diff --git a/Cargo.lock b/Cargo.lock
index 0a3bdd4bb88..b30ad1f1199 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -694,11 +694,10 @@ dependencies = [
  "parity-reactor 0.1.0",
  "parking_lot 0.5.4 (registry+https://github.com/rust-lang/crates.io-index)",
  "price-info 1.12.0",
- "rayon 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "rlp 0.2.1",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "trace-time 0.1.0",
- "transaction-pool 1.12.0",
+ "transaction-pool 1.12.1",
  "url 1.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -1197,6 +1196,7 @@ dependencies = [
  "parking_lot 0.5.4 (registry+https://github.com/rust-lang/crates.io-index)",
  "protobuf 1.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "rustc-hex 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "trezor-sys 1.0.0 (git+https://github.com/paritytech/trezor-sys)",
 ]
 
@@ -1378,7 +1378,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-core"
 version = "8.0.1"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "futures 0.1.21 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1390,7 +1390,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-http-server"
 version = "8.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "hyper 0.11.24 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 8.0.1 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
@@ -1403,7 +1403,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-ipc-server"
 version = "8.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "jsonrpc-core 8.0.1 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
  "jsonrpc-server-utils 8.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
@@ -1415,7 +1415,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-macros"
 version = "8.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "jsonrpc-core 8.0.1 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
  "jsonrpc-pubsub 8.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
@@ -1425,7 +1425,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-pubsub"
 version = "8.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "jsonrpc-core 8.0.1 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
  "log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1435,7 +1435,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-server-utils"
 version = "8.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "bytes 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
  "globset 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1448,7 +1448,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-tcp-server"
 version = "8.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "jsonrpc-core 8.0.1 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
  "jsonrpc-server-utils 8.0.0 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
@@ -1460,7 +1460,7 @@ dependencies = [
 [[package]]
 name = "jsonrpc-ws-server"
 version = "8.0.0"
-source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#06bec6ab682ec4ce16d7e7daf2612870c4272028"
+source = "git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11#c8e6336798be4444953def351099078617d40efd"
 dependencies = [
  "error-chain 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "jsonrpc-core 8.0.1 (git+https://github.com/paritytech/jsonrpc.git?branch=parity-1.11)",
@@ -1742,14 +1742,13 @@ dependencies = [
 
 [[package]]
 name = "mio-named-pipes"
-version = "0.1.4"
-source = "git+https://github.com/alexcrichton/mio-named-pipes#9c1bbb985b74374d3b7eda76937279f8e977ef81"
+version = "0.1.5"
+source = "git+https://github.com/alexcrichton/mio-named-pipes#6ad80e67fe7993423b281bc13d307785ade05d37"
 dependencies = [
- "kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)",
+ "log 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "mio 0.6.14 (registry+https://github.com/rust-lang/crates.io-index)",
- "miow 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
+ "miow 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -1772,6 +1771,15 @@ dependencies = [
  "ws2_32-sys 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "miow"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "socket2 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "msdos_time"
 version = "0.1.6"
@@ -2254,7 +2262,7 @@ dependencies = [
  "tempdir 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)",
  "tiny-keccak 1.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "tokio-timer 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
- "transaction-pool 1.12.0",
+ "transaction-pool 1.12.1",
  "transient-hashmap 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "vm 0.1.0",
 ]
@@ -2279,12 +2287,12 @@ dependencies = [
 [[package]]
 name = "parity-tokio-ipc"
 version = "0.1.5"
-source = "git+https://github.com/nikvolf/parity-tokio-ipc#d6c5b3cfcc913a1b9cf0f0562a10b083ceb9fb7c"
+source = "git+https://github.com/nikvolf/parity-tokio-ipc#2af3e5b6b746552d8181069a2c6be068377df1de"
 dependencies = [
  "bytes 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures 0.1.21 (registry+https://github.com/rust-lang/crates.io-index)",
  "log 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "mio-named-pipes 0.1.4 (git+https://github.com/alexcrichton/mio-named-pipes)",
+ "mio-named-pipes 0.1.5 (git+https://github.com/alexcrichton/mio-named-pipes)",
  "miow 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand 0.3.20 (registry+https://github.com/rust-lang/crates.io-index)",
  "tokio-core 0.1.17 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -2684,7 +2692,7 @@ dependencies = [
 
 [[package]]
 name = "redox_syscall"
-version = "0.1.31"
+version = "0.1.40"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
@@ -2692,7 +2700,7 @@ name = "redox_termios"
 version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
- "redox_syscall 0.1.31 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
 [[package]]
@@ -3027,6 +3035,17 @@ dependencies = [
  "libc 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "socket2"
+version = "0.3.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cfg-if 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "stable_deref_trait"
 version = "1.0.0"
@@ -3126,7 +3145,7 @@ dependencies = [
  "kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand 0.3.20 (registry+https://github.com/rust-lang/crates.io-index)",
- "redox_syscall 0.1.31 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
  "winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -3155,7 +3174,7 @@ version = "1.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
  "libc 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
- "redox_syscall 0.1.31 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
  "redox_termios 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -3173,7 +3192,7 @@ version = "3.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
  "libc 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
- "redox_syscall 0.1.31 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
  "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -3201,7 +3220,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 dependencies = [
  "kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "libc 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
- "redox_syscall 0.1.31 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)",
  "winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -3280,7 +3299,7 @@ source = "git+https://github.com/nikvolf/tokio-named-pipes#0b9b728eaeb0a6673c287
 dependencies = [
  "bytes 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures 0.1.21 (registry+https://github.com/rust-lang/crates.io-index)",
- "mio-named-pipes 0.1.4 (git+https://github.com/alexcrichton/mio-named-pipes)",
+ "mio-named-pipes 0.1.5 (git+https://github.com/alexcrichton/mio-named-pipes)",
  "tokio-core 0.1.17 (registry+https://github.com/rust-lang/crates.io-index)",
  "tokio-io 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
@@ -3435,7 +3454,7 @@ dependencies = [
 
 [[package]]
 name = "transaction-pool"
-version = "1.12.0"
+version = "1.12.1"
 dependencies = [
  "error-chain 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "ethereum-types 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -3906,9 +3925,10 @@ dependencies = [
 "checksum miniz_oxide 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "aaa2d3ad070f428fffbd7d3ca2ea20bb0d8cffe9024405c44e1840bc1418b398"
 "checksum miniz_oxide_c_api 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "92d98fdbd6145645828069b37ea92ca3de225e000d80702da25c20d3584b38a5"
 "checksum mio 0.6.14 (registry+https://github.com/rust-lang/crates.io-index)" = "6d771e3ef92d58a8da8df7d6976bfca9371ed1de6619d9d5a5ce5b1f29b85bfe"
-"checksum mio-named-pipes 0.1.4 (git+https://github.com/alexcrichton/mio-named-pipes)" = "<none>"
+"checksum mio-named-pipes 0.1.5 (git+https://github.com/alexcrichton/mio-named-pipes)" = "<none>"
 "checksum mio-uds 0.6.4 (registry+https://github.com/rust-lang/crates.io-index)" = "1731a873077147b626d89cc6c2a0db6288d607496c5d10c0cfcf3adc697ec673"
 "checksum miow 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "8c1f2f3b1cf331de6896aabf6e9d55dca90356cc9960cca7eaaf408a355ae919"
+"checksum miow 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "9224c91f82b3c47cf53dcf78dfaa20d6888fbcc5d272d5f2fcdf8a697f3c987d"
 "checksum msdos_time 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "aad9dfe950c057b1bfe9c1f2aa51583a8468ef2a5baba2ebbe06d775efeb7729"
 "checksum multibase 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b9c35dac080fd6e16a99924c8dfdef0af89d797dd851adab25feaffacf7850d6"
 "checksum multihash 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7d49add5f49eb08bfc4d01ff286b84a48f53d45314f165c2d6efe477222d24f3"
@@ -3961,7 +3981,7 @@ dependencies = [
 "checksum rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "eba5f8cb59cc50ed56be8880a5c7b496bfd9bd26394e176bc67884094145c2c5"
 "checksum rayon 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "80e811e76f1dbf68abf87a759083d34600017fc4e10b6bd5ad84a700f9dba4b1"
 "checksum rayon-core 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "9d24ad214285a7729b174ed6d3bcfcb80177807f959d95fafd5bfc5c4f201ac8"
-"checksum redox_syscall 0.1.31 (registry+https://github.com/rust-lang/crates.io-index)" = "8dde11f18c108289bef24469638a04dce49da56084f2d50618b226e47eb04509"
+"checksum redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)" = "c214e91d3ecf43e9a4e41e578973adeb14b474f2bee858742d127af75a0112b1"
 "checksum redox_termios 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7e891cfe48e9100a70a3b6eb652fef28920c117d366339687bd5576160db0f76"
 "checksum regex 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "744554e01ccbd98fff8c457c3b092cd67af62a555a43bfe97ae8a0451f7799fa"
 "checksum regex-syntax 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)" = "ad890a5eef7953f55427c50575c680c42841653abd2b028b68cd223d157f62db"
@@ -4000,6 +4020,7 @@ dependencies = [
 "checksum smallvec 0.4.3 (registry+https://github.com/rust-lang/crates.io-index)" = "8fcd03faf178110ab0334d74ca9631d77f94c8c11cc77fcb59538abf0025695d"
 "checksum snappy 0.1.0 (git+https://github.com/paritytech/rust-snappy)" = "<none>"
 "checksum snappy-sys 0.1.0 (git+https://github.com/paritytech/rust-snappy)" = "<none>"
+"checksum socket2 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)" = "06dc9f86ee48652b7c80f3d254e3b9accb67a928c562c64d10d7b016d3d98dab"
 "checksum stable_deref_trait 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "15132e0e364248108c5e2c02e3ab539be8d6f5d52a01ca9bbf27ed657316f02b"
 "checksum strsim 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b4d15c810519a91cf877e7e36e63fe068815c678181439f2f29e2562147c3694"
 "checksum syn 0.13.1 (registry+https://github.com/rust-lang/crates.io-index)" = "91b52877572087400e83d24b9178488541e3d535259e04ff17a63df1e5ceff59"
diff --git a/README.md b/README.md
index 8cba4205bdb..95e5ba2ed2d 100644
--- a/README.md
+++ b/README.md
@@ -48,7 +48,7 @@ We recommend installing Rust through [rustup](https://www.rustup.rs/). If you do
 	$ curl https://sh.rustup.rs -sSf | sh
 	```
 
-	Parity also requires `gcc`, `g++`, `libssl-dev`/`openssl`, `libudev-dev` and `pkg-config` packages to be installed.
+	Parity also requires `gcc`, `g++`, `libssl-dev`/`openssl`, `libudev-dev`, `pkg-config`, `file` and `make` packages to be installed.
 
 - OSX:
 	```bash
diff --git a/docker/alpine/Dockerfile b/docker/alpine/Dockerfile
index ad8879ecf73..4d08afd3f8f 100644
--- a/docker/alpine/Dockerfile
+++ b/docker/alpine/Dockerfile
@@ -1,11 +1,11 @@
-FROM alpine:3.7
+FROM alpine:edge
 
 WORKDIR /build
 
 # install tools and dependencies
-RUN apk add --no-cache gcc musl-dev openssl-dev pkgconfig g++ make curl \
-					   eudev-dev rust cargo git file binutils libusb-dev \
-					   linux-headers
+RUN apk add --no-cache gcc musl-dev pkgconfig g++ make curl \
+						eudev-dev rust cargo git file binutils \
+						libusb-dev linux-headers perl
 
 # show backtraces
 ENV RUST_BACKTRACE 1
diff --git a/ethcore/light/Cargo.toml b/ethcore/light/Cargo.toml
index f4f439a7539..7b59e3e606e 100644
--- a/ethcore/light/Cargo.toml
+++ b/ethcore/light/Cargo.toml
@@ -40,6 +40,7 @@ util-error = { path = "../../util/error" }
 snappy = { git = "https://github.com/paritytech/rust-snappy" }
 
 [dev-dependencies]
+ethcore = { path = "..", features = ["test-helpers"] }
 kvdb-memorydb = { path = "../../util/kvdb-memorydb" }
 kvdb-rocksdb = { path = "../../util/kvdb-rocksdb" }
 tempdir = "0.3"
diff --git a/ethcore/light/src/net/mod.rs b/ethcore/light/src/net/mod.rs
index aef4347a088..993e80d2945 100644
--- a/ethcore/light/src/net/mod.rs
+++ b/ethcore/light/src/net/mod.rs
@@ -71,6 +71,9 @@ const PROPAGATE_TIMEOUT_INTERVAL: Duration = Duration::from_secs(5);
 const RECALCULATE_COSTS_TIMEOUT: TimerToken = 3;
 const RECALCULATE_COSTS_INTERVAL: Duration = Duration::from_secs(60 * 60);
 
+/// Max number of transactions in a single packet.
+const MAX_TRANSACTIONS_TO_PROPAGATE: usize = 64;
+
 // minimum interval between updates.
 const UPDATE_INTERVAL: Duration = Duration::from_millis(5000);
 
@@ -646,7 +649,7 @@ impl LightProtocol {
 	fn propagate_transactions(&self, io: &IoContext) {
 		if self.capabilities.read().tx_relay { return }
 
-		let ready_transactions = self.provider.ready_transactions();
+		let ready_transactions = self.provider.ready_transactions(MAX_TRANSACTIONS_TO_PROPAGATE);
 		if ready_transactions.is_empty() { return }
 
 		trace!(target: "pip", "propagate transactions: {} ready", ready_transactions.len());
diff --git a/ethcore/light/src/net/tests/mod.rs b/ethcore/light/src/net/tests/mod.rs
index 305ef9b3540..e182f38b8a6 100644
--- a/ethcore/light/src/net/tests/mod.rs
+++ b/ethcore/light/src/net/tests/mod.rs
@@ -173,8 +173,8 @@ impl Provider for TestProvider {
 		})
 	}
 
-	fn ready_transactions(&self) -> Vec<PendingTransaction> {
-		self.0.client.ready_transactions()
+	fn ready_transactions(&self, max_len: usize) -> Vec<PendingTransaction> {
+		self.0.client.ready_transactions(max_len)
 	}
 }
 
diff --git a/ethcore/light/src/provider.rs b/ethcore/light/src/provider.rs
index 0e518ea7723..e75915e8cf8 100644
--- a/ethcore/light/src/provider.rs
+++ b/ethcore/light/src/provider.rs
@@ -125,7 +125,7 @@ pub trait Provider: Send + Sync {
 	fn header_proof(&self, req: request::CompleteHeaderProofRequest) -> Option<request::HeaderProofResponse>;
 
 	/// Provide pending transactions.
-	fn ready_transactions(&self) -> Vec<PendingTransaction>;
+	fn ready_transactions(&self, max_len: usize) -> Vec<PendingTransaction>;
 
 	/// Provide a proof-of-execution for the given transaction proof request.
 	/// Returns a vector of all state items necessary to execute the transaction.
@@ -280,8 +280,8 @@ impl<T: ProvingBlockChainClient + ?Sized> Provider for T {
 			.map(|(_, proof)| ::request::ExecutionResponse { items: proof })
 	}
 
-	fn ready_transactions(&self) -> Vec<PendingTransaction> {
-		BlockChainClient::ready_transactions(self)
+	fn ready_transactions(&self, max_len: usize) -> Vec<PendingTransaction> {
+		BlockChainClient::ready_transactions(self, max_len)
 			.into_iter()
 			.map(|tx| tx.pending().clone())
 			.collect()
@@ -367,9 +367,12 @@ impl<L: AsLightClient + Send + Sync> Provider for LightProvider<L> {
 		None
 	}
 
-	fn ready_transactions(&self) -> Vec<PendingTransaction> {
+	fn ready_transactions(&self, max_len: usize) -> Vec<PendingTransaction> {
 		let chain_info = self.chain_info();
-		self.txqueue.read().ready_transactions(chain_info.best_block_number, chain_info.best_block_timestamp)
+		let mut transactions = self.txqueue.read()
+			.ready_transactions(chain_info.best_block_number, chain_info.best_block_timestamp);
+		transactions.truncate(max_len);
+		transactions
 	}
 }
 
diff --git a/ethcore/node_filter/Cargo.toml b/ethcore/node_filter/Cargo.toml
index 0d204e29ff8..11be807652b 100644
--- a/ethcore/node_filter/Cargo.toml
+++ b/ethcore/node_filter/Cargo.toml
@@ -19,6 +19,7 @@ ethabi-contract = "5.0"
 lru-cache = "0.1"
 
 [dev-dependencies]
+ethcore = { path = "..", features = ["test-helpers"] }
 kvdb-memorydb = { path = "../../util/kvdb-memorydb" }
 ethcore-io = { path = "../../util/io" }
 tempdir = "0.3"
diff --git a/ethcore/res/contracts/tx_acl.json b/ethcore/res/contracts/tx_acl.json
index cc924cafb81..e110797d96f 100644
--- a/ethcore/res/contracts/tx_acl.json
+++ b/ethcore/res/contracts/tx_acl.json
@@ -1 +1 @@
-[{"constant":true,"inputs":[{"name":"sender","type":"address"}],"name":"allowedTxTypes","outputs":[{"name":"","type":"uint32"}],"payable":false,"stateMutability":"nonpayable","type":"function"}]
+[ { "constant": true, "inputs": [], "name": "contractNameHash", "outputs": [ { "name": "", "type": "bytes32" } ], "payable": false, "stateMutability": "view", "type": "function" }, { "constant": true, "inputs": [], "name": "contractName", "outputs": [ { "name": "", "type": "string" } ], "payable": false, "stateMutability": "view", "type": "function" }, { "constant": true, "inputs": [], "name": "contractVersion", "outputs": [ { "name": "", "type": "uint256" } ], "payable": false, "stateMutability": "view", "type": "function" }, { "constant": true, "inputs": [ { "name": "sender", "type": "address" }, { "name": "to", "type": "address" }, { "name": "value", "type": "uint256" } ], "name": "allowedTxTypes", "outputs": [ { "name": "", "type": "uint32" }, { "name": "", "type": "bool" } ], "payable": false, "stateMutability": "view", "type": "function" } ]
diff --git a/ethcore/res/contracts/tx_acl_deprecated.json b/ethcore/res/contracts/tx_acl_deprecated.json
new file mode 100644
index 00000000000..cc924cafb81
--- /dev/null
+++ b/ethcore/res/contracts/tx_acl_deprecated.json
@@ -0,0 +1 @@
+[{"constant":true,"inputs":[{"name":"sender","type":"address"}],"name":"allowedTxTypes","outputs":[{"name":"","type":"uint32"}],"payable":false,"stateMutability":"nonpayable","type":"function"}]
diff --git a/ethcore/res/ethereum/classic.json b/ethcore/res/ethereum/classic.json
index 928c056d660..17d9cd2bc0f 100644
--- a/ethcore/res/ethereum/classic.json
+++ b/ethcore/res/ethereum/classic.json
@@ -57,7 +57,8 @@
 		"enode://814920f1ec9510aa9ea1c8f79d8b6e6a462045f09caa2ae4055b0f34f7416fca6facd3dd45f1cf1673c0209e0503f02776b8ff94020e98b6679a0dc561b4eba0@104.154.136.117:30303",
 		"enode://72e445f4e89c0f476d404bc40478b0df83a5b500d2d2e850e08eb1af0cd464ab86db6160d0fde64bd77d5f0d33507ae19035671b3c74fec126d6e28787669740@104.198.71.200:30303",
 		"enode://39abab9d2a41f53298c0c9dc6bbca57b0840c3ba9dccf42aa27316addc1b7e56ade32a0a9f7f52d6c5db4fe74d8824bcedfeaecf1a4e533cacb71cf8100a9442@144.76.238.49:30303",
-		"enode://f50e675a34f471af2438b921914b5f06499c7438f3146f6b8936f1faeb50b8a91d0d0c24fb05a66f05865cd58c24da3e664d0def806172ddd0d4c5bdbf37747e@144.76.238.49:30306"
+		"enode://f50e675a34f471af2438b921914b5f06499c7438f3146f6b8936f1faeb50b8a91d0d0c24fb05a66f05865cd58c24da3e664d0def806172ddd0d4c5bdbf37747e@144.76.238.49:30306",
+		"enode://83b33409349ffa25e150555f7b4f8deebc68f3d34d782129dc3c8ba07b880c209310a4191e1725f2f6bef59bce9452d821111eaa786deab08a7e6551fca41f4f@159.89.223.6:30303"
 	],
 	"accounts": {
 		"0000000000000000000000000000000000000001": { "builtin": { "name": "ecrecover", "pricing": { "linear": { "base": 3000, "word": 0 } } } },
diff --git a/ethcore/res/ethereum/foundation.json b/ethcore/res/ethereum/foundation.json
index b725c9f7c02..1576d19f18c 100644
--- a/ethcore/res/ethereum/foundation.json
+++ b/ethcore/res/ethereum/foundation.json
@@ -2866,13 +2866,13 @@
 		]
 	},
 	"nodes": [
+		"enode://81863f47e9bd652585d3f78b4b2ee07b93dad603fd9bc3c293e1244250725998adc88da0cef48f1de89b15ab92b15db8f43dc2b6fb8fbd86a6f217a1dd886701@193.70.55.37:30303",
+		"enode://4afb3a9137a88267c02651052cf6fb217931b8c78ee058bb86643542a4e2e0a8d24d47d871654e1b78a276c363f3c1bc89254a973b00adc359c9e9a48f140686@144.217.139.5:30303",
+		"enode://c16d390b32e6eb1c312849fe12601412313165df1a705757d671296f1ac8783c5cff09eab0118ac1f981d7148c85072f0f26407e5c68598f3ad49209fade404d@139.99.51.203:30303",
+		"enode://4faf867a2e5e740f9b874e7c7355afee58a2d1ace79f7b692f1d553a1134eddbeb5f9210dd14dc1b774a46fd5f063a8bc1fa90579e13d9d18d1f59bac4a4b16b@139.99.160.213:30303",
 		"enode://6a868ced2dec399c53f730261173638a93a40214cf299ccf4d42a76e3fa54701db410669e8006347a4b3a74fa090bb35af0320e4bc8d04cf5b7f582b1db285f5@163.172.131.191:30303",
 		"enode://66a483383882a518fcc59db6c017f9cd13c71261f13c8d7e67ed43adbbc82a932d88d2291f59be577e9425181fc08828dc916fdd053af935a9491edf9d6006ba@212.47.247.103:30303",
 		"enode://cd6611461840543d5b9c56fbf088736154c699c43973b3a1a32390cf27106f87e58a818a606ccb05f3866de95a4fe860786fea71bf891ea95f234480d3022aa3@163.172.157.114:30303",
-		"enode://78b094cb27ceeecbe311bc278f4fde8b9a265db42d268c88484c94d7a2d19b82a1bd22dfd6c2bd4d90f9b05e6d42255e6eb85de15f73848ff82ed0be9cdf5202@52.233.198.218:30303",
-		"enode://00526537cb7e1aa6cf49714f0635fd0f608904d8d0693b949eea2dcdfdb0abbe4c794003a5fe57aa662d0a9215e8dfa4d2deb6ef0101c5e185e2617721813d43@40.65.122.44:30303",
-		"enode://4a456b4b6e6ee1f51389763e51b80fe04782c762445d96c32a96ebd34bd9178c1894924d5101123eacfd4f0fc4da25b5e1ee7f18832ac0bf4c6d6ac81442d698@40.71.6.49:3030",
-		"enode://68f85e7403976aa92318eff804cbe9bc988e0f5230d9d07ae4def030cbae16603262638e272d19875b7e5c54e296ba88ab6ec6e98face9e2537346c4dce78882@52.243.47.211:30303",
 		"enode://1d1f7bcb159d308eb2f3d5e32dc5f8786d714ec696bb2f7e3d982f9bcd04c938c139432f13aadcaf5128304a8005e8606aebf5eebd9ec192a1471c13b5e31d49@138.201.223.35:30303",
 		"enode://a979fb575495b8d6db44f750317d0f4622bf4c2aa3365d6af7c284339968eef29b69ad0dce72a4d8db5ebb4968de0e3bec910127f134779fbcb0cb6d3331163c@52.16.188.185:30303",
 		"enode://3f1d12044546b76342d59d4a05532c14b85aa669704bfe1f864fe079415aa2c02d743e03218e57a33fb94523adb54032871a6c51b2cc5514cb7c7e35b3ed0a99@13.93.211.84:30303",
@@ -2884,7 +2884,6 @@
 		"enode://1c7a64d76c0334b0418c004af2f67c50e36a3be60b5e4790bdac0439d21603469a85fad36f2473c9a80eb043ae60936df905fa28f1ff614c3e5dc34f15dcd2dc@40.118.3.223:30308",
 		"enode://85c85d7143ae8bb96924f2b54f1b3e70d8c4d367af305325d30a61385a432f247d2c75c45c6b4a60335060d072d7f5b35dd1d4c45f76941f62a4f83b6e75daaf@40.118.3.223:30309",
 		"enode://de471bccee3d042261d52e9bff31458daecc406142b401d4cd848f677479f73104b9fdeb090af9583d3391b7f10cb2ba9e26865dd5fca4fcdc0fb1e3b723c786@54.94.239.50:30303",
-		"enode://1118980bf48b0a3640bdba04e0fe78b1add18e1cd99bf22d53daac1fd9972ad650df52176e7c7d89d1114cfef2bc23a2959aa54998a46afcf7d91809f0855082@52.74.57.123:30303",
 		"enode://4cd540b2c3292e17cff39922e864094bf8b0741fcc8c5dcea14957e389d7944c70278d872902e3d0345927f621547efa659013c400865485ab4bfa0c6596936f@138.201.144.135:30303",
 		"enode://01f76fa0561eca2b9a7e224378dd854278735f1449793c46ad0c4e79e8775d080c21dcc455be391e90a98153c3b05dcc8935c8440de7b56fe6d67251e33f4e3c@51.15.42.252:30303",
 		"enode://2c9059f05c352b29d559192fe6bca272d965c9f2290632a2cfda7f83da7d2634f3ec45ae3a72c54dd4204926fb8082dcf9686e0d7504257541c86fc8569bcf4b@163.172.171.38:30303",
diff --git a/ethcore/res/ethereum/tobalaba.json b/ethcore/res/ethereum/tobalaba.json
new file mode 100644
index 00000000000..e9345c69615
--- /dev/null
+++ b/ethcore/res/ethereum/tobalaba.json
@@ -0,0 +1,54 @@
+{
+	"name": "Tobalaba",
+	"engine": {
+		"authorityRound": {
+			"params": {
+				"stepDuration": "3",
+				"validators": {
+					"contract": "0x1000000000000000000000000000000000000005"
+				},
+				"maximumUncleCount": 999999
+			}
+		}
+	},
+	"params": {
+		"maximumExtraDataSize": "0x20",
+		"gasLimitBoundDivisor": "0x400",
+		"minGasLimit": "0x1388",
+		"networkID": "0x62121",
+		"wasmActivationTransition": 4000000
+	},
+	"genesis": {
+		"seal": {
+			"authorityRound": {
+				"step": "0x0",
+				"signature": "0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+			}
+		},
+		"difficulty": "0x20000",
+		"gasLimit": "0x800000"
+	},
+	"accounts": {
+		"0x1000000000000000000000000000000000000005": {
+			"balance": "1",
+			"constructor": "6060604052341561000f57600080fd5b5b60048054600160a060020a03199081167310000000000000000000000000000000000000061790915560028054909116731000000000000000000000000000000000000007179055600080546001810161006a8382610115565b916000526020600020900160005b8154600160a060020a036101009290920a9182021916734ba15b56452521c0826a35a6f2022e1210fc519b90910217905550600180548082016100bb8382610115565b916000526020600020900160005b8154600160a060020a036101009290920a9182021916734ba15b56452521c0826a35a6f2022e1210fc519b9182021790915560038054600160a060020a0319169091179055505b610160565b8154818355818115116101395760008381526020902061013991810190830161013f565b5b505050565b61015d91905b808211156101595760008155600101610145565b5090565b90565b610a208061016f6000396000f300606060405236156100ee5763ffffffff7c010000000000000000000000000000000000000000000000000000000060003504166303aca792811461013d578063063a54c91461016f57806311ae9ed21461019e578063170f9291146102055780631cd3e85814610237578063480b4619146102585780636c1247e5146102bf5780637a1a9e60146102ee578063830f0bc6146103205780638da5cb5b146103525780639b2ae4c614610381578063b6f783f2146103a6578063b7ab4db5146103d5578063c55642be1461043c578063e2de215e1461045d578063fe5d935c1461048c578063ff7a071b146104f3575b34156100f957600080fd5b5b600454600160a060020a0316600036604051808383808284378201915050925050506000604051808303818561646e5a03f4915050151561013a57600080fd5b5b005b341561014857600080fd5b610153600435610518565b604051600160a060020a03909116815260200160405180910390f35b341561017a57600080fd5b61015361054a565b604051600160a060020a03909116815260200160405180910390f35b34156101a957600080fd5b6101b161055a565b60405160208082528190810183818151815260200191508051906020019060200280838360005b838110156101f15780820151818401525b6020016101d8565b505050509050019250505060405180910390f35b341561021057600080fd5b6101536004356105c3565b604051600160a060020a03909116815260200160405180910390f35b341561024257600080fd5b61013a600160a060020a03600435166105f5565b005b341561026357600080fd5b6101b16106d1565b60405160208082528190810183818151815260200191508051906020019060200280838360005b838110156101f15780820151818401525b6020016101d8565b505050509050019250505060405180910390f35b34156102ca57600080fd5b61015361073a565b604051600160a060020a03909116815260200160405180910390f35b34156102f957600080fd5b610153600435610749565b604051600160a060020a03909116815260200160405180910390f35b341561032b57600080fd5b61015360043561077b565b604051600160a060020a03909116815260200160405180910390f35b341561035d57600080fd5b6101536107ad565b604051600160a060020a03909116815260200160405180910390f35b341561038c57600080fd5b6103946107bc565b60405190815260200160405180910390f35b34156103b157600080fd5b6101536107c3565b604051600160a060020a03909116815260200160405180910390f35b34156103e057600080fd5b6101b16107d3565b60405160208082528190810183818151815260200191508051906020019060200280838360005b838110156101f15780820151818401525b6020016101d8565b505050509050019250505060405180910390f35b341561044757600080fd5b61013a600160a060020a036004351661083c565b005b341561046857600080fd5b610153610918565b604051600160a060020a03909116815260200160405180910390f35b341561049757600080fd5b6101b1610927565b60405160208082528190810183818151815260200191508051906020019060200280838360005b838110156101f15780820151818401525b6020016101d8565b505050509050019250505060405180910390f35b34156104fe57600080fd5b610394610990565b60405190815260200160405180910390f35b600180548290811061052657fe5b906000526020600020900160005b915054906101000a9004600160a060020a031681565b600254600160a060020a03165b90565b610562610997565b60018054806020026020016040519081016040528092919081815260200182805480156105b857602002820191906000526020600020905b8154600160a060020a0316815260019091019060200180831161059a575b505050505090505b90565b600080548290811061052657fe5b906000526020600020900160005b915054906101000a9004600160a060020a031681565b60035433600160a060020a0390811691161461061057600080fd5b600254600160a060020a038281169116141561062b57600080fd5b600680546001810161063d83826109a9565b916000526020600020900160005b600280548354600160a060020a036101009490940a848102199091169184160217909255815473ffffffffffffffffffffffffffffffffffffffff1916908416179055507f78603ac34f42fe53d8aad96b7b37aeee79dc7ed07c26f57a13cdf64ac72b0f1181604051600160a060020a03909116815260200160405180910390a15b5b50565b6106d9610997565b60058054806020026020016040519081016040528092919081815260200182805480156105b857602002820191906000526020600020905b8154600160a060020a0316815260019091019060200180831161059a575b505050505090505b90565b600254600160a060020a031681565b600680548290811061052657fe5b906000526020600020900160005b915054906101000a9004600160a060020a031681565b600580548290811061052657fe5b906000526020600020900160005b915054906101000a9004600160a060020a031681565b600354600160a060020a031681565b6001545b90565b600454600160a060020a03165b90565b6107db610997565b60008054806020026020016040519081016040528092919081815260200182805480156105b857602002820191906000526020600020905b8154600160a060020a0316815260019091019060200180831161059a575b505050505090505b90565b60035433600160a060020a0390811691161461085757600080fd5b600454600160a060020a038281169116141561087257600080fd5b600580546001810161088483826109a9565b916000526020600020900160005b600480548354600160a060020a036101009490940a848102199091169184160217909255815473ffffffffffffffffffffffffffffffffffffffff1916908416179055507fadcbcb6339ee0b34abbe8d1524c53b813794e1537a43136c6a7768019599625781604051600160a060020a03909116815260200160405180910390a15b5b50565b600454600160a060020a031681565b61092f610997565b60068054806020026020016040519081016040528092919081815260200182805480156105b857602002820191906000526020600020905b8154600160a060020a0316815260019091019060200180831161059a575b505050505090505b90565b6000545b90565b60206040519081016040526000815290565b8154818355818115116109cd576000838152602090206109cd9181019083016109d3565b5b505050565b61055791905b808211156109ed57600081556001016109d9565b5090565b905600a165627a7a72305820e9d3839061bfeb56c1cc57b2b2ec8dd7882afd848b4ae489c218d6f9674316660029"
+		},
+		"0x1000000000000000000000000000000000000006": {
+			"balance": "1",
+			"constructor": "6060604052341561000f57600080fd5b5b60028054600160a060020a0319167310000000000000000000000000000000000000071790555b5b610abb806100476000396000f300606060405236156100885763ffffffff60e060020a60003504166303aca792811461008d578063170f9291146100bf57806340a141ff146100f15780634d238c8e146101125780634d655aff1461013357806375286211146101625780638da5cb5b14610177578063a6f9dae1146101a6578063c476dd40146101c7578063d69f13bb1461022e575b600080fd5b341561009857600080fd5b6100a3600435610252565b604051600160a060020a03909116815260200160405180910390f35b34156100ca57600080fd5b6100a3600435610284565b604051600160a060020a03909116815260200160405180910390f35b34156100fc57600080fd5b610110600160a060020a03600435166102b6565b005b341561011d57600080fd5b610110600160a060020a036004351661064d565b005b341561013e57600080fd5b6100a36107a1565b604051600160a060020a03909116815260200160405180910390f35b341561016d57600080fd5b6101106107b0565b005b341561018257600080fd5b6100a36107ed565b604051600160a060020a03909116815260200160405180910390f35b34156101b157600080fd5b610110600160a060020a03600435166107fc565b005b34156101d257600080fd5b61011060048035600160a060020a03169060248035919060649060443590810190830135806020601f8201819004810201604051908101604052818152929190602084018383808284375094965061084495505050505050565b005b341561023957600080fd5b610110600160a060020a0360043516602435610926565b005b600180548290811061026057fe5b906000526020600020900160005b915054906101000a9004600160a060020a031681565b600080548290811061026057fe5b906000526020600020900160005b915054906101000a9004600160a060020a031681565b60035460009033600160a060020a039081169116146102d457600080fd5b600254600160a060020a031663b31610db8360006040516020015260405160e060020a63ffffffff8416028152600160a060020a039091166004820152602401602060405180830381600087803b151561032d57600080fd5b6102c65a03f1151561033e57600080fd5b50505060405180511515905061035357600080fd5b60008054600019810190811061036557fe5b906000526020600020900160005b9054600254600160a060020a036101009390930a9091048216925082916001911663b31610db8560006040516020015260405160e060020a63ffffffff8416028152600160a060020a039091166004820152602401602060405180830381600087803b15156103e157600080fd5b6102c65a03f115156103f257600080fd5b50505060405180518254909150811061040757fe5b906000526020600020900160005b6101000a815481600160a060020a030219169083600160a060020a0316021790555060018080805490500381548110151561044c57fe5b906000526020600020900160005b81546101009190910a600160a060020a0302191690556001805460001901906104839082610991565b50600254600160a060020a0316635caf5a6a828263b31610db8660006040516020015260405160e060020a63ffffffff8416028152600160a060020a039091166004820152602401602060405180830381600087803b15156104e457600080fd5b6102c65a03f115156104f557600080fd5b5050506040518051905060405160e060020a63ffffffff8516028152600160a060020a0390921660048301526024820152604401600060405180830381600087803b151561054257600080fd5b6102c65a03f1151561055357600080fd5b5050600254600160a060020a03169050635caf5a6a83600060405160e060020a63ffffffff8516028152600160a060020a0390921660048301526024820152604401600060405180830381600087803b15156105ae57600080fd5b6102c65a03f115156105bf57600080fd5b5050506000194301407f55252fa6eee4741b4e24a74a70e9c11fd2c2281df8d6ea13126ff845f7825c89600160405160208082528254908201819052819060408201908490801561063957602002820191906000526020600020905b8154600160a060020a0316815260019091019060200180831161061b575b50509250505060405180910390a25b5b5050565b60035433600160a060020a0390811691161461066857600080fd5b600180548082016106798382610991565b916000526020600020900160005b81546101009190910a600160a060020a0381810219909216858316919091021790915560025460015491169150635caf5a6a9083906000190160405160e060020a63ffffffff8516028152600160a060020a0390921660048301526024820152604401600060405180830381600087803b151561070357600080fd5b6102c65a03f1151561071457600080fd5b5050506000194301407f55252fa6eee4741b4e24a74a70e9c11fd2c2281df8d6ea13126ff845f7825c89600160405160208082528254908201819052819060408201908490801561078e57602002820191906000526020600020905b8154600160a060020a03168152600190910190602001808311610770575b50509250505060405180910390a25b5b50565b600254600160a060020a031681565b73fffffffffffffffffffffffffffffffffffffffe600160a060020a033316146107d957600080fd5b6001805461079d916000916109e5565b505b565b600354600160a060020a031681565b60035433600160a060020a0390811691161461081757600080fd5b6003805473ffffffffffffffffffffffffffffffffffffffff1916600160a060020a0383161790555b5b50565b73fffffffffffffffffffffffffffffffffffffffe600160a060020a0333161461086d57600080fd5b7f8498b6f07a5f800443a5fd85ac8171cf40cda44faea60caabe9b297d9dfa8424838383604051600160a060020a03841681526020810183905260606040820181815290820183818151815260200191508051906020019080838360005b838110156108e45780820151818401525b6020016108cb565b50505050905090810190601f1680156109115780820380516001836020036101000a031916815260200191505b5094505050505060405180910390a15b505050565b73fffffffffffffffffffffffffffffffffffffffe600160a060020a0333161461094f57600080fd5b81600160a060020a03167f31bc112157435aab6dd7e9a059abea7f0fce172e3e68e272a6375bbb01eb96c18260405190815260200160405180910390a25b5050565b81548183558181151161092157600083815260209020610921918101908301610a36565b5b505050565b81548183558181151161092157600083815260209020610921918101908301610a36565b5b505050565b828054828255906000526020600020908101928215610a255760005260206000209182015b82811115610a25578254825591600101919060010190610a0a565b5b50610a32929150610a57565b5090565b610a5491905b80821115610a325760008155600101610a3c565b5090565b90565b610a5491905b80821115610a3257805473ffffffffffffffffffffffffffffffffffffffff19168155600101610a5d565b5090565b905600a165627a7a72305820cae3ca62c5821766e8122461884affeaabdc6c2fe79f5a3200207a536e5b0e260029"
+		},
+		"0x1000000000000000000000000000000000000007": {
+			"balance": "1",
+			"constructor": "6060604052341561000f57600080fd5b5b60018054600160a060020a0319167310000000000000000000000000000000000000051790555b5b6101bb806100476000396000f300606060405263ffffffff7c010000000000000000000000000000000000000000000000000000000060003504166318def8ef811461005e5780635caf5a6a1461008f5780638da5cb5b146100b3578063b31610db146100e2575b600080fd5b341561006957600080fd5b61007d600160a060020a0360043516610113565b60405190815260200160405180910390f35b341561009a57600080fd5b6100b1600160a060020a0360043516602435610125565b005b34156100be57600080fd5b6100c6610161565b604051600160a060020a03909116815260200160405180910390f35b34156100ed57600080fd5b61007d600160a060020a0360043516610170565b60405190815260200160405180910390f35b60006020819052908152604090205481565b60015433600160a060020a0390811691161461014057600080fd5b600160a060020a03821660009081526020819052604090208190555b5b5050565b600154600160a060020a031681565b600160a060020a0381166000908152602081905260409020545b9190505600a165627a7a7230582085b261e548fa6e3065a32e485c6417d200c7145f3548c0097d4c92022ac7fb1e0029"
+		},
+		"0x4ba15b56452521c0826a35a6f2022e1210fc519b": {
+			"balance": "0x7E37BE2022B2B09472D89C0000"
+		}
+	},
+	"nodes": [
+		"enode://147573f46fe9f5cc38fbe070089a31390baec5dd2827c8f2ef168833e4d0254fbee3969a02c5b9910ea5d5b23d86a6ed5eabcda17cc12007b7d9178b6c697aa5@37.120.168.56:30303",
+		"enode://a370d5fd55959f20af6d1565b151a760c1372f5a2aaf674d4892cd4fd2de0d1f672781cd40e0d4e4b51c5823527ddec73b31cc14ac685449d9f0866996a16b9f@13.76.165.180:30303",
+		"enode://da019fa5fb1fda105100d68a986938ec15ac5c6ff69d6e4ad3e350e377057f3e67e33aea5feb22d5cdcfc22041d141c8453c77baa64a216fff98f191ca76b3ec@18.220.108.238:30303",
+		"enode://49498fb8cdcd79c813ccdaa9496a3a4be0a187a3183e99adbc04d9c90b9a62ad59f0b6832f6e43b48e63fbebf74ec5438eb0d6d9098330edf36413d276fedf81@13.80.148.117:30303"
+	]
+}
diff --git a/ethcore/res/tx_permission_tests/contract_ver_2_genesis.json b/ethcore/res/tx_permission_tests/contract_ver_2_genesis.json
new file mode 100644
index 00000000000..b165625a165
--- /dev/null
+++ b/ethcore/res/tx_permission_tests/contract_ver_2_genesis.json
@@ -0,0 +1,43 @@
+{
+	"name": "TestNodeFilterContract",
+	"engine": {
+		"authorityRound": {
+			"params": {
+				"stepDuration": 1,
+				"startStep": 2,
+				"validators": {
+					"contract": "0x0000000000000000000000000000000000000000"
+				}
+			}
+		}
+	},
+	"params": {
+		"accountStartNonce": "0x0",
+		"maximumExtraDataSize": "0x20",
+		"minGasLimit": "0x1388",
+		"networkID" : "0x69",
+		"gasLimitBoundDivisor": "0x0400",
+		"transactionPermissionContract": "0x0000000000000000000000000000000000000005"
+	},
+	"genesis": {
+		"seal": {
+			"generic": "0xc180"
+		},
+		"difficulty": "0x20000",
+		"author": "0x0000000000000000000000000000000000000000",
+		"timestamp": "0x00",
+		"parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000",
+		"extraData": "0x",
+		"gasLimit": "0x222222"
+	},
+	"accounts": {
+		"0000000000000000000000000000000000000001": { "balance": "1", "builtin": { "name": "ecrecover", "pricing": { "linear": { "base": 3000, "word": 0 } } } },
+		"0000000000000000000000000000000000000002": { "balance": "1", "builtin": { "name": "sha256", "pricing": { "linear": { "base": 60, "word": 12 } } } },
+		"0000000000000000000000000000000000000003": { "balance": "1", "builtin": { "name": "ripemd160", "pricing": { "linear": { "base": 600, "word": 120 } } } },
+		"0000000000000000000000000000000000000004": { "balance": "1", "builtin": { "name": "identity", "pricing": { "linear": { "base": 15, "word": 3 } } } },
+		"0000000000000000000000000000000000000005": {
+			"balance": "1",
+			"constructor": "608060405234801561001057600080fd5b506104eb806100206000396000f300608060405260043610610062576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168063469ab1e31461006757806375d0c0dc1461009a578063a0a8e4601461012a578063d4b03ee014610155575b600080fd5b34801561007357600080fd5b5061007c6101ed565b60405180826000191660001916815260200191505060405180910390f35b3480156100a657600080fd5b506100af61025e565b6040518080602001828103825283818151815260200191508051906020019080838360005b838110156100ef5780820151818401526020810190506100d4565b50505050905090810190601f16801561011c5780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34801561013657600080fd5b5061013f61029b565b6040518082815260200191505060405180910390f35b34801561016157600080fd5b506101c0600480360381019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803573ffffffffffffffffffffffffffffffffffffffff169060200190929190803590602001909291905050506102a4565b604051808363ffffffff1663ffffffff168152602001821515151581526020019250505060405180910390f35b60006101f761025e565b6040518082805190602001908083835b60208310151561022c5780518252602082019150602081019050602083039250610207565b6001836020036101000a0380198251168184511680821785525050505050509050019150506040518091039020905090565b60606040805190810160405280601681526020017f54585f5045524d495353494f4e5f434f4e545241435400000000000000000000815250905090565b60006002905090565b600080737e5f4552091a69125d5dfcb7b8c2659029395bdf8573ffffffffffffffffffffffffffffffffffffffff1614156102e95763ffffffff6001915091506104b7565b732b5ad5c4795c026514f8317c7a215e218dccd6cf8573ffffffffffffffffffffffffffffffffffffffff16141561032b5760026001176001915091506104b7565b736813eb9362372eef6200f3b1dbc3f819671cba698573ffffffffffffffffffffffffffffffffffffffff16141561036957600180915091506104b7565b73e1ab8145f7e55dc933d51a18c793f901a3a0b2768573ffffffffffffffffffffffffffffffffffffffff161480156103a25750600083145b156103b75763ffffffff6000915091506104b7565b73e57bfe9f44b819898f47bf37e5af72a0783e11418573ffffffffffffffffffffffffffffffffffffffff16148015610419575073d41c057fd1c78805aac12b0a94a405c0461a6fbb8473ffffffffffffffffffffffffffffffffffffffff16145b1561042b5760016000915091506104b7565b73d41c057fd1c78805aac12b0a94a405c0461a6fbb8573ffffffffffffffffffffffffffffffffffffffff1614801561048d575073e57bfe9f44b819898f47bf37e5af72a0783e11418473ffffffffffffffffffffffffffffffffffffffff16145b80156104995750600083145b156104ae5763ffffffff6000915091506104b7565b60006001915091505b9350939150505600a165627a7a723058204982adea2aa10a7b8328ec3829472ee17c62a86957ef6737f2eb729b2c3faf910029"
+		}
+	}
+}
diff --git a/ethcore/res/tx_permission_tests/deprecated_contract_genesis.json b/ethcore/res/tx_permission_tests/deprecated_contract_genesis.json
new file mode 100644
index 00000000000..92fde908089
--- /dev/null
+++ b/ethcore/res/tx_permission_tests/deprecated_contract_genesis.json
@@ -0,0 +1,43 @@
+{
+	"name": "TestNodeFilterContract",
+	"engine": {
+		"authorityRound": {
+			"params": {
+				"stepDuration": 1,
+				"startStep": 2,
+				"validators": {
+					"contract": "0x0000000000000000000000000000000000000000"
+				}
+			}
+		}
+	},
+	"params": {
+		"accountStartNonce": "0x0",
+		"maximumExtraDataSize": "0x20",
+		"minGasLimit": "0x1388",
+		"networkID" : "0x69",
+		"gasLimitBoundDivisor": "0x0400",
+		"transactionPermissionContract": "0x0000000000000000000000000000000000000005"
+	},
+	"genesis": {
+		"seal": {
+			"generic": "0xc180"
+		},
+		"difficulty": "0x20000",
+		"author": "0x0000000000000000000000000000000000000000",
+		"timestamp": "0x00",
+		"parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000",
+		"extraData": "0x",
+		"gasLimit": "0x222222"
+	},
+	"accounts": {
+		"0000000000000000000000000000000000000001": { "balance": "1", "builtin": { "name": "ecrecover", "pricing": { "linear": { "base": 3000, "word": 0 } } } },
+		"0000000000000000000000000000000000000002": { "balance": "1", "builtin": { "name": "sha256", "pricing": { "linear": { "base": 60, "word": 12 } } } },
+		"0000000000000000000000000000000000000003": { "balance": "1", "builtin": { "name": "ripemd160", "pricing": { "linear": { "base": 600, "word": 120 } } } },
+		"0000000000000000000000000000000000000004": { "balance": "1", "builtin": { "name": "identity", "pricing": { "linear": { "base": 15, "word": 3 } } } },
+		"0000000000000000000000000000000000000005": {
+			"balance": "1",
+			"constructor": "6060604052341561000f57600080fd5b5b6101868061001f6000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168063e17512211461003e575b600080fd5b341561004957600080fd5b610075600480803573ffffffffffffffffffffffffffffffffffffffff16906020019091905050610097565b604051808263ffffffff1663ffffffff16815260200191505060405180910390f35b6000737e5f4552091a69125d5dfcb7b8c2659029395bdf8273ffffffffffffffffffffffffffffffffffffffff1614156100d75763ffffffff9050610155565b732b5ad5c4795c026514f8317c7a215e218dccd6cf8273ffffffffffffffffffffffffffffffffffffffff1614156101155760026001179050610155565b736813eb9362372eef6200f3b1dbc3f819671cba698273ffffffffffffffffffffffffffffffffffffffff1614156101505760019050610155565b600090505b9190505600a165627a7a72305820f1f21cb978925a8a92c6e30c8c81adf598adff6d1ef941cf5ed6c0ec7ad1ae3d0029"
+		}
+	}
+}
diff --git a/ethcore/service/Cargo.toml b/ethcore/service/Cargo.toml
index 3a10849b61f..634ee55dba4 100644
--- a/ethcore/service/Cargo.toml
+++ b/ethcore/service/Cargo.toml
@@ -16,5 +16,6 @@ stop-guard = { path = "../../util/stop-guard" }
 trace-time = { path = "../../util/trace-time" }
 
 [dev-dependencies]
+ethcore = { path = "..", features = ["test-helpers"] }
 tempdir = "0.3"
 kvdb-rocksdb = { path = "../../util/kvdb-rocksdb" }
diff --git a/ethcore/src/account_provider/mod.rs b/ethcore/src/account_provider/mod.rs
index 2ebefc988bb..d05d3425db0 100644
--- a/ethcore/src/account_provider/mod.rs
+++ b/ethcore/src/account_provider/mod.rs
@@ -41,7 +41,7 @@ pub use ethstore::{Derivation, IndexDerivation, KeyFile};
 enum Unlock {
 	/// If account is unlocked temporarily, it should be locked after first usage.
 	OneTime,
-	/// Account unlocked permantently can always sign message.
+	/// Account unlocked permanently can always sign message.
 	/// Use with caution.
 	Perm,
 	/// Account unlocked with a timeout
@@ -272,18 +272,18 @@ impl AccountProvider {
 	}
 
 	/// Checks whether an account with a given address is present.
-	pub fn has_account(&self, address: Address) -> Result<bool, Error> {
-		Ok(self.sstore.account_ref(&address).is_ok() && !self.blacklisted_accounts.contains(&address))
+	pub fn has_account(&self, address: Address) -> bool {
+		self.sstore.account_ref(&address).is_ok() && !self.blacklisted_accounts.contains(&address)
 	}
 
 	/// Returns addresses of all accounts.
 	pub fn accounts(&self) -> Result<Vec<Address>, Error> {
 		let accounts = self.sstore.accounts()?;
 		Ok(accounts
-		   .into_iter()
-		   .map(|a| a.address)
-		   .filter(|address| !self.blacklisted_accounts.contains(address))
-		   .collect()
+			.into_iter()
+			.map(|a| a.address)
+			.filter(|address| !self.blacklisted_accounts.contains(address))
+			.collect()
 		)
 	}
 
@@ -495,7 +495,7 @@ impl AccountProvider {
 		self.address_book.write().set_meta(account, meta)
 	}
 
-	/// Removes and address from the addressbook
+	/// Removes and address from the address book
 	pub fn remove_address(&self, addr: Address) {
 		self.address_book.write().remove(addr)
 	}
@@ -585,7 +585,7 @@ impl AccountProvider {
 	fn unlock_account(&self, address: Address, password: String, unlock: Unlock) -> Result<(), Error> {
 		let account = self.sstore.account_ref(&address)?;
 
-		// check if account is already unlocked pernamently, if it is, do nothing
+		// check if account is already unlocked permanently, if it is, do nothing
 		let mut unlocked = self.unlocked.write();
 		if let Some(data) = unlocked.get(&account) {
 			if let Unlock::Perm = data.unlock {
@@ -809,8 +809,17 @@ impl AccountProvider {
 			.map_err(Into::into)
 	}
 
+	/// Sign message with hardware wallet.
+	pub fn sign_message_with_hardware(&self, address: &Address, message: &[u8]) -> Result<Signature, SignError> {
+		match self.hardware_store.as_ref().map(|s| s.sign_message(address, message)) {
+			None | Some(Err(HardwareError::KeyNotFound)) => Err(SignError::NotFound),
+			Some(Err(e)) => Err(From::from(e)),
+			Some(Ok(s)) => Ok(s),
+		}
+	}
+
 	/// Sign transaction with hardware wallet.
-	pub fn sign_with_hardware(&self, address: Address, transaction: &Transaction, chain_id: Option<u64>, rlp_encoded_transaction: &[u8]) -> Result<Signature, SignError> {
+	pub fn sign_transaction_with_hardware(&self, address: &Address, transaction: &Transaction, chain_id: Option<u64>, rlp_encoded_transaction: &[u8]) -> Result<Signature, SignError> {
 		let t_info = TransactionInfo {
 			nonce: transaction.nonce,
 			gas_price: transaction.gas_price,
diff --git a/ethcore/src/client/client.rs b/ethcore/src/client/client.rs
index 1386637d8f9..7b10dab041c 100644
--- a/ethcore/src/client/client.rs
+++ b/ethcore/src/client/client.rs
@@ -1047,7 +1047,8 @@ impl Client {
 	/// Otherwise, this can fail (but may not) if the DB prunes state.
 	pub fn state_at_beginning(&self, id: BlockId) -> Option<State<StateDB>> {
 		match self.block_number(id) {
-			None | Some(0) => None,
+			None => None,
+			Some(0) => self.state_at(id),
 			Some(n) => self.state_at(BlockId::Number(n - 1)),
 		}
 	}
@@ -1956,8 +1957,8 @@ impl BlockChainClient for Client {
 		(*self.build_last_hashes(&self.chain.read().best_block_hash())).clone()
 	}
 
-	fn ready_transactions(&self) -> Vec<Arc<VerifiedTransaction>> {
-		self.importer.miner.ready_transactions(self)
+	fn ready_transactions(&self, max_len: usize) -> Vec<Arc<VerifiedTransaction>> {
+		self.importer.miner.ready_transactions(self, max_len, ::miner::PendingOrdering::Priority)
 	}
 
 	fn signing_chain_id(&self) -> Option<u64> {
diff --git a/ethcore/src/client/test_client.rs b/ethcore/src/client/test_client.rs
index 4bd76b4495c..620f1af3330 100644
--- a/ethcore/src/client/test_client.rs
+++ b/ethcore/src/client/test_client.rs
@@ -48,7 +48,7 @@ use log_entry::LocalizedLogEntry;
 use receipt::{Receipt, LocalizedReceipt, TransactionOutcome};
 use error::ImportResult;
 use vm::Schedule;
-use miner::{Miner, MinerService};
+use miner::{self, Miner, MinerService};
 use spec::Spec;
 use types::basic_account::BasicAccount;
 use types::pruning_info::PruningInfo;
@@ -806,8 +806,8 @@ impl BlockChainClient for TestBlockChainClient {
 		self.traces.read().clone()
 	}
 
-	fn ready_transactions(&self) -> Vec<Arc<VerifiedTransaction>> {
-		self.miner.ready_transactions(self)
+	fn ready_transactions(&self, max_len: usize) -> Vec<Arc<VerifiedTransaction>> {
+		self.miner.ready_transactions(self, max_len, miner::PendingOrdering::Priority)
 	}
 
 	fn signing_chain_id(&self) -> Option<u64> { None }
diff --git a/ethcore/src/client/traits.rs b/ethcore/src/client/traits.rs
index d3a20dcff89..29876fe80a4 100644
--- a/ethcore/src/client/traits.rs
+++ b/ethcore/src/client/traits.rs
@@ -321,7 +321,7 @@ pub trait BlockChainClient : Sync + Send + AccountData + BlockChain + CallContra
 	fn last_hashes(&self) -> LastHashes;
 
 	/// List all transactions that are allowed into the next block.
-	fn ready_transactions(&self) -> Vec<Arc<VerifiedTransaction>>;
+	fn ready_transactions(&self, max_len: usize) -> Vec<Arc<VerifiedTransaction>>;
 
 	/// Sorted list of transaction gas prices from at least last sample_size blocks.
 	fn gas_price_corpus(&self, sample_size: usize) -> ::stats::Corpus<U256> {
diff --git a/ethcore/src/engines/authority_round/mod.rs b/ethcore/src/engines/authority_round/mod.rs
index 067c754c7f5..cc5c6e0b1cb 100644
--- a/ethcore/src/engines/authority_round/mod.rs
+++ b/ethcore/src/engines/authority_round/mod.rs
@@ -382,12 +382,16 @@ impl Decodable for SealedEmptyStep {
 	}
 }
 
+struct PermissionedStep {
+	inner: Step,
+	can_propose: AtomicBool,
+}
+
 /// Engine using `AuthorityRound` proof-of-authority BFT consensus.
 pub struct AuthorityRound {
 	transition_service: IoService<()>,
-	step: Arc<Step>,
-	can_propose: AtomicBool,
-	client: RwLock<Option<Weak<EngineClient>>>,
+	step: Arc<PermissionedStep>,
+	client: Arc<RwLock<Option<Weak<EngineClient>>>>,
 	signer: RwLock<EngineSigner>,
 	validators: Box<ValidatorSet>,
 	validate_score_transition: u64,
@@ -407,7 +411,7 @@ pub struct AuthorityRound {
 
 // header-chain validator.
 struct EpochVerifier {
-	step: Arc<Step>,
+	step: Arc<PermissionedStep>,
 	subchain_validators: SimpleList,
 	empty_steps_transition: u64,
 }
@@ -415,7 +419,7 @@ struct EpochVerifier {
 impl super::EpochVerifier<EthereumMachine> for EpochVerifier {
 	fn verify_light(&self, header: &Header) -> Result<(), Error> {
 		// Validate the timestamp
-		verify_timestamp(&*self.step, header_step(header, self.empty_steps_transition)?)?;
+		verify_timestamp(&self.step.inner, header_step(header, self.empty_steps_transition)?)?;
 		// always check the seal since it's fast.
 		// nothing heavier to do.
 		verify_external(header, &self.subchain_validators, self.empty_steps_transition)
@@ -615,13 +619,15 @@ impl AuthorityRound {
 		let engine = Arc::new(
 			AuthorityRound {
 				transition_service: IoService::<()>::start()?,
-				step: Arc::new(Step {
-					inner: AtomicUsize::new(initial_step),
-					calibrate: our_params.start_step.is_none(),
-					duration: our_params.step_duration,
+				step: Arc::new(PermissionedStep {
+					inner: Step {
+						inner: AtomicUsize::new(initial_step),
+						calibrate: our_params.start_step.is_none(),
+						duration: our_params.step_duration,
+					},
+					can_propose: AtomicBool::new(true),
 				}),
-				can_propose: AtomicBool::new(true),
-				client: RwLock::new(None),
+				client: Arc::new(RwLock::new(None)),
 				signer: Default::default(),
 				validators: our_params.validators,
 				validate_score_transition: our_params.validate_score_transition,
@@ -641,7 +647,10 @@ impl AuthorityRound {
 
 		// Do not initialize timeouts for tests.
 		if should_timeout {
-			let handler = TransitionHandler { engine: Arc::downgrade(&engine) };
+			let handler = TransitionHandler {
+				step: engine.step.clone(),
+				client: engine.client.clone(),
+			};
 			engine.transition_service.register_handler(Arc::new(handler))?;
 		}
 		Ok(engine)
@@ -666,7 +675,7 @@ impl AuthorityRound {
 	}
 
 	fn generate_empty_step(&self, parent_hash: &H256) {
-		let step = self.step.load();
+		let step = self.step.inner.load();
 		let empty_step_rlp = empty_step_rlp(step, parent_hash);
 
 		if let Ok(signature) = self.sign(keccak(&empty_step_rlp)).map(Into::into) {
@@ -698,34 +707,37 @@ fn unix_now() -> Duration {
 }
 
 struct TransitionHandler {
-	engine: Weak<AuthorityRound>,
+	step: Arc<PermissionedStep>,
+	client: Arc<RwLock<Option<Weak<EngineClient>>>>,
 }
 
 const ENGINE_TIMEOUT_TOKEN: TimerToken = 23;
 
 impl IoHandler<()> for TransitionHandler {
 	fn initialize(&self, io: &IoContext<()>) {
-		if let Some(engine) = self.engine.upgrade() {
-			let remaining = engine.step.duration_remaining().as_millis();
-			io.register_timer_once(ENGINE_TIMEOUT_TOKEN, Duration::from_millis(remaining))
-				.unwrap_or_else(|e| warn!(target: "engine", "Failed to start consensus step timer: {}.", e))
-		}
+		let remaining = AsMillis::as_millis(&self.step.inner.duration_remaining());
+		io.register_timer_once(ENGINE_TIMEOUT_TOKEN, Duration::from_millis(remaining))
+			.unwrap_or_else(|e| warn!(target: "engine", "Failed to start consensus step timer: {}.", e))
 	}
 
 	fn timeout(&self, io: &IoContext<()>, timer: TimerToken) {
 		if timer == ENGINE_TIMEOUT_TOKEN {
-			if let Some(engine) = self.engine.upgrade() {
-				// NOTE we might be lagging by couple of steps in case the timeout
-				// has not been called fast enough.
-				// Make sure to advance up to the actual step.
-				while engine.step.duration_remaining().as_millis() == 0 {
-					engine.step();
+			// NOTE we might be lagging by couple of steps in case the timeout
+			// has not been called fast enough.
+			// Make sure to advance up to the actual step.
+			while AsMillis::as_millis(&self.step.inner.duration_remaining()) == 0 {
+				self.step.inner.increment();
+				self.step.can_propose.store(true, AtomicOrdering::SeqCst);
+				if let Some(ref weak) = *self.client.read() {
+					if let Some(c) = weak.upgrade() {
+						c.update_sealing();
+					}
 				}
-
-				let next_run_at = engine.step.duration_remaining().as_millis() >> 2;
-				io.register_timer_once(ENGINE_TIMEOUT_TOKEN, Duration::from_millis(next_run_at))
-					.unwrap_or_else(|e| warn!(target: "engine", "Failed to restart consensus step timer: {}.", e))
 			}
+
+			let next_run_at = AsMillis::as_millis(&self.step.inner.duration_remaining()) >> 2;
+			io.register_timer_once(ENGINE_TIMEOUT_TOKEN, Duration::from_millis(next_run_at))
+				.unwrap_or_else(|e| warn!(target: "engine", "Failed to restart consensus step timer: {}.", e))
 		}
 	}
 }
@@ -742,8 +754,8 @@ impl Engine<EthereumMachine> for AuthorityRound {
 	}
 
 	fn step(&self) {
-		self.step.increment();
-		self.can_propose.store(true, AtomicOrdering::SeqCst);
+		self.step.inner.increment();
+		self.step.can_propose.store(true, AtomicOrdering::SeqCst);
 		if let Some(ref weak) = *self.client.read() {
 			if let Some(c) = weak.upgrade() {
 				c.update_sealing();
@@ -790,7 +802,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 
 	fn populate_from_parent(&self, header: &mut Header, parent: &Header) {
 		let parent_step = header_step(parent, self.empty_steps_transition).expect("Header has been verified; qed");
-		let current_step = self.step.load();
+		let current_step = self.step.inner.load();
 
 		let current_empty_steps_len = if header.number() >= self.empty_steps_transition {
 			self.empty_steps(parent_step.into(), current_step.into(), parent.hash()).len()
@@ -816,7 +828,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 		let empty_step: EmptyStep = rlp.as_val().map_err(fmt_err)?;;
 
 		if empty_step.verify(&*self.validators).unwrap_or(false) {
-			if self.step.check_future(empty_step.step).is_ok() {
+			if self.step.inner.check_future(empty_step.step).is_ok() {
 				trace!(target: "engine", "handle_message: received empty step message {:?}", empty_step);
 				self.handle_empty_step_message(empty_step);
 			} else {
@@ -836,7 +848,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 	fn generate_seal(&self, block: &ExecutedBlock, parent: &Header) -> Seal {
 		// first check to avoid generating signature most of the time
 		// (but there's still a race to the `compare_and_swap`)
-		if !self.can_propose.load(AtomicOrdering::SeqCst) {
+		if !self.step.can_propose.load(AtomicOrdering::SeqCst) {
 			trace!(target: "engine", "Aborting seal generation. Can't propose.");
 			return Seal::None;
 		}
@@ -845,7 +857,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 		let parent_step: U256 = header_step(parent, self.empty_steps_transition)
 			.expect("Header has been verified; qed").into();
 
-		let step = self.step.load();
+		let step = self.step.inner.load();
 
 		// filter messages from old and future steps and different parents
 		let empty_steps = if header.number() >= self.empty_steps_transition {
@@ -922,7 +934,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 				trace!(target: "engine", "generate_seal: Issuing a block for step {}.", step);
 
 				// only issue the seal if we were the first to reach the compare_and_swap.
-				if self.can_propose.compare_and_swap(true, false, AtomicOrdering::SeqCst) {
+				if self.step.can_propose.compare_and_swap(true, false, AtomicOrdering::SeqCst) {
 
 					self.clear_empty_steps(parent_step);
 
@@ -999,7 +1011,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 					.decode()?;
 
 				let parent_step = header_step(&parent, self.empty_steps_transition)?;
-				let current_step = self.step.load();
+				let current_step = self.step.inner.load();
 				self.empty_steps(parent_step.into(), current_step.into(), parent.hash())
 			} else {
 				// we're verifying a block, extract empty steps from the seal
@@ -1052,7 +1064,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 		// If yes then probably benign reporting needs to be moved further in the verification.
 		let set_number = header.number();
 
-		match verify_timestamp(&*self.step, header_step(header, self.empty_steps_transition)?) {
+		match verify_timestamp(&self.step.inner, header_step(header, self.empty_steps_transition)?) {
 			Err(BlockError::InvalidSeal) => {
 				self.validators.report_benign(header.author(), set_number, header.number());
 				Err(BlockError::InvalidSeal.into())
@@ -1294,7 +1306,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 						// This way, upon encountering an epoch change, the proposer from the
 						// new set will be forced to wait until the next step to avoid sealing a
 						// block that breaks the invariant that the parent's step < the block's step.
-						self.can_propose.store(false, AtomicOrdering::SeqCst);
+						self.step.can_propose.store(false, AtomicOrdering::SeqCst);
 						return Some(combine_proofs(signal_number, &pending.proof, &*finality_proof));
 					}
 				}
diff --git a/ethcore/src/ethereum/mod.rs b/ethcore/src/ethereum/mod.rs
index db07cbbd493..678af5c626b 100644
--- a/ethcore/src/ethereum/mod.rs
+++ b/ethcore/src/ethereum/mod.rs
@@ -61,6 +61,11 @@ pub fn new_expanse<'a, T: Into<SpecParams<'a>>>(params: T) -> Spec {
 	load(params.into(), include_bytes!("../../res/ethereum/expanse.json"))
 }
 
+/// Create a new Tobalaba chain spec.
+pub fn new_tobalaba<'a, T: Into<SpecParams<'a>>>(params: T) -> Spec {
+	load(params.into(), include_bytes!("../../res/ethereum/tobalaba.json"))
+}
+
 /// Create a new Musicoin mainnet chain spec.
 pub fn new_musicoin<'a, T: Into<SpecParams<'a>>>(params: T) -> Spec {
 	load(params.into(), include_bytes!("../../res/ethereum/musicoin.json"))
diff --git a/ethcore/src/miner/miner.rs b/ethcore/src/miner/miner.rs
index bf51d0b135b..8348fedba57 100644
--- a/ethcore/src/miner/miner.rs
+++ b/ethcore/src/miner/miner.rs
@@ -180,7 +180,7 @@ struct SealingWork {
 	next_allowed_reseal: Instant,
 	next_mandatory_reseal: Instant,
 	// block number when sealing work was last requested
-	last_request: u64,
+	last_request: Option<u64>,
 }
 
 impl SealingWork {
@@ -231,7 +231,7 @@ impl Miner {
 					|| spec.engine.seals_internally().is_some(),
 				next_allowed_reseal: Instant::now(),
 				next_mandatory_reseal: Instant::now() + options.reseal_max_period,
-				last_request: 0,
+				last_request: None,
 			}),
 			params: RwLock::new(AuthoringParams::default()),
 			listeners: RwLock::new(vec![]),
@@ -364,18 +364,28 @@ impl Miner {
 
 		let client = self.pool_client(chain);
 		let engine_params = self.engine.params();
-		let min_tx_gas = self.engine.schedule(chain_info.best_block_number).tx_gas.into();
+		let min_tx_gas: U256 = self.engine.schedule(chain_info.best_block_number).tx_gas.into();
 		let nonce_cap: Option<U256> = if chain_info.best_block_number + 1 >= engine_params.dust_protection_transition {
 			Some((engine_params.nonce_cap_increment * (chain_info.best_block_number + 1)).into())
 		} else {
 			None
 		};
+		// we will never need more transactions than limit divided by min gas
+		let max_transactions = if min_tx_gas.is_zero() {
+			usize::max_value()
+		} else {
+			(*open_block.block().header().gas_limit() / min_tx_gas).as_u64() as usize
+		};
 
 		let pending: Vec<Arc<_>> = self.transaction_queue.pending(
 			client.clone(),
-			chain_info.best_block_number,
-			chain_info.best_block_timestamp,
-			nonce_cap,
+			pool::PendingSettings {
+				block_number: chain_info.best_block_number,
+				current_timestamp: chain_info.best_block_timestamp,
+				nonce_cap,
+				max_len: max_transactions,
+				ordering: miner::PendingOrdering::Priority,
+			}
 		);
 
 		let took_ms = |elapsed: &Duration| {
@@ -496,8 +506,10 @@ impl Miner {
 		trace!(target: "miner", "requires_reseal: sealing enabled");
 
