Bump version to 0.22

Reconnect even when Smack thinks it doesn't need to.
Bump version to 0.21
2025-12-11 01:40:22 +00:00 · 2014-10-01 15:03:25 -07:00 · 2014-10-01 14:07:12 -07:00 · 2014-07-30 11:45:45 -07:00 · 2014-07-30 11:38:23 -07:00 · 2014-07-30 11:36:54 -07:00
99 changed files with 5010 additions and 1949 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,5 @@ run.sh
 local.yml
 config/production.yml
 config/federated.yml
+config/staging.yml
+.opsmanage
--- a/config/sample.yml
+++ b/config/sample.yml
@@ -15,6 +15,7 @@ nexmo:
  number:

 gcm:
+  senderId:
  apiKey: 

 # Optional. Only if iOS clients are supported.
@@ -56,9 +57,6 @@ graphite:
  host:
  port:

-http:
-  shutdownGracePeriod: 0s
-
 database:
  # the name of your JDBC driver
  driverClass: org.postgresql.Driver
@@ -75,24 +73,3 @@ database:
  # any properties specific to your JDBC driver:
  properties:
    charSet: UTF-8
-
-  # the maximum amount of time to wait on an empty pool before throwing an exception
-  maxWaitForConnection: 1s
-
-  # the SQL query to run when validating a connection's liveness
-  validationQuery: "/* MyService Health Check */ SELECT 1"
-
-  # the minimum number of connections to keep open
-  minSize: 8
-
-  # the maximum number of connections to keep open
-  maxSize: 32
-
-  # whether or not idle connections should be validated
-  checkConnectionWhileIdle: false
-
-  # how long a connection must be held before it can be validated
-  checkConnectionHealthWhenIdleFor: 10s
-
-  # the maximum lifetime of an idle connection
-  closeConnectionIfIdleFor: 1 minute
--- a/pom.xml
+++ b/pom.xml
@@ -9,24 +9,72 @@

    <groupId>org.whispersystems.textsecure</groupId>
    <artifactId>TextSecureServer</artifactId>
-    <version>0.5</version>
+    <version>0.22</version>
+
+    <properties>
+        <dropwizard.version>0.7.0</dropwizard.version>
+        <jackson.api.version>2.3.3</jackson.api.version>
+        <commons-codec.version>1.6</commons-codec.version>
+    </properties>

    <dependencies>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-core</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-jdbi</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-auth</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-client</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-migrations</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-testing</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-metrics-graphite</artifactId>
+            <version>${dropwizard.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.sun.jersey</groupId>
+            <artifactId>jersey-json</artifactId>
+            <version>1.18.1</version>
+        </dependency>
+        <dependency>
+            <groupId>com.codahale.metrics</groupId>
+            <artifactId>metrics-graphite</artifactId>
+            <version>3.0.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty.websocket</groupId>
+            <artifactId>websocket-server</artifactId>
+            <version>9.0.7.v20131107</version>
+        </dependency>
+
        <dependency>
            <groupId>bouncycastle</groupId>
            <artifactId>bcprov-jdk16</artifactId>
            <version>140</version>
        </dependency>
-        <dependency>
-            <groupId>com.yammer.dropwizard</groupId>
-            <artifactId>dropwizard-core</artifactId>
-            <version>0.6.2</version>
-        </dependency>
-        <dependency>
-            <groupId>com.yammer.metrics</groupId>
-            <artifactId>metrics-graphite</artifactId>
-            <version>2.2.0</version>
-        </dependency>
        <dependency>
            <groupId>com.google.android.gcm</groupId>
            <artifactId>gcm-server</artifactId>
@@ -56,7 +104,7 @@
        <dependency>
            <groupId>com.google.protobuf</groupId>
            <artifactId>protobuf-java</artifactId>
-            <version>2.4.1</version>
+            <version>2.5.0</version>
        </dependency>

        <dependency>
@@ -66,35 +114,10 @@
            <type>jar</type>
            <scope>compile</scope>
        </dependency>
-        <dependency>
-            <groupId>com.yammer.dropwizard</groupId>
-            <artifactId>dropwizard-jdbi</artifactId>
-            <version>0.6.2</version>
-        </dependency>
-        <dependency>
-            <groupId>com.yammer.dropwizard</groupId>
-            <artifactId>dropwizard-auth</artifactId>
-            <version>0.6.2</version>
-        </dependency>
-        <dependency>
-            <groupId>com.yammer.dropwizard</groupId>
-            <artifactId>dropwizard-client</artifactId>
-            <version>0.6.2</version>
-        </dependency>
-        <dependency>
-            <groupId>com.yammer.dropwizard</groupId>
-            <artifactId>dropwizard-migrations</artifactId>
-            <version>0.6.2</version>
-        </dependency>
-        <dependency>
-            <groupId>com.yammer.dropwizard</groupId>
-            <artifactId>dropwizard-testing</artifactId>
-            <version>0.6.2</version>
-        </dependency>
        <dependency>
            <groupId>com.twilio.sdk</groupId>
            <artifactId>twilio-java-sdk</artifactId>
-            <version>3.4.1</version>
+            <version>3.4.5</version>
        </dependency>

        <dependency>
@@ -102,26 +125,30 @@
            <artifactId>postgresql</artifactId>
            <version>9.1-901.jdbc4</version>
        </dependency>
-
        <dependency>
-            <groupId>com.sun.jersey</groupId>
-            <artifactId>jersey-json</artifactId>
-            <version>1.17.1</version>
+            <groupId>org.igniterealtime.smack</groupId>
+            <artifactId>smack-tcp</artifactId>
+            <version>4.0.0</version>
        </dependency>

-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-websocket</artifactId>
-            <version>8.1.14.v20131031</version>
-        </dependency>

-        <dependency>
-            <groupId>org.coursera</groupId>
-            <artifactId>metrics-datadog</artifactId>
-            <version>0.1.5</version>
-        </dependency>
    </dependencies>

+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>com.fasterxml.jackson.core</groupId>
+                <artifactId>jackson-databind</artifactId>
+                <version>${jackson.api.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>commons-codec</groupId>
+                <artifactId>commons-codec</artifactId>
+                <version>${commons-codec.version}</version>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
    <build>
        <plugins>
            <plugin>
--- a/protobuf/OutgoingMessageSignal.proto
+++ b/protobuf/OutgoingMessageSignal.proto
@@ -20,6 +20,15 @@ option java_package = "org.whispersystems.textsecuregcm.entities";
 option java_outer_classname = "MessageProtos";

 message OutgoingMessageSignal {
+  enum Type {
+    UNKNOWN       = 0;
+    CIPHERTEXT    = 1;
+    KEY_EXCHANGE  = 2;
+    PREKEY_BUNDLE = 3;
+    PLAINTEXT     = 4;
+    RECEIPT       = 5;
+  }
+
  optional uint32 type = 1;
  optional string source = 2;
  optional  uint32 sourceDevice = 7;
--- a/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java
@@ -17,14 +17,12 @@
 package org.whispersystems.textsecuregcm;

 import com.fasterxml.jackson.annotation.JsonProperty;
-import com.yammer.dropwizard.config.Configuration;
-import com.yammer.dropwizard.db.DatabaseConfiguration;
 import org.whispersystems.textsecuregcm.configuration.ApnConfiguration;
-import org.whispersystems.textsecuregcm.configuration.DataDogConfiguration;
 import org.whispersystems.textsecuregcm.configuration.FederationConfiguration;
 import org.whispersystems.textsecuregcm.configuration.GcmConfiguration;
 import org.whispersystems.textsecuregcm.configuration.GraphiteConfiguration;
 import org.whispersystems.textsecuregcm.configuration.MemcacheConfiguration;
+import org.whispersystems.textsecuregcm.configuration.MetricsConfiguration;
 import org.whispersystems.textsecuregcm.configuration.NexmoConfiguration;
 import org.whispersystems.textsecuregcm.configuration.RateLimitsConfiguration;
 import org.whispersystems.textsecuregcm.configuration.RedisConfiguration;
@@ -35,6 +33,9 @@ import org.whispersystems.textsecuregcm.configuration.WebsocketConfiguration;
 import javax.validation.Valid;
 import javax.validation.constraints.NotNull;

+import io.dropwizard.Configuration;
+import io.dropwizard.db.DataSourceFactory;
+
 public class WhisperServerConfiguration extends Configuration {

  @NotNull
@@ -46,6 +47,7 @@ public class WhisperServerConfiguration extends Configuration {
  private NexmoConfiguration nexmo;

  @NotNull
+  @Valid
  @JsonProperty
  private GcmConfiguration gcm;

@@ -74,7 +76,7 @@ public class WhisperServerConfiguration extends Configuration {
  @Valid
  @NotNull
  @JsonProperty
-  private DatabaseConfiguration database = new DatabaseConfiguration();
+  private DataSourceFactory database = new DataSourceFactory();

  @Valid
  @NotNull
@@ -87,7 +89,7 @@ public class WhisperServerConfiguration extends Configuration {

  @Valid
  @JsonProperty
-  private DataDogConfiguration datadog = new DataDogConfiguration();
+  private MetricsConfiguration viz = new MetricsConfiguration();

  @Valid
  @JsonProperty
@@ -125,7 +127,7 @@ public class WhisperServerConfiguration extends Configuration {
    return redis;
  }

-  public DatabaseConfiguration getDatabaseConfiguration() {
+  public DataSourceFactory getDataSourceFactory() {
    return database;
  }

@@ -141,7 +143,7 @@ public class WhisperServerConfiguration extends Configuration {
    return graphite;
  }

-  public DataDogConfiguration getDataDogConfiguration() {
-    return datadog;
+  public MetricsConfiguration getMetricsConfiguration() {
+    return viz;
  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
@@ -16,20 +16,13 @@
 */
 package org.whispersystems.textsecuregcm;

+import com.codahale.metrics.SharedMetricRegistries;
+import com.codahale.metrics.graphite.GraphiteReporter;
+import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.Service;
-import com.yammer.dropwizard.config.Bootstrap;
-import com.yammer.dropwizard.config.Environment;
-import com.yammer.dropwizard.config.HttpConfiguration;
-import com.yammer.dropwizard.db.DatabaseConfiguration;
-import com.yammer.dropwizard.jdbi.DBIFactory;
-import com.yammer.dropwizard.migrations.MigrationsBundle;
-import com.yammer.metrics.core.Clock;
-import com.yammer.metrics.core.MetricPredicate;
-import com.yammer.metrics.reporting.DatadogReporter;
-import com.yammer.metrics.reporting.GraphiteReporter;
 import net.spy.memcached.MemcachedClient;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.eclipse.jetty.servlets.CrossOriginFilter;
 import org.skife.jdbi.v2.DBI;
 import org.whispersystems.textsecuregcm.auth.AccountAuthenticator;
 import org.whispersystems.textsecuregcm.auth.FederatedPeerAuthenticator;
@@ -39,20 +32,30 @@ import org.whispersystems.textsecuregcm.controllers.AccountController;
 import org.whispersystems.textsecuregcm.controllers.AttachmentController;
 import org.whispersystems.textsecuregcm.controllers.DeviceController;
 import org.whispersystems.textsecuregcm.controllers.DirectoryController;
-import org.whispersystems.textsecuregcm.controllers.FederationController;
-import org.whispersystems.textsecuregcm.controllers.KeysController;
+import org.whispersystems.textsecuregcm.controllers.FederationControllerV1;
+import org.whispersystems.textsecuregcm.controllers.FederationControllerV2;
+import org.whispersystems.textsecuregcm.controllers.KeysControllerV1;
+import org.whispersystems.textsecuregcm.controllers.KeysControllerV2;
 import org.whispersystems.textsecuregcm.controllers.MessageController;
-import org.whispersystems.textsecuregcm.controllers.WebsocketControllerFactory;
+import org.whispersystems.textsecuregcm.controllers.ReceiptController;
 import org.whispersystems.textsecuregcm.federation.FederatedClientManager;
 import org.whispersystems.textsecuregcm.federation.FederatedPeer;
 import org.whispersystems.textsecuregcm.limits.RateLimiters;
 import org.whispersystems.textsecuregcm.mappers.IOExceptionMapper;
 import org.whispersystems.textsecuregcm.mappers.RateLimitExceededExceptionMapper;
+import org.whispersystems.textsecuregcm.metrics.CpuUsageGauge;
+import org.whispersystems.textsecuregcm.metrics.FreeMemoryGauge;
+import org.whispersystems.textsecuregcm.metrics.JsonMetricsReporter;
+import org.whispersystems.textsecuregcm.metrics.NetworkReceivedGauge;
+import org.whispersystems.textsecuregcm.metrics.NetworkSentGauge;
 import org.whispersystems.textsecuregcm.providers.MemcacheHealthCheck;
 import org.whispersystems.textsecuregcm.providers.MemcachedClientFactory;
 import org.whispersystems.textsecuregcm.providers.RedisClientFactory;
 import org.whispersystems.textsecuregcm.providers.RedisHealthCheck;
+import org.whispersystems.textsecuregcm.push.APNSender;
+import org.whispersystems.textsecuregcm.push.GCMSender;
 import org.whispersystems.textsecuregcm.push.PushSender;
+import org.whispersystems.textsecuregcm.push.WebsocketSender;
 import org.whispersystems.textsecuregcm.sms.NexmoSmsSender;
 import org.whispersystems.textsecuregcm.sms.SmsSender;
 import org.whispersystems.textsecuregcm.sms.TwilioSmsSender;
@@ -66,18 +69,30 @@ import org.whispersystems.textsecuregcm.storage.PendingAccountsManager;
 import org.whispersystems.textsecuregcm.storage.PendingDevices;
 import org.whispersystems.textsecuregcm.storage.PendingDevicesManager;
 import org.whispersystems.textsecuregcm.storage.PubSubManager;
-import org.whispersystems.textsecuregcm.storage.StoredMessageManager;
 import org.whispersystems.textsecuregcm.storage.StoredMessages;
-import org.whispersystems.textsecuregcm.util.CORSHeaderFilter;
+import org.whispersystems.textsecuregcm.util.Constants;
 import org.whispersystems.textsecuregcm.util.UrlSigner;
+import org.whispersystems.textsecuregcm.websocket.WebsocketControllerFactory;
 import org.whispersystems.textsecuregcm.workers.DirectoryCommand;

+import javax.servlet.DispatcherType;
+import javax.servlet.FilterRegistration;
+import javax.servlet.ServletRegistration;
 import java.security.Security;
+import java.util.EnumSet;
 import java.util.concurrent.TimeUnit;

+import static com.codahale.metrics.MetricRegistry.name;
+import io.dropwizard.Application;
+import io.dropwizard.db.DataSourceFactory;
+import io.dropwizard.jdbi.DBIFactory;
+import io.dropwizard.metrics.graphite.GraphiteReporterFactory;
+import io.dropwizard.migrations.MigrationsBundle;
+import io.dropwizard.setup.Bootstrap;
+import io.dropwizard.setup.Environment;
 import redis.clients.jedis.JedisPool;

-public class WhisperServerService extends Service<WhisperServerConfiguration> {
+public class WhisperServerService extends Application<WhisperServerConfiguration> {

  static {
    Security.addProvider(new BouncyCastleProvider());
@@ -85,41 +100,58 @@ public class WhisperServerService extends Service<WhisperServerConfiguration> {

  @Override
  public void initialize(Bootstrap<WhisperServerConfiguration> bootstrap) {
-    bootstrap.setName("whisper-server");
    bootstrap.addCommand(new DirectoryCommand());
    bootstrap.addBundle(new MigrationsBundle<WhisperServerConfiguration>() {
      @Override
-      public DatabaseConfiguration getDatabaseConfiguration(WhisperServerConfiguration configuration) {
-        return configuration.getDatabaseConfiguration();
+      public DataSourceFactory getDataSourceFactory(WhisperServerConfiguration configuration) {
+        return configuration.getDataSourceFactory();
      }
    });
  }

+  @Override
+  public String getName() {
+    return "whisper-server";
+  }
+
  @Override
  public void run(WhisperServerConfiguration config, Environment environment)
      throws Exception
  {
-    config.getHttpConfiguration().setConnectorType(HttpConfiguration.ConnectorType.NONBLOCKING);
-    
+    SharedMetricRegistries.add(Constants.METRICS_NAME, environment.metrics());
+    environment.getObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+
    DBIFactory dbiFactory = new DBIFactory();
-    DBI        jdbi       = dbiFactory.build(environment, config.getDatabaseConfiguration(), "postgresql");
+    DBI        jdbi       = dbiFactory.build(environment, config.getDataSourceFactory(), "postgresql");

    Accounts        accounts        = jdbi.onDemand(Accounts.class);
    PendingAccounts pendingAccounts = jdbi.onDemand(PendingAccounts.class);
    PendingDevices  pendingDevices  = jdbi.onDemand(PendingDevices.class);
    Keys            keys            = jdbi.onDemand(Keys.class);
-    StoredMessages  storedMessages  = jdbi.onDemand(StoredMessages.class );

    MemcachedClient memcachedClient = new MemcachedClientFactory(config.getMemcacheConfiguration()).getClient();
    JedisPool       redisClient     = new RedisClientFactory(config.getRedisConfiguration()).getRedisClientPool();

-    DirectoryManager         directory              = new DirectoryManager(redisClient);
-    PendingAccountsManager   pendingAccountsManager = new PendingAccountsManager(pendingAccounts, memcachedClient);
-    PendingDevicesManager    pendingDevicesManager  = new PendingDevicesManager(pendingDevices, memcachedClient);
-    AccountsManager          accountsManager        = new AccountsManager(accounts, directory, memcachedClient);
-    FederatedClientManager   federatedClientManager = new FederatedClientManager(config.getFederationConfiguration());
-    PubSubManager            pubSubManager          = new PubSubManager(redisClient);
-    StoredMessageManager     storedMessageManager   = new StoredMessageManager(storedMessages, pubSubManager);
+    DirectoryManager       directory              = new DirectoryManager(redisClient);
+    PendingAccountsManager pendingAccountsManager = new PendingAccountsManager(pendingAccounts, memcachedClient);
+    PendingDevicesManager  pendingDevicesManager  = new PendingDevicesManager (pendingDevices, memcachedClient );
+    AccountsManager        accountsManager        = new AccountsManager(accounts, directory, memcachedClient);
+    FederatedClientManager federatedClientManager = new FederatedClientManager(config.getFederationConfiguration());
+    StoredMessages         storedMessages         = new StoredMessages(redisClient);
+    PubSubManager          pubSubManager          = new PubSubManager(redisClient);
+
+    APNSender apnSender = new APNSender(accountsManager, pubSubManager, storedMessages, memcachedClient,
+                                        config.getApnConfiguration().getCertificate(),
+                                        config.getApnConfiguration().getKey());
+
+    GCMSender gcmSender = new GCMSender(accountsManager,
+                                        config.getGcmConfiguration().getSenderId(),
+                                        config.getGcmConfiguration().getApiKey());
+
+    WebsocketSender websocketSender = new WebsocketSender(storedMessages, pubSubManager);
+
+    environment.lifecycle().manage(apnSender);
+    environment.lifecycle().manage(gcmSender);

    AccountAuthenticator     deviceAuthenticator    = new AccountAuthenticator(accountsManager);
    RateLimiters             rateLimiters           = new RateLimiters(config.getLimitsConfiguration(), memcachedClient);
@@ -128,51 +160,74 @@ public class WhisperServerService extends Service<WhisperServerConfiguration> {
    Optional<NexmoSmsSender> nexmoSmsSender         = initializeNexmoSmsSender(config.getNexmoConfiguration());
    SmsSender                smsSender              = new SmsSender(twilioSmsSender, nexmoSmsSender, config.getTwilioConfiguration().isInternational());
    UrlSigner                urlSigner              = new UrlSigner(config.getS3Configuration());
-    PushSender               pushSender             = new PushSender(config.getGcmConfiguration(),
-                                                                     config.getApnConfiguration(),
-                                                                     storedMessageManager,
-                                                                     accountsManager);
+    PushSender               pushSender             = new PushSender(gcmSender, apnSender, websocketSender);

    AttachmentController attachmentController = new AttachmentController(rateLimiters, federatedClientManager, urlSigner);
-    KeysController       keysController       = new KeysController(rateLimiters, keys, accountsManager, federatedClientManager);
+    KeysControllerV1     keysControllerV1     = new KeysControllerV1(rateLimiters, keys, accountsManager, federatedClientManager);
+    KeysControllerV2     keysControllerV2     = new KeysControllerV2(rateLimiters, keys, accountsManager, federatedClientManager);
    MessageController    messageController    = new MessageController(rateLimiters, pushSender, accountsManager, federatedClientManager);

-    environment.addProvider(new MultiBasicAuthProvider<>(new FederatedPeerAuthenticator(config.getFederationConfiguration()),
-                                                         FederatedPeer.class,
-                                                         deviceAuthenticator,
-                                                         Device.class, "WhisperServer"));
+    environment.jersey().register(new MultiBasicAuthProvider<>(new FederatedPeerAuthenticator(config.getFederationConfiguration()),
+                                                               FederatedPeer.class,
+                                                               deviceAuthenticator,
+                                                               Device.class, "WhisperServer"));

-    environment.addResource(new AccountController(pendingAccountsManager, accountsManager, rateLimiters, smsSender));
-    environment.addResource(new DeviceController(pendingDevicesManager, accountsManager, rateLimiters));
-    environment.addResource(new DirectoryController(rateLimiters, directory));
-    environment.addResource(new FederationController(accountsManager, attachmentController, keysController, messageController));
-    environment.addResource(attachmentController);
-    environment.addResource(keysController);
-    environment.addResource(messageController);
+    environment.jersey().register(new AccountController(pendingAccountsManager, accountsManager, rateLimiters, smsSender, storedMessages));
+    environment.jersey().register(new DeviceController(pendingDevicesManager, accountsManager, rateLimiters));
+    environment.jersey().register(new DirectoryController(rateLimiters, directory));
+    environment.jersey().register(new FederationControllerV1(accountsManager, attachmentController, messageController, keysControllerV1));
+    environment.jersey().register(new FederationControllerV2(accountsManager, attachmentController, messageController, keysControllerV2));
+    environment.jersey().register(new ReceiptController(accountsManager, federatedClientManager, pushSender));
+    environment.jersey().register(attachmentController);
+    environment.jersey().register(keysControllerV1);
+    environment.jersey().register(keysControllerV2);
+    environment.jersey().register(messageController);

    if (config.getWebsocketConfiguration().isEnabled()) {
-      environment.addServlet(new WebsocketControllerFactory(deviceAuthenticator, storedMessageManager, pubSubManager),
-                             "/v1/websocket/");
-      environment.addFilter(new CORSHeaderFilter(), "/*");
+      WebsocketControllerFactory servlet = new WebsocketControllerFactory(deviceAuthenticator,
+                                                                          accountsManager,
+                                                                          pushSender,
+                                                                          storedMessages,
+                                                                          pubSubManager);
+
+      ServletRegistration.Dynamic websocket = environment.servlets().addServlet("WebSocket", servlet);
+      websocket.addMapping("/v1/websocket/*");
+      websocket.setAsyncSupported(true);
+
+      FilterRegistration.Dynamic filter = environment.servlets().addFilter("CORS", CrossOriginFilter.class);
+      filter.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class), true, "/*");
+      filter.setInitParameter("allowedOrigins", "*");
+      filter.setInitParameter("allowedHeaders", "Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin");
+      filter.setInitParameter("allowedMethods", "GET,PUT,POST,DELETE,OPTIONS");
+      filter.setInitParameter("preflightMaxAge", "5184000");
+      filter.setInitParameter("allowCredentials", "true");
    }

-    environment.addHealthCheck(new RedisHealthCheck(redisClient));
-    environment.addHealthCheck(new MemcacheHealthCheck(memcachedClient));
+    environment.healthChecks().register("redis", new RedisHealthCheck(redisClient));
+    environment.healthChecks().register("memcache", new MemcacheHealthCheck(memcachedClient));

-    environment.addProvider(new IOExceptionMapper());
-    environment.addProvider(new RateLimitExceededExceptionMapper());
+    environment.jersey().register(new IOExceptionMapper());
+    environment.jersey().register(new RateLimitExceededExceptionMapper());
+
+    environment.metrics().register(name(CpuUsageGauge.class, "cpu"), new CpuUsageGauge());
+    environment.metrics().register(name(FreeMemoryGauge.class, "free_memory"), new FreeMemoryGauge());
+    environment.metrics().register(name(NetworkSentGauge.class, "bytes_sent"), new NetworkSentGauge());
+    environment.metrics().register(name(NetworkReceivedGauge.class, "bytes_received"), new NetworkReceivedGauge());

    if (config.getGraphiteConfiguration().isEnabled()) {
-      GraphiteReporter.enable(15, TimeUnit.SECONDS,
-                              config.getGraphiteConfiguration().getHost(),
-                              config.getGraphiteConfiguration().getPort());
+      GraphiteReporterFactory graphiteReporterFactory = new GraphiteReporterFactory();
+      graphiteReporterFactory.setHost(config.getGraphiteConfiguration().getHost());
+      graphiteReporterFactory.setPort(config.getGraphiteConfiguration().getPort());
+
+      GraphiteReporter graphiteReporter = (GraphiteReporter) graphiteReporterFactory.build(environment.metrics());
+      graphiteReporter.start(15, TimeUnit.SECONDS);
    }

-    if (config.getDataDogConfiguration().isEnabled()) {
-      new DatadogReporter.Builder().withApiKey(config.getDataDogConfiguration().getApiKey())
-                                   .withVmMetricsEnabled(true)
-                                   .build()
-                                   .start(15, TimeUnit.SECONDS);
+    if (config.getMetricsConfiguration().isEnabled()) {
+      new JsonMetricsReporter(environment.metrics(),
+                              config.getMetricsConfiguration().getToken(),
+                              config.getMetricsConfiguration().getHost())
+          .start(60, TimeUnit.SECONDS);
    }
  }

--- a/src/main/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticator.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticator.java
@@ -16,29 +16,27 @@
 */
 package org.whispersystems.textsecuregcm.auth;

+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.AuthenticationException;
-import com.yammer.dropwizard.auth.Authenticator;
-import com.yammer.dropwizard.auth.basic.BasicCredentials;
-import com.yammer.metrics.Metrics;
-import com.yammer.metrics.core.Meter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.storage.Account;
-import org.whispersystems.textsecuregcm.storage.Device;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.util.Constants;

-import java.util.concurrent.TimeUnit;
+import static com.codahale.metrics.MetricRegistry.name;
+import io.dropwizard.auth.AuthenticationException;
+import io.dropwizard.auth.Authenticator;
+import io.dropwizard.auth.basic.BasicCredentials;

 public class AccountAuthenticator implements Authenticator<BasicCredentials, Account> {

-  private final Meter authenticationFailedMeter    = Metrics.newMeter(AccountAuthenticator.class,
-                                                                      "authentication", "failed",
-                                                                      TimeUnit.MINUTES);
-
-  private final Meter authenticationSucceededMeter = Metrics.newMeter(AccountAuthenticator.class,
-                                                                      "authentication", "succeeded",
-                                                                      TimeUnit.MINUTES);
+  private final MetricRegistry metricRegistry               = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+  private final Meter          authenticationFailedMeter    = metricRegistry.meter(name(getClass(), "authentication", "failed"   ));
+  private final Meter          authenticationSucceededMeter = metricRegistry.meter(name(getClass(), "authentication", "succeeded"));

  private final Logger logger = LoggerFactory.getLogger(AccountAuthenticator.class);

--- a/src/main/java/org/whispersystems/textsecuregcm/auth/AuthorizationHeader.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/auth/AuthorizationHeader.java
@@ -25,13 +25,13 @@ import java.io.IOException;
 public class AuthorizationHeader {

  private final String number;
-  private final long accountId;
+  private final long   accountId;
  private final String password;

  private AuthorizationHeader(String number, long accountId, String password) {
-    this.number = number;
+    this.number    = number;
    this.accountId = accountId;
-    this.password = password;
+    this.password  = password;
  }

  public static AuthorizationHeader fromUserAndPassword(String user, String password) throws InvalidAuthorizationHeaderException {
--- a/src/main/java/org/whispersystems/textsecuregcm/auth/FederatedPeerAuthenticator.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/auth/FederatedPeerAuthenticator.java
@@ -16,30 +16,35 @@
 */
 package org.whispersystems.textsecuregcm.auth;

+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.AuthenticationException;
-import com.yammer.dropwizard.auth.Authenticator;
-import com.yammer.dropwizard.auth.basic.BasicCredentials;
-import com.yammer.metrics.Metrics;
-import com.yammer.metrics.core.Meter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.configuration.FederationConfiguration;
 import org.whispersystems.textsecuregcm.federation.FederatedPeer;
+import org.whispersystems.textsecuregcm.util.Constants;

 import java.util.List;
-import java.util.concurrent.TimeUnit;
+
+import static com.codahale.metrics.MetricRegistry.name;
+import io.dropwizard.auth.AuthenticationException;
+import io.dropwizard.auth.Authenticator;
+import io.dropwizard.auth.basic.BasicCredentials;


 public class FederatedPeerAuthenticator implements Authenticator<BasicCredentials, FederatedPeer> {

-  private final Meter authenticationFailedMeter    = Metrics.newMeter(FederatedPeerAuthenticator.class,
-                                                                      "authentication", "failed",
-                                                                      TimeUnit.MINUTES);
+  private final MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);

-  private final Meter authenticationSucceededMeter = Metrics.newMeter(FederatedPeerAuthenticator.class,
-                                                                      "authentication", "succeeded",
-                                                                      TimeUnit.MINUTES);
+  private final Meter authenticationFailedMeter    = metricRegistry.meter(name(getClass(),
+                                                                               "authentication",
+                                                                               "failed"));
+
+  private final Meter authenticationSucceededMeter = metricRegistry.meter(name(getClass(),
+                                                                               "authentication",
+                                                                               "succeeded"));

  private final Logger logger = LoggerFactory.getLogger(FederatedPeerAuthenticator.class);

--- a/src/main/java/org/whispersystems/textsecuregcm/auth/MultiBasicAuthProvider.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/auth/MultiBasicAuthProvider.java
@@ -21,17 +21,14 @@ import com.sun.jersey.core.spi.component.ComponentContext;
 import com.sun.jersey.core.spi.component.ComponentScope;
 import com.sun.jersey.spi.inject.Injectable;
 import com.sun.jersey.spi.inject.InjectableProvider;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.dropwizard.auth.Authenticator;
-import com.yammer.dropwizard.auth.basic.BasicAuthProvider;
-import com.yammer.dropwizard.auth.basic.BasicCredentials;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+
+import io.dropwizard.auth.Auth;
+import io.dropwizard.auth.Authenticator;
+import io.dropwizard.auth.basic.BasicAuthProvider;
+import io.dropwizard.auth.basic.BasicCredentials;

 public class MultiBasicAuthProvider<T1,T2> implements InjectableProvider<Auth, Parameter> {

-  private final Logger logger = LoggerFactory.getLogger(MultiBasicAuthProvider.class);
-
  private final BasicAuthProvider<T1> provider1;
  private final BasicAuthProvider<T2> provider2;

@@ -44,8 +41,8 @@ public class MultiBasicAuthProvider<T1,T2> implements InjectableProvider<Auth, P
                                Class<?> clazz2,
                                String realm)
  {
-    this.provider1 = new BasicAuthProvider<T1>(authenticator1, realm);
-    this.provider2 = new BasicAuthProvider<T2>(authenticator2, realm);
+    this.provider1 = new BasicAuthProvider<>(authenticator1, realm);
+    this.provider2 = new BasicAuthProvider<>(authenticator2, realm);
    this.clazz1    = clazz1;
    this.clazz2    = clazz2;
  }
--- a/src/main/java/org/whispersystems/textsecuregcm/configuration/DataDogConfiguration.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/configuration/DataDogConfiguration.java
@@ -1,20 +0,0 @@
-package org.whispersystems.textsecuregcm.configuration;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-
-public class DataDogConfiguration {
-
-  @JsonProperty
-  private String apiKey;
-
-  @JsonProperty
-  private boolean enabled = false;
-
-  public String getApiKey() {
-    return apiKey;
-  }
-
-  public boolean isEnabled() {
-    return enabled && apiKey != null;
-  }
-}
--- a/src/main/java/org/whispersystems/textsecuregcm/configuration/GcmConfiguration.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/configuration/GcmConfiguration.java
@@ -19,8 +19,14 @@ package org.whispersystems.textsecuregcm.configuration;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import org.hibernate.validator.constraints.NotEmpty;

+import javax.validation.constraints.NotNull;
+
 public class GcmConfiguration {

+  @NotNull
+  @JsonProperty
+  private long senderId;
+
  @NotEmpty
  @JsonProperty
  private String apiKey;
@@ -28,4 +34,8 @@ public class GcmConfiguration {
  public String getApiKey() {
    return apiKey;
  }
+
+  public long getSenderId() {
+    return senderId;
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/configuration/MetricsConfiguration.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/configuration/MetricsConfiguration.java
@@ -0,0 +1,27 @@
+package org.whispersystems.textsecuregcm.configuration;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class MetricsConfiguration {
+
+  @JsonProperty
+  private String token;
+
+  @JsonProperty
+  private String host;
+
+  @JsonProperty
+  private boolean enabled = false;
+
+  public String getHost() {
+    return host;
+  }
+
+  public String getToken() {
+    return token;
+  }
+
+  public boolean isEnabled() {
+    return enabled && token != null && host != null;
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java
@@ -16,10 +16,9 @@
 */
 package org.whispersystems.textsecuregcm.controllers;

+import com.codahale.metrics.annotation.Timed;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.metrics.annotation.Timed;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.auth.AuthenticationCredentials;
@@ -35,8 +34,10 @@ import org.whispersystems.textsecuregcm.storage.Account;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.Device;
 import org.whispersystems.textsecuregcm.storage.PendingAccountsManager;
+import org.whispersystems.textsecuregcm.storage.StoredMessages;
 import org.whispersystems.textsecuregcm.util.Util;
 import org.whispersystems.textsecuregcm.util.VerificationCode;
+import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;

 import javax.validation.Valid;
 import javax.ws.rs.Consumes;
@@ -55,6 +56,8 @@ import java.io.IOException;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;

+import io.dropwizard.auth.Auth;
+
@Path("/v1/accounts")
 public class AccountController {

@@ -64,16 +67,19 @@ public class AccountController {
  private final AccountsManager        accounts;
  private final RateLimiters           rateLimiters;
  private final SmsSender              smsSender;
+  private final StoredMessages         storedMessages;

  public AccountController(PendingAccountsManager pendingAccounts,
                           AccountsManager accounts,
                           RateLimiters rateLimiters,
-                           SmsSender smsSenderFactory)
+                           SmsSender smsSenderFactory,
+                           StoredMessages storedMessages)
  {
    this.pendingAccounts = pendingAccounts;
    this.accounts        = accounts;
    this.rateLimiters    = rateLimiters;
    this.smsSender       = smsSenderFactory;
+    this.storedMessages  = storedMessages;
  }

  @Timed
@@ -135,6 +141,10 @@ public class AccountController {
        throw new WebApplicationException(Response.status(403).build());
      }

+      if (accounts.isRelayListed(number)) {
+        throw new WebApplicationException(Response.status(417).build());
+      }
+
      Device device = new Device();
      device.setId(Device.MASTER_ID);
      device.setAuthenticationCredentials(new AuthenticationCredentials(password));
@@ -148,7 +158,7 @@ public class AccountController {
      account.addDevice(device);

      accounts.create(account);
-
+      storedMessages.clear(new WebsocketAddress(number, Device.MASTER_ID));
      pendingAccounts.remove(number);

      logger.debug("Stored device...");
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentController.java
@@ -17,9 +17,8 @@
 package org.whispersystems.textsecuregcm.controllers;

 import com.amazonaws.HttpMethod;
+import com.codahale.metrics.annotation.Timed;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.metrics.annotation.Timed;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.entities.AttachmentDescriptor;
@@ -44,6 +43,8 @@ import java.net.URL;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;

