Merge branch 'master' of ssh://git.gnunet.org/gnunet

author: TheJackiMonster <thejackimonster@gmail.com> 2023-11-14 17:51:34 +0100
committer: TheJackiMonster <thejackimonster@gmail.com> 2023-11-14 17:51:34 +0100
commit: b8672206edfb2047132311b9a3ab3a0138bdc422 (patch)
tree: 3c9361a0ba00b5f1d4944fec66cbc9a266d31ca9 /src/include
parent: 34587531b0ed15bbc8d73d21123101b7ca482389 (diff)
parent: 8e8c3f1e1c8c81a269c57e635153ec22fbfe216e (diff)
download: gnunet-b8672206edfb2047132311b9a3ab3a0138bdc422.tar.gz
gnunet-b8672206edfb2047132311b9a3ab3a0138bdc422.zip
59 files changed, 3344 insertions, 5853 deletions
diff --git a/src/include/.gitignore b/src/include/.gitignore
index dba282e99..76ca45ab4 100644
--- a/src/include/.gitignore
+++ b/src/include/.gitignore
@@ -1,8 +1,3 @@
-gnunet_error_codes.h
-gnu_name_system_record_flags.h
-gnu_name_system_record_types.h
-gnunet_dht_block_types.h
-gnunet_signatures.h
 !gnunet_config.h.in
 gnunet_config.h
-gnunet_mysql_compat.h
-\ No newline at end of file
+gnunet_mysql_compat.h
diff --git a/src/include/Makefile.am b/src/include/Makefile.am
index 8519883c9..cf8c49cf1 100644
--- a/src/include/Makefile.am
+++ b/src/include/Makefile.am
@@ -17,10 +17,6 @@ gnunetinclude_HEADERS = \
  gnunet_abd_service.h \
  gnunet_applications.h \
  gnunet_arm_service.h \
-  gnunet_ats_service.h \
-  gnunet_ats_application_service.h \
-  gnunet_ats_transport_service.h \
-  gnunet_ats_plugin.h \
  gnunet_bandwidth_lib.h \
  gnunet_bio_lib.h \
  gnunet_dht_block_types.h \
@@ -51,8 +47,6 @@ gnunetinclude_HEADERS = \
  gnunet_dnsstub_lib.h \
  gnunet_dns_service.h \
  gnunet_error_codes.h \
-  gnunet_fragmentation_lib.h \
-  gnunet_friends_lib.h \
  gnunet_fs_service.h \
  gnunet_getopt_lib.h \
  gnunet_gns_service.h \
@@ -60,7 +54,6 @@ gnunetinclude_HEADERS = \
  gnunet_gnsrecord_json_lib.h \
  gnunet_gnsrecord_plugin.h \
  gnu_name_system_record_types.h \
-  gnunet_hello_lib.h \
  gnunet_hello_uri_lib.h \
  gnunet_helper_lib.h \
  gnunet_identity_service.h \
@@ -75,9 +68,6 @@ gnunetinclude_HEADERS = \
  gnunet_microphone_lib.h \
  gnunet_mst_lib.h \
  gnunet_mq_lib.h \
-  gnunet_my_lib.h \
-  gnunet_mysql_compat.h \
-  gnunet_mysql_lib.h \
  gnunet_namecache_plugin.h \
  gnunet_namecache_service.h \
  gnunet_namestore_plugin.h \
@@ -126,14 +116,11 @@ gnunetinclude_HEADERS = \
  gnunet_testing_ng_lib.h \
  gnunet_testing_netjail_lib.h \
  gnunet_time_lib.h \
-  gnunet_transport_service.h \
  gnunet_transport_application_service.h \
  gnunet_transport_communication_service.h \
-  gnunet_transport_core_service.h \
-  gnunet_transport_hello_service.h \
-  gnunet_transport_manipulation_service.h \
  gnunet_transport_monitor_service.h \
-  gnunet_transport_plugin.h \
+  gnunet_transport_core_service.h \
+  gnunet_transport_testing_ng_lib.h \
  gnunet_tun_lib.h \
  gnunet_uri_lib.h \
  gnunet_util_lib.h \
diff --git a/src/include/gnu_name_system_record_types.h b/src/include/gnu_name_system_record_types.h
new file mode 100644
index 000000000..2cefce589
--- /dev/null
+++ b/src/include/gnu_name_system_record_types.h
@@ -0,0 +1,192 @@
+/*
+     This file is part of GNUnet
+     Copyright (C) 2012-2022 GNUnet e.V.
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+#ifndef GNU_NAME_SYSTEM_RECORD_TYPES_H
+#define GNU_NAME_SYSTEM_RECORD_TYPES_H
+/**
+ * WARNING:
+ * This header is generated!
+ * In order to add GNS record types, you must register
+ * them in GANA, and then use the header generation script
+ * to create an update of this file. You may then replace this
+ * file with the update.
+ */
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+/**
+ * GNS zone delegation (PKEY)
+ */
+#define GNUNET_GNSRECORD_TYPE_PKEY 65536
+/**
+ * GNS zone nickname
+ */
+#define GNUNET_GNSRECORD_TYPE_NICK 65537
+/**
+ * GNS legacy hostname
+ */
+#define GNUNET_GNSRECORD_TYPE_LEHO 65538
+/**
+ * VPN resolution
+ */
+#define GNUNET_GNSRECORD_TYPE_VPN 65539
+/**
+ * Delegation to DNS
+ */
+#define GNUNET_GNSRECORD_TYPE_GNS2DNS 65540
+/**
+ * Box record
+ */
+#define GNUNET_GNSRECORD_TYPE_BOX 65541
+/**
+ * social place for SecuShare
+ */
+#define GNUNET_GNSRECORD_TYPE_PLACE 65542
+/**
+ * Endpoint for conversation
+ */
+#define GNUNET_GNSRECORD_TYPE_PHONE 65543
+/**
+ * identity attribute
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_ATTRIBUTE 65544
+/**
+ * local ticket reference
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_TICKET 65545
+/**
+ * For ABD policies
+ */
+#define GNUNET_GNSRECORD_TYPE_DELEGATE 65548
+/**
+ * For ABD reverse lookups
+ */
+#define GNUNET_GNSRECORD_TYPE_ATTRIBUTE 65549
+/**
+ * for reclaim records
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_ATTRIBUTE_REF 65550
+/**
+ * Redirection record
+ */
+#define GNUNET_GNSRECORD_TYPE_REDIRECT 65551
+/**
+ * For reclaim OIDC client names.
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT 65552
+/**
+ * Used reclaimID OIDC client redirect URIs.
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT 65553
+/**
+ * Record type for an attribute attestation (e.g. JWT).
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_CREDENTIAL 65554
+/**
+ * Record type for a presentation of a credential.
+ */
+#define GNUNET_GNSRECORD_TYPE_RECLAIM_PRESENTATION 65555
+/**
+ * GNS zone delegation (EDKEY)
+ */
+#define GNUNET_GNSRECORD_TYPE_EDKEY 65556
+/**
+ * Encoding for Robust Immutable Storage (ERIS) binary read capability
+ */
+#define GNUNET_GNSRECORD_TYPE_ERIS_READ_CAPABILITY 65557
+/**
+ * Record type to share an entry of a messenger room
+ */
+#define GNUNET_GNSRECORD_TYPE_MESSENGER_ROOM_ENTRY 65558
+/**
+ * Record type to indicate a previously delete record (PRIVATE only)
+ */
+#define GNUNET_GNSRECORD_TYPE_TOMBSTONE 65559
+/**
+ * Record type to store details about a messenger room
+ */
+#define GNUNET_GNSRECORD_TYPE_MESSENGER_ROOM_DETAILS 65560
+/**
+ * Record type to store DID Documents
+ */
+#define GNUNET_GNSRECORD_TYPE_DID_DOCUMENT 65561
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/src/include/gnunet_abd_service.h b/src/include/gnunet_abd_service.h
index 75c1757ab..cb6e77256 100644
--- a/src/include/gnunet_abd_service.h
+++ b/src/include/gnunet_abd_service.h
@@ -107,7 +107,7 @@ struct GNUNET_ABD_DelegationRecordSet
  /**
   * Public key of the subject this attribute was delegated to
   */
-  struct GNUNET_IDENTITY_PublicKey subject_key;
+  struct GNUNET_CRYPTO_PublicKey subject_key;
  /**
   * Length of attribute, may be 0
@@ -127,7 +127,7 @@ struct GNUNET_ABD_DelegationSet
  /**
   * Public key of the subject this attribute was delegated to
   */
-  struct GNUNET_IDENTITY_PublicKey subject_key;
+  struct GNUNET_CRYPTO_PublicKey subject_key;
  uint32_t subject_attribute_len;
@@ -147,12 +147,12 @@ struct GNUNET_ABD_Delegation
  /**
   * The issuer of the delegation
   */
-  struct GNUNET_IDENTITY_PublicKey issuer_key;
+  struct GNUNET_CRYPTO_PublicKey issuer_key;
  /**
   * Public key of the subject this attribute was delegated to
   */
-  struct GNUNET_IDENTITY_PublicKey subject_key;
+  struct GNUNET_CRYPTO_PublicKey subject_key;
  /**
   * Length of the attribute
@@ -185,17 +185,17 @@ struct GNUNET_ABD_Delegate
  /**
   * The issuer of the credential
   */
-  struct GNUNET_IDENTITY_PublicKey issuer_key;
+  struct GNUNET_CRYPTO_PublicKey issuer_key;
  /**
   * Public key of the subject this credential was issued to
   */
-  struct GNUNET_IDENTITY_PublicKey subject_key;
+  struct GNUNET_CRYPTO_PublicKey subject_key;
  /**
   * Signature of this credential
   */
-  struct GNUNET_IDENTITY_Signature signature;
+  struct GNUNET_CRYPTO_Signature signature;
  /**
   * Expiration of this credential
@@ -322,9 +322,9 @@ typedef void (*GNUNET_ABD_RemoveDelegateResultProcessor) (void *cls,
 */
 struct GNUNET_ABD_Request*
  GNUNET_ABD_verify (struct GNUNET_ABD_Handle *handle,
-                     const struct GNUNET_IDENTITY_PublicKey *issuer_key,
+                     const struct GNUNET_CRYPTO_PublicKey *issuer_key,
                     const char *issuer_attribute,
-                     const struct GNUNET_IDENTITY_PublicKey *subject_key,
+                     const struct GNUNET_CRYPTO_PublicKey *subject_key,
                     uint32_t delegate_count,
                     const struct GNUNET_ABD_Delegate *delegates,
                     enum GNUNET_ABD_AlgoDirectionFlags direction,
@@ -335,9 +335,9 @@ struct GNUNET_ABD_Request*
 struct GNUNET_ABD_Request*
  GNUNET_ABD_collect (struct GNUNET_ABD_Handle *handle,
-                      const struct GNUNET_IDENTITY_PublicKey *issuer_key,
+                      const struct GNUNET_CRYPTO_PublicKey *issuer_key,
                      const char *issuer_attribute,
-                      const struct GNUNET_IDENTITY_PrivateKey *subject_key,
+                      const struct GNUNET_CRYPTO_PrivateKey *subject_key,
                      enum GNUNET_ABD_AlgoDirectionFlags direction,
                      GNUNET_ABD_CredentialResultProcessor proc,
                      void *proc_cls,
@@ -360,7 +360,7 @@ struct GNUNET_ABD_Request *
 GNUNET_ABD_add_delegation (struct GNUNET_ABD_Handle *handle,
                           struct GNUNET_IDENTITY_Ego *issuer,
                           const char *attribute,
-                           struct GNUNET_IDENTITY_PublicKey *subject,
+                           struct GNUNET_CRYPTO_PublicKey *subject,
                           const char *delegated_attribute,
                           GNUNET_ABD_DelegateResultProcessor proc,
                           void *proc_cls);
@@ -393,8 +393,8 @@ GNUNET_ABD_remove_delegation (struct GNUNET_ABD_Handle *handle,
 * @return handle to the queued request
 */
 struct GNUNET_ABD_Delegate*
-GNUNET_ABD_delegate_issue (const struct GNUNET_IDENTITY_PrivateKey *issuer,
+GNUNET_ABD_delegate_issue (const struct GNUNET_CRYPTO_PrivateKey *issuer,
-                           struct GNUNET_IDENTITY_PublicKey *subject,
+                           struct GNUNET_CRYPTO_PublicKey *subject,
                           const char *iss_attr,
                           const char *sub_attr,
                           struct GNUNET_TIME_Absolute *expiration);
diff --git a/src/include/gnunet_ats_application_service.h b/src/include/gnunet_ats_application_service.h
deleted file mode 100644
index da7fd4b52..000000000
--- a/src/include/gnunet_ats_application_service.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
-   This file is part of GNUnet.
-   Copyright (C) 2010-2015, 2018 GNUnet e.V.
-   GNUnet is free software: you can redistribute it and/or modify it
-   under the terms of the GNU Affero General Public License as published
-   by the Free Software Foundation, either version 3 of the License,
-   or (at your option) any later version.
-   GNUnet is distributed in the hope that it will be useful, but
-   WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   Affero General Public License for more details.
-   You should have received a copy of the GNU Affero General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @file
- * Bandwidth allocation API for applications to interact with
- *
- * @author Christian Grothoff
- * @author Matthias Wachs
- *
- * @defgroup ats  ATS service
- * Bandwidth allocation
- *
- * @see [Documentation](https://gnunet.org/ats-subsystem)
- *
- * @{
- */
-#ifndef GNUNET_ATS_APPLICATION_SERVICE_H
-#define GNUNET_ATS_APPLICATION_SERVICE_H
-#include "gnunet_constants.h"
-#include "gnunet_util_lib.h"
-/**
- * Handle to the ATS subsystem for making suggestions about
- * connections the peer would like to have.
- */
-struct GNUNET_ATS_ApplicationHandle;
-/**
- * Initialize the ATS application client handle.
- *
- * @param cfg configuration to use
- * @return ats application handle, NULL on error
- */
-struct GNUNET_ATS_ApplicationHandle *
-GNUNET_ATS_application_init (const struct GNUNET_CONFIGURATION_Handle *cfg);
-/**
- * Shutdown ATS application client.
- *
- * @param ch handle to destroy
- */
-void
-GNUNET_ATS_application_done (struct GNUNET_ATS_ApplicationHandle *ch);
-/**
- * Handle for suggestion requests.
- */
-struct GNUNET_ATS_ApplicationSuggestHandle;
-/**
- * An application would like to communicate with a peer.  ATS should
- * allocate bandwidth using a suitable address for requiremetns @a pk
- * to transport.
- *
- * @param ch handle
- * @param peer identity of the peer we need an address for
- * @param pk what kind of application will the application require (can be
- *         #GNUNET_MQ_PREFERENCE_NONE, we will still try to connect)
- * @param bw desired bandwidth, can be zero (we will still try to connect)
- * @return suggestion handle, NULL if request is already pending
- */
-struct GNUNET_ATS_ApplicationSuggestHandle *
-GNUNET_ATS_application_suggest (struct GNUNET_ATS_ApplicationHandle *ch,
-                                const struct GNUNET_PeerIdentity *peer,
-                                enum GNUNET_MQ_PreferenceKind pk,
-                                struct GNUNET_BANDWIDTH_Value32NBO bw);
-/**
- * We no longer care about communicating with a peer.
- *
- * @param sh handle
- */
-void
-GNUNET_ATS_application_suggest_cancel (struct
-                                       GNUNET_ATS_ApplicationSuggestHandle *sh);
-/** @} */  /* end of group */
-/** @} */  /* end of Backbone addition*/
-#endif
-/* end of file gnunet_ats_application_service.h */
diff --git a/src/include/gnunet_ats_plugin.h b/src/include/gnunet_ats_plugin.h
deleted file mode 100644
index 206f2dd52..000000000
--- a/src/include/gnunet_ats_plugin.h
+++ /dev/null
@@ -1,492 +0,0 @@
-/*
-   This file is part of GNUnet
-   Copyright (C) 2009-2015 GNUnet e.V.
-   GNUnet is free software: you can redistribute it and/or modify it
-   under the terms of the GNU Affero General Public License as published
-   by the Free Software Foundation, either version 3 of the License,
-   or (at your option) any later version.
-   GNUnet is distributed in the hope that it will be useful, but
-   WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   Affero General Public License for more details.
-   You should have received a copy of the GNU Affero General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @author Christian Grothoff
- *
- * @file
- * API for the ATS solvers.
- *
- * @defgroup ats-plugin  ATS service plugin API
- * Plugin API for the ATS service.
- *
- * Specifies the struct that is given to the plugin's entry method and the other
- * struct that must be returned.  Note that the destructors of ATS plugins will
- * be given the value returned by the constructor and is expected to return a
- * NULL pointer.
- *
- * @{
- */
-#ifndef PLUGIN_ATS_H
-#define PLUGIN_ATS_H
-#include "gnunet_ats_service.h"
-#include "gnunet_statistics_service.h"
-/**
- * Representation of an address the plugin can choose from.
- */
-struct ATS_Address;
-/**
- * Change the preference for a peer
- *
- * @param handle the solver handle
- * @param client the client sending this request
- * @param peer the peer id
- * @param kind the preference kind to change
- * @param score the new preference score
- * @param pref_rel the normalized preference value for this kind over all clients
- */
-typedef void
-(*GAS_solver_address_change_preference) (void *solver,
-                                         const struct GNUNET_PeerIdentity *peer,
-                                         enum GNUNET_ATS_PreferenceKind kind,
-                                         double pref_rel);
-/**
- * Give feedback about the current assignment
- *
- * @param handle the solver handle
- * @param application the application sending this request
- * @param peer the peer id
- * @param scope the time interval for this feedback: [now - scope .. now]
- * @param kind the preference kind for this feedback
- * @param score the feedback score
- */
-typedef void
-(*GAS_solver_address_feedback_preference) (void *solver,
-                                           struct GNUNET_SERVICE_Client *
-                                           application,
-                                           const struct
-                                           GNUNET_PeerIdentity *peer,
-                                           const struct GNUNET_TIME_Relative
-                                           scope,
-                                           enum GNUNET_ATS_PreferenceKind kind,
-                                           double score);
-/**
- * Notify the solver about a bulk operation changing possibly a lot of values
- * Solver will not resolve until all bulk operations are marked as done
- *
- * @param solver the solver
- */
-typedef void
-(*GAS_solver_bulk_start) (void *solver);
-/**
- * Mark a bulk operation as done
- * Solver will resolve if values have changed
- *
- * @param solver the solver
- */
-typedef void
-(*GAS_solver_bulk_stop) (void *solver);
-/**
- * Add a single address within a network to the solver
- *
- * @param solver the solver Handle
- * @param address the address to add
- * @param network network type of this address
- */
-typedef void
-(*GAS_solver_address_add) (void *solver,
-                           struct ATS_Address *address,
-                           uint32_t network);
-/**
- * Delete an address or just the session from the solver
- *
- * @param solver the solver Handle
- * @param address the address to delete
- */
-typedef void
-(*GAS_solver_address_delete) (void *solver,
-                              struct ATS_Address *address);
-/**
- * Transport properties for this address have changed
- *
- * @param solver solver handle
- * @param address the address
- */
-typedef void
-(*GAS_solver_address_property_changed) (void *solver,
-                                        struct ATS_Address *address);
-/**
- * Get the preferred address for a peer from solver
- *
- * @param solver the solver to use
- * @param peer the peer
- */
-typedef void
-(*GAS_solver_get_preferred_address) (void *solver,
-                                     const struct GNUNET_PeerIdentity *peer);
-/**
- * Stop getting the preferred address for a peer from solver
- *
- * @param solver the solver to use
- * @param peer the peer
- */
-typedef void
-(*GAS_solver_stop_get_preferred_address) (void *solver,
-                                          const struct
-                                          GNUNET_PeerIdentity *peer);
-/**
- * Solver functions.
- *
- * Each solver is required to set up and return an instance
- * of this struct during initialization.
- */
-struct GNUNET_ATS_SolverFunctions
-{
-  /**
-   * Closure to pass to all solver functions in this struct.
-   */
-  void *cls;
-  /**
-   * Add a new address for a peer to the solver
-   *
-   * The address is already contained in the addresses hashmap!
-   */
-  GAS_solver_address_add s_add;
-  /**
-   * Update the properties of an address in the solver
-   */
-  GAS_solver_address_property_changed s_address_update_property;
-  /**
-   * Tell solver to notify ATS if the address to use changes for a specific
-   * peer using the bandwidth changed callback
-   *
-   * The solver must only notify about changes for peers with pending address
-   * requests!
-   */
-  GAS_solver_get_preferred_address s_get;
-  /**
-   * Tell solver stop notifying ATS about changes for this peers
-   *
-   * The solver must only notify about changes for peers with pending address
-   * requests!
-   */
-  GAS_solver_stop_get_preferred_address s_get_stop;
-  /**
-   * Delete an address in the solver
-   *
-   * The address is not contained in the address hashmap anymore!
-   */
-  GAS_solver_address_delete s_del;
-  /**
-   * Change relative preference for quality in solver
-   */
-  GAS_solver_address_change_preference s_pref;
-  /**
-   * Give feedback about the current assignment
-   */
-  GAS_solver_address_feedback_preference s_feedback;
-  /**
-   * Start a bulk operation
-   *
-   * Used if many values have to be updated at the same time.
-   * When a bulk operation is pending the solver does not have to resolve
-   * the problem since more updates will follow anyway
-   *
-   * For each call to bulk_start, a call to bulk_stop is required!
-   */
-  GAS_solver_bulk_start s_bulk_start;
-  /**
-   * Bulk operation done
-   *
-   * If no more bulk operations are pending, the solver can solve the problem
-   * with the updated values
-   */
-  GAS_solver_bulk_stop s_bulk_stop;
-};
-/**
- * Operation codes for solver information callback
- *
- * Order of calls is expected to be:
- * #GAS_OP_SOLVE_START
- * #GAS_OP_SOLVE_STOP
- * #GAS_OP_SOLVE_UPDATE_NOTIFICATION_START
- * #GAS_OP_SOLVE_UPDATE_NOTIFICATION_STOP
- *
- */
-enum GAS_Solver_Operation
-{
-  /**
-   * A solution iteration has been started
-   */
-  GAS_OP_SOLVE_START,
-  /**
-   * A solution iteration has been finished
-   */
-  GAS_OP_SOLVE_STOP,
-  /**
-   * The setup of the problem as a preparation to solve it was started
-   */
-  GAS_OP_SOLVE_SETUP_START,
-  /**
-   * The setup of the problem as a preparation to solve is finished
-   */
-  GAS_OP_SOLVE_SETUP_STOP,
-  /**
-   * Solving of the LP problem was started
-   * MLP solver only
-   */
-  GAS_OP_SOLVE_MLP_LP_START,
-  /**
-   * Solving of the LP problem is done
-   * MLP solver only
-   */
-  GAS_OP_SOLVE_MLP_LP_STOP,
-  /**
-   * Solving of the MLP problem was started
-   * MLP solver only
-   */
-  GAS_OP_SOLVE_MLP_MLP_START,
-  /**
-   * Solving of the MLP problem is done
-   * MLP solver only
-   */
-  GAS_OP_SOLVE_MLP_MLP_STOP,
-  /**
-   * After the problem was finished, start notifications about changes
-   * to addresses
-   */
-  GAS_OP_SOLVE_UPDATE_NOTIFICATION_START,
-  /**
-   * After the problem was finished, notifications about changes to addresses
-   * are done
-   */
-  GAS_OP_SOLVE_UPDATE_NOTIFICATION_STOP
-};
-/**
- * Status of a GAS_Solver_Operation operation
- */
-enum GAS_Solver_Status
-{
-  /**
-   * Success
-   */
-  GAS_STAT_SUCCESS,
-  /**
-   * Failure
-   */
-  GAS_STAT_FAIL
-};
-/**
- * Status of the operation
- */
-enum GAS_Solver_Additional_Information
-{
-  /**
-   * No more specific information
-   */
-  GAS_INFO_NONE,
-  /**
-   * A full solution process is performed
-   * Quite specific to the MLP solver
-   */
-  GAS_INFO_FULL,
-  /**
-   * An existing solution was reused
-   * Quite specific to the MLP solver
-   */
-  GAS_INFO_UPDATED,
-  /**
-   * The proportional solver had to recalculate for a single network
-   */
-  GAS_INFO_PROP_SINGLE,
-  /**
-   * The proportional solver had to recalculate for all networks
-   */
-  GAS_INFO_PROP_ALL
-};
-/**
- * Callback to call with additional information
- * Used for measurement
- *
- * @param cls the closure
- * @param op the operation
- */
-typedef void
-(*GAS_solver_information_callback) (void *cls,
-                                    enum GAS_Solver_Operation op,
-                                    enum GAS_Solver_Status stat,
-                                    enum GAS_Solver_Additional_Information);
-/**
- * Callback to call from solver when bandwidth for address has changed
- *
- * @param address the with changed bandwidth assigned
- */
-typedef void
-(*GAS_bandwidth_changed_cb) (void *cls,
-                             struct ATS_Address *address);
-/**
- * Callback to call from solver to obtain application preference
- * values for a peer.
- *
- * @param cls the cls
- * @param id the peer id
- * @return carry of double values containing the preferences with
- *      GNUNET_ATS_PreferenceCount elements
- */
-typedef const double *
-(*GAS_get_preferences) (void *cls,
-                        const struct GNUNET_PeerIdentity *id);
-/**
- * Callback to call from solver to obtain application connectivity
- * preferences for a peer.
- *
- * @param cls the cls
- * @param id the peer id
- * @return 0 if connectivity is not desired, non-null if address
- *      suggestions are requested
- */
-typedef unsigned int
-(*GAS_get_connectivity) (void *cls,
-                         const struct GNUNET_PeerIdentity *id);
-/**
- * The ATS plugin will pass a pointer to a struct
- * of this type as to the initialization function
- * of the ATS plugins.
- */
-struct GNUNET_ATS_PluginEnvironment
-{
-  /**
-   * Configuration handle to be used by the solver
-   */
-  const struct GNUNET_CONFIGURATION_Handle *cfg;
-  /**
-   * Statistics handle to be used by the solver
-   */
-  struct GNUNET_STATISTICS_Handle *stats;
-  /**
-   * Closure to pass to all callbacks in this struct.
-   */
-  void *cls;
-  /**
-   * Hashmap containing all addresses available
-   */
-  struct GNUNET_CONTAINER_MultiPeerMap *addresses;
-  /**
-   * ATS addresses callback to be notified about bandwidth assignment changes
-   */
-  GAS_bandwidth_changed_cb bandwidth_changed_cb;
-  /**
-   * ATS addresses function to obtain preference values
-   */
-  GAS_get_preferences get_preferences;
-  /**
-   * ATS addresses function to obtain preference values
-   */
-  GAS_get_connectivity get_connectivity;
-  /**
-   * Callback for solver to call with status information,
-   * can be NULL
-   */
-  GAS_solver_information_callback info_cb;
-  /**
-   * Number of networks available, size of the @e out_quota
-   * and @e in_quota arrays.
-   */
-  unsigned int network_count;
-  /**
-   * Array of configured outbound quotas
-   * Order according to networks in network array
-   */
-  unsigned long long out_quota[GNUNET_NT_COUNT];
-  /**
-   * Array of configured inbound quotas
-   * Order according to networks in network array
-   */
-  unsigned long long in_quota[GNUNET_NT_COUNT];
-};
-#endif
-/** @} */  /* end of group */
-/** @} */  /* end of group addition */
diff --git a/src/include/gnunet_ats_service.h b/src/include/gnunet_ats_service.h
deleted file mode 100644
index ce149875a..000000000
--- a/src/include/gnunet_ats_service.h
+++ /dev/null
@@ -1,631 +0,0 @@
-/*
-   This file is part of GNUnet.
-   Copyright (C) 2010-2015 GNUnet e.V.
-   GNUnet is free software: you can redistribute it and/or modify it
-   under the terms of the GNU Affero General Public License as published
-   by the Free Software Foundation, either version 3 of the License,
-   or (at your option) any later version.
-   GNUnet is distributed in the hope that it will be useful, but
-   WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   Affero General Public License for more details.
-   You should have received a copy of the GNU Affero General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @file
- * Automatic transport selection and outbound bandwidth determination
- *
- * @author Christian Grothoff
- * @author Matthias Wachs
- *
- * @defgroup ats  ATS service
- * Automatic Transport Selection and outbound bandwidth determination
- *
- * @see [Documentation](https://gnunet.org/ats-subsystem)
- *
- * @{
- */
-#ifndef GNUNET_ATS_SERVICE_H
-#define GNUNET_ATS_SERVICE_H
-#include "gnunet_constants.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_hello_lib.h"
-/**
- * Default bandwidth assigned to a network : 64 KB/s
- */
-#define GNUNET_ATS_DefaultBandwidth 65536
-/**
- * Undefined value for an `enum GNUNET_ATS_Property`
- */
-#define GNUNET_ATS_VALUE_UNDEFINED UINT32_MAX
-/**
- * String representation for GNUNET_ATS_VALUE_UNDEFINED
- */
-#define GNUNET_ATS_VALUE_UNDEFINED_STR "undefined"
-/**
- * Maximum bandwidth assigned to a network : 4095 MB/s
- */
-#define GNUNET_ATS_MaxBandwidth UINT32_MAX
-/**
- * Textual equivalent for GNUNET_ATS_MaxBandwidth
- */
-#define GNUNET_ATS_MaxBandwidthString "unlimited"
-/**
- * ATS performance characteristics for an address.
- */
-struct GNUNET_ATS_Properties
-{
-  /**
-   * Delay.  Time between when the time packet is sent and the packet
-   * arrives.  FOREVER if we did not measure yet.
-   */
-  struct GNUNET_TIME_Relative delay;
-  /**
-   * Actual traffic on this connection from this peer to the other peer.
-   * Includes transport overhead.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t utilization_out;
-  /**
-   * Actual traffic on this connection from the other peer to this peer.
-   * Includes transport overhead.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t utilization_in;
-  /**
-   * Distance on network layer (required for distance-vector routing)
-   * in hops.  Zero for direct connections (e.g. plain TCP/UDP).
-   */
-  unsigned int distance;
-  /**
-   * Which network scope does the respective address belong to?
-   * This property does not change.
-   */
-  enum GNUNET_NetworkType scope;
-};
-/**
- * ATS performance characteristics for an address in
- * network byte order (for IPC).
- */
-struct GNUNET_ATS_PropertiesNBO
-{
-  /**
-   * Actual traffic on this connection from this peer to the other peer.
-   * Includes transport overhead.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t utilization_out GNUNET_PACKED;
-  /**
-   * Actual traffic on this connection from the other peer to this peer.
-   * Includes transport overhead.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t utilization_in GNUNET_PACKED;
-  /**
-   * Which network scope does the respective address belong to?
-   * This property does not change.
-   */
-  uint32_t scope GNUNET_PACKED;
-  /**
-   * Distance on network layer (required for distance-vector routing)
-   * in hops.  Zero for direct connections (e.g. plain TCP/UDP).
-   */
-  uint32_t distance GNUNET_PACKED;
-  /**
-   * Delay.  Time between when the time packet is sent and the packet
-   * arrives.  FOREVER if we did not measure yet.
-   */
-  struct GNUNET_TIME_RelativeNBO delay;
-};
-/* ********************* LAN Characterization library ************************ */
-/* Note: these functions do not really communicate with the ATS service */
-/**
- * Convert ATS properties from host to network byte order.
- *
- * @param nbo[out] value written
- * @param hbo value read
- */
-void
-GNUNET_ATS_properties_hton (struct GNUNET_ATS_PropertiesNBO *nbo,
-                            const struct GNUNET_ATS_Properties *hbo);
-/**
- * Convert ATS properties from network to host byte order.
- *
- * @param hbo[out] value written
- * @param nbo value read
- */
-void
-GNUNET_ATS_properties_ntoh (struct GNUNET_ATS_Properties *hbo,
-                            const struct GNUNET_ATS_PropertiesNBO *nbo);
-/* ********************Connection Suggestion API ***************************** */
-/**
- * Handle to the ATS subsystem for making suggestions about
- * connections the peer would like to have.
- */
-struct GNUNET_ATS_ConnectivityHandle;
-/**
- * Handle for address suggestion requests.
- */
-struct GNUNET_ATS_ConnectivitySuggestHandle;
-/**
- * Initialize the ATS connectivity suggestion client handle.
- *
- * @param cfg configuration to use
- * @return ats connectivity handle, NULL on error
- */
-struct GNUNET_ATS_ConnectivityHandle *
-GNUNET_ATS_connectivity_init (const struct GNUNET_CONFIGURATION_Handle *cfg);
-/**
- * Shutdown ATS connectivity suggestion client.
- *
- * @param ch handle to destroy
- */
-void
-GNUNET_ATS_connectivity_done (struct GNUNET_ATS_ConnectivityHandle *ch);
-/**
- * We would like to establish a new connection with a peer.  ATS
- * should suggest a good address to begin with.
- *
- * @param ch handle
- * @param peer identity of the peer we need an address for
- * @param strength how urgent is the need for such a suggestion
- * @return suggestion handle, NULL if request is already pending
- */
-struct GNUNET_ATS_ConnectivitySuggestHandle *
-GNUNET_ATS_connectivity_suggest (struct GNUNET_ATS_ConnectivityHandle *ch,
-                                 const struct GNUNET_PeerIdentity *peer,
-                                 uint32_t strength);
-/**
- * We no longer care about being connected to a peer.
- *
- * @param sh handle to stop
- */
-void
-GNUNET_ATS_connectivity_suggest_cancel (struct
-                                        GNUNET_ATS_ConnectivitySuggestHandle *sh);
-/* ******************************** Scheduling API ***************************** */
-/**
- * Handle to the ATS subsystem for bandwidth/transport scheduling information.
- */
-struct GNUNET_ATS_SchedulingHandle;
-/**
- * Opaque session handle, defined by plugins.  Contents not known to ATS.
- */
-struct GNUNET_ATS_Session;
-/**
- * Signature of a function called by ATS with the current bandwidth
- * and address preferences as determined by ATS.  If our connection
- * to ATS dies and thus all suggestions become invalid, this function
- * is called ONCE with all arguments (except @a cls) being NULL/0.
- *
- * @param cls closure
- * @param peer for which we suggest an address, NULL if ATS connection died
- * @param address suggested address (including peer identity of the peer),
- *             may be NULL to signal disconnect from peer
- * @param session session to use, NULL to establish a new outgoing session
- * @param bandwidth_out assigned outbound bandwidth for the connection,
- *        0 to signal disconnect
- * @param bandwidth_in assigned inbound bandwidth for the connection,
- *        0 to signal disconnect
- */
-typedef void
-(*GNUNET_ATS_AddressSuggestionCallback) (void *cls,
-                                         const struct GNUNET_PeerIdentity *peer,
-                                         const struct
-                                         GNUNET_HELLO_Address *address,
-                                         struct GNUNET_ATS_Session *session,
-                                         struct GNUNET_BANDWIDTH_Value32NBO
-                                         bandwidth_out,
-                                         struct GNUNET_BANDWIDTH_Value32NBO
-                                         bandwidth_in);
-/**
- * Initialize the ATS scheduling subsystem.
- *
- * @param cfg configuration to use
- * @param suggest_cb notification to call whenever the suggestation changed
- * @param suggest_cb_cls closure for @a suggest_cb
- * @return ats context
- */
-struct GNUNET_ATS_SchedulingHandle *
-GNUNET_ATS_scheduling_init (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                            GNUNET_ATS_AddressSuggestionCallback suggest_cb,
-                            void *suggest_cb_cls);
-/**
- * Client is done with ATS scheduling, release resources.
- *
- * @param sh handle to release
- */
-void
-GNUNET_ATS_scheduling_done (struct GNUNET_ATS_SchedulingHandle *sh);
-/**
- * Handle used within ATS to track an address.
- */
-struct GNUNET_ATS_AddressRecord;
-/**
- * We have a new address ATS should know. Addresses have to be added with this
- * function before they can be: updated, set in use and destroyed
- *
- * @param sh handle
- * @param address the address
- * @param session session handle (if available, e.g for incoming connections)
- * @param prop performance data for the address
- * @return handle to the address representation inside ATS, NULL
- *         on error (i.e. ATS knows this exact address already, or
- *         address is invalid)
- */
-struct GNUNET_ATS_AddressRecord *
-GNUNET_ATS_address_add (struct GNUNET_ATS_SchedulingHandle *sh,
-                        const struct GNUNET_HELLO_Address *address,
-                        struct GNUNET_ATS_Session *session,
-                        const struct GNUNET_ATS_Properties *prop);
-/**
- * An address was used to initiate a session.
- *
- * @param ar address record to update information for
- * @param session session handle
- */
-void
-GNUNET_ATS_address_add_session (struct GNUNET_ATS_AddressRecord *ar,
-                                struct GNUNET_ATS_Session *session);
-/**
- * A @a session was destroyed, disassociate it from the given address
- * record.  If this was an incoming address, destroys the address as
- * well.
- *
- * @param ar address record to update information for
- * @param session session handle
- * @return #GNUNET_YES if the @a ar was destroyed because
- *                     it was an incoming address,
- *         #GNUNET_NO if the @a ar was kept because we can
- *                    use it still to establish a new session
- */
-int
-GNUNET_ATS_address_del_session (struct GNUNET_ATS_AddressRecord *ar,
-                                struct GNUNET_ATS_Session *session);
-/**
- * We have updated performance statistics for a given address.  Note
- * that this function can be called for addresses that are currently
- * in use as well as addresses that are valid but not actively in use.
- * Furthermore, the peer may not even be connected to us right now (@a
- * session value of NULL used to signal disconnect, or somehow we
- * otherwise got updated on @a ats information).  Based on the
- * information provided, ATS may update bandwidth assignments and
- * suggest to switch addresses.
- *
- * @param ar address record to update information for
- * @param prop performance data for the address
- */
-void
-GNUNET_ATS_address_update (struct GNUNET_ATS_AddressRecord *ar,
-                           const struct GNUNET_ATS_Properties *prop);
-/**
- * An address got destroyed, stop using it as a valid address.
- *
- * @param ar address record to destroy, its validation has
- *           expired and ATS may no longer use it
- */
-void
-GNUNET_ATS_address_destroy (struct GNUNET_ATS_AddressRecord *ar);
-/* ******************************** Performance API ***************************** */
-/**
- * ATS Handle to obtain and/or modify performance information.
- */
-struct GNUNET_ATS_PerformanceHandle;
-/**
- * Signature of a function that is called with QoS information about an address.