 		// Disable sealing if there were no requests for SEALING_TIMEOUT_IN_BLOCKS
-		let had_requests = best_block > sealing.last_request
-			&& best_block - sealing.last_request <= SEALING_TIMEOUT_IN_BLOCKS;
+		let had_requests = sealing.last_request.map(|last_request| {
+			best_block > last_request
+				&& best_block - last_request <= SEALING_TIMEOUT_IN_BLOCKS
+		}).unwrap_or(false);
 
 		// keep sealing enabled if any of the conditions is met
 		let sealing_enabled = self.forced_sealing()
@@ -516,7 +528,7 @@ impl Miner {
 		);
 
 		if should_disable_sealing {
-			trace!(target: "miner", "Miner sleeping (current {}, last {})", best_block, sealing.last_request);
+			trace!(target: "miner", "Miner sleeping (current {}, last {})", best_block, sealing.last_request.unwrap_or(0));
 			sealing.enabled = false;
 			sealing.queue.reset();
 			false
@@ -676,18 +688,32 @@ impl Miner {
 
 		let best_number = client.chain_info().best_block_number;
 		let mut sealing = self.sealing.lock();
-		if sealing.last_request != best_number {
+		if sealing.last_request != Some(best_number) {
 			trace!(
 				target: "miner",
 				"prepare_pending_block: Miner received request (was {}, now {}) - waking up.",
-				sealing.last_request, best_number
+				sealing.last_request.unwrap_or(0), best_number
 			);
-			sealing.last_request = best_number;
+			sealing.last_request = Some(best_number);
 		}
 
 		// Return if we restarted
 		prepare_new
 	}
+
+	/// Prepare pending block, check whether sealing is needed, and then update sealing.
+	fn prepare_and_update_sealing<C: miner::BlockChainClient>(&self, chain: &C) {
+		use miner::MinerService;
+
+		// Make sure to do it after transaction is imported and lock is dropped.
+		// We need to create pending block and enable sealing.
+		if self.engine.seals_internally().unwrap_or(false) || !self.prepare_pending_block(chain) {
+			// If new block has not been prepared (means we already had one)
+			// or Engine might be able to seal internally,
+			// we need to update sealing.
+			self.update_sealing(chain);
+		}
+	}
 }
 
 const SEALING_TIMEOUT_IN_BLOCKS : u64 = 5;
@@ -754,12 +780,12 @@ impl miner::MinerService for Miner {
 			transactions.into_iter().map(pool::verifier::Transaction::Unverified).collect(),
 		);
 
+		// --------------------------------------------------------------------------
+		// | NOTE Code below requires sealing locks.                                |
+		// | Make sure to release the locks before calling that method.             |
+		// --------------------------------------------------------------------------
 		if !results.is_empty() && self.options.reseal_on_external_tx &&	self.sealing.lock().reseal_allowed() {
-			// --------------------------------------------------------------------------
-			// | NOTE Code below requires sealing locks.                                |
-			// | Make sure to release the locks before calling that method.             |
-			// --------------------------------------------------------------------------
-			self.update_sealing(chain);
+			self.prepare_and_update_sealing(chain);
 		}
 
 		results
@@ -784,14 +810,7 @@ impl miner::MinerService for Miner {
 		// | Make sure to release the locks before calling that method.             |
 		// --------------------------------------------------------------------------
 		if imported.is_ok() && self.options.reseal_on_own_tx && self.sealing.lock().reseal_allowed() {
-			// Make sure to do it after transaction is imported and lock is droped.
-			// We need to create pending block and enable sealing.
-			if self.engine.seals_internally().unwrap_or(false) || !self.prepare_pending_block(chain) {
-				// If new block has not been prepared (means we already had one)
-				// or Engine might be able to seal internally,
-				// we need to update sealing.
-				self.update_sealing(chain);
-			}
+			self.prepare_and_update_sealing(chain);
 		}
 
 		imported
@@ -805,20 +824,28 @@ impl miner::MinerService for Miner {
 		self.transaction_queue.all_transactions()
 	}
 
-	fn ready_transactions<C>(&self, chain: &C) -> Vec<Arc<VerifiedTransaction>> where
+	fn ready_transactions<C>(&self, chain: &C, max_len: usize, ordering: miner::PendingOrdering)
+		-> Vec<Arc<VerifiedTransaction>>
+	where
 		C: ChainInfo + Nonce + Sync,
 	{
 		let chain_info = chain.chain_info();
 
 		let from_queue = || {
+			// We propagate transactions over the nonce cap.
+			// The mechanism is only to limit number of transactions in pending block
+			// those transactions are valid and will just be ready to be included in next block.
+			let nonce_cap = None;
+
 			self.transaction_queue.pending(
 				CachedNonceClient::new(chain, &self.nonce_cache),
-				chain_info.best_block_number,
-				chain_info.best_block_timestamp,
-				// We propagate transactions over the nonce cap.
-				// The mechanism is only to limit number of transactions in pending block
-				// those transactions are valid and will just be ready to be included in next block.
-				None,
+				pool::PendingSettings {
+					block_number: chain_info.best_block_number,
+					current_timestamp: chain_info.best_block_timestamp,
+					nonce_cap,
+					max_len,
+					ordering,
+				},
 			)
 		};
 
@@ -828,6 +855,7 @@ impl miner::MinerService for Miner {
 					.iter()
 					.map(|signed| pool::VerifiedTransaction::from_pending_block_transaction(signed.clone()))
 					.map(Arc::new)
+					.take(max_len)
 					.collect()
 			}, chain_info.best_block_number)
 		};
@@ -954,7 +982,7 @@ impl miner::MinerService for Miner {
 	}
 
 	fn is_currently_sealing(&self) -> bool {
-		self.sealing.lock().queue.is_in_use()
+		self.sealing.lock().enabled
 	}
 
 	fn work_package<C>(&self, chain: &C) -> Option<(H256, BlockNumber, u64, U256)> where
@@ -1081,7 +1109,7 @@ mod tests {
 	use rustc_hex::FromHex;
 
 	use client::{TestBlockChainClient, EachBlockWith, ChainInfo, ImportSealedBlock};
-	use miner::MinerService;
+	use miner::{MinerService, PendingOrdering};
 	use test_helpers::{generate_dummy_client, generate_dummy_client_with_spec_and_accounts};
 	use transaction::{Transaction};
 
@@ -1177,7 +1205,7 @@ mod tests {
 		assert_eq!(res.unwrap(), ());
 		assert_eq!(miner.pending_transactions(best_block).unwrap().len(), 1);
 		assert_eq!(miner.pending_receipts(best_block).unwrap().len(), 1);
-		assert_eq!(miner.ready_transactions(&client).len(), 1);
+		assert_eq!(miner.ready_transactions(&client, 10, PendingOrdering::Priority).len(), 1);
 		// This method will let us know if pending block was created (before calling that method)
 		assert!(!miner.prepare_pending_block(&client));
 	}
@@ -1196,7 +1224,7 @@ mod tests {
 		assert_eq!(res.unwrap(), ());
 		assert_eq!(miner.pending_transactions(best_block), None);
 		assert_eq!(miner.pending_receipts(best_block), None);
-		assert_eq!(miner.ready_transactions(&client).len(), 1);
+		assert_eq!(miner.ready_transactions(&client, 10, PendingOrdering::Priority).len(), 1);
 	}
 
 	#[test]
@@ -1215,11 +1243,11 @@ mod tests {
 		assert_eq!(miner.pending_transactions(best_block), None);
 		assert_eq!(miner.pending_receipts(best_block), None);
 		// By default we use PendingSet::AlwaysSealing, so no transactions yet.
-		assert_eq!(miner.ready_transactions(&client).len(), 0);
+		assert_eq!(miner.ready_transactions(&client, 10, PendingOrdering::Priority).len(), 0);
 		// This method will let us know if pending block was created (before calling that method)
 		assert!(miner.prepare_pending_block(&client));
 		// After pending block is created we should see a transaction.
-		assert_eq!(miner.ready_transactions(&client).len(), 1);
+		assert_eq!(miner.ready_transactions(&client, 10, PendingOrdering::Priority).len(), 1);
 	}
 
 	#[test]
@@ -1266,4 +1294,55 @@ mod tests {
 		let client = generate_dummy_client_with_spec_and_accounts(spec, None);
 		assert!(match client.miner().set_author(addr, Some("".into())) { Err(AccountError::NotFound) => true, _ => false });
 	}
+
+	#[test]
+	fn should_mine_if_internal_sealing_is_enabled() {
+		let spec = Spec::new_instant();
+		let miner = Miner::new_for_tests(&spec, None);
+
+		let client = generate_dummy_client(2);
+		miner.update_sealing(&*client);
+
+		assert!(miner.is_currently_sealing());
+	}
+
+	#[test]
+	fn should_not_mine_if_internal_sealing_is_disabled() {
+		let spec = Spec::new_test_round();
+		let miner = Miner::new_for_tests(&spec, None);
+
+		let client = generate_dummy_client(2);
+		miner.update_sealing(&*client);
+
+		assert!(!miner.is_currently_sealing());
+	}
+
+	#[test]
+	fn should_not_mine_if_no_fetch_work_request() {
+		let spec = Spec::new_test();
+		let miner = Miner::new_for_tests(&spec, None);
+
+		let client = generate_dummy_client(2);
+		miner.update_sealing(&*client);
+
+		assert!(!miner.is_currently_sealing());
+	}
+
+	#[test]
+	fn should_mine_if_fetch_work_request() {
+		struct DummyNotifyWork;
+
+		impl NotifyWork for DummyNotifyWork {
+			fn notify(&self, _pow_hash: H256, _difficulty: U256, _number: u64) { }
+		}
+
+		let spec = Spec::new_test();
+		let miner = Miner::new_for_tests(&spec, None);
+		miner.add_work_listener(Box::new(DummyNotifyWork));
+
+		let client = generate_dummy_client(2);
+		miner.update_sealing(&*client);
+
+		assert!(miner.is_currently_sealing());
+	}
 }
diff --git a/ethcore/src/miner/mod.rs b/ethcore/src/miner/mod.rs
index dd5f28feb60..631941de611 100644
--- a/ethcore/src/miner/mod.rs
+++ b/ethcore/src/miner/mod.rs
@@ -26,6 +26,7 @@ pub mod pool_client;
 pub mod stratum;
 
 pub use self::miner::{Miner, MinerOptions, Penalization, PendingSet, AuthoringParams};
+pub use ethcore_miner::pool::PendingOrdering;
 
 use std::sync::Arc;
 use std::collections::BTreeMap;
@@ -156,10 +157,12 @@ pub trait MinerService : Send + Sync {
 	fn next_nonce<C>(&self, chain: &C, address: &Address) -> U256
 		where C: Nonce + Sync;
 
-	/// Get a list of all ready transactions.
+	/// Get a list of all ready transactions either ordered by priority or unordered (cheaper).
 	///
 	/// Depending on the settings may look in transaction pool or only in pending block.
-	fn ready_transactions<C>(&self, chain: &C) -> Vec<Arc<VerifiedTransaction>>
+	/// If you don't need a full set of transactions, you can add `max_len` and create only a limited set of
+	/// transactions.
+	fn ready_transactions<C>(&self, chain: &C, max_len: usize, ordering: PendingOrdering) -> Vec<Arc<VerifiedTransaction>>
 		where C: ChainInfo + Nonce + Sync;
 
 	/// Get a list of all transactions in the pool (some of them might not be ready for inclusion yet).
diff --git a/ethcore/src/miner/pool_client.rs b/ethcore/src/miner/pool_client.rs
index 226fe21e293..bcf93d37532 100644
--- a/ethcore/src/miner/pool_client.rs
+++ b/ethcore/src/miner/pool_client.rs
@@ -124,7 +124,7 @@ impl<'a, C: 'a> pool::client::Client for PoolClient<'a, C> where
 		pool::client::AccountDetails {
 			nonce: self.cached_nonces.account_nonce(address),
 			balance: self.chain.latest_balance(address),
-			is_local: self.accounts.map_or(false, |accounts| accounts.has_account(*address).unwrap_or(false)),
+			is_local: self.accounts.map_or(false, |accounts| accounts.has_account(*address)),
 		}
 	}
 
diff --git a/ethcore/src/snapshot/tests/proof_of_authority.rs b/ethcore/src/snapshot/tests/proof_of_authority.rs
index d26ecfc4042..04fe7c4c683 100644
--- a/ethcore/src/snapshot/tests/proof_of_authority.rs
+++ b/ethcore/src/snapshot/tests/proof_of_authority.rs
@@ -214,7 +214,7 @@ fn fixed_to_contract_only() {
 		secret!("dog42"),
 	]);
 
-	assert!(provider.has_account(*RICH_ADDR).unwrap());
+	assert!(provider.has_account(*RICH_ADDR));
 
 	let client = make_chain(provider, 3, vec![
 		Transition::Manual(3, vec![addrs[2], addrs[3], addrs[5], addrs[7]]),
@@ -247,7 +247,7 @@ fn fixed_to_contract_to_contract() {
 		secret!("dog42"),
 	]);
 
-	assert!(provider.has_account(*RICH_ADDR).unwrap());
+	assert!(provider.has_account(*RICH_ADDR));
 
 	let client = make_chain(provider, 3, vec![
 		Transition::Manual(3, vec![addrs[2], addrs[3], addrs[5], addrs[7]]),
diff --git a/ethcore/src/tests/client.rs b/ethcore/src/tests/client.rs
index ccafcf6613c..e18b4db9832 100644
--- a/ethcore/src/tests/client.rs
+++ b/ethcore/src/tests/client.rs
@@ -30,7 +30,7 @@ use test_helpers::{
 use types::filter::Filter;
 use ethereum_types::{U256, Address};
 use kvdb_rocksdb::{Database, DatabaseConfig};
-use miner::Miner;
+use miner::{Miner, PendingOrdering};
 use spec::Spec;
 use views::BlockView;
 use ethkey::KeyPair;
@@ -343,12 +343,12 @@ fn does_not_propagate_delayed_transactions() {
 
 	client.miner().import_own_transaction(&*client, tx0).unwrap();
 	client.miner().import_own_transaction(&*client, tx1).unwrap();
-	assert_eq!(0, client.ready_transactions().len());
-	assert_eq!(0, client.miner().ready_transactions(&*client).len());
+	assert_eq!(0, client.ready_transactions(10).len());
+	assert_eq!(0, client.miner().ready_transactions(&*client, 10, PendingOrdering::Priority).len());
 	push_blocks_to_client(&client, 53, 2, 2);
 	client.flush_queue();
-	assert_eq!(2, client.ready_transactions().len());
-	assert_eq!(2, client.miner().ready_transactions(&*client).len());
+	assert_eq!(2, client.ready_transactions(10).len());
+	assert_eq!(2, client.miner().ready_transactions(&*client, 10, PendingOrdering::Priority).len());
 }
 
 #[test]
diff --git a/ethcore/src/tx_filter.rs b/ethcore/src/tx_filter.rs
index a20ff8e60cd..12ddbb02a45 100644
--- a/ethcore/src/tx_filter.rs
+++ b/ethcore/src/tx_filter.rs
@@ -16,7 +16,7 @@
 
 //! Smart contract based transaction filter.
 
-use ethereum_types::{H256, Address};
+use ethereum_types::{H256, U256, Address};
 use lru_cache::LruCache;
 
 use client::{BlockInfo, CallContract, BlockId};
@@ -25,6 +25,7 @@ use spec::CommonParams;
 use transaction::{Action, SignedTransaction};
 use hash::KECCAK_EMPTY;
 
+use_contract!(transact_acl_deprecated, "TransactAclDeprecated", "res/contracts/tx_acl_deprecated.json");
 use_contract!(transact_acl, "TransactAcl", "res/contracts/tx_acl.json");
 
 const MAX_CACHE_SIZE: usize = 4096;
@@ -40,9 +41,11 @@ mod tx_permissions {
 
 /// Connection filter that uses a contract to manage permissions.
 pub struct TransactionFilter {
+	contract_deprecated: transact_acl_deprecated::TransactAclDeprecated,
 	contract: transact_acl::TransactAcl,
 	contract_address: Address,
 	permission_cache: Mutex<LruCache<(H256, Address), u32>>,
+	contract_version_cache: Mutex<LruCache<(H256), Option<U256>>>
 }
 
 impl TransactionFilter {
@@ -50,46 +53,86 @@ impl TransactionFilter {
 	pub fn from_params(params: &CommonParams) -> Option<TransactionFilter> {
 		params.transaction_permission_contract.map(|address|
 			TransactionFilter {
+				contract_deprecated: transact_acl_deprecated::TransactAclDeprecated::default(),
 				contract: transact_acl::TransactAcl::default(),
 				contract_address: address,
 				permission_cache: Mutex::new(LruCache::new(MAX_CACHE_SIZE)),
+				contract_version_cache: Mutex::new(LruCache::new(MAX_CACHE_SIZE)),
 			}
 		)
 	}
 
 	/// Check if transaction is allowed at given block.
 	pub fn transaction_allowed<C: BlockInfo + CallContract>(&self, parent_hash: &H256, transaction: &SignedTransaction, client: &C) -> bool {
-		let mut cache = self.permission_cache.lock();
+		let mut permission_cache = self.permission_cache.lock();
+		let mut contract_version_cache = self.contract_version_cache.lock();
 
-		let tx_type = match transaction.action {
-			Action::Create => tx_permissions::CREATE,
+		let (tx_type, to) = match transaction.action {
+			Action::Create => (tx_permissions::CREATE, Address::new()),
 			Action::Call(address) => if client.code_hash(&address, BlockId::Hash(*parent_hash)).map_or(false, |c| c != KECCAK_EMPTY) {
-				tx_permissions::CALL
-			} else {
-				tx_permissions::BASIC
-			}
+					(tx_permissions::CALL, address)
+				} else {
+					(tx_permissions::BASIC, address)
+				}
 		};
 
 		let sender = transaction.sender();
+		let value = transaction.value;
 		let key = (*parent_hash, sender);
 
-		if let Some(permissions) = cache.get_mut(&key) {
+		if let Some(permissions) = permission_cache.get_mut(&key) {
 			return *permissions & tx_type != 0;
 		}
 
 		let contract_address = self.contract_address;
-		let permissions = self.contract.functions()
-			.allowed_tx_types()
-			.call(sender, &|data| client.call_contract(BlockId::Hash(*parent_hash), contract_address, data))
-			.map(|p| p.low_u32())
-			.unwrap_or_else(|e| {
-				debug!("Error callling tx permissions contract: {:?}", e);
-				tx_permissions::NONE
-			});
-
-		cache.insert((*parent_hash, sender), permissions);
-
-		trace!("Permissions required: {}, got: {}", tx_type, permissions);
+		let contract_version = contract_version_cache.get_mut(parent_hash).and_then(|v| *v).or_else(||  {
+			self.contract.functions()
+				.contract_version()
+				.call(&|data| client.call_contract(BlockId::Hash(*parent_hash), contract_address, data))
+				.ok()
+		});
+		contract_version_cache.insert(*parent_hash, contract_version);
+
+		// Check permissions in smart contract based on its version
+		let (permissions, filter_only_sender) = match contract_version {
+			Some(version) => {
+				let version_u64 = version.low_u64();
+				trace!(target: "tx_filter", "Version of tx permission contract: {}", version);
+				match version_u64 {
+					2 => self.contract.functions()
+						.allowed_tx_types()
+						.call(sender, to, value, &|data| client.call_contract(BlockId::Hash(*parent_hash), contract_address, data))
+						.map(|(p, f)| (p.low_u32(), f))
+						.unwrap_or_else(|e| {
+							error!(target: "tx_filter", "Error calling tx permissions contract: {:?}", e);
+							(tx_permissions::NONE, true)
+						}),
+					_ => {
+						error!(target: "tx_filter", "Unknown version of tx permissions contract is used");
+						(tx_permissions::NONE, true)
+					}
+				}
+			},
+			None => {
+				trace!(target: "tx_filter", "Fallback to the deprecated version of tx permission contract");
+				(self.contract_deprecated.functions()
+					 .allowed_tx_types()
+					 .call(sender, &|data| client.call_contract(BlockId::Hash(*parent_hash), contract_address, data))
+					 .map(|p| p.low_u32())
+					 .unwrap_or_else(|e| {
+						 error!(target: "tx_filter", "Error calling tx permissions contract: {:?}", e);
+						 tx_permissions::NONE
+					 }), true)
+			}
+		};
+
+		if filter_only_sender {
+			permission_cache.insert((*parent_hash, sender), permissions);
+		}
+		trace!(target: "tx_filter",
+			"Given transaction data: sender: {:?} to: {:?} value: {}. Permissions required: {:X}, got: {:X}",
+			   sender, to, value, tx_type, permissions
+		);
 		permissions & tx_type != 0
 	}
 }
@@ -100,61 +143,91 @@ mod test {
 	use spec::Spec;
 	use client::{BlockChainClient, Client, ClientConfig, BlockId};
 	use miner::Miner;
-	use ethereum_types::Address;
+	use ethereum_types::{U256, Address};
 	use io::IoChannel;
 	use ethkey::{Secret, KeyPair};
 	use super::TransactionFilter;
 	use transaction::{Transaction, Action};
 	use tempdir::TempDir;
 
-	/// Contract code: https://gist.github.com/arkpar/38a87cb50165b7e683585eec71acb05a
+	/// Contract code: https://gist.github.com/VladLupashevskyi/84f18eabb1e4afadf572cf92af3e7e7f
 	#[test]
 	fn transaction_filter() {
-		let spec_data = r#"
-		{
-			"name": "TestNodeFilterContract",
-			"engine": {
-				"authorityRound": {
-					"params": {
-						"stepDuration": 1,
-						"startStep": 2,
-						"validators": {
-							"contract": "0x0000000000000000000000000000000000000000"
-						}
-					}
-				}
-			},
-			"params": {
-				"accountStartNonce": "0x0",
-				"maximumExtraDataSize": "0x20",
-				"minGasLimit": "0x1388",
-				"networkID" : "0x69",
-				"gasLimitBoundDivisor": "0x0400",
-				"transactionPermissionContract": "0x0000000000000000000000000000000000000005"
-			},
-			"genesis": {
-				"seal": {
-					"generic": "0xc180"
-				},
-				"difficulty": "0x20000",
-				"author": "0x0000000000000000000000000000000000000000",
-				"timestamp": "0x00",
-				"parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000",
-				"extraData": "0x",
-				"gasLimit": "0x222222"
-			},
-			"accounts": {
-				"0000000000000000000000000000000000000001": { "balance": "1", "builtin": { "name": "ecrecover", "pricing": { "linear": { "base": 3000, "word": 0 } } } },
-				"0000000000000000000000000000000000000002": { "balance": "1", "builtin": { "name": "sha256", "pricing": { "linear": { "base": 60, "word": 12 } } } },
-				"0000000000000000000000000000000000000003": { "balance": "1", "builtin": { "name": "ripemd160", "pricing": { "linear": { "base": 600, "word": 120 } } } },
-				"0000000000000000000000000000000000000004": { "balance": "1", "builtin": { "name": "identity", "pricing": { "linear": { "base": 15, "word": 3 } } } },
-				"0000000000000000000000000000000000000005": {
-					"balance": "1",
-					"constructor": "6060604052341561000f57600080fd5b5b6101868061001f6000396000f30060606040526000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168063e17512211461003e575b600080fd5b341561004957600080fd5b610075600480803573ffffffffffffffffffffffffffffffffffffffff16906020019091905050610097565b604051808263ffffffff1663ffffffff16815260200191505060405180910390f35b6000737e5f4552091a69125d5dfcb7b8c2659029395bdf8273ffffffffffffffffffffffffffffffffffffffff1614156100d75763ffffffff9050610155565b732b5ad5c4795c026514f8317c7a215e218dccd6cf8273ffffffffffffffffffffffffffffffffffffffff1614156101155760026001179050610155565b736813eb9362372eef6200f3b1dbc3f819671cba698273ffffffffffffffffffffffffffffffffffffffff1614156101505760019050610155565b600090505b9190505600a165627a7a72305820f1f21cb978925a8a92c6e30c8c81adf598adff6d1ef941cf5ed6c0ec7ad1ae3d0029"
-				}
-			}
-		}
-		"#;
+		let spec_data = include_str!("../res/tx_permission_tests/contract_ver_2_genesis.json");
+
+		let tempdir = TempDir::new("").unwrap();
+		let spec = Spec::load(&tempdir.path(), spec_data.as_bytes()).unwrap();
+		let client_db = Arc::new(::kvdb_memorydb::create(::db::NUM_COLUMNS.unwrap_or(0)));
+
+		let client = Client::new(
+			ClientConfig::default(),
+			&spec,
+			client_db,
+			Arc::new(Miner::new_for_tests(&spec, None)),
+			IoChannel::disconnected(),
+		).unwrap();
+		let key1 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000001")).unwrap();
+		let key2 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000002")).unwrap();
+		let key3 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000003")).unwrap();
+		let key4 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000004")).unwrap();
+		let key5 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000005")).unwrap();
+		let key6 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000006")).unwrap();
+		let key7 = KeyPair::from_secret(Secret::from("0000000000000000000000000000000000000000000000000000000000000007")).unwrap();
+
+		let filter = TransactionFilter::from_params(spec.params()).unwrap();
+		let mut basic_tx = Transaction::default();
+		basic_tx.action = Action::Call(Address::from("d41c057fd1c78805aac12b0a94a405c0461a6fbb"));
+		let create_tx = Transaction::default();
+		let mut call_tx = Transaction::default();
+		call_tx.action = Action::Call(Address::from("0000000000000000000000000000000000000005"));
+
+		let mut basic_tx_with_ether_and_to_key7 = Transaction::default();
+		basic_tx_with_ether_and_to_key7.action = Action::Call(Address::from("d41c057fd1c78805aac12b0a94a405c0461a6fbb"));
+		basic_tx_with_ether_and_to_key7.value = U256::from(123123);
+		let mut call_tx_with_ether = Transaction::default();
+		call_tx_with_ether.action = Action::Call(Address::from("0000000000000000000000000000000000000005"));
+		call_tx_with_ether.value = U256::from(123123);
+
+		let mut basic_tx_to_key6 = Transaction::default();
+		basic_tx_to_key6.action = Action::Call(Address::from("e57bfe9f44b819898f47bf37e5af72a0783e1141"));
+		let mut basic_tx_with_ether_and_to_key6 = Transaction::default();
+		basic_tx_with_ether_and_to_key6.action = Action::Call(Address::from("e57bfe9f44b819898f47bf37e5af72a0783e1141"));
+		basic_tx_with_ether_and_to_key6.value = U256::from(123123);
+
+		let genesis = client.block_hash(BlockId::Latest).unwrap();
+
+		assert!(filter.transaction_allowed(&genesis, &basic_tx.clone().sign(key1.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &create_tx.clone().sign(key1.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &call_tx.clone().sign(key1.secret(), None), &*client));
+
+		assert!(filter.transaction_allowed(&genesis, &basic_tx.clone().sign(key2.secret(), None), &*client));
+		assert!(!filter.transaction_allowed(&genesis, &create_tx.clone().sign(key2.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &call_tx.clone().sign(key2.secret(), None), &*client));
+
+		assert!(filter.transaction_allowed(&genesis, &basic_tx.clone().sign(key3.secret(), None), &*client));
+		assert!(!filter.transaction_allowed(&genesis, &create_tx.clone().sign(key3.secret(), None), &*client));
+		assert!(!filter.transaction_allowed(&genesis, &call_tx.clone().sign(key3.secret(), None), &*client));
+
+		assert!(!filter.transaction_allowed(&genesis, &basic_tx.clone().sign(key4.secret(), None), &*client));
+		assert!(!filter.transaction_allowed(&genesis, &create_tx.clone().sign(key4.secret(), None), &*client));
+		assert!(!filter.transaction_allowed(&genesis, &call_tx.clone().sign(key4.secret(), None), &*client));
+
+		assert!(filter.transaction_allowed(&genesis, &basic_tx.clone().sign(key1.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &create_tx.clone().sign(key1.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &call_tx.clone().sign(key1.secret(), None), &*client));
+
+		assert!(!filter.transaction_allowed(&genesis, &basic_tx_with_ether_and_to_key7.clone().sign(key5.secret(), None), &*client));
+		assert!(!filter.transaction_allowed(&genesis, &call_tx_with_ether.clone().sign(key5.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &basic_tx.clone().sign(key6.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &basic_tx_with_ether_and_to_key7.clone().sign(key6.secret(), None), &*client));
+		assert!(filter.transaction_allowed(&genesis, &basic_tx_to_key6.clone().sign(key7.secret(), None), &*client));
+		assert!(!filter.transaction_allowed(&genesis, &basic_tx_with_ether_and_to_key6.clone().sign(key7.secret(), None), &*client));
+	}
+
+	/// Contract code: https://gist.github.com/arkpar/38a87cb50165b7e683585eec71acb05a
+	#[test]
+	fn transaction_filter_deprecated() {
+		let spec_data = include_str!("../res/tx_permission_tests/deprecated_contract_genesis.json");
 
 		let tempdir = TempDir::new("").unwrap();
 		let spec = Spec::load(&tempdir.path(), spec_data.as_bytes()).unwrap();
diff --git a/ethcore/src/views/view_rlp.rs b/ethcore/src/views/view_rlp.rs
index 2ecc4dbdd3d..2dd1b33a946 100644
--- a/ethcore/src/views/view_rlp.rs
+++ b/ethcore/src/views/view_rlp.rs
@@ -39,10 +39,10 @@ impl<'a, 'view> ViewRlp<'a> where 'a : 'view {
 
 	/// Returns a new instance replacing existing rlp with new rlp, maintaining debug info
 	fn new_from_rlp(&self, rlp: Rlp<'a>) -> Self {
-		ViewRlp { 
-			rlp, 
+		ViewRlp {
+			rlp,
 			file: self.file,
-			line: self.line 
+			line: self.line
 		}
 	}
 
@@ -53,7 +53,12 @@ impl<'a, 'view> ViewRlp<'a> where 'a : 'view {
 	}
 
 	fn expect_valid_rlp<T>(&self, r: Result<T, DecoderError>) -> T {
-		r.expect(&format!("View rlp is trusted and should be valid. Constructed in {} on line {}", self.file, self.line))
+		r.unwrap_or_else(|e| panic!(
+			"View rlp is trusted and should be valid. Constructed in {} on line {}: {}",
+			self.file,
+			self.line,
+			e
+		))
 	}
 
 	/// Returns rlp at the given index, panics if no rlp at that index
@@ -75,7 +80,7 @@ impl<'a, 'view> ViewRlp<'a> where 'a : 'view {
 	/// Returns decoded value at the given index, panics not present or valid at that index
 	pub fn val_at<T>(&self, index: usize) -> T where T : Decodable {
 		self.expect_valid_rlp(self.rlp.val_at(index))
-	} 
+	}
 
 	/// Returns decoded list of values, panics if rlp is invalid
 	pub fn list_at<T>(&self, index: usize) -> Vec<T> where T: Decodable {
diff --git a/ethcore/sync/src/api.rs b/ethcore/sync/src/api.rs
index 9b24edb50bf..817718065d4 100644
--- a/ethcore/sync/src/api.rs
+++ b/ethcore/sync/src/api.rs
@@ -360,6 +360,10 @@ impl SyncProvider for EthSync {
 	}
 }
 
+const PEERS_TIMER: TimerToken = 0;
+const SYNC_TIMER: TimerToken = 1;
+const TX_TIMER: TimerToken = 2;
+
 struct SyncProtocolHandler {
 	/// Shared blockchain client.
 	chain: Arc<BlockChainClient>,
@@ -374,7 +378,9 @@ struct SyncProtocolHandler {
 impl NetworkProtocolHandler for SyncProtocolHandler {
 	fn initialize(&self, io: &NetworkContext) {
 		if io.subprotocol_name() != WARP_SYNC_PROTOCOL_ID {
-			io.register_timer(0, Duration::from_secs(1)).expect("Error registering sync timer");
+			io.register_timer(PEERS_TIMER, Duration::from_millis(700)).expect("Error registering peers timer");
+			io.register_timer(SYNC_TIMER, Duration::from_millis(1100)).expect("Error registering sync timer");
+			io.register_timer(TX_TIMER, Duration::from_millis(1300)).expect("Error registering transactions timer");
 		}
 	}
 
@@ -400,12 +406,17 @@ impl NetworkProtocolHandler for SyncProtocolHandler {
 		}
 	}
 
-	fn timeout(&self, io: &NetworkContext, _timer: TimerToken) {
+	fn timeout(&self, io: &NetworkContext, timer: TimerToken) {
 		trace_time!("sync::timeout");
 		let mut io = NetSyncIo::new(io, &*self.chain, &*self.snapshot_service, &self.overlay);
-		self.sync.write().maintain_peers(&mut io);
-		self.sync.write().maintain_sync(&mut io);
-		self.sync.write().propagate_new_transactions(&mut io);
+		match timer {
+			PEERS_TIMER => self.sync.write().maintain_peers(&mut io),
+			SYNC_TIMER => self.sync.write().maintain_sync(&mut io),
+			TX_TIMER => {
+				self.sync.write().propagate_new_transactions(&mut io);
+			},
+			_ => warn!("Unknown timer {} triggered.", timer),
+		}
 	}
 }
 
diff --git a/ethcore/sync/src/chain/mod.rs b/ethcore/sync/src/chain/mod.rs
index 08d800f779c..9a32776ce06 100644
--- a/ethcore/sync/src/chain/mod.rs
+++ b/ethcore/sync/src/chain/mod.rs
@@ -149,6 +149,10 @@ const MAX_NEW_HASHES: usize = 64;
 const MAX_NEW_BLOCK_AGE: BlockNumber = 20;
 // maximal packet size with transactions (cannot be greater than 16MB - protocol limitation).
 const MAX_TRANSACTION_PACKET_SIZE: usize = 8 * 1024 * 1024;
+// Maximal number of transactions queried from miner to propagate.
+// This set is used to diff with transactions known by the peer and
+// we will send a difference of length up to `MAX_TRANSACTIONS_TO_PROPAGATE`.
+const MAX_TRANSACTIONS_TO_QUERY: usize = 4096;
 // Maximal number of transactions in sent in single packet.
 const MAX_TRANSACTIONS_TO_PROPAGATE: usize = 64;
 // Min number of blocks to be behind for a snapshot sync
@@ -1143,7 +1147,7 @@ pub mod tests {
 	use super::{PeerInfo, PeerAsking};
 	use ethcore::header::*;
 	use ethcore::client::{BlockChainClient, EachBlockWith, TestBlockChainClient, ChainInfo, BlockInfo};
-	use ethcore::miner::MinerService;
+	use ethcore::miner::{MinerService, PendingOrdering};
 	use private_tx::NoopPrivateTxHandler;
 
 	pub fn get_dummy_block(order: u32, parent_hash: H256) -> Bytes {
@@ -1355,7 +1359,7 @@ pub mod tests {
 			let mut io = TestIo::new(&mut client, &ss, &queue, None);
 			io.chain.miner.chain_new_blocks(io.chain, &[], &[], &[], &good_blocks, false);
 			sync.chain_new_blocks(&mut io, &[], &[], &[], &good_blocks, &[], &[]);
-			assert_eq!(io.chain.miner.ready_transactions(io.chain).len(), 1);
+			assert_eq!(io.chain.miner.ready_transactions(io.chain, 10, PendingOrdering::Priority).len(), 1);
 		}
 		// We need to update nonce status (because we say that the block has been imported)
 		for h in &[good_blocks[0]] {
@@ -1371,7 +1375,7 @@ pub mod tests {
 		}
 
 		// then
-		assert_eq!(client.miner.ready_transactions(&client).len(), 1);
+		assert_eq!(client.miner.ready_transactions(&client, 10, PendingOrdering::Priority).len(), 1);
 	}
 
 	#[test]
diff --git a/ethcore/sync/src/chain/propagator.rs b/ethcore/sync/src/chain/propagator.rs
index 4ae0518a537..75cf550f28b 100644
--- a/ethcore/sync/src/chain/propagator.rs
+++ b/ethcore/sync/src/chain/propagator.rs
@@ -33,6 +33,7 @@ use super::{
 	MAX_PEERS_PROPAGATION,
 	MAX_TRANSACTION_PACKET_SIZE,
 	MAX_TRANSACTIONS_TO_PROPAGATE,
+	MAX_TRANSACTIONS_TO_QUERY,
 	MIN_PEERS_PROPAGATION,
 	CONSENSUS_DATA_PACKET,
 	NEW_BLOCK_HASHES_PACKET,
@@ -114,7 +115,7 @@ impl SyncPropagator {
 			return 0;
 		}
 
-		let transactions = io.chain().ready_transactions();
+		let transactions = io.chain().ready_transactions(MAX_TRANSACTIONS_TO_QUERY);
 		if transactions.is_empty() {
 			return 0;
 		}
diff --git a/ethkey/cli/src/main.rs b/ethkey/cli/src/main.rs
index c8f5e2e64e7..af50f86b31a 100644
--- a/ethkey/cli/src/main.rs
+++ b/ethkey/cli/src/main.rs
@@ -166,10 +166,11 @@ fn main() {
 
 	match execute(env::args()) {
 		Ok(ok) => println!("{}", ok),
+		Err(Error::Docopt(ref e)) => e.exit(),
 		Err(err) => {
 			println!("{}", err);
 			process::exit(1);
-		},
+		}
 	}
 }
 
diff --git a/ethstore/cli/src/main.rs b/ethstore/cli/src/main.rs
index 416b64d43e0..922d857149d 100644
--- a/ethstore/cli/src/main.rs
+++ b/ethstore/cli/src/main.rs
@@ -149,6 +149,7 @@ fn main() {
 
 	match execute(env::args()) {
 		Ok(result) => println!("{}", result),
+		Err(Error::Docopt(ref e)) => e.exit(),
 		Err(err) => {
 			println!("{}", err);
 			process::exit(1);
diff --git a/ethstore/src/accounts_dir/disk.rs b/ethstore/src/accounts_dir/disk.rs
index 79e8c0f4c3a..a9253cff06f 100644
--- a/ethstore/src/accounts_dir/disk.rs
+++ b/ethstore/src/accounts_dir/disk.rs
@@ -33,22 +33,43 @@ const IGNORED_FILES: &'static [&'static str] = &[
 	"vault.json",
 ];
 
-#[cfg(not(windows))]
-fn restrict_permissions_to_owner(file_path: &Path) -> Result<(), i32>  {
-	use std::ffi;
+
+#[cfg(unix)]
+fn create_new_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
 	use libc;
+	use std::os::unix::fs::OpenOptionsExt;
 
-	let cstr = ffi::CString::new(&*file_path.to_string_lossy())
-		.map_err(|_| -1)?;
-	match unsafe { libc::chmod(cstr.as_ptr(), libc::S_IWUSR | libc::S_IRUSR) } {
-		0 => Ok(()),
-		x => Err(x),
-	}
+	fs::OpenOptions::new()
+		.write(true)
+		.create_new(true)
+		.mode((libc::S_IWUSR | libc::S_IRUSR) as u32)
+		.open(file_path)
 }
 
-#[cfg(windows)]
-fn restrict_permissions_to_owner(_file_path: &Path) -> Result<(), i32> {
-	Ok(())
+#[cfg(not(unix))]
+fn create_new_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
+	fs::OpenOptions::new()
+		.write(true)
+		.create_new(true)
+		.open(file_path)
+}
+
+#[cfg(unix)]
+fn replace_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
+	use libc;
+	use std::os::unix::fs::PermissionsExt;
+
+	let file = fs::File::create(file_path)?;
+	let mut permissions = file.metadata()?.permissions();
+	permissions.set_mode((libc::S_IWUSR | libc::S_IRUSR) as u32);
+	file.set_permissions(permissions)?;
+
+	Ok(file)
+}
+
+#[cfg(not(unix))]
+fn replace_file_with_permissions_to_owner(file_path: &Path) -> io::Result<fs::File> {
+	fs::File::create(file_path)
 }
 
 /// Root keys directory implementation
@@ -173,17 +194,16 @@ impl<T> DiskDirectory<T> where T: KeyFileManager {
 
 		{
 			// save the file
-			let mut file = fs::File::create(&keyfile_path)?;
+			let mut file = if dedup {
+				create_new_file_with_permissions_to_owner(&keyfile_path)?
+			} else {
+				replace_file_with_permissions_to_owner(&keyfile_path)?
+			};
 
 			// write key content
 			self.key_manager.write(original_account, &mut file).map_err(|e| Error::Custom(format!("{:?}", e)))?;
 
 			file.flush()?;
-
-			if let Err(_) = restrict_permissions_to_owner(keyfile_path.as_path()) {
-				return Err(Error::Io(io::Error::last_os_error()));
-			}
-
 			file.sync_all()?;
 		}
 
diff --git a/hw/Cargo.toml b/hw/Cargo.toml
index 9a717e4bd3c..dd4adcefd5c 100644
--- a/hw/Cargo.toml
+++ b/hw/Cargo.toml
@@ -15,6 +15,7 @@ libusb = { git = "https://github.com/paritytech/libusb-rs" }
 trezor-sys = { git = "https://github.com/paritytech/trezor-sys" }
 ethkey = { path = "../ethkey" }
 ethereum-types = "0.3"
+semver = "0.9"
 
 [dev-dependencies]
 rustc-hex = "1.0"
diff --git a/hw/src/ledger.rs b/hw/src/ledger.rs
index 992a565d5a1..6881c99a04d 100644
--- a/hw/src/ledger.rs
+++ b/hw/src/ledger.rs
@@ -17,33 +17,35 @@
 //! Ledger hardware wallet module. Supports Ledger Blue and Nano S.
 /// See https://github.com/LedgerHQ/blue-app-eth/blob/master/doc/ethapp.asc for protocol details.
 
-use std::cmp::min;
-use std::fmt;
-use std::str::FromStr;
-use std::sync::atomic;
-use std::sync::atomic::AtomicBool;
-use std::sync::{Arc, Weak};
-use std::time::{Duration, Instant};
-use std::thread;
-
 use ethereum_types::{H256, Address};
 use ethkey::Signature;
 use hidapi;
 use libusb;
 use parking_lot::{Mutex, RwLock};
+use semver::Version as FirmwareVersion;
+use std::cmp::min;
+use std::str::FromStr;
+use std::sync::{atomic, atomic::AtomicBool, Arc, Weak};
+use std::time::{Duration, Instant};
+use std::{fmt, thread};
+use super::{WalletInfo, KeyPath, Device, DeviceDirection, Wallet, USB_DEVICE_CLASS_DEVICE, POLLING_DURATION};
 
-use super::{WalletInfo, KeyPath, Device, Wallet, USB_DEVICE_CLASS_DEVICE};
+const APDU_TAG: u8 = 0x05;
+const APDU_CLA: u8 = 0xe0;
+const APDU_PAYLOAD_HEADER_LEN: usize = 7;
+
+const ETH_DERIVATION_PATH_BE: [u8; 17] = [4, 0x80, 0, 0, 44, 0x80, 0, 0, 60, 0x80, 0, 0, 0, 0, 0, 0, 0]; // 44'/60'/0'/0
+const ETC_DERIVATION_PATH_BE: [u8; 21] = [5, 0x80, 0, 0, 44, 0x80, 0, 0, 60, 0x80, 0x02, 0x73, 0xd0, 0x80, 0, 0, 0, 0, 0, 0, 0]; // 44'/60'/160720'/0'/0
 
 /// Ledger vendor ID
 const LEDGER_VID: u16 = 0x2c97;
 /// Ledger product IDs: [Nano S and Blue]
 const LEDGER_PIDS: [u16; 2] = [0x0000, 0x0001];
+const LEDGER_TRANSPORT_HEADER_LEN: usize = 5;
 
-const ETH_DERIVATION_PATH_BE: [u8; 17] = [4, 0x80, 0, 0, 44, 0x80, 0, 0, 60, 0x80, 0, 0, 0, 0, 0, 0, 0]; // 44'/60'/0'/0
-const ETC_DERIVATION_PATH_BE: [u8; 21] = [5, 0x80, 0, 0, 44, 0x80, 0, 0, 60, 0x80, 0x02, 0x73, 0xd0, 0x80, 0, 0, 0, 0, 0, 0, 0]; // 44'/60'/160720'/0'/0
+const MAX_CHUNK_SIZE: usize = 255;
 
-const APDU_TAG: u8 = 0x05;
-const APDU_CLA: u8 = 0xe0;
+const HID_PACKET_SIZE: usize = 64 + HID_PREFIX_ZERO;
 
 #[cfg(windows)] const HID_PREFIX_ZERO: usize = 1;
 #[cfg(not(windows))] const HID_PREFIX_ZERO: usize = 0;
@@ -52,6 +54,7 @@ mod commands {
 	pub const GET_APP_CONFIGURATION: u8 = 0x06;
 	pub const GET_ETH_PUBLIC_ADDRESS: u8 = 0x02;
 	pub const SIGN_ETH_TRANSACTION: u8 = 0x04;
+	pub const SIGN_ETH_PERSONAL_MESSAGE: u8 = 0x08;
 }
 
 /// Hardware wallet error.
@@ -70,7 +73,11 @@ pub enum Error {
 	/// Invalid device
 	InvalidDevice,
 	/// Impossible error
-	ImpossibleError,
+	Impossible,
+	/// No device arrived
+	NoDeviceArrived,
+	/// No device left
+	NoDeviceLeft,
 }
 
 impl fmt::Display for Error {
@@ -82,7 +89,9 @@ impl fmt::Display for Error {
 			Error::KeyNotFound => write!(f, "Key not found"),
 			Error::UserCancel => write!(f, "Operation has been cancelled"),
 			Error::InvalidDevice => write!(f, "Unsupported product was entered"),
-			Error::ImpossibleError => write!(f, "Placeholder error"),
+			Error::Impossible => write!(f, "Placeholder error"),
+			Error::NoDeviceArrived => write!(f, "No device arrived"),
+			Error::NoDeviceLeft=> write!(f, "No device left"),
 		}
 	}
 }
@@ -100,7 +109,7 @@ impl From<libusb::Error> for Error {
 }
 
 /// Ledger device manager.
-pub struct Manager {
+pub (crate) struct Manager {
 	usb: Arc<Mutex<hidapi::HidApi>>,
 	devices: RwLock<Vec<Device>>,
 	key_path: RwLock<KeyPath>,
@@ -129,12 +138,12 @@ impl Manager {
 		// Ledger event handler thread
 		thread::Builder::new()
 			.spawn(move || {
-				if let Err(e) = m.update_devices() {
+				if let Err(e) = m.update_devices(DeviceDirection::Arrived) {
 					debug!(target: "hw", "Ledger couldn't connect at startup, error: {}", e);
 				}
 				loop {
 					usb_context.handle_events(Some(Duration::from_millis(500)))
-							   .unwrap_or_else(|e| debug!(target: "hw", "Ledger event handler error: {}", e));
+						.unwrap_or_else(|e| debug!(target: "hw", "Ledger event handler error: {}", e));
 					if exiting.load(atomic::Ordering::Acquire) {
 						break;
 					}
@@ -145,47 +154,80 @@ impl Manager {
 		Ok(manager)
 	}
 
-	fn send_apdu(handle: &hidapi::HidDevice, command: u8, p1: u8, p2: u8, data: &[u8]) -> Result<Vec<u8>, Error> {
-		const HID_PACKET_SIZE: usize = 64 + HID_PREFIX_ZERO;
+	// Transport Protocol:
+	//		* Communication Channel Id		(2 bytes big endian )
+	//		* Command Tag					(1 byte) 
+	//		* Packet Sequence ID			(2 bytes big endian)
+	//		* Payload						(Optional)
+	//
+	// Payload
+	//		* APDU Total Length				(2 bytes big endian)
+	//		* APDU_CLA						(1 byte)
+	//		* APDU_INS						(1 byte)
+	//		* APDU_P1						(1 byte)
+	//		* APDU_P2						(1 byte)
+	//		* APDU_LENGTH					(1 byte)
+	//		* APDU_Payload					(Variable)
+	// 
+	fn write(handle: &hidapi::HidDevice, command: u8, p1: u8, p2: u8, data: &[u8]) -> Result<(), Error> {
+		let data_len = data.len();
 		let mut offset = 0;
-		let mut chunk_index = 0;
-		loop {
-			let mut hid_chunk: [u8; HID_PACKET_SIZE] = [0; HID_PACKET_SIZE];
-			let mut chunk_size = if chunk_index == 0 { 12 } else { 5 };
-			let size = min(64 - chunk_size, data.len() - offset);
+		let mut sequence_number = 0;
+		let mut hid_chunk = [0_u8; HID_PACKET_SIZE];
+		
+		while sequence_number == 0 || offset < data_len {
+			let header = if sequence_number == 0 { LEDGER_TRANSPORT_HEADER_LEN + APDU_PAYLOAD_HEADER_LEN } else { LEDGER_TRANSPORT_HEADER_LEN };
+			let size = min(64 - header, data_len - offset);
 			{
 				let chunk = &mut hid_chunk[HID_PREFIX_ZERO..];
-				&mut chunk[0..5].copy_from_slice(&[0x01, 0x01, APDU_TAG, (chunk_index >> 8) as u8, (chunk_index & 0xff) as u8 ]);
+				&mut chunk[0..5].copy_from_slice(&[0x01, 0x01, APDU_TAG, (sequence_number >> 8) as u8, (sequence_number & 0xff) as u8 ]);
 
-				if chunk_index == 0 {
+				if sequence_number == 0 {
 					let data_len = data.len() + 5;
-					&mut chunk[5..12].copy_from_slice(&[ (data_len >> 8) as u8, (data_len & 0xff) as u8, APDU_CLA, command, p1, p2, data.len() as u8 ]);
+					&mut chunk[5..12].copy_from_slice(&[(data_len >> 8) as u8, (data_len & 0xff) as u8, APDU_CLA, command, p1, p2, data.len() as u8]);
 				}
 
-				&mut chunk[chunk_size..chunk_size + size].copy_from_slice(&data[offset..offset + size]);
-				offset += size;
-				chunk_size += size;
+				&mut chunk[header..header + size].copy_from_slice(&data[offset..offset + size]);
 			}
-			trace!("writing {:?}", &hid_chunk[..]);
+			trace!(target: "hw", "Ledger write {:?}", &hid_chunk[..]);
 			let n = handle.write(&hid_chunk[..])?;
-			if n < chunk_size {
+			if n < size + header {
 				return Err(Error::Protocol("Write data size mismatch"));
 			}
-			if offset == data.len() {
-				break;
+			offset += size;
+			sequence_number += 1;
+			if sequence_number >= 0xffff {
+				return Err(Error::Protocol("Maximum sequence number reached"));
 			}
-			chunk_index += 1;
 		}
-
-		// Read response
-		chunk_index = 0;
+		Ok(())
+	}
+	
+	// Transport Protocol:
+	//		* Communication Channel Id		(2 bytes big endian )
+	//		* Command Tag					(1 byte) 
+	//		* Packet Sequence ID			(2 bytes big endian)
+	//		* Payload						(Optional)
+	//
+	// Payload
+	//		* APDU Total Length				(2 bytes big endian)
+	//		* APDU_CLA						(1 byte)
+	//		* APDU_INS						(1 byte)
+	//		* APDU_P1						(1 byte)
+	//		* APDU_P2						(1 byte)
+	//		* APDU_LENGTH					(1 byte)
+	//		* APDU_Payload					(Variable)
+	// 
+	fn read(handle: &hidapi::HidDevice) -> Result<Vec<u8>, Error> {
 		let mut message_size = 0;
 		let mut message = Vec::new();
-		loop {
+
+		// terminate the loop if `sequence_number` reaches its max_value and report error
+		for chunk_index in 0..=0xffff {
 			let mut chunk: [u8; HID_PACKET_SIZE] = [0; HID_PACKET_SIZE];
 			let chunk_size = handle.read(&mut chunk)?;
-			trace!("read {:?}", &chunk[..]);
-			if chunk_size < 5 || chunk[0] != 0x01 || chunk[1] != 0x01 || chunk[2] != APDU_TAG {
+			trace!(target: "hw", "Ledger read {:?}", &chunk[..]);
+			if chunk_size < LEDGER_TRANSPORT_HEADER_LEN || chunk[0] != 0x01 || chunk[1] != 0x01 || chunk[2] != APDU_TAG {
 				return Err(Error::Protocol("Unexpected chunk header"));
 			}
 			let seq = (chunk[3] as usize) << 8 | (chunk[4] as usize);
@@ -207,7 +249,6 @@ impl Manager {
 			if message.len() == message_size {
 				break;
 			}
-			chunk_index += 1;
 		}
 		if message.len() < 2 {
 			return Err(Error::Protocol("No status word"));
@@ -222,7 +263,7 @@ impl Manager {
 			0x6a85 => Err(Error::UserCancel),
 			0x6b00 => Err(Error::Protocol("Incorrect parameters")),
 			0x6d00 => Err(Error::Protocol("Not implemented. Make sure Ethereum app is running.")),
-			0x6faa => Err(Error::Protocol("You Ledger need to be unplugged")),
+			0x6faa => Err(Error::Protocol("Your Ledger need to be unplugged")),
 			0x6f00...0x6fff => Err(Error::Protocol("Internal error")),
 			0x9000 => Ok(()),
 			_ => Err(Error::Protocol("Unknown error")),
@@ -233,6 +274,11 @@ impl Manager {
 		Ok(message)
 	}
 
+	fn send_apdu(handle: &hidapi::HidDevice, command: u8, p1: u8, p2: u8, data: &[u8]) -> Result<Vec<u8>, Error> {
+		Self::write(&handle, command, p1, p2, data)?;
+		Self::read(&handle)
+	}
+
 	fn is_valid_ledger(device: &libusb::Device) -> Result<(), Error> {
 		let desc = device.device_descriptor()?;
 		let vendor_id = desc.vendor_id();
@@ -244,52 +290,62 @@ impl Manager {
 			Err(Error::InvalidDevice)
 		}
 	}
-}
 
-// Try to connect to the device using polling in at most the time specified by the `timeout`
-fn try_connect_polling(ledger: Arc<Manager>, timeout: Duration) -> bool {
-	let start_time = Instant::now();
-	while start_time.elapsed() <= timeout {
-		if let Ok(_) = ledger.update_devices() {
-			return true
+	fn get_firmware_version(handle: &hidapi::HidDevice) -> Result<FirmwareVersion, Error> {
+		let ver = Self::send_apdu(&handle, commands::GET_APP_CONFIGURATION, 0, 0, &[])?;
+		if ver.len() != 4 {
+			return Err(Error::Protocol("Version packet size mismatch"));
 		}
+		Ok(FirmwareVersion::new(ver[1].into(), ver[2].into(), ver[3].into()))
 	}
-	false
-}
 
-impl <'a>Wallet<'a> for Manager {
-	type Error = Error;
-	type Transaction = &'a [u8];
-
-	fn sign_transaction(&self, address: &Address, transaction: Self::Transaction) -> Result<Signature, Self::Error> {
+	fn get_derivation_path(&self) -> &[u8] {
+		match *self.key_path.read() {
+			KeyPath::Ethereum => &ETH_DERIVATION_PATH_BE,
+			KeyPath::EthereumClassic => &ETC_DERIVATION_PATH_BE,
+		}
+	}
+	
+	fn signer_helper(&self, address: &Address, data: &[u8], command: u8) -> Result<Signature, Error> {
 		let usb = self.usb.lock();
 		let devices = self.devices.read();
 		let device = devices.iter().find(|d| &d.info.address == address).ok_or(Error::KeyNotFound)?;
 		let handle = self.open_path(|| usb.open_path(&device.path))?;
 
-		let eth_path = &ETH_DERIVATION_PATH_BE[..];
-		let etc_path = &ETC_DERIVATION_PATH_BE[..];
-		let derivation_path = match *self.key_path.read() {
-			KeyPath::Ethereum => eth_path,
-			KeyPath::EthereumClassic => etc_path,
-		};
-		const MAX_CHUNK_SIZE: usize = 255;
-		let mut chunk: [u8; MAX_CHUNK_SIZE] = [0; MAX_CHUNK_SIZE];
+		// Signing personal messages are only support by Ledger firmware version 1.0.8 or newer
+		if command == commands::SIGN_ETH_PERSONAL_MESSAGE {
+			let version = Self::get_firmware_version(&handle)?;
+			if version < FirmwareVersion::new(1, 0, 8) {
+				return Err(Error::Protocol("Signing personal messages with Ledger requires version 1.0.8"));
+			}
+		}
+
+		let mut chunk= [0_u8; MAX_CHUNK_SIZE];
+		let derivation_path = self.get_derivation_path();
+
+		// Copy the address of the key (only done once)
 		&mut chunk[0..derivation_path.len()].copy_from_slice(derivation_path);
-		let mut dest_offset = derivation_path.len();
-		let mut data_pos = 0;
-		let mut result;
-		loop {
-			let p1 = if data_pos == 0 { 0x00 } else { 0x80 };
-			let dest_left = MAX_CHUNK_SIZE - dest_offset;
-			let chunk_data_size = min(dest_left, transaction.len() - data_pos);
-			&mut chunk[dest_offset..][0..chunk_data_size].copy_from_slice(&transaction[data_pos..][0..chunk_data_size]);
-			result = Self::send_apdu(&handle, commands::SIGN_ETH_TRANSACTION, p1, 0, &chunk[0..(dest_offset + chunk_data_size)])?;
-			dest_offset = 0;
-			data_pos += chunk_data_size;
-			if data_pos == transaction.len() {
-				break;
+		
+		let key_length = derivation_path.len();
+		let max_payload_size = MAX_CHUNK_SIZE - key_length;
+		let data_len = data.len();
+		
+		let mut result = Vec::new();
+		let mut offset = 0;
+		
+		while offset < data_len {
+			let p1 = if offset == 0 { 0 } else { 0x80 };
+			let take = min(max_payload_size, data_len - offset);
+
+			// Fetch piece of data and copy it!
+			{
+				let (_key, d) = &mut chunk.split_at_mut(key_length);
+				let (dst, _rem) = &mut d.split_at_mut(take);
+				dst.copy_from_slice(&data[offset..(offset + take)]);
 			}
+
+			result = Self::send_apdu(&handle, command, p1, 0, &chunk[0..(key_length + take)])?;
+			offset += take;
 		}
 
 		if result.len() != 65 {
@@ -301,42 +357,80 @@ impl <'a>Wallet<'a> for Manager {
 		Ok(Signature::from_rsv(&r, &s, v))
 	}
 
+	pub fn sign_message(&self, address: &Address, msg: &[u8]) -> Result<Signature, Error> {
+		self.signer_helper(address, msg, commands::SIGN_ETH_PERSONAL_MESSAGE)
+	}
+}
+
+// Try to connect to the device using polling in at most the time specified by the `timeout`
+fn try_connect_polling(ledger: Arc<Manager>, timeout: &Duration, device_direction: DeviceDirection) -> bool {
+	let start_time = Instant::now();
+	while start_time.elapsed() <= *timeout {
+		if let Ok(num_devices) = ledger.update_devices(device_direction) {
+			trace!(target: "hw", "{} number of Ledger(s) {}", num_devices, device_direction);
+			return true;
+		}
+	}
+	false
+}
+
+impl <'a>Wallet<'a> for Manager {
+	type Error = Error;
+	type Transaction = &'a [u8];
+
+	fn sign_transaction(&self, address: &Address, transaction: Self::Transaction) -> Result<Signature, Self::Error> {
+		self.signer_helper(address, transaction, commands::SIGN_ETH_TRANSACTION)
+	}
+	
 	fn set_key_path(&self, key_path: KeyPath) {
 		*self.key_path.write() = key_path;
 	}
 
-	fn update_devices(&self) -> Result<usize, Self::Error> {
+	fn update_devices(&self, device_direction: DeviceDirection) -> Result<usize, Self::Error> {
 		let mut usb = self.usb.lock();
 		usb.refresh_devices();
 		let devices = usb.devices();
-		let mut new_devices = Vec::new();
-		let mut num_new_devices = 0;
-		for device in devices {
-			trace!("Checking device: {:?}", device);
-			if device.vendor_id != LEDGER_VID || !LEDGER_PIDS.contains(&device.product_id) {
-				continue;
-			}
-			match self.read_device(&usb, &device) {
-				Ok(info) => {
-					debug!(target: "hw", "Found device: {:?}", info);
-					if !self.devices.read().iter().any(|d| d.path == info.path) {
-						num_new_devices += 1;
+		let num_prev_devices = self.devices.read().len();
+
+		let detected_devices = devices.iter()
+			.filter(|&d| d.vendor_id == LEDGER_VID && LEDGER_PIDS.contains(&d.product_id))
+			.fold(Vec::new(), |mut v, d| {
+				match self.read_device(&usb, &d) {
+					Ok(info) => {
+						trace!(target: "hw", "Found device: {:?}", info);
+						v.push(info);
 					}
-					new_devices.push(info);
-
+					Err(e) => trace!(target: "hw", "Error reading device info: {}", e),
+				};
+				v
+			});
+
+		let num_curr_devices = detected_devices.len();
+		*self.devices.write() = detected_devices;
+
+		match device_direction {
+			DeviceDirection::Arrived => {
+				if num_curr_devices > num_prev_devices {
+					Ok(num_curr_devices - num_prev_devices)
+				} else {
+					Err(Error::NoDeviceArrived)
+				}
+			}
+			DeviceDirection::Left => {
+				if num_prev_devices > num_curr_devices {
+					Ok(num_prev_devices- num_curr_devices)
+				} else {
+					Err(Error::NoDeviceLeft)
 				}
-				Err(e) => debug!(target: "hw", "Error reading device info: {}", e),
-			};
+			}
 		}
-		*self.devices.write() = new_devices;
-		Ok(num_new_devices)
 	}
 
 	fn read_device(&self, usb: &hidapi::HidApi, dev_info: &hidapi::HidDeviceInfo) -> Result<Device, Self::Error> {
 		let handle = self.open_path(|| usb.open_path(&dev_info.path))?;
-		let manufacturer = dev_info.manufacturer_string.clone().unwrap_or("Unknown".to_owned());
-		let name = dev_info.product_string.clone().unwrap_or("Unknown".to_owned());
-		let serial = dev_info.serial_number.clone().unwrap_or("Unknown".to_owned());
+		let manufacturer = dev_info.manufacturer_string.clone().unwrap_or_else(|| "Unknown".to_owned());
+		let name = dev_info.product_string.clone().unwrap_or_else(|| "Unknown".to_owned());
+		let serial = dev_info.serial_number.clone().unwrap_or_else(|| "Unknown".to_owned());
 		match self.get_address(&handle) {
 			Ok(Some(addr)) => {
 				Ok(Device {
@@ -350,7 +444,7 @@ impl <'a>Wallet<'a> for Manager {
 				})
 			}
 			// This variant is not possible, but the trait forces this return type
-			Ok(None) => Err(Error::ImpossibleError),
+			Ok(None) => Err(Error::Impossible),
 			Err(e) => Err(e),
 		}
 	}
@@ -369,22 +463,13 @@ impl <'a>Wallet<'a> for Manager {
 	}
 
 	fn get_address(&self, device: &hidapi::HidDevice) -> Result<Option<Address>, Self::Error> {
-		let ver = Self::send_apdu(device, commands::GET_APP_CONFIGURATION, 0, 0, &[])?;
-		if ver.len() != 4 {
-			return Err(Error::Protocol("Version packet size mismatch"));
+		let ledger_version = Self::get_firmware_version(&device)?;
+		if ledger_version < FirmwareVersion::new(1, 0, 3) {
+			return Err(Error::Protocol("Ledger version 1.0.3 is required"));
 		}
 
-		let (major, minor, patch) = (ver[1], ver[2], ver[3]);
-		if major < 1 || (major == 1 && minor == 0 && patch < 3) {
-			return Err(Error::Protocol("App version 1.0.3 is required."));
-		}
+		let derivation_path = self.get_derivation_path();
 
-		let eth_path = &ETH_DERIVATION_PATH_BE[..];
-		let etc_path = &ETC_DERIVATION_PATH_BE[..];
-		let derivation_path = match *self.key_path.read() {
-			KeyPath::Ethereum => eth_path,
-			KeyPath::EthereumClassic => etc_path,
-		};
 		let key_and_address = Self::send_apdu(device, commands::GET_ETH_PUBLIC_ADDRESS, 0, 0, derivation_path)?;
 		if key_and_address.len() != 107 { // 1 + 65 PK + 1 + 40 Addr (ascii-hex)
 			return Err(Error::Protocol("Key packet size mismatch"));
@@ -425,8 +510,8 @@ impl libusb::Hotplug for EventHandler {
 	fn device_arrived(&mut self, device: libusb::Device) {
 		debug!(target: "hw", "Ledger arrived");
 		if let (Some(ledger), Ok(_)) = (self.ledger.upgrade(), Manager::is_valid_ledger(&device)) {
-			if try_connect_polling(ledger, Duration::from_millis(500)) != true {
-				debug!(target: "hw", "Ledger connect timeout");
+			if try_connect_polling(ledger, &POLLING_DURATION, DeviceDirection::Arrived) != true {
+				debug!(target: "hw", "No Ledger device was connected");
 			}
 		}
 	}
@@ -434,42 +519,84 @@ impl libusb::Hotplug for EventHandler {
 	fn device_left(&mut self, device: libusb::Device) {
 		debug!(target: "hw", "Ledger left");
 		if let (Some(ledger), Ok(_)) = (self.ledger.upgrade(), Manager::is_valid_ledger(&device)) {
-			if try_connect_polling(ledger, Duration::from_millis(500)) != true {
-				debug!(target: "hw", "Ledger disconnect timeout");
+			if try_connect_polling(ledger, &POLLING_DURATION, DeviceDirection::Left) != true {
+				debug!(target: "hw", "No Ledger device was disconnected");
 			}
 		}
 	}
 }
 