+import io.dropwizard.auth.Auth;
+

@Path("/v1/attachments")
 public class AttachmentController {
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java
@@ -16,10 +16,9 @@
 */
 package org.whispersystems.textsecuregcm.controllers;

+import com.codahale.metrics.annotation.Timed;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.metrics.annotation.Timed;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.auth.AuthenticationCredentials;
@@ -29,8 +28,8 @@ import org.whispersystems.textsecuregcm.entities.AccountAttributes;
 import org.whispersystems.textsecuregcm.entities.DeviceResponse;
 import org.whispersystems.textsecuregcm.limits.RateLimiters;
 import org.whispersystems.textsecuregcm.storage.Account;
-import org.whispersystems.textsecuregcm.storage.Device;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
 import org.whispersystems.textsecuregcm.storage.PendingDevicesManager;
 import org.whispersystems.textsecuregcm.util.VerificationCode;

@@ -48,6 +47,8 @@ import javax.ws.rs.core.Response;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;

+import io.dropwizard.auth.Auth;
+
@Path("/v1/devices")
 public class DeviceController {

--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/DirectoryController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/DirectoryController.java
@@ -16,9 +16,11 @@
 */
 package org.whispersystems.textsecuregcm.controllers;

+import com.codahale.metrics.Histogram;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
+import com.codahale.metrics.annotation.Timed;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.metrics.annotation.Timed;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.entities.ClientContact;
@@ -28,6 +30,7 @@ import org.whispersystems.textsecuregcm.limits.RateLimiters;
 import org.whispersystems.textsecuregcm.storage.Account;
 import org.whispersystems.textsecuregcm.storage.DirectoryManager;
 import org.whispersystems.textsecuregcm.util.Base64;
+import org.whispersystems.textsecuregcm.util.Constants;

 import javax.validation.Valid;
 import javax.ws.rs.Consumes;
@@ -43,10 +46,15 @@ import java.io.IOException;
 import java.util.LinkedList;
 import java.util.List;

+import static com.codahale.metrics.MetricRegistry.name;
+import io.dropwizard.auth.Auth;
+
@Path("/v1/directory")
 public class DirectoryController {

-  private final Logger logger = LoggerFactory.getLogger(DirectoryController.class);
+  private final Logger         logger            = LoggerFactory.getLogger(DirectoryController.class);
+  private final MetricRegistry metricRegistry    = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+  private final Histogram      contactsHistogram = metricRegistry.histogram(name(getClass(), "contacts"));

  private final RateLimiters     rateLimiters;
  private final DirectoryManager directory;
@@ -56,7 +64,7 @@ public class DirectoryController {
    this.rateLimiters = rateLimiters;
  }

-  @Timed()
+  @Timed
  @GET
  @Path("/{token}")
  @Produces(MediaType.APPLICATION_JSON)
@@ -77,7 +85,7 @@ public class DirectoryController {
    }
  }

-  @Timed()
+  @Timed
  @PUT
  @Path("/tokens")
  @Produces(MediaType.APPLICATION_JSON)
@@ -86,6 +94,7 @@ public class DirectoryController {
      throws RateLimitExceededException
  {
    rateLimiters.getContactsLimiter().validate(account.getNumber(), contacts.getContacts().size());
+    contactsHistogram.update(contacts.getContacts().size());

    try {
      List<byte[]> tokens = new LinkedList<>();
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/FederationController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/FederationController.java
@@ -1,167 +1,19 @@
-/**
- * Copyright (C) 2013 Open WhisperSystems
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
 package org.whispersystems.textsecuregcm.controllers;

-import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.metrics.annotation.Timed;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.whispersystems.textsecuregcm.entities.AccountCount;
-import org.whispersystems.textsecuregcm.entities.AttachmentUri;
-import org.whispersystems.textsecuregcm.entities.ClientContact;
-import org.whispersystems.textsecuregcm.entities.ClientContacts;
-import org.whispersystems.textsecuregcm.entities.IncomingMessageList;
-import org.whispersystems.textsecuregcm.entities.PreKey;
-import org.whispersystems.textsecuregcm.entities.UnstructuredPreKeyList;
-import org.whispersystems.textsecuregcm.federation.FederatedPeer;
-import org.whispersystems.textsecuregcm.federation.NonLimitedAccount;
-import org.whispersystems.textsecuregcm.storage.Account;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
-import org.whispersystems.textsecuregcm.util.Util;

-import javax.validation.Valid;
-import javax.ws.rs.GET;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.MediaType;
-import java.io.IOException;
-import java.util.LinkedList;
-import java.util.List;
-
-@Path("/v1/federation")
 public class FederationController {

-  private final Logger logger = LoggerFactory.getLogger(FederationController.class);
+  protected final AccountsManager      accounts;
+  protected final AttachmentController attachmentController;
+  protected final MessageController    messageController;

-  private static final int ACCOUNT_CHUNK_SIZE = 10000;
-
-  private final AccountsManager      accounts;
-  private final AttachmentController attachmentController;
-  private final KeysController       keysController;
-  private final MessageController    messageController;
-
-  public FederationController(AccountsManager      accounts,
+  public FederationController(AccountsManager accounts,
                              AttachmentController attachmentController,
-                              KeysController       keysController,
-                              MessageController     messageController)
+                              MessageController messageController)
  {
    this.accounts             = accounts;
    this.attachmentController = attachmentController;
-    this.keysController       = keysController;
    this.messageController    = messageController;
  }
-
-  @Timed
-  @GET
-  @Path("/attachment/{attachmentId}")
-  @Produces(MediaType.APPLICATION_JSON)
-  public AttachmentUri getSignedAttachmentUri(@Auth                      FederatedPeer peer,
-                                              @PathParam("attachmentId") long attachmentId)
-      throws IOException
-  {
-    return attachmentController.redirectToAttachment(new NonLimitedAccount("Unknown", -1, peer.getName()),
-                                                     attachmentId, Optional.<String>absent());
-  }
-
-  @Timed
-  @GET
-  @Path("/key/{number}")
-  @Produces(MediaType.APPLICATION_JSON)
-  public PreKey getKey(@Auth                FederatedPeer peer,
-                       @PathParam("number") String number)
-      throws IOException
-  {
-    try {
-      return keysController.get(new NonLimitedAccount("Unknown", -1, peer.getName()), number, Optional.<String>absent());
-    } catch (RateLimitExceededException e) {
-      logger.warn("Rate limiting on federated channel", e);
-      throw new IOException(e);
-    }
-  }
-
-  @Timed
-  @GET
-  @Path("/key/{number}/{device}")
-  @Produces(MediaType.APPLICATION_JSON)
-  public UnstructuredPreKeyList getKeys(@Auth                FederatedPeer peer,
-                                        @PathParam("number") String number,
-                                        @PathParam("device") String device)
-      throws IOException
-  {
-    try {
-      return keysController.getDeviceKey(new NonLimitedAccount("Unknown", -1, peer.getName()),
-                                         number, device, Optional.<String>absent());
-    } catch (RateLimitExceededException e) {
-      logger.warn("Rate limiting on federated channel", e);
-      throw new IOException(e);
-    }
-  }
-
-  @Timed
-  @PUT
-  @Path("/messages/{source}/{sourceDeviceId}/{destination}")
-  public void sendMessages(@Auth                        FederatedPeer peer,
-                           @PathParam("source")         String source,
-                           @PathParam("sourceDeviceId") long sourceDeviceId,
-                           @PathParam("destination")    String destination,
-                           @Valid                       IncomingMessageList messages)
-      throws IOException
-  {
-    try {
-      messages.setRelay(null);
-      messageController.sendMessage(new NonLimitedAccount(source, sourceDeviceId, peer.getName()), destination, messages);
-    } catch (RateLimitExceededException e) {
-      logger.warn("Rate limiting on federated channel", e);
-      throw new IOException(e);
-    }
-  }
-
-  @Timed
-  @GET
-  @Path("/user_count")
-  @Produces(MediaType.APPLICATION_JSON)
-  public AccountCount getUserCount(@Auth FederatedPeer peer) {
-    return new AccountCount((int)accounts.getCount());
-  }
-
-  @Timed
-  @GET
-  @Path("/user_tokens/{offset}")
-  @Produces(MediaType.APPLICATION_JSON)
-  public ClientContacts getUserTokens(@Auth                FederatedPeer peer,
-                                      @PathParam("offset") int offset)
-  {
-    List<Account>       accountList    = accounts.getAll(offset, ACCOUNT_CHUNK_SIZE);
-    List<ClientContact> clientContacts = new LinkedList<>();
-
-    for (Account account : accountList) {
-      byte[]        token         = Util.getContactToken(account.getNumber());
-      ClientContact clientContact = new ClientContact(token, null, account.getSupportsSms());
-
-      if (!account.isActive()) {
-        clientContact.setInactive(true);
-      }
-
-      clientContacts.add(clientContact);
-    }
-
-    return new ClientContacts(clientContacts);
-  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/FederationControllerV1.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/FederationControllerV1.java
@@ -0,0 +1,164 @@
+/**
+ * Copyright (C) 2013 Open WhisperSystems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.controllers;
+
+import com.codahale.metrics.annotation.Timed;
+import com.google.common.base.Optional;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.entities.AccountCount;
+import org.whispersystems.textsecuregcm.entities.AttachmentUri;
+import org.whispersystems.textsecuregcm.entities.ClientContact;
+import org.whispersystems.textsecuregcm.entities.ClientContacts;
+import org.whispersystems.textsecuregcm.entities.IncomingMessageList;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyV1;
+import org.whispersystems.textsecuregcm.federation.FederatedPeer;
+import org.whispersystems.textsecuregcm.federation.NonLimitedAccount;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.util.Util;
+
+import javax.validation.Valid;
+import javax.ws.rs.GET;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import java.io.IOException;
+import java.util.LinkedList;
+import java.util.List;
+
+import io.dropwizard.auth.Auth;
+
+@Path("/v1/federation")
+public class FederationControllerV1 extends FederationController {
+
+  private final Logger logger = LoggerFactory.getLogger(FederationControllerV1.class);
+
+  private static final int ACCOUNT_CHUNK_SIZE = 10000;
+
+  private final KeysControllerV1 keysControllerV1;
+
+  public FederationControllerV1(AccountsManager accounts,
+                                AttachmentController attachmentController,
+                                MessageController messageController,
+                                KeysControllerV1 keysControllerV1)
+  {
+    super(accounts, attachmentController, messageController);
+    this.keysControllerV1 = keysControllerV1;
+  }
+
+  @Timed
+  @GET
+  @Path("/attachment/{attachmentId}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public AttachmentUri getSignedAttachmentUri(@Auth                      FederatedPeer peer,
+                                              @PathParam("attachmentId") long attachmentId)
+      throws IOException
+  {
+    return attachmentController.redirectToAttachment(new NonLimitedAccount("Unknown", -1, peer.getName()),
+                                                     attachmentId, Optional.<String>absent());
+  }
+
+  @Timed
+  @GET
+  @Path("/key/{number}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public Optional<PreKeyV1> getKey(@Auth                FederatedPeer peer,
+                                   @PathParam("number") String number)
+      throws IOException
+  {
+    try {
+      return keysControllerV1.get(new NonLimitedAccount("Unknown", -1, peer.getName()),
+                                  number, Optional.<String>absent());
+    } catch (RateLimitExceededException e) {
+      logger.warn("Rate limiting on federated channel", e);
+      throw new IOException(e);
+    }
+  }
+
+  @Timed
+  @GET
+  @Path("/key/{number}/{device}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public Optional<PreKeyResponseV1> getKeysV1(@Auth                FederatedPeer peer,
+                                              @PathParam("number") String number,
+                                              @PathParam("device") String device)
+      throws IOException
+  {
+    try {
+      return keysControllerV1.getDeviceKey(new NonLimitedAccount("Unknown", -1, peer.getName()),
+                                           number, device, Optional.<String>absent());
+    } catch (RateLimitExceededException e) {
+      logger.warn("Rate limiting on federated channel", e);
+      throw new IOException(e);
+    }
+  }
+
+  @Timed
+  @PUT
+  @Path("/messages/{source}/{sourceDeviceId}/{destination}")
+  public void sendMessages(@Auth                        FederatedPeer peer,
+                           @PathParam("source")         String source,
+                           @PathParam("sourceDeviceId") long sourceDeviceId,
+                           @PathParam("destination")    String destination,
+                           @Valid                       IncomingMessageList messages)
+      throws IOException
+  {
+    try {
+      messages.setRelay(null);
+      messageController.sendMessage(new NonLimitedAccount(source, sourceDeviceId, peer.getName()), destination, messages);
+    } catch (RateLimitExceededException e) {
+      logger.warn("Rate limiting on federated channel", e);
+      throw new IOException(e);
+    }
+  }
+
+  @Timed
+  @GET
+  @Path("/user_count")
+  @Produces(MediaType.APPLICATION_JSON)
+  public AccountCount getUserCount(@Auth FederatedPeer peer) {
+    return new AccountCount((int)accounts.getCount());
+  }
+
+  @Timed
+  @GET
+  @Path("/user_tokens/{offset}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public ClientContacts getUserTokens(@Auth                FederatedPeer peer,
+                                      @PathParam("offset") int offset)
+  {
+    List<Account>       accountList    = accounts.getAll(offset, ACCOUNT_CHUNK_SIZE);
+    List<ClientContact> clientContacts = new LinkedList<>();
+
+    for (Account account : accountList) {
+      byte[]        token         = Util.getContactToken(account.getNumber());
+      ClientContact clientContact = new ClientContact(token, null, account.getSupportsSms());
+
+      if (!account.isActive()) {
+        clientContact.setInactive(true);
+      }
+
+      clientContacts.add(clientContact);
+    }
+
+    return new ClientContacts(clientContacts);
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/FederationControllerV2.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/FederationControllerV2.java
@@ -0,0 +1,51 @@
+package org.whispersystems.textsecuregcm.controllers;
+
+import com.codahale.metrics.annotation.Timed;
+import com.google.common.base.Optional;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV2;
+import org.whispersystems.textsecuregcm.federation.FederatedPeer;
+import org.whispersystems.textsecuregcm.federation.NonLimitedAccount;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import java.io.IOException;
+
+import io.dropwizard.auth.Auth;
+
+@Path("/v2/federation")
+public class FederationControllerV2 extends FederationController {
+
+  private final Logger logger = LoggerFactory.getLogger(FederationControllerV2.class);
+
+  private final KeysControllerV2 keysControllerV2;
+
+  public FederationControllerV2(AccountsManager accounts, AttachmentController attachmentController, MessageController messageController, KeysControllerV2 keysControllerV2) {
+    super(accounts, attachmentController, messageController);
+    this.keysControllerV2 = keysControllerV2;
+  }
+
+  @Timed
+  @GET
+  @Path("/key/{number}/{device}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public Optional<PreKeyResponseV2> getKeysV2(@Auth                FederatedPeer peer,
+                                              @PathParam("number") String number,
+                                              @PathParam("device") String device)
+      throws IOException
+  {
+    try {
+      return keysControllerV2.getDeviceKeys(new NonLimitedAccount("Unknown", -1, peer.getName()),
+                                            number, device, Optional.<String>absent());
+    } catch (RateLimitExceededException e) {
+      logger.warn("Rate limiting on federated channel", e);
+      throw new IOException(e);
+    }
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysController.java
@@ -1,5 +1,5 @@
 /**
- * Copyright (C) 2013 Open WhisperSystems
+ * Copyright (C) 2014 Open Whisper Systems
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
@@ -16,45 +16,32 @@
 */
 package org.whispersystems.textsecuregcm.controllers;

+import com.codahale.metrics.annotation.Timed;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.metrics.annotation.Timed;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.whispersystems.textsecuregcm.entities.PreKey;
-import org.whispersystems.textsecuregcm.entities.PreKeyList;
-import org.whispersystems.textsecuregcm.entities.UnstructuredPreKeyList;
+import org.whispersystems.textsecuregcm.entities.PreKeyCount;
 import org.whispersystems.textsecuregcm.federation.FederatedClientManager;
-import org.whispersystems.textsecuregcm.federation.NoSuchPeerException;
 import org.whispersystems.textsecuregcm.limits.RateLimiters;
 import org.whispersystems.textsecuregcm.storage.Account;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.KeyRecord;
 import org.whispersystems.textsecuregcm.storage.Keys;

-import javax.validation.Valid;
-import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import java.util.LinkedList;
 import java.util.List;

-@Path("/v1/keys")
+import io.dropwizard.auth.Auth;
+
 public class KeysController {

-  private final Logger logger = LoggerFactory.getLogger(KeysController.class);
-
-  private final RateLimiters           rateLimiters;
-  private final Keys                   keys;
-  private final AccountsManager        accounts;
-  private final FederatedClientManager federatedClientManager;
+  protected final RateLimiters           rateLimiters;
+  protected final Keys                   keys;
+  protected final AccountsManager        accounts;
+  protected final FederatedClientManager federatedClientManager;

  public KeysController(RateLimiters rateLimiters, Keys keys, AccountsManager accounts,
                        FederatedClientManager federatedClientManager)
@@ -65,98 +52,65 @@ public class KeysController {
    this.federatedClientManager = federatedClientManager;
  }

-  @Timed
-  @PUT
-  @Consumes(MediaType.APPLICATION_JSON)
-  public void setKeys(@Auth Account account, @Valid PreKeyList preKeys)  {
-    Device device = account.getAuthenticatedDevice().get();
-    keys.store(account.getNumber(), device.getId(), preKeys.getKeys(), preKeys.getLastResortKey());
-  }
-
  @Timed
  @GET
-  @Path("/{number}/{device_id}")
  @Produces(MediaType.APPLICATION_JSON)
-  public UnstructuredPreKeyList getDeviceKey(@Auth                   Account account,
-                                             @PathParam("number")    String number,
-                                             @PathParam("device_id") String deviceId,
-                                             @QueryParam("relay")    Optional<String> relay)
-      throws RateLimitExceededException
-  {
-    try {
-      if (account.isRateLimited()) {
-        rateLimiters.getPreKeysLimiter().validate(account.getNumber() +  "__" + number + "." + deviceId);
-      }
+  public PreKeyCount getStatus(@Auth Account account) {
+    int count = keys.getCount(account.getNumber(), account.getAuthenticatedDevice().get().getId());

-      Optional<UnstructuredPreKeyList> results;
-
-      if (!relay.isPresent()) results = getLocalKeys(number, deviceId);
-      else                    results = federatedClientManager.getClient(relay.get()).getKeys(number, deviceId);
-
-      if (results.isPresent()) return results.get();
-      else                     throw new WebApplicationException(Response.status(404).build());
-    } catch (NoSuchPeerException e) {
-      throw new WebApplicationException(Response.status(404).build());
+    if (count > 0) {
+      count = count - 1;
    }
+
+    return new PreKeyCount(count);
  }

-  @Timed
-  @GET
-  @Path("/{number}")
-  @Produces(MediaType.APPLICATION_JSON)
-  public PreKey get(@Auth                Account account,
-                    @PathParam("number") String number,
-                    @QueryParam("relay") Optional<String> relay)
-      throws RateLimitExceededException
+  protected TargetKeys getLocalKeys(String number, String deviceIdSelector)
+      throws NoSuchUserException
  {
-    UnstructuredPreKeyList results = getDeviceKey(account, number, String.valueOf(Device.MASTER_ID), relay);
-    return results.getKeys().get(0);
-  }
-
-  private Optional<UnstructuredPreKeyList> getLocalKeys(String number, String deviceIdSelector) {
    Optional<Account> destination = accounts.get(number);

    if (!destination.isPresent() || !destination.get().isActive()) {
-      return Optional.absent();
+      throw new NoSuchUserException("Target account is inactive");
    }

    try {
      if (deviceIdSelector.equals("*")) {
-        Optional<UnstructuredPreKeyList> preKeys = keys.get(number);
-        return getActiveKeys(destination.get(), preKeys);
+        Optional<List<KeyRecord>> preKeys = keys.get(number);
+        return new TargetKeys(destination.get(), preKeys);
      }

      long             deviceId     = Long.parseLong(deviceIdSelector);
      Optional<Device> targetDevice = destination.get().getDevice(deviceId);

      if (!targetDevice.isPresent() || !targetDevice.get().isActive()) {
-        return Optional.absent();
+        throw new NoSuchUserException("Target device is inactive.");
      }

-      Optional<UnstructuredPreKeyList> preKeys = keys.get(number, deviceId);
-      return getActiveKeys(destination.get(), preKeys);
+      Optional<List<KeyRecord>> preKeys = keys.get(number, deviceId);
+      return new TargetKeys(destination.get(), preKeys);
    } catch (NumberFormatException e) {
      throw new WebApplicationException(Response.status(422).build());
    }
  }

-  private Optional<UnstructuredPreKeyList> getActiveKeys(Account destination,
-                                                         Optional<UnstructuredPreKeyList> preKeys)
-  {
-    if (!preKeys.isPresent()) return Optional.absent();

-    List<PreKey> filteredKeys = new LinkedList<>();
+  public static class TargetKeys {
+    private final Account         destination;
+    private final Optional<List<KeyRecord>> keys;

-    for (PreKey preKey : preKeys.get().getKeys()) {
-      Optional<Device> device = destination.getDevice(preKey.getDeviceId());
-
-      if (device.isPresent() && device.get().isActive()) {
-        preKey.setRegistrationId(device.get().getRegistrationId());
-        filteredKeys.add(preKey);
-      }
+    public TargetKeys(Account destination, Optional<List<KeyRecord>> keys) {
+      this.destination = destination;
+      this.keys        = keys;
    }

-    if (filteredKeys.isEmpty()) return Optional.absent();
-    else                        return Optional.of(new UnstructuredPreKeyList(filteredKeys));
+    public Optional<List<KeyRecord>> getKeys() {
+      return keys;
+    }
+
+    public Account getDestination() {
+      return destination;
+    }
  }
+
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysControllerV1.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysControllerV1.java
@@ -0,0 +1,136 @@
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.controllers;
+
+import com.codahale.metrics.annotation.Timed;
+import com.google.common.base.Optional;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyStateV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyV1;
+import org.whispersystems.textsecuregcm.federation.FederatedClientManager;
+import org.whispersystems.textsecuregcm.federation.NoSuchPeerException;
+import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.KeyRecord;
+import org.whispersystems.textsecuregcm.storage.Keys;
+
+import javax.validation.Valid;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import java.util.LinkedList;
+import java.util.List;
+
+import io.dropwizard.auth.Auth;
+
+@Path("/v1/keys")
+public class KeysControllerV1 extends KeysController {
+
+  private final Logger logger = LoggerFactory.getLogger(KeysControllerV1.class);
+
+  public KeysControllerV1(RateLimiters rateLimiters, Keys keys, AccountsManager accounts,
+                          FederatedClientManager federatedClientManager)
+  {
+    super(rateLimiters, keys, accounts, federatedClientManager);
+  }
+
+  @Timed
+  @PUT
+  @Consumes(MediaType.APPLICATION_JSON)
+  public void setKeys(@Auth Account account, @Valid PreKeyStateV1 preKeys)  {
+    Device device      = account.getAuthenticatedDevice().get();
+    String identityKey = preKeys.getLastResortKey().getIdentityKey();
+
+    if (!identityKey.equals(account.getIdentityKey())) {
+      account.setIdentityKey(identityKey);
+      accounts.update(account);
+    }
+
+    keys.store(account.getNumber(), device.getId(), preKeys.getKeys(), preKeys.getLastResortKey());
+  }
+
+  @Timed
+  @GET
+  @Path("/{number}/{device_id}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public Optional<PreKeyResponseV1> getDeviceKey(@Auth                   Account account,
+                                                 @PathParam("number")    String number,
+                                                 @PathParam("device_id") String deviceId,
+                                                 @QueryParam("relay")    Optional<String> relay)
+      throws RateLimitExceededException
+  {
+    try {
+      if (account.isRateLimited()) {
+        rateLimiters.getPreKeysLimiter().validate(account.getNumber() +  "__" + number + "." + deviceId);
+      }
+
+      if (relay.isPresent()) {
+        return federatedClientManager.getClient(relay.get()).getKeysV1(number, deviceId);
+      }
+
+      TargetKeys targetKeys = getLocalKeys(number, deviceId);
+
+      if (!targetKeys.getKeys().isPresent()) {
+        return Optional.absent();
+      }
+
+      List<PreKeyV1> preKeys     = new LinkedList<>();
+      Account        destination = targetKeys.getDestination();
+
+      for (KeyRecord record : targetKeys.getKeys().get()) {
+        Optional<Device> device = destination.getDevice(record.getDeviceId());
+        if (device.isPresent() && device.get().isActive()) {
+          preKeys.add(new PreKeyV1(record.getDeviceId(), record.getKeyId(),
+                                   record.getPublicKey(), destination.getIdentityKey(),
+                                   device.get().getRegistrationId()));
+        }
+      }
+
+      if (preKeys.isEmpty()) return Optional.absent();
+      else                   return Optional.of(new PreKeyResponseV1(preKeys));
+    } catch (NoSuchPeerException | NoSuchUserException e) {
+      throw new WebApplicationException(Response.status(404).build());
+    }
+  }
+
+  @Timed
+  @GET
+  @Path("/{number}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public Optional<PreKeyV1> get(@Auth                Account account,
+                                @PathParam("number") String number,
+                                @QueryParam("relay") Optional<String> relay)
+      throws RateLimitExceededException
+  {
+    Optional<PreKeyResponseV1> results = getDeviceKey(account, number, String.valueOf(Device.MASTER_ID), relay);
+
+    if (results.isPresent()) return Optional.of(results.get().getKeys().get(0));
+    else                     return Optional.absent();
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysControllerV2.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysControllerV2.java
@@ -0,0 +1,156 @@
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.controllers;
+
+
+import com.codahale.metrics.annotation.Timed;
+import com.google.common.base.Optional;
+import org.whispersystems.textsecuregcm.entities.SignedPreKey;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseItemV2;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV2;
+import org.whispersystems.textsecuregcm.entities.PreKeyStateV2;
+import org.whispersystems.textsecuregcm.entities.PreKeyV2;
+import org.whispersystems.textsecuregcm.federation.FederatedClientManager;
+import org.whispersystems.textsecuregcm.federation.NoSuchPeerException;
+import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.KeyRecord;
+import org.whispersystems.textsecuregcm.storage.Keys;
+
+import javax.validation.Valid;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import java.util.LinkedList;
+import java.util.List;
+
+import io.dropwizard.auth.Auth;
+
+@Path("/v2/keys")
+public class KeysControllerV2 extends KeysController {
+
+  public KeysControllerV2(RateLimiters rateLimiters, Keys keys, AccountsManager accounts,
+                          FederatedClientManager federatedClientManager)
+  {
+    super(rateLimiters, keys, accounts, federatedClientManager);
+  }
+
+
+  @Timed
+  @PUT
+  @Consumes(MediaType.APPLICATION_JSON)
+  public void setKeys(@Auth Account account, @Valid PreKeyStateV2 preKeys)  {
+    Device  device        = account.getAuthenticatedDevice().get();
+    boolean updateAccount = false;
+
+    if (!preKeys.getSignedPreKey().equals(device.getSignedPreKey())) {
+      device.setSignedPreKey(preKeys.getSignedPreKey());
+      updateAccount = true;
+    }
+
+    if (!preKeys.getIdentityKey().equals(account.getIdentityKey())) {
+      account.setIdentityKey(preKeys.getIdentityKey());
+      updateAccount = true;
+    }
+
+    if (updateAccount) {
+      accounts.update(account);
+    }
+
+    keys.store(account.getNumber(), device.getId(), preKeys.getPreKeys(), preKeys.getLastResortKey());
+  }
+
+  @Timed
+  @GET
+  @Path("/{number}/{device_id}")
+  @Produces(MediaType.APPLICATION_JSON)
+  public Optional<PreKeyResponseV2> getDeviceKeys(@Auth                   Account account,
+                                                  @PathParam("number")    String number,
+                                                  @PathParam("device_id") String deviceId,
+                                                  @QueryParam("relay")    Optional<String> relay)
+      throws RateLimitExceededException
+  {
+    try {
+      if (account.isRateLimited()) {
+        rateLimiters.getPreKeysLimiter().validate(account.getNumber() +  "__" + number + "." + deviceId);
+      }
+
+      if (relay.isPresent()) {
+        return federatedClientManager.getClient(relay.get()).getKeysV2(number, deviceId);
+      }
+
+      TargetKeys                 targetKeys  = getLocalKeys(number, deviceId);
+      Account                    destination = targetKeys.getDestination();
+      List<PreKeyResponseItemV2> devices     = new LinkedList<>();
+
+      for (Device device : destination.getDevices()) {
+        if (device.isActive() && (deviceId.equals("*") || device.getId() == Long.parseLong(deviceId))) {
+          SignedPreKey signedPreKey = device.getSignedPreKey();
+          PreKeyV2     preKey       = null;
+
+          if (targetKeys.getKeys().isPresent()) {
+            for (KeyRecord keyRecord : targetKeys.getKeys().get()) {
+              if (keyRecord.getDeviceId() == device.getId()) {
+                preKey = new PreKeyV2(keyRecord.getKeyId(), keyRecord.getPublicKey());
+              }
+            }
+          }
+
+          if (signedPreKey != null || preKey != null) {
+            devices.add(new PreKeyResponseItemV2(device.getId(), device.getRegistrationId(), signedPreKey, preKey));
+          }
+        }
+      }
+
+      if (devices.isEmpty()) return Optional.absent();
+      else                   return Optional.of(new PreKeyResponseV2(destination.getIdentityKey(), devices));
+    } catch (NoSuchPeerException | NoSuchUserException e) {
+      throw new WebApplicationException(Response.status(404).build());
+    }
+  }
+
+  @Timed
+  @PUT
+  @Path("/signed")
+  @Consumes(MediaType.APPLICATION_JSON)
+  public void setSignedKey(@Auth Account account, @Valid SignedPreKey signedPreKey) {
+    Device device = account.getAuthenticatedDevice().get();
+    device.setSignedPreKey(signedPreKey);
+    accounts.update(account);
+  }
+
+  @Timed
+  @GET
+  @Path("/signed")
+  @Produces(MediaType.APPLICATION_JSON)
+  public Optional<SignedPreKey> getSignedKey(@Auth Account account) {
+    Device       device       = account.getAuthenticatedDevice().get();
+    SignedPreKey signedPreKey = device.getSignedPreKey();
+
+    if (signedPreKey != null) return Optional.of(signedPreKey);
+    else                      return Optional.absent();
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java
@@ -16,10 +16,9 @@
 */
 package org.whispersystems.textsecuregcm.controllers;

+import com.codahale.metrics.annotation.Timed;
 import com.google.common.base.Optional;
 import com.google.protobuf.ByteString;
-import com.yammer.dropwizard.auth.Auth;
-import com.yammer.metrics.annotation.Timed;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.entities.IncomingMessage;
@@ -56,6 +55,8 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;

+import io.dropwizard.auth.Auth;
+
@Path("/v1/messages")
 public class MessageController {

@@ -141,7 +142,7 @@ public class MessageController {
      Optional<Device> destinationDevice = destination.getDevice(incomingMessage.getDestinationDeviceId());

      if (destinationDevice.isPresent()) {
-        sendLocalMessage(source, destination, destinationDevice.get(), incomingMessage);
+        sendLocalMessage(source, destination, destinationDevice.get(), messages.getTimestamp(), incomingMessage);
      }
    }
  }
@@ -149,6 +150,7 @@ public class MessageController {
  private void sendLocalMessage(Account source,
                                Account destinationAccount,
                                Device destinationDevice,
+                                long timestamp,
                                IncomingMessage incomingMessage)
      throws NoSuchUserException, IOException
  {
@@ -158,7 +160,7 @@ public class MessageController {

      messageBuilder.setType(incomingMessage.getType())
                    .setSource(source.getNumber())
-                    .setTimestamp(System.currentTimeMillis())
+                    .setTimestamp(timestamp == 0 ? System.currentTimeMillis() : timestamp)
                    .setSourceDevice((int)source.getAuthenticatedDevice().get().getId());

      if (messageBody.isPresent()) {
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/MismatchedDevicesException.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/MismatchedDevicesException.java
@@ -1,7 +1,6 @@
 package org.whispersystems.textsecuregcm.controllers;

 import java.util.List;
-import java.util.Set;

 public class MismatchedDevicesException extends Exception {

--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/NoSuchUserException.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/NoSuchUserException.java
@@ -16,8 +16,6 @@
 */
 package org.whispersystems.textsecuregcm.controllers;

-import org.whispersystems.textsecuregcm.federation.NoSuchPeerException;
-
 import java.util.LinkedList;
 import java.util.List;

@@ -27,7 +25,7 @@ public class NoSuchUserException extends Exception {

  public NoSuchUserException(String user) {
    super(user);
-    missing = new LinkedList<String>();
+    missing = new LinkedList<>();
    missing.add(user);
  }