- *
- * @param cls closure
- * @param address the address, NULL if ATS service was disconnected or
- *        when the iteration is completed in the case of
- *        #GNUNET_ATS_performance_list_addresses()
- * @param address_active #GNUNET_YES if this address is actively used
- *        to maintain a connection to a peer;
- *        #GNUNET_NO if the address is not actively used;
- *        #GNUNET_SYSERR if this address is no longer available for ATS
- * @param bandwidth_out assigned outbound bandwidth for the connection
- * @param bandwidth_in assigned inbound bandwidth for the connection
- * @param prop performance data for the address
- */
-typedef void
-(*GNUNET_ATS_AddressInformationCallback) (void *cls,
-                                          const struct
-                                          GNUNET_HELLO_Address *address,
-                                          int address_active,
-                                          struct GNUNET_BANDWIDTH_Value32NBO
-                                          bandwidth_out,
-                                          struct GNUNET_BANDWIDTH_Value32NBO
-                                          bandwidth_in,
-                                          const struct
-                                          GNUNET_ATS_Properties *prop);
-/**
- * Handle for an address listing operation
- */
-struct GNUNET_ATS_AddressListHandle;
-/**
- * Get handle to access performance API of the ATS subsystem.
- *
- * @param cfg configuration to use
- * @param addr_info_cb callback called when performance characteristics for
- *      an address change
- * @param addr_info_cb_cls closure for @a addr_info_cb
- * @return ats performance context
- */
-struct GNUNET_ATS_PerformanceHandle *
-GNUNET_ATS_performance_init (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                             GNUNET_ATS_AddressInformationCallback addr_info_cb,
-                             void *addr_info_cb_cls);
-/**
- * Get information about addresses known to the ATS subsystem.
- *
- * @param ph the performance handle to use
- * @param peer peer idm can be NULL for all peers
- * @param all #GNUNET_YES to get information about all addresses or #GNUNET_NO to
- *        get only address currently used
- * @param infocb callback to call with the addresses,
- *        will callback with address == NULL when done
- * @param infocb_cls closure for @a infocb
- * @return handle to abort the operation
- */
-struct GNUNET_ATS_AddressListHandle *
-GNUNET_ATS_performance_list_addresses (struct GNUNET_ATS_PerformanceHandle *ph,
-                                       const struct GNUNET_PeerIdentity *peer,
-                                       int all,
-                                       GNUNET_ATS_AddressInformationCallback
-                                       infocb,
-                                       void *infocb_cls);
-/**
- * Cancel a pending address listing operation
- *
- * @param alh the `struct GNUNET_ATS_AddressListHandle` handle to cancel
- */
-void
-GNUNET_ATS_performance_list_addresses_cancel (struct
-                                              GNUNET_ATS_AddressListHandle *alh);
-/**
- * Client is done using the ATS performance subsystem, release resources.
- *
- * @param ph handle
- */
-void
-GNUNET_ATS_performance_done (struct GNUNET_ATS_PerformanceHandle *ph);
-/**
- * Function called with reservation result.
- *
- * @param cls closure
- * @param peer identifies the peer
- * @param amount set to the amount that was actually reserved or unreserved;
- *               either the full requested amount or zero (no partial reservations)
- * @param res_delay if the reservation could not be satisfied (amount was 0), how
- *        long should the client wait until re-trying?
- */
-typedef void
-(*GNUNET_ATS_ReservationCallback) (void *cls,
-                                   const struct GNUNET_PeerIdentity *peer,
-                                   int32_t amount,
-                                   struct GNUNET_TIME_Relative res_delay);
-/**
- * Context that can be used to cancel a peer information request.
- */
-struct GNUNET_ATS_ReservationContext;
-/**
- * Reserve inbound bandwidth from the given peer.  ATS will look at
- * the current amount of traffic we receive from the peer and ensure
- * that the peer could add 'amount' of data to its stream.
- *
- * @param ph performance handle
- * @param peer identifies the peer
- * @param amount reserve N bytes for receiving, negative
- *                amounts can be used to undo a (recent) reservation;
- * @param rcb function to call with the resulting reservation information
- * @param rcb_cls closure for @a rcb
- * @return NULL on error
- * @deprecated will be replaced soon
- */
-struct GNUNET_ATS_ReservationContext *
-GNUNET_ATS_reserve_bandwidth (struct GNUNET_ATS_PerformanceHandle *ph,
-                              const struct GNUNET_PeerIdentity *peer,
-                              int32_t amount,
-                              GNUNET_ATS_ReservationCallback rcb,
-                              void *rcb_cls);
-/**
- * Cancel request for reserving bandwidth.
- *
- * @param rc context returned by the original #GNUNET_ATS_reserve_bandwidth() call
- */
-void
-GNUNET_ATS_reserve_bandwidth_cancel (struct GNUNET_ATS_ReservationContext *rc);
-/**
- * ATS preference types as array initializer
- */
-#define GNUNET_ATS_PreferenceType { GNUNET_ATS_PREFERENCE_BANDWIDTH, \
-                                    GNUNET_ATS_PREFERENCE_LATENCY, \
-                                    GNUNET_ATS_PREFERENCE_END }
-/**
- * ATS preference types as string array initializer
- */
-#define GNUNET_ATS_PreferenceTypeString { "BANDWIDTH", "LATENCY", "END" }
-/**
- * Enum defining all known preference categories.
- */
-enum GNUNET_ATS_PreferenceKind
-{
-  /**
-   * Change the peer's bandwidth value (value per byte of bandwidth in
-   * the goal function) to the given amount.  The argument is followed
-   * by a double value giving the desired value (can be negative).
-   * Preference changes are forgotten if peers disconnect.
-   */
-  GNUNET_ATS_PREFERENCE_BANDWIDTH = 0,
-  /**
-   * Change the peer's latency value to the given amount.  The
-   * argument is followed by a double value giving the desired value
-   * (can be negative).  The absolute score in the goal function is
-   * the inverse of the latency in microseconds (minimum: 1
-   * microsecond) multiplied by the latency preferences.
-   */
-  GNUNET_ATS_PREFERENCE_LATENCY = 1,
-  /**
-   * End of preference list.
-   */
-  GNUNET_ATS_PREFERENCE_END = 2
-};
-/**
- * Convert an `enum GNUNET_ATS_PreferenceType` to a string
- *
- * @param type the preference type
- * @return a string or NULL if invalid
- */
-const char *
-GNUNET_ATS_print_preference_type (enum GNUNET_ATS_PreferenceKind type);
-/**
- * Change preferences for the given peer. Preference changes are 
- * forgotten if peers disconnect.
- *
- * @param ph performance handle 
- * @param peer identifies the peer
- * @param ... #GNUNET_ATS_PREFERENCE_END-terminated specification of the
- *            desired changes
- */
-void
-GNUNET_ATS_performance_change_preference (struct
-                                          GNUNET_ATS_PerformanceHandle *ph,
-                                          const struct
-                                          GNUNET_PeerIdentity *peer,
-                                          ...);
-/**
- * Application feedback on how good preference requirements are fulfilled
- * for the preferences included in the given time scope [now - scope .. now]
- *
- * An application notifies ATS if (and only if) it has feedback information
- * for specific properties. This values are valid until the feedback scores are
- * updated by the application.
- *
- * If the application has no feedback for this preference kind the application
- * will not explicitly call for this property and will not include it in this
- * function call.
- *
- * @param ph performance handle
- * @param scope the time interval this valid for: [now - scope .. now]
- * @param peer identifies the peer
- * @param ... #GNUNET_ATS_PREFERENCE_END-terminated specification of the desired changes
- */
-void
-GNUNET_ATS_performance_give_feedback (struct GNUNET_ATS_PerformanceHandle *ph,
-                                      const struct GNUNET_PeerIdentity *peer,
-                                      const struct GNUNET_TIME_Relative scope,
-                                      ...);
-#endif
-/** @} */  /* end of group */
-/** @} */  /* end of Backbone addition */
-/* end of file gnunet-service-transport_ats.h */
diff --git a/src/include/gnunet_ats_transport_service.h b/src/include/gnunet_ats_transport_service.h
deleted file mode 100644
index b6c7b15ae..000000000
--- a/src/include/gnunet_ats_transport_service.h
+++ /dev/null
@@ -1,241 +0,0 @@
-/*
-   This file is part of GNUnet.
-   Copyright (C) 2010-2015, 2018 GNUnet e.V.
-   GNUnet is free software: you can redistribute it and/or modify it
-   under the terms of the GNU Affero General Public License as published
-   by the Free Software Foundation, either version 3 of the License,
-   or (at your option) any later version.
-   GNUnet is distributed in the hope that it will be useful, but
-   WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   Affero General Public License for more details.
-   You should have received a copy of the GNU Affero General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @file
- * Bandwidth allocation API for the transport service
- *
- * @author Christian Grothoff
- * @author Matthias Wachs
- *
- * @defgroup ats  ATS service
- * Bandwidth allocation for transport service
- *
- * @see [Documentation](https://gnunet.org/ats-subsystem)
- *
- * @{
- */
-#ifndef GNUNET_ATS_TRANSPORT_SERVICE_H
-#define GNUNET_ATS_TRANSPORT_SERVICE_H
-#include "gnunet_constants.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_nt_lib.h"
-#include "gnunet_transport_communication_service.h"
-/**
- * ATS performance characteristics for a session.
- */
-struct GNUNET_ATS_Properties
-{
-  /**
-   * Delay.  Time between when the time packet is sent and the packet
-   * arrives.  FOREVER if we did not (successfully) measure yet.
-   */
-  struct GNUNET_TIME_Relative delay;
-  /**
-   * Confirmed successful payload on this connection from this peer to
-   * the other peer.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t goodput_out;
-  /**
-   * Confirmed useful payload on this connection to this peer from
-   * the other peer.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t goodput_in;
-  /**
-   * Actual traffic on this connection from this peer to the other peer.
-   * Includes transport overhead.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t utilization_out;
-  /**
-   * Actual traffic on this connection from the other peer to this peer.
-   * Includes transport overhead.
-   *
-   * Unit: [bytes/second]
-   */
-  uint32_t utilization_in;
-  /**
-   * Distance on network layer (required for distance-vector routing)
-   * in hops.  Zero for direct connections (e.g. plain TCP/UDP).
-   */
-  uint32_t distance;
-  /**
-   * MTU of the network layer, UINT32_MAX for no MTU (stream).
-   *
-   * Unit: [bytes]
-   */
-  uint32_t mtu;
-  /**
-   * Which network scope does the respective address belong to?
-   */
-  enum GNUNET_NetworkType nt;
-  /**
-   * What characteristics does this communicator have?
-   */
-  enum GNUNET_TRANSPORT_CommunicatorCharacteristics cc;
-};
-/* ******************************** Transport API ***************************** */
-/**
- * Handle to the ATS subsystem for bandwidth/transport transport information.
- */
-struct GNUNET_ATS_TransportHandle;
-/**
- * Opaque session handle, to be defined by transport.  Contents not known to ATS.
- */
-struct GNUNET_ATS_Session;
-/**
- * Signature of a function called by ATS with the current bandwidth
- * allocation to be used as determined by ATS.
- *
- * @param cls closure
- * @param session session this is about
- * @param bandwidth_out assigned outbound bandwidth for the connection,
- *        0 to signal disconnect
- * @param bandwidth_in assigned inbound bandwidth for the connection,
- *        0 to signal disconnect
- */
-typedef void
-(*GNUNET_ATS_AllocationCallback) (void *cls,
-                                  struct GNUNET_ATS_Session *session,
-                                  struct GNUNET_BANDWIDTH_Value32NBO
-                                  bandwidth_out,
-                                  struct GNUNET_BANDWIDTH_Value32NBO
-                                  bandwidth_in);
-/**
- * Signature of a function called by ATS suggesting transport to
- * try connecting with a particular address.
- *
- * @param cls closure
- * @param pid target peer
- * @param address the address to try
- */
-typedef void
-(*GNUNET_ATS_SuggestionCallback) (void *cls,
-                                  const struct GNUNET_PeerIdentity *pid,
-                                  const char *address);
-/**
- * Initialize the ATS transport subsystem.
- *
- * @param cfg configuration to use
- * @param alloc_cb notification to call whenever the allocation changed
- * @param alloc_cb_cls closure for @a alloc_cb
- * @param suggest_cb notification to call whenever the suggestation is made
- * @param suggest_cb_cls closure for @a suggest_cb
- * @return ats context
- */
-struct GNUNET_ATS_TransportHandle *
-GNUNET_ATS_transport_init (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                           GNUNET_ATS_AllocationCallback alloc_cb,
-                           void *alloc_cb_cls,
-                           GNUNET_ATS_SuggestionCallback suggest_cb,
-                           void *suggest_cb_cls);
-/**
- * Client is done with ATS transport, release resources.
- *
- * @param ath handle to release
- */
-void
-GNUNET_ATS_transport_done (struct GNUNET_ATS_TransportHandle *ath);
-/**
- * Handle used within ATS to track an session.
- */
-struct GNUNET_ATS_SessionRecord;
-/**
- * We have a new session ATS should know. Sessiones have to be added with this
- * function before they can be: updated, set in use and destroyed
- *
- * @param ath handle
- * @param pid peer we connected to
- * @param address the address (human readable version),
- * @param session transport-internal handle for the session/queue, NULL if
- *        the session is inbound-only
- * @param prop performance data for the session
- * @return handle to the session representation inside ATS, NULL
- *         on error (i.e. ATS knows this exact session already, or
- *         session is invalid)
- */
-struct GNUNET_ATS_SessionRecord *
-GNUNET_ATS_session_add (struct GNUNET_ATS_TransportHandle *ath,
-                        const struct GNUNET_PeerIdentity *pid,
-                        const char *address,
-                        struct GNUNET_ATS_Session *session,
-                        const struct GNUNET_ATS_Properties *prop);
-/**
- * We have updated performance statistics for a given session.  Based
- * on the information provided, ATS may update bandwidth assignments.
- *
- * @param ar session record to update information for
- * @param prop performance data for the session
- */
-void
-GNUNET_ATS_session_update (struct GNUNET_ATS_SessionRecord *ar,
-                           const struct GNUNET_ATS_Properties *prop);
-/**
- * A session was destroyed, ATS should now schedule and
- * allocate under the assumption that this @a ar is no
- * longer in use.
- *
- * @param ar session record to drop
- */
-void
-GNUNET_ATS_session_del (struct GNUNET_ATS_SessionRecord *ar);
-#endif
-/** @} */  /* end of group */
-/* end of file gnunet-service-transport_ats.h */
diff --git a/src/include/gnunet_bandwidth_lib.h b/src/include/gnunet_bandwidth_lib.h
index 7c854aab5..00a7d6c5d 100644
--- a/src/include/gnunet_bandwidth_lib.h
+++ b/src/include/gnunet_bandwidth_lib.h
@@ -18,10 +18,6 @@
     SPDX-License-Identifier: AGPL3.0-or-later
 */
-#if !defined (__GNUNET_UTIL_LIB_H_INSIDE__)
-#error "Only <gnunet_util_lib.h> can be included directly."
-#endif
 /**
 * @addtogroup libgnunetutil
 * Multi-function utilities library for GNUnet programs
diff --git a/src/include/gnunet_bio_lib.h b/src/include/gnunet_bio_lib.h
index 48a1a512d..73550db7e 100644
--- a/src/include/gnunet_bio_lib.h
+++ b/src/include/gnunet_bio_lib.h
@@ -33,6 +33,7 @@
 * @{
 */
+#include "gnunet_common.h"
 #if !defined (__GNUNET_UTIL_LIB_H_INSIDE__)
 #error "Only <gnunet_util_lib.h> can be included directly."
 #endif
@@ -88,7 +89,7 @@ GNUNET_BIO_read_open_buffer (void *buffer, size_t size);
 * @param emsg set to the error message
 * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read_close (struct GNUNET_BIO_ReadHandle *h, char **emsg);
 /**
@@ -110,7 +111,7 @@ GNUNET_BIO_read_set_error (struct GNUNET_BIO_ReadHandle *h, const char* emsg);
 * @param len the number of bytes to read
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read (struct GNUNET_BIO_ReadHandle *h,
                 const char *what,
                 void *result,
@@ -127,7 +128,7 @@ GNUNET_BIO_read (struct GNUNET_BIO_ReadHandle *h,
 * @param max_length maximum allowed length for the string
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read_string (struct GNUNET_BIO_ReadHandle *h,
                        const char *what,
                        char **result,
@@ -142,7 +143,7 @@ GNUNET_BIO_read_string (struct GNUNET_BIO_ReadHandle *h,
 * @param what describes what is being read (for error message creation)
 * @param f address of float to read
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read_float (struct GNUNET_BIO_ReadHandle *h,
                       const char *what,
                       float *f);
@@ -155,7 +156,7 @@ GNUNET_BIO_read_float (struct GNUNET_BIO_ReadHandle *h,
 * @param what describes what is being read (for error message creation)
 * @param f address of double to read
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read_double (struct GNUNET_BIO_ReadHandle *h,
                        const char *what,
                        double *f);
@@ -169,7 +170,7 @@ GNUNET_BIO_read_double (struct GNUNET_BIO_ReadHandle *h,
 * @param i where to store the data
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read_int32 (struct GNUNET_BIO_ReadHandle *h,
                       const char *what,
                       int32_t *i);
@@ -183,7 +184,7 @@ GNUNET_BIO_read_int32 (struct GNUNET_BIO_ReadHandle *h,
 * @param i where to store the data
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read_int64 (struct GNUNET_BIO_ReadHandle *h,
                       const char *what,
                       int64_t *i);
@@ -224,7 +225,7 @@ GNUNET_BIO_write_open_buffer (void);
 * @return #GNUNET_OK upon success.  Upon failure #GNUNET_SYSERR is returned
 *         and the file is closed
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_flush (struct GNUNET_BIO_WriteHandle *h);
@@ -240,7 +241,7 @@ GNUNET_BIO_flush (struct GNUNET_BIO_WriteHandle *h);
 * @param size where to store the size of @e contents
 * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_get_buffer_contents (struct GNUNET_BIO_WriteHandle *h,
                                char **emsg,
                                void **contents,
@@ -256,7 +257,7 @@ GNUNET_BIO_get_buffer_contents (struct GNUNET_BIO_WriteHandle *h,
 *        if the handle has an error message, the return value is #GNUNET_SYSERR
 * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write_close (struct GNUNET_BIO_WriteHandle *h, char **emsg);
@@ -269,7 +270,7 @@ GNUNET_BIO_write_close (struct GNUNET_BIO_WriteHandle *h, char **emsg);
 * @param n number of bytes to write
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write (struct GNUNET_BIO_WriteHandle *h,
                  const char *what,
                  const void *buffer,
@@ -284,7 +285,7 @@ GNUNET_BIO_write (struct GNUNET_BIO_WriteHandle *h,
 * @param s string to write (can be NULL)
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write_string (struct GNUNET_BIO_WriteHandle *h,
                         const char *what,
                         const char *s);
@@ -298,7 +299,7 @@ GNUNET_BIO_write_string (struct GNUNET_BIO_WriteHandle *h,
 * @param what what is being written (for error message creation)
 * @param f float to write (must be a variable)
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write_float (struct GNUNET_BIO_WriteHandle *h,
                        const char *what,
                        float f);
@@ -310,7 +311,7 @@ GNUNET_BIO_write_float (struct GNUNET_BIO_WriteHandle *h,
 * @param what what is being written (for error message creation)
 * @param f double to write (must be a variable)
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write_double (struct GNUNET_BIO_WriteHandle *h,
                         const char *what,
                         double f);
@@ -324,7 +325,7 @@ GNUNET_BIO_write_double (struct GNUNET_BIO_WriteHandle *h,
 * @param i 32-bit integer to write
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write_int32 (struct GNUNET_BIO_WriteHandle *h,
                        const char *what,
                        int32_t i);
@@ -338,7 +339,7 @@ GNUNET_BIO_write_int32 (struct GNUNET_BIO_WriteHandle *h,
 * @param i 64-bit integer to write
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write_int64 (struct GNUNET_BIO_WriteHandle *h,
                        const char *what,
                        int64_t i);
@@ -489,7 +490,7 @@ GNUNET_BIO_read_spec_double (const char *what, double *f);
 *        the last element must be #GNUNET_BIO_read_spec_end
 * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_read_spec_commit (struct GNUNET_BIO_ReadHandle *h,
                             struct GNUNET_BIO_ReadSpec *rs);
@@ -635,7 +636,7 @@ GNUNET_BIO_write_spec_double (const char *what, double *f);
 *        the last element must be #GNUNET_BIO_write_spec_end
 * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_BIO_write_spec_commit (struct GNUNET_BIO_WriteHandle *h,
                              struct GNUNET_BIO_WriteSpec *ws);
diff --git a/src/include/gnunet_cadet_service.h b/src/include/gnunet_cadet_service.h
index acc7bb330..ab53d2bd8 100644
--- a/src/include/gnunet_cadet_service.h
+++ b/src/include/gnunet_cadet_service.h
@@ -47,7 +47,6 @@ extern "C" {
 #include "gnunet_util_lib.h"
-#include "gnunet_transport_service.h"
 /**
 * Version number of GNUnet-cadet API.
@@ -636,4 +635,3 @@ GNUNET_CADET_list_tunnels_cancel (struct GNUNET_CADET_ListTunnels *lt);
 /** @} */ /* end of group addition */
 /* end of gnunet_cadet_service.h */
diff --git a/src/include/gnunet_container_lib.h b/src/include/gnunet_container_lib.h
index ce1b8f296..df38317ca 100644
--- a/src/include/gnunet_container_lib.h
+++ b/src/include/gnunet_container_lib.h
@@ -52,6 +52,7 @@
 * @}
 */
+#include "gnunet_common.h"
 #if !defined (__GNUNET_UTIL_LIB_H_INSIDE__)
 #error "Only <gnunet_util_lib.h> can be included directly."
 #endif
@@ -177,7 +178,7 @@ GNUNET_CONTAINER_bloomfilter_init (const char *data,
 * @param size the size of the given @a data array
 * @return #GNUNET_SYSERR if the data array of the wrong size
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_CONTAINER_bloomfilter_get_raw_data (
  const struct GNUNET_CONTAINER_BloomFilter *bf,
  char *data,
@@ -291,7 +292,7 @@ GNUNET_CONTAINER_bloomfilter_clear (struct GNUNET_CONTAINER_BloomFilter *bf);
 * @param size size of @a data
 * @return #GNUNET_OK on success
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_CONTAINER_bloomfilter_or (struct GNUNET_CONTAINER_BloomFilter *bf,
                                 const char *data,
                                 size_t size);
@@ -307,7 +308,7 @@ GNUNET_CONTAINER_bloomfilter_or (struct GNUNET_CONTAINER_BloomFilter *bf,
 * @param to_or the bloomfilter to or-in
 * @return #GNUNET_OK on success
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_CONTAINER_bloomfilter_or2 (
  struct GNUNET_CONTAINER_BloomFilter *bf,
  const struct GNUNET_CONTAINER_BloomFilter *to_or);
@@ -577,7 +578,7 @@ GNUNET_CONTAINER_multihashmap_size (
 * @return the number of key value pairs processed,
 *         #GNUNET_SYSERR if it aborted iteration
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_CONTAINER_multihashmap_iterate (
  struct GNUNET_CONTAINER_MultiHashMap *map,
  GNUNET_CONTAINER_MultiHashMapIteratorCallback it,
@@ -646,7 +647,7 @@ GNUNET_CONTAINER_multihashmap_iterator_destroy (
 * @return the number of key value pairs processed,
 *         #GNUNET_SYSERR if it aborted iteration
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_CONTAINER_multihashmap_get_multiple (
  struct GNUNET_CONTAINER_MultiHashMap *map,
  const struct GNUNET_HashCode *key,
@@ -1423,7 +1424,7 @@ GNUNET_CONTAINER_multiuuidmap_size (
 * @return the number of key value pairs processed,
 *         #GNUNET_SYSERR if it aborted iteration
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_CONTAINER_multiuuidmap_iterate (
  struct GNUNET_CONTAINER_MultiUuidmap *map,
  GNUNET_CONTAINER_MultiUuidmapIteratorCallback it,
diff --git a/src/include/gnunet_conversation_service.h b/src/include/gnunet_conversation_service.h
index 7d54914d1..7857a49cf 100644
--- a/src/include/gnunet_conversation_service.h
+++ b/src/include/gnunet_conversation_service.h
@@ -151,7 +151,7 @@ typedef void
                                         struct GNUNET_CONVERSATION_Caller *
                                         caller,
                                         const struct
-                                         GNUNET_IDENTITY_PublicKey *caller_id);
+                                         GNUNET_CRYPTO_PublicKey *caller_id);
 /**
diff --git a/src/include/gnunet_core_service.h b/src/include/gnunet_core_service.h
index 4e188df87..c3069be81 100644
--- a/src/include/gnunet_core_service.h
+++ b/src/include/gnunet_core_service.h
@@ -45,7 +45,6 @@ extern "C" {
 #include "gnunet_util_lib.h"
-#include "gnunet_transport_service.h"
 /**
 * Version number of GNUnet-core API.
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 4fb5d8874..f508d02f6 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -348,6 +348,105 @@ struct GNUNET_CRYPTO_Edx25519Signature
  unsigned char s[256 / 8];
 };
+/**
+ * Key type for the generic public key union
+ */
+enum GNUNET_CRYPTO_KeyType
+{
+  /**
+   * The identity type. The value is the same as the
+   * PKEY record type.
+   */
+  GNUNET_PUBLIC_KEY_TYPE_ECDSA = 65536,
+  /**
+   * EDDSA identity. The value is the same as the EDKEY
+   * record type.
+   */
+  GNUNET_PUBLIC_KEY_TYPE_EDDSA = 65556
+};
+/**
+ * A private key for an identity as per LSD0001.
+ * Note that these types are NOT packed and MUST NOT be used in RPC
+ * messages. Use the respective serialization functions.
+ */
+struct GNUNET_CRYPTO_PrivateKey
+{
+  /**
+   * Type of public key.
+   * Defined by the GNS zone type value.
+   * In NBO.
+   */
+  uint32_t type;
+  union
+  {
+    /**
+     * An ECDSA identity key.
+     */
+    struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_key;
+    /**
+     * AN EdDSA identtiy key
+     */
+    struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_key;
+  };
+};
+/**
+ * An identity key as per LSD0001.
+ */
+struct GNUNET_CRYPTO_PublicKey
+{
+  /**
+   * Type of public key.
+   * Defined by the GNS zone type value.
+   * In NBO.
+   */
+  uint32_t type;
+  union
+  {
+    /**
+     * An ECDSA identity key.
+     */
+    struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key;
+    /**
+     * AN EdDSA identtiy key
+     */
+    struct GNUNET_CRYPTO_EddsaPublicKey eddsa_key;
+  };
+};
+/**
+ * An identity signature as per LSD0001.
+ */
+struct GNUNET_CRYPTO_Signature
+{
+  /**
+   * Type of signature.
+   * Defined by the GNS zone type value.
+   * In NBO.
+   */
+  uint32_t type;
+  union
+  {
+    /**
+     * An ECDSA signature
+     */
+    struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature;
+    /**
+     * AN EdDSA signature
+     */
+    struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+  };
+};
 /**
 * @brief type for session keys
@@ -561,17 +660,33 @@ struct GNUNET_CRYPTO_CsSignature
   * Schnorr signatures are composed of a scalar s and a curve point
   */
  struct GNUNET_CRYPTO_CsS s_scalar;
+  /**
+   * Curve point of the Schnorr signature.
+   */
  struct GNUNET_CRYPTO_CsRPublic r_point;
 };
 /**
- * Nonce
+ * Nonce for the session, picked by client,
+ * shared with the signer.
 */
-struct GNUNET_CRYPTO_CsNonce
+struct GNUNET_CRYPTO_CsSessionNonce
 {
  /*a nonce*/
-  unsigned char nonce[256 / 8];
+  unsigned char snonce[256 / 8];
+};
+/**
+ * Nonce for computing blinding factors. Not
+ * shared with the signer.
+ */
+struct GNUNET_CRYPTO_CsBlindingNonce
+{
+  /*a nonce*/
+  unsigned char bnonce[256 / 8];
 };
@@ -846,7 +961,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc,
 * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding
 */
 #define GNUNET_CRYPTO_hash_from_string(enc, result) \
-        GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result)
+  GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result)
 /**
@@ -2074,15 +2189,15 @@ GNUNET_CRYPTO_eddsa_sign_ (
 * @param[out] sig where to write the signature
 */
 #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do {                 \
-          /* check size is set correctly */                              \
+    /* check size is set correctly */                              \
-          GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps));    \
+    GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps));    \
-          /* check 'ps' begins with the purpose */                       \
+    /* check 'ps' begins with the purpose */                       \
-          GNUNET_static_assert (((void*) (ps)) ==                        \
+    GNUNET_static_assert (((void*) (ps)) ==                        \
-                                ((void*) &(ps)->purpose));               \
+                          ((void*) &(ps)->purpose));               \
-          GNUNET_assert (GNUNET_OK ==                                    \
+    GNUNET_assert (GNUNET_OK ==                                    \
-                         GNUNET_CRYPTO_eddsa_sign_ (priv,                \
+                   GNUNET_CRYPTO_eddsa_sign_ (priv,                \
-                                                    &(ps)->purpose,      \
+                                              &(ps)->purpose,      \
-                                                    sig));               \
+                                              sig));               \
 } while (0)
@@ -2136,15 +2251,15 @@ GNUNET_CRYPTO_eddsa_sign_raw (
 * @param[out] sig where to write the signature
 */
 #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do {                 \
-          /* check size is set correctly */                              \
+    /* check size is set correctly */                              \
-          GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));  \
+    GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));  \
-          /* check 'ps' begins with the purpose */                       \
+    /* check 'ps' begins with the purpose */                       \
-          GNUNET_static_assert (((void*) (ps)) ==                        \
+    GNUNET_static_assert (((void*) (ps)) ==                        \
-                                ((void*) &(ps)->purpose));               \
+                          ((void*) &(ps)->purpose));               \
-          GNUNET_assert (GNUNET_OK ==                                    \
+    GNUNET_assert (GNUNET_OK ==                                    \
-                         GNUNET_CRYPTO_ecdsa_sign_ (priv,                \
+                   GNUNET_CRYPTO_ecdsa_sign_ (priv,                \
-                                                    &(ps)->purpose,      \
+                                              &(ps)->purpose,      \
-                                                    sig));               \
+                                              sig));               \
 } while (0)
 /**
@@ -2183,15 +2298,15 @@ GNUNET_CRYPTO_edx25519_sign_ (
 * @param[out] sig where to write the signature
 */
 #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do {              \
-          /* check size is set correctly */                              \
+    /* check size is set correctly */                              \
-          GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));  \
+    GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));  \
-          /* check 'ps' begins with the purpose */                       \
+    /* check 'ps' begins with the purpose */                       \
-          GNUNET_static_assert (((void*) (ps)) ==                        \
+    GNUNET_static_assert (((void*) (ps)) ==                        \
-                                ((void*) &(ps)->purpose));               \
+                          ((void*) &(ps)->purpose));               \
-          GNUNET_assert (GNUNET_OK ==                                    \
+    GNUNET_assert (GNUNET_OK ==                                    \
-                         GNUNET_CRYPTO_edx25519_sign_ (priv,             \
+                   GNUNET_CRYPTO_edx25519_sign_ (priv,             \
-                                                       &(ps)->purpose,   \
+                                                 &(ps)->purpose,   \
-                                                       sig));            \
+                                                 sig));            \
 } while (0)
@@ -2739,8 +2854,9 @@ GNUNET_CRYPTO_rsa_private_key_get_public (
 * @param hc where to store the hash code
 */
 void
-GNUNET_CRYPTO_rsa_public_key_hash (const struct GNUNET_CRYPTO_RsaPublicKey *key,
+GNUNET_CRYPTO_rsa_public_key_hash (
-                                   struct GNUNET_HashCode *hc);
+  const struct GNUNET_CRYPTO_RsaPublicKey *key,
+  struct GNUNET_HashCode *hc);
 /**
@@ -2845,53 +2961,83 @@ GNUNET_CRYPTO_rsa_public_key_cmp (const struct GNUNET_CRYPTO_RsaPublicKey *p1,
 /**
+ * @brief RSA Parameters to create blinded signature
+ */
+struct GNUNET_CRYPTO_RsaBlindedMessage
+{
+  /**
+   * Blinded message to be signed
+   * Note: is malloc()'ed!
+   */
+  void *blinded_msg;
+  /**
+   * Size of the @e blinded_msg to be signed.
+   */
+  size_t blinded_msg_size;
+};
+/**
 * Blinds the given message with the given blinding key
 *
- * @param hash hash of the message to sign
+ * @param message the message to sign
+ * @param message_size number of bytes in @a message
 * @param bks the blinding key
 * @param pkey the public key of the signer
- * @param[out] buf set to a buffer with the blinded message to be signed
+ * @param[out] bm set to the blinded message
- * @param[out] buf_size number of bytes stored in @a buf
 * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious
 */
-int
+enum GNUNET_GenericReturnValue
-GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash,
+GNUNET_CRYPTO_rsa_blind (const void *message,
+                         size_t message_size,
                         const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
                         struct GNUNET_CRYPTO_RsaPublicKey *pkey,
-                         void **buf,
+                         struct GNUNET_CRYPTO_RsaBlindedMessage *bm);
-                         size_t *buf_size);
 /**
 * Sign a blinded value, which must be a full domain hash of a message.
 *
 * @param key private key to use for the signing
- * @param msg the (blinded) message to sign
+ * @param bm the (blinded) message to sign
- * @param msg_len number of bytes in @a msg to sign
 * @return NULL on error, signature on success
 */
 struct GNUNET_CRYPTO_RsaSignature *
 GNUNET_CRYPTO_rsa_sign_blinded (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
-                                const void *msg,
+                                const struct
-                                size_t msg_len);
+                                GNUNET_CRYPTO_RsaBlindedMessage *bm);
 /**
 * Create and sign a full domain hash of a message.
 *
 * @param key private key to use for the signing
- * @param hash the hash of the message to sign
+ * @param message the message to sign
+ * @param message_size number of bytes in @a message
 * @return NULL on error, including a malicious RSA key, signature on success
 */
 struct GNUNET_CRYPTO_RsaSignature *
 GNUNET_CRYPTO_rsa_sign_fdh (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
-                            const struct GNUNET_HashCode *hash);
+                            const void *message,
+                            size_t message_size);
+/**
+ * Free memory occupied by blinded message. Only frees contents, not
+ * @a bm itself.
+ *
+ * @param[in] bm memory to free
+ */
+void
+GNUNET_CRYPTO_rsa_blinded_message_free (
+  struct GNUNET_CRYPTO_RsaBlindedMessage *bm);
 /**
 * Free memory occupied by signature.
 *
- * @param sig memory to free
+ * @param[in] sig memory to free
 */
 void
 GNUNET_CRYPTO_rsa_signature_free (struct GNUNET_CRYPTO_RsaSignature *sig);
@@ -2919,8 +3065,9 @@ GNUNET_CRYPTO_rsa_signature_encode (
 * @return NULL on error
 */
 struct GNUNET_CRYPTO_RsaSignature *
-GNUNET_CRYPTO_rsa_signature_decode (const void *buf,
+GNUNET_CRYPTO_rsa_signature_decode (
-                                    size_t buf_size);
+  const void *buf,
+  size_t buf_size);
 /**
@@ -2930,7 +3077,8 @@ GNUNET_CRYPTO_rsa_signature_decode (const void *buf,
 * @return the duplicate key; NULL upon error
 */
 struct GNUNET_CRYPTO_RsaSignature *
-GNUNET_CRYPTO_rsa_signature_dup (const struct GNUNET_CRYPTO_RsaSignature *sig);
+GNUNET_CRYPTO_rsa_signature_dup (
+  const struct GNUNET_CRYPTO_RsaSignature *sig);
 /**
@@ -2953,13 +3101,15 @@ GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
 * Verify whether the given hash corresponds to the given signature and the
 * signature is valid with respect to the given public key.
 *
- * @param hash the message to verify to match the @a sig
+ * @param message the message to sign
+ * @param message_size number of bytes in @a message
 * @param sig signature that is being validated
 * @param public_key public key of the signer
 * @returns #GNUNET_YES if ok, #GNUNET_NO if RSA key is malicious, #GNUNET_SYSERR if signature
 */
 enum GNUNET_GenericReturnValue
-GNUNET_CRYPTO_rsa_verify (const struct GNUNET_HashCode *hash,
+GNUNET_CRYPTO_rsa_verify (const void *message,
+                          size_t message_size,
                          const struct GNUNET_CRYPTO_RsaSignature *sig,
                          const struct GNUNET_CRYPTO_RsaPublicKey *public_key);
@@ -2999,10 +3149,11 @@ GNUNET_CRYPTO_cs_private_key_get_public (
 * @param[out] r array containing derived secrets r0 and r1
 */
 void
-GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce,
+GNUNET_CRYPTO_cs_r_derive (
-                           const char *seed,
+  const struct GNUNET_CRYPTO_CsSessionNonce *nonce,
-                           const struct GNUNET_CRYPTO_CsPrivateKey *lts,
+  const char *seed,
-                           struct GNUNET_CRYPTO_CsRSecret r[2]);
+  const struct GNUNET_CRYPTO_CsPrivateKey *lts,
+  struct GNUNET_CRYPTO_CsRSecret r[2]);
 /**
@@ -3012,27 +3163,57 @@ GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce,
 * @param[out] r_pub where to write the public key
 */
 void
-GNUNET_CRYPTO_cs_r_get_public (const struct GNUNET_CRYPTO_CsRSecret *r_priv,
+GNUNET_CRYPTO_cs_r_get_public (
-                               struct GNUNET_CRYPTO_CsRPublic *r_pub);
+  const struct GNUNET_CRYPTO_CsRSecret *r_priv,
+  struct GNUNET_CRYPTO_CsRPublic *r_pub);
 /**
 * Derives new random blinding factors.
 * In original papers blinding factors are generated randomly
- * To provide abort-idempotency, blinding factors need to be derived but still need to be UNPREDICTABLE
+ * To provide abort-idempotency, blinding factors need to be derived but still need to be UNPREDICTABLE.
 * To ensure unpredictability a new nonce has to be used.
- * Uses HKDF internally
+ * Uses HKDF internally.