-#[test]
-#[ignore]
-/// This test can't be run without an actual ledger device connected
-fn smoke() {
+
+#[cfg(test)]
+mod tests {
 	use rustc_hex::FromHex;
-	let hidapi = Arc::new(Mutex::new(hidapi::HidApi::new().expect("HidApi")));
-	let manager = Manager::new(hidapi.clone(), Arc::new(AtomicBool::new(false))).expect("Ledger Manager");
-
-    // Update device list
-	assert_eq!(try_connect_polling(manager.clone(), Duration::from_millis(500)), true);
-
-    // Fetch the ethereum address of a connected ledger device
-	let address = manager.list_devices()
-		.iter()
-		.filter(|d| d.manufacturer == "Ledger".to_string())
-		.nth(0)
-		.map(|d| d.address.clone())
-		.expect("No ledger device detected");
-
-	let tx = FromHex::from_hex("eb018504a817c80082520894a6ca2e6707f2cc189794a9dd459d5b05ed1bcd1c8703f26fcfb7a22480018080").unwrap();
-	let signature = manager.sign_transaction(&address, &tx);
-	println!("Got {:?}", signature);
-	assert!(signature.is_ok());
-	let large_tx = FromHex::from_hex("f8cb81968504e3b2920083024f279475b02a3c39710d6a3f2870d0d788299d48e790f180b8a4b61d27f6000000000000000000000000e1af840a5a1cb1efdf608a97aa632f4aa39ed199000000000000000000000000000000000000000000000000105ff43f46a9a800000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018080").unwrap();
-	let signature = manager.sign_transaction(&address, &large_tx);
-	println!("Got {:?}", signature);
-	assert!(signature.is_ok());
-	let huge_tx = FromHex::from_hex("f935e98201048505d21dba00833b82608080b935946103e86003908155620d2f00600455601460055560a060405260608190527f2e2e2e00000000000000000000000000000000000000000000000000000000006080908152600d805460008290527f2e2e2e00000000000000000000000000000000000000000000000000000000068255909260008051602062003474833981519152602060026001851615610100026000190190941693909304601f0192909204820192909190620000dc565b82800160010185558215620000dc579182015b82811115620000dc578251825591602001919060010190620000bf565b5b50620001009291505b80821115620000fc5760008155600101620000e6565b5090565b5050600e8054600360ff199182168117909255604080518082019091528281527f2e2e2e00000000000000000000000000000000000000000000000000000000006020918201908152600f80546000829052825160069516949094178155937f8d1108e10bcb7c27dddfc02ed9d693a074039d026cf4ea4240b40f7d581ac80260026101006001871615026000190190951694909404601f019290920483019290620001d7565b82800160010185558215620001d7579182015b82811115620001d7578251825591602001919060010190620001ba565b5b50620001fb9291505b80821115620000fc5760008155600101620000e6565b5090565b50506010805460ff19166001179055346200000057604051620034943803806200349483398101604090815281516020830151918301516060840151919390810191015b5b5b60068054600160a060020a0319166c01000000000000000000000000338102041790558151600d80546000829052909160008051602062003474833981519152602060026101006001861615026000190190941693909304601f908101849004820193870190839010620002c157805160ff1916838001178555620002f1565b82800160010185558215620002f1579182015b82811115620002f1578251825591602001919060010190620002d4565b5b50620003159291505b80821115620000fc5760008155600101620000e6565b5090565b505080600f9080519060200190828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f106200036557805160ff191683800117855562000395565b8280016001018555821562000395579182015b828111156200039557825182559160200191906001019062000378565b5b50620003b99291505b80821115620000fc5760008155600101620000e6565b5090565b5050600980546c01000000000000000000000000808602819004600160a060020a0319928316179092556007805487840293909304929091169190911790555b505050505b613066806200040e6000396000f300606060405236156102035760e060020a600035046306fdde03811461034b578063095ea7b3146103c65780630b0b6d5b146103ed5780631b1ccc47146103fc57806320e870931461047757806323b872dd1461049657806325b29d84146104c057806327187991146104df578063277ccde2146104f15780632e1fbfcd14610510578063308b2fdc14610532578063313ce5671461055457806338cc48311461057757806340eddc4e146105a057806341f4793a146105bf578063467ed261146105de578063471ad963146105fd5780634e860ebb1461060f5780634efbe9331461061e57806354786b4e1461064257806354e35ba2146106bd57806358793ad4146106d25780635abedab21461073f5780635af2f8211461074e57806360483a3f1461076d57806360d12fa0146107da578063698f2e84146108035780636a749986146108155780636d5f66391461082a5780636e9c36831461083c57806370a082311461085e5780637a290fe5146108805780637e7541461461088f57806394c41bdb1461090a57806395d89b4114610929578063962a64cd146109a4578063a0b6533214610a09578063a9059cbb14610a2b578063ab62438f14610a52578063b63ca98114610aa9578063b7c54c6f14610abb578063c4e41b2214610ada578063ca7c4dba14610af9578063cb79e31b14610b18578063dd62ed3e14610b3a575b6103495b60006000600c546000141561021b57610000565b600354600c54670de0b6b3a764000091349091020204915060009050816001600030600160a060020a031681526020019081526020016000205410156102c557600160a060020a033016600090815260016020526040902054600c54909250828115610000570466038d7ea4c68000023403905033600160a060020a03166108fc829081150290604051809050600060405180830381858888f1935050505015156102c557610000565b5b600160a060020a03338116600081815260016020908152604080832080548801905530909416825283822080548790039055601380543487900301908190559154600c548551908152918201879052845190949293927f5a0391f2a67f11ed0034b68f8cf14e7e41d6f86e0a7622f2af5ea8f07b488396928290030190a45b5050565b005b3461000057610358610b5f565b60405180806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f1680156103b85780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34610000576103d9600435602435610bed565b604080519115158252519081900360200190f35b3461000057610349610c58565b005b3461000057610358610dbc565b60405180806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f1680156103b85780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b3461000057610484610e5a565b60408051918252519081900360200190f35b34610000576103d9600435602435604435610ef9565b604080519115158252519081900360200190f35b3461000057610484610ff3565b60408051918252519081900360200190f35b3461000057610349600435611002565b005b346100005761048461105a565b60408051918252519081900360200190f35b3461000057610484600435611061565b60408051918252519081900360200190f35b346100005761048460043561108d565b60408051918252519081900360200190f35b34610000576105616110b9565b6040805160ff9092168252519081900360200190f35b34610000576105846110c2565b60408051600160a060020a039092168252519081900360200190f35b34610000576104846110c7565b60408051918252519081900360200190f35b34610000576104846110ce565b60408051918252519081900360200190f35b34610000576104846110d5565b60408051918252519081900360200190f35b3461000057610349600435611174565b005b34610000576103496113b5565b005b34610000576103d9600435611407565b604080519115158252519081900360200190f35b3461000057610358611549565b60405180806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f1680156103b85780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34610000576103496004356024356115e7565b005b346100005760408051602060046024803582810135601f8101859004850286018501909652858552610726958335959394604494939290920191819084018382808284375094965061167e95505050505050565b6040805192835290151560208301528051918290030190f35b3461000057610349611c13565b005b3461000057610484611d46565b60408051918252519081900360200190f35b346100005760408051602060046024803582810135601f81018590048502860185019096528585526107269583359593946044949392909201918190840183828082843750949650611d4d95505050505050565b6040805192835290151560208301528051918290030190f35b3461000057610584612303565b60408051600160a060020a039092168252519081900360200190f35b3461000057610349600435612313565b005b3461000057610349600435602435612347565b005b346100005761034960043561252f565b005b3461000057610484600435612941565b60408051918252519081900360200190f35b346100005761048460043561298d565b60408051918252519081900360200190f35b34610000576103496129ac565b005b3461000057610358612a13565b60405180806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f1680156103b85780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b3461000057610484612ab1565b60408051918252519081900360200190f35b3461000057610358612ab8565b60405180806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f1680156103b85780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b3461000057610484600480803590602001908201803590602001908080601f01602080910402602001604051908101604052809392919081815260200183838082843750949650612b4695505050505050565b60408051918252519081900360200190f35b3461000057610484600435612b63565b60408051918252519081900360200190f35b34610000576103d9600435602435612b8c565b604080519115158252519081900360200190f35b3461000057610349600480803590602001908201803590602001908080601f016020809104026020016040519081016040528093929190818152602001838380828437509496505093359350612c3c92505050565b005b3461000057610349600435612f38565b005b3461000057610484612f90565b60408051918252519081900360200190f35b346100005761048461300c565b60408051918252519081900360200190f35b3461000057610484613013565b60408051918252519081900360200190f35b346100005761048460043561301a565b60408051918252519081900360200190f35b3461000057610484600435602435613039565b60408051918252519081900360200190f35b600d805460408051602060026001851615610100026000190190941693909304601f81018490048402820184019092528181529291830182828015610be55780601f10610bba57610100808354040283529160200191610be5565b820191906000526020600020905b815481529060010190602001808311610bc857829003601f168201915b505050505081565b600160a060020a03338116600081815260026020908152604080832094871680845294825280832086905580518681529051929493927f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925929181900390910190a35060015b92915050565b601a54600090600160a060020a03161515610c7257610000565b600160a060020a0333166000908152600a60205260409020541515610c9657610000565b600160a060020a0333166000908152601d602052604090205460ff1615610cbc57610000565b601b54426212750090910111610cd157610000565b600160a060020a0333166000818152601d60209081526040808320805460ff19166001179055600a8252918290208054601c805490910190555482519384529083015280517f475c7605c08471fdc551a58d2c318b163628c5852f69323a1b91c34eb0bb09339281900390910190a150601154601c54606490910490604682029010610db857601a5460068054600160a060020a031916606060020a600160a060020a0393841681020417908190556040805191909216815290517f6b8184e23a898262087be50aa3ea5de648451e63f94413e810586c25282d58c2916020908290030190a15b5b50565b604080516020808201835260008252600d8054845160026001831615610100026000190190921691909104601f810184900484028201840190955284815292939091830182828015610e4f5780601f10610e2457610100808354040283529160200191610e4f565b820191906000526020600020905b815481529060010190602001808311610e3257829003601f168201915b505050505090505b90565b600f805460408051602060026001851615610100026000190190941693909304601f8101849004840282018401909252818152600093610ef39391929091830182828015610ee95780601f10610ebe57610100808354040283529160200191610ee9565b820191906000526020600020905b815481529060010190602001808311610ecc57829003601f168201915b5050505050612b46565b90505b90565b600160a060020a038316600090815260016020526040812054829010801590610f495750600160a060020a0380851660009081526002602090815260408083203390941683529290522054829010155b8015610f555750600082115b15610fe757600160a060020a03808516600081815260016020908152604080832080548890039055878516808452818420805489019055848452600283528184203390961684529482529182902080548790039055815186815291517fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef9281900390910190a3506001610feb56610feb565b5060005b5b9392505050565b600160a060020a033016315b90565b60065433600160a060020a0390811691161461101d57610000565b600c8190556040805182815290517f0bbd501ef336990995d82b5e3fd82a15abe1ff10c982757a1698ac5d1c3e79579181900360200190a15b5b50565b600b545b90565b6000601882815481101561000057906000526020600020906007020160005b506004015490505b919050565b6000601882815481101561000057906000526020600020906007020160005b506001015490505b919050565b600e5460ff1681565b305b90565b6013545b90565b601c545b90565b600d805460408051602060026001851615610100026000190190941693909304601f8101849004840282018401909252818152600093610ef39391929091830182828015610ee95780601f10610ebe57610100808354040283529160200191610ee9565b820191906000526020600020905b815481529060010190602001808311610ecc57829003601f168201915b5050505050612b46565b90505b90565b600654600090819033600160a060020a0390811691161461119457610000565b60008381526014602052604090205415156111ae57610000565b60008381526014602052604090206005015433600160a060020a039081169116146111d857610000565b60008381526014602052604090206005015460a060020a900460ff16156111fe57610000565b601154600084815260146020526040902060040154606490910460370292508290111561122a57610000565b60008381526014602052604081206005015460a860020a900460ff16600181116100005714156112eb57600954600084815260146020908152604080832060058101546001909101548251840185905282517fa9059cbb000000000000000000000000000000000000000000000000000000008152600160a060020a0392831660048201526024810191909152915194169363a9059cbb93604480840194938390030190829087803b156100005760325a03f1156100005750611389915050565b60008381526014602052604080822060058101546001909101549151600160a060020a039091169282156108fc02929190818181858888f160008881526014602090815260409182902060058101546001909101548351600160a060020a0390921682529181019190915281519297507f2648a7e2f9c34700b91370233666e5118fa8be3e0c21fed4f7402b941df8efdd9650829003019350915050a15b6000838152601460205260409020600501805460a060020a60ff02191660a060020a1790555b5b505050565b60065433600160a060020a039081169116146113d057610000565b6010805460ff191690556040517fb48c7f694f0a3b9b22d7e61c60ff8aebbb107314b6b698fc489ff3f017cb57e090600090a15b5b565b600060006000600760009054906101000a9004600160a060020a0316600160a060020a031663d4884b566000604051602001526040518160e060020a028152600401809050602060405180830381600087803b156100005760325a03f115610000575050604051514210905061147c57610000565b60085433600160a060020a0390811691161461149757610000565b5050600b54600160a060020a03328181166000908152600a6020526040902080549386029384019055601180548401905560128054860190556008549092916114e39130911683610ef9565b506114ee8282612b8c565b50600054601154600b5460408051918252602082018590528051600160a060020a038716927fb4d6befef2def3d17bcb13c2b882ec4fa047f33157446d3e0e6094b2a21609ac92908290030190a4600192505b5b5050919050565b604080516020808201835260008252600f8054845160026001831615610100026000190190921691909104601f810184900484028201840190955284815292939091830182828015610e4f5780601f10610e2457610100808354040283529160200191610e4f565b820191906000526020600020905b815481529060010190602001808311610e3257829003601f168201915b505050505090505b90565b60065433600160a060020a0390811691161461160257610000565b60105460ff16151561161357610000565b600160a060020a0330166000908152600160209081526040808320805485019055600c859055825484019283905580518481529051839286927f10cb430288a1696de11938bc5362c6f8c60e58808237bce4436b93a8573e00c3929081900390910190a45b5b5b5050565b6040805161010081018252600080825260208083018290528351908101845281815292820192909252606081018290526080810182905260a0810182905260c0810182905260e08101829052600654829182918291829133600160a060020a039081169116146116ed57610000565b60115460649004935060056016541115801561170c5750836005540288115b1561171657610000565b61171e612f90565b8811156117305761172d612f90565b97505b60003642604051808484808284378201915050828152602001935050505060405180910390209250600454420191506101006040519081016040528084815260200189815260200188815260200183815260200160008152602001338152602001600081526020016000815260200150905080601460008560001916815260200190815260200160002060008201518160000155602082015181600101556040820151816002019080519060200190828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f1061182057805160ff191683800117855561184d565b8280016001018555821561184d579182015b8281111561184d578251825591602001919060010190611832565b5b5061186e9291505b8082111561186a5760008155600101611856565b5090565b5050606082015160038201556080820151600482015560a08201516005909101805460c084015160e09094015160f860020a90810281900460a860020a0260a860020a60ff02199582029190910460a060020a0260a060020a60ff0219606060020a95860295909504600160a060020a031990931692909217939093161792909216179055601880546001810180835582818380158290116119c9576007028160070283600052602060002091820191016119c991905b8082111561186a5760006000820160009055600182016000905560028201805460018160011615610100020316600290046000825580601f10611968575061199a565b601f01602090049060005260206000209081019061199a91905b8082111561186a5760008155600101611856565b5090565b5b50506000600382018190556004820155600581018054600160b060020a0319169055600701611925565b5090565b5b505050916000526020600020906007020160005b83909190915060008201518160000155602082015181600101556040820151816002019080519060200190828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f10611a4a57805160ff1916838001178555611a77565b82800160010185558215611a77579182015b82811115611a77578251825591602001919060010190611a5c565b5b50611a989291505b8082111561186a5760008155600101611856565b5090565b5050606082015181600301556080820151816004015560a08201518160050160006101000a815481600160a060020a030219169083606060020a90810204021790555060c08201518160050160146101000a81548160ff021916908360f860020a90810204021790555060e08201518160050160156101000a81548160ff021916908360f860020a90810204021790555050505060166000815460010191905081905550426017819055507f1a1eea7d2a0f099c2f19efb4e101fcf220558c9f4fbc6961b33fbe02d3a7be908389848a3360405180866000191681526020018581526020018481526020018060200183600160a060020a031681526020018281038252848181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f168015611bee5780820380516001836020036101000a031916815260200191505b50965050505050505060405180910390a1826001955095505b5b505050509250929050565b60065460009033600160a060020a03908116911614611c3157610000565b600760009054906101000a9004600160a060020a0316600160a060020a031663d4884b566000604051602001526040518160e060020a028152600401809050602060405180830381600087803b156100005760325a03f1156100005750506040515162dd7c00014210159050611ca657610000565b604051600160a060020a0333811691309091163180156108fc02916000818181858888f1600954909550600160a060020a0316935063a9059cbb9250339150611cef9050612f90565b6000604051602001526040518360e060020a0281526004018083600160a060020a0316815260200182815260200192505050602060405180830381600087803b156100005760325a03f115610000575050505b5b50565b6016545b90565b6040805161010081018252600080825260208083018290528351908101845281815292820192909252606081018290526080810182905260a0810182905260c0810182905260e08101829052600654829182918291829133600160a060020a03908116911614611dbc57610000565b60105460ff1615611dcc57610000565b6000611dd73061298d565b1115611de257610000565b6017546212750001421015611df657610000565b6013546064900493508360055402881115611e1057610000565b30600160a060020a031631881115611e305730600160a060020a03163197505b60003642604051808484808284378201915050828152602001935050505060405180910390209250600454420191506101006040519081016040528084815260200189815260200188815260200183815260200160008152602001338152602001600081526020016001815260200150905080601460008560001916815260200190815260200160002060008201518160000155602082015181600101556040820151816002019080519060200190828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f10611f2057805160ff1916838001178555611f4d565b82800160010185558215611f4d579182015b82811115611f4d578251825591602001919060010190611f32565b5b50611f6e9291505b8082111561186a5760008155600101611856565b5090565b5050606082015160038201556080820151600482015560a08201516005909101805460c084015160e09094015160f860020a90810281900460a860020a0260a860020a60ff02199582029190910460a060020a0260a060020a60ff0219606060020a95860295909504600160a060020a031990931692909217939093161792909216179055601880546001810180835582818380158290116120c9576007028160070283600052602060002091820191016120c991905b8082111561186a5760006000820160009055600182016000905560028201805460018160011615610100020316600290046000825580601f10612068575061209a565b601f01602090049060005260206000209081019061209a91905b8082111561186a5760008155600101611856565b5090565b5b50506000600382018190556004820155600581018054600160b060020a0319169055600701612025565b5090565b5b505050916000526020600020906007020160005b83909190915060008201518160000155602082015181600101556040820151816002019080519060200190828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f1061214a57805160ff1916838001178555612177565b82800160010185558215612177579182015b8281111561217757825182559160200191906001019061215c565b5b506121989291505b8082111561186a5760008155600101611856565b5090565b5050606082015181600301556080820151816004015560a08201518160050160006101000a815481600160a060020a030219169083606060020a90810204021790555060c08201518160050160146101000a81548160ff021916908360f860020a90810204021790555060e08201518160050160156101000a81548160ff021916908360f860020a908102040217905550505050426017819055507f1a1eea7d2a0f099c2f19efb4e101fcf220558c9f4fbc6961b33fbe02d3a7be908389848a3360405180866000191681526020018581526020018481526020018060200183600160a060020a031681526020018281038252848181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f168015611bee5780820380516001836020036101000a031916815260200191505b50965050505050505060405180910390a1826001955095505b5b505050509250929050565b600654600160a060020a03165b90565b600854600160a060020a03161561232957610000565b60088054600160a060020a031916606060020a838102041790555b50565b60065433600160a060020a0390811691161461236257610000565b60105460ff16151561237357610000565b600760009054906101000a9004600160a060020a0316600160a060020a031663d4884b566000604051602001526040518160e060020a028152600401809050602060405180830381600087803b156100005760325a03f11561000057505060405151421090506123e257610000565b600760009054906101000a9004600160a060020a0316600160a060020a031663cdd933326000604051602001526040518160e060020a028152600401809050602060405180830381600087803b156100005760325a03f11561000057505060405151421015905061245257610000565b600854600160a060020a0316151561246957610000565b6000805482018155600160a060020a03308116808352600160209081526040808520805487019055600b8790556002825280852060088054861687529083529481902080548701905593548451868152945193169391927f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b9259281900390910190a3600054601154600b546040805185815290517f10cb430288a1696de11938bc5362c6f8c60e58808237bce4436b93a8573e00c39181900360200190a45b5b5b5b5b5050565b604080516101008082018352600080835260208084018290528451808201865282815284860152606084018290526080840182905260a0840182905260c0840182905260e0840182905285825260148152848220855180850187528154815260018083015482850152600280840180548a51600019948216159099029390930190921604601f8101859004850287018501895280875296979496879692959394938601938301828280156126245780601f106125f957610100808354040283529160200191612624565b820191906000526020600020905b81548152906001019060200180831161260757829003601f168201915b505050918352505060038201546020820152600482015460408201526005820154600160a060020a038116606083015260ff60a060020a820481161515608084015260a09092019160a860020a909104166001811161000057905250600085815260146020526040902054909350151561269d57610000565b60008481526014602052604090206005015460a060020a900460ff16156126c357610000565b60008481526014602052604090206003015442106126e057610000565b6000848152601460209081526040808320600160a060020a033316845260060190915290205460ff161561271357610000565b600160a060020a0333166000818152600a6020908152604080832054888452601483528184206004810180548301905594845260069094019091529020805460ff19166001179055915061276684612941565b6000858152601460205260409020601880549293509091839081101561000057906000526020600020906007020160005b50600082015481600001556001820154816001015560028201816002019080546001816001161561010002031660029004828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f10612801578054855561283d565b8280016001018555821561283d57600052602060002091601f016020900482015b8281111561283d578254825591600101919060010190612822565b5b5061285e9291505b8082111561186a5760008155600101611856565b5090565b5050600382810154908201556004808301549082015560059182018054929091018054600160a060020a031916606060020a600160a060020a0394851681020417808255825460a060020a60ff021990911660f860020a60a060020a9283900460ff908116820282900490930291909117808455935460a860020a60ff021990941660a860020a9485900490921681020490920291909117905560408051868152339092166020830152818101849052517f8f8bbb8c1937f844f6a094cd4c6eeab8ed5e36f83952e6306ffb2c11fffe5bce916060908290030190a15b50505050565b6000805b60185481101561298657601881815481101561000057906000526020600020906007020160005b505483141561297d57809150612986565b5b600101612945565b5b50919050565b600160a060020a0381166000908152600160205260409020545b919050565b60065433600160a060020a039081169116146129c757610000565b600160a060020a03301660009081526001602052604080822080548354038355829055517fe0987873419fe09d3c9a3e0267f4daf163e812d512f867abaf6bf9822f141a8b9190a15b5b565b60408051602080820183526000825260198054845160026001831615610100026000190190921691909104601f810184900484028201840190955284815292939091830182828015610e4f5780601f10610e2457610100808354040283529160200191610e4f565b820191906000526020600020905b815481529060010190602001808311610e3257829003601f168201915b505050505090505b90565b6011545b90565b600f805460408051602060026001851615610100026000190190941693909304601f81018490048402820184019092528181529291830182828015610be55780601f10610bba57610100808354040283529160200191610be5565b820191906000526020600020905b815481529060010190602001808311610bc857829003601f168201915b505050505081565b6000602082511115612b5757610000565b5060208101515b919050565b6000601882815481101561000057906000526020600020906007020160005b505490505b919050565b600160a060020a033316600090815260016020526040812054829010801590612bb55750600082115b15612c2d57600160a060020a03338116600081815260016020908152604080832080548890039055938716808352918490208054870190558351868152935191937fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef929081900390910190a3506001610c5256610c52565b506000610c52565b5b92915050565b600160a060020a0333166000908152600a60205260409020541515612c6057610000565b600760009054906101000a9004600160a060020a0316600160a060020a031663d4884b566000604051602001526040518160e060020a028152600401809050602060405180830381600087803b156100005760325a03f11561000057505060405151626ebe00014210159050612cd557610000565b601b5415801590612cef5750426019600201546212750001115b15612cf957610000565b6040805160808101825283815260208082018490524262127500018284015233600160a060020a03166000908152600a8252928320546060830152815180516019805495819052939484937f944998273e477b495144fb8794c914197f3ccb46be2900f4698fd0ef743c969560026001841615610100026000190190931692909204601f90810182900483019490910190839010612da257805160ff1916838001178555612dcf565b82800160010185558215612dcf579182015b82811115612dcf578251825591602001919060010190612db4565b5b50612df09291505b8082111561186a5760008155600101611856565b5090565b505060208201518160010160006101000a815481600160a060020a030219169083606060020a908102040217905550604082015181600201556060820151816003015590505060016019600401600033600160a060020a0316815260200190815260200160002060006101000a81548160ff021916908360f860020a9081020402179055507f854a9cc4d907d23cd8dcc72af48dc0e6a87e6f76376a309a0ffa3231ce8e13363383426212750001846040518085600160a060020a031681526020018060200184815260200183600160a060020a031681526020018281038252858181518152602001915080519060200190808383829060006004602084601f0104600302600f01f150905090810190601f168015612f235780820380516001836020036101000a031916815260200191505b509550505050505060405180910390a15b5050565b60065433600160a060020a03908116911614612f5357610000565b600b819055600080546011546040519192909184917f17a7f53ef43da32c3936b4ac2b060caff5c4b03cd24b1c8e96a191eb1ec48d1591a45b5b50565b6000600960009054906101000a9004600160a060020a0316600160a060020a03166370a08231306000604051602001526040518260e060020a0281526004018082600160a060020a03168152602001915050602060405180830381600087803b156100005760325a03f115610000575050604051519150505b90565b6000545b90565b600c545b90565b600160a060020a0381166000908152600a60205260409020545b919050565b600160a060020a038083166000908152600260209081526040808320938516835292905220545b9291505056d7b6990105719101dabeb77144f2a3385c8033acd3af97e9423a695e81ad1eb500000000000000000000000069381683bde924cef65f1c97f7c8fb769a20409300000000000000000000000014f37b574242d366558db61f3335289a5035c506000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000000000000000000000000000000000000000000018546573742074657374657220746573746573742063616d700000000000000000000000000000000000000000000000000000000000000000000000000000000354455300000000000000000000000000000000000000000000000000000000001ba033230fce515bea9de982fe85e0ec8fe892984bc3070ad633daab20eb370864d5a05deb41870e2117197b84cb71110fc0508fa7457165cb8cb82cb8d4d801e6e3f1").unwrap();
-	let signature = manager.sign_transaction(&address, &huge_tx);
-	println!("Got {:?}", signature);
-	assert!(signature.is_ok());
+	use super::*;
+
+	/// This test can't be run without an actual ledger device connected with the `Ledger Wallet Ethereum application` running
+	#[test]
+	#[ignore]
+	fn sign_personal_message() {
+		let manager = Manager::new(
+			Arc::new(Mutex::new(hidapi::HidApi::new().expect("HidApi"))),
+			Arc::new(AtomicBool::new(false))
+		).expect("HardwareWalletManager");
+
+		// Update device list
+		manager.update_devices(DeviceDirection::Arrived).expect("No Ledger found, make sure you have a unlocked Ledger connected with the Ledger Wallet Ethereum running");
+
+		// Fetch the ethereum address of a connected ledger device
+		let address = manager.list_devices()
+			.iter()
+			.filter(|d| d.manufacturer == "Ledger".to_string())
+			.nth(0)
+			.map(|d| d.address.clone())
+			.expect("No ledger device detected");
+
+		// 44 bytes transaction
+		let tx = FromHex::from_hex("eb018504a817c80082520894a6ca2e6707f2cc189794a9dd459d5b05ed1bcd1c8703f26fcfb7a22480018080").unwrap();
+		let signature = manager.sign_transaction(&address, &tx);
+		assert!(signature.is_ok());
+	}
+
+	/// This test can't be run without an actual ledger device connected with the `Ledger Wallet Ethereum application` running
+	#[test]
+	#[ignore]
+	fn smoke() {
+		let manager = Manager::new(
+			Arc::new(Mutex::new(hidapi::HidApi::new().expect("HidApi"))),
+			Arc::new(AtomicBool::new(false))
+		).expect("HardwareWalletManager");
+
+		// Update device list
+		manager.update_devices(DeviceDirection::Arrived).expect("No Ledger found, make sure you have a unlocked Ledger connected with the Ledger Wallet Ethereum running");
+
+		// Fetch the ethereum address of a connected ledger device
+		let address = manager.list_devices()
+			.iter()
+			.filter(|d| d.manufacturer == "Ledger".to_string())
+			.nth(0)
+			.map(|d| d.address.clone())
+			.expect("No ledger device detected");
+
+		// 44 bytes transaction
+		let tx = FromHex::from_hex("eb018504a817c80082520894a6ca2e6707f2cc189794a9dd459d5b05ed1bcd1c8703f26fcfb7a22480018080").unwrap();
+		let signature = manager.sign_transaction(&address, &tx);
+		println!("Got {:?}", signature);
+		assert!(signature.is_ok());
+
+
+		// 218 bytes transaction
+		let large_tx = FromHex::from_hex("f86b028511cfc15d00825208940975ca9f986eee35f5cbba2d672ad9bc8d2a08448766c92c5cf830008026a0d2b0d401b543872d2a6a50de92455decbb868440321bf63a13b310c069e2ba5ba03c6d51bcb2e1653be86546b87f8a12ddb45b6d4e568420299b96f64c19701040f86b028511cfc15d00825208940975ca9f986eee35f5cbba2d672ad9bc8d2a08448766c92c5cf830008026a0d2b0d401b543872d2a6a50de92455decbb868440321bf63a13b310c069e2ba5ba03c6d51bcb2e1653be86546b87f8a12ddb45b6d4e568420299b96f64c19701040").unwrap();
+		let signature = manager.sign_transaction(&address, &large_tx);
+		println!("Got {:?}", signature);
+		assert!(signature.is_ok());
+
+
+		// 36206 bytes transaction (You need to confirm many transaction on your `Ledger` for this)
+		let huge_tx = FromHex::from_hex("f86b028511cfc15d00825208940975ca9f986eee35f5cbba2d672ad9bc8d2a08448766c92c5cf830008026a0d2b0d401b543872d2a6a50de92455decbb868440321bf63a13b310c069e2ba5ba03c6d51bcb2e1653be86546b87f8a12ddb45b6d4e568420299b96f64c19701040f86b028511cfc15d00825208940975ca9f986eee35f5cbba2d672ad9bc8d2a08448766c92c5cf830008026a0d2b0d401b543872d2a6a50de92455decbb868440321bf63a13b310c069e2ba5ba03c6d51bcb2e1653be86546b87f8a12ddb45b6d4e568420299b96f64c1970104000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7cd58ab9190c2792714ab06df5b67e66d9e3873eed251d7beb4fa252d6fed6a0ab1e5fabd284f40878d38f6e63d72eec55c6e1aa8d79c06adf714e3523a1f83da763f4bcc9d34424aba82981534066379c1cba244352042de13168556be761f8b1000807b6a6cd340b97a93cd850ee54335b1043bac153c1b0736a88919bb1a21d6befba34d9af51a9b3eb39164c64fe88efe62f136d0bc83cad1f963aec6344b9e406f7381ad2462dcf1434c90c426ee907e6a05abe39c2b36d1dfb966bcf5a4de5af9f07819256357489365c96b21d92a103a776b656fc10ad1083cf679d240bf09bf2eb7635d7bfa969ce7fbb4e0cd5835f79ca9f5583e3a9eca219fab2f773d9c7e838a7a9ef8755dc22e4880367c2b5e40795fe526fc5d1461e50d5cb053e001206460fc6617a38499db525112a7edde38b9547853ad6e5ab359233611148f196501deafae414acde9df81efd7c4144b8fd27f63ac252ecede9609b3f9e634ae95c13058ad2b4529bbb07b5d7ac567c2da994084c3c73ef7c453fc139fcdb3939461da5bf0fa3f2a83517463d02b903af5d845929cf12c9a1479f6801f20085887a94d72814671dac994e14b2faa3251d465ce16d855f33259d94fcc9553b25b488d5c45fe74de60c303bc75bcdde9374ca268767f5767638d1aec5f6f95cab8e9e27b9a80ddf3dbbe24f790debd9e3baa30145d499dd1afb5662a11788b1bb3dedc1ebc5eff9641fa6918d958e4738bae3854e4cd43f9173cd4c9c821190ec287c18035a530c2dc63077d292b3a35b3756ba9e08295a02e37d332552f9f4fdbb945df004aa5b072f9f0e9fc2e4ed6fe455d95b003e5e593dcbfad0b3b47aa855b34008e0e9a2e1cc23b975a3e6808be59dcaa8a87145c1d5183c799d06100d500227e6a758757b4f7d042b3485aa0ce5e91b2b2e67d3cfdf1c226b7ab90e40f0a0d30cbbf425f495bd5a80202909ad419745a59210e2c42a1846e656f67a764ee307abbd76fbb0c99a702253b7a753c3b93e974881f3c97987856b57449e92ffa759da041a2acac59ea2d53836098196355ae0aa2a185dbb002a67c1a278a6032f156bc1e6d7f4ff6c674126af272fdfd1dcd6a810f42878164f1c7ae346b0dd91b678b363d0e33f4b81f2d7cc14da555dcbe4b9f80ac0fed6265a6ecce278888c9794373dcb0d20aa811a9fe9864fab25eaf12764bb2f1a68cd8756cd0b3583f6e5ec74ca5c327b3f6599fa9ec32ccd1831ae323689ef4a1b1a587cbbd2120e0bb8e59f9fc87d93e0365eb36557be6c45c30c1baeba33cdaa877a87e51fd70f2b5521078607d012d65f1fcca8051a01004a6d10f662dfa6445b2ac015cb3ce8fde56bbff93f5d620171e638c6e05504c2aeeeb74c7667aee1709846cb84d345a011c21c1b4e3fd09774ab4dcc63bda04bb0f4fc49d6145d202d807cc2d8eab29b3babe15e53a3656daf0b022ac37513f77660d43d60bdd3e882eef239bfe13dba2e12707733d56e49f638005e06019a7335d8184f1039ab18084de896a946c23045e5c164dc9d32f2f227c89f717a87d1243516b922e5f270c751f1bdb2b1d3a38a15b18a7b8b7e0818573f31320d496e14a348f979b7606c5124e007493f2f40c931f68e3483a46ab2b853a90bd38ae85e6252fece6fd36f7dad0d07b6763d8001a0d6abee62452904f979cc52fa15001b06eef08f17d6e16d493d227ce9277392337a1c71713603e03803d38d1c24184b52049bc029f4f00b22d2acdef91c776a74aa184cc84b0e764f463ed05c2e16a7a0dcb6c27dd4aeca8aeac1545b48896775ba3fe9de4ea36e946d8f4ec16ca7ae58165e8ddc9189d5cc569888a59733529add4b213ea5c00ad3ed3709c0175b542513c90e18f2d4fa2301389102839d969e9f0d614943fe489750f27382f7ab273f51fcb995f449fa5fba108ad0955ed0819a0a62308021ac4ab0c97f04de9fb8533489b2685447ad71c7f9a9bc89975f9cdde87a3af89ae5bff37d1f192a31b7c5aad50486931bc07820d7dae398960965baba6cfc05c56df18b8ef0f5db488eb87be803fc94e3ad3bd6e4f358fe7ce15ca21c9a4752ddfa98337177a7c096d829886e8d71340a01644c64090c84e88235b11bd1fefe506d59733cdd82286fb466ee215914b06a138356e82c0ae6d5fd8e5fb310eb375540308d95b5d53832a5dae9652f91c1e8c14402991e38836813604dcaf272fc552e7682a6eaa7aacfd4ed1c7107b0232cdee00aef865c5577f2391937b76e34810f9d49fe31e54425b6f5e1d0e436e1366e9762d8295877e27ae495ace18fccfaafd850544c9be949d15d421cf6f4bb180225f7f86ca64480975c486df0eeb4fa80a4632cff28d36585cb5dc534553454ea810260983d02060caf6b1eb2b9443b1552ff73d243fecc9779635ed137a3bc8c04ef13f0329a7a5a54b2af0738218cc91be0ee63512f009435d8623ff4e8cdaf743818510b22e42b586a7e5e75525bb61dd2deb96adc95e07998a265d58fe4df4b9ead5b5f15b9daee510558fbdfae7a56931a6f4c729c18e0d29c467fed504810b7d9dfa0613d1657d9bfa5887e3f327cf46d7059a8a0fd654c60cb9c683c55439cd5186d1615f45f7108f261aff77791cf24c975120acf2b357dfbd2defafac0016525cff9400e0feeddff27910fbf2fa84c35fcaaec90863b605db5adbad0593601447605d68b943249861f8cd33c6419c7611403376a6bb438ee857ced2e6842f99ed1b4a9dc79f835813a4f8d07c14f1ef98773286e79cec1c9ce8c26e00418f1b27c7ef104fc96ea2b2ddefb46e2fec4feef2771a1d7e2643586b6fb97094a8d298de12a6f8f78d88e5d67442ed3310fb40aa6439b89c834e43ecd4a80c0a1d74ce6a90a67bcc996a7e93b6f397fe7ab2fa43711a72b84f8c94bd1e4ac62657b98a4b814d8ef2bb469165464a90d5353aa95d09b6ef4ffef081cab5e9dc12d743364f06d4118a585f7d455fd6e3b01434a728a768987c181409eb939e9396666560d394fb151fc67cb9cddea0a94d3e33382bd0617c95304da97994f110eafaaaff6eecb54421e01dc850dc73d77df18bbf68ecc8b37ee2fff7b6f88c139f7d88d763248deb8b4e16a8fab216c0ce88faea030f3a5c994c6e4ef6a9a68cbc9310787232198b020a7c014a1fa32c1736885603dd4921cd360bfb7dca7aafcbe81d7621dbeb4e5c094c2584c339ce70176d7fd2a6cfc4bbea6b433377eff7320d412947ac774688010369b197ec4d0471b9cc73cf9a3e71bd10901beefb10ca1c53428b89ea63427aae9ede5ba104d3fb54d0447458dd9780cd4e925f1edad33f6f0884cc47da562a3c6e2f5a958a8d8723919c4b88d067343a246c6722b6f9f82018d5213648792f38fa8ea1e635b3983dc1f941630fb3762ef1814ee3f41691b24583ddca585289568b4e64f82448b54797d382916e562b3f4795e2d726facea988249e2c3f72d44ec7197b6f783c6c7a133004d5e131b7b4d6a9557c56942ca4bd1f070a2b46c3a6b81bb9a4d570ac6afea75de65ecd331dff1e0252e0f9095f974f47b2d340d67704343b2e8832232210d2f79665bebccab528745c1dc3b28a78aafa3785c29ce2eb6a8403e4d8eded1cc2554ece0a542aa2febd711164f7d7e3a492a87b01d6b4206e593b3aa6d431e908282fcfee0d14dae4b99176a16fa32f730c2d336dcfe7eff84a7aaab1fc32ac8c2e9ab6ebb72c0306bc6998ec22d6cf20c2b6660cfbbeb064b3047c1cf650df12bd153cd7eec5dc181e46575f07c8e292cc191117cd28302d1f9c72d79b1f4062dd683ca95c3a744ac310764e56b2f02a0c2850a2f24c1b298e712374e9adfe68e5414386d7671bd52f6f472eebfdf51677ce379afe7b8085459fb1e6966f5cef45b256489b7ec8a8939cd931009c8a26642f1ff78cab06a5d25522a922cd5e4541dcdbde4848177a42476b141ce9ea035d28742cee0e5e85eb78ceb2b720e112aeb76cd0eb3fc34574c7476110b3b9dff5c19fceae816715b31fc289c0e7149e8488a59e075ac6683f237886a63a25ad23bf903480b9acf3f724d5ace0ca3a842939d4828910cc735e6513dfc4055624d68a048a626fab6b910eaf558c1b43daf1cf26338bca68b5e308b734b61624c97bf70a82430d586a6c3cf59e1bab2532fd9fa1f6fe4f757c7ede0cabea52f2cbf00cc88ca7db4ccc0ff92c0836e7405ebef2ad2e4b7d3b455d8e4d9ae575d884347bdadb67f5e24058a44ae1335280b671ec3bb9d8247e28fecedf5c151fe892bb0f6e67351752e4b1bf75dcd5af3e62ab4aedc5aa32a1606b4a0de3156b356b0fe74e898065d1e720b81663453fc97f935da3b5755a0629f38d6ae5f8e5e77eb64bbef5fc70d4081ebee7a9f7169df4f0e11796f7a79e9128ec996b6fbd8f6fa56e11f17db4925c27f4cd3ddbdee8a50e0b0d4d8f6e527302cbc4dbeef4b0338e6ac7515c1e796b39c8e83f457b50925c39d405f4cd3c1aaf3188c5ac62bf1dd362bc8c9d4e49d3d2b7c2dd2291fa4bb22d7cbe7963b654d92643b789366d1dce842f47919a1cf5073da8916701f907c4d2f8a710c58e85b59f590123d3f8e57cdc14df41a1481a893b9f9505dc0637ba9b27657b0ceab87b0e4bc742924e6d8bf895b407c54df8622018417f9e543fe49f5b10a7a5fc66e5589304af33a20ea108ddf63facebcb20d22eac2fdf4a97285ae6d3f87865fae1331d00e631dfe5366345e0d78bb39a8077484a941176bc63f469f001cfd230347580b6226d6adff5ab112dcd53e7118925296b1a05978a703e383e6ffa5158fc36781f74501564992ab244d3475e1ee8e7146033da2dc116489b84c378e4a750947eb9ccb982a197f13976bb105c81624618c697f32a5b9e03f3675b2315fe773e4922c2e3da7f68ac225107405ece58dc6bbe2bd8947f3e4269ce245589497cd892c750f9ace0440f48057090c8a6cbd5046d3d982d634b4ad6ba41c7a38b7b8b0f91cb6898e769479fc3c7e7d2010b7fb38ef13c17db705a36455a34969803323806009a4e141a5c42da0f7a5e4760d07250d7e483ca6274e57cc2885e5728c24c8b5102845e8bb74b1c394fa7a206ec052c953967380d64c148ca480ab0edbc5da1a7a1e649c2ebfd19fefc52d81aeed7cd83f3c1d2128bd66feb99d5d8fbced01383d2abbf9be47f3390dd336c22b533a731d1c59c3bc5361d781ca15430d84f3c67d6981ab99100f53b6b5623df9d8eecc99d24e02d9301d636c2d5988e98a54339d5b516379a67d50dd9994a28fae5b806c56b353a84cb31729487a6d9851960b83ebc5178be689720a80c5c412e67f8ed55724534c92ab15c3bbc5bf13dfbff02d41ce4c9bc112746b62dea2b21d034e9a31e276eacfeeafc672b95e701ec0fc7ebd4b020a73fc37361b3f136246a0e3a8378442eb5e60abd7da2032dca9b5556aa22e5007c901f438c5e1baeb5d3ec6128a84d310363c6ec17d4ffece27f502b5c63d20cb1d11d0cfc316074faa820a03e6c577389e5e82ebe5f0976b6f5266618f5eb56986714d5cc75fe87176e92dcf01c58029d2b838022c0812c933db17dc4566d233720075065fda26f44b0ed3a46b6143fe180b7a1e6c1558f87b875aedf8c2fa968e2c925f0c08c7e0f23a9cf1b46f7955d9f1db300dab801f5672e2a7231bb2b622b0dc0dd9f2ec64a5f10c239e613247f8685369ed60b2d262c038fcc43924c5aca318385c12412b10d89753f9dfca43eff5f2be7d7d7b2788b877efa8b46ec5c9e99f922839bef71c613cd44cba597cf68de366eaa8874032c14d8012b41e72fd66422f7031d26be0dc4fef8f36a3c124e4ae767a665a94233812984c4466f5bd698b5fc22153c9c2f4110d9defb23c00e722692983b32ee0e84514169910bb21b14066d048960b29b3ff4c090dd5723ca4dcdebd207d4f88da831f0ee7de4aa302a06589a4aba3ca696e7d3c3e9a93af79db91f7a06b0ad825a8652f74bdb72f580e9afb31aae58807e24067f08dd719abb4e6e458bc8aa272d7a5bbd00710c43a1fea220b9022a26b574997517d04573786a4c3e09d30f3ec32f328462e26d4f7ff015121758ce1a2fd51e7f419eb6d8ac04497ab812aa6ba2e981a312ca16c38ed887b2342b0a91348198797919671a23e2b0634b523f931e48ce0d8eb840c54045d9193afec069803901e5ec1108782503cabd0f43373a85acacfa8af44ef2b1d09e4589d2dd4fdcefbf435cb61254f189ad433fa6a4e190627732ae4ef2b0c85cfcbbbaa0137033034e70a3906112dc76ec101f3198e25fb38aad46261d6019690dbf059d66c44e7ada244589c55edfc2e7d18c0ddfcd2d3841bd54d8502763cd0f4696d44686ae3be29ba3063ff6e7aee14de126dc43302f7c0b57d59eb4fdfc4903ccbd3f7309225dd90b5f25c5ade49c14334c0e00fd18b1dc611b10fbbb98c560ad4908842e765c661b9bce005aeede6461254338b8dad3203ee1b58bac1062c7e02e2aa6d420283ed81525839f2c8ff54ac71cc105042c594fb7fd7b55c14cd1247347a197ea8f93c1bbeada1dbf3e59b798c9b15765ab23f856fcf4eeaa5892c3857646bcfd8ad2bf0a15607e0d6696a8548da32955f1f8476f8a20fe4f59b3e9bf4468730b8d46c824a370d37695d1bdcac521032804c5cc66505637701e653ccbddb052f4ecf185b3605d0ba3a4fd99161973e36a35bf79571841ef7506db822dd2a5c959f36418a8dd8acb5b3ecbf3e7918a73695501ef8f440aba43c6e4575880ba3bb83e0a839254fd8d8c6b979d79337a68d218565a5dcb1518c6c82aa73ce7f54a9434ceb5f5fd503137164d74a230e46ce298b98576fea88806bc51e393acdb2abac1da23219b4dbcfba366d834d40dd8e616d214c3478136050555539eba776bf506870c3d20c4a4645b9a7c4ffa976534068009840aadae71f578ef1a325717f64dff840b9dda81b123086a47a172e6793e68af6140b1492058fecd68c4c23db1cc13d2b57f52d0cba89cd4c26d1bd580dd2a054a1d934a80b9eda8ffb503b7e3e62d00a3d075235410149e976529d8029595e4daaae1aa685f3cbdac9b26916320e75b0846d2de8673600212bb648b26e3f1709df425136f33f46129afc90839d24de1e9fee51c685db8a280a5dd4c3ac1539664cc36ffd4537af480d4082146e7395cd6de1f8b652bca8853ec742366702afd6ed79a5920e4ad1317545266f6dbb796ace0fdc731997cd94e1bd8e6689c856adcf153909cfe882b9b02650f4f9eb8620983f0c6b95b3558682d8134a9ec8fa97e174173041115b2eae21fa0b72d0a3c7c2bf9b022fa141a8b495de8321c152b0a9a942c5baf290a234ade4e8b579238a627196fa5621b196ecbe31583517ec4ed82e8d3fb21a892dfd65ccfccd2d36c5d32afa4d4bf201d684c4b1c8c1207db455dede5b908ac63d5fc0bd2b36e11df53bd52e5ce27a9af9444a8cc4391ccc82914b79ba2971ef4ea5d5c30372e7cdbe9bedfcea9ccc8140f8c3ad1bcda29d11fe51affc74f17c9832798e10222701e0d6e93fd109cc9a12df4ee5d38c531574d39a9f4357a60f8150ee509c68e469b4eb0e9be2e6ef9099f1bb949f738fa801d223316fbb1e179b74445228c8b3c40440306e4821077860c37d6b8c17230fcf7ea48d0bb0d98fd3f1f00655e11a8b2e0a7d5da8427784a8fc6d1a2d4d1d3adcc02030b50a700788ce4078c199fc733e2ad469dd9c775d7a8025b4db9b960619f0263b7f09d038cdf85045ac2a1cc5a18364048bf242af713ac4db889489d781ff16b1dcdf66acd89bd6c7651f25a17ce751b67697739dc4d1a125fdd5a8ecbb0cfaf31cd4179249e91171ef3e628dda697afed9d09b53260ae475d59ccb45a6ffd85a2c4241fd134462cf2ec21b51422439aac77954d1b2396761f16e1c6e3242b538f23f584b95cd4b811e35a526748050a7eaa02cebdf8887d94287c99500bf9c2afb7f36ff47e17906534097b02f10620958e889d2392d30660e513c22f580a505314eea4a865d97adb9136c495403e321f425348b56ce8f8e8e91ccd702ade0bbd1efdebef8344bb9defd471ef4b214976556f59f679e0fa39a2007bb9902f5a60ba044c4316c27f6b634241acdc3ce437c4fad599aabba291bfd71c05eca6d9df49abc33ae7709f6622e516c22418e7ab86144f6baf3697bfeeee65294175e5dc9ce5ec82da64537f5f5b83f5a938e41fa8f6f97f9102fda8bcbfb6a5c58f79648b97e948a074e459b9b75a1793cf7d9ca5d7ab27cf7035ece0612d348a23c0fed509c5e18d19b1e659af237c3b9aba4fa8477de805c5f8ccd0cbf3846b6ee1bc9ef76a190952115bd08a5108c8bba76d8d762184c122d081c6dc8b4c49a7f0e16ad4cbed86c6818d4f22c03a100c9afe3675a2f354bf1c2cde1f5e5a63b95761e10d27c9482539387e3aeeaadaeab59faaa20cf595d4d8c57509c751446282581ed28cc55736211e6fabb63d0f299e39ac1cd2af1431bfb03f86e5e59691dffad4e275d4611cb2d7d3be3defcb77907c94db86d989a2ca7e19729e3454eef23b0d58bff8203b08f41b40913f2d2dd2e8c98af09e5aaee76030d8201640d78e7bcfc6c1171e04cb39a6bd060ca41ebbfd090883d8b3569c39fc19cb5d87c15062c9f09138d4e3d3f3421227fb2ac48b224438b12702cb67e2db161a3c771d866c3cc55d15a094f72fe314092e846256e44a1dc513b02bbdd976321f470f81f36e719b9acf22179855d36ad0c50dab79da662e9ea7f9685ec0b44817271ffe2b7254ab7f3ddc389847e17edbd33fbf789bcd604ccca0c01c60deca286858b16dfa17c5875916e0159dfd4f0495c08bf6de51365e2175e47325d5ee71c96ea8ce24c4541886e0854bf7dd8a980aea1aba9add0316f3d052a2eea95c02c241523f3274ee62c883c4ac440d7626cdb4f0aba7a4ea686b2778cd7d7be220357de63cce55a3928aab4c200a2cd65b04d831ba0b54dc91cd6ea410359512130d2a0122f3c9752ba6210ea3b115caf891f0a0a7ef210d1988324a9af926cea8487640a473aefb2e3b4b9259ca4da66089d7f7800f87cb2bd068b8c268dfac897b9a2dd1ff4ac2b19a48b7e95a39ebc6afa2dceca7928ed8e43630d673e5c7ba1fb4afbbd40243ed411b6519420e738c24ab183f900872f10248190358636c789b842f156987d0593fa7cb813f5c688652f871aada7cb5a9c2e15ddedac147151b4d5a7bc4b33cecac961a3487984918868515ca73ebc647945fd9044f3c085b184b3f9d333a7b74927fbbe4a0d846744e0fd6bc36f9381f76422633946fe79e64c3fd63e30096ef400df8cd8c884bad1955b82c013c1a190db92699d39217e46d3db284f35b18b782e791d722d12b85c8a26ac98e9dea8356f9d3ca58833aef4ffd883953f24c96f5351438dccf33693230db5d72389905b49d7308cc30b805fa968532a976009a527bfce9ea921ff4ea9723be5b5972ace8553441a4dac7f0b2114edd3a25666d70c4f94131a63f4521dbd004309157bb32f9fc649058ffbe747bc3addc523f805f1b34787b0f446c9ed1d1966550c7d0c10e342316c6b34899064d0d2dcbb09087ac20572103ee01193a3eab06c06e3206cd60bdbe367af81dee5ab3e5dde9836c558e54c9bb6aa306a609225cf25a65b575fa97d9c962b72b798e9a7fd8192ba879964cedf623d544c8929af5c8dea56721d25578434e2b234289895c697c9c1bc4556e4f6df479a837d1e9132c011e47f9e23fd27b70e7601fdd24f28937efb9e46673b9f56914638c793f5c3b625664f2b221afb3fce5aee92a84d45bab5cda58c49777f82b2b1c8293d727fec90dd73581b087367add474dc7b4cad75cea1e43619ef3fa1b35175f5f0889c031c2083e764b0f4389fffeb307831b73763e73d2c3112adff579d4dcfa1c09d3f2c5927568a70027242e6bec83c5e2cf7e125d8b5e4ad2ec339fb79bb15b8b9a6db0ea9408fc6fb8ca6efe9ae0c8c25900d859b17fc44c4a262c7a5e06ae9e2083fc6dc36bd08d648e9a1a3d8fcbedf12777d690ff15dc7096e7c8b33e71b19005c9e1b20d2c2b6f5c7c1204edc691b389b6ad04f896ed297922bb92b9e6d10a2df2a83dc71c15d2010b595c72d5677017d6d7938ca3538d671e13b8496583b4f9fa59fd481f1f438f92b01a6c5f7169d44b93c0b6863c1a183e871e7f50e26e6d41243a1c509d423309dc886dbb9ac245263ae9d6024456e72b57e17cb08ef00f4fa4dd9fd27de0685c4c6c680ad654e3d81dbb450f0a5e7821412d442c2034093e3fb10234e6a51b98fd388eafd0eec66b42c275a3547f72c7f3d16ed81395e9a2664faacdf99bb22327280e518e4ff047451e6f7420b562c68877c96e129d0cbe18896aff48d49da028dc97aa0108da9b29c540c5238d676dccafdf463694aea34ad4f513b6c7a58d071c335ff1313d41b7cdd902904b8c9fbea2ed34878b407ebb8144f603683ce4ce61eb0690a00d492978aac3a0f3010b7479667811c3332c06553c14809c723316c84d084530e93a63bf0b7658f7bf367d29577236e23ab658a685f2612f0216a932a24aa4f70b8d0609aa9ca14e4d91b8ed9fb62864ded646012ef675ea359117c07f528d7dfb742aab9ac892851e97c94f72d5c34d4feebc7f67e09fdc6f633f050833192f15a7acf4f8c8beb3adf3860fb26fee39a416ec362e4b6d9ced09fa57b3d5b7fb7de018e4fd93eb65634c08f6d4f1e2f490c2a8b1be2794a27de0dbecc9949fd1d5eefa0fc6f0033a2bdecfcaa267280b445e92385d2edd4c2b31bdc5d54ddd6cb30b3c370a893c217945d346d1c5b8b98ac754a01afeba6f5526939ccfe9f2432461a99c7b9b44a3983eb65fb064c32f8c72e18b8f6e42e72a1bac21b3cf94526f81089b235794412d1aed20f48324d742d4079e9546f495248cf7f42839852d604598ca2079fe44b125ae9970973b57c156e83fabe6d64c9aaab5c243d1dc71520d45317b913205979fe5bc075b0068d8a5ceb7c8ff9149c763c22b08d35a09feb8156bf7d8eda212a102906e251efcef1ebed894556f18444a0938b4c050f2b873505bdce97cd4fe539a944b94e281292f38850dec9e9f108d3b2d5a83837d114bcb3d6e6511629f310d194328eb05a7b88e7a053e97dd92881c89a1169e7d23a4fa1ebf532eed2579fc4482b9c93da2b5e9619f289f346160996cc61a3f380ea71b25e777af37dce79039cf90a2bf16ddd46733fe9c1cddbe7a42fc5faa7869c96ec463e9817495bc24a23cd9968213927522ddb0d6ba5db92f5736a5723135305a6c083a9bb54da7e43da3ebb07066ad94e597706062118fef17e9e65363f71d8859d30527a495f06bb025c1d26c6fc80e9b140c7108c57ee5583063bd8d2a7efe6a3026a79f2294e09ce980be8ce1a017132ccf48a63eb32454b12506a6099d4e310f07612e77da46aa0caed8fb0446fd6091140db2cb1432bb93cbf681cefae9d849fee6b0d87898d52d31a209ca6f168b6305011e2c9a55fc5ad2237d7c2d06b98e0703ff2a89fc7af8471aecd2a6cc0a4745082db863bc8d46209d51135333a03b328345b86d6cfc23d6d7384fae5d8546f05725ab139e2c25b0dd9b2113b2774391aa058cf90915bc97a94e74ca0ff6785243122f12decdc48aaa8ff27200007f35e928e62269f7f07407802c9a10648a91180d559c5c37cf3f425c9949b9e38ce4c99b71810babe45344d929906776a66fab175e20bc5930f1dc4b5b888301028b6e0f92293e468d0c6b191f0840ed822c036e6257bbd4f0db8e931463826c0be855add67bff5fdc6d4de7347fa07e63d68f4b6876774a39dff1ae927614f8a879f128713e24b263850f1ab3176ed0e9ca9369af947bb8e862e927cf803ea7b53b68eb8c5f87f1cde2399122b7892ccd4071610f0873981ece2ed719bebb0d508037e46b95610d14e9a826549cfedecea1d32074aa439592929873b49d9434f35646adeabc8b52e323ec2dd6d0d6e27b530361fd8bf9e4e3a0a58e3079dc63156a684bd5cde53ba8c9c51da274bd61cdab187a3fc0a84d5005319f05fc7ddbda575f73f3178336413f8ba0b99cbfdd5c350a3a925260284d75fe06371716f951d76078df7cbe6f25beab46b8f4222c74f68822d6747314b688839540d3bb9bd0f45a028e780fe2b5c78e28dbce66680f1e57b68d6088101146aa9f976bad10933e4f5481444a46d40413ae5d00044a29dd3760c712c04771976280f793ac5bf8cc1187976096e4620d646358f207a9166b9d27030721fc00688a0df926e6f4944ba6e78dc862a8e55e3d1a20d2993d8c8410548e9bf1b6efa181daf8bc060bd1af3dbd8853d6d3f54bdd1f6270b20fcf7f90310109b98f6b366a4ebc6f717962e408bf865d0128fc9ed607f848d376ab1c50e66152f74916a28539a762c75387d144bdaf4a0b8b0e7baec532e8d531501674a8727547916fbcb2e45f9c7d41063bcfec3de1b0adee000e555397ab16fb0977a8c3ac1385dfc89eb7db5cceb9109077d36ca9ff5fcf9feed6b985693746a95ba34f7d2875f61ee8606302b6470f8ad17b781daab036e288e5ee083a3a36eb116a34f5ad97e1675181818289f514efe868feeec3b48b1a574b9405668aa536e572f0e2b46fdfccaea5b2f65285f6a9a05c020bf440f5db912c8ac289c67b9d724225eff88366992f08711f35112e66b765872d39b54cdb5c4c0719b2c17dfade7e2f19281e6ae7885708ee8a8f6f90ce79387e6e47b33f15f212c5b386a5aa5f93cb597698dae4b5999ccb4d652a08c41ed27c45d2ecbd112a679374ddd6606ca76ceca9ab08f7f648d248622ddd633dfc121f9470930ae058cfa9455ddbd25a38aaf48f242ab6e0dc895c5b2af0d9ab0c996df526f144cce6297af5f3ac5fa1d159f52e072b827dbd273afcc6e3b8fa1151acaaca5965a4b6cf5b0ea6275da3208159c6bd6d716eb61309eb4ddfe1bbc4ef8d013d477668cb3506ebb4724ccc72affdab79dcdfaaee55a5946b4a3f768dae9fedddedc6c5712296f26c025ed2ee299cd15b1e692c616094f500fc53fcd9838401c0ea6b6ccb883c149a52d875501ec2e647b1d6720a8227e33cbc1f429ef60103f3334e3de2e40ed4a59d811b8cc51a695de25ebc66eca519222dafa22dbca634220097b1d3f9aeddc91d11019d7215629122b4dc6e3211ad842288b581c31e44fa79e1f7855d8fa77e7a224cf571aa3c16b5f4fe5feb16d7d1bdecc543b0e8ff01c677ec6801e87241ddaa02a5c83bbfd1d84c62e269f6ce8a708e693b86d8e5439f129431a4c1c0bc6ad47784c38e1cacf6c523da23f65a76c264b96aabb50aa9e299be6abd1c9d078ac3b2c5f2c3986b5707f143513b4ea91a2052731ef5b48780dd0cc6626a0f0c358454f6eb36df7caee6f8dfb3ea19a0ae79c0d1587140147be3efb2a0da1305d5fe056010c518e3471572d889304c4ce00acc78fed04a4b888d5e7e57d6cb5cf4e5cf1f8782e1b25ad948eb3e443db75af9233aaaf6659adbe0ef33d4b3ba5214b85e656719df2eba42235b2e268f80e3c5971d28957f8e93f5b04a3d5eaa607fd4bb838ae48661bd093342762cfd1ed60b21f04f5b95c3e5426ca6127b04810e2ee25bb56ae81d7840328d8d4f7d1bd341ed58b102d9860806f4a4d117c044f472c85ba422eab084faf8994cfe0a880bc46dc9c1a8c11995610756e2ac50c5fea8ebbcb53dcc76b1944ce364f8878f42310fe0f8cc211c62f627d12b20527dfd84b78c98b1122050cbcbdb70e08010f68294a6a805d3fab97e76cd695f918e73763ac2c3dfe4a8d75db87dc37e2399fd854f3284d29c7bae3d3e31c4375ad9e047f03a5204c2ba93b6025c112ea2c9fcd731e380a8aaa42860c859c2e2cfd333f0bee741e21f78776defea86e862711f0d0bbf64003ee848a8d1a12dd00c024cbee343d1093e653555c033c198401caeb951860392b5b1eed6200828aa310ed466e41d855dc4231464adc2b6b6fd66e03fd42736fb791387efec28b37d0686272a6bb181a621aae7be06866bdc1c4be69e94642c8d3782f5ab7cc8c890699008b52a11b149a517771b93bc2ae597dedaf0237ea8d9674e26fc75c3b468e04e2fc317d03484a75fb274f7ba1617bbb72ec16da1fd4109952d052e9de7c00761736dd17e70db0976692626ccf8bc9e88ad6c25ed88a2f7c2750add4ceb95744f690ee5f2fa423a2b62ae57c1105958bd8e81025c9412fa71f5d1e81bd6cffa01f489fab7e90ab8a3c8aaffc8e3d594beb254c460347196473117ec2a416dea464eaff95da6cec26b5535954901298f11932ebeca52aded139f2d5aa2c24174e2f6c701ce1f4564c60861ce3b9cdac1cfecf071295c5ec581f0f075096fa457373c124b6c8cae3aaf915e4701ad94ec9c01e5ca0552019bd7f107a7d5afab9e4a5e7cc7b4c5416656ad064f4a0f89afbf7c5b884b69a12fbce8aa73a49b2e5c5728c67a7396bb8341afdf52213b2f7f8e84962cccbeaea63a3c7b24881ecdde39cc57b4f211cd57c6f982217758042f61b648496e62b612b7b8bbe1b9f15d237aeac42b54d15166b5c71eb27ccca1fc9e050adc62a267eb82ca2144ba323a73aa11e2fdaa87695c70316754faf7aec44a49b668362b0b35e884019227e7b9a35e8841e64e0009c713d7f3e4a74cc3feaecf4c99b8d0ecd85c8ff89771b63a38e3af990641f28fa7e4ea560577d600f43ccd467d6a347fef04d392d42f8e97659348c68b41299f94db4b713d61868adbd20a4db74f61bd0d1e7846bfc8b8f8bb50bf50c2fbfdaa87328933741aa2b1ca50cb759c1276f1a7930952ed656921f5ce5569ed16b31b2a1b6009c784199ae60ce2e35d573808a195974536f220cd14dd634bd06800435cf1219047f6246c2d9bdea5e489ab4862f0cb0f01439ad2ad1e2042b3f63b8611a87efbe842613c21761de4c79291a8491092c20134252b8e900e5d3cc70e75d32cc41452c5c33b66087213c34f67ae73fd56a183be858f1c3bcd73d814bb9e3f78cd18992b0ea401d8f25c3b60c055df8e6430b62899bc86167d0b5e2bbf16d75bf3f2b94c26542202bbfa0abe99be1a07c78140f42c12f51576007bb5439966a47cadf5c4ea624a75e7a4f01d8733aee57e3497c013de4a33cf54a94acad9b1aad837865a6881db9a725310eed49581d2223f2b0984757bf3fc5122c5dd572ecc781b48fc508122775779d2b2849e11684a585ce844d21352f8d35ea53f0f34d772bd9ca76cc4dc33aa3f2e72418c097614fa5260eaf3c2d724d3599dfa0991a9c0eec9c4d550886c85e1ab2541e9868a36afbe0d9c07c93e44c4c73c66f88e770e5d4e4ac331fafc6870c928fca85756c444c6e8f6cf75865859abf0cfecc8e89b8c806a2e6af7cb752215bec6201eeb41759b27d599931dc2ae75d605b3e387bf263ebfd09ce2154b81479675555ec74ad85150f8eb8c1b3c4f31f6409648f9c1b4678c82e8e2afa9c887f3210afffed160d1634ab0259e1bf5565d8598605a435bd289afbbc12034f67199b67bb0fddb4b9180908c483ae5a8eed16221687e1f524d010ce5db78d1b999069f225479fd6bf0681c7ee95d4665925bc96399989b85284087e67d5a070f2713feb78bcb91bc019f3f19bf3abb7cf36ebb98f09fd64b61e2bddc9ae6335da48ba85b62562726e142bb9d9e5c8f278dbaa0657dfe3e410f03211a072555624d98790aefe8e7b0281ff6af3de79dd5a414632f9d4913a480e9cd6990f94350304f853ba5679a4cb3a647b98bf1eee6cf70f77581a1ff82a9ffd7296e8fd172d37b1b0d1621692cbfeff8de18658f04af5d5be08bce66e5dfec5989b674219f9ceb6a1037c80a8febdfac63d482debd34c3057a677420f0bdd66e2c2b25a9c1d34b76b4a998ad3ee21d1e49f812422c83016c12c201ac2b0f07ddc00638846f215bfa6c575cbfd577178eb0282ade2c459a13386f5dee8a7502321292a7de077f4fd12967b8c8055596e7a43287639843b6ebee58d463fa044562ec2da7f9c2a7f28cce685178eddd3b9fe7b10202997b6b170555a71555cfebd06cba6bb019f8cfac2ec5db3b1d1ca88acef9accf76b6a74600e590a0eba1c839d6a577d3877e7d6d010b04fc58e160ec9733bf200a9e0b24fe8ef32613cf2c7b1515008b8833e34d3967ccbc8bbe30fd1810f23bb153b814392eb37d8917e96260b3cb16895ef13b96d72c81a14b908224571680dd56d04a59a6583a232ec58e8cff16f6428b5e3dd19f362992608aba912b642aac9950777627ffa4eadfe9f31b73c3fbca11d2abb623b732f3d7c296806151257c9f2306dee1c84eb05d586e7a82a8750905716b3e51600250a1e3b4bf274130a1bfa47117cc8b6db3741ba04d977015b8ee250c3ffaf859fdf0372b88fec188830b5870f251889584333547f3436a548801fd3236da2ccb2b504f85ef1d259bc3e00f0ced934a4b297ecce0d668fb3ecb524d3ff4380a7856c7060006de31931d0b26ec1d084e0dce3b9a123741cdc326b441131d777799623c6340410c331c7e8a4a8175d7d250274cc4ffebd5d46d855bf90842888893c348f0a447998e3aaffc81c9b65e3a772eca5c2f0907ee13ab6a2babe99f388755fa3ac9dc79a2ba4ad7a869a876448ed1d4dd6a8c678065cfc90df8470b29c83719bfcbec7c5e3244a665a28593ad42ab84663bccf570a8e8b783565f909b5e6e8cd69ed6f79fc945ce5d845c998f25b9dc118c96dd2c0f592a73497dbd9e050632c8d82656a71460d0ae7f5f38636692a78083b2fffaa517dc2dfe18ae020e6a5562be54ed9046c7129b3a57dcbd1917efb0579fa9a3978690fded8e52e4860db75b2a93c77316a6e84df4965291a7531e2abc0fcc0d0016acc29680baa575cb7be1a03206236310eb5120ab4069e0f8f0cc3f6bd188ca91963eafc2bc66b1a42f8c49359cf3171a72eef94eddd8aab03f770cb2f489aece4e09a85fe6b9790ced5feced19e4cfe6bcafd1a5d99fe56b78f7a14fdea11fd5e331e23191a3f74b32d8ff2740409f346aedf469eb8aca16b43dcc44c400ae3e6d1c4717ae1f18a2f70830aa0c4d5734922374dad8c006ab97e02a4263999ecad0b1e9f24ed0b599467c962932ec610e63c0b3ac845f5d4d10979c92bd884669908696172609e0da039728baa1f0dca8885d5439ca420e87f5c449908b2a5f69b65b60adbf5d74b21eb1f4e0d79558c59b4499c245a9952de8d3a51021f2e77c44e06a489df3b72d28e5d03ddd358ced4f5a1fe057e58b86f9e717cb9001cec6d6665cc0f5b9cf89873e6e7d10355746e99494766c937683684312b630337d1c411f3f2eddc52a8267e19d38ee12c810cc4e33193e26790b13d1847c56282ac86697996daa386b06ec2ceaa97fac9c018baf644622c74546177267b053a82292c1a1cf194909beba3f2670acf1d095b0caed4b8da2fe48c9da3dc61969d938707a62ce9cf55b89ceaa04a9069d38f4e89db794a335933c5b45fe215976e76dc71b7719c2ef29d06d2dbcfce0470007331a221dbce6baa3f418f989d7dd927d343152ee310d084799300e8d3801f9d464d9bbd5687e3203cfb8e589fbab39ad4851b07bd13b29d7f4b767858d13c5937a482207470f673593aa9abe339b3d63b7ea4ad60e51e7f9080381eb07213ad1996ba7bd28f8b44b7ea037e0bf9716f56820f908fd4027249df11aea06df25b3860cb18b68a7df5ed0d14730035291346049e1e5cbdefb30719548fde4f986bd9871a71b5bc7f6e03ea4fcf1c6ddfecb06413832ac27b08d203070acdaf432bafdb288908dfd673caddbfe41af8255ff7106d39db8d003ec1abcc3000bd7fe1daec2624bbe8417f81150f20a8a48324100ef1570a6de7c0a21e16f6991b23016671bc96ee55e99a97a5a0120af8ecb816137d5f40b9e71d56cbecf61569dcd2f850ede77437be06fd85b54d7220b9bcd13e682a8227c7a05a4efc8d258b0331b0f47cf45ec370b491d6b2e4e601e50483480d9437fdf570b6be69b28b964972fac047f8aaecbe567c8ee3d583a46d5b58fa3c361dd3ad73c91727e4d0594f428acfa977206c20995612834497928d507eb62aca1752a8f3048c932b9f0f80f7c627a87f2b50d581961b8739bddfe2afabb1c757f366acd1e639de808409f598755dad254c60b5aefbbdcbad52f72c756e5e4b286a6866af769593f66256fadc939d3d23d1db9096038b40ed224ace023f2e3ea84fb4092c974cb44ffbe489f0ddbdd79e66281ef9c44e81781b849b0d3101c17e54ebf8bd69393b9220c75c7d3c564862ef35d7dfedc855e2ea15a6159c6c2bd01d2c4f3c316ddc43f937cc295fe35365a69ffe68a2a3bfa7eff90c2fe8563f6438117c31ab48cbd5a3ef1c7a03a03a048be4a9fe0de1d6a86feb144731f4e84f1b509db65d35b1b8ec3d0f462392da10694b207ef1d9fa2581b572f9c45012151f039ebed848b3fc211b2b4d6d48266e8bf800e68cb1165cfb17cb14af4fff107e57bc90b9e32006dd090ae12ff39b000c474f77da32549f51d07bb23d233485be9143c55849b5fa241337c050d48d88e4723f7f1032120cb609c584cb10cd777404556df84cd095c4a9668d392cb9a6197ce04e4234d48b47f8deaad83ee95292c9a9e9d42838c12e34046483ebd821284ac349fddb3d89c0e9a85716ca5f2c60569686d3580c6c7bce0a0ec4183fea724ad02763f66f85992fedf49c67a54c8ecc5b47d6e00cfeaf23b2425b795be93d65d92fe0ac761cca8b2feb4fd7a4bd21bc98a7328f178a61aabc2edf843e23ee94c757a457d448f3588b4e39cb14d855c35372c2060966df0e3382afe2d18988ee7676511e43afae09d6e16b50bfd290c1202c5c82520bfadb7b9eff22c2e9d202e7606f23182c08f0d405cfda6e8bf4b222a14a96015602cd77b2e0af5027938348075115b146166990bdccdaefa94626e140f8ea6fe6b51fb38fbf7ec39b89e68174db08d243a5da08a573545993db451bcd7462ba2c308849e6f54fd68eac003dff1971d19a00ae1d326d9db706197ce15397066ca114645ee39bb1a950c068908be503b2cf3ee74048dd92808e07172ba1362b3ad4103953c990e19b4581c54b5a240d90ec56150fdd5d9d1e497090941b541a9fa202d09f2790bd29f53fcf2adeddd4b4ecbff252921feca36cbe51e5185234641c8df314dec556280e408ad6605cb82f9fa5cbec32b2d478e876b4c3bc5019c344ee2f0bc33d26ae3b69e349771a8069f38f879d82e1c68f84d44516db921ca606b6e310e9ef0729b9fc76eaff94d3e44f865a6943eecc5ea1dc097e69e91344f7b287223fdf25ed3512e1fa34b0879ade1a2786571435e71d3fab19a6ba93b5d83e20f05afba10ab48ddee2c6feee813635318ac35bece3a339fb5c2278df5b9a6b7859343ff5530a2dbeda669a47a5eb0efc46c148ab00165563023536cf71f189c6b855ca6aaa056233ba82edf29e82d96c6118a0e6bf37d2ab2945ed1904f1dfd19ede3dfcf257aea6d560e3776159ffc384b3540deb1cc38d1022e530c2d46557a21eeb744ed5c00843f7b6d5953f1ff4770d26dde34c4cfbd308074e0df53264afc5a3a7ab8a57dae296c39bd72b88ad988319ba9e13ea529783d5c926d2f48599720695fd174f8873d0f660f002d8d0ee134271450c12e9dddb641b240795c2c09b958778e16081bc9180442c45fa916de16c83f16c50092eef58a56191bbcd906eb475b97d37b7f5cb00a79a9ad66a636e1052f9dd1e75d02a5af4840dfda7eac68c749bb857675e67b450a484d3e7b13a77fdabff0e97dfb705e5f4f6cf1e95a5f6cc38e099634a020087f868580ce2ec0837525b8c58f08444d7fd4333a589c0356de22568b4fad8766ee3325cbd65843f2c713ecdb44c96411ea871c039915b546ed6fbafbd51805ac48d06c6924d3f7036e1814250f50f27342c8c4ded3e68b6b3f161d46379c1088a7a123f48f0e7cb5a348f472eb155956fe232fd301e64f341041683ce3b25bba7f290a10282a8dba3a2a3da24461a5be148c2241d627889adca5acad981583fac81d0ee4ef77038c1f80db9dfe740720904512691a9c8545a9d173c08c2e8599010c972c2c34287d91ac7803a5700a0d6e29b7774f8f487b70cf8d0ec9474443e2c0c051116b16aef491c3945a65e6ddcd7931a7259e56902a2866b95d3c0bb7a3ea61b1f3b54ae56e6a7366ea895056ea0d1c251cd74f7b82b0d47464826f4aca77434df3d909271a825b57890cd830011981d95229cc0427cdc97758ddbc76d6cc77ba06c92d19daac8bbecbf55535e98bd4754ec06a6e632225c43bc46068baa688636eaba53926ca093a7addcd6a696a902ac35631aa43d9d66f77270cc7bf66140dac239034ba304e1aa0a265131e9fb2b7f079861b0e4cb9c911ce82ef0b685002476baf26401dc8cc444543129f82ac6b103881c596b19d9eba8ed6b230c17914d5c34a0040c18dc54d8c4b637ee683637fc5a82ac1cf12691bb28fc0bbb307fc032ec3d2b06eaec56ed769b5e892816c7350dce89551e87918f67a117c39f256a368586c78c2e9614e9658161511a8dad53afe8cb9eebe67c6596a90eeea1d3d2466a4d77a1129c0a4409b98d8ac0b925c4b2b3500665a3cf4ceb82cb0b6732eea8a796f9b79d2ea49be97066bc1f606d9f1f59f41d2acbb878a0783093fc4ab0ef866ff60a6a1a58d3cee90307f09247b5212f8709856251ff5d8fb77657110bbb3f3aeff07898f049c821a82c11e27b0c176a9feb12de5d08498018f7607156c5065cb56bf9d6867a4495f26a07e0f01312c2ee897b82d8eba0cbc473da402814dba727521cfec6afac2cc59cdd6a75e1f8f40585e5cda51a7434a81ccf4b7de33c663dc174ba973cebc5a56831005d231c719ea34ce42999c471fccfdbdbaf1acd2f9c16f258e32c70511c475ab264173246ebf31459a05ecb4df443066b61a243903e80ff907af17a96d7afd9763df8f8c4fc49775bc805e2dc165bd6f1c4e06688521557ed9ddb6860fbed1e32957bea1174b3a9aa809d7fa6301fbbb6b3774cd856095f14c6378cfe98f05d4f06fae91769165dd0adfc51bf8f57d701ef14a99d608db0a104ea78fe5b13794cb8529afa5352d1dbc8235d96148c8f9c2e29d6e2359a8dbeba56c9376b26f8384c66548979f4d982fe0652cd86bb60e6f2463ec63dcdd5f93d4bfaefe48f8012c63b32ad3c02ec9088896f6a0c8b1097c1ad911ada7a2d6f0d201a28b70752182885464dd688535bdfc045e8dafbe34b20eca00848e757b4a37de219be5a5fe7a4bc5cfaad29ed92e9eda2bed08407e0d0f53caf6b3590210067d8b9ef16f9a8f5612315dfa415f1efc8d7349394143a149480ce3ccd60ccaff0d9a8a797820f41b431ce3afc4adb2e07cde16015087e09e08bd13471dee960db35cbc3b53c187a5bca7ed50017e09b2ae2c837b1f6557753c7f5b004332ffa2b52d8a2269e7cf9cc397c6079aa5add61d7a560a894e71510e104f52a93622e34037b1db70a05bcfc546ea2ec7153e69a8df18fa9eadaae2c1438710477a9a23e0f7092c310c5288e2d39d362a0a33f9e3d8d9792b51a71d9014abcff66ee509baa3dad341b1e4b6c601a2966f77172a4df0f32170f3386a6600b0b63699fe21e26eeb475507e99f666e0ac349b9e23463450f4fa4498356887d9e1c5f7d18ade51e526d27ccae799d6775336ca9ca8e54d707639ecb0618a3c675533494e2435c0b3780a66defddd217d2cc464014bef8a051d8f292abf9e5cafa78c600c21ed3d40ede937b1e162a1e14757d39d77d4fad8711b6b46ae707b82ced0739f9fb6bcd9b557982e89bb3af5f3fb5448ea960f454f4475ee78970acda37501a8825a04cecf3e544651eea8933379da3c3e7de0a875d689003c00d276470fda3b6ed6473cf8094ab91784d1c0f9468379e8e9729dc1032a5ca14378f8147409f13cd6994de961e2245b35c814596087625d3d3267fc0c1e5614a4af94993091ead40bc9e1d3093228b70c188855ae9e914b15aacfd4f83fde83072af92b2cc968c93cac74e15322eaff32a7bbbb982fb725aeb71f34bf16323d9c0a11dbaf3ab676a9cd1dcfc3f8a0c66d1f082f23806133002c50b59d4513dbe3419d5002263287ff47abdba0862341effe669f26b375337170c8e0742113e1063e8141c4aa9eb4970471f3187f581b71e6f7fe2f8043d065620da8a066d112fedeb33525eb1061c0d0fe9fb415bddae8ed2eb5c3ae6aa0549230e436afacaddc389b2c66499d7fdec2090e7e13560ca0a64803554c7cd9cfcc1cb48427cf9ccd954bb7446c887e2756db2882ff12eaa64efae3a24b35d1d0402922efe90319510495420301d3360f4486d3f87e3dc4f9337bf3fb4e3c6a82850a840153a1936e7cf74086757b72a8db19d33a62a29f3dd4fdef454d9222031aa0958af21851b66aebc09a5c08efd204f3ff18cb1055e8181d6630309fcc91c0d6daef19e618a3ee23e817a586d02364710cfab0b9f2cf18502a34e67d112f1730d44ccae54dc221d7f3877bb828e7109878109f8e95e2e1407df4e588801d25d9c2a1c501e74890631e9a92d823ebbe6b5635488f7d48788ef77658e3bbaf287536b37d3a7ab1ec1749656f2ebfe562765e71dd3e1b895d9b5c315fcf2b3a063c57e74ad1e7586b293ede4c77732f38d316c14210a121153fc50007f78ed64a8e207e9d04b312ae7f97a946c74d2a1181b67e845c3ac6e340b2428c8a5546679707fded3406fc221900b118a3279e13b74926c793e27fc4cc32ae478b4421d6eef75d3a273ff61d0e95b4981e8dd57e16bb00e09bfbbc2ce60cd844a9abb839b8b671fabddfd6e86a30c0a24e73c3c17770f34641951e5dc73ca11d8f8419a7407d483e0f5f1714df0a1775574b5500e8a5a28c655dbc28d7a1ca4b83fd4ebcc7ef2e4994c97c87659681acebe7417328c8612e8570e7ade7ead7f4fc711c9c539362779e6be525bdf5ec037f670b5235c06a1acd89b4ffc21668a7269cc73bf6d1399852eebb8b1dde8ef072e8d80832ba32c8e9480da2c4f5c3209c557f31beef41c00d22ee7c7e2c1bf9952ba8a03c1afae9b4aa63135d2b131f2b2804afcdcc762e1bcec8c8151f471572888933ce97dd787121ced446aa9718bf3766bb6d8a752692c59489d5b565e1693aa0f67b352f915808e415cba13a9864bbd33ebc97dfdc0d357d6769f2f545cc6529c0f634da901ae63bfcbab0a3896bc43faed6a6c23bb4e92f3d669d2e0ff485287cce322b98d02866f026cc556ec8aba6608ac2b5dbc29e104ef2e28d7b51ce63110025bdbfc5d44e8aa7a04ecece07b9860618a162e7289e8d672bb9b15b6ffc87f738b0c7a2b733c5794afe58b1beee4b6780ed453bf2ef2b584dcf32bf732c98fe359abced05fc115e531b088c61b0d5d5058af10120581d7db192e13a5b7b17874f000343aecc8d5005b91b13720bc831de5f1de5e3ddce27ba05213cd126a7cda0afa9745f498200269a5736f63b0faec36bbd646a868100c17cb7f6639f2f14b6c52198fab04c1645bed8763799acf8fef62b82fda1825a3379c000255002788d686695b4c17be3931e69db8980d0216024e9b7b0588cdf8c8102d11f55f971b3163c392cfaa796e0b85dd0bbacd6ca50b3ab80c2e90fa0c18d3526e05b2a46c2eab823c0511b43c71122d533e27ee6d6e34706fc411c67a3b87440a3429df3009996743ed3e4dc244fac98a789f17818a926a0aae81ecde260982b80acc299f57a570a86ee28d0414edc91fb6d5f9a88aeb31bf22270bf3517aefe1140b05be97123cc43df6e8e8e4df96803fdd59715c87afcf0189fb5448663eb35d2c4e5b13dd0233a95f8d6187bf0d5d3ba35adba59e162e877d5a0397d9495ebfc771ae68283be15d883e91b81b1bb0cd8da6c300df7e2bc8a21094cadc974c8270d8ee37fc7e7501a57eaecbc244ed61cfc8d556e38c0611a5269c3b930ee5f37a9771f0c152a5e28df07a104360c973b9a83d3ec5c0aa012bff141842e9b68222647c7d022753dbaae024877f421ff36b3721c26a39b3009683c8c510ba0ba8b5dc1033f9b56e9a43b3141a92599378622a2ca8136f5f1f51cf7b7dce7d043f65f8562b33c4864adc30e7d4c808b10abbbd92f94272b68b063f7d7baf7fd6eb31cc76690042233bc8dee7253f89ce23de7a535af022dae95ac321694d6ce311744d9c152e4424a0a502d221b2e602ada71c60a2f15b7086d75867476b0633063297681fbb0a3e154efe552cdbd9d3203f2e447b60b643b823ea12f504f33f6b6c3bd20e54cf38e3c45c5d472814db60741687894e6cc3c78196d5e722499d202334fb742f14dc2ccb7d114ae0c4cd61ce2ed0cc7fe25a395d6b73c1dfee9174e59d129e7f3c42f93a246d918028d4e2dc804438799
+").unwrap();
+		let signature = manager.sign_transaction(&address, &huge_tx);
+		println!("Got {:?}", signature);
+		assert!(signature.is_ok());
+	}
 }
diff --git a/hw/src/lib.rs b/hw/src/lib.rs
index 4cc0d308569..3198aec64c1 100644
--- a/hw/src/lib.rs
+++ b/hw/src/lib.rs
@@ -25,7 +25,9 @@ extern crate hidapi;
 extern crate libusb;
 extern crate parking_lot;
 extern crate protobuf;
+extern crate semver;
 extern crate trezor_sys;
+
 #[macro_use] extern crate log;
 #[cfg(test)] extern crate rustc_hex;
 
