Add chain reader arg flags to trackerd

Bump version for cic-cache python package build
Merge remote-tracking branch 'origin/master' into lash/bloxberg-seeding
2021-11-03 13:03:23 +01:00 · 2021-11-03 11:19:44 +01:00 · 2021-11-02 18:49:49 +01:00 · 2021-11-02 17:45:09 +00:00 · 2021-11-02 17:45:09 +00:00 · 2021-11-02 16:35:44 +01:00
297 changed files with 13572 additions and 3560 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@ build/
 **/.venv
 .idea
 **/.vim
+**/*secret.yaml
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,14 +1,79 @@
 include:
-  - local: 'ci_templates/.cic-template.yml'
-  - local: 'apps/contract-migration/.gitlab-ci.yml'
+  #- local: 'ci_templates/.cic-template.yml' #kaniko build templates
+  # these includes are app specific unit tests
  - local: 'apps/cic-eth/.gitlab-ci.yml'
  - local: 'apps/cic-ussd/.gitlab-ci.yml'
  - local: 'apps/cic-notify/.gitlab-ci.yml'
  - local: 'apps/cic-meta/.gitlab-ci.yml'
  - local: 'apps/cic-cache/.gitlab-ci.yml'
-  - local: 'apps/data-seeding/.gitlab-ci.yml'
+    #- local: 'apps/contract-migration/.gitlab-ci.yml'
+    #- local: 'apps/data-seeding/.gitlab-ci.yml'

 stages:
+  - version
  - build
  - test
-  - release
+  - deploy
+
+image: registry.gitlab.com/grassrootseconomics/cic-internal-integration/docker-with-compose:latest
+
+variables:
+  DOCKER_BUILDKIT: "1"
+  COMPOSE_DOCKER_CLI_BUILD: "1"
+  CI_DEBUG_TRACE: "true"
+  SEMVERBOT_VERSION: "0.2.0"
+
+  #before_script:
+  #  - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+
+version:
+  #image: python:3.7-stretch
+  image: registry.gitlab.com/grassrootseconomics/cic-base-images/ci-version:b01318ae 
+  stage: version
+  script:
+    - mkdir -p ~/.ssh && chmod 700 ~/.ssh
+    - ssh-keyscan gitlab.com >> ~/.ssh/known_hosts && chmod 644 ~/.ssh/known_hosts
+    - eval $(ssh-agent -s)
+    - ssh-add <(echo "$SSH_PRIVATE_KEY")
+    - git remote set-url origin git@gitlab.com:grassrootseconomics/cic-internal-integration.git
+    - export TAG=$(sbot predict version -m auto)
+    - |
+      if [[ -z $TAG ]]
+      then
+        echo "tag could not be set $@"
+        exit 1
+      fi
+    - echo $TAG > version
+    - git tag -a v$TAG -m "ci tagged"
+    - git push origin v$TAG
+  artifacts:
+    paths:
+      - version
+  rules:
+  - if: $CI_COMMIT_REF_PROTECTED == "true"
+    when: always
+  - if: $CI_COMMIT_REF_NAME == "master"
+    when: always
+
+# runs on protected branches and pushes to repo
+build-push:
+  stage: build
+  tags:
+    - integration
+  #script:
+  #  - TAG=$CI_Cbefore_script:
+  before_script:
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+  script:
+    - TAG=latest ./scripts/build-push.sh
+    - TAG=$(cat ./version) ./scripts/build-push.sh
+  rules:
+  - if: $CI_COMMIT_REF_PROTECTED == "true"
+    when: always
+  - if: $CI_COMMIT_REF_NAME == "master"
+    when: always
+
+deploy-dev:
+  stage: deploy
+  trigger: grassrootseconomics/devops
+  when: manual
--- a/.semverbot.toml
+++ b/.semverbot.toml
@@ -0,0 +1,16 @@
+[git]
+
+[git.config]
+email = "semverbot@grassroots.org"
+name = "semvervot"
+
+[git.tags]
+prefix = "v"
+
+[semver]
+mode = "git-commit"
+
+[semver.detection]
+patch = ["fix", "[fix]", "patch", "[patch]"]
+minor = ["minor", "[minor]", "feat", "[feat]", "release", "[release]", "bump", "[bump]"]
+major = ["BREAKING CHANGE"]
--- a/README.md
+++ b/README.md
@@ -2,25 +2,22 @@

 ## Getting started 

-## Make some keys
+This repo uses docker-compose and docker buildkit. Set the following environment variables to get started:
+

 ```
-docker build -t bloxie . && docker run -v "$(pwd)/keys:/root/keys" --rm -it -t bloxie account new --chain /root/bloxberg.json --keys-path /root/keys
+export COMPOSE_DOCKER_CLI_BUILD=1
+export DOCKER_BUILDKIT=1
 ```

-
-### Prepare the repo
-
-This is stuff we need to put in  makefile but for now...
-
-File mounts and permisssions need to be set
+start services, database, redis and local ethereum node
 ```
-chmod -R 755 scripts/initdb apps/cic-meta/scripts/initdb
-````
-
-start cluster
+docker-compose up -d
 ```
-docker-compose up
+
+Run app/contract-migration to deploy contracts
+```
+RUN_MASK=3 docker-compose up contract-migration
 ```

 stop cluster
@@ -28,9 +25,9 @@ stop cluster
 docker-compose down
 ```

-delete data
+stop cluster and delete data
 ```
-docker-compose down -v
+docker-compose down -v --remove-orphans
 ```

 rebuild an images
@@ -38,5 +35,7 @@ rebuild an images
 docker-compose up --build <service_name>
 ```

-Deployment variables are writtend to service-configs/.env after everthing is up.
-
+to delete the buildkit cache
+```
+docker builder prune --filter type=exec.cachemount
+```
--- a/apps/cic-base-os/Dockerfile
+++ b/apps/cic-base-os/Dockerfile
@@ -1,34 +0,0 @@
-# The solc image messes up the alpine environment, so we have to go all over again
-FROM python:3.8.6-slim-buster
-
-LABEL authors="Louis Holbrook <dev@holbrook.no> 0826EDA1702D1E87C6E2875121D2E7BB88C2A746"
-LABEL spdx-license-identifier="GPL-3.0-or-later"
-LABEL description="Base layer for buiding development images for the cic component suite"
-
-RUN apt-get update && \
-	apt-get install -y git gcc g++ libpq-dev && \
-	apt-get install -y vim gawk jq telnet openssl iputils-ping curl wget gnupg socat bash procps make python2 postgresql-client
-
-
-RUN echo installing nodejs tooling
-
-COPY ./dev/nvm.sh /root/
-
-# Install nvm with node and npm
-# https://stackoverflow.com/questions/25899912/how-to-install-nvm-in-docker
-ENV NVM_DIR /root/.nvm
-ENV NODE_VERSION 15.3.0
-ENV BANCOR_NODE_VERSION 10.16.0
-
-RUN wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.37.2/install.sh | bash \
-	&& . $NVM_DIR/nvm.sh \
-	&& nvm install $NODE_VERSION \
-	&& nvm alias default $NODE_VERSION \
-	&& nvm use $NODE_VERSION \
-# So many ridiculously stupid issues with node in docker that take oceans of absolutely wasted time to resolve
-# owner of these files is "1001" by default - wtf
-	&& chown -R root:root "$NVM_DIR/versions/node/v$NODE_VERSION"
-
-ENV NODE_PATH $NVM_DIR/versions/node//v$NODE_VERSION/lib/node_modules
-ENV PATH      $NVM_DIR/versions/node//v$NODE_VERSION/bin:$PATH
-
--- a/apps/cic-base-os/README.md
+++ b/apps/cic-base-os/README.md
@@ -1 +0,0 @@
-## this is an example base image if we wanted one for all the other apps. Its just OS level things
--- a/apps/cic-base-os/aux/wait-for-it/.gitignore
+++ b/apps/cic-base-os/aux/wait-for-it/.gitignore
@@ -0,0 +1,3 @@
+**/*.pyc
+.pydevproject
+/vendor/
--- a/apps/cic-base-os/aux/wait-for-it/.travis.yml
+++ b/apps/cic-base-os/aux/wait-for-it/.travis.yml
@@ -0,0 +1,7 @@
+language: python
+python:
+  - "2.7"
+
+script:
+  - python test/wait-for-it.py
+
--- a/apps/cic-base-os/aux/wait-for-it/LICENSE
+++ b/apps/cic-base-os/aux/wait-for-it/LICENSE
@@ -0,0 +1,20 @@
+The MIT License (MIT)
+Copyright (c) 2016 Giles Hall
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/apps/cic-base-os/aux/wait-for-it/README.md
+++ b/apps/cic-base-os/aux/wait-for-it/README.md
@@ -0,0 +1,75 @@
+# wait-for-it
+
+`wait-for-it.sh` is a pure bash script that will wait on the availability of a
+host and TCP port.  It is useful for synchronizing the spin-up of
+interdependent services, such as linked docker containers.  Since it is a pure
+bash script, it does not have any external dependencies.
+
+## Usage
+
+```text
+wait-for-it.sh host:port [-s] [-t timeout] [-- command args]
+-h HOST | --host=HOST       Host or IP under test
+-p PORT | --port=PORT       TCP port under test
+                            Alternatively, you specify the host and port as host:port
+-s | --strict               Only execute subcommand if the test succeeds
+-q | --quiet                Don't output any status messages
+-t TIMEOUT | --timeout=TIMEOUT
+                            Timeout in seconds, zero for no timeout
+-- COMMAND ARGS             Execute command with args after the test finishes
+```
+
+## Examples
+
+For example, let's test to see if we can access port 80 on `www.google.com`,
+and if it is available, echo the message `google is up`.
+
+```text
+$ ./wait-for-it.sh www.google.com:80 -- echo "google is up"
+wait-for-it.sh: waiting 15 seconds for www.google.com:80
+wait-for-it.sh: www.google.com:80 is available after 0 seconds
+google is up
+```
+
+You can set your own timeout with the `-t` or `--timeout=` option.  Setting
+the timeout value to 0 will disable the timeout:
+
+```text
+$ ./wait-for-it.sh -t 0 www.google.com:80 -- echo "google is up"
+wait-for-it.sh: waiting for www.google.com:80 without a timeout
+wait-for-it.sh: www.google.com:80 is available after 0 seconds
+google is up
+```
+
+The subcommand will be executed regardless if the service is up or not.  If you
+wish to execute the subcommand only if the service is up, add the `--strict`
+argument. In this example, we will test port 81 on `www.google.com` which will
+fail:
+
+```text
+$ ./wait-for-it.sh www.google.com:81 --timeout=1 --strict -- echo "google is up"
+wait-for-it.sh: waiting 1 seconds for www.google.com:81
+wait-for-it.sh: timeout occurred after waiting 1 seconds for www.google.com:81
+wait-for-it.sh: strict mode, refusing to execute subprocess
+```
+
+If you don't want to execute a subcommand, leave off the `--` argument.  This
+way, you can test the exit condition of `wait-for-it.sh` in your own scripts,
+and determine how to proceed:
+
+```text
+$ ./wait-for-it.sh www.google.com:80
+wait-for-it.sh: waiting 15 seconds for www.google.com:80
+wait-for-it.sh: www.google.com:80 is available after 0 seconds
+$ echo $?
+0
+$ ./wait-for-it.sh www.google.com:81
+wait-for-it.sh: waiting 15 seconds for www.google.com:81
+wait-for-it.sh: timeout occurred after waiting 15 seconds for www.google.com:81
+$ echo $?
+124
+```
+
+## Community
+
+*Debian*: There is a [Debian package](https://tracker.debian.org/pkg/wait-for-it).
--- a/apps/cic-base-os/aux/wait-for-it/wait-for-it.sh
+++ b/apps/cic-base-os/aux/wait-for-it/wait-for-it.sh
@@ -0,0 +1,182 @@
+#!/usr/bin/env bash
+# Use this script to test if a given TCP host/port are available
+
+WAITFORIT_cmdname=${0##*/}
+
+echoerr() { if [[ $WAITFORIT_QUIET -ne 1 ]]; then echo "$@" 1>&2; fi }
+
+usage()
+{
+    cat << USAGE >&2
+Usage:
+    $WAITFORIT_cmdname host:port [-s] [-t timeout] [-- command args]
+    -h HOST | --host=HOST       Host or IP under test
+    -p PORT | --port=PORT       TCP port under test
+                                Alternatively, you specify the host and port as host:port
+    -s | --strict               Only execute subcommand if the test succeeds
+    -q | --quiet                Don't output any status messages
+    -t TIMEOUT | --timeout=TIMEOUT
+                                Timeout in seconds, zero for no timeout
+    -- COMMAND ARGS             Execute command with args after the test finishes
+USAGE
+    exit 1
+}
+
+wait_for()
+{
+    if [[ $WAITFORIT_TIMEOUT -gt 0 ]]; then
+        echoerr "$WAITFORIT_cmdname: waiting $WAITFORIT_TIMEOUT seconds for $WAITFORIT_HOST:$WAITFORIT_PORT"
+    else
+        echoerr "$WAITFORIT_cmdname: waiting for $WAITFORIT_HOST:$WAITFORIT_PORT without a timeout"
+    fi
+    WAITFORIT_start_ts=$(date +%s)
+    while :
+    do
+        if [[ $WAITFORIT_ISBUSY -eq 1 ]]; then
+            nc -z $WAITFORIT_HOST $WAITFORIT_PORT
+            WAITFORIT_result=$?
+        else
+            (echo -n > /dev/tcp/$WAITFORIT_HOST/$WAITFORIT_PORT) >/dev/null 2>&1
+            WAITFORIT_result=$?
+        fi
+        if [[ $WAITFORIT_result -eq 0 ]]; then
+            WAITFORIT_end_ts=$(date +%s)
+            echoerr "$WAITFORIT_cmdname: $WAITFORIT_HOST:$WAITFORIT_PORT is available after $((WAITFORIT_end_ts - WAITFORIT_start_ts)) seconds"
+            break
+        fi
+        sleep 1
+    done
+    return $WAITFORIT_result
+}
+
+wait_for_wrapper()
+{
+    # In order to support SIGINT during timeout: http://unix.stackexchange.com/a/57692
+    if [[ $WAITFORIT_QUIET -eq 1 ]]; then
+        timeout $WAITFORIT_BUSYTIMEFLAG $WAITFORIT_TIMEOUT $0 --quiet --child --host=$WAITFORIT_HOST --port=$WAITFORIT_PORT --timeout=$WAITFORIT_TIMEOUT &
+    else
+        timeout $WAITFORIT_BUSYTIMEFLAG $WAITFORIT_TIMEOUT $0 --child --host=$WAITFORIT_HOST --port=$WAITFORIT_PORT --timeout=$WAITFORIT_TIMEOUT &
+    fi
+    WAITFORIT_PID=$!
+    trap "kill -INT -$WAITFORIT_PID" INT
+    wait $WAITFORIT_PID
+    WAITFORIT_RESULT=$?
+    if [[ $WAITFORIT_RESULT -ne 0 ]]; then
+        echoerr "$WAITFORIT_cmdname: timeout occurred after waiting $WAITFORIT_TIMEOUT seconds for $WAITFORIT_HOST:$WAITFORIT_PORT"
+    fi
+    return $WAITFORIT_RESULT
+}
+
+# process arguments
+while [[ $# -gt 0 ]]
+do
+    case "$1" in
+        *:* )
+        WAITFORIT_hostport=(${1//:/ })
+        WAITFORIT_HOST=${WAITFORIT_hostport[0]}
+        WAITFORIT_PORT=${WAITFORIT_hostport[1]}
+        shift 1
+        ;;
+        --child)
+        WAITFORIT_CHILD=1
+        shift 1
+        ;;
+        -q | --quiet)
+        WAITFORIT_QUIET=1
+        shift 1
+        ;;
+        -s | --strict)
+        WAITFORIT_STRICT=1
+        shift 1
+        ;;
+        -h)
+        WAITFORIT_HOST="$2"
+        if [[ $WAITFORIT_HOST == "" ]]; then break; fi
+        shift 2
+        ;;
+        --host=*)
+        WAITFORIT_HOST="${1#*=}"
+        shift 1
+        ;;
+        -p)
+        WAITFORIT_PORT="$2"
+        if [[ $WAITFORIT_PORT == "" ]]; then break; fi
+        shift 2
+        ;;
+        --port=*)
+        WAITFORIT_PORT="${1#*=}"
+        shift 1
+        ;;
+        -t)
+        WAITFORIT_TIMEOUT="$2"
+        if [[ $WAITFORIT_TIMEOUT == "" ]]; then break; fi
+        shift 2
+        ;;
+        --timeout=*)
+        WAITFORIT_TIMEOUT="${1#*=}"
+        shift 1
+        ;;
+        --)
+        shift
+        WAITFORIT_CLI=("$@")
+        break
+        ;;
+        --help)
+        usage
+        ;;
+        *)
+        echoerr "Unknown argument: $1"
+        usage
+        ;;
+    esac
+done
+
+if [[ "$WAITFORIT_HOST" == "" || "$WAITFORIT_PORT" == "" ]]; then
+    echoerr "Error: you need to provide a host and port to test."
+    usage
+fi
+
+WAITFORIT_TIMEOUT=${WAITFORIT_TIMEOUT:-15}
+WAITFORIT_STRICT=${WAITFORIT_STRICT:-0}
+WAITFORIT_CHILD=${WAITFORIT_CHILD:-0}
+WAITFORIT_QUIET=${WAITFORIT_QUIET:-0}
+
+# Check to see if timeout is from busybox?
+WAITFORIT_TIMEOUT_PATH=$(type -p timeout)
+WAITFORIT_TIMEOUT_PATH=$(realpath $WAITFORIT_TIMEOUT_PATH 2>/dev/null || readlink -f $WAITFORIT_TIMEOUT_PATH)
+
+WAITFORIT_BUSYTIMEFLAG=""
+if [[ $WAITFORIT_TIMEOUT_PATH =~ "busybox" ]]; then
+    WAITFORIT_ISBUSY=1
+    # Check if busybox timeout uses -t flag
+    # (recent Alpine versions don't support -t anymore)
+    if timeout &>/dev/stdout | grep -q -e '-t '; then
+        WAITFORIT_BUSYTIMEFLAG="-t"
+    fi
+else
+    WAITFORIT_ISBUSY=0
+fi
+
+if [[ $WAITFORIT_CHILD -gt 0 ]]; then
+    wait_for
+    WAITFORIT_RESULT=$?
+    exit $WAITFORIT_RESULT
+else
+    if [[ $WAITFORIT_TIMEOUT -gt 0 ]]; then
+        wait_for_wrapper
+        WAITFORIT_RESULT=$?
+    else
+        wait_for
+        WAITFORIT_RESULT=$?
+    fi
+fi
+
+if [[ $WAITFORIT_CLI != "" ]]; then
+    if [[ $WAITFORIT_RESULT -ne 0 && $WAITFORIT_STRICT -eq 1 ]]; then
+        echoerr "$WAITFORIT_cmdname: strict mode, refusing to execute subprocess"
+        exit $WAITFORIT_RESULT
+    fi
+    exec "${WAITFORIT_CLI[@]}"
+else
+    exit $WAITFORIT_RESULT
+fi
--- a/apps/cic-cache/.gitlab-ci.yml
+++ b/apps/cic-cache/.gitlab-ci.yml
@@ -1,52 +1,17 @@
-.cic_cache_variables:
-    variables:
-        APP_NAME: cic-cache
-        DOCKERFILE_PATH: docker/Dockerfile_ci
-        CONTEXT: apps/$APP_NAME
-
-build-mr-cic-cache:
-    extends:
-        - .py_build_merge_request
-        - .cic_cache_variables
-    rules:
-    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-      changes:
-          - apps/cic-cache/**/*
-      when: always
-
-test-mr-cic-cache:
-    stage: test
-    extends:
-        - .cic_cache_variables
-    cache:
-        key:
-            files:
-                - test_requirements.txt
-        paths:
-        - /root/.cache/pip
-    image: $MR_IMAGE_TAG
-    script:
-        - cd apps/$APP_NAME/
-        - >
-          pip install --extra-index-url https://pip.grassrootseconomics.net:8433
-          --extra-index-url https://gitlab.com/api/v4/projects/27624814/packages/pypi/simple
-          -r test_requirements.txt 
-        - export PYTHONPATH=. && pytest -x --cov=cic_cache --cov-fail-under=90 --cov-report term-missing tests
-    needs: ["build-mr-cic-cache"]
-    rules:
-    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-      changes:
-          - apps/$APP_NAME/**/*
-      when: always
-
-build-push-cic-cache:
-    extends:
-        - .py_build_push
-        - .cic_cache_variables
-    rules:
-    - if:  $CI_COMMIT_BRANCH == "master"
-      changes:
-          - apps/cic-cache/**/*
-      when: always
-        
-
+build-test-cic-cache:
+  stage: test 
+  tags:
+    - integration
+  variables:
+    APP_NAME: cic-cache
+    MR_IMAGE_TAG: mr-$APP_NAME-$CI_COMMIT_REF_SLUG-$CI_COMMIT_SHORT_SHA
+  script:
+    - cd apps/cic-cache
+    - docker build -t $MR_IMAGE_TAG -f docker/Dockerfile . 