 *
 * @param blind_seed is the blinding seed to derive blinding factors
 * @param[out] bs array containing the two derived blinding secrets
 */
 void
 GNUNET_CRYPTO_cs_blinding_secrets_derive (
-  const struct GNUNET_CRYPTO_CsNonce *blind_seed,
+  const struct GNUNET_CRYPTO_CsBlindingNonce *blind_seed,
  struct GNUNET_CRYPTO_CsBlindingSecret bs[2]);
 /**
- * Calculate two blinded c's
+ * @brief CS Parameters derived from the message
+ * during blinding to create blinded signature
+ */
+struct GNUNET_CRYPTO_CsBlindedMessage
+{
+  /**
+   * The Clause Schnorr c_0 and c_1 containing the blinded message
+   */
+  struct GNUNET_CRYPTO_CsC c[2];
+  /**
+   * Nonce used in initial request.
+   */
+  struct GNUNET_CRYPTO_CsSessionNonce nonce;
+};
+/**
+ * Pair of Public R values for Cs denominations
+ */
+struct GNUNET_CRYPTO_CSPublicRPairP
+{
+  struct GNUNET_CRYPTO_CsRPublic r_pub[2];
+};
+/**
+ * Calculate two blinded c's.
 * Comment: One would be insecure due to Wagner's algorithm solving ROS
 *
 * @param bs array of the two blinding factor structs each containing alpha and beta
@@ -3041,7 +3222,7 @@ GNUNET_CRYPTO_cs_blinding_secrets_derive (
 * @param msg the message to blind in preparation for signing
 * @param msg_len length of message msg
 * @param[out] blinded_c array of the two blinded c's
- * @param[out] blinded_r_pub array of the two blinded R
+ * @param[out] r_pub_blind array of the two blinded R
 */
 void
 GNUNET_CRYPTO_cs_calc_blinded_c (
@@ -3051,32 +3232,49 @@ GNUNET_CRYPTO_cs_calc_blinded_c (
  const void *msg,
  size_t msg_len,
  struct GNUNET_CRYPTO_CsC blinded_c[2],
-  struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2]);
+  struct GNUNET_CRYPTO_CSPublicRPairP *r_pub_blind);
 /**
- * Sign a blinded c
+ * The Sign Answer for Clause Blind Schnorr signature.
- * This function derives b from a nonce and a longterm secret
+ * The sign operation returns a parameter @param b and the signature
- * In original papers b is generated randomly
+ * scalar @param s_scalar.
+ */
+struct GNUNET_CRYPTO_CsBlindSignature
+{
+  /**
+   * To make ROS problem harder, the signer chooses an unpredictable b and
+   * only calculates signature of c_b
+   */
+  unsigned int b;
+  /**
+   * The blinded s scalar calculated from c_b
+   */
+  struct GNUNET_CRYPTO_CsBlindS s_scalar;
+};
+/**
+ * Sign a blinded @a c.
+ * This function derives b from a nonce and a longterm secret.
+ * In the original papers b is generated randomly.
 * To provide abort-idempotency, b needs to be derived but still need to be UNPREDICTABLE.
- * To ensure unpredictability a new nonce has to be used for every signature
+ * To ensure unpredictability a new nonce has to be used for every signature.
- * HKDF is used internally for derivation
+ * HKDF is used internally for derivation.
- * r0 and r1 can be derived prior by using GNUNET_CRYPTO_cs_r_derive
+ * r0 and r1 can be derived prior by using GNUNET_CRYPTO_cs_r_derive.
 *
 * @param priv private key to use for the signing and as LTS in HKDF
- * @param r array of the two secret nonce from the signer
+ * @param r array of the two secret inputs from the signer
- * @param c array of the two blinded c to sign c_b
+ * @param bm blinded message, including array of the two blinded c to sign c_b and the random nonce
- * @param nonce is a random nonce
+ * @param[out] cs_blind_sig where to write the blind signature
- * @param[out] blinded_signature_scalar where to write the signature
- * @return 0 or 1 for b (see Clause Blind Signature Scheme)
 */
-unsigned int
+void
 GNUNET_CRYPTO_cs_sign_derive (
  const struct GNUNET_CRYPTO_CsPrivateKey *priv,
  const struct GNUNET_CRYPTO_CsRSecret r[2],
-  const struct GNUNET_CRYPTO_CsC c[2],
+  const struct GNUNET_CRYPTO_CsBlindedMessage *bm,
-  const struct GNUNET_CRYPTO_CsNonce *nonce,
+  struct GNUNET_CRYPTO_CsBlindSignature *cs_blind_sig);
-  struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar);
 /**
@@ -3104,11 +3302,1065 @@ GNUNET_CRYPTO_cs_unblind (
 * @returns #GNUNET_YES on success, #GNUNET_SYSERR if signature invalid
 */
 enum GNUNET_GenericReturnValue
-GNUNET_CRYPTO_cs_verify (const struct GNUNET_CRYPTO_CsSignature *sig,
+GNUNET_CRYPTO_cs_verify (
-                         const struct GNUNET_CRYPTO_CsPublicKey *pub,
+  const struct GNUNET_CRYPTO_CsSignature *sig,
-                         const void *msg,
+  const struct GNUNET_CRYPTO_CsPublicKey *pub,
-                         size_t msg_len);
+  const void *msg,
+  size_t msg_len);
+/**
+ * Types of public keys used for blind signatures.
+ */
+enum GNUNET_CRYPTO_BlindSignatureAlgorithm
+{
+  /**
+   * Invalid type of signature.
+   */
+  GNUNET_CRYPTO_BSA_INVALID = 0,
+  /**
+   * RSA blind signature.
+   */
+  GNUNET_CRYPTO_BSA_RSA = 1,
+  /**
+   * Clause Blind Schnorr signature.
+   */
+  GNUNET_CRYPTO_BSA_CS = 2
+};
+/**
+ * @brief Type of (unblinded) signatures.
+ */
+struct GNUNET_CRYPTO_UnblindedSignature
+{
+  /**
+   * Type of the signature.
+   */
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher;
+  /**
+   * Reference counter.
+   */
+  unsigned int rc;
+  /**
+   * Details, depending on @e cipher.
+   */
+  union
+  {
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_CS in @a cipher.
+     */
+    struct GNUNET_CRYPTO_CsSignature cs_signature;
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_RSA in @a cipher.
+     */
+    struct GNUNET_CRYPTO_RsaSignature *rsa_signature;
+  } details;
+};
+/**
+ * @brief Type for *blinded* signatures.
+ * Must be unblinded before it becomes valid.
+ */
+struct GNUNET_CRYPTO_BlindedSignature
+{
+  /**
+   * Type of the signature.
+   */
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher;
+  /**
+   * Reference counter.
+   */
+  unsigned int rc;
+  /**
+   * Details, depending on @e cipher.
+   */
+  union
+  {
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_CS in @a cipher.
+     * At this point only the blinded s scalar is used.
+     * The final signature consisting of r,s is built after unblinding.
+     */
+    struct GNUNET_CRYPTO_CsBlindSignature blinded_cs_answer;
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_RSA in @a cipher.
+     */
+    struct GNUNET_CRYPTO_RsaSignature *blinded_rsa_signature;
+  } details;
+};
+/**
+ * @brief Type of public signing keys for blind signatures.
+ */
+struct GNUNET_CRYPTO_BlindSignPublicKey
+{
+  /**
+   * Type of the public key.
+   */
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher;
+  /**
+   * Reference counter.
+   */
+  unsigned int rc;
+  /**
+   * Hash of the public key.
+   */
+  struct GNUNET_HashCode pub_key_hash;
+  /**
+   * Details, depending on @e cipher.
+   */
+  union
+  {
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_CS in @a cipher.
+     */
+    struct GNUNET_CRYPTO_CsPublicKey cs_public_key;
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_RSA in @a cipher.
+     */
+    struct GNUNET_CRYPTO_RsaPublicKey *rsa_public_key;
+  } details;
+};
+/**
+ * @brief Type of private signing keys for blind signing.
+ */
+struct GNUNET_CRYPTO_BlindSignPrivateKey
+{
+  /**
+   * Type of the public key.
+   */
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher;
+  /**
+   * Reference counter.
+   */
+  unsigned int rc;
+  /**
+   * Details, depending on @e cipher.
+   */
+  union
+  {
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_CS in @a cipher.
+     */
+    struct GNUNET_CRYPTO_CsPrivateKey cs_private_key;
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_RSA in @a cipher.
+     */
+    struct GNUNET_CRYPTO_RsaPrivateKey *rsa_private_key;
+  } details;
+};
+/**
+ * @brief Blinded message ready for blind signing.
+ */
+struct GNUNET_CRYPTO_BlindedMessage
+{
+  /**
+   * Type of the sign blinded message
+   */
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher;
+  /**
+   * Reference counter.
+   */
+  unsigned int rc;
+  /**
+   * Details, depending on @e cipher.
+   */
+  union
+  {
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_CS in @a cipher.
+     */
+    struct GNUNET_CRYPTO_CsBlindedMessage cs_blinded_message;
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_RSA in @a cipher.
+     */
+    struct GNUNET_CRYPTO_RsaBlindedMessage rsa_blinded_message;
+  } details;
+};
+/**
+ * Secret r for Cs denominations
+ */
+struct GNUNET_CRYPTO_CSPrivateRPairP
+{
+  struct GNUNET_CRYPTO_CsRSecret r[2];
+};
+/**
+ * @brief Input needed for blinding a message.
+ */
+struct GNUNET_CRYPTO_BlindingInputValues
+{
+  /**
+   * Type of the signature.
+   */
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher;
+  /**
+   * Reference counter.
+   */
+  unsigned int rc;
+  /**
+   * Details, depending on @e cipher.
+   */
+  union
+  {
+    /**
+     * If we use #GNUNET_CRYPTO_BSA_CS in @a cipher.
+     */
+    struct GNUNET_CRYPTO_CSPublicRPairP cs_values;
+  } details;
+};
+/**
+ * Nonce used to deterministiacally derive input values
+ * used in multi-round blind signature protocols.
+ */
+union GNUNET_CRYPTO_BlindSessionNonce
+{
+  /**
+   * Nonce used when signing with CS.
+   */
+  struct GNUNET_CRYPTO_CsSessionNonce cs_nonce;
+};
+/**
+ * Compute blinding input values for a given @a nonce and
+ * @a salt.
+ *
+ * @param bsign_priv private key to compute input values for
+ * @param nonce session nonce to derive input values from
+ * @param salt salt to include in derivation logic
+ * @return blinding input values
+ */
+struct GNUNET_CRYPTO_BlindingInputValues *
+GNUNET_CRYPTO_get_blinding_input_values (
+  const struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv,
+  const union GNUNET_CRYPTO_BlindSessionNonce *nonce,
+  const char *salt);
+/**
+ * Decrement reference counter of a @a bsign_pub, and free it if it reaches zero.
+ *
+ * @param[in] bsign_pub key to free
+ */
+void
+GNUNET_CRYPTO_blind_sign_pub_decref (
+  struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub);
+/**
+ * Decrement reference counter of a @a bsign_priv, and free it if it reaches zero.
+ *
+ * @param[in] bsign_priv key to free
+ */
+void
+GNUNET_CRYPTO_blind_sign_priv_decref (
+  struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv);
+/**
+ * Decrement reference counter of a @a ub_sig, and free it if it reaches zero.
+ *
+ * @param[in] ub_sig signature to free
+ */
+void
+GNUNET_CRYPTO_unblinded_sig_decref (
+  struct GNUNET_CRYPTO_UnblindedSignature *ub_sig);
+/**
+ * Decrement reference counter of a @a blind_sig, and free it if it reaches zero.
+ *
+ * @param[in] blind_sig signature to free
+ */
+void
+GNUNET_CRYPTO_blinded_sig_decref (
+  struct GNUNET_CRYPTO_BlindedSignature *blind_sig);
+/**
+ * Decrement reference counter of a @a bm, and free it if it reaches zero.
+ *
+ * @param[in] bm blinded message to free
+ */
+void
+GNUNET_CRYPTO_blinded_message_decref (
+  struct GNUNET_CRYPTO_BlindedMessage *bm);
+/**
+ * Increment reference counter of the given @a bm.
+ *
+ * @param[in,out] bm blinded message to increment reference counter for
+ * @return alias of @a bm with RC incremented
+ */
+struct GNUNET_CRYPTO_BlindedMessage *
+GNUNET_CRYPTO_blinded_message_incref (
+  struct GNUNET_CRYPTO_BlindedMessage *bm);
+/**
+ * Increment reference counter of the given @a bi.
+ *
+ * @param[in,out] bi blinding input values to increment reference counter for
+ * @return alias of @a bi with RC incremented
+ */
+struct GNUNET_CRYPTO_BlindingInputValues *
+GNUNET_CRYPTO_blinding_input_values_incref (
+  struct GNUNET_CRYPTO_BlindingInputValues *bm);
+/**
+ * Decrement reference counter of the given @a bi, and free it if it reaches
+ * zero.
+ *
+ * @param[in,out] bi blinding input values to decrement reference counter for
+ */
+void
+GNUNET_CRYPTO_blinding_input_values_decref (
+  struct GNUNET_CRYPTO_BlindingInputValues *bm);
+/**
+ * Increment reference counter of the given @a bsign_pub.
+ *
+ * @param[in,out] bsign_pub public key to increment reference counter for
+ * @return alias of @a bsign_pub with RC incremented
+ */
+struct GNUNET_CRYPTO_BlindSignPublicKey *
+GNUNET_CRYPTO_bsign_pub_incref (
+  struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub);
+/**
+ * Increment reference counter of the given @a bsign_priv.
+ *
+ * @param[in,out] bsign_priv private key to increment reference counter for
+ * @return alias of @a bsign_priv with RC incremented
+ */
+struct GNUNET_CRYPTO_BlindSignPrivateKey *
+GNUNET_CRYPTO_bsign_priv_incref (
+  struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv);
+/**
+ * Increment reference counter of the given @a ub_sig.
+ *
+ * @param[in,out] ub_sig signature to increment reference counter for
+ * @return alias of @a ub_sig with RC incremented
+ */
+struct GNUNET_CRYPTO_UnblindedSignature *
+GNUNET_CRYPTO_ub_sig_incref (struct GNUNET_CRYPTO_UnblindedSignature *ub_sig);
+/**
+ * Increment reference counter of the given @a blind_sig.
+ *
+ * @param[in,out] blind_sig signature to increment reference counter for
+ * @return alias of @a blind_sig with RC incremented
+ */
+struct GNUNET_CRYPTO_BlindedSignature *
+GNUNET_CRYPTO_blind_sig_incref (
+  struct GNUNET_CRYPTO_BlindedSignature *blind_sig);
+/**
+ * Compare two denomination public keys.
+ *
+ * @param bp1 first key
+ * @param bp2 second key
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+GNUNET_CRYPTO_bsign_pub_cmp (
+  const struct GNUNET_CRYPTO_BlindSignPublicKey *bp1,
+  const struct GNUNET_CRYPTO_BlindSignPublicKey *bp2);
+/**
+ * Compare two denomination signatures.
+ *
+ * @param sig1 first signature
+ * @param sig2 second signature
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+GNUNET_CRYPTO_ub_sig_cmp (const struct GNUNET_CRYPTO_UnblindedSignature *sig1,
+                          const struct GNUNET_CRYPTO_UnblindedSignature *sig2);
+/**
+ * Compare two blinded denomination signatures.
+ *
+ * @param sig1 first signature
+ * @param sig2 second signature
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+GNUNET_CRYPTO_blind_sig_cmp (
+  const struct GNUNET_CRYPTO_BlindedSignature *sig1,
+  const struct GNUNET_CRYPTO_BlindedSignature *sig2);
+/**
+ * Compare two blinded messages.
+ *
+ * @param bp1 first blinded message
+ * @param bp2 second blinded message
+ * @return 0 if the keys are equal, otherwise -1 or 1
+ */
+int
+GNUNET_CRYPTO_blinded_message_cmp (
+  const struct GNUNET_CRYPTO_BlindedMessage *bp1,
+  const struct GNUNET_CRYPTO_BlindedMessage *bp2);
+/**
+ * Initialize public-private key pair for blind signatures.
+ *
+ * For #GNUNET_CRYPTO_BSA_RSA, an additional "unsigned int"
+ * argument with the number of bits for 'n' (e.g. 2048) must
+ * be passed.
+ *
+ * @param[out] bsign_priv where to write the private key with RC 1
+ * @param[out] bsign_pub where to write the public key with RC 1
+ * @param cipher which type of cipher to use
+ * @param ... RSA key size (eg. 2048/3072/4096)
+ * @return #GNUNET_OK on success, #GNUNET_NO if parameterst were invalid
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_blind_sign_keys_create (
+  struct GNUNET_CRYPTO_BlindSignPrivateKey **bsign_priv,
+  struct GNUNET_CRYPTO_BlindSignPublicKey **bsign_pub,
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher,
+  ...);
+/**
+ * Initialize public-private key pair for blind signatures.
+ *
+ * For #GNUNET_CRYPTO_BSA_RSA, an additional "unsigned int"
+ * argument with the number of bits for 'n' (e.g. 2048) must
+ * be passed.
+ *
+ * @param[out] bsign_priv where to write the private key with RC 1
+ * @param[out] bsign_pub where to write the public key with RC 1
+ * @param cipher which type of cipher to use
+ * @param ap RSA key size (eg. 2048/3072/4096)
+ * @return #GNUNET_OK on success, #GNUNET_NO if parameterst were invalid
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_blind_sign_keys_create_va (
+  struct GNUNET_CRYPTO_BlindSignPrivateKey **bsign_priv,
+  struct GNUNET_CRYPTO_BlindSignPublicKey **bsign_pub,
+  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher,
+  va_list ap);
+/**
+ * @brief Type of blinding secrets.  Must be exactly 32 bytes (DB).
+ */
+union GNUNET_CRYPTO_BlindingSecretP
+{
+  /**
+   * Clause Schnorr nonce.
+   */
+  struct GNUNET_CRYPTO_CsBlindingNonce nonce;
+  /**
+   * Variant for RSA for blind signatures.
+   */
+  struct GNUNET_CRYPTO_RsaBlindingKeySecret rsa_bks;
+};
+/**
+ * Blind message for blind signing with @a dk using blinding secret @a coin_bks.
+ *
+ * @param bsign_pub public key to blind for
+ * @param bks blinding secret to use
+ * @param nonce nonce used to obtain @a alg_values
+ *        can be NULL if input values are not used for the cipher
+ * @param message message to sign
+ * @param message_size number of bytes in @a message
+ * @param alg_values algorithm specific values to blind the @a message
+ * @return blinded message to give to signer, NULL on error
+ */
+struct GNUNET_CRYPTO_BlindedMessage *
+GNUNET_CRYPTO_message_blind_to_sign (
+  const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub,
+  const union GNUNET_CRYPTO_BlindingSecretP *bks,
+  const union GNUNET_CRYPTO_BlindSessionNonce *nonce,
+  const void *message,
+  size_t message_size,
+  const struct GNUNET_CRYPTO_BlindingInputValues *alg_values);
+/**
+ * Create blind signature.
+ *
+ * @param bsign_priv private key to use for signing
+ * @param salt salt value to use for the HKDF,
+ *        can be NULL if input values are not used for the cipher
+ * @param blinded_message the already blinded message to sign
+ * @return blind signature with RC=1, NULL on failure
+ */
+struct GNUNET_CRYPTO_BlindedSignature *
+GNUNET_CRYPTO_blind_sign (
+  const struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv,
+  const char *salt,
+  const struct GNUNET_CRYPTO_BlindedMessage *blinded_message);
+/**
+ * Unblind blind signature.
+ *
+ * @param blinded_sig the blind signature
+ * @param bks blinding secret to use
+ * @param message message that was supposedly signed
+ * @param message_size number of bytes in @a message
+ * @param alg_values algorithm specific values
+ * @param bsign_pub public key used for signing
+ * @return unblinded signature with RC=1, NULL on error
+ */
+struct GNUNET_CRYPTO_UnblindedSignature *
+GNUNET_CRYPTO_blind_sig_unblind (
+  const struct GNUNET_CRYPTO_BlindedSignature *blinded_sig,
+  const union GNUNET_CRYPTO_BlindingSecretP *bks,
+  const void *message,
+  size_t message_size,
+  const struct GNUNET_CRYPTO_BlindingInputValues *alg_values,
+  const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub);
+/**
+ * Verify signature made blindly.
+ *
+ * @param bsign_pub public key
+ * @param ub_sig signature made blindly with the private key
+ * @param message message that was supposedly signed
+ * @param message_size number of bytes in @a message
+ * @return #GNUNET_OK if the signature is valid
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_blind_sig_verify (
+  const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub,
+  const struct GNUNET_CRYPTO_UnblindedSignature *ub_sig,
+  const void *message,
+  size_t message_size);
+/**
+ * Get the compacted length of a #GNUNET_CRYPTO_PublicKey.
+ * Compacted means that it returns the minimum number of bytes this
+ * key is long, as opposed to the union structure inside
+ * #GNUNET_CRYPTO_PublicKey.
+ * Useful for compact serializations.
+ *
+ * @param key the key.
+ * @return -1 on error, else the compacted length of the key.
+ */
+ssize_t
+GNUNET_CRYPTO_public_key_get_length (const struct
+                                     GNUNET_CRYPTO_PublicKey *key);
+/**
+ * Reads a #GNUNET_CRYPTO_PublicKey from a compact buffer.
+ * The buffer has to contain at least the compacted length of
+ * a #GNUNET_CRYPTO_PublicKey in bytes.
+ * If the buffer is too small, the function returns -1 as error.
+ * If the buffer does not contain a valid key, it returns -2 as error.
+ *
+ * @param buffer the buffer
+ * @param len the length of buffer
+ * @param key the key
+ * @param the amount of bytes read from the buffer
+ * @return #GNUNET_SYSERR on error
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_read_public_key_from_buffer (
+  const void *buffer,
+  size_t len,
+  struct GNUNET_CRYPTO_PublicKey *key,
+  size_t *read);
+/**
+ * Get the compacted length of a #GNUNET_CRYPTO_PrivateKey.
+ * Compacted means that it returns the minimum number of bytes this
+ * key is long, as opposed to the union structure inside
+ * #GNUNET_CRYPTO_PrivateKey.
+ * Useful for compact serializations.
+ *
+ * @param key the key.
+ * @return -1 on error, else the compacted length of the key.
+ */
+ssize_t
+GNUNET_CRYPTO_private_key_get_length (
+  const struct GNUNET_CRYPTO_PrivateKey *key);
+/**
+ * Writes a #GNUNET_CRYPTO_PublicKey to a compact buffer.
+ * The buffer requires space for at least the compacted length of
+ * a #GNUNET_CRYPTO_PublicKey in bytes.
+ * If the buffer is too small, the function returns -1 as error.
+ * If the key is not valid, it returns -2 as error.
+ *
+ * @param key the key
+ * @param buffer the buffer
+ * @param len the length of buffer
+ * @return -1 or -2 on error, else the amount of bytes written to the buffer
+ */
+ssize_t
+GNUNET_CRYPTO_write_public_key_to_buffer (const struct
+                                          GNUNET_CRYPTO_PublicKey *key,
+                                          void*buffer,
+                                          size_t len);
+/**
+ * Reads a #GNUNET_CRYPTO_PrivateKey from a compact buffer.
+ * The buffer has to contain at least the compacted length of
+ * a #GNUNET_CRYPTO_PrivateKey in bytes.
+ * If the buffer is too small, the function returns GNUNET_SYSERR as error.
+ *
+ * @param buffer the buffer
+ * @param len the length of buffer
+ * @param key the key
+ * @param the amount of bytes read from the buffer
+ * @return #GNUNET_SYSERR on error
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_read_private_key_from_buffer (
+  const void*buffer,
+  size_t len,
+  struct GNUNET_CRYPTO_PrivateKey *key,
+  size_t *read);
+/**
+ * Writes a #GNUNET_CRYPTO_PrivateKey to a compact buffer.
+ * The buffer requires space for at least the compacted length of
+ * a #GNUNET_CRYPTO_PrivateKey in bytes.
+ * If the buffer is too small, the function returns -1 as error.
+ * If the key is not valid, it returns -2 as error.
+ *
+ * @param key the key
+ * @param buffer the buffer
+ * @param len the length of buffer
+ * @return -1 or -2 on error, else the amount of bytes written to the buffer
+ */
+ssize_t
+GNUNET_CRYPTO_write_private_key_to_buffer (
+  const struct GNUNET_CRYPTO_PrivateKey *key,
+  void*buffer,
+  size_t len);
+/**
+ * Get the compacted length of a #GNUNET_CRYPTO_Signature.
+ * Compacted means that it returns the minimum number of bytes this
+ * signature is long, as opposed to the union structure inside
+ * #GNUNET_CRYPTO_Signature.
+ * Useful for compact serializations.
+ *
+ * @param sig the signature.
+ * @return -1 on error, else the compacted length of the signature.
+ */
+ssize_t
+GNUNET_CRYPTO_signature_get_length (
+  const struct GNUNET_CRYPTO_Signature *sig);
+/**
+ * Get the compacted length of a signature by type.
+ * Compacted means that it returns the minimum number of bytes this
+ * signature is long, as opposed to the union structure inside
+ * #GNUNET_CRYPTO_Signature.
+ * Useful for compact serializations.
+ *
+ * @param sig the signature.
+ * @return -1 on error, else the compacted length of the signature.
+ */
+ssize_t
+GNUNET_CRYPTO_signature_get_raw_length_by_type (uint32_t type);
+/**
+ * Reads a #GNUNET_CRYPTO_Signature from a compact buffer.
+ * The buffer has to contain at least the compacted length of
+ * a #GNUNET_CRYPTO_Signature in bytes.
+ * If the buffer is too small, the function returns -1 as error.
+ * If the buffer does not contain a valid key, it returns -2 as error.
+ *
+ * @param sig the signature
+ * @param buffer the buffer
+ * @param len the length of buffer
+ * @return -1 or -2 on error, else the amount of bytes read from the buffer
+ */
+ssize_t
+GNUNET_CRYPTO_read_signature_from_buffer (
+  struct GNUNET_CRYPTO_Signature *sig,
+  const void*buffer,
+  size_t len);
+/**
+ * Writes a #GNUNET_CRYPTO_Signature to a compact buffer.
+ * The buffer requires space for at least the compacted length of
+ * a #GNUNET_CRYPTO_Signature in bytes.
+ * If the buffer is too small, the function returns -1 as error.
+ * If the key is not valid, it returns -2 as error.
+ *
+ * @param sig the signature
+ * @param buffer the buffer
+ * @param len the length of buffer
+ * @return -1 or -2 on error, else the amount of bytes written to the buffer
+ */
+ssize_t
+GNUNET_CRYPTO_write_signature_to_buffer (
+  const struct GNUNET_CRYPTO_Signature *sig,
+  void*buffer,
+  size_t len);
+/**
+ * @brief Sign a given block.
+ *
+ * The @a purpose data is the beginning of the data of which the signature is
+ * to be created. The `size` field in @a purpose must correctly indicate the
+ * number of bytes of the data structure, including its header. If possible,
+ * use #GNUNET_CRYPTO_sign() instead of this function.
+ *
+ * @param priv private key to use for the signing
+ * @param purpose what to sign (size, purpose)
+ * @param[out] sig where to write the signature
+ * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_sign_ (
+  const struct GNUNET_CRYPTO_PrivateKey *priv,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+  struct GNUNET_CRYPTO_Signature *sig);
+/**
+ * @brief Sign a given block.
+ *
+ * The @a purpose data is the beginning of the data of which the signature is
+ * to be created. The `size` field in @a purpose must correctly indicate the
+ * number of bytes of the data structure, including its header.
+ * The signature payload and length depends on the key type.
+ *
+ * @param priv private key to use for the signing
+ * @param purpose what to sign (size, purpose)
+ * @param[out] sig where to write the signature
+ * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_sign_raw_ (
+  const struct GNUNET_CRYPTO_PrivateKey *priv,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+  unsigned char *sig);
+/**
+ * @brief Sign a given block with #GNUNET_CRYPTO_PrivateKey.
+ *
+ * The @a ps data must be a fixed-size struct for which the signature is to be
+ * created. The `size` field in @a ps->purpose must correctly indicate the
+ * number of bytes of the data structure, including its header.
+ *
+ * @param priv private key to use for the signing
+ * @param ps packed struct with what to sign, MUST begin with a purpose
+ * @param[out] sig where to write the signature
+ */
+#define GNUNET_CRYPTO_sign(priv,ps,sig) do {                \
+    /* check size is set correctly */                                     \
+    GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));         \
+    /* check 'ps' begins with the purpose */                              \
+    GNUNET_static_assert (((void*) (ps)) ==                               \
+                          ((void*) &(ps)->purpose));                      \
+    GNUNET_assert (GNUNET_OK ==                                           \
+                   GNUNET_CRYPTO_sign_ (priv,               \
+                                        &(ps)->purpose,             \
+                                        sig));                      \
+} while (0)
+/**
+ * @brief Verify a given signature.
+ *
+ * The @a validate data is the beginning of the data of which the signature
+ * is to be verified. The `size` field in @a validate must correctly indicate
+ * the number of bytes of the data structure, including its header.  If @a
+ * purpose does not match the purpose given in @a validate (the latter must be
+ * in big endian), signature verification fails.  If possible,
+ * use #GNUNET_CRYPTO_signature_verify() instead of this function (only if @a validate
+ * is not fixed-size, you must use this function directly).
+ *
+ * @param purpose what is the purpose that the signature should have?
+ * @param validate block to validate (size, purpose, data)
+ * @param sig signature that is being validated
+ * @param pub public key of the signer
+ * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_signature_verify_ (
+  uint32_t purpose,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+  const struct GNUNET_CRYPTO_Signature *sig,
+  const struct GNUNET_CRYPTO_PublicKey *pub);
+/**
+ * @brief Verify a given signature.
+ *
+ * The @a validate data is the beginning of the data of which the signature
+ * is to be verified. The `size` field in @a validate must correctly indicate
+ * the number of bytes of the data structure, including its header.  If @a
+ * purpose does not match the purpose given in @a validate (the latter must be
+ * in big endian), signature verification fails.
+ *
+ * @param purpose what is the purpose that the signature should have?
+ * @param validate block to validate (size, purpose, data)
+ * @param sig signature that is being validated
+ * @param pub public key of the signer
+ * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_signature_verify_raw_ (
+  uint32_t purpose,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+  const unsigned char *sig,
+  const struct GNUNET_CRYPTO_PublicKey *pub);
+/**
+ * @brief Verify a given signature with #GNUNET_CRYPTO_PublicKey.
+ *
+ * The @a ps data must be a fixed-size struct for which the signature is to be
+ * created. The `size` field in @a ps->purpose must correctly indicate the
+ * number of bytes of the data structure, including its header.
+ *
+ * @param purp purpose of the signature, must match 'ps->purpose.purpose'
+ *              (except in host byte order)
+ * @param ps packed struct with what to sign, MUST begin with a purpose
+ * @param sig where to read the signature from
+ * @param pub public key to use for the verifying
+ */
+#define GNUNET_CRYPTO_signature_verify(purp,ps,sig,pub) ({             \
+    /* check size is set correctly */                                     \
+    GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));         \
+    /* check 'ps' begins with the purpose */                              \
+    GNUNET_static_assert (((void*) (ps)) ==                               \
+                          ((void*) &(ps)->purpose));                      \
+    GNUNET_CRYPTO_signature_verify_ (purp,                              \
+                                     &(ps)->purpose,                    \
+                                     sig,                               \
+                                     pub);                              \
+  })
+/**
+ * Encrypt a block with #GNUNET_CRYPTO_PublicKey and derives a
+ * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption
+ * using ecdh to derive a symmetric key.
+ *
+ * @param block the block to encrypt
+ * @param size the size of the @a block
+ * @param pub public key to use for ecdh
+ * @param ecc where to write the ecc public key
+ * @param result the output parameter in which to store the encrypted result
+ *               can be the same or overlap with @c block
+ * @returns the size of the encrypted block, -1 for errors.
+ *          Due to the use of CFB and therefore an effective stream cipher,
+ *          this size should be the same as @c len.
+ */
+ssize_t
+GNUNET_CRYPTO_encrypt_old (const void *block,
+                           size_t size,
+                           const struct GNUNET_CRYPTO_PublicKey *pub,
+                           struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
+                           void *result);
+/**
+ * Decrypt a given block with #GNUNET_CRYPTO_PrivateKey and a given
+ * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key.
+ *
+ * @param block the data to decrypt, encoded as returned by encrypt
+ * @param size the size of the @a block to decrypt
+ * @param priv private key to use for ecdh
+ * @param ecc the ecc public key
+ * @param result address to store the result at
+ *               can be the same or overlap with @c block
+ * @return -1 on failure, size of decrypted block on success.
+ *         Due to the use of CFB and therefore an effective stream cipher,
+ *         this size should be the same as @c size.
+ */
+ssize_t
+GNUNET_CRYPTO_decrypt_old (
+  const void *block,
+  size_t size,
+  const struct GNUNET_CRYPTO_PrivateKey *priv,
+  const struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
+  void *result);
+#define GNUNET_CRYPTO_ENCRYPT_OVERHEAD_BYTES (crypto_secretbox_MACBYTES \
+                                              + sizeof (struct \
+                                                        GNUNET_CRYPTO_FoKemC))
+/**
+ * Encrypt a block with #GNUNET_CRYPTO_PublicKey and derives a
+ * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption
+ * using ecdh to derive a symmetric key.
+ *
+ * Note that the result buffer for the ciphertext must be the length of
+ * the message to encrypt plus #GNUNET_CRYPTO_ENCRYPT_OVERHEAD_BYTES.
+ *
+ * @param block the block to encrypt
+ * @param size the size of the @a block
+ * @param pub public key to encrypt for
+ * @param result the output parameter in which to store the encrypted result
+ *               can be the same or overlap with @c block
+ * @returns GNUNET_OK on success.
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_encrypt (const void *block,
+                       size_t size,
+                       const struct GNUNET_CRYPTO_PublicKey *pub,
+                       void *result,
+                       size_t result_size);
+/**
+ * Decrypt a given block with #GNUNET_CRYPTO_PrivateKey and a given
+ * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key.
+ *
+ * @param block the data to decrypt, encoded as returned by encrypt
+ * @param size the size of the @a block to decrypt
+ * @param priv private key to use for ecdh
+ * @param result address to store the result at
+ *               can be the same or overlap with @c block
+ * @returns GNUNET_OK on success.
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_decrypt (const void *block,
+                       size_t size,
+                       const struct GNUNET_CRYPTO_PrivateKey *priv,
+                       void *result,
+                       size_t result_size);
+/**
+ * Creates a (Base32) string representation of the public key.
+ * The resulting string encodes a compacted representation of the key.
+ * See also #GNUNET_CRYPTO_key_get_length.
+ *
+ * @param key the key.
+ * @return the string representation of the key, or NULL on error.
+ */
+char *
+GNUNET_CRYPTO_public_key_to_string (
+  const struct GNUNET_CRYPTO_PublicKey *key);
+/**
+ * Creates a (Base32) string representation of the private key.
+ * The resulting string encodes a compacted representation of the key.
+ * See also #GNUNET_CRYPTO_key_get_length.
+ *
+ * @param key the key.
+ * @return the string representation of the key, or NULL on error.
+ */
+char *
+GNUNET_CRYPTO_private_key_to_string (
+  const struct GNUNET_CRYPTO_PrivateKey *key);
+/**
+ * Parses a (Base32) string representation of the public key.
+ * See also #GNUNET_CRYPTO_public_key_to_string.
+ *
+ * @param str the encoded key.
+ * @param key where to write the key.
+ * @return GNUNET_SYSERR on error.
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_public_key_from_string (const char*str,
+                                      struct GNUNET_CRYPTO_PublicKey *key);
+/**
+ * Parses a (Base32) string representation of the private key.
+ * See also #GNUNET_CRYPTO_private_key_to_string.
+ *
+ * @param str the encoded key.
+ * @param key where to write the key.
+ * @return GNUNET_SYSERR on error.
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_private_key_from_string (const char*str,
+                                       struct GNUNET_CRYPTO_PrivateKey *key);
+/**
+ * Retrieves the public key representation of a private key.
+ *
+ * @param privkey the private key.
+ * @param key the public key result.
+ * @return GNUNET_SYSERR on error.
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_key_get_public (const struct
+                              GNUNET_CRYPTO_PrivateKey *privkey,
+                              struct GNUNET_CRYPTO_PublicKey *key);
 #if 0 /* keep Emacsens' auto-indent happy */
 {
diff --git a/src/include/gnunet_curl_lib.h b/src/include/gnunet_curl_lib.h
index bdf3843b1..967170085 100644
--- a/src/include/gnunet_curl_lib.h
+++ b/src/include/gnunet_curl_lib.h
@@ -433,7 +433,7 @@ GNUNET_CURL_enable_async_scope_header (struct GNUNET_CURL_Context *ctx,
 *
 * @returns #GNUNET_YES iff given a valid scope ID
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_CURL_is_valid_scope_id (const char *scope_id);
diff --git a/src/include/gnunet_dht_block_types.h b/src/include/gnunet_dht_block_types.h
new file mode 100644
index 000000000..ab46af410
--- /dev/null
+++ b/src/include/gnunet_dht_block_types.h
@@ -0,0 +1,156 @@
+/*
+     This file is part of GNUnet
+     Copyright (C) 2012-2022 GNUnet e.V.
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+#ifndef GNUNET_DHT_BLOCK_TYPES_H
+#define GNUNET_DHT_BLOCK_TYPES_H
+/**
+ * WARNING:
+ * This header is generated!
+ * In order to add DHT block types, you must register
+ * them in GANA, and then use the header generation script
+ * to create an update of this file. You may then replace this
+ * file with the update.
+ */
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+/**
+ * Blocks in the datastore and the datacache must have a unique type.
+ */
+enum GNUNET_BLOCK_Type
+{
+  /**
+   * Identifier for any block.
+   */
+  GNUNET_BLOCK_TYPE_ANY = 0,
+  /**
+   * Data block (leaf) in the CHK tree.
+   */
+  GNUNET_BLOCK_TYPE_FS_DBLOCK = 1,
+  /**
+   * Inner block in the CHK tree.
+   */
+  GNUNET_BLOCK_TYPE_FS_IBLOCK = 2,
+  /**
+   * Type of a block representing a block to be encoded on demand from disk. Should never appear on the network directly.
