .join('');
 }
 
 export function padRight (input, length) {
diff --git a/js/src/api/util/format.spec.js b/js/src/api/util/format.spec.js
index c37205569..ba7a3994e 100644
--- a/js/src/api/util/format.spec.js
+++ b/js/src/api/util/format.spec.js
@@ -67,6 +67,7 @@ describe('api/util/format', () => {
 
     it('correctly converts a non-empty string', () => {
       expect(asciiToHex('abc')).to.equal('0x616263');
+      expect(asciiToHex('a\nb')).to.equal('0x610a62');
     });
   });
 
diff --git a/js/src/api/util/index.js b/js/src/api/util/index.js
index cc8fc9b93..30328856b 100644
--- a/js/src/api/util/index.js
+++ b/js/src/api/util/index.js
@@ -17,7 +17,7 @@
 import { isAddress as isAddressValid, toChecksumAddress } from '../../abi/util/address';
 import { abiDecode, decodeCallData, decodeMethodInput, methodToAbi } from './decode';
 import { abiEncode, abiUnencode, abiSignature, encodeMethodCallAbi } from './encode';
-import { bytesToHex, hexToAscii, asciiToHex, cleanupValue } from './format';
+import { bytesToHex, hexToAscii, hexToBytes, asciiToHex, cleanupValue } from './format';
 import { fromWei, toWei } from './wei';
 import { sha3 } from './sha3';
 import { isArray, isFunction, isHex, isInstanceOf, isString } from './types';
@@ -37,6 +37,7 @@ export default {
   isString,
   bytesToHex,
   hexToAscii,
+  hexToBytes,
   asciiToHex,
   createIdentityImg,
   decodeCallData,
diff --git a/js/src/views/Signer/components/SignRequest/signRequest.js b/js/src/views/Signer/components/SignRequest/signRequest.js
index 705b89965..2f97f140f 100644
--- a/js/src/views/Signer/components/SignRequest/signRequest.js
+++ b/js/src/views/Signer/components/SignRequest/signRequest.js
@@ -18,6 +18,7 @@ import { observer } from 'mobx-react';
 import React, { Component, PropTypes } from 'react';
 import { FormattedMessage } from 'react-intl';
 import { connect } from 'react-redux';
+import ReactTooltip from 'react-tooltip';
 
 import HardwareStore from '~/mobx/hardwareStore';
 
@@ -70,6 +71,10 @@ class SignRequest extends Component {
     }
   };
 
+  state = {
+    hashToSign: null
+  };
+
   hardwareStore = HardwareStore.get(this.context.api);
 
   componentWillMount () {
@@ -78,6 +83,25 @@ class SignRequest extends Component {
     signerStore.fetchBalance(address);
   }
 
+  componentDidMount () {
+    this.computeHashToSign(this.props.data);
+  }
+
+  componentWillReceiveProps (nextProps) {
+    if (this.props.data !== nextProps.data) {
+      this.computeHashToSign(nextProps.data);
+    }
+  }
+
+  computeHashToSign (data) {
+    const { sha3, hexToBytes, asciiToHex } = this.context.api.util;
+    const bytes = hexToBytes(data);
+    const message = hexToBytes(asciiToHex(`\x19Ethereum Signed Message:\n${bytes.length}`));
+    const hashToSign = sha3(message.concat(bytes));
+
+    this.setState({ hashToSign });
+  }
+
   render () {
     const { className } = this.props;
 
@@ -113,6 +137,7 @@ class SignRequest extends Component {
   renderDetails () {
     const { api } = this.context;
     const { address, data, netVersion, origin, signerStore } = this.props;
+    const { hashToSign } = this.state;
     const { balances, externalLink } = signerStore;
 
     const balance = balances[address];
@@ -121,6 +146,20 @@ class SignRequest extends Component {
       return <div />;
     }
 
+    const tooltip = [
+      <FormattedMessage
+        id='signer.signRequest.tooltip.hash'
+        defaultMessage='Hash to be signed: {hashToSign}'
+        values={ { hashToSign } }
+      />,
+      <br />,
+      <FormattedMessage
+        id='signer.signRequest.tooltip.data'
+        defaultMessage='Data: {data}'
+        values={ { data } }
+      />
+    ];
+
     return (
       <div className={ styles.signDetails }>
         <div className={ styles.address }>
@@ -133,7 +172,16 @@ class SignRequest extends Component {
           />
           <RequestOrigin origin={ origin } />
         </div>
-        <div className={ styles.info } title={ api.util.sha3(data) }>
+        <ReactTooltip id={ `signRequest-${hashToSign}` }>
+          { tooltip }
+        </ReactTooltip>
+        <div
+          className={ styles.info }
+          data-effect='solid'
+          data-for={ `signRequest-${hashToSign}` }
+          data-place='top'
+          data-tip
+        >
           <p>
             <FormattedMessage
               id='signer.signRequest.request'
diff --git a/js/src/views/Signer/components/SignRequest/signRequest.spec.js b/js/src/views/Signer/components/SignRequest/signRequest.spec.js
index f5bd4f9b2..7cc61601b 100644
--- a/js/src/views/Signer/components/SignRequest/signRequest.spec.js
+++ b/js/src/views/Signer/components/SignRequest/signRequest.spec.js
@@ -53,7 +53,14 @@ function render () {
     <SignRequest signerStore={ signerStore } />,
     {
       context: {
-        store: reduxStore
+        store: reduxStore,
+        api: {
+          util: {
+            sha3: (x) => x,
+            hexToBytes: (x) => x,
+            asciiToHex: (x) => x
+          }
+        }
       }
     }
   ).find('SignRequest').shallow();
@@ -61,7 +68,7 @@ function render () {
   return component;
 }
 
-describe('views/Signer/components/SignRequest', () => {
+describe.only('views/Signer/components/SignRequest', () => {
   beforeEach(() => {
     render();
   });

From 10068cee72a068b220002358914de962f34fd072 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Sun, 13 Aug 2017 17:41:50 +0200
Subject: [PATCH 060/112] Extension fixes (#6284)

* Fix token symbols in extension.

* Allow connections from firefox extension.
---
 js/src/embed.js         | 11 ++++++++---
 parity/cli/mod.rs       |  2 +-
 parity/configuration.rs |  2 +-
 parity/rpc.rs           |  2 +-
 4 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/js/src/embed.js b/js/src/embed.js
index 5e8bf7ffe..0413fb466 100644
--- a/js/src/embed.js
+++ b/js/src/embed.js
@@ -64,14 +64,19 @@ class FakeTransport {
 
 class FrameSecureApi extends SecureApi {
   constructor (transport) {
-    super(transport.uiUrl, null, () => {
-      return transport;
-    });
+    super(
+      transport.uiUrl,
+      null,
+      () => transport,
+      () => 'http:'
+    );
   }
 
   connect () {
     // Do nothing - this API does not need connecting
     this.emit('connecting');
+    // Fetch settings
+    this._fetchSettings();
     // Fire connected event with some delay.
     setTimeout(() => {
       this.emit('connected');
diff --git a/parity/cli/mod.rs b/parity/cli/mod.rs
index b978918ce..852319381 100644
--- a/parity/cli/mod.rs
+++ b/parity/cli/mod.rs
@@ -195,7 +195,7 @@ usage! {
 			or |c: &Config| otry!(c.websockets).interface.clone(),
 		flag_ws_apis: String = "web3,eth,pubsub,net,parity,parity_pubsub,traces,rpc,secretstore,shh,shh_pubsub",
 			or |c: &Config| otry!(c.websockets).apis.as_ref().map(|vec| vec.join(",")),
-		flag_ws_origins: String = "chrome-extension://*",
+		flag_ws_origins: String = "chrome-extension://*,moz-extension://*",
 			or |c: &Config| otry!(c.websockets).origins.as_ref().map(|vec| vec.join(",")),
 		flag_ws_hosts: String = "none",
 			or |c: &Config| otry!(c.websockets).hosts.as_ref().map(|vec| vec.join(",")),
diff --git a/parity/configuration.rs b/parity/configuration.rs
index fda91e231..1fb4e00c6 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -1301,7 +1301,7 @@ mod tests {
 			interface: "127.0.0.1".into(),
 			port: 8546,
 			apis: ApiSet::UnsafeContext,
-			origins: Some(vec!["chrome-extension://*".into()]),
+			origins: Some(vec!["chrome-extension://*".into(), "moz-extension://*".into()]),
 			hosts: Some(vec![]),
 			signer_path: expected.into(),
 			ui_address: Some(("127.0.0.1".to_owned(), 8180)),
diff --git a/parity/rpc.rs b/parity/rpc.rs
index 9173e7b2f..2c80cddc5 100644
--- a/parity/rpc.rs
+++ b/parity/rpc.rs
@@ -163,7 +163,7 @@ impl Default for WsConfiguration {
 			interface: "127.0.0.1".into(),
 			port: 8546,
 			apis: ApiSet::UnsafeContext,
-			origins: Some(vec!["chrome-extension://*".into()]),
+			origins: Some(vec!["chrome-extension://*".into(), "moz-extension://*".into()]),
 			hosts: Some(Vec::new()),
 			signer_path: replace_home(&data_dir, "$BASE/signer").into(),
 			support_token_api: true,

From d11500659722a776e74cc593acd3ab83fc1ceb15 Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Sun, 13 Aug 2017 18:48:32 +0000
Subject: [PATCH 061/112] [ci skip] js-precompiled 20170813-184308

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index d4209ea5d..c930b8ff9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2053,7 +2053,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#0768c834921c5ef52136337953eb3cd058d95850"
+source = "git+https://github.com/paritytech/js-precompiled.git#04b109bd8485b26d0f8ef8df6afab69d8fe4878b"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index 380f48073..233aa011c 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.13",
+  "version": "1.8.14",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index a01a6d38b..bb31726d5 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.13",
+  "version": "1.8.14",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From 4ab607d4de3f4ee6a67f26994a63dbbf0c68ce98 Mon Sep 17 00:00:00 2001
From: Nikolay Volf <nikvolf@gmail.com>
Date: Mon, 14 Aug 2017 12:33:52 +0300
Subject: [PATCH 062/112] wasm-std refactoring (#6278)

---
 ethcore/res/wasm-tests    |  2 +-
 ethcore/wasm/src/env.rs   | 51 ++-------------------------------------
 ethcore/wasm/src/tests.rs | 30 +++++++++++------------
 3 files changed, 18 insertions(+), 65 deletions(-)

diff --git a/ethcore/res/wasm-tests b/ethcore/res/wasm-tests
index 18dad7912..330f748b1 160000
--- a/ethcore/res/wasm-tests
+++ b/ethcore/res/wasm-tests
@@ -1 +1 @@
-Subproject commit 18dad7912cf42937ff725ffd944d01ff7ca1cce7
+Subproject commit 330f748b1eece451f460224b48d515489dd86f5c
diff --git a/ethcore/wasm/src/env.rs b/ethcore/wasm/src/env.rs
index cb7462046..7a21ca70d 100644
--- a/ethcore/wasm/src/env.rs
+++ b/ethcore/wasm/src/env.rs
@@ -81,63 +81,16 @@ pub const SIGNATURES: &'static [UserFunctionDescriptor] = &[
 		&[I32],
 		None,
 	),
-	Static(
-		"_abort",
-		&[],
-		None,
-	),
-	Static(
-		"abortOnCannotGrowMemory",
-		&[I32; 0],
-		Some(I32)
-	),
-
-	/*
-		THIS IS EXPERIMENTAL RUST-ONLY RUNTIME EXTERNS, THEY ARE SUBJECT TO CHANGE
-
-		AVOID YOUR WASM CONTAINS ANY OF THESE OTHERWISE
-			EITHER FACE THE NEED OF HARDFORK
-			OR YOU CAN STUCK ON SPECIFIC RUST VERSION FOR WASM COMPILATION
-	*/
-
-	Static(
-		"_rust_begin_unwind",
-		&[I32; 4],
-		None,
-	),
 	Static(
 		"_emscripten_memcpy_big",
 		&[I32; 3],
 		Some(I32),
 	),
-	Static(
-		"___syscall6",
-		&[I32; 2],
-		Some(I32),
-	),
-	Static(
-		"___syscall140",
-		&[I32; 2],
-		Some(I32)
-	),
-	Static(
-		"___syscall146",
-		&[I32; 2],
-		Some(I32)
-	),
-	Static(
-		"___syscall54",
-		&[I32; 2],
-		Some(I32)
-	),
+
+	// TODO: Get rid of it also somehow?
 	Static(
 		"_llvm_trap",
 		&[I32; 0],
 		None
 	),
-	Static(
-		"___setErrNo",
-		&[I32; 1],
-		None
-	),
 ];
diff --git a/ethcore/wasm/src/tests.rs b/ethcore/wasm/src/tests.rs
index 401b4db09..207c9910c 100644
--- a/ethcore/wasm/src/tests.rs
+++ b/ethcore/wasm/src/tests.rs
@@ -57,7 +57,7 @@ fn empty() {
 		test_finalize(interpreter.exec(params, &mut ext)).unwrap()
 	};
 
-	assert_eq!(gas_left, U256::from(99_996));
+	assert_eq!(gas_left, U256::from(99_992));
 }
 
 // This test checks if the contract deserializes payload header properly.
@@ -85,7 +85,7 @@ fn logger() {
 	};
 
 	println!("ext.store: {:?}", ext.store);
-	assert_eq!(gas_left, U256::from(99590));
+	assert_eq!(gas_left, U256::from(99327));
 	let address_val: H256 = address.into();
 	assert_eq!(
 		ext.store.get(&"0100000000000000000000000000000000000000000000000000000000000000".parse().unwrap()).expect("storage key to exist"),
@@ -136,7 +136,7 @@ fn identity() {
 		}
 	};
 
-	assert_eq!(gas_left, U256::from(99_687));
+	assert_eq!(gas_left, U256::from(99_672));
 
 	assert_eq!(
 		Address::from_slice(&result),
@@ -170,7 +170,7 @@ fn dispersion() {
 		}
 	};
 
-	assert_eq!(gas_left, U256::from(99_423));
+	assert_eq!(gas_left, U256::from(99_270));
 
 	assert_eq!(
 		result,
@@ -199,7 +199,7 @@ fn suicide_not() {
 		}
 	};
 
-	assert_eq!(gas_left, U256::from(99_656));
+	assert_eq!(gas_left, U256::from(99_578));
 
 	assert_eq!(
 		result,
@@ -233,7 +233,7 @@ fn suicide() {
 		}
 	};
 
-	assert_eq!(gas_left, U256::from(99_740));
+	assert_eq!(gas_left, U256::from(99_621));
 	assert!(ext.suicides.contains(&refund));
 }
 
@@ -264,7 +264,7 @@ fn create() {
 	assert!(ext.calls.contains(
 		&FakeCall {
 			call_type: FakeCallType::Create,
-			gas: U256::from(99_767),
+			gas: U256::from(99_674),
 			sender_address: None,
 			receive_address: None,
 			value: Some(1_000_000_000.into()),
@@ -272,7 +272,7 @@ fn create() {
 			code_address: None,
 		}
 	));
-	assert_eq!(gas_left, U256::from(99_759));
+	assert_eq!(gas_left, U256::from(99_596));
 }
 
 
@@ -306,7 +306,7 @@ fn call_code() {
 	assert!(ext.calls.contains(
 		&FakeCall {
 			call_type: FakeCallType::Call,
-			gas: U256::from(99_061),
+			gas: U256::from(99_069),
 			sender_address: Some(sender),
 			receive_address: Some(receiver),
 			value: None,
@@ -314,7 +314,7 @@ fn call_code() {
 			code_address: Some("0d13710000000000000000000000000000000000".parse().unwrap()),
 		}
 	));
-	assert_eq!(gas_left, U256::from(94196));
+	assert_eq!(gas_left, U256::from(94144));
 
 	// siphash result
 	let res = LittleEndian::read_u32(&result[..]);
@@ -351,7 +351,7 @@ fn call_static() {
 	assert!(ext.calls.contains(
 		&FakeCall {
 			call_type: FakeCallType::Call,
-			gas: U256::from(99_061),
+			gas: U256::from(99_069),
 			sender_address: Some(sender),
 			receive_address: Some(receiver),
 			value: None,
@@ -359,7 +359,7 @@ fn call_static() {
 			code_address: Some("13077bfb00000000000000000000000000000000".parse().unwrap()),
 		}
 	));
-	assert_eq!(gas_left, U256::from(94196));
+	assert_eq!(gas_left, U256::from(94144));
 
 	// siphash result
 	let res = LittleEndian::read_u32(&result[..]);
@@ -385,7 +385,7 @@ fn realloc() {
 				GasLeft::NeedsReturn { gas_left: gas, data: result, apply_state: _apply } => (gas, result.to_vec()),
 		}
 	};
-	assert_eq!(gas_left, U256::from(98326));
+	assert_eq!(gas_left, U256::from(99432));
 	assert_eq!(result, vec![0u8; 2]);
 }
 
@@ -395,7 +395,7 @@ fn realloc() {
 fn storage_read() {
 	let code = load_sample!("storage_read.wasm");
 	let address: Address = "0f572e5295c57f15886f9b263e2f6d2d6c7b5ec6".parse().unwrap();
-	
+
 	let mut params = ActionParams::default();
 	params.gas = U256::from(100_000);
 	params.code = Some(Arc::new(code));
@@ -411,6 +411,6 @@ fn storage_read() {
 		}
 	};
 
-	assert_eq!(gas_left, U256::from(99752));
+	assert_eq!(gas_left, U256::from(99682));
 	assert_eq!(Address::from(&result[12..32]), address);
 }

From b9c1d0bd182af844cf0432df4f7fbf208da4496e Mon Sep 17 00:00:00 2001
From: Marek Kotewicz <marek.kotewicz@gmail.com>
Date: Mon, 14 Aug 2017 13:47:53 +0200
Subject: [PATCH 063/112] rust-toolchain file on master (#6266)

---
 rust-toolchain | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 rust-toolchain

diff --git a/rust-toolchain b/rust-toolchain
new file mode 100644
index 000000000..2bf5ad044
--- /dev/null
+++ b/rust-toolchain
@@ -0,0 +1 @@
+stable

From 60f6a3fed3dd2e41657ab658eda8140bc78a9790 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Mon, 14 Aug 2017 16:59:46 +0200
Subject: [PATCH 064/112] Increase default gas limit for eth_call.

---
 rpc/src/v1/helpers/fake_sign.rs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/rpc/src/v1/helpers/fake_sign.rs b/rpc/src/v1/helpers/fake_sign.rs
index 21cb0cfe1..e5d2c905d 100644
--- a/rpc/src/v1/helpers/fake_sign.rs
+++ b/rpc/src/v1/helpers/fake_sign.rs
@@ -18,6 +18,7 @@ use std::sync::Arc;
 use ethcore::client::MiningBlockChainClient;
 use ethcore::miner::MinerService;
 use ethcore::transaction::{Transaction, SignedTransaction, Action};
+use util::U256;
 
 use jsonrpc_core::Error;
 use v1::helpers::CallRequest;
@@ -33,7 +34,7 @@ pub fn sign_call<B: MiningBlockChainClient, M: MinerService>(
 	Ok(Transaction {
 		nonce: request.nonce.unwrap_or_else(|| client.latest_nonce(&from)),
 		action: request.to.map_or(Action::Create, Action::Call),
-		gas: request.gas.unwrap_or(50_000_000.into()),
+		gas: request.gas.unwrap_or(U256::max_value()),
 		gas_price: request.gas_price.unwrap_or_else(|| default_gas_price(&**client, &**miner)),
 		value: request.value.unwrap_or(0.into()),
 		data: request.data.unwrap_or_default(),

From a34bea1dad472728184e1a7a68749fd2d8b1ac54 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Tue, 15 Aug 2017 10:07:00 +0200
Subject: [PATCH 065/112] Fix balance increase.

---
 ethcore/src/client/client.rs    | 17 +++--------------
 ethcore/src/executive.rs        |  2 +-
 rpc/src/v1/helpers/fake_sign.rs |  1 +
 3 files changed, 5 insertions(+), 15 deletions(-)

diff --git a/ethcore/src/client/client.rs b/ethcore/src/client/client.rs
index 7141c7bdb..fdd201e68 100644
--- a/ethcore/src/client/client.rs
+++ b/ethcore/src/client/client.rs
@@ -1112,20 +1112,9 @@ impl Client {
 		}.fake_sign(from)
 	}
 
-	fn do_call(&self, env_info: &EnvInfo, state: &mut State<StateDB>, increase_balance: bool, t: &SignedTransaction, analytics: CallAnalytics) -> Result<Executed, CallError> {
+	fn do_call(&self, env_info: &EnvInfo, state: &mut State<StateDB>, t: &SignedTransaction, analytics: CallAnalytics) -> Result<Executed, CallError> {
 		let original_state = if analytics.state_diffing { Some(state.clone()) } else { None };
 
-		// give the sender a sufficient balance (if calling in pending block)
-		if increase_balance {
-			let sender = t.sender();
-			let balance = state.balance(&sender).map_err(ExecutionError::from)?;
-			let needed_balance = t.value + t.gas * t.gas_price;
-			if balance < needed_balance {
-				state.add_balance(&sender, &(needed_balance - balance), state::CleanupMode::NoEmpty)
-					.map_err(ExecutionError::from)?;
-			}
-		}
-
 		let options = TransactOptions { tracing: analytics.transaction_tracing, vm_tracing: analytics.vm_tracing, check_nonce: false };
 		let mut ret = Executive::new(state, env_info, &*self.engine).transact_virtual(t, options)?;
 
@@ -1167,7 +1156,7 @@ impl BlockChainClient for Client {
 		// that's just a copy of the state.
 		let mut state = self.state_at(block).ok_or(CallError::StatePruned)?;
 
-		self.do_call(&env_info, &mut state, block == BlockId::Pending, transaction, analytics)
+		self.do_call(&env_info, &mut state, transaction, analytics)
 	}
 
 	fn call_many(&self, transactions: &[(SignedTransaction, CallAnalytics)], block: BlockId) -> Result<Vec<Executed>, CallError> {
@@ -1179,7 +1168,7 @@ impl BlockChainClient for Client {
 		let mut results = Vec::with_capacity(transactions.len());
 
 		for &(ref t, analytics) in transactions {
-			let ret = self.do_call(&env_info, &mut state, block == BlockId::Pending, t, analytics)?;
+			let ret = self.do_call(&env_info, &mut state, t, analytics)?;
 			env_info.gas_used = ret.cumulative_gas_used;
 			results.push(ret);
 		}
diff --git a/ethcore/src/executive.rs b/ethcore/src/executive.rs
index bd7cf28c1..8f2fb06f2 100644
--- a/ethcore/src/executive.rs
+++ b/ethcore/src/executive.rs
@@ -157,7 +157,7 @@ impl<'a, B: 'a + StateBackend, E: Engine + ?Sized> Executive<'a, B, E> {
 	pub fn transact_virtual(&'a mut self, t: &SignedTransaction, options: TransactOptions) -> Result<Executed, ExecutionError> {
 		let sender = t.sender();
 		let balance = self.state.balance(&sender)?;
-		let needed_balance = t.value + t.gas * t.gas_price;
+		let needed_balance = t.value.saturating_add(t.gas.saturating_mul(t.gas_price));
 		if balance < needed_balance {
 			// give the sender a sufficient balance
 			self.state.add_balance(&sender, &(needed_balance - balance), CleanupMode::NoEmpty)?;
diff --git a/rpc/src/v1/helpers/fake_sign.rs b/rpc/src/v1/helpers/fake_sign.rs
index e5d2c905d..b9be422c5 100644
--- a/rpc/src/v1/helpers/fake_sign.rs
+++ b/rpc/src/v1/helpers/fake_sign.rs
@@ -34,6 +34,7 @@ pub fn sign_call<B: MiningBlockChainClient, M: MinerService>(
 	Ok(Transaction {
 		nonce: request.nonce.unwrap_or_else(|| client.latest_nonce(&from)),
 		action: request.to.map_or(Action::Create, Action::Call),
+		// gas: request.gas.unwrap_or(U256::one() << 100),
 		gas: request.gas.unwrap_or(U256::max_value()),
 		gas_price: request.gas_price.unwrap_or_else(|| default_gas_price(&**client, &**miner)),
 		value: request.value.unwrap_or(0.into()),

From 5ff771b125f47709724fbbed4d18bb17491c98e9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Tue, 15 Aug 2017 10:23:28 +0200
Subject: [PATCH 066/112] Cap gas limit for dapp-originating requests.

---
 rpc/src/v1/helpers/fake_sign.rs   | 12 ++++++++++--
 rpc/src/v1/impls/eth.rs           |  8 ++++----
 rpc/src/v1/impls/light/eth.rs     |  4 ++--
 rpc/src/v1/impls/light/parity.rs  |  2 +-
 rpc/src/v1/impls/light/trace.rs   | 12 ++++++++----
 rpc/src/v1/impls/parity.rs        |  4 ++--
 rpc/src/v1/impls/traces.rs        | 30 +++++++++++++++++++-----------
 rpc/src/v1/metadata.rs            |  9 +++++++++
 rpc/src/v1/tests/mocked/traces.rs |  6 +++---
 rpc/src/v1/traits/eth.rs          |  8 ++++----
 rpc/src/v1/traits/parity.rs       |  4 ++--
 rpc/src/v1/traits/traces.rs       | 11 +++++++----
 12 files changed, 71 insertions(+), 39 deletions(-)

diff --git a/rpc/src/v1/helpers/fake_sign.rs b/rpc/src/v1/helpers/fake_sign.rs
index b9be422c5..c5b95f6a4 100644
--- a/rpc/src/v1/helpers/fake_sign.rs
+++ b/rpc/src/v1/helpers/fake_sign.rs
@@ -28,14 +28,22 @@ pub fn sign_call<B: MiningBlockChainClient, M: MinerService>(
 	client: &Arc<B>,
 	miner: &Arc<M>,
 	request: CallRequest,
+	gas_cap: bool,
 ) -> Result<SignedTransaction, Error> {
 	let from = request.from.unwrap_or(0.into());
+	let mut gas = request.gas.unwrap_or(U256::max_value());
+	if gas_cap {
+		let max_gas = 50_000_000.into();
+		if gas > max_gas {
+			warn!("Gas limit capped to {} (from {})", max_gas, gas);
+			gas = max_gas
+		}
+	}
 
 	Ok(Transaction {
 		nonce: request.nonce.unwrap_or_else(|| client.latest_nonce(&from)),
 		action: request.to.map_or(Action::Create, Action::Call),
-		// gas: request.gas.unwrap_or(U256::one() << 100),
-		gas: request.gas.unwrap_or(U256::max_value()),
+		gas,
 		gas_price: request.gas_price.unwrap_or_else(|| default_gas_price(&**client, &**miner)),
 		value: request.value.unwrap_or(0.into()),
 		data: request.data.unwrap_or_default(),
diff --git a/rpc/src/v1/impls/eth.rs b/rpc/src/v1/impls/eth.rs
index 7c656c752..0cf70bf23 100644
--- a/rpc/src/v1/impls/eth.rs
+++ b/rpc/src/v1/impls/eth.rs
@@ -612,9 +612,9 @@ impl<C, SN: ?Sized, S: ?Sized, M, EM> Eth for EthClient<C, SN, S, M, EM> where
 		self.send_raw_transaction(raw)
 	}
 
-	fn call(&self, request: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<Bytes, Error> {
+	fn call(&self, meta: Self::Metadata, request: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<Bytes, Error> {
 		let request = CallRequest::into(request);
-		let signed = match fake_sign::sign_call(&self.client, &self.miner, request) {
+		let signed = match fake_sign::sign_call(&self.client, &self.miner, request, meta.is_dapp()) {
 			Ok(signed) => signed,
 			Err(e) => return future::err(e).boxed(),
 		};
@@ -628,9 +628,9 @@ impl<C, SN: ?Sized, S: ?Sized, M, EM> Eth for EthClient<C, SN, S, M, EM> where
 		).boxed()
 	}
 
-	fn estimate_gas(&self, request: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<RpcU256, Error> {
+	fn estimate_gas(&self, meta: Self::Metadata, request: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<RpcU256, Error> {
 		let request = CallRequest::into(request);
-		let signed = match fake_sign::sign_call(&self.client, &self.miner, request) {
+		let signed = match fake_sign::sign_call(&self.client, &self.miner, request, meta.is_dapp()) {
 			Ok(signed) => signed,
 			Err(e) => return future::err(e).boxed(),
 		};
diff --git a/rpc/src/v1/impls/light/eth.rs b/rpc/src/v1/impls/light/eth.rs
index fd03f1226..d33b5a06f 100644
--- a/rpc/src/v1/impls/light/eth.rs
+++ b/rpc/src/v1/impls/light/eth.rs
@@ -383,7 +383,7 @@ impl Eth for EthClient {
 		self.send_raw_transaction(raw)
 	}
 
-	fn call(&self, req: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<Bytes, Error> {
+	fn call(&self, _meta: Self::Metadata, req: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<Bytes, Error> {
 		self.fetcher().proved_execution(req, num).and_then(|res| {
 			match res {
 				Ok(exec) => Ok(exec.output.into()),
@@ -392,7 +392,7 @@ impl Eth for EthClient {
 		}).boxed()
 	}
 
-	fn estimate_gas(&self, req: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<RpcU256, Error> {
+	fn estimate_gas(&self, _meta: Self::Metadata, req: CallRequest, num: Trailing<BlockNumber>) -> BoxFuture<RpcU256, Error> {
 		// TODO: binary chop for more accurate estimates.
 		self.fetcher().proved_execution(req, num).and_then(|res| {
 			match res {
diff --git a/rpc/src/v1/impls/light/parity.rs b/rpc/src/v1/impls/light/parity.rs
index 62a7721fc..676e39b11 100644
--- a/rpc/src/v1/impls/light/parity.rs
+++ b/rpc/src/v1/impls/light/parity.rs
@@ -390,7 +390,7 @@ impl Parity for ParityClient {
 		ipfs::cid(content)
 	}
 
-	fn call(&self, _requests: Vec<CallRequest>, _block: Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error> {
+	fn call(&self, _meta: Self::Metadata, _requests: Vec<CallRequest>, _block: Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error> {
 		future::err(errors::light_unimplemented(None)).boxed()
 	}
 }
diff --git a/rpc/src/v1/impls/light/trace.rs b/rpc/src/v1/impls/light/trace.rs
index 81ed592c5..22360183d 100644
--- a/rpc/src/v1/impls/light/trace.rs
+++ b/rpc/src/v1/impls/light/trace.rs
@@ -17,7 +17,9 @@
 //! Traces api implementation.
 
 use jsonrpc_core::Error;
+use jsonrpc_core::futures::{future, Future, BoxFuture};
 use jsonrpc_macros::Trailing;
+use v1::Metadata;
 use v1::traits::Traces;
 use v1::helpers::errors;
 use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, TraceOptions, H256};
@@ -27,6 +29,8 @@ use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, By
 pub struct TracesClient;
 
 impl Traces for TracesClient {
+	type Metadata = Metadata;
+
 	fn filter(&self, _filter: TraceFilter) -> Result<Option<Vec<LocalizedTrace>>, Error> {
 		Err(errors::light_unimplemented(None))
 	}
@@ -43,12 +47,12 @@ impl Traces for TracesClient {
 		Err(errors::light_unimplemented(None))
 	}
 
-	fn call(&self, _request: CallRequest, _flags: TraceOptions, _block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
-		Err(errors::light_unimplemented(None))
+	fn call(&self, _meta: Self::Metadata, _request: CallRequest, _flags: TraceOptions, _block: Trailing<BlockNumber>) -> BoxFuture<TraceResults, Error> {
+		future::err(errors::light_unimplemented(None)).boxed()
 	}
 
-	fn call_many(&self, _request: Vec<(CallRequest, TraceOptions)>, _block: Trailing<BlockNumber>) -> Result<Vec<TraceResults>, Error> {
-		Err(errors::light_unimplemented(None))
+	fn call_many(&self, _meta: Self::Metadata, _request: Vec<(CallRequest, TraceOptions)>, _block: Trailing<BlockNumber>) -> BoxFuture<Vec<TraceResults>, Error> {
+		future::err(errors::light_unimplemented(None)).boxed()
 	}
 
 	fn raw_transaction(&self, _raw_transaction: Bytes, _flags: TraceOptions, _block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
diff --git a/rpc/src/v1/impls/parity.rs b/rpc/src/v1/impls/parity.rs
index d855d7e17..fb82c5205 100644
--- a/rpc/src/v1/impls/parity.rs
+++ b/rpc/src/v1/impls/parity.rs
@@ -411,11 +411,11 @@ impl<C, M, S: ?Sized, U> Parity for ParityClient<C, M, S, U> where
 		ipfs::cid(content)
 	}
 
-	fn call(&self, requests: Vec<CallRequest>, block: Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error> {
+	fn call(&self, meta: Self::Metadata, requests: Vec<CallRequest>, block: Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error> {
 		let requests: Result<Vec<(SignedTransaction, _)>, Error> = requests
 			.into_iter()
 			.map(|request| Ok((
-				fake_sign::sign_call(&self.client, &self.miner, request.into())?,
+				fake_sign::sign_call(&self.client, &self.miner, request.into(), meta.is_dapp())?,
 				Default::default()
 			)))
 			.collect();
diff --git a/rpc/src/v1/impls/traces.rs b/rpc/src/v1/impls/traces.rs
index 31a0e889e..9ed2c39a4 100644
--- a/rpc/src/v1/impls/traces.rs
+++ b/rpc/src/v1/impls/traces.rs
@@ -18,13 +18,15 @@
 
 use std::sync::Arc;
 
-use rlp::UntrustedRlp;
 use ethcore::client::{MiningBlockChainClient, CallAnalytics, TransactionId, TraceId};
 use ethcore::miner::MinerService;
 use ethcore::transaction::SignedTransaction;
+use rlp::UntrustedRlp;
 
 use jsonrpc_core::Error;
+use jsonrpc_core::futures::{self, Future, BoxFuture};
 use jsonrpc_macros::Trailing;
+use v1::Metadata;
 use v1::traits::Traces;
 use v1::helpers::{errors, fake_sign};
 use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, TraceOptions, H256};
@@ -54,6 +56,8 @@ impl<C, M> TracesClient<C, M> {
 }
 
 impl<C, M> Traces for TracesClient<C, M> where C: MiningBlockChainClient + 'static, M: MinerService + 'static {
+	type Metadata = Metadata;
+
 	fn filter(&self, filter: TraceFilter) -> Result<Option<Vec<LocalizedTrace>>, Error> {
 		Ok(self.client.filter_traces(filter.into())
 			.map(|traces| traces.into_iter().map(LocalizedTrace::from).collect()))
@@ -79,31 +83,35 @@ impl<C, M> Traces for TracesClient<C, M> where C: MiningBlockChainClient + 'stat
 			.map(LocalizedTrace::from))
 	}
 
-	fn call(&self, request: CallRequest, flags: TraceOptions, block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
+	fn call(&self, meta: Self::Metadata, request: CallRequest, flags: TraceOptions, block: Trailing<BlockNumber>) -> BoxFuture<TraceResults, Error> {
 		let block = block.unwrap_or_default();
 
 		let request = CallRequest::into(request);
-		let signed = fake_sign::sign_call(&self.client, &self.miner, request)?;
+		let signed = try_bf!(fake_sign::sign_call(&self.client, &self.miner, request, meta.is_dapp()));
 
-		self.client.call(&signed, to_call_analytics(flags), block.into())
+		let res = self.client.call(&signed, to_call_analytics(flags), block.into())
 			.map(TraceResults::from)
-			.map_err(errors::call)
+			.map_err(errors::call);
+
+		futures::done(res).boxed()
 	}
 
-	fn call_many(&self, requests: Vec<(CallRequest, TraceOptions)>, block: Trailing<BlockNumber>) -> Result<Vec<TraceResults>, Error> {
+	fn call_many(&self, meta: Self::Metadata, requests: Vec<(CallRequest, TraceOptions)>, block: Trailing<BlockNumber>) -> BoxFuture<Vec<TraceResults>, Error> {
 		let block = block.unwrap_or_default();
 
-		let requests = requests.into_iter()
+		let requests = try_bf!(requests.into_iter()
 			.map(|(request, flags)| {
 				let request = CallRequest::into(request);
-				let signed = fake_sign::sign_call(&self.client, &self.miner, request)?;
+				let signed = fake_sign::sign_call(&self.client, &self.miner, request, meta.is_dapp())?;
 				Ok((signed, to_call_analytics(flags)))
 			})
-			.collect::<Result<Vec<_>, _>>()?;
+			.collect::<Result<Vec<_>, Error>>());
 
-		self.client.call_many(&requests, block.into())
+		let res = self.client.call_many(&requests, block.into())
 			.map(|results| results.into_iter().map(TraceResults::from).collect())
-			.map_err(errors::call)
+			.map_err(errors::call);
+
+		futures::done(res).boxed()
 	}
 
 	fn raw_transaction(&self, raw_transaction: Bytes, flags: TraceOptions, block: Trailing<BlockNumber>) -> Result<TraceResults, Error> {
diff --git a/rpc/src/v1/metadata.rs b/rpc/src/v1/metadata.rs
index b65003ad8..f0644d455 100644
--- a/rpc/src/v1/metadata.rs
+++ b/rpc/src/v1/metadata.rs
@@ -42,6 +42,15 @@ impl Metadata {
 			_ => DappId::default(),
 		}
 	}
+
+	/// Returns true if the request originates from a Dapp.
+	pub fn is_dapp(&self) -> bool {
+		if let Origin::Dapps(_) = self.origin {
+			true
+		} else {
+			false
+		}
+	}
 }
 
 impl jsonrpc_core::Metadata for Metadata {}
diff --git a/rpc/src/v1/tests/mocked/traces.rs b/rpc/src/v1/tests/mocked/traces.rs
index 50890648c..cd3ae3666 100644
--- a/rpc/src/v1/tests/mocked/traces.rs
+++ b/rpc/src/v1/tests/mocked/traces.rs
@@ -25,12 +25,12 @@ use vm::CallType;
 
 use jsonrpc_core::IoHandler;
 use v1::tests::helpers::{TestMinerService};
-use v1::{Traces, TracesClient};
+use v1::{Metadata, Traces, TracesClient};
 
 struct Tester {
 	client: Arc<TestBlockChainClient>,
 	_miner: Arc<TestMinerService>,
-	io: IoHandler,
+	io: IoHandler<Metadata>,
 }
 
 fn io() -> Tester {
@@ -67,7 +67,7 @@ fn io() -> Tester {
 	}));
 	let miner = Arc::new(TestMinerService::default());
 	let traces = TracesClient::new(&client, &miner);
-	let mut io = IoHandler::new();
+	let mut io = IoHandler::default();
 	io.extend_with(traces.to_delegate());
 
 	Tester {
diff --git a/rpc/src/v1/traits/eth.rs b/rpc/src/v1/traits/eth.rs
index 941263335..9e7ed9715 100644
--- a/rpc/src/v1/traits/eth.rs
+++ b/rpc/src/v1/traits/eth.rs
@@ -110,12 +110,12 @@ build_rpc_trait! {
 		fn submit_transaction(&self, Bytes) -> Result<H256, Error>;
 
 		/// Call contract, returning the output data.
-		#[rpc(async, name = "eth_call")]
-		fn call(&self, CallRequest, Trailing<BlockNumber>) -> BoxFuture<Bytes, Error>;
+		#[rpc(meta, name = "eth_call")]
+		fn call(&self, Self::Metadata, CallRequest, Trailing<BlockNumber>) -> BoxFuture<Bytes, Error>;
 
 		/// Estimate gas needed for execution of given contract.
-		#[rpc(async, name = "eth_estimateGas")]
-		fn estimate_gas(&self, CallRequest, Trailing<BlockNumber>) -> BoxFuture<U256, Error>;
+		#[rpc(meta, name = "eth_estimateGas")]
+		fn estimate_gas(&self, Self::Metadata, CallRequest, Trailing<BlockNumber>) -> BoxFuture<U256, Error>;
 
 		/// Get transaction by its hash.
 		#[rpc(name = "eth_getTransactionByHash")]
diff --git a/rpc/src/v1/traits/parity.rs b/rpc/src/v1/traits/parity.rs
index a0b1a6e99..c9ca522c1 100644
--- a/rpc/src/v1/traits/parity.rs
+++ b/rpc/src/v1/traits/parity.rs
@@ -205,7 +205,7 @@ build_rpc_trait! {
 		fn ipfs_cid(&self, Bytes) -> Result<String, Error>;
 
 		/// Call contract, returning the output data.
-		#[rpc(async, name = "parity_call")]
-		fn call(&self, Vec<CallRequest>, Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error>;
+		#[rpc(meta, name = "parity_call")]
+		fn call(&self, Self::Metadata, Vec<CallRequest>, Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error>;
 	}
 }
diff --git a/rpc/src/v1/traits/traces.rs b/rpc/src/v1/traits/traces.rs
index 568788af2..33bcb0afd 100644
--- a/rpc/src/v1/traits/traces.rs
+++ b/rpc/src/v1/traits/traces.rs
@@ -17,12 +17,15 @@
 //! Traces specific rpc interface.
 
 use jsonrpc_core::Error;
+use jsonrpc_core::futures::BoxFuture;
 use jsonrpc_macros::Trailing;
 use v1::types::{TraceFilter, LocalizedTrace, BlockNumber, Index, CallRequest, Bytes, TraceResults, H256, TraceOptions};
 
 build_rpc_trait! {
 	/// Traces specific rpc interface.
 	pub trait Traces {
+		type Metadata;
+
 		/// Returns traces matching given filter.
 		#[rpc(name = "trace_filter")]
 		fn filter(&self, TraceFilter) -> Result<Option<Vec<LocalizedTrace>>, Error>;
@@ -40,12 +43,12 @@ build_rpc_trait! {
 		fn block_traces(&self, BlockNumber) -> Result<Option<Vec<LocalizedTrace>>, Error>;
 
 		/// Executes the given call and returns a number of possible traces for it.
-		#[rpc(name = "trace_call")]
-		fn call(&self, CallRequest, TraceOptions, Trailing<BlockNumber>) -> Result<TraceResults, Error>;
+		#[rpc(meta, name = "trace_call")]
+		fn call(&self, Self::Metadata, CallRequest, TraceOptions, Trailing<BlockNumber>) -> BoxFuture<TraceResults, Error>;
 
 		/// Executes all given calls and returns a number of possible traces for each of it.
-		#[rpc(name = "trace_callMany")]
-		fn call_many(&self, Vec<(CallRequest, TraceOptions)>, Trailing<BlockNumber>) -> Result<Vec<TraceResults>, Error>;
+		#[rpc(meta, name = "trace_callMany")]
+		fn call_many(&self, Self::Metadata, Vec<(CallRequest, TraceOptions)>, Trailing<BlockNumber>) -> BoxFuture<Vec<TraceResults>, Error>;
 
 		/// Executes the given raw transaction and returns a number of possible traces for it.
 		#[rpc(name = "trace_rawTransaction")]

From 67a07adb0b4d96c50f0abe487d01110e8cd6b27d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Tue, 15 Aug 2017 12:11:34 +0200
Subject: [PATCH 067/112] Add more descriptive error when signing/decrypting
 using hw wallet.

---
 rpc/src/v1/helpers/dispatch.rs | 8 ++++++++
 rpc/src/v1/helpers/errors.rs   | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/rpc/src/v1/helpers/dispatch.rs b/rpc/src/v1/helpers/dispatch.rs
index ddd238fd8..c72f1a890 100644
--- a/rpc/src/v1/helpers/dispatch.rs
+++ b/rpc/src/v1/helpers/dispatch.rs
@@ -512,6 +512,10 @@ pub fn execute<D: Dispatcher + 'static>(
 				).boxed()
 		},
 		ConfirmationPayload::EthSignMessage(address, data) => {
+			if accounts.is_hardware_address(address) {
+				return future::err(errors::unsupported("Signing via hardware wallets is not supported.", None)).boxed();
+			}
+
 			let hash = eth_data_hash(data);
 			let res = signature(&accounts, address, hash, pass)
 				.map(|result| result
@@ -522,6 +526,10 @@ pub fn execute<D: Dispatcher + 'static>(
 			future::done(res).boxed()
 		},
 		ConfirmationPayload::Decrypt(address, data) => {
+			if accounts.is_hardware_address(address) {
+				return future::err(errors::unsupported("Decrypting via hardware wallets is not supported.", None)).boxed();
+			}
+
 			let res = decrypt(&accounts, address, data, pass)
 				.map(|result| result
 					.map(RpcBytes)
diff --git a/rpc/src/v1/helpers/errors.rs b/rpc/src/v1/helpers/errors.rs
index 9be54991f..4c4af6f97 100644
--- a/rpc/src/v1/helpers/errors.rs
+++ b/rpc/src/v1/helpers/errors.rs
@@ -71,6 +71,14 @@ pub fn public_unsupported(details: Option<String>) -> Error {
 	}
 }
 
+pub fn unsupported<T: Into<String>>(msg: T, details: Option<T>) -> Error {
+	Error {
+		code: ErrorCode::ServerError(codes::UNSUPPORTED_REQUEST),
+		message: msg.into(),
+		data: details.map(Into::into).map(Value::String),
+	}
+}
+
 pub fn request_not_found() -> Error {
 	Error {
 		code: ErrorCode::ServerError(codes::REQUEST_NOT_FOUND),

From a02db13278eb831adf8bcb32aa95fa8658733e51 Mon Sep 17 00:00:00 2001
From: Svyatoslav Nikolsky <svyatonik@gmail.com>
Date: Wed, 16 Aug 2017 09:40:00 +0300
Subject: [PATCH 068/112] moved attributes under docs

---
 secret_store/src/acl_storage.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/secret_store/src/acl_storage.rs b/secret_store/src/acl_storage.rs
index 0a3ee9276..5b8284c6f 100644
--- a/secret_store/src/acl_storage.rs
+++ b/secret_store/src/acl_storage.rs
@@ -48,8 +48,8 @@ struct CachedContract {
 	contract: Option<SecretStoreAclStorage>,
 }
 
-#[derive(Default, Debug)]
 /// Dummy ACL storage implementation (check always passed).
+#[derive(Default, Debug)]
 pub struct DummyAclStorage {
 	prohibited: RwLock<HashMap<Public, HashSet<ServerKeyId>>>,
 }
@@ -121,8 +121,8 @@ impl CachedContract {
 }
 
 impl DummyAclStorage {
+	/// Prohibit given requestor access to given documents
 	#[cfg(test)]
-	/// Prohibit given requestor access to given document
 	pub fn prohibit(&self, public: Public, document: ServerKeyId) {
 		self.prohibited.write()
 			.entry(public)

From febf774b4edade86ec49335a0c09636c1464bd51 Mon Sep 17 00:00:00 2001
From: Afri <5chdn@users.noreply.github.com>
Date: Wed, 16 Aug 2017 12:24:42 +0200
Subject: [PATCH 069/112] Master requires rust 1.19 (#6308)

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 16758bc27..24178edbe 100644
--- a/README.md
+++ b/README.md
@@ -41,7 +41,7 @@ Parity's current release is 1.7. You can download it at https://github.com/parit
 
 ## Build dependencies
 
-**Parity requires Rust version 1.18.0 to build**
+**Parity requires Rust version 1.19.0 to build**
 
 We recommend installing Rust through [rustup](https://www.rustup.rs/). If you don't already have rustup, you can install it like this:
 

From 697d17ae9bef737215efbba2bcf000bfd53328ee Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Thu, 17 Aug 2017 14:59:43 +0200
Subject: [PATCH 070/112] Optimized PlainHasher hashing

---
 util/benches/trie.rs    |  4 ++--
 util/bigint/src/hash.rs | 27 +++++++++++++++++++--------
 2 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/util/benches/trie.rs b/util/benches/trie.rs
index d526b97ac..e02077ad4 100644
--- a/util/benches/trie.rs
+++ b/util/benches/trie.rs
@@ -45,14 +45,14 @@ fn random_bytes(min_count: usize, diff_count: usize, seed: &mut H256) -> Vec<u8>
 	assert!(min_count + diff_count <= 32);
 	*seed = seed.sha3();
 	let r = min_count + (seed[31] as usize % (diff_count + 1));
-	seed[0..r].into_vec()
+	seed[0..r].to_vec()
 }
 
 fn random_value(seed: &mut H256) -> Bytes {
 	*seed = seed.sha3();
 	match seed[0] % 2 {
 		1 => vec![seed[31];1],
-		_ => seed.into_vec(),
+		_ => seed.to_vec(),
 	}
 }
 
diff --git a/util/bigint/src/hash.rs b/util/bigint/src/hash.rs
index ca6adf0e7..ddb9bc622 100644
--- a/util/bigint/src/hash.rs
+++ b/util/bigint/src/hash.rs
@@ -449,33 +449,44 @@ known_heap_size!(0, H32, H64, H128, H160, H256, H264, H512, H520, H1024, H2048);
 /// Hasher that just takes 8 bytes of the provided value.
 /// May only be used for keys which are 32 bytes.
 pub struct PlainHasher {
-	prefix: [u8; 8],
-	_marker: [u64; 0], // for alignment
+	prefix: u64,
 }
 
 impl Default for PlainHasher {
 	#[inline]
 	fn default() -> PlainHasher {
 		PlainHasher {
-			prefix: [0; 8],
-			_marker: [0; 0],
+			prefix: 0,
 		}
 	}
 }
 
+impl PlainHasher {
+	#[inline]
+	fn mut_prefix(&mut self) -> &mut [u8; 8] {
+		unsafe { ::std::mem::transmute(&mut self.prefix) }
+	}
+}
+
 impl Hasher for PlainHasher {
 	#[inline]
 	fn finish(&self) -> u64 {
-		unsafe { ::std::mem::transmute(self.prefix) }
+		self.prefix
 	}
 
 	#[inline]
 	fn write(&mut self, bytes: &[u8]) {
 		debug_assert!(bytes.len() == 32);
 
-		for quarter in bytes.chunks(8) {
-			for (x, y) in self.prefix.iter_mut().zip(quarter) {
-				*x ^= *y
+		unsafe {
+			let mut bytes_ptr = bytes.as_ptr();
+			let mut prefix_ptr = self.mut_prefix().as_mut_ptr();
+
+			for _ in 0..8 {
+				*prefix_ptr ^= *bytes_ptr ^ *bytes_ptr.offset(8) ^ *bytes_ptr.offset(16) ^ *bytes_ptr.offset(24);
+
+				bytes_ptr = bytes_ptr.offset(1);
+				prefix_ptr = prefix_ptr.offset(1);
 			}
 		}
 	}

From 4cb610d9aec0d6792ea465e5c041607993290542 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Thu, 17 Aug 2017 16:05:26 +0200
Subject: [PATCH 071/112] Itertools are no longer reexported from util,
 optimized triedb iter

---
 Cargo.lock                           |  3 ++-
 dapps/Cargo.toml                     |  1 +
 dapps/src/handlers/mod.rs            |  3 +--
 dapps/src/lib.rs                     |  1 +
 ethcore/src/blockchain/blockchain.rs |  1 +
 ethcore/src/client/client.rs         |  3 ++-
 ethcore/src/client/test_client.rs    |  1 +
 ethcore/src/client/traits.rs         |  3 ++-
 ethcore/src/pod_account.rs           |  1 +
 ethcore/src/pod_state.rs             |  1 +
 rpc/Cargo.toml                       |  1 +
 rpc/src/authcodes.rs                 |  3 ++-
 rpc/src/lib.rs                       |  1 +
 util/Cargo.toml                      |  1 -
 util/benches/trie.rs                 |  4 ++--
 util/src/journaldb/earlymergedb.rs   |  5 +++--
 util/src/lib.rs                      |  2 --
 util/src/trie/triedb.rs              | 14 ++++++++++++--
 18 files changed, 34 insertions(+), 15 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index c930b8ff9..20f4b38c5 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -773,7 +773,6 @@ dependencies = [
  "ethcore-devtools 1.8.0",
  "ethcore-logger 1.8.0",
  "heapsize 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "itertools 0.5.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.21 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
  "lru-cache 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1860,6 +1859,7 @@ dependencies = [
  "fetch 0.1.0",
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures-cpupool 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "itertools 0.5.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "jsonrpc-http-server 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "linked-hash-map 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1971,6 +1971,7 @@ dependencies = [
  "fetch 0.1.0",
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures-cpupool 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "itertools 0.5.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "jsonrpc-http-server 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "jsonrpc-ipc-server 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
diff --git a/dapps/Cargo.toml b/dapps/Cargo.toml
index 75e15e396..143bbe30f 100644
--- a/dapps/Cargo.toml
+++ b/dapps/Cargo.toml
@@ -27,6 +27,7 @@ time = "0.1.35"
 unicase = "1.3"
 url = "1.0"
 zip = { version = "0.1", default-features = false }
+itertools = "0.5"
 
 jsonrpc-core = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }
 jsonrpc-http-server = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }
diff --git a/dapps/src/handlers/mod.rs b/dapps/src/handlers/mod.rs
index 65c2cbe27..a8beabe84 100644
--- a/dapps/src/handlers/mod.rs
+++ b/dapps/src/handlers/mod.rs
@@ -31,8 +31,7 @@ pub use self::redirect::Redirection;
 pub use self::streaming::StreamingHandler;
 
 use std::iter;
-use util::Itertools;
-
+use itertools::Itertools;
 use url::Url;
 use hyper::{server, header, net, uri};
 use {apps, address, Embeddable};
diff --git a/dapps/src/lib.rs b/dapps/src/lib.rs
index 3eda70ab5..135f0bb36 100644
--- a/dapps/src/lib.rs
+++ b/dapps/src/lib.rs
@@ -22,6 +22,7 @@
 extern crate base32;
 extern crate futures;
 extern crate futures_cpupool;
+extern crate itertools;
 extern crate linked_hash_map;
 extern crate mime_guess;
 extern crate ntp;
diff --git a/ethcore/src/blockchain/blockchain.rs b/ethcore/src/blockchain/blockchain.rs
index bd0defa47..001df861c 100644
--- a/ethcore/src/blockchain/blockchain.rs
+++ b/ethcore/src/blockchain/blockchain.rs
@@ -19,6 +19,7 @@
 use std::collections::{HashMap, HashSet};
 use std::sync::Arc;
 use std::mem;
+use itertools::Itertools;
 use bloomchain as bc;
 use util::*;
 use rlp::*;
diff --git a/ethcore/src/client/client.rs b/ethcore/src/client/client.rs
index fdd201e68..18e63a061 100644
--- a/ethcore/src/client/client.rs
+++ b/ethcore/src/client/client.rs
@@ -20,9 +20,10 @@ use std::sync::{Arc, Weak};
 use std::sync::atomic::{AtomicUsize, AtomicBool, Ordering as AtomicOrdering};
 use std::time::{Instant};
 use time::precise_time_ns;
+use itertools::Itertools;
 
 // util
-use util::{Bytes, PerfTimer, Itertools, Mutex, RwLock, MutexGuard, Hashable};
+use util::{Bytes, PerfTimer, Mutex, RwLock, MutexGuard, Hashable};
 use util::{journaldb, DBValue, TrieFactory, Trie};
 use util::{U256, H256, Address, H2048};
 use util::trie::TrieSpec;
diff --git a/ethcore/src/client/test_client.rs b/ethcore/src/client/test_client.rs
index 2a205868d..d774c7a68 100644
--- a/ethcore/src/client/test_client.rs
+++ b/ethcore/src/client/test_client.rs
@@ -20,6 +20,7 @@ use std::sync::atomic::{AtomicUsize, Ordering as AtomicOrder};
 use std::sync::Arc;
 use std::collections::{HashMap, BTreeMap};
 use std::mem;
+use itertools::Itertools;
 use rustc_hex::FromHex;
 use util::*;
 use rlp::*;
diff --git a/ethcore/src/client/traits.rs b/ethcore/src/client/traits.rs
index 8e1bd8b18..2ae303177 100644
--- a/ethcore/src/client/traits.rs
+++ b/ethcore/src/client/traits.rs
@@ -15,6 +15,7 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::collections::BTreeMap;
+use itertools::Itertools;
 
 use block::{OpenBlock, SealedBlock, ClosedBlock};
 use blockchain::TreeRoute;
@@ -33,7 +34,7 @@ use trace::LocalizedTrace;
 use transaction::{LocalizedTransaction, PendingTransaction, SignedTransaction};
 use verification::queue::QueueInfo as BlockQueueInfo;
 
-use util::{U256, Address, H256, H2048, Bytes, Itertools};
+use util::{U256, Address, H256, H2048, Bytes};
 use util::hashdb::DBValue;
 
 use types::ids::*;
diff --git a/ethcore/src/pod_account.rs b/ethcore/src/pod_account.rs
index bbd2fffa5..4204b591d 100644
--- a/ethcore/src/pod_account.rs
+++ b/ethcore/src/pod_account.rs
@@ -16,6 +16,7 @@
 
 use std::fmt;
 use std::collections::BTreeMap;
+use itertools::Itertools;
 use util::*;
 use state::Account;
 use ethjson;
diff --git a/ethcore/src/pod_state.rs b/ethcore/src/pod_state.rs
index 3e8d0bbfe..5a0265dc1 100644
--- a/ethcore/src/pod_state.rs
+++ b/ethcore/src/pod_state.rs
@@ -18,6 +18,7 @@
 
 use std::fmt;
 use std::collections::BTreeMap;
+use itertools::Itertools;
 use util::*;
 use pod_account::{self, PodAccount};
 use types::state_diff::StateDiff;
diff --git a/rpc/Cargo.toml b/rpc/Cargo.toml
index 2619c754f..73230c24e 100644
--- a/rpc/Cargo.toml
+++ b/rpc/Cargo.toml
@@ -24,6 +24,7 @@ serde_json = "1.0"
 time = "0.1"
 tokio-timer = "0.1"
 transient-hashmap = "0.4"
+itertools = "0.5"
 
 jsonrpc-core = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }
 jsonrpc-http-server = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }
diff --git a/rpc/src/authcodes.rs b/rpc/src/authcodes.rs
index 57de437ab..4427eda78 100644
--- a/rpc/src/authcodes.rs
+++ b/rpc/src/authcodes.rs
@@ -18,9 +18,10 @@ use std::io::{self, Read, Write};
 use std::path::Path;
 use std::{fs, time, mem};
 