+    - docker run $MR_IMAGE_TAG sh docker/run_tests.sh
+  allow_failure: true
+  rules:
+  - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    changes:
+        - apps/$APP_NAME/**/*
+    when: always
--- a/apps/cic-cache/README.md
+++ b/apps/cic-cache/README.md
@@ -0,0 +1 @@
+# CIC-CACHE
--- a/apps/cic-cache/aux/wait-for-it/.gitignore
+++ b/apps/cic-cache/aux/wait-for-it/.gitignore
@@ -0,0 +1,3 @@
+**/*.pyc
+.pydevproject
+/vendor/
--- a/apps/cic-cache/aux/wait-for-it/.travis.yml
+++ b/apps/cic-cache/aux/wait-for-it/.travis.yml
@@ -0,0 +1,7 @@
+language: python
+python:
+  - "2.7"
+
+script:
+  - python test/wait-for-it.py
+
--- a/apps/cic-cache/aux/wait-for-it/LICENSE
+++ b/apps/cic-cache/aux/wait-for-it/LICENSE
@@ -0,0 +1,20 @@
+The MIT License (MIT)
+Copyright (c) 2016 Giles Hall
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/apps/cic-cache/aux/wait-for-it/README.md
+++ b/apps/cic-cache/aux/wait-for-it/README.md
@@ -0,0 +1,75 @@
+# wait-for-it
+
+`wait-for-it.sh` is a pure bash script that will wait on the availability of a
+host and TCP port.  It is useful for synchronizing the spin-up of
+interdependent services, such as linked docker containers.  Since it is a pure
+bash script, it does not have any external dependencies.
+
+## Usage
+
+```text
+wait-for-it.sh host:port [-s] [-t timeout] [-- command args]
+-h HOST | --host=HOST       Host or IP under test
+-p PORT | --port=PORT       TCP port under test
+                            Alternatively, you specify the host and port as host:port
+-s | --strict               Only execute subcommand if the test succeeds
+-q | --quiet                Don't output any status messages
+-t TIMEOUT | --timeout=TIMEOUT
+                            Timeout in seconds, zero for no timeout
+-- COMMAND ARGS             Execute command with args after the test finishes
+```
+
+## Examples
+
+For example, let's test to see if we can access port 80 on `www.google.com`,
+and if it is available, echo the message `google is up`.
+
+```text
+$ ./wait-for-it.sh www.google.com:80 -- echo "google is up"
+wait-for-it.sh: waiting 15 seconds for www.google.com:80
+wait-for-it.sh: www.google.com:80 is available after 0 seconds
+google is up
+```
+
+You can set your own timeout with the `-t` or `--timeout=` option.  Setting
+the timeout value to 0 will disable the timeout:
+
+```text
+$ ./wait-for-it.sh -t 0 www.google.com:80 -- echo "google is up"
+wait-for-it.sh: waiting for www.google.com:80 without a timeout
+wait-for-it.sh: www.google.com:80 is available after 0 seconds
+google is up
+```
+
+The subcommand will be executed regardless if the service is up or not.  If you
+wish to execute the subcommand only if the service is up, add the `--strict`
+argument. In this example, we will test port 81 on `www.google.com` which will
+fail:
+
+```text
+$ ./wait-for-it.sh www.google.com:81 --timeout=1 --strict -- echo "google is up"
+wait-for-it.sh: waiting 1 seconds for www.google.com:81
+wait-for-it.sh: timeout occurred after waiting 1 seconds for www.google.com:81
+wait-for-it.sh: strict mode, refusing to execute subprocess
+```
+
+If you don't want to execute a subcommand, leave off the `--` argument.  This
+way, you can test the exit condition of `wait-for-it.sh` in your own scripts,
+and determine how to proceed:
+
+```text
+$ ./wait-for-it.sh www.google.com:80
+wait-for-it.sh: waiting 15 seconds for www.google.com:80
+wait-for-it.sh: www.google.com:80 is available after 0 seconds
+$ echo $?
+0
+$ ./wait-for-it.sh www.google.com:81
+wait-for-it.sh: waiting 15 seconds for www.google.com:81
+wait-for-it.sh: timeout occurred after waiting 15 seconds for www.google.com:81
+$ echo $?
+124
+```
+
+## Community
+
+*Debian*: There is a [Debian package](https://tracker.debian.org/pkg/wait-for-it).
--- a/apps/cic-cache/aux/wait-for-it/wait-for-it.sh
+++ b/apps/cic-cache/aux/wait-for-it/wait-for-it.sh
@@ -0,0 +1,182 @@
+#!/usr/bin/env bash
+# Use this script to test if a given TCP host/port are available
+
+WAITFORIT_cmdname=${0##*/}
+
+echoerr() { if [[ $WAITFORIT_QUIET -ne 1 ]]; then echo "$@" 1>&2; fi }
+
+usage()
+{
+    cat << USAGE >&2
+Usage:
+    $WAITFORIT_cmdname host:port [-s] [-t timeout] [-- command args]
+    -h HOST | --host=HOST       Host or IP under test
+    -p PORT | --port=PORT       TCP port under test
+                                Alternatively, you specify the host and port as host:port
+    -s | --strict               Only execute subcommand if the test succeeds
+    -q | --quiet                Don't output any status messages
+    -t TIMEOUT | --timeout=TIMEOUT
+                                Timeout in seconds, zero for no timeout
+    -- COMMAND ARGS             Execute command with args after the test finishes
+USAGE
+    exit 1
+}
+
+wait_for()
+{
+    if [[ $WAITFORIT_TIMEOUT -gt 0 ]]; then
+        echoerr "$WAITFORIT_cmdname: waiting $WAITFORIT_TIMEOUT seconds for $WAITFORIT_HOST:$WAITFORIT_PORT"
+    else
+        echoerr "$WAITFORIT_cmdname: waiting for $WAITFORIT_HOST:$WAITFORIT_PORT without a timeout"
+    fi
+    WAITFORIT_start_ts=$(date +%s)
+    while :
+    do
+        if [[ $WAITFORIT_ISBUSY -eq 1 ]]; then
+            nc -z $WAITFORIT_HOST $WAITFORIT_PORT
+            WAITFORIT_result=$?
+        else
+            (echo -n > /dev/tcp/$WAITFORIT_HOST/$WAITFORIT_PORT) >/dev/null 2>&1
+            WAITFORIT_result=$?
+        fi
+        if [[ $WAITFORIT_result -eq 0 ]]; then
+            WAITFORIT_end_ts=$(date +%s)
+            echoerr "$WAITFORIT_cmdname: $WAITFORIT_HOST:$WAITFORIT_PORT is available after $((WAITFORIT_end_ts - WAITFORIT_start_ts)) seconds"
+            break
+        fi
+        sleep 1
+    done
+    return $WAITFORIT_result
+}
+
+wait_for_wrapper()
+{
+    # In order to support SIGINT during timeout: http://unix.stackexchange.com/a/57692
+    if [[ $WAITFORIT_QUIET -eq 1 ]]; then
+        timeout $WAITFORIT_BUSYTIMEFLAG $WAITFORIT_TIMEOUT $0 --quiet --child --host=$WAITFORIT_HOST --port=$WAITFORIT_PORT --timeout=$WAITFORIT_TIMEOUT &
+    else
+        timeout $WAITFORIT_BUSYTIMEFLAG $WAITFORIT_TIMEOUT $0 --child --host=$WAITFORIT_HOST --port=$WAITFORIT_PORT --timeout=$WAITFORIT_TIMEOUT &
+    fi
+    WAITFORIT_PID=$!
+    trap "kill -INT -$WAITFORIT_PID" INT
+    wait $WAITFORIT_PID
+    WAITFORIT_RESULT=$?
+    if [[ $WAITFORIT_RESULT -ne 0 ]]; then
+        echoerr "$WAITFORIT_cmdname: timeout occurred after waiting $WAITFORIT_TIMEOUT seconds for $WAITFORIT_HOST:$WAITFORIT_PORT"
+    fi
+    return $WAITFORIT_RESULT
+}
+
+# process arguments
+while [[ $# -gt 0 ]]
+do
+    case "$1" in
+        *:* )
+        WAITFORIT_hostport=(${1//:/ })
+        WAITFORIT_HOST=${WAITFORIT_hostport[0]}
+        WAITFORIT_PORT=${WAITFORIT_hostport[1]}
+        shift 1
+        ;;
+        --child)
+        WAITFORIT_CHILD=1
+        shift 1
+        ;;
+        -q | --quiet)
+        WAITFORIT_QUIET=1
+        shift 1
+        ;;
+        -s | --strict)
+        WAITFORIT_STRICT=1
+        shift 1
+        ;;
+        -h)
+        WAITFORIT_HOST="$2"
+        if [[ $WAITFORIT_HOST == "" ]]; then break; fi
+        shift 2
+        ;;
+        --host=*)
+        WAITFORIT_HOST="${1#*=}"
+        shift 1
+        ;;
+        -p)
+        WAITFORIT_PORT="$2"
+        if [[ $WAITFORIT_PORT == "" ]]; then break; fi
+        shift 2
+        ;;
+        --port=*)
+        WAITFORIT_PORT="${1#*=}"
+        shift 1
+        ;;
+        -t)
+        WAITFORIT_TIMEOUT="$2"
+        if [[ $WAITFORIT_TIMEOUT == "" ]]; then break; fi
+        shift 2
+        ;;
+        --timeout=*)
+        WAITFORIT_TIMEOUT="${1#*=}"
+        shift 1
+        ;;
+        --)
+        shift
+        WAITFORIT_CLI=("$@")
+        break
+        ;;
+        --help)
+        usage
+        ;;
+        *)
+        echoerr "Unknown argument: $1"
+        usage
+        ;;
+    esac
+done
+
+if [[ "$WAITFORIT_HOST" == "" || "$WAITFORIT_PORT" == "" ]]; then
+    echoerr "Error: you need to provide a host and port to test."
+    usage
+fi
+
+WAITFORIT_TIMEOUT=${WAITFORIT_TIMEOUT:-15}
+WAITFORIT_STRICT=${WAITFORIT_STRICT:-0}
+WAITFORIT_CHILD=${WAITFORIT_CHILD:-0}
+WAITFORIT_QUIET=${WAITFORIT_QUIET:-0}
+
+# Check to see if timeout is from busybox?
+WAITFORIT_TIMEOUT_PATH=$(type -p timeout)
+WAITFORIT_TIMEOUT_PATH=$(realpath $WAITFORIT_TIMEOUT_PATH 2>/dev/null || readlink -f $WAITFORIT_TIMEOUT_PATH)
+
+WAITFORIT_BUSYTIMEFLAG=""
+if [[ $WAITFORIT_TIMEOUT_PATH =~ "busybox" ]]; then
+    WAITFORIT_ISBUSY=1
+    # Check if busybox timeout uses -t flag
+    # (recent Alpine versions don't support -t anymore)
+    if timeout &>/dev/stdout | grep -q -e '-t '; then
+        WAITFORIT_BUSYTIMEFLAG="-t"
+    fi
+else
+    WAITFORIT_ISBUSY=0
+fi
+
+if [[ $WAITFORIT_CHILD -gt 0 ]]; then
+    wait_for
+    WAITFORIT_RESULT=$?
+    exit $WAITFORIT_RESULT
+else
+    if [[ $WAITFORIT_TIMEOUT -gt 0 ]]; then
+        wait_for_wrapper
+        WAITFORIT_RESULT=$?
+    else
+        wait_for
+        WAITFORIT_RESULT=$?
+    fi
+fi
+
+if [[ $WAITFORIT_CLI != "" ]]; then
+    if [[ $WAITFORIT_RESULT -ne 0 && $WAITFORIT_STRICT -eq 1 ]]; then
+        echoerr "$WAITFORIT_cmdname: strict mode, refusing to execute subprocess"
+        exit $WAITFORIT_RESULT
+    fi
+    exec "${WAITFORIT_CLI[@]}"
+else
+    exit $WAITFORIT_RESULT
+fi
--- a/apps/cic-cache/cic_cache/init.py
+++ b/apps/cic-cache/cic_cache/init.py
@@ -1 +0,0 @@
-from .cache import BloomCache
--- a/apps/cic-cache/cic_cache/cli/arg.py
+++ b/apps/cic-cache/cic_cache/cli/arg.py
@@ -14,7 +14,8 @@ class ArgumentParser(BaseArgumentParser):
        if local_arg_flags & CICFlag.CELERY:
            self.add_argument('-q', '--celery-queue', dest='celery_queue', type=str, default='cic-cache', help='Task queue')
        if local_arg_flags & CICFlag.SYNCER:
-            self.add_argument('--offset', type=int, default=0, help='Start block height for initial history sync')
+            self.add_argument('--offset', type=int, help='Start block height for initial history sync')
            self.add_argument('--no-history', action='store_true', dest='no_history', help='Skip initial history sync')
        if local_arg_flags & CICFlag.CHAIN:
-            self.add_argument('-r', '--registry-address', type=str, dest='registry_address', help='CIC registry contract address')
+            self.add_argument('--registry-address', type=str, dest='registry_address', help='CIC registry contract address')
+            self.add_argument('--trust-address', type=str, dest='trust_address', action='append', help='Add trust address')
--- a/apps/cic-cache/cic_cache/cli/config.py
+++ b/apps/cic-cache/cic_cache/cli/config.py
@@ -39,6 +39,9 @@ class Config(BaseConfig):

        if local_arg_flags & CICFlag.CHAIN:
            local_args_override['CIC_REGISTRY_ADDRESS'] = getattr(args, 'registry_address')
+            trust_addresses = getattr(args, 'trust_address', None)
+            if trust_addresses != None:
+                local_args_override['CIC_TRUST_ADDRESS'] = ','.join(trust_addresses)

        if local_arg_flags & CICFlag.CELERY:
            local_args_override['CELERY_QUEUE'] = getattr(args, 'celery_queue')
--- a/apps/cic-cache/cic_cache/cli/rpc.py
+++ b/apps/cic-cache/cic_cache/cli/rpc.py
@@ -27,11 +27,11 @@ class RPC:
    @staticmethod
    def from_config(config):
        chain_spec = ChainSpec.from_chain_str(config.get('CHAIN_SPEC'))
-        RPCConnection.register_location(config.get('RPC_HTTP_PROVIDER'), chain_spec, 'default')
+        RPCConnection.register_location(config.get('RPC_PROVIDER'), chain_spec, 'default')
        if config.get('SIGNER_PROVIDER'):
            RPCConnection.register_constructor(ConnType.UNIX, EthUnixSignerConnection, tag='signer')
            RPCConnection.register_location(config.get('SIGNER_PROVIDER'), chain_spec, 'signer')
-        rpc = RPC(chain_spec, config.get('RPC_HTTP_PROVIDER'), signer_provider=config.get('SIGNER_PROVIDER'))
+        rpc = RPC(chain_spec, config.get('RPC_PROVIDER'), signer_provider=config.get('SIGNER_PROVIDER'))
        logg.info('set up rpc: {}'.format(rpc))
        return rpc

--- a/apps/cic-cache/cic_cache/runnable/daemons/server.py
+++ b/apps/cic-cache/cic_cache/runnable/daemons/server.py
@@ -8,6 +8,7 @@ import base64
 import confini

 # local imports
+import cic_cache.cli
 from cic_cache.db import dsn_from_config
 from cic_cache.db.models.base import SessionBase
 from cic_cache.runnable.daemons.query import (
@@ -23,26 +24,17 @@ rootdir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
 dbdir = os.path.join(rootdir, 'cic_cache', 'db')
 migrationsdir = os.path.join(dbdir, 'migrations')

-config_dir = os.path.join('/usr/local/etc/cic-cache')
-
-argparser = argparse.ArgumentParser()
-argparser.add_argument('-c', type=str, default=config_dir, help='config file')
-argparser.add_argument('--env-prefix', default=os.environ.get('CONFINI_ENV_PREFIX'), dest='env_prefix', type=str, help='environment prefix for variables to overwrite configuration')
-argparser.add_argument('-v', action='store_true', help='be verbose')
-argparser.add_argument('-vv', action='store_true', help='be more verbose')
+# process args
+arg_flags = cic_cache.cli.argflag_std_base
+local_arg_flags = cic_cache.cli.argflag_local_task
+argparser = cic_cache.cli.ArgumentParser(arg_flags)
+argparser.process_local_flags(local_arg_flags)
 args = argparser.parse_args()

-if args.vv:
-    logging.getLogger().setLevel(logging.DEBUG)
-elif args.v:
-    logging.getLogger().setLevel(logging.INFO)
-
-config = confini.Config(args.c, args.env_prefix)
-config.process()
-config.censor('PASSWORD', 'DATABASE')
-config.censor('PASSWORD', 'SSL')
-logg.debug('config:\n{}'.format(config))
+# process config
+config = cic_cache.cli.Config.from_args(args, arg_flags, local_arg_flags)

+# connect to database
 dsn = dsn_from_config(config)
 SessionBase.connect(dsn, config.true('DATABASE_DEBUG'))

--- a/apps/cic-cache/cic_cache/runnable/daemons/tasker.py
+++ b/apps/cic-cache/cic_cache/runnable/daemons/tasker.py
@@ -9,6 +9,7 @@ import celery
 import confini

 # local imports
+import cic_cache.cli
 from cic_cache.db import dsn_from_config
 from cic_cache.db.models.base import SessionBase
 from cic_cache.tasks.tx import *
@@ -16,35 +17,20 @@ from cic_cache.tasks.tx import *
 logging.basicConfig(level=logging.WARNING)
 logg = logging.getLogger()

-config_dir = os.path.join('/usr/local/etc/cic-cache')
-
-
-argparser = argparse.ArgumentParser()
-argparser.add_argument('-c', type=str, default=config_dir, help='config file')
-argparser.add_argument('-q', type=str, default='cic-cache', help='queue name for worker tasks')
-argparser.add_argument('--env-prefix', default=os.environ.get('CONFINI_ENV_PREFIX'), dest='env_prefix', type=str, help='environment prefix for variables to overwrite configuration')
-argparser.add_argument('-v', action='store_true', help='be verbose')
-argparser.add_argument('-vv', action='store_true', help='be more verbose')
-
+# process args
+arg_flags = cic_cache.cli.argflag_std_base
+local_arg_flags = cic_cache.cli.argflag_local_task
+argparser = cic_cache.cli.ArgumentParser(arg_flags)
+argparser.process_local_flags(local_arg_flags)
 args = argparser.parse_args()

-if args.vv:
-    logging.getLogger().setLevel(logging.DEBUG)
-elif args.v:
-    logging.getLogger().setLevel(logging.INFO)
-
-config = confini.Config(args.c, args.env_prefix)
-config.process()
+# process config
+config = cic_cache.cli.Config.from_args(args, arg_flags, local_arg_flags)

 # connect to database
 dsn = dsn_from_config(config)
 SessionBase.connect(dsn)

-# verify database connection with minimal sanity query
-#session = SessionBase.create_session()
-#session.execute('select version_num from alembic_version')
-#session.close()
-
 # set up celery
 current_app = celery.Celery(__name__)

@@ -87,9 +73,9 @@ def main():
    elif args.v:
        argv.append('--loglevel=INFO')
    argv.append('-Q')
-    argv.append(args.q)
+    argv.append(config.get('CELERY_QUEUE'))
    argv.append('-n')
-    argv.append(args.q)
+    argv.append(config.get('CELERY_QUEUE'))

    current_app.worker_main(argv)

--- a/apps/cic-cache/cic_cache/runnable/daemons/tracker.py
+++ b/apps/cic-cache/cic_cache/runnable/daemons/tracker.py
@@ -95,10 +95,10 @@ def main():
    syncer_backends = SQLBackend.resume(chain_spec, block_offset)

    if len(syncer_backends) == 0:
-        initial_block_start = config.get('SYNCER_OFFSET')
-        initial_block_offset = block_offset
+        initial_block_start = int(config.get('SYNCER_OFFSET'))
+        initial_block_offset = int(block_offset)
        if config.get('SYNCER_NO_HISTORY'):
-            initial_block_start = block_offset
+            initial_block_start = initial_block_offset
            initial_block_offset += 1
        syncer_backends.append(SQLBackend.initial(chain_spec, initial_block_offset, start_block_height=initial_block_start))
        logg.info('found no backends to resume, adding initial sync from history start {} end {}'.format(initial_block_start, initial_block_offset))
--- a/apps/cic-cache/cic_cache/version.py
+++ b/apps/cic-cache/cic_cache/version.py
@@ -5,7 +5,7 @@ version = (
        0,
        2,
        1,
-        'alpha.1',
+        'rc.1',
        )

 version_object = semver.VersionInfo(
--- a/apps/cic-cache/docker/Dockerfile
+++ b/apps/cic-cache/docker/Dockerfile
@@ -1,18 +1,17 @@
-# syntax = docker/dockerfile:1.2
-FROM registry.gitlab.com/grassrootseconomics/cic-base-images:python-3.8.6-dev-55da5f4e as dev
- 
-# RUN pip install $pip_extra_index_url_flag cic-base[full_graph]==0.1.2b9
+ARG DOCKER_REGISTRY="registry.gitlab.com/grassrootseconomics"
+
+FROM $DOCKER_REGISTRY/cic-base-images:python-3.8.6-dev-e8eb2ee2

 COPY requirements.txt .
-#RUN pip install $pip_extra_index_url_flag -r test_requirements.txt
-#RUN pip install $pip_extra_index_url_flag .
-#RUN pip install .[server]

-ARG EXTRA_INDEX_URL="https://pip.grassrootseconomics.net:8433"
-ARG GITLAB_PYTHON_REGISTRY="https://gitlab.com/api/v4/projects/27624814/packages/pypi/simple"
+ARG EXTRA_PIP_INDEX_URL="https://pip.grassrootseconomics.net:8433"
+ARG EXTRA_PIP_ARGS=""
+ARG PIP_INDEX_URL="https://pypi.org/simple"
+
 RUN --mount=type=cache,mode=0755,target=/root/.cache/pip \
-    pip install --index-url https://pypi.org/simple  \
-	  --extra-index-url $GITLAB_PYTHON_REGISTRY --extra-index-url $EXTRA_INDEX_URL \
+    pip install --index-url $PIP_INDEX_URL \
+    --pre \
+    --extra-index-url $EXTRA_PIP_INDEX_URL $EXTRA_PIP_ARGS \
    -r requirements.txt

 COPY . . 