@@ -35,13 +37,12 @@ mod trezor;
 use ethkey::{Address, Signature};
 
 use parking_lot::Mutex;
-use std::fmt;
-use std::sync::Arc;
-use std::sync::atomic;
-use std::sync::atomic::AtomicBool;
+use std::{fmt, time::Duration};
+use std::sync::{Arc, atomic, atomic::AtomicBool};
 use ethereum_types::U256;
 
 const USB_DEVICE_CLASS_DEVICE: u8 = 0;
+const POLLING_DURATION: Duration = Duration::from_millis(500);
 
 #[derive(Debug)]
 pub struct Device {
@@ -57,13 +58,13 @@ pub trait Wallet<'a> {
 
 	/// Sign transaction data with wallet managing `address`.
 	fn sign_transaction(&self, address: &Address, transaction: Self::Transaction) -> Result<Signature, Self::Error>;
-
+	
 	/// Set key derivation path for a chain.
 	fn set_key_path(&self, key_path: KeyPath);
 
 	/// Re-populate device list
 	/// Note, this assumes all devices are iterated over and updated
-	fn update_devices(&self) -> Result<usize, Self::Error>;
+	fn update_devices(&self, device_direction: DeviceDirection) -> Result<usize, Self::Error>;
 
 	/// Read device info
 	fn read_device(&self, usb: &hidapi::HidApi, dev_info: &hidapi::HidDeviceInfo) -> Result<Device, Self::Error>;
@@ -185,6 +186,22 @@ impl From<libusb::Error> for Error {
 	}
 }
 
+/// Specifies the direction of the `HardwareWallet` i.e, whether it arrived or left
+#[derive(Debug, Copy, Clone)]
+pub enum DeviceDirection {
+    Arrived,
+    Left,
+}
+
+impl fmt::Display for DeviceDirection {
+	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+		match self {
+			DeviceDirection::Arrived => write!(f, "arrived"),
+			DeviceDirection::Left => write!(f, "left"),
+		}
+	}
+}
+
 /// Hardware wallet management interface.
 pub struct HardwareWalletManager {
 	exiting: Arc<AtomicBool>,
@@ -239,6 +256,17 @@ impl HardwareWalletManager {
 		}
 	}
 
+	/// Sign a message with the wallet (only supported by Ledger)
+	pub fn sign_message(&self, address: &Address, msg: &[u8]) -> Result<Signature, Error> {
+		if self.ledger.get_wallet(address).is_some() {
+			Ok(self.ledger.sign_message(address, msg)?)
+		} else if self.trezor.get_wallet(address).is_some() {
+			Err(Error::TrezorDevice(trezor::Error::NoSigningMessage))
+		} else {
+			Err(Error::KeyNotFound)
+		}
+	}
+
 	/// Sign transaction data with wallet managing `address`.
 	pub fn sign_transaction(&self, address: &Address, t_info: &TransactionInfo, encoded_transaction: &[u8]) -> Result<Signature, Error> {
 		if self.ledger.get_wallet(address).is_some() {
diff --git a/hw/src/trezor.rs b/hw/src/trezor.rs
index 21dcd9c9fd3..5df5cc373a5 100644
--- a/hw/src/trezor.rs
+++ b/hw/src/trezor.rs
@@ -19,23 +19,20 @@
 //! and https://github.com/trezor/trezor-common/blob/master/protob/protocol.md
 //! for protocol details.
 
-use super::{WalletInfo, TransactionInfo, KeyPath, Wallet, Device, USB_DEVICE_CLASS_DEVICE};
+use super::{DeviceDirection, WalletInfo, TransactionInfo, KeyPath, Wallet, Device, USB_DEVICE_CLASS_DEVICE, POLLING_DURATION};
 
 use std::cmp::{min, max};
-use std::fmt;
-use std::sync::{Arc, Weak};
-use std::sync::atomic;
-use std::sync::atomic::AtomicBool;
+use std::sync::{atomic, atomic::AtomicBool, Arc, Weak};
 use std::time::{Duration, Instant};
-use std::thread;
+use std::{fmt, thread};
 
 use ethereum_types::{U256, H256, Address};
 use ethkey::Signature;
 use hidapi;
 use libusb;
 use parking_lot::{Mutex, RwLock};
-use protobuf;
 use protobuf::{Message, ProtobufEnum};
+use protobuf;
 
 use trezor_sys::messages::{EthereumAddress, PinMatrixAck, MessageType, EthereumTxRequest, EthereumSignTx, EthereumGetAddress, EthereumTxAck, ButtonAck};
 
@@ -62,6 +59,12 @@ pub enum Error {
 	BadMessageType,
 	/// Trying to read from a closed device at the given path
 	LockedDevice(String),
+	/// Signing messages are not supported by Trezor
+	NoSigningMessage,
+	/// No device arrived
+	NoDeviceArrived,
+	/// No device left
+	NoDeviceLeft,
 }
 
 impl fmt::Display for Error {
@@ -73,6 +76,9 @@ impl fmt::Display for Error {
 			Error::UserCancel => write!(f, "Operation has been cancelled"),
 			Error::BadMessageType => write!(f, "Bad Message Type in RPC call"),
 			Error::LockedDevice(ref s) => write!(f, "Device is locked, needs PIN to perform operations: {}", s),
+			Error::NoSigningMessage=> write!(f, "Signing messages are not supported by Trezor"),
+			Error::NoDeviceArrived => write!(f, "No device arrived"),
+			Error::NoDeviceLeft=> write!(f, "No device left"),
 		}
 	}
 }
@@ -89,8 +95,8 @@ impl From<protobuf::ProtobufError> for Error {
 	}
 }
 
-/// Ledger device manager
-pub struct Manager {
+/// Trezor device manager
+pub (crate) struct Manager {
 	usb: Arc<Mutex<hidapi::HidApi>>,
 	devices: RwLock<Vec<Device>>,
 	locked_devices: RwLock<Vec<String>>,
@@ -127,12 +133,12 @@ impl Manager {
 		thread::Builder::new()
 			.name("hw_wallet_trezor".to_string())
 			.spawn(move || {
-				if let Err(e) = m.update_devices() {
+				if let Err(e) = m.update_devices(DeviceDirection::Arrived) {
 					debug!(target: "hw", "Trezor couldn't connect at startup, error: {}", e);
 				}
 				loop {
 					usb_context.handle_events(Some(Duration::from_millis(500)))
-							   .unwrap_or_else(|e| debug!(target: "hw", "Trezor event handler error: {}", e));
+						.unwrap_or_else(|e| debug!(target: "hw", "Trezor event handler error: {}", e));
 					if exiting.load(atomic::Ordering::Acquire) {
 						break;
 					}
@@ -160,7 +166,7 @@ impl Manager {
 
 			}
 		};
-		self.update_devices()?;
+		self.update_devices(DeviceDirection::Arrived)?;
 		unlocked
 	}
 
@@ -325,52 +331,57 @@ impl <'a>Wallet<'a> for Manager {
 		*self.key_path.write() = key_path;
 	}
 
-	fn update_devices(&self) -> Result<usize, Error> {
+	fn update_devices(&self, device_direction: DeviceDirection) -> Result<usize, Error> {
 		let mut usb = self.usb.lock();
 		usb.refresh_devices();
 		let devices = usb.devices();
-		let mut new_devices = Vec::new();
-		let mut locked_devices = Vec::new();
-		let mut error = None;
-		for usb_device in devices {
-			let is_trezor = usb_device.vendor_id == TREZOR_VID;
-			let is_supported_product = TREZOR_PIDS.contains(&usb_device.product_id);
-			let is_valid = usb_device.usage_page == 0xFF00 || usb_device.interface_number == 0;
-
-			trace!(
-				"Checking device: {:?}, trezor: {:?}, prod: {:?}, valid: {:?}",
-				usb_device,
-				is_trezor,
-				is_supported_product,
-				is_valid,
-			);
-			if !is_trezor || !is_supported_product || !is_valid {
-				continue;
+		let num_prev_devices = self.devices.read().len();
+
+		let detected_devices = devices.iter()
+			.filter(|&d| {
+				let is_trezor = d.vendor_id == TREZOR_VID;
+				let is_supported_product = TREZOR_PIDS.contains(&d.product_id);
+				let is_valid = d.usage_page == 0xFF00 || d.interface_number == 0;
+
+				is_trezor && is_supported_product && is_valid
+			})
+			.fold(Vec::new(), |mut v, d| {
+				match self.read_device(&usb, &d) {
+					Ok(info) => {
+						trace!(target: "hw", "Found device: {:?}", info);
+						v.push(info);
+					}
+					Err(e) => trace!(target: "hw", "Error reading device info: {}", e),
+				};
+				v
+			});
+		
+		let num_curr_devices = detected_devices.len();
+		*self.devices.write() = detected_devices;
+
+		match device_direction {
+			DeviceDirection::Arrived => {
+				if num_curr_devices > num_prev_devices {
+					Ok(num_curr_devices - num_prev_devices)
+				} else {
+					Err(Error::NoDeviceArrived)
+				}
 			}
-			match self.read_device(&usb, &usb_device) {
-				Ok(device) => new_devices.push(device),
-				Err(Error::LockedDevice(path)) => locked_devices.push(path.to_string()),
-				Err(e) => {
-					warn!("Error reading device: {:?}", e);
-					error = Some(e);
+			DeviceDirection::Left => {
+				if num_prev_devices > num_curr_devices {
+					Ok(num_prev_devices- num_curr_devices)
+				} else {
+					Err(Error::NoDeviceLeft)
 				}
 			}
 		}
-		let count = new_devices.len();
-		trace!("Got devices: {:?}, closed: {:?}", new_devices, locked_devices);
-		*self.devices.write() = new_devices;
-		*self.locked_devices.write() = locked_devices;
-		match error {
-			Some(e) => Err(e),
-			None => Ok(count),
-		}
 	}
 
 	fn read_device(&self, usb: &hidapi::HidApi, dev_info: &hidapi::HidDeviceInfo) -> Result<Device, Error> {
 		let handle = self.open_path(|| usb.open_path(&dev_info.path))?;
-		let manufacturer = dev_info.manufacturer_string.clone().unwrap_or("Unknown".to_owned());
-		let name = dev_info.product_string.clone().unwrap_or("Unknown".to_owned());
-		let serial = dev_info.serial_number.clone().unwrap_or("Unknown".to_owned());
+		let manufacturer = dev_info.manufacturer_string.clone().unwrap_or_else(|| "Unknown".to_owned());
+		let name = dev_info.product_string.clone().unwrap_or_else(|| "Unknown".to_owned());
+		let serial = dev_info.serial_number.clone().unwrap_or_else(|| "Unknown".to_owned());
 		match self.get_address(&handle) {
 			Ok(Some(addr)) => {
 				Ok(Device {
@@ -428,10 +439,11 @@ impl <'a>Wallet<'a> for Manager {
 }
 
 // Try to connect to the device using polling in at most the time specified by the `timeout`
-fn try_connect_polling(trezor: Arc<Manager>, duration: Duration) -> bool {
+fn try_connect_polling(trezor: Arc<Manager>, duration: &Duration, dir: DeviceDirection) -> bool {
 	let start_time = Instant::now();
-	while start_time.elapsed() <= duration {
-		if let Ok(_) = trezor.update_devices() {
+	while start_time.elapsed() <= *duration {
+		if let Ok(num_devices) = trezor.update_devices(dir) {
+			trace!(target: "hw", "{} Trezor devices {}", num_devices, dir);
 			return true
 		}
 	}
@@ -458,8 +470,8 @@ impl libusb::Hotplug for EventHandler {
 	fn device_arrived(&mut self, _device: libusb::Device) {
 		debug!(target: "hw", "Trezor V1 arrived");
 		if let Some(trezor) = self.trezor.upgrade() {
-			if try_connect_polling(trezor, Duration::from_millis(500)) != true {
-				debug!(target: "hw", "Ledger connect timeout");
+			if try_connect_polling(trezor, &POLLING_DURATION, DeviceDirection::Arrived) != true {
+				trace!(target: "hw", "No Trezor connected");
 			}
 		}
 	}
@@ -467,8 +479,8 @@ impl libusb::Hotplug for EventHandler {
 	fn device_left(&mut self, _device: libusb::Device) {
 		debug!(target: "hw", "Trezor V1 left");
 		if let Some(trezor) = self.trezor.upgrade() {
-			if try_connect_polling(trezor, Duration::from_millis(500)) != true {
-				debug!(target: "hw", "Ledger disconnect timeout");
+			if try_connect_polling(trezor, &POLLING_DURATION, DeviceDirection::Left) != true {
+				trace!(target: "hw", "No Trezor disconnected");
 			}
 		}
 	}
@@ -481,11 +493,14 @@ impl libusb::Hotplug for EventHandler {
 fn test_signature() {
 	use ethereum_types::{H160, H256, U256};
 
-	let hidapi = Arc::new(Mutex::new(hidapi::HidApi::new().unwrap()));
-	let manager = Manager::new(hidapi.clone(), Arc::new(AtomicBool::new(false))).unwrap();
+	let manager = Manager::new(
+		Arc::new(Mutex::new(hidapi::HidApi::new().expect("HidApi"))),
+		Arc::new(AtomicBool::new(false))
+	).expect("HardwareWalletManager");
+	
 	let addr: Address = H160::from("some_addr");
 
-	assert_eq!(try_connect_polling(manager.clone(), Duration::from_millis(500)), true);
+	assert_eq!(try_connect_polling(manager.clone(), &POLLING_DURATION, DeviceDirection::Arrived), true);
 
 	let t_info = TransactionInfo {
 		nonce: U256::from(1),
diff --git a/ipfs/Cargo.toml b/ipfs/Cargo.toml
index 9c7b5f3b003..5a72048134c 100644
--- a/ipfs/Cargo.toml
+++ b/ipfs/Cargo.toml
@@ -15,3 +15,6 @@ rlp = { path = "../util/rlp" }
 cid = "0.2"
 multihash = "0.7"
 unicase = "2.0"
+
+[dev-dependencies]
+ethcore = { path = "../ethcore", features = ["test-helpers"] }
diff --git a/local-store/Cargo.toml b/local-store/Cargo.toml
index 6d09eb76f69..d2c3469ca40 100644
--- a/local-store/Cargo.toml
+++ b/local-store/Cargo.toml
@@ -16,5 +16,6 @@ serde_derive = "1.0"
 serde_json = "1.0"
 
 [dev-dependencies]
+ethcore = { path = "../ethcore", features = ["test-helpers"] }
 ethkey = { path = "../ethkey" }
 kvdb-memorydb = { path = "../util/kvdb-memorydb" }
diff --git a/mac/Parity Ethereum.xcodeproj/project.pbxproj b/mac/Parity Ethereum.xcodeproj/project.pbxproj
deleted file mode 100644
index 2e41be6377e..00000000000
--- a/mac/Parity Ethereum.xcodeproj/project.pbxproj	
+++ /dev/null
@@ -1,333 +0,0 @@
-// !$*UTF8*$!
-{
-	archiveVersion = 1;
-	classes = {
-	};
-	objectVersion = 46;
-	objects = {
-
-/* Begin PBXBuildFile section */
-		0A7A475D1E3D2CDD0093D1AB /* parity in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0A7A475C1E3D2CDD0093D1AB /* parity */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; };
-		0ACF9AC21E30FAB600D5C935 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0ACF9AC11E30FAB600D5C935 /* AppDelegate.swift */; };
-		0ACF9AC41E30FAB600D5C935 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 0ACF9AC31E30FAB600D5C935 /* Assets.xcassets */; };
-		0ACF9AC71E30FAB600D5C935 /* MainMenu.xib in Resources */ = {isa = PBXBuildFile; fileRef = 0ACF9AC51E30FAB600D5C935 /* MainMenu.xib */; };
-		0AE564F11E3CE42C00BD01F7 /* GetBSDProcessList.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0AE564F01E3CE42C00BD01F7 /* GetBSDProcessList.swift */; };
-		0AED4DA01E3E22F800BF87C0 /* ethstore in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0AED4D9F1E3E22F800BF87C0 /* ethstore */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; };
-		84CF92B3200E559900AD6E78 /* parity-evm in CopyFiles */ = {isa = PBXBuildFile; fileRef = 84CF92B2200E559900AD6E78 /* parity-evm */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; };
-		84CF92B6200E56AE00AD6E78 /* ethkey in CopyFiles */ = {isa = PBXBuildFile; fileRef = 84CF92B5200E56AE00AD6E78 /* ethkey */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; };
-/* End PBXBuildFile section */
-
-/* Begin PBXCopyFilesBuildPhase section */
-		0A7A475B1E3D2C800093D1AB /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = "";
-			dstSubfolderSpec = 6;
-			files = (
-				84CF92B6200E56AE00AD6E78 /* ethkey in CopyFiles */,
-				84CF92B3200E559900AD6E78 /* parity-evm in CopyFiles */,
-				0AED4DA01E3E22F800BF87C0 /* ethstore in CopyFiles */,
-				0A7A475D1E3D2CDD0093D1AB /* parity in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-/* End PBXCopyFilesBuildPhase section */
-
-/* Begin PBXFileReference section */
-		0A7A475C1E3D2CDD0093D1AB /* parity */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.executable"; name = parity; path = ../target/release/parity; sourceTree = "<group>"; };
-		0ACF9ABE1E30FAB600D5C935 /* Parity Ethereum.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "Parity Ethereum.app"; sourceTree = BUILT_PRODUCTS_DIR; };
-		0ACF9AC11E30FAB600D5C935 /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = "<group>"; };
-		0ACF9AC31E30FAB600D5C935 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; };
-		0ACF9AC61E30FAB600D5C935 /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.xib; name = Base; path = Base.lproj/MainMenu.xib; sourceTree = "<group>"; };
-		0ACF9AC81E30FAB600D5C935 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
-		0AE564F01E3CE42C00BD01F7 /* GetBSDProcessList.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = GetBSDProcessList.swift; sourceTree = "<group>"; };
-		0AED4D9F1E3E22F800BF87C0 /* ethstore */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.executable"; name = ethstore; path = ../target/release/ethstore; sourceTree = "<group>"; };
-		84CF92B2200E559900AD6E78 /* parity-evm */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.executable"; name = "parity-evm"; path = "../target/release/parity-evm"; sourceTree = "<group>"; };
-		84CF92B5200E56AE00AD6E78 /* ethkey */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.executable"; name = ethkey; path = ../target/release/ethkey; sourceTree = "<group>"; };
-/* End PBXFileReference section */
-
-/* Begin PBXFrameworksBuildPhase section */
-		0ACF9ABB1E30FAB600D5C935 /* Frameworks */ = {
-			isa = PBXFrameworksBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-/* End PBXFrameworksBuildPhase section */
-
-/* Begin PBXGroup section */
-		0ACF9AB51E30FAB600D5C935 = {
-			isa = PBXGroup;
-			children = (
-				84CF92B5200E56AE00AD6E78 /* ethkey */,
-				84CF92B2200E559900AD6E78 /* parity-evm */,
-				0AED4D9F1E3E22F800BF87C0 /* ethstore */,
-				0A7A475C1E3D2CDD0093D1AB /* parity */,
-				0ACF9AC01E30FAB600D5C935 /* Parity Ethereum */,
-				0ACF9ABF1E30FAB600D5C935 /* Products */,
-			);
-			sourceTree = "<group>";
-		};
-		0ACF9ABF1E30FAB600D5C935 /* Products */ = {
-			isa = PBXGroup;
-			children = (
-				0ACF9ABE1E30FAB600D5C935 /* Parity Ethereum.app */,
-			);
-			name = Products;
-			sourceTree = "<group>";
-		};
-		0ACF9AC01E30FAB600D5C935 /* Parity Ethereum */ = {
-			isa = PBXGroup;
-			children = (
-				0ACF9AC11E30FAB600D5C935 /* AppDelegate.swift */,
-				0ACF9AC31E30FAB600D5C935 /* Assets.xcassets */,
-				0ACF9AC51E30FAB600D5C935 /* MainMenu.xib */,
-				0ACF9AC81E30FAB600D5C935 /* Info.plist */,
-				0AE564F01E3CE42C00BD01F7 /* GetBSDProcessList.swift */,
-			);
-			name = "Parity Ethereum";
-			path = Parity;
-			sourceTree = "<group>";
-		};
-/* End PBXGroup section */
-
-/* Begin PBXNativeTarget section */
-		0ACF9ABD1E30FAB600D5C935 /* Parity Ethereum */ = {
-			isa = PBXNativeTarget;
-			buildConfigurationList = 0ACF9ACB1E30FAB600D5C935 /* Build configuration list for PBXNativeTarget "Parity Ethereum" */;
-			buildPhases = (
-				0ACF9ABA1E30FAB600D5C935 /* Sources */,
-				0ACF9ABB1E30FAB600D5C935 /* Frameworks */,
-				0ACF9ABC1E30FAB600D5C935 /* Resources */,
-				0A7A475B1E3D2C800093D1AB /* CopyFiles */,
-			);
-			buildRules = (
-			);
-			dependencies = (
-			);
-			name = "Parity Ethereum";
-			productName = Parity;
-			productReference = 0ACF9ABE1E30FAB600D5C935 /* Parity Ethereum.app */;
-			productType = "com.apple.product-type.application";
-		};
-/* End PBXNativeTarget section */
-
-/* Begin PBXProject section */
-		0ACF9AB61E30FAB600D5C935 /* Project object */ = {
-			isa = PBXProject;
-			attributes = {
-				LastSwiftUpdateCheck = 0800;
-				LastUpgradeCheck = 0820;
-				ORGANIZATIONNAME = "Parity Technologies";
-				TargetAttributes = {
-					0ACF9ABD1E30FAB600D5C935 = {
-						CreatedOnToolsVersion = 8.0;
-						DevelopmentTeam = P2PX3JU8FT;
-						ProvisioningStyle = Manual;
-					};
-				};
-			};
-			buildConfigurationList = 0ACF9AB91E30FAB600D5C935 /* Build configuration list for PBXProject "Parity Ethereum" */;
-			compatibilityVersion = "Xcode 3.2";
-			developmentRegion = English;
-			hasScannedForEncodings = 0;
-			knownRegions = (
-				en,
-				Base,
-			);
-			mainGroup = 0ACF9AB51E30FAB600D5C935;
-			productRefGroup = 0ACF9ABF1E30FAB600D5C935 /* Products */;
-			projectDirPath = "";
-			projectRoot = "";
-			targets = (
-				0ACF9ABD1E30FAB600D5C935 /* Parity Ethereum */,
-			);
-		};
-/* End PBXProject section */
-
-/* Begin PBXResourcesBuildPhase section */
-		0ACF9ABC1E30FAB600D5C935 /* Resources */ = {
-			isa = PBXResourcesBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-				0ACF9AC41E30FAB600D5C935 /* Assets.xcassets in Resources */,
-				0ACF9AC71E30FAB600D5C935 /* MainMenu.xib in Resources */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-/* End PBXResourcesBuildPhase section */
-
-/* Begin PBXSourcesBuildPhase section */
-		0ACF9ABA1E30FAB600D5C935 /* Sources */ = {
-			isa = PBXSourcesBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-				0AE564F11E3CE42C00BD01F7 /* GetBSDProcessList.swift in Sources */,
-				0ACF9AC21E30FAB600D5C935 /* AppDelegate.swift in Sources */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-/* End PBXSourcesBuildPhase section */
-
-/* Begin PBXVariantGroup section */
-		0ACF9AC51E30FAB600D5C935 /* MainMenu.xib */ = {
-			isa = PBXVariantGroup;
-			children = (
-				0ACF9AC61E30FAB600D5C935 /* Base */,
-			);
-			name = MainMenu.xib;
-			sourceTree = "<group>";
-		};
-/* End PBXVariantGroup section */
-
-/* Begin XCBuildConfiguration section */
-		0ACF9AC91E30FAB600D5C935 /* Debug */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				ALWAYS_SEARCH_USER_PATHS = NO;
-				CLANG_ANALYZER_NONNULL = YES;
-				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
-				CLANG_CXX_LIBRARY = "libc++";
-				CLANG_ENABLE_MODULES = YES;
-				CLANG_ENABLE_OBJC_ARC = YES;
-				CLANG_WARN_BOOL_CONVERSION = YES;
-				CLANG_WARN_CONSTANT_CONVERSION = YES;
-				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
-				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
-				CLANG_WARN_EMPTY_BODY = YES;
-				CLANG_WARN_ENUM_CONVERSION = YES;
-				CLANG_WARN_INFINITE_RECURSION = YES;
-				CLANG_WARN_INT_CONVERSION = YES;
-				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
-				CLANG_WARN_SUSPICIOUS_MOVE = YES;
-				CLANG_WARN_SUSPICIOUS_MOVES = YES;
-				CLANG_WARN_UNREACHABLE_CODE = YES;
-				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
-				CODE_SIGN_IDENTITY = "-";
-				COPY_PHASE_STRIP = NO;
-				DEBUG_INFORMATION_FORMAT = dwarf;
-				ENABLE_STRICT_OBJC_MSGSEND = YES;
-				ENABLE_TESTABILITY = YES;
-				GCC_C_LANGUAGE_STANDARD = gnu99;
-				GCC_DYNAMIC_NO_PIC = NO;
-				GCC_NO_COMMON_BLOCKS = YES;
-				GCC_OPTIMIZATION_LEVEL = 0;
-				GCC_PREPROCESSOR_DEFINITIONS = (
-					"DEBUG=1",
-					"$(inherited)",
-				);
-				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
-				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
-				GCC_WARN_UNDECLARED_SELECTOR = YES;
-				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
-				GCC_WARN_UNUSED_FUNCTION = YES;
-				GCC_WARN_UNUSED_VARIABLE = YES;
-				MACOSX_DEPLOYMENT_TARGET = 10.12;
-				MTL_ENABLE_DEBUG_INFO = YES;
-				ONLY_ACTIVE_ARCH = YES;
-				SDKROOT = macosx;
-				SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
-				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
-			};
-			name = Debug;
-		};
-		0ACF9ACA1E30FAB600D5C935 /* Release */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				ALWAYS_SEARCH_USER_PATHS = NO;
-				CLANG_ANALYZER_NONNULL = YES;
-				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
-				CLANG_CXX_LIBRARY = "libc++";
-				CLANG_ENABLE_MODULES = YES;
-				CLANG_ENABLE_OBJC_ARC = YES;
-				CLANG_WARN_BOOL_CONVERSION = YES;
-				CLANG_WARN_CONSTANT_CONVERSION = YES;
-				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
-				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
-				CLANG_WARN_EMPTY_BODY = YES;
-				CLANG_WARN_ENUM_CONVERSION = YES;
-				CLANG_WARN_INFINITE_RECURSION = YES;
-				CLANG_WARN_INT_CONVERSION = YES;
-				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
-				CLANG_WARN_SUSPICIOUS_MOVE = YES;
-				CLANG_WARN_SUSPICIOUS_MOVES = YES;
-				CLANG_WARN_UNREACHABLE_CODE = YES;
-				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
-				CODE_SIGN_IDENTITY = "-";
-				COPY_PHASE_STRIP = NO;
-				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
-				ENABLE_NS_ASSERTIONS = NO;
-				ENABLE_STRICT_OBJC_MSGSEND = YES;
-				GCC_C_LANGUAGE_STANDARD = gnu99;
-				GCC_NO_COMMON_BLOCKS = YES;
-				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
-				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
-				GCC_WARN_UNDECLARED_SELECTOR = YES;
-				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
-				GCC_WARN_UNUSED_FUNCTION = YES;
-				GCC_WARN_UNUSED_VARIABLE = YES;
-				MACOSX_DEPLOYMENT_TARGET = 10.12;
-				MTL_ENABLE_DEBUG_INFO = NO;
-				SDKROOT = macosx;
-				SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule";
-			};
-			name = Release;
-		};
-		0ACF9ACC1E30FAB600D5C935 /* Debug */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
-				CODE_SIGN_IDENTITY = "Mac Developer";
-				COMBINE_HIDPI_IMAGES = YES;
-				DEVELOPMENT_TEAM = P2PX3JU8FT;
-				GCC_WARN_ABOUT_DEPRECATED_FUNCTIONS = NO;
-				INFOPLIST_FILE = Parity/Info.plist;
-				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks";
-				PRODUCT_BUNDLE_IDENTIFIER = io.parity.ethereum;
-				PRODUCT_NAME = "$(TARGET_NAME)";
-				SWIFT_VERSION = 3.0;
-			};
-			name = Debug;
-		};
-		0ACF9ACD1E30FAB600D5C935 /* Release */ = {
-			isa = XCBuildConfiguration;
-			buildSettings = {
-				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
-				CODE_SIGN_IDENTITY = "Developer ID Application";
-				COMBINE_HIDPI_IMAGES = YES;
-				DEVELOPMENT_TEAM = P2PX3JU8FT;
-				GCC_WARN_ABOUT_DEPRECATED_FUNCTIONS = NO;
-				INFOPLIST_FILE = Parity/Info.plist;
-				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/../Frameworks";
-				PRODUCT_BUNDLE_IDENTIFIER = io.parity.ethereum;
-				PRODUCT_NAME = "$(TARGET_NAME)";
-				SWIFT_VERSION = 3.0;
-			};
-			name = Release;
-		};
-/* End XCBuildConfiguration section */
-
-/* Begin XCConfigurationList section */
-		0ACF9AB91E30FAB600D5C935 /* Build configuration list for PBXProject "Parity Ethereum" */ = {
-			isa = XCConfigurationList;
-			buildConfigurations = (
-				0ACF9AC91E30FAB600D5C935 /* Debug */,
-				0ACF9ACA1E30FAB600D5C935 /* Release */,
-			);
-			defaultConfigurationIsVisible = 0;
-			defaultConfigurationName = Release;
-		};
-		0ACF9ACB1E30FAB600D5C935 /* Build configuration list for PBXNativeTarget "Parity Ethereum" */ = {
-			isa = XCConfigurationList;
-			buildConfigurations = (
-				0ACF9ACC1E30FAB600D5C935 /* Debug */,
-				0ACF9ACD1E30FAB600D5C935 /* Release */,
-			);
-			defaultConfigurationIsVisible = 0;
-			defaultConfigurationName = Release;
-		};
-/* End XCConfigurationList section */
-	};
-	rootObject = 0ACF9AB61E30FAB600D5C935 /* Project object */;
-}
diff --git a/mac/Parity Ethereum.xcodeproj/project.xcworkspace/contents.xcworkspacedata b/mac/Parity Ethereum.xcodeproj/project.xcworkspace/contents.xcworkspacedata
deleted file mode 100644
index 8297038e3bb..00000000000
--- a/mac/Parity Ethereum.xcodeproj/project.xcworkspace/contents.xcworkspacedata	
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<Workspace
-   version = "1.0">
-   <FileRef
-      location = "self:/Users/arkady/src/rust/parity/mac/Parity/Parity Ethereum.xcodeproj">
-   </FileRef>
-</Workspace>
diff --git a/mac/Parity.pkgproj b/mac/Parity.pkgproj
deleted file mode 100755
index 36b8921ee2f..00000000000
--- a/mac/Parity.pkgproj
+++ /dev/null
@@ -1,810 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>PACKAGES</key>
-	<array>
-		<dict>
-			<key>PACKAGE_FILES</key>
-			<dict>
-				<key>DEFAULT_INSTALL_LOCATION</key>
-				<string>/</string>
-				<key>HIERARCHY</key>
-				<dict>
-					<key>CHILDREN</key>
-					<array>
-						<dict>
-							<key>CHILDREN</key>
-							<array>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>80</integer>
-									<key>PATH</key>
-									<string>build/release/Parity Ethereum.app</string>
-									<key>PATH_TYPE</key>
-									<integer>3</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>3</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-							</array>
-							<key>GID</key>
-							<integer>80</integer>
-							<key>PATH</key>
-							<string>Applications</string>
-							<key>PATH_TYPE</key>
-							<integer>0</integer>
-							<key>PERMISSIONS</key>
-							<integer>509</integer>
-							<key>TYPE</key>
-							<integer>1</integer>
-							<key>UID</key>
-							<integer>0</integer>
-						</dict>
-						<dict>
-							<key>CHILDREN</key>
-							<array>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>80</integer>
-									<key>PATH</key>
-									<string>Application Support</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Automator</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Documentation</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Extensions</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Filesystems</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Frameworks</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Input Methods</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Internet Plug-Ins</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>LaunchAgents</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>LaunchDaemons</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>PreferencePanes</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Preferences</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>80</integer>
-									<key>PATH</key>
-									<string>Printers</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>PrivilegedHelperTools</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>QuickLook</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>QuickTime</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Screen Savers</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Scripts</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Services</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Widgets</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>493</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-							</array>
-							<key>GID</key>
-							<integer>0</integer>
-							<key>PATH</key>
-							<string>Library</string>
-							<key>PATH_TYPE</key>
-							<integer>0</integer>
-							<key>PERMISSIONS</key>
-							<integer>493</integer>
-							<key>TYPE</key>
-							<integer>1</integer>
-							<key>UID</key>
-							<integer>0</integer>
-						</dict>
-						<dict>
-							<key>CHILDREN</key>
-							<array>
-								<dict>
-									<key>CHILDREN</key>
-									<array/>
-									<key>GID</key>
-									<integer>0</integer>
-									<key>PATH</key>
-									<string>Shared</string>
-									<key>PATH_TYPE</key>
-									<integer>0</integer>
-									<key>PERMISSIONS</key>
-									<integer>1023</integer>
-									<key>TYPE</key>
-									<integer>1</integer>
-									<key>UID</key>
-									<integer>0</integer>
-								</dict>
-							</array>
-							<key>GID</key>
-							<integer>80</integer>
-							<key>PATH</key>
-							<string>Users</string>
-							<key>PATH_TYPE</key>
-							<integer>0</integer>
-							<key>PERMISSIONS</key>
-							<integer>493</integer>
-							<key>TYPE</key>
-							<integer>1</integer>
-							<key>UID</key>
-							<integer>0</integer>
-						</dict>
-					</array>
-					<key>GID</key>
-					<integer>0</integer>
-					<key>PATH</key>
-					<string>/</string>
-					<key>PATH_TYPE</key>
-					<integer>0</integer>
-					<key>PERMISSIONS</key>
-					<integer>493</integer>
-					<key>TYPE</key>
-					<integer>1</integer>
-					<key>UID</key>
-					<integer>0</integer>
-				</dict>
-				<key>PAYLOAD_TYPE</key>
-				<integer>0</integer>
-				<key>SPLIT_FORKS</key>
-				<true/>
-				<key>VERSION</key>
-				<integer>4</integer>
-			</dict>
-			<key>PACKAGE_SCRIPTS</key>
-			<dict>
-				<key>POSTINSTALL_PATH</key>
-				<dict>
-					<key>PATH</key>
-					<string>post-install.sh</string>
-					<key>PATH_TYPE</key>
-					<integer>3</integer>
-				</dict>
-				<key>RESOURCES</key>
-				<array/>
-			</dict>
-			<key>PACKAGE_SETTINGS</key>
-			<dict>
-				<key>AUTHENTICATION</key>
-				<true/>
-				<key>CONCLUSION_ACTION</key>
-				<integer>0</integer>
-				<key>IDENTIFIER</key>
-				<string>io.parity.ethereum</string>
-				<key>NAME</key>
-				<string>Parity</string>
-				<key>OVERWRITE_PERMISSIONS</key>
-				<false/>
-				<key>VERSION</key>
-				<string>1.12.0</string>
-			</dict>
-			<key>UUID</key>
-			<string>2DCD5B81-7BAF-4DA1-9251-6274B089FD36</string>
-		</dict>
-	</array>
-	<key>PROJECT</key>
-	<dict>
-		<key>PROJECT_COMMENTS</key>
-		<dict>
-			<key>NOTES</key>
-			<data>
-			PCFET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBIVE1M
-			IDQuMDEvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIvaHRtbDQv
-			c3RyaWN0LmR0ZCI+CjxodG1sPgo8aGVhZD4KPG1ldGEgaHR0cC1l
-			cXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7
-			IGNoYXJzZXQ9VVRGLTgiPgo8bWV0YSBodHRwLWVxdWl2PSJDb250
-			ZW50LVN0eWxlLVR5cGUiIGNvbnRlbnQ9InRleHQvY3NzIj4KPHRp
-			dGxlPjwvdGl0bGU+CjxtZXRhIG5hbWU9IkdlbmVyYXRvciIgY29u
-			dGVudD0iQ29jb2EgSFRNTCBXcml0ZXIiPgo8bWV0YSBuYW1lPSJD
-			b2NvYVZlcnNpb24iIGNvbnRlbnQ9IjE0MDQuNDciPgo8c3R5bGUg
-			dHlwZT0idGV4dC9jc3MiPgo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5
-			Pgo8L2JvZHk+CjwvaHRtbD4K
-			</data>
-		</dict>
-		<key>PROJECT_PRESENTATION</key>
-		<dict>
-			<key>INSTALLATION_STEPS</key>
-			<array>
-				<dict>
-					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
-					<string>ICPresentationViewIntroductionController</string>
-					<key>INSTALLER_PLUGIN</key>
-					<string>Introduction</string>
-					<key>LIST_TITLE_KEY</key>
-					<string>InstallerSectionTitle</string>
-				</dict>
-				<dict>
-					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
-					<string>ICPresentationViewReadMeController</string>
-					<key>INSTALLER_PLUGIN</key>
-					<string>ReadMe</string>
-					<key>LIST_TITLE_KEY</key>
-					<string>InstallerSectionTitle</string>
-				</dict>
-				<dict>
-					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
-					<string>ICPresentationViewLicenseController</string>
-					<key>INSTALLER_PLUGIN</key>
-					<string>License</string>
-					<key>LIST_TITLE_KEY</key>
-					<string>InstallerSectionTitle</string>
-				</dict>
-				<dict>
-					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
-					<string>ICPresentationViewDestinationSelectController</string>
-					<key>INSTALLER_PLUGIN</key>
-					<string>TargetSelect</string>
-					<key>LIST_TITLE_KEY</key>
-					<string>InstallerSectionTitle</string>
-				</dict>
-				<dict>
-					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
-					<string>ICPresentationViewInstallationTypeController</string>
-					<key>INSTALLER_PLUGIN</key>
-					<string>PackageSelection</string>
-					<key>LIST_TITLE_KEY</key>
-					<string>InstallerSectionTitle</string>
-				</dict>
-				<dict>
-					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
-					<string>ICPresentationViewInstallationController</string>
-					<key>INSTALLER_PLUGIN</key>
-					<string>Install</string>
-					<key>LIST_TITLE_KEY</key>
-					<string>InstallerSectionTitle</string>
-				</dict>
-				<dict>
-					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
-					<string>ICPresentationViewSummaryController</string>
-					<key>INSTALLER_PLUGIN</key>
-					<string>Summary</string>
-					<key>LIST_TITLE_KEY</key>
-					<string>InstallerSectionTitle</string>
-				</dict>
-			</array>
-			<key>INTRODUCTION</key>
-			<dict>
-				<key>LOCALIZATIONS</key>
-				<array/>
-			</dict>
-			<key>LICENSE</key>
-			<dict>
-				<key>KEYWORDS</key>
-				<dict/>
-				<key>LOCALIZATIONS</key>
-				<array>
-					<dict>
-						<key>LANGUAGE</key>
-						<string>English</string>
-						<key>VALUE</key>
-						<dict>
-							<key>PATH</key>
-							<string>install-licence.txt</string>
-							<key>PATH_TYPE</key>
-							<integer>3</integer>
-						</dict>
-					</dict>
-				</array>
-				<key>MODE</key>
-				<integer>0</integer>
-			</dict>
-			<key>README</key>
-			<dict>
-				<key>LOCALIZATIONS</key>
-				<array>
-					<dict>
-						<key>LANGUAGE</key>
-						<string>English</string>
-						<key>VALUE</key>
-						<dict>
-							<key>PATH</key>
-							<string>install-readme.txt</string>
-							<key>PATH_TYPE</key>
-							<integer>3</integer>
-						</dict>
-					</dict>
-				</array>
-			</dict>
-			<key>TITLE</key>
-			<dict>
-				<key>LOCALIZATIONS</key>
-				<array>
-					<dict>
-						<key>LANGUAGE</key>
-						<string>English</string>
-						<key>VALUE</key>
-						<string>Parity</string>
-					</dict>
-				</array>
-			</dict>
-		</dict>
-		<key>PROJECT_REQUIREMENTS</key>
-		<dict>
-			<key>LIST</key>
-			<array/>
-			<key>POSTINSTALL_PATH</key>
-			<dict/>
-			<key>PREINSTALL_PATH</key>
-			<dict/>
-			<key>RESOURCES</key>
-			<array/>
-			<key>ROOT_VOLUME_ONLY</key>
-			<false/>
-		</dict>
-		<key>PROJECT_SETTINGS</key>
-		<dict>
-			<key>ADVANCED_OPTIONS</key>
-			<dict/>
-			<key>BUILD_FORMAT</key>
-			<integer>0</integer>
-			<key>BUILD_PATH</key>
-			<dict>
-				<key>PATH</key>
-				<string>../target/release</string>
-				<key>PATH_TYPE</key>
-				<integer>1</integer>
-			</dict>
-			<key>EXCLUDED_FILES</key>
-			<array>
-				<dict>
-					<key>PATTERNS_ARRAY</key>
-					<array>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>.DS_Store</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-					</array>
-					<key>PROTECTED</key>
-					<true/>
-					<key>PROXY_NAME</key>
-					<string>Remove .DS_Store files</string>
-					<key>PROXY_TOOLTIP</key>
-					<string>Remove ".DS_Store" files created by the Finder.</string>
-					<key>STATE</key>
-					<true/>
-				</dict>
-				<dict>
-					<key>PATTERNS_ARRAY</key>
-					<array>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>.pbdevelopment</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-					</array>
-					<key>PROTECTED</key>
-					<true/>
-					<key>PROXY_NAME</key>
-					<string>Remove .pbdevelopment files</string>
-					<key>PROXY_TOOLTIP</key>
-					<string>Remove ".pbdevelopment" files created by ProjectBuilder or Xcode.</string>
-					<key>STATE</key>
-					<true/>
-				</dict>
-				<dict>
-					<key>PATTERNS_ARRAY</key>
-					<array>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>CVS</string>
-							<key>TYPE</key>
-							<integer>1</integer>
-						</dict>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>.cvsignore</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>.cvspass</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>.svn</string>
-							<key>TYPE</key>
-							<integer>1</integer>
-						</dict>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>.git</string>
-							<key>TYPE</key>
-							<integer>1</integer>
-						</dict>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>.gitignore</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-					</array>
-					<key>PROTECTED</key>
-					<true/>
-					<key>PROXY_NAME</key>
-					<string>Remove SCM metadata</string>
-					<key>PROXY_TOOLTIP</key>
-					<string>Remove helper files and folders used by the CVS, SVN or Git Source Code Management systems.</string>
-					<key>STATE</key>
-					<true/>
-				</dict>
-				<dict>
-					<key>PATTERNS_ARRAY</key>
-					<array>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>classes.nib</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>designable.db</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>info.nib</string>
-							<key>TYPE</key>
-							<integer>0</integer>
-						</dict>
-					</array>
-					<key>PROTECTED</key>
-					<true/>
-					<key>PROXY_NAME</key>
-					<string>Optimize nib files</string>
-					<key>PROXY_TOOLTIP</key>
-					<string>Remove "classes.nib", "info.nib" and "designable.nib" files within .nib bundles.</string>
-					<key>STATE</key>
-					<true/>
-				</dict>
-				<dict>
-					<key>PATTERNS_ARRAY</key>
-					<array>
-						<dict>
-							<key>REGULAR_EXPRESSION</key>
-							<false/>
-							<key>STRING</key>
-							<string>Resources Disabled</string>
-							<key>TYPE</key>
-							<integer>1</integer>
-						</dict>
-					</array>
-					<key>PROTECTED</key>
-					<true/>
-					<key>PROXY_NAME</key>
-					<string>Remove Resources Disabled folders</string>
-					<key>PROXY_TOOLTIP</key>
-					<string>Remove "Resources Disabled" folders.</string>
-					<key>STATE</key>
-					<true/>
-				</dict>
-				<dict>
-					<key>SEPARATOR</key>
-					<true/>
-				</dict>
-			</array>
-			<key>NAME</key>
-			<string>Parity Ethereum</string>
-		</dict>
-	</dict>
-	<key>TYPE</key>
-	<integer>0</integer>
-	<key>VERSION</key>
-	<integer>2</integer>
-</dict>
-</plist>
diff --git a/mac/Parity/AppDelegate.swift b/mac/Parity/AppDelegate.swift
deleted file mode 100644
index d65c1d601fa..00000000000
--- a/mac/Parity/AppDelegate.swift
+++ /dev/null
@@ -1,223 +0,0 @@
-// Copyright 2015-2018 Parity Technologies (UK) Ltd.
-// This file is part of Parity.
-
-// Parity is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-
-// Parity is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-
-// You should have received a copy of the GNU General Public License
-// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
-
-import Cocoa
-
-@NSApplicationMain
-@available(macOS, deprecated: 10.11)
-
-class AppDelegate: NSObject, NSApplicationDelegate {
-	@IBOutlet weak var statusMenu: NSMenu!
-	@IBOutlet weak var startAtLogonMenuItem: NSMenuItem!
-
-	let statusItem = NSStatusBar.system().statusItem(withLength: NSVariableStatusItemLength)
-	var parityPid: Int32? = nil
-	var commandLine: [String] = []
-	let defaultDefaults = "{\"fat_db\":false,\"mode\":\"passive\",\"mode.alarm\":3600,\"mode.timeout\":300,\"pruning\":\"fast\",\"tracing\":false}"
-
-	func menuAppPath() -> String {
-		return Bundle.main.executablePath!
-	}
-
-	func parityPath() -> String {
-		return Bundle.main.bundlePath + "/Contents/MacOS/parity"
-	}
-
-	func isAlreadyRunning() -> Bool {
-		return NSRunningApplication.runningApplications(withBundleIdentifier: Bundle.main.bundleIdentifier!).count > 1
-
-	}
-
-	func isParityRunning() -> Bool {
-		if let pid = self.parityPid {
-			return kill(pid, 0) == 0
-		}
-		return false
-	}
-
-	func killParity() {
-		if let pid = self.parityPid {
-			kill(pid, SIGKILL)
-		}
-	}
-
-	func openUI() {
-		let parity = Process()
-		parity.launchPath = self.parityPath()
-		parity.arguments = self.commandLine
-		parity.arguments!.append("ui")
-		parity.launch()
-	}
-
-	func writeConfigFiles() {
-		let basePath = FileManager.default.urls(for: .applicationSupportDirectory, in: .userDomainMask).first?
-			.appendingPathComponent(Bundle.main.bundleIdentifier!, isDirectory: true)
-
-		if FileManager.default.fileExists(atPath: basePath!.path) {
-			return
-		}
-
-		do {
-			let defaultsFileDir = basePath?.appendingPathComponent("chains").appendingPathComponent("ethereum")
-			let defaultsFile = defaultsFileDir?.appendingPathComponent("user_defaults")
-
-			try FileManager.default.createDirectory(atPath: (defaultsFileDir?.path)!, withIntermediateDirectories: true, attributes: nil)
-			if !FileManager.default.fileExists(atPath: defaultsFile!.path) {
-				try defaultDefaults.write(to: defaultsFile!, atomically: false, encoding: String.Encoding.utf8)
-			}
-
-			let configFile = basePath?.appendingPathComponent("config.toml")
-		}
-		catch {}
-	}
-
-	func autostartEnabled() -> Bool {
-		return itemReferencesInLoginItems().existingReference != nil
-	}
-
-	func itemReferencesInLoginItems() -> (existingReference: LSSharedFileListItem?, lastReference: LSSharedFileListItem?) {
-		let itemUrl: UnsafeMutablePointer<Unmanaged<CFURL>?> = UnsafeMutablePointer<Unmanaged<CFURL>?>.allocate(capacity: 1)
-		if let appUrl: NSURL = NSURL.fileURL(withPath: Bundle.main.bundlePath) as NSURL? {
-			let loginItemsRef = LSSharedFileListCreate(
-				nil,
-				kLSSharedFileListSessionLoginItems.takeRetainedValue(),
-				nil
-				).takeRetainedValue() as LSSharedFileList?
-			if loginItemsRef != nil {
-				let loginItems: NSArray = LSSharedFileListCopySnapshot(loginItemsRef, nil).takeRetainedValue() as NSArray
-				if(loginItems.count > 0)
-				{
-					let lastItemRef: LSSharedFileListItem = loginItems.lastObject as! LSSharedFileListItem
-					for i in 0 ..< loginItems.count {
-						let currentItemRef: LSSharedFileListItem = loginItems.object(at: i) as! LSSharedFileListItem
-						if LSSharedFileListItemResolve(currentItemRef, 0, itemUrl, nil) == noErr {
-							if let urlRef: NSURL =  itemUrl.pointee?.takeRetainedValue() {
-								if urlRef.isEqual(appUrl) {
-									return (currentItemRef, lastItemRef)
-								}
-							}
-						}
-					}
-					//The application was not found in the startup list
-					return (nil, lastItemRef)
-				}
-				else
-				{
-					let addAtStart: LSSharedFileListItem = kLSSharedFileListItemBeforeFirst.takeRetainedValue()
-					return(nil, addAtStart)
-				}
-			}
-		}
-		return (nil, nil)
-	}
-
-	func toggleLaunchAtStartup() {
-		let itemReferences = itemReferencesInLoginItems()
-		let shouldBeToggled = (itemReferences.existingReference == nil)
-		let loginItemsRef = LSSharedFileListCreate(
-			nil,
-			kLSSharedFileListSessionLoginItems.takeRetainedValue(),
-			nil
-			).takeRetainedValue() as LSSharedFileList?
-		if loginItemsRef != nil {
-			if shouldBeToggled {
-				if let appUrl : CFURL = NSURL.fileURL(withPath: Bundle.main.bundlePath) as CFURL? {
-					LSSharedFileListInsertItemURL(
-						loginItemsRef,
-						itemReferences.lastReference,
-						nil,
-						nil,
-						appUrl,
-						nil,
-						nil
-					)
-				}
-			} else {
-				if let itemRef = itemReferences.existingReference {
-					LSSharedFileListItemRemove(loginItemsRef,itemRef)
-				}
-			}
-		}
-	}
-
-	func launchParity() {
-		self.commandLine = CommandLine.arguments.dropFirst().filter({ $0 != "ui"})
-
-		let processes = GetBSDProcessList()!
-		let parityProcess = processes.index(where: {
-			var name = $0.kp_proc.p_comm
-			let str = withUnsafePointer(to: &name) {
-				$0.withMemoryRebound(to: UInt8.self, capacity: MemoryLayout.size(ofValue: name)) {
-				String(cString: $0)
-				}
-			}
-			return str == "parity"
-		})
-
-		if parityProcess == nil {
-			let parity = Process()
-			let p = self.parityPath()
-			parity.launchPath = p//self.parityPath()
-			parity.arguments = self.commandLine
-			parity.launch()
-			self.parityPid = parity.processIdentifier
-		} else {
-			self.parityPid = processes[parityProcess!].kp_proc.p_pid
-		}
-	}
-
-	func applicationDidFinishLaunching(_ aNotification: Notification) {
-		if self.isAlreadyRunning() {
-			openUI()
-			NSApplication.shared().terminate(self)
-			return
-		}
-
-		self.writeConfigFiles()
-		self.launchParity()
-		Timer.scheduledTimer(withTimeInterval: 1.0, repeats: true, block: {_ in
-			if !self.isParityRunning() {
-				NSApplication.shared().terminate(self)
-			}
-		})
-
-		let icon = NSImage(named: "statusIcon")
-		icon?.isTemplate = true // best for dark mode
-		statusItem.image = icon
-		statusItem.menu = statusMenu
-	}
-
-	override func validateMenuItem(_ menuItem: NSMenuItem) -> Bool {
-		if menuItem == self.startAtLogonMenuItem! {
-			menuItem.state = self.autostartEnabled() ? NSOnState : NSOffState
-		}
-		return true
-	}
-
-	@IBAction func quitClicked(_ sender: NSMenuItem) {
-		self.killParity()
-		NSApplication.shared().terminate(self)
-	}
-
-	@IBAction func openClicked(_ sender: NSMenuItem) {
-		self.openUI()
-	}
-
-	@IBAction func startAtLogonClicked(_ sender: NSMenuItem) {
-		self.toggleLaunchAtStartup()
-	}
-
-}
diff --git a/mac/Parity/Assets.xcassets/AppIcon.appiconset/Contents.json b/mac/Parity/Assets.xcassets/AppIcon.appiconset/Contents.json
deleted file mode 100644
index 9d59e8b3a56..00000000000
--- a/mac/Parity/Assets.xcassets/AppIcon.appiconset/Contents.json
+++ /dev/null
@@ -1,59 +0,0 @@
-{
-  "images" : [
-    {
-      "idiom" : "mac",
-      "size" : "16x16",
-      "scale" : "1x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "16x16",
-      "scale" : "2x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "32x32",
-      "scale" : "1x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "32x32",
-      "scale" : "2x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "128x128",
-      "scale" : "1x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "128x128",
-      "scale" : "2x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "256x256",
-      "scale" : "1x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "256x256",
-      "scale" : "2x"
-    },
-    {
-      "size" : "512x512",
-      "idiom" : "mac",
-      "filename" : "Parity.png",
-      "scale" : "1x"
-    },
-    {
-      "idiom" : "mac",
-      "size" : "512x512",
-      "scale" : "2x"
-    }
-  ],
-  "info" : {
-    "version" : 1,
-    "author" : "xcode"
-  }
-}
\ No newline at end of file
diff --git a/mac/Parity/Assets.xcassets/AppIcon.appiconset/Parity.png b/mac/Parity/Assets.xcassets/AppIcon.appiconset/Parity.png
deleted file mode 100644
index a7f085dab7a..00000000000
Binary files a/mac/Parity/Assets.xcassets/AppIcon.appiconset/Parity.png and /dev/null differ
diff --git a/mac/Parity/Assets.xcassets/Contents.json b/mac/Parity/Assets.xcassets/Contents.json
deleted file mode 100644
index da4a164c918..00000000000
--- a/mac/Parity/Assets.xcassets/Contents.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-  "info" : {
-    "version" : 1,
-    "author" : "xcode"
-  }
-}
\ No newline at end of file
diff --git a/mac/Parity/Assets.xcassets/statusIcon.imageset/Contents.json b/mac/Parity/Assets.xcassets/statusIcon.imageset/Contents.json
deleted file mode 100644
index b709bf58b25..00000000000
--- a/mac/Parity/Assets.xcassets/statusIcon.imageset/Contents.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-  "images" : [
-    {
-      "idiom" : "universal",
-      "filename" : "Parity-1.png",
-      "scale" : "1x"
-    },
-    {
-      "idiom" : "universal",
-      "filename" : "Parity.png",
-      "scale" : "2x"
-    },
-    {
-      "idiom" : "universal",
-      "filename" : "Parity-2.png",
-      "scale" : "3x"
-    }
-  ],
-  "info" : {
-    "version" : 1,
-    "author" : "xcode"
-  }
-}
\ No newline at end of file
diff --git a/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity-1.png b/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity-1.png
deleted file mode 100644
index 75767ebd7d6..00000000000
Binary files a/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity-1.png and /dev/null differ
diff --git a/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity-2.png b/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity-2.png
deleted file mode 100644
index 6a1106f5f1a..00000000000
Binary files a/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity-2.png and /dev/null differ
diff --git a/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity.png b/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity.png
deleted file mode 100644
index dfbda8ea3cf..00000000000
Binary files a/mac/Parity/Assets.xcassets/statusIcon.imageset/Parity.png and /dev/null differ
diff --git a/mac/Parity/Base.lproj/MainMenu.xib b/mac/Parity/Base.lproj/MainMenu.xib
deleted file mode 100644
index 2f52c80ad26..00000000000
--- a/mac/Parity/Base.lproj/MainMenu.xib
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="11201" systemVersion="16C67" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES" customObjectInstantitationMethod="direct">
-    <dependencies>
-        <deployment identifier="macosx"/>
-        <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="11201"/>
-    </dependencies>
-    <objects>
-        <customObject id="-2" userLabel="File's Owner" customClass="NSApplication">
-            <connections>
-                <outlet property="delegate" destination="Voe-Tx-rLC" id="GzC-gU-4Uq"/>
-            </connections>
-        </customObject>
-        <customObject id="-1" userLabel="First Responder" customClass="FirstResponder"/>
-        <customObject id="-3" userLabel="Application" customClass="NSObject"/>
-        <customObject id="Voe-Tx-rLC" customClass="AppDelegate" customModule="Parity_Ethereum" customModuleProvider="target">
-            <connections>
-                <outlet property="startAtLogonMenuItem" destination="D3f-yi-gRo" id="HSu-4B-kgr"/>
-                <outlet property="statusMenu" destination="Pmu-69-HGa" id="Lkb-oO-9Lu"/>
-            </connections>
-        </customObject>
-        <customObject id="YLy-65-1bz" customClass="NSFontManager"/>
-        <menu id="Pmu-69-HGa">
-            <items>
-                <menuItem title="Open Parity" id="ZzF-PB-QOY">
-                    <modifierMask key="keyEquivalentModifierMask"/>
-                    <connections>
-                        <action selector="openClicked:" target="Voe-Tx-rLC" id="xHx-QA-a4a"/>
-                    </connections>
-                </menuItem>
-                <menuItem isSeparatorItem="YES" id="3Dz-l5-VnW"/>
-                <menuItem title="Start at Logon" id="D3f-yi-gRo">
-                    <modifierMask key="keyEquivalentModifierMask"/>
-                    <connections>
-                        <action selector="startAtLogonClicked:" target="Voe-Tx-rLC" id="7ag-J2-wli"/>
-                    </connections>
-                </menuItem>
-                <menuItem isSeparatorItem="YES" id="Yrb-Um-Q67"/>
-                <menuItem title="Quit" id="NnD-AH-MH4">
-                    <modifierMask key="keyEquivalentModifierMask"/>
-                    <connections>
-                        <action selector="quitClicked:" target="Voe-Tx-rLC" id="vl6-du-PVU"/>
-                    </connections>
-                </menuItem>
-            </items>
-            <point key="canvasLocation" x="138.5" y="165.5"/>
-        </menu>
-    </objects>
-</document>
diff --git a/mac/Parity/GetBSDProcessList.swift b/mac/Parity/GetBSDProcessList.swift
deleted file mode 100644
index 6737787be8c..00000000000
--- a/mac/Parity/GetBSDProcessList.swift
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2015-2018 Parity Technologies (UK) Ltd.
-// This file is part of Parity.
-
-// Parity is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-
-// Parity is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-
-// You should have received a copy of the GNU General Public License
-// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
-
-
-// Based on https://github.com/soh335/GetBSDProcessList
-
-import Foundation
-import Darwin
-
-public func GetBSDProcessList() -> ([kinfo_proc]?)  {
-
-	var done = false
-	var result: [kinfo_proc]?
-	var err: Int32
-
-	repeat {
-		let name = [CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0];
-		let namePointer = name.withUnsafeBufferPointer { UnsafeMutablePointer<Int32>(mutating: $0.baseAddress) }
-		var length: Int = 0
-
-		err = sysctl(namePointer, u_int(name.count), nil, &length, nil, 0)
-		if err == -1 {
-			err = errno
-		}
-
-		if err == 0 {
-			let count = length / MemoryLayout<kinfo_proc>.stride
-			result = [kinfo_proc](repeating: kinfo_proc(), count: count)
-			err = result!.withUnsafeMutableBufferPointer({ ( p: inout UnsafeMutableBufferPointer<kinfo_proc>) -> Int32 in
-				return sysctl(namePointer, u_int(name.count), p.baseAddress, &length, nil, 0)
-			})
-			switch err {
-			case 0:
-				done = true
-			case -1:
-				err = errno
-			case ENOMEM:
-				err = 0
-			default:
-				fatalError()
-			}
-		}
-	} while err == 0 && !done
-
-	return result
-}
diff --git a/mac/Parity/Info.plist b/mac/Parity/Info.plist
deleted file mode 100644
index e0bdc21e695..00000000000
--- a/mac/Parity/Info.plist
+++ /dev/null
@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>CFBundleDevelopmentRegion</key>
-	<string>en</string>
-	<key>CFBundleExecutable</key>
-	<string>$(EXECUTABLE_NAME)</string>
-	<key>CFBundleIconFile</key>
-	<string></string>
-	<key>CFBundleIdentifier</key>
-	<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
-	<key>CFBundleInfoDictionaryVersion</key>
-	<string>6.0</string>
-	<key>CFBundleName</key>
-	<string>$(PRODUCT_NAME)</string>
-	<key>CFBundlePackageType</key>
-	<string>APPL</string>
-	<key>CFBundleShortVersionString</key>
-	<string>1.12</string>
-	<key>CFBundleVersion</key>
-	<string>1</string>
-	<key>LSApplicationCategoryType</key>
-	<string>public.app-category.finance</string>
-	<key>LSMinimumSystemVersion</key>
-	<string>$(MACOSX_DEPLOYMENT_TARGET)</string>
-	<key>LSUIElement</key>
-	<true/>
-	<key>NSHumanReadableCopyright</key>
-	<string>Copyright © 2017 Parity Technologies. All rights reserved.</string>
-	<key>NSMainNibFile</key>
-	<string>MainMenu</string>
-	<key>NSPrincipalClass</key>
-	<string>NSApplication</string>
-</dict>
-</plist>
diff --git a/mac/install-licence.txt b/mac/install-licence.txt
deleted file mode 100644
index 733c072369c..00000000000
--- a/mac/install-licence.txt
+++ /dev/null
@@ -1,675 +0,0 @@
-                    GNU GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
-  The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users.  We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors.  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
-  To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights.  Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received.  You must make sure that they, too, receive
-or can get the source code.  And you must show them these terms so they
-know their rights.
-
-  Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
-  For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software.  For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
-  Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so.  This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software.  The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable.  Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products.  If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
-  Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary.  To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                       TERMS AND CONDITIONS
-
-  0. Definitions.
-
-  "This License" refers to version 3 of the GNU General Public License.
-
-  "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
-  "The Program" refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as "you".  "Licensees" and
-"recipients" may be individuals or organizations.
-
-  To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy.  The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
-  A "covered work" means either the unmodified Program or a work based
-on the Program.
-
-  To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
-  To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
-  An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
-  1. Source Code.
-
-  The "source code" for a work means the preferred form of the work
-for making modifications to it.  "Object code" means any non-source
-form of a work.
-
-  A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
-  The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
-  The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
-  The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
-  The Corresponding Source for a work in source code form is that
-same work.
-
-  2. Basic Permissions.
-
-  All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
-  You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force.  You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright.  Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
-  Conveying under any other circumstances is permitted solely under
-the conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-
-  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-  No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
-  When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
-  4. Conveying Verbatim Copies.
-
-  You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
-  You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
-  5. Conveying Modified Source Versions.
-
-  You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
-    a) The work must carry prominent notices stating that you modified
-    it, and giving a relevant date.
-
-    b) The work must carry prominent notices stating that it is
-    released under this License and any conditions added under section
-    7.  This requirement modifies the requirement in section 4 to
-    "keep intact all notices".
-
-    c) You must license the entire work, as a whole, under this
-    License to anyone who comes into possession of a copy.  This
-    License will therefore apply, along with any applicable section 7
-    additional terms, to the whole of the work, and all its parts,
-    regardless of how they are packaged.  This License gives no
-    permission to license the work in any other way, but it does not
-    invalidate such permission if you have separately received it.
-
-    d) If the work has interactive user interfaces, each must display
-    Appropriate Legal Notices; however, if the Program has interactive
-    interfaces that do not display Appropriate Legal Notices, your
-    work need not make them do so.
-
-  A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
-  6. Conveying Non-Source Forms.
-
-  You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
-    a) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by the
-    Corresponding Source fixed on a durable physical medium
-    customarily used for software interchange.
-
-    b) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by a
-    written offer, valid for at least three years and valid for as
-    long as you offer spare parts or customer support for that product
-    model, to give anyone who possesses the object code either (1) a
-    copy of the Corresponding Source for all the software in the
-    product that is covered by this License, on a durable physical
-    medium customarily used for software interchange, for a price no
-    more than your reasonable cost of physically performing this
-    conveying of source, or (2) access to copy the
-    Corresponding Source from a network server at no charge.
-
-    c) Convey individual copies of the object code with a copy of the
-    written offer to provide the Corresponding Source.  This
-    alternative is allowed only occasionally and noncommercially, and
-    only if you received the object code with such an offer, in accord
-    with subsection 6b.
-
-    d) Convey the object code by offering access from a designated
-    place (gratis or for a charge), and offer equivalent access to the
-    Corresponding Source in the same way through the same place at no
-    further charge.  You need not require recipients to copy the
-    Corresponding Source along with the object code.  If the place to
-    copy the object code is a network server, the Corresponding Source
-    may be on a different server (operated by you or a third party)
-    that supports equivalent copying facilities, provided you maintain
-    clear directions next to the object code saying where to find the
-    Corresponding Source.  Regardless of what server hosts the
-    Corresponding Source, you remain obligated to ensure that it is
-    available for as long as needed to satisfy these requirements.
-
-    e) Convey the object code using peer-to-peer transmission, provided
-    you inform other peers where the object code and Corresponding
-    Source of the work are being offered to the general public at no
-    charge under subsection 6d.
-
-  A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
-  A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling.  In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage.  For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product.  A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
-  "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source.  The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
-  If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
-  The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed.  Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
-  Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
-  7. Additional Terms.
-
-  "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
-  When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
-  Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
-    a) Disclaiming warranty or limiting liability differently from the
-    terms of sections 15 and 16 of this License; or
-
-    b) Requiring preservation of specified reasonable legal notices or
-    author attributions in that material or in the Appropriate Legal
-    Notices displayed by works containing it; or
-
-    c) Prohibiting misrepresentation of the origin of that material, or
-    requiring that modified versions of such material be marked in
-    reasonable ways as different from the original version; or
-
-    d) Limiting the use for publicity purposes of names of licensors or
-    authors of the material; or
-
-    e) Declining to grant rights under trademark law for use of some
-    trade names, trademarks, or service marks; or
-
-    f) Requiring indemnification of licensors and authors of that
-    material by anyone who conveys the material (or modified versions of
-    it) with contractual assumptions of liability to the recipient, for
-    any liability that these contractual assumptions directly impose on
-    those licensors and authors.
-
-  All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
-  If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
-  Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
-  8. Termination.
-
-  You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
-  However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
-  Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
-  Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
-  9. Acceptance Not Required for Having Copies.
-
-  You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
-  10. Automatic Licensing of Downstream Recipients.
-
-  Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-
-  An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
-  You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
-  11. Patents.
-
-  A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's "contributor version".
-
-  A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
-  Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
-  In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
-  If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
-  If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
-  A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License.  You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
-  Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
-  12. No Surrender of Others' Freedom.
-
-  If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all.  For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
-  13. Use with the GNU Affero General Public License.
-
-  Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
-  14. Revised Versions of this License.
-
-  The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-  Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation.  If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
-  If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
-  Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
-  15. Disclaimer of Warranty.
-
-  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. Limitation of Liability.
-
-  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
-  17. Interpretation of Sections 15 and 16.
-
-  If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    {one line to give the program's name and a brief idea of what it does.}
-    Copyright (C) {year}  {name of author}
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-Also add information on how to contact you by electronic and paper mail.
-
-  If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
-    {project}  Copyright (C) {year}  {fullname}
-    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
-  You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
-
-  The GNU General Public License does not permit incorporating your program
-into proprietary programs.  If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.  But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
-
diff --git a/mac/install-readme.txt b/mac/install-readme.txt
deleted file mode 100644
index 51f0330bbd6..00000000000
--- a/mac/install-readme.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-Parity Wallet
-=============
-
-Welcome to Parity Wallet, your all-in-one Ethereum node and wallet.
-
-If you continue, Parity will be installed as a user service. You will be able to use the Parity Wallet through your browser by using the menu bar icon, following the shortcut in the Launchpad or navigating to http://localhost:8180/ in your browser.
-
-Parity is distributed under the terms of the GPL.
diff --git a/mac/post-install.sh b/mac/post-install.sh
deleted file mode 100755
index fc71ee1de6d..00000000000
--- a/mac/post-install.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-# uninstall any ancient version
-test -f /usr/local/libexec/uninstall-parity.sh && /usr/local/libexec/uninstall-parity.sh || true
-killall -9 parity && sleep 5
-su $USER -c "open /Applications/Parity\ Ethereum.app"
-exit 0
diff --git a/mac/uninstall-parity.sh b/mac/uninstall-parity.sh
deleted file mode 100755
index 840dba1f609..00000000000
--- a/mac/uninstall-parity.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-
-if [[ "$SUDO_USER" == "" ]] ; then
-	echo "This script requires elevated privileges."
-	sudo $0
-	exit;
-fi
-
-PLIST=~/Library/LaunchAgents/io.parity.ethereum.plist
-su $SUDO_USER -c "launchctl stop io.parity.ethereum"
-su $SUDO_USER -c "launchctl unload $PLIST"
-rm -f /usr/local/libexec/parity /usr/local/libexec/uninstall-parity.sh /usr/local/bin/ethstore /usr/local/bin/ethkey /usr/local/bin/parity-evm $PLIST
diff --git a/miner/Cargo.toml b/miner/Cargo.toml
index 707352484e2..e692d2f7083 100644
--- a/miner/Cargo.toml
+++ b/miner/Cargo.toml
@@ -27,7 +27,6 @@ linked-hash-map = "0.5"
 log = "0.3"
 parking_lot = "0.5"
 price-info = { path = "../price-info" }
-rayon = "1.0"
 rlp = { path = "../util/rlp" }
 trace-time = { path = "../util/trace-time" }
 transaction-pool = { path = "../transaction-pool" }
diff --git a/miner/src/lib.rs b/miner/src/lib.rs
index 107b9b22b54..6b61df4de4e 100644
--- a/miner/src/lib.rs
+++ b/miner/src/lib.rs
@@ -29,15 +29,15 @@ extern crate keccak_hash as hash;
 extern crate linked_hash_map;
 extern crate parking_lot;
 extern crate price_info;
-extern crate rayon;
 extern crate rlp;
-extern crate trace_time;
 extern crate transaction_pool as txpool;
 