--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/ReceiptController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/ReceiptController.java
@@ -0,0 +1,108 @@
+package org.whispersystems.textsecuregcm.controllers;
+
+import com.codahale.metrics.annotation.Timed;
+import com.google.common.base.Optional;
+import org.whispersystems.textsecuregcm.federation.FederatedClientManager;
+import org.whispersystems.textsecuregcm.federation.NoSuchPeerException;
+import org.whispersystems.textsecuregcm.push.NotPushRegisteredException;
+import org.whispersystems.textsecuregcm.push.PushSender;
+import org.whispersystems.textsecuregcm.push.TransientPushFailureException;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
+
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+import java.io.IOException;
+import java.util.List;
+
+import io.dropwizard.auth.Auth;
+import static org.whispersystems.textsecuregcm.entities.MessageProtos.OutgoingMessageSignal;
+
+@Path("/v1/receipt")
+public class ReceiptController {
+
+  private final AccountsManager        accountManager;
+  private final PushSender             pushSender;
+  private final FederatedClientManager federatedClientManager;
+
+  public ReceiptController(AccountsManager accountManager,
+                           FederatedClientManager federatedClientManager,
+                           PushSender pushSender)
+  {
+    this.accountManager         = accountManager;
+    this.federatedClientManager = federatedClientManager;
+    this.pushSender             = pushSender;
+  }
+
+  @Timed
+  @PUT
+  @Path("/{destination}/{messageId}")
+  public void sendDeliveryReceipt(@Auth                     Account source,
+                                  @PathParam("destination") String destination,
+                                  @PathParam("messageId")   long messageId,
+                                  @QueryParam("relay")      Optional<String> relay)
+      throws IOException
+  {
+    try {
+      if (relay.isPresent()) sendRelayedReceipt(source, destination, messageId, relay.get());
+      else                   sendDirectReceipt(source, destination, messageId);
+    } catch (NoSuchUserException | NotPushRegisteredException e) {
+      throw new WebApplicationException(Response.Status.NOT_FOUND);
+    } catch (TransientPushFailureException e) {
+      throw new IOException(e);
+    }
+  }
+
+  private void sendRelayedReceipt(Account source, String destination, long messageId, String relay)
+      throws NoSuchUserException, IOException
+  {
+    try {
+      federatedClientManager.getClient(relay)
+                            .sendDeliveryReceipt(source.getNumber(),
+                                                 source.getAuthenticatedDevice().get().getId(),
+                                                 destination, messageId);
+    } catch (NoSuchPeerException e) {
+      throw new NoSuchUserException(e);
+    }
+  }
+
+  private void sendDirectReceipt(Account source, String destination, long messageId)
+      throws NotPushRegisteredException, TransientPushFailureException, NoSuchUserException
+  {
+    Account      destinationAccount = getDestinationAccount(destination);
+    List<Device> destinationDevices = destinationAccount.getDevices();
+
+    OutgoingMessageSignal.Builder message =
+        OutgoingMessageSignal.newBuilder()
+                             .setSource(source.getNumber())
+                             .setSourceDevice((int) source.getAuthenticatedDevice().get().getId())
+                             .setTimestamp(messageId)
+                             .setType(OutgoingMessageSignal.Type.RECEIPT_VALUE);
+
+    if (source.getRelay().isPresent()) {
+      message.setRelay(source.getRelay().get());
+    }
+
+    for (Device destinationDevice : destinationDevices) {
+      pushSender.sendMessage(destinationAccount, destinationDevice, message.build());
+    }
+  }
+
+  private Account getDestinationAccount(String destination)
+      throws NoSuchUserException
+  {
+    Optional<Account> account = accountManager.get(destination);
+
+    if (!account.isPresent()) {
+      throw new NoSuchUserException(destination);
+    }
+
+    return account.get();
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/WebsocketController.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/WebsocketController.java
@@ -1,17 +1,28 @@
 package org.whispersystems.textsecuregcm.controllers;

 import com.fasterxml.jackson.databind.ObjectMapper;
-import org.eclipse.jetty.websocket.WebSocket;
+import com.google.common.base.Optional;
+import org.eclipse.jetty.websocket.api.CloseStatus;
+import org.eclipse.jetty.websocket.api.Session;
+import org.eclipse.jetty.websocket.api.UpgradeRequest;
+import org.eclipse.jetty.websocket.api.WebSocketListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.auth.AccountAuthenticator;
 import org.whispersystems.textsecuregcm.entities.AcknowledgeWebsocketMessage;
 import org.whispersystems.textsecuregcm.entities.IncomingWebsocketMessage;
+import org.whispersystems.textsecuregcm.entities.PendingMessage;
+import org.whispersystems.textsecuregcm.push.NotPushRegisteredException;
+import org.whispersystems.textsecuregcm.push.PushSender;
+import org.whispersystems.textsecuregcm.push.TransientPushFailureException;
 import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.Device;
 import org.whispersystems.textsecuregcm.storage.PubSubListener;
 import org.whispersystems.textsecuregcm.storage.PubSubManager;
 import org.whispersystems.textsecuregcm.storage.PubSubMessage;
-import org.whispersystems.textsecuregcm.storage.StoredMessageManager;
+import org.whispersystems.textsecuregcm.storage.StoredMessages;
+import org.whispersystems.textsecuregcm.util.SystemMapper;
 import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;
 import org.whispersystems.textsecuregcm.websocket.WebsocketMessage;

@@ -22,113 +33,104 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;

-public class WebsocketController implements WebSocket.OnTextMessage, PubSubListener {
+import io.dropwizard.auth.AuthenticationException;
+import io.dropwizard.auth.basic.BasicCredentials;
+import static org.whispersystems.textsecuregcm.entities.MessageProtos.OutgoingMessageSignal;

-  private static final Logger            logger          = LoggerFactory.getLogger(WebsocketController.class);
-  private static final ObjectMapper      mapper          = new ObjectMapper();
-  private static final Map<Long, String> pendingMessages = new HashMap<>();
+public class WebsocketController implements WebSocketListener, PubSubListener {

-  private final StoredMessageManager storedMessageManager;
+  private static final Logger                    logger          = LoggerFactory.getLogger(WebsocketController.class);
+  private static final ObjectMapper              mapper          = SystemMapper.getMapper();
+  private static final Map<Long, PendingMessage> pendingMessages = new HashMap<>();
+
+  private final AccountAuthenticator accountAuthenticator;
+  private final AccountsManager      accountsManager;
  private final PubSubManager        pubSubManager;
+  private final StoredMessages       storedMessages;
+  private final PushSender           pushSender;

-  private final Account account;
-  private final Device  device;
+  private WebsocketAddress address;
+  private Account          account;
+  private Device           device;
+  private Session          session;

-  private Connection connection;
-  private long       pendingMessageSequence;
+  private long pendingMessageSequence;

-  public WebsocketController(StoredMessageManager storedMessageManager,
-                             PubSubManager pubSubManager,
-                             Account account)
+  public WebsocketController(AccountAuthenticator accountAuthenticator,
+                             AccountsManager      accountsManager,
+                             PushSender           pushSender,
+                             PubSubManager        pubSubManager,
+                             StoredMessages       storedMessages)
  {
-    this.storedMessageManager = storedMessageManager;
+    this.accountAuthenticator = accountAuthenticator;
+    this.accountsManager      = accountsManager;
+    this.pushSender           = pushSender;
    this.pubSubManager        = pubSubManager;
-    this.account              = account;
-    this.device               = account.getAuthenticatedDevice().get();
-  }
-
-
-  @Override
-  public void onOpen(Connection connection) {
-    this.connection = connection;
-    pubSubManager.subscribe(new WebsocketAddress(this.account.getId(), this.device.getId()), this);
-    handleQueryDatabase();
+    this.storedMessages       = storedMessages;
  }

  @Override
-  public void onClose(int i, String s) {
-    handleClose();
+  public void onWebSocketConnect(Session session) {
+    try {
+      UpgradeRequest        request    = session.getUpgradeRequest();
+      Map<String, String[]> parameters = request.getParameterMap();
+      String[]              usernames  = parameters.get("login"   );
+      String[]              passwords  = parameters.get("password");
+
+      if (usernames == null || usernames.length == 0 ||
+          passwords == null || passwords.length == 0)
+      {
+        session.close(new CloseStatus(4001, "Unauthorized"));
+        return;
+      }
+
+      BasicCredentials  credentials = new BasicCredentials(usernames[0], passwords[0]);
+      Optional<Account> account     = accountAuthenticator.authenticate(credentials);
+
+      if (!account.isPresent()) {
+        session.close(new CloseStatus(4001, "Unauthorized"));
+        return;
+      }
+
+      this.account = account.get();
+      this.device  = account.get().getAuthenticatedDevice().get();
+      this.address = new WebsocketAddress(this.account.getNumber(), this.device.getId());
+      this.session = session;
+
+      this.session.setIdleTimeout(10 * 60 * 1000);
+      this.pubSubManager.subscribe(this.address, this);
+
+      handleQueryDatabase();
+    } catch (AuthenticationException e) {
+      try { session.close(1011, "Server Error");} catch (IOException e1) {}
+    } catch (IOException ioe) {
+      logger.info("Abrupt session close.");
+    }
  }

  @Override
-  public void onMessage(String body) {
+  public void onWebSocketText(String body) {
    try {
      IncomingWebsocketMessage incomingMessage = mapper.readValue(body, IncomingWebsocketMessage.class);

      switch (incomingMessage.getType()) {
-        case IncomingWebsocketMessage.TYPE_ACKNOWLEDGE_MESSAGE: handleMessageAck(body); break;
-        case IncomingWebsocketMessage.TYPE_PING_MESSAGE:        handlePing();           break;
-        default:                                                handleClose();          break;
+        case IncomingWebsocketMessage.TYPE_ACKNOWLEDGE_MESSAGE:
+          handleMessageAck(body);
+          break;
+        default:
+          close(new CloseStatus(1008, "Unknown Type"));
      }
    } catch (IOException e) {
      logger.debug("Parse", e);
-      handleClose();
+      close(new CloseStatus(1008, "Badly Formatted"));
    }
  }

  @Override
-  public void onPubSubMessage(PubSubMessage outgoingMessage) {
-    switch (outgoingMessage.getType()) {
-      case PubSubMessage.TYPE_DELIVER:  handleDeliverOutgoingMessage(outgoingMessage.getContents()); break;
-      case PubSubMessage.TYPE_QUERY_DB: handleQueryDatabase();                                       break;
-      default:
-        logger.warn("Unknown pubsub message: " + outgoingMessage.getType());
-    }
-  }
+  public void onWebSocketClose(int i, String s) {
+    pubSubManager.unsubscribe(this.address, this);

-  private void handleDeliverOutgoingMessage(String message) {
-    try {
-      long messageSequence;
-
-      synchronized (pendingMessages) {
-        messageSequence = pendingMessageSequence++;
-        pendingMessages.put(messageSequence, message);
-      }
-
-      connection.sendMessage(mapper.writeValueAsString(new WebsocketMessage(messageSequence, message)));
-    } catch (IOException e) {
-      logger.debug("Response failed", e);
-      handleClose();
-    }
-  }
-
-  private void handleMessageAck(String message) {
-    try {
-      AcknowledgeWebsocketMessage ack = mapper.readValue(message, AcknowledgeWebsocketMessage.class);
-
-      synchronized (pendingMessages) {
-        pendingMessages.remove(ack.getId());
-      }
-    } catch (IOException e) {
-      logger.warn("Mapping", e);
-    }
-  }
-
-  private void handlePing() {
-    try {
-      IncomingWebsocketMessage pongMessage = new IncomingWebsocketMessage(IncomingWebsocketMessage.TYPE_PONG_MESSAGE);
-      connection.sendMessage(mapper.writeValueAsString(pongMessage));
-    } catch (IOException e) {
-      logger.warn("Pong failed", e);
-      handleClose();
-    }
-  }
-
-  private void handleClose() {
-    pubSubManager.unsubscribe(new WebsocketAddress(account.getId(), device.getId()), this);
-    connection.close();
-
-    List<String> remainingMessages = new LinkedList<>();
+    List<PendingMessage> remainingMessages = new LinkedList<>();

    synchronized (pendingMessages) {
      Long[] pendingKeys = pendingMessages.keySet().toArray(new Long[0]);
@@ -141,15 +143,121 @@ public class WebsocketController implements WebSocket.OnTextMessage, PubSubListe
      pendingMessages.clear();
    }

-    storedMessageManager.storeMessages(account, device, remainingMessages);
+    for (PendingMessage remainingMessage : remainingMessages) {
+      try {
+        pushSender.sendMessage(account, device, remainingMessage);
+      } catch (NotPushRegisteredException | TransientPushFailureException e) {
+        logger.warn("onWebSocketClose", e);
+        storedMessages.insert(address, remainingMessage);
+      }
+    }
+  }
+
+  @Override
+  public void onPubSubMessage(PubSubMessage outgoingMessage) {
+    switch (outgoingMessage.getType()) {
+      case PubSubMessage.TYPE_DELIVER:
+        try {
+          PendingMessage pendingMessage = mapper.readValue(outgoingMessage.getContents(), PendingMessage.class);
+          handleDeliverOutgoingMessage(pendingMessage);
+        } catch (IOException e) {
+          logger.warn("WebsocketController", "Error deserializing PendingMessage", e);
+        }
+        break;
+      case PubSubMessage.TYPE_QUERY_DB:
+        handleQueryDatabase();
+        break;
+      default:
+        logger.warn("Unknown pubsub message: " + outgoingMessage.getType());
+    }
+  }
+
+  private void handleDeliverOutgoingMessage(PendingMessage message) {
+    try {
+      long messageSequence;
+
+      synchronized (pendingMessages) {
+        messageSequence = pendingMessageSequence++;
+        pendingMessages.put(messageSequence, message);
+      }
+
+      WebsocketMessage websocketMessage = new WebsocketMessage(messageSequence, message.getEncryptedOutgoingMessage());
+      session.getRemote().sendStringByFuture(mapper.writeValueAsString(websocketMessage));
+    } catch (IOException e) {
+      logger.debug("Response failed", e);
+      close(null);
+    }
+  }
+
+  private void handleMessageAck(String message) {
+    try {
+      AcknowledgeWebsocketMessage ack = mapper.readValue(message, AcknowledgeWebsocketMessage.class);
+      PendingMessage acknowledgedMessage;
+
+      synchronized (pendingMessages) {
+        acknowledgedMessage = pendingMessages.remove(ack.getId());
+      }
+
+      if (acknowledgedMessage != null && !acknowledgedMessage.isReceipt()) {
+        sendDeliveryReceipt(acknowledgedMessage);
+      }
+
+    } catch (IOException e) {
+      logger.warn("Mapping", e);
+    }
  }

  private void handleQueryDatabase() {
-    List<String> messages = storedMessageManager.getOutgoingMessages(account, device);
+    List<PendingMessage> messages = storedMessages.getMessagesForDevice(address);

-    for (String message : messages) {
+    for (PendingMessage message : messages) {
      handleDeliverOutgoingMessage(message);
    }
  }

+  private void sendDeliveryReceipt(PendingMessage acknowledgedMessage) {
+    try {
+      Optional<Account> source = accountsManager.get(acknowledgedMessage.getSender());
+
+      if (!source.isPresent()) {
+        logger.warn("Source account disappeared? (%s)", acknowledgedMessage.getSender());
+        return;
+      }
+
+      OutgoingMessageSignal.Builder receipt =
+          OutgoingMessageSignal.newBuilder()
+                               .setSource(account.getNumber())
+                               .setSourceDevice((int) device.getId())
+                               .setTimestamp(acknowledgedMessage.getMessageId())
+                               .setType(OutgoingMessageSignal.Type.RECEIPT_VALUE);
+
+      for (Device device : source.get().getDevices()) {
+        pushSender.sendMessage(source.get(), device, receipt.build());
+      }
+    } catch (NotPushRegisteredException | TransientPushFailureException e) {
+      logger.warn("Websocket", "Delivery receipet", e);
+    }
+  }
+
+  @Override
+  public void onWebSocketBinary(byte[] bytes, int i, int i2) {
+    logger.info("Received binary message!");
+  }
+
+  @Override
+  public void onWebSocketError(Throwable throwable) {
+    logger.info("onWebSocketError", throwable);
+  }
+
+
+  private void close(CloseStatus closeStatus) {
+    try {
+      if (this.session != null) {
+        if (closeStatus != null) this.session.close(closeStatus);
+        else                     this.session.close();
+      }
+    } catch (IOException e) {
+      logger.info("close()", e);
+    }
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/controllers/WebsocketControllerFactory.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/WebsocketControllerFactory.java
@@ -1,98 +0,0 @@
-package org.whispersystems.textsecuregcm.controllers;
-
-import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.AuthenticationException;
-import com.yammer.dropwizard.auth.basic.BasicCredentials;
-import org.eclipse.jetty.websocket.WebSocket;
-import org.eclipse.jetty.websocket.WebSocketServlet;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.whispersystems.textsecuregcm.auth.AccountAuthenticator;
-import org.whispersystems.textsecuregcm.storage.Account;
-import org.whispersystems.textsecuregcm.storage.PubSubManager;
-import org.whispersystems.textsecuregcm.storage.StoredMessageManager;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-
-public class WebsocketControllerFactory extends WebSocketServlet {
-
-  private final Logger logger = LoggerFactory.getLogger(WebsocketControllerFactory.class);
-
-  private final StoredMessageManager storedMessageManager;
-  private final PubSubManager        pubSubManager;
-  private final AccountAuthenticator accountAuthenticator;
-
-  private final LinkedHashMap<BasicCredentials, Optional<Account>> cache =
-      new LinkedHashMap<BasicCredentials, Optional<Account>>() {
-    @Override
-    protected boolean removeEldestEntry(Map.Entry<BasicCredentials, Optional<Account>> eldest) {
-      return size() > 10;
-    }
-  };
-
-  public WebsocketControllerFactory(AccountAuthenticator accountAuthenticator,
-                                    StoredMessageManager storedMessageManager,
-                                    PubSubManager pubSubManager)
-  {
-    this.accountAuthenticator = accountAuthenticator;
-    this.storedMessageManager = storedMessageManager;
-    this.pubSubManager        = pubSubManager;
-  }
-
-  @Override
-  public WebSocket doWebSocketConnect(HttpServletRequest request, String s) {
-    try {
-      String username = request.getParameter("user");
-      String password = request.getParameter("password");
-
-      if (username == null || password == null) {
-        return null;
-      }
-
-      BasicCredentials credentials = new BasicCredentials(username, password);
-
-      Optional<Account> account = cache.remove(credentials);
-
-      if (account == null) {
-        account = accountAuthenticator.authenticate(new BasicCredentials(username, password));
-      }
-
-      if (!account.isPresent()) {
-        return null;
-      }
-
-      return new WebsocketController(storedMessageManager, pubSubManager, account.get());
-    } catch (AuthenticationException e) {
-      throw new AssertionError(e);
-    }
-  }
-
-  @Override
-  public boolean checkOrigin(HttpServletRequest request, String origin) {
-    try {
-      String username = request.getParameter("user");
-      String password = request.getParameter("password");
-
-      if (username == null || password == null) {
-        return false;
-      }
-
-      BasicCredentials  credentials = new BasicCredentials(username, password);
-      Optional<Account> account     = accountAuthenticator.authenticate(credentials);
-
-      if (!account.isPresent()) {
-        return false;
-      }
-
-      cache.put(credentials, account);
-
-      return true;
-    } catch (AuthenticationException e) {
-      logger.warn("Auth Failure", e);
-      return false;
-    }
-  }
-}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/ClientContactTokens.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/ClientContactTokens.java
@@ -30,4 +30,11 @@ public class ClientContactTokens {
  public List<String> getContacts() {
    return contacts;
  }
+
+  public ClientContactTokens() {}
+
+  public ClientContactTokens(List<String> contacts) {
+    this.contacts = contacts;
+  }
+
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/EncryptedOutgoingMessage.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/EncryptedOutgoingMessage.java
@@ -41,23 +41,22 @@ public class EncryptedOutgoingMessage {
  private static final int    MAC_KEY_SIZE    = 20;
  private static final int    MAC_SIZE        = 10;

-  private final OutgoingMessageSignal outgoingMessage;
-  private final String signalingKey;
+  private final String serialized;

  public EncryptedOutgoingMessage(OutgoingMessageSignal outgoingMessage,
                                  String signalingKey)
+      throws CryptoEncodingException
  {
-    this.outgoingMessage = outgoingMessage;
-    this.signalingKey    = signalingKey;
-  }
-
-  public String serialize() throws CryptoEncodingException {
    byte[]        plaintext  = outgoingMessage.toByteArray();
    SecretKeySpec cipherKey  = getCipherKey (signalingKey);
    SecretKeySpec macKey     = getMacKey(signalingKey);
    byte[]        ciphertext = getCiphertext(plaintext, cipherKey, macKey);

-    return Base64.encodeBytes(ciphertext);
+    this.serialized = Base64.encodeBytes(ciphertext);
+  }
+
+  public String serialize() {
+    return serialized;
  }

  private byte[] getCiphertext(byte[] plaintext, SecretKeySpec cipherKey, SecretKeySpec macKey)
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/IncomingMessage.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/IncomingMessage.java
@@ -41,7 +41,7 @@ public class IncomingMessage {
  private String relay;

  @JsonProperty
-  private long   timestamp;
+  private long   timestamp; // deprecated


  public String getDestination() {
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/IncomingMessageList.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/IncomingMessageList.java
@@ -32,6 +32,9 @@ public class IncomingMessageList {
  @JsonProperty
  private String relay;

+  @JsonProperty
+  private long timestamp;
+
  public IncomingMessageList() {}

  public List<IncomingMessage> getMessages() {
@@ -45,4 +48,8 @@ public class IncomingMessageList {
  public void setRelay(String relay) {
    this.relay = relay;
  }
+
+  public long getTimestamp() {
+    return timestamp;
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/MessageProtos.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/MessageProtos.java
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PendingMessage.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PendingMessage.java
@@ -0,0 +1,60 @@
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class PendingMessage {
+
+  @JsonProperty
+  private String sender;
+
+  @JsonProperty
+  private long   messageId;
+
+  @JsonProperty
+  private String encryptedOutgoingMessage;
+
+  @JsonProperty
+  private boolean receipt;
+
+  public PendingMessage() {}
+
+  public PendingMessage(String sender, long messageId, boolean receipt, String encryptedOutgoingMessage) {
+    this.sender                    = sender;
+    this.messageId                 = messageId;
+    this.receipt                   = receipt;
+    this.encryptedOutgoingMessage  = encryptedOutgoingMessage;
+  }
+
+  public String getEncryptedOutgoingMessage() {
+    return encryptedOutgoingMessage;
+  }
+
+  public long getMessageId() {
+    return messageId;
+  }
+
+  public String getSender() {
+    return sender;
+  }
+
+  public boolean isReceipt() {
+    return receipt;
+  }
+
+  @Override
+  public boolean equals(Object other) {
+    if (other == null || !(other instanceof PendingMessage)) return false;
+    PendingMessage that = (PendingMessage)other;
+
+    return
+        this.sender.equals(that.sender) &&
+        this.messageId == that.messageId &&
+        this.receipt == that.receipt     &&
+        this.encryptedOutgoingMessage.equals(that.encryptedOutgoingMessage);
+  }
+
+  @Override
+  public int hashCode() {
+    return this.sender.hashCode() ^ (int)this.messageId ^ this.encryptedOutgoingMessage.hashCode() ^ (receipt ? 1 : 0);
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyBase.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyBase.java
@@ -0,0 +1,8 @@
+package org.whispersystems.textsecuregcm.entities;
+
+public interface PreKeyBase {
+
+  public long getKeyId();
+  public String getPublicKey();
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyCount.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyCount.java
@@ -0,0 +1,20 @@
+package org.whispersystems.textsecuregcm.entities;
+
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class PreKeyCount {
+
+  @JsonProperty
+  private int count;
+
+  public PreKeyCount(int count) {
+    this.count = count;
+  }
+
+  public PreKeyCount() {}
+
+  public int getCount() {
+    return count;
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyResponseItemV2.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyResponseItemV2.java
@@ -0,0 +1,64 @@
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.google.common.annotations.VisibleForTesting;
+
+public class PreKeyResponseItemV2 {
+
+  @JsonProperty
+  private long deviceId;
+
+  @JsonProperty
+  private int registrationId;
+
+  @JsonProperty
+  private SignedPreKey signedPreKey;
+
+  @JsonProperty
+  private PreKeyV2 preKey;
+
+  public PreKeyResponseItemV2() {}
+
+  public PreKeyResponseItemV2(long deviceId, int registrationId, SignedPreKey signedPreKey, PreKeyV2 preKey) {
+    this.deviceId       = deviceId;
+    this.registrationId = registrationId;
+    this.signedPreKey   = signedPreKey;
+    this.preKey         = preKey;
+  }
+
+  @VisibleForTesting
+  public SignedPreKey getSignedPreKey() {
+    return signedPreKey;
+  }
+
+  @VisibleForTesting
+  public PreKeyV2 getPreKey() {
+    return preKey;
+  }
+
+  @VisibleForTesting
+  public int getRegistrationId() {
+    return registrationId;
+  }
+
+  @VisibleForTesting
+  public long getDeviceId() {
+    return deviceId;
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/UnstructuredPreKeyList.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/UnstructuredPreKeyList.java
@@ -18,7 +18,6 @@ package org.whispersystems.textsecuregcm.entities;

 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.google.common.annotations.VisibleForTesting;
-import org.hibernate.validator.constraints.NotEmpty;

 import javax.validation.Valid;
 import javax.validation.constraints.NotNull;
@@ -26,36 +25,36 @@ import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;

-public class UnstructuredPreKeyList {
+public class PreKeyResponseV1 {

  @JsonProperty
  @NotNull
  @Valid
-  private List<PreKey> keys;
+  private List<PreKeyV1> keys;

  @VisibleForTesting
-  public UnstructuredPreKeyList() {}
+  public PreKeyResponseV1() {}

-  public UnstructuredPreKeyList(PreKey preKey) {
-    this.keys = new LinkedList<PreKey>();
+  public PreKeyResponseV1(PreKeyV1 preKey) {
+    this.keys = new LinkedList<>();
    this.keys.add(preKey);
  }

-  public UnstructuredPreKeyList(List<PreKey> preKeys) {
+  public PreKeyResponseV1(List<PreKeyV1> preKeys) {
    this.keys = preKeys;
  }

-  public List<PreKey> getKeys() {
+  public List<PreKeyV1> getKeys() {
    return keys;
  }

  @VisibleForTesting
  public boolean equals(Object o) {
-    if (!(o instanceof UnstructuredPreKeyList) ||
-        ((UnstructuredPreKeyList) o).keys.size() != keys.size())
+    if (!(o instanceof PreKeyResponseV1) ||
+        ((PreKeyResponseV1) o).keys.size() != keys.size())
      return false;
-    Iterator<PreKey> otherKeys = ((UnstructuredPreKeyList) o).keys.iterator();
-    for (PreKey key : keys) {
+    Iterator<PreKeyV1> otherKeys = ((PreKeyResponseV1) o).keys.iterator();
+    for (PreKeyV1 key : keys) {
      if (!otherKeys.next().equals(key))
        return false;
    }
@@ -64,7 +63,7 @@ public class UnstructuredPreKeyList {

  public int hashCode() {
    int ret = 0xFBA4C795 * keys.size();
-    for (PreKey key : keys)
+    for (PreKeyV1 key : keys)
      ret ^= key.getPublicKey().hashCode();
    return ret;
  }
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyResponseV2.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyResponseV2.java
@@ -0,0 +1,48 @@
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.google.common.annotations.VisibleForTesting;
+
+import java.util.List;
+
+public class PreKeyResponseV2 {
+
+  @JsonProperty
+  private String identityKey;
+
+  @JsonProperty
+  private List<PreKeyResponseItemV2> devices;
+
+  public PreKeyResponseV2() {}
+
+  public PreKeyResponseV2(String identityKey, List<PreKeyResponseItemV2> devices) {
+    this.identityKey = identityKey;
+    this.devices     = devices;
+  }
+
+  @VisibleForTesting
+  public String getIdentityKey() {
+    return identityKey;
+  }
+
+  @VisibleForTesting
+  public List<PreKeyResponseItemV2> getDevices() {
+    return devices;
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyStateV1.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyStateV1.java
@@ -1,5 +1,5 @@
 /**
- * Copyright (C) 2013 Open WhisperSystems
+ * Copyright (C) 2014 Open Whisper Systems
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
@@ -17,28 +17,39 @@
 package org.whispersystems.textsecuregcm.entities;

 import com.fasterxml.jackson.annotation.JsonProperty;
-import org.hibernate.validator.constraints.NotEmpty;
+import com.google.common.annotations.VisibleForTesting;

 import javax.validation.Valid;
 import javax.validation.constraints.NotNull;
 import java.util.List;

-public class PreKeyList {
-
-  @JsonProperty
-  @NotNull
-  private PreKey lastResortKey;
+public class PreKeyStateV1 {

  @JsonProperty
  @NotNull
  @Valid
-  private List<PreKey> keys;
+  private PreKeyV1 lastResortKey;

-  public List<PreKey> getKeys() {
+  @JsonProperty
+  @NotNull
+  @Valid
+  private List<PreKeyV1> keys;
+
+  public List<PreKeyV1> getKeys() {
    return keys;
  }

-  public PreKey getLastResortKey() {
+  @VisibleForTesting
+  public void setKeys(List<PreKeyV1> keys) {
+    this.keys = keys;
+  }
+
+  public PreKeyV1 getLastResortKey() {
    return lastResortKey;
  }
+
+  @VisibleForTesting
+  public void setLastResortKey(PreKeyV1 lastResortKey) {
+    this.lastResortKey = lastResortKey;
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyStateV2.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyStateV2.java
@@ -0,0 +1,76 @@
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.google.common.annotations.VisibleForTesting;
+
+import org.hibernate.validator.constraints.NotEmpty;
+
+import javax.validation.Valid;
+import javax.validation.constraints.NotNull;
+import java.util.List;
+
+public class PreKeyStateV2 {
+
+  @JsonProperty
+  @NotNull
+  @Valid
+  private List<PreKeyV2> preKeys;
+
+  @JsonProperty
+  @NotNull
+  @Valid
+  private SignedPreKey signedPreKey;
+
+  @JsonProperty
+  @NotNull
+  @Valid
+  private PreKeyV2 lastResortKey;
+
+  @JsonProperty
+  @NotEmpty
+  private String identityKey;
+
+  public PreKeyStateV2() {}
+
+  @VisibleForTesting
+  public PreKeyStateV2(String identityKey, SignedPreKey signedPreKey,
+                       List<PreKeyV2> keys, PreKeyV2 lastResortKey)
+  {
+    this.identityKey   = identityKey;
+    this.signedPreKey  = signedPreKey;
+    this.preKeys       = keys;
+    this.lastResortKey = lastResortKey;
+  }
+
+  public List<PreKeyV2> getPreKeys() {
+    return preKeys;
+  }
+
+  public SignedPreKey getSignedPreKey() {
+    return signedPreKey;
+  }
+
+  public String getIdentityKey() {
+    return identityKey;
+  }
+
+  public PreKeyV2 getLastResortKey() {
+    return lastResortKey;
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyV1.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyV1.java
@@ -1,5 +1,5 @@
 /**
- * Copyright (C) 2013 Open WhisperSystems
+ * Copyright (C) 2014 Open Whisper Systems
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
@@ -17,22 +17,14 @@
 package org.whispersystems.textsecuregcm.entities;


-import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.google.common.annotations.VisibleForTesting;

 import javax.validation.constraints.NotNull;
-import javax.xml.bind.annotation.XmlTransient;
-import java.io.Serializable;

@JsonInclude(JsonInclude.Include.NON_DEFAULT)
-public class PreKey {
-
-  @JsonIgnore
-  private long    id;
-
-  @JsonIgnore
-  private String  number;
+public class PreKeyV1 implements PreKeyBase {

  @JsonProperty
  private long deviceId;
@@ -49,78 +41,43 @@ public class PreKey {
  @NotNull
  private String  identityKey;

-  @JsonProperty
-  private boolean lastResort;
-
  @JsonProperty
  private int registrationId;

-  public PreKey() {}
+  public PreKeyV1() {}

-  public PreKey(long id, String number, long deviceId, long keyId,
-                String publicKey, String identityKey,
-                boolean lastResort)
+  public PreKeyV1(long deviceId, long keyId, String publicKey, String identityKey, int registrationId)
+  {
+    this.deviceId       = deviceId;
+    this.keyId          = keyId;
+    this.publicKey      = publicKey;
+    this.identityKey    = identityKey;
+    this.registrationId = registrationId;
+  }
+
+  @VisibleForTesting
+  public PreKeyV1(long deviceId, long keyId, String publicKey, String identityKey)
  {
-    this.id          = id;
-    this.number      = number;
    this.deviceId    = deviceId;
    this.keyId       = keyId;
    this.publicKey   = publicKey;
    this.identityKey = identityKey;
-    this.lastResort  = lastResort;
-  }
-
-  @XmlTransient
-  public long getId() {
-    return id;
-  }
-
-  public void setId(long id) {
-    this.id = id;
-  }
-
-  @XmlTransient
-  public String getNumber() {
-    return number;
-  }
-
-  public void setNumber(String number) {
-    this.number = number;
  }

+  @Override
  public String getPublicKey() {
    return publicKey;
  }

-  public void setPublicKey(String publicKey) {
-    this.publicKey = publicKey;
-  }
-
+  @Override
  public long getKeyId() {
    return keyId;
  }

-  public void setKeyId(long keyId) {
-    this.keyId = keyId;
-  }
-
  public String getIdentityKey() {
    return identityKey;
  }

-  public void setIdentityKey(String identityKey) {
-    this.identityKey = identityKey;
-  }
-
-  @XmlTransient
-  public boolean isLastResort() {
-    return lastResort;
-  }
-
-  public void setLastResort(boolean lastResort) {
-    this.lastResort = lastResort;
-  }
-
  public void setDeviceId(long deviceId) {
    this.deviceId = deviceId;
  }
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyV2.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/PreKeyV2.java
@@ -0,0 +1,82 @@
+package org.whispersystems.textsecuregcm.entities;
+
+/**
+ * Copyright (C) 2014 Open Whisper Systems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import org.hibernate.validator.constraints.NotEmpty;
+
+import javax.validation.constraints.NotNull;
+
+public class PreKeyV2 implements PreKeyBase {
+
+  @JsonProperty
+  @NotNull
+  private long    keyId;
+
+  @JsonProperty
+  @NotEmpty
+  private String  publicKey;
+
+  public PreKeyV2() {}
+
+  public PreKeyV2(long keyId, String publicKey)
+  {
+    this.keyId     = keyId;
+    this.publicKey = publicKey;
+  }
+
+  @Override
+  public String getPublicKey() {
+    return publicKey;
+  }
+
+  public void setPublicKey(String publicKey) {
+    this.publicKey = publicKey;
+  }
+
+  @Override
+  public long getKeyId() {
+    return keyId;
+  }
+
+  public void setKeyId(long keyId) {
+    this.keyId = keyId;
+  }
+
+  @Override
+  public boolean equals(Object object) {
+    if (object == null || !(object instanceof PreKeyV2)) return false;
+    PreKeyV2 that = (PreKeyV2)object;
+
+    if (publicKey == null) {
+      return this.keyId == that.keyId && that.publicKey == null;
+    } else {
+      return this.keyId == that.keyId && this.publicKey.equals(that.publicKey);
+    }
+  }
+
+  @Override
+  public int hashCode() {
+    if (publicKey == null) {
+      return (int)this.keyId;
+    } else {
+      return ((int)this.keyId) ^ publicKey.hashCode();
+    }
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/entities/SignedPreKey.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/entities/SignedPreKey.java
@@ -0,0 +1,46 @@
+package org.whispersystems.textsecuregcm.entities;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import org.hibernate.validator.constraints.NotEmpty;
+
+import java.io.Serializable;
+
+public class SignedPreKey extends PreKeyV2 {
+
+  @JsonProperty
+  @NotEmpty
+  private String signature;
+
+  public SignedPreKey() {}
+
+  public SignedPreKey(long keyId, String publicKey, String signature) {
+    super(keyId, publicKey);
+    this.signature = signature;
+  }
+
+  public String getSignature() {
+    return signature;
+  }
+
+  @Override
+  public boolean equals(Object object) {
+    if (object == null || !(object instanceof SignedPreKey)) return false;
+    SignedPreKey that = (SignedPreKey) object;
+
+    if (signature == null) {
+      return super.equals(object) && that.signature == null;
+    } else {
+      return super.equals(object) && this.signature.equals(that.signature);
+    }
+  }
+
+  @Override
+  public int hashCode() {
+    if (signature == null) {
+      return super.hashCode();
+    } else {
+      return super.hashCode() ^ signature.hashCode();
+    }
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/federation/FederatedClient.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/federation/FederatedClient.java
@@ -36,7 +36,8 @@ import org.whispersystems.textsecuregcm.entities.AttachmentUri;
 import org.whispersystems.textsecuregcm.entities.ClientContact;
 import org.whispersystems.textsecuregcm.entities.ClientContacts;
 import org.whispersystems.textsecuregcm.entities.IncomingMessageList;
-import org.whispersystems.textsecuregcm.entities.UnstructuredPreKeyList;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV2;
 import org.whispersystems.textsecuregcm.util.Base64;

 import javax.net.ssl.SSLContext;
@@ -62,11 +63,13 @@ public class FederatedClient {

  private final Logger logger = LoggerFactory.getLogger(FederatedClient.class);