@@ -22,10 +21,10 @@ RUN python setup.py install
 # ini files in config directory defines the configurable parameters for the application
 # they can all be overridden by environment variables
 # to generate a list of environment variables from configuration, use: confini-dump -z <dir> (executable provided by confini package)
-COPY config/ /usr/local/etc/cic-cache/
+#COPY config/ /usr/local/etc/cic-cache/

 # for db migrations
-RUN git clone https://github.com/vishnubob/wait-for-it.git /usr/local/bin/wait-for-it/
+COPY ./aux/wait-for-it/wait-for-it.sh ./
 COPY cic_cache/db/migrations/ /usr/local/share/cic-cache/alembic/

 COPY /docker/start_tracker.sh ./start_tracker.sh
--- a/apps/cic-cache/docker/Dockerfile_ci
+++ b/apps/cic-cache/docker/Dockerfile_ci
@@ -1,37 +0,0 @@
-# syntax = docker/dockerfile:1.2
-FROM registry.gitlab.com/grassrootseconomics/cic-base-images:python-3.8.6-dev-55da5f4e as dev
- 
-# RUN pip install $pip_extra_index_url_flag cic-base[full_graph]==0.1.2b9
-
-COPY requirements.txt .
-#RUN pip install $pip_extra_index_url_flag -r test_requirements.txt
-#RUN pip install $pip_extra_index_url_flag .
-#RUN pip install .[server]
-
-ARG EXTRA_INDEX_URL="https://pip.grassrootseconomics.net:8433"
-ARG GITLAB_PYTHON_REGISTRY="https://gitlab.com/api/v4/projects/27624814/packages/pypi/simple"
-RUN pip install --index-url https://pypi.org/simple  \
-	  --extra-index-url $GITLAB_PYTHON_REGISTRY --extra-index-url $EXTRA_INDEX_URL \
-    -r requirements.txt
-
-COPY . . 
-
-RUN python setup.py install
-
-# ini files in config directory defines the configurable parameters for the application
-# they can all be overridden by environment variables
-# to generate a list of environment variables from configuration, use: confini-dump -z <dir> (executable provided by confini package)
-COPY config/ /usr/local/etc/cic-cache/
-
-# for db migrations
-RUN git clone https://github.com/vishnubob/wait-for-it.git /usr/local/bin/wait-for-it/
-COPY cic_cache/db/migrations/ /usr/local/share/cic-cache/alembic/
-
-COPY /docker/start_tracker.sh ./start_tracker.sh
-COPY /docker/db.sh ./db.sh
-RUN chmod 755 ./*.sh
-# Tracker
-# ENTRYPOINT ["/usr/local/bin/cic-cache-tracker", "-vv"]
-# Server
-# ENTRYPOINT [ "/usr/local/bin/uwsgi", "--wsgi-file", "/usr/local/lib/python3.8/site-packages/cic_cache/runnable/server.py", "--http", ":80", "--pyargv", "-vv" ]
-ENTRYPOINT []
--- a/apps/cic-cache/docker/run_tests.sh
+++ b/apps/cic-cache/docker/run_tests.sh
@@ -0,0 +1,10 @@
+#! /bin/bash
+
+set -e
+
+pip install --extra-index-url https://pip.grassrootseconomics.net:8433 \
+--extra-index-url https://gitlab.com/api/v4/projects/27624814/packages/pypi/simple \
+-r test_requirements.txt 
+
+export PYTHONPATH=. && pytest -x --cov=cic_cache --cov-fail-under=90 --cov-report term-missing tests
+
--- a/apps/cic-cache/requirements.txt
+++ b/apps/cic-cache/requirements.txt
@@ -1,17 +1,14 @@
 alembic==1.4.2
-confini>=0.3.6rc4,<0.5.0
+confini~=0.4.2
 uwsgi==2.0.19.1
 moolb~=0.1.1b2
-cic-eth-registry~=0.5.8a1
+cic-eth-registry~=0.6.1a1
 SQLAlchemy==1.3.20
 semver==2.13.0
 psycopg2==2.8.6
 celery==4.4.7
 redis==3.5.3
-chainsyncer[sql]>=0.0.6a1,<0.1.0
-erc20-faucet>=0.2.4a2, <0.3.0
-#chainlib-eth==0.0.7a5,<0.1.0
-chainlib-eth==0.0.7a5
-#chainlib==0.0.7a4,<0.1.0
-chainlib==0.0.7a4
-eth-address-index>=0.1.4a1,<0.2.0
+chainsyncer[sql]>=0.0.7a3,<0.1.0
+erc20-faucet>=0.3.2a2, <0.4.0
+chainlib-eth>=0.0.10a20,<0.1.0
+eth-address-index>=0.2.3a4,<0.3.0
--- a/apps/cic-cache/scripts/migrate.py
+++ b/apps/cic-cache/scripts/migrate.py
@@ -17,11 +17,12 @@ logg = logging.getLogger()
 rootdir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
 dbdir = os.path.join(rootdir, 'cic_cache', 'db')
 migrationsdir = os.path.join(dbdir, 'migrations')
+configdir = os.path.join(rootdir, 'cic_cache', 'data', 'config')

-config_dir = os.path.join('/usr/local/etc/cic-cache')
+#config_dir = os.path.join('/usr/local/etc/cic-cache')

 argparser = argparse.ArgumentParser()
-argparser.add_argument('-c', type=str, default=config_dir, help='config file')
+argparser.add_argument('-c', type=str, help='config file')
 argparser.add_argument('--env-prefix', default=os.environ.get('CONFINI_ENV_PREFIX'), dest='env_prefix', type=str, help='environment prefix for variables to overwrite configuration')
 argparser.add_argument('--migrations-dir', dest='migrations_dir', default=migrationsdir, type=str, help='path to alembic migrations directory')
 argparser.add_argument('--reset', action='store_true', help='downgrade before upgrading')
@@ -35,7 +36,7 @@ if args.vv:
 elif args.v:
    logging.getLogger().setLevel(logging.INFO)

-config = confini.Config(args.c, args.env_prefix)
+config = confini.Config(configdir, args.env_prefix, override_dirs=args.c)
 config.process()
 config.censor('PASSWORD', 'DATABASE')
 config.censor('PASSWORD', 'SSL')
--- a/apps/cic-cache/test_requirements.txt
+++ b/apps/cic-cache/test_requirements.txt
@@ -6,5 +6,5 @@ sqlparse==0.4.1
 pytest-celery==0.0.0a1
 eth_tester==0.5.0b3
 py-evm==0.3.0a20
-sarafu-faucet~=0.0.5a2
-erc20-transfer-authorization>=0.3.4a1,<0.4.0
+sarafu-faucet~=0.0.7a1
+erc20-transfer-authorization>=0.3.5a1,<0.4.0
--- a/apps/cic-eth-aux/erc20-demurrage-token/requirements.txt
+++ b/apps/cic-eth-aux/erc20-demurrage-token/requirements.txt
@@ -1,5 +1,5 @@
 celery==4.4.7
-erc20-demurrage-token~=0.0.3a1
-cic-eth-registry~=0.5.8a1
-chainlib~=0.0.7a1
-cic_eth~=0.12.2a4
+erc20-demurrage-token~=0.0.5a3
+cic-eth-registry~=0.6.1a6
+chainlib~=0.0.9rc1
+cic_eth~=0.12.4a11
--- a/apps/cic-eth-aux/erc20-demurrage-token/setup.cfg
+++ b/apps/cic-eth-aux/erc20-demurrage-token/setup.cfg
@@ -1,6 +1,6 @@
 [metadata]
 name = cic-eth-aux-erc20-demurrage-token
-version = 0.0.2a6
+version = 0.0.2a7
 description = cic-eth tasks supporting erc20 demurrage token
 author = Louis Holbrook
 author_email = dev@holbrook.no
--- a/apps/cic-eth/.gitlab-ci.yml
+++ b/apps/cic-eth/.gitlab-ci.yml
@@ -1,52 +1,16 @@
-.cic_eth_variables:
-    variables:
-        APP_NAME: cic-eth
-        DOCKERFILE_PATH: docker/Dockerfile_ci
-        CONTEXT: apps/$APP_NAME
-
-build-mr-cic-eth:
-    extends:
-        - .cic_eth_variables
-        - .py_build_target_dev
-    rules:
+build-test-cic-eth:
+  stage: test
+  tags:
+    - integration
+  variables:
+    APP_NAME: cic-eth
+    MR_IMAGE_TAG: mr-$APP_NAME-$CI_COMMIT_REF_SLUG-$CI_COMMIT_SHORT_SHA
+  script:
+    - cd apps/cic-eth
+    - docker build -t $MR_IMAGE_TAG -f docker/Dockerfile . 
+    - docker run $MR_IMAGE_TAG sh docker/run_tests.sh
+  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
      changes:
-          - apps/cic-eth/**/*
-      when: always
-
-test-mr-cic-eth:
-    stage: test
-    extends:
-        - .cic_eth_variables
-    cache:
-        key:
-            files:
-                - test_requirements.txt
-        paths:
-        - /root/.cache/pip
-    image: $MR_IMAGE_TAG
-    script:
-        - cd apps/$APP_NAME/
-        - >
-          pip install --extra-index-url https://pip.grassrootseconomics.net:8433
-          --extra-index-url https://gitlab.com/api/v4/projects/27624814/packages/pypi/simple
-          -r admin_requirements.txt
-          -r services_requirements.txt
-          -r test_requirements.txt 
-        - export PYTHONPATH=. && pytest -x --cov=cic_eth --cov-fail-under=90 --cov-report term-missing tests
-    needs: ["build-mr-cic-eth"]
-    rules:
-    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-      changes:
-          - apps/cic-eth/**/*
-      when: always
-
-build-push-cic-eth:
-    extends:
-        - .py_build_push
-        - .cic_eth_variables
-    rules:
-    - if:  $CI_COMMIT_BRANCH == "master"
-      changes:
-          - apps/cic-eth/**/*
+          - apps/$APP_NAME/**/*
      when: always
--- a/apps/cic-eth/admin_requirements.txt
+++ b/apps/cic-eth/admin_requirements.txt
@@ -1,5 +1,5 @@
 SQLAlchemy==1.3.20
-cic-eth-registry>=0.5.6a2,<0.6.0
-hexathon~=0.0.1a7
-chainqueue>=0.0.3a1,<0.1.0
-eth-erc20>=0.0.10a3,<0.1.0
+cic-eth-registry>=0.6.1a6,<0.7.0
+hexathon~=0.0.1a8
+chainqueue>=0.0.4a6,<0.1.0
+eth-erc20>=0.1.2a2,<0.2.0
--- a/apps/cic-eth/cic_eth/admin/ctrl.py
+++ b/apps/cic-eth/cic_eth/admin/ctrl.py
@@ -4,7 +4,6 @@ import logging

 # external imports
 import celery
-from chainlib.eth.constant import ZERO_ADDRESS
 from chainlib.chain import ChainSpec
 from hexathon import (
        add_0x,
@@ -20,18 +19,17 @@ from cic_eth.task import (
        CriticalSQLAlchemyTask,
        )
 from cic_eth.error import LockedError
+from cic_eth.encode import (
+        tx_normalize,
+        ZERO_ADDRESS_NORMAL,
+        )

 celery_app = celery.current_app
 logg = logging.getLogger()


-def normalize_address(a):
-    if a == None:
-        return None
-    return add_0x(hex_uniform(strip_0x(a)))
-
@celery_app.task(base=CriticalSQLAlchemyTask)
-def lock(chained_input, chain_spec_dict, address=ZERO_ADDRESS, flags=LockEnum.ALL, tx_hash=None):
+def lock(chained_input, chain_spec_dict, address=ZERO_ADDRESS_NORMAL, flags=LockEnum.ALL, tx_hash=None):
    """Task wrapper to set arbitrary locks

    :param chain_str: Chain spec string representation
@@ -43,7 +41,7 @@ def lock(chained_input, chain_spec_dict, address=ZERO_ADDRESS, flags=LockEnum.AL
    :returns: New lock state for address
    :rtype: number
    """
-    address = normalize_address(address)
+    address = tx_normalize.wallet_address(address)
    chain_str = '::'
    if chain_spec_dict != None:
        chain_str = str(ChainSpec.from_dict(chain_spec_dict))
@@ -53,7 +51,7 @@ def lock(chained_input, chain_spec_dict, address=ZERO_ADDRESS, flags=LockEnum.AL


@celery_app.task(base=CriticalSQLAlchemyTask)
-def unlock(chained_input, chain_spec_dict, address=ZERO_ADDRESS, flags=LockEnum.ALL):
+def unlock(chained_input, chain_spec_dict, address=ZERO_ADDRESS_NORMAL, flags=LockEnum.ALL):
    """Task wrapper to reset arbitrary locks

    :param chain_str: Chain spec string representation
@@ -65,7 +63,7 @@ def unlock(chained_input, chain_spec_dict, address=ZERO_ADDRESS, flags=LockEnum.
    :returns: New lock state for address
    :rtype: number
    """
-    address = normalize_address(address)
+    address = tx_normalize.wallet_address(address)
    chain_str = '::'
    if chain_spec_dict != None:
        chain_str = str(ChainSpec.from_dict(chain_spec_dict))
@@ -75,7 +73,7 @@ def unlock(chained_input, chain_spec_dict, address=ZERO_ADDRESS, flags=LockEnum.


@celery_app.task(base=CriticalSQLAlchemyTask)
-def lock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS, tx_hash=None):
+def lock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS_NORMAL, tx_hash=None):
    """Task wrapper to set send lock

    :param chain_str: Chain spec string representation
@@ -85,7 +83,7 @@ def lock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS, tx_hash=None
    :returns: New lock state for address
    :rtype: number
    """
-    address = normalize_address(address)
+    address = tx_normalize.wallet_address(address)
    chain_str = str(ChainSpec.from_dict(chain_spec_dict))
    r = Lock.set(chain_str, LockEnum.SEND, address=address, tx_hash=tx_hash)
    logg.debug('Send locked for {}, flag now {}'.format(address, r))
@@ -93,7 +91,7 @@ def lock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS, tx_hash=None


@celery_app.task(base=CriticalSQLAlchemyTask)
-def unlock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS):
+def unlock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS_NORMAL):
    """Task wrapper to reset send lock

    :param chain_str: Chain spec string representation
@@ -103,7 +101,7 @@ def unlock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS):
    :returns: New lock state for address
    :rtype: number
    """
-    address = normalize_address(address)
+    address = tx_normalize.wallet_address(address)
    chain_str = str(ChainSpec.from_dict(chain_spec_dict))
    r = Lock.reset(chain_str, LockEnum.SEND, address=address)
    logg.debug('Send unlocked for {}, flag now {}'.format(address, r))
@@ -111,7 +109,7 @@ def unlock_send(chained_input, chain_spec_dict, address=ZERO_ADDRESS):


@celery_app.task(base=CriticalSQLAlchemyTask)
-def lock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS, tx_hash=None):
+def lock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS_NORMAL, tx_hash=None):
    """Task wrapper to set queue direct lock

    :param chain_str: Chain spec string representation
@@ -121,7 +119,7 @@ def lock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS, tx_hash=Non
    :returns: New lock state for address
    :rtype: number
    """
-    address = normalize_address(address)
+    address = tx_normalize.wallet_address(address)
    chain_str = str(ChainSpec.from_dict(chain_spec_dict))
    r = Lock.set(chain_str, LockEnum.QUEUE, address=address, tx_hash=tx_hash)
    logg.debug('Queue direct locked for {}, flag now {}'.format(address, r))
@@ -129,7 +127,7 @@ def lock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS, tx_hash=Non


@celery_app.task(base=CriticalSQLAlchemyTask)
-def unlock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS):
+def unlock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS_NORMAL):
    """Task wrapper to reset queue direct lock

    :param chain_str: Chain spec string representation
@@ -139,7 +137,7 @@ def unlock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS):
    :returns: New lock state for address
    :rtype: number
    """
-    address = normalize_address(address)
+    address = tx_normalize.wallet_address(address)
    chain_str = str(ChainSpec.from_dict(chain_spec_dict))
    r = Lock.reset(chain_str, LockEnum.QUEUE, address=address)
    logg.debug('Queue direct unlocked for {}, flag now {}'.format(address, r))
@@ -148,12 +146,13 @@ def unlock_queue(chained_input, chain_spec_dict, address=ZERO_ADDRESS):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def check_lock(chained_input, chain_spec_dict, lock_flags, address=None):
-    address = normalize_address(address)
+    if address != None:
+        address = tx_normalize.wallet_address(address)
    chain_str = '::'
    if chain_spec_dict != None:
        chain_str = str(ChainSpec.from_dict(chain_spec_dict))
    session = SessionBase.create_session()
-    r = Lock.check(chain_str, lock_flags, address=ZERO_ADDRESS, session=session)
+    r = Lock.check(chain_str, lock_flags, address=ZERO_ADDRESS_NORMAL, session=session)
    if address != None:
        r |= Lock.check(chain_str, lock_flags, address=address, session=session)
    if r > 0:
--- a/apps/cic-eth/cic_eth/admin/nonce.py
+++ b/apps/cic-eth/cic_eth/admin/nonce.py
@@ -33,6 +33,7 @@ from cic_eth.admin.ctrl import (
 from cic_eth.queue.tx import queue_create
 from cic_eth.eth.gas import create_check_gas_task
 from cic_eth.task import BaseTask
+from cic_eth.encode import tx_normalize

 celery_app = celery.current_app
 logg = logging.getLogger()
@@ -73,7 +74,7 @@ def shift_nonce(self, chainspec_dict, tx_hash_orig_hex, delta=1):

    set_cancel(chain_spec, strip_0x(tx['hash']), manual=True, session=session)

-    query_address = add_0x(hex_uniform(strip_0x(address))) # aaaaargh
+    query_address = tx_normalize.wallet_address(address)
    q = session.query(Otx)
    q = q.join(TxCache)
    q = q.filter(TxCache.sender==query_address)
--- a/apps/cic-eth/cic_eth/admin/token.py
+++ b/apps/cic-eth/cic_eth/admin/token.py
@@ -1,21 +1,2 @@
-# standard imports
-import logging
-
-# external imports
-import celery
-
 # local imports
-from cic_eth.task import BaseTask
-
-celery_app = celery.current_app
-logg = logging.getLogger()
-
-
-@celery_app.task(bind=True, base=BaseTask)
-def default_token(self):
-    return {
-            'symbol': self.default_token_symbol,
-            'address': self.default_token_address,
-            'name': self.default_token_name,
-            'decimals': self.default_token_decimals,
-            }
+from cic_eth.eth.erc20 import default_token
--- a/apps/cic-eth/cic_eth/api/admin.py
+++ b/apps/cic-eth/cic_eth/api/admin.py
@@ -32,7 +32,6 @@ from chainqueue.db.enum import (
        status_str,
    )
 from chainqueue.error import TxStateChangeError
-from chainqueue.sql.query import get_tx
 from eth_erc20 import ERC20

 # local imports
@@ -40,6 +39,7 @@ from cic_eth.db.models.base import SessionBase
 from cic_eth.db.models.role import AccountRole
 from cic_eth.db.models.nonce import Nonce
 from cic_eth.error import InitializationError
+from cic_eth.queue.query import get_tx_local

 app = celery.current_app

@@ -123,7 +123,7 @@ class AdminApi:
        return s_lock.apply_async()


-    def tag_account(self, tag, address_hex, chain_spec):
+    def tag_account(self, chain_spec, tag, address):
        """Persistently associate an address with a plaintext tag.

        Some tags are known by the system and is used to resolve addresses to use for certain transactions. 
@@ -138,7 +138,7 @@ class AdminApi:
            'cic_eth.eth.account.set_role',
            [
                tag,
-                address_hex,
+                address,
                chain_spec.asdict(),
                ],
            queue=self.queue,
@@ -146,6 +146,30 @@ class AdminApi:
        return s_tag.apply_async()


+    def get_tag_account(self, chain_spec, tag=None, address=None):
+        if address != None:
+            s_tag = celery.signature(
+                'cic_eth.eth.account.role',
+                [
+                    address,
+                    chain_spec.asdict(),
+                    ],
+                queue=self.queue,
+                )
+
+        else:
+            s_tag = celery.signature(
+                'cic_eth.eth.account.role_account',
+                [
+                    tag,
+                    chain_spec.asdict(),
+                ],
+                queue=self.queue,
+                )
+
+        return s_tag.apply_async()
+
+
    def have_account(self, address_hex, chain_spec):
        s_have = celery.signature(
            'cic_eth.eth.account.have',
@@ -284,7 +308,7 @@ class AdminApi:
        tx_hash_hex = None
        session = SessionBase.create_session()
        for k in txs.keys():
-            tx_dict = get_tx(chain_spec, k, session=session)
+            tx_dict = get_tx_local(chain_spec, k, session=session)
            if tx_dict['nonce'] == nonce:
                tx_hash_hex = k
        session.close()
@@ -503,7 +527,7 @@ class AdminApi:
                    queue=self.queue,
                    )
                t = s.apply_async()
-                role = t.get()
+                role = t.get()[0][1]
                if role != None:
                    tx['sender_description'] = role

@@ -556,7 +580,7 @@ class AdminApi:
                    queue=self.queue,
                    )
                t = s.apply_async()
-                role = t.get()
+                role = t.get()[0][1]
                if role != None:
                    tx['recipient_description'] = role

--- a/apps/cic-eth/cic_eth/api/api_task.py
+++ b/apps/cic-eth/cic_eth/api/api_task.py
@@ -9,6 +9,7 @@ import logging
 # external imports 
 import celery
 from chainlib.chain import ChainSpec
+from hexathon import strip_0x

 # local imports
 from cic_eth.api.base import ApiBase
@@ -16,15 +17,50 @@ from cic_eth.enum import LockEnum

 app = celery.current_app

-logg = logging.getLogger(__name__)
+#logg = logging.getLogger(__name__)
+logg = logging.getLogger()


 class Api(ApiBase):
-    
+
+    @staticmethod
+    def to_v_list(v, n):
+        """Translate an arbitrary number of string and/or list arguments to a list of list of string arguments
+
+        :param v: Arguments
+        :type v: str or list
+        :param n: Number of elements to generate arguments for
+        :type n: int
+        :rtype: list
+        :returns: list of assembled arguments
+        """
+        if isinstance(v, str):
+            vv = v
+            v = []
+            for i in range(n):
+                v.append([vv])
+        elif not isinstance(v, list):
+            raise ValueError('argument must be single string, or list or strings or lists')
+        else:
+            if len(v) != n:
+                raise ValueError('v argument count must match integer n')
+            for i in range(n):
+                if isinstance(v[i], str):
+                    v[i] = [v[i]]
+                elif not isinstance(v, list):
+                    raise ValueError('proof argument must be single string, or list or strings or lists')
+
+        return v
+   

    def default_token(self):
+        """Retrieves the default fallback token of the custodial network.