 #[macro_use]
 extern crate error_chain;
 #[macro_use]
 extern crate log;
+#[macro_use]
+extern crate trace_time;
 
 #[cfg(test)]
 extern crate rustc_hex;
diff --git a/miner/src/pool/mod.rs b/miner/src/pool/mod.rs
index 57f813157bd..fd4ef6ef2e8 100644
--- a/miner/src/pool/mod.rs
+++ b/miner/src/pool/mod.rs
@@ -16,7 +16,7 @@
 
 //! Transaction Pool
 
-use ethereum_types::{H256, Address};
+use ethereum_types::{U256, H256, Address};
 use heapsize::HeapSizeOf;
 use transaction;
 use txpool;
@@ -45,6 +45,43 @@ pub enum PrioritizationStrategy {
 	GasPriceOnly,
 }
 
+/// Transaction ordering when requesting pending set.
+#[derive(Debug, PartialEq, Eq, Clone, Copy)]
+pub enum PendingOrdering {
+	/// Get pending transactions ordered by their priority (potentially expensive)
+	Priority,
+	/// Get pending transactions without any care of particular ordering (cheaper).
+	Unordered,
+}
+
+/// Pending set query settings
+#[derive(Debug, Clone)]
+pub struct PendingSettings {
+	/// Current block number (affects readiness of some transactions).
+	pub block_number: u64,
+	/// Current timestamp (affects readiness of some transactions).
+	pub current_timestamp: u64,
+	/// Nonce cap (for dust protection; EIP-168)
+	pub nonce_cap: Option<U256>,
+	/// Maximal number of transactions in pending the set.
+	pub max_len: usize,
+	/// Ordering of transactions.
+	pub ordering: PendingOrdering,
+}
+
+impl PendingSettings {
+	/// Get all transactions (no cap or len limit) prioritized.
+	pub fn all_prioritized(block_number: u64, current_timestamp: u64) -> Self {
+		PendingSettings {
+			block_number,
+			current_timestamp,
+			nonce_cap: None,
+			max_len: usize::max_value(),
+			ordering: PendingOrdering::Priority,
+		}
+	}
+}
+
 /// Transaction priority.
 #[derive(Debug, PartialEq, Eq, Clone, Copy)]
 pub(crate) enum Priority {
diff --git a/miner/src/pool/queue.rs b/miner/src/pool/queue.rs
index 4ebdf9e3f1f..4351087b29b 100644
--- a/miner/src/pool/queue.rs
+++ b/miner/src/pool/queue.rs
@@ -23,11 +23,13 @@ use std::collections::BTreeMap;
 
 use ethereum_types::{H256, U256, Address};
 use parking_lot::RwLock;
-use rayon::prelude::*;
 use transaction;
 use txpool::{self, Verifier};
 
-use pool::{self, scoring, verifier, client, ready, listener, PrioritizationStrategy};
+use pool::{
+	self, scoring, verifier, client, ready, listener,
+	PrioritizationStrategy, PendingOrdering, PendingSettings,
+};
 use pool::local_transactions::LocalTransactionsList;
 
 type Listener = (LocalTransactionsList, (listener::Notifier, listener::Logger));
@@ -75,6 +77,7 @@ struct CachedPending {
 	nonce_cap: Option<U256>,
 	has_local_pending: bool,
 	pending: Option<Vec<Arc<pool::VerifiedTransaction>>>,
+	max_len: usize,
 }
 
 impl CachedPending {
@@ -86,6 +89,7 @@ impl CachedPending {
 			has_local_pending: false,
 			pending: None,
 			nonce_cap: None,
+			max_len: 0,
 		}
 	}
 
@@ -100,6 +104,7 @@ impl CachedPending {
 		block_number: u64,
 		current_timestamp: u64,
 		nonce_cap: Option<&U256>,
+		max_len: usize,
 	) -> Option<Vec<Arc<pool::VerifiedTransaction>>> {
 		// First check if we have anything in cache.
 		let pending = self.pending.as_ref()?;
@@ -124,7 +129,12 @@ impl CachedPending {
 			return None;
 		}
 
-		Some(pending.clone())
+		// It's fine to just take a smaller subset, but not other way around.
+		if max_len > self.max_len {
+			return None;
+		}
+
+		Some(pending.iter().take(max_len).cloned().collect())
 	}
 }
 
@@ -174,13 +184,19 @@ impl TransactionQueue {
 		transactions: Vec<verifier::Transaction>,
 	) -> Vec<Result<(), transaction::Error>> {
 		// Run verification
-		let _timer = ::trace_time::PerfTimer::new("pool::verify_and_import");
+		trace_time!("pool::verify_and_import");
 		let options = self.options.read().clone();
 
 		let verifier = verifier::Verifier::new(client, options, self.insertion_id.clone());
 		let results = transactions
-			.into_par_iter()
-			.map(|transaction| verifier.verify_transaction(transaction))
+			.into_iter()
+			.map(|transaction| {
+				if self.pool.read().find(&transaction.hash()).is_some() {
+					bail!(transaction::Error::AlreadyImported)
+				}
+
+				verifier.verify_transaction(transaction)
+			})
 			.map(|result| result.and_then(|verified| {
 				self.pool.write().import(verified)
 					.map(|_imported| ())
@@ -198,13 +214,13 @@ impl TransactionQueue {
 		results
 	}
 
-	/// Returns all transactions in the queue ordered by priority.
+	/// Returns all transactions in the queue without explicit ordering.
 	pub fn all_transactions(&self) -> Vec<Arc<pool::VerifiedTransaction>> {
 		let ready = |_tx: &pool::VerifiedTransaction| txpool::Readiness::Ready;
-		self.pool.read().pending(ready).collect()
+		self.pool.read().unordered_pending(ready).collect()
 	}
 
-	/// Returns current pneding transactions.
+	/// Returns current pending transactions ordered by priority.
 	///
 	/// NOTE: This may return a cached version of pending transaction set.
 	/// Re-computing the pending set is possible with `#collect_pending` method,
@@ -212,24 +228,31 @@ impl TransactionQueue {
 	pub fn pending<C>(
 		&self,
 		client: C,
-		block_number: u64,
-		current_timestamp: u64,
-		nonce_cap: Option<U256>,
+		settings: PendingSettings,
 	) -> Vec<Arc<pool::VerifiedTransaction>> where
 		C: client::NonceClient,
 	{
-
-		if let Some(pending) = self.cached_pending.read().pending(block_number, current_timestamp, nonce_cap.as_ref()) {
+		let PendingSettings { block_number, current_timestamp, nonce_cap, max_len, ordering } = settings;
+		if let Some(pending) = self.cached_pending.read().pending(block_number, current_timestamp, nonce_cap.as_ref(), max_len) {
 			return pending;
 		}
 
 		// Double check after acquiring write lock
 		let mut cached_pending = self.cached_pending.write();
-		if let Some(pending) = cached_pending.pending(block_number, current_timestamp, nonce_cap.as_ref()) {
+		if let Some(pending) = cached_pending.pending(block_number, current_timestamp, nonce_cap.as_ref(), max_len) {
 			return pending;
 		}
 
-		let pending: Vec<_> = self.collect_pending(client, block_number, current_timestamp, nonce_cap, |i| i.collect());
+		// In case we don't have a cached set, but we don't care about order
+		// just return the unordered set.
+		if let PendingOrdering::Unordered = ordering {
+			let ready = Self::ready(client, block_number, current_timestamp, nonce_cap);
+			return self.pool.read().unordered_pending(ready).take(max_len).collect();
+		}
+
+		let pending: Vec<_> = self.collect_pending(client, block_number, current_timestamp, nonce_cap, |i| {
+			i.take(max_len).collect()
+		});
 
 		*cached_pending = CachedPending {
 			block_number,
@@ -237,6 +260,7 @@ impl TransactionQueue {
 			nonce_cap,
 			has_local_pending: self.has_local_pending_transactions(),
 			pending: Some(pending.clone()),
+			max_len,
 		};
 
 		pending
@@ -261,15 +285,27 @@ impl TransactionQueue {
 			scoring::NonceAndGasPrice,
 			Listener,
 		>) -> T,
+	{
+		debug!(target: "txqueue", "Re-computing pending set for block: {}", block_number);
+		trace_time!("pool::collect_pending");
+		let ready = Self::ready(client, block_number, current_timestamp, nonce_cap);
+		collect(self.pool.read().pending(ready))
+	}
+
+	fn ready<C>(
+		client: C,
+		block_number: u64,
+		current_timestamp: u64,
+		nonce_cap: Option<U256>,
+	) -> (ready::Condition, ready::State<C>) where
+		C: client::NonceClient,
 	{
 		let pending_readiness = ready::Condition::new(block_number, current_timestamp);
 		// don't mark any transactions as stale at this point.
 		let stale_id = None;
 		let state_readiness = ready::State::new(client, stale_id, nonce_cap);
 
-		let ready = (pending_readiness, state_readiness);
-
-		collect(self.pool.read().pending(ready))
+		(pending_readiness, state_readiness)
 	}
 
 	/// Culls all stalled transactions from the pool.
@@ -410,6 +446,12 @@ impl TransactionQueue {
 		let mut pool = self.pool.write();
 		(pool.listener_mut().1).0.add(f);
 	}
+
+	/// Check if pending set is cached.
+	#[cfg(test)]
+	pub fn is_pending_cached(&self) -> bool {
+		self.cached_pending.read().pending.is_some()
+	}
 }
 
 fn convert_error(err: txpool::Error) -> transaction::Error {
@@ -435,7 +477,7 @@ mod tests {
 	fn should_get_pending_transactions() {
 		let queue = TransactionQueue::new(txpool::Options::default(), verifier::Options::default(), PrioritizationStrategy::GasPriceOnly);
 
-		let pending: Vec<_> = queue.pending(TestClient::default(), 0, 0, None);
+		let pending: Vec<_> = queue.pending(TestClient::default(), PendingSettings::all_prioritized(0, 0));
 
 		for tx in pending {
 			assert!(tx.signed().nonce > 0.into());
diff --git a/miner/src/pool/tests/client.rs b/miner/src/pool/tests/client.rs
index 101b6cdc21a..08b43f12adf 100644
--- a/miner/src/pool/tests/client.rs
+++ b/miner/src/pool/tests/client.rs
@@ -14,6 +14,8 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+use std::sync::{atomic, Arc};
+
 use ethereum_types::{U256, H256, Address};
 use rlp::Rlp;
 use transaction::{self, Transaction, SignedTransaction, UnverifiedTransaction};
@@ -25,6 +27,7 @@ const MAX_TRANSACTION_SIZE: usize = 15 * 1024;
 
 #[derive(Debug, Clone)]
 pub struct TestClient {
+	verification_invoked: Arc<atomic::AtomicBool>,
 	account_details: AccountDetails,
 	gas_required: U256,
 	is_service_transaction: bool,
@@ -35,6 +38,7 @@ pub struct TestClient {
 impl Default for TestClient {
 	fn default() -> Self {
 		TestClient {
+			verification_invoked: Default::default(),
 			account_details: AccountDetails {
 				nonce: 123.into(),
 				balance: 63_100.into(),
@@ -88,6 +92,10 @@ impl TestClient {
 			insertion_id: 1,
 		}
 	}
+
+	pub fn was_verification_triggered(&self) -> bool {
+		self.verification_invoked.load(atomic::Ordering::SeqCst)
+	}
 }
 
 impl pool::client::Client for TestClient {
@@ -98,6 +106,7 @@ impl pool::client::Client for TestClient {
 	fn verify_transaction(&self, tx: UnverifiedTransaction)
 		-> Result<SignedTransaction, transaction::Error>
 	{
+		self.verification_invoked.store(true, atomic::Ordering::SeqCst);
 		Ok(SignedTransaction::new(tx)?)
 	}
 
diff --git a/miner/src/pool/tests/mod.rs b/miner/src/pool/tests/mod.rs
index 552903a4bb2..ef83db4a901 100644
--- a/miner/src/pool/tests/mod.rs
+++ b/miner/src/pool/tests/mod.rs
@@ -18,7 +18,7 @@ use ethereum_types::U256;
 use transaction::{self, PendingTransaction};
 use txpool;
 
-use pool::{verifier, TransactionQueue, PrioritizationStrategy};
+use pool::{verifier, TransactionQueue, PrioritizationStrategy, PendingSettings, PendingOrdering};
 
 pub mod tx;
 pub mod client;
@@ -108,7 +108,7 @@ fn should_handle_same_transaction_imported_twice_with_different_state_nonces() {
 	// and then there should be only one transaction in current (the one with higher gas_price)
 	assert_eq!(res, vec![Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 1);
-	let top = txq.pending(TestClient::new(), 0, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top[0].hash, hash);
 }
 
@@ -133,7 +133,7 @@ fn should_move_all_transactions_from_future() {
 	// then
 	assert_eq!(res, vec![Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 2);
-	let top = txq.pending(TestClient::new(), 0, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top[0].hash, hash);
 	assert_eq!(top[1].hash, hash2);
 }
@@ -207,7 +207,7 @@ fn should_import_txs_from_same_sender() {
 	txq.import(TestClient::new(), txs.local().into_vec());
 
 	// then
-	let top = txq.pending(TestClient::new(), 0 ,0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0 ,0));
 	assert_eq!(top[0].hash, hash);
 	assert_eq!(top[1].hash, hash2);
 	assert_eq!(top.len(), 2);
@@ -229,7 +229,7 @@ fn should_prioritize_local_transactions_within_same_nonce_height() {
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 
 	// then
-	let top = txq.pending(client, 0, 0, None);
+	let top = txq.pending(client, PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top[0].hash, hash); // local should be first
 	assert_eq!(top[1].hash, hash2);
 	assert_eq!(top.len(), 2);
@@ -251,7 +251,7 @@ fn should_prioritize_reimported_transactions_within_same_nonce_height() {
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 
 	// then
-	let top = txq.pending(TestClient::new(), 0, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top[0].hash, hash); // retracted should be first
 	assert_eq!(top[1].hash, hash2);
 	assert_eq!(top.len(), 2);
@@ -270,7 +270,7 @@ fn should_not_prioritize_local_transactions_with_different_nonce_height() {
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 
 	// then
-	let top = txq.pending(TestClient::new(), 0, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top[0].hash, hash);
 	assert_eq!(top[1].hash, hash2);
 	assert_eq!(top.len(), 2);
@@ -288,7 +288,7 @@ fn should_put_transaction_to_futures_if_gap_detected() {
 
 	// then
 	assert_eq!(res, vec![Ok(()), Ok(())]);
-	let top = txq.pending(TestClient::new(), 0, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top.len(), 1);
 	assert_eq!(top[0].hash, hash);
 }
@@ -308,9 +308,9 @@ fn should_handle_min_block() {
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 
 	// then
-	let top = txq.pending(TestClient::new(), 0, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top.len(), 0);
-	let top = txq.pending(TestClient::new(), 1, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(1, 0));
 	assert_eq!(top.len(), 2);
 }
 
@@ -341,7 +341,7 @@ fn should_move_transactions_if_gap_filled() {
 	let res = txq.import(TestClient::new(), vec![tx, tx2].local());
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 2);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 1);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 1);
 
 	// when
 	let res = txq.import(TestClient::new(), vec![tx1.local()]);
@@ -349,7 +349,7 @@ fn should_move_transactions_if_gap_filled() {
 
 	// then
 	assert_eq!(txq.status().status.transaction_count, 3);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 3);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 3);
 }
 
 #[test]
@@ -361,12 +361,12 @@ fn should_remove_transaction() {
 	let res = txq.import(TestClient::default(), vec![tx, tx2].local());
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 2);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 1);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 1);
 
 	// when
 	txq.cull(TestClient::new().with_nonce(124));
 	assert_eq!(txq.status().status.transaction_count, 1);
-	assert_eq!(txq.pending(TestClient::new().with_nonce(125), 0, 0, None).len(), 1);
+	assert_eq!(txq.pending(TestClient::new().with_nonce(125), PendingSettings::all_prioritized(0, 0)).len(), 1);
 	txq.cull(TestClient::new().with_nonce(126));
 
 	// then
@@ -384,19 +384,19 @@ fn should_move_transactions_to_future_if_gap_introduced() {
 	let res = txq.import(TestClient::new(), vec![tx3, tx2].local());
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 2);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 1);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 1);
 
 	let res = txq.import(TestClient::new(), vec![tx].local());
 	assert_eq!(res, vec![Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 3);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 3);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 3);
 
 	// when
 	txq.remove(vec![&hash], true);
 
 	// then
 	assert_eq!(txq.status().status.transaction_count, 2);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 1);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 1);
 }
 
 #[test]
@@ -447,7 +447,7 @@ fn should_prefer_current_transactions_when_hitting_the_limit() {
 	assert_eq!(res, vec![Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 1);
 
-	let top = txq.pending(TestClient::new(), 0, 0, None);
+	let top = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	assert_eq!(top.len(), 1);
 	assert_eq!(top[0].hash, hash);
 	assert_eq!(txq.next_nonce(TestClient::new(), &sender), Some(124.into()));
@@ -494,19 +494,19 @@ fn should_accept_same_transaction_twice_if_removed() {
 	let res = txq.import(TestClient::new(), txs.local().into_vec());
 	assert_eq!(res, vec![Ok(()), Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 2);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 2);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 2);
 
 	// when
 	txq.remove(vec![&hash], true);
 	assert_eq!(txq.status().status.transaction_count, 1);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 0);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 0);
 
 	let res = txq.import(TestClient::new(), vec![tx1].local());
 	assert_eq!(res, vec![Ok(())]);
 
 	// then
 	assert_eq!(txq.status().status.transaction_count, 2);
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 2);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 2);
 }
 
 #[test]
@@ -526,8 +526,8 @@ fn should_not_replace_same_transaction_if_the_fee_is_less_than_minimal_bump() {
 	// then
 	assert_eq!(res, vec![Err(transaction::Error::TooCheapToReplace), Ok(())]);
 	assert_eq!(txq.status().status.transaction_count, 2);
-	assert_eq!(txq.pending(client.clone(), 0, 0, None)[0].signed().gas_price, U256::from(20));
-	assert_eq!(txq.pending(client.clone(), 0, 0, None)[1].signed().gas_price, U256::from(2));
+	assert_eq!(txq.pending(client.clone(), PendingSettings::all_prioritized(0, 0))[0].signed().gas_price, U256::from(20));
+	assert_eq!(txq.pending(client.clone(), PendingSettings::all_prioritized(0, 0))[1].signed().gas_price, U256::from(2));
 }
 
 #[test]
@@ -569,7 +569,7 @@ fn should_return_valid_last_nonce_after_cull() {
 	let client = TestClient::new().with_nonce(124);
 	txq.cull(client.clone());
 	// tx2 should be not be promoted to current
-	assert_eq!(txq.pending(client.clone(), 0, 0, None).len(), 0);
+	assert_eq!(txq.pending(client.clone(), PendingSettings::all_prioritized(0, 0)).len(), 0);
 
 	// then
 	assert_eq!(txq.next_nonce(client.clone(), &sender), None);
@@ -667,7 +667,7 @@ fn should_accept_local_transactions_below_min_gas_price() {
 	assert_eq!(res, vec![Ok(())]);
 
 	// then
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 1);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 1);
 }
 
 #[test]
@@ -685,7 +685,7 @@ fn should_accept_local_service_transaction() {
 	assert_eq!(res, vec![Ok(())]);
 
 	// then
-	assert_eq!(txq.pending(TestClient::new(), 0, 0, None).len(), 1);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0)).len(), 1);
 }
 
 #[test]
@@ -726,15 +726,77 @@ fn should_not_return_transactions_over_nonce_cap() {
 	assert_eq!(res, vec![Ok(()), Ok(()), Ok(())]);
 
 	// when
-	let all = txq.pending(TestClient::new(), 0, 0, None);
+	let all = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
 	// This should invalidate the cache!
-	let limited = txq.pending(TestClient::new(), 0, 0, Some(123.into()));
+	let limited = txq.pending(TestClient::new(), PendingSettings {
+		block_number: 0,
+		current_timestamp: 0,
+		nonce_cap: Some(123.into()),
+		max_len: usize::max_value(),
+		ordering: PendingOrdering::Priority,
+	});
 
 	// then
 	assert_eq!(all.len(), 3);
 	assert_eq!(limited.len(), 1);
 }
 
+#[test]
+fn should_return_cached_pending_even_if_unordered_is_requested() {
+	// given
+	let txq = new_queue();
+	let tx1 = Tx::default().signed();
+	let (tx2_1, tx2_2)= Tx::default().signed_pair();
+	let tx2_1_hash = tx2_1.hash();
+	let res = txq.import(TestClient::new(), vec![tx1].unverified());
+	assert_eq!(res, vec![Ok(())]);
+	let res = txq.import(TestClient::new(), vec![tx2_1, tx2_2].local());
+	assert_eq!(res, vec![Ok(()), Ok(())]);
+
+	// when
+	let all = txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 0));
+	assert_eq!(all[0].hash, tx2_1_hash);
+	assert_eq!(all.len(), 3);
+
+	// This should not invalidate the cache!
+	let limited = txq.pending(TestClient::new(), PendingSettings {
+		block_number: 0,
+		current_timestamp: 0,
+		nonce_cap: None,
+		max_len: 3,
+		ordering: PendingOrdering::Unordered,
+	});
+
+	// then
+	assert_eq!(all, limited);
+}
+
+#[test]
+fn should_return_unordered_and_not_populate_the_cache() {
+	// given
+	let txq = new_queue();
+	let tx1 = Tx::default().signed();
+	let (tx2_1, tx2_2)= Tx::default().signed_pair();
+	let res = txq.import(TestClient::new(), vec![tx1].unverified());
+	assert_eq!(res, vec![Ok(())]);
+	let res = txq.import(TestClient::new(), vec![tx2_1, tx2_2].local());
+	assert_eq!(res, vec![Ok(()), Ok(())]);
+
+	// when
+	// This should not invalidate the cache!
+	let limited = txq.pending(TestClient::new(), PendingSettings {
+		block_number: 0,
+		current_timestamp: 0,
+		nonce_cap: None,
+		max_len: usize::max_value(),
+		ordering: PendingOrdering::Unordered,
+	});
+
+	// then
+	assert_eq!(limited.len(), 3);
+	assert!(!txq.is_pending_cached());
+}
+
 #[test]
 fn should_clear_cache_after_timeout_for_local() {
 	// given
@@ -748,12 +810,12 @@ fn should_clear_cache_after_timeout_for_local() {
 
 	// This should populate cache and set timestamp to 1
 	// when
-	assert_eq!(txq.pending(TestClient::new(), 0, 1, None).len(), 0);
-	assert_eq!(txq.pending(TestClient::new(), 0, 1000, None).len(), 0);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 1)).len(), 0);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 1000)).len(), 0);
 
 	// This should invalidate the cache and trigger transaction ready.
 	// then
-	assert_eq!(txq.pending(TestClient::new(), 0, 1002, None).len(), 2);
+	assert_eq!(txq.pending(TestClient::new(), PendingSettings::all_prioritized(0, 1002)).len(), 2);
 }
 
 #[test]
@@ -796,3 +858,37 @@ fn should_include_local_transaction_to_a_full_pool() {
 	// then
 	assert_eq!(txq.status().status.transaction_count, 1);
 }
+
+#[test]
+fn should_avoid_verifying_transaction_already_in_pool() {
+	// given
+	let txq = TransactionQueue::new(
+		txpool::Options {
+			max_count: 1,
+			max_per_sender: 2,
+			max_mem_usage: 50
+		},
+		verifier::Options {
+			minimal_gas_price: 1.into(),
+			block_gas_limit: 1_000_000.into(),
+			tx_gas_limit: 1_000_000.into(),
+		},
+		PrioritizationStrategy::GasPriceOnly,
+	);
+	let client = TestClient::new();
+	let tx1 = Tx::default().signed().unverified();
+
+	let res = txq.import(client.clone(), vec![tx1.clone()]);
+	assert_eq!(res, vec![Ok(())]);
+	assert_eq!(txq.status().status.transaction_count, 1);
+	assert!(client.was_verification_triggered());
+
+	// when
+	let client = TestClient::new();
+	let res = txq.import(client.clone(), vec![tx1]);
+	assert_eq!(res, vec![Err(transaction::Error::AlreadyImported)]);
+	assert!(!client.was_verification_triggered());
+
+	// then
+	assert_eq!(txq.status().status.transaction_count, 1);
+}
diff --git a/miner/src/pool/verifier.rs b/miner/src/pool/verifier.rs
index 4675303928d..5e6e22077a3 100644
--- a/miner/src/pool/verifier.rs
+++ b/miner/src/pool/verifier.rs
@@ -57,6 +57,7 @@ impl Default for Options {
 }
 
 /// Transaction to verify.
+#[cfg_attr(test, derive(Clone))]
 pub enum Transaction {
 	/// Fresh, never verified transaction.
 	///
@@ -75,7 +76,8 @@ pub enum Transaction {
 }
 
 impl Transaction {
-	fn hash(&self) -> H256 {
+	/// Return transaction hash
+	pub fn hash(&self) -> H256 {
 		match *self {
 			Transaction::Unverified(ref tx) => tx.hash(),
 			Transaction::Retracted(ref tx) => tx.hash(),
diff --git a/parity/cli/mod.rs b/parity/cli/mod.rs
index a3f3d4887fc..b5f29dbad90 100644
--- a/parity/cli/mod.rs
+++ b/parity/cli/mod.rs
@@ -286,7 +286,7 @@ usage! {
 
 			ARG arg_chain: (String) = "foundation", or |c: &Config| c.parity.as_ref()?.chain.clone(),
 			"--chain=[CHAIN]",
-			"Specify the blockchain type. CHAIN may be either a JSON chain specification file or olympic, frontier, homestead, mainnet, morden, ropsten, classic, expanse, musicoin, ellaism, easthub, social, testnet, kovan or dev.",
+			"Specify the blockchain type. CHAIN may be either a JSON chain specification file or olympic, frontier, homestead, mainnet, morden, ropsten, classic, expanse, tobalaba, musicoin, ellaism, easthub, social, testnet, kovan or dev.",
 
 			ARG arg_keys_path: (String) = "$BASE/keys", or |c: &Config| c.parity.as_ref()?.keys_path.clone(),
 			"--keys-path=[PATH]",
@@ -563,38 +563,42 @@ usage! {
 			"--no-secretstore-http",
 			"Disable Secret Store HTTP API.",
 
- 			FLAG flag_no_secretstore_acl_check: (bool) = false, or |c: &Config| c.secretstore.as_ref()?.disable_acl_check.clone(),
-			"--no-acl-check",
-			"Disable ACL check (useful for test environments).",
-
 			FLAG flag_no_secretstore_auto_migrate: (bool) = false, or |c: &Config| c.secretstore.as_ref()?.disable_auto_migrate.clone(),
 			"--no-secretstore-auto-migrate",
 			"Do not run servers set change session automatically when servers set changes. This option has no effect when servers set is read from configuration file.",
 
-			ARG arg_secretstore_contract: (String) = "none", or |c: &Config| c.secretstore.as_ref()?.service_contract.clone(),
+			ARG arg_secretstore_acl_contract: (Option<String>) = Some("registry".into()), or |c: &Config| c.secretstore.as_ref()?.acl_contract.clone(),
+			"--secretstore-acl-contract=[SOURCE]",
+			"Secret Store permissioning contract address source: none, registry (contract address is read from 'secretstore_acl_checker' entry in registry) or address.",
+
+			ARG arg_secretstore_contract: (Option<String>) = None, or |c: &Config| c.secretstore.as_ref()?.service_contract.clone(),
 			"--secretstore-contract=[SOURCE]",
-			"Secret Store Service contract address source: none, registry (contract address is read from secretstore_service entry in registry) or address.",
+			"Secret Store Service contract address source: none, registry (contract address is read from 'secretstore_service' entry in registry) or address.",
 
-			ARG arg_secretstore_srv_gen_contract: (String) = "none", or |c: &Config| c.secretstore.as_ref()?.service_contract_srv_gen.clone(),
+			ARG arg_secretstore_srv_gen_contract: (Option<String>) = None, or |c: &Config| c.secretstore.as_ref()?.service_contract_srv_gen.clone(),
 			"--secretstore-srv-gen-contract=[SOURCE]",
-			"Secret Store Service server key generation contract address source: none, registry (contract address is read from secretstore_service_srv_gen entry in registry) or address.",
+			"Secret Store Service server key generation contract address source: none, registry (contract address is read from 'secretstore_service_srv_gen' entry in registry) or address.",
 
-			ARG arg_secretstore_srv_retr_contract: (String) = "none", or |c: &Config| c.secretstore.as_ref()?.service_contract_srv_retr.clone(),
+			ARG arg_secretstore_srv_retr_contract: (Option<String>) = None, or |c: &Config| c.secretstore.as_ref()?.service_contract_srv_retr.clone(),
 			"--secretstore-srv-retr-contract=[SOURCE]",
-			"Secret Store Service server key retrieval contract address source: none, registry (contract address is read from secretstore_service_srv_retr entry in registry) or address.",
+			"Secret Store Service server key retrieval contract address source: none, registry (contract address is read from 'secretstore_service_srv_retr' entry in registry) or address.",
 
-			ARG arg_secretstore_doc_store_contract: (String) = "none", or |c: &Config| c.secretstore.as_ref()?.service_contract_doc_store.clone(),
+			ARG arg_secretstore_doc_store_contract: (Option<String>) = None, or |c: &Config| c.secretstore.as_ref()?.service_contract_doc_store.clone(),
 			"--secretstore-doc-store-contract=[SOURCE]",
-			"Secret Store Service document key store contract address source: none, registry (contract address is read from secretstore_service_doc_store entry in registry) or address.",
+			"Secret Store Service document key store contract address source: none, registry (contract address is read from 'secretstore_service_doc_store' entry in registry) or address.",
 
-			ARG arg_secretstore_doc_sretr_contract: (String) = "none", or |c: &Config| c.secretstore.as_ref()?.service_contract_doc_sretr.clone(),
+			ARG arg_secretstore_doc_sretr_contract: (Option<String>) = None, or |c: &Config| c.secretstore.as_ref()?.service_contract_doc_sretr.clone(),
 			"--secretstore-doc-sretr-contract=[SOURCE]",
-			"Secret Store Service document key shadow retrieval contract address source: none, registry (contract address is read from secretstore_service_doc_sretr entry in registry) or address.",
+			"Secret Store Service document key shadow retrieval contract address source: none, registry (contract address is read from 'secretstore_service_doc_sretr' entry in registry) or address.",
 
 			ARG arg_secretstore_nodes: (String) = "", or |c: &Config| c.secretstore.as_ref()?.nodes.as_ref().map(|vec| vec.join(",")),
 			"--secretstore-nodes=[NODES]",
 			"Comma-separated list of other secret store cluster nodes in form NODE_PUBLIC_KEY_IN_HEX@NODE_IP_ADDR:NODE_PORT.",
 
+			ARG arg_secretstore_server_set_contract: (Option<String>) = Some("registry".into()), or |c: &Config| c.secretstore.as_ref()?.server_set_contract.clone(),
+			"--secretstore-server-set-contract=[SOURCE]",
+			"Secret Store server set contract address source: none, registry (contract address is read from 'secretstore_server_set' entry in registry) or address.",
+
 			ARG arg_secretstore_interface: (String) = "local", or |c: &Config| c.secretstore.as_ref()?.interface.clone(),
 			"--secretstore-interface=[IP]",
 			"Specify the hostname portion for listening to Secret Store Key Server internal requests, IP should be an interface's IP address, or local.",
@@ -1193,8 +1197,8 @@ struct Dapps {
 struct SecretStore {
 	disable: Option<bool>,
 	disable_http: Option<bool>,
-	disable_acl_check: Option<bool>,
 	disable_auto_migrate: Option<bool>,
+	acl_contract: Option<String>,
 	service_contract: Option<String>,
 	service_contract_srv_gen: Option<String>,
 	service_contract_srv_retr: Option<String>,
@@ -1203,6 +1207,7 @@ struct SecretStore {
 	self_secret: Option<String>,
 	admin_public: Option<String>,
 	nodes: Option<Vec<String>>,
+	server_set_contract: Option<String>,
 	interface: Option<String>,
 	port: Option<u16>,
 	http_interface: Option<String>,
@@ -1620,16 +1625,17 @@ mod tests {
 			// SECRETSTORE
 			flag_no_secretstore: false,
 			flag_no_secretstore_http: false,
-			flag_no_secretstore_acl_check: false,
 			flag_no_secretstore_auto_migrate: false,
-			arg_secretstore_contract: "none".into(),
-			arg_secretstore_srv_gen_contract: "none".into(),
-			arg_secretstore_srv_retr_contract: "none".into(),
-			arg_secretstore_doc_store_contract: "none".into(),
-			arg_secretstore_doc_sretr_contract: "none".into(),
+			arg_secretstore_acl_contract: Some("registry".into()),
+			arg_secretstore_contract: Some("none".into()),
+			arg_secretstore_srv_gen_contract: Some("none".into()),
+			arg_secretstore_srv_retr_contract: Some("none".into()),
+			arg_secretstore_doc_store_contract: Some("none".into()),
+			arg_secretstore_doc_sretr_contract: Some("none".into()),
 			arg_secretstore_secret: None,
 			arg_secretstore_admin_public: None,
 			arg_secretstore_nodes: "".into(),
+			arg_secretstore_server_set_contract: Some("registry".into()),
 			arg_secretstore_interface: "local".into(),
 			arg_secretstore_port: 8083u16,
 			arg_secretstore_http_interface: "local".into(),
@@ -1881,8 +1887,8 @@ mod tests {
 			secretstore: Some(SecretStore {
 				disable: None,
 				disable_http: None,
-				disable_acl_check: None,
 				disable_auto_migrate: None,
+				acl_contract: None,
 				service_contract: None,
 				service_contract_srv_gen: None,
 				service_contract_srv_retr: None,
@@ -1891,6 +1897,7 @@ mod tests {
 				self_secret: None,
 				admin_public: None,
 				nodes: None,
+				server_set_contract: None,
 				interface: None,
 				port: Some(8083),
 				http_interface: None,
diff --git a/parity/cli/tests/config.full.toml b/parity/cli/tests/config.full.toml
index fb3614aa96d..2bc8778d096 100644
--- a/parity/cli/tests/config.full.toml
+++ b/parity/cli/tests/config.full.toml
@@ -91,12 +91,13 @@ pass = "test_pass"
 [secretstore]
 disable = false
 disable_http = false
-disable_acl_check = false
+acl_contract = "registry"
 service_contract = "none"
 service_contract_srv_gen = "none"
 service_contract_srv_retr = "none"
 service_contract_doc_store = "none"
 service_contract_doc_sretr = "none"
+server_set_contract = "registry"
 nodes = []
 http_interface = "local"
 http_port = 8082
diff --git a/parity/configuration.rs b/parity/configuration.rs
index ec73046a49b..2b8bd820f18 100644
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@@ -604,8 +604,8 @@ impl Configuration {
 		Ok(SecretStoreConfiguration {
 			enabled: self.secretstore_enabled(),
 			http_enabled: self.secretstore_http_enabled(),
-			acl_check_enabled: self.secretstore_acl_check_enabled(),
 			auto_migrate_enabled: self.secretstore_auto_migrate_enabled(),
+			acl_check_contract_address: self.secretstore_acl_check_contract_address()?,
 			service_contract_address: self.secretstore_service_contract_address()?,
 			service_contract_srv_gen_address: self.secretstore_service_contract_srv_gen_address()?,
 			service_contract_srv_retr_address: self.secretstore_service_contract_srv_retr_address()?,
@@ -613,6 +613,7 @@ impl Configuration {
 			service_contract_doc_sretr_address: self.secretstore_service_contract_doc_sretr_address()?,
 			self_secret: self.secretstore_self_secret()?,
 			nodes: self.secretstore_nodes()?,
+			key_server_set_contract_address: self.secretstore_key_server_set_contract_address()?,
 			interface: self.secretstore_interface(),
 			port: self.args.arg_ports_shift + self.args.arg_secretstore_port,
 			http_interface: self.secretstore_http_interface(),
@@ -1099,14 +1100,14 @@ impl Configuration {
 		!self.args.flag_no_secretstore_http && cfg!(feature = "secretstore")
 	}
 
-	fn secretstore_acl_check_enabled(&self) -> bool {
-		!self.args.flag_no_secretstore_acl_check
-	}
-
 	fn secretstore_auto_migrate_enabled(&self) -> bool {
 		!self.args.flag_no_secretstore_auto_migrate
 	}
 
+	fn secretstore_acl_check_contract_address(&self) -> Result<Option<SecretStoreContractAddress>, String> {
+		into_secretstore_service_contract_address(self.args.arg_secretstore_acl_contract.as_ref())
+	}
+
 	fn secretstore_service_contract_address(&self) -> Result<Option<SecretStoreContractAddress>, String> {
 		into_secretstore_service_contract_address(self.args.arg_secretstore_contract.as_ref())
 	}
@@ -1127,6 +1128,10 @@ impl Configuration {
 		into_secretstore_service_contract_address(self.args.arg_secretstore_doc_sretr_contract.as_ref())
 	}
 
+	fn secretstore_key_server_set_contract_address(&self) -> Result<Option<SecretStoreContractAddress>, String> {
+		into_secretstore_service_contract_address(self.args.arg_secretstore_server_set_contract.as_ref())
+	}
+
 	fn verifier_settings(&self) -> VerifierSettings {
 		let mut settings = VerifierSettings::default();
 		settings.scale_verifiers = self.args.flag_scale_verifiers;
@@ -1145,11 +1150,11 @@ impl Configuration {
 	}
 }
 
-fn into_secretstore_service_contract_address(s: &str) -> Result<Option<SecretStoreContractAddress>, String> {
-	match s {
-		"none" => Ok(None),
-		"registry" => Ok(Some(SecretStoreContractAddress::Registry)),
-		a => Ok(Some(SecretStoreContractAddress::Address(a.parse().map_err(|e| format!("{}", e))?))),
+fn into_secretstore_service_contract_address(s: Option<&String>) -> Result<Option<SecretStoreContractAddress>, String> {
+	match s.map(String::as_str) {
+		None | Some("none") => Ok(None),
+		Some("registry") => Ok(Some(SecretStoreContractAddress::Registry)),
+		Some(a) => Ok(Some(SecretStoreContractAddress::Address(a.parse().map_err(|e| format!("{}", e))?))),
 	}
 }
 
diff --git a/parity/params.rs b/parity/params.rs
index 9ceac1e4f0d..9417c432264 100644
--- a/parity/params.rs
+++ b/parity/params.rs
@@ -33,6 +33,7 @@ pub enum SpecType {
 	Foundation,
 	Morden,
 	Ropsten,
+	Tobalaba,
 	Kovan,
 	Olympic,
 	Classic,
@@ -61,6 +62,7 @@ impl str::FromStr for SpecType {
 			"morden" | "classic-testnet" => SpecType::Morden,
 			"ropsten" => SpecType::Ropsten,
 			"kovan" | "testnet" => SpecType::Kovan,
+			"tobalaba" => SpecType::Tobalaba,
 			"olympic" => SpecType::Olympic,
 			"expanse" => SpecType::Expanse,
 			"musicoin" => SpecType::Musicoin,
@@ -88,6 +90,7 @@ impl fmt::Display for SpecType {
 			SpecType::Easthub => "easthub",
 			SpecType::Social => "social",
 			SpecType::Kovan => "kovan",
+			SpecType::Tobalaba => "tobalaba",
 			SpecType::Dev => "dev",
 			SpecType::Custom(ref custom) => custom,
 		})
@@ -108,6 +111,7 @@ impl SpecType {
 			SpecType::Ellaism => Ok(ethereum::new_ellaism(params)),
 			SpecType::Easthub => Ok(ethereum::new_easthub(params)),
 			SpecType::Social => Ok(ethereum::new_social(params)),
+			SpecType::Tobalaba => Ok(ethereum::new_tobalaba(params)),
 			SpecType::Kovan => Ok(ethereum::new_kovan(params)),
 			SpecType::Dev => Ok(Spec::new_instant()),
 			SpecType::Custom(ref filename) => {
diff --git a/parity/rpc_apis.rs b/parity/rpc_apis.rs
index ce30f3cd85e..31af69eaa06 100644
--- a/parity/rpc_apis.rs
+++ b/parity/rpc_apis.rs
@@ -304,7 +304,7 @@ impl FullDependencies {
 						let client = EthPubSubClient::new(self.client.clone(), self.remote.clone());
 						let h = client.handler();
 						self.miner.add_transactions_listener(Box::new(move |hashes| if let Some(h) = h.upgrade() {
-							h.new_transactions(hashes);
+							h.notify_new_transactions(hashes);
 						}));
 
 						if let Some(h) = client.handler().upgrade() {
@@ -525,7 +525,7 @@ impl<C: LightChainClient + 'static> LightDependencies<C> {
 					let h = client.handler();
 					self.transaction_queue.write().add_listener(Box::new(move |transactions| {
 						if let Some(h) = h.upgrade() {
-							h.new_transactions(transactions);
+							h.notify_new_transactions(transactions);
 						}
 					}));
 					handler.extend_with(EthPubSub::to_delegate(client));
diff --git a/parity/run.rs b/parity/run.rs
index cfb2fc693c8..04fb9232ca6 100644
--- a/parity/run.rs
+++ b/parity/run.rs
@@ -573,7 +573,7 @@ fn execute_impl<Cr, Rr>(cmd: RunCmd, logger: Arc<RotatingLogger>, on_client_rq:
 	let engine_signer = cmd.miner_extras.engine_signer;
 	if engine_signer != Default::default() {
 		// Check if engine signer exists
-		if !account_provider.has_account(engine_signer).unwrap_or(false) {
+		if !account_provider.has_account(engine_signer) {
 			return Err(format!("Consensus signer account not found for the current chain. {}", build_create_account_hint(&cmd.spec, &cmd.dirs.keys)));
 		}
 
@@ -1072,7 +1072,7 @@ fn prepare_account_provider(spec: &SpecType, dirs: &Directories, data_dir: &str,
 
 	for a in cfg.unlocked_accounts {
 		// Check if the account exists
-		if !account_provider.has_account(a).unwrap_or(false) {
+		if !account_provider.has_account(a) {
 			return Err(format!("Account {} not found for the current chain. {}", a, build_create_account_hint(spec, &dirs.keys)));
 		}
 
@@ -1097,7 +1097,7 @@ fn prepare_account_provider(spec: &SpecType, dirs: &Directories, data_dir: &str,
 fn insert_dev_account(account_provider: &AccountProvider) {
 	let secret: ethkey::Secret = "4d5db4107d237df6a3d58ee5f70ae63d73d7658d4026f2eefd2f204c81682cb7".into();
 	let dev_account = ethkey::KeyPair::from_secret(secret.clone()).expect("Valid secret produces valid key;qed");
-	if let Ok(false) = account_provider.has_account(dev_account.address()) {
+	if !account_provider.has_account(dev_account.address()) {
 		match account_provider.insert_account(secret, "") {
 			Err(e) => warn!("Unable to add development account: {}", e),
 			Ok(address) => {
diff --git a/parity/secretstore.rs b/parity/secretstore.rs
index 0723a1d0782..e018897bd78 100644
--- a/parity/secretstore.rs
+++ b/parity/secretstore.rs
@@ -50,10 +50,10 @@ pub struct Configuration {
 	pub enabled: bool,
 	/// Is HTTP API enabled?
 	pub http_enabled: bool,
-	/// Is ACL check enabled.
-	pub acl_check_enabled: bool,
 	/// Is auto migrate enabled.
 	pub auto_migrate_enabled: bool,
+	/// ACL check contract address.
+	pub acl_check_contract_address: Option<ContractAddress>,
 	/// Service contract address.
 	pub service_contract_address: Option<ContractAddress>,
 	/// Server key generation service contract address.
@@ -68,6 +68,8 @@ pub struct Configuration {
 	pub self_secret: Option<NodeSecretKey>,
 	/// Other nodes IDs + addresses.
 	pub nodes: BTreeMap<Public, (String, u16)>,
+	/// Key Server Set contract address. If None, 'nodes' map is used.
+	pub key_server_set_contract_address: Option<ContractAddress>,
 	/// Interface to listen to
 	pub interface: String,
 	/// Port to listen to
@@ -135,7 +137,7 @@ mod server {
 	impl KeyServer {
 		/// Create new key server
 		pub fn new(mut conf: Configuration, deps: Dependencies) -> Result<Self, String> {
-			if !conf.acl_check_enabled {
+			if conf.acl_check_contract_address.is_none() {
 				warn!("Running SecretStore with disabled ACL check: {}", Red.bold().paint("everyone has access to stored keys"));
 			}
 
@@ -144,7 +146,7 @@ mod server {
 					KeyPair::from_secret(secret).map_err(|e| format!("invalid secret: {}", e))?)),
 				Some(NodeSecretKey::KeyStore(account)) => {
 					// Check if account exists
-					if !deps.account_provider.has_account(account.clone()).unwrap_or(false) {
+					if !deps.account_provider.has_account(account.clone()) {
 						return Err(format!("Account {} passed as secret store node key is not found", account));
 					}
 
@@ -174,7 +176,7 @@ mod server {
 				service_contract_srv_retr_address: conf.service_contract_srv_retr_address.map(into_service_contract_address),
 				service_contract_doc_store_address: conf.service_contract_doc_store_address.map(into_service_contract_address),
 				service_contract_doc_sretr_address: conf.service_contract_doc_sretr_address.map(into_service_contract_address),
-				acl_check_enabled: conf.acl_check_enabled,
+				acl_check_contract_address: conf.acl_check_contract_address.map(into_service_contract_address),
 				cluster_config: ethcore_secretstore::ClusterConfiguration {
 					threads: 4,
 					listener_address: ethcore_secretstore::NodeAddress {
@@ -185,6 +187,7 @@ mod server {
 						address: ip,
 						port: port,
 					})).collect(),
+					key_server_set_contract_address: conf.key_server_set_contract_address.map(into_service_contract_address),
 					allow_connecting_to_higher_nodes: true,
 					admin_public: conf.admin_public,
 					auto_migrate_enabled: conf.auto_migrate_enabled,
@@ -212,8 +215,8 @@ impl Default for Configuration {
 		Configuration {
 			enabled: true,
 			http_enabled: true,
-			acl_check_enabled: true,
 			auto_migrate_enabled: true,
+			acl_check_contract_address: Some(ContractAddress::Registry),
 			service_contract_address: None,
 			service_contract_srv_gen_address: None,
 			service_contract_srv_retr_address: None,
@@ -222,6 +225,7 @@ impl Default for Configuration {
 			self_secret: None,
 			admin_public: None,
 			nodes: BTreeMap::new(),
+			key_server_set_contract_address: Some(ContractAddress::Registry),
 			interface: "127.0.0.1".to_owned(),
 			port: 8083,
 			http_interface: "127.0.0.1".to_owned(),
diff --git a/rpc/Cargo.toml b/rpc/Cargo.toml
index 8a0b689c655..d227f45f535 100644
--- a/rpc/Cargo.toml
+++ b/rpc/Cargo.toml
@@ -36,7 +36,7 @@ jsonrpc-macros = { git = "https://github.com/paritytech/jsonrpc.git", branch = "
 jsonrpc-pubsub = { git = "https://github.com/paritytech/jsonrpc.git", branch = "parity-1.11" }
 
 ethash = { path = "../ethash" }
-ethcore = { path = "../ethcore" }
+ethcore = { path = "../ethcore", features = ["test-helpers"] }
 ethcore-bytes = { path = "../util/bytes" }
 ethcore-crypto = { path = "../ethcore/crypto" }
 ethcore-devtools = { path = "../devtools" }
@@ -65,6 +65,7 @@ stats = { path = "../util/stats" }
 vm = { path = "../ethcore/vm" }
 
 [dev-dependencies]
+ethcore = { path = "../ethcore", features = ["test-helpers"] }
 ethcore-network = { path = "../util/network" }
 fake-fetch = { path = "../util/fake-fetch" }
 kvdb-memorydb = { path = "../util/kvdb-memorydb" }
diff --git a/rpc/src/v1/helpers/dispatch.rs b/rpc/src/v1/helpers/dispatch.rs
index 536a0cf9ceb..c88aa310031 100644
--- a/rpc/src/v1/helpers/dispatch.rs
+++ b/rpc/src/v1/helpers/dispatch.rs
@@ -238,7 +238,7 @@ pub fn fetch_gas_price_corpus(
 
 /// Returns a eth_sign-compatible hash of data to sign.
 /// The data is prepended with special message to prevent
-/// chosen-plaintext attacks.
+/// malicious DApps from using the function to sign forged transactions.
 pub fn eth_data_hash(mut data: Bytes) -> H256 {
 	let mut message_data =
 		format!("\x19Ethereum Signed Message:\n{}", data.len())
@@ -675,9 +675,16 @@ pub fn execute<D: Dispatcher + 'static>(
 		},
 		ConfirmationPayload::EthSignMessage(address, data) => {
 			if accounts.is_hardware_address(&address) {
-				return Box::new(future::err(errors::unsupported("Signing via hardware wallets is not supported.", None)));
-			}
+				let signature = accounts.sign_message_with_hardware(&address, &data)
+					.map(|s| H520(s.into_electrum()))
+					.map(RpcH520::from)
+					.map(ConfirmationResponse::Signature)
+					// TODO: is this correct? I guess the `token` is the wallet in this context
+					.map(WithToken::No)
+					.map_err(|e| errors::account("Error signing message with hardware_wallet", e));
 
+				return Box::new(future::done(signature));
+			}
 			let hash = eth_data_hash(data);
 			let res = signature(&accounts, address, hash, pass)
 				.map(|result| result
@@ -721,7 +728,7 @@ fn hardware_signature(accounts: &AccountProvider, address: Address, t: Transacti
 
 	let mut stream = rlp::RlpStream::new();
 	t.rlp_append_unsigned_transaction(&mut stream, chain_id);
-	let signature = accounts.sign_with_hardware(address, &t, chain_id, &stream.as_raw())
+	let signature = accounts.sign_transaction_with_hardware(&address, &t, chain_id, &stream.as_raw())
 		.map_err(|e| {
 			debug!(target: "miner", "Error signing transaction with hardware wallet: {}", e);
 			errors::account("Error signing transaction with hardware wallet", e)
diff --git a/rpc/src/v1/helpers/mod.rs b/rpc/src/v1/helpers/mod.rs
index 97b96675e4f..ce2babd0799 100644
--- a/rpc/src/v1/helpers/mod.rs
+++ b/rpc/src/v1/helpers/mod.rs
@@ -44,7 +44,7 @@ pub use self::requests::{
 	TransactionRequest, FilledTransactionRequest, ConfirmationRequest, ConfirmationPayload, CallRequest,
 };
 pub use self::signing_queue::{
-	ConfirmationsQueue, ConfirmationReceiver, ConfirmationResult,
+	ConfirmationsQueue, ConfirmationReceiver, ConfirmationResult, ConfirmationSender,
 	SigningQueue, QueueEvent, DefaultAccount,
 	QUEUE_LIMIT as SIGNING_QUEUE_LIMIT,
 };
diff --git a/rpc/src/v1/helpers/poll_filter.rs b/rpc/src/v1/helpers/poll_filter.rs
index c7284d6651f..a7e42bb4068 100644
--- a/rpc/src/v1/helpers/poll_filter.rs
+++ b/rpc/src/v1/helpers/poll_filter.rs
@@ -29,8 +29,8 @@ pub enum PollFilter {
 	Block(BlockNumber),
 	/// Hashes of all transactions which client was notified about.
 	PendingTransaction(Vec<H256>),
-	/// Number of From block number, pending logs and log filter itself.
-	Logs(BlockNumber, HashSet<Log>, Filter)
+	/// Number of From block number, last seen block hash, pending logs and log filter itself.
+	Logs(BlockNumber, Option<H256>, HashSet<Log>, Filter)
 }
 
 /// Returns only last `n` logs
diff --git a/rpc/src/v1/helpers/signing_queue.rs b/rpc/src/v1/helpers/signing_queue.rs
index c6a8048825d..17b26b01ebb 100644
--- a/rpc/src/v1/helpers/signing_queue.rs
+++ b/rpc/src/v1/helpers/signing_queue.rs
@@ -75,16 +75,17 @@ pub trait SigningQueue: Send + Sync {
 	/// `ConfirmationReceiver` is a `Future` awaiting for resolution of the given request.
 	fn add_request(&self, request: ConfirmationPayload, origin: Origin) -> Result<(U256, ConfirmationReceiver), QueueAddError>;
 
-	/// Removes a request from the queue.
 	/// Notifies possible token holders that request was rejected.
-	fn request_rejected(&self, id: U256) -> Option<ConfirmationRequest>;
+	fn request_rejected(&self, sender: ConfirmationSender) -> Option<ConfirmationRequest>;
 
-	/// Removes a request from the queue.
 	/// Notifies possible token holders that request was confirmed and given hash was assigned.
-	fn request_confirmed(&self, id: U256, result: ConfirmationResult) -> Option<ConfirmationRequest>;
+	fn request_confirmed(&self, sender: ConfirmationSender, result: ConfirmationResult) -> Option<ConfirmationRequest>;
 
-	/// Returns a request if it is contained in the queue.
-	fn peek(&self, id: &U256) -> Option<ConfirmationRequest>;
+	/// Put a request taken from `SigningQueue::take` back to the queue.
+	fn request_untouched(&self, sender: ConfirmationSender);
+
+	/// Returns and removes a request if it is contained in the queue.
+	fn take(&self, id: &U256) -> Option<ConfirmationSender>;
 
 	/// Return copy of all the requests in the queue.
 	fn requests(&self) -> Vec<ConfirmationRequest>;
@@ -96,9 +97,12 @@ pub trait SigningQueue: Send + Sync {
 	fn is_empty(&self) -> bool;
 }
 
-struct ConfirmationSender {
+/// Confirmation request information with result notifier.
+pub struct ConfirmationSender {
+	/// Confirmation request information.
+	pub request: ConfirmationRequest,
+
 	sender: oneshot::Sender<ConfirmationResult>,
-	request: ConfirmationRequest,
 }
 
 /// Receiving end of the Confirmation channel; can be used as a `Future` to await for `ConfirmationRequest`
@@ -122,38 +126,31 @@ impl ConfirmationsQueue {
 	/// Notifies consumer that the communcation is over.
 	/// No more events will be sent after this function is invoked.
 	pub fn finish(&self) {
-		self.notify(QueueEvent::Finish);
+		self.notify_message(QueueEvent::Finish);
 		self.on_event.write().clear();
 	}
 
+	/// Notifies `ConfirmationReceiver` holder about the result given a request.
+	fn notify_result(&self, sender: ConfirmationSender, result: Option<ConfirmationResult>) -> Option<ConfirmationRequest> {
+		// notify receiver about the event
+		self.notify_message(result.clone().map_or_else(
+			|| QueueEvent::RequestRejected(sender.request.id),
+			|_| QueueEvent::RequestConfirmed(sender.request.id)
+		));
+
+		// notify confirmation receiver about resolution
+		let result = result.ok_or(errors::request_rejected());
+		sender.sender.send(result);
+
+		Some(sender.request)
+	}
+
 	/// Notifies receiver about the event happening in this queue.
-	fn notify(&self, message: QueueEvent) {
+	fn notify_message(&self, message: QueueEvent) {
 		for listener in &*self.on_event.read() {
 			listener(message.clone())
 		}
 	}
-
-	/// Removes requests from this queue and notifies `ConfirmationReceiver` holder about the result.
-	/// Notifies also a receiver about that event.
-	fn remove(&self, id: U256, result: Option<ConfirmationResult>) -> Option<ConfirmationRequest> {
-		let sender = self.queue.write().remove(&id);
-
-		if let Some(sender) = sender {
-			// notify receiver about the event
-			self.notify(result.clone().map_or_else(
-				|| QueueEvent::RequestRejected(id),
-				|_| QueueEvent::RequestConfirmed(id)
-			));
-
-			// notify confirmation receiver about resolution
-			let result = result.ok_or(errors::request_rejected());
-			sender.sender.send(result);
-
-			Some(sender.request)
-		} else {
-			None
-		}
-	}
 }
 
 impl Drop for ConfirmationsQueue {
@@ -193,22 +190,26 @@ impl SigningQueue for ConfirmationsQueue {
 			(id, receiver)
 		};
 		// Notify listeners
-		self.notify(QueueEvent::NewRequest(id));
+		self.notify_message(QueueEvent::NewRequest(id));
 		Ok(res)
 	}
 
-	fn peek(&self, id: &U256) -> Option<ConfirmationRequest> {
-		self.queue.read().get(id).map(|sender| sender.request.clone())
+	fn take(&self, id: &U256) -> Option<ConfirmationSender> {
+		self.queue.write().remove(id)
+	}
+
+	fn request_rejected(&self, sender: ConfirmationSender) -> Option<ConfirmationRequest> {
+		debug!(target: "own_tx", "Signer: Request rejected ({:?}).", sender.request.id);
+		self.notify_result(sender, None)
 	}
 
-	fn request_rejected(&self, id: U256) -> Option<ConfirmationRequest> {
-		debug!(target: "own_tx", "Signer: Request rejected ({:?}).", id);
-		self.remove(id, None)
+	fn request_confirmed(&self, sender: ConfirmationSender, result: ConfirmationResult) -> Option<ConfirmationRequest> {
+		debug!(target: "own_tx", "Signer: Request confirmed ({:?}).", sender.request.id);
+		self.notify_result(sender, Some(result))
 	}
 
-	fn request_confirmed(&self, id: U256, result: ConfirmationResult) -> Option<ConfirmationRequest> {
-		debug!(target: "own_tx", "Signer: Transaction confirmed ({:?}).", id);
-		self.remove(id, Some(result))
+	fn request_untouched(&self, sender: ConfirmationSender) {
+		self.queue.write().insert(sender.request.id, sender);
 	}
 
 	fn requests(&self) -> Vec<ConfirmationRequest> {
@@ -260,7 +261,8 @@ mod test {
 
 		// when
 		let (id, future) = queue.add_request(request, Default::default()).unwrap();
-		queue.request_confirmed(id, Ok(ConfirmationResponse::SendTransaction(1.into())));
+		let sender = queue.take(&id).unwrap();
+		queue.request_confirmed(sender, Ok(ConfirmationResponse::SendTransaction(1.into())));
 