+use itertools::Itertools;
 use rand::Rng;
 use rand::os::OsRng;
-use util::{H256, Hashable, Itertools};
+use util::{H256, Hashable};
 
 /// Providing current time in seconds
 pub trait TimeProvider {
diff --git a/rpc/src/lib.rs b/rpc/src/lib.rs
index fec19f78a..e75d187de 100644
--- a/rpc/src/lib.rs
+++ b/rpc/src/lib.rs
@@ -24,6 +24,7 @@ extern crate cid;
 extern crate crypto as rust_crypto;
 extern crate futures;
 extern crate futures_cpupool;
+extern crate itertools;
 extern crate multihash;
 extern crate order_stat;
 extern crate rand;
diff --git a/util/Cargo.toml b/util/Cargo.toml
index 5306e3c57..0e485431e 100644
--- a/util/Cargo.toml
+++ b/util/Cargo.toml
@@ -19,7 +19,6 @@ rust-crypto = "0.2.34"
 elastic-array = "0.9"
 rlp = { path = "rlp" }
 heapsize = "0.4"
-itertools = "0.5"
 sha3 = { path = "sha3" }
 clippy = { version = "0.0.103", optional = true}
 ethcore-devtools = { path = "../devtools" }
diff --git a/util/benches/trie.rs b/util/benches/trie.rs
index d526b97ac..e02077ad4 100644
--- a/util/benches/trie.rs
+++ b/util/benches/trie.rs
@@ -45,14 +45,14 @@ fn random_bytes(min_count: usize, diff_count: usize, seed: &mut H256) -> Vec<u8>
 	assert!(min_count + diff_count <= 32);
 	*seed = seed.sha3();
 	let r = min_count + (seed[31] as usize % (diff_count + 1));
-	seed[0..r].into_vec()
+	seed[0..r].to_vec()
 }
 
 fn random_value(seed: &mut H256) -> Bytes {
 	*seed = seed.sha3();
 	match seed[0] % 2 {
 		1 => vec![seed[31];1],
-		_ => seed.into_vec(),
+		_ => seed.to_vec(),
 	}
 }
 
diff --git a/util/src/journaldb/earlymergedb.rs b/util/src/journaldb/earlymergedb.rs
index 5f409d327..b7b57d537 100644
--- a/util/src/journaldb/earlymergedb.rs
+++ b/util/src/journaldb/earlymergedb.rs
@@ -21,7 +21,6 @@ use std::collections::HashMap;
 use std::sync::Arc;
 use parking_lot::RwLock;
 use heapsize::HeapSizeOf;
-use itertools::Itertools;
 use rlp::*;
 use hashdb::*;
 use memorydb::*;
@@ -432,7 +431,9 @@ impl JournalDB for EarlyMergeDB {
 			// - we write the key into our journal for this block;
 
 			r.begin_list(inserts.len());
-			inserts.iter().foreach(|&(k, _)| {r.append(&k);});
+			for &(k, _) in &inserts {
+				r.append(&k);
+			}
 			r.append_list(&removes);
 			Self::insert_keys(&inserts, &*self.backing, self.column, &mut refs, batch, trace);
 
diff --git a/util/src/lib.rs b/util/src/lib.rs
index 544f60d39..46730fe9c 100644
--- a/util/src/lib.rs
+++ b/util/src/lib.rs
@@ -106,7 +106,6 @@ extern crate rlp;
 extern crate regex;
 extern crate lru_cache;
 extern crate heapsize;
-extern crate itertools;
 extern crate ethcore_logger;
 
 #[macro_use]
@@ -153,7 +152,6 @@ pub use bigint::hash;
 
 pub use ansi_term::{Colour, Style};
 pub use heapsize::HeapSizeOf;
-pub use itertools::Itertools;
 pub use parking_lot::{Condvar, Mutex, MutexGuard, RwLock, RwLockReadGuard, RwLockWriteGuard};
 
 /// 160-bit integer representing account address
diff --git a/util/src/trie/triedb.rs b/util/src/trie/triedb.rs
index 262a874ea..29bf99164 100644
--- a/util/src/trie/triedb.rs
+++ b/util/src/trie/triedb.rs
@@ -15,7 +15,6 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::fmt;
-use itertools::Itertools;
 use hashdb::*;
 use nibbleslice::*;
 use rlp::*;
@@ -293,7 +292,18 @@ impl<'a> TrieDBIterator<'a> {
 	/// The present key.
 	fn key(&self) -> Bytes {
 		// collapse the key_nibbles down to bytes.
-		self.key_nibbles.iter().step(2).zip(self.key_nibbles.iter().skip(1).step(2)).map(|(h, l)| h * 16 + l).collect()
+		unsafe {
+			let size = self.key_nibbles.len() / 2;
+			let mut ptr = self.key_nibbles.as_ptr();
+			let mut result = Bytes::with_capacity(size);
+
+			for _ in 0..size {
+				result.push(*ptr * 16 + *ptr.offset(1));
+				ptr = ptr.offset(2);
+			}
+
+			result
+		}
 	}
 }
 

From 32d2cd74d4a13a1247f92fec414c253509fe4a6c Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Thu, 17 Aug 2017 17:32:00 +0200
Subject: [PATCH 072/112] ping ci

---
 util/src/trie/triedb.rs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/util/src/trie/triedb.rs b/util/src/trie/triedb.rs
index 29bf99164..9631f1ad9 100644
--- a/util/src/trie/triedb.rs
+++ b/util/src/trie/triedb.rs
@@ -301,7 +301,6 @@ impl<'a> TrieDBIterator<'a> {
 				result.push(*ptr * 16 + *ptr.offset(1));
 				ptr = ptr.offset(2);
 			}
-
 			result
 		}
 	}

From 209e8eff35559bae8950f2d432954678aefc316f Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Thu, 17 Aug 2017 18:11:34 +0200
Subject: [PATCH 073/112] updated bigint with optimized mul and from_big_indian

---
 Cargo.lock              | 8 ++++----
 rpc_cli/Cargo.toml      | 2 +-
 util/bigint/Cargo.toml  | 2 +-
 util/rlp/benches/rlp.rs | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index c930b8ff9..c7b3e5b72 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -125,7 +125,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
 name = "bigint"
-version = "3.0.0"
+version = "4.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
  "byteorder 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -542,7 +542,7 @@ dependencies = [
 name = "ethcore-bigint"
 version = "0.1.3"
 dependencies = [
- "bigint 3.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "bigint 4.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "heapsize 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.21 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -2453,7 +2453,7 @@ dependencies = [
 name = "rpc-cli"
 version = "1.4.0"
 dependencies = [
- "bigint 3.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "bigint 4.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "ethcore-util 1.8.0",
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "parity-rpc 1.8.0",
@@ -3231,7 +3231,7 @@ dependencies = [
 "checksum backtrace-sys 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)" = "3a0d842ea781ce92be2bf78a9b38883948542749640b8378b3b2f03d1fd9f1ff"
 "checksum base-x 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "2f59103b47307f76e03bef1633aec7fa9e29bfb5aa6daf5a334f94233c71f6c1"
 "checksum base32 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "1b9605ba46d61df0410d8ac686b0007add8172eba90e8e909c347856fe794d8c"
-"checksum bigint 3.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1d0673c930652d3d4d6dcd5c45b5db4fa5f8f33994d7323618c43c083b223e8c"
+"checksum bigint 4.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "2b45beaa0727835a98df09295d4250afc52c3f7d375d560997ae942c95b98ceb"
 "checksum bincode 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e103c8b299b28a9c6990458b7013dc4a8356a9b854c51b9883241f5866fac36e"
 "checksum bit-set 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e6e1e6fb1c9e3d6fcdec57216a74eaa03e41f52a22f13a16438251d8e88b89da"
 "checksum bit-set 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d9bf6104718e80d7b26a68fdbacff3481cfc05df670821affc7e9cbc1884400c"
diff --git a/rpc_cli/Cargo.toml b/rpc_cli/Cargo.toml
index 52fc58fe4..5e407cb74 100644
--- a/rpc_cli/Cargo.toml
+++ b/rpc_cli/Cargo.toml
@@ -9,7 +9,7 @@ version = "1.4.0"
 [dependencies]
 futures = "0.1"
 rpassword = "0.3.0"
-bigint = "3.0"
+bigint = "4.0"
 parity-rpc = { path = "../rpc" }
 parity-rpc-client = { path = "../rpc_client" }
 ethcore-util = { path = "../util" }
diff --git a/util/bigint/Cargo.toml b/util/bigint/Cargo.toml
index 477925334..36a272f8c 100644
--- a/util/bigint/Cargo.toml
+++ b/util/bigint/Cargo.toml
@@ -8,7 +8,7 @@ version = "0.1.3"
 authors = ["Parity Technologies <admin@parity.io>"]
 
 [dependencies]
-bigint = "3.0"
+bigint = "4.0"
 rustc-hex = "1.0"
 rand = "0.3.12"
 libc = "0.2"
diff --git a/util/rlp/benches/rlp.rs b/util/rlp/benches/rlp.rs
index 927b48583..6aeabaf5d 100644
--- a/util/rlp/benches/rlp.rs
+++ b/util/rlp/benches/rlp.rs
@@ -15,7 +15,7 @@
 #![feature(test)]
 
 extern crate test;
-extern crate bigint;
+extern crate ethcore_bigint as bigint;
 extern crate rlp;
 
 use test::Bencher;

From 7de4a3a2df1d7db01fae1a2d1164e1d9121563e8 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Thu, 17 Aug 2017 20:40:10 +0200
Subject: [PATCH 074/112] move plain hasher to a crate

---
 Cargo.lock              | 10 +++++++++
 util/bigint/Cargo.toml  |  1 +
 util/bigint/src/hash.rs | 47 +----------------------------------------
 util/bigint/src/lib.rs  |  1 +
 4 files changed, 13 insertions(+), 46 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index c930b8ff9..e8f5b66b1 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -545,6 +545,7 @@ dependencies = [
  "bigint 3.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "heapsize 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.21 (registry+https://github.com/rust-lang/crates.io-index)",
+ "plain_hasher 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
@@ -2192,6 +2193,14 @@ name = "pkg-config"
 version = "0.3.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
+[[package]]
+name = "plain_hasher"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "crunchy 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "podio"
 version = "0.1.5"
@@ -3371,6 +3380,7 @@ dependencies = [
 "checksum phf_generator 0.7.14 (registry+https://github.com/rust-lang/crates.io-index)" = "db005608fd99800c8c74106a7c894cf582055b689aa14a79462cefdcb7dc1cc3"
 "checksum phf_shared 0.7.14 (registry+https://github.com/rust-lang/crates.io-index)" = "fee4d039930e4f45123c9b15976cf93a499847b6483dc09c42ea0ec4940f2aa6"
 "checksum pkg-config 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)" = "3a8b4c6b8165cd1a1cd4b9b120978131389f64bdaf456435caa41e630edba903"
+"checksum plain_hasher 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "83ae80873992f511142c07d0ec6c44de5636628fdb7e204abd655932ea79d995"
 "checksum podio 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "e5422a1ee1bc57cc47ae717b0137314258138f38fd5f3cea083f43a9725383a0"
 "checksum pretty_assertions 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "2412f3332a07c7a2a50168988dcc184f32180a9758ad470390e5f55e089f6b6e"
 "checksum primal 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "0e31b86efadeaeb1235452171a66689682783149a6249ff334a2c5d8218d00a4"
diff --git a/util/bigint/Cargo.toml b/util/bigint/Cargo.toml
index 477925334..6797ce2bb 100644
--- a/util/bigint/Cargo.toml
+++ b/util/bigint/Cargo.toml
@@ -13,6 +13,7 @@ rustc-hex = "1.0"
 rand = "0.3.12"
 libc = "0.2"
 heapsize = { version = "0.4", optional = true }
+plain_hasher = "0.1"
 
 [features]
 x64asm_arithmetic=[]
diff --git a/util/bigint/src/hash.rs b/util/bigint/src/hash.rs
index ddb9bc622..316062bc4 100644
--- a/util/bigint/src/hash.rs
+++ b/util/bigint/src/hash.rs
@@ -16,6 +16,7 @@ use std::collections::{HashMap, HashSet};
 use rand::{Rand, Rng};
 use rand::os::OsRng;
 use rustc_hex::{FromHex, FromHexError};
+use plain_hasher::PlainHasher;
 use bigint::U256;
 use libc::{c_void, memcmp};
 
@@ -446,52 +447,6 @@ impl_hash!(H2048, 256);
 known_heap_size!(0, H32, H64, H128, H160, H256, H264, H512, H520, H1024, H2048);
 // Specialized HashMap and HashSet
 
-/// Hasher that just takes 8 bytes of the provided value.
-/// May only be used for keys which are 32 bytes.
-pub struct PlainHasher {
-	prefix: u64,
-}
-
-impl Default for PlainHasher {
-	#[inline]
-	fn default() -> PlainHasher {
-		PlainHasher {
-			prefix: 0,
-		}
-	}
-}
-
-impl PlainHasher {
-	#[inline]
-	fn mut_prefix(&mut self) -> &mut [u8; 8] {
-		unsafe { ::std::mem::transmute(&mut self.prefix) }
-	}
-}
-
-impl Hasher for PlainHasher {
-	#[inline]
-	fn finish(&self) -> u64 {
-		self.prefix
-	}
-
-	#[inline]
-	fn write(&mut self, bytes: &[u8]) {
-		debug_assert!(bytes.len() == 32);
-
-		unsafe {
-			let mut bytes_ptr = bytes.as_ptr();
-			let mut prefix_ptr = self.mut_prefix().as_mut_ptr();
-
-			for _ in 0..8 {
-				*prefix_ptr ^= *bytes_ptr ^ *bytes_ptr.offset(8) ^ *bytes_ptr.offset(16) ^ *bytes_ptr.offset(24);
-
-				bytes_ptr = bytes_ptr.offset(1);
-				prefix_ptr = prefix_ptr.offset(1);
-			}
-		}
-	}
-}
-
 /// Specialized version of `HashMap` with H256 keys and fast hashing function.
 pub type H256FastMap<T> = HashMap<H256, T, BuildHasherDefault<PlainHasher>>;
 /// Specialized version of `HashSet` with H256 keys and fast hashing function.
diff --git a/util/bigint/src/lib.rs b/util/bigint/src/lib.rs
index 7a85de6a1..1b1b5d488 100644
--- a/util/bigint/src/lib.rs
+++ b/util/bigint/src/lib.rs
@@ -14,6 +14,7 @@ extern crate rand;
 extern crate rustc_hex;
 extern crate bigint;
 extern crate libc;
+extern crate plain_hasher;
 
 #[cfg(feature="heapsizeof")]
 #[macro_use]

From 444233bd1b3f8bd13352a90366e89ba5ed7a02f4 Mon Sep 17 00:00:00 2001
From: Nicolas Gotchac <ngotchac@gmail.com>
Date: Fri, 18 Aug 2017 15:28:41 +0200
Subject: [PATCH 075/112] Better check the created accounts before showing
 Startup Wizard

---
 js/src/views/Application/store.js | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/js/src/views/Application/store.js b/js/src/views/Application/store.js
index 8d2093d45..9008997b8 100644
--- a/js/src/views/Application/store.js
+++ b/js/src/views/Application/store.js
@@ -28,11 +28,18 @@ export default class Store {
     this._migrateStore();
 
     this._api = api;
-    // Show the first run if it hasn't been shown before
-    // (thus an undefined value)
-    this.firstrunVisible = store.get(LS_FIRST_RUN_KEY) === undefined;
 
-    this._checkAccounts();
+    // Show the first run the storage doesn't hold `false` value
+    const firstrunVisible = store.get(LS_FIRST_RUN_KEY) !== false;
+
+    // Only check accounts if we might show the first run
+    if (firstrunVisible) {
+      api.transport.once('open', () => {
+        this._checkAccounts();
+      });
+    } else {
+      this.firstrunVisible = false;
+    }
   }
 
   @action closeFirstrun = () => {
@@ -50,7 +57,7 @@ export default class Store {
   }
 
   /**
-   * Migrate the old LocalStorage ket format
+   * Migrate the old LocalStorage key format
    * to the new one
    */
   _migrateStore () {
@@ -70,12 +77,16 @@ export default class Store {
         this._api.parity.allAccountsInfo()
       ])
       .then(([ vaults, info ]) => {
-        const accounts = Object.keys(info).filter((address) => info[address].uuid);
+        const accounts = Object.keys(info)
+          .filter((address) => info[address].uuid)
+          // In DEV mode, the empty phrase account is already added
+          .filter((address) => address.toLowerCase() !== '0x00a329c0648769a73afac7f9381e08fb43dbea72');
+
         // Has accounts if any vaults or accounts
         const hasAccounts = (accounts && accounts.length > 0) || (vaults && vaults.length > 0);
 
         // Show First Run if no accounts and no vaults
-        this.toggleFirstrun(this.firstrunVisible || !hasAccounts);
+        this.toggleFirstrun(!hasAccounts);
       })
       .catch((error) => {
         console.error('checkAccounts', error);

From cd0c77dc5c3108fe6b37d877519d8157abfc4c38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Fri, 18 Aug 2017 15:51:52 +0200
Subject: [PATCH 076/112] Ignore errors from dappsUrl when starting UI. (#6296)

* Ignore errors from dappsUrl when starting UI.

* Fix linter.
---
 js/src/secureApi.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/js/src/secureApi.js b/js/src/secureApi.js
index c34f71dd9..76b7eadf8 100644
--- a/js/src/secureApi.js
+++ b/js/src/secureApi.js
@@ -325,7 +325,8 @@ export default class SecureApi extends Api {
   _fetchSettings () {
     return Promise
       .all([
-        this._uiApi.parity.dappsUrl(),
+        // ignore dapps disabled errors
+        this._uiApi.parity.dappsUrl().catch(() => null),
         this._uiApi.parity.wsUrl()
       ])
       .then(([dappsUrl, wsUrl]) => {

From 010be346609adfb702f6125c075b69ecef5480b7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Fri, 18 Aug 2017 15:58:45 +0200
Subject: [PATCH 077/112] Unexpose methods on UI RPC. (#6295)

---
 parity/rpc.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parity/rpc.rs b/parity/rpc.rs
index 2c80cddc5..1e148dad2 100644
--- a/parity/rpc.rs
+++ b/parity/rpc.rs
@@ -94,7 +94,7 @@ impl From<UiConfiguration> for HttpConfiguration {
 			enabled: conf.enabled,
 			interface: conf.interface,
 			port: conf.port,
-			apis: rpc_apis::ApiSet::SafeContext,
+			apis: rpc_apis::ApiSet::UnsafeContext,
 			cors: None,
 			hosts: conf.hosts,
 			server_threads: None,

From 2c0a1b652c6a38a21a7f86081f52ae9ec5e1e28f Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Fri, 18 Aug 2017 14:40:04 +0000
Subject: [PATCH 078/112] [ci skip] js-precompiled 20170818-143526

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index c7b3e5b72..87e6a6b79 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2053,7 +2053,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#04b109bd8485b26d0f8ef8df6afab69d8fe4878b"
+source = "git+https://github.com/paritytech/js-precompiled.git#f4bde8f5b102e7da7c2440c04945fac86e75cff5"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index 233aa011c..34ed58654 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.14",
+  "version": "1.8.15",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index bb31726d5..27059815d 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.14",
+  "version": "1.8.15",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From 5ed14c10649e230b7d0f07e377f7fc48393881b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Fri, 18 Aug 2017 17:44:40 +0200
Subject: [PATCH 079/112] Fix --chain parsing in evmbin. (#6314)

---
 evmbin/src/main.rs | 44 +++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 39 insertions(+), 5 deletions(-)

diff --git a/evmbin/src/main.rs b/evmbin/src/main.rs
index 04314732a..bad0ef1f0 100644
--- a/evmbin/src/main.rs
+++ b/evmbin/src/main.rs
@@ -47,9 +47,9 @@ EVM implementation for Parity.
   Copyright 2016, 2017 Parity Technologies (UK) Ltd
 
 Usage:
-    evmbin stats [options]
-    evmbin [options]
-    evmbin [-h | --help]
+    parity-evm stats [options]
+    parity-evm [options]
+    parity-evm [-h | --help]
 
 Transaction options:
     --code CODE        Contract code as hex (without 0x).
@@ -116,7 +116,7 @@ struct Args {
 	flag_gas: Option<String>,
 	flag_gas_price: Option<String>,
 	flag_input: Option<String>,
-	flag_spec: Option<String>,
+	flag_chain: Option<String>,
 	flag_json: bool,
 }
 
@@ -164,7 +164,7 @@ impl Args {
 	}
 
 	pub fn spec(&self) -> Result<spec::Spec, String> {
-		Ok(match self.flag_spec {
+		Ok(match self.flag_chain {
 			Some(ref filename) =>  {
 				let file = fs::File::open(filename).map_err(|e| format!("{}", e))?;
 				spec::Spec::load(::std::env::temp_dir(), file)?
@@ -188,3 +188,37 @@ fn die<T: fmt::Display>(msg: T) -> ! {
 	println!("{}", msg);
 	::std::process::exit(-1)
 }
+
+#[cfg(test)]
+mod tests {
+	use docopt::Docopt;
+	use super::{Args, USAGE};
+
+	fn run<T: AsRef<str>>(args: &[T]) -> Args {
+		Docopt::new(USAGE).and_then(|d| d.argv(args.into_iter()).deserialize()).unwrap()
+	}
+
+	#[test]
+	fn should_parse_all_the_options() {
+		let args = run(&[
+			"parity-evm",
+			"--json",
+			"--gas", "1",
+			"--gas-price", "2",
+			"--from", "0000000000000000000000000000000000000003",
+			"--to", "0000000000000000000000000000000000000004",
+			"--code", "05",
+			"--input", "06",
+			"--chain", "./testfile",
+		]);
+
+		assert_eq!(args.flag_json, true);
+		assert_eq!(args.gas(), Ok(1.into()));
+		assert_eq!(args.gas_price(), Ok(2.into()));
+		assert_eq!(args.from(), Ok(3.into()));
+		assert_eq!(args.to(), Ok(4.into()));
+		assert_eq!(args.code(), Ok(Some(vec![05])));
+		assert_eq!(args.data(), Ok(Some(vec![06])));
+		assert_eq!(args.flag_chain, Some("./testfile".to_owned()));
+	}
+}

From 407c8c3fb9c4618a0c85f25927d3fab8ead29a7f Mon Sep 17 00:00:00 2001
From: Marek Kotewicz <marek.kotewicz@gmail.com>
Date: Sun, 20 Aug 2017 06:01:46 +0200
Subject: [PATCH 080/112] rlp_derive (#6125)

* rlp_derive

* RlpEncodableWrapper, RlpDecodableWrapper

* use rlp_derive in parity

* fixed broken transaction Action serialization
---
 Cargo.lock                             |  20 +-
 ethcore/Cargo.toml                     |   1 +
 ethcore/light/Cargo.toml               |   1 +
 ethcore/light/src/lib.rs               |   2 +
 ethcore/light/src/types/request/mod.rs | 283 ++-----------------------
 ethcore/src/blockchain/extras.rs       |  82 +------
 ethcore/src/blooms/bloom.rs            |  15 +-
 ethcore/src/engines/epoch.rs           |  40 +---
 ethcore/src/lib.rs                     |   3 +
 ethcore/src/snapshot/io.rs             |  19 +-
 ethcore/src/trace/bloom.rs             |  33 +--
 ethcore/src/trace/types/flat.rs        |  28 +--
 ethcore/src/trace/types/trace.rs       | 233 +-------------------
 ethcore/src/transaction.rs             |  19 +-
 ethcore/types/Cargo.toml               |   1 +
 ethcore/types/src/basic_account.rs     |  24 +--
 ethcore/types/src/lib.rs               |   2 +
 ethcore/types/src/log_entry.rs         |  23 +-
 util/rlp_derive/Cargo.toml             |  15 ++
 util/rlp_derive/src/de.rs              | 139 ++++++++++++
 util/rlp_derive/src/en.rs              | 110 ++++++++++
 util/rlp_derive/src/lib.rs             |  43 ++++
 util/rlp_derive/tests/rlp.rs           |  44 ++++
 23 files changed, 429 insertions(+), 751 deletions(-)
 create mode 100644 util/rlp_derive/Cargo.toml
 create mode 100644 util/rlp_derive/src/de.rs
 create mode 100644 util/rlp_derive/src/en.rs
 create mode 100644 util/rlp_derive/src/lib.rs
 create mode 100644 util/rlp_derive/tests/rlp.rs

diff --git a/Cargo.lock b/Cargo.lock
index 87e6a6b79..9a7c22298 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -301,6 +301,7 @@ dependencies = [
  "ethcore-util 1.8.0",
  "ethjson 0.1.0",
  "rlp 0.2.0",
+ "rlp_derive 0.1.0",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -526,6 +527,7 @@ dependencies = [
  "price-info 1.7.0",
  "rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
  "rlp 0.2.0",
+ "rlp_derive 0.1.0",
  "rust-crypto 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "semver 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -652,6 +654,7 @@ dependencies = [
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
  "rlp 0.2.0",
+ "rlp_derive 0.1.0",
  "serde 1.0.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde_derive 1.0.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "smallvec 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -2305,7 +2308,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
 name = "quote"
-version = "0.3.10"
+version = "0.3.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
@@ -2396,6 +2399,15 @@ dependencies = [
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "rlp_derive"
+version = "0.1.0"
+dependencies = [
+ "quote 0.3.15 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rlp 0.2.0",
+ "syn 0.11.11 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "rocksdb"
 version = "0.4.5"
@@ -2588,7 +2600,7 @@ name = "serde_derive"
 version = "1.0.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
- "quote 0.3.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 0.3.15 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde_derive_internals 0.15.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "syn 0.11.11 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
@@ -2730,7 +2742,7 @@ name = "syn"
 version = "0.11.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
- "quote 0.3.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quote 0.3.15 (registry+https://github.com/rust-lang/crates.io-index)",
  "synom 0.11.3 (registry+https://github.com/rust-lang/crates.io-index)",
  "unicode-xid 0.0.4 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
@@ -3384,7 +3396,7 @@ dependencies = [
 "checksum quasi_macros 0.32.0 (registry+https://github.com/rust-lang/crates.io-index)" = "29cec87bc2816766d7e4168302d505dd06b0a825aed41b00633d296e922e02dd"
 "checksum quick-error 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "0aad603e8d7fb67da22dbdf1f4b826ce8829e406124109e73cf1b2454b93a71c"
 "checksum quine-mc_cluskey 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a6683b0e23d80813b1a535841f0048c1537d3f86d63c999e8373b39a9b0eb74a"
-"checksum quote 0.3.10 (registry+https://github.com/rust-lang/crates.io-index)" = "6732e32663c9c271bfc7c1823486b471f18c47a2dbf87c066897b7b51afc83be"
+"checksum quote 0.3.15 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e920b65c65f10b2ae65c831a81a073a89edd28c7cce89475bff467ab4167a"
 "checksum rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)" = "2791d88c6defac799c3f20d74f094ca33b9332612d9aef9078519c82e4fe04a5"
 "checksum rayon 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "8c83adcb08e5b922e804fe1918142b422602ef11f2fd670b0b52218cb5984a20"
 "checksum rayon-core 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "767d91bacddf07d442fe39257bf04fd95897d1c47c545d009f6beb03efd038f8"
diff --git a/ethcore/Cargo.toml b/ethcore/Cargo.toml
index 0b4abc1bb..c49e31898 100644
--- a/ethcore/Cargo.toml
+++ b/ethcore/Cargo.toml
@@ -47,6 +47,7 @@ num_cpus = "1.2"
 price-info = { path = "../price-info" }
 rand = "0.3"
 rlp = { path = "../util/rlp" }
+rlp_derive = { path = "../util/rlp_derive" }
 rust-crypto = "0.2.34"
 rustc-hex = "1.0"
 semver = "0.6"
diff --git a/ethcore/light/Cargo.toml b/ethcore/light/Cargo.toml
index b652050d2..9fda78f47 100644
--- a/ethcore/light/Cargo.toml
+++ b/ethcore/light/Cargo.toml
@@ -21,6 +21,7 @@ ethcore-devtools = { path = "../../devtools" }
 evm = { path = "../evm" }
 vm = { path = "../vm" }
 rlp = { path = "../../util/rlp" }
+rlp_derive = { path = "../../util/rlp_derive" }
 time = "0.1"
 smallvec = "0.4"
 futures = "0.1"
diff --git a/ethcore/light/src/lib.rs b/ethcore/light/src/lib.rs
index b172134cf..c2ab483d2 100644
--- a/ethcore/light/src/lib.rs
+++ b/ethcore/light/src/lib.rs
@@ -76,6 +76,8 @@ extern crate futures;
 extern crate itertools;
 extern crate rand;
 extern crate rlp;
+#[macro_use]
+extern crate rlp_derive;
 extern crate serde;
 extern crate smallvec;
 extern crate stats;
diff --git a/ethcore/light/src/types/request/mod.rs b/ethcore/light/src/types/request/mod.rs
index ff4a32535..51f916b15 100644
--- a/ethcore/light/src/types/request/mod.rs
+++ b/ethcore/light/src/types/request/mod.rs
@@ -650,7 +650,7 @@ pub mod header {
 	use rlp::{Encodable, Decodable, DecoderError, RlpStream, UntrustedRlp};
 
 	/// Potentially incomplete headers request.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// Start block.
 		pub start: Field<HashOrNumber>,
@@ -662,27 +662,6 @@ pub mod header {
 		pub reverse: bool,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				start: rlp.val_at(0)?,
-				skip: rlp.val_at(1)?,
-				max: rlp.val_at(2)?,
-				reverse: rlp.val_at(3)?
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(4)
-				.append(&self.start)
-				.append(&self.skip)
-				.append(&self.max)
-				.append(&self.reverse);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -784,26 +763,12 @@ pub mod header_proof {
 	use util::{Bytes, U256, H256};
 
 	/// Potentially incomplete header proof request.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// Block number.
 		pub num: Field<u64>,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				num: rlp.val_at(0)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(1).append(&self.num);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -889,30 +854,15 @@ pub mod header_proof {
 /// Request and response for transaction index.
 pub mod transaction_index {
 	use super::{Field, NoSuchOutput, OutputKind, Output};
-	use rlp::{Encodable, Decodable, DecoderError, RlpStream, UntrustedRlp};
 	use util::H256;
 
 	/// Potentially incomplete transaction index request.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// Transaction hash to get index for.
 		pub hash: Field<H256>,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				hash: rlp.val_at(0)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(1).append(&self.hash);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -959,7 +909,7 @@ pub mod transaction_index {
 	}
 
 	/// The output of a request for transaction index.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Response {
 		/// Block number.
 		pub num: u64,
@@ -976,55 +926,21 @@ pub mod transaction_index {
 			f(1, Output::Hash(self.hash));
 		}
 	}
-
-	impl Decodable for Response {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Response {
-				num: rlp.val_at(0)?,
-				hash: rlp.val_at(1)?,
-				index: rlp.val_at(2)?,
-			})
-		}
-	}
-
-	impl Encodable for Response {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(3)
-				.append(&self.num)
-				.append(&self.hash)
-				.append(&self.index);
-		}
-	}
 }
 
 /// Request and response for block receipts
 pub mod block_receipts {
 	use super::{Field, NoSuchOutput, OutputKind, Output};
 	use ethcore::receipt::Receipt;
-	use rlp::{Encodable, Decodable, DecoderError, RlpStream, UntrustedRlp};
 	use util::H256;
 
 	/// Potentially incomplete block receipts request.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// Block hash to get receipts for.
 		pub hash: Field<H256>,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				hash: rlp.val_at(0)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(1).append(&self.hash);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -1068,7 +984,7 @@ pub mod block_receipts {
 	}
 
 	/// The output of a request for block receipts.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodableWrapper, RlpDecodableWrapper)]
 	pub struct Response {
 		/// The block receipts.
 		pub receipts: Vec<Receipt>
@@ -1078,20 +994,6 @@ pub mod block_receipts {
 		/// Fill reusable outputs by providing them to the function.
 		fn fill_outputs<F>(&self, _: F) where F: FnMut(usize, Output) {}
 	}
-
-	impl Decodable for Response {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Response {
-				receipts: rlp.as_list()?,
-			})
-		}
-	}
-
-	impl Encodable for Response {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.append_list(&self.receipts);
-		}
-	}
 }
 
 /// Request and response for a block body
@@ -1102,26 +1004,12 @@ pub mod block_body {
 	use util::H256;
 
 	/// Potentially incomplete block body request.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// Block hash to get receipts for.
 		pub hash: Field<H256>,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				hash: rlp.val_at(0)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(1).append(&self.hash);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -1201,11 +1089,10 @@ pub mod block_body {
 /// A request for an account proof.
 pub mod account {
 	use super::{Field, NoSuchOutput, OutputKind, Output};
-	use rlp::{Encodable, Decodable, DecoderError, RlpStream, UntrustedRlp};
 	use util::{Bytes, U256, H256};
 
 	/// Potentially incomplete request for an account proof.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// Block hash to request state proof for.
 		pub block_hash: Field<H256>,
@@ -1213,23 +1100,6 @@ pub mod account {
 		pub address_hash: Field<H256>,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				block_hash: rlp.val_at(0)?,
-				address_hash: rlp.val_at(1)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(2)
-				.append(&self.block_hash)
-				.append(&self.address_hash);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -1292,7 +1162,7 @@ pub mod account {
 	}
 
 	/// The output of a request for an account state proof.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Response {
 		/// Inclusion/exclusion proof
 		pub proof: Vec<Bytes>,
@@ -1313,39 +1183,15 @@ pub mod account {
 			f(1, Output::Hash(self.storage_root));
 		}
 	}
-
-	impl Decodable for Response {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Response {
-				proof: rlp.list_at(0)?,
-				nonce: rlp.val_at(1)?,
-				balance: rlp.val_at(2)?,
-				code_hash: rlp.val_at(3)?,
-				storage_root: rlp.val_at(4)?
-			})
-		}
-	}
-
-	impl Encodable for Response {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(5)
-				.append_list::<Vec<u8>,_>(&self.proof[..])
-				.append(&self.nonce)
-				.append(&self.balance)
-				.append(&self.code_hash)
-				.append(&self.storage_root);
-		}
-	}
 }
 
 /// A request for a storage proof.
 pub mod storage {
 	use super::{Field, NoSuchOutput, OutputKind, Output};
-	use rlp::{Encodable, Decodable, DecoderError, RlpStream, UntrustedRlp};
 	use util::{Bytes, H256};
 
 	/// Potentially incomplete request for an storage proof.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// Block hash to request state proof for.
 		pub block_hash: Field<H256>,
@@ -1355,25 +1201,6 @@ pub mod storage {
 		pub key_hash: Field<H256>,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				block_hash: rlp.val_at(0)?,
-				address_hash: rlp.val_at(1)?,
-				key_hash: rlp.val_at(2)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(3)
-				.append(&self.block_hash)
-				.append(&self.address_hash)
-				.append(&self.key_hash);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -1450,7 +1277,7 @@ pub mod storage {
 	}
 
 	/// The output of a request for an account state proof.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Response {
 		/// Inclusion/exclusion proof
 		pub proof: Vec<Bytes>,
@@ -1464,33 +1291,15 @@ pub mod storage {
 			f(0, Output::Hash(self.value));
 		}
 	}
-
-	impl Decodable for Response {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Response {
-				proof: rlp.list_at(0)?,
-				value: rlp.val_at(1)?,
-			})
-		}
-	}
-
-	impl Encodable for Response {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(2)
-				.append_list::<Vec<u8>,_>(&self.proof[..])
-				.append(&self.value);
-		}
-	}
 }
 
 /// A request for contract code.
 pub mod contract_code {
 	use super::{Field, NoSuchOutput, OutputKind, Output};
-	use rlp::{Encodable, Decodable, DecoderError, RlpStream, UntrustedRlp};
 	use util::{Bytes, H256};
 
 	/// Potentially incomplete contract code request.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// The block hash to request the state for.
 		pub block_hash: Field<H256>,
@@ -1498,23 +1307,6 @@ pub mod contract_code {
 		pub code_hash: Field<H256>,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				block_hash: rlp.val_at(0)?,
-				code_hash: rlp.val_at(1)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(2)
-				.append(&self.block_hash)
-				.append(&self.code_hash);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
@@ -1573,7 +1365,7 @@ pub mod contract_code {
 	}
 
 	/// The output of a request for
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodableWrapper, RlpDecodableWrapper)]
 	pub struct Response {
 		/// The requested code.
 		pub code: Bytes,
@@ -1583,21 +1375,6 @@ pub mod contract_code {
 		/// Fill reusable outputs by providing them to the function.
 		fn fill_outputs<F>(&self, _: F) where F: FnMut(usize, Output) {}
 	}
-
-	impl Decodable for Response {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-
-			Ok(Response {
-				code: rlp.as_val()?,
-			})
-		}
-	}
-
-	impl Encodable for Response {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.append(&self.code);
-		}
-	}
 }
 
 /// A request for proof of execution.
@@ -1608,7 +1385,7 @@ pub mod execution {
 	use util::{Bytes, Address, U256, H256, DBValue};
 
 	/// Potentially incomplete execution proof request.
-	#[derive(Debug, Clone, PartialEq, Eq)]
+	#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 	pub struct Incomplete {
 		/// The block hash to request the state for.
 		pub block_hash: Field<H256>,
@@ -1626,38 +1403,6 @@ pub mod execution {
 		pub data: Bytes,
 	}
 
-	impl Decodable for Incomplete {
-		fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-			Ok(Incomplete {
-				block_hash: rlp.val_at(0)?,
-				from: rlp.val_at(1)?,
-				action: rlp.val_at(2)?,
-				gas: rlp.val_at(3)?,
-				gas_price: rlp.val_at(4)?,
-				value: rlp.val_at(5)?,
-				data: rlp.val_at(6)?,
-			})
-		}
-	}
-
-	impl Encodable for Incomplete {
-		fn rlp_append(&self, s: &mut RlpStream) {
-			s.begin_list(7)
-				.append(&self.block_hash)
-				.append(&self.from);
-
-			match self.action {
-				Action::Create => s.append_empty_data(),
-				Action::Call(ref addr) => s.append(addr),
-			};
-
-			s.append(&self.gas)
-				.append(&self.gas_price)
-				.append(&self.value)
-				.append(&self.data);
-		}
-	}
-
 	impl super::IncompleteRequest for Incomplete {
 		type Complete = Complete;
 		type Response = Response;
diff --git a/ethcore/src/blockchain/extras.rs b/ethcore/src/blockchain/extras.rs
index ed3a5009b..0e2396f8c 100644
--- a/ethcore/src/blockchain/extras.rs
+++ b/ethcore/src/blockchain/extras.rs
@@ -25,11 +25,9 @@ use engines::epoch::{Transition as EpochTransition};
 use header::BlockNumber;
 use receipt::Receipt;
 
-use rlp::*;
-use util::*;
+use util::{HeapSizeOf, H256, H264, U256};
 use util::kvdb::PREFIX_LEN as DB_PREFIX_LEN;
 
-
 /// Represents index of extra data in database
 #[derive(Copy, Debug, Hash, Eq, PartialEq, Clone)]
 pub enum ExtrasIndex {
@@ -184,7 +182,7 @@ impl Key<EpochTransitions> for u64 {
 }
 
 /// Familial details concerning a block
-#[derive(Debug, Clone)]
+#[derive(Debug, Clone, RlpEncodable, RlpDecodable)]
 pub struct BlockDetails {
 	/// Block number
 	pub number: BlockNumber,
@@ -202,30 +200,8 @@ impl HeapSizeOf for BlockDetails {
 	}
 }
 
-impl Decodable for BlockDetails {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let details = BlockDetails {
-			number: rlp.val_at(0)?,
-			total_difficulty: rlp.val_at(1)?,
-			parent: rlp.val_at(2)?,
-			children: rlp.list_at(3)?,
-		};
-		Ok(details)
-	}
-}
-
-impl Encodable for BlockDetails {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(4);
-		s.append(&self.number);
-		s.append(&self.total_difficulty);
-		s.append(&self.parent);
-		s.append_list(&self.children);
-	}
-}
-
 /// Represents address of certain transaction within block
-#[derive(Debug, PartialEq, Clone)]
+#[derive(Debug, PartialEq, Clone, RlpEncodable, RlpDecodable)]
 pub struct TransactionAddress {
 	/// Block hash
 	pub block_hash: H256,
@@ -237,27 +213,8 @@ impl HeapSizeOf for TransactionAddress {
 	fn heap_size_of_children(&self) -> usize { 0 }
 }
 
-impl Decodable for TransactionAddress {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let tx_address = TransactionAddress {
-			block_hash: rlp.val_at(0)?,
-			index: rlp.val_at(1)?,
-		};
-
-		Ok(tx_address)
-	}
-}
-
-impl Encodable for TransactionAddress {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(2);
-		s.append(&self.block_hash);
-		s.append(&self.index);
-	}
-}
-
 /// Contains all block receipts.
-#[derive(Clone)]
+#[derive(Clone, RlpEncodableWrapper, RlpDecodableWrapper)]
 pub struct BlockReceipts {
 	pub receipts: Vec<Receipt>,
 }
@@ -270,20 +227,6 @@ impl BlockReceipts {
 	}
 }
 
-impl Decodable for BlockReceipts {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(BlockReceipts {
-			receipts: rlp.as_list()?,
-		})
-	}
-}
-
-impl Encodable for BlockReceipts {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.append_list(&self.receipts);
-	}
-}
-
 impl HeapSizeOf for BlockReceipts {
 	fn heap_size_of_children(&self) -> usize {
 		self.receipts.heap_size_of_children()
@@ -291,27 +234,12 @@ impl HeapSizeOf for BlockReceipts {
 }
 
 /// Candidate transitions to an epoch with specific number.
-#[derive(Clone)]
+#[derive(Clone, RlpEncodable, RlpDecodable)]
 pub struct EpochTransitions {
 	pub number: u64,
 	pub candidates: Vec<EpochTransition>,
 }
 
-impl Encodable for EpochTransitions {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(2).append(&self.number).append_list(&self.candidates);
-	}
-}
-
-impl Decodable for EpochTransitions {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(EpochTransitions {
-			number: rlp.val_at(0)?,
-			candidates: rlp.list_at(1)?,
-		})
-	}
-}
-
 #[cfg(test)]
 mod tests {
 	use rlp::*;
diff --git a/ethcore/src/blooms/bloom.rs b/ethcore/src/blooms/bloom.rs
index cac9ff448..c79091cb4 100644
--- a/ethcore/src/blooms/bloom.rs
+++ b/ethcore/src/blooms/bloom.rs
@@ -15,12 +15,11 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use bloomchain as bc;
-use rlp::*;
 use util::HeapSizeOf;
 use basic_types::LogBloom;
 
 /// Helper structure representing bloom of the trace.
-#[derive(Debug, Clone)]
+#[derive(Debug, Clone, RlpEncodableWrapper, RlpDecodableWrapper)]
 pub struct Bloom(LogBloom);
 
 impl From<LogBloom> for Bloom {
@@ -43,18 +42,6 @@ impl Into<bc::Bloom> for Bloom {
 	}
 }
 
-impl Decodable for Bloom {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		LogBloom::decode(rlp).map(Bloom)
-	}
-}
-
-impl Encodable for Bloom {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		Encodable::rlp_append(&self.0, s)
-	}
-}
-
 impl HeapSizeOf for Bloom {
 	fn heap_size_of_children(&self) -> usize {
 		0
diff --git a/ethcore/src/engines/epoch.rs b/ethcore/src/engines/epoch.rs
index f738113cf..586059e83 100644
--- a/ethcore/src/engines/epoch.rs
+++ b/ethcore/src/engines/epoch.rs
@@ -16,14 +16,12 @@
 
 //! Epoch verifiers and transitions.
 
+use util::H256;
 use error::Error;
 use header::Header;
 
-use rlp::{Encodable, Decodable, DecoderError, RlpStream, UntrustedRlp};
-use util::H256;
-
 /// A full epoch transition.
-#[derive(Debug, Clone)]
+#[derive(Debug, Clone, RlpEncodable, RlpDecodable)]
 pub struct Transition {
 	/// Block hash at which the transition occurred.
 	pub block_hash: H256,
@@ -33,46 +31,14 @@ pub struct Transition {
 	pub proof: Vec<u8>,
 }
 
-impl Encodable for Transition {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(3)
-			.append(&self.block_hash)
-			.append(&self.block_number)
-			.append(&self.proof);
-	}
-}
-
-impl Decodable for Transition {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(Transition {
-			block_hash: rlp.val_at(0)?,
-			block_number: rlp.val_at(1)?,
-			proof: rlp.val_at(2)?,
-		})
-	}
-}
-
 /// An epoch transition pending a finality proof.
 /// Not all transitions need one.
+#[derive(RlpEncodableWrapper, RlpDecodableWrapper)]
 pub struct PendingTransition {
 	/// "transition/epoch" proof from the engine.
 	pub proof: Vec<u8>,
 }
 
-impl Encodable for PendingTransition {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.append(&self.proof);
-	}
-}
-
-impl Decodable for PendingTransition {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(PendingTransition {
-			proof: rlp.as_val()?,
-		})
-	}
-}
-
 /// Verifier for all blocks within an epoch with self-contained state.
 ///
 /// See docs on `Engine` relating to proving functions for more details.
diff --git a/ethcore/src/lib.rs b/ethcore/src/lib.rs
index 6c862ecda..15d44626b 100644
--- a/ethcore/src/lib.rs
+++ b/ethcore/src/lib.rs
@@ -101,6 +101,9 @@ extern crate num;
 extern crate price_info;
 extern crate rand;
 extern crate rlp;
+
+#[macro_use]
+extern crate rlp_derive;
 extern crate rustc_hex;
 extern crate semver;
 extern crate stats;
diff --git a/ethcore/src/snapshot/io.rs b/ethcore/src/snapshot/io.rs
index 8cb778117..f28adcf7f 100644
--- a/ethcore/src/snapshot/io.rs
+++ b/ethcore/src/snapshot/io.rs
@@ -27,7 +27,7 @@ use std::path::{Path, PathBuf};
 
 use util::Bytes;
 use util::hash::H256;
-use rlp::{self, Encodable, RlpStream, UntrustedRlp};
+use rlp::{RlpStream, UntrustedRlp};
 
 use super::ManifestData;
 
@@ -49,24 +49,9 @@ pub trait SnapshotWriter {
 }
 
 // (hash, len, offset)
+#[derive(RlpEncodable, RlpDecodable)]
 struct ChunkInfo(H256, u64, u64);
 
-impl Encodable for ChunkInfo {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(3);
-		s.append(&self.0).append(&self.1).append(&self.2);
-	}
-}
-
-impl rlp::Decodable for ChunkInfo {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, rlp::DecoderError> {
-		let hash = rlp.val_at(0)?;
-		let len = rlp.val_at(1)?;
-		let off = rlp.val_at(2)?;
-		Ok(ChunkInfo(hash, len, off))
-	}
-}
-
 /// A packed snapshot writer. This writes snapshots to a single concatenated file.
 ///
 /// The file format is very simple and consists of three parts:
diff --git a/ethcore/src/trace/bloom.rs b/ethcore/src/trace/bloom.rs
index 561a83719..ed34d6505 100644
--- a/ethcore/src/trace/bloom.rs
+++ b/ethcore/src/trace/bloom.rs
@@ -1,10 +1,9 @@
 use bloomchain::Bloom;
 use bloomchain::group::{BloomGroup, GroupPosition};
-use rlp::*;
 use basic_types::LogBloom;
 
 /// Helper structure representing bloom of the trace.
-#[derive(Clone)]
+#[derive(Clone, RlpEncodableWrapper, RlpDecodableWrapper)]
 pub struct BlockTracesBloom(LogBloom);
 
 impl From<LogBloom> for BlockTracesBloom {
@@ -28,7 +27,7 @@ impl Into<Bloom> for BlockTracesBloom {
 }
 
 /// Represents group of X consecutive blooms.
-#[derive(Clone)]
+#[derive(Clone, RlpEncodableWrapper, RlpDecodableWrapper)]
 pub struct BlockTracesBloomGroup {
 	blooms: Vec<BlockTracesBloom>,
 }
@@ -59,34 +58,6 @@ impl Into<BloomGroup> for BlockTracesBloomGroup {
 	}
 }
 
-impl Decodable for BlockTracesBloom {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		LogBloom::decode(rlp).map(BlockTracesBloom)
-	}
-}
-
-impl Encodable for BlockTracesBloom {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		Encodable::rlp_append(&self.0, s)
-	}
-}
-
-impl Decodable for BlockTracesBloomGroup {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let blooms = rlp.as_list()?;
-		let group = BlockTracesBloomGroup {
-			blooms: blooms
-		};
-		Ok(group)
-	}
-}
-
-impl Encodable for BlockTracesBloomGroup {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.append_list(&self.blooms);
-	}
-}
-
 /// Represents `BloomGroup` position in database.
 #[derive(PartialEq, Eq, Hash, Clone, Debug)]
 pub struct TraceGroupPosition {
diff --git a/ethcore/src/trace/types/flat.rs b/ethcore/src/trace/types/flat.rs
index da304694d..8b65f1f4c 100644
--- a/ethcore/src/trace/types/flat.rs
+++ b/ethcore/src/trace/types/flat.rs
@@ -77,7 +77,7 @@ impl Decodable for FlatTrace {
 }
 
 /// Represents all traces produced by a single transaction.
-#[derive(Debug, PartialEq, Clone)]
+#[derive(Debug, PartialEq, Clone, RlpEncodableWrapper, RlpDecodableWrapper)]
 pub struct FlatTransactionTraces(Vec<FlatTrace>);
 
 impl From<Vec<FlatTrace>> for FlatTransactionTraces {
@@ -99,18 +99,6 @@ impl FlatTransactionTraces {
 	}
 }
 
-impl Encodable for FlatTransactionTraces {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.append_list(&self.0);
-	}
-}
-
-impl Decodable for FlatTransactionTraces {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(FlatTransactionTraces(rlp.as_list()?))
-	}
-}
-
 impl Into<Vec<FlatTrace>> for FlatTransactionTraces {
 	fn into(self) -> Vec<FlatTrace> {
 		self.0
@@ -118,7 +106,7 @@ impl Into<Vec<FlatTrace>> for FlatTransactionTraces {
 }
 
 /// Represents all traces produced by transactions in a single block.
-#[derive(Debug, PartialEq, Clone, Default)]
+#[derive(Debug, PartialEq, Clone, Default, RlpEncodableWrapper, RlpDecodableWrapper)]
 pub struct FlatBlockTraces(Vec<FlatTransactionTraces>);
 
 impl HeapSizeOf for FlatBlockTraces {
@@ -140,18 +128,6 @@ impl FlatBlockTraces {
 	}
 }
 
-impl Encodable for FlatBlockTraces {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.append_list(&self.0);
-	}
-}
-
-impl Decodable for FlatBlockTraces {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(FlatBlockTraces(rlp.as_list()?))
-	}
-}
-
 impl Into<Vec<FlatTransactionTraces>> for FlatBlockTraces {
 	fn into(self) -> Vec<FlatTransactionTraces> {
 		self.0
diff --git a/ethcore/src/trace/types/trace.rs b/ethcore/src/trace/types/trace.rs
index 3863a935e..5fa0260c6 100644
--- a/ethcore/src/trace/types/trace.rs
+++ b/ethcore/src/trace/types/trace.rs
@@ -27,7 +27,7 @@ use evm::CallType;
 use super::error::Error;
 
 /// `Call` result.
-#[derive(Debug, Clone, PartialEq, Default)]
+#[derive(Debug, Clone, PartialEq, Default, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 pub struct CallResult {
 	/// Gas used by call.
@@ -36,27 +36,8 @@ pub struct CallResult {
 	pub output: Bytes,
 }
 
-impl Encodable for CallResult {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(2);
-		s.append(&self.gas_used);
-		s.append(&self.output);
-	}
-}
-
-impl Decodable for CallResult {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let res = CallResult {
-			gas_used: rlp.val_at(0)?,
-			output: rlp.val_at(1)?,
-		};
-
-		Ok(res)
-	}
-}
-
 /// `Create` result.
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 pub struct CreateResult {
 	/// Gas used by create.
@@ -67,27 +48,6 @@ pub struct CreateResult {
 	pub address: Address,
 }
 
-impl Encodable for CreateResult {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(3);
-		s.append(&self.gas_used);
-		s.append(&self.code);
-		s.append(&self.address);
-	}
-}
-
-impl Decodable for CreateResult {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let res = CreateResult {
-			gas_used: rlp.val_at(0)?,
-			code: rlp.val_at(1)?,
-			address: rlp.val_at(2)?,
-		};
-
-		Ok(res)
-	}
-}
-
 impl CreateResult {
 	/// Returns bloom.
 	pub fn bloom(&self) -> LogBloom {
@@ -96,7 +56,7 @@ impl CreateResult {
 }
 
 /// Description of a _call_ action, either a `CALL` operation or a message transction.
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 pub struct Call {
 	/// The sending account.
@@ -126,33 +86,6 @@ impl From<ActionParams> for Call {
 	}
 }
 
-impl Encodable for Call {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(6);
-		s.append(&self.from);
-		s.append(&self.to);
-		s.append(&self.value);
-		s.append(&self.gas);
-		s.append(&self.input);
-		s.append(&self.call_type);
-	}
-}
-
-impl Decodable for Call {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let res = Call {
-			from: rlp.val_at(0)?,
-			to: rlp.val_at(1)?,
-			value: rlp.val_at(2)?,
-			gas: rlp.val_at(3)?,
-			input: rlp.val_at(4)?,
-			call_type: rlp.val_at(5)?,
-		};
-
-		Ok(res)
-	}
-}
-
 impl Call {
 	/// Returns call action bloom.
 	/// The bloom contains from and to addresses.
@@ -163,7 +96,7 @@ impl Call {
 }
 
 /// Description of a _create_ action, either a `CREATE` operation or a create transction.
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 pub struct Create {
 	/// The address of the creator.
@@ -187,29 +120,6 @@ impl From<ActionParams> for Create {
 	}
 }
 
-impl Encodable for Create {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(4);
-		s.append(&self.from);
-		s.append(&self.value);
-		s.append(&self.gas);
-		s.append(&self.init);
-	}
-}
-
-impl Decodable for Create {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let res = Create {
-			from: rlp.val_at(0)?,
-			value: rlp.val_at(1)?,
-			gas: rlp.val_at(2)?,
-			init: rlp.val_at(3)?,
-		};
-
-		Ok(res)
-	}
-}
-
 impl Create {
 	/// Returns bloom create action bloom.
 	/// The bloom contains only from address.
@@ -219,7 +129,7 @@ impl Create {
 }
 
 /// Suicide action.
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 pub struct Suicide {
 	/// Suicided address.
@@ -238,28 +148,6 @@ impl Suicide {
 	}
 }
 
-impl Encodable for Suicide {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(3);
-		s.append(&self.address);
-		s.append(&self.refund_address);
-		s.append(&self.balance);
-	}
-}
-
-impl Decodable for Suicide {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let res = Suicide {
-			address: rlp.val_at(0)?,
-			refund_address: rlp.val_at(1)?,
-			balance: rlp.val_at(2)?,
-		};
-
-		Ok(res)
-	}
-}
-
-
 /// Description of an action that we trace; will be either a call or a create.
 #[derive(Debug, Clone, PartialEq)]
 #[cfg_attr(feature = "ipc", binary)]
@@ -394,7 +282,7 @@ impl Res {
 	}
 }
 
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 /// A diff of some chunk of memory.
 pub struct MemoryDiff {
@@ -404,24 +292,7 @@ pub struct MemoryDiff {
 	pub data: Bytes,
 }
 
-impl Encodable for MemoryDiff {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(2);
-		s.append(&self.offset);
-		s.append(&self.data);
-	}
-}
-
-impl Decodable for MemoryDiff {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(MemoryDiff {
-			offset: rlp.val_at(0)?,
-			data: rlp.val_at(1)?,
-		})
-	}
-}
-
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 /// A diff of some storage value.
 pub struct StorageDiff {
@@ -431,24 +302,7 @@ pub struct StorageDiff {
 	pub value: U256,
 }
 
-impl Encodable for StorageDiff {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(2);
-		s.append(&self.location);
-		s.append(&self.value);
-	}
-}
-
-impl Decodable for StorageDiff {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(StorageDiff {
-			location: rlp.val_at(0)?,
-			value: rlp.val_at(1)?,
-		})
-	}
-}
-
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug, Clone, PartialEq, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 /// A record of an executed VM operation.
 pub struct VMExecutedOperation {
@@ -462,28 +316,7 @@ pub struct VMExecutedOperation {
 	pub store_diff: Option<StorageDiff>,
 }
 
-impl Encodable for VMExecutedOperation {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(4);
-		s.append(&self.gas_used);
-		s.append_list(&self.stack_push);
-		s.append(&self.mem_diff);
-		s.append(&self.store_diff);
-	}
-}
-
-impl Decodable for VMExecutedOperation {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(VMExecutedOperation {
-			gas_used: rlp.val_at(0)?,
-			stack_push: rlp.list_at(1)?,
-			mem_diff: rlp.val_at(2)?,
-			store_diff: rlp.val_at(3)?,
-		})
-	}
-}
-
-#[derive(Debug, Clone, PartialEq, Default)]
+#[derive(Debug, Clone, PartialEq, Default, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 /// A record of the execution of a single VM operation.
 pub struct VMOperation {
@@ -497,30 +330,7 @@ pub struct VMOperation {
 	pub executed: Option<VMExecutedOperation>,
 }
 
-impl Encodable for VMOperation {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(4);
-		s.append(&self.pc);
-		s.append(&self.instruction);
-		s.append(&self.gas_cost);
-		s.append(&self.executed);
-	}
-}
-
-impl Decodable for VMOperation {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let res = VMOperation {
-			pc: rlp.val_at(0)?,
-			instruction: rlp.val_at(1)?,
-			gas_cost: rlp.val_at(2)?,
-			executed: rlp.val_at(3)?,
-		};
-
-		Ok(res)
-	}
-}
-
-#[derive(Debug, Clone, PartialEq, Default)]
+#[derive(Debug, Clone, PartialEq, Default, RlpEncodable, RlpDecodable)]
 #[cfg_attr(feature = "ipc", binary)]
 /// A record of a full VM trace for a CALL/CREATE.
 pub struct VMTrace {
@@ -534,26 +344,3 @@ pub struct VMTrace {
 	/// Thre is a 1:1 correspondance between these and a CALL/CREATE/CALLCODE/DELEGATECALL instruction.
 	pub subs: Vec<VMTrace>,
 }
-
-impl Encodable for VMTrace {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(4);
-		s.append(&self.parent_step);
-		s.append(&self.code);
-		s.append_list(&self.operations);
-		s.append_list(&self.subs);
-	}
-}
-
-impl Decodable for VMTrace {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let res = VMTrace {
-			parent_step: rlp.val_at(0)?,
-			code: rlp.val_at(1)?,
-			operations: rlp.list_at(2)?,
-			subs: rlp.list_at(3)?,
-		};
-
-		Ok(res)
-	}
-}
diff --git a/ethcore/src/transaction.rs b/ethcore/src/transaction.rs
index 6f5470028..2752cc6dd 100644
--- a/ethcore/src/transaction.rs
+++ b/ethcore/src/transaction.rs
@@ -56,6 +56,15 @@ impl Decodable for Action {
 	}
 }
 
+impl Encodable for Action {
+	fn rlp_append(&self, s: &mut RlpStream) {
+		match *self {
+			Action::Create => s.append_internal(&""),
+			Action::Call(ref addr) => s.append_internal(addr),
+		};
+	}
+}
+
 /// Transaction activation condition.
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub enum Condition {
@@ -90,10 +99,7 @@ impl Transaction {
 		s.append(&self.nonce);
 		s.append(&self.gas_price);
 		s.append(&self.gas);
-		match self.action {
-			Action::Create => s.append_empty_data(),
-			Action::Call(ref to) => s.append(to)
-		};
+		s.append(&self.action);
 		s.append(&self.value);
 		s.append(&self.data);
 		if let Some(n) = network_id {
@@ -308,10 +314,7 @@ impl UnverifiedTransaction {
 		s.append(&self.nonce);
 		s.append(&self.gas_price);
 		s.append(&self.gas);
-		match self.action {
-			Action::Create => s.append_empty_data(),
-			Action::Call(ref to) => s.append(to)
-		};
+		s.append(&self.action);
 		s.append(&self.value);
 		s.append(&self.data);
 		s.append(&self.v);
diff --git a/ethcore/types/Cargo.toml b/ethcore/types/Cargo.toml
index 77f392bf6..82963f960 100644
--- a/ethcore/types/Cargo.toml
+++ b/ethcore/types/Cargo.toml
@@ -6,6 +6,7 @@ authors = ["Parity Technologies <admin@parity.io>"]
 
 [dependencies]
 rlp = { path = "../../util/rlp" }
+rlp_derive = { path = "../../util/rlp_derive" }
 ethcore-util = { path = "../../util" }
 ethjson = { path = "../../json" }
 bloomable = { path = "../../util/bloomable" }
diff --git a/ethcore/types/src/basic_account.rs b/ethcore/types/src/basic_account.rs
index c071040cf..f30872f6b 100644
--- a/ethcore/types/src/basic_account.rs
+++ b/ethcore/types/src/basic_account.rs
@@ -16,11 +16,10 @@
 
 //! Basic account type -- the decoded RLP from the state trie.
 