+
+        :returns: uuid of root task
+        :rtype: celery.Task
+        """
        s_token = celery.signature(
-                'cic_eth.admin.token.default_token',
+                'cic_eth.eth.erc20.default_token',
                [],
                queue=self.queue,
                )
@@ -34,6 +70,97 @@ class Api(ApiBase):
        return s_token.apply_async()


+    def token(self, token_symbol, proof=None):
+        """Single-token alias for tokens method.
+
+        See tokens method for details.
+
+        :param token_symbol: Token symbol to look up
+        :type token_symbol: str
+        :param proof: Proofs to add to signature verification for the token
+        :type proof: str or list
+        :returns: uuid of root task
+        :rtype: celery.Task
+        """
+        if not isinstance(token_symbol, str):
+            raise ValueError('token symbol must be string')
+
+        return self.tokens([token_symbol], proof=proof)
+
+
+    def tokens(self, token_symbols, proof=None):
+        """Perform a token data lookup from the token index. The token index will enforce unique associations between token symbol and contract address.
+
+        Token symbols are always strings, and should be specified using uppercase letters.
+
+        If the proof argument is included, the network will be queried for trusted signatures on the given proof(s). There must exist at least one trusted signature for every given proof for every token. Trusted signatures for the custodial system are provided at service startup.
+
+        The proof argument may be specified in a number of ways:
+
+        - as None, in which case proof checks are skipped (although there may still be builtin proof checks being performed)
+        - as a single string, where the same proof is used for each token lookup
+        - as an array of strings, where the respective proof is used for the respective token. number of proofs must match the number of tokens.
+        - as an array of lists, where the respective proofs in each list is used for the respective token. number of lists of proofs must match the number of tokens.
+
+        The success callback provided at the Api object instantiation will receive individual calls for each token that passes the proof checks. Each token that does not pass is passed to the Api error callback.
+
+        This method is not intended to be used synchronously. Do so at your peril.
+
+        :param token_symbols: Token symbol strings to look up
+        :type token_symbol: list
+        :param proof: Proof(s) to verify tokens against
+        :type proof: None, str or list
+        :returns: uuid of root task
+        :rtype: celery.Task
+        """
+        if not isinstance(token_symbols, list):
+            raise ValueError('token symbols argument must be list')
+
+        if proof == None:
+            logg.debug('looking up tokens without external proof check: {}'.format(','.join(token_symbols)))
+            proof = ''
+
+        logg.debug('proof is {}'.format(proof))
+        l = len(token_symbols)
+        if len(proof) == 0:
+            l = 0 
+        proof = Api.to_v_list(proof, l)
+
+        chain_spec_dict = self.chain_spec.asdict()
+
+        s_token_resolve = celery.signature(
+                'cic_eth.eth.erc20.resolve_tokens_by_symbol',
+                [
+                    token_symbols,
+                    chain_spec_dict,
+                    ],
+                queue=self.queue,
+                )
+
+        s_token_info = celery.signature(
+                'cic_eth.eth.erc20.token_info',
+                [
+                    chain_spec_dict,
+                    proof,
+                    ],
+                queue=self.queue,
+                )
+
+        s_token_verify = celery.signature(
+                    'cic_eth.eth.erc20.verify_token_info',
+                    [
+                        chain_spec_dict,
+                        self.callback_success,
+                        self.callback_error,
+                        ],
+                    queue=self.queue,
+                    )
+
+        s_token_info.link(s_token_verify)
+        s_token_resolve.link(s_token_info)
+        return s_token_resolve.apply_async()
+
+
 #    def convert_transfer(self, from_address, to_address, target_return, minimum_return, from_token_symbol, to_token_symbol):
 #        """Executes a chain of celery tasks that performs conversion between two ERC20 tokens, and transfers to a specified receipient after convert has completed.
 #
@@ -254,6 +381,8 @@ class Api(ApiBase):
        :returns: uuid of root task
        :rtype: celery.Task
        """
+        #from_address = strip_0x(from_address)
+        #to_address = strip_0x(to_address)
        s_check = celery.signature(
                'cic_eth.admin.ctrl.check_lock',
                [
@@ -554,3 +683,4 @@ class Api(ApiBase):

        t = self.callback_success.apply_async([r])
        return t
+
--- a/apps/cic-eth/cic_eth/callbacks/noop.py
+++ b/apps/cic-eth/cic_eth/callbacks/noop.py
@@ -1,7 +1,10 @@
+import logging
+
 import celery

 celery_app = celery.current_app
-logg = celery_app.log.get_default_logger()
+#logg = celery_app.log.get_default_logger()
+logg = logging.getLogger()


@celery_app.task(bind=True)
--- a/apps/cic-eth/cic_eth/check/gas.py
+++ b/apps/cic-eth/cic_eth/check/gas.py
@@ -12,8 +12,9 @@ from cic_eth.db.models.base import SessionBase
 from cic_eth.db.enum import LockEnum
 from cic_eth.error import LockedError
 from cic_eth.admin.ctrl import check_lock
+from cic_eth.eth.gas import have_gas_minimum

-logg = logging.getLogger().getChild(__name__)
+logg = logging.getLogger(__name__)


 def health(*args, **kwargs):
@@ -31,18 +32,15 @@ def health(*args, **kwargs):
        return True

    gas_provider = AccountRole.get_address('GAS_GIFTER', session=session)
+    min_gas = int(config.get('ETH_GAS_HOLDER_MINIMUM_UNITS')) * int(config.get('ETH_GAS_GIFTER_REFILL_BUFFER'))
+    if config.get('ETH_MIN_FEE_PRICE'):
+        min_gas *= int(config.get('ETH_MIN_FEE_PRICE'))
+
+    r = have_gas_minimum(chain_spec, gas_provider, min_gas, session=session)
+
    session.close()
+    
+    if not r:
+        logg.error('EEK! gas gifter has balance {}, below minimum {}'.format(r, min_gas))

-    rpc = RPCConnection.connect(chain_spec, 'default')
-    o = balance(gas_provider)
-    r = rpc.do(o)
-    try: 
-        r = int(r, 16)
-    except TypeError:
-        r = int(r)
-    gas_min = int(config.get('ETH_GAS_GIFTER_MINIMUM_BALANCE'))
-    if r < gas_min:
-        logg.error('EEK! gas gifter has balance {}, below minimum {}'.format(r, gas_min))
-        return False
-
-    return True
+    return r
--- a/apps/cic-eth/cic_eth/check/start.py
+++ b/apps/cic-eth/cic_eth/check/start.py
@@ -0,0 +1,18 @@
+# external imports
+from chainlib.chain import ChainSpec
+
+# local imports
+from cic_eth.admin.ctrl import check_lock
+from cic_eth.enum import LockEnum
+from cic_eth.error import LockedError
+
+
+def health(*args, **kwargs):
+    config = kwargs['config']
+    chain_spec = ChainSpec.from_chain_str(config.get('CHAIN_SPEC'))
+
+    try:
+        check_lock(None, chain_spec.asdict(), LockEnum.START)
+    except LockedError as e:
+        return False
+    return True
--- a/apps/cic-eth/cic_eth/cli/arg.py
+++ b/apps/cic-eth/cic_eth/cli/arg.py
@@ -16,16 +16,22 @@ class ArgumentParser(BaseArgumentParser):
            self.add_argument('--redis-port', dest='redis_port', type=int, help='redis host to use for task submission')
            self.add_argument('--redis-db', dest='redis_db', type=int, help='redis db to use')
        if local_arg_flags & CICFlag.REDIS_CALLBACK:
-            self.add_argument('--redis-host-callback', dest='redis_host_callback', default='localhost', type=str, help='redis host to use for callback')
-            self.add_argument('--redis-port-callback', dest='redis_port_callback', default=6379, type=int, help='redis port to use for callback')
+            self.add_argument('--redis-host-callback', dest='redis_host_callback', type=str, help='redis host to use for callback (defaults to redis host)')
+            self.add_argument('--redis-port-callback', dest='redis_port_callback', type=int, help='redis port to use for callback (defaults to redis port)')
            self.add_argument('--redis-timeout', default=20.0, type=float, help='Redis callback timeout')
        if local_arg_flags & CICFlag.CELERY:
+            self.add_argument('--celery-scheme', type=str, help='Celery broker scheme (defaults to "redis")')
+            self.add_argument('--celery-host', type=str, help='Celery broker host (defaults to redis host)')
+            self.add_argument('--celery-port', type=str, help='Celery broker port (defaults to redis port)')
+            self.add_argument('--celery-db', type=int, help='Celery broker db (defaults to redis db)')
+            self.add_argument('--celery-result-scheme', type=str, help='Celery result backend scheme (defaults to celery broker scheme)')
+            self.add_argument('--celery-result-host', type=str, help='Celery result backend host (defaults to celery broker host)')
+            self.add_argument('--celery-result-port', type=str, help='Celery result backend port (defaults to celery broker port)')
+            self.add_argument('--celery-result-db', type=int, help='Celery result backend db (defaults to celery broker db)')
+            self.add_argument('--celery-no-result', action='store_true', help='Disable the Celery results backend')
            self.add_argument('-q', '--celery-queue', dest='celery_queue', type=str, default='cic-eth', help='Task queue')
        if local_arg_flags & CICFlag.SYNCER:
-            self.add_argument('--offset', type=int, default=0, help='Start block height for initial history sync')
+            self.add_argument('--offset', type=int, help='Start block height for initial history sync')
            self.add_argument('--no-history', action='store_true', dest='no_history', help='Skip initial history sync')
        if local_arg_flags & CICFlag.CHAIN:
            self.add_argument('-r', '--registry-address', type=str, dest='registry_address', help='CIC registry contract address')
-
-
-
--- a/apps/cic-eth/cic_eth/cli/base.py
+++ b/apps/cic-eth/cic_eth/cli/base.py
@@ -24,8 +24,8 @@ class CICFlag(enum.IntEnum):
    # sync - nibble 4
    SYNCER = 4096

-
-argflag_local_task = CICFlag.CELERY 
+argflag_local_base = argflag_std_base | Flag.CHAIN_SPEC
+argflag_local_task = CICFlag.CELERY
 argflag_local_taskcallback = argflag_local_task | CICFlag.REDIS | CICFlag.REDIS_CALLBACK
 argflag_local_chain = CICFlag.CHAIN
 argflag_local_sync = CICFlag.SYNCER | CICFlag.CHAIN
--- a/apps/cic-eth/cic_eth/cli/config.py
+++ b/apps/cic-eth/cic_eth/cli/config.py
@@ -1,12 +1,18 @@
 # standard imports
 import os
 import logging
+import urllib.parse
+import copy

 # external imports
 from chainlib.eth.cli import (
        Config as BaseConfig,
        Flag,
        )
+from urlybird.merge import (
+        urlhostmerge,
+        urlmerge,
+        )

 # local imports
 from .base import CICFlag
@@ -40,6 +46,7 @@ class Config(BaseConfig):
        if local_arg_flags & CICFlag.CHAIN:
            local_args_override['CIC_REGISTRY_ADDRESS'] = getattr(args, 'registry_address')

+        
        if local_arg_flags & CICFlag.CELERY:
            local_args_override['CELERY_QUEUE'] = getattr(args, 'celery_queue')

@@ -49,15 +56,61 @@ class Config(BaseConfig):

        config.dict_override(local_args_override, 'local cli args')

-        if local_arg_flags & CICFlag.REDIS_CALLBACK:
-            config.add(getattr(args, 'redis_host_callback'), '_REDIS_HOST_CALLBACK')
-            config.add(getattr(args, 'redis_port_callback'), '_REDIS_PORT_CALLBACK')
-
+        local_celery_args_override = {}
        if local_arg_flags & CICFlag.CELERY:
+            hostport = urlhostmerge(
+                    None,
+                    config.get('REDIS_HOST'),
+                    config.get('REDIS_PORT'),
+                    )
+            redis_url = (
+                    'redis',
+                    hostport,
+                    getattr(args, 'redis_db', None),
+                    )
+            celery_config_url = urllib.parse.urlsplit(config.get('CELERY_BROKER_URL'))
+            hostport = urlhostmerge(
+                    celery_config_url[1],
+                    getattr(args, 'celery_host', None),
+                    getattr(args, 'celery_port', None),
+                    )
+            celery_arg_url = (
+                    getattr(args, 'celery_scheme', None),
+                    hostport,
+                    getattr(args, 'celery_db', None),
+                    )
+            celery_url = urlmerge(redis_url, celery_config_url, celery_arg_url)
+            celery_url_string = urllib.parse.urlunsplit(celery_url)
+            local_celery_args_override['CELERY_BROKER_URL'] = celery_url_string
+            if not getattr(args, 'celery_no_result'):
+                local_celery_args_override['CELERY_RESULT_URL'] = config.get('CELERY_RESULT_URL')
+                if local_celery_args_override['CELERY_RESULT_URL'] == None:
+                    local_celery_args_override['CELERY_RESULT_URL'] = local_celery_args_override['CELERY_BROKER_URL']
+                celery_config_url = urllib.parse.urlsplit(local_celery_args_override['CELERY_RESULT_URL'])
+                hostport = urlhostmerge(
+                        celery_config_url[1],
+                        getattr(args, 'celery_result_host', None),
+                        getattr(args, 'celery_result_port', None),
+                        )
+                celery_arg_url = (
+                        getattr(args, 'celery_result_scheme', None),
+                        hostport,
+                        getattr(args, 'celery_result_db', None),
+                        )
+                celery_url = urlmerge(celery_config_url, celery_arg_url)
+                logg.debug('celery url {} {}'.format(celery_config_url, celery_url))
+                celery_url_string = urllib.parse.urlunsplit(celery_url)
+                local_celery_args_override['CELERY_RESULT_URL'] = celery_url_string
            config.add(config.true('CELERY_DEBUG'), 'CELERY_DEBUG', exists_ok=True)

+        config.dict_override(local_celery_args_override, 'local celery cli args')
+
+        if local_arg_flags & CICFlag.REDIS_CALLBACK:
+            redis_host_callback = getattr(args, 'redis_host_callback', config.get('REDIS_HOST'))
+            redis_port_callback = getattr(args, 'redis_port_callback', config.get('REDIS_PORT'))
+            config.add(redis_host_callback, '_REDIS_HOST_CALLBACK')
+            config.add(redis_port_callback, '_REDIS_PORT_CALLBACK')
+
        logg.debug('config loaded:\n{}'.format(config))

        return config
-
-
--- a/apps/cic-eth/cic_eth/cli/rpc.py
+++ b/apps/cic-eth/cic_eth/cli/rpc.py
@@ -35,14 +35,14 @@ class RPC:
    def from_config(config, use_signer=False, default_label='default', signer_label='signer'):
        chain_spec = ChainSpec.from_chain_str(config.get('CHAIN_SPEC'))

-        RPCConnection.register_location(config.get('RPC_HTTP_PROVIDER'), chain_spec, default_label)
+        RPCConnection.register_location(config.get('RPC_PROVIDER'), chain_spec, default_label)
        if use_signer:

            RPCConnection.register_constructor(ConnType.UNIX, EthUnixSignerConnection, signer_label)
            RPCConnection.register_constructor(ConnType.HTTP, EthHTTPSignerConnection, signer_label)
            RPCConnection.register_constructor(ConnType.HTTP_SSL, EthHTTPSignerConnection, signer_label)
            RPCConnection.register_location(config.get('SIGNER_PROVIDER'), chain_spec, signer_label) 
-        rpc = RPC(chain_spec, config.get('RPC_HTTP_PROVIDER'), signer_provider=config.get('SIGNER_PROVIDER'))
+        rpc = RPC(chain_spec, config.get('RPC_PROVIDER'), signer_provider=config.get('SIGNER_PROVIDER'))
        logg.info('set up rpc: {}'.format(rpc))
        return rpc

--- a/apps/cic-eth/cic_eth/data/config/celery.ini
+++ b/apps/cic-eth/cic_eth/data/config/celery.ini
@@ -1,5 +1,5 @@
 [celery]
-broker_url = redis://localhost:6379
+broker_url = 
 result_url = 
 queue = cic-eth
 debug = 0
--- a/apps/cic-eth/cic_eth/data/config/cic.ini
+++ b/apps/cic-eth/cic_eth/data/config/cic.ini
@@ -2,5 +2,5 @@
 registry_address = 
 trust_address =
 default_token_symbol =
-health_modules = cic_eth.check.db,cic_eth.check.redis,cic_eth.check.signer,cic_eth.check.gas
+health_modules = cic_eth.check.db,cic_eth.check.redis,cic_eth.check.signer,cic_eth.check.gas,cic_eth.check.start
 run_dir = /run
--- a/apps/cic-eth/cic_eth/data/config/eth.ini
+++ b/apps/cic-eth/cic_eth/data/config/eth.ini
@@ -1,2 +1,6 @@
 [eth]
-gas_gifter_minimum_balance = 10000000000000000000000
+gas_holder_minimum_units = 180000
+gas_holder_refill_units = 15
+gas_holder_refill_threshold = 3
+gas_gifter_refill_buffer = 3
+min_fee_price = 1
--- a/apps/cic-eth/cic_eth/db/migrations/default/versions/75d4767b3031_lock.py
+++ b/apps/cic-eth/cic_eth/db/migrations/default/versions/75d4767b3031_lock.py
@@ -8,8 +8,8 @@ Create Date: 2021-04-02 18:41:20.864265
 import datetime
 from alembic import op
 import sqlalchemy as sa
-from chainlib.eth.constant import ZERO_ADDRESS
 from cic_eth.db.enum import LockEnum
+from cic_eth.encode import ZERO_ADDRESS_NORMAL


 # revision identifiers, used by Alembic.
@@ -23,14 +23,14 @@ def upgrade():
    op.create_table(
            'lock',
            sa.Column('id', sa.Integer, primary_key=True),
-            sa.Column("address", sa.String(42), nullable=True),
+            sa.Column("address", sa.String, nullable=True),
            sa.Column('blockchain', sa.String),
            sa.Column("flags", sa.BIGINT(), nullable=False, default=0),
            sa.Column("date_created", sa.DateTime, nullable=False, default=datetime.datetime.utcnow),
            sa.Column("otx_id", sa.Integer, sa.ForeignKey('otx.id'), nullable=True),
            )
    op.create_index('idx_chain_address', 'lock', ['blockchain', 'address'], unique=True)
-    op.execute("INSERT INTO lock (address, date_created, blockchain, flags) VALUES('{}', '{}', '::', {})".format(ZERO_ADDRESS, datetime.datetime.utcnow(), LockEnum.INIT | LockEnum.SEND | LockEnum.QUEUE))
+    op.execute("INSERT INTO lock (address, date_created, blockchain, flags) VALUES('{}', '{}', '::', {})".format(ZERO_ADDRESS_NORMAL, datetime.datetime.utcnow(), LockEnum.INIT | LockEnum.SEND | LockEnum.QUEUE))


 def downgrade():
--- a/apps/cic-eth/cic_eth/db/migrations/default/versions/c91cafc3e0c1_add_gas_cache.py
+++ b/apps/cic-eth/cic_eth/db/migrations/default/versions/c91cafc3e0c1_add_gas_cache.py
@@ -0,0 +1,31 @@
+"""Add gas cache
+
+Revision ID: c91cafc3e0c1
+Revises: aee12aeb47ec
+Create Date: 2021-10-28 20:45:34.239865
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'c91cafc3e0c1'
+down_revision = 'aee12aeb47ec'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    op.create_table(
+            'gas_cache',
+            sa.Column('id', sa.Integer, primary_key=True),
+            sa.Column("address", sa.String, nullable=False),
+            sa.Column("tx_hash", sa.String, nullable=True),
+            sa.Column("method", sa.String, nullable=True),
+            sa.Column("value", sa.BIGINT(), nullable=False),
+            )
+
+
+def downgrade():
+    op.drop_table('gas_cache')
--- a/apps/cic-eth/cic_eth/db/models/gas_cache.py
+++ b/apps/cic-eth/cic_eth/db/models/gas_cache.py
@@ -0,0 +1,27 @@
+# standard imports
+import logging
+
+# external imports
+from sqlalchemy import Column, String, NUMERIC
+
+# local imports
+from .base import SessionBase
+
+logg = logging.getLogger(__name__)
+
+
+class GasCache(SessionBase):
+    """Provides gas budget cache for token operations
+    """
+    __tablename__ = 'gas_cache'
+
+    address = Column(String())
+    tx_hash = Column(String())
+    method = Column(String())
+    value = Column(NUMERIC())
+
+    def __init__(self, address, method, value, tx_hash):
+        self.address = address
+        self.tx_hash = tx_hash
+        self.method = method
+        self.value = value
--- a/apps/cic-eth/cic_eth/db/models/lock.py
+++ b/apps/cic-eth/cic_eth/db/models/lock.py
@@ -4,12 +4,12 @@ import logging

 # third-party imports
 from sqlalchemy import Column, String, Integer, DateTime, ForeignKey
-from chainlib.eth.constant import ZERO_ADDRESS
 from chainqueue.db.models.tx import TxCache
 from chainqueue.db.models.otx import Otx

 # local imports
 from cic_eth.db.models.base import SessionBase
+from cic_eth.encode  import ZERO_ADDRESS_NORMAL

 logg = logging.getLogger()

@@ -37,7 +37,7 @@ class Lock(SessionBase):


    @staticmethod
-    def set(chain_str, flags, address=ZERO_ADDRESS, session=None, tx_hash=None):
+    def set(chain_str, flags, address=ZERO_ADDRESS_NORMAL, session=None, tx_hash=None):
        """Sets flags associated with the given address and chain.