 		// then
 		let confirmation = future.wait().unwrap();
diff --git a/rpc/src/v1/impls/eth_filter.rs b/rpc/src/v1/impls/eth_filter.rs
index bbad2fe27d0..ed75eeb8674 100644
--- a/rpc/src/v1/impls/eth_filter.rs
+++ b/rpc/src/v1/impls/eth_filter.rs
@@ -39,7 +39,7 @@ pub trait Filterable {
 	fn best_block_number(&self) -> u64;
 
 	/// Get a block hash by block id.
-	fn block_hash(&self, id: BlockId) -> Option<RpcH256>;
+	fn block_hash(&self, id: BlockId) -> Option<H256>;
 
 	/// pending transaction hashes at the given block.
 	fn pending_transactions_hashes(&self) -> Vec<H256>;
@@ -52,6 +52,9 @@ pub trait Filterable {
 
 	/// Get a reference to the poll manager.
 	fn polls(&self) -> &Mutex<PollManager<PollFilter>>;
+
+	/// Get removed logs within route from the given block to the nearest canon block, not including the canon block. Also returns how many logs have been traversed.
+	fn removed_logs(&self, block_hash: H256, filter: &EthcoreFilter) -> (Vec<Log>, u64);
 }
 
 /// Eth filter rpc implementation for a full node.
@@ -80,12 +83,12 @@ impl<C, M> Filterable for EthFilterClient<C, M> where
 		self.client.chain_info().best_block_number
 	}
 
-	fn block_hash(&self, id: BlockId) -> Option<RpcH256> {
-		self.client.block_hash(id).map(Into::into)
+	fn block_hash(&self, id: BlockId) -> Option<H256> {
+		self.client.block_hash(id)
 	}
 
 	fn pending_transactions_hashes(&self) -> Vec<H256> {
-		self.miner.ready_transactions(&*self.client)
+		self.miner.ready_transactions(&*self.client, usize::max_value(), miner::PendingOrdering::Priority)
 			.into_iter()
 			.map(|tx| tx.signed().hash())
 			.collect()
@@ -100,13 +103,47 @@ impl<C, M> Filterable for EthFilterClient<C, M> where
 	}
 
 	fn polls(&self) -> &Mutex<PollManager<PollFilter>> { &self.polls }
+
+	fn removed_logs(&self, block_hash: H256, filter: &EthcoreFilter) -> (Vec<Log>, u64) {
+		let inner = || -> Option<Vec<H256>> {
+			let mut route = Vec::new();
+
+			let mut current_block_hash = block_hash;
+			let mut current_block_header = self.client.block_header(BlockId::Hash(current_block_hash))?;
+
+			while current_block_hash != self.client.block_hash(BlockId::Number(current_block_header.number()))? {
+				route.push(current_block_hash);
+
+				current_block_hash = current_block_header.parent_hash();
+				current_block_header = self.client.block_header(BlockId::Hash(current_block_hash))?;
+			}
+
+			Some(route)
+		};
+
+		let route = inner().unwrap_or_default();
+		let route_len = route.len() as u64;
+		(route.into_iter().flat_map(|block_hash| {
+			let mut filter = filter.clone();
+			filter.from_block = BlockId::Hash(block_hash);
+			filter.to_block = filter.from_block;
+
+			self.client.logs(filter).into_iter().map(|log| {
+				let mut log: Log = log.into();
+				log.log_type = "removed".into();
+				log.removed = true;
+
+				log
+			})
+		}).collect(), route_len)
+	}
 }
 
 impl<T: Filterable + Send + Sync + 'static> EthFilter for T {
 	fn new_filter(&self, filter: Filter) -> Result<RpcU256> {
 		let mut polls = self.polls().lock();
 		let block_number = self.best_block_number();
-		let id = polls.create_poll(PollFilter::Logs(block_number, Default::default(), filter));
+		let id = polls.create_poll(PollFilter::Logs(block_number, None, Default::default(), filter));
 		Ok(id.into())
 	}
 
@@ -134,7 +171,7 @@ impl<T: Filterable + Send + Sync + 'static> EthFilter for T {
 					let current_number = self.best_block_number() + 1;
 					let hashes = (*block_number..current_number).into_iter()
 						.map(BlockId::Number)
-						.filter_map(|id| self.block_hash(id))
+						.filter_map(|id| self.block_hash(id).map(Into::into))
 						.collect::<Vec<RpcH256>>();
 
 					*block_number = current_number;
@@ -164,7 +201,7 @@ impl<T: Filterable + Send + Sync + 'static> EthFilter for T {
 					// return new hashes
 					Either::A(future::ok(FilterChanges::Hashes(new_hashes)))
 				},
-				PollFilter::Logs(ref mut block_number, ref mut previous_logs, ref filter) => {
+				PollFilter::Logs(ref mut block_number, ref mut last_block_hash, ref mut previous_logs, ref filter) => {
 					// retrive the current block number
 					let current_number = self.best_block_number();
 
@@ -173,6 +210,11 @@ impl<T: Filterable + Send + Sync + 'static> EthFilter for T {
 
 					// build appropriate filter
 					let mut filter: EthcoreFilter = filter.clone().into();
+
+					// retrieve reorg logs
+					let (mut reorg, reorg_len) = last_block_hash.map_or_else(|| (Vec::new(), 0), |h| self.removed_logs(h, &filter));
+					*block_number -= reorg_len as u64;
+
 					filter.from_block = BlockId::Number(*block_number);
 					filter.to_block = BlockId::Latest;
 
@@ -198,9 +240,14 @@ impl<T: Filterable + Send + Sync + 'static> EthFilter for T {
 					// we want to get logs
 					*block_number = current_number + 1;
 
+					// save the current block hash, which we used to get back to the
+					// canon chain in case of reorg.
+					*last_block_hash = self.block_hash(BlockId::Number(current_number));
+
 					// retrieve logs in range from_block..min(BlockId::Latest..to_block)
 					let limit = filter.limit;
 					Either::B(self.logs(filter)
+						.map(move |logs| { reorg.extend(logs); reorg }) // append reorg logs in the front
 						.map(move |mut logs| { logs.extend(pending); logs }) // append fetched pending logs
 						.map(move |logs| limit_logs(logs, limit)) // limit the logs
 						.map(FilterChanges::Logs))
@@ -214,7 +261,7 @@ impl<T: Filterable + Send + Sync + 'static> EthFilter for T {
 			let mut polls = self.polls().lock();
 
 			match polls.poll(&index.value()) {
-				Some(&PollFilter::Logs(ref _block_number, ref _previous_log, ref filter)) => filter.clone(),
+				Some(&PollFilter::Logs(ref _block_number, ref _last_block_hash, ref _previous_log, ref filter)) => filter.clone(),
 				// just empty array
 				Some(_) => return Box::new(future::ok(Vec::new())),
 				None => return Box::new(future::err(errors::filter_not_found())),
diff --git a/rpc/src/v1/impls/eth_pubsub.rs b/rpc/src/v1/impls/eth_pubsub.rs
index 11fef2e0bd0..9f592b1fa79 100644
--- a/rpc/src/v1/impls/eth_pubsub.rs
+++ b/rpc/src/v1/impls/eth_pubsub.rs
@@ -175,7 +175,7 @@ impl<C> ChainNotificationHandler<C> {
 	}
 
 	/// Notify all subscribers about new transaction hashes.
-	pub fn new_transactions(&self, hashes: &[H256]) {
+	pub fn notify_new_transactions(&self, hashes: &[H256]) {
 		for subscriber in self.transactions_subscribers.read().values() {
 			for hash in hashes {
 				Self::notify(&self.remote, subscriber, pubsub::Result::TransactionHash((*hash).into()));
@@ -256,6 +256,7 @@ impl<C: BlockChainClient> ChainNotify for ChainNotificationHandler<C> {
 				&ChainRouteType::Retracted =>
 					Ok(self.client.logs(filter).into_iter().map(Into::into).map(|mut log: Log| {
 						log.log_type = "removed".into();
+						log.removed = true;
 						log
 					}).collect()),
 			}
diff --git a/rpc/src/v1/impls/light/eth.rs b/rpc/src/v1/impls/light/eth.rs
index 68afe649b86..fe4cd8613f9 100644
--- a/rpc/src/v1/impls/light/eth.rs
+++ b/rpc/src/v1/impls/light/eth.rs
@@ -529,8 +529,8 @@ impl<T: LightChainClient + 'static> Eth for EthClient<T> {
 impl<T: LightChainClient + 'static> Filterable for EthClient<T> {
 	fn best_block_number(&self) -> u64 { self.client.chain_info().best_block_number }
 
-	fn block_hash(&self, id: BlockId) -> Option<RpcH256> {
-		self.client.block_hash(id).map(Into::into)
+	fn block_hash(&self, id: BlockId) -> Option<::ethereum_types::H256> {
+		self.client.block_hash(id)
 	}
 
 	fn pending_transactions_hashes(&self) -> Vec<::ethereum_types::H256> {
@@ -548,6 +548,10 @@ impl<T: LightChainClient + 'static> Filterable for EthClient<T> {
 	fn polls(&self) -> &Mutex<PollManager<PollFilter>> {
 		&self.polls
 	}
+
+	fn removed_logs(&self, _block_hash: ::ethereum_types::H256, _filter: &EthcoreFilter) -> (Vec<Log>, u64) {
+		(Default::default(), 0)
+	}
 }
 
 fn extract_uncle_at_index<T: LightChainClient>(block: encoded::Block, index: Index, client: Arc<T>) -> Option<RichBlock> {
diff --git a/rpc/src/v1/impls/light/parity.rs b/rpc/src/v1/impls/light/parity.rs
index 91db00ca309..6e93132b922 100644
--- a/rpc/src/v1/impls/light/parity.rs
+++ b/rpc/src/v1/impls/light/parity.rs
@@ -264,12 +264,13 @@ impl Parity for ParityClient {
 			.map(Into::into)
 	}
 
-	fn pending_transactions(&self) -> Result<Vec<Transaction>> {
+	fn pending_transactions(&self, limit: Trailing<usize>) -> Result<Vec<Transaction>> {
 		let txq = self.light_dispatch.transaction_queue.read();
 		let chain_info = self.light_dispatch.client.chain_info();
 		Ok(
 			txq.ready_transactions(chain_info.best_block_number, chain_info.best_block_timestamp)
 				.into_iter()
+				.take(limit.unwrap_or_else(usize::max_value))
 				.map(|tx| Transaction::from_pending(tx, chain_info.best_block_number, self.eip86_transition))
 				.collect::<Vec<_>>()
 		)
diff --git a/rpc/src/v1/impls/parity.rs b/rpc/src/v1/impls/parity.rs
index f18723eafe1..d7c26014edd 100644
--- a/rpc/src/v1/impls/parity.rs
+++ b/rpc/src/v1/impls/parity.rs
@@ -303,15 +303,19 @@ impl<C, M, U, S> Parity for ParityClient<C, M, U> where
 			.map(Into::into)
 	}
 
-	fn pending_transactions(&self) -> Result<Vec<Transaction>> {
+	fn pending_transactions(&self, limit: Trailing<usize>) -> Result<Vec<Transaction>> {
 		let block_number = self.client.chain_info().best_block_number;
-		let ready_transactions = self.miner.ready_transactions(&*self.client);
+		let ready_transactions = self.miner.ready_transactions(
+			&*self.client,
+			limit.unwrap_or_else(usize::max_value),
+			miner::PendingOrdering::Priority,
+		);
 
 		Ok(ready_transactions
 		   .into_iter()
 		   .map(|t| Transaction::from_pending(t.pending().clone(), block_number, self.eip86_transition))
 		   .collect()
-	  )
+		)
 	}
 
 	fn all_transactions(&self) -> Result<Vec<Transaction>> {
diff --git a/rpc/src/v1/impls/signer.rs b/rpc/src/v1/impls/signer.rs
index e679388cbf3..58c48bb32f5 100644
--- a/rpc/src/v1/impls/signer.rs
+++ b/rpc/src/v1/impls/signer.rs
@@ -86,11 +86,11 @@ impl<D: Dispatcher + 'static> SignerClient<D> {
 		let dispatcher = self.dispatcher.clone();
 		let signer = self.signer.clone();
 
-		Box::new(signer.peek(&id).map(|confirmation| {
-			let mut payload = confirmation.payload.clone();
+		Box::new(signer.take(&id).map(|sender| {
+			let mut payload = sender.request.payload.clone();
 			// Modify payload
 			if let ConfirmationPayload::SendTransaction(ref mut request) = payload {
-				if let Some(sender) = modification.sender.clone() {
+				if let Some(sender) = modification.sender {
 					request.from = sender.into();
 					// Altering sender should always reset the nonce.
 					request.nonce = None;
@@ -109,7 +109,9 @@ impl<D: Dispatcher + 'static> SignerClient<D> {
 			Either::A(fut.into_future().then(move |result| {
 				// Execute
 				if let Ok(ref response) = result {
-					signer.request_confirmed(id, Ok((*response).clone()));
+					signer.request_confirmed(sender, Ok((*response).clone()));
+				} else {
+					signer.request_untouched(sender);
 				}
 
 				result
@@ -188,8 +190,9 @@ impl<D: Dispatcher + 'static> Signer for SignerClient<D> {
 	fn confirm_request_raw(&self, id: U256, bytes: Bytes) -> Result<ConfirmationResponse> {
 		let id = id.into();
 
-		self.signer.peek(&id).map(|confirmation| {
-			let result = match confirmation.payload {
+		self.signer.take(&id).map(|sender| {
+			let payload = sender.request.payload.clone();
+			let result = match payload {
 				ConfirmationPayload::SendTransaction(request) => {
 					Self::verify_transaction(bytes, request, |pending_transaction| {
 						self.dispatcher.dispatch_transaction(pending_transaction)
@@ -218,14 +221,16 @@ impl<D: Dispatcher + 'static> Signer for SignerClient<D> {
 				},
 			};
 			if let Ok(ref response) = result {
-				self.signer.request_confirmed(id, Ok(response.clone()));
+				self.signer.request_confirmed(sender, Ok(response.clone()));
+			} else {
+				self.signer.request_untouched(sender);
 			}
 			result
 		}).unwrap_or_else(|| Err(errors::invalid_params("Unknown RequestID", id)))
 	}
 
 	fn reject_request(&self, id: U256) -> Result<bool> {
-		let res = self.signer.request_rejected(id.into());
+		let res = self.signer.take(&id.into()).map(|sender| self.signer.request_rejected(sender));
 		Ok(res.is_some())
 	}
 
diff --git a/rpc/src/v1/tests/helpers/miner_service.rs b/rpc/src/v1/tests/helpers/miner_service.rs
index 90201e346a5..8d0ec23ae1c 100644
--- a/rpc/src/v1/tests/helpers/miner_service.rs
+++ b/rpc/src/v1/tests/helpers/miner_service.rs
@@ -27,7 +27,7 @@ use ethcore::engines::EthEngine;
 use ethcore::error::Error;
 use ethcore::header::{BlockNumber, Header};
 use ethcore::ids::BlockId;
-use ethcore::miner::{MinerService, AuthoringParams};
+use ethcore::miner::{self, MinerService, AuthoringParams};
 use ethcore::receipt::{Receipt, RichReceipt};
 use ethereum_types::{H256, U256, Address};
 use miner::pool::local_transactions::Status as LocalTransactionStatus;
@@ -208,7 +208,7 @@ impl MinerService for TestMinerService {
 		self.local_transactions.lock().iter().map(|(hash, stats)| (*hash, stats.clone())).collect()
 	}
 
-	fn ready_transactions<C>(&self, _chain: &C) -> Vec<Arc<VerifiedTransaction>> {
+	fn ready_transactions<C>(&self, _chain: &C, _max_len: usize, _ordering: miner::PendingOrdering) -> Vec<Arc<VerifiedTransaction>> {
 		self.queued_transactions()
 	}
 
diff --git a/rpc/src/v1/tests/mocked/eth.rs b/rpc/src/v1/tests/mocked/eth.rs
index c0ed3306fee..e7c05d56fa0 100644
--- a/rpc/src/v1/tests/mocked/eth.rs
+++ b/rpc/src/v1/tests/mocked/eth.rs
@@ -224,8 +224,8 @@ fn rpc_eth_logs() {
 	let request2 = r#"{"jsonrpc": "2.0", "method": "eth_getLogs", "params": [{"limit":1}], "id": 1}"#;
 	let request3 = r#"{"jsonrpc": "2.0", "method": "eth_getLogs", "params": [{"limit":0}], "id": 1}"#;
 
-	let response1 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x0","topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"mined"},{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
-	let response2 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
+	let response1 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x0","removed":false,"topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"mined"},{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","removed":false,"topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
+	let response2 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","removed":false,"topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
 	let response3 = r#"{"jsonrpc":"2.0","result":[],"id":1}"#;
 
 	assert_eq!(tester.io.handle_request_sync(request1), Some(response1.to_owned()));
@@ -274,8 +274,8 @@ fn rpc_logs_filter() {
 
 	let request_changes1 = r#"{"jsonrpc": "2.0", "method": "eth_getFilterChanges", "params": ["0x0"], "id": 1}"#;
 	let request_changes2 = r#"{"jsonrpc": "2.0", "method": "eth_getFilterChanges", "params": ["0x1"], "id": 1}"#;
-	let response1 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x0","topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"mined"},{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
-	let response2 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
+	let response1 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x0","removed":false,"topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"mined"},{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","removed":false,"topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
+	let response2 = r#"{"jsonrpc":"2.0","result":[{"address":"0x0000000000000000000000000000000000000000","blockHash":"0x0000000000000000000000000000000000000000000000000000000000000000","blockNumber":"0x1","data":"0x010203","logIndex":"0x1","removed":false,"topics":[],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x1","type":"mined"}],"id":1}"#;
 
 	assert_eq!(tester.io.handle_request_sync(request_changes1), Some(response1.to_owned()));
 	assert_eq!(tester.io.handle_request_sync(request_changes2), Some(response2.to_owned()));
@@ -1043,7 +1043,7 @@ fn rpc_eth_transaction_receipt() {
 		"params": ["0xb903239f8543d04b5dc1ba6579132b143087c68db1b2168786408fcbce568238"],
 		"id": 1
 	}"#;
-	let response = r#"{"jsonrpc":"2.0","result":{"blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","contractAddress":null,"cumulativeGasUsed":"0x20","from":"0xb60e8dd61c5d32be8058bb8eb970870f07233155","gasUsed":"0x10","logs":[{"address":"0x33990122638b9132ca29c723bdf037f1a891a70c","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","data":"0x","logIndex":"0x1","topics":["0xa6697e974e6a320f454390be03f74955e8978f1a6971ea6730542e37b66179bc","0x4861736852656700000000000000000000000000000000000000000000000000"],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"mined"}],"logsBloom":"0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","root":"0x0000000000000000000000000000000000000000000000000000000000000000","status":null,"to":"0xd46e8dd67c5d32be8058bb8eb970870f07244567","transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0"},"id":1}"#;
+	let response = r#"{"jsonrpc":"2.0","result":{"blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","contractAddress":null,"cumulativeGasUsed":"0x20","from":"0xb60e8dd61c5d32be8058bb8eb970870f07233155","gasUsed":"0x10","logs":[{"address":"0x33990122638b9132ca29c723bdf037f1a891a70c","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","data":"0x","logIndex":"0x1","removed":false,"topics":["0xa6697e974e6a320f454390be03f74955e8978f1a6971ea6730542e37b66179bc","0x4861736852656700000000000000000000000000000000000000000000000000"],"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"mined"}],"logsBloom":"0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","root":"0x0000000000000000000000000000000000000000000000000000000000000000","status":null,"to":"0xd46e8dd67c5d32be8058bb8eb970870f07244567","transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0"},"id":1}"#;
 
 	assert_eq!(tester.io.handle_request_sync(request), Some(response.to_owned()));
 }
diff --git a/rpc/src/v1/tests/mocked/eth_pubsub.rs b/rpc/src/v1/tests/mocked/eth_pubsub.rs
index 0d886fe2f1f..9233435bf41 100644
--- a/rpc/src/v1/tests/mocked/eth_pubsub.rs
+++ b/rpc/src/v1/tests/mocked/eth_pubsub.rs
@@ -131,7 +131,7 @@ fn should_subscribe_to_logs() {
 	// Check notifications (enacted)
 	handler.new_blocks(vec![], vec![], ChainRoute::new(vec![(h1, ChainRouteType::Enacted)]), vec![], vec![], DURATION_ZERO);
 	let (res, receiver) = receiver.into_future().wait().unwrap();
-	let response = r#"{"jsonrpc":"2.0","method":"eth_subscription","params":{"result":{"address":"0x0000000000000000000000000000000000000005","blockHash":"0x3457d2fa2e3dd33c78ac681cf542e429becf718859053448748383af67e23218","blockNumber":"0x1","data":"0x","logIndex":"0x0","topics":["0x0000000000000000000000000000000000000000000000000000000000000001","0x0000000000000000000000000000000000000000000000000000000000000002","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000"],"transactionHash":""#.to_owned()
+	let response = r#"{"jsonrpc":"2.0","method":"eth_subscription","params":{"result":{"address":"0x0000000000000000000000000000000000000005","blockHash":"0x3457d2fa2e3dd33c78ac681cf542e429becf718859053448748383af67e23218","blockNumber":"0x1","data":"0x","logIndex":"0x0","removed":false,"topics":["0x0000000000000000000000000000000000000000000000000000000000000001","0x0000000000000000000000000000000000000000000000000000000000000002","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000"],"transactionHash":""#.to_owned()
 		+ &format!("0x{:x}", tx_hash)
 		+ r#"","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"mined"},"subscription":"0x416d77337e24399d"}}"#;
 	assert_eq!(res, Some(response.into()));
@@ -139,7 +139,7 @@ fn should_subscribe_to_logs() {
 	// Check notifications (retracted)
 	handler.new_blocks(vec![], vec![], ChainRoute::new(vec![(h1, ChainRouteType::Retracted)]), vec![], vec![], DURATION_ZERO);
 	let (res, receiver) = receiver.into_future().wait().unwrap();
-	let response = r#"{"jsonrpc":"2.0","method":"eth_subscription","params":{"result":{"address":"0x0000000000000000000000000000000000000005","blockHash":"0x3457d2fa2e3dd33c78ac681cf542e429becf718859053448748383af67e23218","blockNumber":"0x1","data":"0x","logIndex":"0x0","topics":["0x0000000000000000000000000000000000000000000000000000000000000001","0x0000000000000000000000000000000000000000000000000000000000000002","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000"],"transactionHash":""#.to_owned()
+	let response = r#"{"jsonrpc":"2.0","method":"eth_subscription","params":{"result":{"address":"0x0000000000000000000000000000000000000005","blockHash":"0x3457d2fa2e3dd33c78ac681cf542e429becf718859053448748383af67e23218","blockNumber":"0x1","data":"0x","logIndex":"0x0","removed":true,"topics":["0x0000000000000000000000000000000000000000000000000000000000000001","0x0000000000000000000000000000000000000000000000000000000000000002","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000"],"transactionHash":""#.to_owned()
 		+ &format!("0x{:x}", tx_hash)
 		+ r#"","transactionIndex":"0x0","transactionLogIndex":"0x0","type":"removed"},"subscription":"0x416d77337e24399d"}}"#;
 	assert_eq!(res, Some(response.into()));
@@ -181,7 +181,7 @@ fn should_subscribe_to_pending_transactions() {
 	assert_eq!(io.handle_request_sync(request, metadata.clone()), Some(response.to_owned()));
 
 	// Send new transactions
-	handler.new_transactions(&[5.into(), 7.into()]);
+	handler.notify_new_transactions(&[5.into(), 7.into()]);
 
 	let (res, receiver) = receiver.into_future().wait().unwrap();
 	let response = r#"{"jsonrpc":"2.0","method":"eth_subscription","params":{"result":"0x0000000000000000000000000000000000000000000000000000000000000005","subscription":"0x416d77337e24399d"}}"#;
diff --git a/rpc/src/v1/tests/mocked/signing.rs b/rpc/src/v1/tests/mocked/signing.rs
index ba9fa6d4b67..42d20bbf83d 100644
--- a/rpc/src/v1/tests/mocked/signing.rs
+++ b/rpc/src/v1/tests/mocked/signing.rs
@@ -109,7 +109,8 @@ fn should_add_sign_to_queue() {
 	::std::thread::spawn(move || loop {
 		if signer.requests().len() == 1 {
 			// respond
-			signer.request_confirmed(1.into(), Ok(ConfirmationResponse::Signature(0.into())));
+			let sender = signer.take(&1.into()).unwrap();
+			signer.request_confirmed(sender, Ok(ConfirmationResponse::Signature(0.into())));
 			break
 		}
 		::std::thread::sleep(Duration::from_millis(100))
@@ -187,7 +188,8 @@ fn should_check_status_of_request_when_its_resolved() {
 		"id": 1
 	}"#;
 	tester.io.handle_request_sync(&request).expect("Sent");
-	tester.signer.request_confirmed(1.into(), Ok(ConfirmationResponse::Signature(1.into())));
+	let sender = tester.signer.take(&1.into()).unwrap();
+	tester.signer.request_confirmed(sender, Ok(ConfirmationResponse::Signature(1.into())));
 
 	// This is not ideal, but we need to give futures some time to be executed, and they need to run in a separate thread
 	thread::sleep(Duration::from_millis(20));
@@ -258,7 +260,8 @@ fn should_add_transaction_to_queue() {
 	::std::thread::spawn(move || loop {
 		if signer.requests().len() == 1 {
 			// respond
-			signer.request_confirmed(1.into(), Ok(ConfirmationResponse::SendTransaction(0.into())));
+			let sender = signer.take(&1.into()).unwrap();
+			signer.request_confirmed(sender, Ok(ConfirmationResponse::SendTransaction(0.into())));
 			break
 		}
 		::std::thread::sleep(Duration::from_millis(100))
@@ -334,7 +337,8 @@ fn should_add_sign_transaction_to_the_queue() {
 	::std::thread::spawn(move || loop {
 		if signer.requests().len() == 1 {
 			// respond
-			signer.request_confirmed(1.into(), Ok(ConfirmationResponse::SignTransaction(
+			let sender = signer.take(&1.into()).unwrap();
+			signer.request_confirmed(sender, Ok(ConfirmationResponse::SignTransaction(
 				RichRawTransaction::from_signed(t.into(), 0x0, u64::max_value())
 			)));
 			break
@@ -440,7 +444,8 @@ fn should_add_decryption_to_the_queue() {
 	::std::thread::spawn(move || loop {
 		if signer.requests().len() == 1 {
 			// respond
-			signer.request_confirmed(1.into(), Ok(ConfirmationResponse::Decrypt(vec![0x1, 0x2].into())));
+			let sender = signer.take(&1.into()).unwrap();
+			signer.request_confirmed(sender, Ok(ConfirmationResponse::Decrypt(vec![0x1, 0x2].into())));
 			break
 		}
 		::std::thread::sleep(Duration::from_millis(10))
diff --git a/rpc/src/v1/traits/parity.rs b/rpc/src/v1/traits/parity.rs
index f78cf8052eb..1b9a7d09f5b 100644
--- a/rpc/src/v1/traits/parity.rs
+++ b/rpc/src/v1/traits/parity.rs
@@ -141,7 +141,7 @@ build_rpc_trait! {
 
 		/// Returns all pending transactions from transaction queue.
 		#[rpc(name = "parity_pendingTransactions")]
-		fn pending_transactions(&self) -> Result<Vec<Transaction>>;
+		fn pending_transactions(&self, Trailing<usize>) -> Result<Vec<Transaction>>;
 
 		/// Returns all transactions from transaction queue.
 		///
diff --git a/rpc/src/v1/types/log.rs b/rpc/src/v1/types/log.rs
index 1d3335bcada..950b649d7d0 100644
--- a/rpc/src/v1/types/log.rs
+++ b/rpc/src/v1/types/log.rs
@@ -47,6 +47,9 @@ pub struct Log {
 	/// Log Type
 	#[serde(rename="type")]
 	pub log_type: String,
+	/// Whether Log Type is Removed (Geth Compatibility Field)
+	#[serde(default)]
+	pub removed: bool,
 }
 
 impl From<LocalizedLogEntry> for Log {
@@ -62,6 +65,7 @@ impl From<LocalizedLogEntry> for Log {
 			log_index: Some(e.log_index.into()),
 			transaction_log_index: Some(e.transaction_log_index.into()),
 			log_type: "mined".to_owned(),
+			removed: false,
 		}
 	}
 }
@@ -79,6 +83,7 @@ impl From<LogEntry> for Log {
 			log_index: None,
 			transaction_log_index: None,
 			log_type: "pending".to_owned(),
+			removed: false,
 		}
 	}
 }
@@ -91,7 +96,7 @@ mod tests {
 
 	#[test]
 	fn log_serialization() {
-		let s = r#"{"address":"0x33990122638b9132ca29c723bdf037f1a891a70c","topics":["0xa6697e974e6a320f454390be03f74955e8978f1a6971ea6730542e37b66179bc","0x4861736852656700000000000000000000000000000000000000000000000000"],"data":"0x","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","logIndex":"0x1","transactionLogIndex":"0x1","type":"mined"}"#;
+		let s = r#"{"address":"0x33990122638b9132ca29c723bdf037f1a891a70c","topics":["0xa6697e974e6a320f454390be03f74955e8978f1a6971ea6730542e37b66179bc","0x4861736852656700000000000000000000000000000000000000000000000000"],"data":"0x","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","logIndex":"0x1","transactionLogIndex":"0x1","type":"mined","removed":false}"#;
 
 		let log = Log {
 			address: H160::from_str("33990122638b9132ca29c723bdf037f1a891a70c").unwrap(),
@@ -107,6 +112,7 @@ mod tests {
 			transaction_log_index: Some(1.into()),
 			log_index: Some(U256::from(1)),
 			log_type: "mined".to_owned(),
+			removed: false,
 		};
 
 		let serialized = serde_json::to_string(&log).unwrap();
diff --git a/rpc/src/v1/types/receipt.rs b/rpc/src/v1/types/receipt.rs
index e46b640f148..9688f7d3716 100644
--- a/rpc/src/v1/types/receipt.rs
+++ b/rpc/src/v1/types/receipt.rs
@@ -141,7 +141,7 @@ mod tests {
 
 	#[test]
 	fn receipt_serialization() {
-		let s = r#"{"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","from":null,"to":null,"blockNumber":"0x4510c","cumulativeGasUsed":"0x20","gasUsed":"0x10","contractAddress":null,"logs":[{"address":"0x33990122638b9132ca29c723bdf037f1a891a70c","topics":["0xa6697e974e6a320f454390be03f74955e8978f1a6971ea6730542e37b66179bc","0x4861736852656700000000000000000000000000000000000000000000000000"],"data":"0x","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","logIndex":"0x1","transactionLogIndex":null,"type":"mined"}],"root":"0x000000000000000000000000000000000000000000000000000000000000000a","logsBloom":"0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f","status":"0x1"}"#;
+		let s = r#"{"transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","from":null,"to":null,"blockNumber":"0x4510c","cumulativeGasUsed":"0x20","gasUsed":"0x10","contractAddress":null,"logs":[{"address":"0x33990122638b9132ca29c723bdf037f1a891a70c","topics":["0xa6697e974e6a320f454390be03f74955e8978f1a6971ea6730542e37b66179bc","0x4861736852656700000000000000000000000000000000000000000000000000"],"data":"0x","blockHash":"0xed76641c68a1c641aee09a94b3b471f4dc0316efe5ac19cf488e2674cf8d05b5","blockNumber":"0x4510c","transactionHash":"0x0000000000000000000000000000000000000000000000000000000000000000","transactionIndex":"0x0","logIndex":"0x1","transactionLogIndex":null,"type":"mined","removed":false}],"root":"0x000000000000000000000000000000000000000000000000000000000000000a","logsBloom":"0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f","status":"0x1"}"#;
 
 		let receipt = Receipt {
 			from: None,
@@ -167,6 +167,7 @@ mod tests {
 				transaction_log_index: None,
 				log_index: Some(1.into()),
 				log_type: "mined".into(),
+				removed: false,
 			}],
 			logs_bloom: 15.into(),
 			state_root: Some(10.into()),
diff --git a/scripts/gitlab-build.sh b/scripts/gitlab-build.sh
index a06c7a34b92..08640e2300d 100755
--- a/scripts/gitlab-build.sh
+++ b/scripts/gitlab-build.sh
@@ -22,9 +22,8 @@ echo "Parity version:     " $VER
 echo "Branch:             " $CI_BUILD_REF_NAME
 echo "--------------------"
 
-# NOTE for md5 and sha256 we want to display filename as well
+# NOTE for sha256 we want to display filename as well
 # hence we use --* instead of -p *
-MD5_BIN="rhash --md5"
 SHA256_BIN="rhash --sha256"
 
 set_env () {
@@ -76,22 +75,16 @@ calculate_checksums () {
   echo "Checksum calculation:"
   rhash --version
 
-  rm -rf *.md5
   rm -rf *.sha256
 
   BIN="target/$PLATFORM/release/parity$S3WIN"
   export SHA3="$($BIN tools hash $BIN)"
 
   echo "Parity file SHA3: $SHA3"
-  $MD5_BIN target/$PLATFORM/release/parity$S3WIN > parity$S3WIN.md5
   $SHA256_BIN target/$PLATFORM/release/parity$S3WIN > parity$S3WIN.sha256
-  $MD5_BIN target/$PLATFORM/release/parity-evm$S3WIN > parity-evm$S3WIN.md5
   $SHA256_BIN target/$PLATFORM/release/parity-evm$S3WIN > parity-evm$S3WIN.sha256
-  $MD5_BIN target/$PLATFORM/release/ethstore$S3WIN > ethstore$S3WIN.md5
   $SHA256_BIN target/$PLATFORM/release/ethstore$S3WIN > ethstore$S3WIN.sha256
-  $MD5_BIN target/$PLATFORM/release/ethkey$S3WIN > ethkey$S3WIN.md5
   $SHA256_BIN target/$PLATFORM/release/ethkey$S3WIN > ethkey$S3WIN.sha256
-  $MD5_BIN target/$PLATFORM/release/whisper$S3WIN > whisper$S3WIN.md5
   $SHA256_BIN target/$PLATFORM/release/whisper$S3WIN > whisper$S3WIN.sha256
 }
 make_deb () {
@@ -128,7 +121,6 @@ make_deb () {
   cp target/$PLATFORM/release/ethkey deb/usr/bin/ethkey
   cp target/$PLATFORM/release/whisper deb/usr/bin/whisper
   dpkg-deb -b deb "parity_"$VER"_"$IDENT"_"$ARC".deb"
-  $MD5_BIN "parity_"$VER"_"$IDENT"_"$ARC".deb" > "parity_"$VER"_"$IDENT"_"$ARC".deb.md5"
   $SHA256_BIN "parity_"$VER"_"$IDENT"_"$ARC".deb" > "parity_"$VER"_"$IDENT"_"$ARC".deb.sha256"
 }
 make_rpm () {
@@ -143,25 +135,8 @@ make_rpm () {
   rm -rf "parity-"$VER"-1."$ARC".rpm" || true
   fpm -s dir -t rpm -n parity -v $VER --epoch 1 --license GPLv3 -d openssl --provides parity --url https://parity.io --vendor "Parity Technologies" -a x86_64 -m "<devops@parity.io>" --description "Ethereum network client by Parity Technologies" -C /install/
   cp "parity-"$VER"-1."$ARC".rpm" "parity_"$VER"_"$IDENT"_"$ARC".rpm"
-  $MD5_BIN "parity_"$VER"_"$IDENT"_"$ARC".rpm" > "parity_"$VER"_"$IDENT"_"$ARC".rpm.md5"
   $SHA256_BIN "parity_"$VER"_"$IDENT"_"$ARC".rpm" > "parity_"$VER"_"$IDENT"_"$ARC".rpm.sha256"
 }
-make_pkg () {
-  echo "make PKG"
-  cp target/$PLATFORM/release/parity target/release/parity
-  cp target/$PLATFORM/release/parity-evm target/release/parity-evm
-  cp target/$PLATFORM/release/ethstore target/release/ethstore
-  cp target/$PLATFORM/release/ethkey target/release/ethkey
-  cp target/$PLATFORM/release/whisper target/release/whisper
-  cd mac
-  xcodebuild -configuration Release
-  cd ..
-  packagesbuild -v mac/Parity.pkgproj
-  productsign --sign 'Developer ID Installer: PARITY TECHNOLOGIES LIMITED (P2PX3JU8FT)' target/release/Parity\ Ethereum.pkg target/release/Parity\ Ethereum-signed.pkg
-  mv target/release/Parity\ Ethereum-signed.pkg "parity_"$VER"_"$IDENT"_"$ARC".pkg"
-  $MD5_BIN "parity_"$VER"_"$IDENT"_"$ARC"."$EXT >> "parity_"$VER"_"$IDENT"_"$ARC".pkg.md5"
-  $SHA256_BIN "parity_"$VER"_"$IDENT"_"$ARC"."$EXT >> "parity_"$VER"_"$IDENT"_"$ARC".pkg.sha256"
-}
 sign_exe () {
   ./sign.cmd $keyfile $certpass "target/$PLATFORM/release/parity.exe"
 }
@@ -177,25 +152,20 @@ push_binaries () {
   fi
   aws s3 rm --recursive s3://$S3_BUCKET/$CI_BUILD_REF_NAME/$BUILD_PLATFORM
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/parity$S3WIN --body target/$PLATFORM/release/parity$S3WIN
-  aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/parity$S3WIN.md5 --body parity$S3WIN.md5
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/parity$S3WIN.sha256 --body parity$S3WIN.sha256
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/parity-evm$S3WIN --body target/$PLATFORM/release/parity-evm$S3WIN
-  aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/parity-evm$S3WIN.md5 --body parity-evm$S3WIN.md5
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/parity-evm$S3WIN.sha256 --body parity-evm$S3WIN.sha256
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/ethstore$S3WIN --body target/$PLATFORM/release/ethstore$S3WIN
-  aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/ethstore$S3WIN.md5 --body ethstore$S3WIN.md5
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/ethstore$S3WIN.sha256 --body ethstore$S3WIN.sha256
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/ethkey$S3WIN --body target/$PLATFORM/release/ethkey$S3WIN
-  aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/ethkey$S3WIN.md5 --body ethkey$S3WIN.md5
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/ethkey$S3WIN.sha256 --body ethkey$S3WIN.sha256
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/whisper$S3WIN --body target/$PLATFORM/release/whisper$S3WIN
-  aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/whisper$S3WIN.md5 --body whisper$S3WIN.md5
   aws s3api put-object --bucket $S3_BUCKET --key $CI_BUILD_REF_NAME/$BUILD_PLATFORM/whisper$S3WIN.sha256 --body whisper$S3WIN.sha256
 }
 make_archive () {
   echo "add artifacts to archive"
   rm -rf parity.zip
-  zip -r parity.zip target/$PLATFORM/release/parity$S3WIN target/$PLATFORM/release/parity-evm$S3WIN target/$PLATFORM/release/ethstore$S3WIN target/$PLATFORM/release/ethkey$S3WIN target/$PLATFORM/release/whisper$S3WIN parity$S3WIN.md5 parity-evm$S3WIN.md5 ethstore$S3WIN.md5 ethkey$S3WIN.md5 whisper$S3WIN.md5 parity$S3WIN.sha256 parity-evm$S3WIN.sha256 ethstore$S3WIN.sha256 ethkey$S3WIN.sha256 whisper$S3WIN.sha256
+  zip -r parity.zip target/$PLATFORM/release/parity$S3WIN target/$PLATFORM/release/parity-evm$S3WIN target/$PLATFORM/release/ethstore$S3WIN target/$PLATFORM/release/ethkey$S3WIN target/$PLATFORM/release/whisper$S3WIN parity$S3WIN.sha256 parity-evm$S3WIN.sha256 ethstore$S3WIN.sha256 ethkey$S3WIN.sha256 whisper$S3WIN.sha256
 }
 
 updater_push_release () {
@@ -291,11 +261,9 @@ case $BUILD_PLATFORM in
   x86_64-apple-darwin)
     STRIP_BIN="strip"
     PLATFORM="x86_64-apple-darwin"
-    EXT="pkg"
     build
     strip_binaries
     calculate_checksums
-    make_pkg
     make_archive
     push_binaries
     updater_push_release
@@ -326,11 +294,10 @@ case $BUILD_PLATFORM in
     snapcraft push "parity_"$VER"_amd64.snap"
     snapcraft status parity
     snapcraft logout
-    $MD5_BIN "parity_"$VER"_amd64.snap" > "parity_"$VER"_amd64.snap.md5"
     $SHA256_BIN "parity_"$VER"_amd64.snap" > "parity_"$VER"_amd64.snap.sha256"
     echo "add artifacts to archive"
     rm -rf parity.zip
-    zip -r parity.zip "parity_"$VER"_amd64.snap" "parity_"$VER"_amd64.snap.md5" "parity_"$VER"_amd64.snap.sha256"
+    zip -r parity.zip "parity_"$VER"_amd64.snap" "parity_"$VER"_amd64.snap.sha256"
     ;;
   x86_64-pc-windows-msvc)
     set_env_win
diff --git a/secret_store/Cargo.toml b/secret_store/Cargo.toml
index 261658903cc..a8aed831273 100644
--- a/secret_store/Cargo.toml
+++ b/secret_store/Cargo.toml
@@ -39,5 +39,6 @@ ethabi-derive = "5.0"
 ethabi-contract = "5.0"
 
 [dev-dependencies]
+ethcore = { path = "../ethcore", features = ["test-helpers"] }
 tempdir = "0.3"
 kvdb-rocksdb = { path = "../util/kvdb-rocksdb" }
diff --git a/secret_store/src/acl_storage.rs b/secret_store/src/acl_storage.rs
index 10b58a9c745..efc01f03071 100644
--- a/secret_store/src/acl_storage.rs
+++ b/secret_store/src/acl_storage.rs
@@ -18,11 +18,11 @@ use std::sync::Arc;
 use std::collections::{HashMap, HashSet};
 use std::time::Duration;
 use parking_lot::{Mutex, RwLock};
-use ethcore::client::{BlockId, ChainNotify, ChainRoute, CallContract, RegistryInfo};
+use ethcore::client::{BlockId, ChainNotify, ChainRoute, CallContract};
 use ethereum_types::{H256, Address};
 use bytes::Bytes;
 use trusted_client::TrustedClient;
-use types::{Error, ServerKeyId};
+use types::{Error, ServerKeyId, ContractAddress};
 
 use_contract!(acl_storage, "AclStorage", "res/acl_storage.json");
 
@@ -44,8 +44,10 @@ pub struct OnChainAclStorage {
 struct CachedContract {
 	/// Blockchain client.
 	client: TrustedClient,
-	/// Contract address.
-	contract_addr: Option<Address>,
+	/// Contract address source.
+	address_source: ContractAddress,
+	/// Current contract address.
+	contract_address: Option<Address>,
 	/// Contract at given address.
 	contract: acl_storage::AclStorage,
 }
@@ -57,10 +59,10 @@ pub struct DummyAclStorage {
 }
 
 impl OnChainAclStorage {
-	pub fn new(trusted_client: TrustedClient) -> Result<Arc<Self>, Error> {
+	pub fn new(trusted_client: TrustedClient, address_source: ContractAddress) -> Result<Arc<Self>, Error> {
 		let client = trusted_client.get_untrusted();
 		let acl_storage = Arc::new(OnChainAclStorage {
-			contract: Mutex::new(CachedContract::new(trusted_client)),
+			contract: Mutex::new(CachedContract::new(trusted_client, address_source)),
 		});
 		client
 			.ok_or_else(|| Error::Internal("Constructing OnChainAclStorage without active Client".into()))?
@@ -78,36 +80,37 @@ impl AclStorage for OnChainAclStorage {
 impl ChainNotify for OnChainAclStorage {
 	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, route: ChainRoute, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: Duration) {
 		if !route.enacted().is_empty() || !route.retracted().is_empty() {
-			self.contract.lock().update()
+			self.contract.lock().update_contract_address()
 		}
 	}
 }
 
 impl CachedContract {
-	pub fn new(client: TrustedClient) -> Self {
-		CachedContract {
+	pub fn new(client: TrustedClient, address_source: ContractAddress) -> Self {
+		let mut contract = CachedContract {
 			client,
-			contract_addr: None,
+			address_source,
+			contract_address: None,
 			contract: acl_storage::AclStorage::default(),
-		}
+		};
+		contract.update_contract_address();
+		contract
 	}
 
-	pub fn update(&mut self) {
-		if let Some(client) = self.client.get() {
-			match client.registry_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.to_owned(), BlockId::Latest) {
-				Some(new_contract_addr) if Some(new_contract_addr).as_ref() != self.contract_addr.as_ref() => {
-					trace!(target: "secretstore", "Configuring for ACL checker contract from {}", new_contract_addr);
-					self.contract_addr = Some(new_contract_addr);
-				},
-				Some(_) | None => ()
-			}
+	pub fn update_contract_address(&mut self) {
+		let contract_address = self.client.read_contract_address(ACL_CHECKER_CONTRACT_REGISTRY_NAME.into(), &self.address_source);
+		if contract_address != self.contract_address {
+			trace!(target: "secretstore", "Configuring for ACL checker contract from address {:?}",
+				contract_address);
+
+			self.contract_address = contract_address;
 		}
 	}
 
 	pub fn check(&mut self, requester: Address, document: &ServerKeyId) -> Result<bool, Error> {
 		if let Some(client) = self.client.get() {
-			// call contract to check access
-			match self.contract_addr {
+			// call contract to check accesss
+			match self.contract_address {
 				Some(contract_address) => {
 					let do_call = |data| client.call_contract(BlockId::Latest, contract_address, data);
 					self.contract.functions()
diff --git a/secret_store/src/key_server.rs b/secret_store/src/key_server.rs
index 099d8aa4518..3b241997763 100644
--- a/secret_store/src/key_server.rs
+++ b/secret_store/src/key_server.rs
@@ -303,6 +303,7 @@ pub mod tests {
 						address: "127.0.0.1".into(),
 						port: start_port + (j as u16),
 					})).collect(),
+				key_server_set_contract_address: None,
 				allow_connecting_to_higher_nodes: false,
 				admin_public: None,
 				auto_migrate_enabled: false,
@@ -312,7 +313,7 @@ pub mod tests {
 			.collect();
 		let key_storages = (0..num_nodes).map(|_| Arc::new(DummyKeyStorage::default())).collect::<Vec<_>>();
 		let key_servers: Vec<_> = configs.into_iter().enumerate().map(|(i, cfg)|
-			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(key_servers_set.clone())),
+			KeyServerImpl::new(&cfg, Arc::new(MapKeyServerSet::new(false, key_servers_set.clone())),
 				Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
 				Arc::new(DummyAclStorage::default()),
 				key_storages[i].clone()).unwrap()
diff --git a/secret_store/src/key_server_cluster/admin_sessions/key_version_negotiation_session.rs b/secret_store/src/key_server_cluster/admin_sessions/key_version_negotiation_session.rs
index 9aeb5ca34d1..4839ac41e80 100644
--- a/secret_store/src/key_server_cluster/admin_sessions/key_version_negotiation_session.rs
+++ b/secret_store/src/key_server_cluster/admin_sessions/key_version_negotiation_session.rs
@@ -25,7 +25,8 @@ use key_server_cluster::cluster_sessions::{SessionIdWithSubSession, ClusterSessi
 use key_server_cluster::decryption_session::SessionImpl as DecryptionSession;
 use key_server_cluster::signing_session_ecdsa::SessionImpl as EcdsaSigningSession;
 use key_server_cluster::signing_session_schnorr::SessionImpl as SchnorrSigningSession;
-use key_server_cluster::message::{Message, KeyVersionNegotiationMessage, RequestKeyVersions, KeyVersions};
+use key_server_cluster::message::{Message, KeyVersionNegotiationMessage, RequestKeyVersions,
+	KeyVersions, KeyVersionsError, FailedKeyVersionContinueAction};
 use key_server_cluster::admin_sessions::ShareChangeSessionMeta;
 
 // TODO [Opt]: change sessions so that versions are sent by chunks.
@@ -34,6 +35,8 @@ const VERSIONS_PER_MESSAGE: usize = 32;
 
 /// Key version negotiation transport.
 pub trait SessionTransport {
+	/// Broadcast message to all nodes.
+	fn broadcast(&self, message: KeyVersionNegotiationMessage) -> Result<(), Error>;
 	/// Send message to given node.
 	fn send(&self, node: &NodeId, message: KeyVersionNegotiationMessage) -> Result<(), Error>;
 }
@@ -63,6 +66,13 @@ pub enum ContinueAction {
 	EcdsaSign(Arc<EcdsaSigningSession>, H256),
 }
 
+/// Failed action after key version is negotiated.
+#[derive(Clone, Debug, PartialEq)]
+pub enum FailedContinueAction {
+	/// Decryption origin + requester.
+	Decrypt(Option<Address>, Address),
+}
+
 /// Immutable session data.
 struct SessionCore<T: SessionTransport> {
 	/// Session meta.
@@ -92,9 +102,11 @@ struct SessionData {
 	/// { Version => Nodes }
 	pub versions: Option<BTreeMap<H256, BTreeSet<NodeId>>>,
 	/// Session result.
-	pub result: Option<Result<(H256, NodeId), Error>>,
+	pub result: Option<Result<Option<(H256, NodeId)>, Error>>,
 	/// Continue action.
 	pub continue_with: Option<ContinueAction>,
+	/// Failed continue action (reported in error message by master node).
+	pub failed_continue_with: Option<FailedContinueAction>,
 }
 
 /// SessionImpl creation parameters
@@ -155,6 +167,7 @@ pub struct LargestSupportResultComputer;
 impl<T> SessionImpl<T> where T: SessionTransport {
 	/// Create new session.
 	pub fn new(params: SessionParams<T>) -> Self {
+		let threshold = params.key_share.as_ref().map(|key_share| key_share.threshold);
 		SessionImpl {
 			core: SessionCore {
 				meta: params.meta,
@@ -168,10 +181,11 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 			data: Mutex::new(SessionData {
 				state: SessionState::WaitingForInitialization,
 				confirmations: None,
-				threshold: None,
+				threshold: threshold,
 				versions: None,
 				result: None,
 				continue_with: None,
+				failed_continue_with: None,
 			})
 		}
 	}
@@ -183,7 +197,8 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 
 	/// Return key threshold.
 	pub fn key_threshold(&self) -> Result<usize, Error> {
-		Ok(self.data.lock().threshold.clone().ok_or(Error::InvalidStateForRequest)?)
+		self.data.lock().threshold.clone()
+			.ok_or(Error::InvalidStateForRequest)
 	}
 
 	/// Return result computer reference.
@@ -203,8 +218,13 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		self.data.lock().continue_with.take()
 	}
 
+	/// Take failed continue action.
+	pub fn take_failed_continue_action(&self) -> Option<FailedContinueAction> {
+		self.data.lock().failed_continue_with.take()
+	}
+
 	/// Wait for session completion.
-	pub fn wait(&self) -> Result<(H256, NodeId), Error> {
+	pub fn wait(&self) -> Result<Option<(H256, NodeId)>, Error> {
 		Self::wait_session(&self.core.completed, &self.data, None, |data| data.result.clone())
 			.expect("wait_session returns Some if called without timeout; qed")
 	}
@@ -270,6 +290,12 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 			&KeyVersionNegotiationMessage::KeyVersions(ref message) =>
 				self.on_key_versions(sender, message),
 			&KeyVersionNegotiationMessage::KeyVersionsError(ref message) => {
+				// remember failed continue action
+				if let Some(FailedKeyVersionContinueAction::Decrypt(Some(ref origin), ref requester)) = message.continue_with {
+					self.data.lock().failed_continue_with =
+						Some(FailedContinueAction::Decrypt(Some(origin.clone().into()), requester.clone().into()));
+				}
+
 				self.on_session_error(sender, message.error.clone());
 				Ok(())
 			},
@@ -309,6 +335,8 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 
 		// update state
 		data.state = SessionState::Finished;
+		data.result = Some(Ok(None));
+		self.core.completed.notify_all();
 
 		Ok(())
 	}
@@ -361,8 +389,47 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		let confirmations = data.confirmations.as_ref().expect(reason);
 		let versions = data.versions.as_ref().expect(reason);
 		if let Some(result) = core.result_computer.compute_result(data.threshold.clone(), confirmations, versions) {
+			// when the master node processing decryption service request, it starts with a key version negotiation session
+			// if the negotiation fails, only master node knows about it
+			// => if the error is fatal, only the master will know about it and report it to the contract && the request will never be rejected
+			// => let's broadcast fatal error so that every other node know about it, and, if it trusts to master node
+			// will report error to the contract
+			if let (Some(continue_with), Err(error)) = (data.continue_with.as_ref(), result.as_ref()) {
+				let origin = match *continue_with {
+					ContinueAction::Decrypt(_, origin, _, _) => origin.clone(),
+					_ => None,
+				};
+
+				let requester = match *continue_with {
+					ContinueAction::Decrypt(ref session, _, _, _) => session.requester().and_then(|r| r.address(&core.meta.id).ok()),
+					_ => None,
+				};
+
+				if origin.is_some() && requester.is_some() && !error.is_non_fatal() {
+					let requester = requester.expect("checked in above condition; qed");
+					data.failed_continue_with =
+						Some(FailedContinueAction::Decrypt(origin.clone(), requester.clone()));
+
+					let send_result = core.transport.broadcast(KeyVersionNegotiationMessage::KeyVersionsError(KeyVersionsError {
+						session: core.meta.id.clone().into(),
+						sub_session: core.sub_session.clone().into(),
+						session_nonce: core.nonce,
+						error: error.clone(),
+						continue_with: Some(FailedKeyVersionContinueAction::Decrypt(
+							origin.map(Into::into),
+							requester.into(),
+						)),
+					}));
+
+					if let Err(send_error) = send_result {
+						warn!(target: "secretstore_net", "{}: failed to broadcast key version negotiation error {}: {}",
+							core.meta.self_node_id, error, send_error);
+					}
+				}
+			}
+
 			data.state = SessionState::Finished;
-			data.result = Some(result);
+			data.result = Some(result.map(Some));
 			core.completed.notify_all();
 		}
 	}
@@ -390,7 +457,7 @@ impl<T> ClusterSession for SessionImpl<T> where T: SessionTransport {
 			data.confirmations.as_mut().expect("checked a line above; qed").clear();
 			Self::try_complete(&self.core, &mut *data);
 			if data.state != SessionState::Finished {
-				warn!("{}: key version negotiation session failed with timeout", self.core.meta.self_node_id);
+				warn!(target: "secretstore_net", "{}: key version negotiation session failed with timeout", self.core.meta.self_node_id);
 
 				data.result = Some(Err(Error::ConsensusTemporaryUnreachable));
 				self.core.completed.notify_all();
@@ -407,17 +474,22 @@ impl<T> ClusterSession for SessionImpl<T> where T: SessionTransport {
 
 		if data.confirmations.is_some() {
 			let is_waiting_for_confirmation = data.confirmations.as_mut().expect("checked a line above; qed").remove(node);
-			if is_waiting_for_confirmation {
-				Self::try_complete(&self.core, &mut *data);
-				if data.state != SessionState::Finished {
-					warn!("{}: key version negotiation session failed because {} connection has timeouted", self.core.meta.self_node_id, node);
-
-					data.state = SessionState::Finished;
-					data.result = Some(Err(error));
-					self.core.completed.notify_all();
-				}
+			if !is_waiting_for_confirmation {
+				return;
+			}
+
+			Self::try_complete(&self.core, &mut *data);
+			if data.state == SessionState::Finished {
+				return;
 			}
 		}
+
+		warn!(target: "secretstore_net", "{}: key version negotiation session failed because of {} from {}",
+			self.core.meta.self_node_id, error, node);
+
+		data.state = SessionState::Finished;
+		data.result = Some(Err(error));
+		self.core.completed.notify_all();
 	}
 
 	fn on_message(&self, sender: &NodeId, message: &Message) -> Result<(), Error> {
@@ -429,6 +501,10 @@ impl<T> ClusterSession for SessionImpl<T> where T: SessionTransport {
 }
 
 impl SessionTransport for IsolatedSessionTransport {
+	fn broadcast(&self, message: KeyVersionNegotiationMessage) -> Result<(), Error> {
+		self.cluster.broadcast(Message::KeyVersionNegotiation(message))
+	}
+
 	fn send(&self, node: &NodeId, message: KeyVersionNegotiationMessage) -> Result<(), Error> {
 		self.cluster.send(node, Message::KeyVersionNegotiation(message))
 	}
@@ -514,20 +590,28 @@ impl SessionResultComputer for LargestSupportResultComputer {
 mod tests {
 	use std::sync::Arc;
 	use std::collections::{VecDeque, BTreeMap, BTreeSet};
-	use key_server_cluster::{NodeId, SessionId, Error, KeyStorage, DummyKeyStorage, DocumentKeyShare, DocumentKeyShareVersion};
+	use ethkey::public_to_address;
+	use key_server_cluster::{NodeId, SessionId, Error, KeyStorage, DummyKeyStorage,
+		DocumentKeyShare, DocumentKeyShareVersion};
 	use key_server_cluster::math;
 	use key_server_cluster::cluster::Cluster;
 	use key_server_cluster::cluster::tests::DummyCluster;
+	use key_server_cluster::cluster_sessions::ClusterSession;
 	use key_server_cluster::admin_sessions::ShareChangeSessionMeta;
+	use key_server_cluster::decryption_session::create_default_decryption_session;
 	use key_server_cluster::message::{Message, KeyVersionNegotiationMessage, RequestKeyVersions, KeyVersions};
 	use super::{SessionImpl, SessionTransport, SessionParams, FastestResultComputer, LargestSupportResultComputer,
-		SessionResultComputer, SessionState};
+		SessionResultComputer, SessionState, ContinueAction, FailedContinueAction};
 
 	struct DummyTransport {
 		cluster: Arc<DummyCluster>,
 	}
 
 	impl SessionTransport for DummyTransport {
+		fn broadcast(&self, message: KeyVersionNegotiationMessage) -> Result<(), Error> {
+			self.cluster.broadcast(Message::KeyVersionNegotiation(message))
+		}
+
 		fn send(&self, node: &NodeId, message: KeyVersionNegotiationMessage) -> Result<(), Error> {
 			self.cluster.send(node, Message::KeyVersionNegotiation(message))
 		}
@@ -600,6 +684,27 @@ mod tests {
 		pub fn session(&self, idx: usize) -> &SessionImpl<DummyTransport> {
 			&self.nodes.values().nth(idx).unwrap().session
 		}
+
+		pub fn take_message(&mut self) -> Option<(NodeId, NodeId, Message)> {
+			self.nodes.values()
+				.filter_map(|n| n.cluster.take_message().map(|m| (n.session.meta().self_node_id.clone(), m.0, m.1)))
+				.nth(0)
+				.or_else(|| self.queue.pop_front())
+		}
+
+		pub fn process_message(&mut self, msg: (NodeId, NodeId, Message)) -> Result<(), Error> {
+			match msg.2 {
+				Message::KeyVersionNegotiation(message) =>
+					self.nodes[&msg.1].session.process_message(&msg.0, &message),
+				_ => panic!("unexpected"),
+			}
+		}
+
+		pub fn run(&mut self) {
+			while let Some((from, to, message)) = self.take_message() {
+				self.process_message((from, to, message)).unwrap();
+			}
+		}
 	}
 
 	#[test]
@@ -739,6 +844,9 @@ mod tests {
 		ml.session(0).initialize(ml.nodes.keys().cloned().collect()).unwrap();
 		// we can't be sure that node has given key version because previous ShareAdd session could fail
 		assert!(ml.session(0).data.lock().state != SessionState::Finished);
+
+		// check that upon completion, threshold is known
+		assert_eq!(ml.session(0).key_threshold(), Ok(1));
 	}
 
 	#[test]
@@ -757,4 +865,30 @@ mod tests {
 		let computer = LargestSupportResultComputer;
 		assert_eq!(computer.compute_result(Some(10), &Default::default(), &Default::default()), Some(Err(Error::ServerKeyIsNotFound)));
 	}
+
+	#[test]
+	fn fatal_error_is_not_broadcasted_if_started_without_origin() {
+		let mut ml = MessageLoop::empty(3);
+		ml.session(0).set_continue_action(ContinueAction::Decrypt(create_default_decryption_session(), None, false, false));
+		ml.session(0).initialize(ml.nodes.keys().cloned().collect()).unwrap();
+		ml.run();
+
+		assert!(ml.nodes.values().all(|n| n.session.is_finished() &&
+			n.session.take_failed_continue_action().is_none()));
+	}
+
+	#[test]
+	fn fatal_error_is_broadcasted_if_started_with_origin() {
+		let mut ml = MessageLoop::empty(3);
+		ml.session(0).set_continue_action(ContinueAction::Decrypt(create_default_decryption_session(), Some(1.into()), true, true));
+		ml.session(0).initialize(ml.nodes.keys().cloned().collect()).unwrap();
+		ml.run();
+
+		// on all nodes session is completed
+		assert!(ml.nodes.values().all(|n| n.session.is_finished()));
+
+		// slave nodes have non-empty failed continue action
+		assert!(ml.nodes.values().skip(1).all(|n| n.session.take_failed_continue_action()
+			== Some(FailedContinueAction::Decrypt(Some(1.into()), public_to_address(&2.into())))));
+	}
 }
diff --git a/secret_store/src/key_server_cluster/admin_sessions/servers_set_change_session.rs b/secret_store/src/key_server_cluster/admin_sessions/servers_set_change_session.rs
index 01cb03131e2..af612c3d9aa 100644
--- a/secret_store/src/key_server_cluster/admin_sessions/servers_set_change_session.rs
+++ b/secret_store/src/key_server_cluster/admin_sessions/servers_set_change_session.rs
@@ -249,10 +249,16 @@ impl SessionImpl {
 		})?;
 
 		consensus_session.initialize(self.core.all_nodes_set.clone())?;
-		debug_assert!(consensus_session.state() != ConsensusSessionState::ConsensusEstablished);
+
+		let is_finished = consensus_session.state() == ConsensusSessionState::ConsensusEstablished;
 		data.consensus_session = Some(consensus_session);
 		data.new_nodes_set = Some(new_nodes_set);
 
+		// this is the case when all other nodes are isolated
+		if is_finished {
+			Self::complete_session(&self.core, &mut *data)?;
+		}
+
 		Ok(())
 	}
 
@@ -483,6 +489,7 @@ impl SessionImpl {
 			false => {
 				let master_plan = ShareChangeSessionPlan {
 					key_version: message.version.clone().into(),
+					version_holders: message.version_holders.iter().cloned().map(Into::into).collect(),
 					consensus_group: message.consensus_group.iter().cloned().map(Into::into).collect(),
 					new_nodes_map: message.new_nodes_map.iter().map(|(k, v)| (k.clone().into(), v.clone().map(Into::into))).collect(),
 				};
@@ -496,22 +503,20 @@ impl SessionImpl {
 				let master_node_id = message.master_node_id.clone().into();
 				if let Some(key_share) = self.core.key_storage.get(&key_id)? {
 					let version = message.version.clone().into();
-					if let Ok(key_version) = key_share.version(&version) {
-						let key_share_owners = key_version.id_numbers.keys().cloned().collect();
-						let new_nodes_set = data.new_nodes_set.as_ref()
-							.expect("new_nodes_set is filled during consensus establishing; change sessions are running after this; qed");
-						let local_plan = prepare_share_change_session_plan(
-							&self.core.all_nodes_set,
-							key_share.threshold,
-							&key_id,
-							version,
-							&master_node_id,
-							&key_share_owners,
-							new_nodes_set)?;
-
-						if local_plan.new_nodes_map.keys().collect::<BTreeSet<_>>() != master_plan.new_nodes_map.keys().collect::<BTreeSet<_>>() {
-							return Err(Error::InvalidMessage);
-						}
+					let key_share_owners = message.version_holders.iter().cloned().map(Into::into).collect();
+					let new_nodes_set = data.new_nodes_set.as_ref()
+						.expect("new_nodes_set is filled during consensus establishing; change sessions are running after this; qed");
+					let local_plan = prepare_share_change_session_plan(
+						&self.core.all_nodes_set,
+						key_share.threshold,
+						&key_id,
+						version,
+						&master_node_id,
+						&key_share_owners,
+						new_nodes_set)?;
+
+					if local_plan.new_nodes_map.keys().collect::<BTreeSet<_>>() != master_plan.new_nodes_map.keys().collect::<BTreeSet<_>>() {
+						return Err(Error::InvalidMessage);
 					}
 				}
 
@@ -791,7 +796,9 @@ impl SessionImpl {
 		// get selected version && old nodes set from key negotiation session
 		let negotiation_session = data.negotiation_sessions.remove(&key_id)
 			.expect("share change session is only initialized when negotiation is completed; qed");
-		let (selected_version, selected_master) = negotiation_session.wait()?;
+		let (selected_version, selected_master) = negotiation_session
+			.wait()?
+			.expect("initialize_share_change_session is only called on share change master; negotiation session completes with some on master; qed");
 		let selected_version_holders = negotiation_session.version_holders(&selected_version)?;
 		let selected_version_threshold = negotiation_session.key_threshold()?;
 
@@ -818,6 +825,7 @@ impl SessionImpl {
 			session_nonce: core.nonce,
 			key_id: key_id.clone().into(),
 			version: selected_version.into(),
+			version_holders: old_nodes_set.iter().cloned().map(Into::into).collect(),
 			master_node_id: selected_master.clone().into(),
 			consensus_group: session_plan.consensus_group.iter().cloned().map(Into::into).collect(),
 			new_nodes_map: session_plan.new_nodes_map.iter()
@@ -942,7 +950,8 @@ impl ClusterSession for SessionImpl {
 
 		let mut data = self.data.lock();
 
-		warn!("{}: servers set change session failed: {} on {}", self.core.meta.self_node_id, error, node);
+		warn!(target: "secretstore_net", "{}: servers set change session failed: {} on {}",
+			self.core.meta.self_node_id, error, node);
 
 		data.state = SessionState::Finished;
 		data.result = Some(Err(error));
@@ -1007,6 +1016,14 @@ impl JobTransport for UnknownSessionsJobTransport {
 }
 
 impl KeyVersionNegotiationTransport for ServersSetChangeKeyVersionNegotiationTransport {
+	fn broadcast(&self, message: KeyVersionNegotiationMessage) -> Result<(), Error> {
+		self.cluster.broadcast(Message::ServersSetChange(ServersSetChangeMessage::ShareChangeKeyVersionNegotiation(ShareChangeKeyVersionNegotiation {
+			session: self.id.clone().into(),
+			session_nonce: self.nonce,
+			message: message,
+		})))
+	}
+
 	fn send(&self, node: &NodeId, message: KeyVersionNegotiationMessage) -> Result<(), Error> {
 		self.cluster.send(node, Message::ServersSetChange(ServersSetChangeMessage::ShareChangeKeyVersionNegotiation(ShareChangeKeyVersionNegotiation {
 			session: self.id.clone().into(),
@@ -1343,4 +1360,48 @@ pub mod tests {
 		// check that all sessions have finished
 		assert!(ml.nodes.iter().filter(|&(k, _)| !nodes_to_remove.contains(k)).all(|(_, n)| n.session.is_finished()));
 	}
+
+	#[test]
+	fn removing_node_from_cluster_of_2_works() {
+		// initial 2-of-2 session
+		let gml = generate_key(1, generate_nodes_ids(2));
+		let master_node_id = gml.nodes.keys().cloned().nth(0).unwrap();
+
+		// make 2nd node isolated so that key becomes irrecoverable (make sure the session is completed, even though key is irrecoverable)
+		let nodes_to_isolate: BTreeSet<_> = gml.nodes.keys().cloned().skip(1).take(1).collect();
+		let new_nodes_set: BTreeSet<_> = gml.nodes.keys().cloned().filter(|n| !nodes_to_isolate.contains(&n)).collect();
+		let mut ml = MessageLoop::new(&gml, master_node_id, None, BTreeSet::new(), BTreeSet::new(), nodes_to_isolate.clone());
+		ml.nodes[&master_node_id].session.initialize(new_nodes_set, ml.all_set_signature.clone(), ml.new_set_signature.clone()).unwrap();
+		ml.run();
+
+		// check that session on master node has completed (session on 2nd node is not even started in network mode)
+		assert!(ml.nodes.values().take(1).all(|n| n.session.is_finished()));
+	}
+
+	#[test]
+	fn adding_node_that_has_lost_its_database_works() {
+		// initial 2-of-2 session
+		let gml = generate_key(1, generate_nodes_ids(2));
+		let master_node_id = gml.nodes.keys().cloned().nth(0).unwrap();
+
+		// insert 1 node so that it becames 2-of-3 session
+		let nodes_to_add: BTreeSet<_> = (0..1).map(|_| Random.generate().unwrap().public().clone()).collect();
+		let mut ml = MessageLoop::new(&gml, master_node_id, None, nodes_to_add.clone(), BTreeSet::new(), BTreeSet::new());
+		ml.nodes[&master_node_id].session.initialize(ml.nodes.keys().cloned().collect(), ml.all_set_signature.clone(), ml.new_set_signature.clone()).unwrap();
+		ml.run();
+
+		// now let's say new node has lost its db and we're trying to join it again
+		ml.nodes[nodes_to_add.iter().nth(0).unwrap()].key_storage.clear().unwrap();
+
+		// this time old nodes have version, where new node is mentioned, but it doesn't report it when negotiating
+		let mut ml = MessageLoop::new(&gml, master_node_id, None, nodes_to_add, BTreeSet::new(), BTreeSet::new());
+		ml.nodes[&master_node_id].session.initialize(ml.nodes.keys().cloned().collect(), ml.all_set_signature.clone(), ml.new_set_signature.clone()).unwrap();
+		ml.run();
+
+		// try to recover secret for every possible combination of nodes && check that secret is the same
+		check_secret_is_preserved(ml.original_key_pair.clone(), ml.nodes.iter().map(|(k, v)| (k.clone(), v.key_storage.clone())).collect());
+
+		// check that all sessions have finished
+		assert!(ml.nodes.values().all(|n| n.session.is_finished()));
+	}
 }
diff --git a/secret_store/src/key_server_cluster/admin_sessions/share_add_session.rs b/secret_store/src/key_server_cluster/admin_sessions/share_add_session.rs
index 4b79473b56d..51a027dca38 100644
--- a/secret_store/src/key_server_cluster/admin_sessions/share_add_session.rs
+++ b/secret_store/src/key_server_cluster/admin_sessions/share_add_session.rs
@@ -39,7 +39,7 @@ pub trait SessionTransport: Clone + JobTransport<PartialJobRequest=ServersSetCha
 	/// Send message to given node.
 	fn send(&self, node: &NodeId, message: ShareAddMessage) -> Result<(), Error>;
 	/// Set data for master node (sent to slave nodes in consensus session initialization message).
-	fn set_master_data(&mut self, consensus_group: BTreeSet<NodeId>, id_numbers: BTreeMap<NodeId, Option<Secret>>);
+	fn set_master_data(&mut self, consensus_group: BTreeSet<NodeId>, version_holders: BTreeSet<NodeId>, id_numbers: BTreeMap<NodeId, Option<Secret>>);
 }
 