-use rlp::*;
 use util::{U256, H256};
 
 /// Basic account type.
-#[derive(Debug, Clone, PartialEq, Eq)]
+#[derive(Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 pub struct BasicAccount {
 	/// Nonce of the account.
 	pub nonce: U256,
@@ -31,24 +30,3 @@ pub struct BasicAccount {
 	/// Code hash of the account.
 	pub code_hash: H256,
 }
-
-impl Encodable for BasicAccount {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(4)
-			.append(&self.nonce)
-			.append(&self.balance)
-			.append(&self.storage_root)
-			.append(&self.code_hash);
-	}
-}
-
-impl Decodable for BasicAccount {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		Ok(BasicAccount {
-			nonce: rlp.val_at(0)?,
-			balance: rlp.val_at(1)?,
-			storage_root: rlp.val_at(2)?,
-			code_hash: rlp.val_at(3)?,
-		})
-	}
-}
diff --git a/ethcore/types/src/lib.rs b/ethcore/types/src/lib.rs
index 7650cf651..10a4ac71e 100644
--- a/ethcore/types/src/lib.rs
+++ b/ethcore/types/src/lib.rs
@@ -19,6 +19,8 @@
 extern crate ethcore_util as util;
 extern crate ethjson;
 extern crate rlp;
+#[macro_use]
+extern crate rlp_derive;
 extern crate bloomable;
 
 #[cfg(test)]
diff --git a/ethcore/types/src/log_entry.rs b/ethcore/types/src/log_entry.rs
index f917a4dab..152b48a0e 100644
--- a/ethcore/types/src/log_entry.rs
+++ b/ethcore/types/src/log_entry.rs
@@ -19,7 +19,6 @@
 use std::ops::Deref;
 use util::{H256, Address, Bytes, HeapSizeOf, Hashable};
 use bloomable::Bloomable;
-use rlp::*;
 
 use {BlockNumber};
 use ethjson;
@@ -27,7 +26,7 @@ use ethjson;
 pub type LogBloom = ::util::H2048;
 
 /// A record of execution for a `LOG` operation.
-#[derive(Default, Debug, Clone, PartialEq, Eq)]
+#[derive(Default, Debug, Clone, PartialEq, Eq, RlpEncodable, RlpDecodable)]
 pub struct LogEntry {
 	/// The address of the contract executing at the point of the `LOG` operation.
 	pub address: Address,
@@ -37,26 +36,6 @@ pub struct LogEntry {
 	pub data: Bytes,
 }
 
-impl Encodable for LogEntry {
-	fn rlp_append(&self, s: &mut RlpStream) {
-		s.begin_list(3);
-		s.append(&self.address);
-		s.append_list(&self.topics);
-		s.append(&self.data);
-	}
-}
-
-impl Decodable for LogEntry {
-	fn decode(rlp: &UntrustedRlp) -> Result<Self, DecoderError> {
-		let entry = LogEntry {
-			address: rlp.val_at(0)?,
-			topics: rlp.list_at(1)?,
-			data: rlp.val_at(2)?,
-		};
-		Ok(entry)
-	}
-}
-
 impl HeapSizeOf for LogEntry {
 	fn heap_size_of_children(&self) -> usize {
 		self.topics.heap_size_of_children() + self.data.heap_size_of_children()
diff --git a/util/rlp_derive/Cargo.toml b/util/rlp_derive/Cargo.toml
new file mode 100644
index 000000000..81e50cd44
--- /dev/null
+++ b/util/rlp_derive/Cargo.toml
@@ -0,0 +1,15 @@
+[package]
+name = "rlp_derive"
+version = "0.1.0"
+authors = ["debris <marek.kotewicz@gmail.com>"]
+
+[lib]
+name = "rlp_derive"
+proc-macro = true
+
+[dependencies]
+syn = "0.11.11"
+quote = "0.3.15"
+
+[dev-dependencies]
+rlp = { path = "../rlp" }
diff --git a/util/rlp_derive/src/de.rs b/util/rlp_derive/src/de.rs
new file mode 100644
index 000000000..a3e32739a
--- /dev/null
+++ b/util/rlp_derive/src/de.rs
@@ -0,0 +1,139 @@
+use {syn, quote};
+
+struct ParseQuotes {
+	single: quote::Tokens,
+	list: quote::Tokens,
+	takes_index: bool,
+}
+
+fn decodable_parse_quotes() -> ParseQuotes {
+	ParseQuotes {
+		single: quote! { rlp.val_at },
+		list: quote! { rlp.list_at },
+		takes_index: true,
+	}
+}
+
+fn decodable_wrapper_parse_quotes() -> ParseQuotes {
+	ParseQuotes {
+		single: quote! { rlp.as_val },
+		list: quote! { rlp.as_list },
+		takes_index: false,
+	}
+}
+
+pub fn impl_decodable(ast: &syn::DeriveInput) -> quote::Tokens {
+	let body = match ast.body {
+		syn::Body::Struct(ref s) => s,
+		_ => panic!("#[derive(RlpDecodable)] is only defined for structs."),
+	};
+
+	let stmts: Vec<_> = match *body {
+		syn::VariantData::Struct(ref fields) | syn::VariantData::Tuple(ref fields) =>
+			fields.iter().enumerate().map(decodable_field_map).collect(),
+		syn::VariantData::Unit => panic!("#[derive(RlpDecodable)] is not defined for Unit structs."),
+	};
+
+	let name = &ast.ident;
+
+	let dummy_const = syn::Ident::new(format!("_IMPL_RLP_DECODABLE_FOR_{}", name));
+	let impl_block = quote! {
+		impl rlp::Decodable for #name {
+			fn decode(rlp: &rlp::UntrustedRlp) -> Result<Self, rlp::DecoderError> {
+				let result = #name {
+					#(#stmts)*
+				};
+
+				Ok(result)
+			}
+		}
+	};
+
+	quote! {
+		#[allow(non_upper_case_globals, unused_attributes, unused_qualifications)]
+		const #dummy_const: () = {
+			extern crate rlp;
+			#impl_block
+		};
+	}
+}
+
+pub fn impl_decodable_wrapper(ast: &syn::DeriveInput) -> quote::Tokens {
+	let body = match ast.body {
+		syn::Body::Struct(ref s) => s,
+		_ => panic!("#[derive(RlpDecodableWrapper)] is only defined for structs."),
+	};
+
+	let stmt = match *body {
+		syn::VariantData::Struct(ref fields) | syn::VariantData::Tuple(ref fields) => {
+			if fields.len() == 1 {
+				let field = fields.first().expect("fields.len() == 1; qed");
+				decodable_field(0, field, decodable_wrapper_parse_quotes())
+			} else {
+				panic!("#[derive(RlpDecodableWrapper)] is only defined for structs with one field.")
+			}
+		},
+		syn::VariantData::Unit => panic!("#[derive(RlpDecodableWrapper)] is not defined for Unit structs."),
+	};
+
+	let name = &ast.ident;
+
+	let dummy_const = syn::Ident::new(format!("_IMPL_RLP_DECODABLE_FOR_{}", name));
+	let impl_block = quote! {
+		impl rlp::Decodable for #name {
+			fn decode(rlp: &rlp::UntrustedRlp) -> Result<Self, rlp::DecoderError> {
+				let result = #name {
+					#stmt
+				};
+
+				Ok(result)
+			}
+		}
+	};
+
+	quote! {
+		#[allow(non_upper_case_globals, unused_attributes, unused_qualifications)]
+		const #dummy_const: () = {
+			extern crate rlp;
+			#impl_block
+		};
+	}
+}
+
+fn decodable_field_map(tuple: (usize, &syn::Field)) -> quote::Tokens {
+	decodable_field(tuple.0, tuple.1, decodable_parse_quotes())
+}
+
+fn decodable_field(index: usize, field: &syn::Field, quotes: ParseQuotes) -> quote::Tokens {
+	let ident = match field.ident {
+		Some(ref ident) => ident.to_string(),
+		None => index.to_string(),
+	};
+
+	let id = syn::Ident::new(ident);
+	let index = syn::Ident::new(index.to_string());
+
+	let single = quotes.single;
+	let list = quotes.list;
+
+	match field.ty {
+		syn::Ty::Path(_, ref path) => {
+			let ident = &path.segments.first().expect("there must be at least 1 segment").ident;
+			if &ident.to_string() == "Vec" {
+				if quotes.takes_index {
+					quote! { #id: #list(#index)?, }
+				} else {
+					quote! { #id: #list()?, }
+				}
+			} else {
+				if quotes.takes_index {
+					quote! { #id: #single(#index)?, }
+				} else {
+					quote! { #id: #single()?, }
+				}
+			}
+		},
+		_ => panic!("rlp_derive not supported"),
+	}
+}
+
diff --git a/util/rlp_derive/src/en.rs b/util/rlp_derive/src/en.rs
new file mode 100644
index 000000000..77f361200
--- /dev/null
+++ b/util/rlp_derive/src/en.rs
@@ -0,0 +1,110 @@
+use {syn, quote};
+
+pub fn impl_encodable(ast: &syn::DeriveInput) -> quote::Tokens {
+	let body = match ast.body {
+		syn::Body::Struct(ref s) => s,
+		_ => panic!("#[derive(RlpEncodable)] is only defined for structs."),
+	};
+
+	let stmts: Vec<_> = match *body {
+		syn::VariantData::Struct(ref fields) | syn::VariantData::Tuple(ref fields) =>
+			fields.iter().enumerate().map(encodable_field_map).collect(),
+		syn::VariantData::Unit => panic!("#[derive(RlpEncodable)] is not defined for Unit structs."),
+	};
+
+	let name = &ast.ident;
+
+	let stmts_len = syn::Ident::new(stmts.len().to_string());
+	let dummy_const = syn::Ident::new(format!("_IMPL_RLP_ENCODABLE_FOR_{}", name));
+	let impl_block = quote! {
+		impl rlp::Encodable for #name {
+			fn rlp_append(&self, stream: &mut rlp::RlpStream) {
+				stream.begin_list(#stmts_len);
+				#(#stmts)*
+			}
+		}
+	};
+
+	quote! {
+		#[allow(non_upper_case_globals, unused_attributes, unused_qualifications)]
+		const #dummy_const: () = {
+			extern crate rlp;
+			#impl_block
+		};
+	}
+}
+
+pub fn impl_encodable_wrapper(ast: &syn::DeriveInput) -> quote::Tokens {
+	let body = match ast.body {
+		syn::Body::Struct(ref s) => s,
+		_ => panic!("#[derive(RlpEncodableWrapper)] is only defined for structs."),
+	};
+
+	let stmt = match *body {
+		syn::VariantData::Struct(ref fields) | syn::VariantData::Tuple(ref fields) => {
+			if fields.len() == 1 {
+				let field = fields.first().expect("fields.len() == 1; qed");
+				encodable_field(0, field)
+			} else {
+				panic!("#[derive(RlpEncodableWrapper)] is only defined for structs with one field.")
+			}
+		},
+		syn::VariantData::Unit => panic!("#[derive(RlpEncodableWrapper)] is not defined for Unit structs."),
+	};
+
+	let name = &ast.ident;
+
+	let dummy_const = syn::Ident::new(format!("_IMPL_RLP_ENCODABLE_FOR_{}", name));
+	let impl_block = quote! {
+		impl rlp::Encodable for #name {
+			fn rlp_append(&self, stream: &mut rlp::RlpStream) {
+				#stmt
+			}
+		}
+	};
+
+	quote! {
+		#[allow(non_upper_case_globals, unused_attributes, unused_qualifications)]
+		const #dummy_const: () = {
+			extern crate rlp;
+			#impl_block
+		};
+	}
+}
+
+fn encodable_field_map(tuple: (usize, &syn::Field)) -> quote::Tokens {
+	encodable_field(tuple.0, tuple.1)
+}
+
+fn encodable_field(index: usize, field: &syn::Field) -> quote::Tokens {
+	let ident = match field.ident {
+		Some(ref ident) => ident.to_string(),
+		None => index.to_string(),
+	};
+
+	let id = syn::Ident::new(format!("self.{}", ident));
+
+	match field.ty {
+		syn::Ty::Path(_, ref path) => {
+			let top_segment = path.segments.first().expect("there must be at least 1 segment");
+			let ident = &top_segment.ident;
+			if &ident.to_string() == "Vec" {
+				let inner_ident = match top_segment.parameters {
+					syn::PathParameters::AngleBracketed(ref angle) => {
+						let ty = angle.types.first().expect("Vec has only one angle bracketed type; qed");
+						match *ty {
+							syn::Ty::Path(_, ref path) => &path.segments.first().expect("there must be at least 1 segment").ident,
+							_ => panic!("rlp_derive not supported"),
+						}
+					},
+					_ => unreachable!("Vec has only one angle bracketed type; qed"),
+				};
+				quote! { stream.append_list::<#inner_ident, _>(&#id); }
+			} else {
+				quote! { stream.append(&#id); }
+			}
+		},
+		_ => panic!("rlp_derive not supported"),
+	}
+}
+
diff --git a/util/rlp_derive/src/lib.rs b/util/rlp_derive/src/lib.rs
new file mode 100644
index 000000000..9c598d08e
--- /dev/null
+++ b/util/rlp_derive/src/lib.rs
@@ -0,0 +1,43 @@
+extern crate proc_macro;
+extern crate syn;
+#[macro_use]
+extern crate quote;
+
+mod en;
+mod de;
+
+use proc_macro::TokenStream;
+use en::{impl_encodable, impl_encodable_wrapper};
+use de::{impl_decodable, impl_decodable_wrapper};
+
+#[proc_macro_derive(RlpEncodable)]
+pub fn encodable(input: TokenStream) -> TokenStream {
+	let s = input.to_string();
+	let ast = syn::parse_derive_input(&s).unwrap();
+	let gen = impl_encodable(&ast);
+	gen.parse().unwrap()
+}
+
+#[proc_macro_derive(RlpEncodableWrapper)]
+pub fn encodable_wrapper(input: TokenStream) -> TokenStream {
+	let s = input.to_string();
+	let ast = syn::parse_derive_input(&s).unwrap();
+	let gen = impl_encodable_wrapper(&ast);
+	gen.parse().unwrap()
+}
+
+#[proc_macro_derive(RlpDecodable)]
+pub fn decodable(input: TokenStream) -> TokenStream {
+	let s = input.to_string();
+	let ast = syn::parse_derive_input(&s).unwrap();
+	let gen = impl_decodable(&ast);
+	gen.parse().unwrap()
+}
+
+#[proc_macro_derive(RlpDecodableWrapper)]
+pub fn decodable_wrapper(input: TokenStream) -> TokenStream {
+	let s = input.to_string();
+	let ast = syn::parse_derive_input(&s).unwrap();
+	let gen = impl_decodable_wrapper(&ast);
+	gen.parse().unwrap()
+}
diff --git a/util/rlp_derive/tests/rlp.rs b/util/rlp_derive/tests/rlp.rs
new file mode 100644
index 000000000..c87380524
--- /dev/null
+++ b/util/rlp_derive/tests/rlp.rs
@@ -0,0 +1,44 @@
+extern crate rlp;
+#[macro_use]
+extern crate rlp_derive;
+
+use rlp::{encode, decode};
+
+#[derive(Debug, PartialEq, RlpEncodable, RlpDecodable)]
+struct Foo {
+	a: String,
+}
+
+#[derive(Debug, PartialEq, RlpEncodableWrapper, RlpDecodableWrapper)]
+struct FooWrapper {
+	a: String,
+}
+
+#[test]
+fn test_encode_foo() {
+	let foo = Foo {
+		a: "cat".into(),
+	};
+
+	let expected = vec![0xc4, 0x83, b'c', b'a', b't'];
+	let out = encode(&foo).into_vec();
+	assert_eq!(out, expected);
+
+	let decoded = decode(&expected);
+	assert_eq!(foo, decoded);
+}
+
+#[test]
+fn test_encode_foo_wrapper() {
+	let foo = FooWrapper {
+		a: "cat".into(),
+	};
+
+	let expected = vec![0x83, b'c', b'a', b't'];
+	let out = encode(&foo).into_vec();
+	assert_eq!(out, expected);
+
+	let decoded = decode(&expected);
+	assert_eq!(foo, decoded);
+}
+

From 9e4c122cf3e918f5f1ce6b9ab63f727bd324db40 Mon Sep 17 00:00:00 2001
From: Nikolay Volf <nikvolf@gmail.com>
Date: Sun, 20 Aug 2017 07:02:59 +0300
Subject: [PATCH 081/112] WASM math test (#6305)

* wasm tests initial

* fix bug in bitswap
---
 ethcore/res/wasm-tests      |  2 +-
 ethcore/wasm/src/env.rs     | 16 ++++++++-
 ethcore/wasm/src/lib.rs     | 22 ++----------
 ethcore/wasm/src/runtime.rs | 67 +++++++++++++++++++++++++++++++++----
 ethcore/wasm/src/tests.rs   | 34 +++++++++++++++++++
 5 files changed, 114 insertions(+), 27 deletions(-)

diff --git a/ethcore/res/wasm-tests b/ethcore/res/wasm-tests
index 330f748b1..85e76c5ea 160000
--- a/ethcore/res/wasm-tests
+++ b/ethcore/res/wasm-tests
@@ -1 +1 @@
-Subproject commit 330f748b1eece451f460224b48d515489dd86f5c
+Subproject commit 85e76c5ea2a54c6c54e35014643b5080a50460c5
diff --git a/ethcore/wasm/src/env.rs b/ethcore/wasm/src/env.rs
index 7a21ca70d..777016a1b 100644
--- a/ethcore/wasm/src/env.rs
+++ b/ethcore/wasm/src/env.rs
@@ -17,8 +17,9 @@
 //! Wasm env module bindings
 
 use parity_wasm::elements::ValueType::*;
-use parity_wasm::interpreter::UserFunctionDescriptor;
+use parity_wasm::interpreter::{self, UserFunctionDescriptor};
 use parity_wasm::interpreter::UserFunctionDescriptor::*;
+use super::runtime::Runtime;
 
 pub const SIGNATURES: &'static [UserFunctionDescriptor] = &[
 	Static(
@@ -93,4 +94,17 @@ pub const SIGNATURES: &'static [UserFunctionDescriptor] = &[
 		&[I32; 0],
 		None
 	),
+
+	Static(
+		"_llvm_bswap_i64",
+		&[I32; 2],
+		Some(I32)
+	),
 ];
+
+pub fn native_bindings<'a>(runtime: &'a mut Runtime) -> interpreter::UserFunctions<'a> {
+	interpreter::UserFunctions {
+		executor: runtime,
+		functions: ::std::borrow::Cow::from(SIGNATURES),
+	}
+}
\ No newline at end of file
diff --git a/ethcore/wasm/src/lib.rs b/ethcore/wasm/src/lib.rs
index ec6e67405..3fec0f781 100644
--- a/ethcore/wasm/src/lib.rs
+++ b/ethcore/wasm/src/lib.rs
@@ -32,8 +32,6 @@ mod result;
 mod tests;
 mod env;
 
-use std::sync::Arc;
-
 const DEFAULT_STACK_SPACE: u32 = 5 * 1024 * 1024;
 
 use parity_wasm::{interpreter, elements};
@@ -89,6 +87,7 @@ impl vm::Vm for WasmInterpreter {
 			DEFAULT_STACK_SPACE,
 			params.gas.low_u64(),
 			RuntimeContext::new(params.address, params.sender),
+			&self.program,
 		);
 
 		let mut cursor = ::std::io::Cursor::new(&*code);
@@ -112,16 +111,8 @@ impl vm::Vm for WasmInterpreter {
 		)?;
 
 		{
-			let execution_params = interpreter::ExecutionParams::with_external(
-				"env".into(),
-				Arc::new(
-					interpreter::env_native_module(env_instance, native_bindings(&mut runtime))
-						.map_err(|err| {
-							// todo: prefer explicit panic here also?
-							vm::Error::Wasm(format!("Error instantiating native bindings: {:?}", err))
-						})?
-				)
-			).add_argument(interpreter::RuntimeValue::I32(d_ptr.as_raw() as i32));
+			let execution_params = runtime.execution_params()
+				.add_argument(interpreter::RuntimeValue::I32(d_ptr.as_raw() as i32));
 
 			let module_instance = self.program.add_module("contract", contract_module, Some(&execution_params.externals))
 				.map_err(|err| {
@@ -158,13 +149,6 @@ impl vm::Vm for WasmInterpreter {
 	}
 }
 
-fn native_bindings<'a>(runtime: &'a mut Runtime) -> interpreter::UserFunctions<'a> {
-	interpreter::UserFunctions {
-		executor: runtime,
-		functions: ::std::borrow::Cow::from(env::SIGNATURES),
-	}
-}
-
 impl From<runtime::Error> for vm::Error {
 	fn from(err: runtime::Error) -> vm::Error {
 		vm::Error::Wasm(format!("WASM runtime-error: {:?}", err))
diff --git a/ethcore/wasm/src/runtime.rs b/ethcore/wasm/src/runtime.rs
index a983c954f..e1def857e 100644
--- a/ethcore/wasm/src/runtime.rs
+++ b/ethcore/wasm/src/runtime.rs
@@ -72,24 +72,26 @@ impl RuntimeContext {
 }
 
 /// Runtime enviroment data for wasm contract execution
-pub struct Runtime<'a> {
+pub struct Runtime<'a, 'b> {
 	gas_counter: u64,
 	gas_limit: u64,
 	dynamic_top: u32,
 	ext: &'a mut vm::Ext,
 	memory: Arc<interpreter::MemoryInstance>,
 	context: RuntimeContext,
+	instance: &'b interpreter::ProgramInstance,
 }
 
-impl<'a> Runtime<'a> {
+impl<'a, 'b> Runtime<'a, 'b> {
 	/// New runtime for wasm contract with specified params
-	pub fn with_params<'b>(
-		ext: &'b mut vm::Ext,
+	pub fn with_params<'c, 'd>(
+		ext: &'c mut vm::Ext,
 		memory: Arc<interpreter::MemoryInstance>,
 		stack_space: u32,
 		gas_limit: u64,
 		context: RuntimeContext,
-	) -> Runtime<'b> {
+		program_instance: &'d interpreter::ProgramInstance,
+	) -> Runtime<'c, 'd> {
 		Runtime {
 			gas_counter: 0,
 			gas_limit: gas_limit,
@@ -97,6 +99,7 @@ impl<'a> Runtime<'a> {
 			memory: memory,
 			ext: ext,
 			context: context,
+			instance: program_instance,
 		}
 	}
 
@@ -449,9 +452,58 @@ impl<'a> Runtime<'a> {
 
 		Ok(Some(0i32.into()))
 	}
+
+	fn bswap_32(x: u32) -> u32 {
+		x >> 24 | x >> 8 & 0xff00 | x << 8 & 0xff0000 | x << 24
+	}
+
+	fn bitswap_i64(&mut self, context: interpreter::CallerContext)
+		-> Result<Option<interpreter::RuntimeValue>, interpreter::Error>
+	{
+		let x1 = context.value_stack.pop_as::<i32>()?;
+		let x2 = context.value_stack.pop_as::<i32>()?;
+
+		let result = ((Runtime::bswap_32(x2 as u32) as u64) << 32
+			| Runtime::bswap_32(x1 as u32) as u64) as i64;
+
+		self.return_i64(result)
+	}
+
+	fn return_i64(&mut self, val: i64) -> Result<Option<interpreter::RuntimeValue>, interpreter::Error> {
+		let uval = val as u64;
+		let hi = (uval >> 32) as i32;
+		let lo = (uval << 32 >> 32) as i32;
+
+		let target = self.instance.module("contract")
+			.ok_or(interpreter::Error::Trap("Error locating main execution entry".to_owned()))?;
+		target.execute_export(
+			"setTempRet0",
+			self.execution_params().add_argument(
+				interpreter::RuntimeValue::I32(hi).into()
+			),
+		)?;
+		Ok(Some(
+			(lo).into()
+		))
+	}
+
+	pub fn execution_params(&mut self) -> interpreter::ExecutionParams {
+		use super::env;
+
+		let env_instance = self.instance.module("env")
+			.expect("Env module always exists; qed");
+
+		interpreter::ExecutionParams::with_external(
+			"env".into(),
+			Arc::new(
+				interpreter::env_native_module(env_instance, env::native_bindings(self))
+					.expect("Env module always exists; qed")
+			)
+		)
+	}
 }
 
-impl<'a> interpreter::UserFunctionExecutor for Runtime<'a> {
+impl<'a, 'b> interpreter::UserFunctionExecutor for Runtime<'a, 'b> {
 	fn execute(&mut self, name: &str, context: interpreter::CallerContext)
 		-> Result<Option<interpreter::RuntimeValue>, interpreter::Error>
 	{
@@ -494,6 +546,9 @@ impl<'a> interpreter::UserFunctionExecutor for Runtime<'a> {
 			"_emscripten_memcpy_big" => {
 				self.mem_copy(context)
 			},
+			"_llvm_bswap_i64" => {
+				self.bitswap_i64(context)
+			},
 			_ => {
 				trace!(target: "wasm", "Trapped due to unhandled function: '{}'", name);
 				self.user_trap(context)
diff --git a/ethcore/wasm/src/tests.rs b/ethcore/wasm/src/tests.rs
index 207c9910c..df01b8df6 100644
--- a/ethcore/wasm/src/tests.rs
+++ b/ethcore/wasm/src/tests.rs
@@ -414,3 +414,37 @@ fn storage_read() {
 	assert_eq!(gas_left, U256::from(99682));
 	assert_eq!(Address::from(&result[12..32]), address);
 }
+
+
+// Tests that contract's ability to read from a storage
+// Test prepopulates address into storage, than executes a contract which read that address from storage and write this address into result
+#[test]
+fn math_add() {
+	::ethcore_logger::init_log();
+	let code = load_sample!("math.wasm");
+
+	let mut params = ActionParams::default();
+	params.gas = U256::from(100_000);
+	params.code = Some(Arc::new(code));
+
+	let mut args = [0u8; 64];
+	let arg_a = U256::from_dec_str("999999999999999999999999999999").unwrap();
+	let arg_b = U256::from_dec_str("888888888888888888888888888888").unwrap();
+	arg_a.to_big_endian(&mut args[0..32]);
+	arg_b.to_big_endian(&mut args[32..64]);
+	params.data = Some(args.to_vec());
+
+	let (gas_left, result) = {
+		let mut interpreter = wasm_interpreter();
+		let result = interpreter.exec(params, &mut FakeExt::new()).expect("Interpreter to execute without any errors");
+		match result {
+				GasLeft::Known(_) => { panic!("storage_read should return payload"); },
+				GasLeft::NeedsReturn { gas_left: gas, data: result, apply_state: _apply } => (gas, result.to_vec()),
+		}
+	};
+
+	let sum: U256 = (&result[..]).into();
+
+	assert_eq!(gas_left, U256::from(96284));
+	assert_eq!(sum, U256::from_dec_str("1888888888888888888888888888887").unwrap());
+}

From 4ccc82be921563056b37127997b8ca98dc25bc3e Mon Sep 17 00:00:00 2001
From: cdetrio <cdetrio@gmail.com>
Date: Sun, 20 Aug 2017 00:03:47 -0400
Subject: [PATCH 082/112] fix panic in parity-evm json tracer (#6338)

---
 evmbin/src/display/json.rs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/evmbin/src/display/json.rs b/evmbin/src/display/json.rs
index f2621121e..e259eec7a 100644
--- a/evmbin/src/display/json.rs
+++ b/evmbin/src/display/json.rs
@@ -116,6 +116,9 @@ impl trace::VMTracer for Informant {
 		self.stack.extend_from_slice(stack_push);
 
 		if let Some((pos, data)) = mem_diff {
+			if self.memory.len() < (pos + data.len()) {
+				self.memory.resize(pos + data.len(), 0);
+			}
 			self.memory[pos..pos + data.len()].copy_from_slice(data);
 		}
 

From f79159a69c6e47563ca5423372c23078110898ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Sun, 20 Aug 2017 06:13:00 +0200
Subject: [PATCH 083/112] Improve some RPC error messages. (#6311)

---
 rpc/src/v1/impls/eth_pubsub.rs   | 18 ++++++++++++++----
 rpc/src/v1/types/block.rs        |  2 +-
 rpc/src/v1/types/block_number.rs |  8 ++++++--
 rpc/src/v1/types/bytes.rs        |  4 ++--
 rpc/src/v1/types/derivation.rs   |  2 +-
 rpc/src/v1/types/filter.rs       |  2 +-
 rpc/src/v1/types/index.rs        |  8 ++++++--
 rpc/src/v1/types/pubsub.rs       |  2 +-
 8 files changed, 32 insertions(+), 14 deletions(-)

diff --git a/rpc/src/v1/impls/eth_pubsub.rs b/rpc/src/v1/impls/eth_pubsub.rs
index 6ba88be21..f918a44ea 100644
--- a/rpc/src/v1/impls/eth_pubsub.rs
+++ b/rpc/src/v1/impls/eth_pubsub.rs
@@ -245,17 +245,27 @@ impl<C: Send + Sync + 'static> EthPubSub for EthPubSubClient<C> {
 		kind: pubsub::Kind,
 		params: Trailing<pubsub::Params>,
 	) {
-		match (kind, params.into()) {
+		let error = match (kind, params.into()) {
 			(pubsub::Kind::NewHeads, None) => {
-				self.heads_subscribers.write().push(subscriber)
+				self.heads_subscribers.write().push(subscriber);
+				return;
 			},
 			(pubsub::Kind::Logs, Some(pubsub::Params::Logs(filter))) => {
 				self.logs_subscribers.write().push(subscriber, filter.into());
+				return;
+			},
+			(pubsub::Kind::NewHeads, _) => {
+				errors::invalid_params("newHeads", "Expected no parameters.")
+			},
+			(pubsub::Kind::Logs, _) => {
+				errors::invalid_params("logs", "Expected a filter object.")
 			},
 			_ => {
-				let _ = subscriber.reject(errors::unimplemented(None));
+				errors::unimplemented(None)
 			},
-		}
+		};
+
+		let _ = subscriber.reject(error);
 	}
 
 	fn unsubscribe(&self, id: SubscriptionId) -> BoxFuture<bool, Error> {
diff --git a/rpc/src/v1/types/block.rs b/rpc/src/v1/types/block.rs
index 525d2c090..5a56f962d 100644
--- a/rpc/src/v1/types/block.rs
+++ b/rpc/src/v1/types/block.rs
@@ -214,7 +214,7 @@ impl<T: Serialize> Serialize for Rich<T> {
 			// and serialize
 			value.serialize(serializer)
 		} else {
-			Err(S::Error::custom("Unserializable structures."))
+			Err(S::Error::custom("Unserializable structures: expected objects"))
 		}
 	}
 }
diff --git a/rpc/src/v1/types/block_number.rs b/rpc/src/v1/types/block_number.rs
index 8f3f09f51..334bf360d 100644
--- a/rpc/src/v1/types/block_number.rs
+++ b/rpc/src/v1/types/block_number.rs
@@ -79,8 +79,12 @@ impl<'a> Visitor<'a> for BlockNumberVisitor {
 			"latest" => Ok(BlockNumber::Latest),
 			"earliest" => Ok(BlockNumber::Earliest),
 			"pending" => Ok(BlockNumber::Pending),
-			_ if value.starts_with("0x") => u64::from_str_radix(&value[2..], 16).map(BlockNumber::Num).map_err(|_| Error::custom("invalid block number")),
-			_ => value.parse::<u64>().map(BlockNumber::Num).map_err(|_| Error::custom("invalid block number"))
+			_ if value.starts_with("0x") => u64::from_str_radix(&value[2..], 16).map(BlockNumber::Num).map_err(|e| {
+				Error::custom(format!("Invalid block number: {}", e))
+			}),
+			_ => value.parse::<u64>().map(BlockNumber::Num).map_err(|e| {
+				Error::custom(format!("Invalid block number: {}", e))
+			}),
 		}
 	}
 
diff --git a/rpc/src/v1/types/bytes.rs b/rpc/src/v1/types/bytes.rs
index deaa234fc..4bd10af44 100644
--- a/rpc/src/v1/types/bytes.rs
+++ b/rpc/src/v1/types/bytes.rs
@@ -81,9 +81,9 @@ impl<'a> Visitor<'a> for BytesVisitor {
 			);
 			Ok(Bytes::new(Vec::new()))
 		} else if value.len() >= 2 && &value[0..2] == "0x" && value.len() & 1 == 0 {
-			Ok(Bytes::new(FromHex::from_hex(&value[2..]).map_err(|_| Error::custom("invalid hex"))?))
+			Ok(Bytes::new(FromHex::from_hex(&value[2..]).map_err(|e| Error::custom(format!("Invalid hex: {}", e)))?))
 		} else {
-			Err(Error::custom("invalid format"))
+			Err(Error::custom("Invalid bytes format. Expected a 0x-prefixed hex string with even length"))
 		}
 	}
 
diff --git a/rpc/src/v1/types/derivation.rs b/rpc/src/v1/types/derivation.rs
index cf0f03c85..76becbaeb 100644
--- a/rpc/src/v1/types/derivation.rs
+++ b/rpc/src/v1/types/derivation.rs
@@ -121,7 +121,7 @@ impl<'a> Visitor<'a> for DerivationTypeVisitor {
 		match value {
 			"soft" => Ok(DerivationType::Soft),
 			"hard" => Ok(DerivationType::Hard),
-			_ => Err(Error::custom("invalid derivation type")),
+			v => Err(Error::custom(format!("invalid derivation type: {:?}", v))),
 		}
 	}
 
diff --git a/rpc/src/v1/types/filter.rs b/rpc/src/v1/types/filter.rs
index 8a1181eb8..058d14d7e 100644
--- a/rpc/src/v1/types/filter.rs
+++ b/rpc/src/v1/types/filter.rs
@@ -43,7 +43,7 @@ impl<'a, T> Deserialize<'a> for VariadicValue<T> where T: DeserializeOwned {
 
 		from_value(v.clone()).map(VariadicValue::Single)
 			.or_else(|_| from_value(v).map(VariadicValue::Multiple))
-			.map_err(|_| D::Error::custom("Invalid type."))
+			.map_err(|err| D::Error::custom(format!("Invalid variadic value type: {}", err)))
 	}
 }
 
diff --git a/rpc/src/v1/types/index.rs b/rpc/src/v1/types/index.rs
index 3c9d56f6e..4e44ce49c 100644
--- a/rpc/src/v1/types/index.rs
+++ b/rpc/src/v1/types/index.rs
@@ -47,8 +47,12 @@ impl<'a> Visitor<'a> for IndexVisitor {
 
 	fn visit_str<E>(self, value: &str) -> Result<Self::Value, E> where E: Error {
 		match value {
-			_ if value.starts_with("0x") => usize::from_str_radix(&value[2..], 16).map(Index).map_err(|_| Error::custom("invalid index")),
-			_ => value.parse::<usize>().map(Index).map_err(|_| Error::custom("invalid index")),
+			_ if value.starts_with("0x") => usize::from_str_radix(&value[2..], 16).map(Index).map_err(|e| {
+				Error::custom(format!("Invalid index: {}", e))
+			}),
+			_ => value.parse::<usize>().map(Index).map_err(|e| {
+				Error::custom(format!("Invalid index: {}", e))
+			}),
 		}
 	}
 
diff --git a/rpc/src/v1/types/pubsub.rs b/rpc/src/v1/types/pubsub.rs
index ce9d6d38d..e7deeba4f 100644
--- a/rpc/src/v1/types/pubsub.rs
+++ b/rpc/src/v1/types/pubsub.rs
@@ -84,7 +84,7 @@ impl<'a> Deserialize<'a> for Params {
 		}
 
 		from_value(v.clone()).map(Params::Logs)
-			.map_err(|_| D::Error::custom("Invalid type."))
+			.map_err(|e| D::Error::custom(format!("Invalid Pub-Sub parameters: {}", e)))
 	}
 }
 

From b68375d4629e0d8c4e20990df25830d5d7e60b19 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Mon, 21 Aug 2017 10:19:53 +0200
Subject: [PATCH 084/112] less unsafe code

---
 util/src/trie/triedb.rs | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/util/src/trie/triedb.rs b/util/src/trie/triedb.rs
index 9631f1ad9..ab7542fae 100644
--- a/util/src/trie/triedb.rs
+++ b/util/src/trie/triedb.rs
@@ -292,17 +292,15 @@ impl<'a> TrieDBIterator<'a> {
 	/// The present key.
 	fn key(&self) -> Bytes {
 		// collapse the key_nibbles down to bytes.
-		unsafe {
-			let size = self.key_nibbles.len() / 2;
-			let mut ptr = self.key_nibbles.as_ptr();
-			let mut result = Bytes::with_capacity(size);
-
-			for _ in 0..size {
-				result.push(*ptr * 16 + *ptr.offset(1));
-				ptr = ptr.offset(2);
-			}
-			result
+		let nibbles = &self.key_nibbles;
+		let mut i = 0;
+		let mut result = Bytes::with_capacity(nibbles.len() / 2);
+		let len = nibbles.len() - 1;
+		while i < len {
+			result.push(nibbles[i] * 16 + nibbles[i + 1]);
+			i += 2;
 		}
+		result
 	}
 }
 

From f3e7d7c725fcd39040d41d2dee231050342f60c0 Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Mon, 21 Aug 2017 09:48:30 +0000
Subject: [PATCH 085/112] [ci skip] js-precompiled 20170821-094253

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 9a7c22298..2402a0b5b 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2056,7 +2056,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#f4bde8f5b102e7da7c2440c04945fac86e75cff5"
+source = "git+https://github.com/paritytech/js-precompiled.git#416ced84c23b1a776d53ee4a3023eb4eb4736cf8"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index 34ed58654..4e732cbfc 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.15",
+  "version": "1.8.16",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index 27059815d..41388a127 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.15",
+  "version": "1.8.16",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From 73644adf69b6354679c62ffb24175433d46f6e73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Mon, 21 Aug 2017 13:46:58 +0200
Subject: [PATCH 086/112] Rename network_id to chain_id where applicable.

---
 ethcore/light/src/client/mod.rs               | 14 ++---
 ethcore/src/client/client.rs                  | 10 ++--
 ethcore/src/client/test_client.rs             |  8 +--
 ethcore/src/client/traits.rs                  |  4 +-
 ethcore/src/engines/authority_round/mod.rs    |  4 +-
 ethcore/src/engines/mod.rs                    |  4 +-
 .../engines/validator_set/safe_contract.rs    |  8 +--
 ethcore/src/error.rs                          |  6 +--
 ethcore/src/ethereum/ethash.rs                |  6 +--
 ethcore/src/json_tests/transaction.rs         | 10 ++--
 ethcore/src/miner/miner.rs                    | 10 ++--
 .../src/snapshot/tests/proof_of_authority.rs  |  4 +-
 ethcore/src/spec/spec.rs                      |  3 ++
 ethcore/src/tests/helpers.rs                  |  2 +-
 ethcore/src/transaction.rs                    | 54 +++++++++----------
 js/src/jsonrpc/interfaces/eth.js              |  8 +--
 js/src/jsonrpc/interfaces/parity.js           |  8 +--
 js/src/jsonrpc/types.js                       |  4 +-
 rpc/src/v1/helpers/dispatch.rs                | 22 ++++----
 rpc/src/v1/helpers/errors.rs                  |  2 +-
 rpc/src/v1/impls/personal.rs                  |  6 +--
 rpc/src/v1/tests/mocked/eth.rs                |  7 +--
 rpc/src/v1/tests/mocked/parity_set.rs         |  2 +-
 rpc/src/v1/tests/mocked/signer.rs             |  5 +-
 rpc/src/v1/tests/mocked/signing.rs            |  5 +-
 rpc/src/v1/types/block.rs                     |  2 +-
 rpc/src/v1/types/transaction.rs               | 10 ++--
 sync/src/tests/consensus.rs                   | 38 ++++++-------
 28 files changed, 136 insertions(+), 130 deletions(-)

diff --git a/ethcore/light/src/client/mod.rs b/ethcore/light/src/client/mod.rs
index 3f0e50584..d1cdfe9aa 100644
--- a/ethcore/light/src/client/mod.rs
+++ b/ethcore/light/src/client/mod.rs
@@ -100,8 +100,8 @@ pub trait LightChainClient: Send + Sync {
 	/// Get an iterator over a block and its ancestry.
 	fn ancestry_iter<'a>(&'a self, start: BlockId) -> Box<Iterator<Item=encoded::Header> + 'a>;
 
-	/// Get the signing network ID.
-	fn signing_network_id(&self) -> Option<u64>;
+	/// Get the signing chain ID.
+	fn signing_chain_id(&self) -> Option<u64>;
 
 	/// Get environment info for execution at a given block.
 	/// Fails if that block's header is not stored.
@@ -260,9 +260,9 @@ impl Client {
 		self.chain.ancestry_iter(start)
 	}
 
-	/// Get the signing network id.
-	pub fn signing_network_id(&self) -> Option<u64> {
-		self.engine.signing_network_id(&self.latest_env_info())
+	/// Get the signing chain id.
+	pub fn signing_chain_id(&self) -> Option<u64> {
+		self.engine.signing_chain_id(&self.latest_env_info())
 	}
 
 	/// Flush the header queue.
@@ -448,8 +448,8 @@ impl LightChainClient for Client {
 		Box::new(Client::ancestry_iter(self, start))
 	}
 
-	fn signing_network_id(&self) -> Option<u64> {
-		Client::signing_network_id(self)
+	fn signing_chain_id(&self) -> Option<u64> {
+		Client::signing_chain_id(self)
 	}
 
 	fn env_info(&self, id: BlockId) -> Option<EnvInfo> {
diff --git a/ethcore/src/client/client.rs b/ethcore/src/client/client.rs
index fdd201e68..edfb3c97c 100644
--- a/ethcore/src/client/client.rs
+++ b/ethcore/src/client/client.rs
@@ -1719,8 +1719,8 @@ impl BlockChainClient for Client {
 		}
 	}
 
-	fn signing_network_id(&self) -> Option<u64> {
-		self.engine.signing_network_id(&self.latest_env_info())
+	fn signing_chain_id(&self) -> Option<u64> {
+		self.engine.signing_chain_id(&self.latest_env_info())
 	}
 
 	fn block_extra_info(&self, id: BlockId) -> Option<BTreeMap<String, String>> {
@@ -1759,9 +1759,9 @@ impl BlockChainClient for Client {
 			value: U256::zero(),
 			data: data,
 		};
-		let network_id = self.engine.signing_network_id(&self.latest_env_info());
-		let signature = self.engine.sign(transaction.hash(network_id))?;
-		let signed = SignedTransaction::new(transaction.with_signature(signature, network_id))?;
+		let chain_id = self.engine.signing_chain_id(&self.latest_env_info());
+		let signature = self.engine.sign(transaction.hash(chain_id))?;
+		let signed = SignedTransaction::new(transaction.with_signature(signature, chain_id))?;
 		self.miner.import_own_transaction(self, signed.into())
 	}
 
diff --git a/ethcore/src/client/test_client.rs b/ethcore/src/client/test_client.rs
index 2a205868d..b6e0ba02e 100644
--- a/ethcore/src/client/test_client.rs
+++ b/ethcore/src/client/test_client.rs
@@ -733,7 +733,7 @@ impl BlockChainClient for TestBlockChainClient {
 		self.miner.ready_transactions(info.best_block_number, info.best_block_timestamp)
 	}
 
-	fn signing_network_id(&self) -> Option<u64> { None }
+	fn signing_chain_id(&self) -> Option<u64> { None }
 
 	fn mode(&self) -> Mode { Mode::Active }
 
@@ -764,9 +764,9 @@ impl BlockChainClient for TestBlockChainClient {
 			value: U256::default(),
 			data: data,
 		};
-		let network_id = Some(self.spec.params().network_id);
-		let sig = self.spec.engine.sign(transaction.hash(network_id)).unwrap();
-		let signed = SignedTransaction::new(transaction.with_signature(sig, network_id)).unwrap();
+		let chain_id = Some(self.spec.chain_id());
+		let sig = self.spec.engine.sign(transaction.hash(chain_id)).unwrap();
+		let signed = SignedTransaction::new(transaction.with_signature(sig, chain_id)).unwrap();
 		self.miner.import_own_transaction(self, signed.into())
 	}
 
diff --git a/ethcore/src/client/traits.rs b/ethcore/src/client/traits.rs
index 8e1bd8b18..40d2fab8e 100644
--- a/ethcore/src/client/traits.rs
+++ b/ethcore/src/client/traits.rs
@@ -239,8 +239,8 @@ pub trait BlockChainClient : Sync + Send {
 		corpus.into()
 	}
 
-	/// Get the preferred network ID to sign on
-	fn signing_network_id(&self) -> Option<u64>;
+	/// Get the preferred chain ID to sign on
+	fn signing_chain_id(&self) -> Option<u64>;
 
 	/// Get the mode.
 	fn mode(&self) -> Mode;
diff --git a/ethcore/src/engines/authority_round/mod.rs b/ethcore/src/engines/authority_round/mod.rs
index e7284bfbe..194fdd8fe 100644
--- a/ethcore/src/engines/authority_round/mod.rs
+++ b/ethcore/src/engines/authority_round/mod.rs
@@ -804,9 +804,9 @@ impl Engine for AuthorityRound {
 	fn verify_transaction_basic(&self, t: &UnverifiedTransaction, header: &Header) -> Result<(), Error> {
 		t.check_low_s()?;
 
-		if let Some(n) = t.network_id() {
+		if let Some(n) = t.chain_id() {
 			if header.number() >= self.params().eip155_transition && n != self.params().chain_id {
-				return Err(TransactionError::InvalidNetworkId.into());
+				return Err(TransactionError::InvalidChainId.into());
 			}
 		}
 
diff --git a/ethcore/src/engines/mod.rs b/ethcore/src/engines/mod.rs
index a293963d7..00f322318 100644
--- a/ethcore/src/engines/mod.rs
+++ b/ethcore/src/engines/mod.rs
@@ -263,7 +263,7 @@ pub trait Engine : Sync + Send {
 	// TODO: Add flags for which bits of the transaction to check.
 	// TODO: consider including State in the params.
 	fn verify_transaction_basic(&self, t: &UnverifiedTransaction, _header: &Header) -> Result<(), Error> {
-		t.verify_basic(true, Some(self.params().network_id), true)?;
+		t.verify_basic(true, Some(self.params().chain_id), true)?;
 		Ok(())
 	}
 
@@ -273,7 +273,7 @@ pub trait Engine : Sync + Send {
 	}
 
 	/// The network ID that transactions should be signed with.
-	fn signing_network_id(&self, _env_info: &EnvInfo) -> Option<u64> {
+	fn signing_chain_id(&self, _env_info: &EnvInfo) -> Option<u64> {
 		Some(self.params().chain_id)
 	}
 
diff --git a/ethcore/src/engines/validator_set/safe_contract.rs b/ethcore/src/engines/validator_set/safe_contract.rs
index 96790dca7..1abcf2c8f 100644
--- a/ethcore/src/engines/validator_set/safe_contract.rs
+++ b/ethcore/src/engines/validator_set/safe_contract.rs
@@ -452,7 +452,7 @@ mod tests {
 		let s0: Secret = "1".sha3().into();
 		let v0 = tap.insert_account(s0.clone(), "").unwrap();
 		let v1 = tap.insert_account("0".sha3().into(), "").unwrap();
-		let network_id = Spec::new_validator_safe_contract().network_id();
+		let chain_id = Spec::new_validator_safe_contract().chain_id();
 		let client = generate_dummy_client_with_spec_and_accounts(Spec::new_validator_safe_contract, Some(tap));
 		client.engine().register_client(Arc::downgrade(&client));
 		let validator_contract = "0000000000000000000000000000000000000005".parse::<Address>().unwrap();
@@ -466,7 +466,7 @@ mod tests {
 			action: Action::Call(validator_contract),
 			value: 0.into(),
 			data: "bfc708a000000000000000000000000082a978b3f5962a5b0957d9ee9eef472ee55b42f1".from_hex().unwrap(),
-		}.sign(&s0, Some(network_id));
+		}.sign(&s0, Some(chain_id));
 		client.miner().import_own_transaction(client.as_ref(), tx.into()).unwrap();
 		client.update_sealing();
 		assert_eq!(client.chain_info().best_block_number, 1);
@@ -478,7 +478,7 @@ mod tests {
 			action: Action::Call(validator_contract),
 			value: 0.into(),
 			data: "4d238c8e00000000000000000000000082a978b3f5962a5b0957d9ee9eef472ee55b42f1".from_hex().unwrap(),
-		}.sign(&s0, Some(network_id));
+		}.sign(&s0, Some(chain_id));
 		client.miner().import_own_transaction(client.as_ref(), tx.into()).unwrap();
 		client.update_sealing();
 		// The transaction is not yet included so still unable to seal.
@@ -497,7 +497,7 @@ mod tests {
 			action: Action::Call(Address::default()),
 			value: 0.into(),
 			data: Vec::new(),
-		}.sign(&s0, Some(network_id));
+		}.sign(&s0, Some(chain_id));
 		client.miner().import_own_transaction(client.as_ref(), tx.into()).unwrap();
 		client.update_sealing();
 		// Able to seal again.
diff --git a/ethcore/src/error.rs b/ethcore/src/error.rs
index 194cbcb38..172323c0d 100644
--- a/ethcore/src/error.rs
+++ b/ethcore/src/error.rs
@@ -78,8 +78,8 @@ pub enum TransactionError {
 	RecipientBanned,
 	/// Contract creation code is banned.
 	CodeBanned,
-	/// Invalid network ID given.
-	InvalidNetworkId,
+	/// Invalid chain ID given.
+	InvalidChainId,
 }
 
 impl fmt::Display for TransactionError {
@@ -103,7 +103,7 @@ impl fmt::Display for TransactionError {
 			SenderBanned => "Sender is temporarily banned.".into(),
 			RecipientBanned => "Recipient is temporarily banned.".into(),
 			CodeBanned => "Contract code is temporarily banned.".into(),
-			InvalidNetworkId => "Transaction of this network ID is not allowed on this chain.".into(),
+			InvalidChainId => "Transaction of this chain ID is not allowed on this chain.".into(),
 		};
 
 		f.write_fmt(format_args!("Transaction error ({})", msg))
diff --git a/ethcore/src/ethereum/ethash.rs b/ethcore/src/ethereum/ethash.rs
index 7e275cf98..adb1f7dac 100644
--- a/ethcore/src/ethereum/ethash.rs
+++ b/ethcore/src/ethereum/ethash.rs
@@ -206,7 +206,7 @@ impl Engine for Arc<Ethash> {
 		}
 	}
 
-	fn signing_network_id(&self, env_info: &EnvInfo) -> Option<u64> {
+	fn signing_chain_id(&self, env_info: &EnvInfo) -> Option<u64> {
 		if env_info.number >= self.params().eip155_transition {
 			Some(self.params().chain_id)
 		} else {
@@ -397,8 +397,8 @@ impl Engine for Arc<Ethash> {
 		}
 
 		let check_low_s = header.number() >= self.ethash_params.homestead_transition;
-		let network_id = if header.number() >= self.params().eip155_transition { Some(self.params().chain_id) } else { None };
-		t.verify_basic(check_low_s, network_id, false)?;
+		let chain_id = if header.number() >= self.params().eip155_transition { Some(self.params().chain_id) } else { None };
+		t.verify_basic(check_low_s, chain_id, false)?;
 		Ok(())
 	}
 
diff --git a/ethcore/src/json_tests/transaction.rs b/ethcore/src/json_tests/transaction.rs
index a3c3c889d..3d71a5faf 100644
--- a/ethcore/src/json_tests/transaction.rs
+++ b/ethcore/src/json_tests/transaction.rs
@@ -36,25 +36,25 @@ fn do_json_test(json_data: &[u8]) -> Vec<String> {
 			Some(x) if x < 3_000_000 => &homestead_schedule,
 			Some(_) => &metropolis_schedule
 		};
-		let allow_network_id_of_one = number.map_or(false, |n| n >= 2_675_000);
+		let allow_chain_id_of_one = number.map_or(false, |n| n >= 2_675_000);
 		let allow_unsigned = number.map_or(false, |n| n >= 3_000_000);
 
 		let rlp: Vec<u8> = test.rlp.into();
 		let res = UntrustedRlp::new(&rlp)
 			.as_val()
 			.map_err(From::from)
-			.and_then(|t: UnverifiedTransaction| t.validate(schedule, schedule.have_delegate_call, allow_network_id_of_one, allow_unsigned));
+			.and_then(|t: UnverifiedTransaction| t.validate(schedule, schedule.have_delegate_call, allow_chain_id_of_one, allow_unsigned));
 
 		fail_unless(test.transaction.is_none() == res.is_err(), "Validity different");
 		if let (Some(tx), Some(sender)) = (test.transaction, test.sender) {
 			let t = res.unwrap();
 			fail_unless(SignedTransaction::new(t.clone()).unwrap().sender() == sender.into(), "sender mismatch");
-			let is_acceptable_network_id = match t.network_id() {
+			let is_acceptable_chain_id = match t.chain_id() {
 				None => true,
-				Some(1) if allow_network_id_of_one => true,
+				Some(1) if allow_chain_id_of_one => true,
 				_ => false,
 			};
-			fail_unless(is_acceptable_network_id, "Network ID unacceptable");
+			fail_unless(is_acceptable_chain_id, "Network ID unacceptable");
 			let data: Vec<u8> = tx.data.into();
 			fail_unless(t.data == data, "data mismatch");
 			fail_unless(t.gas_price == tx.gas_price.into(), "gas_price mismatch");
diff --git a/ethcore/src/miner/miner.rs b/ethcore/src/miner/miner.rs
index 02463d929..0639c645f 100644
--- a/ethcore/src/miner/miner.rs
+++ b/ethcore/src/miner/miner.rs
@@ -1306,10 +1306,10 @@ mod tests {
 	}
 
 	fn transaction() -> SignedTransaction {
-		transaction_with_network_id(2)
+		transaction_with_chain_id(2)
 	}
 