        If a flags entry does not exist it is created.
@@ -90,7 +90,7 @@ class Lock(SessionBase):


    @staticmethod
-    def reset(chain_str, flags, address=ZERO_ADDRESS, session=None):
+    def reset(chain_str, flags, address=ZERO_ADDRESS_NORMAL, session=None):
        """Resets flags associated with the given address and chain.

        If the resulting flags entry value is 0, the entry will be deleted.
@@ -134,7 +134,7 @@ class Lock(SessionBase):


    @staticmethod
-    def check(chain_str, flags, address=ZERO_ADDRESS, session=None):
+    def check(chain_str, flags, address=ZERO_ADDRESS_NORMAL, session=None):
        """Checks whether all given flags are set for given address and chain. 

        Does not validate the address against any other tables or components.
--- a/apps/cic-eth/cic_eth/db/models/nonce.py
+++ b/apps/cic-eth/cic_eth/db/models/nonce.py
@@ -12,7 +12,7 @@ from cic_eth.error import (
        IntegrityError,
        )

-logg = logging.getLogger()
+logg = logging.getLogger(__name__)


 class Nonce(SessionBase):
@@ -21,7 +21,7 @@ class Nonce(SessionBase):
    __tablename__ = 'nonce'

    nonce = Column(Integer)
-    address_hex = Column(String(42))
+    address_hex = Column(String(40))


    @staticmethod
--- a/apps/cic-eth/cic_eth/db/models/role.py
+++ b/apps/cic-eth/cic_eth/db/models/role.py
@@ -24,8 +24,22 @@ class AccountRole(SessionBase):
    tag = Column(Text)
    address_hex = Column(String(42))

-    
-    # TODO: 
+
+    @staticmethod
+    def all(session=None):
+        session = SessionBase.bind_session(session)
+
+        pairs = []
+
+        q = session.query(AccountRole.tag, AccountRole.address_hex)
+        for r in q.all():
+            pairs.append((r[1], r[0]),)
+
+        SessionBase.release_session(session)
+        
+        return pairs
+
+
    @staticmethod
    def get_address(tag, session):
        """Get Ethereum address matching the given tag
--- a/apps/cic-eth/cic_eth/encode.py
+++ b/apps/cic-eth/cic_eth/encode.py
@@ -0,0 +1,16 @@
+# external imports
+from chainlib.eth.constant import ZERO_ADDRESS
+from chainqueue.encode import TxHexNormalizer
+from chainlib.eth.tx import unpack
+
+tx_normalize = TxHexNormalizer()
+
+ZERO_ADDRESS_NORMAL = tx_normalize.wallet_address(ZERO_ADDRESS)
+
+
+def unpack_normal(signed_tx_bytes, chain_spec):
+    tx = unpack(signed_tx_bytes, chain_spec)
+    tx['hash'] = tx_normalize.tx_hash(tx['hash'])
+    tx['from'] = tx_normalize.wallet_address(tx['from'])
+    tx['to'] = tx_normalize.wallet_address(tx['to'])
+    return tx
--- a/apps/cic-eth/cic_eth/enum.py
+++ b/apps/cic-eth/cic_eth/enum.py
@@ -69,9 +69,12 @@ class StatusEnum(enum.IntEnum):
 class LockEnum(enum.IntEnum):
    """
    STICKY: When set, reset is not possible
+    INIT: When set, startup is possible without second level sanity checks (e.g. gas gifter balance)
+    START: When set, startup is not possible, regardless of state
    CREATE: Disable creation of accounts
    SEND: Disable sending to network
    QUEUE: Disable queueing new or modified transactions
+    QUERY: Disable all queue state and transaction queries
    """
    STICKY=1
    INIT=2
@@ -79,7 +82,8 @@ class LockEnum(enum.IntEnum):
    SEND=8
    QUEUE=16
    QUERY=32
-    ALL=int(0xfffffffffffffffe)
+    START=int(0x80000000)
+    ALL=int(0x7ffffffe)


 def status_str(v, bits_only=False):
--- a/apps/cic-eth/cic_eth/error.py
+++ b/apps/cic-eth/cic_eth/error.py
@@ -48,8 +48,6 @@ class RoleMissingError(Exception):
    pass


-
-
 class IntegrityError(Exception):
    """Exception raised to signal irregularities with deduplication and ordering of tasks

@@ -66,8 +64,10 @@ class LockedError(Exception):

 class SeppukuError(Exception):
    """Exception base class for all errors that should cause system shutdown
-
    """
+    def __init__(self, message, lockdown=False):
+        self.message = message
+        self.lockdown = lockdown


 class SignerError(SeppukuError):
@@ -85,3 +85,8 @@ class RoleAgencyError(SeppukuError):
 class YouAreBrokeError(Exception):
    """Exception raised when a value transfer is attempted without access to sufficient funds
    """
+
+
+class TrustError(Exception):
+    """Exception raised when required trust proofs are missing for a request
+    """
--- a/apps/cic-eth/cic_eth/eth/account.py
+++ b/apps/cic-eth/cic_eth/eth/account.py
@@ -13,11 +13,8 @@ from chainlib.eth.sign import (
        new_account,
        sign_message,
        )
-from chainlib.eth.address import to_checksum_address
-from chainlib.eth.tx import (
-        TxFormat,
-        unpack,
-        )
+from chainlib.eth.address import to_checksum_address, is_address
+from chainlib.eth.tx import TxFormat
 from chainlib.chain import ChainSpec
 from chainlib.error import JSONRPCException
 from eth_accounts_index.registry import AccountRegistry
@@ -34,6 +31,7 @@ from cic_eth.eth.gas import (
 from cic_eth.db.models.nonce import Nonce
 from cic_eth.db.models.base import SessionBase
 from cic_eth.db.models.role import AccountRole
+from cic_eth.encode import tx_normalize
 from cic_eth.error import (
        RoleMissingError,
        SignerError,
@@ -49,6 +47,11 @@ from cic_eth.eth.nonce import (
 from cic_eth.queue.tx import (
        register_tx,
        )
+from cic_eth.encode import (
+        unpack_normal,
+        ZERO_ADDRESS_NORMAL,
+        tx_normalize,
+        )

 logg = logging.getLogger()
 celery_app = celery.current_app 
@@ -83,7 +86,7 @@ def create(self, password, chain_spec_dict):
    # TODO: It seems infeasible that a can be None in any case, verify
    if a == None:
        raise SignerError('create account')
-        
+    a = tx_normalize.wallet_address(a)
    logg.debug('created account {}'.format(a))

    # Initialize nonce provider record for account
@@ -133,7 +136,7 @@ def register(self, account_address, chain_spec_dict, writer_address=None):
    # Generate and sign transaction
    rpc_signer = RPCConnection.connect(chain_spec, 'signer')
    nonce_oracle = CustodialTaskNonceOracle(writer_address, self.request.root_id, session=session) #, default_nonce)
-    gas_oracle = self.create_gas_oracle(rpc, AccountRegistry.gas)
+    gas_oracle = self.create_gas_oracle(rpc, code_callback=AccountRegistry.gas)
    account_registry = AccountsIndex(chain_spec, signer=rpc_signer, nonce_oracle=nonce_oracle, gas_oracle=gas_oracle)
    (tx_hash_hex, tx_signed_raw_hex) = account_registry.add(account_registry_address, writer_address, account_address, tx_format=TxFormat.RLP_SIGNED)
    rpc_signer.disconnect()
@@ -174,6 +177,9 @@ def gift(self, account_address, chain_spec_dict):
    """
    chain_spec = ChainSpec.from_dict(chain_spec_dict)

+    if is_address(account_address):
+        account_address = tx_normalize.wallet_address(account_address)
+
    logg.debug('gift account address {} to index'.format(account_address))
    queue = self.request.delivery_info.get('routing_key')

@@ -186,7 +192,7 @@ def gift(self, account_address, chain_spec_dict):
    # Generate and sign transaction
    rpc_signer = RPCConnection.connect(chain_spec, 'signer')
    nonce_oracle = CustodialTaskNonceOracle(account_address, self.request.root_id, session=session) #, default_nonce)
-    gas_oracle = self.create_gas_oracle(rpc, MinterFaucet.gas)
+    gas_oracle = self.create_gas_oracle(rpc, code_callback=MinterFaucet.gas)
    faucet = Faucet(chain_spec, signer=rpc_signer, nonce_oracle=nonce_oracle, gas_oracle=gas_oracle)
    (tx_hash_hex, tx_signed_raw_hex) = faucet.give_to(faucet_address, account_address, account_address, tx_format=TxFormat.RLP_SIGNED)
    rpc_signer.disconnect()
@@ -247,8 +253,9 @@ def have(self, account, chain_spec_dict):

@celery_app.task(bind=True, base=CriticalSQLAlchemyTask)
 def set_role(self, tag, address, chain_spec_dict):
-    if not to_checksum_address(address):
-        raise ValueError('invalid checksum address {}'.format(address))
+    if not is_address(address):
+        raise ValueError('invalid address {}'.format(address))
+    address = tx_normalize.wallet_address(address)
    session = SessionBase.create_session()
    role = AccountRole.set(tag, address, session=session) 
    session.add(role)
@@ -259,19 +266,46 @@ def set_role(self, tag, address, chain_spec_dict):

@celery_app.task(bind=True, base=BaseTask)
 def role(self, address, chain_spec_dict):
-    """Return account role for address
+    """Return account role for address and/or role

    :param account: Account to check
    :type account: str, 0x-hex
-    :param chain_str: Chain spec string representation
-    :type chain_str: str
+    :param chain_spec_dict: Chain spec dict representation
+    :type chain_spec_dict: dict
    :returns: Account, or None if not exists
    :rtype: Varies
    """
    session = self.create_session()
    role_tag =  AccountRole.role_for(address, session=session)
    session.close()
-    return role_tag
+    return [(address, role_tag,)]
+
+
+@celery_app.task(bind=True, base=BaseTask)
+def role_account(self, role_tag, chain_spec_dict):
+    """Return address for role.
+
+    If the role parameter is None, will return addresses for all roles.
+
+    :param role_tag: Role to match
+    :type role_tag: str
+    :param chain_spec_dict: Chain spec dict representation
+    :type chain_spec_dict: dict
+    :returns: List with a single account/tag pair for a single tag, or a list of account and tag pairs for all tags
+    :rtype: list
+    """
+    session = self.create_session()
+
+    pairs = None
+    if role_tag != None:
+        addr = AccountRole.get_address(role_tag, session=session)
+        pairs = [(addr, role_tag,)]
+    else:
+        pairs = AccountRole.all(session=session)
+
+    session.close()
+
+    return pairs


@celery_app.task(bind=True, base=CriticalSQLAlchemyTask)
@@ -295,17 +329,19 @@ def cache_gift_data(
    chain_spec = ChainSpec.from_dict(chain_spec_dict)

    tx_signed_raw_bytes = bytes.fromhex(strip_0x(tx_signed_raw_hex))
-    tx = unpack(tx_signed_raw_bytes, chain_spec)
+    tx = unpack_normal(tx_signed_raw_bytes, chain_spec)
    tx_data = Faucet.parse_give_to_request(tx['data'])
+    sender_address = tx_normalize.wallet_address(tx['from'])
+    recipient_address = tx_normalize.wallet_address(tx['to'])

    session = self.create_session()

    tx_dict = {
-            'hash': tx_hash_hex,
-            'from': tx['from'],
-            'to': tx['to'],
-            'source_token': ZERO_ADDRESS,
-            'destination_token': ZERO_ADDRESS,
+            'hash': tx['hash'],
+            'from': sender_address,
+            'to': recipient_address,
+            'source_token': ZERO_ADDRESS_NORMAL,
+            'destination_token': ZERO_ADDRESS_NORMAL,
            'from_value': 0,
            'to_value': 0,
            }
@@ -334,17 +370,19 @@ def cache_account_data(
    :rtype: tuple
    """
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
-    tx_signed_raw_bytes = bytes.fromhex(tx_signed_raw_hex[2:])
-    tx = unpack(tx_signed_raw_bytes, chain_spec)
+    tx_signed_raw_bytes = bytes.fromhex(strip_0x(tx_signed_raw_hex))
+    tx = unpack_normal(tx_signed_raw_bytes, chain_spec)
    tx_data = AccountsIndex.parse_add_request(tx['data'])
+    sender_address = tx_normalize.wallet_address(tx['from'])
+    recipient_address = tx_normalize.wallet_address(tx['to'])

    session = SessionBase.create_session()
    tx_dict = {
-            'hash': tx_hash_hex,
-            'from': tx['from'],
-            'to': tx['to'],
-            'source_token': ZERO_ADDRESS,
-            'destination_token': ZERO_ADDRESS,
+            'hash': tx['hash'],
+            'from': sender_address,
+            'to': recipient_address,
+            'source_token': ZERO_ADDRESS_NORMAL,
+            'destination_token': ZERO_ADDRESS_NORMAL,
            'from_value': 0,
            'to_value': 0,
            }
--- a/apps/cic-eth/cic_eth/eth/erc20.py
+++ b/apps/cic-eth/cic_eth/eth/erc20.py
@@ -10,12 +10,19 @@ from chainlib.eth.tx import (
        TxFormat,
        unpack,
        )
+from chainlib.eth.contract import (
+        ABIContractEncoder,
+        )
 from cic_eth_registry import CICRegistry
 from cic_eth_registry.erc20 import ERC20Token
-from hexathon import strip_0x
+from hexathon import (
+        strip_0x,
+        add_0x,
+        )
 from chainqueue.error import NotLocalTxError
 from eth_erc20 import ERC20
 from chainqueue.sql.tx import cache_tx_dict
+from okota.token_index import to_identifier

 # local imports
 from cic_eth.db.models.base import SessionBase
@@ -27,17 +34,18 @@ from cic_eth.error import (
        YouAreBrokeError,
        )
 from cic_eth.queue.tx import register_tx
-from cic_eth.eth.gas import (
-        create_check_gas_task,
-        MaxGasOracle,
-        )
+from cic_eth.eth.gas import create_check_gas_task
+from cic_eth.eth.util import CacheGasOracle
 from cic_eth.ext.address import translate_address
 from cic_eth.task import (
        CriticalSQLAlchemyTask,
        CriticalWeb3Task,
        CriticalSQLAlchemyAndSignerTask,
+        BaseTask,
    )
 from cic_eth.eth.nonce import CustodialTaskNonceOracle
+from cic_eth.encode import tx_normalize
+from cic_eth.eth.trust import verify_proofs

 celery_app = celery.current_app
 logg = logging.getLogger()
@@ -62,7 +70,8 @@ def balance(tokens, holder_address, chain_spec_dict):

    for t in tokens:
        address = t['address']
-        token = ERC20Token(chain_spec, rpc, address)
+        logg.debug('address {} {}'.format(address, holder_address))
+        token = ERC20Token(chain_spec, rpc, add_0x(address))
        c = ERC20(chain_spec)
        o = c.balance_of(address, holder_address, sender_address=caller_address)
        r = rpc.do(o)
@@ -146,8 +155,12 @@ def transfer_from(self, tokens, holder_address, receiver_address, value, chain_s
    rpc_signer = RPCConnection.connect(chain_spec, 'signer')

    session = self.create_session()
+
    nonce_oracle = CustodialTaskNonceOracle(holder_address, self.request.root_id, session=session)
-    gas_oracle = self.create_gas_oracle(rpc, MaxGasOracle.gas)
+    enc = ABIContractEncoder()
+    enc.method('transferFrom')
+    method = enc.get()
+    gas_oracle = self.create_gas_oracle(rpc, t['address'], method=method, session=session, min_price=self.min_fee_price)
    c = ERC20(chain_spec, signer=rpc_signer, gas_oracle=gas_oracle, nonce_oracle=nonce_oracle)
    try:
        (tx_hash_hex, tx_signed_raw_hex) = c.transfer_from(t['address'], spender_address, holder_address, receiver_address, value, tx_format=TxFormat.RLP_SIGNED)
@@ -217,8 +230,12 @@ def transfer(self, tokens, holder_address, receiver_address, value, chain_spec_d
    rpc_signer = RPCConnection.connect(chain_spec, 'signer')

    session = self.create_session()
+
+    enc = ABIContractEncoder()
+    enc.method('transfer')
+    method = enc.get()
+    gas_oracle = self.create_gas_oracle(rpc, t['address'], method=method, session=session, min_price=self.min_fee_price)
    nonce_oracle = CustodialTaskNonceOracle(holder_address, self.request.root_id, session=session)
-    gas_oracle = self.create_gas_oracle(rpc, MaxGasOracle.gas)
    c = ERC20(chain_spec, signer=rpc_signer, gas_oracle=gas_oracle, nonce_oracle=nonce_oracle)
    try:
        (tx_hash_hex, tx_signed_raw_hex) = c.transfer(t['address'], holder_address, receiver_address, value, tx_format=TxFormat.RLP_SIGNED)
@@ -286,8 +303,12 @@ def approve(self, tokens, holder_address, spender_address, value, chain_spec_dic
    rpc_signer = RPCConnection.connect(chain_spec, 'signer')

    session = self.create_session()
+
    nonce_oracle = CustodialTaskNonceOracle(holder_address, self.request.root_id, session=session)
-    gas_oracle = self.create_gas_oracle(rpc, MaxGasOracle.gas)
+    enc = ABIContractEncoder()
+    enc.method('approve')
+    method = enc.get()
+    gas_oracle = self.create_gas_oracle(rpc, t['address'], method=method, session=session)
    c = ERC20(chain_spec, signer=rpc_signer, gas_oracle=gas_oracle, nonce_oracle=nonce_oracle)
    try:
        (tx_hash_hex, tx_signed_raw_hex) = c.approve(t['address'], holder_address, spender_address, value, tx_format=TxFormat.RLP_SIGNED)
@@ -371,13 +392,15 @@ def cache_transfer_data(
    tx = unpack(tx_signed_raw_bytes, chain_spec)

    tx_data = ERC20.parse_transfer_request(tx['data'])
-    recipient_address = tx_data[0]
+    sender_address = tx_normalize.wallet_address(tx['from'])
+    recipient_address = tx_normalize.wallet_address(tx_data[0])
    token_value = tx_data[1]

+
    session = SessionBase.create_session()
    tx_dict = {
            'hash': tx_hash_hex,
-            'from': tx['from'],
+            'from': sender_address,
            'to': recipient_address,
            'source_token': tx['to'],
            'destination_token': tx['to'],
@@ -448,13 +471,14 @@ def cache_approve_data(
    tx = unpack(tx_signed_raw_bytes, chain_spec)

    tx_data = ERC20.parse_approve_request(tx['data'])
-    recipient_address = tx_data[0]
+    sender_address = tx_normalize.wallet_address(tx['from'])
+    recipient_address = tx_normalize.wallet_address(tx_data[0])
    token_value = tx_data[1]

    session = SessionBase.create_session()
    tx_dict = {
            'hash': tx_hash_hex,
-            'from': tx['from'],
+            'from': sender_address,
            'to': recipient_address,
            'source_token': tx['to'],
            'destination_token': tx['to'],
@@ -465,3 +489,69 @@ def cache_approve_data(
    session.close()
    return (tx_hash_hex, cache_id)

+
+@celery_app.task(bind=True, base=BaseTask)
+def token_info(self, tokens, chain_spec_dict, proofs=[]):
+    chain_spec = ChainSpec.from_dict(chain_spec_dict)
+    rpc = RPCConnection.connect(chain_spec, 'default')
+
+    i = 0
+
+    for token in tokens:
+        result_data = []
+        token_chain_object = ERC20Token(chain_spec, rpc, add_0x(token['address']))
+        token_chain_object.load(rpc)
+
+        token_symbol_proof_hex = to_identifier(token_chain_object.symbol)
+        token_proofs = [token_symbol_proof_hex]
+        if len(proofs) > 0:
+            token_proofs += proofs[i]
+
+        tokens[i] = {
+            'decimals': token_chain_object.decimals,
+            'name': token_chain_object.name,
+            'symbol': token_chain_object.symbol,
+            'address': tx_normalize.executable_address(token_chain_object.address),
+            'proofs': token_proofs,
+            'converters': tokens[i]['converters'],
+                }   
+        i += 1
+
+    return tokens
+
+
+@celery_app.task(bind=True, base=BaseTask)
+def verify_token_info(self, tokens, chain_spec_dict, success_callback, error_callback):
+    queue = self.request.delivery_info.get('routing_key')
+
+    for token in tokens:
+        s = celery.signature(
+                'cic_eth.eth.trust.verify_proofs',
+                [
+                    token,
+                    token['address'],
+                    token['proofs'],
+                    chain_spec_dict,
+                    success_callback,
+                    error_callback,
+                    ],
+                queue=queue,
+                )
+
+        if success_callback != None:
+            s.link(success_callback)
+        if error_callback != None:
+            s.on_error(error_callback)
+        s.apply_async()
+
+    return tokens
+
+
+@celery_app.task(bind=True, base=BaseTask)
+def default_token(self):
+    return {
+        'symbol': self.default_token_symbol,
+        'address': self.default_token_address,
+        'name': self.default_token_name,
+        'decimals': self.default_token_decimals,
+        }
--- a/apps/cic-eth/cic_eth/eth/gas.py
+++ b/apps/cic-eth/cic_eth/eth/gas.py
@@ -3,10 +3,17 @@ import logging

 # external imports
 import celery
-from hexathon import strip_0x
-from chainlib.eth.constant import ZERO_ADDRESS
+from hexathon import (
+        strip_0x,
+        add_0x,
+        )
+#from chainlib.eth.constant import ZERO_ADDRESS
 from chainlib.chain import ChainSpec
-from chainlib.eth.address import is_checksum_address
+from chainlib.eth.address import (
+        is_checksum_address,
+        to_checksum_address,
+        is_address
+        )
 from chainlib.connection import RPCConnection
 from chainqueue.db.enum import StatusBits
 from chainqueue.sql.tx import cache_tx_dict
@@ -21,7 +28,6 @@ from chainlib.eth.error import (
 from chainlib.eth.tx import (
        TxFactory,
        TxFormat,
-        unpack,
        )
 from chainlib.eth.contract import (
        abi_decode_single,
@@ -35,6 +41,7 @@ from chainqueue.db.models.tx import TxCache
 from chainqueue.db.models.otx import Otx

 # local imports
+from cic_eth.db.models.gas_cache import GasCache
 from cic_eth.db.models.role import AccountRole
 from cic_eth.db.models.base import SessionBase
 from cic_eth.error import (
@@ -45,6 +52,7 @@ from cic_eth.eth.nonce import CustodialTaskNonceOracle
 from cic_eth.queue.tx import (
        queue_create,
        register_tx,
+        unpack,
        )
 from cic_eth.queue.query import get_tx
 from cic_eth.task import (
@@ -53,17 +61,61 @@ from cic_eth.task import (
        CriticalSQLAlchemyAndSignerTask,
        CriticalWeb3AndSignerTask,
        )
+from cic_eth.encode import (
+        tx_normalize,
+        ZERO_ADDRESS_NORMAL,
+        unpack_normal,
+        )
+from cic_eth.error import SeppukuError
+from cic_eth.eth.util import MAXIMUM_FEE_UNITS

 celery_app = celery.current_app
 logg = logging.getLogger()


-MAXIMUM_FEE_UNITS = 8000000

-class MaxGasOracle:
+@celery_app.task(base=CriticalSQLAlchemyTask)
+def apply_gas_value_cache(address, method, value, tx_hash):
+    return apply_gas_value_cache_local(address, method, value, tx_hash)

-    def gas(code=None):
-        return MAXIMUM_FEE_UNITS
+
+def apply_gas_value_cache_local(address, method, value, tx_hash, session=None):
+    address = tx_normalize.executable_address(address)
+    tx_hash = tx_normalize.tx_hash(tx_hash)
+    value = int(value)
+
+    session = SessionBase.bind_session(session)
+    q = session.query(GasCache)
+    q = q.filter(GasCache.address==address)
+    q = q.filter(GasCache.method==method)
+    o = q.first()
+
+    if o == None:
+        o = GasCache(address, method, value, tx_hash)
+    elif tx.gas_used > o.value:
+        o.value = value
+        o.tx_hash = strip_0x(tx_hash)
+
+    session.add(o)
+    session.commit()
+
+    SessionBase.release_session(session)
+
+
+def have_gas_minimum(chain_spec, address, min_gas, session=None, rpc=None):
+    if rpc == None:
+        rpc = RPCConnection.connect(chain_spec, 'default')
+    o = balance(add_0x(address))
+    r = rpc.do(o)
+    try: 
+        r = int(r)
+    except ValueError:
+        r = strip_0x(r)
+        r = int(r, 16)
+    logg.debug('have gas minimum {} have gas {} minimum is {}'.format(address, r, min_gas))
+    if r < min_gas:
+        return False
+    return True


 def create_check_gas_task(tx_signed_raws_hex, chain_spec, holder_address, gas=None, tx_hashes_hex=None, queue=None):
@@ -130,16 +182,16 @@ def cache_gas_data(
    """
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    tx_signed_raw_bytes = bytes.fromhex(strip_0x(tx_signed_raw_hex))
-    tx = unpack(tx_signed_raw_bytes, chain_spec)
+    tx = unpack_normal(tx_signed_raw_bytes, chain_spec)

    session = SessionBase.create_session()

    tx_dict = {
-            'hash': tx_hash_hex,
+            'hash': tx['hash'],
            'from': tx['from'],
            'to': tx['to'],
-            'source_token': ZERO_ADDRESS,
-            'destination_token': ZERO_ADDRESS,
+            'source_token': ZERO_ADDRESS_NORMAL,
+            'destination_token': ZERO_ADDRESS_NORMAL,
            'from_value': tx['value'],
            'to_value': tx['value'],
            }
@@ -150,7 +202,7 @@ def cache_gas_data(


@celery_app.task(bind=True, throws=(OutOfGasError), base=CriticalSQLAlchemyAndWeb3Task)
-def check_gas(self, tx_hashes, chain_spec_dict, txs=[], address=None, gas_required=MAXIMUM_FEE_UNITS):
+def check_gas(self, tx_hashes_hex, chain_spec_dict, txs_hex=[], address=None, gas_required=MAXIMUM_FEE_UNITS):
    """Check the gas level of the sender address of a transaction.