-  private static final String USER_COUNT_PATH     = "/v1/federation/user_count";
-  private static final String USER_TOKENS_PATH    = "/v1/federation/user_tokens/%d";
-  private static final String RELAY_MESSAGE_PATH  = "/v1/federation/messages/%s/%d/%s";
-  private static final String PREKEY_PATH_DEVICE  = "/v1/federation/key/%s/%s";
-  private static final String ATTACHMENT_URI_PATH = "/v1/federation/attachment/%d";
+  private static final String USER_COUNT_PATH       = "/v1/federation/user_count";
+  private static final String USER_TOKENS_PATH      = "/v1/federation/user_tokens/%d";
+  private static final String RELAY_MESSAGE_PATH    = "/v1/federation/messages/%s/%d/%s";
+  private static final String PREKEY_PATH_DEVICE_V1 = "/v1/federation/key/%s/%s";
+  private static final String PREKEY_PATH_DEVICE_V2 = "/v2/federation/key/%s/%s";
+  private static final String ATTACHMENT_URI_PATH   = "/v1/federation/attachment/%d";
+  private static final String RECEIPT_PATH          = "/v1/receipt/%s/%d/%s/%d";

  private final FederatedPeer peer;
  private final Client        client;
@@ -107,9 +110,9 @@ public class FederatedClient {
    }
  }

-  public Optional<UnstructuredPreKeyList> getKeys(String destination, String device) {
+  public Optional<PreKeyResponseV1> getKeysV1(String destination, String device) {
    try {
-      WebResource resource = client.resource(peer.getUrl()).path(String.format(PREKEY_PATH_DEVICE, destination, device));
+      WebResource resource = client.resource(peer.getUrl()).path(String.format(PREKEY_PATH_DEVICE_V1, destination, device));

      ClientResponse response = resource.accept(MediaType.APPLICATION_JSON)
                                        .header("Authorization", authorizationHeader)
@@ -119,7 +122,7 @@ public class FederatedClient {
        throw new WebApplicationException(clientResponseToResponse(response));
      }

-      return Optional.of(response.getEntity(UnstructuredPreKeyList.class));
+      return Optional.of(response.getEntity(PreKeyResponseV1.class));

    } catch (UniformInterfaceException | ClientHandlerException e) {
      logger.warn("PreKey", e);
@@ -127,6 +130,27 @@ public class FederatedClient {
    }
  }

+  public Optional<PreKeyResponseV2> getKeysV2(String destination, String device) {
+    try {
+      WebResource resource = client.resource(peer.getUrl()).path(String.format(PREKEY_PATH_DEVICE_V2, destination, device));
+
+      ClientResponse response = resource.accept(MediaType.APPLICATION_JSON)
+                                        .header("Authorization", authorizationHeader)
+                                        .get(ClientResponse.class);
+
+      if (response.getStatus() < 200 || response.getStatus() >= 300) {
+        throw new WebApplicationException(clientResponseToResponse(response));
+      }
+
+      return Optional.of(response.getEntity(PreKeyResponseV2.class));
+
+    } catch (UniformInterfaceException | ClientHandlerException e) {
+      logger.warn("PreKey", e);
+      return Optional.absent();
+    }
+  }
+
+
  public int getUserCount() {
    try {
      WebResource  resource = client.resource(peer.getUrl()).path(USER_COUNT_PATH);
@@ -174,6 +198,25 @@ public class FederatedClient {
    }
  }

+  public void sendDeliveryReceipt(String source, long sourceDeviceId, String destination, long messageId)
+      throws IOException
+  {
+    try {
+      String         path     = String.format(RECEIPT_PATH, source, sourceDeviceId, destination, messageId);
+      WebResource    resource = client.resource(peer.getUrl()).path(path);
+      ClientResponse response = resource.type(MediaType.APPLICATION_JSON)
+                                        .header("Authorization", authorizationHeader)
+                                        .put(ClientResponse.class);
+
+      if (response.getStatus() != 200 && response.getStatus() != 204) {
+        throw new WebApplicationException(clientResponseToResponse(response));
+      }
+    } catch (UniformInterfaceException | ClientHandlerException e) {
+      logger.warn("sendMessage", e);
+      throw new IOException(e);
+    }
+  }
+
  private String getAuthorizationHeader(String federationName, FederatedPeer peer) {
    return "Basic " + Base64.encodeBytes((federationName + ":" + peer.getAuthenticationToken()).getBytes());
  }
--- a/src/main/java/org/whispersystems/textsecuregcm/federation/NonLimitedAccount.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/federation/NonLimitedAccount.java
@@ -40,6 +40,6 @@ public class NonLimitedAccount extends Account {

  @Override
  public Optional<Device> getAuthenticatedDevice() {
-    return Optional.of(new Device(deviceId, null, null, null, null, null, false, 0));
+    return Optional.of(new Device(deviceId, null, null, null, null, null, false, 0, null));
  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiter.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/limits/RateLimiter.java
@@ -16,13 +16,14 @@
 */
 package org.whispersystems.textsecuregcm.limits;

-import com.yammer.metrics.Metrics;
-import com.yammer.metrics.core.Meter;
+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
 import net.spy.memcached.MemcachedClient;
-
 import org.whispersystems.textsecuregcm.controllers.RateLimitExceededException;
+import org.whispersystems.textsecuregcm.util.Constants;

-import java.util.concurrent.TimeUnit;
+import static com.codahale.metrics.MetricRegistry.name;

 public class RateLimiter {

@@ -35,7 +36,9 @@ public class RateLimiter {
  public RateLimiter(MemcachedClient memcachedClient, String name,
                     int bucketSize, double leakRatePerMinute)
  {
-    this.meter             = Metrics.newMeter(RateLimiter.class, name, "exceeded", TimeUnit.MINUTES);
+    MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+
+    this.meter             = metricRegistry.meter(name(getClass(), name, "exceeded"));
    this.memcachedClient   = memcachedClient;
    this.name              = name;
    this.bucketSize        = bucketSize;
--- a/src/main/java/org/whispersystems/textsecuregcm/metrics/CpuUsageGauge.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/metrics/CpuUsageGauge.java
@@ -0,0 +1,16 @@
+package org.whispersystems.textsecuregcm.metrics;
+
+import com.codahale.metrics.Gauge;
+import com.sun.management.OperatingSystemMXBean;
+
+import java.lang.management.ManagementFactory;
+
+public class CpuUsageGauge implements Gauge<Integer> {
+  @Override
+  public Integer getValue() {
+    OperatingSystemMXBean mbean = (com.sun.management.OperatingSystemMXBean)
+        ManagementFactory.getOperatingSystemMXBean();
+
+    return (int) Math.ceil(mbean.getSystemCpuLoad() * 100);
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/metrics/FreeMemoryGauge.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/metrics/FreeMemoryGauge.java
@@ -0,0 +1,17 @@
+package org.whispersystems.textsecuregcm.metrics;
+
+import com.codahale.metrics.Gauge;
+import com.sun.management.OperatingSystemMXBean;
+
+import java.lang.management.ManagementFactory;
+
+public class FreeMemoryGauge implements Gauge<Long> {
+
+  @Override
+  public Long getValue() {
+    OperatingSystemMXBean mbean = (com.sun.management.OperatingSystemMXBean)
+        ManagementFactory.getOperatingSystemMXBean();
+
+    return mbean.getFreePhysicalMemorySize();
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/metrics/JsonMetricsReporter.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/metrics/JsonMetricsReporter.java
@@ -0,0 +1,184 @@
+package org.whispersystems.textsecuregcm.metrics;
+
+import com.codahale.metrics.Counter;
+import com.codahale.metrics.Gauge;
+import com.codahale.metrics.Histogram;
+import com.codahale.metrics.Meter;
+import com.codahale.metrics.Metered;
+import com.codahale.metrics.MetricFilter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.ScheduledReporter;
+import com.codahale.metrics.Snapshot;
+import com.codahale.metrics.Timer;
+import com.fasterxml.jackson.core.JsonEncoding;
+import com.fasterxml.jackson.core.JsonFactory;
+import com.fasterxml.jackson.core.JsonGenerator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.HttpURLConnection;
+import java.net.InetAddress;
+import java.net.URL;
+import java.net.UnknownHostException;
+import java.util.Map;
+import java.util.SortedMap;
+import java.util.concurrent.TimeUnit;
+import java.util.regex.Pattern;
+
+/**
+ * Adapted from MetricsServlet.
+ */
+public class JsonMetricsReporter extends ScheduledReporter {
+
+  private final Logger      logger  = LoggerFactory.getLogger(JsonMetricsReporter.class);
+  private final JsonFactory factory = new JsonFactory();
+
+  private final String table;
+  private final String sunnylabsHost;
+  private final String host;
+
+  public JsonMetricsReporter(MetricRegistry registry, String token, String sunnylabsHost)
+      throws UnknownHostException
+  {
+    super(registry, "jsonmetrics-reporter", MetricFilter.ALL, TimeUnit.SECONDS, TimeUnit.MILLISECONDS);
+    this.table         = token;
+    this.sunnylabsHost = sunnylabsHost;
+    this.host          = InetAddress.getLocalHost().getHostName();
+  }
+
+  @Override
+  public void report(SortedMap<String, Gauge>     stringGaugeSortedMap,
+                     SortedMap<String, Counter>   stringCounterSortedMap,
+                     SortedMap<String, Histogram> stringHistogramSortedMap,
+                     SortedMap<String, Meter>     stringMeterSortedMap,
+                     SortedMap<String, Timer>     stringTimerSortedMap)
+  {
+    try {
+      logger.info("Reporting metrics...");
+      URL url = new URL("https", sunnylabsHost, 443, "/report/metrics?t=" + table + "&h=" + host);
+      HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+
+      connection.setDoOutput(true);
+      connection.addRequestProperty("Content-Type", "application/json");
+
+      OutputStream  outputStream = connection.getOutputStream();
+      JsonGenerator json         = factory.createGenerator(outputStream, JsonEncoding.UTF8);
+
+      json.writeStartObject();
+
+      for (Map.Entry<String, Gauge> gauge : stringGaugeSortedMap.entrySet()) {
+        reportGauge(json, gauge.getKey(), gauge.getValue());
+      }
+
+      for (Map.Entry<String, Counter> counter : stringCounterSortedMap.entrySet()) {
+        reportCounter(json, counter.getKey(), counter.getValue());
+      }
+
+      for (Map.Entry<String, Histogram> histogram : stringHistogramSortedMap.entrySet()) {
+        reportHistogram(json, histogram.getKey(), histogram.getValue());
+      }
+
+      for (Map.Entry<String, Meter> meter : stringMeterSortedMap.entrySet()) {
+        reportMeter(json, meter.getKey(), meter.getValue());
+      }
+
+      for (Map.Entry<String, Timer> timer : stringTimerSortedMap.entrySet()) {
+        reportTimer(json, timer.getKey(), timer.getValue());
+      }
+
+      json.writeEndObject();
+      json.close();
+
+      outputStream.close();
+
+      logger.info("Metrics server response: " + connection.getResponseCode());
+    } catch (IOException e) {
+      logger.warn("Error sending metrics", e);
+    } catch (Exception e) {
+      logger.warn("error", e);
+    }
+  }
+
+  private void reportGauge(JsonGenerator json, String name, Gauge gauge) throws IOException {
+    Object gaugeValue = evaluateGauge(gauge);
+
+    if (gaugeValue instanceof Number) {
+      json.writeFieldName(sanitize(name));
+      json.writeObject(gaugeValue);
+    }
+  }
+
+  private void reportCounter(JsonGenerator json, String name, Counter counter) throws IOException {
+    json.writeFieldName(sanitize(name));
+    json.writeNumber(counter.getCount());
+  }
+
+  private void reportHistogram(JsonGenerator json, String name, Histogram histogram) throws IOException {
+    Snapshot snapshot = histogram.getSnapshot();
+    json.writeFieldName(sanitize(name));
+    json.writeStartObject();
+    json.writeNumberField("count", histogram.getCount());
+    writeSnapshot(json, snapshot);
+    json.writeEndObject();
+  }
+
+  private void reportMeter(JsonGenerator json, String name, Meter meter) throws IOException {
+    json.writeFieldName(sanitize(name));
+    json.writeStartObject();
+    writeMetered(json, meter);
+    json.writeEndObject();
+  }
+
+  private void reportTimer(JsonGenerator json, String name, Timer timer) throws IOException {
+    json.writeFieldName(sanitize(name));
+    json.writeStartObject();
+    json.writeFieldName("rate");
+    json.writeStartObject();
+    writeMetered(json, timer);
+    json.writeEndObject();
+    json.writeFieldName("duration");
+    json.writeStartObject();
+    writeSnapshot(json, timer.getSnapshot());
+    json.writeEndObject();
+    json.writeEndObject();
+  }
+
+  private Object evaluateGauge(Gauge gauge) {
+    try {
+      return gauge.getValue();
+    } catch (RuntimeException e) {
+      logger.warn("Error reading gauge", e);
+      return "error reading gauge";
+    }
+  }
+
+  private void writeSnapshot(JsonGenerator json, Snapshot snapshot) throws IOException {
+    json.writeNumberField("max", convertDuration(snapshot.getMax()));
+    json.writeNumberField("mean", convertDuration(snapshot.getMean()));
+    json.writeNumberField("min", convertDuration(snapshot.getMin()));
+    json.writeNumberField("stddev", convertDuration(snapshot.getStdDev()));
+    json.writeNumberField("median", convertDuration(snapshot.getMedian()));
+    json.writeNumberField("p75", convertDuration(snapshot.get75thPercentile()));
+    json.writeNumberField("p95", convertDuration(snapshot.get95thPercentile()));
+    json.writeNumberField("p98", convertDuration(snapshot.get98thPercentile()));
+    json.writeNumberField("p99", convertDuration(snapshot.get99thPercentile()));
+    json.writeNumberField("p999", convertDuration(snapshot.get999thPercentile()));
+  }
+
+  private void writeMetered(JsonGenerator json, Metered meter) throws IOException {
+    json.writeNumberField("count", convertRate(meter.getCount()));
+    json.writeNumberField("mean", convertRate(meter.getMeanRate()));
+    json.writeNumberField("m1", convertRate(meter.getOneMinuteRate()));
+    json.writeNumberField("m5", convertRate(meter.getFiveMinuteRate()));
+    json.writeNumberField("m15", convertRate(meter.getFifteenMinuteRate()));
+  }
+
+  private static final Pattern SIMPLE_NAMES = Pattern.compile("[^a-zA-Z0-9_.\\-~]");
+
+  private String sanitize(String metricName) {
+    return SIMPLE_NAMES.matcher(metricName).replaceAll("_");
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/metrics/NetworkGauge.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/metrics/NetworkGauge.java
@@ -0,0 +1,36 @@
+package org.whispersystems.textsecuregcm.metrics;
+
+
+import com.codahale.metrics.Gauge;
+import org.whispersystems.textsecuregcm.util.Pair;
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+
+public abstract class NetworkGauge implements Gauge<Long> {
+
+  protected Pair<Long, Long> getSentReceived() throws IOException {
+    File           proc          = new File("/proc/net/dev");
+    BufferedReader reader        = new BufferedReader(new FileReader(proc));
+    String         header        = reader.readLine();
+    String         header2       = reader.readLine();
+
+    long           bytesSent     = 0;
+    long           bytesReceived = 0;
+
+    String interfaceStats;
+
+      while ((interfaceStats = reader.readLine()) != null) {
+        String[] stats = interfaceStats.split("\\s+");
+
+        if (!stats[1].equals("lo:")) {
+          bytesReceived += Long.parseLong(stats[2]);
+          bytesSent     += Long.parseLong(stats[10]);
+        }
+      }
+
+    return new Pair<>(bytesSent, bytesReceived);
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/metrics/NetworkReceivedGauge.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/metrics/NetworkReceivedGauge.java
@@ -0,0 +1,36 @@
+package org.whispersystems.textsecuregcm.metrics;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.util.Pair;
+
+import java.io.IOException;
+
+public class NetworkReceivedGauge extends NetworkGauge {
+
+  private final Logger logger = LoggerFactory.getLogger(NetworkSentGauge.class);
+
+  private long lastTimestamp;
+  private long lastReceived;
+
+  @Override
+  public Long getValue() {
+    try {
+      long             timestamp       = System.currentTimeMillis();
+      Pair<Long, Long> sentAndReceived = getSentReceived();
+      long             result          = 0;
+
+      if (lastTimestamp != 0) {
+        result       = sentAndReceived.second() - lastReceived;
+        lastReceived = sentAndReceived.second();
+      }
+
+      lastTimestamp = timestamp;
+      return result;
+    } catch (IOException e) {
+      logger.warn("NetworkReceivedGauge", e);
+      return -1L;
+    }
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/metrics/NetworkSentGauge.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/metrics/NetworkSentGauge.java
@@ -0,0 +1,35 @@
+package org.whispersystems.textsecuregcm.metrics;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.util.Pair;
+
+import java.io.IOException;
+
+public class NetworkSentGauge extends NetworkGauge {
+
+  private final Logger logger = LoggerFactory.getLogger(NetworkSentGauge.class);
+
+  private long lastTimestamp;
+  private long lastSent;
+
+  @Override
+  public Long getValue() {
+    try {
+      long             timestamp       = System.currentTimeMillis();
+      Pair<Long, Long> sentAndReceived = getSentReceived();
+      long             result          = 0;
+
+      if (lastTimestamp != 0) {
+        result        = sentAndReceived.first() - lastSent;
+        lastSent      = sentAndReceived.first();
+      }
+
+      lastTimestamp = timestamp;
+      return result;
+    } catch (IOException e) {
+      logger.warn("NetworkSentGauge", e);
+      return -1L;
+    }
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/providers/MemcacheHealthCheck.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/providers/MemcacheHealthCheck.java
@@ -16,8 +16,7 @@
 */
 package org.whispersystems.textsecuregcm.providers;

-import com.yammer.metrics.core.HealthCheck;
-import com.yammer.metrics.core.HealthCheck.Result;
+import com.codahale.metrics.health.HealthCheck;
 import net.spy.memcached.MemcachedClient;

 import java.security.SecureRandom;
@@ -27,7 +26,6 @@ public class MemcacheHealthCheck extends HealthCheck {
  private final MemcachedClient client;

  public MemcacheHealthCheck(MemcachedClient client) {
-    super("memcached");
    this.client = client;
  }

@@ -47,6 +45,8 @@ public class MemcacheHealthCheck extends HealthCheck {
      return Result.unhealthy("Fetch failed");
    }

+    this.client.delete("HEALTH" + random);
+
    return Result.healthy();
  }

--- a/src/main/java/org/whispersystems/textsecuregcm/providers/RedisHealthCheck.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/providers/RedisHealthCheck.java
@@ -16,7 +16,7 @@
 */
 package org.whispersystems.textsecuregcm.providers;

-import com.yammer.metrics.core.HealthCheck;
+import com.codahale.metrics.health.HealthCheck;

 import redis.clients.jedis.Jedis;
 import redis.clients.jedis.JedisPool;
@@ -26,7 +26,6 @@ public class RedisHealthCheck extends HealthCheck {
  private final JedisPool clientPool;

  public RedisHealthCheck(JedisPool clientPool) {
-    super("redis");
    this.clientPool = clientPool;
  }

--- a/src/main/java/org/whispersystems/textsecuregcm/push/APNSender.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/push/APNSender.java
@@ -16,18 +16,29 @@
 */
 package org.whispersystems.textsecuregcm.push;

+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.base.Optional;
 import com.notnoop.apns.APNS;
 import com.notnoop.apns.ApnsService;
 import com.notnoop.exceptions.NetworkIOException;
-import com.yammer.metrics.Metrics;
-import com.yammer.metrics.core.Meter;
+import net.spy.memcached.MemcachedClient;
 import org.bouncycastle.openssl.PEMReader;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.whispersystems.textsecuregcm.entities.CryptoEncodingException;
-import org.whispersystems.textsecuregcm.entities.EncryptedOutgoingMessage;
+import org.whispersystems.textsecuregcm.entities.PendingMessage;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.PubSubManager;
+import org.whispersystems.textsecuregcm.storage.PubSubMessage;
+import org.whispersystems.textsecuregcm.storage.StoredMessages;
+import org.whispersystems.textsecuregcm.util.Constants;
+import org.whispersystems.textsecuregcm.util.SystemMapper;
 import org.whispersystems.textsecuregcm.util.Util;
+import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;

 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
@@ -40,56 +51,102 @@ import java.security.NoSuchAlgorithmException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.Map;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.TimeUnit;

-public class APNSender {
+import static com.codahale.metrics.MetricRegistry.name;
+import io.dropwizard.lifecycle.Managed;

-  private final Meter  success = Metrics.newMeter(APNSender.class, "sent", "success", TimeUnit.MINUTES);
-  private final Meter  failure = Metrics.newMeter(APNSender.class, "sent", "failure", TimeUnit.MINUTES);
-  private final Logger logger  = LoggerFactory.getLogger(APNSender.class);
+public class APNSender implements Managed {
+
+  private final MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+  private final Meter          websocketMeter = metricRegistry.meter(name(getClass(), "websocket"));
+  private final Meter          pushMeter      = metricRegistry.meter(name(getClass(), "push"));
+  private final Meter          failureMeter   = metricRegistry.meter(name(getClass(), "failure"));
+  private final Logger         logger         = LoggerFactory.getLogger(APNSender.class);

  private static final String MESSAGE_BODY = "m";

-  private final Optional<ApnsService> apnService;
+  private static final ObjectMapper mapper = SystemMapper.getMapper();

-  public APNSender(String apnCertificate, String apnKey)
-      throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException
+  private final ScheduledExecutorService executor = Executors.newSingleThreadScheduledExecutor();
+
+  private final AccountsManager accounts;
+  private final PubSubManager   pubSubManager;
+  private final StoredMessages  storedMessages;
+  private final MemcachedClient memcachedClient;
+
+  private final String apnCertificate;
+  private final String apnKey;
+
+  private Optional<ApnsService> apnService;
+
+  public APNSender(AccountsManager accounts,
+                   PubSubManager pubSubManager,
+                   StoredMessages storedMessages,
+                   MemcachedClient memcachedClient,
+                   String apnCertificate, String apnKey)
  {
-    if (!Util.isEmpty(apnCertificate) && !Util.isEmpty(apnKey)) {
-      byte[] keyStore = initializeKeyStore(apnCertificate, apnKey);
-      this.apnService = Optional.of(APNS.newService()
-                                        .withCert(new ByteArrayInputStream(keyStore), "insecure")
-                                        .withSandboxDestination().build());
-    } else {
-      this.apnService = Optional.absent();
+    this.accounts        = accounts;
+    this.pubSubManager   = pubSubManager;
+    this.storedMessages  = storedMessages;
+    this.apnCertificate  = apnCertificate;
+    this.apnKey          = apnKey;
+    this.memcachedClient = memcachedClient;
+  }
+
+  public void sendMessage(Account account, Device device,
+                          String registrationId, PendingMessage message)
+      throws TransientPushFailureException
+  {
+    try {
+      String           serializedPendingMessage = mapper.writeValueAsString(message);
+      WebsocketAddress websocketAddress         = new WebsocketAddress(account.getNumber(), device.getId());
+
+      if (pubSubManager.publish(websocketAddress, new PubSubMessage(PubSubMessage.TYPE_DELIVER,
+                                                                    serializedPendingMessage)))
+      {
+        websocketMeter.mark();
+      } else {
+        memcacheSet(registrationId, account.getNumber());
+        storedMessages.insert(websocketAddress, message);
+
+        if (!message.isReceipt()) {
+          sendPush(registrationId, serializedPendingMessage);
+        }
+      }
+    } catch (IOException e) {
+      throw new TransientPushFailureException(e);
    }
  }

-  public void sendMessage(String registrationId, EncryptedOutgoingMessage message)
-      throws TransientPushFailureException, NotPushRegisteredException
+  private void sendPush(String registrationId, String message)
+      throws TransientPushFailureException
  {
    try {
      if (!apnService.isPresent()) {
-        failure.mark();
+        failureMeter.mark();
        throw new TransientPushFailureException("APN access not configured!");
      }

      String payload = APNS.newPayload()
                           .alertBody("Message!")
-                           .customField(MESSAGE_BODY, message.serialize())
+                           .customField(MESSAGE_BODY, message)
                           .build();

      logger.debug("APN Payload: " + payload);

      apnService.get().push(registrationId, payload);
-      success.mark();
+      pushMeter.mark();
    } catch (NetworkIOException nioe) {
      logger.warn("Network Error", nioe);
-      failure.mark();
+      failureMeter.mark();
      throw new TransientPushFailureException(nioe);
-    } catch (CryptoEncodingException e) {
-      throw new NotPushRegisteredException(e);
    }
+
  }

  private static byte[] initializeKeyStore(String pemCertificate, String pemKey)
@@ -99,7 +156,7 @@ public class APNSender {
    X509Certificate certificate      = (X509Certificate) reader.readObject();
    Certificate[]   certificateChain = {certificate};

-    reader            = new PEMReader(new InputStreamReader(new ByteArrayInputStream(pemKey.getBytes())));
+    reader = new PEMReader(new InputStreamReader(new ByteArrayInputStream(pemKey.getBytes())));
    KeyPair keyPair = (KeyPair) reader.readObject();

    KeyStore keyStore = KeyStore.getInstance("pkcs12");
@@ -113,4 +170,79 @@ public class APNSender {

    return baos.toByteArray();
  }
+
+  @Override
+  public void start() throws Exception {
+    if (!Util.isEmpty(apnCertificate) && !Util.isEmpty(apnKey)) {
+      byte[] keyStore = initializeKeyStore(apnCertificate, apnKey);
+
+      this.apnService = Optional.of(APNS.newService()
+                                        .withCert(new ByteArrayInputStream(keyStore), "insecure")
+                                        .asQueued()
+                                        .withSandboxDestination().build());
+
+      this.executor.scheduleAtFixedRate(new FeedbackRunnable(), 0, 1, TimeUnit.HOURS);
+    } else {
+      this.apnService = Optional.absent();
+    }
+  }
+
+  @Override
+  public void stop() throws Exception {
+    if (apnService.isPresent()) {
+      apnService.get().stop();
+    }
+  }
+
+  private void memcacheSet(String registrationId, String number) {
+    if (memcachedClient != null) {
+      memcachedClient.set("APN-" + registrationId, 60 * 60 * 24, number);
+    }
+  }
+
+  private Optional<String> memcacheGet(String registrationId) {
+    if (memcachedClient != null) {
+      return Optional.fromNullable((String)memcachedClient.get("APN-" + registrationId));
+    } else {
+      return Optional.absent();
+    }
+  }
+
+  private class FeedbackRunnable implements Runnable {
+    private void updateAccount(Account account, String registrationId) {
+      boolean needsUpdate = false;
+
+      for (Device device : account.getDevices()) {
+        if (registrationId.equals(device.getApnId())) {
+          needsUpdate = true;
+          device.setApnId(null);
+        }
+      }
+
+      if (needsUpdate) {
+        accounts.update(account);
+      }
+    }
+
+    @Override
+    public void run() {
+      if (apnService.isPresent()) {
+        Map<String, Date> inactiveDevices = apnService.get().getInactiveDevices();
+
+        for (String registrationId : inactiveDevices.keySet()) {
+          Optional<String> number = memcacheGet(registrationId);
+
+          if (number.isPresent()) {
+            Optional<Account> account = accounts.get(number.get());
+
+            if (account.isPresent()) {
+              updateAccount(account.get(), registrationId);
+            }
+          } else {
+            logger.warn("APN unregister event received for uncached ID: " + registrationId);
+          }
+        }
+      }
+    }
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/push/GCMSender.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/push/GCMSender.java
@@ -1,69 +1,424 @@
-/**
- * Copyright (C) 2013 Open WhisperSystems
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
 package org.whispersystems.textsecuregcm.push;

-import com.google.android.gcm.server.Constants;
-import com.google.android.gcm.server.Message;
-import com.google.android.gcm.server.Result;
-import com.google.android.gcm.server.Sender;
-import com.yammer.metrics.Metrics;
-import com.yammer.metrics.core.Meter;
-import org.whispersystems.textsecuregcm.entities.CryptoEncodingException;
-import org.whispersystems.textsecuregcm.entities.EncryptedOutgoingMessage;
+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
+import com.google.common.base.Optional;
+import org.jivesoftware.smack.ConnectionConfiguration;
+import org.jivesoftware.smack.ConnectionListener;
+import org.jivesoftware.smack.PacketListener;
+import org.jivesoftware.smack.SmackException;
+import org.jivesoftware.smack.XMPPConnection;
+import org.jivesoftware.smack.XMPPException;
+import org.jivesoftware.smack.filter.PacketTypeFilter;
+import org.jivesoftware.smack.packet.DefaultPacketExtension;
+import org.jivesoftware.smack.packet.Message;
+import org.jivesoftware.smack.packet.Packet;
+import org.jivesoftware.smack.packet.PacketExtension;
+import org.jivesoftware.smack.provider.PacketExtensionProvider;
+import org.jivesoftware.smack.provider.ProviderManager;
+import org.jivesoftware.smack.tcp.XMPPTCPConnection;
+import org.jivesoftware.smack.util.StringUtils;
+import org.json.simple.JSONObject;
+import org.json.simple.JSONValue;
+import org.json.simple.parser.ParseException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.entities.PendingMessage;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.util.Util;
+import org.xmlpull.v1.XmlPullParser;

+import javax.net.ssl.SSLSocketFactory;
 import java.io.IOException;
-import java.util.concurrent.TimeUnit;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.UUID;
+import java.util.concurrent.ConcurrentHashMap;

-public class GCMSender {
+import static com.codahale.metrics.MetricRegistry.name;
+import io.dropwizard.lifecycle.Managed;

-  private final Meter success = Metrics.newMeter(GCMSender.class, "sent", "success", TimeUnit.MINUTES);
-  private final Meter failure = Metrics.newMeter(GCMSender.class, "sent", "failure", TimeUnit.MINUTES);
+public class GCMSender implements Managed, PacketListener {

-  private final Sender sender;
+  private final Logger logger = LoggerFactory.getLogger(GCMSender.class);

-  public GCMSender(String apiKey) {
-    this.sender = new Sender(apiKey);
+  private final MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(org.whispersystems.textsecuregcm.util.Constants.METRICS_NAME);
+  private final Meter          success        = metricRegistry.meter(name(getClass(), "sent", "success"));
+  private final Meter          failure        = metricRegistry.meter(name(getClass(), "sent", "failure"));
+  private final Meter          unregistered   = metricRegistry.meter(name(getClass(), "sent", "unregistered"));
+
+  private static final String GCM_SERVER       = "gcm.googleapis.com";
+  private static final int    GCM_PORT         = 5235;
+
+  private static final String GCM_ELEMENT_NAME = "gcm";
+  private static final String GCM_NAMESPACE    = "google:mobile:data";
+
+  private final Map<String, UnacknowledgedMessage> pendingMessages = new ConcurrentHashMap<>();
+
+  private final long            senderId;
+  private final String          apiKey;
+  private final AccountsManager accounts;
+
+  private XMPPTCPConnection connection;
+
+  public GCMSender(AccountsManager accounts, long senderId, String apiKey) {
+    this.accounts  = accounts;
+    this.senderId  = senderId;
+    this.apiKey    = apiKey;
+
+    ProviderManager.addExtensionProvider(GCM_ELEMENT_NAME, GCM_NAMESPACE,
+                                         new GcmPacketExtensionProvider());
  }

-  public String sendMessage(String gcmRegistrationId, EncryptedOutgoingMessage outgoingMessage)
-      throws NotPushRegisteredException, TransientPushFailureException
+  public void sendMessage(String destinationNumber, long destinationDeviceId,
+                          String registrationId, PendingMessage message)
  {
+    String                messageId             = "m-" + UUID.randomUUID().toString();
+    UnacknowledgedMessage unacknowledgedMessage = new UnacknowledgedMessage(destinationNumber,
+                                                                            destinationDeviceId,
+                                                                            registrationId, message);
+
+    sendMessage(messageId, unacknowledgedMessage);
+  }
+
+  public void sendMessage(String messageId, UnacknowledgedMessage message) {
    try {
-      Message gcmMessage = new Message.Builder().addData("type", "message")
-                                                .addData("message", outgoingMessage.serialize())
-                                                .build();
+      boolean isReceipt = message.getPendingMessage().isReceipt();

-      Result  result = sender.send(gcmMessage, gcmRegistrationId, 5);
+      Map<String, String> dataObject = new HashMap<>();
+      dataObject.put("type", "message");
+      dataObject.put(isReceipt ? "receipt" : "message", message.getPendingMessage().getEncryptedOutgoingMessage());