+   */
+  GNUNET_BLOCK_TYPE_FS_ONDEMAND = 6,
+  /**
+   * Legacy type of a block that contains a HELLO for a peer.
+   */
+  GNUNET_BLOCK_TYPE_LEGACY_HELLO = 7,
+  /**
+   * Block for testing.
+   */
+  GNUNET_BLOCK_TYPE_TEST = 8,
+  /**
+   * Type of a block representing any type of search result (universal).
+   */
+  GNUNET_BLOCK_TYPE_FS_UBLOCK = 9,
+  /**
+   * Block for storing DNS exit service advertisements.
+   */
+  GNUNET_BLOCK_TYPE_DNS = 10,
+  /**
+   * Block for storing GNS record data.
+   */
+  GNUNET_BLOCK_TYPE_GNS_NAMERECORD = 11,
+  /**
+   * Block type for a revocation message by which a key is revoked.
+   */
+  GNUNET_BLOCK_TYPE_REVOCATION = 12,
+  /**
+   * Type of a block that contains a DHT-NG HELLO for a peer.
+   */
+  GNUNET_BLOCK_TYPE_DHT_HELLO = 13,
+  /**
+   * Block to store a cadet regex state
+   */
+  GNUNET_BLOCK_TYPE_REGEX = 22,
+  /**
+   * Block to store a cadet regex accepting state
+   */
+  GNUNET_BLOCK_TYPE_REGEX_ACCEPT = 23,
+  /**
+   * Block for testing set/consensus.  If first byte of the block is non-zero, the block is considered invalid.
+   */
+  GNUNET_BLOCK_TYPE_SET_TEST = 24,
+  /**
+   * Block type for consensus elements. Contains either special marker elements or a nested block.
+   */
+  GNUNET_BLOCK_TYPE_CONSENSUS_ELEMENT = 25,
+  /**
+   * Block for testing set intersection.  If first byte of the block is non-zero, the block is considered invalid.
+   */
+  GNUNET_BLOCK_TYPE_SETI_TEST = 26,
+  /**
+   * Block for testing set union.  If first byte of the block is non-zero, the block is considered invalid.
+   */
+  GNUNET_BLOCK_TYPE_SETU_TEST = 27,
+};
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/src/include/gnunet_dht_service.h b/src/include/gnunet_dht_service.h
index 3d1264991..a1ea31c25 100644
--- a/src/include/gnunet_dht_service.h
+++ b/src/include/gnunet_dht_service.h
@@ -43,7 +43,6 @@
 #include "gnunet_util_lib.h"
 #include "gnunet_block_lib.h"
-#include "gnunet_hello_lib.h"
 #ifdef __cplusplus
 extern "C"
diff --git a/src/include/gnunet_error_codes.h b/src/include/gnunet_error_codes.h
new file mode 100644
index 000000000..aa897afe0
--- /dev/null
+++ b/src/include/gnunet_error_codes.h
@@ -0,0 +1,242 @@
+/*
+     This file is part of GNUnet
+     Copyright (C) 2012-2022 GNUnet e.V.
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+ /**
+  * @file include/taler_error_codes.h
+  * @brief GNUnet error codes, generated via https://gana.gnunet.org/
+  *
+  * Do NOT edit this file, it is generated!
+  */
+#ifndef GNUNET_ERROR_CODES_H
+#define GNUNET_ERROR_CODES_H
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+#include <limits.h>
+/**
+ * Taler error codes.
+ */
+enum GNUNET_ErrorCode
+{
+  /**
+   * No error (success).
+   * Returned with an HTTP status code of #MHD_HTTP_UNINITIALIZED (0).
+   */
+  GNUNET_EC_NONE = 0,
+  /**
+   * Unknown and unspecified error.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_UNKNOWN = 1,
+  /**
+   * Communication with service failed.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_SERVICE_COMMUNICATION_FAILED = 101,
+  /**
+   * Ego not found.
+   * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+   */
+  GNUNET_EC_IDENTITY_NOT_FOUND = 200,
+  /**
+   * Identifier already in use for another ego.
+   * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+   */
+  GNUNET_EC_IDENTITY_NAME_CONFLICT = 201,
+  /**
+   * The given ego is invalid or malformed.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_IDENTITY_INVALID = 202,
+  /**
+   * Unknown namestore error.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_NAMESTORE_UNKNOWN = 5000,
+  /**
+   * Zone iteration failed.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_NAMESTORE_ITERATION_FAILED = 5001,
+  /**
+   * Zone not found.
+   * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+   */
+  GNUNET_EC_NAMESTORE_ZONE_NOT_FOUND = 5002,
+  /**
+   * Record not found.
+   * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+   */
+  GNUNET_EC_NAMESTORE_RECORD_NOT_FOUND = 5003,
+  /**
+   * Zone iteration failed.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_NAMESTORE_RECORD_DELETE_FAILED = 5004,
+  /**
+   * Zone does not contain any records.
+   * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+   */
+  GNUNET_EC_NAMESTORE_ZONE_EMPTY = 5005,
+  /**
+   * Failed to lookup record.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_NAMESTORE_LOOKUP_ERROR = 5006,
+  /**
+   * No records given.
+   * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+   */
+  GNUNET_EC_NAMESTORE_NO_RECORDS_GIVEN = 5007,
+  /**
+   * Record data invalid.
+   * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+   */
+  GNUNET_EC_NAMESTORE_RECORD_DATA_INVALID = 5008,
+  /**
+   * No label given.
+   * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+   */
+  GNUNET_EC_NAMESTORE_NO_LABEL_GIVEN = 5009,
+  /**
+   * No results given.
+   * Returned with an HTTP status code of #MHD_HTTP_NOT_FOUND (404).
+   */
+  GNUNET_EC_NAMESTORE_NO_RESULTS = 5010,
+  /**
+   * Record already exists.
+   * Returned with an HTTP status code of #MHD_HTTP_CONFLICT (409).
+   */
+  GNUNET_EC_NAMESTORE_RECORD_EXISTS = 5011,
+  /**
+   * Record size exceeds maximum limit.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_NAMESTORE_RECORD_TOO_BIG = 5012,
+  /**
+   * There was an error in the database backend.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_NAMESTORE_BACKEND_FAILED = 5013,
+  /**
+   * Failed to store the given records.
+   * Returned with an HTTP status code of #MHD_HTTP_INTERNAL_SERVER_ERROR (500).
+   */
+  GNUNET_EC_NAMESTORE_STORE_FAILED = 5014,
+  /**
+   * Label invalid or malformed.
+   * Returned with an HTTP status code of #MHD_HTTP_BAD_REQUEST (400).
+   */
+  GNUNET_EC_NAMESTORE_LABEL_INVALID = 5015,
+};
+/**
+ * Returns a hint for a given error code.
+ *
+ * @param ec the error code.
+ * @return the hint if it could be found, otherwise "<no hint found>"
+ */
+const char *
+GNUNET_ErrorCode_get_hint (enum GNUNET_ErrorCode ec);
+/**
+ * Return HTTP status for a given error code.
+ *
+ * @param ec the error code.
+ * @return the HTTP status code for the given @a ec, UINT_MAX if not found
+ */
+unsigned int
+GNUNET_ErrorCode_get_http_status (enum GNUNET_ErrorCode ec);
+/**
+ * Return HTTP status for a given error code that is guaranteed
+ * to work (no corner cases).
+ *
+ * @param ec the error code.
+ * @return the HTTP status code for the given @a ec, 500 if
+ *         the @a ec is not found or is a client-side code
+ */
+unsigned int
+GNUNET_ErrorCode_get_http_status_safe (enum GNUNET_ErrorCode ec);
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/src/include/gnunet_fragmentation_lib.h b/src/include/gnunet_fragmentation_lib.h
deleted file mode 100644
index c8e99826a..000000000
--- a/src/include/gnunet_fragmentation_lib.h
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
-     This file is part of GNUnet
-     Copyright (C) 2009, 2011, 2015 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @author Christian Grothoff
- *
- * @file
- * Library to help fragment messages
- *
- * @defgroup fragmentation  Fragmentation library
- * Library to help fragment messages
- * @{
- *
- * @todo Consider additional flow-control for sending from
- *       fragmentation based on continuations.
- */
-#ifndef GNUNET_FRAGMENTATION_LIB_H
-#define GNUNET_FRAGMENTATION_LIB_H
-#include "gnunet_util_lib.h"
-#include "gnunet_statistics_service.h"
-#ifdef __cplusplus
-extern "C"
-{
-#if 0                           /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-/**
- * Fragmentation context.
- */
-struct GNUNET_FRAGMENT_Context;
-/**
- * Function that is called with messages created by the fragmentation
- * module.  In the case of the 'proc' callback of the
- * #GNUNET_FRAGMENT_context_create() function, this function must
- * eventually call #GNUNET_FRAGMENT_context_transmission_done().
- *
- * @param cls closure
- * @param msg the message that was created
- */
-typedef void
-(*GNUNET_FRAGMENT_MessageProcessor) (void *cls,
-                                     const struct GNUNET_MessageHeader *msg);
-/**
- * Create a fragmentation context for the given message.
- * Fragments the message into fragments of size @a mtu or
- * less.  Calls @a proc on each un-acknowledged fragment,
- * using both the expected @a msg_delay between messages and
- * acknowledgements and the given @a tracker to guide the
- * frequency of calls to @a proc.
- *
- * @param stats statistics context
- * @param mtu the maximum message size for each fragment
- * @param tracker bandwidth tracker to use for flow control (can be NULL)
- * @param msg_delay initial delay to insert between fragment transmissions
- *              based on previous messages
- * @param ack_delay expected delay between fragment transmission
- *              and ACK based on previous messages
- * @param msg the message to fragment
- * @param proc function to call for each fragment to transmit
- * @param proc_cls closure for proc
- * @return the fragmentation context
- */
-struct GNUNET_FRAGMENT_Context *
-GNUNET_FRAGMENT_context_create (struct GNUNET_STATISTICS_Handle *stats,
-                                uint16_t mtu,
-                                struct GNUNET_BANDWIDTH_Tracker *tracker,
-                                struct GNUNET_TIME_Relative msg_delay,
-                                struct GNUNET_TIME_Relative ack_delay,
-                                const struct GNUNET_MessageHeader *msg,
-                                GNUNET_FRAGMENT_MessageProcessor proc,
-                                void *proc_cls);
-/**
- * Continuation to call from the 'proc' function after the fragment
- * has been transmitted (and hence the next fragment can now be
- * given to proc).
- *
- * @param fc fragmentation context
- */
-void
-GNUNET_FRAGMENT_context_transmission_done (struct GNUNET_FRAGMENT_Context *fc);
-/**
- * Process an acknowledgement message we got from the other
- * side (to control re-transmits).
- *
- * @param fc fragmentation context
- * @param msg acknowledgement message we received
- * @return #GNUNET_OK if this ack completes the work of the 'fc'
- *                   (all fragments have been received);
- *         #GNUNET_NO if more messages are pending
- *         #GNUNET_SYSERR if this ack is not valid for this fc
- */
-int
-GNUNET_FRAGMENT_process_ack (struct GNUNET_FRAGMENT_Context *fc,
-                             const struct GNUNET_MessageHeader *msg);
-/**
- * Destroy the given fragmentation context (stop calling 'proc', free
- * resources).
- *
- * @param fc fragmentation context
- * @param msg_delay where to store average delay between individual message transmissions the
- *         last message (OUT only)
- * @param ack_delay where to store average delay between transmission and ACK for the
- *         last message, set to FOREVER if the message was not fully transmitted (OUT only)
- */
-void
-GNUNET_FRAGMENT_context_destroy (struct GNUNET_FRAGMENT_Context *fc,
-                                 struct GNUNET_TIME_Relative *msg_delay,
-                                 struct GNUNET_TIME_Relative *ack_delay);
-/**
- * Convert an ACK message to a printable format suitable for logging.
- *
- * @param ack message to print
- * @return ack in human-readable format
- */
-const char *
-GNUNET_FRAGMENT_print_ack (const struct GNUNET_MessageHeader *ack);
-/**
- * Defragmentation context (one per connection).
- */
-struct GNUNET_DEFRAGMENT_Context;
-/**
- * Function that is called with acknowledgement messages created by
- * the fragmentation module.  Acknowledgements are cumulative,
- * so it is OK to only transmit the 'latest' ack message for the same
- * message ID.
- *
- * @param cls closure
- * @param id unique message ID (modulo collisions)
- * @param msg the message that was created
- */
-typedef void
-(*GNUNET_DEFRAGMENT_AckProcessor) (void *cls,
-                                   uint32_t id,
-                                   const struct GNUNET_MessageHeader *msg);
-/**
- * Create a defragmentation context.
- *
- * @param stats statistics context
- * @param mtu the maximum message size for each fragment
- * @param num_msgs how many fragmented messages
- *                 to we defragment at most at the same time?
- * @param cls closure for @a proc and @a ackp
- * @param proc function to call with defragmented messages
- * @param ackp function to call with acknowledgements (to send
- *             back to the other side)
- * @return the defragmentation context
- */
-struct GNUNET_DEFRAGMENT_Context *
-GNUNET_DEFRAGMENT_context_create (struct GNUNET_STATISTICS_Handle *stats,
-                                  uint16_t mtu,
-                                  unsigned int num_msgs,
-                                  void *cls,
-                                  GNUNET_FRAGMENT_MessageProcessor proc,
-                                  GNUNET_DEFRAGMENT_AckProcessor ackp);
-/**
- * Destroy the given defragmentation context.
- *
- * @param dc defragmentation context
- */
-void
-GNUNET_DEFRAGMENT_context_destroy (struct GNUNET_DEFRAGMENT_Context *dc);
-/**
- * We have received a fragment.  Process it.
- *
- * @param dc the context
- * @param msg the message that was received
- * @return #GNUNET_OK on success,
- *         #GNUNET_NO if this was a duplicate,
- *         #GNUNET_SYSERR on error
- */
-int
-GNUNET_DEFRAGMENT_process_fragment (struct GNUNET_DEFRAGMENT_Context *dc,
-                                    const struct GNUNET_MessageHeader *msg);
-#if 0                           /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-#endif
-/** @} */  /* end of group */
-/** @} */ /* end of group addition */
diff --git a/src/include/gnunet_friends_lib.h b/src/include/gnunet_friends_lib.h
deleted file mode 100644
index 4f4d5e88b..000000000
--- a/src/include/gnunet_friends_lib.h
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2013 Christian Grothoff
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone 
- * @{
- *
- * @author Christian Grothoff
- *
- * @file
- * Library to read and write the FRIENDS file
- *
- * @defgroup friends  Friends library
- * Library to read and write the FRIENDS file
- * @{
- */
-#ifndef GNUNET_FRIENDS_LIB_H
-#define GNUNET_FRIENDS_LIB_H
-#ifdef __cplusplus
-extern "C"
-{
-#if 0                           /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-#include "gnunet_util_lib.h"
-/**
- * Signature of a function called on each friend found.
- *
- * @param cls closure
- * @param friend_id peer identity of the friend
- */
-typedef void (*GNUNET_FRIENDS_Callback)(void *cls,
-                                        const struct
-                                        GNUNET_PeerIdentity *friend_id);
-/**
- * Parse the FRIENDS file.
- *
- * @param cfg our configuration
- * @param cb function to call on each friend found
- * @param cb_cls closure for @a cb
- * @return #GNUNET_OK on success, #GNUNET_SYSERR on parsing errors
- */
-int
-GNUNET_FRIENDS_parse (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                      GNUNET_FRIENDS_Callback cb,
-                      void *cb_cls);
-/**
- * Handle for writing a friends file.
- */
-struct GNUNET_FRIENDS_Writer;
-/**
- * Start writing a fresh FRIENDS file.  Will make a backup of the
- * old one.
- *
- * @param cfg configuration to use.
- * @return NULL on error
- */
-struct GNUNET_FRIENDS_Writer *
-GNUNET_FRIENDS_write_start (const struct GNUNET_CONFIGURATION_Handle *cfg);
-/**
- * Finish writing out the friends file.
- *
- * @param w write handle
- * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
- */
-int
-GNUNET_FRIENDS_write_stop (struct GNUNET_FRIENDS_Writer *w);
-/**
- * Add a friend to the friends file.
- *
- * @param w write handle
- * @param friend_id friend to add
- * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
- */
-int
-GNUNET_FRIENDS_write (struct GNUNET_FRIENDS_Writer *w,
-                      const struct GNUNET_PeerIdentity *friend_id);
-#if 0                           /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-#endif
-/** @} */  /* end of group */
-/** @} */  /* end of group addition to backbone */
diff --git a/src/include/gnunet_gns_service.h b/src/include/gnunet_gns_service.h
index 1fcf7aa8b..1f19e58ac 100644
--- a/src/include/gnunet_gns_service.h
+++ b/src/include/gnunet_gns_service.h
@@ -137,7 +137,7 @@ enum GNUNET_GNS_LocalOptions
 struct GNUNET_GNS_LookupRequest *
 GNUNET_GNS_lookup (struct GNUNET_GNS_Handle *handle,
                   const char *name,
-                   const struct GNUNET_IDENTITY_PublicKey *zone,
+                   const struct GNUNET_CRYPTO_PublicKey *zone,
                   uint32_t type,
                   enum GNUNET_GNS_LocalOptions options,
                   GNUNET_GNS_LookupResultProcessor proc,
@@ -161,7 +161,7 @@ GNUNET_GNS_lookup (struct GNUNET_GNS_Handle *handle,
 struct GNUNET_GNS_LookupRequest *
 GNUNET_GNS_lookup_limited (struct GNUNET_GNS_Handle *handle,
                           const char *name,
-                           const struct GNUNET_IDENTITY_PublicKey *zone,
+                           const struct GNUNET_CRYPTO_PublicKey *zone,
                           uint32_t type,
                           enum GNUNET_GNS_LocalOptions options,
                           uint16_t recursion_depth_limit,
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h
index 3aee30117..3f1830498 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -38,6 +38,7 @@
 #define GNUNET_GNSRECORD_LIB_H
+#include "gnunet_common.h"
 #include "gnunet_identity_service.h"
 #ifdef __cplusplus
@@ -338,7 +339,7 @@ struct GNUNET_GNSRECORD_ReverseRecord
  /**
   * The public key of the namespace the is delegating to our namespace
   */
-  struct GNUNET_IDENTITY_PublicKey pkey;
+  struct GNUNET_CRYPTO_PublicKey pkey;
  /**
   * The expiration time of the delegation
@@ -493,7 +494,7 @@ GNUNET_GNSRECORD_string_normalize (const char *src);
 * #GNUNET_GNSRECORD_z2s.
 */
 const char *
-GNUNET_GNSRECORD_z2s (const struct GNUNET_IDENTITY_PublicKey *z);
+GNUNET_GNSRECORD_z2s (const struct GNUNET_CRYPTO_PublicKey *z);
 /**
@@ -507,7 +508,7 @@ GNUNET_GNSRECORD_z2s (const struct GNUNET_IDENTITY_PublicKey *z);
 *         key in an encoding suitable for DNS labels.
 */
 const char *
-GNUNET_GNSRECORD_pkey_to_zkey (const struct GNUNET_IDENTITY_PublicKey *pkey);
+GNUNET_GNSRECORD_pkey_to_zkey (const struct GNUNET_CRYPTO_PublicKey *pkey);
 /**
@@ -521,7 +522,7 @@ GNUNET_GNSRECORD_pkey_to_zkey (const struct GNUNET_IDENTITY_PublicKey *pkey);
 */
 int
 GNUNET_GNSRECORD_zkey_to_pkey (const char *zkey,
-                               struct GNUNET_IDENTITY_PublicKey *pkey);
+                               struct GNUNET_CRYPTO_PublicKey *pkey);
 /**
@@ -533,7 +534,7 @@ GNUNET_GNSRECORD_zkey_to_pkey (const char *zkey,
 */
 void
 GNUNET_GNSRECORD_query_from_private_key (
-  const struct GNUNET_IDENTITY_PrivateKey *zone, const char *label,
+  const struct GNUNET_CRYPTO_PrivateKey *zone, const char *label,
  struct GNUNET_HashCode *query);
@@ -547,7 +548,7 @@ GNUNET_GNSRECORD_query_from_private_key (
 */
 void
 GNUNET_GNSRECORD_query_from_public_key (
-  const struct GNUNET_IDENTITY_PublicKey *pub, const char *label,
+  const struct GNUNET_CRYPTO_PublicKey *pub, const char *label,
  struct GNUNET_HashCode *query);
@@ -561,7 +562,7 @@ GNUNET_GNSRECORD_query_from_public_key (
 */
 ssize_t
 GNUNET_GNSRECORD_block_calculate_size (const struct
-                                       GNUNET_IDENTITY_PrivateKey *key,
+                                       GNUNET_CRYPTO_PrivateKey *key,
                                       const struct GNUNET_GNSRECORD_Data *rd,
                                       unsigned int rd_count);
@@ -575,7 +576,7 @@ GNUNET_GNSRECORD_block_calculate_size (const struct
 */
 enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_block_sign (const struct
-                             GNUNET_IDENTITY_PrivateKey *key,
+                             GNUNET_CRYPTO_PrivateKey *key,
                             const char *label,
                             struct GNUNET_GNSRECORD_Block *block);
@@ -591,7 +592,7 @@ GNUNET_GNSRECORD_block_sign (const struct
 * @return GNUNET_OK on success
 */
 enum GNUNET_GenericReturnValue
-GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
+GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_PrivateKey *key,
                               struct GNUNET_TIME_Absolute expire,
                               const char *label,
                               const struct GNUNET_GNSRECORD_Data *rd,
@@ -616,7 +617,7 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
 */
 enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_block_create_unsigned (const struct
-                                        GNUNET_IDENTITY_PrivateKey *key,
+                                        GNUNET_CRYPTO_PrivateKey *key,
                                        struct GNUNET_TIME_Absolute expire,
                                        const char *label,
                                        const struct GNUNET_GNSRECORD_Data *rd,
@@ -638,7 +639,7 @@ GNUNET_GNSRECORD_block_create_unsigned (const struct
 * @return GNUNET_OK on success.
 */
 enum GNUNET_GenericReturnValue
-GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *key,
+GNUNET_GNSRECORD_block_create2 (const struct GNUNET_CRYPTO_PrivateKey *key,
                                struct GNUNET_TIME_Absolute expire,
                                const char *label,
                                const struct GNUNET_GNSRECORD_Data *rd,
@@ -653,7 +654,7 @@ GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *key,
 * @param block block to verify
 * @return #GNUNET_OK if the signature is valid
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block);
@@ -668,10 +669,10 @@ GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block);
 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the block was
 *        not well-formed
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_block_decrypt (
  const struct GNUNET_GNSRECORD_Block *block,
-  const struct GNUNET_IDENTITY_PublicKey *zone_key, const char *label,
+  const struct GNUNET_CRYPTO_PublicKey *zone_key, const char *label,
  GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls);
@@ -682,7 +683,7 @@ GNUNET_GNSRECORD_block_decrypt (
 * @param b another record
 * @return #GNUNET_YES if the records are equal, or #GNUNET_NO if not.
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_records_cmp (const struct GNUNET_GNSRECORD_Data *a,
                              const struct GNUNET_GNSRECORD_Data *b);
@@ -751,7 +752,7 @@ enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_identity_from_data (const char *data,
                                     size_t data_size,
                                     uint32_t type,
-                                     struct GNUNET_IDENTITY_PublicKey *key);
+                                     struct GNUNET_CRYPTO_PublicKey *key);
 /**
@@ -765,7 +766,7 @@ GNUNET_GNSRECORD_identity_from_data (const char *data,
 */
 enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_data_from_identity (const struct
-                                     GNUNET_IDENTITY_PublicKey *key,
+                                     GNUNET_CRYPTO_PublicKey *key,
                                     char **data,
                                     size_t *data_size,
                                     uint32_t *type);
@@ -828,6 +829,135 @@ GNUNET_GNSRECORD_normalize_record_set (const char *label,
 enum GNUNET_GenericReturnValue
 GNUNET_GNSRECORD_label_check (const char*label, char **emsg);
+/**
+ * Maximum length of a revocation
+ */
+#define GNUNET_MAX_POW_SIZE sizeof(struct GNUNET_GNSRECORD_PowP) +\
+                                         sizeof(struct GNUNET_CRYPTO_PublicKey) +\
+                                         1024 //FIXME max sig_len
+/**
+ * The proof-of-work narrowing factor.
+ * The number of PoWs that are calculates as part of revocation.
+ */
+#define POW_COUNT 32
+GNUNET_NETWORK_STRUCT_BEGIN
+/**
+ * Struct for a proof of work as part of the revocation.
+ */
+struct GNUNET_GNSRECORD_PowP
+{
+  /**
+   * The timestamp of the revocation
+   */
+  struct GNUNET_TIME_AbsoluteNBO timestamp;
+  /**
+   * The TTL of this revocation (purely informational)
+   */
+  struct GNUNET_TIME_RelativeNBO ttl;
+  /**
+   * The PoWs
+   */
+  uint64_t pow[POW_COUNT] GNUNET_PACKED;
+  /** followed by the public key type, the key and a signature **/
+};
+/**
+ * The signature object we use for the PoW
+ */
+struct GNUNET_GNSRECORD_SignaturePurposePS
+{
+  /**
+   * The signature purpose
+   */
+  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+  /**
+   * The timestamp of the revocation
+   */
+  struct GNUNET_TIME_AbsoluteNBO timestamp;
+  /** Followed by the zone public key type and key **/
+};
+GNUNET_NETWORK_STRUCT_END
+/**
+ * Handle to a running proof-of-work calculation.
+ */
+struct GNUNET_GNSRECORD_PowCalculationHandle;
+/**
+ * Check if the given proof-of-work is valid.
+ *
+ * @param pow proof of work
+ * @param matching_bits how many bits must match (configuration)
+ * @param epoch_duration length of single epoch in configuration
+ * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_GNSRECORD_check_pow (const struct GNUNET_GNSRECORD_PowP *pow,
+                             unsigned int matching_bits,
+                             struct GNUNET_TIME_Relative epoch_duration);
+/**
+ * Initializes a fresh PoW computation.
+ *
+ * @param key the key to calculate the PoW for.
+ * @param pow the pow object to work with in the calculation.
+ */
+void
+GNUNET_GNSRECORD_pow_init (const struct GNUNET_CRYPTO_PrivateKey *key,
+                            struct GNUNET_GNSRECORD_PowP *pow);
+/**
+ * Starts a proof-of-work calculation given the pow object as well as
+ * target epochs and difficulty.
+ *
+ * @param pow the PoW to based calculations on.
+ * @param epochs the number of epochs for which the PoW must be valid.
+ * @param difficulty the base difficulty of the PoW.
+ * @return a handle for use in PoW rounds
+ */
+struct GNUNET_GNSRECORD_PowCalculationHandle*
+GNUNET_GNSRECORD_pow_start (struct GNUNET_GNSRECORD_PowP *pow,
+                             int epochs,
+                             unsigned int difficulty);
+/**
+ * Calculate a single round in the key revocation PoW.
+ *
+ * @param pc handle to the PoW, initially called with NULL.
+ * @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_GNSRECORD_pow_round (struct GNUNET_GNSRECORD_PowCalculationHandle *pc);
+size_t
+GNUNET_GNSRECORD_proof_get_size (const struct GNUNET_GNSRECORD_PowP *pow);
+/**
+ * Stop a PoW calculation
+ *
+ * @param pc the calculation to clean up
+ * @return #GNUNET_YES if pow valid, #GNUNET_NO if pow was set but is not
+ * valid
+ */
+void
+GNUNET_GNSRECORD_pow_stop (struct GNUNET_GNSRECORD_PowCalculationHandle *pc);
 #if 0 /* keep Emacsens' auto-indent happy */
 {
 #endif
diff --git a/src/include/gnunet_hello_lib.h b/src/include/gnunet_hello_lib.h
deleted file mode 100644
index 20a61cbfb..000000000
--- a/src/include/gnunet_hello_lib.h
+++ /dev/null
@@ -1,545 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2010, 2011 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @author Christian Grothoff
- * @file
- * Helper library for handling HELLOs
- *
- * @defgroup hello  Hello library
- * Helper library for handling HELLOs
- *
- * @see [Documentation](https://gnunet.org/gnunets-hostlist-subsystem)
- *
- * @{
- */
-#ifndef GNUNET_HELLO_LIB_H
-#define GNUNET_HELLO_LIB_H
-#ifdef __cplusplus
-extern "C" {
-#if 0 /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-#include "gnunet_util_lib.h"
-/**
- * Prefix that every HELLO URI must start with.
- */
-#define GNUNET_HELLO_URI_PREFIX "gnunet://hello/"
-/**
- * Prefix that every FRIEND HELLO URI must start with.
- */
-#define GNUNET_FRIEND_HELLO_URI_PREFIX "gnunet://friend-hello/"
-/**
- * Separator used in HELLO URI
- */
-#define GNUNET_HELLO_URI_SEP '+'
-/**
- * Additional local information about an address
- *
- * These information are only valid for the local peer and are not serialized
- * when a #GNUNET_HELLO_Message is created
- */
-enum GNUNET_HELLO_AddressInfo
-{
-  /**
-   * No additional information
-   */
-  GNUNET_HELLO_ADDRESS_INFO_NONE = 0,
-  /**
-   * This is an inbound address and cannot be used to initiate an outbound
-   * connection to another peer
-   */
-  GNUNET_HELLO_ADDRESS_INFO_INBOUND = 1
-};
-/**
- * An address for communicating with a peer.  We frequently
- * need this tuple and the components cannot really be
- * separated.  This is NOT the format that would be used
- * on the wire.
- */
-struct GNUNET_HELLO_Address
-{
-  /**
-   * For which peer is this an address?
-   */
-  struct GNUNET_PeerIdentity peer;
-  /**
-   * Name of the transport plugin enabling the communication using
-   * this address.
-   */
-  const char *transport_name;
-  /**
-   * Binary representation of the address (plugin-specific).
-   */
-  const void *address;
-  /**
-   * Number of bytes in @e address.
-   */
-  size_t address_length;
-  /**
-   * Extended information about address
-   *
-   * This field contains additional #GNUNET_HELLO_AddressInfo flags e.g.
-   * to indicate an address is inbound and cannot be used to initiate an
-   * outbound connection.
-   *
-   * These information are only valid for the local peer and are not serialized
-   * when a #GNUNET_HELLO_Message is created
-   */
-  enum GNUNET_HELLO_AddressInfo local_info;
-};
-/**
- * Allocate an address struct.
- *
- * @param peer the peer
- * @param transport_name plugin name
- * @param address binary address
- * @param address_length number of bytes in @a address
- * @param local_info additional local information for the address
- * @return the address struct
- */
-struct GNUNET_HELLO_Address *
-GNUNET_HELLO_address_allocate (const struct GNUNET_PeerIdentity *peer,
-                               const char *transport_name,
-                               const void *address,
-                               size_t address_length,
-                               enum GNUNET_HELLO_AddressInfo local_info);
-/**
- * Copy an address struct.
- *
- * @param address address to copy
- * @return a copy of the address struct
- */
-struct GNUNET_HELLO_Address *
-GNUNET_HELLO_address_copy (const struct GNUNET_HELLO_Address *address);
-/**
- * Compare two addresses.  Does NOT compare the peer identity,
- * that is assumed already to match!
- *
- * @param a1 first address
- * @param a2 second address
- * @return 0 if the addresses are equal, -1 if @a a1< @a a2, 1 if @a a1> @a a2.
- */
-int
-GNUNET_HELLO_address_cmp (const struct GNUNET_HELLO_Address *a1,
-                          const struct GNUNET_HELLO_Address *a2);
-/**
- * Get the size of an address struct.
- *
- * @param address address
- * @return the size
- */
-size_t
-GNUNET_HELLO_address_get_size (const struct GNUNET_HELLO_Address *address);
-/**
- * Check if an address has a local option set
- *
- * @param address the address to check
- * @param option the respective option to check for
- * @return #GNUNET_YES or #GNUNET_NO
- */
-int
-GNUNET_HELLO_address_check_option (const struct GNUNET_HELLO_Address *address,
-                                   enum GNUNET_HELLO_AddressInfo option);
-/**
- * Free an address.
- *
- * @param addr address to free
- */
-#define GNUNET_HELLO_address_free(addr) GNUNET_free (addr)
-GNUNET_NETWORK_STRUCT_BEGIN
-/**
- * A HELLO message is used to exchange information about
- * transports with other peers.  This struct is always
- * followed by the actual network addresses which have
- * the format:
- *
- * 1) transport-name (0-terminated)
- * 2) address-length (uint16_t, network byte order; possibly
- *    unaligned!)
- * 3) address expiration (`struct GNUNET_TIME_AbsoluteNBO`); possibly
- *    unaligned!)
- * 4) address (address-length bytes; possibly unaligned!)
- */
-struct GNUNET_HELLO_Message
-{
-  /**
-   * Type will be #GNUNET_MESSAGE_TYPE_HELLO.
-   */
-  struct GNUNET_MessageHeader header;
-  /**
-   * Use in F2F mode: Do not gossip this HELLO message
-   */
-  uint32_t friend_only GNUNET_PACKED;
-  /**
-   * The public key of the peer.
-   */
-  struct GNUNET_CRYPTO_EddsaPublicKey publicKey;
-};
-GNUNET_NETWORK_STRUCT_END
-/**
- * Return HELLO type
- *
- * @param h HELLO Message to test
- * @return #GNUNET_YES for friend-only or #GNUNET_NO otherwise
- */
-int
-GNUNET_HELLO_is_friend_only (const struct GNUNET_HELLO_Message *h);
-/**
- * Copy the given address information into
- * the given buffer using the format of HELLOs.
- *
- * @param address address to add
- * @param expiration expiration for the address
- * @param target where to copy the address
- * @param max maximum number of bytes to copy to @a target
- * @return number of bytes copied, 0 if
- *         the target buffer was not big enough.
- */
-size_t
-GNUNET_HELLO_add_address (const struct GNUNET_HELLO_Address *address,
-                          struct GNUNET_TIME_Absolute expiration,
-                          char *target,
-                          size_t max);
-/**
- * Callback function used to fill a buffer of max bytes with a list of
- * addresses in the format used by HELLOs.  Should use
- * #GNUNET_HELLO_add_address() as a helper function.
- *
- * @param cls closure
- * @param max maximum number of bytes that can be written to @a buf
- * @param buf where to write the address information
- * @return number of bytes written or 0, #GNUNET_SYSERR to signal the
- *         end of the iteration.
- */
-typedef ssize_t
-(*GNUNET_HELLO_GenerateAddressListCallback) (void *cls,
-                                             size_t max,
-                                             void *buf);
-/**
- * Construct a HELLO message given the public key,
- * expiration time and an iterator that spews the
- * transport addresses.
- *
- * If friend only is set to #GNUNET_YES we create a FRIEND_HELLO which
- * will not be gossiped to other peers.
- *
- * @param public_key public key to include in the HELLO
- * @param addrgen callback to invoke to get addresses
- * @param addrgen_cls closure for @a addrgen
- * @param friend_only should the returned HELLO be only visible to friends?
- * @return the hello message
- */
-struct GNUNET_HELLO_Message *
-GNUNET_HELLO_create (const struct GNUNET_CRYPTO_EddsaPublicKey *public_key,
-                     GNUNET_HELLO_GenerateAddressListCallback addrgen,
-                     void *addrgen_cls,
-                     int friend_only);
-/**
- * Return the size of the given HELLO message.
- *
- * @param hello to inspect
- * @return the size, 0 if HELLO is invalid
- */
-uint16_t
-GNUNET_HELLO_size (const struct GNUNET_HELLO_Message *hello);
-/**
- * Construct a HELLO message by merging the
- * addresses in two existing HELLOs (which
- * must be for the same peer).
- *
- * @param h1 first HELLO message
- * @param h2 the second HELLO message
- * @return the combined hello message
- */
-struct GNUNET_HELLO_Message *
-GNUNET_HELLO_merge (const struct GNUNET_HELLO_Message *h1,
-                    const struct GNUNET_HELLO_Message *h2);
-/**
- * Test if two HELLO messages contain the same addresses.
- * If they only differ in expiration time, the lowest
- * expiration time larger than 'now' where they differ
- * is returned.
- *
- * @param h1 first HELLO message
- * @param h2 the second HELLO message
- * @param now time to use for deciding which addresses have
- *            expired and should not be considered at all
- * @return absolute time forever if the two HELLOs are
- *         totally identical; smallest timestamp >= now if
- *         they only differ in timestamps;
- *         zero if the some addresses with expirations >= now
- *         do not match at all
- */
-struct GNUNET_TIME_Absolute
-GNUNET_HELLO_equals (const struct GNUNET_HELLO_Message *h1,
-                     const struct GNUNET_HELLO_Message *h2,
-                     struct GNUNET_TIME_Absolute now);
-/**
- * Iterator callback to go over all addresses.
- *
- * @param cls closure
- * @param address the address
- * @param expiration expiration time
- * @return #GNUNET_OK to keep the address,
- *         #GNUNET_NO to delete it from the HELLO
- *         #GNUNET_SYSERR to stop iterating (but keep current address)
- */
-typedef int (*GNUNET_HELLO_AddressIterator) (
-  void *cls,
-  const struct GNUNET_HELLO_Address *address,
-  struct GNUNET_TIME_Absolute expiration);
-/**
- * When does the last address in the given HELLO expire?
- *
- * @param msg HELLO to inspect
- * @return time the last address expires, 0 if there are no addresses in the HELLO
- */
-struct GNUNET_TIME_Absolute
-GNUNET_HELLO_get_last_expiration (const struct GNUNET_HELLO_Message *msg);
-/**
- * Iterate over all of the addresses in the HELLO.
- *
- * @param msg HELLO to iterate over; client does not need to
- *        have verified that msg is well-formed (beyond starting
- *        with a GNUNET_MessageHeader of the right type).
- * @param return_modified if a modified copy should be returned,
- *         otherwise NULL will be returned
- * @param it iterator to call on each address
- * @param it_cls closure for @a it
- * @return the modified HELLO or NULL
- */
-struct GNUNET_HELLO_Message *
-GNUNET_HELLO_iterate_addresses (const struct GNUNET_HELLO_Message *msg,
-                                int return_modified,
-                                GNUNET_HELLO_AddressIterator it,
-                                void *it_cls);
-/**
- * Iterate over addresses in @a new_hello that are NOT already present
- * in @a old_hello. Note that if the address is present in @a old_hello
- * but the expiration time in @a new_hello is more recent, the
- * iterator is also called.