    If the account balance is not sufficient for the required gas, gas refill is requested and OutOfGasError raiser.
@@ -170,8 +222,23 @@ def check_gas(self, tx_hashes, chain_spec_dict, txs=[], address=None, gas_requir
    :return: Signed raw transaction data list
    :rtype: param txs, unchanged
    """
+    rpc_format_address = None
+    if address != None:
+        if not is_address(address):
+            raise ValueError('invalid address {}'.format(address))
+        address = tx_normalize.wallet_address(address)
+        address = add_0x(address)
+
+    tx_hashes = []
+    txs = []
+    for tx_hash in tx_hashes_hex:
+        tx_hash = tx_normalize.tx_hash(tx_hash)
+        tx_hashes.append(tx_hash)
+    for tx in txs_hex:
+        tx = tx_normalize.tx_wire(tx)
+        txs.append(tx)
+
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
-    logg.debug('txs {} tx_hashes {}'.format(txs, tx_hashes))

    addresspass = None
    if len(txs) == 0:
@@ -187,8 +254,7 @@ def check_gas(self, tx_hashes, chain_spec_dict, txs=[], address=None, gas_requir
                raise ValueError('txs passed to check gas must all have same sender; had {} got {}'.format(address, tx['from']))
            addresspass.append(address)

-    if not is_checksum_address(address):
-        raise ValueError('invalid address {}'.format(address))
+    rpc_format_address = add_0x(to_checksum_address(address))

    queue = self.request.delivery_info.get('routing_key')

@@ -196,7 +262,7 @@ def check_gas(self, tx_hashes, chain_spec_dict, txs=[], address=None, gas_requir

    gas_balance = 0
    try:
-        o = balance(address)
+        o = balance(rpc_format_address)
        r = conn.do(o)
        conn.disconnect()
        gas_balance = abi_decode_single(ABIContractType.UINT256, r)
@@ -304,6 +370,7 @@ def refill_gas(self, recipient_address, chain_spec_dict):
    # Determine value of gas tokens to send
    # if an uncompleted gas refill for the same recipient already exists, we still need to spend the nonce
    # however, we will perform a 0-value transaction instead
+    recipient_address = tx_normalize.wallet_address(recipient_address)
    zero_amount = False
    session = SessionBase.create_session()
    status_filter = StatusBits.FINAL | StatusBits.NODE_ERROR | StatusBits.NETWORK_ERROR | StatusBits.UNKNOWN_ERROR
@@ -319,6 +386,7 @@ def refill_gas(self, recipient_address, chain_spec_dict):
    session.flush()

    # finally determine the value to send
+    # TODO: must be dynamic; more gas if price went up. 
    refill_amount = 0
    if not zero_amount:
        refill_amount = self.safe_gas_refill_amount
@@ -330,6 +398,13 @@ def refill_gas(self, recipient_address, chain_spec_dict):
    # set up evm RPC connection
    rpc = RPCConnection.connect(chain_spec, 'default')

+    # check the gas balance of the gifter
+    if not have_gas_minimum(chain_spec, gas_provider, self.safe_gas_refill_amount):
+        raise SeppukuError('Noooooooooooo; gas gifter {} is broke!'.format(gas_provider))
+
+    if not have_gas_minimum(chain_spec, gas_provider, self.safe_gas_gifter_balance):
+        logg.error('Gas gifter {} gas balance is below the safe level to operate!'.format(gas_provider))
+    
    # set up transaction builder
    nonce_oracle = CustodialTaskNonceOracle(gas_provider, self.request.root_id, session=session)
    gas_oracle = self.create_gas_oracle(rpc)
@@ -378,6 +453,7 @@ def resend_with_higher_gas(self, txold_hash_hex, chain_spec_dict, gas=None, defa
    :returns: Transaction hash
    :rtype: str, 0x-hex
    """
+    txold_hash_hex = tx_normalize.tx_hash(txold_hash_hex)
    session = SessionBase.create_session()

    otx = Otx.load(txold_hash_hex, session)
--- a/apps/cic-eth/cic_eth/eth/meta.py
+++ b/apps/cic-eth/cic_eth/eth/meta.py
@@ -2,8 +2,9 @@
 from chainlib.eth.constant import ZERO_ADDRESS
 from chainlib.status import Status as TxStatus
 from cic_eth_registry.erc20 import ERC20Token
+from hexathon import add_0x

-# local imports
+# local impor:ts
 from cic_eth.ext.address import translate_address


@@ -44,8 +45,8 @@ class ExtendedTx:
            destination = source
        if destination_value == None:
            destination_value = source_value
-        st = ERC20Token(self.chain_spec, self.rpc, source)
-        dt = ERC20Token(self.chain_spec, self.rpc, destination)
+        st = ERC20Token(self.chain_spec, self.rpc, add_0x(source))
+        dt = ERC20Token(self.chain_spec, self.rpc, add_0x(destination))
        self.source_token = source
        self.source_token_symbol = st.symbol
        self.source_token_name = st.name
--- a/apps/cic-eth/cic_eth/eth/nonce.py
+++ b/apps/cic-eth/cic_eth/eth/nonce.py
@@ -3,11 +3,12 @@ import logging

 # external imports
 import celery
-from chainlib.eth.address import is_checksum_address
+from chainlib.eth.address import is_checksum_address, is_address, strip_0x

 # local imports
 from cic_eth.db.models.role import AccountRole
 from cic_eth.db.models.base import SessionBase
+from cic_eth.encode import tx_normalize
 from cic_eth.task import CriticalSQLAlchemyTask
 from cic_eth.db.models.nonce import (
        Nonce,
@@ -42,7 +43,8 @@ class CustodialTaskNonceOracle():
        :returns: Nonce
        :rtype: number
        """
-        r = NonceReservation.release(self.address, self.uuid, session=self.session)
+        address = tx_normalize.wallet_address(self.address)
+        r = NonceReservation.release(address, self.uuid, session=self.session)
        return r[1]


@@ -58,17 +60,18 @@ def reserve_nonce(self, chained_input, chain_spec_dict, signer_address=None):
        address = chained_input
        logg.debug('non-explicit address for reserve nonce, using arg head {}'.format(chained_input))
    else:
-        if is_checksum_address(signer_address):
+        if is_address(signer_address):
            address = signer_address
            logg.debug('explicit address for reserve nonce {}'.format(signer_address))
        else:
            address = AccountRole.get_address(signer_address, session=session)
            logg.debug('role for reserve nonce {} -> {}'.format(signer_address, address))

-    if not is_checksum_address(address):
+    if not is_address(address):
        raise ValueError('invalid result when resolving address for nonce {}'.format(address))

    root_id = self.request.root_id
+    address = tx_normalize.wallet_address(address)
    r = NonceReservation.next(address, root_id, session=session)
    logg.debug('nonce {} reserved for address {} task {}'.format(r[1], address, r[0]))

--- a/apps/cic-eth/cic_eth/eth/trust.py
+++ b/apps/cic-eth/cic_eth/eth/trust.py
@@ -0,0 +1,77 @@
+# standard imports
+import logging
+
+# external imports
+import celery
+from eth_address_declarator import Declarator
+from chainlib.connection import RPCConnection
+from chainlib.chain import ChainSpec
+from cic_eth.db.models.role import AccountRole
+from cic_eth_registry import CICRegistry
+from hexathon import strip_0x
+
+# local imports
+from cic_eth.task import BaseTask
+from cic_eth.error import TrustError
+
+celery_app = celery.current_app
+logg = logging.getLogger()
+
+
+@celery_app.task(bind=True, base=BaseTask)
+def verify_proof(self, chained_input, proof, subject, chain_spec_dict, success_callback, error_callback):
+    proof = strip_0x(proof)
+
+    proofs = []
+ 
+    logg.debug('proof count {}'.format(len(proofs)))
+    if len(proofs) == 0:
+        logg.debug('error {}'.format(len(proofs)))
+        raise TrustError('foo')
+
+    return (chained_input, (proof, proofs))
+
+
+@celery_app.task(bind=True, base=BaseTask)
+def verify_proofs(self, chained_input, subject, proofs, chain_spec_dict, success_callback, error_callback):
+    queue = self.request.delivery_info.get('routing_key')
+
+    chain_spec = ChainSpec.from_dict(chain_spec_dict)
+    rpc = RPCConnection.connect(chain_spec, 'default')
+
+    session = self.create_session()
+    sender_address = AccountRole.get_address('DEFAULT', session)
+
+    registry = CICRegistry(chain_spec, rpc)
+    declarator_address = registry.by_name('AddressDeclarator', sender_address=sender_address)
+
+    declarator = Declarator(chain_spec)
+
+    have_proofs = {}
+
+    for proof in proofs:
+
+        proof = strip_0x(proof)
+
+        have_proofs[proof] = []
+
+        for trusted_address in self.trusted_addresses:
+            o = declarator.declaration(declarator_address, trusted_address, subject, sender_address=sender_address)
+            r = rpc.do(o)
+            declarations = declarator.parse_declaration(r)
+            logg.debug('comparing proof {} with declarations for {} by {}: {}'.format(proof, subject, trusted_address, declarations))
+
+            for declaration in declarations:
+                declaration = strip_0x(declaration)
+                if declaration == proof:
+                    logg.debug('have token proof {} match for trusted address {}'.format(declaration, trusted_address))
+                    have_proofs[proof].append(trusted_address)
+
+    out_proofs = {}
+    for proof in have_proofs.keys():
+        if len(have_proofs[proof]) == 0:
+            logg.error('missing signer for proof {} subject {}'.format(proof, subject))
+            raise TrustError((subject, proof,))
+        out_proofs[proof] = have_proofs[proof]
+       
+    return (chained_input, out_proofs)
--- a/apps/cic-eth/cic_eth/eth/util.py
+++ b/apps/cic-eth/cic_eth/eth/util.py
@@ -0,0 +1,54 @@
+# standard imports
+import logging
+
+# external imports
+from chainlib.eth.gas import RPCGasOracle
+from hexathon import strip_0x
+
+# local imports
+from cic_eth.db.models.gas_cache import GasCache
+from cic_eth.encode import tx_normalize
+from cic_eth.db.models.base import SessionBase
+
+MAXIMUM_FEE_UNITS = 8000000
+
+logg = logging.getLogger(__name__)
+
+
+class MaxGasOracle(RPCGasOracle):
+
+    def get_fee_units(self, code=None):
+        return MAXIMUM_FEE_UNITS
+
+
+class CacheGasOracle(MaxGasOracle):
+    """Returns a previously recorded value for fee unit expenditure for a contract call, if it exists. Otherwise returns max units.
+
+    :todo: instead of max units, connect a pluggable gas heuristics engine.