-      if (result.getMessageId() != null) {
-        success.mark();
-        return result.getCanonicalRegistrationId();
-      } else {
-        failure.mark();
-        if (result.getErrorCodeName().equals(Constants.ERROR_NOT_REGISTERED)) {
-          throw new NotPushRegisteredException("Device no longer registered with GCM.");
-        } else {
-          throw new TransientPushFailureException("GCM Failed: " + result.getErrorCodeName());
-        }
+      Map<String, Object> messageObject = new HashMap<>();
+      messageObject.put("to", message.getRegistrationId());
+      messageObject.put("message_id", messageId);
+      messageObject.put("data", dataObject);
+
+      String json = JSONObject.toJSONString(messageObject);
+
+      pendingMessages.put(messageId, message);
+      connection.sendPacket(new GcmPacketExtension(json).toPacket());
+    } catch (SmackException.NotConnectedException e) {
+      logger.warn("GCMClient", "No connection", e);
+    }
+  }
+
+  @Override
+  public void start() throws Exception {
+    this.connection = connect(senderId, apiKey);
+  }
+
+  @Override
+  public void stop() throws Exception {
+    this.connection.disconnect();
+  }
+
+  @Override
+  public void processPacket(Packet packet) throws SmackException.NotConnectedException {
+    Message            incomingMessage = (Message) packet;
+    GcmPacketExtension gcmPacket       = (GcmPacketExtension) incomingMessage.getExtension(GCM_NAMESPACE);
+    String             json            = gcmPacket.getJson();
+
+    try {
+      Map<String, Object> jsonObject  = (Map<String, Object>) JSONValue.parseWithException(json);
+      Object              messageType = jsonObject.get("message_type");
+
+      if (messageType == null) {
+        handleUpstreamMessage(jsonObject);
+        return;
      }
-    } catch (IOException e) {
-      throw new TransientPushFailureException(e);
-    } catch (CryptoEncodingException e) {
-      throw new NotPushRegisteredException(e);
+
+      switch (messageType.toString()) {
+        case "ack"     : handleAckReceipt(jsonObject);      break;
+        case "nack"    : handleNackReceipt(jsonObject);     break;
+        case "receipt" : handleDeliveryReceipt(jsonObject); break;
+        case "control" : handleControlMessage(jsonObject);  break;
+        default:
+          logger.warn("Received unknown GCM message: " + messageType.toString());
+      }
+
+    } catch (ParseException e) {
+      logger.warn("GCMClient", "Received unparsable message", e);
+    } catch (Exception e) {
+      logger.warn("GCMClient", "Failed to process packet", e);
+    }
+  }
+
+  private void handleControlMessage(Map<String, Object> message) {
+    String controlType = (String) message.get("control_type");
+
+    if ("CONNECTION_DRAINING".equals(controlType)) {
+      logger.warn("GCM Connection is draining! Initiating reconnect...");
+      reconnect();
+    } else {
+      logger.warn("Received unknown GCM control message: " + controlType);
+    }
+  }
+
+  private void handleDeliveryReceipt(Map<String, Object> message) {
+    logger.warn("Got delivery receipt!");
+  }
+
+  private void handleNackReceipt(Map<String, Object> message) {
+    String messageId = (String) message.get("message_id");
+    String errorCode = (String) message.get("error");
+
+    if (errorCode == null) {
+      logger.warn("Null GCM error code!");
+      if (messageId != null) {
+        pendingMessages.remove(messageId);
+      }
+
+      return;
+    }
+
+    switch (errorCode) {
+      case "BAD_REGISTRATION"      : handleBadRegistration(message); break;
+      case "DEVICE_UNREGISTERED"   : handleBadRegistration(message); break;
+      case "INTERNAL_SERVER_ERROR" : handleServerFailure(message);   break;
+      case "INVALID_JSON"          : handleClientFailure(message);   break;
+      case "QUOTA_EXCEEDED"        : handleClientFailure(message);   break;
+      case "SERVICE_UNAVAILABLE"   : handleServerFailure(message);   break;
+    }
+  }
+
+  private void handleAckReceipt(Map<String, Object> message) {
+    success.mark();
+
+    String messageId = (String) message.get("message_id");
+
+    if (messageId != null) {
+      pendingMessages.remove(messageId);
+    }
+  }
+
+  private void handleUpstreamMessage(Map<String, Object> message)
+      throws SmackException.NotConnectedException
+  {
+    logger.warn("Got upstream message from GCM Server!");
+
+    for (String key : message.keySet()) {
+      logger.warn(key + " : " + message.get(key));
+    }
+
+    Map<String, Object> ack = new HashMap<>();
+    message.put("message_type", "ack");
+    message.put("to", message.get("from"));
+    message.put("message_id", message.get("message_id"));
+
+    String json = JSONValue.toJSONString(ack);
+
+    Packet request = new GcmPacketExtension(json).toPacket();
+    connection.sendPacket(request);
+  }
+
+  private void handleBadRegistration(Map<String, Object> message) {
+    unregistered.mark();
+
+    String messageId = (String) message.get("message_id");
+
+    if (messageId != null) {
+      UnacknowledgedMessage unacknowledgedMessage = pendingMessages.remove(messageId);
+
+      if (unacknowledgedMessage != null) {
+        Optional<Account> account = accounts.get(unacknowledgedMessage.getDestinationNumber());
+
+        if (account.isPresent()) {
+          Optional<Device> device = account.get().getDevice(unacknowledgedMessage.getDestinationDeviceId());
+
+          if (device.isPresent()) {
+            device.get().setGcmId(null);
+            accounts.update(account.get());
+          }
+        }
+
+      }
+    }
+  }
+
+  private void handleServerFailure(Map<String, Object> message) {
+    failure.mark();
+
+    String messageId = (String)message.get("message_id");
+
+    if (messageId != null) {
+      UnacknowledgedMessage unacknowledgedMessage = pendingMessages.remove(messageId);
+
+      if (unacknowledgedMessage != null) {
+        sendMessage(messageId, unacknowledgedMessage);
+      }
+    }
+  }
+
+  private void handleClientFailure(Map<String, Object> message) {
+    failure.mark();
+
+    logger.warn("Unrecoverable error: " + message.get("error"));
+    String messageId = (String)message.get("message_id");
+
+    if (messageId != null) {
+      pendingMessages.remove(messageId);
+    }
+  }
+
+  private void reconnect() {
+    try {
+      this.connection.disconnect();
+    } catch (SmackException.NotConnectedException e) {
+      logger.warn("GCMClient", "Disconnect attempt", e);
+    }
+
+    while (true) {
+      try {
+        this.connection = connect(senderId, apiKey);
+        return;
+      } catch (XMPPException | IOException | SmackException e) {
+        logger.warn("GCMClient", "Reconnecting", e);
+        Util.sleep(1000);
+      }
+    }
+  }
+
+  private XMPPTCPConnection connect(long senderId, String apiKey)
+      throws XMPPException, IOException, SmackException
+  {
+    ConnectionConfiguration config = new ConnectionConfiguration(GCM_SERVER, GCM_PORT);
+    config.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);
+    config.setReconnectionAllowed(true);
+    config.setRosterLoadedAtLogin(false);
+    config.setSendPresence(false);
+    config.setSocketFactory(SSLSocketFactory.getDefault());
+
+    XMPPTCPConnection connection = new XMPPTCPConnection(config);
+    connection.connect();
+
+    connection.addConnectionListener(new LoggingConnectionListener());
+    connection.addPacketListener(this, new PacketTypeFilter(Message.class));
+
+    connection.login(senderId + "@gcm.googleapis.com", apiKey);
+
+    return connection;
+  }
+
+  private static class GcmPacketExtensionProvider implements PacketExtensionProvider {
+    @Override
+    public PacketExtension parseExtension(XmlPullParser xmlPullParser) throws Exception {
+      String json = xmlPullParser.nextText();
+      return new GcmPacketExtension(json);
+    }
+  }
+
+  private static final class GcmPacketExtension extends DefaultPacketExtension {
+
+    private final String json;
+
+    public GcmPacketExtension(String json) {
+      super(GCM_ELEMENT_NAME, GCM_NAMESPACE);
+      this.json = json;
+    }
+
+    public String getJson() {
+      return json;
+    }
+
+    @Override
+    public String toXML() {
+      return String.format("<%s xmlns=\"%s\">%s</%s>", GCM_ELEMENT_NAME, GCM_NAMESPACE,
+                           StringUtils.escapeForXML(json), GCM_ELEMENT_NAME);
+    }
+
+    public Packet toPacket() {
+      Message message = new Message();
+      message.addExtension(this);
+      return message;
+    }
+  }
+
+  private class LoggingConnectionListener implements ConnectionListener {
+
+    @Override
+    public void connected(XMPPConnection xmppConnection) {
+      logger.warn("GCM XMPP Connected.");
+    }
+
+    @Override
+    public void authenticated(XMPPConnection xmppConnection) {
+      logger.warn("GCM XMPP Authenticated.");
+    }
+
+    @Override
+    public void reconnectionSuccessful() {
+      logger.warn("GCM XMPP Reconnecting..");
+      Iterator<Map.Entry<String, UnacknowledgedMessage>> iterator =
+          pendingMessages.entrySet().iterator();
+
+      while (iterator.hasNext()) {
+        Map.Entry<String, UnacknowledgedMessage> entry = iterator.next();
+        iterator.remove();
+
+        sendMessage(entry.getKey(), entry.getValue());
+      }
+    }
+
+    @Override
+    public void reconnectionFailed(Exception e) {
+      logger.warn("GCM XMPP Reconnection failed!", e);
+      reconnect();
+    }
+
+    @Override
+    public void reconnectingIn(int seconds) {
+      logger.warn(String.format("GCM XMPP Reconnecting in %d secs", seconds));
+    }
+
+    @Override
+    public void connectionClosedOnError(Exception e) {
+      logger.warn("GCM XMPP Connection closed on error.");
+    }
+
+    @Override
+    public void connectionClosed() {
+      logger.warn("GCM XMPP Connection closed.");
+      reconnect();
+    }
+  }
+
+  private static class UnacknowledgedMessage {
+    private final String         destinationNumber;
+    private final long           destinationDeviceId;
+
+    private final String         registrationId;
+    private final PendingMessage pendingMessage;
+
+    private UnacknowledgedMessage(String destinationNumber,
+                                  long destinationDeviceId,
+                                  String registrationId,
+                                  PendingMessage pendingMessage)
+    {
+      this.destinationNumber   = destinationNumber;
+      this.destinationDeviceId = destinationDeviceId;
+      this.registrationId      = registrationId;
+      this.pendingMessage      = pendingMessage;
+    }
+
+    private String getRegistrationId() {
+      return registrationId;
+    }
+
+    private PendingMessage getPendingMessage() {
+      return pendingMessage;
+    }
+
+    public String getDestinationNumber() {
+      return destinationNumber;
+    }
+
+    public long getDestinationDeviceId() {
+      return destinationDeviceId;
    }
  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/push/PushSender.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/push/PushSender.java
@@ -18,92 +18,75 @@ package org.whispersystems.textsecuregcm.push;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.whispersystems.textsecuregcm.configuration.ApnConfiguration;
-import org.whispersystems.textsecuregcm.configuration.GcmConfiguration;
 import org.whispersystems.textsecuregcm.entities.CryptoEncodingException;
 import org.whispersystems.textsecuregcm.entities.EncryptedOutgoingMessage;
 import org.whispersystems.textsecuregcm.entities.MessageProtos;
+import org.whispersystems.textsecuregcm.entities.PendingMessage;
 import org.whispersystems.textsecuregcm.storage.Account;
-import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.Device;
-import org.whispersystems.textsecuregcm.storage.StoredMessageManager;

-import java.io.IOException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
+import static org.whispersystems.textsecuregcm.entities.MessageProtos.OutgoingMessageSignal;

 public class PushSender {

  private final Logger logger = LoggerFactory.getLogger(PushSender.class);

-  private final AccountsManager      accounts;
-  private final GCMSender            gcmSender;
-  private final APNSender            apnSender;
-  private final StoredMessageManager storedMessageManager;
+  private final GCMSender       gcmSender;
+  private final APNSender       apnSender;
+  private final WebsocketSender webSocketSender;

-  public PushSender(GcmConfiguration gcmConfiguration,
-                    ApnConfiguration apnConfiguration,
-                    StoredMessageManager storedMessageManager,
-                    AccountsManager accounts)
-      throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException
+  public PushSender(GCMSender gcmClient,
+                    APNSender apnSender,
+                    WebsocketSender websocketSender)
  {
-    this.accounts             = accounts;
-    this.storedMessageManager = storedMessageManager;
-    this.gcmSender            = new GCMSender(gcmConfiguration.getApiKey());
-    this.apnSender            = new APNSender(apnConfiguration.getCertificate(), apnConfiguration.getKey());
+    this.gcmSender       = gcmClient;
+    this.apnSender       = apnSender;
+    this.webSocketSender = websocketSender;
  }

-  public void sendMessage(Account account, Device device, MessageProtos.OutgoingMessageSignal outgoingMessage)
-      throws NotPushRegisteredException, TransientPushFailureException
-  {
-    String                   signalingKey = device.getSignalingKey();
-    EncryptedOutgoingMessage message      = new EncryptedOutgoingMessage(outgoingMessage, signalingKey);
-
-    if      (device.getGcmId() != null)   sendGcmMessage(account, device, message);
-    else if (device.getApnId() != null)   sendApnMessage(account, device, message);
-    else if (device.getFetchesMessages()) storeFetchedMessage(account, device, message);
-    else                                  throw new NotPushRegisteredException("No delivery possible!");
-  }
-
-  private void sendGcmMessage(Account account, Device device, EncryptedOutgoingMessage outgoingMessage)
+  public void sendMessage(Account account, Device device, OutgoingMessageSignal message)
      throws NotPushRegisteredException, TransientPushFailureException
  {
    try {
-      String canonicalId = gcmSender.sendMessage(device.getGcmId(), outgoingMessage);
+      boolean                  isReceipt        = message.getType() == OutgoingMessageSignal.Type.RECEIPT_VALUE;
+      String                   signalingKey     = device.getSignalingKey();
+      EncryptedOutgoingMessage encryptedMessage = new EncryptedOutgoingMessage(message, signalingKey);
+      PendingMessage           pendingMessage   = new PendingMessage(message.getSource(),
+                                                                     message.getTimestamp(),
+                                                                     isReceipt,
+                                                                     encryptedMessage.serialize());

-      if (canonicalId != null) {
-        device.setGcmId(canonicalId);
-        accounts.update(account);
-      }
-
-    } catch (NotPushRegisteredException e) {
-      logger.debug("No Such User", e);
-      device.setGcmId(null);
-      accounts.update(account);
-      throw new NotPushRegisteredException(e);
-    }
-  }
-
-  private void sendApnMessage(Account account, Device device, EncryptedOutgoingMessage outgoingMessage)
-      throws TransientPushFailureException, NotPushRegisteredException
-  {
-    try {
-      apnSender.sendMessage(device.getApnId(), outgoingMessage);
-    } catch (NotPushRegisteredException e) {
-      device.setApnId(null);
-      accounts.update(account);
-      throw new NotPushRegisteredException(e);
-    }
-  }
-
-  private void storeFetchedMessage(Account account, Device device, EncryptedOutgoingMessage outgoingMessage)
-      throws NotPushRegisteredException
-  {
-    try {
-      storedMessageManager.storeMessage(account, device, outgoingMessage);
+      sendMessage(account, device, pendingMessage);
    } catch (CryptoEncodingException e) {
      throw new NotPushRegisteredException(e);
    }
  }
+
+  public void sendMessage(Account account, Device device, PendingMessage pendingMessage)
+      throws NotPushRegisteredException, TransientPushFailureException
+  {
+    if      (device.getGcmId() != null)   sendGcmMessage(account, device, pendingMessage);
+    else if (device.getApnId() != null)   sendApnMessage(account, device, pendingMessage);
+    else if (device.getFetchesMessages()) sendWebSocketMessage(account, device, pendingMessage);
+    else                                  throw new NotPushRegisteredException("No delivery possible!");
+  }
+
+  private void sendGcmMessage(Account account, Device device, PendingMessage pendingMessage) {
+    String number         = account.getNumber();
+    long   deviceId       = device.getId();
+    String registrationId = device.getGcmId();
+
+    gcmSender.sendMessage(number, deviceId, registrationId, pendingMessage);
+  }
+
+  private void sendApnMessage(Account account, Device device, PendingMessage outgoingMessage)
+      throws TransientPushFailureException
+  {
+    apnSender.sendMessage(account, device, device.getApnId(), outgoingMessage);
+  }
+
+  private void sendWebSocketMessage(Account account, Device device, PendingMessage outgoingMessage)
+  {
+    webSocketSender.sendMessage(account, device, outgoingMessage);
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/push/WebsocketSender.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/push/WebsocketSender.java
@@ -0,0 +1,74 @@
+/**
+ * Copyright (C) 2014 Open WhisperSystems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.push;
+
+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.controllers.WebsocketController;
+import org.whispersystems.textsecuregcm.entities.PendingMessage;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.PubSubManager;
+import org.whispersystems.textsecuregcm.storage.PubSubMessage;
+import org.whispersystems.textsecuregcm.storage.StoredMessages;
+import org.whispersystems.textsecuregcm.util.Constants;
+import org.whispersystems.textsecuregcm.util.SystemMapper;
+import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;
+
+import static com.codahale.metrics.MetricRegistry.name;
+
+public class WebsocketSender {
+
+  private static final Logger logger = LoggerFactory.getLogger(WebsocketController.class);
+
+  private final MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+  private final Meter          onlineMeter    = metricRegistry.meter(name(getClass(), "online"));
+  private final Meter          offlineMeter   = metricRegistry.meter(name(getClass(), "offline"));
+
+  private static final ObjectMapper mapper = SystemMapper.getMapper();
+
+  private final StoredMessages storedMessages;
+  private final PubSubManager  pubSubManager;
+
+  public WebsocketSender(StoredMessages storedMessages, PubSubManager pubSubManager) {
+    this.storedMessages = storedMessages;
+    this.pubSubManager  = pubSubManager;
+  }
+
+  public void sendMessage(Account account, Device device, PendingMessage pendingMessage) {
+    try {
+      String           serialized    = mapper.writeValueAsString(pendingMessage);
+      WebsocketAddress address       = new WebsocketAddress(account.getNumber(), device.getId());
+      PubSubMessage    pubSubMessage = new PubSubMessage(PubSubMessage.TYPE_DELIVER, serialized);
+
+      if (pubSubManager.publish(address, pubSubMessage)) {
+        onlineMeter.mark();
+      } else {
+        offlineMeter.mark();
+        storedMessages.insert(address, pendingMessage);
+        pubSubManager.publish(address, new PubSubMessage(PubSubMessage.TYPE_QUERY_DB, null));
+      }
+    } catch (JsonProcessingException e) {
+      logger.warn("WebsocketSender", "Unable to serialize json", e);
+    }
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/sms/NexmoSmsSender.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/sms/NexmoSmsSender.java
@@ -16,11 +16,13 @@
 */
 package org.whispersystems.textsecuregcm.sms;

-import com.yammer.metrics.Metrics;
-import com.yammer.metrics.core.Meter;
+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.configuration.NexmoConfiguration;
+import org.whispersystems.textsecuregcm.util.Constants;

 import java.io.BufferedReader;
 import java.io.IOException;
@@ -28,13 +30,15 @@ import java.io.InputStreamReader;
 import java.net.URL;
 import java.net.URLConnection;
 import java.net.URLEncoder;
-import java.util.concurrent.TimeUnit;
+
+import static com.codahale.metrics.MetricRegistry.name;

 public class NexmoSmsSender {

-  private final Meter  smsMeter = Metrics.newMeter(NexmoSmsSender.class, "sms", "delivered", TimeUnit.MINUTES);
-  private final Meter  voxMeter = Metrics.newMeter(NexmoSmsSender.class, "vox", "delivered", TimeUnit.MINUTES);
-  private final Logger logger   = LoggerFactory.getLogger(NexmoSmsSender.class);
+  private final MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+  private final Meter          smsMeter       = metricRegistry.meter(name(getClass(), "sms", "delivered"));
+  private final Meter          voxMeter       = metricRegistry.meter(name(getClass(), "vox", "delivered"));
+  private final Logger         logger         = LoggerFactory.getLogger(NexmoSmsSender.class);

  private static final String NEXMO_SMS_URL =
      "https://rest.nexmo.com/sms/json?api_key=%s&api_secret=%s&from=%s&to=%s&text=%s";
--- a/src/main/java/org/whispersystems/textsecuregcm/sms/TwilioSmsSender.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/sms/TwilioSmsSender.java
@@ -16,22 +16,25 @@
 */
 package org.whispersystems.textsecuregcm.sms;

+import com.codahale.metrics.Meter;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
 import com.twilio.sdk.TwilioRestClient;
 import com.twilio.sdk.TwilioRestException;
 import com.twilio.sdk.resource.factory.CallFactory;
 import com.twilio.sdk.resource.factory.MessageFactory;
-import com.yammer.metrics.Metrics;
-import com.yammer.metrics.core.Meter;
 import org.apache.http.NameValuePair;
 import org.apache.http.message.BasicNameValuePair;
 import org.whispersystems.textsecuregcm.configuration.TwilioConfiguration;
+import org.whispersystems.textsecuregcm.util.Constants;

 import java.io.IOException;
 import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
-import java.util.concurrent.TimeUnit;
+
+import static com.codahale.metrics.MetricRegistry.name;

 public class TwilioSmsSender {

@@ -40,8 +43,9 @@ public class TwilioSmsSender {
                                         "    <Say voice=\"woman\" language=\"en\">" + SmsSender.VOX_VERIFICATION_TEXT + "%s</Say>\n" +
                                         "</Response>";

-  private final Meter smsMeter = Metrics.newMeter(TwilioSmsSender.class, "sms", "delivered", TimeUnit.MINUTES);
-  private final Meter voxMeter = Metrics.newMeter(TwilioSmsSender.class, "vox", "delivered", TimeUnit.MINUTES);
+  private final MetricRegistry metricRegistry = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+  private final Meter          smsMeter       = metricRegistry.meter(name(getClass(), "sms", "delivered"));
+  private final Meter          voxMeter       = metricRegistry.meter(name(getClass(), "vox", "delivered"));

  private final String accountId;
  private final String accountToken;
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/Account.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/Account.java
@@ -22,16 +22,12 @@ import com.fasterxml.jackson.annotation.JsonProperty;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Optional;

-import java.io.Serializable;
 import java.util.LinkedList;
 import java.util.List;

-public class Account implements Serializable {
+public class Account {

-  public static final int MEMCACHE_VERION = 2;
-
-  @JsonIgnore
-  private long id;
+  public static final int MEMCACHE_VERION = 5;

  @JsonProperty
  private String number;
@@ -42,16 +38,14 @@ public class Account implements Serializable {
  @JsonProperty
  private List<Device> devices = new LinkedList<>();

+  @JsonProperty
+  private String identityKey;
+
  @JsonIgnore
  private Optional<Device> authenticatedDevice;

  public Account() {}

-  public Account(String number, boolean supportsSms) {
-    this.number      = number;
-    this.supportsSms = supportsSms;
-  }
-
  @VisibleForTesting
  public Account(String number, boolean supportsSms, List<Device> devices) {
    this.number      = number;
@@ -59,14 +53,6 @@ public class Account implements Serializable {
    this.devices     = devices;
  }

-  public long getId() {
-    return id;
-  }
-
-  public void setId(long id) {
-    this.id = id;
-  }
-
  public Optional<Device> getAuthenticatedDevice() {
    return authenticatedDevice;
  }
@@ -142,4 +128,12 @@ public class Account implements Serializable {
  public Optional<String> getRelay() {
    return Optional.absent();
  }
+
+  public void setIdentityKey(String identityKey) {
+    this.identityKey = identityKey;
+  }
+
+  public String getIdentityKey() {
+    return identityKey;
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/Accounts.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/Accounts.java
@@ -33,6 +33,7 @@ import org.skife.jdbi.v2.sqlobject.SqlUpdate;
 import org.skife.jdbi.v2.sqlobject.Transaction;
 import org.skife.jdbi.v2.sqlobject.customizers.Mapper;
 import org.skife.jdbi.v2.tweak.ResultSetMapper;
+import org.whispersystems.textsecuregcm.util.SystemMapper;

 import java.io.IOException;
 import java.lang.annotation.Annotation;
@@ -51,12 +52,7 @@ public abstract class Accounts {
  private static final String NUMBER = "number";
  private static final String DATA   = "data";

-  private static final ObjectMapper mapper = new ObjectMapper();
-
-  static {
-    mapper.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.NONE);
-    mapper.setVisibility(PropertyAccessor.FIELD, JsonAutoDetect.Visibility.ANY);
-  }
+  private static final ObjectMapper mapper = SystemMapper.getMapper();

  @SqlUpdate("INSERT INTO accounts (" + NUMBER + ", " + DATA + ") VALUES (:number, CAST(:data AS json))")
  @GetGeneratedKeys
@@ -96,7 +92,7 @@ public abstract class Accounts {
    {
      try {
        Account account = mapper.readValue(resultSet.getString(DATA), Account.class);
-        account.setId(resultSet.getLong(ID));
+//        account.setId(resultSet.getLong(ID));

        return account;
      } catch (IOException e) {
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/AccountsManager.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/AccountsManager.java
@@ -17,19 +17,30 @@
 package org.whispersystems.textsecuregcm.storage;


+import com.fasterxml.jackson.annotation.JsonAutoDetect;
+import com.fasterxml.jackson.annotation.PropertyAccessor;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.base.Optional;
 import net.spy.memcached.MemcachedClient;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.whispersystems.textsecuregcm.entities.ClientContact;
+import org.whispersystems.textsecuregcm.util.SystemMapper;
 import org.whispersystems.textsecuregcm.util.Util;

+import java.io.IOException;
 import java.util.Iterator;
 import java.util.List;

 public class AccountsManager {

+  private final Logger logger = LoggerFactory.getLogger(AccountsManager.class);
+
  private final Accounts         accounts;
  private final MemcachedClient  memcachedClient;
  private final DirectoryManager directory;
+  private final ObjectMapper     mapper;

  public AccountsManager(Accounts accounts,
                         DirectoryManager directory,
@@ -38,6 +49,7 @@ public class AccountsManager {
    this.accounts        = accounts;
    this.directory       = directory;
    this.memcachedClient = memcachedClient;
+    this.mapper          = SystemMapper.getMapper();
  }

  public long getCount() {
@@ -54,40 +66,35 @@ public class AccountsManager {

  public void create(Account account) {
    accounts.create(account);
-
-    if (memcachedClient != null) {
-      memcachedClient.set(getKey(account.getNumber()), 0, account);
-    }
-
+    memcacheSet(account.getNumber(), account);
    updateDirectory(account);
  }

  public void update(Account account) {
-    if (memcachedClient != null) {
-      memcachedClient.set(getKey(account.getNumber()), 0, account);
-    }
-
+    memcacheSet(account.getNumber(), account);
    accounts.update(account);
    updateDirectory(account);
  }

  public Optional<Account> get(String number) {
-    Account account = null;
+    Optional<Account> account = memcacheGet(number);

-    if (memcachedClient != null) {
-      account = (Account)memcachedClient.get(getKey(number));
-    }
+    if (!account.isPresent()) {
+      account = Optional.fromNullable(accounts.get(number));

-    if (account == null) {
-      account = accounts.get(number);
-
-      if (account != null && memcachedClient != null) {
-        memcachedClient.set(getKey(number), 0, account);
+      if (account.isPresent()) {
+        memcacheSet(number, account.get());
      }
    }

-    if (account != null) return Optional.of(account);
-    else                 return Optional.absent();
+    return account;
+  }
+
+  public boolean isRelayListed(String number) {
+    byte[]                  token   = Util.getContactToken(number);
+    Optional<ClientContact> contact = directory.get(token);
+
+    return contact.isPresent() && !Util.isEmpty(contact.get().getRelay());
  }

  private void updateDirectory(Account account) {
@@ -104,4 +111,30 @@ public class AccountsManager {
    return Account.class.getSimpleName() + Account.MEMCACHE_VERION + number;
  }

+  private void memcacheSet(String number, Account account) {
+    if (memcachedClient != null) {
+      try {
+        String json = mapper.writeValueAsString(account);
+        memcachedClient.set(getKey(number), 0, json);
+      } catch (JsonProcessingException e) {
+        throw new IllegalArgumentException(e);
+      }
+    }
+  }
+
+  private Optional<Account> memcacheGet(String number) {
+    if (memcachedClient == null) return Optional.absent();
+
+    try {
+      String json = (String)memcachedClient.get(getKey(number));
+
+      if (json != null) return Optional.of(mapper.readValue(json, Account.class));
+      else              return Optional.absent();
+
+    } catch (IOException e) {
+      logger.warn("AccountsManager", "Deserialization error", e);
+      return Optional.absent();
+    }
+  }
+
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/Device.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/Device.java
@@ -19,11 +19,12 @@ package org.whispersystems.textsecuregcm.storage;

 import com.fasterxml.jackson.annotation.JsonProperty;
 import org.whispersystems.textsecuregcm.auth.AuthenticationCredentials;
+import org.whispersystems.textsecuregcm.entities.SignedPreKey;
 import org.whispersystems.textsecuregcm.util.Util;

 import java.io.Serializable;

-public class Device implements Serializable {
+public class Device {

  public static final long MASTER_ID = 1;

@@ -51,11 +52,15 @@ public class Device implements Serializable {
  @JsonProperty
  private int registrationId;

+  @JsonProperty
+  private SignedPreKey signedPreKey;
+
  public Device() {}

  public Device(long id, String authToken, String salt,
                String signalingKey, String gcmId, String apnId,
-                boolean fetchesMessages, int registrationId)
+                boolean fetchesMessages, int registrationId,
+                SignedPreKey signedPreKey)
  {
    this.id              = id;
    this.authToken       = authToken;
@@ -65,6 +70,7 @@ public class Device implements Serializable {
    this.apnId           = apnId;
    this.fetchesMessages = fetchesMessages;
    this.registrationId  = registrationId;
+    this.signedPreKey    = signedPreKey;
  }

  public String getApnId() {
@@ -131,4 +137,12 @@ public class Device implements Serializable {
  public void setRegistrationId(int registrationId) {
    this.registrationId = registrationId;
  }
+
+  public SignedPreKey getSignedPreKey() {
+    return signedPreKey;
+  }
+
+  public void setSignedPreKey(SignedPreKey signedPreKey) {
+    this.signedPreKey = signedPreKey;
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/DirectoryManager.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/DirectoryManager.java
@@ -76,6 +76,11 @@ public class DirectoryManager {
    pipeline.hset(DIRECTORY_KEY, contact.getToken(), new Gson().toJson(tokenValue).getBytes());
  }

+  public PendingClientContact get(BatchOperationHandle handle, byte[] token) {
+    Pipeline pipeline = handle.pipeline;
+    return new PendingClientContact(token, pipeline.hget(DIRECTORY_KEY, token));
+  }
+
  public Optional<ClientContact> get(byte[] token) {
    Jedis jedis = redisPool.getResource();

@@ -162,4 +167,26 @@ public class DirectoryManager {
      this.supportsSms = supportsSms;
    }
  }
+
+  public static class PendingClientContact {
+    private final byte[]           token;
+    private final Response<byte[]> response;
+
+    PendingClientContact(byte[] token, Response<byte[]> response) {
+      this.token    = token;
+      this.response = response;
+    }
+
+    public Optional<ClientContact> get() {
+      byte[] result = response.get();
+
+      if (result == null) {
+        return Optional.absent();
+      }
+
+      TokenValue tokenValue = new Gson().fromJson(new String(result), TokenValue.class);
+      return Optional.of(new ClientContact(token, tokenValue.relay, tokenValue.supportsSms));
+    }
+
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/KeyRecord.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/KeyRecord.java
@@ -0,0 +1,46 @@
+package org.whispersystems.textsecuregcm.storage;
+
+public class KeyRecord {
+
+  private long    id;
+  private String  number;
+  private long    deviceId;
+  private long    keyId;
+  private String  publicKey;
+  private boolean lastResort;
+
+  public KeyRecord(long id, String number, long deviceId, long keyId,
+                   String publicKey, boolean lastResort)
+  {
+    this.id         = id;
+    this.number     = number;
+    this.deviceId   = deviceId;
+    this.keyId      = keyId;
+    this.publicKey  = publicKey;
+    this.lastResort = lastResort;
+  }
+
+  public long getId() {
+    return id;
+  }
+
+  public String getNumber() {
+    return number;
+  }
+
+  public long getDeviceId() {
+    return deviceId;
+  }
+
+  public long getKeyId() {
+    return keyId;
+  }
+
+  public String getPublicKey() {
+    return publicKey;
+  }
+
+  public boolean isLastResort() {
+    return lastResort;
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/Keys.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/Keys.java
@@ -30,8 +30,9 @@ import org.skife.jdbi.v2.sqlobject.SqlUpdate;
 import org.skife.jdbi.v2.sqlobject.Transaction;
 import org.skife.jdbi.v2.sqlobject.customizers.Mapper;
 import org.skife.jdbi.v2.tweak.ResultSetMapper;
-import org.whispersystems.textsecuregcm.entities.PreKey;
-import org.whispersystems.textsecuregcm.entities.UnstructuredPreKeyList;
+import org.whispersystems.textsecuregcm.entities.PreKeyBase;
+import org.whispersystems.textsecuregcm.entities.PreKeyV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyV2;

 import java.lang.annotation.Annotation;
 import java.lang.annotation.ElementType;
@@ -51,63 +52,65 @@ public abstract class Keys {
  @SqlUpdate("DELETE FROM keys WHERE id = :id")
  abstract void removeKey(@Bind("id") long id);

-  @SqlBatch("INSERT INTO keys (number, device_id, key_id, public_key, identity_key, last_resort) VALUES " +
-      "(:number, :device_id, :key_id, :public_key, :identity_key, :last_resort)")
-  abstract void append(@PreKeyBinder List<PreKey> preKeys);
-
-  @SqlUpdate("INSERT INTO keys (number, device_id, key_id, public_key, identity_key, last_resort) VALUES " +
-      "(:number, :device_id, :key_id, :public_key, :identity_key, :last_resort)")
-  abstract void append(@PreKeyBinder PreKey preKey);
+  @SqlBatch("INSERT INTO keys (number, device_id, key_id, public_key, last_resort) VALUES " +
+            "(:number, :device_id, :key_id, :public_key, :last_resort)")
+  abstract void append(@PreKeyBinder List<KeyRecord> preKeys);

  @SqlQuery("SELECT * FROM keys WHERE number = :number AND device_id = :device_id ORDER BY key_id ASC FOR UPDATE")
  @Mapper(PreKeyMapper.class)
-  abstract PreKey retrieveFirst(@Bind("number") String number, @Bind("device_id") long deviceId);
+  abstract KeyRecord retrieveFirst(@Bind("number") String number, @Bind("device_id") long deviceId);

  @SqlQuery("SELECT DISTINCT ON (number, device_id) * FROM keys WHERE number = :number ORDER BY number, device_id, key_id ASC")
  @Mapper(PreKeyMapper.class)
-  abstract List<PreKey> retrieveFirst(@Bind("number") String number);
+  abstract List<KeyRecord> retrieveFirst(@Bind("number") String number);
+
+  @SqlQuery("SELECT COUNT(*) FROM keys WHERE number = :number AND device_id = :device_id")
+  public abstract int getCount(@Bind("number") String number, @Bind("device_id") long deviceId);

  @Transaction(TransactionIsolationLevel.SERIALIZABLE)
-  public void store(String number, long deviceId, List<PreKey> keys, PreKey lastResortKey) {
-    for (PreKey key : keys) {
-      key.setNumber(number);
-      key.setDeviceId(deviceId);
+  public void store(String number, long deviceId, List<? extends PreKeyBase> keys, PreKeyBase lastResortKey) {
+    List<KeyRecord> records = new LinkedList<>();
+
+    for (PreKeyBase key : keys) {
+      records.add(new KeyRecord(0, number, deviceId, key.getKeyId(), key.getPublicKey(), false));
    }

-    lastResortKey.setNumber(number);
-    lastResortKey.setDeviceId(deviceId);
-    lastResortKey.setLastResort(true);
+    records.add(new KeyRecord(0, number, deviceId, lastResortKey.getKeyId(),
+                              lastResortKey.getPublicKey(), true));

    removeKeys(number, deviceId);
-    append(keys);
-    append(lastResortKey);
+    append(records);
  }

  @Transaction(TransactionIsolationLevel.SERIALIZABLE)
-  public Optional<UnstructuredPreKeyList> get(String number, long deviceId) {
-    PreKey preKey = retrieveFirst(number, deviceId);
+  public Optional<List<KeyRecord>> get(String number, long deviceId) {
+    final KeyRecord record = retrieveFirst(number, deviceId);

-    if (preKey != null && !preKey.isLastResort()) {
-      removeKey(preKey.getId());
+    if (record != null && !record.isLastResort()) {
+      removeKey(record.getId());
+    } else if (record == null) {
+      return Optional.absent();
    }

-    if (preKey != null) return Optional.of(new UnstructuredPreKeyList(preKey));
-    else                return Optional.absent();
+    List<KeyRecord> results = new LinkedList<>();
+    results.add(record);
+
+    return Optional.of(results);
  }

  @Transaction(TransactionIsolationLevel.SERIALIZABLE)
-  public Optional<UnstructuredPreKeyList> get(String number) {
-    List<PreKey> preKeys = retrieveFirst(number);
+  public Optional<List<KeyRecord>> get(String number) {
+    List<KeyRecord> preKeys = retrieveFirst(number);

    if (preKeys != null) {
-      for (PreKey preKey : preKeys) {
+      for (KeyRecord preKey : preKeys) {
        if (!preKey.isLastResort()) {
          removeKey(preKey.getId());
        }
      }
    }

-    if (preKeys != null) return Optional.of(new UnstructuredPreKeyList(preKeys));
+    if (preKeys != null) return Optional.of(preKeys);
    else                 return Optional.absent();
  }

@@ -118,17 +121,16 @@ public abstract class Keys {
    public static class PreKeyBinderFactory implements BinderFactory {
      @Override
      public Binder build(Annotation annotation) {
-        return new Binder<PreKeyBinder, PreKey>() {
+        return new Binder<PreKeyBinder, KeyRecord>() {
          @Override
-          public void bind(SQLStatement<?> sql, PreKeyBinder accountBinder, PreKey preKey)
+          public void bind(SQLStatement<?> sql, PreKeyBinder accountBinder, KeyRecord record)
          {
-            sql.bind("id", preKey.getId());
-            sql.bind("number", preKey.getNumber());
-            sql.bind("device_id", preKey.getDeviceId());
-            sql.bind("key_id", preKey.getKeyId());
-            sql.bind("public_key", preKey.getPublicKey());
-            sql.bind("identity_key", preKey.getIdentityKey());
-            sql.bind("last_resort", preKey.isLastResort() ? 1 : 0);
+            sql.bind("id", record.getId());
+            sql.bind("number", record.getNumber());
+            sql.bind("device_id", record.getDeviceId());
+            sql.bind("key_id", record.getKeyId());
+            sql.bind("public_key", record.getPublicKey());
+            sql.bind("last_resort", record.isLastResort() ? 1 : 0);
          }
        };
      }
@@ -136,15 +138,14 @@ public abstract class Keys {
  }