- *
- * @param new_hello a HELLO message
- * @param old_hello a HELLO message
- * @param expiration_limit ignore addresses in old_hello
- *        that expired before the given time stamp
- * @param it iterator to call on each address
- * @param it_cls closure for @a it
- */
-void
-GNUNET_HELLO_iterate_new_addresses (
-  const struct GNUNET_HELLO_Message *new_hello,
-  const struct GNUNET_HELLO_Message *old_hello,
-  struct GNUNET_TIME_Absolute expiration_limit,
-  GNUNET_HELLO_AddressIterator it,
-  void *it_cls);
-/**
- * Get the peer identity from a HELLO message.
- *
- * @param hello the hello message
- * @param peer where to store the peer's identity
- * @return #GNUNET_SYSERR if the HELLO was malformed
- */
-int
-GNUNET_HELLO_get_id (const struct GNUNET_HELLO_Message *hello,
-                     struct GNUNET_PeerIdentity *peer);
-/**
- * Get the header from a HELLO message, used so other code
- * can correctly send HELLO messages.
- *
- * @param hello the hello message
- *
- * @return header or NULL if the HELLO was malformed
- */
-struct GNUNET_MessageHeader *
-GNUNET_HELLO_get_header (struct GNUNET_HELLO_Message *hello);
-/**
- * Helper function to load/access transport plugins.
- * FIXME: pass closure!
- *
- * @param name name of the transport plugin to load
- * @return NULL if a plugin with name @a name is not known/loadable
- */
-typedef struct GNUNET_TRANSPORT_PluginFunctions *(
-*GNUNET_HELLO_TransportPluginsFind) (const char *name);
-/**
- * Compose a hello URI string from a hello message.
- *
- * @param hello Hello message
- * @param plugins_find Function to find transport plugins by name
- * @return Hello URI string
- */
-char *
-GNUNET_HELLO_compose_uri (const struct GNUNET_HELLO_Message *hello,
-                          GNUNET_HELLO_TransportPluginsFind plugins_find);
-/**
- * Parse a hello URI string to a hello message.
- *
- * @param uri URI string to parse
- * @param pubkey Pointer to struct where public key is parsed
- * @param hello Pointer to struct where hello message is parsed
- * @param plugins_find Function to find transport plugins by name
- * @return #GNUNET_OK on success, #GNUNET_SYSERR if the URI was invalid, #GNUNET_NO on other errors
- */
-int
-GNUNET_HELLO_parse_uri (const char *uri,
-                        struct GNUNET_CRYPTO_EddsaPublicKey *pubkey,
-                        struct GNUNET_HELLO_Message **hello,
-                        GNUNET_HELLO_TransportPluginsFind plugins_find);
-/* NG API */
-#include "gnunet_nt_lib.h"
-/**
- * Build address record by signing raw information with private key.
- *
- * @param address text address to sign
- * @param nt network type of @a address
- * @param mono_time when was @a address valid
- * @param private_key signing key to use
- * @param[out] result where to write address record (allocated)
- * @param[out] result_size set to size of @a result
- */
-void
-GNUNET_HELLO_sign_address (
-  const char *address,
-  enum GNUNET_NetworkType nt,
-  struct GNUNET_TIME_Absolute mono_time,
-  const struct GNUNET_CRYPTO_EddsaPrivateKey *private_key,
-  void **result,
-  size_t *result_size);
-/**
- * Check signature and extract address record.
- *
- * @param raw raw signed address
- * @param raw_size size of @a raw
- * @param pid public key to use for signature verification
- * @param[out] nt set to network type
- * @param[out] mono_time when was the address generated
- * @return NULL on error, otherwise the address
- */
-char *
-GNUNET_HELLO_extract_address (const void *raw,
-                              size_t raw_size,
-                              const struct GNUNET_PeerIdentity *pid,
-                              enum GNUNET_NetworkType *nt,
-                              struct GNUNET_TIME_Absolute *mono_time);
-/**
- * Given an address as a string, extract the prefix that identifies
- * the communicator offering transmissions to that address.
- *
- * @param address a peer's address
- * @return NULL if the address is mal-formed, otherwise the prefix
- */
-char *
-GNUNET_HELLO_address_to_prefix (const char *address);
-#if 0 /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-/* ifndef GNUNET_HELLO_LIB_H */
-#endif
-/** @} */ /* end of group */
-/** @} */ /* end of group addition */
-/* end of gnunet_hello_lib.h */
diff --git a/src/include/gnunet_hello_uri_lib.h b/src/include/gnunet_hello_uri_lib.h
index bba7078e6..aecda0885 100644
--- a/src/include/gnunet_hello_uri_lib.h
+++ b/src/include/gnunet_hello_uri_lib.h
@@ -70,6 +70,13 @@ GNUNET_HELLO_builder_new (const struct GNUNET_PeerIdentity *pid);
 /**
+ * Get the PeerIdentity for this builder.
+ */
+const struct GNUNET_PeerIdentity *
+GNUNET_HELLO_builder_get_id (const struct GNUNET_HELLO_Builder *builder);
+/**
 * Release resources of a @a builder.
 *
 * @param[in] builder to free
@@ -111,6 +118,17 @@ GNUNET_HELLO_builder_from_url (const char *url);
 /**
+ * Get the expiration time for this HELLO.
+ *
+ * @param  msg The hello msg.
+ * @return The expiration time.
+ */
+struct GNUNET_TIME_Absolute
+GNUNET_HELLO_builder_get_expiration_time (const struct
+                                          GNUNET_MessageHeader *msg);
+/**
 * Generate envelope with GNUnet HELLO message (including
 * peer ID) from a @a builder
 *
@@ -120,7 +138,8 @@ GNUNET_HELLO_builder_from_url (const char *url);
 */
 struct GNUNET_MQ_Envelope *
 GNUNET_HELLO_builder_to_env (const struct GNUNET_HELLO_Builder *builder,
-                             const struct GNUNET_CRYPTO_EddsaPrivateKey *priv);
+                             const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+                             struct GNUNET_TIME_Relative expiration_time);
 /**
@@ -133,7 +152,8 @@ GNUNET_HELLO_builder_to_env (const struct GNUNET_HELLO_Builder *builder,
 struct GNUNET_MessageHeader *
 GNUNET_HELLO_builder_to_dht_hello_msg (
  const struct GNUNET_HELLO_Builder *builder,
-  const struct GNUNET_CRYPTO_EddsaPrivateKey *priv);
+  const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+  struct GNUNET_TIME_Relative expiration_time);
 /**
@@ -162,7 +182,8 @@ enum GNUNET_GenericReturnValue
 GNUNET_HELLO_builder_to_block (const struct GNUNET_HELLO_Builder *builder,
                               const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
                               void *block,
-                               size_t *block_size);
+                               size_t *block_size,
+                               struct GNUNET_TIME_Relative expiration_time);
 /**
@@ -199,6 +220,7 @@ GNUNET_HELLO_builder_del_address (struct GNUNET_HELLO_Builder *builder,
 */
 typedef void
 (*GNUNET_HELLO_UriCallback) (void *cls,
+                             const struct GNUNET_PeerIdentity* pid,
                             const char *uri);
@@ -206,13 +228,12 @@ typedef void
 * Iterate over URIs in a builder.
 *
 * @param builder builder to iterate over
- * @param[out] pid set to the peer the @a builder is for
 * @param uc callback invoked for each URI, can be NULL
 * @param uc_cls closure for @a addrgen
+ * @return pid of the peer the @a builder is for, can be NULL
 */
-void
+const struct GNUNET_PeerIdentity *
 GNUNET_HELLO_builder_iterate (const struct GNUNET_HELLO_Builder *builder,
-                              struct GNUNET_PeerIdentity *pid,
                              GNUNET_HELLO_UriCallback uc,
                              void *uc_cls);
@@ -237,6 +258,35 @@ GNUNET_HELLO_dht_msg_to_block (const struct GNUNET_MessageHeader *hello,
                               struct GNUNET_TIME_Absolute *block_expiration);
+/**
+ * Given an address as a string, extract the prefix that identifies
+ * the communicator offering transmissions to that address.
+ *
+ * @param address a peer's address
+ * @return NULL if the address is mal-formed, otherwise the prefix
+ */
+char *
+GNUNET_HELLO_address_to_prefix (const char *address);
+/**
+ * Build address record by signing raw information with private key.
+ *
+ * @param address text address to sign
+ * @param nt network type of @a address
+ * @param mono_time when was @a address valid
+ * @param private_key signing key to use
+ * @param[out] result where to write address record (allocated)
+ * @param[out] result_size set to size of @a result
+ */
+void
+GNUNET_HELLO_sign_address (
+  const char *address,
+  enum GNUNET_NetworkType nt,
+  struct GNUNET_TIME_Absolute mono_time,
+  const struct GNUNET_CRYPTO_EddsaPrivateKey *private_key,
+  void **result,
+  size_t *result_size);
 #if 0 /* keep Emacsens' auto-indent happy */
 {
 #endif
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h
index d4192a77f..270f4d26f 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -62,20 +62,6 @@ extern "C" {
 */
 #define GNUNET_IDENTITY_VERSION 0x00000100
-enum GNUNET_IDENTITY_KeyType
-{
-  /**
-   * The identity type. The value is the same as the
-   * PKEY record type.
-   */
-  GNUNET_IDENTITY_TYPE_ECDSA = 65536,
-  /**
-   * EDDSA identity. The value is the same as the EDKEY
-   * record type.
-   */
-  GNUNET_IDENTITY_TYPE_EDDSA = 65556
-};
 /**
 * Handle to access the identity service.
@@ -88,89 +74,6 @@ struct GNUNET_IDENTITY_Handle;
 struct GNUNET_IDENTITY_Ego;
 /**
- * A private key for an identity as per LSD0001.
- * Note that these types are NOT packed and MUST NOT be used in RPC
- * messages. Use the respective serialization functions.
- */
-struct GNUNET_IDENTITY_PrivateKey
-{
-  /**
-   * Type of public key.
-   * Defined by the GNS zone type value.
-   * In NBO.
-   */
-  uint32_t type;
-  union
-  {
-    /**
-     * An ECDSA identity key.
-     */
-    struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_key;
-    /**
-     * AN EdDSA identtiy key
-     */
-    struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_key;
-  };
-};
-/**
- * An identity key as per LSD0001.
- */
-struct GNUNET_IDENTITY_PublicKey
-{
-  /**
-   * Type of public key.
-   * Defined by the GNS zone type value.
-   * In NBO.
-   */
-  uint32_t type;
-  union
-  {
-    /**
-     * An ECDSA identity key.
-     */
-    struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key;
-    /**
-     * AN EdDSA identtiy key
-     */
-    struct GNUNET_CRYPTO_EddsaPublicKey eddsa_key;
-  };
-};
-/**
- * An identity signature as per LSD0001.
- */
-struct GNUNET_IDENTITY_Signature
-{
-  /**
-   * Type of signature.
-   * Defined by the GNS zone type value.
-   * In NBO.
-   */
-  uint32_t type;
-  union
-  {
-    /**
-     * An ECDSA signature
-     */
-    struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature;
-    /**
-     * AN EdDSA signature
-     */
-    struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
-  };
-};
-/**
 * Handle for an operation with the identity service.
 */
 struct GNUNET_IDENTITY_Operation;
@@ -182,7 +85,7 @@ struct GNUNET_IDENTITY_Operation;
 * @param ego the ego
 * @return associated ECC key, valid as long as the ego is valid
 */
-const struct GNUNET_IDENTITY_PrivateKey *
+const struct GNUNET_CRYPTO_PrivateKey *
 GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego);
@@ -203,7 +106,7 @@ GNUNET_IDENTITY_ego_get_anonymous (void);
 */
 void
 GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego,
-                                    struct GNUNET_IDENTITY_PublicKey *pk);
+                                    struct GNUNET_CRYPTO_PublicKey *pk);
 /**
@@ -336,7 +239,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h);
 typedef void
 (*GNUNET_IDENTITY_CreateContinuation) (
  void *cls,
-  const struct GNUNET_IDENTITY_PrivateKey *pk,
+  const struct GNUNET_CRYPTO_PrivateKey *pk,
  enum GNUNET_ErrorCode ec);
@@ -354,8 +257,8 @@ typedef void
 struct GNUNET_IDENTITY_Operation *
 GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *id,
                        const char *name,
-                        const struct GNUNET_IDENTITY_PrivateKey *privkey,
+                        const struct GNUNET_CRYPTO_PrivateKey *privkey,
-                        enum GNUNET_IDENTITY_KeyType ktype,
+                        enum GNUNET_CRYPTO_KeyType ktype,
                        GNUNET_IDENTITY_CreateContinuation cont,
                        void *cont_cls);
@@ -406,472 +309,6 @@ void
 GNUNET_IDENTITY_cancel (struct GNUNET_IDENTITY_Operation *op);
-/**
- * Get the compacted length of a #GNUNET_IDENTITY_PublicKey.
- * Compacted means that it returns the minimum number of bytes this
- * key is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_PublicKey.
- * Useful for compact serializations.
- *
- * @param key the key.
- * @return -1 on error, else the compacted length of the key.
- */
-ssize_t
-GNUNET_IDENTITY_public_key_get_length (const struct
-                                       GNUNET_IDENTITY_PublicKey *key);
-/**
- * Reads a #GNUNET_IDENTITY_PublicKey from a compact buffer.
- * The buffer has to contain at least the compacted length of
- * a #GNUNET_IDENTITY_PublicKey in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the buffer does not contain a valid key, it returns -2 as error.
- *
- * @param buffer the buffer
- * @param len the length of buffer
- * @param key the key
- * @param the amount of bytes read from the buffer
- * @return #GNUNET_SYSERR on error
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_read_public_key_from_buffer (
-  const void *buffer,
-  size_t len,
-  struct GNUNET_IDENTITY_PublicKey *key,
-  size_t *read);
-/**
- * Get the compacted length of a #GNUNET_IDENTITY_PrivateKey.
- * Compacted means that it returns the minimum number of bytes this
- * key is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_PrivateKey.
- * Useful for compact serializations.
- *
- * @param key the key.
- * @return -1 on error, else the compacted length of the key.
- */
-ssize_t
-GNUNET_IDENTITY_private_key_get_length (
-  const struct GNUNET_IDENTITY_PrivateKey *key);
-/**
- * Writes a #GNUNET_IDENTITY_PublicKey to a compact buffer.
- * The buffer requires space for at least the compacted length of
- * a #GNUNET_IDENTITY_PublicKey in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the key is not valid, it returns -2 as error.
- *
- * @param key the key
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes written to the buffer
- */
-ssize_t
-GNUNET_IDENTITY_write_public_key_to_buffer (const struct
-                                            GNUNET_IDENTITY_PublicKey *key,
-                                            void*buffer,
-                                            size_t len);
-/**
- * Reads a #GNUNET_IDENTITY_PrivateKey from a compact buffer.
- * The buffer has to contain at least the compacted length of
- * a #GNUNET_IDENTITY_PrivateKey in bytes.
- * If the buffer is too small, the function returns GNUNET_SYSERR as error.
- *
- * @param buffer the buffer
- * @param len the length of buffer
- * @param key the key
- * @param the amount of bytes read from the buffer
- * @return #GNUNET_SYSERR on error
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_read_private_key_from_buffer (
-  const void*buffer,
-  size_t len,
-  struct GNUNET_IDENTITY_PrivateKey *key,
-  size_t *read);
-/**
- * Writes a #GNUNET_IDENTITY_PrivateKey to a compact buffer.
- * The buffer requires space for at least the compacted length of
- * a #GNUNET_IDENTITY_PrivateKey in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the key is not valid, it returns -2 as error.
- *
- * @param key the key
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes written to the buffer
- */
-ssize_t
-GNUNET_IDENTITY_write_private_key_to_buffer (
-  const struct GNUNET_IDENTITY_PrivateKey *key,
-  void*buffer,
-  size_t len);
-/**
- * Get the compacted length of a #GNUNET_IDENTITY_Signature.
- * Compacted means that it returns the minimum number of bytes this
- * signature is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_Signature.
- * Useful for compact serializations.
- *
- * @param sig the signature.
- * @return -1 on error, else the compacted length of the signature.
- */
-ssize_t
-GNUNET_IDENTITY_signature_get_length (
-  const struct GNUNET_IDENTITY_Signature *sig);
-/**
- * Get the compacted length of a signature by type.
- * Compacted means that it returns the minimum number of bytes this
- * signature is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_Signature.
- * Useful for compact serializations.
- *
- * @param sig the signature.
- * @return -1 on error, else the compacted length of the signature.
- */
-ssize_t
-GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type);
-/**
- * Reads a #GNUNET_IDENTITY_Signature from a compact buffer.
- * The buffer has to contain at least the compacted length of
- * a #GNUNET_IDENTITY_Signature in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the buffer does not contain a valid key, it returns -2 as error.
- *
- * @param sig the signature
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes read from the buffer
- */
-ssize_t
-GNUNET_IDENTITY_read_signature_from_buffer (
-  struct GNUNET_IDENTITY_Signature *sig,
-  const void*buffer,
-  size_t len);
-/**
- * Writes a #GNUNET_IDENTITY_Signature to a compact buffer.
- * The buffer requires space for at least the compacted length of
- * a #GNUNET_IDENTITY_Signature in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the key is not valid, it returns -2 as error.
- *
- * @param sig the signature
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes written to the buffer
- */
-ssize_t
-GNUNET_IDENTITY_write_signature_to_buffer (
-  const struct GNUNET_IDENTITY_Signature *sig,
-  void*buffer,
-  size_t len);
-/**
- * @brief Sign a given block.
- *
- * The @a purpose data is the beginning of the data of which the signature is
- * to be created. The `size` field in @a purpose must correctly indicate the
- * number of bytes of the data structure, including its header. If possible,
- * use #GNUNET_IDENTITY_sign() instead of this function.
- *
- * @param priv private key to use for the signing
- * @param purpose what to sign (size, purpose)
- * @param[out] sig where to write the signature
- * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_sign_ (
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
-  struct GNUNET_IDENTITY_Signature *sig);
-/**
- * @brief Sign a given block.
- *
- * The @a purpose data is the beginning of the data of which the signature is
- * to be created. The `size` field in @a purpose must correctly indicate the
- * number of bytes of the data structure, including its header.
- * The signature payload and length depends on the key type.
- *
- * @param priv private key to use for the signing
- * @param purpose what to sign (size, purpose)
- * @param[out] sig where to write the signature
- * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_sign_raw_ (
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
-  unsigned char *sig);
-/**
- * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey.
- *
- * The @a ps data must be a fixed-size struct for which the signature is to be
- * created. The `size` field in @a ps->purpose must correctly indicate the
- * number of bytes of the data structure, including its header.
- *
- * @param priv private key to use for the signing
- * @param ps packed struct with what to sign, MUST begin with a purpose
- * @param[out] sig where to write the signature
- */
-#define GNUNET_IDENTITY_sign(priv,ps,sig) do {                \
-          /* check size is set correctly */                                     \
-          GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));         \
-          /* check 'ps' begins with the purpose */                              \
-          GNUNET_static_assert (((void*) (ps)) ==                               \
-                                ((void*) &(ps)->purpose));                      \
-          GNUNET_assert (GNUNET_OK ==                                           \
-                         GNUNET_IDENTITY_sign_ (priv,               \
-                                                &(ps)->purpose,             \
-                                                sig));                      \
-} while (0)
-/**
- * @brief Verify a given signature.
- *
- * The @a validate data is the beginning of the data of which the signature
- * is to be verified. The `size` field in @a validate must correctly indicate
- * the number of bytes of the data structure, including its header.  If @a
- * purpose does not match the purpose given in @a validate (the latter must be
- * in big endian), signature verification fails.  If possible,
- * use #GNUNET_IDENTITY_signature_verify() instead of this function (only if @a validate
- * is not fixed-size, you must use this function directly).
- *
- * @param purpose what is the purpose that the signature should have?
- * @param validate block to validate (size, purpose, data)
- * @param sig signature that is being validated
- * @param pub public key of the signer
- * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_signature_verify_ (
-  uint32_t purpose,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
-  const struct GNUNET_IDENTITY_Signature *sig,
-  const struct GNUNET_IDENTITY_PublicKey *pub);
-/**
- * @brief Verify a given signature.
- *
- * The @a validate data is the beginning of the data of which the signature
- * is to be verified. The `size` field in @a validate must correctly indicate
- * the number of bytes of the data structure, including its header.  If @a
- * purpose does not match the purpose given in @a validate (the latter must be
- * in big endian), signature verification fails.
- *
- * @param purpose what is the purpose that the signature should have?
- * @param validate block to validate (size, purpose, data)
- * @param sig signature that is being validated
- * @param pub public key of the signer
- * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_signature_verify_raw_ (
-  uint32_t purpose,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
-  const unsigned char *sig,
-  const struct GNUNET_IDENTITY_PublicKey *pub);
-/**
- * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey.
- *
- * The @a ps data must be a fixed-size struct for which the signature is to be
- * created. The `size` field in @a ps->purpose must correctly indicate the
- * number of bytes of the data structure, including its header.
- *
- * @param purp purpose of the signature, must match 'ps->purpose.purpose'
- *              (except in host byte order)
- * @param ps packed struct with what to sign, MUST begin with a purpose
- * @param sig where to read the signature from
- * @param pub public key to use for the verifying
- */
-#define GNUNET_IDENTITY_signature_verify(purp,ps,sig,pub) ({             \
-    /* check size is set correctly */                                     \
-    GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));         \
-    /* check 'ps' begins with the purpose */                              \
-    GNUNET_static_assert (((void*) (ps)) ==                               \
-                          ((void*) &(ps)->purpose));                      \
-    GNUNET_IDENTITY_signature_verify_ (purp,                              \
-                                       &(ps)->purpose,                    \
-                                       sig,                               \
-                                       pub);                              \
-  })
-/**
- * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a
- * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption
- * using ecdh to derive a symmetric key.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param pub public key to use for ecdh
- * @param ecc where to write the ecc public key
- * @param result the output parameter in which to store the encrypted result
- *               can be the same or overlap with @c block
- * @returns the size of the encrypted block, -1 for errors.
- *          Due to the use of CFB and therefore an effective stream cipher,
- *          this size should be the same as @c len.
- */
-ssize_t
-GNUNET_IDENTITY_encrypt_old (const void *block,
-                             size_t size,
-                             const struct GNUNET_IDENTITY_PublicKey *pub,
-                             struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
-                             void *result);
-/**
- * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given
- * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key.
- *
- * @param block the data to decrypt, encoded as returned by encrypt
- * @param size the size of the @a block to decrypt
- * @param priv private key to use for ecdh
- * @param ecc the ecc public key
- * @param result address to store the result at
- *               can be the same or overlap with @c block
- * @return -1 on failure, size of decrypted block on success.
- *         Due to the use of CFB and therefore an effective stream cipher,
- *         this size should be the same as @c size.
- */
-ssize_t
-GNUNET_IDENTITY_decrypt_old (
-  const void *block,
-  size_t size,
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
-  const struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
-  void *result);
-#define GNUNET_IDENTITY_ENCRYPT_OVERHEAD_BYTES (crypto_secretbox_MACBYTES \
-                                                + sizeof (struct \
-                                                          GNUNET_CRYPTO_FoKemC))
-/**
- * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a
- * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption
- * using ecdh to derive a symmetric key.
- *
- * Note that the result buffer for the ciphertext must be the length of
- * the message to encrypt plus #GNUNET_IDENTITY_ENCRYPT_OVERHEAD_BYTES.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param pub public key to encrypt for
- * @param result the output parameter in which to store the encrypted result
- *               can be the same or overlap with @c block
- * @returns GNUNET_OK on success.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_encrypt (const void *block,
-                         size_t size,
-                         const struct GNUNET_IDENTITY_PublicKey *pub,
-                         void *result,
-                         size_t result_size);
-/**
- * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given
- * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key.
- *
- * @param block the data to decrypt, encoded as returned by encrypt
- * @param size the size of the @a block to decrypt
- * @param priv private key to use for ecdh
- * @param result address to store the result at
- *               can be the same or overlap with @c block
- * @returns GNUNET_OK on success.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_decrypt (const void *block,
-                         size_t size,
-                         const struct GNUNET_IDENTITY_PrivateKey *priv,
-                         void *result,
-                         size_t result_size);
-/**
- * Creates a (Base32) string representation of the public key.
- * The resulting string encodes a compacted representation of the key.
- * See also #GNUNET_IDENTITY_key_get_length.
- *
- * @param key the key.
- * @return the string representation of the key, or NULL on error.
- */
-char *
-GNUNET_IDENTITY_public_key_to_string (
-  const struct GNUNET_IDENTITY_PublicKey *key);
-/**
- * Creates a (Base32) string representation of the private key.
- * The resulting string encodes a compacted representation of the key.
- * See also #GNUNET_IDENTITY_key_get_length.
- *
- * @param key the key.
- * @return the string representation of the key, or NULL on error.
- */
-char *
-GNUNET_IDENTITY_private_key_to_string (
-  const struct GNUNET_IDENTITY_PrivateKey *key);
-/**
- * Parses a (Base32) string representation of the public key.
- * See also #GNUNET_IDENTITY_public_key_to_string.
- *
- * @param str the encoded key.
- * @param key where to write the key.
- * @return GNUNET_SYSERR on error.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_public_key_from_string (const char*str,
-                                        struct GNUNET_IDENTITY_PublicKey *key);
-/**
- * Parses a (Base32) string representation of the private key.
- * See also #GNUNET_IDENTITY_private_key_to_string.
- *
- * @param str the encoded key.
- * @param key where to write the key.
- * @return GNUNET_SYSERR on error.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_private_key_from_string (const char*str,
-                                         struct GNUNET_IDENTITY_PrivateKey *key);
-/**
- * Retrieves the public key representation of a private key.
- *
- * @param privkey the private key.
- * @param key the public key result.
- * @return GNUNET_SYSERR on error.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_key_get_public (const struct
-                                GNUNET_IDENTITY_PrivateKey *privkey,
-                                struct GNUNET_IDENTITY_PublicKey *key);
 /* ************* convenience API to lookup an ego ***************** */
 /**
@@ -924,7 +361,7 @@ GNUNET_IDENTITY_ego_lookup_cancel (struct GNUNET_IDENTITY_EgoLookup *el);
 typedef void
 (*GNUNET_IDENTITY_EgoSuffixCallback) (
  void *cls,
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
+  const struct GNUNET_CRYPTO_PrivateKey *priv,
  const char *ego_name);
diff --git a/src/include/gnunet_json_lib.h b/src/include/gnunet_json_lib.h
index 26c68fed3..c3204026b 100644
--- a/src/include/gnunet_json_lib.h
+++ b/src/include/gnunet_json_lib.h
@@ -291,6 +291,17 @@ GNUNET_JSON_spec_bool (const char *name,
 /**
+ * double.
+ *
+ * @param name name of the JSON field
+ * @param[out] f where to store the double found under @a name
+ */
+struct GNUNET_JSON_Specification
+GNUNET_JSON_spec_double (const char *name,
+                         double *f);
+/**
 * 8-bit integer.
 *
 * @param name name of the JSON field
@@ -704,6 +715,19 @@ GNUNET_JSON_pack_bool (const char *name,
 /**
 * Generate packer instruction for a JSON field of type
+ * double.
+ *
+ * @param name name of the field to add to the object
+ * @param f double value
+ * @return json pack specification
+ */
+struct GNUNET_JSON_PackSpec
+GNUNET_JSON_pack_double (const char *name,
+                         double f);
+/**
+ * Generate packer instruction for a JSON field of type
 * string.
 *
 * @param name name of the field to add to the object
diff --git a/src/include/gnunet_messenger_service.h b/src/include/gnunet_messenger_service.h
index 5b03ddecf..0388b7fb2 100644
--- a/src/include/gnunet_messenger_service.h
+++ b/src/include/gnunet_messenger_service.h
@@ -223,7 +223,7 @@ struct GNUNET_MESSENGER_MessageHeader
  /**
   * The signature of the senders private key.
   */
-  struct GNUNET_IDENTITY_Signature signature;
+  struct GNUNET_CRYPTO_Signature signature;
  /**
   * The timestamp of the message.
@@ -275,7 +275,7 @@ struct GNUNET_MESSENGER_MessageJoin
  /**
   * The senders public key to verify its signatures.
   */
-  struct GNUNET_IDENTITY_PublicKey key;
+  struct GNUNET_CRYPTO_PublicKey key;
 };
 /**
@@ -313,7 +313,7 @@ struct GNUNET_MESSENGER_MessageKey
  /**
   * The new public key which replaces the current senders public key.
   */
-  struct GNUNET_IDENTITY_PublicKey key;
+  struct GNUNET_CRYPTO_PublicKey key;
 };
 /**
@@ -610,7 +610,7 @@ typedef int
 struct GNUNET_MESSENGER_Handle*
 GNUNET_MESSENGER_connect (const struct GNUNET_CONFIGURATION_Handle *cfg,
                          const char *name,
-                          const struct GNUNET_IDENTITY_PrivateKey *key,
+                          const struct GNUNET_CRYPTO_PrivateKey *key,
                          GNUNET_MESSENGER_MessageCallback msg_callback,
                          void *msg_cls);
@@ -649,7 +649,7 @@ GNUNET_MESSENGER_set_name (struct GNUNET_MESSENGER_Handle *handle,
 * @param[in] handle Messenger handle to use
 * @return Used public key or NULL
 */
-const struct GNUNET_IDENTITY_PublicKey*
+const struct GNUNET_CRYPTO_PublicKey*
 GNUNET_MESSENGER_get_key (const struct GNUNET_MESSENGER_Handle *handle);
 /**
@@ -663,7 +663,7 @@ GNUNET_MESSENGER_get_key (const struct GNUNET_MESSENGER_Handle *handle);
 */
 int
 GNUNET_MESSENGER_set_key (struct GNUNET_MESSENGER_Handle *handle,
-                          const struct GNUNET_IDENTITY_PrivateKey *key);
+                          const struct GNUNET_CRYPTO_PrivateKey *key);
 /**
 * Open a room to send and receive messages. The room will use the specified <i>key</i> as port for the underlying cadet
@@ -775,9 +775,8 @@ GNUNET_MESSENGER_contact_get_name (const struct
 * @param[in] contact Contact handle
 * @return Public key used by <i>contact</i> or NULL
 */
-const struct GNUNET_IDENTITY_PublicKey*
+const struct GNUNET_CRYPTO_PublicKey*
-GNUNET_MESSENGER_contact_get_key (const struct
+GNUNET_MESSENGER_contact_get_key (const struct GNUNET_MESSENGER_Contact *contact);
-                                  GNUNET_MESSENGER_Contact *contact);
 /**
 * Send a <i>message</i> into a <i>room</i>. If you opened the <i>room</i> all entered members will receive the
diff --git a/src/include/gnunet_mq_lib.h b/src/include/gnunet_mq_lib.h
index f424c49c2..3eca71f0f 100644
--- a/src/include/gnunet_mq_lib.h
+++ b/src/include/gnunet_mq_lib.h
@@ -18,6 +18,7 @@
     SPDX-License-Identifier: AGPL3.0-or-later
 */
+#include "gnunet_common.h"
 #if !defined (__GNUNET_UTIL_LIB_H_INSIDE__)
 #error "Only <gnunet_util_lib.h> can be included directly."
 #endif
@@ -691,7 +692,7 @@ struct GNUNET_MQ_MessageHandler
 * @return #GNUNET_OK on success, #GNUNET_NO if no handler matched,
 *         #GNUNET_SYSERR if message was rejected by check function
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_MQ_handle_message (const struct GNUNET_MQ_MessageHandler *handlers,
                          const struct GNUNET_MessageHeader *mh);
diff --git a/src/include/gnunet_mst_lib.h b/src/include/gnunet_mst_lib.h
index af2dd3353..5b848bbd6 100644
--- a/src/include/gnunet_mst_lib.h
+++ b/src/include/gnunet_mst_lib.h
@@ -127,7 +127,7 @@ GNUNET_MST_from_buffer (struct GNUNET_MessageStreamTokenizer *mst,
 *         #GNUNET_NO if one_shot was set and we have another message ready
 *         #GNUNET_SYSERR if the data stream is corrupt
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_MST_read (struct GNUNET_MessageStreamTokenizer *mst,
                 struct GNUNET_NETWORK_Handle *sock,
                 int purge,
@@ -145,7 +145,7 @@ GNUNET_MST_read (struct GNUNET_MessageStreamTokenizer *mst,
 *         #GNUNET_NO if one_shot was set and we have another message ready
 *         #GNUNET_SYSERR if the data stream is corrupt
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_MST_next (struct GNUNET_MessageStreamTokenizer *mst,
                 int one_shot);
diff --git a/src/include/gnunet_my_lib.h b/src/include/gnunet_my_lib.h
deleted file mode 100644
index 283b2f7e6..000000000
--- a/src/include/gnunet_my_lib.h
+++ /dev/null
@@ -1,511 +0,0 @@
-/*
-     This file is part of GNUnet
-     Copyright (C) 2016 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup lib_extra
- * @{
- *
- * @author Christian Grothoff
- * @author Christophe Genevey
- * @author Martin Schanzenbach
- *
- * @file
- * Helper library to access a MySQL database
- *
- * @defgroup mysql  MySQL library
- * Helper library to access a MySQL database.
- * @{
- */
-#ifndef GNUNET_MY_LIB_H
-#define GNUNET_MY_LIB_H
-#include "gnunet_util_lib.h"
-#include "gnunet_mysql_lib.h"
-#include <mysql/mysql.h>
-#ifndef MYSQL_BOOL
-#error "You need to define MYSQL_BOOL. See (or include) gnunet_mysql_compat.h"
-#endif
-#ifdef __cplusplus
-extern "C"
-{
-#if 0                           /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-/**
- * Information we pass to #GNUNET_MY_exec_prepared() to
- * initialize the arguments of the prepared statement.
- */
-struct GNUNET_MY_QueryParam;
-/**
- * Function called to convert input argument into SQL parameters.
- *
- * @param cls closure
- * @param pq data about the query
- * @param qbind array of parameters to initialize
- * @return -1 on error
- */
-typedef int
-(*GNUNET_MY_QueryConverter)(void *cls,
-                            const struct GNUNET_MY_QueryParam *qp,
-                            MYSQL_BIND *qbind);
-/**
- * Function called to cleanup result data.
- *
- * @param cls closure
- * @param rs spec to clean up
- */
-typedef void
-(*GNUNET_MY_QueryCleanup)(void *cls,
-                          MYSQL_BIND *qbind);
-/**
- * Information we pass to #GNUNET_MY_exec_prepared() to
- * initialize the arguments of the prepared statement.
- */
-struct GNUNET_MY_QueryParam
-{
-  /**
-   * Function to call for the type conversion.
-   */
-  GNUNET_MY_QueryConverter conv;
-  /**
-   * Function to call for cleaning up the query. Can be NULL.
-   */
-  GNUNET_MY_QueryCleanup cleaner;
-  /**
-   * Closure for @e conv.
-   */
-  void *conv_cls;
-  /**
-   * Number of arguments the @a conv converter expects to initialize.
-   */
-  unsigned int num_params;
-  /**
-   * Information to pass to @e conv.
-   */
-  const void *data;
-  /**
-   * Information to pass to @e conv.  Size of @a data.
-   */
-  unsigned long data_len;
-};
-/**
- * End of query parameter specification.
- *
- * @return array last entry for the result specification to use
- */
-#define GNUNET_MY_query_param_end { NULL, NULL, NULL, 0, NULL, 0 }
-/**
- * Generate query parameter for a buffer @a ptr of
- * @a ptr_size bytes.FG
- *
- * @param ptr pointer to the query parameter to pass
- * @param ptr_size number of bytes in @a ptr
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_fixed_size (const void *ptr,
-                                  size_t ptr_size);
-/**
- * Run a prepared SELECT statement.
- *
- * @param mc mysql context
- * @param sh handle to SELECT statement
- * @param params parameters to the statement
- * @return TBD
- */
-int
-GNUNET_MY_exec_prepared (struct GNUNET_MYSQL_Context *mc,
-                         struct GNUNET_MYSQL_StatementHandle *sh,
-                         struct GNUNET_MY_QueryParam *params);
-/**
- * Information we pass to #GNUNET_MY_extract_result() to
- * initialize the arguments of the prepared statement.
- */
-struct GNUNET_MY_ResultParam;
-/**
- * Information we pass to #GNUNET_MY_extract_result() to
- * initialize the arguments of the prepared statement.
- */
-struct GNUNET_MY_ResultSpec;
-/**
- * Function called to convert input argument into SQL parameters.
- *
- * @param cls closure
- * @param[in,out] rs
- * @param stmt the mysql statement that is being run
- * @param column the column that is being processed
- * @param[out] results
- * @return -1 on error
- */
-typedef int
-(*GNUNET_MY_ResultConverter)(void *cls,
-                             struct GNUNET_MY_ResultSpec *rs,
-                             MYSQL_STMT *stmt,
-                             unsigned int column,
-                             MYSQL_BIND *results);
-/**
- * Function called to cleanup result data.
- *
- * @param cls closure
- * @param rs spec to clean up
- */
-typedef void
-(*GNUNET_MY_ResultCleanup)(void *cls,
-                           struct GNUNET_MY_ResultSpec *rs);
-/**
- * Information we pass to #GNUNET_MY_extract_result() to
- * initialize the arguments of the prepared statement.
- */
-struct GNUNET_MY_ResultSpec
-{
-  /**
-   * Function to call to initialize the MYSQL_BIND array.
-   */
-  GNUNET_MY_ResultConverter pre_conv;
-  /**
-   * Function to call for converting the result. Can be NULL.
-   */
-  GNUNET_MY_ResultConverter post_conv;
-  /**
-   * Function to call for cleaning up the result. Can be NULL.
-   */
-  GNUNET_MY_ResultCleanup cleaner;
-  /**
-   * Closure for @e conv.
-   */
-  void *conv_cls;
-  /**
-   * Destination for the data.
-   */
-  void *dst;
-  /**
-   * Allowed size for the data, 0 for variable-size
-   * (in this case, the type of @e dst is a `void **`
-   * and we need to allocate a buffer of the right size).
-   */
-  size_t dst_size;
-  /**
-   * Where to store actual size of the result.
-   */
-  size_t *result_size;
-  /**
-   * How many fields does this result specification occupy
-   * in the result returned by MySQL.
-   */
-  unsigned int num_fields;
-  /**
-   * Location where we temporarily store the output buffer
-   * length from MySQL.  Internal to libgnunetmy.