+    """
+
+    def __init__(self, conn, address, method=None, session=None, min_price=None, id_generator=None):
+        super(CacheGasOracle, self).__init__(conn, code_callback=self.get_fee_units, min_price=min_price, id_generator=id_generator)
+        self.value = None
+        self.address = address
+        self.method = method
+
+        address = tx_normalize.executable_address(address)
+        session = SessionBase.bind_session(session)
+        q = session.query(GasCache)
+        q = q.filter(GasCache.address==address)
+        if method != None:
+            method = strip_0x(method)
+            q = q.filter(GasCache.method==method)
+        o = q.first()
+        if o != None:
+            self.value = int(o.value)
+
+        SessionBase.release_session(session)
+
+
+    def get_fee_units(self, code=None):
+        if self.value != None:
+            logg.debug('found stored gas unit value {} for address {} method {}'.format(self.value, self.address, self.method))
+            return self.value
+        return super(CacheGasOracle, self).get_fee_units(code=code)
--- a/apps/cic-eth/cic_eth/ext/tx.py
+++ b/apps/cic-eth/cic_eth/ext/tx.py
@@ -32,6 +32,7 @@ from potaahto.symbols import snake_and_camel
 from cic_eth.queue.time import tx_times
 from cic_eth.task import BaseTask
 from cic_eth.db.models.base import SessionBase
+from cic_eth.encode import tx_normalize

 celery_app = celery.current_app
 logg = logging.getLogger()
@@ -134,7 +135,7 @@ def list_tx_by_bloom(self, bloomspec, address, chain_spec_dict):
                    tx_address = transfer_data[0]
                    tx_token_value = transfer_data[1]
                    
-                    if address == tx_address:
+                    if tx_normalize.wallet_address(address) == tx_normalize.wallet_address(tx_address):
                        status = StatusEnum.SENT
                        try:
                            o = receipt(tx['hash'])
@@ -152,8 +153,8 @@ def list_tx_by_bloom(self, bloomspec, address, chain_spec_dict):
                        times = tx_times(tx['hash'], chain_spec)
                        tx_r = {
                            'hash': tx['hash'],
-                            'sender': tx['from'],
-                            'recipient': tx_address,
+                            'sender': tx_normalize.wallet_address(tx['from']),
+                            'recipient': tx_normalize.wallet_address(tx_address),
                            'source_value': tx_token_value,
                            'destination_value': tx_token_value,
                            'source_token': tx['to'],
@@ -164,10 +165,10 @@ def list_tx_by_bloom(self, bloomspec, address, chain_spec_dict):
                            tx_r['date_created'] = times['queue']
                        else:
                            tx_r['date_created'] = times['network']
-                        txs[tx['hash']] = tx_r
+                        txs[strip_0x(tx['hash'])] = tx_r
                        break
-    return txs

+    return txs


 # TODO: Surely it must be possible to optimize this
@@ -230,6 +231,8 @@ def tx_collate(self, tx_batches, chain_spec_dict, offset, limit, newest_first=Tr
            except UnknownContractError:
                logg.error('verify failed on tx {}, skipping'.format(tx['hash']))
                continue
+        tx['recipient'] = tx_normalize.wallet_address(tx['recipient'])
+        tx['sender'] = tx_normalize.wallet_address(tx['sender'])
        txs.append(tx)

    return txs
--- a/apps/cic-eth/cic_eth/pytest/fixtures_celery.py
+++ b/apps/cic-eth/cic_eth/pytest/fixtures_celery.py
@@ -4,18 +4,21 @@ import tempfile
 import logging
 import shutil

-# local impors
+# local imports
 from cic_eth.task import BaseTask

 #logg = logging.getLogger(__name__)
 logg = logging.getLogger()

-
@pytest.fixture(scope='function')
 def init_celery_tasks(
    contract_roles, 
        ):
    BaseTask.call_address = contract_roles['DEFAULT']
+    BaseTask.trusted_addresses = [
+            contract_roles['TRUSTED_DECLARATOR'],
+            contract_roles['CONTRACT_DEPLOYER'],
+            ]


 # celery fixtures
@@ -38,6 +41,7 @@ def celery_includes():
        'cic_eth.callbacks.noop',
        'cic_eth.callbacks.http',
        'cic_eth.pytest.mock.filter',
+        'cic_eth.pytest.mock.callback',
    ]


--- a/apps/cic-eth/cic_eth/pytest/fixtures_config.py
+++ b/apps/cic-eth/cic_eth/pytest/fixtures_config.py
@@ -8,15 +8,14 @@ import confini

 script_dir = os.path.dirname(os.path.realpath(__file__))
 root_dir = os.path.dirname(os.path.dirname(script_dir))
+config_dir = os.path.join(root_dir, 'cic_eth', 'data', 'config')
 logg = logging.getLogger(__name__)


@pytest.fixture(scope='session')
 def load_config():
-    config_dir = os.environ.get('CONFINI_DIR')
-    if config_dir == None:
-        config_dir = os.path.join(root_dir, 'config/test')
-    conf = confini.Config(config_dir, 'CICTEST')
+    override_config_dir = os.path.join(root_dir, 'config', 'test')
+    conf = confini.Config(config_dir, 'CICTEST', override_dirs=[override_config_dir])
    conf.process()
    logg.debug('config {}'.format(conf))
    return conf
--- a/apps/cic-eth/cic_eth/pytest/mock/init.py
+++ b/apps/cic-eth/cic_eth/pytest/mock/init.py
@@ -1 +1,2 @@
 from .filter import *
+from .callback import *
--- a/apps/cic-eth/cic_eth/pytest/mock/callback.py
+++ b/apps/cic-eth/cic_eth/pytest/mock/callback.py
@@ -0,0 +1,38 @@
+# standard imports
+import os
+import logging
+import mmap
+
+# standard imports
+import tempfile
+
+# external imports
+import celery
+
+#logg = logging.getLogger(__name__)
+logg = logging.getLogger()
+
+celery_app = celery.current_app
+
+
+class CallbackTask(celery.Task):
+
+    mmap_path = tempfile.mkdtemp()
+
+
+@celery_app.task(bind=True, base=CallbackTask)
+def test_callback(self, a, b, c):
+    s = 'ok'
+    if c > 0:
+        s = 'err'
+
+    fp = os.path.join(self.mmap_path, b)
+    f = open(fp, 'wb+')
+    f.write(b'\x00')
+    f.seek(0)
+    m = mmap.mmap(f.fileno(), length=1)
+    m.write(c.to_bytes(1, 'big'))
+    m.close()
+    f.close()
+
+    logg.debug('test callback ({}): {} {} {}'.format(s, a, b, c))
--- a/apps/cic-eth/cic_eth/queue/balance.py
+++ b/apps/cic-eth/cic_eth/queue/balance.py
@@ -15,6 +15,7 @@ from chainqueue.db.enum import (
 # local imports
 from cic_eth.db import SessionBase
 from cic_eth.task import CriticalSQLAlchemyTask
+from cic_eth.encode import tx_normalize

 celery_app = celery.current_app

@@ -22,6 +23,9 @@ logg = logging.getLogger()


 def __balance_outgoing_compatible(token_address, holder_address):
+    token_address = tx_normalize.executable_address(token_address)
+    holder_address = tx_normalize.wallet_address(holder_address)
+
    session = SessionBase.create_session()
    q = session.query(TxCache.from_value)
    q = q.join(Otx)
@@ -58,6 +62,9 @@ def balance_outgoing(tokens, holder_address, chain_spec_dict):


 def __balance_incoming_compatible(token_address, receiver_address):
+    token_address = tx_normalize.executable_address(token_address)
+    receiver_address = tx_normalize.wallet_address(receiver_address)
+
    session = SessionBase.create_session()
    q = session.query(TxCache.to_value)
    q = q.join(Otx)
@@ -110,7 +117,7 @@ def assemble_balances(balances_collection):
    logg.debug('received collection {}'.format(balances_collection))
    for c in balances_collection:
        for b in c:
-            address = b['address']
+            address = tx_normalize.executable_address(b['address'])
            if tokens.get(address) == None:
                tokens[address] = {
                    'address': address,
--- a/apps/cic-eth/cic_eth/queue/lock.py
+++ b/apps/cic-eth/cic_eth/queue/lock.py
@@ -6,6 +6,7 @@ import celery
 from cic_eth.task import CriticalSQLAlchemyTask
 from cic_eth.db import SessionBase
 from cic_eth.db.models.lock import Lock
+from cic_eth.encode import tx_normalize

 celery_app = celery.current_app

@@ -21,6 +22,9 @@ def get_lock(address=None):
    :returns: List of locks
    :rtype: list of dicts
    """
+    if address != None:
+        address = tx_normalize.wallet_address(address)
+
    session = SessionBase.create_session()
    q = session.query(
            Lock.date_created,
--- a/apps/cic-eth/cic_eth/queue/query.py
+++ b/apps/cic-eth/cic_eth/queue/query.py
@@ -4,8 +4,8 @@ import datetime
 # external imports
 import celery
 from chainlib.chain import ChainSpec
-from chainlib.eth.tx import unpack
 import chainqueue.sql.query
+from chainlib.eth.tx import unpack
 from chainqueue.db.enum import (
        StatusEnum,
        is_alive,
@@ -20,6 +20,10 @@ from cic_eth.db.enum import LockEnum
 from cic_eth.task import CriticalSQLAlchemyTask
 from cic_eth.db.models.lock import Lock
 from cic_eth.db.models.base import SessionBase
+from cic_eth.encode import (
+        tx_normalize,
+        unpack_normal,
+        )

 celery_app = celery.current_app

@@ -27,49 +31,77 @@ celery_app = celery.current_app
@celery_app.task(base=CriticalSQLAlchemyTask)
 def get_tx_cache(chain_spec_dict, tx_hash):
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
-    session = SessionBase.create_session()
+    return get_tx_cache_local(chain_spec, tx_hash)
+
+
+def get_tx_cache_local(chain_spec, tx_hash, session=None):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
+    session = SessionBase.bind_session(session)
    r = chainqueue.sql.query.get_tx_cache(chain_spec, tx_hash, session=session)
-    session.close()
+    SessionBase.release_session(session)
    return r


@celery_app.task(base=CriticalSQLAlchemyTask)
 def get_tx(chain_spec_dict, tx_hash):
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
-    session = SessionBase.create_session()
+    return get_tx_local(chain_spec, tx_hash)
+
+
+def get_tx_local(chain_spec, tx_hash, session=None):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
+    session = SessionBase.bind_session(session)
    r =  chainqueue.sql.query.get_tx(chain_spec, tx_hash, session=session)
-    session.close()
+    SessionBase.release_session(session)
    return r


@celery_app.task(base=CriticalSQLAlchemyTask)
 def get_account_tx(chain_spec_dict, address, as_sender=True, as_recipient=True, counterpart=None):
+    address = tx_normalize.wallet_address(address)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
-    session = SessionBase.create_session()
+    return get_account_tx_local(chain_spec, address, as_sender=as_sender, as_recipient=as_recipient, counterpart=counterpart)
+
+
+def get_account_tx_local(chain_spec, address, as_sender=True, as_recipient=True, counterpart=None, session=None):
+    address = tx_normalize.wallet_address(address)
+    session = SessionBase.bind_session(session)
    r = chainqueue.sql.query.get_account_tx(chain_spec, address, as_sender=True, as_recipient=True, counterpart=None, session=session)
-    session.close()
+    SessionBase.release_session(session)
    return r


@celery_app.task(base=CriticalSQLAlchemyTask)
-def get_upcoming_tx_nolock(chain_spec_dict, status=StatusEnum.READYSEND, not_status=None, recipient=None, before=None, limit=0, session=None):
+def get_upcoming_tx_nolock(chain_spec_dict, status=StatusEnum.READYSEND, not_status=None, recipient=None, before=None, limit=0):
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
+    return get_upcoming_tx_nolock_local(chain_spec, status=status, not_status=not_status, recipient=recipient, before=before, limit=limit)
+
+
+def get_upcoming_tx_nolock_local(chain_spec, status=StatusEnum.READYSEND, not_status=None, recipient=None, before=None, limit=0, session=None):
+    recipient = tx_normalize.wallet_address(recipient)
    session = SessionBase.create_session()
-    r = chainqueue.sql.query.get_upcoming_tx(chain_spec, status, not_status=not_status, recipient=recipient, before=before, limit=limit, session=session, decoder=unpack)
+    r = chainqueue.sql.query.get_upcoming_tx(chain_spec, status, not_status=not_status, recipient=recipient, before=before, limit=limit, session=session, decoder=unpack_normal)
    session.close()
    return r


 def get_status_tx(chain_spec, status, not_status=None, before=None, exact=False, limit=0, session=None):
-    return chainqueue.sql.query.get_status_tx_cache(chain_spec, status, not_status=not_status, before=before, exact=exact, limit=limit, session=session, decoder=unpack)
+    return chainqueue.sql.query.get_status_tx_cache(chain_spec, status, not_status=not_status, before=before, exact=exact, limit=limit, session=session, decoder=unpack_normal)


 def get_paused_tx(chain_spec, status=None, sender=None, session=None, decoder=None):
-    return chainqueue.sql.query.get_paused_tx_cache(chain_spec, status=status, sender=sender, session=session, decoder=unpack)
+    sender = tx_normalize.wallet_address(sender)
+    return chainqueue.sql.query.get_paused_tx_cache(chain_spec, status=status, sender=sender, session=session, decoder=unpack_normal)


 def get_nonce_tx(chain_spec, nonce, sender):
-    return get_nonce_tx_cache(chain_spec, nonce, sender, decoder=unpack)
+    sender = tx_normalize.wallet_address(sender)
+    return get_nonce_tx_local(chain_spec, nonce, sender)
+
+
+def get_nonce_tx_local(chain_spec, nonce, sender, session=None):
+    sender = tx_normalize.wallet_address(sender)
+    return chainqueue.sql.query.get_nonce_tx_cache(chain_spec, nonce, sender, decoder=unpack_normal, session=session)


 def get_upcoming_tx(chain_spec, status=StatusEnum.READYSEND, not_status=None, recipient=None, before=None, limit=0, session=None):
@@ -91,6 +123,8 @@ def get_upcoming_tx(chain_spec, status=StatusEnum.READYSEND, not_status=None, re
    :returns: Transactions
    :rtype: dict, with transaction hash as key, signed raw transaction as value
    """
+    if recipient != None:
+        recipient = tx_normalize.wallet_address(recipient)
    session = SessionBase.bind_session(session)
    q_outer = session.query(
            TxCache.sender,
--- a/apps/cic-eth/cic_eth/queue/state.py
+++ b/apps/cic-eth/cic_eth/queue/state.py
@@ -6,12 +6,14 @@ import chainqueue.sql.state
 import celery
 from cic_eth.task import CriticalSQLAlchemyTask
 from cic_eth.db.models.base import SessionBase
+from cic_eth.encode import tx_normalize

 celery_app = celery.current_app


@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_sent(chain_spec_dict, tx_hash, fail=False):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_sent(chain_spec, tx_hash, fail, session=session)
@@ -21,6 +23,7 @@ def set_sent(chain_spec_dict, tx_hash, fail=False):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_final(chain_spec_dict, tx_hash, block=None, tx_index=None, fail=False):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_final(chain_spec, tx_hash, block=block, tx_index=tx_index, fail=fail, session=session)
@@ -30,6 +33,7 @@ def set_final(chain_spec_dict, tx_hash, block=None, tx_index=None, fail=False):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_cancel(chain_spec_dict, tx_hash, manual=False):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_cancel(chain_spec, tx_hash, manual, session=session)
@@ -39,6 +43,7 @@ def set_cancel(chain_spec_dict, tx_hash, manual=False):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_rejected(chain_spec_dict, tx_hash):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_rejected(chain_spec, tx_hash, session=session)
@@ -48,6 +53,7 @@ def set_rejected(chain_spec_dict, tx_hash):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_fubar(chain_spec_dict, tx_hash):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_fubar(chain_spec, tx_hash, session=session)
@@ -57,6 +63,7 @@ def set_fubar(chain_spec_dict, tx_hash):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_manual(chain_spec_dict, tx_hash):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_manual(chain_spec, tx_hash, session=session)
@@ -66,6 +73,7 @@ def set_manual(chain_spec_dict, tx_hash):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_ready(chain_spec_dict, tx_hash):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_ready(chain_spec, tx_hash, session=session)
@@ -75,6 +83,7 @@ def set_ready(chain_spec_dict, tx_hash):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_reserved(chain_spec_dict, tx_hash):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_reserved(chain_spec, tx_hash, session=session)
@@ -84,6 +93,7 @@ def set_reserved(chain_spec_dict, tx_hash):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def set_waitforgas(chain_spec_dict, tx_hash):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.set_waitforgas(chain_spec, tx_hash, session=session)
@@ -93,6 +103,7 @@ def set_waitforgas(chain_spec_dict, tx_hash):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def get_state_log(chain_spec_dict, tx_hash):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.get_state_log(chain_spec, tx_hash, session=session)
@@ -102,6 +113,7 @@ def get_state_log(chain_spec_dict, tx_hash):

@celery_app.task(base=CriticalSQLAlchemyTask)
 def obsolete(chain_spec_dict, tx_hash, final):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
    chain_spec = ChainSpec.from_dict(chain_spec_dict)
    session = SessionBase.create_session()
    r = chainqueue.sql.state.obsolete_by_cache(chain_spec, tx_hash, final, session=session)
--- a/apps/cic-eth/cic_eth/queue/time.py
+++ b/apps/cic-eth/cic_eth/queue/time.py
@@ -13,6 +13,7 @@ from chainqueue.error import NotLocalTxError
 # local imports
 from cic_eth.task import CriticalSQLAlchemyAndWeb3Task
 from cic_eth.db.models.base import SessionBase
+from cic_eth.encode import tx_normalize

 celery_app = celery.current_app

@@ -20,6 +21,7 @@ logg = logging.getLogger()


 def tx_times(tx_hash, chain_spec, session=None):
+    tx_hash = tx_normalize.tx_hash(tx_hash)

    session = SessionBase.bind_session(session)

--- a/apps/cic-eth/cic_eth/queue/tx.py
+++ b/apps/cic-eth/cic_eth/queue/tx.py
@@ -32,12 +32,16 @@ from cic_eth.db import SessionBase
 from cic_eth.db.enum import LockEnum
 from cic_eth.task import CriticalSQLAlchemyTask
 from cic_eth.error import LockedError
+from cic_eth.encode import tx_normalize

 celery_app = celery.current_app
 logg = logging.getLogger()


 def queue_create(chain_spec, nonce, holder_address, tx_hash, signed_tx, session=None):
+    tx_hash = tx_normalize.tx_hash(tx_hash)
+    signed_tx = tx_normalize.tx_hash(signed_tx)
+    holder_address = tx_normalize.wallet_address(holder_address)
    session = SessionBase.bind_session(session)

    lock = Lock.check_aggregate(str(chain_spec), LockEnum.QUEUE, holder_address, session=session) 
@@ -67,6 +71,8 @@ def register_tx(tx_hash_hex, tx_signed_raw_hex, chain_spec, queue, cache_task=No
    :returns: Tuple; Transaction hash, signed raw transaction data
    :rtype: tuple
    """
+    tx_hash_hex = tx_normalize.tx_hash(tx_hash_hex)
+    tx_signed_raw_hex = tx_normalize.tx_hash(tx_signed_raw_hex)
    logg.debug('adding queue tx {}:{} -> {}'.format(chain_spec, tx_hash_hex, tx_signed_raw_hex))
    tx_signed_raw = bytes.fromhex(strip_0x(tx_signed_raw_hex))
    tx = unpack(tx_signed_raw, chain_spec)
--- a/apps/cic-eth/cic_eth/runnable/daemons/dispatcher.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/dispatcher.py
@@ -10,7 +10,6 @@ import datetime

 # external imports
 import celery
-from cic_eth_registry import CICRegistry
 from chainlib.chain import ChainSpec
 from chainlib.eth.tx import unpack
 from chainlib.connection import RPCConnection
@@ -101,14 +100,14 @@ class DispatchSyncer:
                    LockEnum.QUEUE,
                    tx['from'],
                    ],
-                queue=queue,
+                queue=config.get('CELERY_QUEUE'),
                )
            s_send = celery.signature(
                    'cic_eth.eth.tx.send',
                    [
                        self.chain_spec.asdict(),
                        ], 
-                    queue=queue,
+                    queue=config.get('CELERY_QUEUE'),
                    )
            s_check.link(s_send)
            t = s_check.apply_async()
--- a/apps/cic-eth/cic_eth/runnable/daemons/filters/init.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/filters/init.py
@@ -3,3 +3,4 @@ from .tx import TxFilter
 from .gas import GasFilter
 from .register import RegistrationFilter
 from .transferauth import TransferAuthFilter
+from .token import TokenFilter
--- a/apps/cic-eth/cic_eth/runnable/daemons/filters/callback.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/filters/callback.py
@@ -21,6 +21,7 @@ from erc20_faucet import Faucet
 # local imports
 from .base import SyncFilter
 from cic_eth.eth.meta import ExtendedTx
+from cic_eth.encode import tx_normalize

 logg = logging.getLogger().getChild(__name__)

@@ -42,9 +43,9 @@ class CallbackFilter(SyncFilter):
            return (None, None)
        r = ERC20.parse_transfer_request(tx.payload)
        transfer_data = {}
-        transfer_data['to'] = r[0]
+        transfer_data['to'] = tx_normalize.wallet_address(r[0])
        transfer_data['value'] = r[1]
-        transfer_data['from'] = tx.outputs[0]
+        transfer_data['from'] = tx_normalize.wallet_address(tx.outputs[0])
        transfer_data['token_address'] = tx.inputs[0]
        return ('transfer', transfer_data)

@@ -54,8 +55,8 @@ class CallbackFilter(SyncFilter):
            return (None, None)
        r = ERC20.parse_transfer_from_request(tx.payload)
        transfer_data = {}
-        transfer_data['from'] = r[0]
-        transfer_data['to'] = r[1]
+        transfer_data['from'] = tx_normalize.wallet_address(r[0])
+        transfer_data['to'] = tx_normalize.wallet_address(r[1])
        transfer_data['value'] = r[2]
        transfer_data['token_address'] = tx.inputs[0]
        return ('transferfrom', transfer_data)
@@ -66,9 +67,9 @@ class CallbackFilter(SyncFilter):
            return (None, None)
        r = Faucet.parse_give_to_request(tx.payload)
        transfer_data = {}
-        transfer_data['to'] = r[0]
+        transfer_data['to'] = tx_normalize.wallet_address(r[0])
        transfer_data['value'] = tx.value
-        transfer_data['from'] = tx.outputs[0]
+        transfer_data['from'] = tx_normalize.wallet_address(tx.outputs[0])
        #transfer_data['token_address'] = tx.inputs[0]
        faucet_contract = tx.inputs[0]

--- a/apps/cic-eth/cic_eth/runnable/daemons/filters/gas.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/filters/gas.py
@@ -10,15 +10,14 @@ from chainlib.eth.tx import unpack
 from chainqueue.db.enum import StatusBits
 from chainqueue.db.models.tx import TxCache
 from chainqueue.db.models.otx import Otx
-from chainqueue.sql.query import get_paused_tx_cache as get_paused_tx
 from chainlib.eth.address import to_checksum_address

 # local imports
 from cic_eth.db.models.base import SessionBase
 from cic_eth.eth.gas import create_check_gas_task
+from cic_eth.queue.query import get_paused_tx
 from .base import SyncFilter

-#logg = logging.getLogger().getChild(__name__)
 logg = logging.getLogger()


--- a/apps/cic-eth/cic_eth/runnable/daemons/filters/register.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/filters/register.py