-	fn transaction_with_network_id(id: u64) -> SignedTransaction {
+	fn transaction_with_chain_id(chain_id: u64) -> SignedTransaction {
 		let keypair = Random.generate().unwrap();
 		Transaction {
 			action: Action::Create,
@@ -1318,7 +1318,7 @@ mod tests {
 			gas: U256::from(100_000),
 			gas_price: U256::zero(),
 			nonce: U256::zero(),
-		}.sign(keypair.secret(), Some(id))
+		}.sign(keypair.secret(), Some(chain_id))
 	}
 
 	#[test]
@@ -1399,14 +1399,14 @@ mod tests {
 
 		let client = generate_dummy_client(2);
 
-		assert_eq!(miner.import_external_transactions(&*client, vec![transaction_with_network_id(spec.network_id()).into()]).pop().unwrap().unwrap(), TransactionImportResult::Current);
+		assert_eq!(miner.import_external_transactions(&*client, vec![transaction_with_chain_id(spec.chain_id()).into()]).pop().unwrap().unwrap(), TransactionImportResult::Current);
 
 		miner.update_sealing(&*client);
 		client.flush_queue();
 		assert!(miner.pending_block(0).is_none());
 		assert_eq!(client.chain_info().best_block_number, 3 as BlockNumber);
 
-		assert_eq!(miner.import_own_transaction(&*client, PendingTransaction::new(transaction_with_network_id(spec.network_id()).into(), None)).unwrap(), TransactionImportResult::Current);
+		assert_eq!(miner.import_own_transaction(&*client, PendingTransaction::new(transaction_with_chain_id(spec.chain_id()).into(), None)).unwrap(), TransactionImportResult::Current);
 
 		miner.update_sealing(&*client);
 		client.flush_queue();
diff --git a/ethcore/src/snapshot/tests/proof_of_authority.rs b/ethcore/src/snapshot/tests/proof_of_authority.rs
index a62dbaf10..7c44ec20a 100644
--- a/ethcore/src/snapshot/tests/proof_of_authority.rs
+++ b/ethcore/src/snapshot/tests/proof_of_authority.rs
@@ -130,7 +130,7 @@ fn make_chain(accounts: Arc<AccountProvider>, blocks_beyond: usize, transitions:
 				action: Action::Call(Address::new()),
 				value: 1.into(),
 				data: Vec::new(),
-			}.sign(&*RICH_SECRET, client.signing_network_id());
+			}.sign(&*RICH_SECRET, client.signing_chain_id());
 
 			*nonce = *nonce + 1.into();
 			vec![transaction]
@@ -176,7 +176,7 @@ fn make_chain(accounts: Arc<AccountProvider>, blocks_beyond: usize, transitions:
 							action: Action::Call(addr),
 							value: 0.into(),
 							data: data,
-						}.sign(&*RICH_SECRET, client.signing_network_id());
+						}.sign(&*RICH_SECRET, client.signing_chain_id());
 
 						pending.push(transaction);
 
diff --git a/ethcore/src/spec/spec.rs b/ethcore/src/spec/spec.rs
index 395f8ef9c..ba57a7f27 100644
--- a/ethcore/src/spec/spec.rs
+++ b/ethcore/src/spec/spec.rs
@@ -380,6 +380,9 @@ impl Spec {
 	/// Get the configured Network ID.
 	pub fn network_id(&self) -> u64 { self.params().network_id }
 
+	/// Get the chain ID used for signing.
+	pub fn chain_id(&self) -> u64 { self.params().chain_id }
+
 	/// Get the configured subprotocol name.
 	pub fn subprotocol_name(&self) -> String { self.params().subprotocol_name.clone() }
 
diff --git a/ethcore/src/tests/helpers.rs b/ethcore/src/tests/helpers.rs
index 5d05e66f5..d8ba8313e 100644
--- a/ethcore/src/tests/helpers.rs
+++ b/ethcore/src/tests/helpers.rs
@@ -211,7 +211,7 @@ pub fn generate_dummy_client_with_spec_accounts_and_data<F>(get_test_spec: F, ac
 				action: Action::Create,
 				data: vec![],
 				value: U256::zero(),
-			}.sign(kp.secret(), Some(test_spec.network_id())), None).unwrap();
+			}.sign(kp.secret(), Some(test_spec.chain_id())), None).unwrap();
 			n += 1;
 		}
 
diff --git a/ethcore/src/transaction.rs b/ethcore/src/transaction.rs
index 2752cc6dd..0bd61dceb 100644
--- a/ethcore/src/transaction.rs
+++ b/ethcore/src/transaction.rs
@@ -94,15 +94,15 @@ pub struct Transaction {
 
 impl Transaction {
 	/// Append object with a without signature into RLP stream
-	pub fn rlp_append_unsigned_transaction(&self, s: &mut RlpStream, network_id: Option<u64>) {
-		s.begin_list(if network_id.is_none() { 6 } else { 9 });
+	pub fn rlp_append_unsigned_transaction(&self, s: &mut RlpStream, chain_id: Option<u64>) {
+		s.begin_list(if chain_id.is_none() { 6 } else { 9 });
 		s.append(&self.nonce);
 		s.append(&self.gas_price);
 		s.append(&self.gas);
 		s.append(&self.action);
 		s.append(&self.value);
 		s.append(&self.data);
-		if let Some(n) = network_id {
+		if let Some(n) = chain_id {
 			s.append(&n);
 			s.append(&0u8);
 			s.append(&0u8);
@@ -163,27 +163,27 @@ impl From<ethjson::transaction::Transaction> for UnverifiedTransaction {
 
 impl Transaction {
 	/// The message hash of the transaction.
-	pub fn hash(&self, network_id: Option<u64>) -> H256 {
+	pub fn hash(&self, chain_id: Option<u64>) -> H256 {
 		let mut stream = RlpStream::new();
-		self.rlp_append_unsigned_transaction(&mut stream, network_id);
+		self.rlp_append_unsigned_transaction(&mut stream, chain_id);
 		stream.as_raw().sha3()
 	}
 
 	/// Signs the transaction as coming from `sender`.
-	pub fn sign(self, secret: &Secret, network_id: Option<u64>) -> SignedTransaction {
-		let sig = ::ethkey::sign(secret, &self.hash(network_id))
+	pub fn sign(self, secret: &Secret, chain_id: Option<u64>) -> SignedTransaction {
+		let sig = ::ethkey::sign(secret, &self.hash(chain_id))
 			.expect("data is valid and context has signing capabilities; qed");
-		SignedTransaction::new(self.with_signature(sig, network_id))
+		SignedTransaction::new(self.with_signature(sig, chain_id))
 			.expect("secret is valid so it's recoverable")
 	}
 
 	/// Signs the transaction with signature.
-	pub fn with_signature(self, sig: Signature, network_id: Option<u64>) -> UnverifiedTransaction {
+	pub fn with_signature(self, sig: Signature, chain_id: Option<u64>) -> UnverifiedTransaction {
 		UnverifiedTransaction {
 			unsigned: self,
 			r: sig.r().into(),
 			s: sig.s().into(),
-			v: sig.v() as u64 + if let Some(n) = network_id { 35 + n * 2 } else { 27 },
+			v: sig.v() as u64 + if let Some(n) = chain_id { 35 + n * 2 } else { 27 },
 			hash: 0.into(),
 		}.compute_hash()
 	}
@@ -216,13 +216,13 @@ impl Transaction {
 	}
 
 	/// Add EIP-86 compatible empty signature.
-	pub fn null_sign(self, network_id: u64) -> SignedTransaction {
+	pub fn null_sign(self, chain_id: u64) -> SignedTransaction {
 		SignedTransaction {
 			transaction: UnverifiedTransaction {
 				unsigned: self,
 				r: U256::zero(),
 				s: U256::zero(),
-				v: network_id,
+				v: chain_id,
 				hash: 0.into(),
 			}.compute_hash(),
 			sender: UNSIGNED_SENDER,
@@ -250,7 +250,7 @@ pub struct UnverifiedTransaction {
 	/// Plain Transaction.
 	unsigned: Transaction,
 	/// The V field of the signature; the LS bit described which half of the curve our point falls
-	/// in. The MS bits describe which network this transaction is for. If 27/28, its for all networks.
+	/// in. The MS bits describe which chain this transaction is for. If 27/28, its for all chains.
 	v: u64,
 	/// The R field of the signature; helps describe the point on the curve.
 	r: U256,
@@ -333,8 +333,8 @@ impl UnverifiedTransaction {
 	/// The `v` value that appears in the RLP.
 	pub fn original_v(&self) -> u64 { self.v }
 
-	/// The network ID, or `None` if this is a global transaction.
-	pub fn network_id(&self) -> Option<u64> {
+	/// The chain ID, or `None` if this is a global transaction.
+	pub fn chain_id(&self) -> Option<u64> {
 		match self.v {
 			v if self.is_unsigned() => Some(v),
 			v if v > 36 => Some((v - 35) / 2),
@@ -363,15 +363,15 @@ impl UnverifiedTransaction {
 
 	/// Recovers the public key of the sender.
 	pub fn recover_public(&self) -> Result<Public, Error> {
-		Ok(recover(&self.signature(), &self.unsigned.hash(self.network_id()))?)
+		Ok(recover(&self.signature(), &self.unsigned.hash(self.chain_id()))?)
 	}
 
 	/// Do basic validation, checking for valid signature and minimum gas,
 	// TODO: consider use in block validation.
 	#[cfg(test)]
 	#[cfg(feature = "json-tests")]
-	pub fn validate(self, schedule: &Schedule, require_low: bool, allow_network_id_of_one: bool, allow_empty_signature: bool) -> Result<UnverifiedTransaction, Error> {
-		let chain_id = if allow_network_id_of_one { Some(1) } else { None };
+	pub fn validate(self, schedule: &Schedule, require_low: bool, allow_chain_id_of_one: bool, allow_empty_signature: bool) -> Result<UnverifiedTransaction, Error> {
+		let chain_id = if allow_chain_id_of_one { Some(1) } else { None };
 		self.verify_basic(require_low, chain_id, allow_empty_signature)?;
 		if !allow_empty_signature || !self.is_unsigned() {
 			self.recover_public()?;
@@ -391,10 +391,10 @@ impl UnverifiedTransaction {
 		if allow_empty_signature && self.is_unsigned() && !(self.gas_price.is_zero() && self.value.is_zero() && self.nonce.is_zero()) {
 			return Err(EthkeyError::InvalidSignature.into())
 		}
-		match (self.network_id(), chain_id) {
+		match (self.chain_id(), chain_id) {
 			(None, _) => {},
 			(Some(n), Some(m)) if n == m => {},
-			_ => return Err(TransactionError::InvalidNetworkId.into()),
+			_ => return Err(TransactionError::InvalidChainId.into()),
 		};
 		Ok(())
 	}
@@ -558,7 +558,7 @@ mod tests {
 		} else { panic!(); }
 		assert_eq!(t.value, U256::from(0x0au64));
 		assert_eq!(public_to_address(&t.recover_public().unwrap()), "0f65fe9276bc9a24ae7083ae28e2660ef72df99e".into());
-		assert_eq!(t.network_id(), None);
+		assert_eq!(t.chain_id(), None);
 	}
 
 	#[test]
@@ -575,7 +575,7 @@ mod tests {
 			data: b"Hello!".to_vec()
 		}.sign(&key.secret(), None);
 		assert_eq!(Address::from(key.public().sha3()), t.sender());
-		assert_eq!(t.network_id(), None);
+		assert_eq!(t.chain_id(), None);
 	}
 
 	#[test]
@@ -589,15 +589,15 @@ mod tests {
 			data: b"Hello!".to_vec()
 		}.fake_sign(Address::from(0x69));
 		assert_eq!(Address::from(0x69), t.sender());
-		assert_eq!(t.network_id(), None);
+		assert_eq!(t.chain_id(), None);
 
 		let t = t.clone();
 		assert_eq!(Address::from(0x69), t.sender());
-		assert_eq!(t.network_id(), None);
+		assert_eq!(t.chain_id(), None);
 	}
 
 	#[test]
-	fn should_recover_from_network_specific_signing() {
+	fn should_recover_from_chain_specific_signing() {
 		use ethkey::{Random, Generator};
 		let key = Random.generate().unwrap();
 		let t = Transaction {
@@ -609,7 +609,7 @@ mod tests {
 			data: b"Hello!".to_vec()
 		}.sign(&key.secret(), Some(69));
 		assert_eq!(Address::from(key.public().sha3()), t.sender());
-		assert_eq!(t.network_id(), Some(69));
+		assert_eq!(t.chain_id(), Some(69));
 	}
 
 	#[test]
@@ -620,7 +620,7 @@ mod tests {
 			let signed = decode(&FromHex::from_hex(tx_data).unwrap());
 			let signed = SignedTransaction::new(signed).unwrap();
 			assert_eq!(signed.sender(), address.into());
-			flushln!("networkid: {:?}", signed.network_id());
+			flushln!("chainid: {:?}", signed.chain_id());
 		};
 
 		test_vector("f864808504a817c800825208943535353535353535353535353535353535353535808025a0044852b2a670ade5407e78fb2863c51de9fcb96542a07186fe3aeda6bb8a116da0044852b2a670ade5407e78fb2863c51de9fcb96542a07186fe3aeda6bb8a116d", "0xf0f6f18bca1b28cd68e4357452947e021241e9ce");
diff --git a/js/src/jsonrpc/interfaces/eth.js b/js/src/jsonrpc/interfaces/eth.js
index d54c57325..30756e8c6 100644
--- a/js/src/jsonrpc/interfaces/eth.js
+++ b/js/src/jsonrpc/interfaces/eth.js
@@ -566,9 +566,9 @@ The following options are possible for the \`defaultBlock\` parameter:
           type: Hash,
           desc: 'public key of the signer.'
         },
-        networkId: {
+        chainId: {
           type: Quantity,
-          desc: 'the network id of the transaction, if any.'
+          desc: 'the chain id of the transaction, if any.'
         },
         creates: {
           type: Hash,
@@ -1111,9 +1111,9 @@ The following options are possible for the \`defaultBlock\` parameter:
               type: Hash,
               desc: 'public key of the signer.'
             },
-            networkId: {
+            chainId: {
               type: Quantity,
-              desc: 'the network id of the transaction, if any.'
+              desc: 'the chain id of the transaction, if any.'
             },
             creates: {
               type: Hash,
diff --git a/js/src/jsonrpc/interfaces/parity.js b/js/src/jsonrpc/interfaces/parity.js
index d80a0c5a2..a1e6246e4 100644
--- a/js/src/jsonrpc/interfaces/parity.js
+++ b/js/src/jsonrpc/interfaces/parity.js
@@ -403,7 +403,7 @@ export default {
             condition: {
               block: 1
             },
-            networkId: null,
+            chainId: null,
             nonce: '0x0',
             publicKey: '0x3fa8c08c65a83f6b4ea3e04e1cc70cbe3cd391499e3e05ab7dedf28aff9afc538200ff93e3f2b2cb5029f03c7ebee820d63a4c5a9541c83acebe293f54cacf0e',
             raw: '0xf868808502d20cff33830e57e09400a289b43e1e4825dbedf2a78ba60a640634dc40830fffff801ca034c333b0b91cd832a3414d628e3fea29a00055cebf5ba59f7038c188404c0cf3a0524fd9b35be170439b5ffe89694ae0cfc553cb49d1d8b643239e353351531532',
@@ -626,7 +626,7 @@ export default {
           condition: {
             block: 1
           },
-          networkId: 1,
+          chainId: 1,
           nonce: '0x5',
           publicKey: '0x96157302dade55a1178581333e57d60ffe6fdf5a99607890456a578b4e6b60e335037d61ed58aa4180f9fd747dc50d44a7924aa026acbfb988b5062b629d6c36',
           r: '0x92e8beb19af2bad0511d516a86e77fa73004c0811b2173657a55797bdf8558e1',
@@ -688,7 +688,7 @@ export default {
           condition: {
             block: 1
           },
-          networkId: 1,
+          chainId: 1,
           nonce: '0x5',
           publicKey: '0x96157302dade55a1178581333e57d60ffe6fdf5a99607890456a578b4e6b60e335037d61ed58aa4180f9fd747dc50d44a7924aa026acbfb988b5062b629d6c36',
           r: '0x92e8beb19af2bad0511d516a86e77fa73004c0811b2173657a55797bdf8558e1',
@@ -980,7 +980,7 @@ export default {
           creates: null,
           raw: '0xf86c018504a817c80082520894f5d405530dabfbd0c1cab7a5812f008aa5559adf882efc004ac03a49968025a0b40c6967a7e8bbdfd99a25fd306b9ef23b80e719514aeb7ddd19e2303d6fc139a06bf770ab08119e67dc29817e1412a0e3086f43da308c314db1b3bca9fb6d32bd',
           publicKey: '0xeba33fd74f06236e17475bc5b6d1bac718eac048350d77d3fc8fbcbd85782a57c821255623c4fd1ebc9d555d07df453b2579ee557b7203fc256ca3b3401e4027',
-          networkId: 1,
+          chainId: 1,
           standardV: '0x0',
           v: '0x25',
           r: '0xb40c6967a7e8bbdfd99a25fd306b9ef23b80e719514aeb7ddd19e2303d6fc139',
diff --git a/js/src/jsonrpc/types.js b/js/src/jsonrpc/types.js
index c750932c9..bd69cc863 100644
--- a/js/src/jsonrpc/types.js
+++ b/js/src/jsonrpc/types.js
@@ -173,9 +173,9 @@ export class TransactionResponse {
       type: Data,
       desc: 'Public key of the signer.'
     },
-    networkId: {
+    chainId: {
       type: Quantity,
-      desc: 'The network id of the transaction, if any.'
+      desc: 'The chain id of the transaction, if any.'
     },
     standardV: {
       type: Quantity,
diff --git a/rpc/src/v1/helpers/dispatch.rs b/rpc/src/v1/helpers/dispatch.rs
index c72f1a890..b2602d6a1 100644
--- a/rpc/src/v1/helpers/dispatch.rs
+++ b/rpc/src/v1/helpers/dispatch.rs
@@ -133,7 +133,7 @@ impl<C: MiningBlockChainClient, M: MinerService> Dispatcher for FullDispatcher<C
 		-> BoxFuture<WithToken<SignedTransaction>, Error>
 	{
 		let (client, miner) = (self.client.clone(), self.miner.clone());
-		let network_id = client.signing_network_id();
+		let chain_id = client.signing_chain_id();
 		let address = filled.from;
 		future::done({
 			let t = Transaction {
@@ -146,12 +146,12 @@ impl<C: MiningBlockChainClient, M: MinerService> Dispatcher for FullDispatcher<C
 			};
 
 			if accounts.is_hardware_address(address) {
-				hardware_signature(&*accounts, address, t, network_id).map(WithToken::No)
+				hardware_signature(&*accounts, address, t, chain_id).map(WithToken::No)
 			} else {
-				let hash = t.hash(network_id);
+				let hash = t.hash(chain_id);
 				let signature = try_bf!(signature(&*accounts, address, hash, password));
 				Ok(signature.map(|sig| {
-					SignedTransaction::new(t.with_signature(sig, network_id))
+					SignedTransaction::new(t.with_signature(sig, chain_id))
 						.expect("Transaction was signed by AccountsProvider; it never produces invalid signatures; qed")
 				}))
 			}
@@ -358,7 +358,7 @@ impl Dispatcher for LightDispatcher {
 	fn sign(&self, accounts: Arc<AccountProvider>, filled: FilledTransactionRequest, password: SignWith)
 		-> BoxFuture<WithToken<SignedTransaction>, Error>
 	{
-		let network_id = self.client.signing_network_id();
+		let chain_id = self.client.signing_chain_id();
 		let address = filled.from;
 
 		let with_nonce = move |filled: FilledTransactionRequest, nonce| {
@@ -372,14 +372,14 @@ impl Dispatcher for LightDispatcher {
 			};
 
 			if accounts.is_hardware_address(address) {
-				return hardware_signature(&*accounts, address, t, network_id).map(WithToken::No)
+				return hardware_signature(&*accounts, address, t, chain_id).map(WithToken::No)
 			}
 
-			let hash = t.hash(network_id);
+			let hash = t.hash(chain_id);
 			let signature = signature(&*accounts, address, hash, password)?;
 
 			Ok(signature.map(|sig| {
-				SignedTransaction::new(t.with_signature(sig, network_id))
+				SignedTransaction::new(t.with_signature(sig, chain_id))
 					.expect("Transaction was signed by AccountsProvider; it never produces invalid signatures; qed")
 			}))
 		};
@@ -552,20 +552,20 @@ fn signature(accounts: &AccountProvider, address: Address, hash: H256, password:
 }
 
 // obtain a hardware signature from the given account.
-fn hardware_signature(accounts: &AccountProvider, address: Address, t: Transaction, network_id: Option<u64>)
+fn hardware_signature(accounts: &AccountProvider, address: Address, t: Transaction, chain_id: Option<u64>)
 	-> Result<SignedTransaction, Error>
 {
 	debug_assert!(accounts.is_hardware_address(address));
 
 	let mut stream = rlp::RlpStream::new();
-	t.rlp_append_unsigned_transaction(&mut stream, network_id);
+	t.rlp_append_unsigned_transaction(&mut stream, chain_id);
 	let signature = accounts.sign_with_hardware(address, &stream.as_raw())
 		.map_err(|e| {
 			debug!(target: "miner", "Error signing transaction with hardware wallet: {}", e);
 			errors::account("Error signing transaction with hardware wallet", e)
 		})?;
 
-	SignedTransaction::new(t.with_signature(signature, network_id))
+	SignedTransaction::new(t.with_signature(signature, chain_id))
 		.map_err(|e| {
 		  debug!(target: "miner", "Hardware wallet has produced invalid signature: {}", e);
 		  errors::account("Invalid signature generated", e)
diff --git a/rpc/src/v1/helpers/errors.rs b/rpc/src/v1/helpers/errors.rs
index 4c4af6f97..559f3a6b9 100644
--- a/rpc/src/v1/helpers/errors.rs
+++ b/rpc/src/v1/helpers/errors.rs
@@ -310,7 +310,7 @@ pub fn transaction_message(error: TransactionError) -> String {
 		GasLimitExceeded { limit, got } => {
 			format!("Transaction cost exceeds current gas limit. Limit: {}, got: {}. Try decreasing supplied gas.", limit, got)
 		},
-		InvalidNetworkId => "Invalid network id.".into(),
+		InvalidChainId => "Invalid chain id.".into(),
 		InvalidGasLimit(_) => "Supplied gas is beyond limit.".into(),
 		SenderBanned => "Sender is banned in local queue.".into(),
 		RecipientBanned => "Recipient is banned in local queue.".into(),
diff --git a/rpc/src/v1/impls/personal.rs b/rpc/src/v1/impls/personal.rs
index 8028168fd..302190fd4 100644
--- a/rpc/src/v1/impls/personal.rs
+++ b/rpc/src/v1/impls/personal.rs
@@ -124,9 +124,9 @@ impl<D: Dispatcher + 'static> Personal for PersonalClient<D> {
 					.map(move |tx| (tx, dispatcher))
 			})
 			.and_then(|(pending_tx, dispatcher)| {
-				let network_id = pending_tx.network_id();
-				trace!(target: "miner", "send_transaction: dispatching tx: {} for network ID {:?}",
-					::rlp::encode(&*pending_tx).into_vec().pretty(), network_id);
+				let chain_id = pending_tx.chain_id();
+				trace!(target: "miner", "send_transaction: dispatching tx: {} for chain ID {:?}",
+					::rlp::encode(&*pending_tx).into_vec().pretty(), chain_id);
 
 				dispatcher.dispatch_transaction(pending_tx).map(Into::into)
 			})
diff --git a/rpc/src/v1/tests/mocked/eth.rs b/rpc/src/v1/tests/mocked/eth.rs
index f935b93e2..d1835948f 100644
--- a/rpc/src/v1/tests/mocked/eth.rs
+++ b/rpc/src/v1/tests/mocked/eth.rs
@@ -544,7 +544,7 @@ fn rpc_eth_pending_transaction_by_hash() {
 		tester.miner.pending_transactions.lock().insert(H256::zero(), tx);
 	}
 
-	let response = r#"{"jsonrpc":"2.0","result":{"blockHash":null,"blockNumber":null,"condition":null,"creates":null,"from":"0x0f65fe9276bc9a24ae7083ae28e2660ef72df99e","gas":"0x5208","gasPrice":"0x1","hash":"0x41df922fd0d4766fcc02e161f8295ec28522f329ae487f14d811e4b64c8d6e31","input":"0x","networkId":null,"nonce":"0x0","publicKey":"0x7ae46da747962c2ee46825839c1ef9298e3bd2e70ca2938495c3693a485ec3eaa8f196327881090ff64cf4fbb0a48485d4f83098e189ed3b7a87d5941b59f789","r":"0x48b55bfa915ac795c431978d8a6a992b628d557da5ff759b307d495a36649353","raw":"0xf85f800182520894095e7baea6a6c7c4c2dfeb977efac326af552d870a801ba048b55bfa915ac795c431978d8a6a992b628d557da5ff759b307d495a36649353a0efffd310ac743f371de3b9f7f9cb56c0b28ad43601b4ab949f53faa07bd2c804","s":"0xefffd310ac743f371de3b9f7f9cb56c0b28ad43601b4ab949f53faa07bd2c804","standardV":"0x0","to":"0x095e7baea6a6c7c4c2dfeb977efac326af552d87","transactionIndex":null,"v":"0x1b","value":"0xa"},"id":1}"#;
+	let response = r#"{"jsonrpc":"2.0","result":{"blockHash":null,"blockNumber":null,"chainId":null,"condition":null,"creates":null,"from":"0x0f65fe9276bc9a24ae7083ae28e2660ef72df99e","gas":"0x5208","gasPrice":"0x1","hash":"0x41df922fd0d4766fcc02e161f8295ec28522f329ae487f14d811e4b64c8d6e31","input":"0x","nonce":"0x0","publicKey":"0x7ae46da747962c2ee46825839c1ef9298e3bd2e70ca2938495c3693a485ec3eaa8f196327881090ff64cf4fbb0a48485d4f83098e189ed3b7a87d5941b59f789","r":"0x48b55bfa915ac795c431978d8a6a992b628d557da5ff759b307d495a36649353","raw":"0xf85f800182520894095e7baea6a6c7c4c2dfeb977efac326af552d870a801ba048b55bfa915ac795c431978d8a6a992b628d557da5ff759b307d495a36649353a0efffd310ac743f371de3b9f7f9cb56c0b28ad43601b4ab949f53faa07bd2c804","s":"0xefffd310ac743f371de3b9f7f9cb56c0b28ad43601b4ab949f53faa07bd2c804","standardV":"0x0","to":"0x095e7baea6a6c7c4c2dfeb977efac326af552d87","transactionIndex":null,"v":"0x1b","value":"0xa"},"id":1}"#;
 	let request = r#"{
 		"jsonrpc": "2.0",
 		"method": "eth_getTransactionByHash",
@@ -860,12 +860,13 @@ fn rpc_eth_sign_transaction() {
 	let response = r#"{"jsonrpc":"2.0","result":{"#.to_owned() +
 		r#""raw":"0x"# + &rlp.to_hex() + r#"","# +
 		r#""tx":{"# +
-		r#""blockHash":null,"blockNumber":null,"condition":null,"creates":null,"# +
+		r#""blockHash":null,"blockNumber":null,"# +
+		&format!("\"chainId\":{},", t.chain_id().map_or("null".to_owned(), |n| format!("{}", n))) +
+		r#""condition":null,"creates":null,"# +
 		&format!("\"from\":\"0x{:?}\",", &address) +
 		r#""gas":"0x76c0","gasPrice":"0x9184e72a000","# +
 		&format!("\"hash\":\"0x{:?}\",", t.hash()) +
 		r#""input":"0x","# +
-		&format!("\"networkId\":{},", t.network_id().map_or("null".to_owned(), |n| format!("{}", n))) +
 		r#""nonce":"0x1","# +
 		&format!("\"publicKey\":\"0x{:?}\",", t.recover_public().unwrap()) +
 		&format!("\"r\":\"0x{}\",", U256::from(signature.r()).to_hex()) +
diff --git a/rpc/src/v1/tests/mocked/parity_set.rs b/rpc/src/v1/tests/mocked/parity_set.rs
index 443379b4f..22e0388e2 100644
--- a/rpc/src/v1/tests/mocked/parity_set.rs
+++ b/rpc/src/v1/tests/mocked/parity_set.rs
@@ -233,7 +233,7 @@ fn rpc_parity_remove_transaction() {
 	let hash = signed.hash();
 
 	let request = r#"{"jsonrpc": "2.0", "method": "parity_removeTransaction", "params":[""#.to_owned() + &format!("0x{:?}", hash) + r#""], "id": 1}"#;
-	let response = r#"{"jsonrpc":"2.0","result":{"blockHash":null,"blockNumber":null,"condition":null,"creates":null,"from":"0x0000000000000000000000000000000000000002","gas":"0x76c0","gasPrice":"0x9184e72a000","hash":"0xa2e0da8a8064e0b9f93e95a53c2db6d01280efb8ac72a708d25487e67dd0f8fc","input":"0x","networkId":null,"nonce":"0x1","publicKey":null,"r":"0x1","raw":"0xe9018609184e72a0008276c0940000000000000000000000000000000000000005849184e72a80800101","s":"0x1","standardV":"0x4","to":"0x0000000000000000000000000000000000000005","transactionIndex":null,"v":"0x0","value":"0x9184e72a"},"id":1}"#;
+	let response = r#"{"jsonrpc":"2.0","result":{"blockHash":null,"blockNumber":null,"chainId":null,"condition":null,"creates":null,"from":"0x0000000000000000000000000000000000000002","gas":"0x76c0","gasPrice":"0x9184e72a000","hash":"0xa2e0da8a8064e0b9f93e95a53c2db6d01280efb8ac72a708d25487e67dd0f8fc","input":"0x","nonce":"0x1","publicKey":null,"r":"0x1","raw":"0xe9018609184e72a0008276c0940000000000000000000000000000000000000005849184e72a80800101","s":"0x1","standardV":"0x4","to":"0x0000000000000000000000000000000000000005","transactionIndex":null,"v":"0x0","value":"0x9184e72a"},"id":1}"#;
 
 	miner.pending_transactions.lock().insert(hash, signed);
 	assert_eq!(io.handle_request_sync(&request), Some(response.to_owned()));
diff --git a/rpc/src/v1/tests/mocked/signer.rs b/rpc/src/v1/tests/mocked/signer.rs
index f92486d16..6827334de 100644
--- a/rpc/src/v1/tests/mocked/signer.rs
+++ b/rpc/src/v1/tests/mocked/signer.rs
@@ -454,12 +454,13 @@ fn should_confirm_sign_transaction_with_rlp() {
 	let response = r#"{"jsonrpc":"2.0","result":{"#.to_owned() +
 		r#""raw":"0x"# + &rlp.to_hex() + r#"","# +
 		r#""tx":{"# +
-		r#""blockHash":null,"blockNumber":null,"condition":null,"creates":null,"# +
+		r#""blockHash":null,"blockNumber":null,"# +
+		&format!("\"chainId\":{},", t.chain_id().map_or("null".to_owned(), |n| format!("{}", n))) +
+		r#""condition":null,"creates":null,"# +
 		&format!("\"from\":\"0x{:?}\",", &address) +
 		r#""gas":"0x989680","gasPrice":"0x1000","# +
 		&format!("\"hash\":\"0x{:?}\",", t.hash()) +
 		r#""input":"0x","# +
-		&format!("\"networkId\":{},", t.network_id().map_or("null".to_owned(), |n| format!("{}", n))) +
 		r#""nonce":"0x0","# +
 		&format!("\"publicKey\":\"0x{:?}\",", t.public_key().unwrap()) +
 		&format!("\"r\":\"0x{}\",", U256::from(signature.r()).to_hex()) +
diff --git a/rpc/src/v1/tests/mocked/signing.rs b/rpc/src/v1/tests/mocked/signing.rs
index 91d792253..4c6951f1a 100644
--- a/rpc/src/v1/tests/mocked/signing.rs
+++ b/rpc/src/v1/tests/mocked/signing.rs
@@ -297,12 +297,13 @@ fn should_add_sign_transaction_to_the_queue() {
 	let response = r#"{"jsonrpc":"2.0","result":{"#.to_owned() +
 		r#""raw":"0x"# + &rlp.to_hex() + r#"","# +
 		r#""tx":{"# +
-		r#""blockHash":null,"blockNumber":null,"condition":null,"creates":null,"# +
+		r#""blockHash":null,"blockNumber":null,"# +
+		&format!("\"chainId\":{},", t.chain_id().map_or("null".to_owned(), |n| format!("{}", n))) +
+		r#""condition":null,"creates":null,"# +
 		&format!("\"from\":\"0x{:?}\",", &address) +
 		r#""gas":"0x76c0","gasPrice":"0x9184e72a000","# +
 		&format!("\"hash\":\"0x{:?}\",", t.hash()) +
 		r#""input":"0x","# +
-		&format!("\"networkId\":{},", t.network_id().map_or("null".to_owned(), |n| format!("{}", n))) +
 		r#""nonce":"0x1","# +
 		&format!("\"publicKey\":\"0x{:?}\",", t.public_key().unwrap()) +
 		&format!("\"r\":\"0x{}\",", U256::from(signature.r()).to_hex()) +
diff --git a/rpc/src/v1/types/block.rs b/rpc/src/v1/types/block.rs
index 5a56f962d..10f7a2476 100644
--- a/rpc/src/v1/types/block.rs
+++ b/rpc/src/v1/types/block.rs
@@ -230,7 +230,7 @@ mod tests {
 	fn test_serialize_block_transactions() {
 		let t = BlockTransactions::Full(vec![Transaction::default()]);
 		let serialized = serde_json::to_string(&t).unwrap();
-		assert_eq!(serialized, r#"[{"hash":"0x0000000000000000000000000000000000000000000000000000000000000000","nonce":"0x0","blockHash":null,"blockNumber":null,"transactionIndex":null,"from":"0x0000000000000000000000000000000000000000","to":null,"value":"0x0","gasPrice":"0x0","gas":"0x0","input":"0x","creates":null,"raw":"0x","publicKey":null,"networkId":null,"standardV":"0x0","v":"0x0","r":"0x0","s":"0x0","condition":null}]"#);
+		assert_eq!(serialized, r#"[{"hash":"0x0000000000000000000000000000000000000000000000000000000000000000","nonce":"0x0","blockHash":null,"blockNumber":null,"transactionIndex":null,"from":"0x0000000000000000000000000000000000000000","to":null,"value":"0x0","gasPrice":"0x0","gas":"0x0","input":"0x","creates":null,"raw":"0x","publicKey":null,"chainId":null,"standardV":"0x0","v":"0x0","r":"0x0","s":"0x0","condition":null}]"#);
 
 		let t = BlockTransactions::Hashes(vec![H256::default().into()]);
 		let serialized = serde_json::to_string(&t).unwrap();
diff --git a/rpc/src/v1/types/transaction.rs b/rpc/src/v1/types/transaction.rs
index ee0203d65..d5eb63b44 100644
--- a/rpc/src/v1/types/transaction.rs
+++ b/rpc/src/v1/types/transaction.rs
@@ -59,8 +59,8 @@ pub struct Transaction {
 	#[serde(rename="publicKey")]
 	pub public_key: Option<H512>,
 	/// The network id of the transaction, if any.
-	#[serde(rename="networkId")]
-	pub network_id: Option<u64>,
+	#[serde(rename="chainId")]
+	pub chain_id: Option<u64>,
 	/// The standardised V field of the signature (0 or 1).
 	#[serde(rename="standardV")]
 	pub standard_v: U256,
@@ -196,7 +196,7 @@ impl Transaction {
 			},
 			raw: ::rlp::encode(&t.signed).into_vec().into(),
 			public_key: t.recover_public().ok().map(Into::into),
-			network_id: t.network_id(),
+			chain_id: t.chain_id(),
 			standard_v: t.standard_v().into(),
 			v: t.original_v().into(),
 			r: signature.r().into(),
@@ -230,7 +230,7 @@ impl Transaction {
 			},
 			raw: ::rlp::encode(&t).into_vec().into(),
 			public_key: t.public_key().map(Into::into),
-			network_id: t.network_id(),
+			chain_id: t.chain_id(),
 			standard_v: t.standard_v().into(),
 			v: t.original_v().into(),
 			r: signature.r().into(),
@@ -273,7 +273,7 @@ mod tests {
 	fn test_transaction_serialize() {
 		let t = Transaction::default();
 		let serialized = serde_json::to_string(&t).unwrap();
-		assert_eq!(serialized, r#"{"hash":"0x0000000000000000000000000000000000000000000000000000000000000000","nonce":"0x0","blockHash":null,"blockNumber":null,"transactionIndex":null,"from":"0x0000000000000000000000000000000000000000","to":null,"value":"0x0","gasPrice":"0x0","gas":"0x0","input":"0x","creates":null,"raw":"0x","publicKey":null,"networkId":null,"standardV":"0x0","v":"0x0","r":"0x0","s":"0x0","condition":null}"#);
+		assert_eq!(serialized, r#"{"hash":"0x0000000000000000000000000000000000000000000000000000000000000000","nonce":"0x0","blockHash":null,"blockNumber":null,"transactionIndex":null,"from":"0x0000000000000000000000000000000000000000","to":null,"value":"0x0","gasPrice":"0x0","gas":"0x0","input":"0x","creates":null,"raw":"0x","publicKey":null,"chainId":null,"standardV":"0x0","v":"0x0","r":"0x0","s":"0x0","condition":null}"#);
 	}
 
 	#[test]
diff --git a/sync/src/tests/consensus.rs b/sync/src/tests/consensus.rs
index 499b7de17..9b01156b7 100644
--- a/sync/src/tests/consensus.rs
+++ b/sync/src/tests/consensus.rs
@@ -42,7 +42,7 @@ impl IoHandler<ClientIoMessage> for TestIoHandler {
 	}
 }
 
-fn new_tx(secret: &Secret, nonce: U256, network_id: u64) -> PendingTransaction {
+fn new_tx(secret: &Secret, nonce: U256, chain_id: u64) -> PendingTransaction {
 	let signed = Transaction {
 		nonce: nonce.into(),
 		gas_price: 0.into(),
@@ -50,7 +50,7 @@ fn new_tx(secret: &Secret, nonce: U256, network_id: u64) -> PendingTransaction {
 		action: Action::Call(Address::default()),
 		value: 0.into(),
 		data: Vec::new(),
-	}.sign(secret, Some(network_id));
+	}.sign(secret, Some(chain_id));
 	PendingTransaction::new(signed, None)
 }
 
@@ -62,7 +62,7 @@ fn authority_round() {
 	ap.insert_account(s0.secret().clone(), "").unwrap();
 	ap.insert_account(s1.secret().clone(), "").unwrap();
 
-	let network_id = Spec::new_test_round().network_id();
+	let chain_id = Spec::new_test_round().chain_id();
 	let mut net = TestNet::with_spec_and_accounts(2, SyncConfig::default(), Spec::new_test_round, Some(ap));
 	let io_handler0: Arc<IoHandler<ClientIoMessage>> = Arc::new(TestIoHandler { client: net.peer(0).chain.clone() });
 	let io_handler1: Arc<IoHandler<ClientIoMessage>> = Arc::new(TestIoHandler { client: net.peer(1).chain.clone() });
@@ -76,15 +76,15 @@ fn authority_round() {
 	// exchange statuses
 	net.sync();
 	// Trigger block proposal
-	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 0.into(), network_id)).unwrap();
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 0.into(), network_id)).unwrap();
+	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 0.into(), chain_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 0.into(), chain_id)).unwrap();
 	// Sync a block
 	net.sync();
 	assert_eq!(net.peer(0).chain.chain_info().best_block_number, 1);
 	assert_eq!(net.peer(1).chain.chain_info().best_block_number, 1);
 
-	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 1.into(), network_id)).unwrap();
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 1.into(), network_id)).unwrap();
+	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 1.into(), chain_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 1.into(), chain_id)).unwrap();
 	// Move to next proposer step.
 	net.peer(0).chain.engine().step();
 	net.peer(1).chain.engine().step();
@@ -93,8 +93,8 @@ fn authority_round() {
 	assert_eq!(net.peer(1).chain.chain_info().best_block_number, 2);
 
 	// Fork the network with equal height.
-	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 2.into(), network_id)).unwrap();
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 2.into(), network_id)).unwrap();
+	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 2.into(), chain_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 2.into(), chain_id)).unwrap();
 	// Let both nodes build one block.
 	net.peer(0).chain.engine().step();
 	let early_hash = net.peer(0).chain.chain_info().best_block_hash;
@@ -116,8 +116,8 @@ fn authority_round() {
 	assert_eq!(ci1.best_block_hash, early_hash);
 
 	// Selfish miner
-	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 3.into(), network_id)).unwrap();
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 3.into(), network_id)).unwrap();
+	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 3.into(), chain_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 3.into(), chain_id)).unwrap();
 	// Node 0 is an earlier primary.
 	net.peer(0).chain.engine().step();
 	assert_eq!(net.peer(0).chain.chain_info().best_block_number, 4);
@@ -128,7 +128,7 @@ fn authority_round() {
 	// Node 1 makes 2 blocks, but is a later primary on the first one.
 	net.peer(1).chain.engine().step();
 	net.peer(1).chain.engine().step();
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 4.into(), network_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 4.into(), chain_id)).unwrap();
 	net.peer(1).chain.engine().step();
 	net.peer(1).chain.engine().step();
 	assert_eq!(net.peer(1).chain.chain_info().best_block_number, 5);
@@ -149,7 +149,7 @@ fn tendermint() {
 	ap.insert_account(s0.secret().clone(), "").unwrap();
 	ap.insert_account(s1.secret().clone(), "").unwrap();
 
-	let network_id = Spec::new_test_tendermint().network_id();
+	let chain_id = Spec::new_test_tendermint().chain_id();
 	let mut net = TestNet::with_spec_and_accounts(2, SyncConfig::default(), Spec::new_test_tendermint, Some(ap));
 	let io_handler0: Arc<IoHandler<ClientIoMessage>> = Arc::new(TestIoHandler { client: net.peer(0).chain.clone() });
 	let io_handler1: Arc<IoHandler<ClientIoMessage>> = Arc::new(TestIoHandler { client: net.peer(1).chain.clone() });
@@ -165,7 +165,7 @@ fn tendermint() {
 	// Exhange statuses
 	net.sync();
 	// Propose
-	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 0.into(), network_id)).unwrap();
+	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 0.into(), chain_id)).unwrap();
 	net.sync();
 	// Propose timeout, synchronous for now
 	net.peer(0).chain.engine().step();
@@ -176,7 +176,7 @@ fn tendermint() {
 	assert_eq!(net.peer(0).chain.chain_info().best_block_number, 1);
 	assert_eq!(net.peer(1).chain.chain_info().best_block_number, 1);
 
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 0.into(), network_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 0.into(), chain_id)).unwrap();
 	// Commit timeout
 	net.peer(0).chain.engine().step();
 	net.peer(1).chain.engine().step();
@@ -190,8 +190,8 @@ fn tendermint() {
 	assert_eq!(net.peer(0).chain.chain_info().best_block_number, 2);
 	assert_eq!(net.peer(1).chain.chain_info().best_block_number, 2);
 
-	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 1.into(), network_id)).unwrap();
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 1.into(), network_id)).unwrap();
+	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 1.into(), chain_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 1.into(), chain_id)).unwrap();
 	// Peers get disconnected.
 	// Commit
 	net.peer(0).chain.engine().step();
@@ -199,8 +199,8 @@ fn tendermint() {
 	// Propose
 	net.peer(0).chain.engine().step();
 	net.peer(1).chain.engine().step();
-	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 2.into(), network_id)).unwrap();
-	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 2.into(), network_id)).unwrap();
+	net.peer(0).chain.miner().import_own_transaction(&*net.peer(0).chain, new_tx(s0.secret(), 2.into(), chain_id)).unwrap();
+	net.peer(1).chain.miner().import_own_transaction(&*net.peer(1).chain, new_tx(s1.secret(), 2.into(), chain_id)).unwrap();
 	// Send different prevotes
 	net.sync();
 	// Prevote timeout

From 10914c8346af4d60ac120ae048a33f1ddd5eb325 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Mon, 21 Aug 2017 14:36:59 +0200
Subject: [PATCH 087/112] avoid runtime underflow if nibbles are empty

---
 util/src/trie/triedb.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/util/src/trie/triedb.rs b/util/src/trie/triedb.rs
index ab7542fae..636912de5 100644
--- a/util/src/trie/triedb.rs
+++ b/util/src/trie/triedb.rs
@@ -293,11 +293,11 @@ impl<'a> TrieDBIterator<'a> {
 	fn key(&self) -> Bytes {
 		// collapse the key_nibbles down to bytes.
 		let nibbles = &self.key_nibbles;
-		let mut i = 0;
+		let mut i = 1;
 		let mut result = Bytes::with_capacity(nibbles.len() / 2);
-		let len = nibbles.len() - 1;
+		let len = nibbles.len();
 		while i < len {
-			result.push(nibbles[i] * 16 + nibbles[i + 1]);
+			result.push(nibbles[i - 1] * 16 + nibbles[i]);
 			i += 2;
 		}
 		result

From 98f86d553a407adc3791bf897f512047678c9f4b Mon Sep 17 00:00:00 2001
From: 5chdn <5chdn@users.noreply.github.com>
Date: Mon, 21 Aug 2017 15:33:31 +0200
Subject: [PATCH 088/112] Only keep a single debug log file, ref #1100

---
 util/src/kvdb.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/util/src/kvdb.rs b/util/src/kvdb.rs
index e6568d68c..44321c531 100644
--- a/util/src/kvdb.rs
+++ b/util/src/kvdb.rs
@@ -493,6 +493,7 @@ impl Database {
 		}
 		opts.set_parsed_options(&format!("max_total_wal_size={}", 64 * 1024 * 1024))?;
 		opts.set_parsed_options("verify_checksums_in_compaction=0")?;
+		opts.set_parsed_options("keep_log_file_num=1")?;
 		opts.set_max_open_files(config.max_open_files);
 		opts.create_if_missing(true);
 		opts.set_use_fsync(false);

From 6c00dc71c104e9e66cc6ac0b628dd765d3af87f6 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Mon, 21 Aug 2017 18:35:39 +0200
Subject: [PATCH 089/112] Optimize trie iter by avoiding redundant copying

---
 util/src/trie/triedb.rs | 107 +++++++++++++++++++++++-----------------
 1 file changed, 63 insertions(+), 44 deletions(-)

diff --git a/util/src/trie/triedb.rs b/util/src/trie/triedb.rs
index 636912de5..e9f4bc671 100644
--- a/util/src/trie/triedb.rs
+++ b/util/src/trie/triedb.rs
@@ -275,9 +275,15 @@ impl<'a> TrieDBIterator<'a> {
 
 	/// Descend into a payload.
 	fn descend(&mut self, d: &[u8]) -> super::Result<()> {
+		let node = Node::decoded(&self.db.get_raw_or_lookup(d)?).into();
+		Ok(self.descend_into_node(node))
+	}
+
+	/// Descend into a payload.
+	fn descend_into_node(&mut self, node: OwnedNode) {
 		self.trail.push(Crumb {
 			status: Status::Entering,
-			node: Node::decoded(&self.db.get_raw_or_lookup(d)?).into(),
+			node: node,
 		});
 		match &self.trail.last().expect("just pushed item; qed").node {
 			&OwnedNode::Leaf(ref n, _) | &OwnedNode::Extension(ref n, _) => {
@@ -285,8 +291,6 @@ impl<'a> TrieDBIterator<'a> {
 			},
 			_ => {}
 		}
-
-		Ok(())
 	}
 
 	/// The present key.
@@ -318,52 +322,67 @@ impl<'a> Iterator for TrieDBIterator<'a> {
 	type Item = TrieItem<'a>;
 
 	fn next(&mut self) -> Option<Self::Item> {
+		enum IterStep {
+			Continue,
+			PopTrail,
+			Descend(super::Result<DBValue>),
+		}
+
 		loop {
-			let b = match self.trail.last_mut() {
-				Some(mut b) => { b.increment(); b.clone() },
-				None => return None,
+			let iter_step = {
+				match self.trail.last_mut() {
+					Some(b) => { b.increment(); },
+					None => return None,
+				}
+
+				let b = self.trail.last().expect("trail.last_mut().is_some(); qed");
+
+				match (b.status.clone(), &b.node) {
+					(Status::Exiting, n) => {
+						match *n {
+							OwnedNode::Leaf(ref n, _) | OwnedNode::Extension(ref n, _) => {
+								let l = self.key_nibbles.len();
+								self.key_nibbles.truncate(l - n.len());
+							},
+							OwnedNode::Branch(_, _) => { self.key_nibbles.pop(); },
+							_ => {}
+						}
+						IterStep::PopTrail
+					},
+					(Status::At, &OwnedNode::Leaf(_, ref v)) | (Status::At, &OwnedNode::Branch(_, Some(ref v))) => {
+						return Some(Ok((self.key(), v.clone())));
+					},
+					(Status::At, &OwnedNode::Extension(_, ref d)) => IterStep::Descend(self.db.get_raw_or_lookup(&*d)),
+					(Status::At, &OwnedNode::Branch(_, _)) => IterStep::Continue,
+					(Status::AtChild(i), &OwnedNode::Branch(ref children, _)) if children[i].len() > 0 => {
+						match i {
+							0 => self.key_nibbles.push(0),
+							i => *self.key_nibbles.last_mut()
+								.expect("pushed as 0; moves sequentially; removed afterwards; qed") = i as u8,
+						}
+						IterStep::Descend(self.db.get_raw_or_lookup(&*children[i]))
+					},
+					(Status::AtChild(i), &OwnedNode::Branch(_, _)) => {
+						if i == 0 {
+							self.key_nibbles.push(0);
+						}
+						IterStep::Continue
+					},
+					_ => panic!() // Should never see Entering or AtChild without a Branch here.
+				}
 			};
-			match (b.status, b.node) {
-				(Status::Exiting, n) => {
-					match n {
-						OwnedNode::Leaf(n, _) | OwnedNode::Extension(n, _) => {
-							let l = self.key_nibbles.len();
-							self.key_nibbles.truncate(l - n.len());
-						},
-						OwnedNode::Branch(_, _) => { self.key_nibbles.pop(); },
-						_ => {}
-					}
+
+			match iter_step {
+				IterStep::PopTrail => {
 					self.trail.pop();
-					// continue
 				},
-				(Status::At, OwnedNode::Leaf(_, v)) | (Status::At, OwnedNode::Branch(_, Some(v))) => {
-					return Some(Ok((self.key(), v)));
+				IterStep::Descend(Ok(d)) => {
+					self.descend_into_node(Node::decoded(&d).into())
 				},
-				(Status::At, OwnedNode::Extension(_, d)) => {
-					if let Err(e) = self.descend(&*d) {
-						return Some(Err(e));
-					}
-					// continue
-				},
-				(Status::At, OwnedNode::Branch(_, _)) => {},
-				(Status::AtChild(i), OwnedNode::Branch(ref children, _)) if children[i].len() > 0 => {
-					match i {
-						0 => self.key_nibbles.push(0),
-						i => *self.key_nibbles.last_mut()
-							.expect("pushed as 0; moves sequentially; removed afterwards; qed") = i as u8,
-					}
-					if let Err(e) = self.descend(&*children[i]) {
-						return Some(Err(e));
-					}
-					// continue
-				},
-				(Status::AtChild(i), OwnedNode::Branch(_, _)) => {
-					if i == 0 {
-						self.key_nibbles.push(0);
-					}
-					// continue
-				},
-				_ => panic!() // Should never see Entering or AtChild without a Branch here.
+				IterStep::Descend(Err(e)) => {
+					return Some(Err(e))
+				}
+				IterStep::Continue => {},
 			}
 		}
 	}

From d41dd13918eb30ea7dff8bd1b1a30d36f4141934 Mon Sep 17 00:00:00 2001
From: Arkadiy Paronyan <arkady.paronyan@gmail.com>
Date: Tue, 22 Aug 2017 11:24:56 +0200
Subject: [PATCH 090/112] Tweaked snapshot params (#6344)

---
 ethcore/src/engines/null_engine.rs          |  2 +-
 ethcore/src/ethereum/ethash.rs              |  7 ++++--
 ethcore/src/snapshot/consensus/work.rs      | 27 +++++++++++++++------
 ethcore/src/snapshot/tests/proof_of_work.rs |  2 +-
 parity/run.rs                               |  2 +-
 sync/src/chain.rs                           |  2 +-
 6 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/ethcore/src/engines/null_engine.rs b/ethcore/src/engines/null_engine.rs
index 3bdef480c..552154580 100644
--- a/ethcore/src/engines/null_engine.rs
+++ b/ethcore/src/engines/null_engine.rs
@@ -62,6 +62,6 @@ impl Engine for NullEngine {
 	}
 
 	fn snapshot_components(&self) -> Option<Box<::snapshot::SnapshotComponents>> {
-		Some(Box::new(::snapshot::PowSnapshot(10000)))
+		Some(Box::new(::snapshot::PowSnapshot::new(10000, 10000)))
 	}
 }
diff --git a/ethcore/src/ethereum/ethash.rs b/ethcore/src/ethereum/ethash.rs
index adb1f7dac..6235255e4 100644
--- a/ethcore/src/ethereum/ethash.rs
+++ b/ethcore/src/ethereum/ethash.rs
@@ -39,7 +39,10 @@ pub const PARITY_GAS_LIMIT_DETERMINANT: U256 = U256([37, 0, 0, 0]);
 
 /// Number of blocks in an ethash snapshot.
 // make dependent on difficulty incrment divisor?
-const SNAPSHOT_BLOCKS: u64 = 30000;
+const SNAPSHOT_BLOCKS: u64 = 5000;
+/// Maximum number of blocks allowed in an ethash snapshot.
+const MAX_SNAPSHOT_BLOCKS: u64 = 30000;
+
 
 /// Ethash params.
 #[derive(Debug, PartialEq)]
@@ -407,7 +410,7 @@ impl Engine for Arc<Ethash> {
 	}
 
 	fn snapshot_components(&self) -> Option<Box<::snapshot::SnapshotComponents>> {
-		Some(Box::new(::snapshot::PowSnapshot(SNAPSHOT_BLOCKS)))
+		Some(Box::new(::snapshot::PowSnapshot::new(SNAPSHOT_BLOCKS, MAX_SNAPSHOT_BLOCKS)))
 	}
 }
 
diff --git a/ethcore/src/snapshot/consensus/work.rs b/ethcore/src/snapshot/consensus/work.rs
index 4975203b7..2bf154fc4 100644
--- a/ethcore/src/snapshot/consensus/work.rs
+++ b/ethcore/src/snapshot/consensus/work.rs
@@ -37,11 +37,24 @@ use rand::OsRng;
 /// Snapshot creation and restoration for PoW chains.
 /// This includes blocks from the head of the chain as a
 /// loose assurance that the chain is valid.
-///
-/// The field is the number of blocks from the head of the chain
-/// to include in the snapshot.
 #[derive(Clone, Copy, PartialEq)]
-pub struct PowSnapshot(pub u64);
+pub struct PowSnapshot {
+	/// Number of blocks from the head of the chain
+	/// to include in the snapshot.
+	pub blocks: u64,
+	/// Number of to allow in the snapshot when restoring.
+	pub max_restore_blocks: u64,
+}
+
+impl PowSnapshot {
+	/// Create a new instance.
+	pub fn new(blocks: u64, max_restore_blocks: u64) -> PowSnapshot {
+		PowSnapshot {
+			blocks: blocks,
+			max_restore_blocks: max_restore_blocks,
+		}
+	}
+}
 
 impl SnapshotComponents for PowSnapshot {
 	fn chunk_all(
@@ -57,7 +70,7 @@ impl SnapshotComponents for PowSnapshot {
 			current_hash: block_at,
 			writer: chunk_sink,
 			preferred_size: preferred_size,
-		}.chunk_all(self.0)
+		}.chunk_all(self.blocks)
 	}
 
 	fn rebuilder(
@@ -66,7 +79,7 @@ impl SnapshotComponents for PowSnapshot {
 		db: Arc<KeyValueDB>,
 		manifest: &ManifestData,
 	) -> Result<Box<Rebuilder>, ::error::Error> {
-		PowRebuilder::new(chain, db, manifest, self.0).map(|r| Box::new(r) as Box<_>)
+		PowRebuilder::new(chain, db, manifest, self.max_restore_blocks).map(|r| Box::new(r) as Box<_>)
 	}
 
 	fn min_supported_version(&self) -> u64 { ::snapshot::MIN_SUPPORTED_STATE_CHUNK_VERSION }
@@ -218,7 +231,7 @@ impl Rebuilder for PowRebuilder {
 		trace!(target: "snapshot", "restoring block chunk with {} blocks.", item_count - 3);
 
 		if self.fed_blocks + num_blocks > self.snapshot_blocks {
-			return Err(Error::TooManyBlocks(self.snapshot_blocks, self.fed_blocks).into())
+			return Err(Error::TooManyBlocks(self.snapshot_blocks, self.fed_blocks + num_blocks).into())
 		}
 
 		// todo: assert here that these values are consistent with chunks being in order.
diff --git a/ethcore/src/snapshot/tests/proof_of_work.rs b/ethcore/src/snapshot/tests/proof_of_work.rs
index e7d0a0964..a6c0166f5 100644
--- a/ethcore/src/snapshot/tests/proof_of_work.rs
+++ b/ethcore/src/snapshot/tests/proof_of_work.rs
@@ -30,7 +30,7 @@ use util::kvdb::{self, KeyValueDB, DBTransaction};
 use std::sync::Arc;
 use std::sync::atomic::AtomicBool;
 
-const SNAPSHOT_MODE: ::snapshot::PowSnapshot = ::snapshot::PowSnapshot(30000);
+const SNAPSHOT_MODE: ::snapshot::PowSnapshot = ::snapshot::PowSnapshot { blocks: 30000, max_restore_blocks: 30000 };
 
 fn chunk_and_restore(amount: u64) {
 	let mut canon_chain = ChainGenerator::default();
diff --git a/parity/run.rs b/parity/run.rs
index fbf59e680..49624480c 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -56,7 +56,7 @@ use signer;
 use url;
 
 // how often to take periodic snapshots.
-const SNAPSHOT_PERIOD: u64 = 10000;
+const SNAPSHOT_PERIOD: u64 = 5000;
 
 // how many blocks to wait before starting a periodic snapshot.
 const SNAPSHOT_HISTORY: u64 = 100;
diff --git a/sync/src/chain.rs b/sync/src/chain.rs
index d6937381c..3a472c88f 100644
--- a/sync/src/chain.rs
+++ b/sync/src/chain.rs
@@ -133,7 +133,7 @@ const MAX_TRANSACTION_PACKET_SIZE: usize = 8 * 1024 * 1024;
 // Maximal number of transactions in sent in single packet.
 const MAX_TRANSACTIONS_TO_PROPAGATE: usize = 64;
 // Min number of blocks to be behind for a snapshot sync
-const SNAPSHOT_RESTORE_THRESHOLD: BlockNumber = 100000;
+const SNAPSHOT_RESTORE_THRESHOLD: BlockNumber = 10000;
 const SNAPSHOT_MIN_PEERS: usize = 3;
 
 const STATUS_PACKET: u8 = 0x00;

From 4bda7bf175ad3f74225129378742bc1648579488 Mon Sep 17 00:00:00 2001
From: Marek Kotewicz <marek.kotewicz@gmail.com>
Date: Tue, 22 Aug 2017 17:05:28 +0200
Subject: [PATCH 091/112] updated bigint (#6341)

---
 Cargo.lock | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 7e1aa0d2b..20c11bda7 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -125,10 +125,11 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
 name = "bigint"
-version = "4.1.1"
+version = "4.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
  "byteorder 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "crunchy 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
  "heapsize 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "rustc_version 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -346,7 +347,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
 name = "crunchy"
-version = "0.1.3"
+version = "0.1.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
@@ -478,7 +479,7 @@ dependencies = [
 name = "ethash"
 version = "1.8.0"
 dependencies = [
- "crunchy 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "crunchy 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
  "parking_lot 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "primal 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -544,7 +545,7 @@ dependencies = [
 name = "ethcore-bigint"
 version = "0.1.3"
 dependencies = [
- "bigint 4.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "bigint 4.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "heapsize 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.21 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -2466,7 +2467,7 @@ dependencies = [
 name = "rpc-cli"
 version = "1.4.0"
 dependencies = [
- "bigint 4.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "bigint 4.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "ethcore-util 1.8.0",
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
  "parity-rpc 1.8.0",
@@ -3244,7 +3245,7 @@ dependencies = [
 "checksum backtrace-sys 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)" = "3a0d842ea781ce92be2bf78a9b38883948542749640b8378b3b2f03d1fd9f1ff"
 "checksum base-x 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "2f59103b47307f76e03bef1633aec7fa9e29bfb5aa6daf5a334f94233c71f6c1"
 "checksum base32 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "1b9605ba46d61df0410d8ac686b0007add8172eba90e8e909c347856fe794d8c"
-"checksum bigint 4.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "2b45beaa0727835a98df09295d4250afc52c3f7d375d560997ae942c95b98ceb"
+"checksum bigint 4.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f56c9f1cd09cdcafcccdab1fd58797d39b7d4d203238b2e3768807590723bdf0"
 "checksum bincode 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e103c8b299b28a9c6990458b7013dc4a8356a9b854c51b9883241f5866fac36e"
 "checksum bit-set 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e6e1e6fb1c9e3d6fcdec57216a74eaa03e41f52a22f13a16438251d8e88b89da"
 "checksum bit-set 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d9bf6104718e80d7b26a68fdbacff3481cfc05df670821affc7e9cbc1884400c"
@@ -3269,7 +3270,7 @@ dependencies = [
 "checksum core-foundation 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "20a6d0448d3a99d977ae4a2aa5a98d886a923e863e81ad9ff814645b6feb3bbd"
 "checksum core-foundation-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "05eed248dc504a5391c63794fe4fb64f46f071280afaa1b73308f3c0ce4574c5"
 "checksum crossbeam 0.2.10 (registry+https://github.com/rust-lang/crates.io-index)" = "0c5ea215664ca264da8a9d9c3be80d2eaf30923c259d03e870388eb927508f97"
-"checksum crunchy 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "e6aa9cb5f2d7bffc4eecfaf924fe450549dc4f0c3a6502298dc24f968b1eabbe"
+"checksum crunchy 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "a2f4a431c5c9f662e1200b7c7f02c34e91361150e382089a8f2dec3ba680cbda"
 "checksum crypt32-sys 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e34988f7e069e0b2f3bfc064295161e489b2d4e04a2e4248fb94360cdf00b4ec"
 "checksum ctrlc 1.1.1 (git+https://github.com/paritytech/rust-ctrlc.git)" = "<none>"
 "checksum custom_derive 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)" = "ef8ae57c4978a2acd8b869ce6b9ca1dfe817bff704c220209fdef2c0b75a01b9"

From 5c0f9f1c40c265cf4abfa151f0bd7204465c73b3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Thu, 24 Aug 2017 13:13:01 +0200
Subject: [PATCH 092/112] Fix eth_call. (#6365)

* Fix eth_call.