-   */
-  unsigned long mysql_bind_output_length;
-  /**
-   * Memory for MySQL to notify us about NULL values.
-   */
-  MYSQL_BOOL is_null;
-};
-/**
- * End of result speceter specification.
- *
- * @return array last entry for the result specification to use
- */
-#define GNUNET_MY_result_spec_end { NULL, NULL, NULL, 0, NULL, 0, 0 }
-/**
- * Obtain fixed size result of @a ptr_size bytes from
- * MySQL, store in already allocated buffer at @a ptr.
- *
- * @spec ptr where to write the result
- * @param ptr_size number of bytes available at @a ptr
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_fixed_size (void *ptr,
-                                  size_t ptr_size);
-/**
- * Generate query parameter for a string
- *
- * @param ptr pointer to the string query parameter to pass
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_string (const char *ptr);
-/**
- * Generate fixed-size query parameter with size determined
- * by variable type.
- *
- * @param x pointer to the query parameter to pass
- */
-#define GNUNET_MY_query_param_auto_from_type( \
-    x) GNUNET_MY_query_param_fixed_size ((x), sizeof(*(x)))
-/**
- * Generate query parameter for an RSA public key. The
- * database must contain a BLOB type in the respective position.
- *
- * @param x the query parameter to pass
- * @return array entry for the query parameters to use
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_rsa_public_key (const struct
-                                      GNUNET_CRYPTO_RsaPublicKey *x);
-/**
- * Generate query parameter for an RSA signature. The
- * database must contain a BLOB type in the respective position
- *
- *@param x the query parameter to pass
- *@return array entry for the query parameters to use
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_rsa_signature (const struct
-                                     GNUNET_CRYPTO_RsaSignature *x);
-/**
- * Generate query parameter for an absolute time value.
- * The database must store a 64-bit integer.
- *
- *@param x pointer to the query parameter to pass
- *@return array entry for the query parameters to use
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_absolute_time (const struct GNUNET_TIME_Absolute *x);
-/**
- * Generate query parameter for an absolute time value.
- * The database must store a 64-bit integer.
- *
- *@param x pointer to the query parameter to pass
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_absolute_time_nbo (const struct
-                                         GNUNET_TIME_AbsoluteNBO *x);
-/**
- * Generate query parameter for an uint16_t in host byte order.
- *
- * @param x pointer to the query parameter to pass
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_uint16 (const uint16_t *x);
-/**
- * Generate query parameter for an uint32_t in host byte order
- *
- * @param x pointer to the query parameter to pass
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_uint32 (const uint32_t *x);
-/**
- * Generate query parameter for an uint64_t in host byte order
- *
- * @param x pointer to the query parameter to pass
- */
-struct GNUNET_MY_QueryParam
-GNUNET_MY_query_param_uint64 (const uint64_t *x);
-/**
- * We expect a fixed-size result, with size determined by the type of `* dst`
- *
- * @spec name name of the field in the table
- * @spec dst point to where to store the result, type fits expected result size
- * @return array entry for the result specification to use
- */
-#define GNUNET_MY_result_spec_auto_from_type( \
-    dst) GNUNET_MY_result_spec_fixed_size ((dst), sizeof(*(dst)))
-/**
- * Variable-size result expected
- *
- * @param[out] dst where to store the result, allocated
- * @param[out] ptr_size where to store the size of @a dst
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_variable_size (void **dst,
-                                     size_t *ptr_size);
-/**
- * RSA public key expected
- *
- * @param name name of the field in the table
- * @param[out] rsa where to store the result
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_rsa_public_key (struct GNUNET_CRYPTO_RsaPublicKey **rsa);
-/**
- * RSA signature expected.
- *
- * @param[out] sig where to store the result;
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_rsa_signature (struct GNUNET_CRYPTO_RsaSignature **sig);
-/**
- * 0- terminated string exprected.
- *
- * @param[out] dst where to store the result, allocated
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_string (char **dst);
-/**
- * Absolute time expected
- *
- * @param name name of the field in the table
- * @param[out] at where to store the result
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_absolute_time (struct GNUNET_TIME_Absolute *at);
-/**
- * Absolute time in network byte order expected
- *
- * @param[out] at where to store the result
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_absolute_time_nbo (struct GNUNET_TIME_AbsoluteNBO *at);
-/**
- * uint16_t expected
- *
- * @param[out] u16 where to store the result
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_uint16 (uint16_t *u16);
-/**
- * uint32_t expected
- *
- * @param[out] u32 where to store the result
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_uint32 (uint32_t *u32);
-/**
- * uint64_t expected.
- *
- * @param[out] u64 where to store the result
- * @return array entry for the result specification to use
- */
-struct GNUNET_MY_ResultSpec
-GNUNET_MY_result_spec_uint64 (uint64_t *u64);
-/**
- * Extract results from a query result according to the given
- * specification.  Always fetches the next row.
- *
- * @param sh statement that returned results
- * @param rs specification to extract for
- * @return
- *  #GNUNET_YES if all results could be extracted
- *  #GNUNET_NO if there is no more data in the result set
- *  #GNUNET_SYSERR if a result was invalid
- */
-int
-GNUNET_MY_extract_result (struct GNUNET_MYSQL_StatementHandle *sh,
-                          struct GNUNET_MY_ResultSpec *specs);
-/**
- * Free all memory that was allocated in @a qp during
- * #GNUNET_MY_exect_prepared().
- *
- * @param qp query specification to clean up
- * @param qbind mysql query
- */
-void
-GNUNET_MY_cleanup_query (struct GNUNET_MY_QueryParam *qp,
-                         MYSQL_BIND *qbind);
-/**
- * Free all memory that was allocated in @a rs during
- * #GNUNET_MY_extract_result().
- *
- * @param rs reult specification to clean up
- */
-void
-GNUNET_MY_cleanup_result (struct GNUNET_MY_ResultSpec *rs);
-#if 0                           /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-#endif
-/** @} */  /* end of group */
-/** @} */  /* end of group addition to lib_extra */
diff --git a/src/include/gnunet_mysql_compat.h.in b/src/include/gnunet_mysql_compat.h.in
deleted file mode 100644
index 6218386aa..000000000
--- a/src/include/gnunet_mysql_compat.h.in
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
-     This file is part of GNUnet
-     Copyright (C) 2022 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @author Martin Schanzenbach
- *
- * @file
- * MySQL/MariaDB compatibility insanity helper header
- * Note: gnunet_mysql_compat.h is AUTOGENERATED from gnunet_mysql_compat.h.in
- * Please do not modify or commit gnunet_mysql_compat.h
- *
- * @defgroup mysql  MySQL library
- * Helper library to access a MySQL database.
- * @{
- */
-#ifndef GNUNET_MYSQL_COMPAT_H
-#define GNUNET_MYSQL_COMPAT_H
-#include <mysql/mysql.h>
-#ifdef __cplusplus
-extern "C"
-{
-#if 0                           /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-#define MYSQL_BOOL @mysql_bool@
-#if 0                           /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-#endif
-/** @} */  /* end of group */
diff --git a/src/include/gnunet_mysql_lib.h b/src/include/gnunet_mysql_lib.h
deleted file mode 100644
index 52be3ff11..000000000
--- a/src/include/gnunet_mysql_lib.h
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
-     This file is part of GNUnet
-     Copyright (C) 2012 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @author Christian Grothoff
- *
- * @file
- * Helper library to access a MySQL database
- *
- * @defgroup mysql  MySQL library
- * Helper library to access a MySQL database.
- * @{
- */
-#ifndef GNUNET_MYSQL_LIB_H
-#define GNUNET_MYSQL_LIB_H
-#include "gnunet_util_lib.h"
-#include <mysql/mysql.h>
-#ifdef __cplusplus
-extern "C"
-{
-#if 0                           /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-/**
- * Mysql context.
- */
-struct GNUNET_MYSQL_Context;
-/**
- * Handle for a prepared statement.
- */
-struct GNUNET_MYSQL_StatementHandle;
-/**
- * Type of a callback that will be called for each
- * data set returned from MySQL.
- *
- * @param cls user-defined argument
- * @param num_values number of elements in values
- * @param values values returned by MySQL
- * @return #GNUNET_OK to continue iterating, #GNUNET_SYSERR to abort
- */
-typedef int
-(*GNUNET_MYSQL_DataProcessor) (void *cls,
-                               unsigned int num_values,
-                               MYSQL_BIND *values);
-/**
- * Create a mysql context.
- *
- * @param cfg configuration
- * @param section configuration section to use to get MySQL configuration options
- * @return the mysql context
- */
-struct GNUNET_MYSQL_Context *
-GNUNET_MYSQL_context_create (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                             const char *section);
-/**
- * Destroy a mysql context.  Also frees all associated prepared statements.
- *
- * @param mc context to destroy
- */
-void
-GNUNET_MYSQL_context_destroy (struct GNUNET_MYSQL_Context *mc);
-/**
- * Close database connection and all prepared statements (we got a DB
- * error).  The connection will automatically be re-opened and
- * statements will be re-prepared if they are needed again later.
- *
- * @param mc mysql context
- */
-void
-GNUNET_MYSQL_statements_invalidate (struct GNUNET_MYSQL_Context *mc);
-/**
- * Get internal handle for a prepared statement.  This function should rarely
- * be used, and if, with caution!  On failures during the interaction with
- * the handle, you must call #GNUNET_MYSQL_statements_invalidate()!
- *
- * @param sh prepared statement to introspect
- * @return MySQL statement handle, NULL on error
- */
-MYSQL_STMT *
-GNUNET_MYSQL_statement_get_stmt (struct GNUNET_MYSQL_StatementHandle *sh);
-/**
- * Prepare a statement.  Prepared statements are automatically discarded
- * when the MySQL context is destroyed.
- *
- * @param mc mysql context
- * @param query query text
- * @return prepared statement, NULL on error
- */
-struct GNUNET_MYSQL_StatementHandle *
-GNUNET_MYSQL_statement_prepare (struct GNUNET_MYSQL_Context *mc,
-                                const char *query);
-/**
- * Run a SQL statement.
- *
- * @param mc mysql context
- * @param sql SQL statement to run
- * @return #GNUNET_OK on success
- *         #GNUNET_SYSERR if there was a problem
- */
-int
-GNUNET_MYSQL_statement_run (struct GNUNET_MYSQL_Context *mc,
-                            const char *sql);
-#if 0                           /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-#endif
-/** @} */  /* end of group */
diff --git a/src/include/gnunet_namestore_plugin.h b/src/include/gnunet_namestore_plugin.h
index f2bdf7cc6..d8dde5af5 100644
--- a/src/include/gnunet_namestore_plugin.h
+++ b/src/include/gnunet_namestore_plugin.h
@@ -62,7 +62,7 @@ typedef void
 (*GNUNET_NAMESTORE_RecordIterator) (void *cls,
                                    uint64_t serial,
                                    const struct
-                                    GNUNET_IDENTITY_PrivateKey *private_key,
+                                    GNUNET_CRYPTO_PrivateKey *private_key,
                                    const char *label,
                                    unsigned int rd_count,
                                    const struct GNUNET_GNSRECORD_Data *rd);
@@ -91,7 +91,7 @@ struct GNUNET_NAMESTORE_PluginFunctions
   */
  enum GNUNET_GenericReturnValue
  (*store_records)(void *cls,
-                   const struct GNUNET_IDENTITY_PrivateKey *zone,
+                   const struct GNUNET_CRYPTO_PrivateKey *zone,
                   const char *label,
                   unsigned int rd_count,
                   const struct GNUNET_GNSRECORD_Data *rd);
@@ -108,7 +108,7 @@ struct GNUNET_NAMESTORE_PluginFunctions
   */
  enum GNUNET_GenericReturnValue
  (*lookup_records)(void *cls,
-                    const struct GNUNET_IDENTITY_PrivateKey *zone,
+                    const struct GNUNET_CRYPTO_PrivateKey *zone,
                    const char *label,
                    GNUNET_NAMESTORE_RecordIterator iter,
                    void *iter_cls);
@@ -130,7 +130,7 @@ struct GNUNET_NAMESTORE_PluginFunctions
   */
  enum GNUNET_GenericReturnValue
  (*iterate_records)(void *cls,
-                     const struct GNUNET_IDENTITY_PrivateKey *zone,
+                     const struct GNUNET_CRYPTO_PrivateKey *zone,
                     uint64_t serial,
                     uint64_t limit,
                     GNUNET_NAMESTORE_RecordIterator iter,
@@ -150,8 +150,8 @@ struct GNUNET_NAMESTORE_PluginFunctions
   */
  enum GNUNET_GenericReturnValue
  (*zone_to_name)(void *cls,
-                  const struct GNUNET_IDENTITY_PrivateKey *zone,
+                  const struct GNUNET_CRYPTO_PrivateKey *zone,
-                  const struct GNUNET_IDENTITY_PublicKey *value_zone,
+                  const struct GNUNET_CRYPTO_PublicKey *value_zone,
                  GNUNET_NAMESTORE_RecordIterator iter,
                  void *iter_cls);
@@ -201,7 +201,7 @@ struct GNUNET_NAMESTORE_PluginFunctions
   */
  enum GNUNET_GenericReturnValue
  (*edit_records)(void *cls,
-                  const struct GNUNET_IDENTITY_PrivateKey *zone,
+                  const struct GNUNET_CRYPTO_PrivateKey *zone,
                  const char *label,
                  GNUNET_NAMESTORE_RecordIterator iter,
                  void *iter_cls);
diff --git a/src/include/gnunet_namestore_service.h b/src/include/gnunet_namestore_service.h
index b93a345c7..61691ff55 100644
--- a/src/include/gnunet_namestore_service.h
+++ b/src/include/gnunet_namestore_service.h
@@ -153,7 +153,7 @@ typedef void
 */
 struct GNUNET_NAMESTORE_QueueEntry *
 GNUNET_NAMESTORE_records_store (struct GNUNET_NAMESTORE_Handle *h,
-                                const struct GNUNET_IDENTITY_PrivateKey *pkey,
+                                const struct GNUNET_CRYPTO_PrivateKey *pkey,
                                const char *label,
                                unsigned int rd_count,
                                const struct GNUNET_GNSRECORD_Data *rd,
@@ -187,7 +187,7 @@ GNUNET_NAMESTORE_records_store (struct GNUNET_NAMESTORE_Handle *h,
 struct GNUNET_NAMESTORE_QueueEntry *
 GNUNET_NAMESTORE_records_store2 (
  struct GNUNET_NAMESTORE_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *pkey,
+  const struct GNUNET_CRYPTO_PrivateKey *pkey,
  unsigned int rd_set_count,
  const struct GNUNET_NAMESTORE_RecordInfo *record_info,
  unsigned int *rds_sent,
@@ -217,7 +217,7 @@ GNUNET_NAMESTORE_records_store2 (
 */
 struct GNUNET_NAMESTORE_QueueEntry *
 GNUNET_NAMESTORE_records_store_ (struct GNUNET_NAMESTORE_Handle *h,
-                                 const struct GNUNET_IDENTITY_PrivateKey *pkey,
+                                 const struct GNUNET_CRYPTO_PrivateKey *pkey,
                                 const char *label,
                                 unsigned int rd_count,
                                 const struct GNUNET_GNSRECORD_Data *rd,
@@ -240,7 +240,7 @@ GNUNET_NAMESTORE_records_store_ (struct GNUNET_NAMESTORE_Handle *h,
 typedef void
 (*GNUNET_NAMESTORE_RecordMonitor) (void *cls,
                                   const struct
-                                   GNUNET_IDENTITY_PrivateKey *zone,
+                                   GNUNET_CRYPTO_PrivateKey *zone,
                                   const char *label,
                                   unsigned int rd_count,
                                   const struct GNUNET_GNSRECORD_Data *rd);
@@ -260,7 +260,7 @@ typedef void
 typedef void
 (*GNUNET_NAMESTORE_RecordSetMonitor) (void *cls,
                                      const struct
-                                      GNUNET_IDENTITY_PrivateKey *zone,
+                                      GNUNET_CRYPTO_PrivateKey *zone,
                                      const char *label,
                                      unsigned int rd_count,
                                      const struct GNUNET_GNSRECORD_Data *rd,
@@ -284,7 +284,7 @@ typedef void
 struct GNUNET_NAMESTORE_QueueEntry *
 GNUNET_NAMESTORE_records_lookup (struct GNUNET_NAMESTORE_Handle *h,
                                 const struct
-                                 GNUNET_IDENTITY_PrivateKey *pkey,
+                                 GNUNET_CRYPTO_PrivateKey *pkey,
                                 const char *label,
                                 GNUNET_SCHEDULER_TaskCallback error_cb,
                                 void *error_cb_cls,
@@ -309,7 +309,7 @@ GNUNET_NAMESTORE_records_lookup (struct GNUNET_NAMESTORE_Handle *h,
 struct GNUNET_NAMESTORE_QueueEntry *
 GNUNET_NAMESTORE_records_lookup2 (struct GNUNET_NAMESTORE_Handle *h,
                                  const struct
-                                  GNUNET_IDENTITY_PrivateKey *pkey,
+                                  GNUNET_CRYPTO_PrivateKey *pkey,
                                  const char *label,
                                  GNUNET_SCHEDULER_TaskCallback error_cb,
                                  void *error_cb_cls,
@@ -338,9 +338,9 @@ GNUNET_NAMESTORE_records_lookup2 (struct GNUNET_NAMESTORE_Handle *h,
 */
 struct GNUNET_NAMESTORE_QueueEntry *
 GNUNET_NAMESTORE_zone_to_name (struct GNUNET_NAMESTORE_Handle *h,
-                               const struct GNUNET_IDENTITY_PrivateKey *zone,
+                               const struct GNUNET_CRYPTO_PrivateKey *zone,
                               const struct
-                               GNUNET_IDENTITY_PublicKey *value_zone,
+                               GNUNET_CRYPTO_PublicKey *value_zone,
                               GNUNET_SCHEDULER_TaskCallback error_cb,
                               void *error_cb_cls,
                               GNUNET_NAMESTORE_RecordMonitor proc,
@@ -390,7 +390,7 @@ GNUNET_NAMESTORE_cancel (struct GNUNET_NAMESTORE_QueueEntry *qe);
 struct GNUNET_NAMESTORE_ZoneIterator *
 GNUNET_NAMESTORE_zone_iteration_start (struct GNUNET_NAMESTORE_Handle *h,
                                       const struct
-                                       GNUNET_IDENTITY_PrivateKey *zone,
+                                       GNUNET_CRYPTO_PrivateKey *zone,
                                       GNUNET_SCHEDULER_TaskCallback error_cb,
                                       void *error_cb_cls,
                                       GNUNET_NAMESTORE_RecordMonitor proc,
@@ -427,7 +427,7 @@ GNUNET_NAMESTORE_zone_iteration_start (struct GNUNET_NAMESTORE_Handle *h,
 struct GNUNET_NAMESTORE_ZoneIterator *
 GNUNET_NAMESTORE_zone_iteration_start2 (struct GNUNET_NAMESTORE_Handle *h,
                                        const struct
-                                        GNUNET_IDENTITY_PrivateKey *zone,
+                                        GNUNET_CRYPTO_PrivateKey *zone,
                                        GNUNET_SCHEDULER_TaskCallback error_cb,
                                        void *error_cb_cls,
                                        GNUNET_NAMESTORE_RecordSetMonitor proc,
@@ -501,7 +501,7 @@ struct GNUNET_NAMESTORE_ZoneMonitor;
 struct GNUNET_NAMESTORE_ZoneMonitor *
 GNUNET_NAMESTORE_zone_monitor_start (
  const struct GNUNET_CONFIGURATION_Handle *cfg,
-  const struct GNUNET_IDENTITY_PrivateKey *zone,
+  const struct GNUNET_CRYPTO_PrivateKey *zone,
  int iterate_first,
  GNUNET_SCHEDULER_TaskCallback error_cb,
  void *error_cb_cls,
@@ -541,7 +541,7 @@ GNUNET_NAMESTORE_zone_monitor_start (
 struct GNUNET_NAMESTORE_ZoneMonitor *
 GNUNET_NAMESTORE_zone_monitor_start2 (
  const struct GNUNET_CONFIGURATION_Handle *cfg,
-  const struct GNUNET_IDENTITY_PrivateKey *zone,
+  const struct GNUNET_CRYPTO_PrivateKey *zone,
  int iterate_first,
  GNUNET_SCHEDULER_TaskCallback error_cb,
  void *error_cb_cls,
@@ -637,7 +637,7 @@ GNUNET_NAMESTORE_transaction_commit (struct GNUNET_NAMESTORE_Handle *h,
 struct GNUNET_NAMESTORE_QueueEntry *
 GNUNET_NAMESTORE_records_edit (
  struct GNUNET_NAMESTORE_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *pkey,
+  const struct GNUNET_CRYPTO_PrivateKey *pkey,
  const char *label,
  GNUNET_SCHEDULER_TaskCallback error_cb,
  void *error_cb_cls,
diff --git a/src/include/gnunet_network_lib.h b/src/include/gnunet_network_lib.h
index 8d71d7764..764b7b29d 100644
--- a/src/include/gnunet_network_lib.h
+++ b/src/include/gnunet_network_lib.h
@@ -39,6 +39,7 @@
 #ifndef GNUNET_NETWORK_LIB_H
 #define GNUNET_NETWORK_LIB_H
+#include "gnunet_common.h"
 #ifdef __cplusplus
 extern "C"
 {
@@ -157,7 +158,7 @@ GNUNET_NETWORK_socket_box_native (int fd);
 * @param doBlock blocking mode
 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_NETWORK_socket_set_blocking (struct GNUNET_NETWORK_Handle *fd,
                                    int doBlock);
diff --git a/src/include/gnunet_nt_lib.h b/src/include/gnunet_nt_lib.h
index 144a3daa3..014b4fbe0 100644
--- a/src/include/gnunet_nt_lib.h
+++ b/src/include/gnunet_nt_lib.h
@@ -17,6 +17,11 @@
     SPDX-License-Identifier: AGPL3.0-or-later
 */
+#if !defined (__GNUNET_UTIL_LIB_H_INSIDE__)
+#error "Only <gnunet_util_lib.h> can be included directly."
+#endif
 /**
 * @addtogroup Backbone
 * @{
diff --git a/src/include/gnunet_peerstore_service.h b/src/include/gnunet_peerstore_service.h
index c4000c680..c57a66b1f 100644
--- a/src/include/gnunet_peerstore_service.h
+++ b/src/include/gnunet_peerstore_service.h
@@ -46,6 +46,10 @@ extern "C" {
 #endif
 #endif
+/**
+ * Key used for storing HELLO in the peerstore
+ */
+#define GNUNET_PEERSTORE_HELLO_KEY "peerstore-peer-hello-uri"
 /**
 * Key used for storing addresses in URL format in the peerstore
@@ -118,6 +122,11 @@ struct GNUNET_PEERSTORE_Handle;
 struct GNUNET_PEERSTORE_StoreContext;
 /**
+ * Context for the info handler.
+ */
+struct GNUNET_PEERSTORE_NotifyContext;
+/**
 * Single PEERSTORE record
 */
 struct GNUNET_PEERSTORE_Record
@@ -170,6 +179,73 @@ typedef void (*GNUNET_PEERSTORE_Continuation) (void *cls, int success);
 /**
+ * Context for a add hello uri request.
+ */
+struct GNUNET_PEERSTORE_StoreHelloContext
+{
+  /**
+   * Kept (also) in a DLL.
+   */
+  struct GNUNET_PEERSTORE_StoreHelloContext *prev;
+  /**
+   * Kept (also) in a DLL.
+   */
+  struct GNUNET_PEERSTORE_StoreHelloContext *next;
+  /**
+   * Peerstore handle.
+   */
+  struct GNUNET_PEERSTORE_Handle *h;
+  /**
+   * Function to call with information.
+   */
+  GNUNET_PEERSTORE_Continuation cont;
+  /**
+   * Closure for @e callback.
+   */
+  void *cont_cls;
+  /**
+   * Map with all store contexts started during adding hello.
+   */
+  struct GNUNET_CONTAINER_MultiPeerMap *store_context_map;
+  /**
+   * Active watch to be notified about conflicting hello uri add requests.
+   */
+  struct GNUNET_PEERSTORE_WatchContext *wc;
+  /**
+   * Hello uri which was request for storing.
+   */
+  struct GNUNET_MessageHeader *hello;
+  /**
+   * The peer id for the hello.
+   */
+  struct GNUNET_PeerIdentity *pid;
+  /**
+   * Was this request successful.
+   */
+  int success;
+};
+/**
+ * Closure to hold a GNUNET_PEERSTORE_StoreHelloContext.
+ */
+struct GNUNET_PEERSTORE_StoreHelloContextClosure
+{
+  /**
+   * The GNUNET_PEERSTORE_StoreHelloContext to hold.
+   */
+  struct GNUNET_PEERSTORE_StoreHelloContext *shc;
+};
+/**
 * Function called by PEERSTORE for each matching record.
 *
 * @param cls closure
@@ -181,6 +257,75 @@ typedef void (*GNUNET_PEERSTORE_Processor) (
  const struct GNUNET_PEERSTORE_Record *record,
  const char *emsg);
+/**
+ * Function called by PEERSTORE when notifying a client about a changed hello.
+ *
+ * @param cls closure
+ * @param hello_uri Hello uri.
+ */
+typedef void (*GNUNET_PEERSTORE_hello_notify_cb) (
+  void *cls,
+  const struct GNUNET_PeerIdentity *peer,
+  const struct GNUNET_MessageHeader *hello,
+  const char *err_msg);
+/**
+ * Call a method whenever our known information about peers
+ * changes.  Initially calls the given function for all known
+ * peers and then only signals changes.
+ *
+ * If @a include_friend_only is set to #GNUNET_YES peerinfo will include HELLO
+ * messages which are intended for friend to friend mode and which do not
+ * have to be gossiped. Otherwise these messages are skipped. //FIXME Not implemented atm!
+ *
+ * @param h Handle to the PEERSTORE service
+ * @param include_friend_only include HELLO messages for friends only (not used at the moment)
+ * @param callback the method to call for getting the hello.
+ * @param callback_cls closure for @a callback
+ * @return NULL on error
+ */
+struct GNUNET_PEERSTORE_NotifyContext *
+GNUNET_PEERSTORE_hello_changed_notify (struct GNUNET_PEERSTORE_Handle *h,
+                                       int include_friend_only,
+                                       GNUNET_PEERSTORE_hello_notify_cb callback,
+                                       void *callback_cls);
+/**
+ * Stop notifying about changes.
+ *
+ * @param nc context to stop notifying
+ */
+void
+GNUNET_PEERSTORE_hello_changed_notify_cancel (struct
+                                              GNUNET_PEERSTORE_NotifyContext *nc);
+/**
+ * Add hello to peerstore.
+ *
+ * @param h handle for peerstore.
+ * @param msg The hello to add.
+ * @param cont The continuation function to execute after storing.
+ * @param cont_cls The continuation function closure.
+ * @return The context for storing.
+ */
+struct GNUNET_PEERSTORE_StoreHelloContext *
+GNUNET_PEERSTORE_hello_add (struct GNUNET_PEERSTORE_Handle *h,
+                            const struct GNUNET_MessageHeader *msg,
+                            GNUNET_PEERSTORE_Continuation cont,
+                            void *cont_cls);
+/**
+ * Cancel the request to add a hello.
+ *
+ * @param huc The context for storing a hello.
+ */
+void
+GNUNET_PEERSTORE_hello_add_cancel (struct
+                                   GNUNET_PEERSTORE_StoreHelloContext *huc);
 /**
 * Connect to the PEERSTORE service.
@@ -273,7 +418,8 @@ GNUNET_PEERSTORE_iterate_cancel (struct GNUNET_PEERSTORE_IterateContext *ic);
 /**
 * Request watching a given key
- * User will be notified with any new values added to key.
+ * User will be notified with any new values added to key,
+ * all existing entries are supplied beforehand.
 *
 * @param h handle to the PEERSTORE service
 * @param sub_system name of sub system
diff --git a/src/include/gnunet_plugin_lib.h b/src/include/gnunet_plugin_lib.h
index a3135e2cf..2a9cde47f 100644
--- a/src/include/gnunet_plugin_lib.h
+++ b/src/include/gnunet_plugin_lib.h
@@ -70,7 +70,7 @@ typedef void *
 * @param library_name name of the plugin to test if it is installed
 * @return #GNUNET_YES if the plugin exists, #GNUNET_NO if not
 */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_PLUGIN_test (const char *library_name);
diff --git a/src/include/gnunet_pq_lib.h b/src/include/gnunet_pq_lib.h
index 7c6deb09d..15af66b5d 100644
--- a/src/include/gnunet_pq_lib.h
+++ b/src/include/gnunet_pq_lib.h
@@ -382,7 +382,7 @@ GNUNET_PQ_query_param_array_string (
 struct GNUNET_PQ_QueryParam
 GNUNET_PQ_query_param_array_ptrs_string (
  unsigned int num,
-  const char *elements[],
+  const char *elements[static num],
  struct GNUNET_PQ_Context *db);
diff --git a/src/include/gnunet_program_lib.h b/src/include/gnunet_program_lib.h
index 0c51d6cf7..f06d95422 100644
--- a/src/include/gnunet_program_lib.h
+++ b/src/include/gnunet_program_lib.h
@@ -18,7 +18,7 @@
     SPDX-License-Identifier: AGPL3.0-or-later
 */
-#if !defined (__GNUNET_UTIL_LIB_H_INSIDE__)
+#if ! defined (__GNUNET_UTIL_LIB_H_INSIDE__)
 #error "Only <gnunet_util_lib.h> can be included directly."
 #endif
@@ -122,6 +122,45 @@ GNUNET_PROGRAM_run (int argc,
                    GNUNET_PROGRAM_Main task,
                    void *task_cls);
+enum GNUNET_GenericReturnValue
+GNUNET_DAEMON_register (const char *daemon_name,
+                        const char *daemon_desc,
+                        GNUNET_PROGRAM_Main task);
+#ifndef HAVE_GNUNET_MONOLITH
+#define GNUNET_DAEMON_MAIN(daemon_name, daemon_help, init_cb) \
+        int \
+        main (int argc, \
+              char *const *argv) \
+        { \
+          int ret; \
+          struct GNUNET_GETOPT_CommandLineOption options[] = { \
+            GNUNET_GETOPT_OPTION_END \
+          }; \
+          if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, \
+                                                         &argv)) \
+            return 2; \
+          ret =  GNUNET_PROGRAM_run (argc, \
+                                     argv, \
+                                     daemon_name, \
+                                     daemon_help, \
+                                     options, \
+                                     init_cb, \
+                                     NULL); \
+          GNUNET_free_nz ((void*) argv); \
+          return ret; \
+        }
+#else
+#define GNUNET_DAEMON_MAIN(daemon_name, daemon_help, init_cb) \
+        static int __attribute__ ((constructor)) \
+        init (void) \
+        { \
+          return GNUNET_DAEMON_register (daemon_name, \
+                                         daemon_help, \
+                                         init_cb); \
+        }
+#endif
 #if 0                           /* keep Emacsens' auto-indent happy */
 {
diff --git a/src/include/gnunet_reclaim_service.h b/src/include/gnunet_reclaim_service.h
index 49a006e91..a8ab8776e 100644
--- a/src/include/gnunet_reclaim_service.h
+++ b/src/include/gnunet_reclaim_service.h
@@ -74,12 +74,12 @@ struct GNUNET_RECLAIM_Ticket
  /**
   * The ticket issuer (= the user)
   */
-  struct GNUNET_IDENTITY_PublicKey identity;
+  struct GNUNET_CRYPTO_PublicKey identity;
  /**
   * The ticket audience (= relying party)
   */
-  struct GNUNET_IDENTITY_PublicKey audience;
+  struct GNUNET_CRYPTO_PublicKey audience;
  /**
   * The ticket random identifier
@@ -134,7 +134,7 @@ typedef void (*GNUNET_RECLAIM_ContinuationWithStatus) (void *cls,
 * @param attr The attribute
 */
 typedef void (*GNUNET_RECLAIM_AttributeResult) (
-  void *cls, const struct GNUNET_IDENTITY_PublicKey *identity,
+  void *cls, const struct GNUNET_CRYPTO_PublicKey *identity,
  const struct GNUNET_RECLAIM_Attribute *attr);
 /**
@@ -146,7 +146,7 @@ typedef void (*GNUNET_RECLAIM_AttributeResult) (
 * @param presentation The presentation for the credential (may be NULL)
 */
 typedef void (*GNUNET_RECLAIM_AttributeTicketResult) (
-  void *cls, const struct GNUNET_IDENTITY_PublicKey *identity,
+  void *cls, const struct GNUNET_CRYPTO_PublicKey *identity,
  const struct GNUNET_RECLAIM_Attribute *attr,
  const struct GNUNET_RECLAIM_Presentation *presentation);
@@ -160,7 +160,7 @@ typedef void (*GNUNET_RECLAIM_AttributeTicketResult) (
 * @param attributes the parsed attributes
 */
 typedef void (*GNUNET_RECLAIM_CredentialResult) (
-  void *cls, const struct GNUNET_IDENTITY_PublicKey *identity,
+  void *cls, const struct GNUNET_CRYPTO_PublicKey *identity,
  const struct GNUNET_RECLAIM_Credential *credential);
@@ -189,7 +189,7 @@ GNUNET_RECLAIM_connect (const struct GNUNET_CONFIGURATION_Handle *cfg);
 struct GNUNET_RECLAIM_Operation *
 GNUNET_RECLAIM_attribute_store (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *pkey,
+  const struct GNUNET_CRYPTO_PrivateKey *pkey,
  const struct GNUNET_RECLAIM_Attribute *attr,
  const struct GNUNET_TIME_Relative *exp_interval,
  GNUNET_RECLAIM_ContinuationWithStatus cont, void *cont_cls);
@@ -210,7 +210,7 @@ GNUNET_RECLAIM_attribute_store (
 struct GNUNET_RECLAIM_Operation *
 GNUNET_RECLAIM_credential_store (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *pkey,
+  const struct GNUNET_CRYPTO_PrivateKey *pkey,
  const struct GNUNET_RECLAIM_Credential *credential,
  const struct GNUNET_TIME_Relative *exp_interval,
  GNUNET_RECLAIM_ContinuationWithStatus cont,
@@ -231,7 +231,7 @@ GNUNET_RECLAIM_credential_store (
 struct GNUNET_RECLAIM_Operation *
 GNUNET_RECLAIM_attribute_delete (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *pkey,
+  const struct GNUNET_CRYPTO_PrivateKey *pkey,
  const struct GNUNET_RECLAIM_Attribute *attr,
  GNUNET_RECLAIM_ContinuationWithStatus cont, void *cont_cls);
@@ -249,7 +249,7 @@ GNUNET_RECLAIM_attribute_delete (
 struct GNUNET_RECLAIM_Operation *
 GNUNET_RECLAIM_credential_delete (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *pkey,
+  const struct GNUNET_CRYPTO_PrivateKey *pkey,
  const struct GNUNET_RECLAIM_Credential *cred,
  GNUNET_RECLAIM_ContinuationWithStatus cont,
  void *cont_cls);
@@ -281,7 +281,7 @@ GNUNET_RECLAIM_credential_delete (
 struct GNUNET_RECLAIM_AttributeIterator *
 GNUNET_RECLAIM_get_attributes_start (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *identity,
+  const struct GNUNET_CRYPTO_PrivateKey *identity,
  GNUNET_SCHEDULER_TaskCallback error_cb, void *error_cb_cls,
  GNUNET_RECLAIM_AttributeResult proc, void *proc_cls,
  GNUNET_SCHEDULER_TaskCallback finish_cb, void *finish_cb_cls);
@@ -337,7 +337,7 @@ GNUNET_RECLAIM_get_attributes_stop (
 struct GNUNET_RECLAIM_CredentialIterator *
 GNUNET_RECLAIM_get_credentials_start (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *identity,
+  const struct GNUNET_CRYPTO_PrivateKey *identity,
  GNUNET_SCHEDULER_TaskCallback error_cb,
  void *error_cb_cls,
  GNUNET_RECLAIM_CredentialResult proc,
@@ -385,8 +385,8 @@ GNUNET_RECLAIM_get_credentials_stop (
 struct GNUNET_RECLAIM_Operation *
 GNUNET_RECLAIM_ticket_issue (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *iss,
+  const struct GNUNET_CRYPTO_PrivateKey *iss,
-  const struct GNUNET_IDENTITY_PublicKey *rp,
+  const struct GNUNET_CRYPTO_PublicKey *rp,
  const struct GNUNET_RECLAIM_AttributeList *attrs,
  GNUNET_RECLAIM_IssueTicketCallback cb, void *cb_cls);
@@ -407,7 +407,7 @@ GNUNET_RECLAIM_ticket_issue (
 struct GNUNET_RECLAIM_Operation *
 GNUNET_RECLAIM_ticket_revoke (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *identity,
+  const struct GNUNET_CRYPTO_PrivateKey *identity,
  const struct GNUNET_RECLAIM_Ticket *ticket,
  GNUNET_RECLAIM_ContinuationWithStatus cb, void *cb_cls);
@@ -427,7 +427,7 @@ GNUNET_RECLAIM_ticket_revoke (
 struct GNUNET_RECLAIM_Operation *
 GNUNET_RECLAIM_ticket_consume (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *identity,
+  const struct GNUNET_CRYPTO_PrivateKey *identity,
  const struct GNUNET_RECLAIM_Ticket *ticket,
  GNUNET_RECLAIM_AttributeTicketResult cb, void *cb_cls);
@@ -452,7 +452,7 @@ GNUNET_RECLAIM_ticket_consume (
 struct GNUNET_RECLAIM_TicketIterator *
 GNUNET_RECLAIM_ticket_iteration_start (
  struct GNUNET_RECLAIM_Handle *h,
-  const struct GNUNET_IDENTITY_PrivateKey *identity,
+  const struct GNUNET_CRYPTO_PrivateKey *identity,
  GNUNET_SCHEDULER_TaskCallback error_cb, void *error_cb_cls,
  GNUNET_RECLAIM_TicketCallback proc, void *proc_cls,
  GNUNET_SCHEDULER_TaskCallback finish_cb, void *finish_cb_cls);
diff --git a/src/include/gnunet_rest_plugin.h b/src/include/gnunet_rest_plugin.h
index 45b391ca1..3a8af5389 100644
--- a/src/include/gnunet_rest_plugin.h
+++ b/src/include/gnunet_rest_plugin.h
@@ -63,24 +63,13 @@ struct GNUNET_REST_Plugin
   * e.g. http://hostname:port/name
   */
  char *name;
-  /**
-   * Function to process a REST call
-   *
-   * @param method the HTTP method called
-   * @param url the relative url accessed
-   * @param data the REST data (can be NULL)
-   * @param data_size the length of the data
-   * @param proc the callback for result
-   * @param proc_cls closure for callback
-   * @return GNUNET_YES if the request was processed
-   */
-  enum GNUNET_GenericReturnValue (*process_request)(
-    struct GNUNET_REST_RequestHandle *handle,
-    GNUNET_REST_ResultProcessor proc,
-    void *proc_cls);
 };
+typedef enum GNUNET_GenericReturnValue (*GNUNET_REST_ProcessingFunction)(
+  void *plugin,
+  struct GNUNET_REST_RequestHandle *handle,
+  GNUNET_REST_ResultProcessor proc,
+  void *proc_cls);
 #if 0                           /* keep Emacsens' auto-indent happy */
 {
diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h
index 81a90189b..427be62ac 100644
--- a/src/include/gnunet_revocation_service.h
+++ b/src/include/gnunet_revocation_service.h
@@ -22,6 +22,7 @@
 #define GNUNET_REVOCATION_SERVICE_H_
+#include "gnunet_gnsrecord_lib.h"
 #include "gnunet_identity_service.h"
 /**
@@ -56,71 +57,6 @@ extern "C"
 */
 #define GNUNET_REVOCATION_VERSION 0x00000001
-/**
- * Maximum length of a revocation
- */
-#define GNUNET_REVOCATION_MAX_PROOF_SIZE sizeof(struct GNUNET_REVOCATION_PowP) +\
-                                         sizeof(struct GNUNET_IDENTITY_PublicKey) +\
-                                         1024 //FIXME max sig_len
-/**
- * The proof-of-work narrowing factor.