-  public static class PreKeyMapper implements ResultSetMapper<PreKey> {
+  public static class PreKeyMapper implements ResultSetMapper<KeyRecord> {
    @Override
-    public PreKey map(int i, ResultSet resultSet, StatementContext statementContext)
+    public KeyRecord map(int i, ResultSet resultSet, StatementContext statementContext)
        throws SQLException
    {
-      return new PreKey(resultSet.getLong("id"), resultSet.getString("number"), resultSet.getLong("device_id"),
-                         resultSet.getLong("key_id"), resultSet.getString("public_key"),
-                         resultSet.getString("identity_key"),
-                         resultSet.getInt("last_resort") == 1);
+      return new KeyRecord(resultSet.getLong("id"), resultSet.getString("number"),
+                           resultSet.getLong("device_id"), resultSet.getLong("key_id"),
+                           resultSet.getString("public_key"), resultSet.getInt("last_resort") == 1);
    }
  }

--- a/src/main/java/org/whispersystems/textsecuregcm/storage/PendingAccountsManager.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/PendingAccountsManager.java
@@ -34,35 +34,46 @@ public class PendingAccountsManager {
  }

  public void store(String number, String code) {
-    if (memcachedClient != null) {
-      memcachedClient.set(MEMCACHE_PREFIX + number, 0, code);
-    }
-
+    memcacheSet(number, code);
    pendingAccounts.insert(number, code);
  }

  public void remove(String number) {
-    if (memcachedClient != null)
-      memcachedClient.delete(MEMCACHE_PREFIX + number);
+    memcacheDelete(number);
    pendingAccounts.remove(number);
  }

  public Optional<String> getCodeForNumber(String number) {
-    String code = null;
+    Optional<String> code = memcacheGet(number);

-    if (memcachedClient != null) {
-      code = (String)memcachedClient.get(MEMCACHE_PREFIX + number);
-    }
+    if (!code.isPresent()) {
+      code = Optional.fromNullable(pendingAccounts.getCodeForNumber(number));

-    if (code == null) {
-      code = pendingAccounts.getCodeForNumber(number);
-
-      if (code != null && memcachedClient != null) {
-        memcachedClient.set(MEMCACHE_PREFIX + number, 0, code);
+      if (code.isPresent()) {
+        memcacheSet(number, code.get());
      }
    }

-    if (code != null) return Optional.of(code);
-    else              return Optional.absent();
+    return code;
+  }
+
+  private void memcacheSet(String number, String code) {
+    if (memcachedClient != null) {
+      memcachedClient.set(MEMCACHE_PREFIX + number, 0, code);
+    }
+  }
+
+  private Optional<String> memcacheGet(String number) {
+    if (memcachedClient != null) {
+      return Optional.fromNullable((String)memcachedClient.get(MEMCACHE_PREFIX + number));
+    } else {
+      return Optional.absent();
+    }
+  }
+
+  private void memcacheDelete(String number) {
+    if (memcachedClient != null) {
+      memcachedClient.delete(MEMCACHE_PREFIX + number);
+    }
  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/PendingDevicesManager.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/PendingDevicesManager.java
@@ -34,37 +34,47 @@ public class PendingDevicesManager {
  }

  public void store(String number, String code) {
-    if (memcachedClient != null) {
-      memcachedClient.set(MEMCACHE_PREFIX + number, 0, code);
-    }
-
+    memcacheSet(number, code);
    pendingDevices.insert(number, code);
  }

  public void remove(String number) {
-    if (memcachedClient != null) {
-      memcachedClient.delete(MEMCACHE_PREFIX + number);
-    }
-
+    memcacheDelete(number);
    pendingDevices.remove(number);
  }

  public Optional<String> getCodeForNumber(String number) {
-    String code = null;
+    Optional<String> code = memcacheGet(number);

-    if (memcachedClient != null) {
-      code = (String)memcachedClient.get(MEMCACHE_PREFIX + number);
-    }
+    if (!code.isPresent()) {
+      code = Optional.fromNullable(pendingDevices.getCodeForNumber(number));

-    if (code == null) {
-      code = pendingDevices.getCodeForNumber(number);
-
-      if (code != null && memcachedClient != null) {
-        memcachedClient.set(MEMCACHE_PREFIX + number, 0, code);
+      if (code.isPresent()) {
+        memcacheSet(number, code.get());
      }
    }

-    if (code != null) return Optional.of(code);
-    else              return Optional.absent();
+    return code;
  }
+
+  private void memcacheSet(String number, String code) {
+    if (memcachedClient != null) {
+      memcachedClient.set(MEMCACHE_PREFIX + number, 0, code);
+    }
+  }
+
+  private Optional<String> memcacheGet(String number) {
+    if (memcachedClient != null) {
+      return Optional.fromNullable((String)memcachedClient.get(MEMCACHE_PREFIX + number));
+    } else {
+      return Optional.absent();
+    }
+  }
+
+  private void memcacheDelete(String number) {
+    if (memcachedClient != null) {
+      memcachedClient.delete(MEMCACHE_PREFIX + number);
+    }
+  }
+
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/PubSubManager.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/PubSubManager.java
@@ -4,6 +4,7 @@ import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.util.SystemMapper;
 import org.whispersystems.textsecuregcm.websocket.InvalidWebsocketAddressException;
 import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;

@@ -17,10 +18,12 @@ import redis.clients.jedis.JedisPubSub;

 public class PubSubManager {

-  private final Logger                                logger       = LoggerFactory.getLogger(PubSubManager.class);
-  private final ObjectMapper                          mapper       = new ObjectMapper();
-  private final SubscriptionListener                  baseListener = new SubscriptionListener();
-  private final Map<WebsocketAddress, PubSubListener> listeners    = new HashMap<>();
+  private static final String KEEPALIVE_CHANNEL = "KEEPALIVE";
+
+  private final Logger                      logger       = LoggerFactory.getLogger(PubSubManager.class);
+  private final ObjectMapper                mapper       = SystemMapper.getMapper();
+  private final SubscriptionListener        baseListener = new SubscriptionListener();
+  private final Map<String, PubSubListener> listeners    = new HashMap<>();

  private final JedisPool jedisPool;
  private boolean subscribed = false;
@@ -32,25 +35,29 @@ public class PubSubManager {
  }

  public synchronized void subscribe(WebsocketAddress address, PubSubListener listener) {
-    listeners.put(address, listener);
-    baseListener.subscribe(address.toString());
+    listeners.put(address.serialize(), listener);
+    baseListener.subscribe(address.serialize());
  }

  public synchronized void unsubscribe(WebsocketAddress address, PubSubListener listener) {
-    if (listeners.get(address) == listener) {
-      listeners.remove(address);
-      baseListener.unsubscribe(address.toString());
+    if (listeners.get(address.serialize()) == listener) {
+      listeners.remove(address.serialize());
+      baseListener.unsubscribe(address.serialize());
    }
  }

  public synchronized boolean publish(WebsocketAddress address, PubSubMessage message) {
+    return publish(address.serialize(), message);
+  }
+
+  private synchronized boolean publish(String channel, PubSubMessage message) {
    try {
      String serialized = mapper.writeValueAsString(message);
      Jedis  jedis      = null;

      try {
        jedis = jedisPool.getResource();
-        return jedis.publish(address.toString(), serialized) != 0;
+        return jedis.publish(channel, serialized) != 0;
      } finally {
        if (jedis != null)
          jedisPool.returnResource(jedis);
@@ -78,7 +85,7 @@ public class PubSubManager {
          Jedis jedis = null;
          try {
            jedis = jedisPool.getResource();
-            jedis.subscribe(baseListener, new WebsocketAddress(0, 0).toString());
+            jedis.subscribe(baseListener, KEEPALIVE_CHANNEL);
            logger.warn("**** Unsubscribed from holding channel!!! ******");
          } finally {
            if (jedis != null)
@@ -94,7 +101,7 @@ public class PubSubManager {
        for (;;) {
          try {
            Thread.sleep(20000);
-            publish(new WebsocketAddress(0, 0), new PubSubMessage(0, "foo"));
+            publish(KEEPALIVE_CHANNEL, new PubSubMessage(0, "foo"));
          } catch (InterruptedException e) {
            throw new AssertionError(e);
          }
@@ -108,18 +115,15 @@ public class PubSubManager {
    @Override
    public void onMessage(String channel, String message) {
      try {
-        WebsocketAddress address = new WebsocketAddress(channel);
        PubSubListener   listener;

        synchronized (PubSubManager.this) {
-          listener = listeners.get(address);
+          listener = listeners.get(channel);
        }

        if (listener != null) {
          listener.onPubSubMessage(mapper.readValue(message, PubSubMessage.class));
        }
-      } catch (InvalidWebsocketAddressException e) {
-        logger.warn("Address", e);
      } catch (IOException e) {
        logger.warn("IOE", e);
      }
@@ -132,16 +136,11 @@ public class PubSubManager {

    @Override
    public void onSubscribe(String channel, int count) {
-      try {
-        WebsocketAddress address = new WebsocketAddress(channel);
-        if (address.getAccountId() == 0 && address.getDeviceId() == 0) {
-          synchronized (PubSubManager.this) {
-            subscribed = true;
-            PubSubManager.this.notifyAll();
-          }
+      if (KEEPALIVE_CHANNEL.equals(channel)) {
+        synchronized (PubSubManager.this) {
+          subscribed = true;
+          PubSubManager.this.notifyAll();
        }
-      } catch (InvalidWebsocketAddressException e) {
-        logger.warn("Weird address", e);
      }
    }

--- a/src/main/java/org/whispersystems/textsecuregcm/storage/StoredMessageManager.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/StoredMessageManager.java
@@ -1,66 +0,0 @@
-/**
- * Copyright (C) 2014 Open WhisperSystems
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package org.whispersystems.textsecuregcm.storage;
-
-import org.whispersystems.textsecuregcm.entities.CryptoEncodingException;
-import org.whispersystems.textsecuregcm.entities.EncryptedOutgoingMessage;
-import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;
-
-import java.util.List;
-
-public class StoredMessageManager {
-
-  private final StoredMessages storedMessages;
-  private final PubSubManager  pubSubManager;
-
-  public StoredMessageManager(StoredMessages storedMessages, PubSubManager pubSubManager) {
-    this.storedMessages = storedMessages;
-    this.pubSubManager  = pubSubManager;
-  }
-
-  public void storeMessage(Account account, Device device, EncryptedOutgoingMessage outgoingMessage)
-      throws CryptoEncodingException
-  {
-    storeMessage(account, device, outgoingMessage.serialize());
-  }
-
-  public void storeMessages(Account account, Device device, List<String> serializedMessages) {
-    for (String serializedMessage : serializedMessages) {
-      storeMessage(account, device, serializedMessage);
-    }
-  }
-
-  private void storeMessage(Account account, Device device, String serializedMessage) {
-    if (device.getFetchesMessages()) {
-      WebsocketAddress address       = new WebsocketAddress(account.getId(), device.getId());
-      PubSubMessage    pubSubMessage = new PubSubMessage(PubSubMessage.TYPE_DELIVER, serializedMessage);
-
-      if (!pubSubManager.publish(address, pubSubMessage)) {
-        storedMessages.insert(account.getId(), device.getId(), serializedMessage);
-        pubSubManager.publish(address, new PubSubMessage(PubSubMessage.TYPE_QUERY_DB, null));
-      }
-
-      return;
-    }
-
-    storedMessages.insert(account.getId(), device.getId(), serializedMessage);
-  }
-
-  public List<String> getOutgoingMessages(Account account, Device device) {
-    return storedMessages.getMessagesForDevice(account.getId(), device.getId());
-  }
-}
--- a/src/main/java/org/whispersystems/textsecuregcm/storage/StoredMessages.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/storage/StoredMessages.java
@@ -16,21 +16,103 @@
 */
 package org.whispersystems.textsecuregcm.storage;

-import org.skife.jdbi.v2.sqlobject.Bind;
-import org.skife.jdbi.v2.sqlobject.SqlBatch;
-import org.skife.jdbi.v2.sqlobject.SqlQuery;
-import org.skife.jdbi.v2.sqlobject.SqlUpdate;
+import com.codahale.metrics.Histogram;
+import com.codahale.metrics.MetricRegistry;
+import com.codahale.metrics.SharedMetricRegistries;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;

+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.entities.PendingMessage;
+import org.whispersystems.textsecuregcm.util.Constants;
+import org.whispersystems.textsecuregcm.util.SystemMapper;
+import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;
+
+import java.io.IOException;
+import java.util.LinkedList;
 import java.util.List;

-public interface StoredMessages {
+import static com.codahale.metrics.MetricRegistry.name;
+import redis.clients.jedis.Jedis;
+import redis.clients.jedis.JedisPool;

-  @SqlUpdate("INSERT INTO messages (account_id, device_id, encrypted_message) VALUES (:account_id, :device_id, :encrypted_message)")
-  void insert(@Bind("account_id") long accountId, @Bind("device_id") long deviceId, @Bind("encrypted_message") String encryptedOutgoingMessage);
+public class StoredMessages {

-  @SqlBatch("INSERT INTO messages (account_id, device_id, encrypted_message) VALUES (:account_id, :device_id, :encrypted_message)")
-  void insert(@Bind("account_id") long accountId, @Bind("device_id") long deviceId, @Bind("encrypted_message") List<String> encryptedOutgoingMessages);
+  private static final Logger logger = LoggerFactory.getLogger(StoredMessages.class);

-  @SqlQuery("DELETE FROM messages WHERE account_id = :account_id AND device_id = :device_id RETURNING encrypted_message")
-  List<String> getMessagesForDevice(@Bind("account_id") long accountId, @Bind("device_id") long deviceId);
-}
+  private final MetricRegistry metricRegistry     = SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME);
+  private final Histogram      queueSizeHistogram = metricRegistry.histogram(name(getClass(), "queue_size"));
+
+
+  private static final ObjectMapper mapper = SystemMapper.getMapper();
+  private static final String QUEUE_PREFIX = "msgs";
+
+  private final JedisPool jedisPool;
+
+  public StoredMessages(JedisPool jedisPool) {
+    this.jedisPool = jedisPool;
+  }
+
+  public void clear(WebsocketAddress address) {
+    Jedis jedis = null;
+
+    try {
+      jedis = jedisPool.getResource();
+      jedis.del(getKey(address));
+    } finally {
+      if (jedis != null)
+        jedisPool.returnResource(jedis);
+    }
+  }
+
+  public void insert(WebsocketAddress address, PendingMessage message) {
+    Jedis jedis = null;
+
+    try {
+      jedis = jedisPool.getResource();
+
+      String serializedMessage = mapper.writeValueAsString(message);
+      long   queueSize         = jedis.lpush(getKey(address), serializedMessage);
+      queueSizeHistogram.update(queueSize);
+
+      if (queueSize > 1000) {
+        jedis.ltrim(getKey(address), 0, 999);
+      }
+
+    } catch (JsonProcessingException e) {
+      logger.warn("StoredMessages", "Unable to store correctly", e);
+    } finally {
+      if (jedis != null)
+        jedisPool.returnResource(jedis);
+    }
+  }
+
+  public List<PendingMessage> getMessagesForDevice(WebsocketAddress address) {
+    List<PendingMessage> messages = new LinkedList<>();
+    Jedis                jedis    = null;
+
+    try {
+      jedis = jedisPool.getResource();
+      String message;
+
+      while ((message = jedis.rpop(getKey(address))) != null) {
+        try {
+          messages.add(mapper.readValue(message, PendingMessage.class));
+        } catch (IOException e) {
+          logger.warn("StoredMessages", "Not a valid PendingMessage", e);
+        }
+      }
+
+      return messages;
+    } finally {
+      if (jedis != null)
+        jedisPool.returnResource(jedis);
+    }
+  }
+
+  private String getKey(WebsocketAddress address) {
+    return QUEUE_PREFIX + ":" + address.serialize();
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/util/Base64.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/util/Base64.java
@@ -1241,7 +1241,7 @@ public class Base64
     * @since 1.4
     */
    public static byte[] decode( String s ) throws java.io.IOException {
-        return decode( s, NO_OPTIONS );
+        return decode( s, DONT_GUNZIP );
    }

    
--- a/src/main/java/org/whispersystems/textsecuregcm/util/CORSHeaderFilter.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/util/CORSHeaderFilter.java
@@ -1,41 +0,0 @@
-/**
- * Copyright (C) 2014 Open WhisperSystems
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-package org.whispersystems.textsecuregcm.util;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-public class CORSHeaderFilter implements Filter {
-  @Override
-  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
-    if (response instanceof HttpServletResponse) {
-      ((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", "*");
-      ((HttpServletResponse) response).addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
-      ((HttpServletResponse) response).addHeader("Access-Control-Allow-Headers", "Authorization, Content-type");
-    }
-    chain.doFilter(request, response);
-  }
-
-  @Override public void init(FilterConfig filterConfig) throws ServletException { }
-  @Override public void destroy() { }
-}
--- a/src/main/java/org/whispersystems/textsecuregcm/util/Constants.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/util/Constants.java
@@ -0,0 +1,7 @@
+package org.whispersystems.textsecuregcm.util;
+
+public class Constants {
+
+  public static final String METRICS_NAME = "textsecure";
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/util/SystemMapper.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/util/SystemMapper.java
@@ -0,0 +1,20 @@
+package org.whispersystems.textsecuregcm.util;
+
+import com.fasterxml.jackson.annotation.JsonAutoDetect;
+import com.fasterxml.jackson.annotation.PropertyAccessor;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+public class SystemMapper {
+
+  private static final ObjectMapper mapper = new ObjectMapper();
+
+  static {
+    mapper.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.NONE);
+    mapper.setVisibility(PropertyAccessor.FIELD, JsonAutoDetect.Visibility.ANY);
+  }
+
+  public static ObjectMapper getMapper() {
+    return mapper;
+  }
+
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/util/Util.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/util/Util.java
@@ -83,4 +83,40 @@ public class Util {
    return result;
  }

+
+  public static byte[][] split(byte[] input, int firstLength, int secondLength) {
+    byte[][] parts = new byte[2][];
+
+    parts[0] = new byte[firstLength];
+    System.arraycopy(input, 0, parts[0], 0, firstLength);
+
+    parts[1] = new byte[secondLength];
+    System.arraycopy(input, firstLength, parts[1], 0, secondLength);
+
+    return parts;
+  }
+
+  public static byte[][] split(byte[] input, int firstLength, int secondLength, int thirdLength, int fourthLength) {
+    byte[][] parts = new byte[4][];
+
+    parts[0] = new byte[firstLength];
+    System.arraycopy(input, 0, parts[0], 0, firstLength);
+
+    parts[1] = new byte[secondLength];
+    System.arraycopy(input, firstLength, parts[1], 0, secondLength);
+
+    parts[2] = new byte[thirdLength];
+    System.arraycopy(input, firstLength + secondLength, parts[2], 0, thirdLength);
+
+    parts[3] = new byte[fourthLength];
+    System.arraycopy(input, firstLength + secondLength + thirdLength, parts[3], 0, fourthLength);
+
+    return parts;
+  }
+
+  public static void sleep(int i) {
+    try {
+      Thread.sleep(i);
+    } catch (InterruptedException ie) {}
+  }
 }
--- a/src/main/java/org/whispersystems/textsecuregcm/websocket/WebsocketAddress.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/websocket/WebsocketAddress.java
@@ -2,39 +2,20 @@ package org.whispersystems.textsecuregcm.websocket;

 public class WebsocketAddress {

-  private final long accountId;
-  private final long deviceId;
+  private final String number;
+  private final long   deviceId;

-  public WebsocketAddress(String serialized) throws InvalidWebsocketAddressException {
-    try {
-      String[] parts = serialized.split(":");
-
-      if (parts == null || parts.length != 2) {
-        throw new InvalidWebsocketAddressException(serialized);
-      }
-
-      this.accountId = Long.parseLong(parts[0]);
-      this.deviceId  = Long.parseLong(parts[1]);
-    } catch (NumberFormatException e) {
-      throw new InvalidWebsocketAddressException(e);
-    }
-  }
-
-  public WebsocketAddress(long accountId, long deviceId) {
-    this.accountId = accountId;
+  public WebsocketAddress(String number, long deviceId) {
+    this.number    = number;
    this.deviceId  = deviceId;
  }

-  public long getAccountId() {
-    return accountId;
-  }
-
-  public long getDeviceId() {
-    return deviceId;
+  public String serialize() {
+    return number + ":" + deviceId;
  }

  public String toString() {
-    return accountId + ":" + deviceId;
+    return serialize();
  }

  @Override
@@ -45,13 +26,13 @@ public class WebsocketAddress {
    WebsocketAddress that = (WebsocketAddress)other;

    return
-        this.accountId == that.accountId &&
+        this.number.equals(that.number) &&
        this.deviceId == that.deviceId;
  }

  @Override
  public int hashCode() {
-    return (int)accountId ^ (int)deviceId;
+    return number.hashCode() ^ (int)deviceId;
  }

 }
--- a/src/main/java/org/whispersystems/textsecuregcm/websocket/WebsocketControllerFactory.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/websocket/WebsocketControllerFactory.java
@@ -0,0 +1,50 @@
+package org.whispersystems.textsecuregcm.websocket;
+
+import org.eclipse.jetty.websocket.api.UpgradeRequest;
+import org.eclipse.jetty.websocket.api.UpgradeResponse;
+import org.eclipse.jetty.websocket.servlet.WebSocketCreator;
+import org.eclipse.jetty.websocket.servlet.WebSocketServlet;
+import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.whispersystems.textsecuregcm.auth.AccountAuthenticator;
+import org.whispersystems.textsecuregcm.controllers.WebsocketController;
+import org.whispersystems.textsecuregcm.push.PushSender;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.PubSubManager;
+import org.whispersystems.textsecuregcm.storage.StoredMessages;
+
+
+public class WebsocketControllerFactory extends WebSocketServlet implements WebSocketCreator {
+
+  private final Logger logger = LoggerFactory.getLogger(WebsocketControllerFactory.class);
+
+  private final PushSender           pushSender;
+  private final StoredMessages       storedMessages;
+  private final PubSubManager        pubSubManager;
+  private final AccountAuthenticator accountAuthenticator;
+  private final AccountsManager      accounts;
+
+  public WebsocketControllerFactory(AccountAuthenticator accountAuthenticator,
+                                    AccountsManager      accounts,
+                                    PushSender           pushSender,
+                                    StoredMessages       storedMessages,
+                                    PubSubManager        pubSubManager)
+  {
+    this.accountAuthenticator = accountAuthenticator;
+    this.accounts             = accounts;
+    this.pushSender           = pushSender;
+    this.storedMessages       = storedMessages;
+    this.pubSubManager        = pubSubManager;
+  }
+
+  @Override
+  public void configure(WebSocketServletFactory factory) {
+    factory.setCreator(this);
+  }
+
+  @Override
+  public Object createWebSocket(UpgradeRequest upgradeRequest, UpgradeResponse upgradeResponse) {
+    return new WebsocketController(accountAuthenticator, accounts,  pushSender, pubSubManager, storedMessages);
+  }
+}
--- a/src/main/java/org/whispersystems/textsecuregcm/workers/DirectoryCommand.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/workers/DirectoryCommand.java
@@ -16,13 +16,6 @@
 */
 package org.whispersystems.textsecuregcm.workers;

-import com.yammer.dropwizard.cli.ConfiguredCommand;
-import com.yammer.dropwizard.config.Bootstrap;
-import com.yammer.dropwizard.db.DatabaseConfiguration;
-import com.yammer.dropwizard.jdbi.ImmutableListContainerFactory;
-import com.yammer.dropwizard.jdbi.ImmutableSetContainerFactory;
-import com.yammer.dropwizard.jdbi.OptionalContainerFactory;
-import com.yammer.dropwizard.jdbi.args.OptionalArgumentFactory;
 import net.sourceforge.argparse4j.inf.Namespace;
 import net.spy.memcached.MemcachedClient;
 import org.skife.jdbi.v2.DBI;
@@ -36,6 +29,13 @@ import org.whispersystems.textsecuregcm.storage.Accounts;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.DirectoryManager;

+import io.dropwizard.cli.ConfiguredCommand;
+import io.dropwizard.db.DataSourceFactory;
+import io.dropwizard.jdbi.ImmutableListContainerFactory;
+import io.dropwizard.jdbi.ImmutableSetContainerFactory;
+import io.dropwizard.jdbi.OptionalContainerFactory;
+import io.dropwizard.jdbi.args.OptionalArgumentFactory;
+import io.dropwizard.setup.Bootstrap;
 import redis.clients.jedis.JedisPool;

 public class DirectoryCommand extends ConfiguredCommand<WhisperServerConfiguration> {
@@ -53,8 +53,8 @@ public class DirectoryCommand extends ConfiguredCommand<WhisperServerConfigurati
      throws Exception
  {
    try {
-      DatabaseConfiguration dbConfig = config.getDatabaseConfiguration();
-      DBI                   dbi      = new DBI(dbConfig.getUrl(), dbConfig.getUser(), dbConfig.getPassword());
+      DataSourceFactory dbConfig = config.getDataSourceFactory();
+      DBI               dbi      = new DBI(dbConfig.getUrl(), dbConfig.getUser(), dbConfig.getPassword());

      dbi.registerArgumentFactory(new OptionalArgumentFactory(dbConfig.getDriverClass()));
      dbi.registerContainerFactory(new ImmutableListContainerFactory());
--- a/src/main/java/org/whispersystems/textsecuregcm/workers/DirectoryUpdater.java
+++ b/src/main/java/org/whispersystems/textsecuregcm/workers/DirectoryUpdater.java
@@ -27,12 +27,14 @@ import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.DirectoryManager;
 import org.whispersystems.textsecuregcm.storage.DirectoryManager.BatchOperationHandle;
 import org.whispersystems.textsecuregcm.util.Base64;
-import org.whispersystems.textsecuregcm.util.Hex;
 import org.whispersystems.textsecuregcm.util.Util;

 import java.util.Iterator;
+import java.util.LinkedList;
 import java.util.List;

+import static org.whispersystems.textsecuregcm.storage.DirectoryManager.PendingClientContact;
+
 public class DirectoryUpdater {

  private final Logger logger = LoggerFactory.getLogger(DirectoryUpdater.class);
@@ -82,54 +84,69 @@ public class DirectoryUpdater {

  public void updateFromPeers() {
    logger.info("Updating peer directories.");
-    List<FederatedClient> clients = federatedClientManager.getClients();
+
+    int                   contactsAdded   = 0;
+    int                   contactsRemoved = 0;
+    List<FederatedClient> clients         = federatedClientManager.getClients();

    for (FederatedClient client : clients) {
      logger.info("Updating directory from peer: " + client.getPeerName());
-//      BatchOperationHandle handle = directory.startBatchOperation();

-      try {
-        int userCount = client.getUserCount();
-        int retrieved = 0;
+      int userCount = client.getUserCount();
+      int retrieved = 0;

-        logger.info("Remote peer user count: " + userCount);
+      logger.info("Remote peer user count: " + userCount);

-        while (retrieved < userCount) {
-          logger.info("Retrieving remote tokens...");
-          List<ClientContact> clientContacts = client.getUserTokens(retrieved);
+      while (retrieved < userCount) {
+        logger.info("Retrieving remote tokens...");
+        List<ClientContact>        remoteContacts = client.getUserTokens(retrieved);
+        List<PendingClientContact> localContacts  = new LinkedList<>();
+        BatchOperationHandle       handle         = directory.startBatchOperation();

-          if (clientContacts == null) {
-            logger.info("Remote tokens empty, ending...");
-            break;
-          } else {
-            logger.info("Retrieved " + clientContacts.size() + " remote tokens...");
-          }
-
-          for (ClientContact clientContact : clientContacts) {
-            clientContact.setRelay(client.getPeerName());
-
-            Optional<ClientContact> existing = directory.get(clientContact.getToken());
-
-            if (!clientContact.isInactive() && (!existing.isPresent() || client.getPeerName().equals(existing.get().getRelay()))) {
-//              directory.add(handle, clientContact);
-              directory.add(clientContact);
-            } else {
-              if (existing.isPresent() && client.getPeerName().equals(existing.get().getRelay())) {
-                directory.remove(clientContact.getToken());
-              }
-            }
-          }
-
-          retrieved += clientContacts.size();
-          logger.info("Processed: " + retrieved + " remote tokens.");
+        if (remoteContacts == null) {
+          logger.info("Remote tokens empty, ending...");
+          break;
+        } else {
+          logger.info("Retrieved " + remoteContacts.size() + " remote tokens...");
        }

-        logger.info("Update from peer complete.");
-      } finally {
-//        directory.stopBatchOperation(handle);
+        for (ClientContact remoteContact : remoteContacts) {
+          localContacts.add(directory.get(handle, remoteContact.getToken()));
+        }
+
+        directory.stopBatchOperation(handle);
+
+        handle = directory.startBatchOperation();
+        Iterator<ClientContact>        remoteContactIterator = remoteContacts.iterator();
+        Iterator<PendingClientContact> localContactIterator  = localContacts.iterator();
+
+        while (remoteContactIterator.hasNext() && localContactIterator.hasNext()) {
+          ClientContact           remoteContact = remoteContactIterator.next();
+          Optional<ClientContact> localContact  = localContactIterator.next().get();
+
+          remoteContact.setRelay(client.getPeerName());
+
+          if (!remoteContact.isInactive() && (!localContact.isPresent() || client.getPeerName().equals(localContact.get().getRelay()))) {
+            contactsAdded++;
+            directory.add(handle, remoteContact);
+          } else {
+            if (localContact.isPresent() && client.getPeerName().equals(localContact.get().getRelay())) {
+              contactsRemoved++;
+              directory.remove(handle, remoteContact.getToken());
+            }
+          }
+        }
+
+        directory.stopBatchOperation(handle);
+
+        retrieved += remoteContacts.size();
+        logger.info("Processed: " + retrieved + " remote tokens.");
      }
+
+      logger.info("Update from peer complete.");
    }

    logger.info("Update from peer directories complete.");
+    logger.info(String.format("Added %d and removed %d remove contacts.", contactsAdded, contactsRemoved));
  }
 }
--- a/src/main/resources/migrations.xml
+++ b/src/main/resources/migrations.xml
@@ -142,4 +142,33 @@
        </createIndex>

    </changeSet>
+
+    <changeSet id="3" author="moxie">
+        <sql>CREATE OR REPLACE FUNCTION "custom_json_object_set_key"(
+            "json"          json,
+            "key_to_set"    TEXT,
+            "value_to_set"  anyelement
+            )
+            RETURNS json
+            LANGUAGE sql
+            IMMUTABLE
+            STRICT
+            AS $function$
+            SELECT COALESCE(
+            (SELECT ('{' || string_agg(to_json("key") || ':' || "value", ',') || '}')
+            FROM (SELECT *
+            FROM json_each("json")
+            WHERE "key" &lt;&gt; "key_to_set"
+            UNION ALL
+            SELECT "key_to_set", to_json("value_to_set")) AS "fields"),
+            '{}'
+            )::json
+            $function$;</sql>
+        <sql>UPDATE accounts SET data = custom_json_object_set_key(data, 'identityKey', k.identity_key) FROM keys k WHERE (data->>'identityKey')::text is null AND k.number = data->>'number' AND k.last_resort = 1;</sql>
+        <sql>UPDATE accounts SET data = custom_json_object_set_key(data, 'identityKey', k.identity_key) FROM keys k WHERE (data->>'identityKey')::text is null AND k.number = data->>'number';</sql>
+    </changeSet>
+
+    <changeSet id="4" author="moxie">
+        <dropColumn tableName="keys" columnName="identity_key"/>
+    </changeSet>
 </databaseChangeLog>
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/AccountControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/AccountControllerTest.java
@@ -2,7 +2,8 @@ package org.whispersystems.textsecuregcm.tests.controllers;

 import com.google.common.base.Optional;
 import com.sun.jersey.api.client.ClientResponse;
-import com.yammer.dropwizard.testing.ResourceTest;
+import org.junit.Before;
+import org.junit.Rule;
 import org.junit.Test;
 import org.whispersystems.textsecuregcm.controllers.AccountController;
 import org.whispersystems.textsecuregcm.entities.AccountAttributes;
@@ -12,15 +13,17 @@ import org.whispersystems.textsecuregcm.sms.SmsSender;
 import org.whispersystems.textsecuregcm.storage.Account;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.PendingAccountsManager;
+import org.whispersystems.textsecuregcm.storage.StoredMessages;
 import org.whispersystems.textsecuregcm.tests.util.AuthHelper;

 import javax.ws.rs.core.MediaType;

+import io.dropwizard.testing.junit.ResourceTestRule;
 import static org.fest.assertions.api.Assertions.assertThat;
 import static org.mockito.Matchers.anyString;
 import static org.mockito.Mockito.*;

-public class AccountControllerTest extends ResourceTest {
+public class AccountControllerTest {

  private static final String SENDER = "+14152222222";

@@ -29,27 +32,32 @@ public class AccountControllerTest extends ResourceTest {
  private RateLimiters           rateLimiters           = mock(RateLimiters.class          );
  private RateLimiter            rateLimiter            = mock(RateLimiter.class           );
  private SmsSender              smsSender              = mock(SmsSender.class             );
+  private StoredMessages         storedMessages         = mock(StoredMessages.class        );

-  @Override
-  protected void setUpResources() throws Exception {
-    addProvider(AuthHelper.getAuthenticator());
+  @Rule
+  public final ResourceTestRule resources = ResourceTestRule.builder()
+                                                            .addProvider(AuthHelper.getAuthenticator())
+                                                            .addResource(new AccountController(pendingAccountsManager,
+                                                                                               accountsManager,
+                                                                                               rateLimiters,
+                                                                                               smsSender,
+                                                                                               storedMessages))
+                                                            .build();

+
+  @Before
+  public void setup() throws Exception {
    when(rateLimiters.getSmsDestinationLimiter()).thenReturn(rateLimiter);
    when(rateLimiters.getVoiceDestinationLimiter()).thenReturn(rateLimiter);
    when(rateLimiters.getVerifyLimiter()).thenReturn(rateLimiter);

    when(pendingAccountsManager.getCodeForNumber(SENDER)).thenReturn(Optional.of("1234"));
-
-    addResource(new AccountController(pendingAccountsManager,
-                                      accountsManager,
-                                      rateLimiters,
-                                      smsSender));
  }

  @Test
  public void testSendCode() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/accounts/sms/code/%s", SENDER))
+        resources.client().resource(String.format("/v1/accounts/sms/code/%s", SENDER))
            .get(ClientResponse.class);

    assertThat(response.getStatus()).isEqualTo(200);
@@ -60,7 +68,7 @@ public class AccountControllerTest extends ResourceTest {
  @Test
  public void testVerifyCode() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/accounts/code/%s", "1234"))
+        resources.client().resource(String.format("/v1/accounts/code/%s", "1234"))
            .header("Authorization", AuthHelper.getAuthHeader(SENDER, "bar"))
            .entity(new AccountAttributes("keykeykeykey", false, false, 2222))
            .type(MediaType.APPLICATION_JSON_TYPE)
@@ -68,13 +76,13 @@ public class AccountControllerTest extends ResourceTest {

    assertThat(response.getStatus()).isEqualTo(204);