* Fix warning spam.
---
 rpc/src/v1/helpers/fake_sign.rs | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/rpc/src/v1/helpers/fake_sign.rs b/rpc/src/v1/helpers/fake_sign.rs
index c5b95f6a4..551bf5d35 100644
--- a/rpc/src/v1/helpers/fake_sign.rs
+++ b/rpc/src/v1/helpers/fake_sign.rs
@@ -30,15 +30,17 @@ pub fn sign_call<B: MiningBlockChainClient, M: MinerService>(
 	request: CallRequest,
 	gas_cap: bool,
 ) -> Result<SignedTransaction, Error> {
-	let from = request.from.unwrap_or(0.into());
-	let mut gas = request.gas.unwrap_or(U256::max_value());
-	if gas_cap {
-		let max_gas = 50_000_000.into();
-		if gas > max_gas {
+	let max_gas = 50_000_000.into();
+	let gas = match request.gas {
+		Some(gas) if gas_cap && gas > max_gas => {
 			warn!("Gas limit capped to {} (from {})", max_gas, gas);
-			gas = max_gas
+			max_gas
 		}
-	}
+		Some(gas) => gas,
+		None if gas_cap => max_gas,
+		None => U256::from(2) << 50,
+	};
+	let from = request.from.unwrap_or(0.into());
 
 	Ok(Transaction {
 		nonce: request.nonce.unwrap_or_else(|| client.latest_nonce(&from)),

From 5b6d47aeefd950c6680ce598a25ae2b247629a56 Mon Sep 17 00:00:00 2001
From: Jon Choi <choi.jonathanh@gmail.com>
Date: Fri, 25 Aug 2017 01:31:48 -0700
Subject: [PATCH 093/112] Infoline less opaque for UI/visibility (#6364)

---
 js/src/views/Account/Header/header.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/src/views/Account/Header/header.css b/js/src/views/Account/Header/header.css
index f894b7c49..5ff69f774 100644
--- a/js/src/views/Account/Header/header.css
+++ b/js/src/views/Account/Header/header.css
@@ -53,7 +53,7 @@
 
 .infoline,
 .uuidline {
-  opacity: 0.25;
+  opacity: 0.5;
 }
 
 .uuidline {

From b6024adf8564a0a50a8ca0bd76ea033926b4d49d Mon Sep 17 00:00:00 2001
From: GitLab Build Bot <jaco+gitlab@ethcore.io>
Date: Fri, 25 Aug 2017 09:11:39 +0000
Subject: [PATCH 094/112] [ci skip] js-precompiled 20170825-090654

---
 Cargo.lock           | 2 +-
 js/package-lock.json | 2 +-
 js/package.json      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 20c11bda7..c5ee9ad8b 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2058,7 +2058,7 @@ dependencies = [
 [[package]]
 name = "parity-ui-precompiled"
 version = "1.4.0"
-source = "git+https://github.com/paritytech/js-precompiled.git#416ced84c23b1a776d53ee4a3023eb4eb4736cf8"
+source = "git+https://github.com/paritytech/js-precompiled.git#d809723e58bcb36c0f8d2eca5ca94abbb3690544"
 dependencies = [
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
diff --git a/js/package-lock.json b/js/package-lock.json
index 4e732cbfc..707e5a67d 100644
--- a/js/package-lock.json
+++ b/js/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.16",
+  "version": "1.8.17",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/js/package.json b/js/package.json
index 41388a127..1bb76b21c 100644
--- a/js/package.json
+++ b/js/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parity.js",
-  "version": "1.8.16",
+  "version": "1.8.17",
   "main": "release/index.js",
   "jsnext:main": "src/index.js",
   "author": "Parity Team <admin@parity.io>",

From 5d6c53c9bdaca013e6613966cf73c5c33a09bd1d Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Sat, 26 Aug 2017 18:33:43 +0200
Subject: [PATCH 095/112] triedb seek and descend is not recursive

---
 util/src/trie/triedb.rs | 119 +++++++++++++++++++++++-----------------
 1 file changed, 68 insertions(+), 51 deletions(-)

diff --git a/util/src/trie/triedb.rs b/util/src/trie/triedb.rs
index e9f4bc671..b98d0b33a 100644
--- a/util/src/trie/triedb.rs
+++ b/util/src/trie/triedb.rs
@@ -217,59 +217,76 @@ impl<'a> TrieDBIterator<'a> {
 		Ok(r)
 	}
 
-	fn seek_descend<'key>(&mut self, node_data: DBValue, key: &NibbleSlice<'key>) -> super::Result<()> {
-		let node = Node::decoded(&node_data);
-		match node {
-			Node::Leaf(ref slice, _) => {
-				if slice == key {
-					self.trail.push(Crumb {
-						status: Status::At,
-						node: node.clone().into(),
-					});
-				} else {
-					self.trail.push(Crumb {
-						status: Status::Exiting,
-						node: node.clone().into(),
-					});
-				}
+	fn seek_descend<'key>(&mut self, mut node_data: DBValue, mut key: NibbleSlice<'key>) -> super::Result<()> {
+		enum Step {
+			Descend(DBValue, usize),
+			Return,
+		}
 
-				self.key_nibbles.extend(slice.iter());
-				Ok(())
-			},
-			Node::Extension(ref slice, ref item) => {
-				if key.starts_with(slice) {
-					self.trail.push(Crumb {
-						status: Status::At,
-						node: node.clone().into(),
-					});
-					self.key_nibbles.extend(slice.iter());
-					let data = self.db.get_raw_or_lookup(&*item)?;
-					self.seek_descend(data, &key.mid(slice.len()))
-				} else {
-					self.descend(&node_data)?;
-					Ok(())
+		loop {
+			let step = {
+				let node = Node::decoded(&node_data);
+				match node {
+					Node::Leaf(slice, _) => {
+						if slice == key {
+							self.trail.push(Crumb {
+								status: Status::At,
+								node: node.clone().into(),
+							});
+						} else {
+							self.trail.push(Crumb {
+								status: Status::Exiting,
+								node: node.clone().into(),
+							});
+						}
+
+						self.key_nibbles.extend(slice.iter());
+						Step::Return
+					},
+					Node::Extension(ref slice, ref item) => {
+						if key.starts_with(slice) {
+							self.trail.push(Crumb {
+								status: Status::At,
+								node: node.clone().into(),
+							});
+							self.key_nibbles.extend(slice.iter());
+							let data = self.db.get_raw_or_lookup(&*item)?;
+							Step::Descend(data, slice.len())
+						} else {
+							self.descend(&node_data)?;
+							Step::Return
+						}
+					},
+					Node::Branch(ref nodes, _) => match key.is_empty() {
+						true => {
+							self.trail.push(Crumb {
+								status: Status::At,
+								node: node.clone().into(),
+							});
+							Step::Return
+						},
+						false => {
+							let i = key.at(0);
+							self.trail.push(Crumb {
+								status: Status::AtChild(i as usize),
+								node: node.clone().into(),
+							});
+							self.key_nibbles.push(i);
+							let child = self.db.get_raw_or_lookup(&*nodes[i as usize])?;
+							Step::Descend(child, 1)
+						}
+					},
+					_ => Step::Return
 				}
-			},
-			Node::Branch(ref nodes, _) => match key.is_empty() {
-				true => {
-					self.trail.push(Crumb {
-						status: Status::At,
-						node: node.clone().into(),
-					});
-					Ok(())
-				},
-				false => {
-					let i = key.at(0);
-					self.trail.push(Crumb {
-						status: Status::AtChild(i as usize),
-						node: node.clone().into(),
-					});
-					self.key_nibbles.push(i);
-					let child = self.db.get_raw_or_lookup(&*nodes[i as usize])?;
-					self.seek_descend(child, &key.mid(1))
+			};
+
+			match step {
+				Step::Return => return Ok(()),
+				Step::Descend(data, mid) => {
+					node_data = data;
+					key = key.mid(mid);
 				}
-			},
-			_ => Ok(())
+			}
 		}
 	}
 
@@ -314,7 +331,7 @@ impl<'a> TrieIterator for TrieDBIterator<'a> {
 		self.trail.clear();
 		self.key_nibbles.clear();
 		let root_rlp = self.db.root_data()?;
-		self.seek_descend(root_rlp, &NibbleSlice::new(key))
+		self.seek_descend(root_rlp, NibbleSlice::new(key))
 	}
 }
 

From 9083923f2780599db03bdc595bf50100c61ebdc7 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Sat, 26 Aug 2017 18:34:16 +0200
Subject: [PATCH 096/112] optimized memorydb insert, remove and emplace

---
 util/src/memorydb.rs | 52 +++++++++++++++++++++++++-------------------
 1 file changed, 30 insertions(+), 22 deletions(-)

diff --git a/util/src/memorydb.rs b/util/src/memorydb.rs
index cc8d0a3de..fcfde9695 100644
--- a/util/src/memorydb.rs
+++ b/util/src/memorydb.rs
@@ -181,7 +181,10 @@ impl HashDB for MemoryDB {
 	}
 
 	fn keys(&self) -> HashMap<H256, i32> {
-		self.data.iter().filter_map(|(k, v)| if v.1 != 0 {Some((k.clone(), v.1))} else {None}).collect()
+		self.data.iter()
+			.filter(|&(_, v)| v.1 != 0)
+			.map(|(k, v)| (*k, v.1))
+			.collect()
 	}
 
 	fn contains(&self, key: &H256) -> bool {
@@ -200,16 +203,17 @@ impl HashDB for MemoryDB {
 			return SHA3_NULL_RLP.clone();
 		}
 		let key = value.sha3();
-		if match self.data.get_mut(&key) {
-			Some(&mut (ref mut old_value, ref mut rc @ -0x80000000i32 ... 0)) => {
-				*old_value = DBValue::from_slice(value);
+		match self.data.entry(key) {
+			Entry::Occupied(mut entry) => {
+				let &mut (ref mut old_value, ref mut rc) = entry.get_mut();
+				if *rc >= -0x80000000i32 && *rc <= 0 {
+					*old_value = DBValue::from_slice(value);
+				}
 				*rc += 1;
-				false
 			},
-			Some(&mut (_, ref mut x)) => { *x += 1; false } ,
-			None => true,
-		}{	// ... None falls through into...
-			self.data.insert(key.clone(), (DBValue::from_slice(value), 1));
+			Entry::Vacant(entry) => {
+				entry.insert((DBValue::from_slice(value), 1));
+			},
 		}
 		key
 	}
@@ -219,17 +223,18 @@ impl HashDB for MemoryDB {
 			return;
 		}
 
-		match self.data.get_mut(&key) {
-			Some(&mut (ref mut old_value, ref mut rc @ -0x80000000i32 ... 0)) => {
-				*old_value = value;
+		match self.data.entry(key) {
+			Entry::Occupied(mut entry) => {
+				let &mut (ref mut old_value, ref mut rc) = entry.get_mut();
+				if *rc >= -0x80000000i32 && *rc <= 0 {
+					*old_value = value;
+				}
 				*rc += 1;
-				return;
 			},
-			Some(&mut (_, ref mut x)) => { *x += 1; return; } ,
-			None => {},
+			Entry::Vacant(entry) => {
+				entry.insert((value, 1));
+			},
 		}
-		// ... None falls through into...
-		self.data.insert(key, (value, 1));
 	}
 
 	fn remove(&mut self, key: &H256) {
@@ -237,11 +242,14 @@ impl HashDB for MemoryDB {
 			return;
 		}
 
-		if match self.data.get_mut(key) {
-			Some(&mut (_, ref mut x)) => { *x -= 1; false }
-			None => true
-		}{	// ... None falls through into...
-			self.data.insert(key.clone(), (DBValue::new(), -1));
+		match self.data.entry(*key) {
+			Entry::Occupied(mut entry) => {
+				let &mut (_, ref mut rc) = entry.get_mut();
+				*rc -= 1;
+			},
+			Entry::Vacant(entry) => {
+				entry.insert((DBValue::new(), -1));
+			},
 		}
 	}
 }

From 5395f13528ae96fed018abbfbd71be5b1ff16ed0 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Sat, 26 Aug 2017 19:09:32 +0200
Subject: [PATCH 097/112] optimized hashdb keys

---
 util/src/journaldb/archivedb.rs       | 26 +++++++++++++---------
 util/src/journaldb/earlymergedb.rs    | 26 +++++++++++++---------
 util/src/journaldb/overlayrecentdb.rs | 26 +++++++++++++---------
 util/src/journaldb/refcounteddb.rs    |  2 +-
 util/src/memorydb.rs                  | 10 ++++-----
 util/src/overlaydb.rs                 | 31 ++++++++++++++++++---------
 6 files changed, 75 insertions(+), 46 deletions(-)

diff --git a/util/src/journaldb/archivedb.rs b/util/src/journaldb/archivedb.rs
index fc893654a..68747712d 100644
--- a/util/src/journaldb/archivedb.rs
+++ b/util/src/journaldb/archivedb.rs
@@ -17,6 +17,7 @@
 //! Disk-backed `HashDB` implementation.
 
 use std::collections::HashMap;
+use std::collections::hash_map::Entry;
 use std::sync::Arc;
 use rlp::*;
 use hashdb::*;
@@ -66,23 +67,28 @@ impl ArchiveDB {
 
 impl HashDB for ArchiveDB {
 	fn keys(&self) -> HashMap<H256, i32> {
-		let mut ret: HashMap<H256, i32> = HashMap::new();
-		for (key, _) in self.backing.iter(self.column) {
-			let h = H256::from_slice(&*key);
-			ret.insert(h, 1);
-		}
+		let mut ret: HashMap<H256, i32> = self.backing.iter(self.column)
+			.map(|(key, _)| (H256::from_slice(&*key), 1))
+			.collect();
 
 		for (key, refs) in self.overlay.keys() {
-			let refs = *ret.get(&key).unwrap_or(&0) + refs;
-			ret.insert(key, refs);
+			match ret.entry(key) {
+				Entry::Occupied(mut entry) => {
+					*entry.get_mut() += refs;
+				},
+				Entry::Vacant(entry) => {
+					*entry.insert(refs);
+				}
+			}
 		}
 		ret
 	}
 
 	fn get(&self, key: &H256) -> Option<DBValue> {
-		let k = self.overlay.raw(key);
-		if let Some((d, rc)) = k {
-			if rc > 0 { return Some(d); }
+		if let Some((d, rc)) = self.overlay.raw(key) {
+			if rc > 0 {
+				return Some(d);
+			}
 		}
 		self.payload(key)
 	}
diff --git a/util/src/journaldb/earlymergedb.rs b/util/src/journaldb/earlymergedb.rs
index b7b57d537..345005018 100644
--- a/util/src/journaldb/earlymergedb.rs
+++ b/util/src/journaldb/earlymergedb.rs
@@ -18,6 +18,7 @@
 
 use std::fmt;
 use std::collections::HashMap;
+use std::collections::hash_map::Entry;
 use std::sync::Arc;
 use parking_lot::RwLock;
 use heapsize::HeapSizeOf;
@@ -311,23 +312,28 @@ impl EarlyMergeDB {
 
 impl HashDB for EarlyMergeDB {
 	fn keys(&self) -> HashMap<H256, i32> {
-		let mut ret: HashMap<H256, i32> = HashMap::new();
-		for (key, _) in self.backing.iter(self.column) {
-			let h = H256::from_slice(&*key);
-			ret.insert(h, 1);
-		}
+		let mut ret: HashMap<H256, i32> = self.backing.iter(self.column)
+			.map(|(key, _)| (H256::from_slice(&*key), 1))
+			.collect();
 
 		for (key, refs) in self.overlay.keys() {
-			let refs = *ret.get(&key).unwrap_or(&0) + refs;
-			ret.insert(key, refs);
+			match ret.entry(key) {
+				Entry::Occupied(mut entry) => {
+					*entry.get_mut() += refs;
+				},
+				Entry::Vacant(entry) => {
+					*entry.insert(refs);
+				}
+			}
 		}
 		ret
 	}
 
 	fn get(&self, key: &H256) -> Option<DBValue> {
-		let k = self.overlay.raw(key);
-		if let Some((d, rc)) = k {
-			if rc > 0 { return Some(d) }
+		if let Some((d, rc)) = self.overlay.raw(key) {
+			if rc > 0 {
+				return Some(d)
+			}
 		}
 		self.payload(key)
 	}
diff --git a/util/src/journaldb/overlayrecentdb.rs b/util/src/journaldb/overlayrecentdb.rs
index e96430e06..4b9efadc7 100644
--- a/util/src/journaldb/overlayrecentdb.rs
+++ b/util/src/journaldb/overlayrecentdb.rs
@@ -17,6 +17,7 @@
 //! `JournalDB` over in-memory overlay
 
 use std::collections::HashMap;
+use std::collections::hash_map::Entry;
 use std::sync::Arc;
 use parking_lot::RwLock;
 use heapsize::HeapSizeOf;
@@ -407,23 +408,28 @@ impl JournalDB for OverlayRecentDB {
 
 impl HashDB for OverlayRecentDB {
 	fn keys(&self) -> HashMap<H256, i32> {
-		let mut ret: HashMap<H256, i32> = HashMap::new();
-		for (key, _) in self.backing.iter(self.column) {
-			let h = H256::from_slice(&*key);
-			ret.insert(h, 1);
-		}
+		let mut ret: HashMap<H256, i32> = self.backing.iter(self.column)
+			.map(|(key, _)| (H256::from_slice(&*key), 1))
+			.collect();
 
 		for (key, refs) in self.transaction_overlay.keys() {
-			let refs = *ret.get(&key).unwrap_or(&0) + refs;
-			ret.insert(key, refs);
+			match ret.entry(key) {
+				Entry::Occupied(mut entry) => {
+					*entry.get_mut() += refs;
+				},
+				Entry::Vacant(entry) => {
+					*entry.insert(refs);
+				}
+			}
 		}
 		ret
 	}
 
 	fn get(&self, key: &H256) -> Option<DBValue> {
-		let k = self.transaction_overlay.raw(key);
-		if let Some((d, rc)) = k {
-			if rc > 0 { return Some(d) }
+		if let Some((d, rc)) = self.transaction_overlay.raw(key) {
+			if rc > 0 {
+				return Some(d)
+			}
 		}
 		let v = {
 			let journal_overlay = self.journal_overlay.read();
diff --git a/util/src/journaldb/refcounteddb.rs b/util/src/journaldb/refcounteddb.rs
index e38994700..1b9c9ded8 100644
--- a/util/src/journaldb/refcounteddb.rs
+++ b/util/src/journaldb/refcounteddb.rs
@@ -198,7 +198,7 @@ impl JournalDB for RefCountedDB {
 	fn consolidate(&mut self, mut with: MemoryDB) {
 		for (key, (value, rc)) in with.drain() {
 			for _ in 0..rc {
-				self.emplace(key.clone(), value.clone());
+				self.emplace(key, value.clone());
 			}
 
 			for _ in rc..0 {
diff --git a/util/src/memorydb.rs b/util/src/memorydb.rs
index fcfde9695..14d3cb639 100644
--- a/util/src/memorydb.rs
+++ b/util/src/memorydb.rs
@@ -16,14 +16,14 @@
 
 //! Reference-counted memory-based `HashDB` implementation.
 
-use hash::*;
-use rlp::*;
-use sha3::*;
-use hashdb::*;
-use heapsize::*;
 use std::mem;
 use std::collections::HashMap;
 use std::collections::hash_map::Entry;
+use heapsize::HeapSizeOf;
+use hash::{H256FastMap, H256};
+use rlp::NULL_RLP;
+use sha3::*;
+use hashdb::*;
 
 /// Reference-counted memory-based `HashDB` implementation.
 ///
diff --git a/util/src/overlaydb.rs b/util/src/overlaydb.rs
index 6b6f501a7..dbd22c59d 100644
--- a/util/src/overlaydb.rs
+++ b/util/src/overlaydb.rs
@@ -16,13 +16,14 @@
 
 //! Disk-backed `HashDB` implementation.
 
+use std::sync::Arc;
+use std::collections::HashMap;
+use std::collections::hash_map::Entry;
 use error::*;
 use hash::*;
 use rlp::*;
 use hashdb::*;
 use memorydb::*;
-use std::sync::*;
-use std::collections::HashMap;
 use kvdb::{KeyValueDB, DBTransaction};
 
 /// Implementation of the `HashDB` trait for a disk-backed database with a memory overlay.
@@ -125,19 +126,27 @@ impl OverlayDB {
 
 impl HashDB for OverlayDB {
 	fn keys(&self) -> HashMap<H256, i32> {
-		let mut ret: HashMap<H256, i32> = HashMap::new();
-		for (key, _) in self.backing.iter(self.column) {
-			let h = H256::from_slice(&*key);
-			let r = self.payload(&h).unwrap().1;
-			ret.insert(h, r as i32);
-		}
+		let mut ret: HashMap<H256, i32> = self.backing.iter(self.column)
+			.map(|(key, _)| {
+				let h = H256::from_slice(&*key);
+				let r = self.payload(&h).unwrap().1;
+				(h, r as i32)
+			})
+			.collect();
 
 		for (key, refs) in self.overlay.keys() {
-			let refs = *ret.get(&key).unwrap_or(&0) + refs;
-			ret.insert(key, refs);
+			match ret.entry(key) {
+				Entry::Occupied(mut entry) => {
+					*entry.get_mut() += refs;
+				},
+				Entry::Vacant(entry) => {
+					*entry.insert(refs);
+				}
+			}
 		}
 		ret
 	}
+
 	fn get(&self, key: &H256) -> Option<DBValue> {
 		// return ok if positive; if negative, check backing - might be enough references there to make
 		// it positive again.
@@ -165,6 +174,7 @@ impl HashDB for OverlayDB {
 			_ => None,
 		}
 	}
+
 	fn contains(&self, key: &H256) -> bool {
 		// return ok if positive; if negative, check backing - might be enough references there to make
 		// it positive again.
@@ -185,6 +195,7 @@ impl HashDB for OverlayDB {
 			}
 		}
 	}
+
 	fn insert(&mut self, value: &[u8]) -> H256 { self.overlay.insert(value) }
 	fn emplace(&mut self, key: H256, value: DBValue) { self.overlay.emplace(key, value); }
 	fn remove(&mut self, key: &H256) { self.overlay.remove(key); }

From 7246c9c74baccf086709ee9c35746d776113ff06 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Sat, 26 Aug 2017 19:16:08 +0200
Subject: [PATCH 098/112] removed redundant *

---
 util/src/journaldb/archivedb.rs       | 2 +-
 util/src/journaldb/earlymergedb.rs    | 2 +-
 util/src/journaldb/overlayrecentdb.rs | 2 +-
 util/src/overlaydb.rs                 | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/util/src/journaldb/archivedb.rs b/util/src/journaldb/archivedb.rs
index 68747712d..8c87ef623 100644
--- a/util/src/journaldb/archivedb.rs
+++ b/util/src/journaldb/archivedb.rs
@@ -77,7 +77,7 @@ impl HashDB for ArchiveDB {
 					*entry.get_mut() += refs;
 				},
 				Entry::Vacant(entry) => {
-					*entry.insert(refs);
+					entry.insert(refs);
 				}
 			}
 		}
diff --git a/util/src/journaldb/earlymergedb.rs b/util/src/journaldb/earlymergedb.rs
index 345005018..0c453cddb 100644
--- a/util/src/journaldb/earlymergedb.rs
+++ b/util/src/journaldb/earlymergedb.rs
@@ -322,7 +322,7 @@ impl HashDB for EarlyMergeDB {
 					*entry.get_mut() += refs;
 				},
 				Entry::Vacant(entry) => {
-					*entry.insert(refs);
+					entry.insert(refs);
 				}
 			}
 		}
diff --git a/util/src/journaldb/overlayrecentdb.rs b/util/src/journaldb/overlayrecentdb.rs
index 4b9efadc7..975abd8e8 100644
--- a/util/src/journaldb/overlayrecentdb.rs
+++ b/util/src/journaldb/overlayrecentdb.rs
@@ -418,7 +418,7 @@ impl HashDB for OverlayRecentDB {
 					*entry.get_mut() += refs;
 				},
 				Entry::Vacant(entry) => {
-					*entry.insert(refs);
+					entry.insert(refs);
 				}
 			}
 		}
diff --git a/util/src/overlaydb.rs b/util/src/overlaydb.rs
index dbd22c59d..80cc499b9 100644
--- a/util/src/overlaydb.rs
+++ b/util/src/overlaydb.rs
@@ -140,7 +140,7 @@ impl HashDB for OverlayDB {
 					*entry.get_mut() += refs;
 				},
 				Entry::Vacant(entry) => {
-					*entry.insert(refs);
+					entry.insert(refs);
 				}
 			}
 		}

From dd3b6d49ee2c9af9df6cae9f7d637ae0cedbc4ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Sat, 26 Aug 2017 21:53:41 +0200
Subject: [PATCH 099/112] Fix memory tracing.

---
 ethcore/evm/src/interpreter/memory.rs |  2 +-
 ethcore/evm/src/interpreter/mod.rs    | 27 +++++++++++++++++++--------
 2 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/ethcore/evm/src/interpreter/memory.rs b/ethcore/evm/src/interpreter/memory.rs
index a13c99a82..9aa9babc7 100644
--- a/ethcore/evm/src/interpreter/memory.rs
+++ b/ethcore/evm/src/interpreter/memory.rs
@@ -44,7 +44,7 @@ pub trait Memory {
 }
 
 /// Checks whether offset and size is valid memory range
-fn is_valid_range(off: usize, size: usize)  -> bool {
+pub fn is_valid_range(off: usize, size: usize)  -> bool {
 	// When size is zero we haven't actually expanded the memory
 	let overflow = off.overflowing_add(size).1;
 	size > 0 && !overflow
diff --git a/ethcore/evm/src/interpreter/mod.rs b/ethcore/evm/src/interpreter/mod.rs
index 3069ab2fe..709ffe4d9 100644
--- a/ethcore/evm/src/interpreter/mod.rs
+++ b/ethcore/evm/src/interpreter/mod.rs
@@ -168,7 +168,12 @@ impl<Cost: CostType> vm::Vm for Interpreter<Cost> {
 			}
 
 			if do_trace {
-				ext.trace_executed(gasometer.current_gas.as_u256(), stack.peek_top(info.ret), mem_written.map(|(o, s)| (o, &(self.mem[o..(o + s)]))), store_written);
+				ext.trace_executed(
+					gasometer.current_gas.as_u256(),
+					stack.peek_top(info.ret),
+					mem_written.map(|(o, s)| (o, &(self.mem[o..o+s]))),
+					store_written,
+				);
 			}
 
 			// Advance
@@ -252,14 +257,20 @@ impl<Cost: CostType> Interpreter<Cost> {
 		instruction: Instruction,
 		stack: &Stack<U256>
 	) -> Option<(usize, usize)> {
-		match instruction {
-			instructions::MSTORE | instructions::MLOAD => Some((stack.peek(0).low_u64() as usize, 32)),
-			instructions::MSTORE8 => Some((stack.peek(0).low_u64() as usize, 1)),
-			instructions::CALLDATACOPY | instructions::CODECOPY | instructions::RETURNDATACOPY => Some((stack.peek(0).low_u64() as usize, stack.peek(2).low_u64() as usize)),
-			instructions::EXTCODECOPY => Some((stack.peek(1).low_u64() as usize, stack.peek(3).low_u64() as usize)),
-			instructions::CALL | instructions::CALLCODE => Some((stack.peek(5).low_u64() as usize, stack.peek(6).low_u64() as usize)),
-			instructions::DELEGATECALL => Some((stack.peek(4).low_u64() as usize, stack.peek(5).low_u64() as usize)),
+		let read = |pos| stack.peek(pos).low_u64() as usize;
+		let written = match instruction {
+			instructions::MSTORE | instructions::MLOAD => Some((read(0), 32)),
+			instructions::MSTORE8 => Some((read(0), 1)),
+			instructions::CALLDATACOPY | instructions::CODECOPY | instructions::RETURNDATACOPY => Some((read(0), read(2))),
+			instructions::EXTCODECOPY => Some((read(1), read(3))),
+			instructions::CALL | instructions::CALLCODE => Some((read(5), read(6))),
+			instructions::DELEGATECALL | instructions::STATICCALL => Some((read(4), read(5))),
 			_ => None,
+		};
+
+		match written {
+			Some((offset, size)) if !memory::is_valid_range(offset, size) => None,
+			written => written,
 		}
 	}
 

From faf0428b60831434838b70fe064c87b8ee024ab5 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Sun, 27 Aug 2017 12:47:00 +0200
Subject: [PATCH 100/112] fixed pending block panic, closes #6239

---
 ethcore/src/ethereum/ethash.rs | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/ethcore/src/ethereum/ethash.rs b/ethcore/src/ethereum/ethash.rs
index 6235255e4..fc7b27403 100644
--- a/ethcore/src/ethereum/ethash.rs
+++ b/ethcore/src/ethereum/ethash.rs
@@ -187,7 +187,14 @@ impl Engine for Arc<Ethash> {
 
 	/// Additional engine-specific information for the user/developer concerning `header`.
 	fn extra_info(&self, header: &Header) -> BTreeMap<String, String> {
-		map!["nonce".to_owned() => format!("0x{}", header.nonce().hex()), "mixHash".to_owned() => format!("0x{}", header.mix_hash().hex())]
+		if header.seal().len() == self.seal_fields() {
+			map![
+				"nonce".to_owned() => format!("0x{}", header.nonce().hex()),
+				"mixHash".to_owned() => format!("0x{}", header.mix_hash().hex())
+			]
+		} else {
+			BTreeMap::default()
+		}
 	}
 
 	fn schedule(&self, block_number: BlockNumber) -> Schedule {

From 301a4720b762c8f3f25599bc075547d89d3d0188 Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Sun, 27 Aug 2017 16:50:22 +0200
Subject: [PATCH 101/112] small optimizations for triehash

---
 util/src/triehash.rs | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/util/src/triehash.rs b/util/src/triehash.rs
index ca1974e7b..62d3dbf97 100644
--- a/util/src/triehash.rs
+++ b/util/src/triehash.rs
@@ -115,7 +115,7 @@ pub fn sec_trie_root(input: Vec<(Vec<u8>, Vec<u8>)>) -> H256 {
 	let gen_input = input
 		// first put elements into btree to sort them and to remove duplicates
 		.into_iter()
-		.map(|(k, v)| (k.sha3().to_vec(), v))
+		.map(|(k, v)| (k.sha3(), v))
 		.collect::<BTreeMap<_, _>>()
 		// then move them to a vector
 		.into_iter()
@@ -155,8 +155,7 @@ fn hex_prefix_encode(nibbles: &[u8], leaf: bool) -> Vec<u8> {
 	let oddness_factor = inlen % 2;
 	// next even number divided by two
 	let reslen = (inlen + 2) >> 1;
-	let mut res = vec![];
-	res.reserve(reslen);
+	let mut res = Vec::with_capacity(reslen);
 
 	let first_byte = {
 		let mut bits = ((inlen as u8 & 1) + (2 * leaf as u8)) << 4;
@@ -180,11 +179,11 @@ fn hex_prefix_encode(nibbles: &[u8], leaf: bool) -> Vec<u8> {
 
 /// Converts slice of bytes to nibbles.
 fn as_nibbles(bytes: &[u8]) -> Vec<u8> {
-	let mut res = vec![];
-	res.reserve(bytes.len() * 2);
+	let mut res = Vec::with_capacity(bytes.len() * 2);
 	for i in 0..bytes.len() {
-		res.push(bytes[i] >> 4);
-		res.push((bytes[i] << 4) >> 4);
+		let byte = bytes[i];
+		res.push(byte >> 4);
+		res.push(byte & 0b1111);
 	}
 	res
 }

From 4ac95b44e2e9963a6a1c2550cae1f7eb25d1787a Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Sun, 27 Aug 2017 18:17:55 +0200
Subject: [PATCH 102/112] earlydb optimizations

---
 util/src/journaldb/earlymergedb.rs | 153 ++++++++++++++++-------------
 1 file changed, 84 insertions(+), 69 deletions(-)

diff --git a/util/src/journaldb/earlymergedb.rs b/util/src/journaldb/earlymergedb.rs
index b7b57d537..6ce1c238f 100644
--- a/util/src/journaldb/earlymergedb.rs
+++ b/util/src/journaldb/earlymergedb.rs
@@ -18,6 +18,7 @@
 
 use std::fmt;
 use std::collections::HashMap;
+use std::collections::hash_map::Entry;
 use std::sync::Arc;
 use parking_lot::RwLock;
 use heapsize::HeapSizeOf;
@@ -159,33 +160,38 @@ impl EarlyMergeDB {
 
 	fn insert_keys(inserts: &[(H256, DBValue)], backing: &KeyValueDB, col: Option<u32>, refs: &mut HashMap<H256, RefInfo>, batch: &mut DBTransaction, trace: bool) {
 		for &(ref h, ref d) in inserts {
-			if let Some(c) = refs.get_mut(h) {
-				// already counting. increment.
-				c.queue_refs += 1;
-				if trace {
-					trace!(target: "jdb.fine", "    insert({}): In queue: Incrementing refs to {}", h, c.queue_refs);
-				}
-				continue;
-			}
-
-			// this is the first entry for this node in the journal.
-			if backing.get(col, h).expect("Low-level database error. Some issue with your hard disk?").is_some() {
-				// already in the backing DB. start counting, and remember it was already in.
-				Self::set_already_in(batch, col, h);
-				refs.insert(h.clone(), RefInfo{queue_refs: 1, in_archive: true});
-				if trace {
-					trace!(target: "jdb.fine", "    insert({}): New to queue, in DB: Recording and inserting into queue", h);
-				}
-				continue;
-			}
-
-			// Gets removed when a key leaves the journal, so should never be set when we're placing a new key.
-			//Self::reset_already_in(&h);
-			assert!(!Self::is_already_in(backing, col, &h));
-			batch.put(col, h, d);
-			refs.insert(h.clone(), RefInfo{queue_refs: 1, in_archive: false});
-			if trace {
-				trace!(target: "jdb.fine", "    insert({}): New to queue, not in DB: Inserting into queue and DB", h);
+			match refs.entry(*h) {
+				Entry::Occupied(mut entry) => {
+					let info = entry.get_mut();
+					// already counting. increment.
+					info.queue_refs += 1;
+					if trace {
+						trace!(target: "jdb.fine", "    insert({}): In queue: Incrementing refs to {}", h, info.queue_refs);
+					}
+				},
+				Entry::Vacant(entry) => {
+					// this is the first entry for this node in the journal.
+					let in_archive = backing.get(col, h).expect("Low-level database error. Some issue with your hard disk?").is_some();
+					if in_archive {
+						// already in the backing DB. start counting, and remember it was already in.
+						Self::set_already_in(batch, col, h);
+						if trace {
+							trace!(target: "jdb.fine", "    insert({}): New to queue, in DB: Recording and inserting into queue", h);
+						}
+					} else {
+						// Gets removed when a key leaves the journal, so should never be set when we're placing a new key.
+						//Self::reset_already_in(&h);
+						assert!(!Self::is_already_in(backing, col, h));
+						if trace {
+							trace!(target: "jdb.fine", "    insert({}): New to queue, not in DB: Inserting into queue and DB", h);
+						}
+						batch.put(col, h, d);
+					}
+					entry.insert(RefInfo {
+						queue_refs: 1,
+						in_archive: in_archive,
+					});
+				},
 			}
 		}
 	}
@@ -193,15 +199,20 @@ impl EarlyMergeDB {
 	fn replay_keys(inserts: &[H256], backing: &KeyValueDB, col: Option<u32>, refs: &mut HashMap<H256, RefInfo>) {
 		trace!(target: "jdb.fine", "replay_keys: inserts={:?}, refs={:?}", inserts, refs);
 		for h in inserts {
-			if let Some(c) = refs.get_mut(h) {
+			match refs.entry(*h) {
 				// already counting. increment.
-				c.queue_refs += 1;
-				continue;
+				Entry::Occupied(mut entry) => {
+					entry.get_mut().queue_refs += 1;
+				},
+				// this is the first entry for this node in the journal.
+				// it is initialised to 1 if it was already in.
+				Entry::Vacant(entry) => {
+					entry.insert(RefInfo {
+						queue_refs: 1,
+						in_archive: Self::is_already_in(backing, col, h),
+					});
+				},
 			}
-
-			// this is the first entry for this node in the journal.
-			// it is initialised to 1 if it was already in.
-			refs.insert(h.clone(), RefInfo{queue_refs: 1, in_archive: Self::is_already_in(backing, col, h)});
 		}
 		trace!(target: "jdb.fine", "replay_keys: (end) refs={:?}", refs);
 	}
@@ -213,50 +224,54 @@ impl EarlyMergeDB {
 		// (the latter option would then mean removing the RefInfo, since it would no longer be counted in the queue.)
 		// both are valid, but we switch between them depending on context.
 		//     All inserts in queue (i.e. those which may yet be reverted) have an entry in refs.
-		for h in deletes.iter() {
-			let mut n: Option<RefInfo> = None;
-			if let Some(c) = refs.get_mut(h) {
-				if c.in_archive && from == RemoveFrom::Archive {
-					c.in_archive = false;
-					Self::reset_already_in(batch, col, h);
-					if trace {
-						trace!(target: "jdb.fine", "    remove({}): In archive, 1 in queue: Reducing to queue only and recording", h);
+		for h in deletes {
+			match refs.entry(*h) {
+				Entry::Occupied(mut entry) => {
+					if entry.get().in_archive && from == RemoveFrom::Archive {
+						entry.get_mut().in_archive = false;
+						Self::reset_already_in(batch, col, h);
+						if trace {
+							trace!(target: "jdb.fine", "    remove({}): In archive, 1 in queue: Reducing to queue only and recording", h);
+						}
+						continue;
 					}
-					continue;
-				} else if c.queue_refs > 1 {
-					c.queue_refs -= 1;
-					if trace {
-						trace!(target: "jdb.fine", "    remove({}): In queue > 1 refs: Decrementing ref count to {}", h, c.queue_refs);
+					if entry.get().queue_refs > 1 {
+						entry.get_mut().queue_refs -= 1;
+						if trace {
+							trace!(target: "jdb.fine", "    remove({}): In queue > 1 refs: Decrementing ref count to {}", h, entry.get().queue_refs);
+						}
+						continue;
 					}
-					continue;
-				} else {
-					n = Some(c.clone());
-				}
-			}
-			match n {
-				Some(RefInfo{queue_refs: 1, in_archive: true}) => {
-					refs.remove(h);
-					Self::reset_already_in(batch, col, h);
-					if trace {
-						trace!(target: "jdb.fine", "    remove({}): In archive, 1 in queue: Removing from queue and leaving in archive", h);
+
+					let queue_refs = entry.get().queue_refs;
+					let in_archive = entry.get().in_archive;
+
+					match (queue_refs, in_archive) {
+						(1, true) => {
+							entry.remove();
+							Self::reset_already_in(batch, col, h);
+							if trace {
+								trace!(target: "jdb.fine", "    remove({}): In archive, 1 in queue: Removing from queue and leaving in archive", h);
+							}
+						},
+						(1, false) => {
+							entry.remove();
+							batch.delete(col, h);
+							if trace {
+								trace!(target: "jdb.fine", "    remove({}): Not in archive, only 1 ref in queue: Removing from queue and DB", h);
+							}
+						},
+						_ => panic!("Invalid value in refs: {:?}", entry.get()),
 					}
-				}
-				Some(RefInfo{queue_refs: 1, in_archive: false}) => {
-					refs.remove(h);
-					batch.delete(col, h);
-					if trace {
-						trace!(target: "jdb.fine", "    remove({}): Not in archive, only 1 ref in queue: Removing from queue and DB", h);
-					}
-				}
-				None => {
+				},
+				Entry::Vacant(_entry) => {
 					// Gets removed when moving from 1 to 0 additional refs. Should never be here at 0 additional refs.
 					//assert!(!Self::is_already_in(db, &h));
 					batch.delete(col, h);
 					if trace {
 						trace!(target: "jdb.fine", "    remove({}): Not in queue - MUST BE IN ARCHIVE: Removing from DB", h);
 					}
-				}
-				_ => panic!("Invalid value in refs: {:?}", n),
+				},
 			}
 		}
 	}

From 622632616c48431314e707e613cf1f8e5f70ee2f Mon Sep 17 00:00:00 2001
From: Hawstein <tomhawstein@gmail.com>
Date: Mon, 28 Aug 2017 15:19:04 +0800
Subject: [PATCH 103/112] fix bloom bitvecjournal storage allocation (#6390)

---
 util/bloom/src/lib.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/util/bloom/src/lib.rs b/util/bloom/src/lib.rs
index 16e0e5368..91897ed44 100644
--- a/util/bloom/src/lib.rs
+++ b/util/bloom/src/lib.rs
@@ -37,9 +37,9 @@ struct BitVecJournal {
 
 impl BitVecJournal {
 	pub fn new(size: usize) -> BitVecJournal {
-		let extra = if size % 8 > 0  { 1 } else { 0 };
+		let extra = if size % 64 > 0  { 1 } else { 0 };
 		BitVecJournal {
-			elems: vec![0u64; size / 8 + extra],
+			elems: vec![0u64; size / 64 + extra],
 			journal: HashSet::new(),
 		}
 	}

From 4f69ee04373333615d60c2cd6103e601e2ab3f7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Mon, 28 Aug 2017 12:32:19 +0200
Subject: [PATCH 104/112] Add test to cover that.

---
 ethcore/evm/src/interpreter/mod.rs | 33 ++++++++++++++++++++++++++++++
 ethcore/vm/src/tests.rs            |  5 +++++
 2 files changed, 38 insertions(+)

diff --git a/ethcore/evm/src/interpreter/mod.rs b/ethcore/evm/src/interpreter/mod.rs
index 709ffe4d9..cb8fe3a52 100644
--- a/ethcore/evm/src/interpreter/mod.rs
+++ b/ethcore/evm/src/interpreter/mod.rs
@@ -873,3 +873,36 @@ fn address_to_u256(value: Address) -> U256 {
 	U256::from(&*H256::from(value))
 }
 
+
+#[cfg(test)]
+mod tests {
+	use std::sync::Arc;
+	use rustc_hex::FromHex;
+	use vmtype::VMType;
+	use factory::Factory;
+	use vm::{self, ActionParams, ActionValue};
+	use vm::tests::{FakeExt, test_finalize};
+
+	#[test]
+	fn should_not_fail_on_tracing_mem() {
+		let code = "7feeffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff006000527faaffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffaa6020526000620f120660406000601773945304eb96065b2a98b57a48a06ae28d285a71b56101f4f1600055".from_hex().unwrap();
+
+		let mut params = ActionParams::default();
+		params.address = 5.into();
+		params.gas = 300_000.into();
+		params.gas_price = 1.into();
+		params.value = ActionValue::Transfer(100_000.into());
+		params.code = Some(Arc::new(code));
+		let mut ext = FakeExt::new();
+		ext.balances.insert(5.into(), 1_000_000_000.into());
+		ext.tracing = true;
+
+		let gas_left = {
+			let mut vm = Factory::new(VMType::Interpreter, 1).create(params.gas);
+			test_finalize(vm.exec(params, &mut ext)).unwrap()
+		};
+
+		assert_eq!(ext.calls.len(), 1);
+		assert_eq!(gas_left, 248_212.into());
+	}
+}
diff --git a/ethcore/vm/src/tests.rs b/ethcore/vm/src/tests.rs
index c8afedaff..c3a290d41 100644
--- a/ethcore/vm/src/tests.rs
+++ b/ethcore/vm/src/tests.rs
@@ -61,6 +61,7 @@ pub struct FakeExt {
 	pub info: EnvInfo,
 	pub schedule: Schedule,
 	pub balances: HashMap<Address, U256>,
+	pub tracing: bool,
 }
 
 // similar to the normal `finalize` function, but ignoring NeedsReturn.
@@ -184,4 +185,8 @@ impl Ext for FakeExt {
 	fn inc_sstore_clears(&mut self) {
 		self.sstore_clears += 1;
 	}
+
+	fn trace_next_instruction(&mut self, _pc: usize, _instruction: u8) -> bool {
+		self.tracing
+	}
 }

From 752dad6829b94121d361fa6ea8630a3a886d0a5a Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Mon, 28 Aug 2017 12:40:29 +0200
Subject: [PATCH 105/112] commit plain_hasher to util

---
 Cargo.lock                         |  6 ++--
 util/bigint/Cargo.toml             |  2 +-
 util/plain_hasher/Cargo.toml       | 12 +++++++
 util/plain_hasher/benches/bench.rs | 33 ++++++++++++++++++
 util/plain_hasher/src/lib.rs       | 55 ++++++++++++++++++++++++++++++
 5 files changed, 103 insertions(+), 5 deletions(-)
 create mode 100644 util/plain_hasher/Cargo.toml
 create mode 100644 util/plain_hasher/benches/bench.rs
 create mode 100644 util/plain_hasher/src/lib.rs

diff --git a/Cargo.lock b/Cargo.lock
index 3e4998a44..d9142b1b3 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -548,7 +548,7 @@ dependencies = [
  "bigint 4.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "heapsize 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.21 (registry+https://github.com/rust-lang/crates.io-index)",
- "plain_hasher 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "plain_hasher 0.1.0",
  "rand 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
@@ -2201,9 +2201,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 [[package]]
 name = "plain_hasher"
 version = "0.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
- "crunchy 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "crunchy 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -3394,7 +3393,6 @@ dependencies = [
 "checksum phf_generator 0.7.14 (registry+https://github.com/rust-lang/crates.io-index)" = "db005608fd99800c8c74106a7c894cf582055b689aa14a79462cefdcb7dc1cc3"
 "checksum phf_shared 0.7.14 (registry+https://github.com/rust-lang/crates.io-index)" = "fee4d039930e4f45123c9b15976cf93a499847b6483dc09c42ea0ec4940f2aa6"
 "checksum pkg-config 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)" = "3a8b4c6b8165cd1a1cd4b9b120978131389f64bdaf456435caa41e630edba903"
-"checksum plain_hasher 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "83ae80873992f511142c07d0ec6c44de5636628fdb7e204abd655932ea79d995"
 "checksum podio 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "e5422a1ee1bc57cc47ae717b0137314258138f38fd5f3cea083f43a9725383a0"
 "checksum pretty_assertions 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "2412f3332a07c7a2a50168988dcc184f32180a9758ad470390e5f55e089f6b6e"
 "checksum primal 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "0e31b86efadeaeb1235452171a66689682783149a6249ff334a2c5d8218d00a4"
diff --git a/util/bigint/Cargo.toml b/util/bigint/Cargo.toml
index 1d0d4c63a..fcca56078 100644
--- a/util/bigint/Cargo.toml
+++ b/util/bigint/Cargo.toml
@@ -13,7 +13,7 @@ rustc-hex = "1.0"
 rand = "0.3.12"
 libc = "0.2"
 heapsize = { version = "0.4", optional = true }
-plain_hasher = "0.1"
+plain_hasher = { path = "../plain_hasher" }
 
 [features]
 x64asm_arithmetic=[]
diff --git a/util/plain_hasher/Cargo.toml b/util/plain_hasher/Cargo.toml
new file mode 100644
index 000000000..0ed45ba36
--- /dev/null
+++ b/util/plain_hasher/Cargo.toml
@@ -0,0 +1,12 @@
+[package]
+name = "plain_hasher"
+description = "Hasher for 32-bit keys."
+version = "0.1.0"
+authors = ["Parity Technologies <admin@parity.io>"]
+license = "MIT"
+keywords = ["hash", "hasher"]
+categories = ["no-std"]
+homepage = "https://github.com/paritytech/plain_hasher"
+
+[dependencies]
+crunchy = "0.1.6"
diff --git a/util/plain_hasher/benches/bench.rs b/util/plain_hasher/benches/bench.rs
new file mode 100644
index 000000000..e7e8570ab
--- /dev/null
+++ b/util/plain_hasher/benches/bench.rs
@@ -0,0 +1,33 @@
+#![feature(test)]
+
+extern crate test;
+extern crate plain_hasher;
+
+use std::hash::Hasher;
+use std::collections::hash_map::DefaultHasher;
+use test::{Bencher, black_box};
+use plain_hasher::PlainHasher;
+
+#[bench]
+fn write_plain_hasher(b: &mut Bencher) {
+	b.iter(|| {
+		let n: u8 = black_box(100);
+		(0..n).fold(PlainHasher::default(), |mut old, new| {
+			let bb = black_box([new; 32]);
+			old.write(&bb as &[u8]);
+			old
+		});
+	});
+}
+
+#[bench]
+fn write_default_hasher(b: &mut Bencher) {
+	b.iter(|| {
+		let n: u8 = black_box(100);
+		(0..n).fold(DefaultHasher::default(), |mut old, new| {
+			let bb = black_box([new; 32]);
+			old.write(&bb as &[u8]);
+			old
+		});
+	});
+}
diff --git a/util/plain_hasher/src/lib.rs b/util/plain_hasher/src/lib.rs
new file mode 100644
index 000000000..b16596363
--- /dev/null
+++ b/util/plain_hasher/src/lib.rs
@@ -0,0 +1,55 @@
+#![no_std]
+#[macro_use]
+extern crate crunchy;
+
+use core::{hash, mem};
+
+/// Hasher that just takes 8 bytes of the provided value.
+/// May only be used for keys which are 32 bytes.
+#[derive(Default)]
+pub struct PlainHasher {
+	prefix: u64,
+}
+
+impl hash::Hasher for PlainHasher {
+	#[inline]
+	fn finish(&self) -> u64 {
+		self.prefix
+	}
+
+	#[inline]
+	#[allow(unused_assignments)]
+	fn write(&mut self, bytes: &[u8]) {
+		debug_assert!(bytes.len() == 32);
+
+		unsafe {
+			let mut bytes_ptr = bytes.as_ptr();
+			let prefix_u8: &mut [u8; 8] = mem::transmute(&mut self.prefix);
+			let mut prefix_ptr = prefix_u8.as_mut_ptr();
+
+			unroll! {
+				for _i in 0..8 {
+					*prefix_ptr ^= (*bytes_ptr ^ *bytes_ptr.offset(8)) ^ (*bytes_ptr.offset(16) ^ *bytes_ptr.offset(24));
+
+					bytes_ptr = bytes_ptr.offset(1);
+					prefix_ptr = prefix_ptr.offset(1);
+				}
+			}
+		}
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use core::hash::Hasher;
+	use super::PlainHasher;
+
+	#[test]
+	fn it_works() {
+		let mut bytes = [32u8; 32];
+		bytes[0] = 15;
+		let mut hasher = PlainHasher::default();
+		hasher.write(&bytes);
+		assert_eq!(hasher.prefix, 47);
+	}
+}

From 3226e1ca33cfc6b49ddad16ed568244e3657bd0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Mon, 28 Aug 2017 14:11:55 +0200
Subject: [PATCH 106/112] Expose health status over RPC (#6274)

* Node-health to a separate crate.