 /// Share addition session.
@@ -86,6 +86,8 @@ struct SessionData<T: SessionTransport> {
 	pub version: Option<H256>,
 	/// Consensus session.
 	pub consensus_session: Option<ShareAddChangeConsensusSession<T>>,
+	/// Holders of key version.
+	pub version_holders: Option<BTreeSet<NodeId>>,
 	/// NewKeyShare (for nodes being added).
 	pub new_key_share: Option<NewKeyShare>,
 	/// Nodes id numbers.
@@ -144,6 +146,8 @@ pub struct IsolatedSessionTransport {
 	version: Option<H256>,
 	/// Session-level nonce.
 	nonce: u64,
+	/// Holders of key version.
+	version_holders: Option<BTreeSet<NodeId>>,
 	/// Consensus group.
 	consensus_group: Option<BTreeSet<NodeId>>,
 	/// Id numbers of all new nodes.
@@ -171,6 +175,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 				state: SessionState::ConsensusEstablishing,
 				version: None,
 				consensus_session: None,
+				version_holders: None,
 				new_key_share: None,
 				id_numbers: None,
 				secret_subshares: None,
@@ -180,7 +185,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 	}
 
 	/// Set pre-established consensus data.
-	pub fn set_consensus_output(&self, version: &H256, consensus_group: BTreeSet<NodeId>, mut new_nodes_map: BTreeMap<NodeId, Option<Secret>>) -> Result<(), Error> {
+	pub fn set_consensus_output(&self, version: &H256, consensus_group: BTreeSet<NodeId>, version_holders: BTreeSet<NodeId>, mut new_nodes_map: BTreeMap<NodeId, Option<Secret>>) -> Result<(), Error> {
 		let mut data = self.data.lock();
 
 		// check state
@@ -191,18 +196,30 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		// key share version is required on ShareAdd master node
 		if let Some(key_share) = self.core.key_share.as_ref() {
 			if let Ok(key_version) = key_share.version(version) {
+				let non_isolated_nodes = self.core.transport.nodes();
 				for (node, id_number) in &key_version.id_numbers {
 					{
 						let external_id_number = new_nodes_map.get(node);
 						match external_id_number {
 							Some(&Some(ref external_id_number)) => {
+								if !version_holders.contains(node) {
+									// possible when joining version holder, that has lost its database
+									// and haven't reported version ownership
+									continue;
+								}
 								if external_id_number == id_number {
 									continue;
 								}
+
 								return Err(Error::ConsensusUnreachable);
 							},
 							Some(&None) => (),
-							None => return Err(Error::ConsensusUnreachable),
+							None => {
+								if non_isolated_nodes.contains(node) {
+									return Err(Error::ConsensusUnreachable)
+								}
+								continue;
+							},
 						}
 					}
 
@@ -217,7 +234,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		}
 
 		// check passed consensus data
-		Self::check_nodes_map(&self.core, version, &consensus_group, &new_nodes_map)?;
+		Self::check_nodes_map(&self.core, version, &consensus_group, &version_holders, &new_nodes_map)?;
 
 		// update data
 		data.version = Some(version.clone());
@@ -225,6 +242,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		data.secret_subshares = Some(consensus_group.into_iter()
 			.map(|n| (n, None))
 			.collect());
+		data.version_holders = Some(version_holders);
 
 		Ok(())
 	}
@@ -281,13 +299,14 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 				.take(key_share.threshold)
 				.cloned())
 			.collect();
+		let version_holders = &old_nodes_set;
 
 		// now check nodes map
-		Self::check_nodes_map(&self.core, &version, &consensus_group, &new_nodes_map)?;
+		Self::check_nodes_map(&self.core, &version, &consensus_group, version_holders, &new_nodes_map)?;
 
 		// prepare consensus session transport
 		let mut consensus_transport = self.core.transport.clone();
-		consensus_transport.set_master_data(consensus_group.clone(), new_nodes_map.clone());
+		consensus_transport.set_master_data(consensus_group.clone(), version_holders.clone(), new_nodes_map.clone());
 
 		// create && initialize consensus session
 		let mut consensus_session = ConsensusSession::new(ConsensusSessionParams {
@@ -306,6 +325,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		data.consensus_session = Some(consensus_session);
 		data.id_numbers = Some(new_nodes_map);
 		data.secret_subshares = Some(consensus_group.into_iter().map(|n| (n, None)).collect());
+		data.version_holders = Some(version_holders.clone());
 
 		Ok(())
 	}
@@ -351,16 +371,17 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		};
 
 		// process consensus message
-		let (is_establishing_consensus, is_consensus_established, version, new_nodes_map, consensus_group) = {
+		let (is_establishing_consensus, is_consensus_established, version, new_nodes_map, consensus_group, version_holders) = {
 			let consensus_session = data.consensus_session.as_mut().ok_or(Error::InvalidMessage)?;
 			let is_establishing_consensus = consensus_session.state() == ConsensusSessionState::EstablishingConsensus;
 
-			let (version, new_nodes_map, consensus_group) = match &message.message {
+			let (version, new_nodes_map, consensus_group, version_holders) = match &message.message {
 				&ConsensusMessageOfShareAdd::InitializeConsensusSession(ref message) => {
 					consensus_session.on_consensus_partial_request(sender, ServersSetChangeAccessRequest::from(message))?;
 
 					let version = message.version.clone().into();
 					let consensus_group = message.consensus_group.iter().cloned().map(Into::into).collect();
+					let version_holders = message.version_holders.iter().cloned().map(Into::into).collect();
 					let new_nodes_map: BTreeMap<_, _> = message.new_nodes_map.iter()
 						.map(|(n, nn)| (n.clone().into(), Some(nn.clone().into())))
 						.collect();
@@ -371,13 +392,13 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 					}
 
 					// check old set of nodes
-					Self::check_nodes_map(&self.core, &version, &consensus_group, &new_nodes_map)?;
+					Self::check_nodes_map(&self.core, &version, &consensus_group, &version_holders, &new_nodes_map)?;
 
-					(Some(version), Some(new_nodes_map), Some(consensus_group))
+					(Some(version), Some(new_nodes_map), Some(consensus_group), Some(version_holders))
 				},
 				&ConsensusMessageOfShareAdd::ConfirmConsensusInitialization(ref message) => {
 					consensus_session.on_consensus_partial_response(sender, message.is_confirmed)?;
-					(None, None, None)
+					(None, None, None, None)
 				},
 			};
 
@@ -387,6 +408,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 				version,
 				new_nodes_map,
 				consensus_group,
+				version_holders,
 			)
 		};
 
@@ -400,6 +422,9 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		if let Some(consensus_group) = consensus_group {
 			data.secret_subshares = Some(consensus_group.into_iter().map(|n| (n, None)).collect());
 		}
+		if let Some(version_holders) = version_holders {
+			data.version_holders = Some(version_holders);
+		}
 
 		// if consensus is stablished, proceed
 		if !is_establishing_consensus || !is_consensus_established || self.core.meta.self_node_id != self.core.meta.master_node_id {
@@ -451,7 +476,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		});
 
 		let id_numbers = data.id_numbers.as_mut()
-			.expect("common key share data is expected after initialization; id_numers are filled during initialization; qed");
+			.expect("common key share data is expected after initialization; id_numbers are filled during initialization; qed");
 		for (node, id_number) in &message.id_numbers {
 			let id_number: Secret = id_number.clone().into();
 			{
@@ -519,7 +544,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 	}
 
 	/// Check nodes map.
-	fn check_nodes_map(core: &SessionCore<T>, version: &H256, consensus_group: &BTreeSet<NodeId>, new_nodes_map: &BTreeMap<NodeId, Option<Secret>>) -> Result<(), Error> {
+	fn check_nodes_map(core: &SessionCore<T>, version: &H256, consensus_group: &BTreeSet<NodeId>, version_holders: &BTreeSet<NodeId>, new_nodes_map: &BTreeMap<NodeId, Option<Secret>>) -> Result<(), Error> {
 		// check if this node has given version
 		let has_this_version = match core.key_share.as_ref() {
 			Some(key_share) => key_share.version(version).is_ok(),
@@ -546,7 +571,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 				}
 
 				// there must be at least one new node in new_nodes_map
-				if key_version.id_numbers.len() >= new_nodes_map.len() {
+				if key_version.id_numbers.keys().filter(|n| non_isolated_nodes.contains(n) && version_holders.contains(n)).count() >= new_nodes_map.len() {
 					return Err(Error::ConsensusUnreachable);
 				}
 			},
@@ -607,6 +632,8 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 		let explanation = "disseminate_common_share_data is only called on master node; master node has specified version of the key; qed";
 		let old_key_share = core.key_share.as_ref().expect(explanation);
 		let old_key_version = old_key_share.version(data.version.as_ref().expect(explanation)).expect(explanation);
+		let version_holders = data.version_holders.as_ref()
+			.expect("disseminate_common_share_data is only called on master node; version holders is created during initialization on master node; qed");
 		let consensus_group = data.secret_subshares.as_ref()
 			.expect("disseminate_common_share_data is only called on master node; consensus group is created during initialization on master node; qed");
 		let nodes = data.id_numbers.as_ref()
@@ -622,7 +649,9 @@ impl<T> SessionImpl<T> where T: SessionTransport {
 				joint_public: old_key_share.public.clone().into(),
 				common_point: old_key_share.common_point.clone().map(Into::into),
 				encrypted_point: old_key_share.encrypted_point.clone().map(Into::into),
-				id_numbers: old_key_version.id_numbers.iter().map(|(k, v)| (k.clone().into(), v.clone().into())).collect(),
+				id_numbers: old_key_version.id_numbers.iter()
+					.filter(|&(k, _)| version_holders.contains(k))
+					.map(|(k, v)| (k.clone().into(), v.clone().into())).collect(),
 			}))?;
 		}
 
@@ -765,7 +794,8 @@ impl<T> ClusterSession for SessionImpl<T> where T: SessionTransport {
 
 		let mut data = self.data.lock();
 
-		warn!("{}: share add session failed: {} on {}", self.core.meta.self_node_id, error, node);
+		warn!(target: "secretstore_net", "{}: share add session failed: {} on {}",
+			self.core.meta.self_node_id, error, node);
 
 		data.state = SessionState::Finished;
 		data.result = Some(Err(error));
@@ -788,6 +818,7 @@ impl IsolatedSessionTransport {
 			nonce: nonce,
 			cluster: cluster,
 			id_numbers: None,
+			version_holders: None,
 			consensus_group: None,
 		}
 	}
@@ -806,6 +837,7 @@ impl JobTransport for IsolatedSessionTransport {
 			session_nonce: self.nonce,
 			message: ConsensusMessageOfShareAdd::InitializeConsensusSession(InitializeConsensusSessionOfShareAdd {
 				version: self.version.clone().expect(explanation).into(),
+				version_holders: self.version_holders.as_ref().expect(explanation).iter().cloned().map(Into::into).collect(),
 				consensus_group: self.consensus_group.as_ref().expect(explanation).iter().cloned().map(Into::into).collect(),
 				old_nodes_set: request.old_servers_set.into_iter().map(Into::into).collect(),
 				new_nodes_map: request.new_servers_set.into_iter()
@@ -836,7 +868,8 @@ impl SessionTransport for IsolatedSessionTransport {
 		self.cluster.nodes()
 	}
 
-	fn set_master_data(&mut self, consensus_group: BTreeSet<NodeId>, id_numbers: BTreeMap<NodeId, Option<Secret>>) {
+	fn set_master_data(&mut self, consensus_group: BTreeSet<NodeId>, version_holders: BTreeSet<NodeId>, id_numbers: BTreeMap<NodeId, Option<Secret>>) {
+		self.version_holders = Some(version_holders);
 		self.consensus_group = Some(consensus_group);
 		self.id_numbers = Some(id_numbers);
 	}
diff --git a/secret_store/src/key_server_cluster/admin_sessions/share_change_session.rs b/secret_store/src/key_server_cluster/admin_sessions/share_change_session.rs
index af16ef2f6da..48cb81c137a 100644
--- a/secret_store/src/key_server_cluster/admin_sessions/share_change_session.rs
+++ b/secret_store/src/key_server_cluster/admin_sessions/share_change_session.rs
@@ -48,6 +48,8 @@ pub struct ShareChangeSession {
 	key_storage: Arc<KeyStorage>,
 	/// Key version.
 	key_version: H256,
+	/// Nodes that have reported version ownership.
+	version_holders: Option<BTreeSet<NodeId>>,
 	/// Consensus group to use in ShareAdd session.
 	consensus_group: Option<BTreeSet<NodeId>>,
 	/// Nodes to add shares for.
@@ -63,6 +65,8 @@ pub struct ShareChangeSession {
 pub struct ShareChangeSessionPlan {
 	/// Key version that plan is valid for.
 	pub key_version: H256,
+	/// Nodes that have reported version ownership.
+	pub version_holders: BTreeSet<NodeId>,
 	/// Consensus group to use in ShareAdd session.
 	pub consensus_group: BTreeSet<NodeId>,
 	/// Nodes to add shares for.
@@ -102,6 +106,7 @@ impl ShareChangeSession {
 		// we can't create sessions right now, because key share is read when session is created, but it can change in previous session
 		let key_version = params.plan.key_version;
 		let consensus_group = if !params.plan.consensus_group.is_empty() { Some(params.plan.consensus_group) } else { None };
+		let version_holders = if !params.plan.version_holders.is_empty() { Some(params.plan.version_holders) } else { None };
 		let new_nodes_map = if !params.plan.new_nodes_map.is_empty() { Some(params.plan.new_nodes_map) } else { None };
 		debug_assert!(new_nodes_map.is_some());
 
@@ -113,6 +118,7 @@ impl ShareChangeSession {
 			cluster: params.cluster,
 			key_storage: params.key_storage,
 			key_version: key_version,
+			version_holders: version_holders,
 			consensus_group: consensus_group,
 			new_nodes_map: new_nodes_map,
 			share_add_session: None,
@@ -158,6 +164,7 @@ impl ShareChangeSession {
 	/// Create new share add session.
 	fn create_share_add_session(&mut self) -> Result<(), Error> {
 		let consensus_group = self.consensus_group.take().ok_or(Error::InvalidStateForRequest)?;
+		let version_holders = self.version_holders.take().ok_or(Error::InvalidStateForRequest)?;
 		let new_nodes_map = self.new_nodes_map.take().ok_or(Error::InvalidStateForRequest)?;
 		let share_add_session = ShareAddSessionImpl::new(ShareAddSessionParams {
 			meta: self.meta.clone(),
@@ -166,7 +173,7 @@ impl ShareChangeSession {
 			key_storage: self.key_storage.clone(),
 			admin_public: None,
 		})?;
-		share_add_session.set_consensus_output(&self.key_version, consensus_group, new_nodes_map)?;
+		share_add_session.set_consensus_output(&self.key_version, consensus_group, version_holders, new_nodes_map)?;
 		self.share_add_session = Some(share_add_session);
 		Ok(())
 	}
@@ -221,7 +228,7 @@ impl ShareAddSessionTransport for ShareChangeTransport {
 		self.cluster.nodes()
 	}
 
-	fn set_master_data(&mut self, _consensus_group: BTreeSet<NodeId>, _id_numbers: BTreeMap<NodeId, Option<Secret>>) {
+	fn set_master_data(&mut self, _consensus_group: BTreeSet<NodeId>, _version_holders: BTreeSet<NodeId>, _id_numbers: BTreeMap<NodeId, Option<Secret>>) {
 		unreachable!("only called when establishing consensus; this transport is never used for establishing consensus; qed")
 	}
 
@@ -242,6 +249,7 @@ pub fn prepare_share_change_session_plan(cluster_nodes: &BTreeSet<NodeId>, thres
 			key_id, threshold, old_key_version_owners.len());
 		return Ok(ShareChangeSessionPlan {
 			key_version: key_version,
+			version_holders: Default::default(),
 			consensus_group: Default::default(),
 			new_nodes_map: Default::default(),
 		});
@@ -279,6 +287,7 @@ pub fn prepare_share_change_session_plan(cluster_nodes: &BTreeSet<NodeId>, thres
 
 	Ok(ShareChangeSessionPlan {
 		key_version: key_version,
+		version_holders: old_key_version_owners.clone(),
 		consensus_group: consensus_group,
 		new_nodes_map: new_nodes_map,
 	})
diff --git a/secret_store/src/key_server_cluster/client_sessions/decryption_session.rs b/secret_store/src/key_server_cluster/client_sessions/decryption_session.rs
index 724d2fe49f1..9172a03b1a8 100644
--- a/secret_store/src/key_server_cluster/client_sessions/decryption_session.rs
+++ b/secret_store/src/key_server_cluster/client_sessions/decryption_session.rs
@@ -812,6 +812,28 @@ impl JobTransport for DecryptionJobTransport {
 	}
 }
 
+#[cfg(test)]
+pub fn create_default_decryption_session() -> Arc<SessionImpl> {
+	use acl_storage::DummyAclStorage;
+	use key_server_cluster::cluster::tests::DummyCluster;
+
+	Arc::new(SessionImpl::new(SessionParams {
+		meta: SessionMeta {
+			id: Default::default(),
+			self_node_id: Default::default(),
+			master_node_id: Default::default(),
+			threshold: 0,
+			configured_nodes_count: 0,
+			connected_nodes_count: 0,
+		},
+		access_key: Secret::zero(),
+		key_share: Default::default(),
+		acl_storage: Arc::new(DummyAclStorage::default()),
+		cluster: Arc::new(DummyCluster::new(Default::default())),
+		nonce: 0,
+	}, Some(Requester::Public(2.into()))).unwrap())
+}
+
 #[cfg(test)]
 mod tests {
 	use std::sync::Arc;
diff --git a/secret_store/src/key_server_cluster/cluster.rs b/secret_store/src/key_server_cluster/cluster.rs
index 86de005b77c..b48290a4fc3 100644
--- a/secret_store/src/key_server_cluster/cluster.rs
+++ b/secret_store/src/key_server_cluster/cluster.rs
@@ -84,6 +84,8 @@ pub trait ClusterClient: Send + Sync {
 	fn add_generation_listener(&self, listener: Arc<ClusterSessionsListener<GenerationSession>>);
 	/// Listen for new decryption sessions.
 	fn add_decryption_listener(&self, listener: Arc<ClusterSessionsListener<DecryptionSession>>);
+	/// Listen for new key version negotiation sessions.
+	fn add_key_version_negotiation_listener(&self, listener: Arc<ClusterSessionsListener<KeyVersionNegotiationSession<KeyVersionNegotiationSessionTransport>>>);
 
 	/// Ask node to make 'faulty' generation sessions.
 	#[cfg(test)]
@@ -198,9 +200,10 @@ pub struct ClusterConnections {
 	pub data: RwLock<ClusterConnectionsData>,
 }
 
-#[derive(Default)]
 /// Cluster connections data.
 pub struct ClusterConnectionsData {
+	/// Is this node isolated from cluster?
+	pub is_isolated: bool,
 	/// Active key servers set.
 	pub nodes: BTreeMap<Public, SocketAddr>,
 	/// Active connections to key servers.
@@ -384,6 +387,9 @@ impl ClusterCore {
 		for connection in data.connections.active_connections() {
 			let last_message_diff = Instant::now() - connection.last_message_time();
 			if last_message_diff > KEEP_ALIVE_DISCONNECT_INTERVAL {
+				warn!(target: "secretstore_net", "{}: keep alive timeout for node {}",
+					data.self_key_pair.public(), connection.node_id());
+
 				data.connections.remove(data.clone(), connection.node_id(), connection.is_inbound());
 				data.sessions.on_connection_timeout(connection.node_id());
 			}
@@ -484,7 +490,7 @@ impl ClusterCore {
 			if is_master_node && session.is_finished() {
 				data.sessions.negotiation_sessions.remove(&session.id());
 				match session.wait() {
-					Ok((version, master)) => match session.take_continue_action() {
+					Ok(Some((version, master))) => match session.take_continue_action() {
 						Some(ContinueAction::Decrypt(session, origin, is_shadow_decryption, is_broadcast_decryption)) => {
 							let initialization_error = if data.self_key_pair.public() == &master {
 								session.initialize(origin, version, is_shadow_decryption, is_broadcast_decryption)
@@ -523,18 +529,19 @@ impl ClusterCore {
 						},
 						None => (),
 					},
+					Ok(None) => unreachable!("is_master_node; session is finished; negotiation version always finished with result on master; qed"),
 					Err(error) => match session.take_continue_action() {
 						Some(ContinueAction::Decrypt(session, _, _, _)) => {
-							data.sessions.decryption_sessions.remove(&session.id());
 							session.on_session_error(&meta.self_node_id, error);
+							data.sessions.decryption_sessions.remove(&session.id());
 						},
 						Some(ContinueAction::SchnorrSign(session, _)) => {
-							data.sessions.schnorr_signing_sessions.remove(&session.id());
 							session.on_session_error(&meta.self_node_id, error);
+							data.sessions.schnorr_signing_sessions.remove(&session.id());
 						},
 						Some(ContinueAction::EcdsaSign(session, _)) => {
-							data.sessions.ecdsa_signing_sessions.remove(&session.id());
 							session.on_session_error(&meta.self_node_id, error);
+							data.sessions.ecdsa_signing_sessions.remove(&session.id());
 						},
 						None => (),
 					},
@@ -653,7 +660,7 @@ impl ClusterCore {
 impl ClusterConnections {
 	pub fn new(config: &ClusterConfiguration) -> Result<Self, Error> {
 		let mut nodes = config.key_server_set.snapshot().current_set;
-		nodes.remove(config.self_key_pair.public());
+		let is_isolated = nodes.remove(config.self_key_pair.public()).is_none();
 
 		let trigger: Box<ConnectionTrigger> = match config.auto_migrate_enabled {
 			false => Box::new(SimpleConnectionTrigger::new(config.key_server_set.clone(), config.self_key_pair.clone(), config.admin_public.clone())),
@@ -668,6 +675,7 @@ impl ClusterConnections {
 			trigger: Mutex::new(trigger),
 			connector: connector,
 			data: RwLock::new(ClusterConnectionsData {
+				is_isolated: is_isolated,
 				nodes: nodes,
 				connections: BTreeMap::new(),
 			}),
@@ -734,8 +742,13 @@ impl ClusterConnections {
 		self.maintain_connection_trigger(maintain_action, data);
 	}
 
-	pub fn connected_nodes(&self) -> BTreeSet<NodeId> {
-		self.data.read().connections.keys().cloned().collect()
+	pub fn connected_nodes(&self) -> Result<BTreeSet<NodeId>, Error> {
+		let data = self.data.read();
+		if data.is_isolated {
+			return Err(Error::NodeDisconnected);
+		}
+
+		Ok(data.connections.keys().cloned().collect())
 	}
 
 	pub fn active_connections(&self)-> Vec<Arc<Connection>> {
@@ -897,7 +910,7 @@ impl ClusterClientImpl {
 	}
 
 	fn create_key_version_negotiation_session(&self, session_id: SessionId) -> Result<Arc<KeyVersionNegotiationSession<KeyVersionNegotiationSessionTransport>>, Error> {
-		let mut connected_nodes = self.data.connections.connected_nodes();
+		let mut connected_nodes = self.data.connections.connected_nodes()?;
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let access_key = Random.generate()?.secret().clone();
@@ -934,7 +947,7 @@ impl ClusterClient for ClusterClientImpl {
 	}
 
 	fn new_generation_session(&self, session_id: SessionId, origin: Option<Address>, author: Address, threshold: usize) -> Result<Arc<GenerationSession>, Error> {
-		let mut connected_nodes = self.data.connections.connected_nodes();
+		let mut connected_nodes = self.data.connections.connected_nodes()?;
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let cluster = create_cluster_view(&self.data, true)?;
@@ -945,7 +958,7 @@ impl ClusterClient for ClusterClientImpl {
 	}
 
 	fn new_encryption_session(&self, session_id: SessionId, requester: Requester, common_point: Public, encrypted_point: Public) -> Result<Arc<EncryptionSession>, Error> {
-		let mut connected_nodes = self.data.connections.connected_nodes();
+		let mut connected_nodes = self.data.connections.connected_nodes()?;
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let cluster = create_cluster_view(&self.data, true)?;
@@ -956,7 +969,7 @@ impl ClusterClient for ClusterClientImpl {
 	}
 
 	fn new_decryption_session(&self, session_id: SessionId, origin: Option<Address>, requester: Requester, version: Option<H256>, is_shadow_decryption: bool, is_broadcast_decryption: bool) -> Result<Arc<DecryptionSession>, Error> {
-		let mut connected_nodes = self.data.connections.connected_nodes();
+		let mut connected_nodes = self.data.connections.connected_nodes()?;
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let access_key = Random.generate()?.secret().clone();
@@ -982,7 +995,7 @@ impl ClusterClient for ClusterClientImpl {
 	}
 
 	fn new_schnorr_signing_session(&self, session_id: SessionId, requester: Requester, version: Option<H256>, message_hash: H256) -> Result<Arc<SchnorrSigningSession>, Error> {
-		let mut connected_nodes = self.data.connections.connected_nodes();
+		let mut connected_nodes = self.data.connections.connected_nodes()?;
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let access_key = Random.generate()?.secret().clone();
@@ -1007,7 +1020,7 @@ impl ClusterClient for ClusterClientImpl {
 	}
 
 	fn new_ecdsa_signing_session(&self, session_id: SessionId, requester: Requester, version: Option<H256>, message_hash: H256) -> Result<Arc<EcdsaSigningSession>, Error> {
-		let mut connected_nodes = self.data.connections.connected_nodes();
+		let mut connected_nodes = self.data.connections.connected_nodes()?;
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let access_key = Random.generate()?.secret().clone();
@@ -1037,7 +1050,7 @@ impl ClusterClient for ClusterClientImpl {
 	}
 
 	fn new_servers_set_change_session(&self, session_id: Option<SessionId>, migration_id: Option<H256>, new_nodes_set: BTreeSet<NodeId>, old_set_signature: Signature, new_set_signature: Signature) -> Result<Arc<AdminSession>, Error> {
-		let mut connected_nodes = self.data.connections.connected_nodes();
+		let mut connected_nodes = self.data.connections.connected_nodes()?;
 		connected_nodes.insert(self.data.self_key_pair.public().clone());
 
 		let session_id = match session_id {
@@ -1069,6 +1082,10 @@ impl ClusterClient for ClusterClientImpl {
 		self.data.sessions.decryption_sessions.add_listener(listener);
 	}
 
+	fn add_key_version_negotiation_listener(&self, listener: Arc<ClusterSessionsListener<KeyVersionNegotiationSession<KeyVersionNegotiationSessionTransport>>>) {
+		self.data.sessions.negotiation_sessions.add_listener(listener);
+	}
+
 	#[cfg(test)]
 	fn connect(&self) {
 		ClusterCore::connect_disconnected_nodes(self.data.clone());
@@ -1153,6 +1170,7 @@ pub mod tests {
 
 		fn add_generation_listener(&self, _listener: Arc<ClusterSessionsListener<GenerationSession>>) {}
 		fn add_decryption_listener(&self, _listener: Arc<ClusterSessionsListener<DecryptionSession>>) {}
+		fn add_key_version_negotiation_listener(&self, _listener: Arc<ClusterSessionsListener<KeyVersionNegotiationSession<KeyVersionNegotiationSessionTransport>>>) {}
 
 		fn make_faulty_generation_sessions(&self) { unimplemented!("test-only") }
 		fn generation_session(&self, _session_id: &SessionId) -> Option<Arc<GenerationSession>> { unimplemented!("test-only") }
@@ -1249,7 +1267,7 @@ pub mod tests {
 			threads: 1,
 			self_key_pair: Arc::new(PlainNodeKeyPair::new(key_pairs[i].clone())),
 			listen_address: ("127.0.0.1".to_owned(), ports_begin + i as u16),
-			key_server_set: Arc::new(MapKeyServerSet::new(key_pairs.iter().enumerate()
+			key_server_set: Arc::new(MapKeyServerSet::new(false, key_pairs.iter().enumerate()
 				.map(|(j, kp)| (kp.public().clone(), format!("127.0.0.1:{}", ports_begin + j as u16).parse().unwrap()))
 				.collect())),
 			allow_connecting_to_higher_nodes: false,
diff --git a/secret_store/src/key_server_cluster/cluster_sessions.rs b/secret_store/src/key_server_cluster/cluster_sessions.rs
index 4dcfd3f8814..b34485638e6 100644
--- a/secret_store/src/key_server_cluster/cluster_sessions.rs
+++ b/secret_store/src/key_server_cluster/cluster_sessions.rs
@@ -330,10 +330,7 @@ impl<S, SC, D> ClusterSessionsContainer<S, SC, D> where S: ClusterSession, SC: C
 	}
 
 	pub fn remove(&self, session_id: &S::Id) {
-		if let Some(session) = self.sessions.write().remove(session_id) {
-			self.container_state.lock().on_session_completed();
-			self.notify_listeners(|l| l.on_session_removed(session.session.clone()));
-		}
+		self.do_remove(session_id, &mut *self.sessions.write());
 	}
 
 	pub fn enqueue_message(&self, session_id: &S::Id, sender: NodeId, message: Message, is_queued_message: bool) {
@@ -361,7 +358,7 @@ impl<S, SC, D> ClusterSessionsContainer<S, SC, D> where S: ClusterSession, SC: C
 			};
 
 			if remove_session {
-				sessions.remove(&sid);
+				self.do_remove(&sid, &mut *sessions);
 			}
 		}
 	}
@@ -374,12 +371,20 @@ impl<S, SC, D> ClusterSessionsContainer<S, SC, D> where S: ClusterSession, SC: C
 				session.session.on_node_timeout(node_id);
 				session.session.is_finished()
 			};
+
 			if remove_session {
-				sessions.remove(&sid);
+				self.do_remove(&sid, &mut *sessions);
 			}
 		}
 	}
 
+	fn do_remove(&self, session_id: &S::Id, sessions: &mut BTreeMap<S::Id, QueuedSession<S>>) {
+		if let Some(session) = sessions.remove(session_id) {
+			self.container_state.lock().on_session_completed();
+			self.notify_listeners(|l| l.on_session_removed(session.session.clone()));
+		}
+	}
+
 	fn notify_listeners<F: Fn(&ClusterSessionsListener<S>) -> ()>(&self, callback: F) {
 		let mut listeners = self.listeners.lock();
 		let mut listener_index = 0;
@@ -554,7 +559,7 @@ pub fn create_cluster_view(data: &Arc<ClusterData>, requires_all_connections: bo
 		}
 	}
 
-	let mut connected_nodes = data.connections.connected_nodes();
+	let mut connected_nodes = data.connections.connected_nodes()?;
 	connected_nodes.insert(data.self_key_pair.public().clone());
 
 	let connected_nodes_count = connected_nodes.len();
@@ -571,7 +576,8 @@ mod tests {
 	use key_server_cluster::connection_trigger::SimpleServersSetChangeSessionCreatorConnector;
 	use key_server_cluster::cluster::tests::DummyCluster;
 	use key_server_cluster::generation_session::{SessionImpl as GenerationSession};
-	use super::{ClusterSessions, AdminSessionCreationData, ClusterSessionsListener};
+	use super::{ClusterSessions, AdminSessionCreationData, ClusterSessionsListener,
+		ClusterSessionsContainerState, SESSION_TIMEOUT_INTERVAL};
 
 	pub fn make_cluster_sessions() -> ClusterSessions {
 		let key_pair = Random.generate().unwrap();
@@ -579,7 +585,7 @@ mod tests {
 			threads: 1,
 			self_key_pair: Arc::new(PlainNodeKeyPair::new(key_pair.clone())),
 			listen_address: ("127.0.0.1".to_owned(), 100_u16),
-			key_server_set: Arc::new(MapKeyServerSet::new(vec![(key_pair.public().clone(), format!("127.0.0.1:{}", 100).parse().unwrap())].into_iter().collect())),
+			key_server_set: Arc::new(MapKeyServerSet::new(false, vec![(key_pair.public().clone(), format!("127.0.0.1:{}", 100).parse().unwrap())].into_iter().collect())),
 			allow_connecting_to_higher_nodes: false,
 			key_storage: Arc::new(DummyKeyStorage::default()),
 			acl_storage: Arc::new(DummyAclStorage::default()),
@@ -644,4 +650,41 @@ mod tests {
 		assert_eq!(listener.inserted.load(Ordering::Relaxed), 1);
 		assert_eq!(listener.removed.load(Ordering::Relaxed), 1);
 	}
+
+	#[test]
+	fn last_session_removal_sets_container_state_to_idle() {
+		let sessions = make_cluster_sessions();
+
+		sessions.generation_sessions.insert(Arc::new(DummyCluster::new(Default::default())), Default::default(), Default::default(), None, false, None).unwrap();
+		assert_eq!(*sessions.generation_sessions.container_state.lock(), ClusterSessionsContainerState::Active(1));
+
+		sessions.generation_sessions.remove(&Default::default());
+		assert_eq!(*sessions.generation_sessions.container_state.lock(), ClusterSessionsContainerState::Idle);
+	}
+
+	#[test]
+	fn last_session_removal_by_timeout_sets_container_state_to_idle() {
+		let sessions = make_cluster_sessions();
+
+		sessions.generation_sessions.insert(Arc::new(DummyCluster::new(Default::default())), Default::default(), Default::default(), None, false, None).unwrap();
+		assert_eq!(*sessions.generation_sessions.container_state.lock(), ClusterSessionsContainerState::Active(1));
+
+		sessions.generation_sessions.sessions.write().get_mut(&Default::default()).unwrap().last_message_time -= SESSION_TIMEOUT_INTERVAL * 2;
+
+		sessions.generation_sessions.stop_stalled_sessions();
+		assert_eq!(sessions.generation_sessions.sessions.read().len(), 0);
+		assert_eq!(*sessions.generation_sessions.container_state.lock(), ClusterSessionsContainerState::Idle);
+	}
+
+	#[test]
+	fn last_session_removal_by_node_timeout_sets_container_state_to_idle() {
+		let sessions = make_cluster_sessions();
+
+		sessions.generation_sessions.insert(Arc::new(DummyCluster::new(Default::default())), Default::default(), Default::default(), None, false, None).unwrap();
+		assert_eq!(*sessions.generation_sessions.container_state.lock(), ClusterSessionsContainerState::Active(1));
+
+		sessions.generation_sessions.on_connection_timeout(&Default::default());
+		assert_eq!(sessions.generation_sessions.sessions.read().len(), 0);
+		assert_eq!(*sessions.generation_sessions.container_state.lock(), ClusterSessionsContainerState::Idle);
+	}
 }
diff --git a/secret_store/src/key_server_cluster/cluster_sessions_creator.rs b/secret_store/src/key_server_cluster/cluster_sessions_creator.rs
index e1b5125ac48..15192542b5c 100644
--- a/secret_store/src/key_server_cluster/cluster_sessions_creator.rs
+++ b/secret_store/src/key_server_cluster/cluster_sessions_creator.rs
@@ -353,6 +353,9 @@ impl ClusterSessionCreator<KeyVersionNegotiationSessionImpl<VersionNegotiationTr
 			sub_session: sid.access_key.into(),
 			session_nonce: nonce,
 			error: err.into(),
+			// we don't care about continue action here. it only matters when we're completing the session with confirmed
+			// fatal error from result computer
+			continue_with: None,
 		}))
 	}
 
diff --git a/secret_store/src/key_server_cluster/connection_trigger.rs b/secret_store/src/key_server_cluster/connection_trigger.rs
index 71f17313fed..2de1a595497 100644
--- a/secret_store/src/key_server_cluster/connection_trigger.rs
+++ b/secret_store/src/key_server_cluster/connection_trigger.rs
@@ -161,15 +161,20 @@ impl TriggerConnections {
 
 fn adjust_connections(self_node_id: &NodeId, data: &mut ClusterConnectionsData, required_set: &BTreeMap<NodeId, SocketAddr>) {
 	if !required_set.contains_key(self_node_id) {
-		trace!(target: "secretstore_net", "{}: isolated from cluser", self_node_id);
+		if !data.is_isolated {
+			trace!(target: "secretstore_net", "{}: isolated from cluser", self_node_id);
+		}
+
+		data.is_isolated = true;
 		data.connections.clear();
 		data.nodes.clear();
 		return;
 	}
 
+	data.is_isolated = false;
 	for node_to_disconnect in select_nodes_to_disconnect(&data.nodes, required_set) {
 		if let Entry::Occupied(entry) = data.connections.entry(node_to_disconnect.clone()) {
-			trace!(target: "secretstore_net", "{}: removing connection to {} at {}",
+			trace!(target: "secretstore_net", "{}: adjusting connections - removing connection to {} at {}",
 				self_node_id, entry.get().node_id(), entry.get().node_address());
 			entry.remove();
 		}
@@ -204,6 +209,14 @@ mod tests {
 	use super::{Maintain, TriggerConnections, ConnectionsAction, ConnectionTrigger, SimpleConnectionTrigger,
 		select_nodes_to_disconnect, adjust_connections};
 
+	fn default_connection_data() -> ClusterConnectionsData {
+		ClusterConnectionsData {
+			is_isolated: false,
+			nodes: Default::default(),
+			connections: Default::default(),
+		}
+	}
+
 	fn create_connections() -> TriggerConnections {
 		TriggerConnections {
 			self_key_pair: Arc::new(PlainNodeKeyPair::new(Random.generate().unwrap())),
@@ -252,59 +265,64 @@ mod tests {
 	fn adjust_connections_disconnects_from_all_nodes_if_not_a_part_of_key_server() {
 		let self_node_id = Random.generate().unwrap().public().clone();
 		let other_node_id = Random.generate().unwrap().public().clone();
-		let mut connection_data: ClusterConnectionsData = Default::default();
+		let mut connection_data = default_connection_data();
 		connection_data.nodes.insert(other_node_id.clone(), "127.0.0.1:8081".parse().unwrap());
 
 		let required_set = connection_data.nodes.clone();
 		adjust_connections(&self_node_id, &mut connection_data, &required_set);
 		assert!(connection_data.nodes.is_empty());
+		assert!(connection_data.is_isolated);
 	}
 
 	#[test]
 	fn adjust_connections_connects_to_new_nodes() {
 		let self_node_id = Random.generate().unwrap().public().clone();
 		let other_node_id = Random.generate().unwrap().public().clone();
-		let mut connection_data: ClusterConnectionsData = Default::default();
+		let mut connection_data = default_connection_data();
 
 		let required_set = vec![(self_node_id.clone(), "127.0.0.1:8081".parse().unwrap()),
 			(other_node_id.clone(), "127.0.0.1:8082".parse().unwrap())].into_iter().collect();
 		adjust_connections(&self_node_id, &mut connection_data, &required_set);
 		assert!(connection_data.nodes.contains_key(&other_node_id));
+		assert!(!connection_data.is_isolated);
 	}
 
 	#[test]
 	fn adjust_connections_reconnects_from_changed_nodes() {
 		let self_node_id = Random.generate().unwrap().public().clone();
 		let other_node_id = Random.generate().unwrap().public().clone();
-		let mut connection_data: ClusterConnectionsData = Default::default();
+		let mut connection_data = default_connection_data();
 		connection_data.nodes.insert(other_node_id.clone(), "127.0.0.1:8082".parse().unwrap());
 
 		let required_set = vec![(self_node_id.clone(), "127.0.0.1:8081".parse().unwrap()),
 			(other_node_id.clone(), "127.0.0.1:8083".parse().unwrap())].into_iter().collect();
 		adjust_connections(&self_node_id, &mut connection_data, &required_set);
 		assert_eq!(connection_data.nodes.get(&other_node_id), Some(&"127.0.0.1:8083".parse().unwrap()));
+		assert!(!connection_data.is_isolated);
 	}
 
 	#[test]
 	fn adjust_connections_disconnects_from_removed_nodes() {
 		let self_node_id = Random.generate().unwrap().public().clone();
 		let other_node_id = Random.generate().unwrap().public().clone();
-		let mut connection_data: ClusterConnectionsData = Default::default();
+		let mut connection_data = default_connection_data();
 		connection_data.nodes.insert(other_node_id.clone(), "127.0.0.1:8082".parse().unwrap());
 
 		let required_set = vec![(self_node_id.clone(), "127.0.0.1:8081".parse().unwrap())].into_iter().collect();
 		adjust_connections(&self_node_id, &mut connection_data, &required_set);
 		assert!(connection_data.nodes.is_empty());
+		assert!(!connection_data.is_isolated);
 	}
 
 	#[test]
 	fn adjust_connections_does_not_connects_to_self() {
 		let self_node_id = Random.generate().unwrap().public().clone();
-		let mut connection_data: ClusterConnectionsData = Default::default();
+		let mut connection_data = default_connection_data();
 
 		let required_set = vec![(self_node_id.clone(), "127.0.0.1:8081".parse().unwrap())].into_iter().collect();
 		adjust_connections(&self_node_id, &mut connection_data, &required_set);
 		assert!(connection_data.nodes.is_empty());
+		assert!(!connection_data.is_isolated);
 	}
 
 	#[test]
@@ -315,7 +333,7 @@ mod tests {
 		let migration_node_id = Random.generate().unwrap().public().clone();
 		let new_node_id = Random.generate().unwrap().public().clone();
 
-		let mut connections_data: ClusterConnectionsData = Default::default();
+		let mut connections_data = default_connection_data();
 		connections.maintain(ConnectionsAction::ConnectToCurrentSet, &mut connections_data, &KeyServerSetSnapshot {
 			current_set: vec![(self_node_id.clone(), "127.0.0.1:8081".parse().unwrap()),
 				(current_node_id.clone(), "127.0.0.1:8082".parse().unwrap())].into_iter().collect(),
@@ -337,7 +355,7 @@ mod tests {
 		let migration_node_id = Random.generate().unwrap().public().clone();
 		let new_node_id = Random.generate().unwrap().public().clone();
 
-		let mut connections_data: ClusterConnectionsData = Default::default();
+		let mut connections_data = default_connection_data();
 		connections.maintain(ConnectionsAction::ConnectToMigrationSet, &mut connections_data, &KeyServerSetSnapshot {
 			current_set: vec![(current_node_id.clone(), "127.0.0.1:8082".parse().unwrap())].into_iter().collect(),
 			new_set: vec![(new_node_id.clone(), "127.0.0.1:8083".parse().unwrap())].into_iter().collect(),
@@ -354,7 +372,7 @@ mod tests {
 
 	#[test]
 	fn simple_connections_trigger_only_maintains_connections() {
-		let key_server_set = Arc::new(MapKeyServerSet::new(Default::default()));
+		let key_server_set = Arc::new(MapKeyServerSet::new(false, Default::default()));
 		let self_key_pair = Arc::new(PlainNodeKeyPair::new(Random.generate().unwrap()));
 		let mut trigger = SimpleConnectionTrigger::new(key_server_set, self_key_pair, None);
 		assert_eq!(trigger.on_maintain(), Some(Maintain::Connections));
diff --git a/secret_store/src/key_server_cluster/jobs/key_access_job.rs b/secret_store/src/key_server_cluster/jobs/key_access_job.rs
index 6a0577f022b..7ded90afabb 100644
--- a/secret_store/src/key_server_cluster/jobs/key_access_job.rs
+++ b/secret_store/src/key_server_cluster/jobs/key_access_job.rs
@@ -79,7 +79,6 @@ impl JobExecutor for KeyAccessJob {
 		
 		self.requester = Some(partial_request.clone());
 		self.acl_storage.check(partial_request.address(&self.id).map_err(Error::InsufficientRequesterData)?, &self.id)
-			.map_err(|_| Error::AccessDenied)
 			.map(|is_confirmed| if is_confirmed { JobPartialRequestAction::Respond(true) } else { JobPartialRequestAction::Reject(false) })
 	}
 
diff --git a/secret_store/src/key_server_cluster/message.rs b/secret_store/src/key_server_cluster/message.rs
index 8aecdc9dd6c..1bc487eb78f 100644
--- a/secret_store/src/key_server_cluster/message.rs
+++ b/secret_store/src/key_server_cluster/message.rs
@@ -429,6 +429,8 @@ pub struct InitializeConsensusSessionWithServersSet {
 pub struct InitializeConsensusSessionOfShareAdd {
 	/// Key version.
 	pub version: SerializableH256,
+	/// Nodes that have reported version ownership.
+	pub version_holders: BTreeSet<MessageNodeId>,
 	/// threshold+1 nodes from old_nodes_set selected for shares redistribution.
 	pub consensus_group: BTreeSet<MessageNodeId>,
 	/// Old nodes set: all non-isolated owners of selected key share version.
@@ -876,6 +878,8 @@ pub struct InitializeShareChangeSession {
 	pub key_id: MessageSessionId,
 	/// Key vesion to use in ShareAdd session.
 	pub version: SerializableH256,
+	/// Nodes that have confirmed version ownership.
+	pub version_holders: BTreeSet<MessageNodeId>,
 	/// Master node.
 	pub master_node_id: MessageNodeId,
 	/// Consensus group to use in ShareAdd session.
@@ -1039,6 +1043,16 @@ pub struct KeyVersionsError {
 	pub session_nonce: u64,
 	/// Error message.
 	pub error: Error,
+	/// Continue action from failed node (if any). This field is oly filled
+	/// when error has occured when trying to compute result on master node.
+	pub continue_with: Option<FailedKeyVersionContinueAction>,
+}
+
+/// Key version continue action from failed node.
+#[derive(Clone, Debug, Serialize, Deserialize)]
+pub enum FailedKeyVersionContinueAction {
+	/// Decryption session: origin + requester.
+	Decrypt(Option<SerializableAddress>, SerializableAddress),
 }
 
 impl Message {
@@ -1059,6 +1073,7 @@ impl Message {
 				_ => false
 			},
 			Message::KeyVersionNegotiation(KeyVersionNegotiationMessage::RequestKeyVersions(_)) => true,
+			Message::KeyVersionNegotiation(KeyVersionNegotiationMessage::KeyVersionsError(ref msg)) if msg.continue_with.is_some() => true,
 			Message::ShareAdd(ShareAddMessage::ShareAddConsensusMessage(ref msg)) => match msg.message {
 				ConsensusMessageOfShareAdd::InitializeConsensusSession(_) => true,
 				_ => false
diff --git a/secret_store/src/key_server_set.rs b/secret_store/src/key_server_set.rs
index cf95e917aec..7bae27017a3 100644
--- a/secret_store/src/key_server_set.rs
+++ b/secret_store/src/key_server_set.rs
@@ -19,16 +19,13 @@ use std::net::SocketAddr;
 use std::collections::{BTreeMap, HashSet};
 use std::time::Duration;
 use parking_lot::Mutex;
-use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify, ChainRoute, CallContract, RegistryInfo};
-use ethcore::filter::Filter;
+use ethcore::client::{Client, BlockChainClient, BlockId, ChainNotify, ChainRoute, CallContract};
 use ethkey::public_to_address;
-use hash::keccak;
 use ethereum_types::{H256, Address};
 use bytes::Bytes;
 use types::{Error, Public, NodeAddress, NodeId};
 use trusted_client::TrustedClient;
-use helpers::{get_confirmed_block_hash, REQUEST_CONFIRMATIONS_REQUIRED};
-use {NodeKeyPair};
+use {NodeKeyPair, ContractAddress};
 
 use_contract!(key_server, "KeyServerSet", "res/key_server_set.json");
 
@@ -39,22 +36,6 @@ const MIGRATION_CONFIRMATIONS_REQUIRED: u64 = 5;
 /// Number of blocks before the same-migration transaction (be it start or confirmation) will be retried.
 const TRANSACTION_RETRY_INTERVAL_BLOCKS: u64 = 30;
 
-/// Key server has been added to the set.
-const ADDED_EVENT_NAME: &'static [u8] = &*b"KeyServerAdded(address)";
-/// Key server has been removed from the set.
-const REMOVED_EVENT_NAME: &'static [u8] = &*b"KeyServerRemoved(address)";
-/// Migration has started.
-const MIGRATION_STARTED_EVENT_NAME: &'static [u8] = &*b"MigrationStarted()";
-/// Migration has completed.
-const MIGRATION_COMPLETED_EVENT_NAME: &'static [u8] = &*b"MigrationCompleted()";
-
-lazy_static! {
-	static ref ADDED_EVENT_NAME_HASH: H256 = keccak(ADDED_EVENT_NAME);
-	static ref REMOVED_EVENT_NAME_HASH: H256 = keccak(REMOVED_EVENT_NAME);
-	static ref MIGRATION_STARTED_EVENT_NAME_HASH: H256 = keccak(MIGRATION_STARTED_EVENT_NAME);
-	static ref MIGRATION_COMPLETED_EVENT_NAME_HASH: H256 = keccak(MIGRATION_COMPLETED_EVENT_NAME);
-}
-
 #[derive(Default, Debug, Clone, PartialEq)]
 /// Key Server Set state.
 pub struct KeyServerSetSnapshot {
@@ -81,6 +62,8 @@ pub struct KeyServerSetMigration {
 
 /// Key Server Set
 pub trait KeyServerSet: Send + Sync {
+	/// Is this node currently isolated from the set?
+	fn is_isolated(&self) -> bool;
 	/// Get server set state.
 	fn snapshot(&self) -> KeyServerSetSnapshot;
 	/// Start migration.
@@ -117,7 +100,9 @@ struct PreviousMigrationTransaction {
 struct CachedContract {
 	/// Blockchain client.
 	client: TrustedClient,
-	/// Contract address.
+	/// Contract address source.
+	contract_address_source: Option<ContractAddress>,
+	/// Current contract address.
 	contract_address: Option<Address>,
 	/// Contract interface.
 	contract: key_server::KeyServerSet,
@@ -136,10 +121,10 @@ struct CachedContract {
 }
 
 impl OnChainKeyServerSet {
-	pub fn new(trusted_client: TrustedClient, self_key_pair: Arc<NodeKeyPair>, auto_migrate_enabled: bool, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Arc<Self>, Error> {
+	pub fn new(trusted_client: TrustedClient, contract_address_source: Option<ContractAddress>, self_key_pair: Arc<NodeKeyPair>, auto_migrate_enabled: bool, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Arc<Self>, Error> {
 		let client = trusted_client.get_untrusted();
 		let key_server_set = Arc::new(OnChainKeyServerSet {
-			contract: Mutex::new(CachedContract::new(trusted_client, self_key_pair, auto_migrate_enabled, key_servers)?),
+			contract: Mutex::new(CachedContract::new(trusted_client, contract_address_source, self_key_pair, auto_migrate_enabled, key_servers)?),
 		});
 		client
 			.ok_or_else(|| Error::Internal("Constructing OnChainKeyServerSet without active Client".into()))?
@@ -149,6 +134,10 @@ impl OnChainKeyServerSet {
 }
 
 impl KeyServerSet for OnChainKeyServerSet {
+	fn is_isolated(&self) -> bool {
+		self.contract.lock().is_isolated()
+	}
+
 	fn snapshot(&self) -> KeyServerSetSnapshot {
 		self.contract.lock().snapshot()
 	}
@@ -244,16 +233,21 @@ impl <F: Fn(Vec<u8>) -> Result<Vec<u8>, String>> KeyServerSubset<F> for NewKeySe
 }
 
 impl CachedContract {
-	pub fn new(client: TrustedClient, self_key_pair: Arc<NodeKeyPair>, auto_migrate_enabled: bool, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Self, Error> {
-		let server_set = key_servers.into_iter()
-			.map(|(p, addr)| {
-				let addr = format!("{}:{}", addr.address, addr.port).parse()
-					.map_err(|err| Error::Internal(format!("error parsing node address: {}", err)))?;
-				Ok((p, addr))
-			})
-			.collect::<Result<BTreeMap<_, _>, Error>>()?;
-		Ok(CachedContract {
+	pub fn new(client: TrustedClient, contract_address_source: Option<ContractAddress>, self_key_pair: Arc<NodeKeyPair>, auto_migrate_enabled: bool, key_servers: BTreeMap<Public, NodeAddress>) -> Result<Self, Error> {
+		let server_set = match contract_address_source.is_none() {
+			true => key_servers.into_iter()
+				.map(|(p, addr)| {
+					let addr = format!("{}:{}", addr.address, addr.port).parse()
+						.map_err(|err| Error::Internal(format!("error parsing node address: {}", err)))?;
+					Ok((p, addr))
+				})
+				.collect::<Result<BTreeMap<_, _>, Error>>()?,
+			false => Default::default(),
+		};
+
+		let mut contract =  CachedContract {
 			client: client,
+			contract_address_source: contract_address_source,
 			contract_address: None,
 			contract: key_server::KeyServerSet::default(),
 			auto_migrate_enabled: auto_migrate_enabled,
@@ -266,19 +260,46 @@ impl CachedContract {
 				..Default::default()
 			},
 			self_key_pair: self_key_pair,
-		})
+		};
+		contract.update_contract_address();
+
+		Ok(contract)
+	}
+
+	pub fn update_contract_address(&mut self) {
+		if let Some(ref contract_address_source) = self.contract_address_source {
+			let contract_address = self.client.read_contract_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.into(), contract_address_source);
+			if contract_address != self.contract_address {
+				trace!(target: "secretstore", "{}: Configuring for key server set contract from address {:?}",
+					self.self_key_pair.public(), contract_address);
+
+				self.contract_address = contract_address;
+			}
+		}
 	}
 
 	pub fn update(&mut self, enacted: Vec<H256>, retracted: Vec<H256>) {
+		// no need to update when servers set is hardcoded
+		if self.contract_address_source.is_none() {
+			return;
+		}
+
 		if let Some(client) = self.client.get() {
-			// read new snapshot from registry (if something has changed)
-			self.read_from_registry_if_required(&*client, enacted, retracted);
+			// read new snapshot from reqistry (if something has chnaged)
+			if !enacted.is_empty() || !retracted.is_empty() {
+				self.update_contract_address();
+				self.read_from_registry(&*client);
+			}
 
 			// update number of confirmations (if there's future new set)
 			self.update_number_of_confirmations_if_required(&*client);
 		}
 	}
 
+	fn is_isolated(&self) -> bool {
+		!self.snapshot.current_set.contains_key(self.self_key_pair.public())
+	}
+
 	fn snapshot(&self) -> KeyServerSetSnapshot {
 		self.snapshot.clone()
 	}
@@ -295,12 +316,11 @@ impl CachedContract {
 			let transaction_data = self.contract.functions().start_migration().input(migration_id);
 
 			// send transaction
-			if let Err(error) = self.client.transact_contract(*contract_address, transaction_data) {
-				warn!(target: "secretstore_net", "{}: failed to submit auto-migration start transaction: {}",
-					self.self_key_pair.public(), error);
-			} else {
-				trace!(target: "secretstore_net", "{}: sent auto-migration start transaction",
-					self.self_key_pair.public());
+			match self.client.transact_contract(*contract_address, transaction_data) {
+				Ok(_) => trace!(target: "secretstore_net", "{}: sent auto-migration start transaction",
+					self.self_key_pair.public()),
+				Err(error) => warn!(target: "secretstore_net", "{}: failed to submit auto-migration start transaction: {}",
+					self.self_key_pair.public(), error),
 			}
 		}
 	}
@@ -317,55 +337,16 @@ impl CachedContract {
 			let transaction_data = self.contract.functions().confirm_migration().input(migration_id);
 
 			// send transaction
-			if let Err(error) = self.client.transact_contract(contract_address, transaction_data) {
-				warn!(target: "secretstore_net", "{}: failed to submit auto-migration confirmation transaction: {}",
-					self.self_key_pair.public(), error);
-			} else {
-				trace!(target: "secretstore_net", "{}: sent auto-migration confirm transaction",
-					self.self_key_pair.public());
+			match self.client.transact_contract(contract_address, transaction_data) {
+				Ok(_) => trace!(target: "secretstore_net", "{}: sent auto-migration confirm transaction",
+					self.self_key_pair.public()),
+				Err(error) => warn!(target: "secretstore_net", "{}: failed to submit auto-migration confirmation transaction: {}",
+					self.self_key_pair.public(), error),
 			}
 		}
 	}
 
-	fn read_from_registry_if_required(&mut self, client: &Client, enacted: Vec<H256>, retracted: Vec<H256>) {
-		// read new contract from registry
-		let new_contract_addr = get_confirmed_block_hash(&*client, REQUEST_CONFIRMATIONS_REQUIRED).and_then(|block_hash| client.registry_address(KEY_SERVER_SET_CONTRACT_REGISTRY_NAME.to_owned(), BlockId::Hash(block_hash)));
-
-		// new contract installed => read nodes set from the contract
-		if self.contract_address.as_ref() != new_contract_addr.as_ref() {
-			self.read_from_registry(&*client, new_contract_addr);
-			return;
-		}
-
-		// check for contract events
-		let is_set_changed = self.contract_address.is_some() && enacted.iter()
-			.chain(retracted.iter())
-			.any(|block_hash| !client.logs(Filter {
-				from_block: BlockId::Hash(block_hash.clone()),
-				to_block: BlockId::Hash(block_hash.clone()),
-				address: self.contract_address.map(|address| vec![address]),
-				topics: vec![
-					Some(vec![*ADDED_EVENT_NAME_HASH, *REMOVED_EVENT_NAME_HASH,
-						*MIGRATION_STARTED_EVENT_NAME_HASH, *MIGRATION_COMPLETED_EVENT_NAME_HASH]),
-					None,
-					None,
-					None,
-				],
-				limit: Some(1),
-			}).is_empty());
-
-		// to simplify processing - just re-read the whole nodes set from the contract
-		if is_set_changed {
-			self.read_from_registry(&*client, new_contract_addr);
-		}
-	}
-
-	fn read_from_registry(&mut self, client: &Client, new_contract_address: Option<Address>) {
-		if let Some(ref contract_addr) = new_contract_address {
-			trace!(target: "secretstore", "Configuring for key server set contract from {}", contract_addr);
-		}
-		self.contract_address = new_contract_address;
-
+	fn read_from_registry(&mut self, client: &Client) {
 		let contract_address = match self.contract_address {
 			Some(contract_address) => contract_address,
 			None => {
@@ -505,7 +486,7 @@ fn update_future_set(future_new_set: &mut Option<FutureNewSet>, new_snapshot: &m
 		return;
 	}
 
-	// new no migration is required => no need to delay visibility
+	// no migration is required => no need to delay visibility
 	if !is_migration_required(&new_snapshot.current_set, &new_snapshot.new_set) {
 		*future_new_set = None;
 		return;
@@ -602,18 +583,24 @@ pub mod tests {
 
 	#[derive(Default)]
 	pub struct MapKeyServerSet {
+		is_isolated: bool,
 		nodes: BTreeMap<Public, SocketAddr>,
 	}
 
 	impl MapKeyServerSet {
-		pub fn new(nodes: BTreeMap<Public, SocketAddr>) -> Self {
+		pub fn new(is_isolated: bool, nodes: BTreeMap<Public, SocketAddr>) -> Self {
 			MapKeyServerSet {
+				is_isolated: is_isolated,
 				nodes: nodes,
 			}
 		}
 	}
 
 	impl KeyServerSet for MapKeyServerSet {
+		fn is_isolated(&self) -> bool {
+			self.is_isolated
+		}
+
 		fn snapshot(&self) -> KeyServerSetSnapshot {
 			KeyServerSetSnapshot {
 				current_set: self.nodes.clone(),
diff --git a/secret_store/src/key_storage.rs b/secret_store/src/key_storage.rs
index f5d6df80108..f19630c5c6e 100644
--- a/secret_store/src/key_storage.rs
+++ b/secret_store/src/key_storage.rs
@@ -466,7 +466,6 @@ pub mod tests {
 	#[test]
 	fn persistent_key_storage() {
 		let tempdir = TempDir::new("").unwrap();
-
 		let key1 = ServerKeyId::from(1);
 		let value1 = DocumentKeyShare {
 			author: Default::default(),
diff --git a/secret_store/src/lib.rs b/secret_store/src/lib.rs
index 404c278d53c..74cde2c5a95 100644
--- a/secret_store/src/lib.rs
+++ b/secret_store/src/lib.rs
@@ -82,16 +82,15 @@ pub use traits::{NodeKeyPair, KeyServer};
 pub use self::node_key_pair::{PlainNodeKeyPair, KeyStoreNodeKeyPair};
 
 /// Start new key server instance
-pub fn start(client: Arc<Client>, sync: Arc<SyncProvider>, miner: Arc<Miner>, self_key_pair: Arc<NodeKeyPair>, config: ServiceConfiguration, db: Arc<KeyValueDB>) -> Result<Box<KeyServer>, Error> {
+pub fn start(client: Arc<Client>, sync: Arc<SyncProvider>, miner: Arc<Miner>, self_key_pair: Arc<NodeKeyPair>, mut config: ServiceConfiguration, db: Arc<KeyValueDB>) -> Result<Box<KeyServer>, Error> {
 	let trusted_client = trusted_client::TrustedClient::new(self_key_pair.clone(), client.clone(), sync, miner);
-	let acl_storage: Arc<acl_storage::AclStorage> = if config.acl_check_enabled {
-			acl_storage::OnChainAclStorage::new(trusted_client.clone())?
-		} else {
-			Arc::new(acl_storage::DummyAclStorage::default())
-		};
-
-	let key_server_set = key_server_set::OnChainKeyServerSet::new(trusted_client.clone(), self_key_pair.clone(),
-		config.cluster_config.auto_migrate_enabled, config.cluster_config.nodes.clone())?;
+	let acl_storage: Arc<acl_storage::AclStorage> = match config.acl_check_contract_address.take() {
+		Some(acl_check_contract_address) => acl_storage::OnChainAclStorage::new(trusted_client.clone(), acl_check_contract_address)?,
+		None => Arc::new(acl_storage::DummyAclStorage::default()),
+	};
+
+	let key_server_set = key_server_set::OnChainKeyServerSet::new(trusted_client.clone(), config.cluster_config.key_server_set_contract_address.take(),
+		self_key_pair.clone(), config.cluster_config.auto_migrate_enabled, config.cluster_config.nodes.clone())?;
 	let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(db)?);
 	let key_server = Arc::new(key_server::KeyServerImpl::new(&config.cluster_config, key_server_set.clone(), self_key_pair.clone(), acl_storage.clone(), key_storage.clone())?);
 	let cluster = key_server.cluster();
diff --git a/secret_store/src/listener/service_contract.rs b/secret_store/src/listener/service_contract.rs
index 72c23b86b57..daf70cd6488 100644
--- a/secret_store/src/listener/service_contract.rs
+++ b/secret_store/src/listener/service_contract.rs
@@ -18,7 +18,7 @@ use std::sync::Arc;
 use parking_lot::RwLock;
 use ethabi::RawLog;
 use ethcore::filter::Filter;
-use ethcore::client::{Client, BlockChainClient, BlockId, RegistryInfo, CallContract};
+use ethcore::client::{Client, BlockChainClient, BlockId, CallContract};
 use ethkey::{Public, public_to_address};
 use hash::keccak;
 use bytes::Bytes;
@@ -99,8 +99,8 @@ pub struct OnChainServiceContract {
 	self_key_pair: Arc<NodeKeyPair>,
 	/// Contract registry name (if any).
 	name: String,
-	/// Contract address.
-	address: ContractAddress,
+	/// Contract address source.
+	address_source: ContractAddress,
 	/// Contract.
 	contract: service::Service,
 	/// Contract.
@@ -109,8 +109,8 @@ pub struct OnChainServiceContract {
 
 /// On-chain service contract data.
 struct ServiceData {
-	/// Actual contract address.
-	pub contract_address: Address,
+	/// Current contract address.
+	pub contract_address: Option<Address>,
 	/// Last block we have read logs from.
 	pub last_log_block: Option<H256>,
 }
@@ -136,38 +136,26 @@ struct DocumentKeyShadowRetrievalService;
 
 impl OnChainServiceContract {
 	/// Create new on-chain service contract.
-	pub fn new(mask: ApiMask, client: TrustedClient, name: String, address: ContractAddress, self_key_pair: Arc<NodeKeyPair>) -> Self {
-		let contract_addr = match address {
-			ContractAddress::Registry => client.get().and_then(|c| c.registry_address(name.clone(), BlockId::Latest)
-				.map(|address| {
-					trace!(target: "secretstore", "{}: installing {} service contract from address {}",
-						self_key_pair.public(), name, address);
-					address
-				}))
-				.unwrap_or_default(),
-			ContractAddress::Address(ref address) => {
-				trace!(target: "secretstore", "{}: installing service contract from address {}",
-					self_key_pair.public(), address);
-				address.clone()
-			},
-		};
-
-		OnChainServiceContract {
+	pub fn new(mask: ApiMask, client: TrustedClient, name: String, address_source: ContractAddress, self_key_pair: Arc<NodeKeyPair>) -> Self {
+		let contract = OnChainServiceContract {
 			mask: mask,
 			client: client,
 			self_key_pair: self_key_pair,
 			name: name,
-			address: address,
+			address_source: address_source,
 			contract: service::Service::default(),
 			data: RwLock::new(ServiceData {
-				contract_address: contract_addr,
+				contract_address: None,
 				last_log_block: None,
 			}),
-		}
+		};
+
+		contract.update_contract_address();
+		contract
 	}
 
 	/// Send transaction to the service contract.
-	fn send_contract_transaction<C, P>(&self, origin: &Address, server_key_id: &ServerKeyId, is_response_required: C, prepare_tx: P) -> Result<(), String>
+	fn send_contract_transaction<C, P>(&self, tx_name: &str, origin: &Address, server_key_id: &ServerKeyId, is_response_required: C, prepare_tx: P) -> Result<(), String>
 		where C: FnOnce(&Client, &Address, &service::Service, &ServerKeyId, &Address) -> bool,
 			P: FnOnce(&Client, &Address, &service::Service) -> Result<Bytes, String> {
 		// only publish if contract address is set && client is online
@@ -193,6 +181,9 @@ impl OnChainServiceContract {
 			transaction_data
 		).map_err(|e| format!("{}", e))?;
 
+		trace!(target: "secretstore", "{}: transaction {} sent to service contract",
+			self.self_key_pair.public(), tx_name);
+
 		Ok(())
 	}
 