-    verify(accountsManager).create(isA(Account.class));
+    verify(accountsManager, times(1)).create(isA(Account.class));
  }

  @Test
  public void testVerifyBadCode() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/accounts/code/%s", "1111"))
+        resources.client().resource(String.format("/v1/accounts/code/%s", "1111"))
            .header("Authorization", AuthHelper.getAuthHeader(SENDER, "bar"))
            .entity(new AccountAttributes("keykeykeykey", false, false, 3333))
            .type(MediaType.APPLICATION_JSON_TYPE)
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/DeviceControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/DeviceControllerTest.java
@@ -17,7 +17,8 @@
 package org.whispersystems.textsecuregcm.tests.controllers;

 import com.google.common.base.Optional;
-import com.yammer.dropwizard.testing.ResourceTest;
+import org.junit.Before;
+import org.junit.Rule;
 import org.junit.Test;
 import org.whispersystems.textsecuregcm.controllers.DeviceController;
 import org.whispersystems.textsecuregcm.entities.AccountAttributes;
@@ -33,10 +34,11 @@ import org.whispersystems.textsecuregcm.util.VerificationCode;
 import javax.ws.rs.Path;
 import javax.ws.rs.core.MediaType;

+import io.dropwizard.testing.junit.ResourceTestRule;
 import static org.fest.assertions.api.Assertions.assertThat;
 import static org.mockito.Mockito.*;

-public class DeviceControllerTest extends ResourceTest {
+public class DeviceControllerTest {
  @Path("/v1/devices")
  static class DumbVerificationDeviceController extends DeviceController {
    public DumbVerificationDeviceController(PendingDevicesManager pendingDevices, AccountsManager accounts, RateLimiters rateLimiters) {
@@ -55,10 +57,17 @@ public class DeviceControllerTest extends ResourceTest {
  private RateLimiter           rateLimiter           = mock(RateLimiter.class           );
  private Account               account               = mock(Account.class               );

-  @Override
-  protected void setUpResources() throws Exception {
-    addProvider(AuthHelper.getAuthenticator());
+  @Rule
+  public final ResourceTestRule resources = ResourceTestRule.builder()
+                                                            .addProvider(AuthHelper.getAuthenticator())
+                                                            .addResource(new DumbVerificationDeviceController(pendingDevicesManager,
+                                                                                                              accountsManager,
+                                                                                                              rateLimiters))
+                                                            .build();

+
+  @Before
+  public void setup() throws Exception {
    when(rateLimiters.getSmsDestinationLimiter()).thenReturn(rateLimiter);
    when(rateLimiters.getVoiceDestinationLimiter()).thenReturn(rateLimiter);
    when(rateLimiters.getVerifyLimiter()).thenReturn(rateLimiter);
@@ -69,19 +78,17 @@ public class DeviceControllerTest extends ResourceTest {

    when(pendingDevicesManager.getCodeForNumber(AuthHelper.VALID_NUMBER)).thenReturn(Optional.of("5678901"));
    when(accountsManager.get(AuthHelper.VALID_NUMBER)).thenReturn(Optional.of(account));
-
-    addResource(new DumbVerificationDeviceController(pendingDevicesManager, accountsManager, rateLimiters));
  }

  @Test
  public void validDeviceRegisterTest() throws Exception {
-    VerificationCode deviceCode = client().resource("/v1/devices/provisioning_code")
+    VerificationCode deviceCode = resources.client().resource("/v1/devices/provisioning_code")
        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
        .get(VerificationCode.class);

    assertThat(deviceCode).isEqualTo(new VerificationCode(5678901));

-    DeviceResponse response = client().resource("/v1/devices/5678901")
+    DeviceResponse response = resources.client().resource("/v1/devices/5678901")
        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, "password1"))
        .entity(new AccountAttributes("keykeykeykey", false, true, 1234))
        .type(MediaType.APPLICATION_JSON_TYPE)
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/DirectoryControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/DirectoryControllerTest.java
@@ -0,0 +1,80 @@
+package org.whispersystems.textsecuregcm.tests.controllers;
+
+import com.sun.jersey.api.client.ClientResponse;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.mockito.invocation.InvocationOnMock;
+import org.mockito.stubbing.Answer;
+import org.whispersystems.textsecuregcm.controllers.DirectoryController;
+import org.whispersystems.textsecuregcm.entities.ClientContactTokens;
+import org.whispersystems.textsecuregcm.limits.RateLimiter;
+import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import org.whispersystems.textsecuregcm.storage.DirectoryManager;
+import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
+import org.whispersystems.textsecuregcm.util.Base64;
+
+import javax.ws.rs.core.MediaType;
+import java.util.LinkedList;
+import java.util.List;
+
+import io.dropwizard.testing.junit.ResourceTestRule;
+import static org.fest.assertions.api.Assertions.assertThat;
+import static org.mockito.Matchers.anyList;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public class DirectoryControllerTest {
+
+  private final RateLimiters     rateLimiters     = mock(RateLimiters.class    );
+  private final RateLimiter      rateLimiter      = mock(RateLimiter.class     );
+  private final DirectoryManager directoryManager = mock(DirectoryManager.class);
+
+  @Rule
+  public final ResourceTestRule resources = ResourceTestRule.builder()
+                                                            .addProvider(AuthHelper.getAuthenticator())
+                                                            .addResource(new DirectoryController(rateLimiters,
+                                                                                                 directoryManager))
+                                                            .build();
+
+
+  @Before
+  public void setup() throws Exception {
+    when(rateLimiters.getContactsLimiter()).thenReturn(rateLimiter);
+    when(directoryManager.get(anyList())).thenAnswer(new Answer<List<byte[]>>() {
+      @Override
+      public List<byte[]> answer(InvocationOnMock invocationOnMock) throws Throwable {
+        List<byte[]> query = (List<byte[]>) invocationOnMock.getArguments()[0];
+        List<byte[]> response = new LinkedList<>(query);
+        response.remove(0);
+        return response;
+      }
+    });
+  }
+
+  @Test
+  public void testContactIntersection() throws Exception {
+    List<String> tokens = new LinkedList<String>() {{
+      add(Base64.encodeBytes("foo".getBytes()));
+      add(Base64.encodeBytes("bar".getBytes()));
+      add(Base64.encodeBytes("baz".getBytes()));
+    }};
+
+    List<String> expectedResponse = new LinkedList<>(tokens);
+    expectedResponse.remove(0);
+
+    ClientResponse response =
+        resources.client().resource("/v1/directory/tokens/")
+                 .entity(new ClientContactTokens(tokens))
+                 .type(MediaType.APPLICATION_JSON_TYPE)
+                 .header("Authorization",
+                         AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER,
+                                                  AuthHelper.VALID_PASSWORD))
+                 .put(ClientResponse.class);
+
+
+    assertThat(response.getStatus()).isEqualTo(200);
+    assertThat(response.getEntity(ClientContactTokens.class).getContacts()).isEqualTo(expectedResponse);
+  }
+}
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/FederatedControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/FederatedControllerTest.java
@@ -4,12 +4,19 @@ package org.whispersystems.textsecuregcm.tests.controllers;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.base.Optional;
 import com.sun.jersey.api.client.ClientResponse;
-import com.yammer.dropwizard.testing.ResourceTest;
+import org.hamcrest.CoreMatchers;
+import org.junit.Before;
+import org.junit.Rule;
 import org.junit.Test;
-import org.whispersystems.textsecuregcm.controllers.FederationController;
+import org.whispersystems.textsecuregcm.controllers.FederationControllerV1;
+import org.whispersystems.textsecuregcm.controllers.FederationControllerV2;
+import org.whispersystems.textsecuregcm.controllers.KeysControllerV2;
 import org.whispersystems.textsecuregcm.controllers.MessageController;
 import org.whispersystems.textsecuregcm.entities.IncomingMessageList;
 import org.whispersystems.textsecuregcm.entities.MessageProtos;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseItemV2;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV2;
+import org.whispersystems.textsecuregcm.entities.SignedPreKey;
 import org.whispersystems.textsecuregcm.federation.FederatedClientManager;
 import org.whispersystems.textsecuregcm.limits.RateLimiter;
 import org.whispersystems.textsecuregcm.limits.RateLimiters;
@@ -23,17 +30,16 @@ import javax.ws.rs.core.MediaType;
 import java.util.LinkedList;
 import java.util.List;

-import static com.yammer.dropwizard.testing.JsonHelpers.jsonFixture;
+import io.dropwizard.testing.junit.ResourceTestRule;
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.mockito.Matchers.any;
 import static org.mockito.Matchers.eq;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.*;
+import static org.whispersystems.textsecuregcm.tests.util.JsonHelpers.jsonFixture;

-public class FederatedControllerTest extends ResourceTest {
+public class FederatedControllerTest {

  private static final String SINGLE_DEVICE_RECIPIENT = "+14151111111";
  private static final String MULTI_DEVICE_RECIPIENT  = "+14152222222";
@@ -44,19 +50,32 @@ public class FederatedControllerTest extends ResourceTest {
  private RateLimiters           rateLimiters           = mock(RateLimiters.class          );
  private RateLimiter            rateLimiter            = mock(RateLimiter.class           );

+  private final SignedPreKey signedPreKey = new SignedPreKey(3333, "foo", "baar");
+  private final PreKeyResponseV2 preKeyResponseV2 = new PreKeyResponseV2("foo", new LinkedList<PreKeyResponseItemV2>());
+
  private final ObjectMapper mapper = new ObjectMapper();

-  @Override
-  protected void setUpResources() throws Exception {
-    addProvider(AuthHelper.getAuthenticator());
+  private final MessageController messageController = new MessageController(rateLimiters, pushSender, accountsManager, federatedClientManager);
+  private final KeysControllerV2  keysControllerV2  = mock(KeysControllerV2.class);

+  @Rule
+  public final ResourceTestRule resources = ResourceTestRule.builder()
+                                                            .addProvider(AuthHelper.getAuthenticator())
+                                                            .addResource(new FederationControllerV1(accountsManager, null, messageController, null))
+                                                            .addResource(new FederationControllerV2(accountsManager, null, messageController, keysControllerV2))
+                                                            .build();
+
+
+
+  @Before
+  public void setup() throws Exception {
    List<Device> singleDeviceList = new LinkedList<Device>() {{
-      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 111));
+      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 111, null));
    }};

    List<Device> multiDeviceList = new LinkedList<Device>() {{
-      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 222));
-      add(new Device(2, "foo", "bar", "baz", "isgcm", null, false, 333));
+      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 222, null));
+      add(new Device(2, "foo", "bar", "baz", "isgcm", null, false, 333, null));
    }};

    Account singleDeviceAccount = new Account(SINGLE_DEVICE_RECIPIENT, false, singleDeviceList);
@@ -67,14 +86,15 @@ public class FederatedControllerTest extends ResourceTest {

    when(rateLimiters.getMessagesLimiter()).thenReturn(rateLimiter);

-    MessageController messageController = new MessageController(rateLimiters, pushSender, accountsManager, federatedClientManager);
-    addResource(new FederationController(accountsManager, null, null, messageController));
+    when(keysControllerV2.getSignedKey(any(Account.class))).thenReturn(Optional.of(signedPreKey));
+    when(keysControllerV2.getDeviceKeys(any(Account.class), anyString(), anyString(), any(Optional.class)))
+        .thenReturn(Optional.of(preKeyResponseV2));
  }

  @Test
  public void testSingleDeviceCurrent() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/federation/messages/+14152223333/1/%s", SINGLE_DEVICE_RECIPIENT))
+        resources.client().resource(String.format("/v1/federation/messages/+14152223333/1/%s", SINGLE_DEVICE_RECIPIENT))
            .header("Authorization", AuthHelper.getAuthHeader("cyanogen", "foofoo"))
            .entity(mapper.readValue(jsonFixture("fixtures/current_message_single_device.json"), IncomingMessageList.class))
            .type(MediaType.APPLICATION_JSON_TYPE)
@@ -85,5 +105,14 @@ public class FederatedControllerTest extends ResourceTest {
    verify(pushSender).sendMessage(any(Account.class), any(Device.class), any(MessageProtos.OutgoingMessageSignal.class));
  }

+  @Test
+  public void testSignedPreKeyV2() throws Exception {
+    PreKeyResponseV2 response =
+        resources.client().resource("/v2/federation/key/+14152223333/1")
+                 .header("Authorization", AuthHelper.getAuthHeader("cyanogen", "foofoo"))
+                 .get(PreKeyResponseV2.class);
+
+    assertThat("good response", response.getIdentityKey().equals(preKeyResponseV2.getIdentityKey()));
+  }

 }
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/KeyControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/KeyControllerTest.java
@@ -2,123 +2,286 @@ package org.whispersystems.textsecuregcm.tests.controllers;

 import com.google.common.base.Optional;
 import com.sun.jersey.api.client.ClientResponse;
-import com.yammer.dropwizard.testing.ResourceTest;
+import org.junit.Before;
+import org.junit.Rule;
 import org.junit.Test;
-import org.whispersystems.textsecuregcm.controllers.KeysController;
-import org.whispersystems.textsecuregcm.entities.PreKey;
-import org.whispersystems.textsecuregcm.entities.UnstructuredPreKeyList;
+import org.mockito.ArgumentCaptor;
+import org.whispersystems.textsecuregcm.controllers.KeysControllerV1;
+import org.whispersystems.textsecuregcm.controllers.KeysControllerV2;
+import org.whispersystems.textsecuregcm.entities.SignedPreKey;
+import org.whispersystems.textsecuregcm.entities.PreKeyCount;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyResponseV2;
+import org.whispersystems.textsecuregcm.entities.PreKeyStateV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyStateV2;
+import org.whispersystems.textsecuregcm.entities.PreKeyV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyV2;
 import org.whispersystems.textsecuregcm.limits.RateLimiter;
 import org.whispersystems.textsecuregcm.limits.RateLimiters;
 import org.whispersystems.textsecuregcm.storage.Account;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.KeyRecord;
 import org.whispersystems.textsecuregcm.storage.Keys;
 import org.whispersystems.textsecuregcm.tests.util.AuthHelper;

+import javax.ws.rs.core.MediaType;
 import java.util.LinkedList;
 import java.util.List;

+import io.dropwizard.testing.junit.ResourceTestRule;
 import static org.fest.assertions.api.Assertions.assertThat;
 import static org.mockito.Mockito.*;

-public class KeyControllerTest extends ResourceTest {
+public class KeyControllerTest {

-  private final String EXISTS_NUMBER     = "+14152222222";
-  private final String NOT_EXISTS_NUMBER = "+14152222220";
+  private static final String EXISTS_NUMBER     = "+14152222222";
+  private static String NOT_EXISTS_NUMBER = "+14152222220";

-  private final int SAMPLE_REGISTRATION_ID  =  999;
-  private final int SAMPLE_REGISTRATION_ID2 = 1002;
+  private static int SAMPLE_REGISTRATION_ID  =  999;
+  private static int SAMPLE_REGISTRATION_ID2 = 1002;
+  private static int SAMPLE_REGISTRATION_ID4 = 1555;

-  private final PreKey          SAMPLE_KEY  = new PreKey(1, EXISTS_NUMBER, Device.MASTER_ID, 1234, "test1", "test2", false);
-  private final PreKey          SAMPLE_KEY2 = new PreKey(2, EXISTS_NUMBER, 2, 5667, "test3", "test4", false               );
-  private final PreKey          SAMPLE_KEY3 = new PreKey(3, EXISTS_NUMBER, 3, 334, "test5", "test6", false);
-  private final Keys            keys        = mock(Keys.class           );
-  private final AccountsManager accounts    = mock(AccountsManager.class);
+  private final KeyRecord SAMPLE_KEY    = new KeyRecord(1, EXISTS_NUMBER, Device.MASTER_ID, 1234, "test1", false);
+  private final KeyRecord SAMPLE_KEY2   = new KeyRecord(2, EXISTS_NUMBER, 2, 5667, "test3", false               );
+  private final KeyRecord SAMPLE_KEY3   = new KeyRecord(3, EXISTS_NUMBER, 3, 334, "test5", false                );
+  private final KeyRecord SAMPLE_KEY4   = new KeyRecord(4, EXISTS_NUMBER, 4, 336, "test6", false                );

-  @Override
-  protected void setUpResources() {
-    addProvider(AuthHelper.getAuthenticator());

-    RateLimiters    rateLimiters = mock(RateLimiters.class);
-    RateLimiter     rateLimiter  = mock(RateLimiter.class );
+  private final SignedPreKey SAMPLE_SIGNED_KEY  = new SignedPreKey(1111, "foofoo", "sig11");
+  private final SignedPreKey SAMPLE_SIGNED_KEY2 = new SignedPreKey(2222, "foobar", "sig22");
+  private final SignedPreKey SAMPLE_SIGNED_KEY3 = new SignedPreKey(3333, "barfoo", "sig33");

-    Device  sampleDevice  = mock(Device.class );
-    Device  sampleDevice2 = mock(Device.class);
-    Device  sampleDevice3 = mock(Device.class);
-    Account existsAccount = mock(Account.class);
+  private final Keys            keys          = mock(Keys.class           );
+  private final AccountsManager accounts      = mock(AccountsManager.class);
+  private final Account         existsAccount = mock(Account.class        );
+
+  private RateLimiters          rateLimiters  = mock(RateLimiters.class);
+  private RateLimiter           rateLimiter   = mock(RateLimiter.class );
+
+  @Rule
+  public final ResourceTestRule resources = ResourceTestRule.builder()
+                                                            .addProvider(AuthHelper.getAuthenticator())
+                                                            .addResource(new KeysControllerV1(rateLimiters, keys, accounts, null))
+                                                            .addResource(new KeysControllerV2(rateLimiters, keys, accounts, null))
+                                                            .build();
+
+  @Before
+  public void setup() {
+    final Device sampleDevice  = mock(Device.class);
+    final Device sampleDevice2 = mock(Device.class);
+    final Device sampleDevice3 = mock(Device.class);
+    final Device sampleDevice4 = mock(Device.class);
+
+    List<Device> allDevices = new LinkedList<Device>() {{
+      add(sampleDevice);
+      add(sampleDevice2);
+      add(sampleDevice3);
+      add(sampleDevice4);
+    }};

    when(sampleDevice.getRegistrationId()).thenReturn(SAMPLE_REGISTRATION_ID);
    when(sampleDevice2.getRegistrationId()).thenReturn(SAMPLE_REGISTRATION_ID2);
    when(sampleDevice3.getRegistrationId()).thenReturn(SAMPLE_REGISTRATION_ID2);
+    when(sampleDevice4.getRegistrationId()).thenReturn(SAMPLE_REGISTRATION_ID4);
    when(sampleDevice.isActive()).thenReturn(true);
    when(sampleDevice2.isActive()).thenReturn(true);
    when(sampleDevice3.isActive()).thenReturn(false);
+    when(sampleDevice4.isActive()).thenReturn(true);
+    when(sampleDevice.getSignedPreKey()).thenReturn(SAMPLE_SIGNED_KEY);
+    when(sampleDevice2.getSignedPreKey()).thenReturn(SAMPLE_SIGNED_KEY2);
+    when(sampleDevice3.getSignedPreKey()).thenReturn(SAMPLE_SIGNED_KEY3);
+    when(sampleDevice4.getSignedPreKey()).thenReturn(null);
+    when(sampleDevice.getId()).thenReturn(1L);
+    when(sampleDevice2.getId()).thenReturn(2L);
+    when(sampleDevice3.getId()).thenReturn(3L);
+    when(sampleDevice4.getId()).thenReturn(4L);

    when(existsAccount.getDevice(1L)).thenReturn(Optional.of(sampleDevice));
    when(existsAccount.getDevice(2L)).thenReturn(Optional.of(sampleDevice2));
    when(existsAccount.getDevice(3L)).thenReturn(Optional.of(sampleDevice3));
+    when(existsAccount.getDevice(4L)).thenReturn(Optional.of(sampleDevice4));
+    when(existsAccount.getDevice(22L)).thenReturn(Optional.<Device>absent());
+    when(existsAccount.getDevices()).thenReturn(allDevices);
    when(existsAccount.isActive()).thenReturn(true);
+    when(existsAccount.getIdentityKey()).thenReturn("existsidentitykey");

    when(accounts.get(EXISTS_NUMBER)).thenReturn(Optional.of(existsAccount));
    when(accounts.get(NOT_EXISTS_NUMBER)).thenReturn(Optional.<Account>absent());

    when(rateLimiters.getPreKeysLimiter()).thenReturn(rateLimiter);

-    when(keys.get(eq(EXISTS_NUMBER), eq(1L))).thenReturn(Optional.of(new UnstructuredPreKeyList(SAMPLE_KEY)));
-    when(keys.get(eq(NOT_EXISTS_NUMBER), eq(1L))).thenReturn(Optional.<UnstructuredPreKeyList>absent());
+    List<KeyRecord> singleDevice = new LinkedList<>();
+    singleDevice.add(SAMPLE_KEY);
+    when(keys.get(eq(EXISTS_NUMBER), eq(1L))).thenReturn(Optional.of(singleDevice));

-    List<PreKey> allKeys = new LinkedList<>();
-    allKeys.add(SAMPLE_KEY);
-    allKeys.add(SAMPLE_KEY2);
-    allKeys.add(SAMPLE_KEY3);
-    when(keys.get(EXISTS_NUMBER)).thenReturn(Optional.of(new UnstructuredPreKeyList(allKeys)));
+    when(keys.get(eq(NOT_EXISTS_NUMBER), eq(1L))).thenReturn(Optional.<List<KeyRecord>>absent());

-    addResource(new KeysController(rateLimiters, keys, accounts, null));
+    List<KeyRecord> multiDevice = new LinkedList<>();
+    multiDevice.add(SAMPLE_KEY);
+    multiDevice.add(SAMPLE_KEY2);
+    multiDevice.add(SAMPLE_KEY3);
+    multiDevice.add(SAMPLE_KEY4);
+    when(keys.get(EXISTS_NUMBER)).thenReturn(Optional.of(multiDevice));
+
+    when(keys.getCount(eq(AuthHelper.VALID_NUMBER), eq(1L))).thenReturn(5);
+
+    when(AuthHelper.VALID_DEVICE.getSignedPreKey()).thenReturn(new SignedPreKey(89898, "zoofarb", "sigvalid"));
+    when(AuthHelper.VALID_ACCOUNT.getIdentityKey()).thenReturn(null);
+  }
+
+  @Test
+  public void validKeyStatusTestV1() throws Exception {
+    PreKeyCount result = resources.client().resource("/v1/keys")
+        .header("Authorization",
+                AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+        .get(PreKeyCount.class);
+
+    assertThat(result.getCount() == 4);
+
+    verify(keys).getCount(eq(AuthHelper.VALID_NUMBER), eq(1L));
+  }
+
+  @Test
+  public void validKeyStatusTestV2() throws Exception {
+    PreKeyCount result = resources.client().resource("/v2/keys")
+                                  .header("Authorization",
+                                          AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                  .get(PreKeyCount.class);
+
+    assertThat(result.getCount() == 4);
+
+    verify(keys).getCount(eq(AuthHelper.VALID_NUMBER), eq(1L));
+  }
+
+  @Test
+  public void getSignedPreKeyV2() throws Exception {
+    SignedPreKey result = resources.client().resource("/v2/keys/signed")
+                                   .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                   .get(SignedPreKey.class);
+
+    assertThat(result.equals(SAMPLE_SIGNED_KEY));
+  }
+
+  @Test
+  public void putSignedPreKeyV2() throws Exception {
+    SignedPreKey   test     = new SignedPreKey(9999, "fooozzz", "baaarzzz");
+    ClientResponse response = resources.client().resource("/v2/keys/signed")
+                                       .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                       .type(MediaType.APPLICATION_JSON_TYPE)
+                                       .put(ClientResponse.class, test);
+
+    assertThat(response.getStatus() == 204);
+
+    verify(AuthHelper.VALID_DEVICE).setSignedPreKey(eq(test));
+    verify(accounts).update(eq(AuthHelper.VALID_ACCOUNT));
  }

  @Test
  public void validLegacyRequestTest() throws Exception {
-    PreKey result = client().resource(String.format("/v1/keys/%s", EXISTS_NUMBER))
+    PreKeyV1 result = resources.client().resource(String.format("/v1/keys/%s", EXISTS_NUMBER))
        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
-        .get(PreKey.class);
+        .get(PreKeyV1.class);

    assertThat(result.getKeyId()).isEqualTo(SAMPLE_KEY.getKeyId());
    assertThat(result.getPublicKey()).isEqualTo(SAMPLE_KEY.getPublicKey());
-    assertThat(result.getIdentityKey()).isEqualTo(SAMPLE_KEY.getIdentityKey());
-
-    assertThat(result.getId() == 0);
-    assertThat(result.getNumber() == null);
+    assertThat(result.getIdentityKey()).isEqualTo(existsAccount.getIdentityKey());

    verify(keys).get(eq(EXISTS_NUMBER), eq(1L));
    verifyNoMoreInteractions(keys);
  }

  @Test
-  public void validMultiRequestTest() throws Exception {
-    UnstructuredPreKeyList results = client().resource(String.format("/v1/keys/%s/*", EXISTS_NUMBER))
+  public void validSingleRequestTestV2() throws Exception {
+    PreKeyResponseV2 result = resources.client().resource(String.format("/v2/keys/%s/1", EXISTS_NUMBER))
+                                       .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                       .get(PreKeyResponseV2.class);
+
+    assertThat(result.getIdentityKey()).isEqualTo(existsAccount.getIdentityKey());
+    assertThat(result.getDevices().size()).isEqualTo(1);
+    assertThat(result.getDevices().get(0).getPreKey().getKeyId()).isEqualTo(SAMPLE_KEY.getKeyId());
+    assertThat(result.getDevices().get(0).getPreKey().getPublicKey()).isEqualTo(SAMPLE_KEY.getPublicKey());
+    assertThat(result.getDevices().get(0).getSignedPreKey()).isEqualTo(existsAccount.getDevice(1).get().getSignedPreKey());
+
+    verify(keys).get(eq(EXISTS_NUMBER), eq(1L));
+    verifyNoMoreInteractions(keys);
+  }
+
+
+  @Test
+  public void validMultiRequestTestV1() throws Exception {
+    PreKeyResponseV1 results = resources.client().resource(String.format("/v1/keys/%s/*", EXISTS_NUMBER))
        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
-        .get(UnstructuredPreKeyList.class);
+        .get(PreKeyResponseV1.class);

-    assertThat(results.getKeys().size()).isEqualTo(2);
+    assertThat(results.getKeys().size()).isEqualTo(3);

-    PreKey result = results.getKeys().get(0);
+    PreKeyV1 result = results.getKeys().get(0);

    assertThat(result.getKeyId()).isEqualTo(SAMPLE_KEY.getKeyId());
    assertThat(result.getPublicKey()).isEqualTo(SAMPLE_KEY.getPublicKey());
-    assertThat(result.getIdentityKey()).isEqualTo(SAMPLE_KEY.getIdentityKey());
+    assertThat(result.getIdentityKey()).isEqualTo(existsAccount.getIdentityKey());
    assertThat(result.getRegistrationId()).isEqualTo(SAMPLE_REGISTRATION_ID);

-    assertThat(result.getId() == 0);
-    assertThat(result.getNumber() == null);
-
    result = results.getKeys().get(1);
    assertThat(result.getKeyId()).isEqualTo(SAMPLE_KEY2.getKeyId());
    assertThat(result.getPublicKey()).isEqualTo(SAMPLE_KEY2.getPublicKey());
-    assertThat(result.getIdentityKey()).isEqualTo(SAMPLE_KEY2.getIdentityKey());
+    assertThat(result.getIdentityKey()).isEqualTo(existsAccount.getIdentityKey());
    assertThat(result.getRegistrationId()).isEqualTo(SAMPLE_REGISTRATION_ID2);

-    assertThat(result.getId() == 0);
-    assertThat(result.getNumber() == null);
+    result = results.getKeys().get(2);
+    assertThat(result.getKeyId()).isEqualTo(SAMPLE_KEY4.getKeyId());
+    assertThat(result.getPublicKey()).isEqualTo(SAMPLE_KEY4.getPublicKey());
+    assertThat(result.getIdentityKey()).isEqualTo(existsAccount.getIdentityKey());
+    assertThat(result.getRegistrationId()).isEqualTo(SAMPLE_REGISTRATION_ID4);
+
+    verify(keys).get(eq(EXISTS_NUMBER));
+    verifyNoMoreInteractions(keys);
+  }
+
+  @Test
+  public void validMultiRequestTestV2() throws Exception {
+    PreKeyResponseV2 results = resources.client().resource(String.format("/v2/keys/%s/*", EXISTS_NUMBER))
+                                        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                        .get(PreKeyResponseV2.class);
+
+    assertThat(results.getDevices().size()).isEqualTo(3);
+    assertThat(results.getIdentityKey()).isEqualTo(existsAccount.getIdentityKey());
+
+    PreKeyV2 signedPreKey   = results.getDevices().get(0).getSignedPreKey();
+    PreKeyV2 preKey         = results.getDevices().get(0).getPreKey();
+    long     registrationId = results.getDevices().get(0).getRegistrationId();
+    long     deviceId       = results.getDevices().get(0).getDeviceId();
+
+    assertThat(preKey.getKeyId()).isEqualTo(SAMPLE_KEY.getKeyId());
+    assertThat(preKey.getPublicKey()).isEqualTo(SAMPLE_KEY.getPublicKey());
+    assertThat(registrationId).isEqualTo(SAMPLE_REGISTRATION_ID);
+    assertThat(signedPreKey.getKeyId()).isEqualTo(SAMPLE_SIGNED_KEY.getKeyId());
+    assertThat(signedPreKey.getPublicKey()).isEqualTo(SAMPLE_SIGNED_KEY.getPublicKey());
+    assertThat(deviceId).isEqualTo(1);
+
+    signedPreKey   = results.getDevices().get(1).getSignedPreKey();
+    preKey         = results.getDevices().get(1).getPreKey();
+    registrationId = results.getDevices().get(1).getRegistrationId();
+    deviceId       = results.getDevices().get(1).getDeviceId();
+
+    assertThat(preKey.getKeyId()).isEqualTo(SAMPLE_KEY2.getKeyId());
+    assertThat(preKey.getPublicKey()).isEqualTo(SAMPLE_KEY2.getPublicKey());
+    assertThat(registrationId).isEqualTo(SAMPLE_REGISTRATION_ID2);
+    assertThat(signedPreKey.getKeyId()).isEqualTo(SAMPLE_SIGNED_KEY2.getKeyId());
+    assertThat(signedPreKey.getPublicKey()).isEqualTo(SAMPLE_SIGNED_KEY2.getPublicKey());
+    assertThat(deviceId).isEqualTo(2);
+
+    signedPreKey   = results.getDevices().get(2).getSignedPreKey();
+    preKey         = results.getDevices().get(2).getPreKey();
+    registrationId = results.getDevices().get(2).getRegistrationId();
+    deviceId       = results.getDevices().get(2).getDeviceId();
+
+    assertThat(preKey.getKeyId()).isEqualTo(SAMPLE_KEY4.getKeyId());
+    assertThat(preKey.getPublicKey()).isEqualTo(SAMPLE_KEY4.getPublicKey());
+    assertThat(registrationId).isEqualTo(SAMPLE_REGISTRATION_ID4);
+    assertThat(signedPreKey).isNull();
+    assertThat(deviceId).isEqualTo(4);

    verify(keys).get(eq(EXISTS_NUMBER));
    verifyNoMoreInteractions(keys);
@@ -126,28 +289,135 @@ public class KeyControllerTest extends ResourceTest {


  @Test
-  public void invalidRequestTest() throws Exception {
-    ClientResponse response = client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
+  public void invalidRequestTestV1() throws Exception {
+    ClientResponse response = resources.client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
        .get(ClientResponse.class);

-    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(404);
+    assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(404);
  }

  @Test
-  public void unauthorizedRequestTest() throws Exception {
+  public void invalidRequestTestV2() throws Exception {
+    ClientResponse response = resources.client().resource(String.format("/v2/keys/%s", NOT_EXISTS_NUMBER))
+                                       .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                       .get(ClientResponse.class);
+
+    assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(404);
+  }
+
+  @Test
+  public void anotherInvalidRequestTestV2() throws Exception {
+    ClientResponse response = resources.client().resource(String.format("/v2/keys/%s/22", EXISTS_NUMBER))
+                                       .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                                       .get(ClientResponse.class);
+
+    assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(404);
+  }
+
+  @Test
+  public void unauthorizedRequestTestV1() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
+        resources.client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.INVALID_PASSWORD))
            .get(ClientResponse.class);

-    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(401);
+    assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(401);

    response =
-        client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
+        resources.client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
            .get(ClientResponse.class);

-    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(401);
+    assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(401);
  }

+  @Test
+  public void unauthorizedRequestTestV2() throws Exception {
+    ClientResponse response =
+        resources.client().resource(String.format("/v2/keys/%s/1", EXISTS_NUMBER))
+                 .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.INVALID_PASSWORD))
+                 .get(ClientResponse.class);
+
+    assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(401);
+
+    response =
+        resources.client().resource(String.format("/v2/keys/%s/1", EXISTS_NUMBER))
+                 .get(ClientResponse.class);
+
+    assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(401);
+  }
+
+  @Test
+  public void putKeysTestV1() throws Exception {
+    final PreKeyV1 newKey        = new PreKeyV1(1L, 31337, "foobar", "foobarbaz");
+    final PreKeyV1 lastResortKey = new PreKeyV1(1L, 0xFFFFFF, "fooz", "foobarbaz");
+
+    List<PreKeyV1> preKeys = new LinkedList<PreKeyV1>() {{
+      add(newKey);
+    }};
+
+    PreKeyStateV1 preKeyList = new PreKeyStateV1();
+    preKeyList.setKeys(preKeys);
+    preKeyList.setLastResortKey(lastResortKey);
+
+    ClientResponse response =
+        resources.client().resource("/v1/keys")
+            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+            .type(MediaType.APPLICATION_JSON_TYPE)
+            .put(ClientResponse.class, preKeyList);
+
+    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(204);
+
+    ArgumentCaptor<List>     listCaptor       = ArgumentCaptor.forClass(List.class    );
+    ArgumentCaptor<PreKeyV1> lastResortCaptor = ArgumentCaptor.forClass(PreKeyV1.class);
+    verify(keys).store(eq(AuthHelper.VALID_NUMBER), eq(1L), listCaptor.capture(), lastResortCaptor.capture());
+
+    List<PreKeyV1> capturedList = listCaptor.getValue();
+    assertThat(capturedList.size() == 1);
+    assertThat(capturedList.get(0).getIdentityKey().equals("foobarbaz"));
+    assertThat(capturedList.get(0).getKeyId() == 31337);
+    assertThat(capturedList.get(0).getPublicKey().equals("foobar"));
+
+    assertThat(lastResortCaptor.getValue().getPublicKey().equals("fooz"));
+    assertThat(lastResortCaptor.getValue().getIdentityKey().equals("foobarbaz"));
+
+    verify(AuthHelper.VALID_ACCOUNT).setIdentityKey(eq("foobarbaz"));
+    verify(accounts).update(AuthHelper.VALID_ACCOUNT);
+  }
+
+  @Test
+  public void putKeysTestV2() throws Exception {
+    final PreKeyV2     preKey        = new PreKeyV2(31337, "foobar");
+    final PreKeyV2     lastResortKey = new PreKeyV2(31339, "barbar");
+    final SignedPreKey signedPreKey  = new SignedPreKey(31338, "foobaz", "myvalidsig");
+    final String       identityKey   = "barbar";
+
+    List<PreKeyV2> preKeys = new LinkedList<PreKeyV2>() {{
+      add(preKey);
+    }};
+
+    PreKeyStateV2 preKeyState = new PreKeyStateV2(identityKey, signedPreKey, preKeys, lastResortKey);
+
+    ClientResponse response =
+        resources.client().resource("/v2/keys")
+                 .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                 .type(MediaType.APPLICATION_JSON_TYPE)
+                 .put(ClientResponse.class, preKeyState);
+
+    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(204);
+
+    ArgumentCaptor<List> listCaptor = ArgumentCaptor.forClass(List.class);
+    verify(keys).store(eq(AuthHelper.VALID_NUMBER), eq(1L), listCaptor.capture(), eq(lastResortKey));
+
+    List<PreKeyV2> capturedList = listCaptor.getValue();
+    assertThat(capturedList.size() == 1);
+    assertThat(capturedList.get(0).getKeyId() == 31337);
+    assertThat(capturedList.get(0).getPublicKey().equals("foobar"));
+
+    verify(AuthHelper.VALID_ACCOUNT).setIdentityKey(eq("barbar"));
+    verify(AuthHelper.VALID_DEVICE).setSignedPreKey(eq(signedPreKey));
+    verify(accounts).update(AuthHelper.VALID_ACCOUNT);
+  }
+
+
 }
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/MessageControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/MessageControllerTest.java
@@ -3,10 +3,10 @@ package org.whispersystems.textsecuregcm.tests.controllers;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.base.Optional;
 import com.sun.jersey.api.client.ClientResponse;
-import com.yammer.dropwizard.testing.ResourceTest;
+import org.junit.Before;
+import org.junit.Rule;
 import org.junit.Test;
 import org.whispersystems.textsecuregcm.controllers.MessageController;
-import org.whispersystems.textsecuregcm.entities.AccountAttributes;
 import org.whispersystems.textsecuregcm.entities.IncomingMessageList;
 import org.whispersystems.textsecuregcm.entities.MessageProtos;
 import org.whispersystems.textsecuregcm.entities.MismatchedDevices;
@@ -24,42 +24,46 @@ import javax.ws.rs.core.MediaType;
 import java.util.LinkedList;
 import java.util.List;