* Initialize node_health outside of dapps.

* Expose health over RPC.

* Bring back 412 and fix JS.

* Add health to workspace and tests.

* Fix compilation without default features.

* Fix borked merge.

* Revert to generics to avoid virtual calls.

* Fix node-health tests.

* Add missing trailing comma.
---
 Cargo.lock                                 |  20 +++-
 Cargo.toml                                 |   3 +-
 dapps/Cargo.toml                           |   9 +-
 dapps/node-health/Cargo.toml               |  18 +++
 dapps/node-health/src/health.rs            | 122 +++++++++++++++++++++
 dapps/node-health/src/lib.rs               |  49 +++++++++
 dapps/{src/api => node-health/src}/time.rs |   8 +-
 dapps/node-health/src/types.rs             |  57 ++++++++++
 dapps/src/api/api.rs                       |  83 +++-----------
 dapps/src/api/mod.rs                       |   2 -
 dapps/src/api/types.rs                     |  40 -------
 dapps/src/apps/fetcher/mod.rs              |   1 +
 dapps/src/lib.rs                           |  38 ++-----
 dapps/src/tests/helpers/mod.rs             |  11 +-
 js/src/api/rpc/parity/parity.js            |   5 +
 js/src/redux/providers/status.js           |   9 +-
 parity/configuration.rs                    |  25 ++---
 parity/dapps.rs                            |  33 +-----
 parity/main.rs                             |   1 +
 parity/rpc.rs                              |   7 --
 parity/rpc_apis.rs                         |  27 +++--
 parity/run.rs                              |  56 +++++++---
 rpc/Cargo.toml                             |   9 +-
 rpc/src/lib.rs                             |   1 +
 rpc/src/v1/helpers/dispatch.rs             |   5 +-
 rpc/src/v1/helpers/fake_sign.rs            |   4 +-
 rpc/src/v1/impls/light/parity.rs           |  29 +++--
 rpc/src/v1/impls/parity.rs                 |  71 ++++++------
 rpc/src/v1/tests/mocked/parity.rs          |  49 +++++++--
 rpc/src/v1/traits/parity.rs                |   5 +
 util/reactor/src/lib.rs                    |  16 ++-
 31 files changed, 513 insertions(+), 300 deletions(-)
 create mode 100644 dapps/node-health/Cargo.toml
 create mode 100644 dapps/node-health/src/health.rs
 create mode 100644 dapps/node-health/src/lib.rs
 rename dapps/{src/api => node-health/src}/time.rs (98%)
 create mode 100644 dapps/node-health/src/types.rs

diff --git a/Cargo.lock b/Cargo.lock
index c5ee9ad8b..913ac0e44 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1613,6 +1613,21 @@ dependencies = [
  "ws2_32-sys 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "node-health"
+version = "0.1.0"
+dependencies = [
+ "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
+ "futures-cpupool 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "ntp 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "parity-reactor 0.1.0",
+ "parking_lot 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde 1.0.9 (registry+https://github.com/rust-lang/crates.io-index)",
+ "serde_derive 1.0.9 (registry+https://github.com/rust-lang/crates.io-index)",
+ "time 0.1.35 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "nodrop"
 version = "0.1.9"
@@ -1821,6 +1836,7 @@ dependencies = [
  "isatty 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "node-health 0.1.0",
  "num_cpus 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "number_prefix 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
  "panic_hook 0.1.0",
@@ -1862,7 +1878,6 @@ dependencies = [
  "ethcore-util 1.8.0",
  "fetch 0.1.0",
  "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
- "futures-cpupool 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
  "itertools 0.5.9 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "jsonrpc-http-server 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
@@ -1870,7 +1885,7 @@ dependencies = [
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
  "mime 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "mime_guess 1.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "ntp 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "node-health 0.1.0",
  "parity-dapps-glue 1.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "parity-hash-fetch 1.8.0",
  "parity-reactor 0.1.0",
@@ -1985,6 +2000,7 @@ dependencies = [
  "jsonrpc-ws-server 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
  "multihash 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "node-health 0.1.0",
  "order-stat 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
  "parity-reactor 0.1.0",
  "parity-updater 1.8.0",
diff --git a/Cargo.toml b/Cargo.toml
index 3adaf62d4..ebd60ca64 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -43,6 +43,7 @@ ethcore-logger = { path = "logger" }
 ethcore-stratum = { path = "stratum" }
 ethcore-network = { path = "util/network" }
 ethkey = { path = "ethkey" }
+node-health = { path = "dapps/node-health" }
 rlp = { path = "util/rlp" }
 rpc-cli = { path = "rpc_cli" }
 parity-hash-fetch = { path = "hash-fetch" }
@@ -110,4 +111,4 @@ lto = false
 panic = "abort"
 
 [workspace]
-members = ["ethstore/cli", "ethkey/cli", "evmbin", "whisper", "chainspec"]
+members = ["ethstore/cli", "ethkey/cli", "evmbin", "whisper", "chainspec", "dapps/node-health"]
diff --git a/dapps/Cargo.toml b/dapps/Cargo.toml
index 143bbe30f..b1751c616 100644
--- a/dapps/Cargo.toml
+++ b/dapps/Cargo.toml
@@ -9,15 +9,12 @@ authors = ["Parity Technologies <admin@parity.io>"]
 
 [dependencies]
 base32 = "0.3"
-env_logger = "0.4"
 futures = "0.1"
-futures-cpupool = "0.1"
 linked-hash-map = "0.3"
 log = "0.3"
 parity-dapps-glue = "1.7"
 mime = "0.2"
 mime_guess = "1.6.1"
-ntp = "0.2.0"
 rand = "0.3"
 rustc-hex = "1.0"
 serde = "1.0"
@@ -32,15 +29,19 @@ itertools = "0.5"
 jsonrpc-core = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }
 jsonrpc-http-server = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.7" }
 
-ethcore-devtools = { path = "../devtools" }
 ethcore-util = { path = "../util" }
 fetch = { path = "../util/fetch" }
+node-health = { path = "./node-health" }
 parity-hash-fetch = { path = "../hash-fetch" }
 parity-reactor = { path = "../util/reactor" }
 parity-ui = { path = "./ui" }
 
 clippy = { version = "0.0.103", optional = true}
 
+[dev-dependencies]
+env_logger = "0.4"
+ethcore-devtools = { path = "../devtools" }
+
 [features]
 dev = ["clippy", "ethcore-util/dev"]
 
diff --git a/dapps/node-health/Cargo.toml b/dapps/node-health/Cargo.toml
new file mode 100644
index 000000000..ff13e8593
--- /dev/null
+++ b/dapps/node-health/Cargo.toml
@@ -0,0 +1,18 @@
+[package]
+name = "node-health"
+description = "Node's health status"
+version = "0.1.0"
+license = "GPL-3.0"
+authors = ["Parity Technologies <admin@parity.io>"]
+
+[dependencies]
+futures = "0.1"
+futures-cpupool = "0.1"
+log = "0.3"
+ntp = "0.2.0"
+parking_lot = "0.4"
+serde = "1.0"
+serde_derive = "1.0"
+time = "0.1.35"
+
+parity-reactor = { path = "../../util/reactor" }
diff --git a/dapps/node-health/src/health.rs b/dapps/node-health/src/health.rs
new file mode 100644
index 000000000..3b3563d6b
--- /dev/null
+++ b/dapps/node-health/src/health.rs
@@ -0,0 +1,122 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Reporting node's health.
+
+use std::sync::Arc;
+use std::time;
+use futures::{Future, BoxFuture};
+use futures::sync::oneshot;
+use types::{HealthInfo, HealthStatus, Health};
+use time::{TimeChecker, MAX_DRIFT};
+use parity_reactor::Remote;
+use parking_lot::Mutex;
+use {SyncStatus};
+
+const TIMEOUT_SECS: u64 = 5;
+const PROOF: &str = "Only one closure is invoked.";
+
+/// A struct enabling you to query for node's health.
+#[derive(Debug, Clone)]
+pub struct NodeHealth {
+	sync_status: Arc<SyncStatus>,
+	time: TimeChecker,
+	remote: Remote,
+}
+
+impl NodeHealth {
+	/// Creates new `NodeHealth`.
+	pub fn new(sync_status: Arc<SyncStatus>, time: TimeChecker, remote: Remote) -> Self {
+		NodeHealth { sync_status, time, remote, }
+	}
+
+	/// Query latest health report.
+	pub fn health(&self) -> BoxFuture<Health, ()> {
+		trace!(target: "dapps", "Checking node health.");
+		// Check timediff
+		let sync_status = self.sync_status.clone();
+		let time = self.time.time_drift();
+		let (tx, rx) = oneshot::channel();
+		let tx = Arc::new(Mutex::new(Some(tx)));
+		let tx2 = tx.clone();
+		self.remote.spawn_with_timeout(
+			move || time.then(move |result| {
+				let _ = tx.lock().take().expect(PROOF).send(Ok(result));
+				Ok(())
+			}),
+			time::Duration::from_secs(TIMEOUT_SECS),
+			move || {
+				let _ = tx2.lock().take().expect(PROOF).send(Err(()));
+			},
+		);
+
+		rx.map_err(|err| {
+			warn!(target: "dapps", "Health request cancelled: {:?}", err);
+		}).and_then(move |time| {
+			// Check peers
+			let peers = {
+				let (connected, max) = sync_status.peers();
+				let (status, message) = match connected {
+					0 => {
+						(HealthStatus::Bad, "You are not connected to any peers. There is most likely some network issue. Fix connectivity.".into())
+					},
+					1 => (HealthStatus::NeedsAttention, "You are connected to only one peer. Your node might not be reliable. Check your network connection.".into()),
+					_ => (HealthStatus::Ok, "".into()),
+				};
+				HealthInfo { status, message, details: (connected, max) }
+			};
+
+			// Check sync
+			let sync = {
+				let is_syncing = sync_status.is_major_importing();
+				let (status, message) = if is_syncing {
+					(HealthStatus::NeedsAttention, "Your node is still syncing, the values you see might be outdated. Wait until it's fully synced.".into())
+				} else {
+					(HealthStatus::Ok, "".into())
+				};
+				HealthInfo { status, message, details: is_syncing }
+			};
+
+			// Check time
+			let time = {
+				let (status, message, details) = match time {
+					Ok(Ok(diff)) if diff < MAX_DRIFT && diff > -MAX_DRIFT => {
+						(HealthStatus::Ok, "".into(), diff)
+					},
+					Ok(Ok(diff)) => {
+						(HealthStatus::Bad, format!(
+							"Your clock is not in sync. Detected difference is too big for the protocol to work: {}ms. Synchronize your clock.",
+							diff,
+						), diff)
+					},
+					Ok(Err(err)) => {
+						(HealthStatus::NeedsAttention, format!(
+							"Unable to reach time API: {}. Make sure that your clock is synchronized.",
+							err,
+						), 0)
+					},
+					Err(_) => {
+						(HealthStatus::NeedsAttention, "Time API request timed out. Make sure that the clock is synchronized.".into(), 0)
+					},
+				};
+
+				HealthInfo { status, message, details, }
+			};
+
+			Ok(Health { peers, sync, time})
+		}).boxed()
+	}
+}
diff --git a/dapps/node-health/src/lib.rs b/dapps/node-health/src/lib.rs
new file mode 100644
index 000000000..b0eb133ee
--- /dev/null
+++ b/dapps/node-health/src/lib.rs
@@ -0,0 +1,49 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Node Health status reporting.
+
+#![warn(missing_docs)]
+
+extern crate futures;
+extern crate futures_cpupool;
+extern crate ntp;
+extern crate time as time_crate;
+extern crate parity_reactor;
+extern crate parking_lot;
+
+#[macro_use]
+extern crate log;
+#[macro_use]
+extern crate serde_derive;
+
+mod health;
+mod time;
+mod types;
+
+pub use futures_cpupool::CpuPool;
+pub use health::NodeHealth;
+pub use types::{Health, HealthInfo, HealthStatus};
+pub use time::{TimeChecker, Error};
+
+/// Indicates sync status
+pub trait SyncStatus: ::std::fmt::Debug + Send + Sync {
+	/// Returns true if there is a major sync happening.
+	fn is_major_importing(&self) -> bool;
+
+	/// Returns number of connected and ideal peers.
+	fn peers(&self) -> (usize, usize);
+}
diff --git a/dapps/src/api/time.rs b/dapps/node-health/src/time.rs
similarity index 98%
rename from dapps/src/api/time.rs
rename to dapps/node-health/src/time.rs
index 06b9cee7f..05c48ce47 100644
--- a/dapps/src/api/time.rs
+++ b/dapps/node-health/src/time.rs
@@ -41,8 +41,8 @@ use futures::{self, Future, BoxFuture};
 use futures::future::{self, IntoFuture};
 use futures_cpupool::{CpuPool, CpuFuture};
 use ntp;
-use time::{Duration, Timespec};
-use util::RwLock;
+use parking_lot::RwLock;
+use time_crate::{Duration, Timespec};
 
 /// Time checker error.
 #[derive(Debug, Clone, PartialEq)]
@@ -164,7 +164,7 @@ impl Ntp for SimpleNtp {
 
 				match ntp::request(&server.address) {
 					Ok(packet) => {
-						let dest_time = ::time::now_utc().to_timespec();
+						let dest_time = ::time_crate::now_utc().to_timespec();
 						let orig_time = Timespec::from(packet.orig_time);
 						let recv_time = Timespec::from(packet.recv_time);
 						let transmit_time = Timespec::from(packet.transmit_time);
@@ -293,7 +293,7 @@ mod tests {
 	use time::Duration;
 	use futures::{future, Future};
 	use super::{Ntp, TimeChecker, Error};
-	use util::RwLock;
+	use parking_lot::RwLock;
 
 	#[derive(Clone)]
 	struct FakeNtp(RefCell<Vec<Duration>>, Cell<u64>);
diff --git a/dapps/node-health/src/types.rs b/dapps/node-health/src/types.rs
new file mode 100644
index 000000000..ae883a626
--- /dev/null
+++ b/dapps/node-health/src/types.rs
@@ -0,0 +1,57 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Base health types.
+
+/// Health API endpoint status.
+#[derive(Debug, PartialEq, Serialize)]
+pub enum HealthStatus {
+	/// Everything's OK.
+	#[serde(rename = "ok")]
+	Ok,
+	/// Node health need attention
+	/// (the issue is not critical, but may need investigation)
+	#[serde(rename = "needsAttention")]
+	NeedsAttention,
+	/// There is something bad detected with the node.
+	#[serde(rename = "bad")]
+	Bad,
+}
+
+/// Represents a single check in node health.
+/// Cointains the status of that check and apropriate message and details.
+#[derive(Debug, PartialEq, Serialize)]
+#[serde(deny_unknown_fields)]
+pub struct HealthInfo<T> {
+	/// Check status.
+	pub status: HealthStatus,
+	/// Human-readable message.
+	pub message: String,
+	/// Technical details of the check.
+	pub details: T,
+}
+
+/// Node Health status.
+#[derive(Debug, PartialEq, Serialize)]
+#[serde(deny_unknown_fields)]
+pub struct Health {
+	/// Status of peers.
+	pub peers: HealthInfo<(usize, usize)>,
+	/// Sync status.
+	pub sync: HealthInfo<bool>,
+	/// Time diff info.
+	pub time: HealthInfo<i64>,
+}
diff --git a/dapps/src/api/api.rs b/dapps/src/api/api.rs
index 7bd7fa049..03ba859f8 100644
--- a/dapps/src/api/api.rs
+++ b/dapps/src/api/api.rs
@@ -21,32 +21,28 @@ use hyper::method::Method;
 use hyper::status::StatusCode;
 
 use api::{response, types};
-use api::time::{TimeChecker, MAX_DRIFT};
 use apps::fetcher::Fetcher;
 use handlers::{self, extract_url};
 use endpoint::{Endpoint, Handler, EndpointPath};
+use node_health::{NodeHealth, HealthStatus, Health};
 use parity_reactor::Remote;
-use {SyncStatus};
 
 #[derive(Clone)]
 pub struct RestApi {
 	fetcher: Arc<Fetcher>,
-	sync_status: Arc<SyncStatus>,
-	time: TimeChecker,
+	health: NodeHealth,
 	remote: Remote,
 }
 
 impl RestApi {
 	pub fn new(
 		fetcher: Arc<Fetcher>,
-		sync_status: Arc<SyncStatus>,
-		time: TimeChecker,
+		health: NodeHealth,
 		remote: Remote,
 	) -> Box<Endpoint> {
 		Box::new(RestApi {
 			fetcher,
-			sync_status,
-			time,
+			health,
 			remote,
 		})
 	}
@@ -90,68 +86,23 @@ impl RestApiRouter {
 	}
 
 	fn health(&self, control: Control) -> Box<Handler> {
-		use self::types::{HealthInfo, HealthStatus, Health};
-
-		trace!(target: "dapps", "Checking node health.");
-		// Check timediff
-		let sync_status = self.api.sync_status.clone();
-		let map = move |time| {
-			// Check peers
-			let peers = {
-				let (connected, max) = sync_status.peers();
-				let (status, message) = match connected {
-					0 => {
-						(HealthStatus::Bad, "You are not connected to any peers. There is most likely some network issue. Fix connectivity.".into())
-					},
-					1 => (HealthStatus::NeedsAttention, "You are connected to only one peer. Your node might not be reliable. Check your network connection.".into()),
-					_ => (HealthStatus::Ok, "".into()),
-				};
-				HealthInfo { status, message, details: (connected, max) }
+		let map = move |health: Result<Result<Health, ()>, ()>| {
+			let status = match health {
+				Ok(Ok(ref health)) => {
+					if [&health.peers.status, &health.sync.status].iter().any(|x| *x != &HealthStatus::Ok) {
+						StatusCode::PreconditionFailed // HTTP 412
+					} else {
+						StatusCode::Ok // HTTP 200
+					}
+				},
+				_ => StatusCode::ServiceUnavailable, // HTTP 503
 			};
 
-			// Check sync
-			let sync = {
-				let is_syncing = sync_status.is_major_importing();
-				let (status, message) = if is_syncing {
-					(HealthStatus::NeedsAttention, "Your node is still syncing, the values you see might be outdated. Wait until it's fully synced.".into())
-				} else {
-					(HealthStatus::Ok, "".into())
-				};
-				HealthInfo { status, message, details: is_syncing }
-			};
-
-			// Check time
-			let time = {
-				let (status, message, details) = match time {
-					Ok(Ok(diff)) if diff < MAX_DRIFT && diff > -MAX_DRIFT => {
-						(HealthStatus::Ok, "".into(), diff)
-					},
-					Ok(Ok(diff)) => {
-						(HealthStatus::Bad, format!(
-							"Your clock is not in sync. Detected difference is too big for the protocol to work: {}ms. Synchronize your clock.",
-							diff,
-						), diff)
-					},
-					Ok(Err(err)) => {
-						(HealthStatus::NeedsAttention, format!(
-							"Unable to reach time API: {}. Make sure that your clock is synchronized.",
-							err,
-						), 0)
-					},
-					Err(_) => {
-						(HealthStatus::NeedsAttention, "Time API request timed out. Make sure that the clock is synchronized.".into(), 0)
-					},
-				};
-
-				HealthInfo { status, message, details, }
-			};
-
-			response::as_json(StatusCode::Ok, &Health { peers, sync, time })
+			response::as_json(status, &health)
 		};
-
-		let time = self.api.time.time_drift();
+		let health = self.api.health.health();
 		let remote = self.api.remote.clone();
-		Box::new(handlers::AsyncHandler::new(time, map, remote, control))
+		Box::new(handlers::AsyncHandler::new(health, map, remote, control))
 	}
 }
 
diff --git a/dapps/src/api/mod.rs b/dapps/src/api/mod.rs
index 59c634399..4ffb9f791 100644
--- a/dapps/src/api/mod.rs
+++ b/dapps/src/api/mod.rs
@@ -18,8 +18,6 @@
 
 mod api;
 mod response;
-mod time;
 mod types;
 
 pub use self::api::RestApi;
-pub use self::time::TimeChecker;
diff --git a/dapps/src/api/types.rs b/dapps/src/api/types.rs
index a61964143..6beca3b58 100644
--- a/dapps/src/api/types.rs
+++ b/dapps/src/api/types.rs
@@ -25,43 +25,3 @@ pub struct ApiError {
 	/// More technical error details.
 	pub detail: String,
 }
-
-/// Health API endpoint status.
-#[derive(Debug, PartialEq, Serialize)]
-pub enum HealthStatus {
-	/// Everything's OK.
-	#[serde(rename = "ok")]
-	Ok,
-	/// Node health need attention
-	/// (the issue is not critical, but may need investigation)
-	#[serde(rename = "needsAttention")]
-	NeedsAttention,
-	/// There is something bad detected with the node.
-	#[serde(rename = "bad")]
-	Bad
-}
-
-/// Represents a single check in node health.
-/// Cointains the status of that check and apropriate message and details.
-#[derive(Debug, PartialEq, Serialize)]
-#[serde(deny_unknown_fields)]
-pub struct HealthInfo<T> {
-	/// Check status.
-	pub status: HealthStatus,
-	/// Human-readable message.
-	pub message: String,
-	/// Technical details of the check.
-	pub details: T,
-}
-
-/// Node Health status.
-#[derive(Debug, PartialEq, Serialize)]
-#[serde(deny_unknown_fields)]
-pub struct Health {
-	/// Status of peers.
-	pub peers: HealthInfo<(usize, usize)>,
-	/// Sync status.
-	pub sync: HealthInfo<bool>,
-	/// Time diff info.
-	pub time: HealthInfo<i64>,
-}
diff --git a/dapps/src/apps/fetcher/mod.rs b/dapps/src/apps/fetcher/mod.rs
index 1fdf2f697..5b91da1a3 100644
--- a/dapps/src/apps/fetcher/mod.rs
+++ b/dapps/src/apps/fetcher/mod.rs
@@ -281,6 +281,7 @@ mod tests {
 		}
 	}
 
+	#[derive(Debug)]
 	struct FakeSync(bool);
 	impl SyncStatus for FakeSync {
 		fn is_major_importing(&self) -> bool { self.0 }
diff --git a/dapps/src/lib.rs b/dapps/src/lib.rs
index 135f0bb36..073db5121 100644
--- a/dapps/src/lib.rs
+++ b/dapps/src/lib.rs
@@ -21,11 +21,9 @@
 
 extern crate base32;
 extern crate futures;
-extern crate futures_cpupool;
 extern crate itertools;
 extern crate linked_hash_map;
 extern crate mime_guess;
-extern crate ntp;
 extern crate rand;
 extern crate rustc_hex;
 extern crate serde;
@@ -40,6 +38,7 @@ extern crate jsonrpc_http_server;
 
 extern crate ethcore_util as util;
 extern crate fetch;
+extern crate node_health;
 extern crate parity_dapps_glue as parity_dapps;
 extern crate parity_hash_fetch as hash_fetch;
 extern crate parity_reactor;
@@ -57,7 +56,6 @@ extern crate ethcore_devtools as devtools;
 #[cfg(test)]
 extern crate env_logger;
 
-
 mod endpoint;
 mod apps;
 mod page;
@@ -79,19 +77,12 @@ use util::RwLock;
 use jsonrpc_http_server::{self as http, hyper, Origin};
 
 use fetch::Fetch;
-use futures_cpupool::CpuPool;
+use node_health::NodeHealth;
 use parity_reactor::Remote;
 
 pub use hash_fetch::urlhint::ContractClient;
+pub use node_health::SyncStatus;
 
-/// Indicates sync status
-pub trait SyncStatus: Send + Sync {
-	/// Returns true if there is a major sync happening.
-	fn is_major_importing(&self) -> bool;
-
-	/// Returns number of connected and ideal peers.
-	fn peers(&self) -> (usize, usize);
-}
 
 /// Validates Web Proxy tokens
 pub trait WebProxyTokens: Send + Sync {
@@ -156,8 +147,7 @@ impl Middleware {
 
 	/// Creates new middleware for UI server.
 	pub fn ui<F: Fetch>(
-		ntp_servers: &[String],
-		pool: CpuPool,
+		health: NodeHealth,
 		remote: Remote,
 		dapps_domain: &str,
 		registrar: Arc<ContractClient>,
@@ -172,11 +162,9 @@ impl Middleware {
 		).embeddable_on(None).allow_dapps(false));
 		let special = {
 			let mut special = special_endpoints(
-				ntp_servers,
-				pool,
+				health,
 				content_fetcher.clone(),
 				remote.clone(),
-				sync_status.clone(),
 			);
 			special.insert(router::SpecialEndpoint::Home, Some(apps::ui()));
 			special
@@ -197,8 +185,7 @@ impl Middleware {
 
 	/// Creates new Dapps server middleware.
 	pub fn dapps<F: Fetch>(
-		ntp_servers: &[String],
-		pool: CpuPool,
+		health: NodeHealth,
 		remote: Remote,
 		ui_address: Option<(String, u16)>,
 		extra_embed_on: Vec<(String, u16)>,
@@ -236,11 +223,9 @@ impl Middleware {
 
 		let special = {
 			let mut special = special_endpoints(
-				ntp_servers,
-				pool,
+				health,
 				content_fetcher.clone(),
 				remote.clone(),
-				sync_status,
 			);
 			special.insert(
 				router::SpecialEndpoint::Home,
@@ -270,20 +255,17 @@ impl http::RequestMiddleware for Middleware {
 	}
 }
 
-fn special_endpoints<T: AsRef<str>>(
-	ntp_servers: &[T],
-	pool: CpuPool,
+fn special_endpoints(
+	health: NodeHealth,
 	content_fetcher: Arc<apps::fetcher::Fetcher>,
 	remote: Remote,
-	sync_status: Arc<SyncStatus>,
 ) -> HashMap<router::SpecialEndpoint, Option<Box<endpoint::Endpoint>>> {
 	let mut special = HashMap::new();
 	special.insert(router::SpecialEndpoint::Rpc, None);
 	special.insert(router::SpecialEndpoint::Utils, Some(apps::utils()));
 	special.insert(router::SpecialEndpoint::Api, Some(api::RestApi::new(
 		content_fetcher,
-		sync_status,
-		api::TimeChecker::new(ntp_servers, pool),
+		health,
 		remote,
 	)));
 	special
diff --git a/dapps/src/tests/helpers/mod.rs b/dapps/src/tests/helpers/mod.rs
index 30d3ba8f9..6f4652351 100644
--- a/dapps/src/tests/helpers/mod.rs
+++ b/dapps/src/tests/helpers/mod.rs
@@ -26,7 +26,7 @@ use jsonrpc_http_server::{self as http, Host, DomainsValidation};
 use devtools::http_client;
 use hash_fetch::urlhint::ContractClient;
 use fetch::{Fetch, Client as FetchClient};
-use futures_cpupool::CpuPool;
+use node_health::{NodeHealth, TimeChecker, CpuPool};
 use parity_reactor::Remote;
 
 use {Middleware, SyncStatus, WebProxyTokens};
@@ -39,6 +39,7 @@ use self::fetch::FakeFetch;
 
 const SIGNER_PORT: u16 = 18180;
 
+#[derive(Debug)]
 struct FakeSync(bool);
 impl SyncStatus for FakeSync {
 	fn is_major_importing(&self) -> bool { self.0 }
@@ -254,9 +255,13 @@ impl Server {
 		remote: Remote,
 		fetch: F,
 	) -> Result<Server, http::Error> {
+		let health = NodeHealth::new(
+			sync_status.clone(),
+			TimeChecker::new::<String>(&[], CpuPool::new(1)),
+			remote.clone(),
+		);
 		let middleware = Middleware::dapps(
-			&["0.pool.ntp.org:123".into(), "1.pool.ntp.org:123".into()],
-			CpuPool::new(4),
+			health,
 			remote,
 			signer_address,
 			vec![],
diff --git a/js/src/api/rpc/parity/parity.js b/js/src/api/rpc/parity/parity.js
index c2681b3fb..59ccb5884 100644
--- a/js/src/api/rpc/parity/parity.js
+++ b/js/src/api/rpc/parity/parity.js
@@ -385,6 +385,11 @@ export default class Parity {
       .then(outNumber);
   }
 
+  nodeHealth () {
+    return this._transport
+      .execute('parity_nodeHealth');
+  }
+
   nodeName () {
     return this._transport
       .execute('parity_nodeName');
diff --git a/js/src/redux/providers/status.js b/js/src/redux/providers/status.js
index e58fcf6c1..39ba74d01 100644
--- a/js/src/redux/providers/status.js
+++ b/js/src/redux/providers/status.js
@@ -200,7 +200,7 @@ export default class Status {
     const statusPromises = [
       this._api.eth.syncing(),
       this._api.parity.netPeers(),
-      this._fetchHealth()
+      this._api.parity.nodeHealth()
     ];
 
     return Promise
@@ -247,13 +247,6 @@ export default class Status {
     };
   }
 
-  _fetchHealth = () => {
-    // Support Parity-Extension.
-    const uiUrl = this._api.transport.uiUrlWithProtocol || '';
-
-    return fetch(`${uiUrl}/api/health`).then(res => res.json());
-  }
-
   /**
    * The data fetched here should not change
    * unless Parity is restarted. They are thus
diff --git a/parity/configuration.rs b/parity/configuration.rs
index 35a2a7f47..681804346 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -346,6 +346,7 @@ impl Configuration {
 				daemon: daemon,
 				logger_config: logger_config.clone(),
 				miner_options: self.miner_options(self.args.flag_reseal_min_period)?,
+				ntp_servers: self.ntp_servers(),
 				ws_conf: ws_conf,
 				http_conf: http_conf,
 				ipc_conf: ipc_conf,
@@ -563,7 +564,6 @@ impl Configuration {
 	fn ui_config(&self) -> UiConfiguration {
 		UiConfiguration {
 			enabled: self.ui_enabled(),
-			ntp_servers: self.ntp_servers(),
 			interface: self.ui_interface(),
 			port: self.ui_port(),
 			hosts: self.ui_hosts(),
@@ -576,7 +576,6 @@ impl Configuration {
 
 		DappsConfiguration {
 			enabled: self.dapps_enabled(),
-			ntp_servers: self.ntp_servers(),
 			dapps_path: PathBuf::from(self.directories().dapps),
 			extra_dapps: if self.args.cmd_dapp {
 				self.args.arg_path.iter().map(|path| PathBuf::from(path)).collect()
@@ -1318,12 +1317,6 @@ mod tests {
 			support_token_api: true
 		}, UiConfiguration {
 			enabled: true,
-			ntp_servers: vec![
-				"0.parity.pool.ntp.org:123".into(),
-				"1.parity.pool.ntp.org:123".into(),
-				"2.parity.pool.ntp.org:123".into(),
-				"3.parity.pool.ntp.org:123".into(),
-			],
 			interface: "127.0.0.1".into(),
 			port: 8180,
 			hosts: Some(vec![]),
@@ -1348,6 +1341,12 @@ mod tests {
 			daemon: None,
 			logger_config: Default::default(),
 			miner_options: Default::default(),
+			ntp_servers: vec![
+				"0.parity.pool.ntp.org:123".into(),
+				"1.parity.pool.ntp.org:123".into(),
+				"2.parity.pool.ntp.org:123".into(),
+				"3.parity.pool.ntp.org:123".into(),
+			],
 			ws_conf: Default::default(),
 			http_conf: Default::default(),
 			ipc_conf: Default::default(),
@@ -1567,16 +1566,9 @@ mod tests {
 		let conf3 = parse(&["parity", "--ui-path", "signer", "--ui-interface", "test"]);
 
 		// then
-		let ntp_servers = vec![
-			"0.parity.pool.ntp.org:123".into(),
-			"1.parity.pool.ntp.org:123".into(),
-			"2.parity.pool.ntp.org:123".into(),
-			"3.parity.pool.ntp.org:123".into(),
-		];
 		assert_eq!(conf0.directories().signer, "signer".to_owned());
 		assert_eq!(conf0.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_servers: ntp_servers.clone(),
 			interface: "127.0.0.1".into(),
 			port: 8180,
 			hosts: Some(vec![]),
@@ -1585,7 +1577,6 @@ mod tests {
 		assert_eq!(conf1.directories().signer, "signer".to_owned());
 		assert_eq!(conf1.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_servers: ntp_servers.clone(),
 			interface: "127.0.0.1".into(),
 			port: 8180,
 			hosts: Some(vec![]),
@@ -1595,7 +1586,6 @@ mod tests {
 		assert_eq!(conf2.directories().signer, "signer".to_owned());
 		assert_eq!(conf2.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_servers: ntp_servers.clone(),
 			interface: "127.0.0.1".into(),
 			port: 3123,
 			hosts: Some(vec![]),
@@ -1604,7 +1594,6 @@ mod tests {
 		assert_eq!(conf3.directories().signer, "signer".to_owned());
 		assert_eq!(conf3.ui_config(), UiConfiguration {
 			enabled: true,
-			ntp_servers: ntp_servers.clone(),
 			interface: "test".into(),
 			port: 8180,
 			hosts: Some(vec![]),
diff --git a/parity/dapps.rs b/parity/dapps.rs
index fddd050f5..4177644d3 100644
--- a/parity/dapps.rs
+++ b/parity/dapps.rs
@@ -22,12 +22,12 @@ use ethcore::client::{Client, BlockChainClient, BlockId};
 use ethcore::transaction::{Transaction, Action};
 use ethsync::LightSync;
 use futures::{future, IntoFuture, Future, BoxFuture};
-use futures_cpupool::CpuPool;
 use hash_fetch::fetch::Client as FetchClient;
 use hash_fetch::urlhint::ContractClient;
 use helpers::replace_home;
 use light::client::Client as LightClient;
 use light::on_demand::{self, OnDemand};
+use node_health::{SyncStatus, NodeHealth};
 use rpc;
 use rpc_apis::SignerService;
 use parity_reactor;
@@ -36,7 +36,6 @@ use util::{Bytes, Address};
 #[derive(Debug, PartialEq, Clone)]
 pub struct Configuration {
 	pub enabled: bool,
-	pub ntp_servers: Vec<String>,
 	pub dapps_path: PathBuf,
 	pub extra_dapps: Vec<PathBuf>,
 	pub extra_embed_on: Vec<(String, u16)>,
@@ -48,12 +47,6 @@ impl Default for Configuration {
 		let data_dir = default_data_path();
 		Configuration {
 			enabled: true,
-			ntp_servers: vec![
-				"0.parity.pool.ntp.org:123".into(),
-				"1.parity.pool.ntp.org:123".into(),
-				"2.parity.pool.ntp.org:123".into(),
-				"3.parity.pool.ntp.org:123".into(),
-			],
 			dapps_path: replace_home(&data_dir, "$BASE/dapps").into(),
 			extra_dapps: vec![],
 			extra_embed_on: vec![],
@@ -149,10 +142,10 @@ impl ContractClient for LightRegistrar {
 // to resolve.
 #[derive(Clone)]
 pub struct Dependencies {
+	pub node_health: NodeHealth,
 	pub sync_status: Arc<SyncStatus>,
 	pub contract_client: Arc<ContractClient>,
 	pub remote: parity_reactor::TokioRemote,
-	pub pool: CpuPool,
 	pub fetch: FetchClient,
 	pub signer: Arc<SignerService>,
 	pub ui_address: Option<(String, u16)>,
@@ -165,7 +158,6 @@ pub fn new(configuration: Configuration, deps: Dependencies) -> Result<Option<Mi
 
 	server::dapps_middleware(
 		deps,
-		&configuration.ntp_servers,
 		configuration.dapps_path,
 		configuration.extra_dapps,
 		rpc::DAPPS_DOMAIN,
@@ -174,19 +166,18 @@ pub fn new(configuration: Configuration, deps: Dependencies) -> Result<Option<Mi
 	).map(Some)
 }
 
-pub fn new_ui(enabled: bool, ntp_servers: &[String], deps: Dependencies) -> Result<Option<Middleware>, String> {
+pub fn new_ui(enabled: bool, deps: Dependencies) -> Result<Option<Middleware>, String> {
 	if !enabled {
 		return Ok(None);
 	}
 
 	server::ui_middleware(
 		deps,
-		ntp_servers,
 		rpc::DAPPS_DOMAIN,
 	).map(Some)
 }
 
-pub use self::server::{SyncStatus, Middleware, service};
+pub use self::server::{Middleware, service};
 
 #[cfg(not(feature = "dapps"))]
 mod server {
@@ -196,11 +187,6 @@ mod server {
 	use parity_rpc::{hyper, RequestMiddleware, RequestMiddlewareAction};
 	use rpc_apis;
 
-	pub trait SyncStatus {
-		fn is_major_importing(&self) -> bool;
-		fn peers(&self) -> (usize, usize);
-	}
-
 	pub struct Middleware;
 	impl RequestMiddleware for Middleware {
 		fn on_request(
@@ -212,7 +198,6 @@ mod server {
 
 	pub fn dapps_middleware(
 		_deps: Dependencies,
-		_ntp_servers: &[String],
 		_dapps_path: PathBuf,
 		_extra_dapps: Vec<PathBuf>,
 		_dapps_domain: &str,
@@ -224,7 +209,6 @@ mod server {
 
 	pub fn ui_middleware(
 		_deps: Dependencies,
-		_ntp_servers: &[String],
 		_dapps_domain: &str,
 	) -> Result<Middleware, String> {
 		Err("Your Parity version has been compiled without UI support.".into())
@@ -246,11 +230,9 @@ mod server {
 	use parity_reactor;
 
 	pub use parity_dapps::Middleware;
-	pub use parity_dapps::SyncStatus;
 
 	pub fn dapps_middleware(
 		deps: Dependencies,
-		ntp_servers: &[String],
 		dapps_path: PathBuf,
 		extra_dapps: Vec<PathBuf>,
 		dapps_domain: &str,
@@ -262,8 +244,7 @@ mod server {
 		let web_proxy_tokens = Arc::new(move |token| signer.web_proxy_access_token_domain(&token));
 
 		Ok(parity_dapps::Middleware::dapps(
-			ntp_servers,
-			deps.pool,
+			deps.node_health,
 			parity_remote,
 			deps.ui_address,
 			extra_embed_on,
@@ -280,13 +261,11 @@ mod server {
 
 	pub fn ui_middleware(
 		deps: Dependencies,
-		ntp_servers: &[String],
 		dapps_domain: &str,
 	) -> Result<Middleware, String> {
 		let parity_remote = parity_reactor::Remote::new(deps.remote.clone());
 		Ok(parity_dapps::Middleware::ui(
-			ntp_servers,
-			deps.pool,
+			deps.node_health,
 			parity_remote,
 			dapps_domain,
 			deps.contract_client,
diff --git a/parity/main.rs b/parity/main.rs
index 48e752bf2..46e698998 100644
--- a/parity/main.rs
+++ b/parity/main.rs
@@ -58,6 +58,7 @@ extern crate ethcore_util as util;
 extern crate ethcore_network as network;
 extern crate ethkey;
 extern crate ethsync;
+extern crate node_health;
 extern crate panic_hook;
 extern crate parity_hash_fetch as hash_fetch;
 extern crate parity_ipfs_api;
diff --git a/parity/rpc.rs b/parity/rpc.rs
index 1e148dad2..f11d4c3ae 100644
--- a/parity/rpc.rs
+++ b/parity/rpc.rs
@@ -73,7 +73,6 @@ impl Default for HttpConfiguration {
 #[derive(Debug, PartialEq, Clone)]
 pub struct UiConfiguration {
 	pub enabled: bool,
-	pub ntp_servers: Vec<String>,
 	pub interface: String,
 	pub port: u16,
 	pub hosts: Option<Vec<String>>,
@@ -107,12 +106,6 @@ impl Default for UiConfiguration {
 	fn default() -> Self {
 		UiConfiguration {
 			enabled: true && cfg!(feature = "ui-enabled"),
-			ntp_servers: vec![
-				"0.parity.pool.ntp.org:123".into(),
-				"1.parity.pool.ntp.org:123".into(),
-				"2.parity.pool.ntp.org:123".into(),
-				"3.parity.pool.ntp.org:123".into(),
-			],
 			port: 8180,
 			interface: "127.0.0.1".into(),
 			hosts: Some(vec![]),
diff --git a/parity/rpc_apis.rs b/parity/rpc_apis.rs
index dba69ae7e..7948d9b20 100644
--- a/parity/rpc_apis.rs
+++ b/parity/rpc_apis.rs
@@ -27,17 +27,18 @@ use ethcore::account_provider::AccountProvider;
 use ethcore::client::Client;
 use ethcore::miner::{Miner, ExternalMiner};
 use ethcore::snapshot::SnapshotService;
-use parity_rpc::{Metadata, NetworkSettings};
-use parity_rpc::informant::{ActivityNotifier, ClientNotifier};
-use parity_rpc::dispatch::{FullDispatcher, LightDispatcher};
+use ethcore_logger::RotatingLogger;
 use ethsync::{ManageNetwork, SyncProvider, LightSync};
 use hash_fetch::fetch::Client as FetchClient;
 use jsonrpc_core::{self as core, MetaIoHandler};
 use light::{TransactionQueue as LightTransactionQueue, Cache as LightDataCache};
+use node_health::NodeHealth;
+use parity_reactor;
+use parity_rpc::dispatch::{FullDispatcher, LightDispatcher};
+use parity_rpc::informant::{ActivityNotifier, ClientNotifier};
+use parity_rpc::{Metadata, NetworkSettings};
 use updater::Updater;
 use util::{Mutex, RwLock};
-use ethcore_logger::RotatingLogger;
-use parity_reactor;
 
 #[derive(Debug, PartialEq, Clone, Eq, Hash)]
 pub enum Api {
@@ -217,6 +218,7 @@ pub struct FullDependencies {
 	pub settings: Arc<NetworkSettings>,
 	pub net_service: Arc<ManageNetwork>,
 	pub updater: Arc<Updater>,
+	pub health: NodeHealth,
 	pub geth_compatibility: bool,
 	pub dapps_service: Option<Arc<DappsService>>,
 	pub dapps_address: Option<(String, u16)>,
@@ -300,12 +302,13 @@ impl FullDependencies {
 						false => None,
 					};
 					handler.extend_with(ParityClient::new(
-						&self.client,
-						&self.miner,
-						&self.sync,
-						&self.updater,
-						&self.net_service,
-						&self.secret_store,
+						self.client.clone(),
+						self.miner.clone(),
+						self.sync.clone(),
+						self.updater.clone(),
+						self.net_service.clone(),
+						self.health.clone(),
+						self.secret_store.clone(),
 						self.logger.clone(),
 						self.settings.clone(),
 						signer,
@@ -403,6 +406,7 @@ pub struct LightDependencies {
 	pub secret_store: Arc<AccountProvider>,
 	pub logger: Arc<RotatingLogger>,
 	pub settings: Arc<NetworkSettings>,
+	pub health: NodeHealth,
 	pub on_demand: Arc<::light::on_demand::OnDemand>,
 	pub cache: Arc<Mutex<LightDataCache>>,
 	pub transaction_queue: Arc<RwLock<LightTransactionQueue>>,
@@ -507,6 +511,7 @@ impl LightDependencies {
 						self.secret_store.clone(),
 						self.logger.clone(),
 						self.settings.clone(),
+						self.health.clone(),
 						signer,
 						self.dapps_address.clone(),
 						self.ws_address.clone(),
diff --git a/parity/run.rs b/parity/run.rs
index 49624480c..a0270d0a3 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -14,6 +14,7 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+use std::fmt;
 use std::sync::Arc;
 use std::net::{TcpListener};
 
@@ -32,6 +33,7 @@ use fdlimit::raise_fd_limit;
 use hash_fetch::fetch::{Fetch, Client as FetchClient};
 use informant::{Informant, LightNodeInformantData, FullNodeInformantData};
 use light::Cache as LightDataCache;
+use node_health;
 use parity_reactor::EventLoop;
 use parity_rpc::{NetworkSettings, informant, is_major_importing};
 use updater::{UpdatePolicy, Updater};
@@ -80,6 +82,7 @@ pub struct RunCmd {
 	pub daemon: Option<String>,
 	pub logger_config: LogConfig,
 	pub miner_options: MinerOptions,
+	pub ntp_servers: Vec<String>,
 	pub ws_conf: rpc::WsConfiguration,
 	pub http_conf: rpc::HttpConfiguration,
 	pub ipc_conf: rpc::IpcConfiguration,
@@ -283,7 +286,7 @@ fn execute_light(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) ->
 
 	// the dapps server
 	let signer_service = Arc::new(signer::new_service(&cmd.ws_conf, &cmd.ui_conf, &cmd.logger_config));
-	let dapps_deps = {
+	let (node_health, dapps_deps) = {
 		let contract_client = Arc::new(::dapps::LightRegistrar {
 			client: service.client().clone(),
 			sync: light_sync.clone(),
@@ -291,7 +294,12 @@ fn execute_light(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) ->
 		});
 
 		struct LightSyncStatus(Arc<LightSync>);
-		impl dapps::SyncStatus for LightSyncStatus {
+		impl fmt::Debug for LightSyncStatus {
+			fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+				write!(fmt, "Light Sync Status")
+			}
+		}
+		impl node_health::SyncStatus for LightSyncStatus {
 			fn is_major_importing(&self) -> bool { self.0.is_major_importing() }
 			fn peers(&self) -> (usize, usize) {
 				let peers = ethsync::LightSyncProvider::peer_numbers(&*self.0);
@@ -299,19 +307,26 @@ fn execute_light(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) ->
 			}
 		}
 
-		dapps::Dependencies {
-			sync_status: Arc::new(LightSyncStatus(light_sync.clone())),
-			pool: fetch.pool(),
+		let sync_status = Arc::new(LightSyncStatus(light_sync.clone()));
+		let node_health = node_health::NodeHealth::new(
+			sync_status.clone(),
+			node_health::TimeChecker::new(&cmd.ntp_servers, fetch.pool()),
+			event_loop.remote(),
+		);
+
+		(node_health.clone(), dapps::Dependencies {
+			sync_status,
+			node_health,
 			contract_client: contract_client,
 			remote: event_loop.raw_remote(),
 			fetch: fetch.clone(),
 			signer: signer_service.clone(),
 			ui_address: cmd.ui_conf.address(),
-		}
+		})
 	};
 
 	let dapps_middleware = dapps::new(cmd.dapps_conf.clone(), dapps_deps.clone())?;
-	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, &cmd.ui_conf.ntp_servers, dapps_deps)?;
+	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, dapps_deps)?;
 
 	// start RPCs
 	let dapps_service = dapps::service(&dapps_middleware);
@@ -320,6 +335,7 @@ fn execute_light(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) ->
 		client: service.client().clone(),
 		sync: light_sync.clone(),
 		net: light_sync.clone(),
+		health: node_health,
 		secret_store: account_provider,
 		logger: logger,
 		settings: Arc::new(cmd.net_settings),
@@ -661,12 +677,17 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 	let signer_service = Arc::new(signer::new_service(&cmd.ws_conf, &cmd.ui_conf, &cmd.logger_config));
 
 	// the dapps server
-	let dapps_deps = {
+	let (node_health, dapps_deps) = {
 		let (sync, client) = (sync_provider.clone(), client.clone());
 		let contract_client = Arc::new(::dapps::FullRegistrar { client: client.clone() });
 
 		struct SyncStatus(Arc<ethsync::SyncProvider>, Arc<Client>, ethsync::NetworkConfiguration);
-		impl dapps::SyncStatus for SyncStatus {
+		impl fmt::Debug for SyncStatus {
+			fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+				write!(fmt, "Dapps Sync Status")
+			}
+		}
+		impl node_health::SyncStatus for SyncStatus {
 			fn is_major_importing(&self) -> bool {
 				is_major_importing(Some(self.0.status().state), self.1.queue_info())
 			}
@@ -676,18 +697,24 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 			}
 		}
 
-		dapps::Dependencies {
-			sync_status: Arc::new(SyncStatus(sync, client, net_conf)),
-			pool: fetch.pool(),
+		let sync_status = Arc::new(SyncStatus(sync, client, net_conf));
+		let node_health = node_health::NodeHealth::new(
+			sync_status.clone(),
+			node_health::TimeChecker::new(&cmd.ntp_servers, fetch.pool()),
+			event_loop.remote(),
+		);
+		(node_health.clone(), dapps::Dependencies {
+			sync_status,
+			node_health,
 			contract_client: contract_client,
 			remote: event_loop.raw_remote(),
 			fetch: fetch.clone(),
 			signer: signer_service.clone(),
 			ui_address: cmd.ui_conf.address(),
-		}
+		})
 	};
 	let dapps_middleware = dapps::new(cmd.dapps_conf.clone(), dapps_deps.clone())?;
-	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, &cmd.ui_conf.ntp_servers, dapps_deps)?;
+	let ui_middleware = dapps::new_ui(cmd.ui_conf.enabled, dapps_deps)?;
 
 	let dapps_service = dapps::service(&dapps_middleware);
 	let deps_for_rpc_apis = Arc::new(rpc_apis::FullDependencies {
@@ -695,6 +722,7 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 		snapshot: snapshot_service.clone(),
 		client: client.clone(),
 		sync: sync_provider.clone(),
+		health: node_health,
 		net: manage_network.clone(),
 		secret_store: secret_store,
 		miner: miner.clone(),
diff --git a/rpc/Cargo.toml b/rpc/Cargo.toml
index 73230c24e..a5a371cdf 100644
--- a/rpc/Cargo.toml
+++ b/rpc/Cargo.toml
@@ -47,12 +47,13 @@ ethjson = { path = "../json" }
 ethcore-devtools = { path = "../devtools" }
 ethcore-light = { path = "../ethcore/light" }
 ethcore-logger = { path = "../logger" }
-vm = { path = "../ethcore/vm" }
-parity-updater = { path = "../updater" }
-parity-reactor = { path = "../util/reactor" }
-rlp = { path = "../util/rlp" }
 fetch = { path = "../util/fetch" }
+node-health = { path = "../dapps/node-health" }
+parity-reactor = { path = "../util/reactor" }
+parity-updater = { path = "../updater" }
+rlp = { path = "../util/rlp" }
 stats = { path = "../util/stats" }
+vm = { path = "../ethcore/vm" }
 
 clippy = { version = "0.0.103", optional = true}
 pretty_assertions = "0.1"
diff --git a/rpc/src/lib.rs b/rpc/src/lib.rs
index e75d187de..c429471f3 100644
--- a/rpc/src/lib.rs
+++ b/rpc/src/lib.rs
@@ -55,6 +55,7 @@ extern crate ethsync;
 extern crate ethcore_logger;
 extern crate vm;
 extern crate fetch;
+extern crate node_health;
 extern crate parity_reactor;
 extern crate parity_updater as updater;
 extern crate rlp;
diff --git a/rpc/src/v1/helpers/dispatch.rs b/rpc/src/v1/helpers/dispatch.rs
index b2602d6a1..ab8dd655a 100644
--- a/rpc/src/v1/helpers/dispatch.rs
+++ b/rpc/src/v1/helpers/dispatch.rs
@@ -584,8 +584,9 @@ fn decrypt(accounts: &AccountProvider, address: Address, msg: Bytes, password: S
 }
 
 /// Extract the default gas price from a client and miner.
-pub fn default_gas_price<C, M>(client: &C, miner: &M) -> U256
-	where C: MiningBlockChainClient, M: MinerService
+pub fn default_gas_price<C, M>(client: &C, miner: &M) -> U256 where
+	C: MiningBlockChainClient,
+	M: MinerService,
 {
 	client.gas_price_corpus(100).median().cloned().unwrap_or_else(|| miner.sensible_gas_price())
 }
diff --git a/rpc/src/v1/helpers/fake_sign.rs b/rpc/src/v1/helpers/fake_sign.rs
index 551bf5d35..2bbaef0ee 100644
--- a/rpc/src/v1/helpers/fake_sign.rs
+++ b/rpc/src/v1/helpers/fake_sign.rs
@@ -24,8 +24,8 @@ use jsonrpc_core::Error;
 use v1::helpers::CallRequest;
 use v1::helpers::dispatch::default_gas_price;
 
-pub fn sign_call<B: MiningBlockChainClient, M: MinerService>(
-	client: &Arc<B>,
+pub fn sign_call<C: MiningBlockChainClient, M: MinerService> (
+	client: &Arc<C>,
 	miner: &Arc<M>,
 	request: CallRequest,
 	gas_cap: bool,
diff --git a/rpc/src/v1/impls/light/parity.rs b/rpc/src/v1/impls/light/parity.rs
index 676e39b11..7cd540937 100644
--- a/rpc/src/v1/impls/light/parity.rs
+++ b/rpc/src/v1/impls/light/parity.rs
@@ -19,15 +19,15 @@ use std::sync::Arc;
 use std::collections::{BTreeMap, HashSet};
 use futures::{future, Future, BoxFuture};
 
-use ethcore_logger::RotatingLogger;
 use util::misc::version_data;
 
-use crypto::ecies;
+use crypto::{ecies, DEFAULT_MAC};
 use ethkey::{Brain, Generator};
 use ethstore::random_phrase;
 use ethsync::LightSyncProvider;
 use ethcore::account_provider::AccountProvider;
-use crypto::DEFAULT_MAC;
+use ethcore_logger::RotatingLogger;
+use node_health::{NodeHealth, Health};
 
 use light::client::LightChainClient;
 
@@ -53,6 +53,7 @@ pub struct ParityClient {
 	accounts: Arc<AccountProvider>,
 	logger: Arc<RotatingLogger>,
 	settings: Arc<NetworkSettings>,
+	health: NodeHealth,
 	signer: Option<Arc<SignerService>>,
 	dapps_address: Option<(String, u16)>,
 	ws_address: Option<(String, u16)>,
@@ -67,18 +68,20 @@ impl ParityClient {
 		accounts: Arc<AccountProvider>,
 		logger: Arc<RotatingLogger>,
 		settings: Arc<NetworkSettings>,
+		health: NodeHealth,
 		signer: Option<Arc<SignerService>>,
 		dapps_address: Option<(String, u16)>,
 		ws_address: Option<(String, u16)>,
 	) -> Self {
 		ParityClient {
-			light_dispatch: light_dispatch,
-			accounts: accounts,
-			logger: logger,
-			settings: settings,
-			signer: signer,
-			dapps_address: dapps_address,
-			ws_address: ws_address,
+			light_dispatch,
+			accounts,
+			logger,
+			settings,
+			health,
+			signer,
+			dapps_address,
+			ws_address,
 			eip86_transition: client.eip86_transition(),
 		}
 	}
@@ -393,4 +396,10 @@ impl Parity for ParityClient {
 	fn call(&self, _meta: Self::Metadata, _requests: Vec<CallRequest>, _block: Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error> {
 		future::err(errors::light_unimplemented(None)).boxed()
 	}
+
+	fn node_health(&self) -> BoxFuture<Health, Error> {
+		self.health.health()
+			.map_err(|err| errors::internal("Health API failure.", err))
+			.boxed()
+	}
 }
diff --git a/rpc/src/v1/impls/parity.rs b/rpc/src/v1/impls/parity.rs
index fb82c5205..e66d3ac05 100644
--- a/rpc/src/v1/impls/parity.rs
+++ b/rpc/src/v1/impls/parity.rs
@@ -20,11 +20,10 @@ use std::str::FromStr;
 use std::collections::{BTreeMap, HashSet};
 use futures::{future, Future, BoxFuture};
 
-use ethcore_logger::RotatingLogger;
 use util::Address;
 use util::misc::version_data;
 
-use crypto::ecies;
+use crypto::{DEFAULT_MAC, ecies};
 use ethkey::{Brain, Generator};
 use ethstore::random_phrase;
 use ethsync::{SyncProvider, ManageNetwork};
@@ -34,8 +33,9 @@ use ethcore::ids::BlockId;
 use ethcore::miner::MinerService;
 use ethcore::mode::Mode;
 use ethcore::transaction::SignedTransaction;
+use ethcore_logger::RotatingLogger;
+use node_health::{NodeHealth, Health};
 use updater::{Service as UpdateService};
-use crypto::DEFAULT_MAC;
 
 use jsonrpc_core::Error;
 use jsonrpc_macros::Trailing;
@@ -53,17 +53,13 @@ use v1::types::{
 };
 
 /// Parity implementation.
-pub struct ParityClient<C, M, S: ?Sized, U> where
-	C: MiningBlockChainClient,
-	M: MinerService,
-	S: SyncProvider,
-	U: UpdateService,
-{
+pub struct ParityClient<C, M, U>  {
 	client: Arc<C>,
 	miner: Arc<M>,
-	sync: Arc<S>,
 	updater: Arc<U>,
+	sync: Arc<SyncProvider>,
 	net: Arc<ManageNetwork>,
+	health: NodeHealth,
 	accounts: Option<Arc<AccountProvider>>,
 	logger: Arc<RotatingLogger>,
 	settings: Arc<NetworkSettings>,
@@ -73,39 +69,39 @@ pub struct ParityClient<C, M, S: ?Sized, U> where
 	eip86_transition: u64,
 }
 