@@ -228,26 +219,25 @@ impl OnChainServiceContract {
 			.ok()
 			.unwrap_or_else(|| Box::new(::std::iter::empty()))
 	}
+
+	/// Update service contract address.
+	fn update_contract_address(&self) -> bool {
+		let contract_address = self.client.read_contract_address(self.name.clone(), &self.address_source);
+		let mut data = self.data.write();
+		if contract_address != data.contract_address {
+			trace!(target: "secretstore", "{}: installing {} service contract from address {:?}",
+				self.self_key_pair.public(), self.name, contract_address);
+
+			data.contract_address = contract_address;
+		}
+
+		data.contract_address.is_some()
+	}
 }
 
 impl ServiceContract for OnChainServiceContract {
 	fn update(&self) -> bool {
-		if let &ContractAddress::Registry = &self.address {
-			if let Some(client) = self.client.get() {
-				if let Some(block_hash) = get_confirmed_block_hash(&*client, REQUEST_CONFIRMATIONS_REQUIRED) {
-					// update contract address from registry
-					let service_contract_addr = client.registry_address(self.name.clone(), BlockId::Hash(block_hash)).unwrap_or_default();
-					if self.data.read().contract_address != service_contract_addr {
-						trace!(target: "secretstore", "{}: installing {} service contract from address {}",
-							   self.self_key_pair.public(), self.name, service_contract_addr);
-						self.data.write().contract_address = service_contract_addr;
-					}
-				}
-			}
-		}
-
-		self.data.read().contract_address != Default::default()
-			&& self.client.get().is_some()
+		self.update_contract_address() && self.client.get().is_some()
 	}
 
 	fn read_logs(&self) -> Box<Iterator<Item=ServiceTask>> {
@@ -263,7 +253,10 @@ impl ServiceContract for OnChainServiceContract {
 		// prepare range of blocks to read logs from
 		let (address, first_block, last_block) = {
 			let mut data = self.data.write();
-			let address = data.contract_address;
+			let address = match data.contract_address {
+				Some(address) => address,
+				None => return Box::new(::std::iter::empty()), // no contract installed
+			};
 			let confirmed_block = match get_confirmed_block_hash(&*client, REQUEST_CONFIRMATIONS_REQUIRED) {
 				Some(confirmed_block) => confirmed_block,
 				None => return Box::new(::std::iter::empty()), // no block with enough confirmations
@@ -326,31 +319,31 @@ impl ServiceContract for OnChainServiceContract {
 		// we only need requests that are here for more than REQUEST_CONFIRMATIONS_REQUIRED blocks
 		// => we're reading from Latest - (REQUEST_CONFIRMATIONS_REQUIRED + 1) block
 		let data = self.data.read();
-		match data.contract_address == Default::default() {
-			true => Box::new(::std::iter::empty()),
-			false => get_confirmed_block_hash(&*client, REQUEST_CONFIRMATIONS_REQUIRED + 1)
+		match data.contract_address {
+			None => Box::new(::std::iter::empty()),
+			Some(contract_address) => get_confirmed_block_hash(&*client, REQUEST_CONFIRMATIONS_REQUIRED + 1)
 				.map(|b| {
 					let block = BlockId::Hash(b);
 					let iter = match self.mask.server_key_generation_requests {
-						true => Box::new(self.create_pending_requests_iterator(client.clone(), &data.contract_address, &block,
+						true => Box::new(self.create_pending_requests_iterator(client.clone(), &contract_address, &block,
 							&ServerKeyGenerationService::read_pending_requests_count,
 							&ServerKeyGenerationService::read_pending_request)) as Box<Iterator<Item=(bool, ServiceTask)>>,
 						false => Box::new(::std::iter::empty()),
 					};
 					let iter = match self.mask.server_key_retrieval_requests {
-						true => Box::new(iter.chain(self.create_pending_requests_iterator(client.clone(), &data.contract_address, &block,
+						true => Box::new(iter.chain(self.create_pending_requests_iterator(client.clone(), &contract_address, &block,
 							&ServerKeyRetrievalService::read_pending_requests_count,
 							&ServerKeyRetrievalService::read_pending_request))),
 						false => iter,
 					};
 					let iter = match self.mask.document_key_store_requests {
-						true => Box::new(iter.chain(self.create_pending_requests_iterator(client.clone(), &data.contract_address, &block,
+						true => Box::new(iter.chain(self.create_pending_requests_iterator(client.clone(), &contract_address, &block,
 							&DocumentKeyStoreService::read_pending_requests_count,
 							&DocumentKeyStoreService::read_pending_request))),
 						false => iter,
 					};
 					let iter = match self.mask.document_key_shadow_retrieval_requests {
-						true => Box::new(iter.chain(self.create_pending_requests_iterator(client, &data.contract_address, &block,
+						true => Box::new(iter.chain(self.create_pending_requests_iterator(client, &contract_address, &block,
 							&DocumentKeyShadowRetrievalService::read_pending_requests_count,
 							&DocumentKeyShadowRetrievalService::read_pending_request))),
 						false => iter
@@ -363,63 +356,59 @@ impl ServiceContract for OnChainServiceContract {
 	}
 
 	fn publish_generated_server_key(&self, origin: &Address, server_key_id: &ServerKeyId, server_key: Public) -> Result<(), String> {
-		self.send_contract_transaction(origin, server_key_id, ServerKeyGenerationService::is_response_required, |_, _, service|
-			Ok(ServerKeyGenerationService::prepare_pubish_tx_data(service, server_key_id, &server_key))
-		)
+		self.send_contract_transaction("publish_generated_server_key", origin, server_key_id, ServerKeyGenerationService::is_response_required,
+			|_, _, service| Ok(ServerKeyGenerationService::prepare_pubish_tx_data(service, server_key_id, &server_key)))
 	}
 
 	fn publish_server_key_generation_error(&self, origin: &Address, server_key_id: &ServerKeyId) -> Result<(), String> {
-		self.send_contract_transaction(origin, server_key_id, ServerKeyGenerationService::is_response_required, |_, _, service|
-			Ok(ServerKeyGenerationService::prepare_error_tx_data(service, server_key_id))
-		)
+		self.send_contract_transaction("publish_server_key_generation_error", origin, server_key_id, ServerKeyGenerationService::is_response_required,
+			|_, _, service| Ok(ServerKeyGenerationService::prepare_error_tx_data(service, server_key_id)))
 	}
 
 	fn publish_retrieved_server_key(&self, origin: &Address, server_key_id: &ServerKeyId, server_key: Public, threshold: usize) -> Result<(), String> {
 		let threshold = serialize_threshold(threshold)?;
-		self.send_contract_transaction(origin, server_key_id, ServerKeyRetrievalService::is_response_required, |_, _, service|
-			Ok(ServerKeyRetrievalService::prepare_pubish_tx_data(service, server_key_id, server_key, threshold))
-		)
+		self.send_contract_transaction("publish_retrieved_server_key", origin, server_key_id, ServerKeyRetrievalService::is_response_required,
+			|_, _, service| Ok(ServerKeyRetrievalService::prepare_pubish_tx_data(service, server_key_id, server_key, threshold)))
 	}
 
 	fn publish_server_key_retrieval_error(&self, origin: &Address, server_key_id: &ServerKeyId) -> Result<(), String> {
-		self.send_contract_transaction(origin, server_key_id, ServerKeyRetrievalService::is_response_required, |_, _, service|
-			Ok(ServerKeyRetrievalService::prepare_error_tx_data(service, server_key_id))
-		)
+		self.send_contract_transaction("publish_server_key_retrieval_error", origin, server_key_id, ServerKeyRetrievalService::is_response_required,
+			|_, _, service| Ok(ServerKeyRetrievalService::prepare_error_tx_data(service, server_key_id)))
 	}
 
 	fn publish_stored_document_key(&self, origin: &Address, server_key_id: &ServerKeyId) -> Result<(), String> {
-		self.send_contract_transaction(origin, server_key_id, DocumentKeyStoreService::is_response_required, |_, _, service|
-			Ok(DocumentKeyStoreService::prepare_pubish_tx_data(service, server_key_id))
-		)
+		self.send_contract_transaction("publish_stored_document_key", origin, server_key_id, DocumentKeyStoreService::is_response_required,
+			|_, _, service| Ok(DocumentKeyStoreService::prepare_pubish_tx_data(service, server_key_id)))
 	}
 
 	fn publish_document_key_store_error(&self, origin: &Address, server_key_id: &ServerKeyId) -> Result<(), String> {
-		self.send_contract_transaction(origin, server_key_id, DocumentKeyStoreService::is_response_required, |_, _, service|
-			Ok(DocumentKeyStoreService::prepare_error_tx_data(service, server_key_id))
-		)
+		self.send_contract_transaction("publish_document_key_store_error", origin, server_key_id, DocumentKeyStoreService::is_response_required,
+			|_, _, service| Ok(DocumentKeyStoreService::prepare_error_tx_data(service, server_key_id)))
 	}
 
 	fn publish_retrieved_document_key_common(&self, origin: &Address, server_key_id: &ServerKeyId, requester: &Address, common_point: Public, threshold: usize) -> Result<(), String> {
 		let threshold = serialize_threshold(threshold)?;
-		self.send_contract_transaction(origin, server_key_id, |client, contract_address, contract, server_key_id, key_server|
-			DocumentKeyShadowRetrievalService::is_response_required(client, contract_address, contract, server_key_id, requester, key_server),
-		|_, _, service|
-			Ok(DocumentKeyShadowRetrievalService::prepare_pubish_common_tx_data(service, server_key_id, requester, common_point, threshold))
+		self.send_contract_transaction("publish_retrieved_document_key_common", origin, server_key_id,
+			|client, contract_address, contract, server_key_id, key_server|
+				DocumentKeyShadowRetrievalService::is_response_required(client, contract_address, contract, server_key_id, requester, key_server),
+			|_, _, service|
+				Ok(DocumentKeyShadowRetrievalService::prepare_pubish_common_tx_data(service, server_key_id, requester, common_point, threshold))
 		)
 	}
 
 	fn publish_retrieved_document_key_personal(&self, origin: &Address, server_key_id: &ServerKeyId, requester: &Address, participants: &[Address], decrypted_secret: Public, shadow: Bytes) -> Result<(), String> {
-		self.send_contract_transaction(origin, server_key_id, |_, _, _, _, _| true,
+		self.send_contract_transaction("publish_retrieved_document_key_personal", origin, server_key_id, |_, _, _, _, _| true,
 		move |client, address, service|
 			DocumentKeyShadowRetrievalService::prepare_pubish_personal_tx_data(client, address, service, server_key_id, requester, participants, decrypted_secret, shadow)
 		)
 	}
 
 	fn publish_document_key_retrieval_error(&self, origin: &Address, server_key_id: &ServerKeyId, requester: &Address) -> Result<(), String> {
-		self.send_contract_transaction(origin, server_key_id, |client, contract_address, contract, server_key_id, key_server|
-			DocumentKeyShadowRetrievalService::is_response_required(client, contract_address, contract, server_key_id, requester, key_server),
-		|_, _, service|
-			Ok(DocumentKeyShadowRetrievalService::prepare_error_tx_data(service, server_key_id, requester))
+		self.send_contract_transaction("publish_document_key_retrieval_error", origin, server_key_id,
+			|client, contract_address, contract, server_key_id, key_server|
+				DocumentKeyShadowRetrievalService::is_response_required(client, contract_address, contract, server_key_id, requester, key_server),
+			|_, _, service|
+				Ok(DocumentKeyShadowRetrievalService::prepare_error_tx_data(service, server_key_id, requester))
 		)
 	}
 }
@@ -742,16 +731,16 @@ impl DocumentKeyShadowRetrievalService {
 					.map(|not_confirmed| (
 						not_confirmed,
 						match is_common_retrieval_completed {
-							true => ServiceTask::RetrieveShadowDocumentKeyCommon(
+							true => ServiceTask::RetrieveShadowDocumentKeyPersonal(
 								contract_address.clone(),
 								server_key_id,
-								public_to_address(&requester),
+								requester,
 							),
-							false => ServiceTask::RetrieveShadowDocumentKeyPersonal(
+							false => ServiceTask::RetrieveShadowDocumentKeyCommon(
 								contract_address.clone(),
 								server_key_id,
-								requester,
-							)
+								public_to_address(&requester),
+							),
 						},
 					))
 					.map_err(|error| format!("{}", error))
diff --git a/secret_store/src/listener/service_contract_listener.rs b/secret_store/src/listener/service_contract_listener.rs
index 724c902d12c..8dc549a729f 100644
--- a/secret_store/src/listener/service_contract_listener.rs
+++ b/secret_store/src/listener/service_contract_listener.rs
@@ -25,11 +25,13 @@ use ethkey::{Public, public_to_address};
 use bytes::Bytes;
 use ethereum_types::{H256, U256, Address};
 use key_server_set::KeyServerSet;
-use key_server_cluster::{ClusterClient, ClusterSessionsListener, ClusterSession};
+use key_server_cluster::{NodeId, ClusterClient, ClusterSessionsListener, ClusterSession};
 use key_server_cluster::math;
 use key_server_cluster::generation_session::SessionImpl as GenerationSession;
 use key_server_cluster::encryption_session::{check_encrypted_data, update_encrypted_data};
 use key_server_cluster::decryption_session::SessionImpl as DecryptionSession;
+use key_server_cluster::key_version_negotiation_session::{SessionImpl as KeyVersionNegotiationSession,
+	IsolatedSessionTransport as KeyVersionNegotiationTransport, FailedContinueAction};
 use key_storage::KeyStorage;
 use acl_storage::AclStorage;
 use listener::service_contract::ServiceContract;
@@ -138,7 +140,6 @@ impl ServiceContractListener {
 			key_server_set: params.key_server_set,
 			key_storage: params.key_storage,
 		});
-		data.tasks_queue.push(ServiceTask::Retry);
 
 		// we are not starting thread when in test mode
 		let service_handle = if cfg!(test) {
@@ -154,11 +155,17 @@ impl ServiceContractListener {
 		});
 		contract.data.cluster.add_generation_listener(contract.clone());
 		contract.data.cluster.add_decryption_listener(contract.clone());
+		contract.data.cluster.add_key_version_negotiation_listener(contract.clone());
 		Ok(contract)
 	}
 
 	/// Process incoming events of service contract.
 	fn process_service_contract_events(&self) {
+		// shortcut: do not process events if we're isolated from the cluster
+		if self.data.key_server_set.is_isolated() {
+			return;
+		}
+
 		self.data.tasks_queue.push_many(self.data.contract.read_logs()
 			.filter_map(|task| Self::filter_task(&self.data, task)));
 	}
@@ -168,7 +175,7 @@ impl ServiceContractListener {
 		match task {
 			// when this node should be master of this server key generation session
 			ServiceTask::GenerateServerKey(origin, server_key_id, author, threshold) if is_processed_by_this_key_server(
-				&*data.key_server_set, &*data.self_key_pair, &server_key_id) =>
+				&*data.key_server_set, data.self_key_pair.public(), &server_key_id) =>
 				Some(ServiceTask::GenerateServerKey(origin, server_key_id, author, threshold)),
 			// when server key is not yet generated and generation must be initiated by other node
 			ServiceTask::GenerateServerKey(_, _, _, _) => None,
@@ -187,7 +194,7 @@ impl ServiceContractListener {
 
 			// when this node should be master of this document key decryption session
 			ServiceTask::RetrieveShadowDocumentKeyPersonal(origin, server_key_id, requester) if is_processed_by_this_key_server(
-				&*data.key_server_set, &*data.self_key_pair, &server_key_id) =>
+				&*data.key_server_set, data.self_key_pair.public(), &server_key_id) =>
 				Some(ServiceTask::RetrieveShadowDocumentKeyPersonal(origin, server_key_id, requester)),
 			// when server key is not yet generated and generation must be initiated by other node
 			ServiceTask::RetrieveShadowDocumentKeyPersonal(_, _, _) => None,
@@ -211,7 +218,7 @@ impl ServiceContractListener {
 			};
 		}
 
-		trace!(target: "secretstore_net", "{}: ServiceContractListener thread stopped", data.self_key_pair.public());
+		trace!(target: "secretstore", "{}: ServiceContractListener thread stopped", data.self_key_pair.public());
 	}
 
 	/// Process single service task.
@@ -430,7 +437,7 @@ impl Drop for ServiceContractListener {
 impl ChainNotify for ServiceContractListener {
 	fn new_blocks(&self, _imported: Vec<H256>, _invalid: Vec<H256>, route: ChainRoute, _sealed: Vec<H256>, _proposed: Vec<Bytes>, _duration: Duration) {
 		let enacted_len = route.enacted().len();
-		if enacted_len == 0 {
+		if enacted_len == 0 && route.retracted().is_empty() {
 			return;
 		}
 
@@ -443,8 +450,11 @@ impl ChainNotify for ServiceContractListener {
 		// schedule retry if received enough blocks since last retry
 		// it maybe inaccurate when switching syncing/synced states, but that's ok
 		if self.data.last_retry.fetch_add(enacted_len, Ordering::Relaxed) >= RETRY_INTERVAL_BLOCKS {
-			self.data.tasks_queue.push(ServiceTask::Retry);
-			self.data.last_retry.store(0, Ordering::Relaxed);
+			// shortcut: do not retry if we're isolated from the cluster
+			if !self.data.key_server_set.is_isolated() {
+				self.data.tasks_queue.push(ServiceTask::Retry);
+				self.data.last_retry.store(0, Ordering::Relaxed);
+			}
 		}
 	}
 }
@@ -491,6 +501,35 @@ impl ClusterSessionsListener<DecryptionSession> for ServiceContractListener {
 	}
 }
 
+impl ClusterSessionsListener<KeyVersionNegotiationSession<KeyVersionNegotiationTransport>> for ServiceContractListener {
+	fn on_session_removed(&self, session: Arc<KeyVersionNegotiationSession<KeyVersionNegotiationTransport>>) {
+		// by this time sesion must already be completed - either successfully, or not
+		assert!(session.is_finished());
+
+		// we're interested in:
+		// 1) sessions failed with fatal error
+		// 2) with decryption continue action
+		let error = match session.wait() {
+			Err(ref error) if !error.is_non_fatal() => error.clone(),
+			_ => return,
+		};
+
+		let (origin, requester) = match session.take_failed_continue_action() {
+			Some(FailedContinueAction::Decrypt(Some(origin), requester)) => (origin, requester),
+			_ => return,
+		};
+
+		// check if master node is responsible for processing key requests
+		let meta = session.meta();
+		if !is_processed_by_this_key_server(&*self.data.key_server_set, &meta.master_node_id, &meta.id) {
+			return;
+		}
+
+		// ignore result as we're already processing an error
+		let _ = Self::process_document_key_retrieval_result(&self.data, origin, &meta.id, &requester, Err(error));
+	}
+}
+
 impl ::std::fmt::Display for ServiceTask {
 	fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result {
 		match *self {
@@ -520,8 +559,8 @@ fn log_service_task_result(task: &ServiceTask, self_id: &Public, result: Result<
 	result
 }
 
-/// Returns true when session, related to `server_key_id` must be started on this KeyServer.
-fn is_processed_by_this_key_server(key_server_set: &KeyServerSet, self_key_pair: &NodeKeyPair, server_key_id: &H256) -> bool {
+/// Returns true when session, related to `server_key_id` must be started on `node`.
+fn is_processed_by_this_key_server(key_server_set: &KeyServerSet, node: &NodeId, server_key_id: &H256) -> bool {
 	let servers = key_server_set.snapshot().current_set;
 	let total_servers_count = servers.len();
 	match total_servers_count {
@@ -530,7 +569,7 @@ fn is_processed_by_this_key_server(key_server_set: &KeyServerSet, self_key_pair:
 		_ => (),
 	}
 
-	let this_server_index = match servers.keys().enumerate().find(|&(_, s)| s == self_key_pair.public()) {
+	let this_server_index = match servers.keys().enumerate().find(|&(_, s)| s == node) {
 		Some((index, _)) => index,
 		None => return false,
 	};
@@ -554,8 +593,9 @@ mod tests {
 	use acl_storage::{AclStorage, DummyAclStorage};
 	use key_storage::{KeyStorage, DocumentKeyShare};
 	use key_storage::tests::DummyKeyStorage;
+	use key_server_set::KeyServerSet;
 	use key_server_set::tests::MapKeyServerSet;
-	use {PlainNodeKeyPair, ServerKeyId};
+	use {NodeKeyPair, PlainNodeKeyPair, ServerKeyId};
 	use super::{ServiceTask, ServiceContractListener, ServiceContractListenerParams, is_processed_by_this_key_server};
 
 	fn create_non_empty_key_storage(has_doc_key: bool) -> Arc<DummyKeyStorage> {
@@ -571,19 +611,23 @@ mod tests {
 		key_storage
 	}
 
-	fn make_service_contract_listener(contract: Option<Arc<ServiceContract>>, cluster: Option<Arc<DummyClusterClient>>, key_storage: Option<Arc<KeyStorage>>, acl_storage: Option<Arc<AclStorage>>) -> Arc<ServiceContractListener> {
-		let contract = contract.unwrap_or_else(|| Arc::new(DummyServiceContract::default()));
-		let cluster = cluster.unwrap_or_else(|| Arc::new(DummyClusterClient::default()));
-		let key_storage = key_storage.unwrap_or_else(|| Arc::new(DummyKeyStorage::default()));
-		let acl_storage = acl_storage.unwrap_or_else(|| Arc::new(DummyAclStorage::default()));
-		let servers_set = Arc::new(MapKeyServerSet::new(vec![
+	fn make_servers_set(is_isolated: bool) -> Arc<KeyServerSet> {
+		Arc::new(MapKeyServerSet::new(is_isolated, vec![
 			("79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8".parse().unwrap(),
 				"127.0.0.1:8080".parse().unwrap()),
 			("c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee51ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a".parse().unwrap(),
 				"127.0.0.1:8080".parse().unwrap()),
 			("f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672".parse().unwrap(),
 				"127.0.0.1:8080".parse().unwrap()),
-		].into_iter().collect()));
+		].into_iter().collect()))
+	}
+
+	fn make_service_contract_listener(contract: Option<Arc<ServiceContract>>, cluster: Option<Arc<DummyClusterClient>>, key_storage: Option<Arc<KeyStorage>>, acl_storage: Option<Arc<AclStorage>>, servers_set: Option<Arc<KeyServerSet>>) -> Arc<ServiceContractListener> {
+		let contract = contract.unwrap_or_else(|| Arc::new(DummyServiceContract::default()));
+		let cluster = cluster.unwrap_or_else(|| Arc::new(DummyClusterClient::default()));
+		let key_storage = key_storage.unwrap_or_else(|| Arc::new(DummyKeyStorage::default()));
+		let acl_storage = acl_storage.unwrap_or_else(|| Arc::new(DummyAclStorage::default()));
+		let servers_set = servers_set.unwrap_or_else(|| make_servers_set(false));
 		let self_key_pair = Arc::new(PlainNodeKeyPair::new(KeyPair::from_secret("0000000000000000000000000000000000000000000000000000000000000001".parse().unwrap()).unwrap()));
 		ServiceContractListener::new(ServiceContractListenerParams {
 			contract: contract,
@@ -599,7 +643,7 @@ mod tests {
 	fn is_not_processed_by_this_key_server_with_zero_servers() {
 		assert_eq!(is_processed_by_this_key_server(
 			&MapKeyServerSet::default(),
-			&PlainNodeKeyPair::new(Random.generate().unwrap()),
+			Random.generate().unwrap().public(),
 			&Default::default()), false);
 	}
 
@@ -607,27 +651,27 @@ mod tests {
 	fn is_processed_by_this_key_server_with_single_server() {
 		let self_key_pair = Random.generate().unwrap();
 		assert_eq!(is_processed_by_this_key_server(
-			&MapKeyServerSet::new(vec![
+			&MapKeyServerSet::new(false, vec![
 				(self_key_pair.public().clone(), "127.0.0.1:8080".parse().unwrap())
 			].into_iter().collect()),
-			&PlainNodeKeyPair::new(self_key_pair),
+			self_key_pair.public(),
 			&Default::default()), true);
 	}
 
 	#[test]
 	fn is_not_processed_by_this_key_server_when_not_a_part_of_servers_set() {
 		assert!(is_processed_by_this_key_server(
-			&MapKeyServerSet::new(vec![
+			&MapKeyServerSet::new(false, vec![
 				(Random.generate().unwrap().public().clone(), "127.0.0.1:8080".parse().unwrap())
 			].into_iter().collect()),
-			&PlainNodeKeyPair::new(Random.generate().unwrap()),
+			Random.generate().unwrap().public(),
 			&Default::default()));
 	}
 
 	#[test]
 	fn is_processed_by_this_key_server_in_set_of_3() {
 		// servers set is ordered && server range depends on index of this server
-		let servers_set = MapKeyServerSet::new(vec![
+		let servers_set = MapKeyServerSet::new(false, vec![
 			// secret: 0000000000000000000000000000000000000000000000000000000000000001
 			("79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8".parse().unwrap(),
 				"127.0.0.1:8080".parse().unwrap()),
@@ -642,46 +686,46 @@ mod tests {
 		// 1st server: process hashes [0x0; 0x555...555]
 		let key_pair = PlainNodeKeyPair::new(KeyPair::from_secret(
 			"0000000000000000000000000000000000000000000000000000000000000001".parse().unwrap()).unwrap());
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"0000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"3000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"5555555555555555555555555555555555555555555555555555555555555555".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"5555555555555555555555555555555555555555555555555555555555555556".parse().unwrap()), false);
 
 		// 2nd server: process hashes from 0x555...556 to 0xaaa...aab
 		let key_pair = PlainNodeKeyPair::new(KeyPair::from_secret(
 			"0000000000000000000000000000000000000000000000000000000000000002".parse().unwrap()).unwrap());
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"5555555555555555555555555555555555555555555555555555555555555555".parse().unwrap()), false);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"5555555555555555555555555555555555555555555555555555555555555556".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"7555555555555555555555555555555555555555555555555555555555555555".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac".parse().unwrap()), false);
 
 		// 3rd server: process hashes from 0x800...000 to 0xbff...ff
 		let key_pair = PlainNodeKeyPair::new(KeyPair::from_secret(
 			"0000000000000000000000000000000000000000000000000000000000000003".parse().unwrap()).unwrap());
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab".parse().unwrap()), false);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"daaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), true);
 	}
 
 	#[test]
 	fn is_processed_by_this_key_server_in_set_of_4() {
 		// servers set is ordered && server range depends on index of this server
-		let servers_set = MapKeyServerSet::new(vec![
+		let servers_set = MapKeyServerSet::new(false, vec![
 			// secret: 0000000000000000000000000000000000000000000000000000000000000001
 			("79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8".parse().unwrap(),
 				"127.0.0.1:8080".parse().unwrap()),
@@ -699,62 +743,72 @@ mod tests {
 		// 1st server: process hashes [0x0; 0x3ff...ff]
 		let key_pair = PlainNodeKeyPair::new(KeyPair::from_secret(
 			"0000000000000000000000000000000000000000000000000000000000000001".parse().unwrap()).unwrap());
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"0000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"2000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"4000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), false);
 
 		// 2nd server: process hashes from 0x400...000 to 0x7ff...ff
 		let key_pair = PlainNodeKeyPair::new(KeyPair::from_secret(
 			"0000000000000000000000000000000000000000000000000000000000000002".parse().unwrap()).unwrap());
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), false);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"4000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"6000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"8000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), false);
 
 		// 3rd server: process hashes from 0x800...000 to 0xbff...ff
 		let key_pair = PlainNodeKeyPair::new(KeyPair::from_secret(
 			"0000000000000000000000000000000000000000000000000000000000000004".parse().unwrap()).unwrap());
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), false);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"8000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"a000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"bfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"c000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), false);
 
 		// 4th server: process hashes from 0xc00...000 to 0xfff...ff
 		let key_pair = PlainNodeKeyPair::new(KeyPair::from_secret(
 			"0000000000000000000000000000000000000000000000000000000000000003".parse().unwrap()).unwrap());
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"bfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), false);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"c000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"e000000000000000000000000000000000000000000000000000000000000000".parse().unwrap()), true);
-		assert_eq!(is_processed_by_this_key_server(&servers_set, &key_pair,
+		assert_eq!(is_processed_by_this_key_server(&servers_set, key_pair.public(),
 			&"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap()), true);
 	}
 
 	#[test]
 	fn no_tasks_scheduled_when_no_contract_events() {
-		let listener = make_service_contract_listener(None, None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(None, None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
+	}
+
+	#[test]
+	fn tasks_are_not_scheduled_on_isolated_node() {
+		let mut contract = DummyServiceContract::default();
+		contract.logs.push(ServiceTask::GenerateServerKey(Default::default(), Default::default(), Default::default(), 0));
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, Some(make_servers_set(true)));
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
+		listener.process_service_contract_events();
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 	}
 
 	// server key generation tests
@@ -763,10 +817,10 @@ mod tests {
 	fn server_key_generation_is_scheduled_when_requested() {
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::GenerateServerKey(Default::default(), Default::default(), Default::default(), 0));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 2);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
 		assert_eq!(listener.data.tasks_queue.snapshot().pop_back(), Some(ServiceTask::GenerateServerKey(
 			Default::default(), Default::default(), Default::default(), 0)));
 	}
@@ -776,16 +830,16 @@ mod tests {
 		let server_key_id = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap();
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::GenerateServerKey(Default::default(), server_key_id, Default::default(), 0));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 	}
 
 	#[test]
 	fn generation_session_is_created_when_processing_generate_server_key_task() {
 		let cluster = Arc::new(DummyClusterClient::default());
-		let listener = make_service_contract_listener(None, Some(cluster.clone()), None, None);
+		let listener = make_service_contract_listener(None, Some(cluster.clone()), None, None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::GenerateServerKey(
 			Default::default(), Default::default(), Default::default(), Default::default())).unwrap_err();
 		assert_eq!(cluster.generation_requests_count.load(Ordering::Relaxed), 1);
@@ -797,7 +851,7 @@ mod tests {
 		contract.pending_requests.push((false, ServiceTask::GenerateServerKey(Default::default(),
 			Default::default(), Default::default(), Default::default())));
 		let cluster = Arc::new(DummyClusterClient::default());
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), Some(cluster.clone()), None, None);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), Some(cluster.clone()), None, None, None);
 		listener.data.retry_data.lock().affected_server_keys.insert(Default::default());
 		ServiceContractListener::retry_pending_requests(&listener.data).unwrap();
 		assert_eq!(cluster.generation_requests_count.load(Ordering::Relaxed), 0);
@@ -809,10 +863,10 @@ mod tests {
 	fn server_key_retrieval_is_scheduled_when_requested() {
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::RetrieveServerKey(Default::default(), Default::default()));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 2);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
 		assert_eq!(listener.data.tasks_queue.snapshot().pop_back(), Some(ServiceTask::RetrieveServerKey(
 			Default::default(), Default::default())));
 	}
@@ -822,10 +876,10 @@ mod tests {
 		let server_key_id: ServerKeyId = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap();
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::RetrieveServerKey(Default::default(), server_key_id.clone()));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 2);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
 		assert_eq!(listener.data.tasks_queue.snapshot().pop_back(), Some(ServiceTask::RetrieveServerKey(
 			Default::default(), server_key_id)));
 	}
@@ -834,7 +888,7 @@ mod tests {
 	fn server_key_is_retrieved_when_processing_retrieve_server_key_task() {
 		let contract = Arc::new(DummyServiceContract::default());
 		let key_storage = create_non_empty_key_storage(false);
-		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage), None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage), None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::RetrieveServerKey(
 			Default::default(), Default::default())).unwrap();
 		assert_eq!(*contract.retrieved_server_keys.lock(), vec![(Default::default(),
@@ -844,7 +898,7 @@ mod tests {
 	#[test]
 	fn server_key_retrieval_failure_is_reported_when_processing_retrieve_server_key_task_and_key_is_unknown() {
 		let contract = Arc::new(DummyServiceContract::default());
-		let listener = make_service_contract_listener(Some(contract.clone()), None, None, None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, None, None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::RetrieveServerKey(
 			Default::default(), Default::default())).unwrap();
 		assert_eq!(*contract.server_keys_retrieval_failures.lock(), vec![Default::default()]);
@@ -855,7 +909,7 @@ mod tests {
 		let mut contract = DummyServiceContract::default();
 		contract.pending_requests.push((false, ServiceTask::RetrieveServerKey(Default::default(), Default::default())));
 		let cluster = Arc::new(DummyClusterClient::default());
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), Some(cluster.clone()), None, None);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), Some(cluster.clone()), None, None, None);
 		listener.data.retry_data.lock().affected_server_keys.insert(Default::default());
 		ServiceContractListener::retry_pending_requests(&listener.data).unwrap();
 		assert_eq!(cluster.generation_requests_count.load(Ordering::Relaxed), 0);
@@ -868,10 +922,10 @@ mod tests {
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::StoreDocumentKey(Default::default(), Default::default(),
 			Default::default(), Default::default(), Default::default()));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 2);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
 		assert_eq!(listener.data.tasks_queue.snapshot().pop_back(), Some(ServiceTask::StoreDocumentKey(
 			Default::default(), Default::default(), Default::default(), Default::default(), Default::default())));
 	}
@@ -882,10 +936,10 @@ mod tests {
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::StoreDocumentKey(Default::default(), server_key_id.clone(),
 			Default::default(), Default::default(), Default::default()));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 2);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
 		assert_eq!(listener.data.tasks_queue.snapshot().pop_back(), Some(ServiceTask::StoreDocumentKey(
 			Default::default(), server_key_id, Default::default(), Default::default(), Default::default())));
 	}
@@ -894,7 +948,7 @@ mod tests {
 	fn document_key_is_stored_when_processing_store_document_key_task() {
 		let contract = Arc::new(DummyServiceContract::default());
 		let key_storage = create_non_empty_key_storage(false);
-		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::StoreDocumentKey(
 			Default::default(), Default::default(), Default::default(), Default::default(), Default::default())).unwrap();
 		assert_eq!(*contract.stored_document_keys.lock(), vec![Default::default()]);
@@ -907,7 +961,7 @@ mod tests {
 	#[test]
 	fn document_key_store_failure_reported_when_no_server_key() {
 		let contract = Arc::new(DummyServiceContract::default());
-		let listener = make_service_contract_listener(Some(contract.clone()), None, None, None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, None, None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::StoreDocumentKey(
 			Default::default(), Default::default(), Default::default(), Default::default(), Default::default())).unwrap_err();
 		assert_eq!(*contract.document_keys_store_failures.lock(), vec![Default::default()]);
@@ -917,7 +971,7 @@ mod tests {
 	fn document_key_store_failure_reported_when_document_key_already_set() {
 		let contract = Arc::new(DummyServiceContract::default());
 		let key_storage = create_non_empty_key_storage(true);
-		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage), None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage), None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::StoreDocumentKey(
 			Default::default(), Default::default(), Default::default(), Default::default(), Default::default())).unwrap_err();
 		assert_eq!(*contract.document_keys_store_failures.lock(), vec![Default::default()]);
@@ -927,7 +981,7 @@ mod tests {
 	fn document_key_store_failure_reported_when_author_differs() {
 		let contract = Arc::new(DummyServiceContract::default());
 		let key_storage = create_non_empty_key_storage(false);
-		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage), None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage), None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::StoreDocumentKey(
 			Default::default(), Default::default(), 1.into(), Default::default(), Default::default())).unwrap_err();
 		assert_eq!(*contract.document_keys_store_failures.lock(), vec![Default::default()]);
@@ -939,10 +993,10 @@ mod tests {
 	fn document_key_shadow_common_retrieval_is_scheduled_when_requested() {
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::RetrieveShadowDocumentKeyCommon(Default::default(), Default::default(), Default::default()));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 2);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
 		assert_eq!(listener.data.tasks_queue.snapshot().pop_back(), Some(ServiceTask::RetrieveShadowDocumentKeyCommon(
 			Default::default(), Default::default(), Default::default())));
 	}
@@ -952,10 +1006,10 @@ mod tests {
 		let server_key_id: ServerKeyId = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".parse().unwrap();
 		let mut contract = DummyServiceContract::default();
 		contract.logs.push(ServiceTask::RetrieveShadowDocumentKeyCommon(Default::default(), server_key_id.clone(), Default::default()));
-		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None);
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
+		let listener = make_service_contract_listener(Some(Arc::new(contract)), None, None, None, None);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 0);
 		listener.process_service_contract_events();
-		assert_eq!(listener.data.tasks_queue.snapshot().len(), 2);
+		assert_eq!(listener.data.tasks_queue.snapshot().len(), 1);
 		assert_eq!(listener.data.tasks_queue.snapshot().pop_back(), Some(ServiceTask::RetrieveShadowDocumentKeyCommon(
 			Default::default(), server_key_id, Default::default())));
 	}
@@ -964,7 +1018,7 @@ mod tests {
 	fn document_key_shadow_common_is_retrieved_when_processing_document_key_shadow_common_retrieval_task() {
 		let contract = Arc::new(DummyServiceContract::default());
 		let key_storage = create_non_empty_key_storage(true);
-		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::RetrieveShadowDocumentKeyCommon(
 			Default::default(), Default::default(), Default::default())).unwrap();
 		assert_eq!(*contract.common_shadow_retrieved_document_keys.lock(), vec![(Default::default(), Default::default(),
@@ -977,7 +1031,7 @@ mod tests {
 		acl_storage.prohibit(Default::default(), Default::default());
 		let contract = Arc::new(DummyServiceContract::default());
 		let key_storage = create_non_empty_key_storage(true);
-		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), Some(Arc::new(acl_storage)));
+		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), Some(Arc::new(acl_storage)), None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::RetrieveShadowDocumentKeyCommon(
 			Default::default(), Default::default(), Default::default())).unwrap_err();
 		assert_eq!(*contract.document_keys_shadow_retrieval_failures.lock(), vec![(Default::default(), Default::default())]);
@@ -986,7 +1040,7 @@ mod tests {
 	#[test]
 	fn document_key_shadow_common_retrieval_failure_reported_when_no_server_key() {
 		let contract = Arc::new(DummyServiceContract::default());
-		let listener = make_service_contract_listener(Some(contract.clone()), None, None, None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, None, None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::RetrieveShadowDocumentKeyCommon(
 			Default::default(), Default::default(), Default::default())).unwrap_err();
 		assert_eq!(*contract.document_keys_shadow_retrieval_failures.lock(), vec![(Default::default(), Default::default())]);
@@ -996,7 +1050,7 @@ mod tests {
 	fn document_key_shadow_common_retrieval_failure_reported_when_no_document_key() {
 		let contract = Arc::new(DummyServiceContract::default());
 		let key_storage = create_non_empty_key_storage(false);
-		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), None);
+		let listener = make_service_contract_listener(Some(contract.clone()), None, Some(key_storage.clone()), None, None);
 		ServiceContractListener::process_service_task(&listener.data, ServiceTask::RetrieveShadowDocumentKeyCommon(
 			Default::default(), Default::default(), Default::default())).unwrap_err();
 		assert_eq!(*contract.document_keys_shadow_retrieval_failures.lock(), vec![(Default::default(), Default::default())]);
diff --git a/secret_store/src/trusted_client.rs b/secret_store/src/trusted_client.rs
index cf9c987be39..24db2146000 100644
--- a/secret_store/src/trusted_client.rs
+++ b/secret_store/src/trusted_client.rs
@@ -17,11 +17,12 @@
 use std::sync::{Arc, Weak};
 use bytes::Bytes;
 use ethereum_types::Address;
-use ethcore::client::{Client, BlockChainClient, ChainInfo, Nonce};
+use ethcore::client::{Client, BlockChainClient, ChainInfo, Nonce, BlockId, RegistryInfo};
 use ethcore::miner::{Miner, MinerService};
 use sync::SyncProvider;
 use transaction::{Transaction, SignedTransaction, Action};
-use {Error, NodeKeyPair};
+use helpers::{get_confirmed_block_hash, REQUEST_CONFIRMATIONS_REQUIRED};
+use {Error, NodeKeyPair, ContractAddress};
 
 #[derive(Clone)]
 /// 'Trusted' client weak reference.
@@ -84,6 +85,18 @@ impl TrustedClient {
 		let signed = SignedTransaction::new(transaction.with_signature(signature, chain_id))?;
 		miner.import_own_transaction(&*client, signed.into())
 			.map_err(|e| Error::Internal(format!("failed to import tx: {}", e)))
-			.map(|_| ())
+	}
+
+	/// Read contract address. If address source is registry, address only returned if current client state is
+	/// trusted. Address from registry is read from registry from block latest block with
+	/// REQUEST_CONFIRMATIONS_REQUIRED confirmations.
+	pub fn read_contract_address(&self, registry_name: String, address: &ContractAddress) -> Option<Address> {
+		match *address {
+			ContractAddress::Address(ref address) => Some(address.clone()),
+			ContractAddress::Registry => self.get().and_then(|client|
+				get_confirmed_block_hash(&*client, REQUEST_CONFIRMATIONS_REQUIRED)
+					.and_then(|block| client.registry_address(registry_name, BlockId::Hash(block)))
+			),
+		}
 	}
 }
diff --git a/secret_store/src/types/all.rs b/secret_store/src/types/all.rs
index f0e0388104d..feca4141f08 100644
--- a/secret_store/src/types/all.rs
+++ b/secret_store/src/types/all.rs
@@ -66,8 +66,8 @@ pub struct ServiceConfiguration {
 	pub service_contract_doc_store_address: Option<ContractAddress>,
 	/// Document key shadow retrieval service contract address.
 	pub service_contract_doc_sretr_address: Option<ContractAddress>,
-	/// Is ACL check enabled. If false, everyone has access to all keys. Useful for tests only.
-	pub acl_check_enabled: bool,
+	/// ACL check contract address. If None, everyone has access to all keys. Useful for tests only.
+	pub acl_check_contract_address: Option<ContractAddress>,
 	/// Cluster configuration.
 	pub cluster_config: ClusterConfiguration,
 }
@@ -81,6 +81,8 @@ pub struct ClusterConfiguration {
 	pub listener_address: NodeAddress,
 	/// All cluster nodes addresses.
 	pub nodes: BTreeMap<ethkey::Public, NodeAddress>,
+	/// Key Server Set contract address. If None, servers from 'nodes' map are used.
+	pub key_server_set_contract_address: Option<ContractAddress>,
 	/// Allow outbound connections to 'higher' nodes.
 	/// This is useful for tests, but slower a bit for production.
 	pub allow_connecting_to_higher_nodes: bool,
diff --git a/transaction-pool/Cargo.toml b/transaction-pool/Cargo.toml
index 8965c8cee01..0ba1790a47f 100644
--- a/transaction-pool/Cargo.toml
+++ b/transaction-pool/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 description = "Generic transaction pool."
 name = "transaction-pool"
-version = "1.12.0"
+version = "1.12.1"
 license = "GPL-3.0"
 authors = ["Parity Technologies <admin@parity.io>"]
 
diff --git a/transaction-pool/src/pool.rs b/transaction-pool/src/pool.rs
index dcd52a3e7e6..4bbf00ef240 100644
--- a/transaction-pool/src/pool.rs
+++ b/transaction-pool/src/pool.rs
@@ -15,7 +15,8 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
 use std::sync::Arc;
-use std::collections::{HashMap, BTreeSet};
+use std::slice;
+use std::collections::{hash_map, HashMap, BTreeSet};
 
 use error;
 use listener::{Listener, NoopListener};
@@ -416,7 +417,16 @@ impl<T, S, L> Pool<T, S, L> where
 		PendingIterator {
 			ready,
 			best_transactions,
-			pool: self
+			pool: self,
+		}
+	}
+
+	/// Returns unprioritized list of ready transactions.
+	pub fn unordered_pending<R: Ready<T>>(&self, ready: R) -> UnorderedIterator<T, R, S> {
+		UnorderedIterator {
+			ready,
+			senders: self.transactions.iter(),
+			transactions: None,
 		}
 	}
 
@@ -482,6 +492,50 @@ impl<T, S, L> Pool<T, S, L> where
 	}
 }
 
+/// An iterator over all pending (ready) transactions in unoredered fashion.
+///
+/// NOTE: Current implementation will iterate over all transactions from particular sender
+/// ordered by nonce, but that might change in the future.
+///
+/// NOTE: the transactions are not removed from the queue.
+/// You might remove them later by calling `cull`.
+pub struct UnorderedIterator<'a, T, R, S> where
+	T: VerifiedTransaction + 'a,
+	S: Scoring<T> + 'a,
+{
+	ready: R,
+	senders: hash_map::Iter<'a, T::Sender, Transactions<T, S>>,
+	transactions: Option<slice::Iter<'a, Transaction<T>>>,
+}
+
+impl<'a, T, R, S> Iterator for UnorderedIterator<'a, T, R, S> where
+	T: VerifiedTransaction,
+	R: Ready<T>,
+	S: Scoring<T>,
+{
+	type Item = Arc<T>;
+
+	fn next(&mut self) -> Option<Self::Item> {
+		loop {
+			if let Some(transactions) = self.transactions.as_mut() {
+				if let Some(tx) = transactions.next() {
+					match self.ready.is_ready(&tx) {
+						Readiness::Ready => {
+							return Some(tx.transaction.clone());
+						},
+						state => trace!("[{:?}] Ignoring {:?} transaction.", tx.hash(), state),
+					}
+				}
+			}
+
+			// otherwise fallback and try next sender
+			let next_sender = self.senders.next()?;
+			self.transactions = Some(next_sender.1.iter());
+		}
+	}
+}
+
+
 /// An iterator over all pending (ready) transactions.
 /// NOTE: the transactions are not removed from the queue.
 /// You might remove them later by calling `cull`.
diff --git a/transaction-pool/src/tests/mod.rs b/transaction-pool/src/tests/mod.rs
index 6edd60e60e2..77c25287570 100644
--- a/transaction-pool/src/tests/mod.rs
+++ b/transaction-pool/src/tests/mod.rs
@@ -250,6 +250,66 @@ fn should_construct_pending() {
 	assert_eq!(pending.next(), None);
 }
 
+#[test]
+fn should_return_unordered_iterator() {
+	// given
+	let b = TransactionBuilder::default();
+	let mut txq = TestPool::default();
+
+	let tx0 = txq.import(b.tx().nonce(0).gas_price(5).new()).unwrap();
+	let tx1 = txq.import(b.tx().nonce(1).gas_price(5).new()).unwrap();
+	let tx2 = txq.import(b.tx().nonce(2).new()).unwrap();
+	let tx3 = txq.import(b.tx().nonce(3).gas_price(4).new()).unwrap();
+	//gap
+	txq.import(b.tx().nonce(5).new()).unwrap();
+
+	let tx5 = txq.import(b.tx().sender(1).nonce(0).new()).unwrap();
+	let tx6 = txq.import(b.tx().sender(1).nonce(1).new()).unwrap();
+	let tx7 = txq.import(b.tx().sender(1).nonce(2).new()).unwrap();
+	let tx8 = txq.import(b.tx().sender(1).nonce(3).gas_price(4).new()).unwrap();
+	// gap
+	txq.import(b.tx().sender(1).nonce(5).new()).unwrap();
+
+	let tx9 = txq.import(b.tx().sender(2).nonce(0).new()).unwrap();
+	assert_eq!(txq.light_status().transaction_count, 11);
+	assert_eq!(txq.status(NonceReady::default()), Status {
+		stalled: 0,
+		pending: 9,
+		future: 2,
+	});
+	assert_eq!(txq.status(NonceReady::new(1)), Status {
+		stalled: 3,
+		pending: 6,
+		future: 2,
+	});
+
+	// when
+	let all: Vec<_> = txq.unordered_pending(NonceReady::default()).collect();
+
+	let chain1 = vec![tx0, tx1, tx2, tx3];
+	let chain2 = vec![tx5, tx6, tx7, tx8];
+	let chain3 = vec![tx9];
+
+	assert_eq!(all.len(), chain1.len() + chain2.len() + chain3.len());
+
+	let mut options = vec![
+		vec![chain1.clone(), chain2.clone(), chain3.clone()],
+		vec![chain2.clone(), chain1.clone(), chain3.clone()],
+		vec![chain2.clone(), chain3.clone(), chain1.clone()],
+		vec![chain3.clone(), chain2.clone(), chain1.clone()],
+		vec![chain3.clone(), chain1.clone(), chain2.clone()],
+		vec![chain1.clone(), chain3.clone(), chain2.clone()],
+	].into_iter().map(|mut v| {
+		let mut first = v.pop().unwrap();
+		for mut x in v {
+			first.append(&mut x);
+		}
+		first
+	});
+
+	assert!(options.any(|opt| all == opt));
+}
+
 #[test]
 fn should_update_scoring_correctly() {
 	// given
diff --git a/updater/Cargo.toml b/updater/Cargo.toml
index d76db6ec0ea..8d94680335c 100644
--- a/updater/Cargo.toml
+++ b/updater/Cargo.toml
@@ -25,5 +25,6 @@ path = { path = "../util/path" }
 rand = "0.4"
 
 [dev-dependencies]
+ethcore = { path = "../ethcore", features = ["test-helpers"] }
 tempdir = "0.3"
 matches = "0.1"
diff --git a/util/network-devp2p/src/discovery.rs b/util/network-devp2p/src/discovery.rs
index 8e8a3d6cc69..5f8f0cdbc2a 100644
--- a/util/network-devp2p/src/discovery.rs
+++ b/util/network-devp2p/src/discovery.rs
@@ -17,18 +17,13 @@
 use ethcore_bytes::Bytes;
 use std::net::SocketAddr;
 use std::collections::{HashSet, HashMap, VecDeque};
-use std::mem;
 use std::default::Default;
 use std::time::{Duration, Instant, SystemTime, UNIX_EPOCH};
-use mio::*;
-use mio::deprecated::{Handler, EventLoop};
-use mio::udp::*;
 use hash::keccak;
 use ethereum_types::{H256, H520};
 use rlp::{Rlp, RlpStream, encode_list};
 use node_table::*;
 use network::{Error, ErrorKind};
-use io::{StreamToken, IoContext};
 use ethkey::{Secret, KeyPair, sign, recover};
 use network::IpFilter;
 
@@ -39,7 +34,7 @@ const ADDRESS_BITS: usize = 8 * ADDRESS_BYTES_SIZE;			// Denoted by n in [Kademl
 const DISCOVERY_MAX_STEPS: u16 = 8;							// Max iterations of discovery. (discover)
 const BUCKET_SIZE: usize = 16;		// Denoted by k in [Kademlia]. Number of nodes stored in each bucket.
 const ALPHA: usize = 3;				// Denoted by \alpha in [Kademlia]. Number of concurrent FindNode requests.
-const MAX_DATAGRAM_SIZE: usize = 1280;
+pub const MAX_DATAGRAM_SIZE: usize = 1280;
 
 const PACKET_PING: u8 = 1;
 const PACKET_PONG: u8 = 2;
@@ -79,9 +74,9 @@ impl NodeBucket {
 	}
 }
 
-struct Datagramm {
-	payload: Bytes,
-	address: SocketAddr,
+pub struct Datagram {
+	pub payload: Bytes,
+	pub address: SocketAddr,
 }
 
 pub struct Discovery {
@@ -89,13 +84,11 @@ pub struct Discovery {
 	id_hash: H256,
 	secret: Secret,
 	public_endpoint: NodeEndpoint,
-	udp_socket: UdpSocket,
-	token: StreamToken,
 	discovery_round: u16,
 	discovery_id: NodeId,
 	discovery_nodes: HashSet<NodeId>,
 	node_buckets: Vec<NodeBucket>,
-	send_queue: VecDeque<Datagramm>,
+	send_queue: VecDeque<Datagram>,
 	check_timestamps: bool,
 	adding_nodes: Vec<NodeEntry>,
 	ip_filter: IpFilter,
@@ -107,19 +100,16 @@ pub struct TableUpdates {
 }
 
 impl Discovery {
-	pub fn new(key: &KeyPair, listen: SocketAddr, public: NodeEndpoint, token: StreamToken, ip_filter: IpFilter) -> Discovery {
-		let socket = UdpSocket::bind(&listen).expect("Error binding UDP socket");
+	pub fn new(key: &KeyPair, public: NodeEndpoint, ip_filter: IpFilter) -> Discovery {
 		Discovery {
 			id: key.public().clone(),
 			id_hash: keccak(key.public()),
 			secret: key.secret().clone(),
 			public_endpoint: public,
-			token: token,
 			discovery_round: 0,
 			discovery_id: NodeId::new(),
 			discovery_nodes: HashSet::new(),
 			node_buckets: (0..ADDRESS_BITS).map(|_| NodeBucket::new()).collect(),
-			udp_socket: socket,
 			send_queue: VecDeque::new(),
 			check_timestamps: true,
 			adding_nodes: Vec::new(),
@@ -157,7 +147,7 @@ impl Discovery {
 		let dist = match Discovery::distance(&self.id_hash, &id_hash) {
 			Some(dist) => dist,
 			None => {
-				warn!(target: "discovery", "Attempted to update own entry: {:?}", e);
+				debug!(target: "discovery", "Attempted to update own entry: {:?}", e);
 				return;
 			}
 		};
@@ -191,7 +181,7 @@ impl Discovery {
 		let dist = match Discovery::distance(&self.id_hash, &keccak(id)) {
 			Some(dist) => dist,
 			None => {
-				warn!(target: "discovery", "Received ping from self");
+				debug!(target: "discovery", "Received ping from self");
 				return
 			}
 		};
@@ -352,53 +342,12 @@ impl Discovery {
 		ret
 	}
 
-	pub fn writable<Message>(&mut self, io: &IoContext<Message>) where Message: Send + Sync + Clone {
-		while let Some(data) = self.send_queue.pop_front() {
-			match self.udp_socket.send_to(&data.payload, &data.address) {
-				Ok(Some(size)) if size == data.payload.len() => {
-				},
-				Ok(Some(_)) => {
-					warn!("UDP sent incomplete datagramm");
-				},
-				Ok(None) => {
-					self.send_queue.push_front(data);
-					return;
-				}
-				Err(e) => {
-					debug!("UDP send error: {:?}, address: {:?}", e, &data.address);
-					return;
-				}
-			}
-		}
-		io.update_registration(self.token).unwrap_or_else(|e| debug!("Error updating discovery registration: {:?}", e));
-	}
-
 	fn send_to(&mut self, payload: Bytes, address: SocketAddr) {
-		self.send_queue.push_back(Datagramm { payload: payload, address: address });
-	}
-
-	pub fn readable<Message>(&mut self, io: &IoContext<Message>) -> Option<TableUpdates> where Message: Send + Sync + Clone {
-		let mut buf: [u8; MAX_DATAGRAM_SIZE] = unsafe { mem::uninitialized() };
-		let writable = !self.send_queue.is_empty();
-		let res = match self.udp_socket.recv_from(&mut buf) {
-			Ok(Some((len, address))) => self.on_packet(&buf[0..len], address).unwrap_or_else(|e| {
-				debug!("Error processing UDP packet: {:?}", e);
-				None
-			}),
-			Ok(_) => None,
-			Err(e) => {
-				debug!("Error reading UPD socket: {:?}", e);
-				None
-			}
-		};
-		let new_writable = !self.send_queue.is_empty();
-		if writable != new_writable {
-			io.update_registration(self.token).unwrap_or_else(|e| debug!("Error updating discovery registration: {:?}", e));
-		}
-		res
+		self.send_queue.push_back(Datagram { payload: payload, address: address });
 	}
 
-	fn on_packet(&mut self, packet: &[u8], from: SocketAddr) -> Result<Option<TableUpdates>, Error> {
+
+	pub fn on_packet(&mut self, packet: &[u8], from: SocketAddr) -> Result<Option<TableUpdates>, Error> {
 		// validate packet
 		if packet.len() < 32 + 65 + 4 + 1 {
 			return Err(ErrorKind::BadProtocol.into());
@@ -421,7 +370,7 @@ impl Discovery {
 			PACKET_FIND_NODE => self.on_find_node(&rlp, &node_id, &from),
 			PACKET_NEIGHBOURS => self.on_neighbours(&rlp, &node_id, &from),
 			_ => {
-				debug!("Unknown UDP packet: {}", packet_id);
+				debug!(target: "discovery", "Unknown UDP packet: {}", packet_id);
 				Ok(None)
 			}
 		}
@@ -571,19 +520,16 @@ impl Discovery {
 		self.start();
 	}
 
-	pub fn register_socket<Host:Handler>(&self, event_loop: &mut EventLoop<Host>) -> Result<(), Error> {
-		event_loop.register(&self.udp_socket, Token(self.token), Ready::all(), PollOpt::edge()).expect("Error registering UDP socket");
-		Ok(())
+	pub fn any_sends_queued(&self) -> bool {
+		!self.send_queue.is_empty()
 	}
 
-	pub fn update_registration<Host:Handler>(&self, event_loop: &mut EventLoop<Host>) -> Result<(), Error> {
-		let registration = if !self.send_queue.is_empty() {
-			Ready::readable() | Ready::writable()
-		} else {
-			Ready::readable()
-		};
-		event_loop.reregister(&self.udp_socket, Token(self.token), registration, PollOpt::edge()).expect("Error reregistering UDP socket");
-		Ok(())
+	pub fn dequeue_send(&mut self) -> Option<Datagram> {
+		self.send_queue.pop_front()
+	}
+
+	pub fn requeue_send(&mut self, datagram: Datagram) {
+		self.send_queue.push_front(datagram)
 	}
 }
 
@@ -620,8 +566,8 @@ mod tests {
 		let key2 = Random.generate().unwrap();
 		let ep1 = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40444").unwrap(), udp_port: 40444 };
 		let ep2 = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40445").unwrap(), udp_port: 40445 };
-		let mut discovery1 = Discovery::new(&key1, ep1.address.clone(), ep1.clone(), 0, IpFilter::default());
-		let mut discovery2 = Discovery::new(&key2, ep2.address.clone(), ep2.clone(), 0, IpFilter::default());
+		let mut discovery1 = Discovery::new(&key1, ep1.clone(), IpFilter::default());
+		let mut discovery2 = Discovery::new(&key2, ep2.clone(), IpFilter::default());
 
 		let node1 = Node::from_str("enode://a979fb575495b8d6db44f750317d0f4622bf4c2aa3365d6af7c284339968eef29b69ad0dce72a4d8db5ebb4968de0e3bec910127f134779fbcb0cb6d3331163c@127.0.0.1:7770").unwrap();
 		let node2 = Node::from_str("enode://b979fb575495b8d6db44f750317d0f4622bf4c2aa3365d6af7c284339968eef29b69ad0dce72a4d8db5ebb4968de0e3bec910127f134779fbcb0cb6d3331163c@127.0.0.1:7771").unwrap();
@@ -632,16 +578,14 @@ mod tests {
 		discovery2.refresh();
 
 		for _ in 0 .. 10 {
-			while !discovery1.send_queue.is_empty() {
-				let datagramm = discovery1.send_queue.pop_front().unwrap();
-				if datagramm.address == ep2.address {
-					discovery2.on_packet(&datagramm.payload, ep1.address.clone()).ok();
+			while let Some(datagram) = discovery1.dequeue_send() {
+				if datagram.address == ep2.address {
+					discovery2.on_packet(&datagram.payload, ep1.address.clone()).ok();
 				}
 			}
-			while !discovery2.send_queue.is_empty() {
-				let datagramm = discovery2.send_queue.pop_front().unwrap();
-				if datagramm.address == ep1.address {
-					discovery1.on_packet(&datagramm.payload, ep2.address.clone()).ok();
+			while let Some(datagram) = discovery2.dequeue_send() {
+				if datagram.address == ep1.address {
+					discovery1.on_packet(&datagram.payload, ep2.address.clone()).ok();
 				}
 			}
 			discovery2.round();
@@ -653,7 +597,7 @@ mod tests {
 	fn removes_expired() {
 		let key = Random.generate().unwrap();
 		let ep = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40446").unwrap(), udp_port: 40447 };
-		let mut discovery = Discovery::new(&key, ep.address.clone(), ep.clone(), 0, IpFilter::default());
+		let mut discovery = Discovery::new(&key, ep.clone(), IpFilter::default());
 		for _ in 0..1200 {
 			discovery.add_node(NodeEntry { id: NodeId::random(), endpoint: ep.clone() });
 		}
@@ -668,7 +612,7 @@ mod tests {
 
 		let key = Random.generate().unwrap();
 		let ep = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40447").unwrap(), udp_port: 40447 };
-		let mut discovery = Discovery::new(&key, ep.address.clone(), ep.clone(), 0, IpFilter::default());
+		let mut discovery = Discovery::new(&key, ep.clone(), IpFilter::default());
 
 		for _ in 0..(16 + 10) {
 			discovery.node_buckets[0].nodes.push_back(BucketEntry {
@@ -728,7 +672,7 @@ mod tests {
 		let key = Secret::from_str(secret_hex)
 			.and_then(|secret| KeyPair::from_secret(secret))
 			.unwrap();
-		let mut discovery = Discovery::new(&key, ep.address.clone(), ep.clone(), 0, IpFilter::default());
+		let mut discovery = Discovery::new(&key, ep.clone(), IpFilter::default());
 
 		node_entries.iter().for_each(|entry| discovery.update_node(entry.clone()));
 
@@ -773,7 +717,7 @@ mod tests {
 	fn packets() {
 		let key = Random.generate().unwrap();
 		let ep = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40449").unwrap(), udp_port: 40449 };
-		let mut discovery = Discovery::new(&key, ep.address.clone(), ep.clone(), 0, IpFilter::default());
+		let mut discovery = Discovery::new(&key, ep.clone(), IpFilter::default());
 		discovery.check_timestamps = false;
 		let from = SocketAddr::from_str("99.99.99.99:40445").unwrap();
 
@@ -840,13 +784,13 @@ mod tests {
 		let key2 = Random.generate().unwrap();
 		let ep1 = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40344").unwrap(), udp_port: 40344 };
 		let ep2 = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40345").unwrap(), udp_port: 40345 };
-		let mut discovery1 = Discovery::new(&key1, ep1.address.clone(), ep1.clone(), 0, IpFilter::default());
-		let mut discovery2 = Discovery::new(&key2, ep2.address.clone(), ep2.clone(), 0, IpFilter::default());
+		let mut discovery1 = Discovery::new(&key1, ep1.clone(), IpFilter::default());
+		let mut discovery2 = Discovery::new(&key2, ep2.clone(), IpFilter::default());
 
 		discovery1.ping(&ep2);
-		let ping_data = discovery1.send_queue.pop_front().unwrap();
+		let ping_data = discovery1.dequeue_send().unwrap();
 		discovery2.on_packet(&ping_data.payload, ep1.address.clone()).ok();
-		let pong_data = discovery2.send_queue.pop_front().unwrap();
+		let pong_data = discovery2.dequeue_send().unwrap();
 		let data = &pong_data.payload[(32 + 65)..];
 		let rlp = Rlp::new(&data[1..]);
 		assert_eq!(ping_data.payload[0..32], rlp.val_at::<Vec<u8>>(1).unwrap()[..])
diff --git a/util/network-devp2p/src/host.rs b/util/network-devp2p/src/host.rs
index 6d28a838c27..0fbd64b4209 100644
--- a/util/network-devp2p/src/host.rs
+++ b/util/network-devp2p/src/host.rs
@@ -30,6 +30,7 @@ use hash::keccak;
 use mio::*;
 use mio::deprecated::{EventLoop};
 use mio::tcp::*;
+use mio::udp::*;
 use ethereum_types::H256;
 use rlp::{RlpStream, Encodable};
 
@@ -40,7 +41,7 @@ use node_table::*;
 use network::{NetworkConfiguration, NetworkIoMessage, ProtocolId, PeerId, PacketId};
 use network::{NonReservedPeerMode, NetworkContext as NetworkContextTrait};
 use network::{SessionInfo, Error, ErrorKind, DisconnectReason, NetworkProtocolHandler};
-use discovery::{Discovery, TableUpdates, NodeEntry};
+use discovery::{Discovery, TableUpdates, NodeEntry, MAX_DATAGRAM_SIZE};
 use ip_utils::{map_external_address, select_public_address};
 use path::restrict_permissions_owner;
 use parking_lot::{Mutex, RwLock};
@@ -239,6 +240,7 @@ struct ProtocolTimer {
 /// Root IO handler. Manages protocol handlers, IO timers and network connections.
 pub struct Host {
 	pub info: RwLock<HostInfo>,
+	udp_socket: Mutex<Option<UdpSocket>>,
 	tcp_listener: Mutex<TcpListener>,
 	sessions: Arc<RwLock<Slab<SharedSession>>>,
 	discovery: Mutex<Option<Discovery>>,
@@ -295,6 +297,7 @@ impl Host {
 				local_endpoint: local_endpoint,
 			}),
 			discovery: Mutex::new(None),
+			udp_socket: Mutex::new(None),
 			tcp_listener: Mutex::new(tcp_listener),
 			sessions: Arc::new(RwLock::new(Slab::new_starting_at(FIRST_SESSION, MAX_SESSIONS))),
 			nodes: RwLock::new(NodeTable::new(path)),
@@ -458,13 +461,16 @@ impl Host {
 		let discovery = {
 			let info = self.info.read();
 			if info.config.discovery_enabled && info.config.non_reserved_mode == NonReservedPeerMode::Accept {
-				let mut udp_addr = local_endpoint.address.clone();
-				udp_addr.set_port(local_endpoint.udp_port);
-				Some(Discovery::new(&info.keys, udp_addr, public_endpoint, DISCOVERY, allow_ips))
+				Some(Discovery::new(&info.keys, public_endpoint, allow_ips))
 			} else { None }
 		};
 
 		if let Some(mut discovery) = discovery {
+			let mut udp_addr = local_endpoint.address;
+			udp_addr.set_port(local_endpoint.udp_port);
+			let socket = UdpSocket::bind(&udp_addr).expect("Error binding UDP socket");
+			*self.udp_socket.lock() = Some(socket);
+
 			discovery.init_node_list(self.nodes.read().entries());
 			discovery.add_node_list(self.nodes.read().entries());
 			*self.discovery.lock() = Some(discovery);
@@ -819,6 +825,67 @@ impl Host {
 		}
 	}
 
+	fn discovery_readable(&self, io: &IoContext<NetworkIoMessage>) {
+		let node_changes = match (self.udp_socket.lock().as_ref(), self.discovery.lock().as_mut()) {
+			(Some(udp_socket), Some(discovery)) => {
+				let mut buf = [0u8; MAX_DATAGRAM_SIZE];
+				let writable = discovery.any_sends_queued();
+				let res = match udp_socket.recv_from(&mut buf) {
+					Ok(Some((len, address))) => discovery.on_packet(&buf[0..len], address).unwrap_or_else(|e| {
+						debug!(target: "network", "Error processing UDP packet: {:?}", e);
+						None
+					}),
+					Ok(_) => None,
+					Err(e) => {
+						debug!(target: "network", "Error reading UPD socket: {:?}", e);
+						None
+					}
+				};
+				let new_writable = discovery.any_sends_queued();
+				if writable != new_writable {
+					io.update_registration(DISCOVERY)
+						.unwrap_or_else(|e| {
+							debug!(target: "network" ,"Error updating discovery registration: {:?}", e)
+						});
+				}
+				res
+			},
+			_ => None,
+		};
+		if let Some(node_changes) = node_changes {
+			self.update_nodes(io, node_changes);
+		}
+	}
+
+	fn discovery_writable(&self, io: &IoContext<NetworkIoMessage>) {
+		match (self.udp_socket.lock().as_ref(), self.discovery.lock().as_mut()) {
+			(Some(udp_socket), Some(discovery)) => {
+				while let Some(data) = discovery.dequeue_send() {
+					match udp_socket.send_to(&data.payload, &data.address) {
+						Ok(Some(size)) if size == data.payload.len() => {
+						},
+						Ok(Some(_)) => {
+							warn!(target: "network", "UDP sent incomplete datagram");
+						},
+						Ok(None) => {
+							discovery.requeue_send(data);
+							return;
+						}
+						Err(e) => {
+							debug!(target: "network", "UDP send error: {:?}, address: {:?}", e, &data.address);
+							return;
+						}
+					}
+				}
+				io.update_registration(DISCOVERY)
+					.unwrap_or_else(|e| {
+						debug!(target: "network", "Error updating discovery registration: {:?}", e)
+					});
+			},
+			_ => (),
+		}
+	}
+
 	fn connection_timeout(&self, token: StreamToken, io: &IoContext<NetworkIoMessage>) {
 		trace!(target: "network", "Connection timeout: {}", token);
 		self.kill_connection(token, io, true)
@@ -920,12 +987,7 @@ impl IoHandler<NetworkIoMessage> for Host {
 		}
 		match stream {
 			FIRST_SESSION ... LAST_SESSION => self.session_readable(stream, io),
-			DISCOVERY => {
-				let node_changes = { self.discovery.lock().as_mut().map_or(None, |d| d.readable(io)) };
-				if let Some(node_changes) = node_changes {
-					self.update_nodes(io, node_changes);
-				}
-			},
+			DISCOVERY => self.discovery_readable(io),
 			TCP_ACCEPT => self.accept(io),
 			_ => panic!("Received unknown readable token"),
 		}
@@ -937,9 +999,7 @@ impl IoHandler<NetworkIoMessage> for Host {
 		}
 		match stream {
 			FIRST_SESSION ... LAST_SESSION => self.session_writable(stream, io),
-			DISCOVERY => {
-				self.discovery.lock().as_mut().map(|d| d.writable(io));
-			}
+			DISCOVERY => self.discovery_writable(io),
 			_ => panic!("Received unknown writable token"),
 		}
 	}
@@ -1055,7 +1115,13 @@ impl IoHandler<NetworkIoMessage> for Host {
 					session.lock().register_socket(reg, event_loop).expect("Error registering socket");
 				}
 			}
-			DISCOVERY => self.discovery.lock().as_ref().and_then(|d| d.register_socket(event_loop).ok()).expect("Error registering discovery socket"),
+			DISCOVERY => match self.udp_socket.lock().as_ref() {
+				Some(udp_socket) => {
+					event_loop.register(udp_socket, reg, Ready::all(), PollOpt::edge())
+						.expect("Error registering UDP socket");
+				},
+				_ => panic!("Error registering discovery socket"),
+			}
 			TCP_ACCEPT => event_loop.register(&*self.tcp_listener.lock(), Token(TCP_ACCEPT), Ready::all(), PollOpt::edge()).expect("Error registering stream"),
 			_ => warn!("Unexpected stream registration")
 		}
@@ -1086,7 +1152,18 @@ impl IoHandler<NetworkIoMessage> for Host {
 					connection.lock().update_socket(reg, event_loop).expect("Error updating socket");
 				}
 			}
-			DISCOVERY => self.discovery.lock().as_ref().and_then(|d| d.update_registration(event_loop).ok()).expect("Error reregistering discovery socket"),
+			DISCOVERY => match (self.udp_socket.lock().as_ref(), self.discovery.lock().as_ref()) {
+				(Some(udp_socket), Some(discovery)) => {
+					let registration = if discovery.any_sends_queued() {
+						Ready::readable() | Ready::writable()
+					} else {
+						Ready::readable()
+					};
+					event_loop.reregister(udp_socket, reg, registration, PollOpt::edge())
+						.expect("Error reregistering UDP socket");
+				},
+				_ => panic!("Error reregistering discovery socket"),
+			}
 			TCP_ACCEPT => event_loop.reregister(&*self.tcp_listener.lock(), Token(TCP_ACCEPT), Ready::all(), PollOpt::edge()).expect("Error reregistering stream"),
 			_ => warn!("Unexpected stream update")
 		}
diff --git a/util/version/Cargo.toml b/util/version/Cargo.toml
index 297211b2bd0..c7bd4f581e3 100644
--- a/util/version/Cargo.toml
+++ b/util/version/Cargo.toml
@@ -12,14 +12,13 @@ build = "build.rs"
 # Used by auto-updater and for Parity version string.
 track = "nightly"
 
-# Indicates a critical release in this track (i.e. consensus issue)
-critical = false
-
-# Latest supported fork blocks for various networks. Used ONLY by auto-updater.
-[package.metadata.forks]
-foundation = 4370000
-ropsten = 10
-kovan = 6600000
+# Network specific settings, used ONLY by auto-updater.
+# Latest supported fork blocks.
+# Indicates a critical release in this track (i.e. consensus issue).
+[package.metadata.networks]
+foundation = { forkBlock = 4370000, critical = false }
+ropsten = { forkBlock = 10, critical = false }
+kovan = { forkBlock = 6600000, critical = false }
 
 [dependencies]
 ethcore-bytes = { path = "../bytes" }
diff --git a/whisper/cli/src/main.rs b/whisper/cli/src/main.rs
index 6f3aec8594e..1d57691418b 100644
--- a/whisper/cli/src/main.rs
+++ b/whisper/cli/src/main.rs
@@ -190,11 +190,12 @@ fn main() {
 		Ok(_) => {
 			println!("whisper-cli terminated");
 			process::exit(1);
-		}
+		},
+		Err(Error::Docopt(ref e)) => e.exit(),
 		Err(err) => {
 			println!("{}", err);
 			process::exit(1);
-		},
+		}
 	}
 }