- * The number of PoWs that are calculates as part of revocation.
- */
-#define POW_COUNT 32
-GNUNET_NETWORK_STRUCT_BEGIN
-/**
- * Struct for a proof of work as part of the revocation.
- */
-struct GNUNET_REVOCATION_PowP
-{
-  /**
-   * The timestamp of the revocation
-   */
-  struct GNUNET_TIME_AbsoluteNBO timestamp;
-  /**
-   * The TTL of this revocation (purely informational)
-   */
-  struct GNUNET_TIME_RelativeNBO ttl;
-  /**
-   * The PoWs
-   */
-  uint64_t pow[POW_COUNT] GNUNET_PACKED;
-  /** followed by the public key type, the key and a signature **/
-};
-/**
- * The signature object we use for the PoW
- */
-struct GNUNET_REVOCATION_SignaturePurposePS
-{
-  /**
-   * The signature purpose
-   */
-  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-  /**
-   * The timestamp of the revocation
-   */
-  struct GNUNET_TIME_AbsoluteNBO timestamp;
-  /** Followed by the zone public key type and key **/
-};
-GNUNET_NETWORK_STRUCT_END
-/**
- * Handle to a running proof-of-work calculation.
- */
-struct GNUNET_REVOCATION_PowCalculationHandle;
 /**
 * Handle for the key revocation query.
@@ -152,7 +88,7 @@ typedef void (*GNUNET_REVOCATION_Callback) (void *cls,
 */
 struct GNUNET_REVOCATION_Query *
 GNUNET_REVOCATION_query (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                         const struct GNUNET_IDENTITY_PublicKey *key,
+                         const struct GNUNET_CRYPTO_PublicKey *key,
                         GNUNET_REVOCATION_Callback func, void *func_cls);
@@ -176,7 +112,7 @@ struct GNUNET_REVOCATION_Handle;
 *
 * @param cfg the configuration to use
 * @param pow proof of work to use (should have been created by
- *            iteratively calling #GNUNET_REVOCATION_pow_round)
+ *            iteratively calling #GNUNET_CRYPTO_pow_round)
 * @param func function to call with the result of the check
 *             (called with `is_valid` being #GNUNET_NO if
 *              the revocation worked).
@@ -185,7 +121,7 @@ struct GNUNET_REVOCATION_Handle;
 */
 struct GNUNET_REVOCATION_Handle *
 GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                          const struct GNUNET_REVOCATION_PowP *pow,
+                          const struct GNUNET_GNSRECORD_PowP *pow,
                          GNUNET_REVOCATION_Callback func, void *func_cls);
@@ -198,68 +134,6 @@ void
 GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h);
-/**
- * Check if the given proof-of-work is valid.
- *
- * @param pow proof of work
- * @param matching_bits how many bits must match (configuration)
- * @param epoch_duration length of single epoch in configuration
- * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not
- */
-enum GNUNET_GenericReturnValue
-GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow,
-                             unsigned int matching_bits,
-                             struct GNUNET_TIME_Relative epoch_duration);
-/**
- * Initializes a fresh PoW computation.
- *
- * @param key the key to calculate the PoW for.
- * @param pow the pow object to work with in the calculation.
- */
-void
-GNUNET_REVOCATION_pow_init (const struct GNUNET_IDENTITY_PrivateKey *key,
-                            struct GNUNET_REVOCATION_PowP *pow);
-/**
- * Starts a proof-of-work calculation given the pow object as well as
- * target epochs and difficulty.
- *
- * @param pow the PoW to based calculations on.
- * @param epochs the number of epochs for which the PoW must be valid.
- * @param difficulty the base difficulty of the PoW.
- * @return a handle for use in PoW rounds
- */
-struct GNUNET_REVOCATION_PowCalculationHandle*
-GNUNET_REVOCATION_pow_start (struct GNUNET_REVOCATION_PowP *pow,
-                             int epochs,
-                             unsigned int difficulty);
-/**
- * Calculate a single round in the key revocation PoW.
- *
- * @param pc handle to the PoW, initially called with NULL.
- * @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not
- */
-enum GNUNET_GenericReturnValue
-GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc);
-/**
- * Stop a PoW calculation
- *
- * @param pc the calculation to clean up
- * @return #GNUNET_YES if pow valid, #GNUNET_NO if pow was set but is not
- * valid
- */
-void
-GNUNET_REVOCATION_pow_stop (struct GNUNET_REVOCATION_PowCalculationHandle *pc);
-size_t
-GNUNET_REVOCATION_proof_get_size (const struct GNUNET_REVOCATION_PowP *pow);
 #if 0                           /* keep Emacsens' auto-indent happy */
diff --git a/src/include/gnunet_service_lib.h b/src/include/gnunet_service_lib.h
index 7c6ce0c0e..0ad4fcc3c 100644
--- a/src/include/gnunet_service_lib.h
+++ b/src/include/gnunet_service_lib.h
@@ -19,7 +19,7 @@
 */
-#if !defined (__GNUNET_UTIL_LIB_H_INSIDE__)
+#if ! defined (__GNUNET_UTIL_LIB_H_INSIDE__)
 #error "Only <gnunet_util_lib.h> can be included directly."
 #endif
@@ -203,7 +203,6 @@ GNUNET_SERVICE_start (const char *service_name,
 void
 GNUNET_SERVICE_stop (struct GNUNET_SERVICE_Handle *srv);
 /**
 * Creates the "main" function for a GNUnet service.  You
 * should almost always use the #GNUNET_SERVICE_MAIN macro
@@ -258,6 +257,56 @@ GNUNET_SERVICE_run_ (int argc,
 /**
+ * Registers the GNUnet service to be scheduled as part of a monilithic
+ * libgnunet.
+ * You should almost always use the #GNUNET_SERVICE_MAIN macro
+ * instead of calling this function directly.
+ *
+ * The function will launch the service with the name @a service_name
+ * using the @a service_options to configure its shutdown
+ * behavior. Once the service is ready, the @a init_cb will be called
+ * for service-specific initialization.  @a init_cb will be given the
+ * service handler which can be used to control the service's
+ * availability.  When clients connect or disconnect, the respective
+ * @a connect_cb or @a disconnect_cb functions will be called. For
+ * messages received from the clients, the respective @a handlers will
+ * be invoked; for the closure of the handlers we use the return value
+ * from the @a connect_cb invocation of the respective client.
+ *
+ * Each handler MUST call #GNUNET_SERVICE_client_continue() after each
+ * message to receive further messages from this client.  If
+ * #GNUNET_SERVICE_client_continue() is not called within a short
+ * time, a warning will be logged. If delays are expected, services
+ * should call #GNUNET_SERVICE_client_disable_continue_warning() to
+ * disable the warning.
+ *
+ * Clients sending invalid messages (based on @a handlers) will be
+ * dropped. Additionally, clients can be dropped at any time using
+ * #GNUNET_SERVICE_client_drop().
+ *
+ * @param service_name name of the service to run
+ * @param options options controlling shutdown of the service
+ * @param service_init_cb function to call once the service is ready
+ * @param connect_cb function to call whenever a client connects
+ * @param disconnect_cb function to call whenever a client disconnects
+ * @param cls closure argument for @a service_init_cb, @a connect_cb and @a disconnect_cb
+ * @param handlers NULL-terminated array of message handlers for the service,
+ *                 the closure will be set to the value returned by
+ *                 the @a connect_cb for the respective connection
+ * @return 0 on success, non-zero on error
+ */
+int
+GNUNET_SERVICE_register_ (
+  const char *service_name,
+  enum GNUNET_SERVICE_Options options,
+  GNUNET_SERVICE_InitCallback service_init_cb,
+  GNUNET_SERVICE_ConnectHandler connect_cb,
+  GNUNET_SERVICE_DisconnectHandler disconnect_cb,
+  void *cls,
+  const struct GNUNET_MQ_MessageHandler *handlers);
+/**
 * Creates the "main" function for a GNUnet service.  You
 * MUST use this macro to define GNUnet services (except
 * for ARM, which MUST NOT use the macro).  The reason is
@@ -314,26 +363,51 @@ GNUNET_SERVICE_run_ (int argc,
 *  GNUNET_MQ_handler_end ());
 * </code>
 */
+#ifndef HAVE_GNUNET_MONOLITH
 #define GNUNET_SERVICE_MAIN(service_name, service_options, init_cb, connect_cb, \
                            disconnect_cb, cls, ...) \
-  int \
+        int \
-  main (int argc, \
+        main (int argc, \
-        char *const *argv) \
+              char *const *argv) \
-  { \
+        { \
-    struct GNUNET_MQ_MessageHandler mh[] = { \
+          struct GNUNET_MQ_MessageHandler mh[] = { \
-      __VA_ARGS__ \
+            __VA_ARGS__ \
-    };                        \
+          };                        \
-    return GNUNET_SERVICE_run_ (argc, \
+          return GNUNET_SERVICE_run_ (argc, \
-                                argv, \
+                                      argv, \
-                                service_name, \
+                                      service_name, \
-                                service_options, \
+                                      service_options, \
-                                init_cb, \
+                                      init_cb, \
-                                connect_cb, \
+                                      connect_cb, \
-                                disconnect_cb, \
+                                      disconnect_cb, \
-                                cls, \
+                                      cls, \
-                                mh); \
+                                      mh); \
-  }
+        }
+#else
+#define GNUNET_SERVICE_MAIN(service_name, service_options, init_cb, connect_cb, \
+                            disconnect_cb, cls, ...) \
+        static int __attribute__ ((constructor)) \
+        init (void) \
+        { \
+          struct GNUNET_MQ_MessageHandler mh[] = { \
+            __VA_ARGS__ \
+          };                        \
+          return GNUNET_SERVICE_register_ (service_name, \
+                                           service_options, \
+                                           init_cb, \
+                                           connect_cb, \
+                                           disconnect_cb, \
+                                           cls, \
+                                           mh); \
+        }
+#endif
+/**
+ * Run the mainloop in a monolithic libgnunet.
+ * Must be called such that services are actually launched.
+ */
+void
+GNUNET_SERVICE_main (int argc, char *const *argv);
 /**
 * Suspend accepting connections from the listen socket temporarily.
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h
new file mode 100644
index 000000000..6ec30bf71
--- /dev/null
+++ b/src/include/gnunet_signatures.h
@@ -0,0 +1,254 @@
+/*
+     This file is part of GNUnet
+     Copyright (C) 2012-2022 GNUnet e.V.
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+#ifndef GNUNET_SIGNATURES_H
+#define GNUNET_SIGNATURES_H
+/**
+ * WARNING:
+ * This header is generated!
+ * In order to add a signature purpose, you must register
+ * them in GANA, and then use the header generation script
+ * to create an update of this file. You may then replace this
+ * file with the update.
+ */
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+/**
+ * Network signature purpose definitions.  Note that all values
+ * must be uint32_t and encoded in network byte order in the structs.
+ */
+/**
+ * Test signature, not valid for anything other than writing a test. (Note that the signature verification code will accept this value). (GNUnet)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TEST 0
+/**
+ * Signature for confirming that this peer uses a particular address. (GNUnet-TRANSPORT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN 1
+/**
+ * Signature for confirming that this peer intends to disconnect. (GNUnet-TRANSPORT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DISCONNECT 2
+/**
+ * GNS zone key revocation (GNS)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION 3
+/**
+ * Signature for a namespace/pseudonym advertisement (by the namespace owner). (GNUnet-FS)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_NAMESPACE_ADVERTISEMENT 4
+/**
+ * Signature by which a peer affirms that it is providing a certain bit of content for use in LOCation URIs. (GNUnet-FS)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_PEER_PLACEMENT 5
+/**
+ * Signature by which a peer affirms that it forwarded a message in the DHT. (GNUnet-DHT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_DHT_HOP 6
+/**
+ * Signature by which a peer affirms its address. (GNUnet-HELLO)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_HELLO 7
+/**
+ * Signature on a GNUNET_DNS_Advertisement. (GNUnet-DNS+Exit)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_DNS_RECORD 11
+/**
+ * Signature of a chat message. (GNUnet-MESSENGER)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_CHAT_MESSAGE 12
+/**
+ * Signature of confirmation receipt for a chat message. (GNUnet-MESSENGER)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_CHAT_RECEIPT 13
+/**
+ * Signature of a network size estimate message. (GNUnet-NSE)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_NSE_SEND 14
+/**
+ * GNS record set signature (GNS)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN 15
+/**
+ * Purpose is to set a session key. (GNUnet-CORE)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY 16
+/**
+ * UBlock Signature, done using DSS, not ECC (GNUnet-FS)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_FS_UBLOCK 17
+/**
+ * Accept state in regex DFA.  Peer affirms that it offers the matching service. (GNUnet-REGEX)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT 18
+/**
+ * Signature of a conversation ring. (GNUnet-CONVERSATION)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_CONVERSATION_RING 20
+/**
+ * Signature for the first round of distributed key generation. (GNUnet-SECRETSHARING)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_SECRETSHARING_DKG1 21
+/**
+ * Signature for the second round of distributed key generation. (GNUnet-SECRETSHARING)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_SECRETSHARING_DKG2 22
+/**
+ * Signature for the cooperative decryption. (GNUnet-SECRETSHARING)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_SECRETSHARING_DECRYPTION 23
+/**
+ * Signature for a GNUid Ticket (Reclaim)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_RECLAIM_CODE_SIGN 27
+/**
+ * Signature for a GNUnet credential (Reclaim)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_DELEGATE 28
+/**
+ * Signature by a peer affirming that this is one of its addresses for the given time period. (GNUnet-TRANSPORT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_ADDRESS 29
+/**
+ * Signature by a peer affirming that the given ephemeral key is currently in use by that peer's transport service. (GNUnet-TRANSPORT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_EPHEMERAL 30
+/**
+ * Signature used by TCP communicator handshake. (GNUnet-TRANSPORT-TCP)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_TCP_HANDSHAKE 31
+/**
+ * Signature used by TCP communicator rekey. (GNUnet-TRANSPORT-TCP)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_TCP_REKEY 32
+/**
+ * Signature used by UDP communicator handshake. (GNUnet-TRANSPORT-UDP)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE 33
+/**
+ * Signature used by UDP broadcasts. (GNUnet-TRANSPORT-UDP)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST 34
+/**
+ * Signature by a peer affirming that it received a challenge (and stating how long it expects the address on which the challenge was received to remain valid). (GNUnet-TRANSPORT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_CHALLENGE 35
+/**
+ * Signature by a peer affirming that it is on a DV path. (GNUnet-TRANSPORT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_HOP 36
+/**
+ * Signature by a peer affirming that it originated the DV path. (GNUnet-TRANSPORT)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_INITIATOR 37
+/**
+ * Signature by a peer that like to create a connection. (GNUnet-CADET)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR 38
+/**
+ * Signature by a peer sending back the nonce received at initial handshake. (GNUnet-TRANSPORT-TCP)
+ */
+#define GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_TCP_HANDSHAKE_ACK 39
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/src/include/gnunet_testing_netjail_lib.h b/src/include/gnunet_testing_netjail_lib.h
index 1d6f114eb..9d016b33a 100644
--- a/src/include/gnunet_testing_netjail_lib.h
+++ b/src/include/gnunet_testing_netjail_lib.h
@@ -343,6 +343,7 @@ GNUNET_TESTING_calculate_num (struct
                              GNUNET_TESTING_NodeConnection *node_connection,
                              struct GNUNET_TESTING_NetjailTopology *topology);
 /**
 * Struct with information for callbacks.
 *
@@ -507,6 +508,26 @@ GNUNET_TESTING_cmd_local_test_prepared (const char *label,
                                        write_message);
+/**
+ * Create command.
+ *
+ * @param label name for command.
+ * @param system_label Label of the cmd to setup a test environment.
+ * @param no Decimal number representing the last byte of the IP address of this peer.
+ * @param node_ip The IP address of this node.
+ * @param cfgname Configuration file name for this peer.
+ * @param broadcast Flag indicating, if broadcast should be switched on.
+ * @return command.
+ */
+struct GNUNET_TESTING_Command
+GNUNET_TESTING_cmd_start_peer (const char *label,
+                                 const char *system_label,
+                                 uint32_t no,
+                                 const char *node_ip,
+                                 const char *cfgname,
+                                 unsigned int broadcast);
 /* ***** Netjail trait support ***** */
diff --git a/src/include/gnunet_testing_ng_lib.h b/src/include/gnunet_testing_ng_lib.h
index 5c9079fdf..07cdac962 100644
--- a/src/include/gnunet_testing_ng_lib.h
+++ b/src/include/gnunet_testing_ng_lib.h
@@ -31,7 +31,13 @@
 #include "gnunet_util_lib.h"
 #include "gnunet_testing_lib.h"
+/**
+ * Stringify operator.
+ *
+ * @param a some expression to stringify. Must NOT be a macro.
+ * @return same expression as a constant string.
+ */
+#define GNUNET_S(a) #a
 /**
 * Maximum length of label in command
@@ -520,6 +526,20 @@ struct GNUNET_TESTING_Timer
  unsigned int num_retries;
 };
+/**
+ * Command to execute a script synchronously.
+ *
+ * @param label Label of the command.
+ * @param script The name of the script.
+ * @param script_argv The arguments of the script. 
+*/
+const struct GNUNET_TESTING_Command
+GNUNET_TESTING_cmd_exec_bash_script (const char *label,
+                                     const char *script,
+                                     char *const script_argv[],
+                                     int argc,
+                                     GNUNET_ChildCompletedCallback cb);
 /**
 * Retrieve peer identity from the test system with the unique node id.
@@ -530,7 +550,7 @@ struct GNUNET_TESTING_Timer
 */
 struct GNUNET_PeerIdentity *
 GNUNET_TESTING_get_peer (unsigned int num,
-                            const struct GNUNET_TESTING_System *tl_system);
+                         const struct GNUNET_TESTING_System *tl_system);
 /**
@@ -546,12 +566,12 @@ GNUNET_TESTING_cmd_stat (struct GNUNET_TESTING_Timer *timers);
 /* *** Generic trait logic for implementing traits ********* */
 /**
- * A struct GNUNET_TESTING_Trait can be used to exchange data between cmds. 
+ * A struct GNUNET_TESTING_Trait can be used to exchange data between cmds.
 *
 * Therefor the cmd which like to provide data to other cmds has to implement
- * the trait function, where an array of traits is defined with the help of the 
+ * the trait function, where an array of traits is defined with the help of the
 * GNUNET_TESTING_make_trait_ macro. The data can be retrieved with the help of the
- * GNUNET_TESTING_get_trait_ macro. Traits name and type must be defined to make 
+ * GNUNET_TESTING_get_trait_ macro. Traits name and type must be defined to make
 * use of the macros.
 */
 struct GNUNET_TESTING_Trait
@@ -604,6 +624,277 @@ GNUNET_TESTING_get_trait (const struct GNUNET_TESTING_Trait *traits,
 /* ****** Specific traits supported by this component ******* */
+typedef void *
+(*GNUNET_TESTING_notify_connect_cb) (struct GNUNET_TESTING_Interpreter *is,
+                                       const struct GNUNET_PeerIdentity *peer);
+/**
+ * Struct to store information needed in callbacks.
+ *
+ */
+struct GNUNET_TESTING_ConnectPeersState
+{
+  /**
+   * Receive callback
+   */
+  struct GNUNET_MQ_MessageHandler *handlers;
+  /**
+   * A map with struct GNUNET_MQ_Handle values for each peer this peer
+   * is connected to.
+   */
+  struct GNUNET_CONTAINER_MultiShortmap *connected_peers_map;
+  /**
+   * Handle for transport.
+   */
+  struct GNUNET_TRANSPORT_ApplicationHandle *ah;
+  /**
+   * Core handle.
+   */
+  struct GNUNET_TRANSPORT_CoreHandle *th;
+  /**
+   * Context for our asynchronous completion.
+   */
+  struct GNUNET_TESTING_AsyncContext ac;
+  /**
+   * The testing system of this node.
+   */
+  const struct GNUNET_TESTING_System *tl_system;
+  // Label of the cmd which started the test system.
+  const char *create_label;
+  /**
+   * Number globally identifying the node.
+   *
+   */
+  uint32_t num;
+  /**
+   * Label of the cmd to start a peer.
+   *
+   */
+  const char *start_peer_label;
+  /**
+   * The topology of the test setup.
+   */
+  struct GNUNET_TESTING_NetjailTopology *topology;
+  /**
+   * Connections to other peers.
+   */
+  struct GNUNET_TESTING_NodeConnection *node_connections_head;
+  struct GNUNET_TESTING_Interpreter *is;
+  /**
+   * Number of connections.
+   */
+  unsigned int con_num;
+  /**
+   * Number of additional connects this cmd will wait for not triggered by this cmd.
+   */
+  unsigned int additional_connects;
+  /**
+ * Number of connections we already have a notification for.
+ */
+  unsigned int con_num_notified;
+  /**
+   * Number of additional connects this cmd will wait for not triggered by this cmd we already have a notification for.
+   */
+  unsigned int additional_connects_notified;
+  /**
+   * Flag indicating, whether the command is waiting for peers to connect that are configured to connect.
+   */
+  unsigned int wait_for_connect;
+};
+/**
+ * Struct to store information needed in callbacks.
+ *
+ */
+struct ConnectPeersState
+{
+  /**
+   * Context for our asynchronous completion.
+   */
+  struct GNUNET_TESTING_AsyncContext ac;
+  GNUNET_TESTING_notify_connect_cb notify_connect;
+  /**
+   * The testing system of this node.
+   */
+  const struct GNUNET_TESTING_System *tl_system;
+  // Label of the cmd which started the test system.
+  const char *create_label;
+  /**
+   * Number globally identifying the node.
+   *
+   */
+  uint32_t num;
+  /**
+   * Label of the cmd to start a peer.
+   *
+   */
+  const char *start_peer_label;
+  /**
+   * The topology of the test setup.
+   */
+  struct GNUNET_TESTING_NetjailTopology *topology;
+  /**
+   * Connections to other peers.
+   */
+  struct GNUNET_TESTING_NodeConnection *node_connections_head;
+  struct GNUNET_TESTING_Interpreter *is;
+  /**
+   * Number of connections.
+   */
+  unsigned int con_num;
+  /**
+   * Number of additional connects this cmd will wait for not triggered by this cmd.
+   */
+  unsigned int additional_connects;
+  /**
+ * Number of connections we already have a notification for.
+ */
+  unsigned int con_num_notified;
+  /**
+   * Number of additional connects this cmd will wait for not triggered by this cmd we already have a notification for.
+   */
+  unsigned int additional_connects_notified;
+  /**
+   * Flag indicating, whether the command is waiting for peers to connect that are configured to connect.
+   */
+  unsigned int wait_for_connect;
+};
+struct GNUNET_TESTING_StartPeerState
+{
+  /**
+   * Context for our asynchronous completion.
+   */
+  struct GNUNET_TESTING_AsyncContext ac;
+  /**
+   * The ip of a node.
+   */
+  char *node_ip;
+  /**
+   * Receive callback
+   */
+  struct GNUNET_MQ_MessageHandler *handlers;
+  /**
+   * GNUnet configuration file used to start a peer.
+   */
+  char *cfgname;
+  /**
+   * Peer's configuration
+   */
+  struct GNUNET_CONFIGURATION_Handle *cfg;
+  /**
+   * struct GNUNET_TESTING_Peer returned by GNUNET_TESTING_peer_configure.
+   */
+  struct GNUNET_TESTING_Peer *peer;
+  /**
+   * Peer identity
+   */
+  struct GNUNET_PeerIdentity id;
+  /**
+   * Peer's transport service handle
+   */
+  struct GNUNET_TRANSPORT_CoreHandle *th;
+  /**
+   * Application handle
+   */
+  struct GNUNET_TRANSPORT_ApplicationHandle *ah;
+  /**
+   * Peer's PEERSTORE Handle
+   */
+  struct GNUNET_PEERSTORE_Handle *ph;
+  /**
+   * Hello get task
+   */
+  struct GNUNET_SCHEDULER_Task *rh_task;
+  /**
+   * Peer's transport get hello handle to retrieve peer's HELLO message
+   */
+  struct GNUNET_PEERSTORE_IterateContext *pic;
+  /**
+   * Hello
+   */
+  char *hello;
+  /**
+   * Hello size
+   */
+  size_t hello_size;
+  /**
+   * The label of the command which was started by calling GNUNET_TESTING_cmd_system_create.
+   */
+  char *system_label;
+  /**
+   * An unique number to identify the peer
+   */
+  unsigned int no;
+  /**
+   * A map with struct GNUNET_MQ_Handle values for each peer this peer
+   * is connected to.
+   */
+  struct GNUNET_CONTAINER_MultiShortmap *connected_peers_map;
+  /**
+   * Test setup for this peer.
+   */
+  const struct GNUNET_TESTING_System *tl_system;
+  /**
+   * Callback which is called on neighbour connect events.
+   */
+  GNUNET_TESTING_notify_connect_cb notify_connect;
+  /**
+   * Flag indicating, if udp broadcast should be switched on.
+   */
+  enum GNUNET_GenericReturnValue broadcast;
+};
 /**
 * Create headers for a trait with name @a name for
 * statically allocated data of type @a type.
@@ -698,7 +989,15 @@ GNUNET_TESTING_get_trait (const struct GNUNET_TESTING_Trait *traits,
 */
 #define GNUNET_TESTING_SIMPLE_TRAITS(op) \
  op (batch_cmds, struct GNUNET_TESTING_Command *) \
-  op (process, struct GNUNET_OS_Process *)
+  op (process, struct GNUNET_OS_Process *) \
+  op (peer_id, const struct GNUNET_PeerIdentity) \
+  op (connected_peers_map, const struct GNUNET_CONTAINER_MultiShortmap) \
+  op (hello_size, const size_t) \
+  op (hello, const char) \
+  op (application_handle, const struct GNUNET_TRANSPORT_ApplicationHandle) \
+  op (connect_peer_state, const struct GNUNET_TESTING_ConnectPeersState) \
+  op (state, const struct GNUNET_TESTING_StartPeerState) \
+  op (broadcast, const enum GNUNET_GenericReturnValue)
 /**
diff --git a/src/include/gnunet_testing_plugin.h b/src/include/gnunet_testing_plugin.h
index 12fbd7b75..d6a3560ef 100644
--- a/src/include/gnunet_testing_plugin.h
+++ b/src/include/gnunet_testing_plugin.h
@@ -40,6 +40,7 @@ extern "C"
 struct GNUNET_TESTING_Barrier;
 /**
 * Callback function to write messages from the helper process running on a netjail node to the master process.
 *
@@ -48,7 +49,7 @@ struct GNUNET_TESTING_Barrier;
 */
 typedef void
 (*GNUNET_TESTING_cmd_helper_write_cb) (struct GNUNET_MessageHeader *message,
-                                size_t msg_length);
+                                       size_t msg_length);
 /**
 * Callback function which writes a message from the helper process running on a netjail node to the master process * signaling that the test case running on the netjail node finished.
@@ -70,7 +71,7 @@ typedef void
 *        the topology configuration.
 * @param read_file If read_file is GNUNET_YES this string is the filename for the topology configuration,
 *        if read_file is GNUNET_NO the string contains the topology configuration.
- * @param finish_cb Callback function which writes a message from the helper process running on a netjail 
+ * @param finish_cb Callback function which writes a message from the helper process running on a netjail
 *                  node to the master process * signaling that the test case running on the netjail node finished.
 * @return Returns The struct GNUNET_TESTING_Interpreter of the command loop running on this netjail node.
 */
@@ -84,7 +85,8 @@ typedef struct GNUNET_TESTING_Interpreter *
                                        const char *local_m,
                                        const char *topology_data,
                                        unsigned int *read_file,
-                                        GNUNET_TESTING_cmd_helper_finish_cb finish_cb);
+                                        GNUNET_TESTING_cmd_helper_finish_cb
+                                        finish_cb);
 /**
 * DEPRECATED
diff --git a/src/include/gnunet_transport_application_service.h b/src/include/gnunet_transport_application_service.h
index 47f07a5f8..66512089a 100644
--- a/src/include/gnunet_transport_application_service.h
+++ b/src/include/gnunet_transport_application_service.h
@@ -19,7 +19,7 @@
 */
 /**
 * @addtogroup Backbone
- * @{ 
+ * @{
 *
 * @file
 * Bandwidth allocation API for applications to interact with
@@ -36,7 +36,6 @@
 #include "gnunet_constants.h"
 #include "gnunet_util_lib.h"
-#include "gnunet_nt_lib.h"
 #include "gnunet_testing_lib.h"
 #include "gnunet_testing_ng_lib.h"
diff --git a/src/include/gnunet_transport_communication_service.h b/src/include/gnunet_transport_communication_service.h
index a705b1970..92facb0e0 100644
--- a/src/include/gnunet_transport_communication_service.h
+++ b/src/include/gnunet_transport_communication_service.h
@@ -47,7 +47,6 @@ extern "C" {
 #include "gnunet_util_lib.h"
-#include "gnunet_nt_lib.h"
 /**
 * Version number of the transport communication API.
@@ -139,7 +138,7 @@ typedef void (*GNUNET_TRANSPORT_CommunicatorNotify) (
 * Connect to the transport service.
 *
 * @param cfg configuration to use
- * @param config_section_name section of the configuration to use for 
+ * @param config_section_name section of the configuration to use for
 *                            options
 * @param addr_prefix address prefix for addresses supported by this
 *        communicator, could be NULL for incoming-only communicators
diff --git a/src/include/gnunet_transport_hello_service.h b/src/include/gnunet_transport_hello_service.h
deleted file mode 100644
index 03305ec27..000000000
--- a/src/include/gnunet_transport_hello_service.h
+++ /dev/null
@@ -1,207 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2009-2016 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @author Christian Grothoff
- *
- * @file
- * obtain information about our current address
- *
- * @deprecated, in TNG applications should query PEERSTORE directly!
- *
- * @defgroup transport  Transport service
- * address information
- *
- * @see [Documentation](https://gnunet.org/transport-service)
- *
- * @{
- */
-#ifndef GNUNET_TRANSPORT_HELLO_SERVICE_H
-#define GNUNET_TRANSPORT_HELLO_SERVICE_H
-#ifdef __cplusplus
-extern "C" {
-#if 0 /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-#include "gnunet_util_lib.h"
-#include "gnunet_ats_service.h"
-/**
- * Version number of the transport API.
- */
-#define GNUNET_TRANSPORT_HELLO_VERSION 0x00000000
-/**
- * Some addresses contain sensitive information or are
- * not suitable for global distribution.  We use address
- * classes to filter addresses by which domain they make
- * sense to be used in.  These are used in a bitmask.
- */
-enum GNUNET_TRANSPORT_AddressClass
-{
-  /**
-   * No address.
-   */
-  GNUNET_TRANSPORT_AC_NONE = 0,
-  /**
-   * Addresses that fall into no other category
-   * (i.e. incoming which we cannot use elsewhere).
-   */
-  GNUNET_TRANSPORT_AC_OTHER = 1,
-  /**
-   * Addresses that are global and are insensitive
-   * (i.e. IPv4).
-   */
-  GNUNET_TRANSPORT_AC_GLOBAL = 2,
-  /**
-   * Addresses that are global and are sensitive
-   * (i.e. IPv6 with our MAC).
-   */
-  GNUNET_TRANSPORT_AC_GLOBAL_PRIVATE = 4,
-  /**
-   * Addresses useful in the local wired network,
-   * i.e. a MAC.  Sensitive, but obvious to people nearby.
-   * Useful for broadcasts.
-   */
-  GNUNET_TRANSPORT_AC_LAN = 8,
-  /**
-   * Addresses useful in the local wireless network,
-   * i.e. a MAC.  Sensitive, but obvious to people nearby.
-   * Useful for broadcasts.
-   */
-  GNUNET_TRANSPORT_AC_WLAN = 16,
-  /**
-   * Addresses useful in the local bluetooth network.  Sensitive, but
-   * obvious to people nearby.  Useful for broadcasts.
-   */
-  GNUNET_TRANSPORT_AC_BT = 32,
-  /**
-   * Bitmask for "any" address.
-   */
-  GNUNET_TRANSPORT_AC_ANY = 65535
-};
-/**
- * Function called whenever there is an update to the
- * HELLO of this peer.
- *
- * @param cls closure
- * @param hello our updated HELLO
- */
-typedef void (*GNUNET_TRANSPORT_HelloUpdateCallback) (
-  void *cls,
-  const struct GNUNET_MessageHeader *hello);
-/**
- * Handle to cancel a #GNUNET_TRANSPORT_hello_get() operation.
- */
-struct GNUNET_TRANSPORT_HelloGetHandle;
-/**
- * Obtain updates on changes to the HELLO message for this peer. The callback
- * given in this function is never called synchronously.
- *
- * @param cfg configuration to use
- * @param ac which network type should the addresses from the HELLO belong to?
- * @param rec function to call with the HELLO
- * @param rec_cls closure for @a rec
- * @return handle to cancel the operation
- */
-struct GNUNET_TRANSPORT_HelloGetHandle *
-GNUNET_TRANSPORT_hello_get (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                            enum GNUNET_TRANSPORT_AddressClass ac,
-                            GNUNET_TRANSPORT_HelloUpdateCallback rec,
-                            void *rec_cls);
-/**
- * Stop receiving updates about changes to our HELLO message.
- *
- * @param ghh handle to cancel
- */
-void
-GNUNET_TRANSPORT_hello_get_cancel (struct GNUNET_TRANSPORT_HelloGetHandle *ghh);
-/**
- * Function with addresses found in a HELLO.
- *
- * @param cls closure
- * @param peer identity of the peer
- * @param address the address (UTF-8, 0-terminated)
- * @param nt network type of the address
- * @param expiration when does this address expire?
- */
-typedef void (*GNUNET_TRANSPORT_AddressCallback) (
-  void *cls,
-  const struct GNUNET_PeerIdentity *peer,
-  const char *address,
-  enum GNUNET_NetworkType nt,
-  struct GNUNET_TIME_Absolute expiration);
-/**
- * Parse a HELLO message that we have received into its
- * constituent addresses.
- *
- * @param hello message to parse
- * @param cb function to call on each address found
- * @param cb_cls closure for @a cb
- * @return #GNUNET_OK if hello was well-formed, #GNUNET_SYSERR if not
- */
-int
-GNUNET_TRANSPORT_hello_parse (const struct GNUNET_MessageHeader *hello,
-                              GNUNET_TRANSPORT_AddressCallback cb,
-                              void *cb_cls);
-#if 0 /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-/* ifndef GNUNET_TRANSPORT_HELLO_SERVICE_H */
-#endif
-/** @} */ /* end of group */
-/** @} */ /* end of group addition */
-/* end of gnunet_transport_hello_service.h */
diff --git a/src/include/gnunet_transport_manipulation_service.h b/src/include/gnunet_transport_manipulation_service.h
deleted file mode 100644
index 694ca7dca..000000000
--- a/src/include/gnunet_transport_manipulation_service.h
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2009-2014, 2016 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @author Christian Grothoff
- *
- * @file
- * Low-level P2P IO
- *
- * @defgroup transport  Transport service
- * Low-level P2P IO
- *
- * @see [Documentation](https://gnunet.org/transport-service)
- *
- * @{
- */
-#ifndef GNUNET_TRANSPORT_MANIPULATION_SERVICE_H
-#define GNUNET_TRANSPORT_MANIPULATION_SERVICE_H
-#ifdef __cplusplus
-extern "C"
-{
-#if 0                           /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-#include "gnunet_util_lib.h"
-#include "gnunet_ats_service.h"
-/**
- * Version number of the transport API.
- */
-#define GNUNET_TRANSPORT_MANIPULATION_VERSION 0x00000003
-/**
- * Handle for transport manipulation.
- */
-struct GNUNET_TRANSPORT_ManipulationHandle;
-/**
- * Connect to the transport service.  Note that the connection may
- * complete (or fail) asynchronously.
- *
- * @param cfg configuration to use
- * @return NULL on error
- */
-struct GNUNET_TRANSPORT_ManipulationHandle *
-GNUNET_TRANSPORT_manipulation_connect (const struct
-                                       GNUNET_CONFIGURATION_Handle *cfg);
-/**
- * Disconnect from the transport service.
- *
- * @param handle handle returned from connect
- */
-void
-GNUNET_TRANSPORT_manipulation_disconnect (struct
-                                          GNUNET_TRANSPORT_ManipulationHandle *
-                                          handle);
-/**
- * Set transport metrics for a peer and a direction
- *
- * @param handle transport handle
- * @param peer the peer to set the metric for
- * @param prop the performance metrics to set
- * @param delay_in inbound delay to introduce
- * @param delay_out outbound delay to introduce
- *
- * Note: Delay restrictions in receiving direction will be enforced
- * with one message delay.