-impl<C, M, S: ?Sized, U> ParityClient<C, M, S, U> where
+impl<C, M, U> ParityClient<C, M, U> where
 	C: MiningBlockChainClient,
-	M: MinerService,
-	S: SyncProvider,
-	U: UpdateService,
 {
 	/// Creates new `ParityClient`.
 	pub fn new(
-		client: &Arc<C>,
-		miner: &Arc<M>,
-		sync: &Arc<S>,
-		updater: &Arc<U>,
-		net: &Arc<ManageNetwork>,
-		store: &Option<Arc<AccountProvider>>,
+		client: Arc<C>,
+		miner: Arc<M>,
+		sync: Arc<SyncProvider>,
+		updater: Arc<U>,
+		net: Arc<ManageNetwork>,
+		health: NodeHealth,
+		accounts: Option<Arc<AccountProvider>>,
 		logger: Arc<RotatingLogger>,
 		settings: Arc<NetworkSettings>,
 		signer: Option<Arc<SignerService>>,
 		dapps_address: Option<(String, u16)>,
 		ws_address: Option<(String, u16)>,
 	) -> Self {
+		let eip86_transition = client.eip86_transition();
 		ParityClient {
-			client: client.clone(),
-			miner: miner.clone(),
-			sync: sync.clone(),
-			updater: updater.clone(),
-			net: net.clone(),
-			accounts: store.clone(),
-			logger: logger,
-			settings: settings,
-			signer: signer,
-			dapps_address: dapps_address,
-			ws_address: ws_address,
-			eip86_transition: client.eip86_transition(),
+			client,
+			miner,
+			sync,
+			updater,
+			net,
+			health,
+			accounts,
+			logger,
+			settings,
+			signer,
+			dapps_address,
+			ws_address,
+			eip86_transition,
 		}
 	}
 
@@ -116,10 +112,9 @@ impl<C, M, S: ?Sized, U> ParityClient<C, M, S, U> where
 	}
 }
 
-impl<C, M, S: ?Sized, U> Parity for ParityClient<C, M, S, U> where
-	M: MinerService + 'static,
+impl<C, M, U> Parity for ParityClient<C, M, U> where
 	C: MiningBlockChainClient + 'static,
-	S: SyncProvider + 'static,
+	M: MinerService + 'static,
 	U: UpdateService + 'static,
 {
 	type Metadata = Metadata;
@@ -429,4 +424,10 @@ impl<C, M, S: ?Sized, U> Parity for ParityClient<C, M, S, U> where
 
 		future::done(result).boxed()
 	}
+
+	fn node_health(&self) -> BoxFuture<Health, Error> {
+		self.health.health()
+			.map_err(|err| errors::internal("Health API failure.", err))
+			.boxed()
+	}
 }
diff --git a/rpc/src/v1/tests/mocked/parity.rs b/rpc/src/v1/tests/mocked/parity.rs
index b5cdada6f..3c98ea8ef 100644
--- a/rpc/src/v1/tests/mocked/parity.rs
+++ b/rpc/src/v1/tests/mocked/parity.rs
@@ -15,13 +15,15 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::sync::Arc;
-use ethcore_logger::RotatingLogger;
-use util::{Address, U256};
-use ethsync::ManageNetwork;
 use ethcore::account_provider::AccountProvider;
 use ethcore::client::{TestBlockChainClient, Executed};
 use ethcore::miner::LocalTransactionStatus;
+use ethcore_logger::RotatingLogger;
 use ethstore::ethkey::{Generator, Random};
+use ethsync::ManageNetwork;
+use node_health::{self, NodeHealth};
+use parity_reactor;
+use util::Address;
 
 use jsonrpc_core::IoHandler;
 use v1::{Parity, ParityClient};
@@ -30,13 +32,14 @@ use v1::helpers::{SignerService, NetworkSettings};
 use v1::tests::helpers::{TestSyncProvider, Config, TestMinerService, TestUpdater};
 use super::manage_network::TestManageNetwork;
 
-pub type TestParityClient = ParityClient<TestBlockChainClient, TestMinerService, TestSyncProvider, TestUpdater>;
+pub type TestParityClient = ParityClient<TestBlockChainClient, TestMinerService, TestUpdater>;
 
 pub struct Dependencies {
 	pub miner: Arc<TestMinerService>,
 	pub client: Arc<TestBlockChainClient>,
 	pub sync: Arc<TestSyncProvider>,
 	pub updater: Arc<TestUpdater>,
+	pub health: NodeHealth,
 	pub logger: Arc<RotatingLogger>,
 	pub settings: Arc<NetworkSettings>,
 	pub network: Arc<ManageNetwork>,
@@ -54,6 +57,11 @@ impl Dependencies {
 				network_id: 3,
 				num_peers: 120,
 			})),
+			health: NodeHealth::new(
+				Arc::new(FakeSync),
+				node_health::TimeChecker::new::<String>(&[], node_health::CpuPool::new(1)),
+				parity_reactor::Remote::new_sync(),
+			),
 			updater: Arc::new(TestUpdater::default()),
 			logger: Arc::new(RotatingLogger::new("rpc=trace".to_owned())),
 			settings: Arc::new(NetworkSettings {
@@ -75,12 +83,13 @@ impl Dependencies {
 		let opt_accounts = Some(self.accounts.clone());
 
 		ParityClient::new(
-			&self.client,
-			&self.miner,
-			&self.sync,
-			&self.updater,
-			&self.network,
-			&opt_accounts,
+			self.client.clone(),
+			self.miner.clone(),
+			self.sync.clone(),
+			self.updater.clone(),
+			self.network.clone(),
+			self.health.clone(),
+			opt_accounts.clone(),
 			self.logger.clone(),
 			self.settings.clone(),
 			signer,
@@ -102,6 +111,13 @@ impl Dependencies {
 	}
 }
 
+#[derive(Debug)]
+struct FakeSync;
+impl node_health::SyncStatus for FakeSync {
+	fn is_major_importing(&self) -> bool { false }
+	fn peers(&self) -> (usize, usize) { (4, 25) }
+}
+
 #[test]
 fn rpc_parity_accounts_info() {
 	let deps = Dependencies::new();
@@ -507,6 +523,8 @@ fn rpc_parity_cid() {
 
 #[test]
 fn rpc_parity_call() {
+	use util::U256;
+
 	let deps = Dependencies::new();
 	deps.client.set_execution_result(Ok(Executed {
 		exception: None,
@@ -541,3 +559,14 @@ fn rpc_parity_call() {
 
 	assert_eq!(io.handle_request_sync(request), Some(response.to_owned()));
 }
+
+#[test]
+fn rpc_parity_node_health() {
+	let deps = Dependencies::new();
+	let io = deps.default_client();
+
+	let request = r#"{"jsonrpc": "2.0", "method": "parity_nodeHealth", "params":[], "id": 1}"#;
+	let response = r#"{"jsonrpc":"2.0","result":{"peers":{"details":[4,25],"message":"","status":"ok"},"sync":{"details":false,"message":"","status":"ok"},"time":{"details":0,"message":"","status":"ok"}},"id":1}"#;
+
+	assert_eq!(io.handle_request_sync(request), Some(response.to_owned()));
+}
diff --git a/rpc/src/v1/traits/parity.rs b/rpc/src/v1/traits/parity.rs
index c9ca522c1..f1512b8ce 100644
--- a/rpc/src/v1/traits/parity.rs
+++ b/rpc/src/v1/traits/parity.rs
@@ -22,6 +22,7 @@ use jsonrpc_core::Error;
 use jsonrpc_macros::Trailing;
 use futures::BoxFuture;
 
+use node_health::Health;
 use v1::types::{
 	H160, H256, H512, U256, Bytes, CallRequest,
 	Peers, Transaction, RpcSettings, Histogram,
@@ -207,5 +208,9 @@ build_rpc_trait! {
 		/// Call contract, returning the output data.
 		#[rpc(meta, name = "parity_call")]
 		fn call(&self, Self::Metadata, Vec<CallRequest>, Trailing<BlockNumber>) -> BoxFuture<Vec<Bytes>, Error>;
+
+		/// Returns node's health report.
+		#[rpc(async, name = "parity_nodeHealth")]
+		fn node_health(&self) -> BoxFuture<Health, Error>;
 	}
 }
diff --git a/util/reactor/src/lib.rs b/util/reactor/src/lib.rs
index e5f04d652..f5a37fb0f 100644
--- a/util/reactor/src/lib.rs
+++ b/util/reactor/src/lib.rs
@@ -20,7 +20,7 @@
 extern crate futures;
 extern crate tokio_core;
 
-use std::thread;
+use std::{fmt, thread};
 use std::sync::mpsc;
 use std::time::Duration;
 use futures::{Future, IntoFuture};
@@ -81,7 +81,19 @@ enum Mode {
 	ThreadPerFuture,
 }
 
-#[derive(Clone)]
+impl fmt::Debug for Mode {
+	fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+		use self::Mode::*;
+
+		match *self {
+			Tokio(_) => write!(fmt, "tokio"),
+			Sync => write!(fmt, "synchronous"),
+			ThreadPerFuture => write!(fmt, "thread per future"),
+		}
+	}
+}
+
+#[derive(Debug, Clone)]
 pub struct Remote {
 	inner: Mode,
 }

From abecd80f54462ced0f2579e720aff56712d5149d Mon Sep 17 00:00:00 2001
From: Nikolay Volf <nikvolf@gmail.com>
Date: Mon, 28 Aug 2017 15:12:40 +0300
Subject: [PATCH 107/112] Wasm math tests extended (#6354)

* extend math tests

* use latest wasm-tests

* cleanup

* avoid overflow

* use correct gas-

* and division
---
 ethcore/res/wasm-tests    |   2 +-
 ethcore/wasm/src/tests.rs | 137 ++++++++++++++++++++++++++++++--------
 2 files changed, 112 insertions(+), 27 deletions(-)

diff --git a/ethcore/res/wasm-tests b/ethcore/res/wasm-tests
index 85e76c5ea..519b0b967 160000
--- a/ethcore/res/wasm-tests
+++ b/ethcore/res/wasm-tests
@@ -1 +1 @@
-Subproject commit 85e76c5ea2a54c6c54e35014643b5080a50460c5
+Subproject commit 519b0b967cffd7d1236ef21698b1e6e415a048e9
diff --git a/ethcore/wasm/src/tests.rs b/ethcore/wasm/src/tests.rs
index df01b8df6..de0b528a1 100644
--- a/ethcore/wasm/src/tests.rs
+++ b/ethcore/wasm/src/tests.rs
@@ -415,36 +415,121 @@ fn storage_read() {
 	assert_eq!(Address::from(&result[12..32]), address);
 }
 
+macro_rules! reqrep_test {
+	($name: expr, $input: expr) => {
+		{
+			::ethcore_logger::init_log();
+			let code = load_sample!($name);
 
-// Tests that contract's ability to read from a storage
-// Test prepopulates address into storage, than executes a contract which read that address from storage and write this address into result
+			let mut params = ActionParams::default();
+			params.gas = U256::from(100_000);
+			params.code = Some(Arc::new(code));
+			params.data = Some($input);
+
+			let (gas_left, result) = {
+				let mut interpreter = wasm_interpreter();
+				let result = interpreter.exec(params, &mut FakeExt::new()).expect("Interpreter to execute without any errors");
+				match result {
+						GasLeft::Known(_) => { panic!("Test is expected to return payload to check"); },
+						GasLeft::NeedsReturn { gas_left: gas, data: result, apply_state: _apply } => (gas, result.to_vec()),
+				}
+			};
+
+			(gas_left, result)
+		}
+	}
+}
+
+// math_* tests check the ability of wasm contract to perform big integer operations
+// - addition
+// - multiplication
+// - substraction
+// - division
+
+// addition
 #[test]
 fn math_add() {
-	::ethcore_logger::init_log();
-	let code = load_sample!("math.wasm");
 
-	let mut params = ActionParams::default();
-	params.gas = U256::from(100_000);
-	params.code = Some(Arc::new(code));
-
-	let mut args = [0u8; 64];
-	let arg_a = U256::from_dec_str("999999999999999999999999999999").unwrap();
-	let arg_b = U256::from_dec_str("888888888888888888888888888888").unwrap();
-	arg_a.to_big_endian(&mut args[0..32]);
-	arg_b.to_big_endian(&mut args[32..64]);
-	params.data = Some(args.to_vec());
-
-	let (gas_left, result) = {
-		let mut interpreter = wasm_interpreter();
-		let result = interpreter.exec(params, &mut FakeExt::new()).expect("Interpreter to execute without any errors");
-		match result {
-				GasLeft::Known(_) => { panic!("storage_read should return payload"); },
-				GasLeft::NeedsReturn { gas_left: gas, data: result, apply_state: _apply } => (gas, result.to_vec()),
+	let (gas_left, result) = reqrep_test!(
+		"math.wasm",
+		{
+			let mut args = [0u8; 65];
+			let arg_a = U256::from_dec_str("999999999999999999999999999999").unwrap();
+			let arg_b = U256::from_dec_str("888888888888888888888888888888").unwrap();
+			arg_a.to_big_endian(&mut args[1..33]);
+			arg_b.to_big_endian(&mut args[33..65]);
+			args.to_vec()
 		}
-	};
+	);
 
-	let sum: U256 = (&result[..]).into();
-
-	assert_eq!(gas_left, U256::from(96284));
-	assert_eq!(sum, U256::from_dec_str("1888888888888888888888888888887").unwrap());
+	assert_eq!(gas_left, U256::from(98087));
+	assert_eq!(
+		U256::from_dec_str("1888888888888888888888888888887").unwrap(),
+		(&result[..]).into()
+	);
+}
+
+// multiplication
+#[test]
+fn math_mul() {
+	let (gas_left, result) = reqrep_test!(
+		"math.wasm",
+		{
+			let mut args = [1u8; 65];
+			let arg_a = U256::from_dec_str("888888888888888888888888888888").unwrap();
+			let arg_b = U256::from_dec_str("999999999999999999999999999999").unwrap();
+			arg_a.to_big_endian(&mut args[1..33]);
+			arg_b.to_big_endian(&mut args[33..65]);
+			args.to_vec()
+		}
+	);
+
+	assert_eq!(gas_left, U256::from(97236));
+	assert_eq!(
+		U256::from_dec_str("888888888888888888888888888887111111111111111111111111111112").unwrap(),
+		(&result[..]).into()
+	);
+}
+
+// substraction
+#[test]
+fn math_sub() {
+	let (gas_left, result) = reqrep_test!(
+		"math.wasm",
+		{
+			let mut args = [2u8; 65];
+			let arg_a = U256::from_dec_str("999999999999999999999999999999").unwrap();
+			let arg_b = U256::from_dec_str("888888888888888888888888888888").unwrap();
+			arg_a.to_big_endian(&mut args[1..33]);
+			arg_b.to_big_endian(&mut args[33..65]);
+			args.to_vec()
+		}
+	);
+
+	assert_eq!(gas_left, U256::from(98131));
+	assert_eq!(
+		U256::from_dec_str("111111111111111111111111111111").unwrap(),
+		(&result[..]).into()
+	);
+}
+
+#[test]
+fn math_div() {
+	let (gas_left, result) = reqrep_test!(
+		"math.wasm",
+		{
+			let mut args = [3u8; 65];
+			let arg_a = U256::from_dec_str("999999999999999999999999999999").unwrap();
+			let arg_b = U256::from_dec_str("888888888888888888888888").unwrap();
+			arg_a.to_big_endian(&mut args[1..33]);
+			arg_b.to_big_endian(&mut args[33..65]);
+			args.to_vec()
+		}
+	);
+
+	assert_eq!(gas_left, U256::from(91420));
+	assert_eq!(
+		U256::from_dec_str("1125000").unwrap(),
+		(&result[..]).into()
+	);
 }

From f9a08e285c811796d0c52d4fd62c3caccb068374 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Mon, 28 Aug 2017 14:25:16 +0200
Subject: [PATCH 108/112] Running state test using parity-evm (#6355)

* Initial version of state tests.

* Refactor state to support tracing.

* Unify TransactResult.

* Add test.
---
 Cargo.lock                            |   1 +
 ethcore/src/client/client.rs          |  60 +++++---
 ethcore/src/client/evm_test_client.rs | 189 +++++++++++++++++++++-----
 ethcore/src/client/mod.rs             |   2 +-
 ethcore/src/executive.rs              | 113 +++++++++++----
 ethcore/src/json_tests/state.rs       |  72 +++++-----
 ethcore/src/state/mod.rs              |  57 ++++++--
 ethcore/src/tests/client.rs           |   4 +-
 ethcore/src/trace/executive_tracer.rs |   2 +-
 ethcore/src/trace/mod.rs              |   2 +-
 ethcore/src/trace/noop_tracer.rs      |   2 +-
 evmbin/Cargo.toml                     |   1 +
 evmbin/src/display/json.rs            |  14 +-
 evmbin/src/display/simple.rs          |   6 +-
 evmbin/src/info.rs                    |  74 ++++++++--
 evmbin/src/main.rs                    |  93 +++++++++++--
 json/src/state/test.rs                |   5 +-
 17 files changed, 538 insertions(+), 159 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 913ac0e44..596c32060 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -935,6 +935,7 @@ dependencies = [
  "docopt 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "ethcore 1.8.0",
  "ethcore-util 1.8.0",
+ "ethjson 0.1.0",
  "evm 0.1.0",
  "panic_hook 0.1.0",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/ethcore/src/client/client.rs b/ethcore/src/client/client.rs
index ff09a7b2b..ac8a0aea9 100644
--- a/ethcore/src/client/client.rs
+++ b/ethcore/src/client/client.rs
@@ -748,7 +748,7 @@ impl Client {
 								self.factories.clone(),
 							).expect("state known to be available for just-imported block; qed");
 
-							let options = TransactOptions { tracing: false, vm_tracing: false, check_nonce: false };
+							let options = TransactOptions::with_no_tracing().dont_check_nonce();
 							let res = Executive::new(&mut state, &env_info, &*self.engine)
 								.transact(&transaction, options);
 
@@ -1113,18 +1113,39 @@ impl Client {
 		}.fake_sign(from)
 	}
 
-	fn do_call(&self, env_info: &EnvInfo, state: &mut State<StateDB>, t: &SignedTransaction, analytics: CallAnalytics) -> Result<Executed, CallError> {
-		let original_state = if analytics.state_diffing { Some(state.clone()) } else { None };
+	fn do_virtual_call(&self, env_info: &EnvInfo, state: &mut State<StateDB>, t: &SignedTransaction, analytics: CallAnalytics) -> Result<Executed, CallError> {
+		fn call<E, V, T>(
+			state: &mut State<StateDB>,
+			env_info: &EnvInfo,
+			engine: &E,
+			state_diff: bool,
+			transaction: &SignedTransaction,
+			options: TransactOptions<T, V>,
+		) -> Result<Executed, CallError> where
+			E: Engine + ?Sized,
+			T: trace::Tracer,
+			V: trace::VMTracer,
+		{
+			let options = options.dont_check_nonce();
+			let original_state = if state_diff { Some(state.clone()) } else { None };
 
-		let options = TransactOptions { tracing: analytics.transaction_tracing, vm_tracing: analytics.vm_tracing, check_nonce: false };
-		let mut ret = Executive::new(state, env_info, &*self.engine).transact_virtual(t, options)?;
+			let mut ret = Executive::new(state, env_info, engine).transact_virtual(transaction, options)?;
 
-		// TODO gav move this into Executive.
-		if let Some(original) = original_state {
-			ret.state_diff = Some(state.diff_from(original).map_err(ExecutionError::from)?);
+			if let Some(original) = original_state {
+				ret.state_diff = Some(state.diff_from(original).map_err(ExecutionError::from)?);
+			}
+			Ok(ret)
 		}
 
-		Ok(ret)
+		let state_diff = analytics.state_diffing;
+		let engine = &*self.engine;
+
+		match (analytics.transaction_tracing, analytics.vm_tracing) {
+			(true, true) => call(state, env_info, engine, state_diff, t, TransactOptions::with_tracing_and_vm_tracing()),
+			(true, false) => call(state, env_info, engine, state_diff, t, TransactOptions::with_tracing()),
+			(false, true) => call(state, env_info, engine, state_diff, t, TransactOptions::with_vm_tracing()),
+			(false, false) => call(state, env_info, engine, state_diff, t, TransactOptions::with_no_tracing()),
+		}
 	}
 }
 
@@ -1157,7 +1178,7 @@ impl BlockChainClient for Client {
 		// that's just a copy of the state.
 		let mut state = self.state_at(block).ok_or(CallError::StatePruned)?;
 
-		self.do_call(&env_info, &mut state, transaction, analytics)
+		self.do_virtual_call(&env_info, &mut state, transaction, analytics)
 	}
 
 	fn call_many(&self, transactions: &[(SignedTransaction, CallAnalytics)], block: BlockId) -> Result<Vec<Executed>, CallError> {
@@ -1169,7 +1190,7 @@ impl BlockChainClient for Client {
 		let mut results = Vec::with_capacity(transactions.len());
 
 		for &(ref t, analytics) in transactions {
-			let ret = self.do_call(&env_info, &mut state, t, analytics)?;
+			let ret = self.do_virtual_call(&env_info, &mut state, t, analytics)?;
 			env_info.gas_used = ret.cumulative_gas_used;
 			results.push(ret);
 		}
@@ -1189,7 +1210,7 @@ impl BlockChainClient for Client {
 		// that's just a copy of the state.
 		let original_state = self.state_at(block).ok_or(CallError::StatePruned)?;
 		let sender = t.sender();
-		let options = TransactOptions { tracing: true, vm_tracing: false, check_nonce: false };
+		let options = || TransactOptions::with_tracing();
 
 		let cond = |gas| {
 			let mut tx = t.as_unsigned().clone();
@@ -1198,7 +1219,7 @@ impl BlockChainClient for Client {
 
 			let mut state = original_state.clone();
 			Ok(Executive::new(&mut state, &env_info, &*self.engine)
-				.transact_virtual(&tx, options.clone())
+				.transact_virtual(&tx, options())
 				.map(|r| r.exception.is_none())
 				.unwrap_or(false))
 		};
@@ -1254,22 +1275,17 @@ impl BlockChainClient for Client {
 			return Err(CallError::TransactionNotFound);
 		}
 
-		let options = TransactOptions { tracing: analytics.transaction_tracing, vm_tracing: analytics.vm_tracing, check_nonce: false };
 		const PROOF: &'static str = "Transactions fetched from blockchain; blockchain transactions are valid; qed";
 		let rest = txs.split_off(address.index);
 		for t in txs {
 			let t = SignedTransaction::new(t).expect(PROOF);
-			let x = Executive::new(&mut state, &env_info, &*self.engine).transact(&t, Default::default())?;
+			let x = Executive::new(&mut state, &env_info, &*self.engine).transact(&t, TransactOptions::with_no_tracing())?;
 			env_info.gas_used = env_info.gas_used + x.gas_used;
 		}
 		let first = rest.into_iter().next().expect("We split off < `address.index`; Length is checked earlier; qed");
 		let t = SignedTransaction::new(first).expect(PROOF);
-		let original_state = if analytics.state_diffing { Some(state.clone()) } else { None };
-		let mut ret = Executive::new(&mut state, &env_info, &*self.engine).transact(&t, options)?;
-		if let Some(original) = original_state {
-			ret.state_diff = Some(state.diff_from(original).map_err(ExecutionError::from)?)
-		}
-		Ok(ret)
+
+		self.do_virtual_call(&env_info, &mut state, &t, analytics)
 	}
 
 	fn mode(&self) -> IpcMode {
@@ -1951,7 +1967,7 @@ impl ProvingBlockChainClient for Client {
 		let backend = state::backend::Proving::new(jdb.as_hashdb_mut());
 
 		let mut state = state.replace_backend(backend);
-		let options = TransactOptions { tracing: false, vm_tracing: false, check_nonce: false };
+		let options = TransactOptions::with_no_tracing().dont_check_nonce();
 		let res = Executive::new(&mut state, &env_info, &*self.engine).transact(&transaction, options);
 
 		match res {
diff --git a/ethcore/src/client/evm_test_client.rs b/ethcore/src/client/evm_test_client.rs
index cd8501c31..a455a3724 100644
--- a/ethcore/src/client/evm_test_client.rs
+++ b/ethcore/src/client/evm_test_client.rs
@@ -18,9 +18,9 @@
 
 use std::fmt;
 use std::sync::Arc;
-use util::{self, U256, journaldb, trie};
+use util::{self, U256, H256, journaldb, trie};
 use util::kvdb::{self, KeyValueDB};
-use {state, state_db, client, executive, trace, db, spec};
+use {state, state_db, client, executive, trace, transaction, db, spec, pod_state};
 use factory::Factories;
 use evm::{self, VMType};
 use vm::{self, ActionParams};
@@ -33,9 +33,17 @@ pub enum EvmTestError {
 	/// EVM error.
 	Evm(vm::Error),
 	/// Initialization error.
-	Initialization(::error::Error),
+	ClientError(::error::Error),
 	/// Low-level database error.
 	Database(String),
+	/// Post-condition failure,
+	PostCondition(String),
+}
+
+impl<E: Into<::error::Error>> From<E> for EvmTestError {
+	fn from(err: E) -> Self {
+		EvmTestError::ClientError(err.into())
+	}
 }
 
 impl fmt::Display for EvmTestError {
@@ -45,52 +53,114 @@ impl fmt::Display for EvmTestError {
 		match *self {
 			Trie(ref err) => write!(fmt, "Trie: {}", err),
 			Evm(ref err) => write!(fmt, "EVM: {}", err),
-			Initialization(ref err) => write!(fmt, "Initialization: {}", err),
+			ClientError(ref err) => write!(fmt, "{}", err),
 			Database(ref err) => write!(fmt, "DB: {}", err),
+			PostCondition(ref err) => write!(fmt, "{}", err),
 		}
 	}
 }
 
-/// Simplified, single-block EVM test client.
-pub struct EvmTestClient {
-	state_db: state_db::StateDB,
-	factories: Factories,
-	spec: spec::Spec,
+use ethereum;
+use ethjson::state::test::ForkSpec;
+
+lazy_static! {
+	pub static ref FRONTIER: spec::Spec = ethereum::new_frontier_test();
+	pub static ref HOMESTEAD: spec::Spec = ethereum::new_homestead_test();
+	pub static ref EIP150: spec::Spec = ethereum::new_eip150_test();
+	pub static ref EIP161: spec::Spec = ethereum::new_eip161_test();
+	pub static ref _METROPOLIS: spec::Spec = ethereum::new_metropolis_test();
 }
 
-impl EvmTestClient {
-	/// Creates new EVM test client with in-memory DB initialized with genesis of given Spec.
-	pub fn new(spec: spec::Spec) -> Result<Self, EvmTestError> {
-		let factories = Factories {
-			vm: evm::Factory::new(VMType::Interpreter, 5 * 1024),
-			trie: trie::TrieFactory::new(trie::TrieSpec::Secure),
-			accountdb: Default::default(),
-		};
-		let db = Arc::new(kvdb::in_memory(db::NUM_COLUMNS.expect("We use column-based DB; qed")));
-		let journal_db = journaldb::new(db.clone(), journaldb::Algorithm::EarlyMerge, db::COL_STATE);
-		let mut state_db = state_db::StateDB::new(journal_db, 5 * 1024 * 1024);
-		state_db = spec.ensure_db_good(state_db, &factories).map_err(EvmTestError::Initialization)?;
-		// Write DB
-		{
-			let mut batch = kvdb::DBTransaction::new();
-			state_db.journal_under(&mut batch, 0, &spec.genesis_header().hash()).map_err(|e| EvmTestError::Initialization(e.into()))?;
-			db.write(batch).map_err(EvmTestError::Database)?;
+/// Simplified, single-block EVM test client.
+pub struct EvmTestClient<'a> {
+	state: state::State<state_db::StateDB>,
+	spec: &'a spec::Spec,
+}
+
+impl<'a> EvmTestClient<'a> {
+	/// Converts a json spec definition into spec.
+	pub fn spec_from_json(spec: &ForkSpec) -> Option<&'static spec::Spec> {
+		match *spec {
+			ForkSpec::Frontier => Some(&*FRONTIER),
+			ForkSpec::Homestead => Some(&*HOMESTEAD),
+			ForkSpec::EIP150 => Some(&*EIP150),
+			ForkSpec::EIP158 => Some(&*EIP161),
+			ForkSpec::Metropolis | ForkSpec::Byzantium | ForkSpec::Constantinople => None,
 		}
+	}
+
+	/// Creates new EVM test client with in-memory DB initialized with genesis of given Spec.
+	pub fn new(spec: &'a spec::Spec) -> Result<Self, EvmTestError> {
+		let factories = Self::factories();
+		let state =	Self::state_from_spec(spec, &factories)?;
 
 		Ok(EvmTestClient {
-			state_db,
-			factories,
+			state,
 			spec,
 		})
 	}
 
-	/// Call given contract.
+	/// Creates new EVM test client with in-memory DB initialized with given PodState.
+	pub fn from_pod_state(spec: &'a spec::Spec, pod_state: pod_state::PodState) -> Result<Self, EvmTestError> {
+		let factories = Self::factories();
+		let state =	Self::state_from_pod(spec, &factories, pod_state)?;
+
+		Ok(EvmTestClient {
+			state,
+			spec,
+		})
+	}
+
+	fn factories() -> Factories {
+		Factories {
+			vm: evm::Factory::new(VMType::Interpreter, 5 * 1024),
+			trie: trie::TrieFactory::new(trie::TrieSpec::Secure),
+			accountdb: Default::default(),
+		}
+	}
+
+	fn state_from_spec(spec: &'a spec::Spec, factories: &Factories) -> Result<state::State<state_db::StateDB>, EvmTestError> {
+		let db = Arc::new(kvdb::in_memory(db::NUM_COLUMNS.expect("We use column-based DB; qed")));
+		let journal_db = journaldb::new(db.clone(), journaldb::Algorithm::EarlyMerge, db::COL_STATE);
+		let mut state_db = state_db::StateDB::new(journal_db, 5 * 1024 * 1024);
+		state_db = spec.ensure_db_good(state_db, factories)?;
+
+		let genesis = spec.genesis_header();
+		// Write DB
+		{
+			let mut batch = kvdb::DBTransaction::new();
+			state_db.journal_under(&mut batch, 0, &genesis.hash())?;
+			db.write(batch).map_err(EvmTestError::Database)?;
+		}
+
+		state::State::from_existing(
+			state_db,
+			*genesis.state_root(),
+			spec.engine.account_start_nonce(0),
+			factories.clone()
+		).map_err(EvmTestError::Trie)
+	}
+
+	fn state_from_pod(spec: &'a spec::Spec, factories: &Factories, pod_state: pod_state::PodState) -> Result<state::State<state_db::StateDB>, EvmTestError> {
+		let db = Arc::new(kvdb::in_memory(db::NUM_COLUMNS.expect("We use column-based DB; qed")));
+		let journal_db = journaldb::new(db.clone(), journaldb::Algorithm::EarlyMerge, db::COL_STATE);
+		let state_db = state_db::StateDB::new(journal_db, 5 * 1024 * 1024);
+		let mut state = state::State::new(
+			state_db,
+			spec.engine.account_start_nonce(0),
+			factories.clone(),
+		);
+		state.populate_from(pod_state);
+		state.commit()?;
+		Ok(state)
+	}
+
+	/// Execute the VM given ActionParams and tracer.
+	/// Returns amount of gas left and the output.
 	pub fn call<T: trace::VMTracer>(&mut self, params: ActionParams, vm_tracer: &mut T)
 		-> Result<(U256, Vec<u8>), EvmTestError>
 	{
 		let genesis = self.spec.genesis_header();
-		let mut state = state::State::from_existing(self.state_db.boxed_clone(), *genesis.state_root(), self.spec.engine.account_start_nonce(0), self.factories.clone())
-			.map_err(EvmTestError::Trie)?;
 		let info = client::EnvInfo {
 			number: genesis.number(),
 			author: *genesis.author(),
@@ -103,7 +173,7 @@ impl EvmTestClient {
 		let mut substate = state::Substate::new();
 		let mut tracer = trace::NoopTracer;
 		let mut output = vec![];
-		let mut executive = executive::Executive::new(&mut state, &info, &*self.spec.engine);
+		let mut executive = executive::Executive::new(&mut self.state, &info, &*self.spec.engine);
 		let (gas_left, _) = executive.call(
 			params,
 			&mut substate,
@@ -114,4 +184,59 @@ impl EvmTestClient {
 
 		Ok((gas_left, output))
 	}
+
+	/// Executes a SignedTransaction within context of the provided state and `EnvInfo`.
+	/// Returns the state root, gas left and the output.
+	pub fn transact<T: trace::VMTracer>(
+		&mut self,
+		env_info: &client::EnvInfo,
+		transaction: transaction::SignedTransaction,
+		vm_tracer: T,
+	) -> TransactResult {
+		let initial_gas = transaction.gas;
+		// Verify transaction
+		let is_ok = transaction.verify_basic(true, None, env_info.number >= self.spec.engine.params().eip86_transition);
+		if let Err(error) = is_ok {
+			return TransactResult::Err {
+				state_root: *self.state.root(),
+				error,
+			};
+		}
+
+		// Apply transaction
+		let tracer = trace::NoopTracer;
+		let result = self.state.apply_with_tracing(&env_info, &*self.spec.engine, &transaction, tracer, vm_tracer);
+
+		match result {
+			Ok(result) => TransactResult::Ok {
+				state_root: *self.state.root(),
+				gas_left: initial_gas - result.receipt.gas_used,
+				output: result.output
+			},
+			Err(error) => TransactResult::Err {
+				state_root: *self.state.root(),
+				error,
+			},
+		}
+	}
+}
+
+/// A result of applying transaction to the state.
+pub enum TransactResult {
+	/// Successful execution
+	Ok {
+		/// State root
+		state_root: H256,
+		/// Amount of gas left
+		gas_left: U256,
+		/// Output
+		output: Vec<u8>,
+	},
+	/// Transaction failed to run
+	Err {
+		/// State root
+		state_root: H256,
+		/// Execution error
+		error: ::error::Error,
+	},
 }
diff --git a/ethcore/src/client/mod.rs b/ethcore/src/client/mod.rs
index f7c7417ad..9377c2f44 100644
--- a/ethcore/src/client/mod.rs
+++ b/ethcore/src/client/mod.rs
@@ -27,7 +27,7 @@ mod client;
 pub use self::client::*;
 pub use self::config::{Mode, ClientConfig, DatabaseCompactionProfile, BlockChainConfig, VMType};
 pub use self::error::Error;
-pub use self::evm_test_client::{EvmTestClient, EvmTestError};
+pub use self::evm_test_client::{EvmTestClient, EvmTestError, TransactResult};
 pub use self::test_client::{TestBlockChainClient, EachBlockWith};
 pub use self::chain_notify::ChainNotify;
 pub use self::traits::{BlockChainClient, MiningBlockChainClient, EngineClient};
diff --git a/ethcore/src/executive.rs b/ethcore/src/executive.rs
index 8f2fb06f2..66a770243 100644
--- a/ethcore/src/executive.rs
+++ b/ethcore/src/executive.rs
@@ -26,7 +26,7 @@ use evm::{CallType, Factory, Finalize, FinalizationResult};
 use vm::{self, Ext, CreateContractAddress, ReturnData, CleanDustMode, ActionParams, ActionValue};
 use wasm;
 use externalities::*;
-use trace::{FlatTrace, Tracer, NoopTracer, ExecutiveTracer, VMTrace, VMTracer, ExecutiveVMTracer, NoopVMTracer};
+use trace::{self, FlatTrace, VMTrace, Tracer, VMTracer};
 use transaction::{Action, SignedTransaction};
 use crossbeam;
 pub use executed::{Executed, ExecutionResult};
@@ -66,16 +66,77 @@ pub fn contract_address(address_scheme: CreateContractAddress, sender: &Address,
 }
 
 /// Transaction execution options.
-#[derive(Default, Copy, Clone, PartialEq)]
-pub struct TransactOptions {
+#[derive(Copy, Clone, PartialEq)]
+pub struct TransactOptions<T, V> {
 	/// Enable call tracing.
-	pub tracing: bool,
+	pub tracer: T,
 	/// Enable VM tracing.
-	pub vm_tracing: bool,
+	pub vm_tracer: V,
 	/// Check transaction nonce before execution.
 	pub check_nonce: bool,
 }
 
+impl<T, V> TransactOptions<T, V> {
+	/// Create new `TransactOptions` with given tracer and VM tracer.
+	pub fn new(tracer: T, vm_tracer: V) -> Self {
+		TransactOptions {
+			tracer,
+			vm_tracer,
+			check_nonce: true,
+		}
+	}
+
+	/// Disables the nonce check
+	pub fn dont_check_nonce(mut self) -> Self {
+		self.check_nonce = false;
+		self
+	}
+}
+
+impl TransactOptions<trace::ExecutiveTracer, trace::ExecutiveVMTracer> {
+	/// Creates new `TransactOptions` with default tracing and VM tracing.
+	pub fn with_tracing_and_vm_tracing() -> Self {
+		TransactOptions {
+			tracer: trace::ExecutiveTracer::default(),
+			vm_tracer: trace::ExecutiveVMTracer::toplevel(),
+			check_nonce: true,
+		}
+	}
+}
+
+impl TransactOptions<trace::ExecutiveTracer, trace::NoopVMTracer> {
+	/// Creates new `TransactOptions` with default tracing and no VM tracing.
+	pub fn with_tracing() -> Self {
+		TransactOptions {
+			tracer: trace::ExecutiveTracer::default(),
+			vm_tracer: trace::NoopVMTracer,
+			check_nonce: true,
+		}
+	}
+}
+
+impl TransactOptions<trace::NoopTracer, trace::ExecutiveVMTracer> {
+	/// Creates new `TransactOptions` with no tracing and default VM tracing.
+	pub fn with_vm_tracing() -> Self {
+		TransactOptions {
+			tracer: trace::NoopTracer,
+			vm_tracer: trace::ExecutiveVMTracer::toplevel(),
+			check_nonce: true,
+		}
+	}
+}
+
+impl TransactOptions<trace::NoopTracer, trace::NoopVMTracer> {
+	/// Creates new `TransactOptions` without any tracing.
+	pub fn with_no_tracing() -> Self {
+		TransactOptions {
+			tracer: trace::NoopTracer,
+			vm_tracer: trace::NoopVMTracer,
+			check_nonce: true,
+		}
+	}
+}
+
 pub fn executor<E>(engine: &E, vm_factory: &Factory, params: &ActionParams)
 	-> Box<vm::Vm> where E: Engine + ?Sized
 {
@@ -137,24 +198,18 @@ impl<'a, B: 'a + StateBackend, E: Engine + ?Sized> Executive<'a, B, E> {
 	}
 
 	/// This function should be used to execute transaction.
-	pub fn transact(&'a mut self, t: &SignedTransaction, options: TransactOptions) -> Result<Executed, ExecutionError> {
-		let check = options.check_nonce;
-		match options.tracing {
-			true => match options.vm_tracing {
-				true => self.transact_with_tracer(t, check, ExecutiveTracer::default(), ExecutiveVMTracer::toplevel()),
-				false => self.transact_with_tracer(t, check, ExecutiveTracer::default(), NoopVMTracer),
-			},
-			false => match options.vm_tracing {
-				true => self.transact_with_tracer(t, check, NoopTracer, ExecutiveVMTracer::toplevel()),
-				false => self.transact_with_tracer(t, check, NoopTracer, NoopVMTracer),
-			},
-		}
+	pub fn transact<T, V>(&'a mut self, t: &SignedTransaction, options: TransactOptions<T, V>)
+		-> Result<Executed, ExecutionError> where T: Tracer, V: VMTracer,
+	{
+		self.transact_with_tracer(t, options.check_nonce, options.tracer, options.vm_tracer)
 	}
 
 	/// Execute a transaction in a "virtual" context.
 	/// This will ensure the caller has enough balance to execute the desired transaction.
 	/// Used for extra-block executions for things like consensus contracts and RPCs
-	pub fn transact_virtual(&'a mut self, t: &SignedTransaction, options: TransactOptions) -> Result<Executed, ExecutionError> {
+	pub fn transact_virtual<T, V>(&'a mut self, t: &SignedTransaction, options: TransactOptions<T, V>)
+		-> Result<Executed, ExecutionError> where T: Tracer, V: VMTracer,
+	{
 		let sender = t.sender();
 		let balance = self.state.balance(&sender)?;
 		let needed_balance = t.value.saturating_add(t.gas.saturating_mul(t.gas_price));
@@ -167,7 +222,7 @@ impl<'a, B: 'a + StateBackend, E: Engine + ?Sized> Executive<'a, B, E> {
 	}
 
 	/// Execute transaction/call with tracing enabled
-	pub fn transact_with_tracer<T, V>(
+	fn transact_with_tracer<T, V>(
 		&'a mut self,
 		t: &SignedTransaction,
 		check_nonce: bool,
@@ -261,7 +316,7 @@ impl<'a, B: 'a + StateBackend, E: Engine + ?Sized> Executive<'a, B, E> {
 		};
 
 		// finalize here!
-		Ok(self.finalize(t, substate, result, output, tracer.traces(), vm_tracer.drain())?)
+		Ok(self.finalize(t, substate, result, output, tracer.drain(), vm_tracer.drain())?)
 	}
 
 	fn exec_vm<T, V>(
@@ -399,7 +454,7 @@ impl<'a, B: 'a + StateBackend, E: Engine + ?Sized> Executive<'a, B, E> {
 
 				trace!(target: "executive", "res={:?}", res);
 
-				let traces = subtracer.traces();
+				let traces = subtracer.drain();
 				match res {
 					Ok(ref res) => tracer.trace_call(
 						trace_info,
@@ -484,9 +539,9 @@ impl<'a, B: 'a + StateBackend, E: Engine + ?Sized> Executive<'a, B, E> {
 				gas - res.gas_left,
 				trace_output,
 				created,
-				subtracer.traces()
+				subtracer.drain()
 			),
-			Err(ref e) => tracer.trace_failed_create(trace_info, subtracer.traces(), e.into())
+			Err(ref e) => tracer.trace_failed_create(trace_info, subtracer.drain(), e.into())
 		};
 
 		self.enact_result(&res, substate, unconfirmed_substate);
@@ -794,7 +849,7 @@ mod tests {
 			}),
 		}];
 
-		assert_eq!(tracer.traces(), expected_trace);
+		assert_eq!(tracer.drain(), expected_trace);
 
 		let expected_vm_trace = VMTrace {
 			parent_step: 0,
@@ -887,7 +942,7 @@ mod tests {
 			}),
 		}];
 
-		assert_eq!(tracer.traces(), expected_trace);
+		assert_eq!(tracer.drain(), expected_trace);
 
 		let expected_vm_trace = VMTrace {
 			parent_step: 0,
@@ -1138,7 +1193,7 @@ mod tests {
 
 		let executed = {
 			let mut ex = Executive::new(&mut state, &info, &engine);
-			let opts = TransactOptions { check_nonce: true, tracing: false, vm_tracing: false };
+			let opts = TransactOptions::with_no_tracing();
 			ex.transact(&t, opts).unwrap()
 		};
 
@@ -1175,7 +1230,7 @@ mod tests {
 
 		let res = {
 			let mut ex = Executive::new(&mut state, &info, &engine);
-			let opts = TransactOptions { check_nonce: true, tracing: false, vm_tracing: false };
+			let opts = TransactOptions::with_no_tracing();
 			ex.transact(&t, opts)
 		};
 
@@ -1208,7 +1263,7 @@ mod tests {
 
 		let res = {
 			let mut ex = Executive::new(&mut state, &info, &engine);
-			let opts = TransactOptions { check_nonce: true, tracing: false, vm_tracing: false };
+			let opts = TransactOptions::with_no_tracing();
 			ex.transact(&t, opts)
 		};
 
@@ -1241,7 +1296,7 @@ mod tests {
 
 		let res = {
 			let mut ex = Executive::new(&mut state, &info, &engine);
-			let opts = TransactOptions { check_nonce: true, tracing: false, vm_tracing: false };
+			let opts = TransactOptions::with_no_tracing();
 			ex.transact(&t, opts)
 		};
 
diff --git a/ethcore/src/json_tests/state.rs b/ethcore/src/json_tests/state.rs
index 2fdf8875f..51961a2bb 100644
--- a/ethcore/src/json_tests/state.rs
+++ b/ethcore/src/json_tests/state.rs
@@ -15,23 +15,13 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use super::test_common::*;
-use tests::helpers::*;
 use pod_state::PodState;
-use ethereum;
-use spec::Spec;
+use trace;
+use client::{EvmTestClient, EvmTestError, TransactResult};
 use ethjson;
-use ethjson::state::test::ForkSpec;
 use transaction::SignedTransaction;
 use vm::EnvInfo;
 
-lazy_static! {
-	pub static ref FRONTIER: Spec = ethereum::new_frontier_test();
-	pub static ref HOMESTEAD: Spec = ethereum::new_homestead_test();
-	pub static ref EIP150: Spec = ethereum::new_eip150_test();
-	pub static ref EIP161: Spec = ethereum::new_eip161_test();
-	pub static ref _METROPOLIS: Spec = ethereum::new_metropolis_test();
-}
-
 pub fn json_chain_test(json_data: &[u8]) -> Vec<String> {
 	::ethcore_logger::init_log();
 	let tests = ethjson::state::test::Test::load(json_data).unwrap();
@@ -43,35 +33,49 @@ pub fn json_chain_test(json_data: &[u8]) -> Vec<String> {
 			let env: EnvInfo = test.env.into();
 			let pre: PodState = test.pre_state.into();
 
-			for (spec, states) in test.post_states {
+			for (spec_name, states) in test.post_states {
 				let total = states.len();
-				let engine = match spec {
-					ForkSpec::Frontier => &FRONTIER.engine,
-					ForkSpec::Homestead => &HOMESTEAD.engine,
-					ForkSpec::EIP150 => &EIP150.engine,
-					ForkSpec::EIP158 => &EIP161.engine,
-					ForkSpec::Metropolis => continue,
+				let spec = match EvmTestClient::spec_from_json(&spec_name) {
+					Some(spec) => spec,
+					None => {
+						println!("   - {} | {:?} Ignoring tests because of missing spec", name, spec_name);
+						continue;
+					}
 				};
 
 				for (i, state) in states.into_iter().enumerate() {
-					let info = format!("   - {} | {:?} ({}/{}) ...", name, spec, i + 1, total);
+					let info = format!("   - {} | {:?} ({}/{}) ...", name, spec_name, i + 1, total);
 
 					let post_root: H256 = state.hash.into();
 					let transaction: SignedTransaction = multitransaction.select(&state.indexes).into();
-					let mut state = get_temp_state();
-					state.populate_from(pre.clone());
-					if transaction.verify_basic(true, None, env.number >= engine.params().eip86_transition).is_ok() {
-						state.commit().expect(&format!("State test {} failed due to internal error.", name));
-						let _res = state.apply(&env, &**engine, &transaction, false);
-					} else {
-						let _rest = state.commit();
-					}
-					if state.root() != &post_root {
-						println!("{} !!! State mismatch (got: {}, expect: {}", info, state.root(), post_root);
-						flushln!("{} fail", info);
-						failed.push(name.clone());
-					} else {
-						flushln!("{} ok", info);
+
+					let result = || -> Result<_, EvmTestError> {
+						Ok(EvmTestClient::from_pod_state(spec, pre.clone())?
+							.transact(&env, transaction, trace::NoopVMTracer))
+					};
+					match result() {
+						Err(err) => {
+							println!("{} !!! Unexpected internal error: {:?}", info, err);
+							flushln!("{} fail", info);
+							failed.push(name.clone());
+						},
+						Ok(TransactResult::Ok { state_root, .. }) if state_root != post_root => {
+							println!("{} !!! State mismatch (got: {}, expect: {}", info, state_root, post_root);
+							flushln!("{} fail", info);
+							failed.push(name.clone());
+						},
+						Ok(TransactResult::Err { state_root, ref error }) if state_root != post_root => {
+							println!("{} !!! State mismatch (got: {}, expect: {}", info, state_root, post_root);
+							println!("{} !!! Execution error: {:?}", info, error);
+							flushln!("{} fail", info);
+							failed.push(name.clone());
+						},
+						Ok(TransactResult::Err { error, .. }) => {
+							flushln!("{} ok ({:?})", info, error);
+						},
+						Ok(_) => {
+							flushln!("{} ok", info);
+						},
 					}
 				}
 			}
diff --git a/ethcore/src/state/mod.rs b/ethcore/src/state/mod.rs
index ad884d91b..1b36c91ec 100644
--- a/ethcore/src/state/mod.rs
+++ b/ethcore/src/state/mod.rs
@@ -31,7 +31,7 @@ use vm::EnvInfo;
 use error::Error;
 use executive::{Executive, TransactOptions};
 use factory::Factories;
-use trace::FlatTrace;
+use trace::{self, FlatTrace, VMTrace};
 use pod_account::*;
 use pod_state::{self, PodState};
 use types::basic_account::BasicAccount;
@@ -59,8 +59,12 @@ pub use self::substate::Substate;
 pub struct ApplyOutcome {
 	/// The receipt for the applied transaction.
 	pub receipt: Receipt,
-	/// The trace for the applied transaction, if None if tracing is disabled.
+	/// The output of the applied transaction.
+	pub output: Bytes,
+	/// The trace for the applied transaction, empty if tracing was not produced.
 	pub trace: Vec<FlatTrace>,
+	/// The VM trace for the applied transaction, None if tracing was not produced.
+	pub vm_trace: Option<VMTrace>
 }
 
 /// Result type for the execution ("application") of a transaction.
@@ -205,7 +209,7 @@ pub fn check_proof(
 		Err(_) => return ProvedExecution::BadProof,
 	};
 
-	match state.execute(env_info, engine, transaction, false, true) {
+	match state.execute(env_info, engine, transaction, TransactOptions::with_no_tracing(), true) {
 		Ok(executed) => ProvedExecution::Complete(executed),
 		Err(ExecutionError::Internal(_)) => ProvedExecution::BadProof,
 		Err(e) => ProvedExecution::Failed(e),
@@ -290,7 +294,7 @@ const SEC_TRIE_DB_UNWRAP_STR: &'static str = "A state can only be created with v
 
 impl<B: Backend> State<B> {
 	/// Creates new state with empty state root
-	#[cfg(test)]
+	/// Used for tests.
 	pub fn new(mut db: B, account_start_nonce: U256, factories: Factories) -> State<B> {
 		let mut root = H256::new();
 		{
@@ -623,29 +627,57 @@ impl<B: Backend> State<B> {
 	/// Execute a given transaction, producing a receipt and an optional trace.
 	/// This will change the state accordingly.
 	pub fn apply(&mut self, env_info: &EnvInfo, engine: &Engine, t: &SignedTransaction, tracing: bool) -> ApplyResult {
-//		let old = self.to_pod();
+		if tracing {
+			let options = TransactOptions::with_tracing();
+			self.apply_with_tracing(env_info, engine, t, options.tracer, options.vm_tracer)
+		} else {
+			let options = TransactOptions::with_no_tracing();
+			self.apply_with_tracing(env_info, engine, t, options.tracer, options.vm_tracer)
+		}
+	}
+
+	/// Execute a given transaction with given tracer and VM tracer producing a receipt and an optional trace.
+	/// This will change the state accordingly.
+	pub fn apply_with_tracing<V, T>(
+		&mut self,
+		env_info: &EnvInfo,
+		engine: &Engine,
+		t: &SignedTransaction,
+		tracer: T,
+		vm_tracer: V,
+	) -> ApplyResult where
+		T: trace::Tracer,
+		V: trace::VMTracer,
+	{
+		let options = TransactOptions::new(tracer, vm_tracer);
+		let e = self.execute(env_info, engine, t, options, false)?;
 
-		let e = self.execute(env_info, engine, t, tracing, false)?;
-//		trace!("Applied transaction. Diff:\n{}\n", state_diff::diff_pod(&old, &self.to_pod()));
 		let state_root = if env_info.number < engine.params().eip98_transition || env_info.number < engine.params().validate_receipts_transition {
 			self.commit()?;
 			Some(self.root().clone())
 		} else {
 			None
 		};
+
+		let output = e.output;
 		let receipt = Receipt::new(state_root, e.cumulative_gas_used, e.logs);
 		trace!(target: "state", "Transaction receipt: {:?}", receipt);
-		Ok(ApplyOutcome{receipt: receipt, trace: e.trace})
+
+		Ok(ApplyOutcome {
+			receipt,
+			output,
+			trace: e.trace,
+			vm_trace: e.vm_trace,
+		})
 	}
 
 	// Execute a given transaction without committing changes.
 	//
 	// `virt` signals that we are executing outside of a block set and restrictions like
 	// gas limits and gas costs should be lifted.
-	fn execute(&mut self, env_info: &EnvInfo, engine: &Engine, t: &SignedTransaction, tracing: bool, virt: bool)
-		-> Result<Executed, ExecutionError>
+	fn execute<T, V>(&mut self, env_info: &EnvInfo, engine: &Engine, t: &SignedTransaction, options: TransactOptions<T, V>, virt: bool)
+		-> Result<Executed, ExecutionError> where T: trace::Tracer, V: trace::VMTracer,
 	{
-		let options = TransactOptions { tracing: tracing, vm_tracing: false, check_nonce: true };
 		let mut e = Executive::new(self, env_info, engine);
 
 		match virt {
@@ -730,9 +762,8 @@ impl<B: Backend> State<B> {
 		Ok(())
 	}
 
-	#[cfg(test)]
-	#[cfg(feature = "json-tests")]
 	/// Populate the state from `accounts`.
+	/// Used for tests.
 	pub fn populate_from(&mut self, accounts: PodState) {
 		assert!(self.checkpoints.borrow().is_empty());
 		for (add, acc) in accounts.drain().into_iter() {
diff --git a/ethcore/src/tests/client.rs b/ethcore/src/tests/client.rs
index 639fce3ab..ea7dd32f5 100644
--- a/ethcore/src/tests/client.rs
+++ b/ethcore/src/tests/client.rs
@@ -19,7 +19,7 @@ use std::sync::Arc;
 use io::IoChannel;
 use client::{BlockChainClient, MiningBlockChainClient, Client, ClientConfig, BlockId};
 use state::{self, State, CleanupMode};
-use executive::Executive;
+use executive::{Executive, TransactOptions};
 use ethereum;
 use block::IsBlock;
 use tests::helpers::*;
@@ -361,7 +361,7 @@ fn transaction_proof() {
 
 	let mut state = State::from_existing(backend, root, 0.into(), factories.clone()).unwrap();
 	Executive::new(&mut state, &client.latest_env_info(), &*test_spec.engine)
-		.transact(&transaction, Default::default()).unwrap();
+		.transact(&transaction, TransactOptions::with_no_tracing().dont_check_nonce()).unwrap();
 
 	assert_eq!(state.balance(&Address::default()).unwrap(), 5.into());
 	assert_eq!(state.balance(&address).unwrap(), 95.into());
diff --git a/ethcore/src/trace/executive_tracer.rs b/ethcore/src/trace/executive_tracer.rs
index 860c74223..ba4d0eff9 100644
--- a/ethcore/src/trace/executive_tracer.rs
+++ b/ethcore/src/trace/executive_tracer.rs
@@ -167,7 +167,7 @@ impl Tracer for ExecutiveTracer {
 		ExecutiveTracer::default()
 	}
 
-	fn traces(self) -> Vec<FlatTrace> {
+	fn drain(self) -> Vec<FlatTrace> {
 		self.traces
 	}
 }
diff --git a/ethcore/src/trace/mod.rs b/ethcore/src/trace/mod.rs
index be830430b..c749bfd82 100644
--- a/ethcore/src/trace/mod.rs
+++ b/ethcore/src/trace/mod.rs
@@ -85,7 +85,7 @@ pub trait Tracer: Send {
 	fn subtracer(&self) -> Self where Self: Sized;
 
 	/// Consumes self and returns all traces.
-	fn traces(self) -> Vec<FlatTrace>;
+	fn drain(self) -> Vec<FlatTrace>;
 }
 
 /// Used by executive to build VM traces.
diff --git a/ethcore/src/trace/noop_tracer.rs b/ethcore/src/trace/noop_tracer.rs
index 2c0e1b830..03d6f57a0 100644
--- a/ethcore/src/trace/noop_tracer.rs
+++ b/ethcore/src/trace/noop_tracer.rs
@@ -62,7 +62,7 @@ impl Tracer for NoopTracer {
 		NoopTracer
 	}
 
-	fn traces(self) -> Vec<FlatTrace> {
+	fn drain(self) -> Vec<FlatTrace> {
 		vec![]
 	}
 }
diff --git a/evmbin/Cargo.toml b/evmbin/Cargo.toml
index 698646a3c..5538e10cc 100644
--- a/evmbin/Cargo.toml
+++ b/evmbin/Cargo.toml
@@ -14,6 +14,7 @@ docopt = "0.8"
 serde = "1.0"
 serde_derive = "1.0"
 ethcore = { path = "../ethcore" }
+ethjson = { path = "../json" }
 ethcore-util = { path = "../util" }
 evm = { path = "../ethcore/evm" }
 vm = { path = "../ethcore/vm" }
diff --git a/evmbin/src/display/json.rs b/evmbin/src/display/json.rs
index e259eec7a..39147ffa3 100644
--- a/evmbin/src/display/json.rs
+++ b/evmbin/src/display/json.rs
@@ -30,10 +30,8 @@ pub struct Informant {
 	depth: usize,
 	pc: usize,
 	instruction: u8,
-	name: &'static str,
 	gas_cost: U256,
 	gas_used: U256,
-	stack_pop: usize,
 	stack: Vec<U256>,
 	memory: Vec<u8>,
 	storage: HashMap<H256, H256>,
@@ -58,11 +56,19 @@ impl Informant {
 }
 
 impl vm::Informant for Informant {
+	fn before_test(&self, name: &str, action: &str) {
+		println!(
+			"{{\"test\":\"{name}\",\"action\":\"{action}\"}}",
+			name = name,
+			action = action,
+		);
+	}
+
 	fn set_gas(&mut self, gas: U256) {
 		self.gas_used = gas;
 	}
 
-	fn finish(&mut self, result: Result<vm::Success, vm::Failure>) {
+	fn finish(result: Result<vm::Success, vm::Failure>) {
 		match result {
 			Ok(success) => println!(
 				"{{\"output\":\"0x{output}\",\"gasUsed\":\"{gas:x}\",\"time\":{time}}}",
@@ -112,7 +118,7 @@ impl trace::VMTracer for Informant {
 		self.gas_used = gas_used;
 
 		let len = self.stack.len();
-		self.stack.truncate(len - info.args);
+		self.stack.truncate(if len > info.args { len - info.args } else { 0 });
 		self.stack.extend_from_slice(stack_push);
 
 		if let Some((pos, data)) = mem_diff {
diff --git a/evmbin/src/display/simple.rs b/evmbin/src/display/simple.rs
index b03f97c8d..bb4ecc127 100644
--- a/evmbin/src/display/simple.rs
+++ b/evmbin/src/display/simple.rs
@@ -27,7 +27,11 @@ use info as vm;
 pub struct Informant;
 
 impl vm::Informant for Informant {
-	fn finish(&mut self, result: Result<vm::Success, vm::Failure>) {
+	fn before_test(&self, name: &str, action: &str) {
+		println!("Test: {} ({})", name, action);
+	}
+
+	fn finish(result: Result<vm::Success, vm::Failure>) {
 		match result {
 			Ok(success) => {
 				println!("Output: 0x{}", success.output.to_hex());
diff --git a/evmbin/src/info.rs b/evmbin/src/info.rs
index 617ebc7b9..3392cb441 100644
--- a/evmbin/src/info.rs
+++ b/evmbin/src/info.rs
@@ -17,17 +17,19 @@
 //! VM runner.
 
 use std::time::{Instant, Duration};
-use util::U256;
-use ethcore::{trace, spec};
-use ethcore::client::{EvmTestClient, EvmTestError};
-use vm::ActionParams;
+use util::{U256, H256};
+use ethcore::{trace, spec, transaction, pod_state};
+use ethcore::client::{self, EvmTestClient, EvmTestError, TransactResult};
+use ethjson;
 
 /// VM execution informant
 pub trait Informant: trace::VMTracer {
+	/// Display a single run init message
+	fn before_test(&self, test: &str, action: &str);
 	/// Set initial gas.
 	fn set_gas(&mut self, _gas: U256) {}
 	/// Display final result.
-	fn finish(&mut self, result: Result<Success, Failure>);
+	fn finish(result: Result<Success, Failure>);
 }
 
 /// Execution finished correctly
@@ -50,17 +52,71 @@ pub struct Failure {
 	pub time: Duration,
 }
 
+/// Execute given Transaction and verify resulting state root.
+pub fn run_transaction<T: Informant>(
+	name: &str,
+	idx: usize,
+	spec: &ethjson::state::test::ForkSpec,
+	pre_state: &pod_state::PodState,
+	post_root: H256,
+	env_info: &client::EnvInfo,
+	transaction: transaction::SignedTransaction,
+	mut informant: T,
+) {
+	let spec_name = format!("{:?}", spec).to_lowercase();
+	let spec = match EvmTestClient::spec_from_json(spec) {
+		Some(spec) => {
+			informant.before_test(&format!("{}:{}:{}", name, spec_name, idx), "starting");
+			spec
+		},
+		None => {
+			informant.before_test(&format!("{}:{}:{}", name, spec_name, idx), "skipping because of missing spec");
+			return;
+		},
+	};
+
+	informant.set_gas(env_info.gas_limit);
+
+	let result = run(spec, env_info.gas_limit, pre_state, |mut client| {
+		let result = client.transact(env_info, transaction, informant);
+		match result {
+			TransactResult::Ok { state_root, .. } if state_root != post_root => {
+				Err(EvmTestError::PostCondition(format!(
+					"State root mismatch (got: {}, expected: {})",
+					state_root,
+					post_root,
+				)))
+			},
+			TransactResult::Ok { gas_left, output, .. } => {
+				Ok((gas_left, output))
+			},
+			TransactResult::Err { error, .. } => {
+				Err(EvmTestError::PostCondition(format!(
+					"Unexpected execution error: {:?}", error
+				)))
+			},
+		}
+	});
+
+	T::finish(result)
+}
+
 /// Execute VM with given `ActionParams`
-pub fn run<T: trace::VMTracer>(vm_tracer: &mut T, spec: spec::Spec, params: ActionParams) -> Result<Success, Failure> {
-	let mut test_client = EvmTestClient::new(spec).map_err(|error| Failure {
+pub fn run<'a, F, T>(spec: &'a spec::Spec, initial_gas: U256, pre_state: T, run: F) -> Result<Success, Failure> where
+	F: FnOnce(EvmTestClient) -> Result<(U256, Vec<u8>), EvmTestError>,
+	T: Into<Option<&'a pod_state::PodState>>,
+{
+	let test_client = match pre_state.into() {
+		Some(pre_state) => EvmTestClient::from_pod_state(spec, pre_state.clone()),
+		None => EvmTestClient::new(spec),
+	}.map_err(|error| Failure {
 		gas_used: 0.into(),
 		error,
 		time: Duration::from_secs(0)
 	})?;
 
-	let initial_gas = params.gas;
 	let start = Instant::now();
-	let result = test_client.call(params, vm_tracer);
+	let result = run(test_client);
 	let duration = start.elapsed();
 
 	match result {
diff --git a/evmbin/src/main.rs b/evmbin/src/main.rs
index bad0ef1f0..5eb43ed61 100644
--- a/evmbin/src/main.rs
+++ b/evmbin/src/main.rs
@@ -17,8 +17,9 @@
 //! Parity EVM interpreter binary.
 