-import static com.yammer.dropwizard.testing.JsonHelpers.asJson;
-import static com.yammer.dropwizard.testing.JsonHelpers.jsonFixture;
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.CoreMatchers.is;
+import io.dropwizard.testing.junit.ResourceTestRule;
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
-
 import static org.mockito.Matchers.any;
 import static org.mockito.Matchers.eq;
 import static org.mockito.Mockito.*;
+import static org.whispersystems.textsecuregcm.tests.util.JsonHelpers.asJson;
+import static org.whispersystems.textsecuregcm.tests.util.JsonHelpers.jsonFixture;

-public class MessageControllerTest extends ResourceTest {
+public class MessageControllerTest {

  private static final String SINGLE_DEVICE_RECIPIENT = "+14151111111";
  private static final String MULTI_DEVICE_RECIPIENT  = "+14152222222";

-  private PushSender             pushSender             = mock(PushSender.class            );
-  private FederatedClientManager federatedClientManager = mock(FederatedClientManager.class);
-  private AccountsManager        accountsManager        = mock(AccountsManager.class       );
-  private RateLimiters           rateLimiters           = mock(RateLimiters.class          );
-  private RateLimiter            rateLimiter            = mock(RateLimiter.class           );
+  private  final PushSender             pushSender             = mock(PushSender.class            );
+  private  final FederatedClientManager federatedClientManager = mock(FederatedClientManager.class);
+  private  final AccountsManager        accountsManager        = mock(AccountsManager.class       );
+  private  final RateLimiters           rateLimiters           = mock(RateLimiters.class          );
+  private  final RateLimiter            rateLimiter            = mock(RateLimiter.class           );

-  private final ObjectMapper mapper = new ObjectMapper();
+  private  final ObjectMapper mapper = new ObjectMapper();

-  @Override
-  protected void setUpResources() throws Exception {
-    addProvider(AuthHelper.getAuthenticator());
+  @Rule
+  public final ResourceTestRule resources = ResourceTestRule.builder()
+                                                            .addProvider(AuthHelper.getAuthenticator())
+                                                            .addResource(new MessageController(rateLimiters, pushSender, accountsManager,
+                                                                                               federatedClientManager))
+                                                            .build();

+
+  @Before
+  public void setup() throws Exception {
    List<Device> singleDeviceList = new LinkedList<Device>() {{
-      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 111));
+      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 111, null));
    }};

    List<Device> multiDeviceList = new LinkedList<Device>() {{
-      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 222));
-      add(new Device(2, "foo", "bar", "baz", "isgcm", null, false, 333));
+      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 222, null));
+      add(new Device(2, "foo", "bar", "baz", "isgcm", null, false, 333, null));
    }};

    Account singleDeviceAccount = new Account(SINGLE_DEVICE_RECIPIENT, false, singleDeviceList);
@@ -69,15 +73,12 @@ public class MessageControllerTest extends ResourceTest {
    when(accountsManager.get(eq(MULTI_DEVICE_RECIPIENT))).thenReturn(Optional.of(multiDeviceAccount));

    when(rateLimiters.getMessagesLimiter()).thenReturn(rateLimiter);
-
-    addResource(new MessageController(rateLimiters, pushSender, accountsManager,
-                                      federatedClientManager));
  }

  @Test
-  public void testSingleDeviceLegacy() throws Exception {
+  public synchronized void testSingleDeviceLegacy() throws Exception {
    ClientResponse response =
-        client().resource("/v1/messages/")
+        resources.client().resource("/v1/messages/")
            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
            .entity(mapper.readValue(jsonFixture("fixtures/legacy_message_single_device.json"), IncomingMessageList.class))
            .type(MediaType.APPLICATION_JSON_TYPE)
@@ -85,13 +86,13 @@ public class MessageControllerTest extends ResourceTest {

    assertThat("Good Response", response.getStatus(), is(equalTo(200)));

-    verify(pushSender).sendMessage(any(Account.class), any(Device.class), any(MessageProtos.OutgoingMessageSignal.class));
+    verify(pushSender, times(1)).sendMessage(any(Account.class), any(Device.class), any(MessageProtos.OutgoingMessageSignal.class));
  }

  @Test
-  public void testSingleDeviceCurrent() throws Exception {
+  public synchronized void testSingleDeviceCurrent() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/messages/%s", SINGLE_DEVICE_RECIPIENT))
+        resources.client().resource(String.format("/v1/messages/%s", SINGLE_DEVICE_RECIPIENT))
            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
        .entity(mapper.readValue(jsonFixture("fixtures/current_message_single_device.json"), IncomingMessageList.class))
        .type(MediaType.APPLICATION_JSON_TYPE)
@@ -99,13 +100,13 @@ public class MessageControllerTest extends ResourceTest {

    assertThat("Good Response", response.getStatus(), is(equalTo(204)));

-    verify(pushSender).sendMessage(any(Account.class), any(Device.class), any(MessageProtos.OutgoingMessageSignal.class));
+    verify(pushSender, times(1)).sendMessage(any(Account.class), any(Device.class), any(MessageProtos.OutgoingMessageSignal.class));
  }

  @Test
-  public void testMultiDeviceMissing() throws Exception {
+  public synchronized void testMultiDeviceMissing() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
+        resources.client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
            .entity(mapper.readValue(jsonFixture("fixtures/current_message_single_device.json"), IncomingMessageList.class))
            .type(MediaType.APPLICATION_JSON_TYPE)
@@ -121,9 +122,9 @@ public class MessageControllerTest extends ResourceTest {
  }

  @Test
-  public void testMultiDeviceExtra() throws Exception {
+  public synchronized void testMultiDeviceExtra() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
+        resources.client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
            .entity(mapper.readValue(jsonFixture("fixtures/current_message_extra_device.json"), IncomingMessageList.class))
            .type(MediaType.APPLICATION_JSON_TYPE)
@@ -139,9 +140,9 @@ public class MessageControllerTest extends ResourceTest {
  }

  @Test
-  public void testMultiDevice() throws Exception {
+  public synchronized void testMultiDevice() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
+        resources.client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
            .entity(mapper.readValue(jsonFixture("fixtures/current_message_multi_device.json"), IncomingMessageList.class))
            .type(MediaType.APPLICATION_JSON_TYPE)
@@ -153,9 +154,9 @@ public class MessageControllerTest extends ResourceTest {
  }

  @Test
-  public void testRegistrationIdMismatch() throws Exception {
+  public synchronized void testRegistrationIdMismatch() throws Exception {
    ClientResponse response =
-        client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
+        resources.client().resource(String.format("/v1/messages/%s", MULTI_DEVICE_RECIPIENT))
            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
            .entity(mapper.readValue(jsonFixture("fixtures/current_message_registration_id.json"), IncomingMessageList.class))
            .type(MediaType.APPLICATION_JSON_TYPE)
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/ReceiptControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/ReceiptControllerTest.java
@@ -0,0 +1,91 @@
+package org.whispersystems.textsecuregcm.tests.controllers;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.base.Optional;
+import com.sun.jersey.api.client.ClientResponse;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.whispersystems.textsecuregcm.controllers.MessageController;
+import org.whispersystems.textsecuregcm.controllers.ReceiptController;
+import org.whispersystems.textsecuregcm.entities.MessageProtos;
+import org.whispersystems.textsecuregcm.federation.FederatedClientManager;
+import org.whispersystems.textsecuregcm.limits.RateLimiter;
+import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import org.whispersystems.textsecuregcm.push.PushSender;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
+
+import java.util.LinkedList;
+import java.util.List;
+
+import io.dropwizard.testing.junit.ResourceTestRule;
+import static org.fest.assertions.api.Assertions.assertThat;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.core.IsEqual.equalTo;
+import static org.mockito.Matchers.eq;
+import static org.mockito.Mockito.*;
+
+public class ReceiptControllerTest  {
+
+  private static final String SINGLE_DEVICE_RECIPIENT = "+14151111111";
+  private static final String MULTI_DEVICE_RECIPIENT  = "+14152222222";
+
+  private  final PushSender             pushSender             = mock(PushSender.class            );
+  private  final FederatedClientManager federatedClientManager = mock(FederatedClientManager.class);
+  private  final AccountsManager        accountsManager        = mock(AccountsManager.class       );
+
+  private  final ObjectMapper mapper = new ObjectMapper();
+
+  @Rule
+  public final ResourceTestRule resources = ResourceTestRule.builder()
+                                                            .addProvider(AuthHelper.getAuthenticator())
+                                                            .addResource(new ReceiptController(accountsManager, federatedClientManager, pushSender))
+                                                            .build();
+
+  @Before
+  public void setup() throws Exception {
+    List<Device> singleDeviceList = new LinkedList<Device>() {{
+      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 111, null));
+    }};
+
+    List<Device> multiDeviceList = new LinkedList<Device>() {{
+      add(new Device(1, "foo", "bar", "baz", "isgcm", null, false, 222, null));
+      add(new Device(2, "foo", "bar", "baz", "isgcm", null, false, 333, null));
+    }};
+
+    Account singleDeviceAccount = new Account(SINGLE_DEVICE_RECIPIENT, false, singleDeviceList);
+    Account multiDeviceAccount  = new Account(MULTI_DEVICE_RECIPIENT, false, multiDeviceList);
+
+    when(accountsManager.get(eq(SINGLE_DEVICE_RECIPIENT))).thenReturn(Optional.of(singleDeviceAccount));
+    when(accountsManager.get(eq(MULTI_DEVICE_RECIPIENT))).thenReturn(Optional.of(multiDeviceAccount));
+  }
+
+  @Test
+  public synchronized void testSingleDeviceCurrent() throws Exception {
+    ClientResponse response =
+        resources.client().resource(String.format("/v1/receipt/%s/%d", SINGLE_DEVICE_RECIPIENT, 1234))
+                 .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                 .put(ClientResponse.class);
+
+    assertThat(response.getStatus() == 204);
+
+    verify(pushSender, times(1)).sendMessage(any(Account.class), any(Device.class), any(MessageProtos.OutgoingMessageSignal.class));
+  }
+
+  @Test
+  public synchronized void testMultiDeviceCurrent() throws Exception {
+    ClientResponse response =
+        resources.client().resource(String.format("/v1/receipt/%s/%d", MULTI_DEVICE_RECIPIENT, 12345))
+                 .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+                 .put(ClientResponse.class);
+
+    assertThat(response.getStatus() == 204);
+
+    verify(pushSender, times(2)).sendMessage(any(Account.class), any(Device.class), any(MessageProtos.OutgoingMessageSignal.class));
+  }
+
+
+}
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/WebsocketControllerTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/WebsocketControllerTest.java
@@ -2,25 +2,31 @@ package org.whispersystems.textsecuregcm.tests.controllers;

 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.base.Optional;
-import com.yammer.dropwizard.auth.basic.BasicCredentials;
-import org.eclipse.jetty.websocket.WebSocket;
+import org.eclipse.jetty.websocket.api.CloseStatus;
+import org.eclipse.jetty.websocket.api.RemoteEndpoint;
+import org.eclipse.jetty.websocket.api.Session;
+import org.eclipse.jetty.websocket.api.UpgradeRequest;
 import org.junit.Test;
 import org.whispersystems.textsecuregcm.auth.AccountAuthenticator;
 import org.whispersystems.textsecuregcm.controllers.WebsocketController;
-import org.whispersystems.textsecuregcm.controllers.WebsocketControllerFactory;
 import org.whispersystems.textsecuregcm.entities.AcknowledgeWebsocketMessage;
+import org.whispersystems.textsecuregcm.entities.EncryptedOutgoingMessage;
+import org.whispersystems.textsecuregcm.entities.MessageProtos;
+import org.whispersystems.textsecuregcm.entities.PendingMessage;
+import org.whispersystems.textsecuregcm.push.PushSender;
 import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
 import org.whispersystems.textsecuregcm.storage.Device;
 import org.whispersystems.textsecuregcm.storage.PubSubManager;
-import org.whispersystems.textsecuregcm.storage.StoredMessageManager;
+import org.whispersystems.textsecuregcm.storage.StoredMessages;
 import org.whispersystems.textsecuregcm.websocket.WebsocketAddress;
+import org.whispersystems.textsecuregcm.websocket.WebsocketControllerFactory;

-import javax.servlet.http.HttpServletRequest;
-
+import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.List;

-import static org.fest.assertions.api.Assertions.assertThat;
+import io.dropwizard.auth.basic.BasicCredentials;
 import static org.mockito.Matchers.eq;
 import static org.mockito.Mockito.*;

@@ -34,13 +40,15 @@ public class WebsocketControllerTest {
  private static final String VALID_PASSWORD   = "secure";
  private static final String INVALID_PASSWORD = "insecure";

-  private final StoredMessageManager storedMessageManager = mock(StoredMessageManager.class);
-  private final AccountAuthenticator accountAuthenticator = mock(AccountAuthenticator.class);
-  private final PubSubManager        pubSubManager        = mock(PubSubManager.class       );
-  private final Account              account              = mock(Account.class             );
-  private final Device               device               = mock(Device.class              );
-  private final HttpServletRequest   request              = mock(HttpServletRequest.class  );
-  private final WebSocket.Connection connection           = mock(WebSocket.Connection.class);
+  private static final StoredMessages       storedMessages       = mock(StoredMessages.class);
+  private static final AccountAuthenticator accountAuthenticator = mock(AccountAuthenticator.class);
+  private static final AccountsManager      accountsManager      = mock(AccountsManager.class);
+  private static final PubSubManager        pubSubManager        = mock(PubSubManager.class       );
+  private static final Account              account              = mock(Account.class             );
+  private static final Device               device               = mock(Device.class              );
+  private static final UpgradeRequest       upgradeRequest       = mock(UpgradeRequest.class      );
+  private static final Session              session              = mock(Session.class             );
+  private static final PushSender           pushSender           = mock(PushSender.class);

  @Test
  public void testCredentials() throws Exception {
@@ -50,62 +58,88 @@ public class WebsocketControllerTest {
    when(accountAuthenticator.authenticate(eq(new BasicCredentials(INVALID_USER, INVALID_PASSWORD))))
        .thenReturn(Optional.<Account>absent());

-    WebsocketControllerFactory factory = new WebsocketControllerFactory(accountAuthenticator,
-                                                                        storedMessageManager,
-                                                                        pubSubManager);
+    when(session.getUpgradeRequest()).thenReturn(upgradeRequest);

-    when(request.getParameter(eq("user"))).thenReturn(VALID_USER);
-    when(request.getParameter(eq("password"))).thenReturn(VALID_PASSWORD);
+    WebsocketController controller = new WebsocketController(accountAuthenticator, accountsManager, pushSender, pubSubManager, storedMessages);

-    assertThat(factory.checkOrigin(request, "foobar")).isEqualTo(true);
+    when(upgradeRequest.getParameterMap()).thenReturn(new HashMap<String, String[]>() {{
+      put("login", new String[] {VALID_USER});
+      put("password", new String[] {VALID_PASSWORD});
+    }});

-    when(request.getParameter(eq("user"))).thenReturn(INVALID_USER);
-    when(request.getParameter(eq("password"))).thenReturn(INVALID_PASSWORD);
+    controller.onWebSocketConnect(session);

-    assertThat(factory.checkOrigin(request, "foobar")).isEqualTo(false);
+    verify(session, never()).close();
+    verify(session, never()).close(any(CloseStatus.class));
+    verify(session, never()).close(anyInt(), anyString());
+
+    when(upgradeRequest.getParameterMap()).thenReturn(new HashMap<String, String[]>() {{
+      put("login", new String[] {INVALID_USER});
+      put("password", new String[] {INVALID_PASSWORD});
+    }});
+
+    controller.onWebSocketConnect(session);
+
+    verify(session).close(any(CloseStatus.class));
  }

  @Test
  public void testOpen() throws Exception {
-    List<String> outgoingMessages = new LinkedList<String>() {{
-      add("first");
-      add("second");
-      add("third");
+    RemoteEndpoint remote = mock(RemoteEndpoint.class);
+
+    List<PendingMessage> outgoingMessages = new LinkedList<PendingMessage>() {{
+      add(new PendingMessage("sender1", 1111, false, "first"));
+      add(new PendingMessage("sender1", 2222, false, "second"));
+      add(new PendingMessage("sender2", 3333, false, "third"));
    }};

    when(device.getId()).thenReturn(2L);
-    when(account.getId()).thenReturn(31337L);
    when(account.getAuthenticatedDevice()).thenReturn(Optional.of(device));
+    when(account.getNumber()).thenReturn("+14152222222");
+    when(session.getRemote()).thenReturn(remote);
+    when(session.getUpgradeRequest()).thenReturn(upgradeRequest);

-    when(request.getParameter(eq("user"))).thenReturn(VALID_USER);
-    when(request.getParameter(eq("password"))).thenReturn(VALID_PASSWORD);
+    final Device sender1device = mock(Device.class);
+
+    List<Device> sender1devices = new LinkedList<Device>() {{
+      add(sender1device);
+    }};
+
+    Account sender1 = mock(Account.class);
+    when(sender1.getDevices()).thenReturn(sender1devices);
+
+    when(accountsManager.get("sender1")).thenReturn(Optional.of(sender1));
+    when(accountsManager.get("sender2")).thenReturn(Optional.<Account>absent());
+
+    when(upgradeRequest.getParameterMap()).thenReturn(new HashMap<String, String[]>() {{
+      put("login", new String[] {VALID_USER});
+      put("password", new String[] {VALID_PASSWORD});
+    }});

    when(accountAuthenticator.authenticate(eq(new BasicCredentials(VALID_USER, VALID_PASSWORD))))
        .thenReturn(Optional.of(account));

-    when(storedMessageManager.getOutgoingMessages(eq(account), eq(device))).thenReturn(outgoingMessages);
+    when(storedMessages.getMessagesForDevice(new WebsocketAddress(account.getNumber(), device.getId())))
+        .thenReturn(outgoingMessages);

-    WebsocketControllerFactory factory = new WebsocketControllerFactory(accountAuthenticator,
-                                                                        storedMessageManager,
-                                                                        pubSubManager);
+    WebsocketControllerFactory factory    = new WebsocketControllerFactory(accountAuthenticator, accountsManager, pushSender, storedMessages, pubSubManager);
+    WebsocketController        controller = (WebsocketController) factory.createWebSocket(null, null);

-    assertThat(factory.checkOrigin(request, "foobar")).isEqualTo(true);
+    controller.onWebSocketConnect(session);

-    WebsocketController socket = (WebsocketController)factory.doWebSocketConnect(request, "foo");
-    socket.onOpen(connection);
+    verify(pubSubManager).subscribe(eq(new WebsocketAddress("+14152222222", 2L)), eq((controller)));
+    verify(remote, times(3)).sendStringByFuture(anyString());

-    verify(pubSubManager).subscribe(eq(new WebsocketAddress(31337L, 2L)), eq((socket)));
-    verify(connection, times(3)).sendMessage(anyString());
+    controller.onWebSocketText(mapper.writeValueAsString(new AcknowledgeWebsocketMessage(1)));
+    controller.onWebSocketClose(1000, "Closed");

-    socket.onMessage(mapper.writeValueAsString(new AcknowledgeWebsocketMessage(1)));
-    socket.onClose(1000, "Closed");
-
-    List<String> pending = new LinkedList<String>() {{
-      add("first");
-      add("third");
+    List<PendingMessage> pending = new LinkedList<PendingMessage>() {{
+      add(new PendingMessage("sender1", 1111, false, "first"));
+      add(new PendingMessage("sender2", 3333, false, "third"));
    }};

-    verify(storedMessageManager).storeMessages(eq(account), eq(device), eq(pending));
+    verify(pushSender, times(2)).sendMessage(eq(account), eq(device), any(PendingMessage.class));
+    verify(pushSender, times(1)).sendMessage(eq(sender1), eq(sender1device), any(MessageProtos.OutgoingMessageSignal.class));
  }

 }
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/entities/ClientContactTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/entities/ClientContactTest.java
@@ -1,13 +1,16 @@
 package org.whispersystems.textsecuregcm.tests.entities;

+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.junit.Test;
 import org.whispersystems.textsecuregcm.entities.ClientContact;
 import org.whispersystems.textsecuregcm.util.Util;

-import static com.yammer.dropwizard.testing.JsonHelpers.*;
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
+import static org.whispersystems.textsecuregcm.tests.util.JsonHelpers.asJson;
+import static org.whispersystems.textsecuregcm.tests.util.JsonHelpers.fromJson;
+import static org.whispersystems.textsecuregcm.tests.util.JsonHelpers.jsonFixture;

 public class ClientContactTest {

@@ -41,4 +44,5 @@ public class ClientContactTest {
               is(contact));
  }

+
 }
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/entities/PreKeyTest.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/entities/PreKeyTest.java
@@ -2,19 +2,20 @@ package org.whispersystems.textsecuregcm.tests.entities;

 import org.junit.Test;
 import org.whispersystems.textsecuregcm.entities.ClientContact;
-import org.whispersystems.textsecuregcm.entities.PreKey;
+import org.whispersystems.textsecuregcm.entities.PreKeyV1;
+import org.whispersystems.textsecuregcm.entities.PreKeyV2;
 import org.whispersystems.textsecuregcm.util.Util;

-import static com.yammer.dropwizard.testing.JsonHelpers.*;
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
+import static org.whispersystems.textsecuregcm.tests.util.JsonHelpers.*;

 public class PreKeyTest {

  @Test
-  public void serializeToJSON() throws Exception {
-    PreKey preKey = new PreKey(1, "+14152222222", 1, 1234, "test", "identityTest", false);
+  public void serializeToJSONV1() throws Exception {
+    PreKeyV1 preKey = new PreKeyV1(1, 1234, "test", "identityTest");
    preKey.setRegistrationId(987);

    assertThat("Basic Contact Serialization works",
@@ -23,7 +24,7 @@ public class PreKeyTest {
  }

  @Test
-  public void deserializeFromJSON() throws Exception {
+  public void deserializeFromJSONV() throws Exception {
    ClientContact contact = new ClientContact(Util.getContactToken("+14152222222"),
                                              "whisper", true);

@@ -32,4 +33,13 @@ public class PreKeyTest {
               is(contact));
  }

+  @Test
+  public void serializeToJSONV2() throws Exception {
+    PreKeyV2 preKey = new PreKeyV2(1234, "test");
+
+    assertThat("PreKeyV2 Serialization works",
+               asJson(preKey),
+               is(equalTo(jsonFixture("fixtures/prekey_v2.json"))));
+  }
+
 }
--- a/src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java
@@ -27,20 +27,20 @@ public class AuthHelper {
  public static final String INVVALID_NUMBER  = "+14151111111";
  public static final String INVALID_PASSWORD = "bar";

-  public static MultiBasicAuthProvider<FederatedPeer, Account> getAuthenticator() {
-    AccountsManager           accounts    = mock(AccountsManager.class          );
-    Account                   account     = mock(Account.class                  );
-    Device                    device      = mock(Device.class                   );
-    AuthenticationCredentials credentials = mock(AuthenticationCredentials.class);
+  public static AccountsManager           ACCOUNTS_MANAGER  = mock(AccountsManager.class          );
+  public static Account                   VALID_ACCOUNT     = mock(Account.class                  );
+  public static Device                    VALID_DEVICE      = mock(Device.class                   );
+  public static AuthenticationCredentials VALID_CREDENTIALS = mock(AuthenticationCredentials.class);

-    when(credentials.verify("foo")).thenReturn(true);
-    when(device.getAuthenticationCredentials()).thenReturn(credentials);
-    when(device.getId()).thenReturn(1L);
-    when(account.getDevice(anyLong())).thenReturn(Optional.of(device));
-    when(account.getNumber()).thenReturn(VALID_NUMBER);
-    when(account.getAuthenticatedDevice()).thenReturn(Optional.of(device));
-    when(account.getRelay()).thenReturn(Optional.<String>absent());
-    when(accounts.get(VALID_NUMBER)).thenReturn(Optional.of(account));
+  public static MultiBasicAuthProvider<FederatedPeer, Account> getAuthenticator() {
+    when(VALID_CREDENTIALS.verify("foo")).thenReturn(true);
+    when(VALID_DEVICE.getAuthenticationCredentials()).thenReturn(VALID_CREDENTIALS);
+    when(VALID_DEVICE.getId()).thenReturn(1L);
+    when(VALID_ACCOUNT.getDevice(anyLong())).thenReturn(Optional.of(VALID_DEVICE));
+    when(VALID_ACCOUNT.getNumber()).thenReturn(VALID_NUMBER);
+    when(VALID_ACCOUNT.getAuthenticatedDevice()).thenReturn(Optional.of(VALID_DEVICE));
+    when(VALID_ACCOUNT.getRelay()).thenReturn(Optional.<String>absent());
+    when(ACCOUNTS_MANAGER.get(VALID_NUMBER)).thenReturn(Optional.of(VALID_ACCOUNT));

    List<FederatedPeer> peer = new LinkedList<FederatedPeer>() {{
      add(new FederatedPeer("cyanogen", "https://foo", "foofoo", "bazzzzz"));
@@ -51,7 +51,7 @@ public class AuthHelper {

    return new MultiBasicAuthProvider<>(new FederatedPeerAuthenticator(federationConfiguration),
                                        FederatedPeer.class,
-                                        new AccountAuthenticator(accounts),
+                                        new AccountAuthenticator(ACCOUNTS_MANAGER),
                                        Account.class, "WhisperServer");
  }

--- a/src/test/java/org/whispersystems/textsecuregcm/tests/util/JsonHelpers.java
+++ b/src/test/java/org/whispersystems/textsecuregcm/tests/util/JsonHelpers.java
@@ -0,0 +1,27 @@
+package org.whispersystems.textsecuregcm.tests.util;
+
+import com.fasterxml.jackson.core.JsonParseException;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import java.io.IOException;
+
+import static io.dropwizard.testing.FixtureHelpers.fixture;
+
+public class JsonHelpers {
+
+  private static final ObjectMapper objectMapper = new ObjectMapper();
+
+  public static String asJson(Object object) throws JsonProcessingException {
+    return objectMapper.writeValueAsString(object);
+  }
+
+  public static <T> T fromJson(String value, Class<T> clazz) throws IOException {
+    return objectMapper.readValue(value, clazz);
+  }
+
+  public static String jsonFixture(String filename) throws IOException {
+    return objectMapper.writeValueAsString(objectMapper.readValue(fixture(filename), JsonNode.class));
+  }
+}
--- a/src/test/resources/fixtures/contact.relay.json
+++ b/src/test/resources/fixtures/contact.relay.json
@@ -1,4 +1,4 @@
 {
-    "token" : "BQVVHxMt5zAFXA",
-    "relay" : "whisper"
+    "relay" : "whisper",
+    "token" : "BQVVHxMt5zAFXA"
 }
--- a/src/test/resources/fixtures/contact.relay.sms.json
+++ b/src/test/resources/fixtures/contact.relay.sms.json
@@ -1,5 +1,5 @@
 {
-    "token" : "BQVVHxMt5zAFXA",
    "relay" : "whisper",
-    "supportsSms"   : true
+    "supportsSms"   : true,
+    "token" : "BQVVHxMt5zAFXA"
 }
--- a/src/test/resources/fixtures/prekey_v2.json
+++ b/src/test/resources/fixtures/prekey_v2.json
@@ -0,0 +1,4 @@
+{
+    "keyId" : 1234,
+    "publicKey" : "test"
+}
Author	SHA1	Message	Date
Moxie Marlinspike	bc65461ecb	Bump version to 0.22	2014-10-01 15:03:25 -07:00
Moxie Marlinspike	30017371df	Reconnect even when Smack thinks it doesn't need to.	2014-10-01 14:07:12 -07:00
Moxie Marlinspike	b944b86bf8	Bump version to 0.21 // FREEBIE	2014-07-30 11:45:45 -07:00
Moxie Marlinspike	6ba8352fa6	Update sample config to include GCM senderId // FREEBIE	2014-07-30 11:38:23 -07:00
Moxie Marlinspike	aadf76692e	Bump version to 0.20 // FREEBIE	2014-07-30 11:36:54 -07:00
Moxie Marlinspike	c9a1386a55	Fix for PubSub channel. 1) Create channels based on numbers rather than DB row ids. 2) Ensure that stored messages are cleared at reregistration time.	2014-07-26 20:41:25 -07:00
Moxie Marlinspike	4eb88a3e02	Server side support for delivery receipts.	2014-07-25 15:48:34 -07:00
Moxie Marlinspike	160c0bfe14	Switch from Java serialization to JSON for memcache storage.	2014-07-23 18:02:35 -07:00
Moxie Marlinspike	4cd098af1d	Switch to GCM CCS and add support for APN feedback processing.	2014-07-23 18:00:49 -07:00
Moxie Marlinspike	362abd618f	Bump version to 0.19 // FREEBIE	2014-07-21 01:20:57 -07:00
Moxie Marlinspike	69de9f6684	Fix stored message retrieval. // FREEBIE	2014-07-21 01:20:14 -07:00
Moxie Marlinspike	2aa379bf21	Bumping version to 0.18 // FREEBIE	2014-07-17 11:05:38 -07:00
Moxie Marlinspike	820a2f1a63	Break FederationController into V1 and V2	2014-07-16 17:24:01 -07:00
Moxie Marlinspike	6fac7614f5	Allow device to query their currently stored signed prekey.	2014-07-16 14:44:00 -07:00
Moxie Marlinspike	b724ea8d3b	Renamed 'device key' to 'signed prekey'.	2014-07-11 10:37:19 -07:00
Moxie Marlinspike	06f80c320d	Introduce V2 API for PreKey updates and requests. 1) A /v2/keys controller. 2) Separate wire protocol PreKey POJOs from database PreKey objects. 3) Separate wire protocol PreKey submission and response POJOs. 4) Introduce a new update/response JSON format for /v2/keys.	2014-07-10 18:06:45 -07:00
Moxie Marlinspike	d9de015eab	Bump version to 0.17	2014-07-10 17:45:11 -07:00
Moxie Marlinspike	dd36c861ba	Pipeline directory update redis flow for a 10x speedup.	2014-07-10 17:31:39 -07:00
Moxie Marlinspike	b34e46af93	Bump version to 0.16	2014-06-30 12:18:39 -07:00
Moxie Marlinspike	405802c492	Get JSON metrics response code.	2014-06-30 12:18:16 -07:00
Moxie Marlinspike	e15f3c9d2b	By default, dont try to gunzip	2014-06-29 19:48:47 -07:00
Moxie Marlinspike	885af064c9	Support unrecognized properties.	2014-06-29 18:16:43 -07:00
Moxie Marlinspike	40529dc41f	Fix JSON reporter.	2014-06-27 19:49:21 -07:00
Moxie Marlinspike	2452f6ef8a	Fix dependency conflicts.	2014-06-27 19:48:49 -07:00
Moxie Marlinspike	4c543e6f06	Update websocket close codes to comply with RFC	2014-06-26 16:08:29 -07:00
Moxie Marlinspike	bc5fd5d441	Update sample config	2014-06-26 16:08:29 -07:00
Moxie Marlinspike	7a33cef27e	Updated iOS message delivery. 1) Use WebSockets for delivery if a client is connected. 2) If a client isn't connected, write to a redis queue and send an APN push.	2014-06-26 16:08:29 -07:00
Moxie Marlinspike	b433b9c879	Upgrade to dropwizard 0.7.	2014-06-26 16:08:29 -07:00
Moxie Marlinspike	5d169c523f	Bump version to 0.13	2014-06-25 21:52:07 -07:00
Moxie Marlinspike	98d277368f	Final migration step, remove identity_key column from keys table.	2014-06-25 21:51:22 -07:00
Moxie Marlinspike	3bd58bf25e	Bumping version to 0.12	2014-06-25 21:27:00 -07:00
Moxie Marlinspike	ba05e577ae	Treat account object as authoritative source for identity keys. Step 3 in migration.	2014-06-25 21:26:25 -07:00
Moxie Marlinspike	4206f6af45	Bumping version to 0.11	2014-06-25 18:55:54 -07:00
Moxie Marlinspike	0c5da1cc47	Schema migration for identity keys.	2014-06-25 18:55:26 -07:00
Moxie Marlinspike	d9bd1c679e	Bump version to 0.10	2014-06-25 11:36:12 -07:00
Moxie Marlinspike	437eb8de37	Write identity key into 'account' object. This is the beginning of a migration to storing one identity key per account, instead of the braindead duplication we're doing now. Part one of a two-part deployment in the schema migration process.	2014-06-25 11:34:54 -07:00
Moxie Marlinspike	f14c181840	Add host system metrics.	2014-04-12 14:14:18 -07:00
Moxie Marlinspike	d46c9fb157	Bump version to 0.9	2014-04-04 21:14:53 -07:00
Moxie Marlinspike	6913e4dfd2	Add contacts histogram and directory controller test.	2014-04-04 20:19:12 -07:00
Moxie Marlinspike	aea3f299a0	JSON metrics reporting.	2014-03-19 14:31:31 -07:00
Moxie Marlinspike	5667476780	Bump version to 0.7	2014-03-19 10:02:46 -07:00
Moxie Marlinspike	b263f47826	Support for querying PreKey meta-information.	2014-03-18 18:46:00 -07:00
Moxie Marlinspike	21723d6313	Bump version to 0.6	2014-03-06 22:53:43 -08:00
Moxie Marlinspike	a63cdc76b0	Disallow registration from clients registered on another relay.	2014-02-25 17:04:46 -08:00