@@ -12,7 +12,8 @@ from hexathon import (
 # local imports
 from .base import SyncFilter

-logg = logging.getLogger(__name__)
+#logg = logging.getLogger(__name__)
+logg = logging.getLogger()

 account_registry_add_log_hash = '0x9cc987676e7d63379f176ea50df0ae8d2d9d1141d1231d4ce15b5965f73c9430'

--- a/apps/cic-eth/cic_eth/runnable/daemons/filters/token.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/filters/token.py
@@ -0,0 +1,63 @@
+# standard imports
+import logging
+
+# external imports
+from eth_erc20 import ERC20
+from chainlib.eth.contract import (
+        ABIContractEncoder,
+        ABIContractType,
+        )
+from chainlib.eth.constant import ZERO_ADDRESS
+from chainlib.eth.address import is_same_address
+from chainlib.eth.error import RequestMismatchException
+from cic_eth_registry import CICRegistry
+from cic_eth_registry.erc20 import ERC20Token
+from eth_token_index import TokenUniqueSymbolIndex
+import celery
+
+# local imports
+from .base import SyncFilter
+
+logg = logging.getLogger(__name__)
+
+
+class TokenFilter(SyncFilter):
+
+    def __init__(self, chain_spec, queue, call_address=ZERO_ADDRESS):
+        self.queue = queue
+        self.chain_spec = chain_spec
+        self.caller_address = call_address
+
+
+    def filter(self, conn, block, tx, db_session=None):
+        if not tx.payload:
+            return (None, None)
+
+        try:
+            r = ERC20.parse_transfer_request(tx.payload)
+        except RequestMismatchException:
+            return (None, None)
+
+        token_address = tx.inputs[0]
+        token = ERC20Token(self.chain_spec, conn, token_address)
+
+        registry = CICRegistry(self.chain_spec, conn)
+        r = registry.by_name(token.symbol, sender_address=self.caller_address)
+        if is_same_address(r, ZERO_ADDRESS):
+            return None
+
+        enc = ABIContractEncoder()
+        enc.method('transfer')
+        method = enc.get()
+
+        s = celery.signature(
+                'cic_eth.eth.gas.apply_gas_value_cache',
+                [
+                    token_address,
+                    method,
+                    tx.gas_used,
+                    tx.hash,
+                    ],
+                queue=self.queue,
+                )
+        return s.apply_async()
--- a/apps/cic-eth/cic_eth/runnable/daemons/filters/transferauth.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/filters/transferauth.py
@@ -17,6 +17,7 @@ from cic_eth_registry import CICRegistry
 from erc20_transfer_authorization import TransferAuthorization

 # local imports
+from cic_eth.encode import tx_normalize
 from .base import SyncFilter


@@ -52,9 +53,9 @@ class TransferAuthFilter(SyncFilter):

        r = TransferAuthorization.parse_create_request_request(tx.payload) 
          
-        sender = r[0]
-        recipient = r[1]
-        token = r[2]
+        sender = tx_normalize.wallet_address(r[0])
+        recipient = tx_normalize.wallet_address(r[1])
+        token = tx_normalize.executable_address(r[2])
        value = r[3]

        token_data = {
--- a/apps/cic-eth/cic_eth/runnable/daemons/tasker.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/tasker.py
@@ -67,8 +67,10 @@ from cic_eth.registry import (
        connect_declarator,
        connect_token_registry,
        )
-from cic_eth.task import BaseTask
-
+from cic_eth.task import (
+        BaseTask,
+        CriticalWeb3Task,
+        )

 logging.basicConfig(level=logging.WARNING)
 logg = logging.getLogger()
@@ -77,18 +79,18 @@ arg_flags = cic_eth.cli.argflag_std_read
 local_arg_flags = cic_eth.cli.argflag_local_task
 argparser = cic_eth.cli.ArgumentParser(arg_flags)
 argparser.process_local_flags(local_arg_flags)
-argparser.add_argument('--default-token-symbol', dest='default_token_symbol', type=str, help='Symbol of default token to use')
 argparser.add_argument('--trace-queue-status', default=None, dest='trace_queue_status', action='store_true', help='set to perist all queue entry status changes to storage')
 argparser.add_argument('--aux-all', action='store_true', help='include tasks from all submodules from the aux module path')
+argparser.add_argument('--min-fee-price', dest='min_fee_price', type=int, help='set minimum fee price for transactions, in wei')
 argparser.add_argument('--aux', action='append', type=str, default=[], help='add single submodule from the aux module path')
 args = argparser.parse_args()

 # process config
 extra_args = {
-    'default_token_symbol': 'CIC_DEFAULT_TOKEN_SYMBOL',
    'aux_all': None,
    'aux': None,
    'trace_queue_status': 'TASKS_TRACE_QUEUE_STATUS',
+    'min_fee_price': 'ETH_MIN_FEE_PRICE',
        }
 config = cic_eth.cli.Config.from_args(args, arg_flags, local_arg_flags)

@@ -188,6 +190,17 @@ elif len(args.aux) > 0:
        logg.info('aux module {} found in path {}'.format(v, aux_dir))
        aux.append(v)

+default_token_symbol = config.get('CIC_DEFAULT_TOKEN_SYMBOL')
+defaullt_token_address = None
+if default_token_symbol:
+    default_token_address = registry.by_name(default_token_symbol)
+else:
+    default_token_address = registry.by_name('DefaultToken')
+    c = ERC20Token(chain_spec, conn, default_token_address)
+    default_token_symbol = c.symbol
+    logg.info('found default token {} address {}'.format(default_token_symbol, default_token_address))
+    config.add(default_token_symbol, 'CIC_DEFAULT_TOKEN_SYMBOL', exists_ok=True)
+
 for v in aux:
    mname = 'cic_eth_aux.' + v
    mod = importlib.import_module(mname)
@@ -205,12 +218,22 @@ def main():
    argv.append('-n')
    argv.append(config.get('CELERY_QUEUE'))

-    BaseTask.default_token_symbol = config.get('CIC_DEFAULT_TOKEN_SYMBOL')
-    BaseTask.default_token_address = registry.by_name(BaseTask.default_token_symbol)
-    default_token = ERC20Token(chain_spec, conn, BaseTask.default_token_address)
+    # TODO: More elegant way of setting queue-wide settings
+    BaseTask.default_token_symbol = default_token_symbol
+    BaseTask.default_token_address = default_token_address
+    default_token = ERC20Token(chain_spec, conn, add_0x(BaseTask.default_token_address))
    default_token.load(conn)
    BaseTask.default_token_decimals = default_token.decimals
    BaseTask.default_token_name = default_token.name
+    BaseTask.trusted_addresses = trusted_addresses
+    CriticalWeb3Task.safe_gas_refill_amount = int(config.get('ETH_GAS_HOLDER_MINIMUM_UNITS')) * int(config.get('ETH_GAS_HOLDER_REFILL_UNITS'))
+    CriticalWeb3Task.safe_gas_threshold_amount = int(config.get('ETH_GAS_HOLDER_MINIMUM_UNITS')) * int(config.get('ETH_GAS_HOLDER_REFILL_THRESHOLD'))
+    CriticalWeb3Task.safe_gas_gifter_balance = int(config.get('ETH_GAS_HOLDER_MINIMUM_UNITS')) * int(config.get('ETH_GAS_GIFTER_REFILL_BUFFER'))
+    if config.get('ETH_MIN_FEE_PRICE'):
+        BaseTask.min_fee_price = int(config.get('ETH_MIN_FEE_PRICE'))
+        CriticalWeb3Task.safe_gas_threshold_amount *= BaseTask.min_fee_price
+        CriticalWeb3Task.safe_gas_refill_amount *= BaseTask.min_fee_price
+        CriticalWeb3Task.safe_gas_gifter_balance *= BaseTask.min_fee_price

    BaseTask.run_dir = config.get('CIC_RUN_DIR')
    logg.info('default token set to {} {}'.format(BaseTask.default_token_symbol, BaseTask.default_token_address))
--- a/apps/cic-eth/cic_eth/runnable/daemons/tracker.py
+++ b/apps/cic-eth/cic_eth/runnable/daemons/tracker.py
@@ -36,6 +36,7 @@ from cic_eth.runnable.daemons.filters import (
        TxFilter,
        RegistrationFilter,
        TransferAuthFilter,
+        TokenFilter,
        )
 from cic_eth.stat import init_chain_stat
 from cic_eth.registry import (
@@ -99,10 +100,10 @@ def main():
    syncer_backends = SQLBackend.resume(chain_spec, block_offset)

    if len(syncer_backends) == 0:
-        initial_block_start = config.get('SYNCER_OFFSET')
-        initial_block_offset = block_offset
+        initial_block_start = int(config.get('SYNCER_OFFSET'))
+        initial_block_offset = int(block_offset)
        if config.true('SYNCER_NO_HISTORY'):
-            initial_block_start = block_offset
+            initial_block_start = initial_block_offset
            initial_block_offset += 1
        syncer_backends.append(SQLBackend.initial(chain_spec, initial_block_offset, start_block_height=initial_block_start))
        logg.info('found no backends to resume, adding initial sync from history start {} end {}'.format(initial_block_start, initial_block_offset))
@@ -154,6 +155,8 @@ def main():

    gas_filter = GasFilter(chain_spec, config.get('CELERY_QUEUE'))

+    token_gas_cache_filter = TokenFilter(chain_spec, config.get('CELERY_QUEUE'))
+
    #transfer_auth_filter = TransferAuthFilter(registry, chain_spec, config.get('_CELERY_QUEUE'))

    i = 0
@@ -163,6 +166,7 @@ def main():
        syncer.add_filter(registration_filter)
        # TODO: the two following filter functions break the filter loop if return uuid. Pro: less code executed. Con: Possibly unintuitive flow break
        syncer.add_filter(tx_filter)
+        syncer.add_filter(token_gas_cache_filter)
        #syncer.add_filter(transfer_auth_filter)
        for cf in callback_filters:
            syncer.add_filter(cf)
--- a/apps/cic-eth/cic_eth/runnable/tag.py
+++ b/apps/cic-eth/cic_eth/runnable/tag.py
@@ -8,6 +8,7 @@ import re
 # external imports
 import cic_eth.cli
 from chainlib.chain import ChainSpec
+from chainlib.eth.address import is_address
 from xdg.BaseDirectory import xdg_config_home

 # local imports
@@ -18,15 +19,21 @@ from cic_eth.db.models.base import SessionBase
 logging.basicConfig(level=logging.WARNING)
 logg = logging.getLogger()

-arg_flags = cic_eth.cli.argflag_std_base
+arg_flags = cic_eth.cli.argflag_std_base | cic_eth.cli.Flag.UNSAFE | cic_eth.cli.Flag.CHAIN_SPEC
 local_arg_flags = cic_eth.cli.argflag_local_taskcallback
 argparser = cic_eth.cli.ArgumentParser(arg_flags)
-argparser.add_positional('tag', type=str, help='address tag')
-argparser.add_positional('address', type=str, help='address')
+argparser.add_argument('--set', action='store_true', help='sets the given tag')
+argparser.add_argument('--tag', type=str, help='operate on the given tag')
+argparser.add_positional('address', required=False, type=str, help='address associated with tag')
 argparser.process_local_flags(local_arg_flags)
 args = argparser.parse_args()

-config = cic_eth.cli.Config.from_args(args, arg_flags, local_arg_flags)
+extra_args = {
+        'set': None,
+        'tag': None,
+        'address': None,
+        }
+config = cic_eth.cli.Config.from_args(args, arg_flags, local_arg_flags, extra_args=extra_args)

 celery_app = cic_eth.cli.CeleryApp.from_config(config)

@@ -39,7 +46,17 @@ api = AdminApi(None)


 def main():
-    admin_api.tag_account(args.tag, args.address, chain_spec)
+    if config.get('_ADDRESS') != None and not is_address(config.get('_ADDRESS')):
+        sys.stderr.write('Invalid address {}'.format(config.get('_ADDRESS')))
+        sys.exit(1)
+
+    if config.get('_SET'):
+        admin_api.tag_account(chain_spec, config.get('_TAG'), config.get('_ADDRESS'))
+    else:
+        t = admin_api.get_tag_account(chain_spec, tag=config.get('_TAG'), address=config.get('_ADDRESS'))
+        r = t.get()
+        for v in r:
+            sys.stdout.write('{}\t{}\n'.format(v[1], v[0]))


 if __name__ == '__main__':
--- a/apps/cic-eth/cic_eth/runnable/transfer.py
+++ b/apps/cic-eth/cic_eth/runnable/transfer.py
@@ -18,7 +18,7 @@ from cic_eth.api import Api
 logging.basicConfig(level=logging.WARNING)
 logg = logging.getLogger('create_account_script')

-arg_flags = cic_eth.cli.argflag_std_base
+arg_flags = cic_eth.cli.argflag_local_base
 local_arg_flags = cic_eth.cli.argflag_local_taskcallback
 argparser = cic_eth.cli.ArgumentParser(arg_flags)
 argparser.add_argument('--token-symbol', dest='token_symbol', type=str, help='Token symbol')
--- a/apps/cic-eth/cic_eth/runnable/view.py
+++ b/apps/cic-eth/cic_eth/runnable/view.py
@@ -16,9 +16,14 @@ import confini
 import celery
 from chainlib.chain import ChainSpec
 from chainlib.eth.connection import EthHTTPConnection
-from hexathon import add_0x
+from hexathon import (
+        add_0x,
+        strip_0x,
+        uniform as hex_uniform,
+        )

 # local imports
+import cic_eth.cli
 from cic_eth.api.admin import AdminApi
 from cic_eth.db.enum import (
    StatusEnum,
@@ -31,59 +36,35 @@ logging.basicConfig(level=logging.WARNING)
 logg = logging.getLogger()

 default_format = 'terminal'
-default_config_dir = os.environ.get('CONFINI_DIR', '/usr/local/etc/cic')

-argparser = argparse.ArgumentParser()
-argparser.add_argument('-p', '--provider', dest='p', default='http://localhost:8545', type=str, help='Web3 provider url (http only)')
-argparser.add_argument('-r', '--registry-address', dest='r', type=str, help='CIC registry address')
+arg_flags = cic_eth.cli.argflag_std_base
+local_arg_flags = cic_eth.cli.argflag_local_taskcallback
+argparser = cic_eth.cli.ArgumentParser(arg_flags)
 argparser.add_argument('-f', '--format', dest='f', default=default_format, type=str, help='Output format')
-argparser.add_argument('--status-raw', dest='status_raw', action='store_true', help='Output status bit enum names only')
-argparser.add_argument('-c', type=str, default=default_config_dir, help='config root to use')
-argparser.add_argument('-i', '--chain-spec', dest='i', type=str, help='chain spec')
-argparser.add_argument('-q', type=str, default='cic-eth', help='celery queue to submit transaction tasks to')
-argparser.add_argument('--env-prefix', default=os.environ.get('CONFINI_ENV_PREFIX'), dest='env_prefix', type=str, help='environment prefix for variables to overwrite configuration')
-argparser.add_argument('-v', action='store_true', help='Be verbose')
-argparser.add_argument('-vv', help='be more verbose', action='store_true')
 argparser.add_argument('query', type=str, help='Transaction, transaction hash, account or "lock"')
+argparser.process_local_flags(local_arg_flags)
 args = argparser.parse_args()

-if args.v == True:
-    logging.getLogger().setLevel(logging.INFO)
-elif args.vv == True:
-    logging.getLogger().setLevel(logging.DEBUG)

-
-config_dir = os.path.join(args.c)
-os.makedirs(config_dir, 0o777, True)
-config = confini.Config(config_dir, args.env_prefix)
-config.process()
-args_override = {
-        'ETH_PROVIDER': getattr(args, 'p'),
-        'CIC_CHAIN_SPEC': getattr(args, 'i'),
-        'CIC_REGISTRY_ADDRESS': getattr(args, 'r'),
+extra_args = {
+    'f': '_FORMAT',
+    'query': '_QUERY',
        }
-# override args
-config.dict_override(args_override, 'cli args')
-config.censor('PASSWORD', 'DATABASE')
-config.censor('PASSWORD', 'SSL')
-logg.debug('config loaded from {}:\n{}'.format(config_dir, config))
+config = cic_eth.cli.Config.from_args(args, arg_flags, local_arg_flags, extra_args=extra_args)

-try:
-    config.add(add_0x(args.query), '_QUERY', True)
-except:
-    config.add(args.query, '_QUERY', True)
+celery_app = cic_eth.cli.CeleryApp.from_config(config)
+queue = config.get('CELERY_QUEUE')

-celery_app = celery.Celery(broker=config.get('CELERY_BROKER_URL'), backend=config.get('CELERY_RESULT_URL'))
+chain_spec = ChainSpec.from_chain_str(config.get('CHAIN_SPEC'))

-queue = args.q
+# connect to celery
+celery_app = cic_eth.cli.CeleryApp.from_config(config)

-chain_spec = ChainSpec.from_chain_str(config.get('CIC_CHAIN_SPEC'))
+# set up rpc
+rpc = cic_eth.cli.RPC.from_config(config) #, use_signer=True)
+conn = rpc.get_default()

-rpc = EthHTTPConnection(args.p)
-
-#registry_address = config.get('CIC_REGISTRY_ADDRESS')
-
-admin_api = AdminApi(rpc)
+admin_api = AdminApi(conn)

 t = admin_api.registry()
 registry_address = t.get()
@@ -113,7 +94,7 @@ def render_tx(o, **kwargs):
    
    for v in o.get('status_log', []):
        d = datetime.datetime.fromisoformat(v[0])
-        e = status_str(v[1], args.status_raw)
+        e = status_str(v[1], config.get('_RAW'))
        content += '{}: {}\n'.format(d, e)

    return content
@@ -154,20 +135,24 @@ def render_lock(o, **kwargs):
 def main():
    txs  = []
    renderer = render_tx
-    if len(config.get('_QUERY')) > 66:
-        #registry = connect_registry(rpc, chain_spec, registry_address)
-        #admin_api.tx(chain_spec, tx_raw=config.get('_QUERY'), registry=registry, renderer=renderer)
-        admin_api.tx(chain_spec, tx_raw=config.get('_QUERY'), renderer=renderer)
-    elif len(config.get('_QUERY')) > 42:
-        #registry = connect_registry(rpc, chain_spec, registry_address)
-        #admin_api.tx(chain_spec, tx_hash=config.get('_QUERY'), registry=registry, renderer=renderer)
-        admin_api.tx(chain_spec, tx_hash=config.get('_QUERY'), renderer=renderer)

-    elif len(config.get('_QUERY')) == 42:
-        #registry = connect_registry(rpc, chain_spec, registry_address)
-        txs = admin_api.account(chain_spec, config.get('_QUERY'), include_recipient=False, renderer=render_account)
+    query = config.get('_QUERY')
+    try:
+        query = hex_uniform(strip_0x(query))
+    except TypeError:
+        pass
+    except ValueError:
+        pass
+
+    if len(query) > 64:
+        admin_api.tx(chain_spec, tx_raw=query, renderer=renderer)
+    elif len(query) > 40:
+        admin_api.tx(chain_spec, tx_hash=query, renderer=renderer)
+
+    elif len(query) == 40:
+        txs = admin_api.account(chain_spec, query, include_recipient=False, renderer=render_account)
        renderer = render_account
-    elif len(config.get('_QUERY')) >= 4 and config.get('_QUERY')[:4] == 'lock':
+    elif len(query) >= 4 and query[:4] == 'lock':
        t = admin_api.get_lock()
        txs = t.get()
        renderer = render_lock
@@ -175,7 +160,7 @@ def main():
            r = renderer(txs)
            sys.stdout.write(r + '\n')
    else:
-        raise ValueError('cannot parse argument {}'.format(config.get('_QUERY')))
+        raise ValueError('cannot parse argument {}'.format(query))
                   

 if __name__ == '__main__':
--- a/apps/cic-eth/cic_eth/task.py
+++ b/apps/cic-eth/cic_eth/task.py
@@ -13,11 +13,11 @@ from chainlib.eth.nonce import RPCNonceOracle
 from chainlib.eth.gas import RPCGasOracle
 from cic_eth_registry import CICRegistry
 from cic_eth_registry.error import UnknownContractError
-import liveness.linux

 # local imports
 from cic_eth.error import SeppukuError
 from cic_eth.db.models.base import SessionBase
+from cic_eth.eth.util import CacheGasOracle

 #logg = logging.getLogger().getChild(__name__)
 logg = logging.getLogger()
@@ -29,14 +29,33 @@ class BaseTask(celery.Task):

    session_func = SessionBase.create_session
    call_address = ZERO_ADDRESS
-    create_nonce_oracle = RPCNonceOracle
-    create_gas_oracle = RPCGasOracle
+    trusted_addresses = []
+    min_fee_price = 1
    default_token_address = None
    default_token_symbol = None
    default_token_name = None
    default_token_decimals = None
    run_dir = '/run'

+
+    def create_gas_oracle(self, conn, address=None, *args, **kwargs):
+        if address == None:
+            return RPCGasOracle(
+                conn,
+                code_callback=kwargs.get('code_callback'),
+                min_price=self.min_fee_price,
+                id_generator=kwargs.get('id_generator'),
+                )
+
+        return CacheGasOracle(
+                conn,
+                address,
+                method=kwargs.get('method'),
+                min_price=self.min_fee_price,
+                id_generator=kwargs.get('id_generator'),
+                )
+
+
    def create_session(self):
        return BaseTask.session_func()

@@ -48,6 +67,7 @@ class BaseTask(celery.Task):

    def on_failure(self, exc, task_id, args, kwargs, einfo):
        if isinstance(exc, SeppukuError):
+            import liveness.linux
            liveness.linux.reset(rundir=self.run_dir)
            logg.critical(einfo)
            msg = 'received critical exception {}, calling shutdown'.format(str(exc))
@@ -77,19 +97,18 @@ class CriticalWeb3Task(CriticalTask):
    autoretry_for = (
        ConnectionError,
        )
-    safe_gas_threshold_amount = 2000000000 * 60000 * 3
+    safe_gas_threshold_amount = 60000 * 3
    safe_gas_refill_amount = safe_gas_threshold_amount * 5 
+    safe_gas_gifter_balance = safe_gas_threshold_amount * 5 * 100


-class CriticalSQLAlchemyAndWeb3Task(CriticalTask):
+class CriticalSQLAlchemyAndWeb3Task(CriticalWeb3Task):
    autoretry_for = (
        sqlalchemy.exc.DatabaseError,
        sqlalchemy.exc.TimeoutError,
        ConnectionError,
        sqlalchemy.exc.ResourceClosedError,
        )
-    safe_gas_threshold_amount = 2000000000 * 60000 * 3
-    safe_gas_refill_amount = safe_gas_threshold_amount * 5 


 class CriticalSQLAlchemyAndSignerTask(CriticalTask):
@@ -99,14 +118,11 @@ class CriticalSQLAlchemyAndSignerTask(CriticalTask):
        sqlalchemy.exc.ResourceClosedError,
        ) 

-class CriticalWeb3AndSignerTask(CriticalTask):
+class CriticalWeb3AndSignerTask(CriticalWeb3Task):
    autoretry_for = (
        ConnectionError,
        )
-    safe_gas_threshold_amount = 2000000000 * 60000 * 3
-    safe_gas_refill_amount = safe_gas_threshold_amount * 5 
-
-
+    
@celery_app.task()
 def check_health(self):
    pass
--- a/apps/cic-eth/cic_eth/version.py
+++ b/apps/cic-eth/cic_eth/version.py
@@ -9,8 +9,8 @@ import semver
 version = (
        0,
        12,
-        2,
-        'alpha.4',
+        4,
+        'alpha.14',
        )

 version_object = semver.VersionInfo(
--- a/apps/cic-eth/config/test/accounts.ini
+++ b/apps/cic-eth/config/test/accounts.ini
@@ -1,2 +0,0 @@
-[accounts]
-writer_address = 
--- a/apps/cic-eth/config/test/bancor.ini
+++ b/apps/cic-eth/config/test/bancor.ini
@@ -1,2 +0,0 @@
-[bancor]
-dir = tests/testdata/bancor
--- a/apps/cic-eth/config/test/celery.ini
+++ b/apps/cic-eth/config/test/celery.ini
@@ -1,5 +1,3 @@
 [celery]
 broker_url = filesystem://
 result_url = filesystem://
-#broker_url = redis://
-#result_url = redis://
--- a/apps/cic-eth/config/test/cic.ini
+++ b/apps/cic-eth/config/test/cic.ini
@@ -1,4 +0,0 @@
-[cic]
-registry_address = 
-chain_spec = 
-trust_address =
--- a/apps/cic-eth/config/test/dispatcher.ini
+++ b/apps/cic-eth/config/test/dispatcher.ini
@@ -1,2 +0,0 @@
-[dispatcher]
-loop_interval = 0.1
--- a/apps/cic-eth/config/test/eth.ini
+++ b/apps/cic-eth/config/test/eth.ini
@@ -1,8 +0,0 @@
-[eth]
-#ws_provider = ws://localhost:8546
-#ttp_provider = http://localhost:8545
-provider = http://localhost:8545
-gas_provider_address = 
-#chain_id = 
-abi_dir = 
-faucet_giver_address = 
--- a/apps/cic-eth/config/test/signer.ini
+++ b/apps/cic-eth/config/test/signer.ini
@@ -1,5 +1,2 @@
 [signer]
-socket_path = /run/crypto-dev-signer/jsonrpc.ipc
-secret = deedbeef
-database_name = signer_test
-dev_keys_path = 
+provider = /run/crypto-dev-signer/jsonrpc.ipc
--- a/apps/cic-eth/config/test/ssl.ini
+++ b/apps/cic-eth/config/test/ssl.ini
@@ -1,6 +0,0 @@
-[SSL]
-enable_client = false
-cert_file = 
-key_file =
-password = 
-ca_file =
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`## this is an example base image if we wanted one for all the other apps. Its just OS level things`