 #![warn(missing_docs)]
-#![allow(dead_code)]
+
 extern crate ethcore;
+extern crate ethjson;
 extern crate rustc_hex;
 extern crate serde;
 #[macro_use]
@@ -31,6 +32,7 @@ extern crate panic_hook;
 
 use std::sync::Arc;
 use std::{fmt, fs};
+use std::path::PathBuf;
 use docopt::Docopt;
 use rustc_hex::FromHex;
 use util::{U256, Bytes, Address};
@@ -47,6 +49,7 @@ EVM implementation for Parity.
   Copyright 2016, 2017 Parity Technologies (UK) Ltd
 
 Usage:
+    parity-evm state-test <file> [--json --only NAME --chain CHAIN]
     parity-evm stats [options]
     parity-evm [options]
     parity-evm [-h | --help]
@@ -59,6 +62,10 @@ Transaction options:
     --gas GAS          Supplied gas as hex (without 0x).
     --gas-price WEI    Supplied gas price as hex (without 0x).
 
+State test options:
+    --only NAME        Runs only a single test matching the name.
+    --chain CHAIN      Run only tests from specific chain.
+
 General options:
     --json             Display verbose results in JSON.
     --chain CHAIN      Chain spec file path.
@@ -71,20 +78,67 @@ fn main() {
 
 	let args: Args = Docopt::new(USAGE).and_then(|d| d.deserialize()).unwrap_or_else(|e| e.exit());
 
-	if args.flag_json {
-		run(args, display::json::Informant::default())
+	if args.cmd_state_test {
+		run_state_test(args)
+	} else if args.flag_json {
+		run_call(args, display::json::Informant::default())
 	} else {
-		run(args, display::simple::Informant::default())
+		run_call(args, display::simple::Informant::default())
 	}
 }
 
-fn run<T: Informant>(args: Args, mut informant: T) {
+fn run_state_test(args: Args) {
+	use ethjson::state::test::Test;
+
+	let file = args.arg_file.expect("FILE is required");
+	let mut file = match fs::File::open(&file) {
+		Err(err) => die(format!("Unable to open: {:?}: {}", file, err)),
+		Ok(file) => file,
+	};
+	let state_test = match Test::load(&mut file) {
+		Err(err) => die(format!("Unable to load the test file: {}", err)),
+		Ok(test) => test,
+	};
+	let only_test = args.flag_only.map(|s| s.to_lowercase());
+	let only_chain = args.flag_chain.map(|s| s.to_lowercase());
+
+	for (name, test) in state_test {
+		if let Some(false) = only_test.as_ref().map(|only_test| &name.to_lowercase() == only_test) {
+			continue;
+		}
+
+		let multitransaction = test.transaction;
+		let env_info = test.env.into();
+		let pre = test.pre_state.into();
+
+		for (spec, states) in test.post_states {
+			if let Some(false) = only_chain.as_ref().map(|only_chain| &format!("{:?}", spec).to_lowercase() == only_chain) {
+				continue;
+			}
+
+			for (idx, state) in states.into_iter().enumerate() {
+				let post_root = state.hash.into();
+				let transaction = multitransaction.select(&state.indexes).into();
+
+				if args.flag_json {
+					let i = display::json::Informant::default();
+					info::run_transaction(&name, idx, &spec, &pre, post_root, &env_info, transaction, i)
+				} else {
+					let i = display::simple::Informant::default();
+					info::run_transaction(&name, idx, &spec, &pre, post_root, &env_info, transaction, i)
+				}
+			}
+		}
+	}
+}
+
+fn run_call<T: Informant>(args: Args, mut informant: T) {
 	let from = arg(args.from(), "--from");
 	let to = arg(args.to(), "--to");
 	let code = arg(args.code(), "--code");
 	let spec = arg(args.spec(), "--chain");
 	let gas = arg(args.gas(), "--gas");
-	let gas_price = arg(args.gas(), "--gas-price");
+	let gas_price = arg(args.gas_price(), "--gas-price");
 	let data = arg(args.data(), "--input");
 
 	if code.is_none() && to == Address::default() {
@@ -103,13 +157,18 @@ fn run<T: Informant>(args: Args, mut informant: T) {
 	params.data = data;
 
 	informant.set_gas(gas);
-	let result = info::run(&mut informant, spec, params);
-	informant.finish(result);
+	let result = info::run(&spec, gas, None, |mut client| {
+		client.call(params, &mut informant)
+	});
+	T::finish(result);
 }
 
 #[derive(Debug, Deserialize)]
 struct Args {
 	cmd_stats: bool,
+	cmd_state_test: bool,
+	arg_file: Option<PathBuf>,
+	flag_only: Option<String>,
 	flag_from: Option<String>,
 	flag_to: Option<String>,
 	flag_code: Option<String>,
@@ -221,4 +280,22 @@ mod tests {
 		assert_eq!(args.data(), Ok(Some(vec![06])));
 		assert_eq!(args.flag_chain, Some("./testfile".to_owned()));
 	}
+
+	#[test]
+	fn should_parse_state_test_command() {
+		let args = run(&[
+			"parity-evm",
+			"state-test",
+			"./file.json",
+			"--chain", "homestead",
+			"--only=add11",
+			"--json",
+		]);
+
+		assert_eq!(args.cmd_state_test, true);
+		assert!(args.arg_file.is_some());
+		assert_eq!(args.flag_json, true);
+		assert_eq!(args.flag_chain, Some("homestead".to_owned()));
+		assert_eq!(args.flag_only, Some("add11".to_owned()));
+	}
 }
diff --git a/json/src/state/test.rs b/json/src/state/test.rs
index ceaccfd17..a63b8ee8d 100644
--- a/json/src/state/test.rs
+++ b/json/src/state/test.rs
@@ -104,7 +104,10 @@ pub enum ForkSpec {
 	EIP158,
 	Frontier,
 	Homestead,
+	// TODO [ToDr] Deprecated
 	Metropolis,
+	Byzantium,
+	Constantinople,
 }
 
 /// State test indexes deserialization.
@@ -161,7 +164,7 @@ mod tests {
 				"EIP150" : [
 					{
 						"hash" : "3e6dacc1575c6a8c76422255eca03529bbf4c0dda75dfc110b22d6dc4152396f",
-						"indexes" : { "data" : 0, "gas" : 0,  "value" : 0 } 
+						"indexes" : { "data" : 0, "gas" : 0,  "value" : 0 }
 					},
 					{
 						"hash" : "99a450d8ce5b987a71346d8a0a1203711f770745c7ef326912e46761f14cd764",

From 8019d222a71308ec718cd70db4ecef1aa878099c Mon Sep 17 00:00:00 2001
From: debris <marek.kotewicz@gmail.com>
Date: Mon, 28 Aug 2017 15:08:16 +0200
Subject: [PATCH 109/112] fixed TrieDb::seek accordingly to review suggestions

---
 util/src/memorydb.rs    |  7 +++++--
 util/src/trie/triedb.rs | 32 +++++++++++---------------------
 2 files changed, 16 insertions(+), 23 deletions(-)

diff --git a/util/src/memorydb.rs b/util/src/memorydb.rs
index 14d3cb639..6c9cb63fe 100644
--- a/util/src/memorydb.rs
+++ b/util/src/memorydb.rs
@@ -182,8 +182,11 @@ impl HashDB for MemoryDB {
 
 	fn keys(&self) -> HashMap<H256, i32> {
 		self.data.iter()
-			.filter(|&(_, v)| v.1 != 0)
-			.map(|(k, v)| (*k, v.1))
+			.filter_map(|(k, v)| if v.1 != 0 {
+				Some((*k, v.1))
+			} else {
+				None
+			})
 			.collect()
 	}
 
diff --git a/util/src/trie/triedb.rs b/util/src/trie/triedb.rs
index b98d0b33a..3e62550ba 100644
--- a/util/src/trie/triedb.rs
+++ b/util/src/trie/triedb.rs
@@ -217,14 +217,9 @@ impl<'a> TrieDBIterator<'a> {
 		Ok(r)
 	}
 
-	fn seek_descend<'key>(&mut self, mut node_data: DBValue, mut key: NibbleSlice<'key>) -> super::Result<()> {
-		enum Step {
-			Descend(DBValue, usize),
-			Return,
-		}
-
+	fn seek<'key>(&mut self, mut node_data: DBValue, mut key: NibbleSlice<'key>) -> super::Result<()> {
 		loop {
-			let step = {
+			let (data, mid) = {
 				let node = Node::decoded(&node_data);
 				match node {
 					Node::Leaf(slice, _) => {
@@ -241,7 +236,7 @@ impl<'a> TrieDBIterator<'a> {
 						}
 
 						self.key_nibbles.extend(slice.iter());
-						Step::Return
+						return Ok(())
 					},
 					Node::Extension(ref slice, ref item) => {
 						if key.starts_with(slice) {
@@ -251,10 +246,10 @@ impl<'a> TrieDBIterator<'a> {
 							});
 							self.key_nibbles.extend(slice.iter());
 							let data = self.db.get_raw_or_lookup(&*item)?;
-							Step::Descend(data, slice.len())
+							(data, slice.len())
 						} else {
 							self.descend(&node_data)?;
-							Step::Return
+							return Ok(())
 						}
 					},
 					Node::Branch(ref nodes, _) => match key.is_empty() {
@@ -263,7 +258,7 @@ impl<'a> TrieDBIterator<'a> {
 								status: Status::At,
 								node: node.clone().into(),
 							});
-							Step::Return
+							return Ok(())
 						},
 						false => {
 							let i = key.at(0);
@@ -273,20 +268,15 @@ impl<'a> TrieDBIterator<'a> {
 							});
 							self.key_nibbles.push(i);
 							let child = self.db.get_raw_or_lookup(&*nodes[i as usize])?;
-							Step::Descend(child, 1)
+							(child, 1)
 						}
 					},
-					_ => Step::Return
+					_ => return Ok(()),
 				}
 			};
 
-			match step {
-				Step::Return => return Ok(()),
-				Step::Descend(data, mid) => {
-					node_data = data;
-					key = key.mid(mid);
-				}
-			}
+			node_data = data;
+			key = key.mid(mid);
 		}
 	}
 
@@ -331,7 +321,7 @@ impl<'a> TrieIterator for TrieDBIterator<'a> {
 		self.trail.clear();
 		self.key_nibbles.clear();
 		let root_rlp = self.db.root_data()?;
-		self.seek_descend(root_rlp, NibbleSlice::new(key))
+		self.seek(root_rlp, NibbleSlice::new(key))
 	}
 }
 

From d90ec3d1925f8fa136886a384dd8a34af9a0b8c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomusdrw@users.noreply.github.com>
Date: Mon, 28 Aug 2017 15:22:59 +0200
Subject: [PATCH 110/112] Bring back IPFS tests. (#6398)

---
 ipfs/src/route.rs | 2 +-
 test.sh           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ipfs/src/route.rs b/ipfs/src/route.rs
index b034c2d4c..c72ca53c1 100644
--- a/ipfs/src/route.rs
+++ b/ipfs/src/route.rs
@@ -119,7 +119,7 @@ mod tests {
 	use ethcore::client::TestBlockChainClient;
 
 	fn get_mocked_handler() -> IpfsHandler {
-		IpfsHandler::new(None, None, Arc::new(TestBlockChainClient::new()))
+		IpfsHandler::new(None.into(), None.into(), Arc::new(TestBlockChainClient::new()))
 	}
 
 	#[test]
diff --git a/test.sh b/test.sh
index 5430b17ea..7a2cac946 100755
--- a/test.sh
+++ b/test.sh
@@ -26,4 +26,4 @@ set -e
 
 ./scripts/validate_chainspecs.sh
 
-cargo test -j 8 $OPTIONS --features "$FEATURES" --all --exclude parity-ipfs-api --exclude evmjit $1
+cargo test -j 8 $OPTIONS --features "$FEATURES" --all --exclude evmjit $1

From b8e6799d673642a238895cd7d8169efc4b74accc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Drwi=C4=99ga?= <tomasz@parity.io>
Date: Tue, 29 Aug 2017 10:50:13 +0200
Subject: [PATCH 111/112] Don't accept transactions above block gas limit.

---
 ethcore/src/miner/transaction_queue.rs | 28 +++++++++-----------------
 1 file changed, 10 insertions(+), 18 deletions(-)

diff --git a/ethcore/src/miner/transaction_queue.rs b/ethcore/src/miner/transaction_queue.rs
index 263143ee8..00029e70f 100644
--- a/ethcore/src/miner/transaction_queue.rs
+++ b/ethcore/src/miner/transaction_queue.rs
@@ -506,8 +506,6 @@ pub struct AccountDetails {
 	pub balance: U256,
 }
 
-/// Transactions with `gas > (gas_limit + gas_limit * Factor(in percents))` are not imported to the queue.
-const GAS_LIMIT_HYSTERESIS: usize = 200; // (100/GAS_LIMIT_HYSTERESIS) %
 /// Transaction with the same (sender, nonce) can be replaced only if
 /// `new_gas_price > old_gas_price + old_gas_price >> SHIFT`
 const GAS_PRICE_BUMP_SHIFT: usize = 3; // 2 = 25%, 3 = 12.5%, 4 = 6.25%
@@ -570,8 +568,8 @@ pub struct TransactionQueue {
 	minimal_gas_price: U256,
 	/// The maximum amount of gas any individual transaction may use.
 	tx_gas_limit: U256,
-	/// Current gas limit (block gas limit * factor). Transactions above the limit will not be accepted (default to !0)
-	total_gas_limit: U256,
+	/// Current gas limit (block gas limit). Transactions above the limit will not be accepted (default to !0)
+	block_gas_limit: U256,
 	/// Maximal time transaction may occupy the queue.
 	/// When we reach `max_time_in_queue / 2^3` we re-validate
 	/// account balance.
@@ -631,7 +629,7 @@ impl TransactionQueue {
 		TransactionQueue {
 			strategy,
 			minimal_gas_price: U256::zero(),
-			total_gas_limit: !U256::zero(),
+			block_gas_limit: !U256::zero(),
 			tx_gas_limit,
 			max_time_in_queue: DEFAULT_QUEUING_PERIOD,
 			current,
@@ -674,16 +672,10 @@ impl TransactionQueue {
 		self.current.gas_price_entry_limit()
 	}
 
-	/// Sets new gas limit. Transactions with gas slightly (`GAS_LIMIT_HYSTERESIS`) above the limit won't be imported.
+	/// Sets new gas limit. Transactions with gas over the limit will not be accepted.
 	/// Any transaction already imported to the queue is not affected.
 	pub fn set_gas_limit(&mut self, gas_limit: U256) {
-		let extra = gas_limit / U256::from(GAS_LIMIT_HYSTERESIS);
-
-		let total_gas_limit = match gas_limit.overflowing_add(extra) {
-			(_, true) => !U256::zero(),
-			(val, false) => val,
-		};
-		self.total_gas_limit = total_gas_limit;
+		self.block_gas_limit = gas_limit;
 	}
 
 	/// Sets new total gas limit.
@@ -819,13 +811,13 @@ impl TransactionQueue {
 			}));
 		}
 
-		let gas_limit = cmp::min(self.tx_gas_limit, self.total_gas_limit);
+		let gas_limit = cmp::min(self.tx_gas_limit, self.block_gas_limit);
 		if tx.gas > gas_limit {
 			trace!(target: "txqueue",
 				"Dropping transaction above gas limit: {:?} ({} > min({}, {}))",
 				tx.hash(),
 				tx.gas,
-				self.total_gas_limit,
+				self.block_gas_limit,
 				self.tx_gas_limit
 			);
 			return Err(Error::Transaction(TransactionError::GasLimitExceeded {
@@ -1922,13 +1914,13 @@ pub mod test {
 		// given
 		let mut txq = TransactionQueue::default();
 		txq.set_gas_limit(U256::zero());
-		assert_eq!(txq.total_gas_limit, U256::zero());
+		assert_eq!(txq.block_gas_limit, U256::zero());
 
 		// when
 		txq.set_gas_limit(!U256::zero());
 
 		// then
-		assert_eq!(txq.total_gas_limit, !U256::zero());
+		assert_eq!(txq.block_gas_limit, !U256::zero());
 	}
 
 	#[test]
@@ -1945,7 +1937,7 @@ pub mod test {
 
 		// then
 		assert_eq!(unwrap_tx_err(res), TransactionError::GasLimitExceeded {
-			limit: U256::from(50_250), // Should be 100.5% of set_gas_limit
+			limit: U256::from(50_000),
 			got: gas,
 		});
 		let stats = txq.status();

From d520aa2633323d5a9f15899fbf5dd2e56b473aeb Mon Sep 17 00:00:00 2001
From: Arkadiy Paronyan <arkady.paronyan@gmail.com>
Date: Tue, 29 Aug 2017 14:38:01 +0200
Subject: [PATCH 112/112] Connection filter (#6359)

---
 Cargo.lock                                 |  14 ++
 Cargo.toml                                 |   1 +
 ethcore/native_contracts/build.rs          |   2 +
 ethcore/native_contracts/res/peer_set.json |   1 +
 ethcore/native_contracts/src/lib.rs        |   2 +
 ethcore/native_contracts/src/peer_set.rs   |  21 +++
 ethcore/node_filter/Cargo.toml             |  16 +++
 ethcore/node_filter/res/node_filter.json   |  44 ++++++
 ethcore/node_filter/src/lib.rs             | 154 +++++++++++++++++++++
 ethcore/src/spec/spec.rs                   |   3 +
 json/src/spec/params.rs                    |   3 +
 parity/main.rs                             |   1 +
 parity/modules.rs                          |   6 +-
 parity/run.rs                              |   9 +-
 sync/src/api.rs                            |   8 +-
 sync/src/lib.rs                            |   2 +-
 util/network/src/connection_filter.rs      |  31 +++++
 util/network/src/host.rs                   |  27 +++-
 util/network/src/lib.rs                    |   4 +-
 util/network/src/service.rs                |   7 +-
 util/network/src/tests.rs                  |  14 +-
 21 files changed, 346 insertions(+), 24 deletions(-)
 create mode 100644 ethcore/native_contracts/res/peer_set.json
 create mode 100644 ethcore/native_contracts/src/peer_set.rs
 create mode 100644 ethcore/node_filter/Cargo.toml
 create mode 100644 ethcore/node_filter/res/node_filter.json
 create mode 100644 ethcore/node_filter/src/lib.rs
 create mode 100644 util/network/src/connection_filter.rs

diff --git a/Cargo.lock b/Cargo.lock
index 50e847da2..e2108d186 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1615,6 +1615,19 @@ dependencies = [
  "ws2_32-sys 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "node-filter"
+version = "1.8.0"
+dependencies = [
+ "ethcore 1.8.0",
+ "ethcore-io 1.8.0",
+ "ethcore-network 1.8.0",
+ "ethcore-util 1.8.0",
+ "futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
+ "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "native-contracts 0.1.0",
+]
+
 [[package]]
 name = "node-health"
 version = "0.1.0"
@@ -1838,6 +1851,7 @@ dependencies = [
  "isatty 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 7.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.7)",
  "log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "node-filter 1.8.0",
  "node-health 0.1.0",
  "num_cpus 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "number_prefix 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/Cargo.toml b/Cargo.toml
index ebd60ca64..06abd7b31 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -42,6 +42,7 @@ ethcore-light = { path = "ethcore/light" }
 ethcore-logger = { path = "logger" }
 ethcore-stratum = { path = "stratum" }
 ethcore-network = { path = "util/network" }
+node-filter = { path = "ethcore/node_filter" }
 ethkey = { path = "ethkey" }
 node-health = { path = "dapps/node-health" }
 rlp = { path = "util/rlp" }
diff --git a/ethcore/native_contracts/build.rs b/ethcore/native_contracts/build.rs
index bcb64067c..e7985b388 100644
--- a/ethcore/native_contracts/build.rs
+++ b/ethcore/native_contracts/build.rs
@@ -28,6 +28,7 @@ const SERVICE_TRANSACTION_ABI: &'static str = include_str!("res/service_transact
 const SECRETSTORE_ACL_STORAGE_ABI: &'static str = include_str!("res/secretstore_acl_storage.json");
 const VALIDATOR_SET_ABI: &'static str = include_str!("res/validator_set.json");
 const VALIDATOR_REPORT_ABI: &'static str = include_str!("res/validator_report.json");
+const PEER_SET_ABI: &'static str = include_str!("res/peer_set.json");
 
 const TEST_VALIDATOR_SET_ABI: &'static str = include_str!("res/test_validator_set.json");
 
@@ -53,6 +54,7 @@ fn main() {
 	build_file("SecretStoreAclStorage", SECRETSTORE_ACL_STORAGE_ABI, "secretstore_acl_storage.rs");
 	build_file("ValidatorSet", VALIDATOR_SET_ABI, "validator_set.rs");
 	build_file("ValidatorReport", VALIDATOR_REPORT_ABI, "validator_report.rs");
+	build_file("PeerSet", PEER_SET_ABI, "peer_set.rs");
 
 	build_test_contracts();
 }
diff --git a/ethcore/native_contracts/res/peer_set.json b/ethcore/native_contracts/res/peer_set.json
new file mode 100644
index 000000000..a932f948d
--- /dev/null
+++ b/ethcore/native_contracts/res/peer_set.json
@@ -0,0 +1 @@
+[{"constant":true,"inputs":[{"name":"sl","type":"bytes32"},{"name":"sh","type":"bytes32"},{"name":"pl","type":"bytes32"},{"name":"ph","type":"bytes32"}],"name":"connectionAllowed","outputs":[{"name":"res","type":"bool"}],"payable":false,"type":"function"},{"inputs":[],"payable":false,"type":"constructor"}]
diff --git a/ethcore/native_contracts/src/lib.rs b/ethcore/native_contracts/src/lib.rs
index 58875f8a2..733dea80e 100644
--- a/ethcore/native_contracts/src/lib.rs
+++ b/ethcore/native_contracts/src/lib.rs
@@ -30,6 +30,7 @@ mod service_transaction;
 mod secretstore_acl_storage;
 mod validator_set;
 mod validator_report;
+mod peer_set;
 
 pub mod test_contracts;
 
@@ -40,3 +41,4 @@ pub use self::service_transaction::ServiceTransactionChecker;
 pub use self::secretstore_acl_storage::SecretStoreAclStorage;
 pub use self::validator_set::ValidatorSet;
 pub use self::validator_report::ValidatorReport;
+pub use self::peer_set::PeerSet;
diff --git a/ethcore/native_contracts/src/peer_set.rs b/ethcore/native_contracts/src/peer_set.rs
new file mode 100644
index 000000000..09d0ecbb8
--- /dev/null
+++ b/ethcore/native_contracts/src/peer_set.rs
@@ -0,0 +1,21 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+#![allow(unused_mut, unused_variables, unused_imports)]
+
+//! Peer set contract.
+
+include!(concat!(env!("OUT_DIR"), "/peer_set.rs"));
diff --git a/ethcore/node_filter/Cargo.toml b/ethcore/node_filter/Cargo.toml
new file mode 100644
index 000000000..e885ef1d1
--- /dev/null
+++ b/ethcore/node_filter/Cargo.toml
@@ -0,0 +1,16 @@
+[package]
+description = "Parity smart network connections"
+homepage = "http://parity.io"
+license = "GPL-3.0"
+name = "node-filter"
+version = "1.8.0"
+authors = ["Parity Technologies <admin@parity.io>"]
+
+[dependencies]
+ethcore = { path = ".."}
+ethcore-util = { path = "../../util" }
+ethcore-io = { path = "../../util/io" }
+ethcore-network = { path = "../../util/network" }
+native-contracts = { path = "../native_contracts" }
+futures = "0.1"
+log = "0.3"
diff --git a/ethcore/node_filter/res/node_filter.json b/ethcore/node_filter/res/node_filter.json
new file mode 100644
index 000000000..f8eb17152
--- /dev/null
+++ b/ethcore/node_filter/res/node_filter.json
@@ -0,0 +1,44 @@
+{
+	"name": "TestNodeFilterContract",
+	"engine": {
+		"authorityRound": {
+			"params": {
+				"stepDuration": 1,
+				"startStep": 2,
+				"validators": {
+					"contract": "0x0000000000000000000000000000000000000005"
+				}
+			}
+		}
+	},
+	"params": {
+		"accountStartNonce": "0x0",
+		"maximumExtraDataSize": "0x20",
+		"minGasLimit": "0x1388",
+		"networkID" : "0x69",
+		"gasLimitBoundDivisor": "0x0400"
+	},
+	"genesis": {
+		"seal": {
+			"generic": "0xc180"
+		},
+		"difficulty": "0x20000",
+		"author": "0x0000000000000000000000000000000000000000",
+		"timestamp": "0x00",
+		"parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000",
+		"extraData": "0x",
+		"gasLimit": "0x222222"
+	},
+	"accounts": {
+		"0000000000000000000000000000000000000001": { "balance": "1", "builtin": { "name": "ecrecover", "pricing": { "linear": { "base": 3000, "word": 0 } } } },
+		"0000000000000000000000000000000000000002": { "balance": "1", "builtin": { "name": "sha256", "pricing": { "linear": { "base": 60, "word": 12 } } } },
+		"0000000000000000000000000000000000000003": { "balance": "1", "builtin": { "name": "ripemd160", "pricing": { "linear": { "base": 600, "word": 120 } } } },
+		"0000000000000000000000000000000000000004": { "balance": "1", "builtin": { "name": "identity", "pricing": { "linear": { "base": 15, "word": 3 } } } },
+		"0000000000000000000000000000000000000005": {
+			"balance": "1",
+			"constructor": "6060604052341561000f57600080fd5b5b6012600102600080601160010260001916815260200190815260200160002081600019169055506022600102600080602160010260001916815260200190815260200160002081600019169055506032600102600080603160010260001916815260200190815260200160002081600019169055506042600102600080604160010260001916815260200190815260200160002081600019169055505b5b610155806100bd6000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168063994d790a1461003e575b600080fd5b341561004957600080fd5b61008a6004808035600019169060200190919080356000191690602001909190803560001916906020019091908035600019169060200190919050506100a4565b604051808215151515815260200191505060405180910390f35b60006001800285600019161480156100c3575060026001028460001916145b156100d15760019050610121565b60006001028360001916141580156100f157506000600102826000191614155b801561011e5750816000191660008085600019166000191681526020019081526020016000205460001916145b90505b9493505050505600a165627a7a723058202082b8d8667fd397925f39785d8e804540beda0524d28af15921375145dfcc250029"
+		},
+		"0x7d577a597b2742b498cb5cf0c26cdcd726d39e6e": { "balance": "1606938044258990275541962092341162602522202993782792835301376" },
+		"0x82a978b3f5962a5b0957d9ee9eef472ee55b42f1": { "balance": "1606938044258990275541962092341162602522202993782792835301376" }
+	}
+}
diff --git a/ethcore/node_filter/src/lib.rs b/ethcore/node_filter/src/lib.rs
new file mode 100644
index 000000000..d3dcbaa3b
--- /dev/null
+++ b/ethcore/node_filter/src/lib.rs
@@ -0,0 +1,154 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Smart contract based node filter.
+
+extern crate ethcore;
+extern crate ethcore_util as util;
+extern crate ethcore_network as network;
+extern crate native_contracts;
+extern crate futures;
+#[cfg(test)] extern crate ethcore_io as io;
+#[macro_use] extern crate log;
+
+use std::sync::Weak;
+use std::collections::HashMap;
+use native_contracts::PeerSet as Contract;
+use network::{NodeId, ConnectionFilter, ConnectionDirection};
+use ethcore::client::{BlockChainClient, BlockId, ChainNotify};
+use util::{Mutex, Address, H256, Bytes};
+use futures::Future;
+
+const MAX_CACHE_SIZE: usize = 4096;
+
+/// Connection filter that uses a contract to manage permissions.
+pub struct NodeFilter {
+	contract: Mutex<Option<Contract>>,
+	client: Weak<BlockChainClient>,
+	contract_address: Address,
+	permission_cache: Mutex<HashMap<NodeId, bool>>,
+}
+
+impl NodeFilter {
+	/// Create a new instance. Accepts a contract address.
+	pub fn new(client: Weak<BlockChainClient>, contract_address: Address) -> NodeFilter {
+		NodeFilter {
+			contract: Mutex::new(None),
+			client: client,
+			contract_address: contract_address,
+			permission_cache: Mutex::new(HashMap::new()),
+		}
+	}
+
+	/// Clear cached permissions.
+	pub fn clear_cache(&self) {
+		self.permission_cache.lock().clear();
+	}
+}
+
+impl ConnectionFilter for NodeFilter {
+	fn connection_allowed(&self, own_id: &NodeId, connecting_id: &NodeId, _direction: ConnectionDirection) -> bool {
+
+		let mut cache = self.permission_cache.lock();
+		if let Some(res) = cache.get(connecting_id) {
+			return *res;
+		}
+
+		let mut contract = self.contract.lock();
+		if contract.is_none() {
+			*contract = Some(Contract::new(self.contract_address));
+		}
+
+		let allowed = match (self.client.upgrade(), &*contract) {
+			(Some(ref client), &Some(ref contract)) => {
+				let own_low = H256::from_slice(&own_id[0..32]);
+				let own_high = H256::from_slice(&own_id[32..64]);
+				let id_low = H256::from_slice(&connecting_id[0..32]);
+				let id_high = H256::from_slice(&connecting_id[32..64]);
+				let allowed = contract.connection_allowed(
+					|addr, data| futures::done(client.call_contract(BlockId::Latest, addr, data)),
+					own_low,
+					own_high,
+					id_low,
+					id_high,
+				).wait().unwrap_or_else(|e| {
+					debug!("Error callling peer set contract: {:?}", e);
+					false
+				});
+
+				allowed
+			}
+			_ => false,
+		};
+
+		if cache.len() < MAX_CACHE_SIZE {
+			cache.insert(*connecting_id, allowed);
+		}
+		allowed
+	}
+}
+
+impl ChainNotify for NodeFilter {
+	fn new_blocks(&self, imported: Vec<H256>, _invalid: Vec<H256>, _enacted: Vec<H256>, _retracted: Vec<H256>, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: u64) {
+		if !imported.is_empty() {
+			self.clear_cache();
+		}
+	}
+}
+
+
+#[cfg(test)]
+mod test {
+	use std::sync::{Arc, Weak};
+	use std::str::FromStr;
+	use ethcore::spec::Spec;
+	use ethcore::client::{BlockChainClient, Client, ClientConfig};
+	use ethcore::miner::Miner;
+	use util::{Address};
+	use network::{ConnectionDirection, ConnectionFilter, NodeId};
+	use io::IoChannel;
+	use super::NodeFilter;
+
+	/// Contract code: https://gist.github.com/arkpar/467dbcc73cbb85b0997a7a10ffa0695f
+	#[test]
+	fn node_filter() {
+		let contract_addr = Address::from_str("0000000000000000000000000000000000000005").unwrap();
+		let data = include_bytes!("../res/node_filter.json");
+		let spec = Spec::load(::std::env::temp_dir(), &data[..]).unwrap();
+		let client_db = Arc::new(::util::kvdb::in_memory(::ethcore::db::NUM_COLUMNS.unwrap_or(0)));
+
+		let client = Client::new(
+			ClientConfig::default(),
+			&spec,
+			client_db,
+			Arc::new(Miner::with_spec(&spec)),
+			IoChannel::disconnected(),
+		).unwrap();
+		let filter = NodeFilter::new(Arc::downgrade(&client) as Weak<BlockChainClient>, contract_addr);
+		let self1 = NodeId::from_str("00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000002").unwrap();
+		let self2 = NodeId::from_str("00000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000003").unwrap();
+		let node1 = NodeId::from_str("00000000000000000000000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000012").unwrap();
+		let node2 = NodeId::from_str("00000000000000000000000000000000000000000000000000000000000000210000000000000000000000000000000000000000000000000000000000000022").unwrap();
+		let nodex = NodeId::from_str("77000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000").unwrap();
+
+		assert!(filter.connection_allowed(&self1, &node1, ConnectionDirection::Inbound));
+		assert!(filter.connection_allowed(&self1, &nodex, ConnectionDirection::Inbound));
+		filter.clear_cache();
+		assert!(filter.connection_allowed(&self2, &node1, ConnectionDirection::Inbound));
+		assert!(filter.connection_allowed(&self2, &node2, ConnectionDirection::Inbound));
+		assert!(!filter.connection_allowed(&self2, &nodex, ConnectionDirection::Inbound));
+	}
+}
diff --git a/ethcore/src/spec/spec.rs b/ethcore/src/spec/spec.rs
index ba57a7f27..4d10a90ad 100644
--- a/ethcore/src/spec/spec.rs
+++ b/ethcore/src/spec/spec.rs
@@ -100,6 +100,8 @@ pub struct CommonParams {
 	pub block_reward: U256,
 	/// Registrar contract address.
 	pub registrar: Address,
+	/// Node permission managing contract address.
+	pub node_permission_contract: Option<Address>,
 }
 
 impl CommonParams {
@@ -171,6 +173,7 @@ impl From<ethjson::spec::Params> for CommonParams {
 			gas_limit_bound_divisor: p.gas_limit_bound_divisor.into(),
 			block_reward: p.block_reward.map_or_else(U256::zero, Into::into),
 			registrar: p.registrar.map_or_else(Address::new, Into::into),
+			node_permission_contract: p.node_permission_contract.map(Into::into),
 		}
 	}
 }
diff --git a/json/src/spec/params.rs b/json/src/spec/params.rs
index d72ead89a..de33039c4 100644
--- a/json/src/spec/params.rs
+++ b/json/src/spec/params.rs
@@ -102,6 +102,9 @@ pub struct Params {
 	pub block_reward: Option<Uint>,
 	/// See `CommonParams` docs.
 	pub registrar: Option<Address>,
+	/// Node permission contract address.
+	#[serde(rename="nodePermissionContract")]
+	pub node_permission_contract: Option<Address>,
 }
 
 #[cfg(test)]
diff --git a/parity/main.rs b/parity/main.rs
index 46e698998..d79fb0064 100644
--- a/parity/main.rs
+++ b/parity/main.rs
@@ -69,6 +69,7 @@ extern crate parity_updater as updater;
 extern crate parity_whisper;
 extern crate path;
 extern crate rpc_cli;
+extern crate node_filter;
 
 #[macro_use]
 extern crate log as rlog;
diff --git a/parity/modules.rs b/parity/modules.rs
index c7aea7dfa..8613c5ae5 100644
--- a/parity/modules.rs
+++ b/parity/modules.rs
@@ -19,7 +19,7 @@ use std::path::Path;
 
 use ethcore::client::BlockChainClient;
 use hypervisor::Hypervisor;
-use ethsync::{AttachedProtocol, SyncConfig, NetworkConfiguration, NetworkError, Params};
+use ethsync::{AttachedProtocol, SyncConfig, NetworkConfiguration, NetworkError, Params, ConnectionFilter};
 use ethcore::snapshot::SnapshotService;
 use light::Provider;
 
@@ -183,6 +183,7 @@ pub fn sync(
 	provider: Arc<Provider>,
 	_log_settings: &LogConfig,
 	attached_protos: Vec<AttachedProtocol>,
+	connection_filter: Option<Arc<ConnectionFilter>>,
 ) -> Result<SyncModules, NetworkError> {
 	let eth_sync = EthSync::new(Params {
 		config: sync_cfg,
@@ -191,7 +192,8 @@ pub fn sync(
 		snapshot_service: snapshot_service,
 		network_config: net_cfg,
 		attached_protos: attached_protos,
-	})?;
+	},
+	connection_filter)?;
 
 	Ok((eth_sync.clone() as Arc<SyncProvider>, eth_sync.clone() as Arc<ManageNetwork>, eth_sync.clone() as Arc<ChainNotify>))
 }
diff --git a/parity/run.rs b/parity/run.rs
index a0270d0a3..a81d61ba0 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -15,7 +15,7 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::fmt;
-use std::sync::Arc;
+use std::sync::{Arc, Weak};
 use std::net::{TcpListener};
 
 use ctrlc::CtrlC;
@@ -38,6 +38,7 @@ use parity_reactor::EventLoop;
 use parity_rpc::{NetworkSettings, informant, is_major_importing};
 use updater::{UpdatePolicy, Updater};
 use util::{Colour, version, Mutex, Condvar};
+use node_filter::NodeFilter;
 
 use params::{
 	SpecType, Pruning, AccountsConfig, GasPricerConfig, MinerExtras, Switch,
@@ -569,11 +570,13 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 		miner.clone(),
 	).map_err(|e| format!("Client service error: {:?}", e))?;
 
+	let connection_filter_address = spec.params().node_permission_contract;
 	// drop the spec to free up genesis state.
 	drop(spec);
 
 	// take handle to client
 	let client = service.client();
+	let connection_filter = connection_filter_address.map(|a| Arc::new(NodeFilter::new(Arc::downgrade(&client) as Weak<BlockChainClient>, a)));
 	let snapshot_service = service.snapshot_service();
 
 	// initialize the local node information store.
@@ -645,9 +648,13 @@ pub fn execute(cmd: RunCmd, can_restart: bool, logger: Arc<RotatingLogger>) -> R
 		client.clone(),
 		&cmd.logger_config,
 		attached_protos,
+		connection_filter.clone().map(|f| f as Arc<::ethsync::ConnectionFilter + 'static>),
 	).map_err(|e| format!("Sync error: {}", e))?;
 
 	service.add_notify(chain_notify.clone());
+	if let Some(filter) = connection_filter {
+		service.add_notify(filter);
+	}
 
 	// start network
 	if network_enabled {
diff --git a/sync/src/api.rs b/sync/src/api.rs
index acbc26867..f3c5570ee 100644
--- a/sync/src/api.rs
+++ b/sync/src/api.rs
@@ -19,7 +19,7 @@ use std::collections::{HashMap, BTreeMap};
 use std::io;
 use util::Bytes;
 use network::{NetworkProtocolHandler, NetworkService, NetworkContext, HostInfo, PeerId, ProtocolId,
-	NetworkConfiguration as BasicNetworkConfiguration, NonReservedPeerMode, NetworkError};
+	NetworkConfiguration as BasicNetworkConfiguration, NonReservedPeerMode, NetworkError, ConnectionFilter};
 use util::{U256, H256, H512};
 use io::{TimerToken};
 use ethcore::ethstore::ethkey::Secret;
@@ -236,7 +236,7 @@ pub struct EthSync {
 
 impl EthSync {
 	/// Creates and register protocol with the network service
-	pub fn new(params: Params) -> Result<Arc<EthSync>, NetworkError> {
+	pub fn new(params: Params, connection_filter: Option<Arc<ConnectionFilter>>) -> Result<Arc<EthSync>, NetworkError> {
 		const MAX_LIGHTSERV_LOAD: f64 = 0.5;
 
 		let pruning_info = params.chain.pruning_info();
@@ -272,7 +272,7 @@ impl EthSync {
 		};
 
 		let chain_sync = ChainSync::new(params.config, &*params.chain);
-		let service = NetworkService::new(params.network_config.clone().into_basic()?)?;
+		let service = NetworkService::new(params.network_config.clone().into_basic()?, connection_filter)?;
 
 		let sync = Arc::new(EthSync {
 			network: service,
@@ -736,7 +736,7 @@ impl LightSync {
 			(sync_handler, Arc::new(light_proto))
 		};
 
-		let service = NetworkService::new(params.network_config)?;
+		let service = NetworkService::new(params.network_config, None)?;
 
 		Ok(LightSync {
 			proto: light_proto,
diff --git a/sync/src/lib.rs b/sync/src/lib.rs
index e131bf901..51947317d 100644
--- a/sync/src/lib.rs
+++ b/sync/src/lib.rs
@@ -76,7 +76,7 @@ mod api;
 
 pub use api::*;
 pub use chain::{SyncStatus, SyncState};
-pub use network::{is_valid_node_url, NonReservedPeerMode, NetworkError};
+pub use network::{is_valid_node_url, NonReservedPeerMode, NetworkError, ConnectionFilter, ConnectionDirection};
 
 /// IPC interfaces
 #[cfg(feature="ipc")]
diff --git a/util/network/src/connection_filter.rs b/util/network/src/connection_filter.rs
new file mode 100644
index 000000000..5afe5865b
--- /dev/null
+++ b/util/network/src/connection_filter.rs
@@ -0,0 +1,31 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Connection filter trait.
+
+use super::NodeId;
+
+/// Filtered connection direction.
+pub enum ConnectionDirection {
+	Inbound,
+	Outbound,
+}
+
+/// Connection filter. Each connection is checked against `connection_allowed`.
+pub trait ConnectionFilter : Send + Sync {
+	/// Filter a connection. Returns `true` if connection should be allowed. `false` if rejected.
+	fn connection_allowed(&self, own_id: &NodeId, connecting_id: &NodeId, direction: ConnectionDirection) -> bool;
+}
diff --git a/util/network/src/host.rs b/util/network/src/host.rs
index 8aea9184f..d74b2fa6e 100644
--- a/util/network/src/host.rs
+++ b/util/network/src/host.rs
@@ -42,6 +42,7 @@ use discovery::{Discovery, TableUpdates, NodeEntry};
 use ip_utils::{map_external_address, select_public_address};
 use path::restrict_permissions_owner;
 use parking_lot::{Mutex, RwLock};
+use connection_filter::{ConnectionFilter, ConnectionDirection};
 
 type Slab<T> = ::slab::Slab<T, usize>;
 
@@ -380,11 +381,12 @@ pub struct Host {
 	reserved_nodes: RwLock<HashSet<NodeId>>,
 	num_sessions: AtomicUsize,
 	stopping: AtomicBool,
+	filter: Option<Arc<ConnectionFilter>>,
 }
 
 impl Host {
 	/// Create a new instance
-	pub fn new(mut config: NetworkConfiguration, stats: Arc<NetworkStats>) -> Result<Host, NetworkError> {
+	pub fn new(mut config: NetworkConfiguration, stats: Arc<NetworkStats>, filter: Option<Arc<ConnectionFilter>>) -> Result<Host, NetworkError> {
 		let mut listen_address = match config.listen_address {
 			None => SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::new(0, 0, 0, 0), DEFAULT_PORT)),
 			Some(addr) => addr,
@@ -437,6 +439,7 @@ impl Host {
 			reserved_nodes: RwLock::new(HashSet::new()),
 			num_sessions: AtomicUsize::new(0),
 			stopping: AtomicBool::new(false),
+			filter: filter,
 		};
 
 		for n in boot_nodes {
@@ -691,8 +694,12 @@ impl Host {
 
 		let max_handshakes_per_round = max_handshakes / 2;
 		let mut started: usize = 0;
-		for id in nodes.filter(|id| !self.have_session(id) && !self.connecting_to(id) && *id != self_id)
-			.take(min(max_handshakes_per_round, max_handshakes - handshake_count)) {
+		for id in nodes.filter(|id| 
+				!self.have_session(id) &&
+				!self.connecting_to(id) &&
+				*id != self_id &&
+				self.filter.as_ref().map_or(true, |f| f.connection_allowed(&self_id, &id, ConnectionDirection::Outbound))
+			).take(min(max_handshakes_per_round, max_handshakes - handshake_count)) {
 			self.connect_peer(&id, io);
 			started += 1;
 		}
@@ -827,7 +834,7 @@ impl Host {
 						Ok(SessionData::Ready) => {
 							self.num_sessions.fetch_add(1, AtomicOrdering::SeqCst);
 							let session_count = self.session_count();
-							let (min_peers, max_peers, reserved_only) = {
+							let (min_peers, max_peers, reserved_only, self_id) = {
 								let info = self.info.read();
 								let mut max_peers = info.config.max_peers;
 								for cap in s.info.capabilities.iter() {
@@ -836,7 +843,7 @@ impl Host {
 										break;
 									}
 								}
-								(info.config.min_peers as usize, max_peers as usize, info.config.non_reserved_mode == NonReservedPeerMode::Deny)
+								(info.config.min_peers as usize, max_peers as usize, info.config.non_reserved_mode == NonReservedPeerMode::Deny, info.id().clone())
 							};
 
 							let id = s.id().expect("Ready session always has id").clone();
@@ -852,6 +859,14 @@ impl Host {
 									break;
 								}
 							}
+
+							if !self.filter.as_ref().map_or(true, |f| f.connection_allowed(&self_id, &id, ConnectionDirection::Inbound)) {
+								trace!(target: "network", "Inbound connection not allowed for {:?}", id);
+								s.disconnect(io, DisconnectReason::UnexpectedIdentity);
+								kill = true;
+								break;
+							}
+
 							ready_id = Some(id);
 
 							// Add it to the node table
@@ -1266,7 +1281,7 @@ fn host_client_url() {
 	let mut config = NetworkConfiguration::new_local();
 	let key = "6f7b0d801bc7b5ce7bbd930b84fd0369b3eb25d09be58d64ba811091046f3aa2".parse().unwrap();
 	config.use_secret = Some(key);
-	let host: Host = Host::new(config, Arc::new(NetworkStats::new())).unwrap();
+	let host: Host = Host::new(config, Arc::new(NetworkStats::new()), None).unwrap();
 	assert!(host.local_url().starts_with("enode://101b3ef5a4ea7a1c7928e24c4c75fd053c235d7b80c22ae5c03d145d0ac7396e2a4ffff9adee3133a7b05044a5cee08115fd65145e5165d646bde371010d803c@"));
 }
 
diff --git a/util/network/src/lib.rs b/util/network/src/lib.rs
index 74e30a750..5695b8196 100644
--- a/util/network/src/lib.rs
+++ b/util/network/src/lib.rs
@@ -44,7 +44,7 @@
 //! }
 //!
 //! fn main () {
-//! 	let mut service = NetworkService::new(NetworkConfiguration::new_local()).expect("Error creating network service");
+//! 	let mut service = NetworkService::new(NetworkConfiguration::new_local(), None).expect("Error creating network service");
 //! 	service.start().expect("Error starting service");
 //! 	service.register_protocol(Arc::new(MyHandler), *b"myp", 1, &[1u8]);
 //!
@@ -95,6 +95,7 @@ mod error;
 mod node_table;
 mod stats;
 mod ip_utils;
+mod connection_filter;
 
 #[cfg(test)]
 mod tests;
@@ -104,6 +105,7 @@ pub use service::NetworkService;
 pub use error::NetworkError;
 pub use stats::NetworkStats;
 pub use session::SessionInfo;
+pub use connection_filter::{ConnectionFilter, ConnectionDirection};
 
 pub use io::TimerToken;
 pub use node_table::{is_valid_node_url, NodeId};
diff --git a/util/network/src/service.rs b/util/network/src/service.rs
index d31edadb5..bce31e00a 100644
--- a/util/network/src/service.rs
+++ b/util/network/src/service.rs
@@ -22,6 +22,7 @@ use io::*;
 use parking_lot::RwLock;
 use std::sync::Arc;
 use ansi_term::Colour;
+use connection_filter::ConnectionFilter;
 
 struct HostHandler {
 	public_url: RwLock<Option<String>>
@@ -48,11 +49,12 @@ pub struct NetworkService {
 	stats: Arc<NetworkStats>,
 	host_handler: Arc<HostHandler>,
 	config: NetworkConfiguration,
+	filter: Option<Arc<ConnectionFilter>>,
 }
 
 impl NetworkService {
 	/// Starts IO event loop
-	pub fn new(config: NetworkConfiguration) -> Result<NetworkService, NetworkError> {
+	pub fn new(config: NetworkConfiguration, filter: Option<Arc<ConnectionFilter>>) -> Result<NetworkService, NetworkError> {
 		let host_handler = Arc::new(HostHandler { public_url: RwLock::new(None) });
 		let io_service = IoService::<NetworkIoMessage>::start()?;
 
@@ -65,6 +67,7 @@ impl NetworkService {
 			host: RwLock::new(None),
 			config: config,
 			host_handler: host_handler,
+			filter: filter,
 		})
 	}
 
@@ -115,7 +118,7 @@ impl NetworkService {
 	pub fn start(&self) -> Result<(), NetworkError> {
 		let mut host = self.host.write();
 		if host.is_none() {
-			let h = Arc::new(Host::new(self.config.clone(), self.stats.clone())?);
+			let h = Arc::new(Host::new(self.config.clone(), self.stats.clone(), self.filter.clone())?);
 			self.io_service.register_handler(h.clone())?;
 			*host = Some(h);
 		}
diff --git a/util/network/src/tests.rs b/util/network/src/tests.rs
index 81325f57b..d743318ab 100644
--- a/util/network/src/tests.rs
+++ b/util/network/src/tests.rs
@@ -92,7 +92,7 @@ impl NetworkProtocolHandler for TestProtocol {
 
 #[test]
 fn net_service() {
-	let service = NetworkService::new(NetworkConfiguration::new_local()).expect("Error creating network service");
+	let service = NetworkService::new(NetworkConfiguration::new_local(), None).expect("Error creating network service");
 	service.start().unwrap();
 	service.register_protocol(Arc::new(TestProtocol::new(false)), *b"myp", 1, &[1u8]).unwrap();
 }
@@ -104,13 +104,13 @@ fn net_connect() {
 	let mut config1 = NetworkConfiguration::new_local();
 	config1.use_secret = Some(key1.secret().clone());
 	config1.boot_nodes = vec![ ];
-	let mut service1 = NetworkService::new(config1).unwrap();
+	let mut service1 = NetworkService::new(config1, None).unwrap();
 	service1.start().unwrap();
 	let handler1 = TestProtocol::register(&mut service1, false);
 	let mut config2 = NetworkConfiguration::new_local();
 	info!("net_connect: local URL: {}", service1.local_url().unwrap());
 	config2.boot_nodes = vec![ service1.local_url().unwrap() ];
-	let mut service2 = NetworkService::new(config2).unwrap();
+	let mut service2 = NetworkService::new(config2, None).unwrap();
 	service2.start().unwrap();
 	let handler2 = TestProtocol::register(&mut service2, false);
 	while !handler1.got_packet() && !handler2.got_packet() && (service1.stats().sessions() == 0 || service2.stats().sessions() == 0) {
@@ -123,7 +123,7 @@ fn net_connect() {
 #[test]
 fn net_start_stop() {
 	let config = NetworkConfiguration::new_local();
-	let service = NetworkService::new(config).unwrap();
+	let service = NetworkService::new(config, None).unwrap();
 	service.start().unwrap();
 	service.stop().unwrap();
 	service.start().unwrap();
@@ -135,12 +135,12 @@ fn net_disconnect() {
 	let mut config1 = NetworkConfiguration::new_local();
 	config1.use_secret = Some(key1.secret().clone());
 	config1.boot_nodes = vec![ ];
-	let mut service1 = NetworkService::new(config1).unwrap();
+	let mut service1 = NetworkService::new(config1, None).unwrap();
 	service1.start().unwrap();
 	let handler1 = TestProtocol::register(&mut service1, false);
 	let mut config2 = NetworkConfiguration::new_local();
 	config2.boot_nodes = vec![ service1.local_url().unwrap() ];
-	let mut service2 = NetworkService::new(config2).unwrap();
+	let mut service2 = NetworkService::new(config2, None).unwrap();
 	service2.start().unwrap();
 	let handler2 = TestProtocol::register(&mut service2, true);
 	while !(handler1.got_disconnect() && handler2.got_disconnect()) {
@@ -153,7 +153,7 @@ fn net_disconnect() {
 #[test]
 fn net_timeout() {
 	let config = NetworkConfiguration::new_local();
-	let mut service = NetworkService::new(config).unwrap();
+	let mut service = NetworkService::new(config, None).unwrap();
 	service.start().unwrap();
 	let handler = TestProtocol::register(&mut service, false);
 	while !handler.got_timeout() {