- */
-void
-GNUNET_TRANSPORT_manipulation_set (struct
-                                   GNUNET_TRANSPORT_ManipulationHandle *handle,
-                                   const struct GNUNET_PeerIdentity *peer,
-                                   const struct GNUNET_ATS_Properties *prop,
-                                   struct GNUNET_TIME_Relative delay_in,
-                                   struct GNUNET_TIME_Relative delay_out);
-#if 0                           /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-/* ifndef GNUNET_TRANSPORT_MANIPULATION_SERVICE_H */
-#endif
-/** @} */  /* end of group */
-/** @} */ /* end of group addition */
-/* end of gnunet_transport_manipulation_service.h */
diff --git a/src/include/gnunet_transport_monitor_service.h b/src/include/gnunet_transport_monitor_service.h
index 6b9eb8076..7c586b51e 100644
--- a/src/include/gnunet_transport_monitor_service.h
+++ b/src/include/gnunet_transport_monitor_service.h
@@ -47,7 +47,6 @@ extern "C"
 #include "gnunet_util_lib.h"
-#include "gnunet_ats_transport_service.h"
 #include "gnunet_transport_communication_service.h"
diff --git a/src/include/gnunet_transport_plugin.h b/src/include/gnunet_transport_plugin.h
deleted file mode 100644
index 0ab4a995c..000000000
--- a/src/include/gnunet_transport_plugin.h
+++ /dev/null
@@ -1,733 +0,0 @@
-/*
-     This file is part of GNUnet
-     Copyright (C) 2009-2014 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @author Christian Grothoff
- *
- * @file
- * Transport service plugin API
- *
- * @defgroup transport-plugin  Transport Service plugin API
- *
- * Specifies the struct that is given to the plugin's entry method and the other
- * struct that must be returned.  Note that the destructors of transport plugins
- * will be given the value returned by the constructor and is expected to return
- * a NULL pointer.
- *
- * @{
- */
-#ifndef PLUGIN_TRANSPORT_H
-#define PLUGIN_TRANSPORT_H
-#include "gnunet_configuration_lib.h"
-#include "gnunet_scheduler_lib.h"
-#include "gnunet_statistics_service.h"
-#include "gnunet_transport_service.h"
-#include "gnunet_ats_service.h"
-#define TRANSPORT_SESSION_INBOUND_STRING "<inbound>"
-/**
- * Opaque pointer that plugins can use to distinguish specific
- * connections to a given peer.  Typically used by stateful plugins to
- * allow the service to refer to specific streams instead of a more
- * general notion of "some connection" to the given peer.  This is
- * useful since sometimes (e.g. for inbound TCP connections) a
- * connection may not have an address that can be used for meaningful
- * distinction between sessions to the same peer.
- *
- * Each 'struct GNUNET_ATS_Session' MUST start with the 'struct GNUNET_PeerIdentity'
- * of the peer the session is for (which will be used for some error
- * checking by the ATS code).
- */
-struct GNUNET_ATS_Session;
-/**
- * Function that will be called whenever the plugin internally
- * cleans up a session pointer and hence the service needs to
- * discard all of those sessions as well.  Plugins that do not
- * use sessions can simply omit calling this function and always
- * use NULL wherever a session pointer is needed.  This function
- * should be called BEFORE a potential "TransmitContinuation"
- * from the "TransmitFunction".
- *
- * @param cls closure
- * @param peer which peer was the session for
- * @param session which session is being destroyed
- */
-typedef void
-(*GNUNET_TRANSPORT_SessionEnd) (void *cls,
-                                const struct GNUNET_HELLO_Address *address,
-                                struct GNUNET_ATS_Session *session);
-/**
- * Plugin tells transport service about a new inbound session
- *
- * @param cls unused
- * @param address the address
- * @param session the new session
- * @param net network information
- */
-typedef void
-(*GNUNET_TRANSPORT_SessionStart) (void *cls,
-                                  const struct GNUNET_HELLO_Address *address,
-                                  struct GNUNET_ATS_Session *session,
-                                  enum GNUNET_NetworkType net);
-/**
- * Function called by the transport for each received message.
- * This function should also be called with "NULL" for the
- * message to signal that the other peer disconnected.
- *
- * @param cls closure
- * @param peer (claimed) identity of the other peer
- * @param message the message, NULL if we only care about
- *                learning about the delay until we should receive again
- * @param session identifier used for this session (NULL for plugins
- *                that do not offer bi-directional communication to the sender
- *                using the same "connection")
- * @param sender_address binary address of the sender (if we established the
- *                connection or are otherwise sure of it; should be NULL
- *                for inbound TCP/UDP connections since it it not clear
- *                that we could establish ourselves a connection to that
- *                IP address and get the same system)
- * @param sender_address_len number of bytes in @a sender_address
- * @return how long the plugin should wait until receiving more data;
- *         returning #GNUNET_TIME_UNIT_FOREVER_REL means that the
- *         connection should be closed
- */
-typedef struct GNUNET_TIME_Relative
-(*GNUNET_TRANSPORT_PluginReceiveCallback) (void *cls,
-                                           const struct
-                                           GNUNET_HELLO_Address *address,
-                                           struct GNUNET_ATS_Session *session,
-                                           const struct
-                                           GNUNET_MessageHeader *message);
-/**
- * Function that can be called by plugins to figure if an address is
- * an loopback, LAN or WAN address.   Ultimately invokes
- * #GNUNET_ATS_address_get_type().
- *
- * @param cls closure
- * @param addr binary address
- * @param addrlen length of the @a addr
- * @return type of the network the address belongs to
- */
-typedef enum GNUNET_NetworkType
-(*GNUNET_TRANSPORT_AddressToType)(void *cls,
-                                  const struct sockaddr *addr,
-                                  size_t addrlen);
-/**
- * Function called when distance of an address changes.
- *
- * @param cls closure
- * @param peer peer
- * @param distance new distance
- */
-typedef void
-(*GNUNET_TRANSPORT_UpdateAddressDistance) (void *cls,
-                                           const struct
-                                           GNUNET_HELLO_Address *address,
-                                           uint32_t distance);
-/**
- * Function that will be called for each address the transport
- * is aware that it might be reachable under.
- *
- * @param cls closure
- * @param add_remove should the address added (#GNUNET_YES) or removed (#GNUNET_NO) from the
- *                   set of valid addresses?
- * @param address the address to add or remove
- */
-typedef void
-(*GNUNET_TRANSPORT_AddressNotification) (void *cls,
-                                         int add_remove,
-                                         const struct
-                                         GNUNET_HELLO_Address *address);
-/**
- * Function that will be called whenever the plugin receives data over
- * the network and wants to determine how long it should wait until
- * the next time it reads from the given peer.  Note that some plugins
- * (such as UDP) may not be able to wait (for a particular peer), so
- * the waiting part is optional.  Plugins that can wait should call
- * this function, sleep the given amount of time, and call it again
- * (with zero bytes read) UNTIL it returns zero and only then read.
- *
- * @param cls closure
- * @param peer which peer did we read data from
- * @param amount_recved number of bytes read (can be zero)
- * @return how long to wait until reading more from this peer
- *         (to enforce inbound quotas); returning #GNUNET_TIME_UNIT_FOREVER_REL
- *         means that the connection should be closed
- */
-typedef struct GNUNET_TIME_Relative
-(*GNUNET_TRANSPORT_TrafficReport) (void *cls,
-                                   const struct GNUNET_PeerIdentity *peer,
-                                   size_t amount_recved);
-/**
- * Function that returns a HELLO message.
- *
- * @return HELLO message (FIXME with what?)
- */
-typedef const struct GNUNET_MessageHeader *
-(*GNUNET_TRANSPORT_GetHelloCallback) (void);
-/**
- * The transport service will pass a pointer to a struct
- * of this type as the first and only argument to the
- * entry point of each transport plugin.
- */
-struct GNUNET_TRANSPORT_PluginEnvironment
-{
-  /**
-   * Configuration to use.
-   */
-  const struct GNUNET_CONFIGURATION_Handle *cfg;
-  /**
-   * Identity of this peer.
-   */
-  const struct GNUNET_PeerIdentity *my_identity;
-  /**
-   * Closure for the various callbacks.
-   */
-  void *cls;
-  /**
-   * Handle for reporting statistics.
-   */
-  struct GNUNET_STATISTICS_Handle *stats;
-  /**
-   * Function that should be called by the transport plugin
-   * whenever a message is received.  If this field is "NULL",
-   * the plugin should load in 'stub' mode and NOT fully
-   * initialize and instead only return an API with the
-   * @e address_pretty_printer, @e address_to_string and
-   * @e string_to_address functions.
-   */
-  GNUNET_TRANSPORT_PluginReceiveCallback receive;
-  /**
-   * Function that returns our HELLO.
-   */
-  GNUNET_TRANSPORT_GetHelloCallback get_our_hello;
-  /**
-   * Function that must be called by each plugin to notify the
-   * transport service about the addresses under which the transport
-   * provided by the plugin can be reached.
-   */
-  GNUNET_TRANSPORT_AddressNotification notify_address;
-  /**
-   * Function that must be called by the plugin when a non-NULL
-   * session handle stops being valid (is destroyed).
-   */
-  GNUNET_TRANSPORT_SessionEnd session_end;
-  /**
-   * Function called by the plugin when a new (incoming) session was created
-   * not explicitly created using the the get_session function
-   */
-  GNUNET_TRANSPORT_SessionStart session_start;
-  /**
-   * Function that will be called to figure if an address is an loopback,
-   * LAN, WAN etc. address
-   */
-  GNUNET_TRANSPORT_AddressToType get_address_type;
-  /**
-   * Function that will be called by DV to update distance for
-   * an address.
-   */
-  GNUNET_TRANSPORT_UpdateAddressDistance update_address_distance;
-  /**
-   * What is the maximum number of connections that this transport
-   * should allow?  Transports that do not have sessions (such as
-   * UDP) can ignore this value.
-   */
-  uint32_t max_connections;
-};
-/**
- * Function called by the #GNUNET_TRANSPORT_TransmitFunction
- * upon "completion".  In the case that a peer disconnects,
- * this function must be called for each pending request
- * (with a 'failure' indication) AFTER notifying the service
- * about the disconnect event (so that the service won't try
- * to transmit more messages, believing the connection still
- * exists...).
- *
- * @param cls closure
- * @param target who was the recipient of the message?
- * @param result #GNUNET_OK on success
- *               #GNUNET_SYSERR if the target disconnected;
- *               disconnect will ALSO be signalled using
- *               the ReceiveCallback.
- * @param size_payload bytes of payload from transport service in message
- * @param size_on_wire bytes required on wire for transmission,
- *               0 if result == #GNUNET_SYSERR
- */
-typedef void
-(*GNUNET_TRANSPORT_TransmitContinuation) (void *cls,
-                                          const struct
-                                          GNUNET_PeerIdentity *target,
-                                          int result,
-                                          size_t size_payload,
-                                          size_t size_on_wire);
-/**
- * The new send function with just the session and no address
- *
- * Function that can be used by the transport service to transmit
- * a message using the plugin.   Note that in the case of a
- * peer disconnecting, the continuation MUST be called
- * prior to the disconnect notification itself.  This function
- * will be called with this peer's HELLO message to initiate
- * a fresh connection to another peer.
- *
- * @param cls closure
- * @param session which session must be used
- * @param msgbuf the message to transmit
- * @param msgbuf_size number of bytes in @a msgbuf
- * @param priority how important is the message (most plugins will
- *                 ignore message priority and just FIFO)
- * @param to how long to wait at most for the transmission (does not
- *                require plugins to discard the message after the timeout,
- *                just advisory for the desired delay; most plugins will ignore
- *                this as well)
- * @param cont continuation to call once the message has
- *        been transmitted (or if the transport is ready
- *        for the next transmission call; or if the
- *        peer disconnected...); can be NULL
- * @param cont_cls closure for @a cont
- * @return number of bytes used (on the physical network, with overheads);
- *         -1 on hard errors (i.e. address invalid); 0 is a legal value
- *         and does NOT mean that the message was not transmitted (DV)
- */
-typedef ssize_t
-(*GNUNET_TRANSPORT_TransmitFunction) (void *cls,
-                                      struct GNUNET_ATS_Session *session,
-                                      const char *msgbuf,
-                                      size_t msgbuf_size,
-                                      unsigned int priority,
-                                      struct GNUNET_TIME_Relative to,
-                                      GNUNET_TRANSPORT_TransmitContinuation cont,
-                                      void *cont_cls);
-/**
- * Function that can be called to force a disconnect from the
- * specified neighbour for the given session only.  .  This should
- * also cancel all previously scheduled transmissions for this
- * session.  Obviously the transmission may have been partially
- * completed already, which is OK.  The plugin is supposed to close
- * the connection (if applicable).
- *
- * @param cls closure with the `struct Plugin`
- * @param session session to destroy
- * @return #GNUNET_OK on success
- */
-typedef int
-(*GNUNET_TRANSPORT_DisconnectSessionFunction) (void *cls,
-                                               struct GNUNET_ATS_Session *
-                                               session);
-/**
- * Function that is called to get the keepalive factor.
- * #GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT is divided by this number to
- * calculate the interval between keepalive packets.
- *
- * @param cls closure with the `struct Plugin`
- * @return keepalive factor
- */
-typedef unsigned int
-(*GNUNET_TRANSPORT_QueryKeepaliveFactorFunction) (void *cls);
-/**
- * Function that can be called to force a disconnect from the
- * specified neighbour.  This should also cancel all previously
- * scheduled transmissions.  Obviously the transmission may have been
- * partially completed already, which is OK.  The plugin is supposed
- * to close the connection (if applicable) and no longer call the
- * transmit continuation(s).
- *
- * @param cls closure
- * @param target peer for which the last transmission is
- *        to be cancelled
- */
-typedef void
-(*GNUNET_TRANSPORT_DisconnectPeerFunction) (void *cls,
-                                            const struct
-                                            GNUNET_PeerIdentity *target);
-/**
- * Function called by the pretty printer for the resolved address for
- * each human-readable address obtained.  The callback can be called
- * several times. The last invocation must be with a @a address of
- * NULL and a @a res of #GNUNET_OK.  Thus, to indicate conversion
- * errors, the callback might be called first with @a address NULL and
- * @a res being #GNUNET_SYSERR.  In that case, there must still be a
- * subsequent call later with @a address NULL and @a res #GNUNET_OK.
- *
- * @param cls closure
- * @param address one of the names for the host, NULL on last callback
- * @param res #GNUNET_OK if conversion was successful, #GNUNET_SYSERR on failure,
- *      #GNUNET_OK on last callback
- */
-typedef void
-(*GNUNET_TRANSPORT_AddressStringCallback) (void *cls,
-                                           const char *address,
-                                           int res);
-/**
- * Convert the transports address to a nice, human-readable
- * format.
- *
- * @param cls closure
- * @param type name of the transport that generated the address
- * @param addr one of the addresses of the host, NULL for the last address
- *        the specific address format depends on the transport
- * @param addrlen length of the @a addr
- * @param numeric should (IP) addresses be displayed in numeric form?
- * @param timeout after how long should we give up?
- * @param asc function to call on each string
- * @param asc_cls closure for @a asc
- */
-typedef void
-(*GNUNET_TRANSPORT_AddressPrettyPrinter) (void *cls,
-                                          const char *type,
-                                          const void *addr,
-                                          size_t addrlen,
-                                          int numeric,
-                                          struct GNUNET_TIME_Relative timeout,
-                                          GNUNET_TRANSPORT_AddressStringCallback
-                                          asc,
-                                          void *asc_cls);
-/**
- * Another peer has suggested an address for this peer and transport
- * plugin.  Check that this could be a valid address.  This function
- * is not expected to 'validate' the address in the sense of trying to
- * connect to it but simply to see if the binary format is technically
- * legal for establishing a connection to this peer (and make sure that
- * the address really corresponds to our network connection/settings
- * and not some potential man-in-the-middle).
- *
- * @param addr pointer to the address
- * @param addrlen length of @a addr
- * @return #GNUNET_OK if this is a plausible address for this peer
- *         and transport, #GNUNET_SYSERR if not
- */
-typedef int
-(*GNUNET_TRANSPORT_CheckAddress) (void *cls,
-                                  const void *addr,
-                                  size_t addrlen);
-/**
- * Create a new session to transmit data to the target
- * This session will used to send data to this peer and the plugin will
- * notify us by calling the env->session_end function
- *
- * @param cls the plugin
- * @param address the hello address
- * @return the session if the address is valid, NULL otherwise
- */
-typedef struct GNUNET_ATS_Session *
-(*GNUNET_TRANSPORT_CreateSession) (void *cls,
-                                   const struct GNUNET_HELLO_Address *address);
-/**
- * Function that will be called whenever the transport service wants to
- * notify the plugin that a session is still active and in use and
- * therefore the session timeout for this session has to be updated
- *
- * @param cls closure
- * @param peer which peer was the session for
- * @param session which session is being updated
- */
-typedef void
-(*GNUNET_TRANSPORT_UpdateSessionTimeout) (void *cls,
-                                          const struct
-                                          GNUNET_PeerIdentity *peer,
-                                          struct GNUNET_ATS_Session *session);
-/**
- * Function that will be called whenever the transport service wants to
- * notify the plugin that the inbound quota changed and that the plugin
- * should update it's delay for the next receive value
- *
- * @param cls closure
- * @param peer which peer was the session for
- * @param session which session is being updated
- * @param delay new delay to use for receiving
- */
-typedef void
-(*GNUNET_TRANSPORT_UpdateInboundDelay) (void *cls,
-                                        const struct GNUNET_PeerIdentity *peer,
-                                        struct GNUNET_ATS_Session *session,
-                                        struct GNUNET_TIME_Relative delay);
-/**
- * Function called for a quick conversion of the binary address to
- * a numeric address.  Note that the caller must not free the
- * address and that the next call to this function is allowed
- * to override the address again.
- *
- * @param cls closure
- * @param addr binary address
- * @param addr_len length of the @a addr
- * @return string representing the same address
- */
-typedef const char *
-(*GNUNET_TRANSPORT_AddressToString) (void *cls,
-                                     const void *addr,
-                                     size_t addrlen);
-/**
- * Function called to convert a string address to
- * a binary address.
- *
- * @param cls closure (`struct Plugin*`)
- * @param addr string address
- * @param addrlen length of the @a addr including \0 termination
- * @param buf location to store the buffer
- *        If the function returns #GNUNET_SYSERR, its contents are undefined.
- * @param added length of created address
- * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
- */
-typedef int
-(*GNUNET_TRANSPORT_StringToAddress) (void *cls,
-                                     const char *addr,
-                                     uint16_t addrlen,
-                                     void **buf,
-                                     size_t *added);
-/**
- * Function to obtain the network type for a session
- *
- * @param cls closure (`struct Plugin *`)
- * @param session the session
- * @return the network type
- */
-typedef enum GNUNET_NetworkType
-(*GNUNET_TRANSPORT_GetNetworkType)(void *cls,
-                                   struct GNUNET_ATS_Session *session);
-/**
- * Function to obtain the network type for an address.
- *
- * @param cls closure (`struct Plugin *`)
- * @param address the address
- * @return the network type
- */
-typedef enum GNUNET_NetworkType
-(*GNUNET_TRANSPORT_GetNetworkTypeForAddress)(void *cls,
-                                             const struct
-                                             GNUNET_HELLO_Address *address);
-/**
- * Function called by the plugin with information about the
- * current sessions managed by the plugin (for monitoring).
- *
- * @param cls closure
- * @param session session handle this information is about,
- *        NULL to indicate that we are "in sync" (initial
- *        iteration complete)
- * @param info information about the state of the session,
- *        NULL if @a session is also NULL and we are
- *        merely signalling that the initial iteration is over
- */
-typedef void
-(*GNUNET_TRANSPORT_SessionInfoCallback) (void *cls,
-                                         struct GNUNET_ATS_Session *session,
-                                         const struct
-                                         GNUNET_TRANSPORT_SessionInfo *info);
-/**
- * Begin monitoring sessions of a plugin.  There can only
- * be one active monitor per plugin (i.e. if there are
- * multiple monitors, the transport service needs to
- * multiplex the generated events over all of them).
- *
- * @param cls closure of the plugin
- * @param sic callback to invoke, NULL to disable monitor;
- *            plugin will being by iterating over all active
- *            sessions immediately and then enter monitor mode
- * @param sic_cls closure for @a sic
- */
-typedef void
-(*GNUNET_TRANSPORT_SessionMonitorSetup) (void *cls,
-                                         GNUNET_TRANSPORT_SessionInfoCallback
-                                         sic,
-                                         void *sic_cls);
-/**
- * Each plugin is required to return a pointer to a struct of this
- * type as the return value from its entry point.
- */
-struct GNUNET_TRANSPORT_PluginFunctions
-{
-  /**
-   * Closure for all of the callbacks.
-   */
-  void *cls;
-  /**
-   * Function that the transport service will use to transmit data to
-   * another peer.  May be NULL for plugins that only support
-   * receiving data.  After this call, the plugin call the specified
-   * continuation with success or error before notifying us about the
-   * target having disconnected.
-   */
-  GNUNET_TRANSPORT_TransmitFunction send;
-  /**
-   * Function that can be used to force the plugin to disconnect from
-   * the given peer and cancel all previous transmissions (and their
-   * continuations).
-   */
-  GNUNET_TRANSPORT_DisconnectPeerFunction disconnect_peer;
-  /**
-   * Function that can be used to force the plugin to disconnect from
-   * the given peer and cancel all previous transmissions (and their
-   * continuations).
-   */
-  GNUNET_TRANSPORT_DisconnectSessionFunction disconnect_session;
-  /**
-   * Function that will be called whenever the transport service wants to
-   * notify the plugin that a session is still active and in use and
-   * therefore the session timeout for this session has to be updated
-   */
-  GNUNET_TRANSPORT_UpdateSessionTimeout update_session_timeout;
-  /**
-   * Function that will be called whenever the transport service wants to
-   * notify the plugin that the inbound quota changed and that the plugin
-   * should update it's delay for the next receive value
-   */
-  GNUNET_TRANSPORT_UpdateInboundDelay update_inbound_delay;
-  /**
-   * Function that is used to query keepalive factor.
-   * #GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT is divided by this number to
-   * calculate the interval between keepalive packets.
-   */
-  GNUNET_TRANSPORT_QueryKeepaliveFactorFunction query_keepalive_factor;
-  /**
-   * Function to pretty-print addresses.
-   */
-  GNUNET_TRANSPORT_AddressPrettyPrinter address_pretty_printer;
-  /**
-   * Function that will be called to check if a binary address
-   * for this plugin is well-formed and corresponds to an
-   * address for THIS peer (as per our configuration).  Naturally,
-   * if absolutely necessary, plugins can be a bit conservative in
-   * their answer, but in general plugins should make sure that the
-   * address does not redirect traffic to a 3rd party that might
-   * try to man-in-the-middle our traffic.
-   */
-  GNUNET_TRANSPORT_CheckAddress check_address;
-  /**
-   * Function that will be called to convert a binary address
-   * to a string (numeric conversion only).
-   */
-  GNUNET_TRANSPORT_AddressToString address_to_string;
-  /**
-   * Function that will be called to convert a string address
-   * to binary (numeric conversion only).
-   */
-  GNUNET_TRANSPORT_StringToAddress string_to_address;
-  /**
-   * Function that will be called tell the plugin to create a session
-   * object.
-   */
-  GNUNET_TRANSPORT_CreateSession get_session;
-  /**
-   * Function to obtain the network type for a session
-   */
-  GNUNET_TRANSPORT_GetNetworkType get_network;
-  /**
-   * Function to obtain the network type for an address
-   */
-  GNUNET_TRANSPORT_GetNetworkTypeForAddress get_network_for_address;
-  /**
-   * Function to monitor the sessions managed by the plugin.
-   */
-  GNUNET_TRANSPORT_SessionMonitorSetup setup_monitor;
-};
-/*#ifndef PLUGIN_TRANSPORT_H*/
-#endif
-/** @} */  /* end of group */
-/** @} */ /* end of group addition */
-/* end of gnunet_transport_plugin.h */
diff --git a/src/include/gnunet_transport_service.h b/src/include/gnunet_transport_service.h
deleted file mode 100644
index 72cdbe0a7..000000000
--- a/src/include/gnunet_transport_service.h
+++ /dev/null
@@ -1,715 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2009-2016 GNUnet e.V.
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @addtogroup Backbone
- * @{
- *
- * @author Christian Grothoff
- *
- * @file
- * Low-level P2P IO
- *
- * @defgroup transport  Transport service
- * Low-level P2P IO
- *
- * @see [Documentation](https://gnunet.org/transport-service)
- *
- * @{
- */
-#ifndef GNUNET_TRANSPORT_SERVICE_H
-#define GNUNET_TRANSPORT_SERVICE_H
-#ifdef __cplusplus
-extern "C" {
-#if 0 /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-#include "gnunet_util_lib.h"
-#include "gnunet_ats_service.h"
-/**
- * Version number of the transport API.
- */
-#define GNUNET_TRANSPORT_VERSION 0x00000003
-/* *************************** HELLO *************************** */
-/**
- * Handle for a #GNUNET_TRANSPORT_offer_hello operation
- */
-struct GNUNET_TRANSPORT_OfferHelloHandle;
-/**
- * Offer the transport service the HELLO of another peer.  Note that
- * the transport service may just ignore this message if the HELLO is
- * malformed or useless due to our local configuration.
- *
- * @param cfg configuration
- * @param hello the hello message
- * @param cont continuation to call when HELLO has been sent,
- *      tc reason #GNUNET_SCHEDULER_REASON_TIMEOUT for fail
- *      tc reasong #GNUNET_SCHEDULER_REASON_READ_READY for success
- * @param cont_cls closure for @a cont
- * @return a `struct GNUNET_TRANSPORT_OfferHelloHandle` handle or NULL on
- * failure, in case of failure @a cont will not be called
- *
- */
-struct GNUNET_TRANSPORT_OfferHelloHandle *
-GNUNET_TRANSPORT_offer_hello (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                              const struct GNUNET_MessageHeader *hello,
-                              GNUNET_SCHEDULER_TaskCallback cont,
-                              void *cont_cls);
-/**
- * Cancel the request to transport to offer the HELLO message
- *
- * @param ohh the `struct GNUNET_TRANSPORT_OfferHelloHandle` to cancel
- */
-void
-GNUNET_TRANSPORT_offer_hello_cancel (
-  struct GNUNET_TRANSPORT_OfferHelloHandle *ohh);
-/* *********************** Address to String ******************* */
-/**
- * Handle to cancel a pending address lookup.
- */
-struct GNUNET_TRANSPORT_AddressToStringContext;
-/**
- * Function to call with a textual representation of an address.  This
- * function will be called several times with different possible
- * textual representations, and a last time with @a address being NULL
- * to signal the end of the iteration.  Note that @a address NULL
- * always is the last call, regardless of the value in @a res.
- *
- * @param cls closure
- * @param address NULL on end of iteration,
- *        otherwise 0-terminated printable UTF-8 string,
- *        in particular an empty string if @a res is #GNUNET_NO
- * @param res result of the address to string conversion:
- *        if #GNUNET_OK: conversion successful
- *        if #GNUNET_NO: address was invalid (or not supported)
- *        if #GNUNET_SYSERR: communication error (IPC error)
- */
-typedef void
-(*GNUNET_TRANSPORT_AddressToStringCallback) (void *cls,
-                                             const char *address,
-                                             int res);
-/**
- * Convert a binary address into a human readable address.
- *
- * @param cfg configuration to use
- * @param address address to convert (binary format)
- * @param numeric should (IP) addresses be displayed in numeric form
- *                (otherwise do reverse DNS lookup)
- * @param timeout how long is the lookup allowed to take at most
- * @param aluc function to call with the results
- * @param aluc_cls closure for @a aluc
- * @return handle to cancel the operation, NULL on error
- */
-struct GNUNET_TRANSPORT_AddressToStringContext *
-GNUNET_TRANSPORT_address_to_string (
-  const struct GNUNET_CONFIGURATION_Handle *cfg,
-  const struct GNUNET_HELLO_Address *address,
-  int numeric,
-  struct GNUNET_TIME_Relative timeout,
-  GNUNET_TRANSPORT_AddressToStringCallback aluc,
-  void *aluc_cls);
-/**
- * Cancel request for address conversion.
- *
- * @param alc the context handle
- */
-void
-GNUNET_TRANSPORT_address_to_string_cancel (
-  struct GNUNET_TRANSPORT_AddressToStringContext *alc);
-/* *********************** Monitoring ************************** */
-/**
- * Possible state of a neighbour.  Initially, we are
- * #GNUNET_TRANSPORT_PS_NOT_CONNECTED.
- *
- * Then, there are two main paths. If we receive a SYN message, we give
- * the inbound address to ATS. After the check we ask ATS for a suggestion
- * (#GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS). If ATS makes a suggestion, we
- * send our SYN_ACK and go to #GNUNET_TRANSPORT_PS_CONNECT_RECV_ACK.
- * If we receive a ACK, we go to #GNUNET_TRANSPORT_PS_CONNECTED
- * (and notify everyone about the new connection). If the operation times out,
- * we go to #GNUNET_TRANSPORT_PS_DISCONNECT.
- *
- * The other case is where we transmit a SYN message first.  We
- * start with #GNUNET_TRANSPORT_PS_INIT_ATS.  If we get an address, we send
- * the SYN message and go to state #GNUNET_TRANSPORT_PS_CONNECT_SENT.
- * Once we receive a SYN_ACK, we go to #GNUNET_TRANSPORT_PS_CONNECTED
- * (and notify everyone about the new connection and send
- * back a ACK).  If the operation times out, we go to
- * #GNUNET_TRANSPORT_PS_DISCONNECT.
- *
- * If the session is in trouble (i.e. transport-level disconnect or
- * timeout), we go to #GNUNET_TRANSPORT_PS_RECONNECT_ATS where we ask ATS for a
- * new address (we don't notify anyone about the disconnect yet).  Once we have
- * a new address, we enter #GNUNET_TRANSPORT_PS_RECONNECT_SENT and send a SYN
- * message.  If we receive a SYN_ACK, we go to #GNUNET_TRANSPORT_PS_CONNECTED
- * and nobody noticed that we had trouble; we also send a ACK at this time just
- * in case.  If the operation times out, we go to
- * #GNUNET_TRANSPORT_PS_DISCONNECT (and notify everyone about the lost
- * connection).
- *
- * If ATS decides to switch addresses while we have a normal
- * connection, we go to #GNUNET_TRANSPORT_PS_CONNECTED_SWITCHING_SYN_SENT
- * and send a SESSION_CONNECT.  If we get a ACK back, we switch the
- * primary connection to the suggested alternative from ATS, go back
- * to #GNUNET_TRANSPORT_PS_CONNECTED and send a ACK to the other peer just to be
- * sure.  If the operation times out
- * we go to #GNUNET_TRANSPORT_PS_CONNECTED (and notify ATS that the given
- * alternative address is "invalid").
- *
- * Once a session is in #GNUNET_TRANSPORT_PS_DISCONNECT, it is cleaned up and
- * then goes to (#GNUNET_TRANSPORT_PS_DISCONNECT_FINISHED).  If we receive an
- * explicit disconnect request, we can go from any state to
- * #GNUNET_TRANSPORT_PS_DISCONNECT, possibly after generating disconnect
- * notifications.
- *
- * Note that it is quite possible that while we are in any of these
- * states, we could receive a 'SYN' request from the other peer.
- * We then enter a 'weird' state where we pursue our own primary state
- * machine (as described above), but with the 'send_connect_ack' flag
- * set to 1.  If our state machine allows us to send a 'SYN_ACK'
- * (because we have an acceptable address), we send the 'SYN_ACK'
- * and set the 'send_connect_ack' to 2.  If we then receive a
- * 'ACK', we go to #GNUNET_TRANSPORT_PS_CONNECTED (and reset 'send_connect_ack'
- * to 0).
- *
- */
-enum GNUNET_TRANSPORT_PeerState
-{
-  /**
-   * Fresh peer or completely disconnected
-   */
-  GNUNET_TRANSPORT_PS_NOT_CONNECTED = 0,
-  /**
-   * Asked to initiate connection, trying to get address from ATS
-   */
-  GNUNET_TRANSPORT_PS_INIT_ATS,
-  /**
-   * Sent SYN message to other peer, waiting for SYN_ACK
-   */
-  GNUNET_TRANSPORT_PS_SYN_SENT,
-  /**
-   * Received a SYN, asking ATS about address suggestions.
-   */
-  GNUNET_TRANSPORT_PS_SYN_RECV_ATS,
-  /**
-   * SYN request from other peer was SYN_ACK'ed, waiting for ACK.
-   */
-  GNUNET_TRANSPORT_PS_SYN_RECV_ACK,
-  /**
-   * Got our SYN_ACK/ACK, connection is up.
-   */
-  GNUNET_TRANSPORT_PS_CONNECTED,
-  /**
-   * Connection got into trouble, rest of the system still believes
-   * it to be up, but we're getting a new address from ATS.
-   */
-  GNUNET_TRANSPORT_PS_RECONNECT_ATS,
-  /**
-   * Sent SYN over new address (either by ATS telling us to switch
-   * addresses or from RECONNECT_ATS); if this fails, we need to tell
-   * the rest of the system about a disconnect.
-   */
-  GNUNET_TRANSPORT_PS_RECONNECT_SENT,
-  /**
-   * We have some primary connection, but ATS suggested we switch
-   * to some alternative; we now sent a SYN message for the
-   * alternative session to the other peer and waiting for a
-   * SYN_ACK to make this our primary connection.
-   */
-  GNUNET_TRANSPORT_PS_SWITCH_SYN_SENT,
-  /**
-   * Disconnect in progress (we're sending the DISCONNECT message to the
-   * other peer; after that is finished, the state will be cleaned up).
-   */
-  GNUNET_TRANSPORT_PS_DISCONNECT,
-  /**
-   * We're finished with the disconnect; and are cleaning up the state
-   * now!  We put the struct into this state when we are really in the
-   * task that calls 'free' on it and are about to remove the record
-   * from the map.  We should never find a 'struct NeighbourMapEntry'
-   * in this state in the map.  Accessing a 'struct NeighbourMapEntry'
-   * in this state virtually always means using memory that has been
-   * freed (the exception being the cleanup code in #free_neighbour()).
-   */
-  GNUNET_TRANSPORT_PS_DISCONNECT_FINISHED
-};
-/**
- * Convert a transport state to a human readable string.
- *
- * @param state the state
- */
-const char *
-GNUNET_TRANSPORT_ps2s (enum GNUNET_TRANSPORT_PeerState state);
-/**
- * Check if a state is defined as connected
- *
- * @param state the state value
- * @return #GNUNET_YES or #GNUNET_NO
- */
-int
-GNUNET_TRANSPORT_is_connected (enum GNUNET_TRANSPORT_PeerState state);
-/**
- * Handle for a #GNUNET_TRANSPORT_monitor_peers operation.
- */
-struct GNUNET_TRANSPORT_PeerMonitoringContext;
-/**
- * Function to call with information about a peer
- *
- * If one_shot was set to #GNUNET_YES to iterate over all peers once,
- * a final call with NULL for peer and address will follow when done.
- * In this case state and timeout do not contain valid values.
- *
- * The #GNUNET_TRANSPORT_monitor_peers_cancel() call MUST not be called from
- * within this function!
- *
- *
- * @param cls closure
- * @param peer peer this update is about,
- *      NULL if this is the final last callback for a iteration operation
- * @param address address, NULL if this is the final callback for iteration op
- * @param state current state this peer is in
- * @param state_timeout timeout for the current state of the peer
- */
-typedef void
-(*GNUNET_TRANSPORT_PeerIterateCallback) (
-  void *cls,
-  const struct GNUNET_PeerIdentity *peer,
-  const struct GNUNET_HELLO_Address *address,
-  enum GNUNET_TRANSPORT_PeerState state,
-  struct GNUNET_TIME_Absolute state_timeout);
-/**
- * Return information about a specific peer or all peers currently known to
- * transport service once or in monitoring mode. To obtain information about
- * a specific peer, a peer identity can be passed. To obtain information about
- * all peers currently known to transport service, NULL can be passed as peer
- * identity.
- *
- * For each peer, the callback is called with information about the address used
- * to communicate with this peer, the state this peer is currently in and the
- * the current timeout for this state.
- *
- * Upon completion, the #GNUNET_TRANSPORT_PeerIterateCallback is called one
- * more time with `NULL`. After this, the operation must no longer be
- * explicitly canceled.
- *
- * The #GNUNET_TRANSPORT_monitor_peers_cancel call MUST not be called in the
- * the peer_callback!
- *
- * @param cfg configuration to use
- * @param peer a specific peer identity to obtain information for,
- *      NULL for all peers
- * @param one_shot #GNUNET_YES to return the current state and 
- *                 then end (with NULL+NULL), 
- *                 #GNUNET_NO to monitor peers continuously
- * @param peer_callback function to call with the results
- * @param peer_callback_cls closure for @a peer_callback
- */
-struct GNUNET_TRANSPORT_PeerMonitoringContext *
-GNUNET_TRANSPORT_monitor_peers (
-  const struct GNUNET_CONFIGURATION_Handle *cfg,
-  const struct GNUNET_PeerIdentity *peer,
-  int one_shot,
-  GNUNET_TRANSPORT_PeerIterateCallback peer_callback,
-  void *peer_callback_cls);
-/**
- * Cancel request to monitor peers
- *
- * @param pic handle for the request to cancel
- */
-void
-GNUNET_TRANSPORT_monitor_peers_cancel (
-  struct GNUNET_TRANSPORT_PeerMonitoringContext *pic);
-/* *********************** Blacklisting ************************ */
-/**
- * Handle for blacklisting peers.
- */
-struct GNUNET_TRANSPORT_Blacklist;
-/**
- * Function that decides if a connection is acceptable or not.
- *
- * @param cls closure
- * @param pid peer to approve or disapproave
- * @return #GNUNET_OK if the connection is allowed, #GNUNET_SYSERR if not
- */
-typedef int
-(*GNUNET_TRANSPORT_BlacklistCallback) (
-  void *cls,
-  const struct GNUNET_PeerIdentity *pid);
-/**
- * Install a blacklist callback.  The service will be queried for all
- * existing connections as well as any fresh connections to check if
- * they are permitted.  If the blacklisting callback is unregistered,
- * all hosts that were denied in the past will automatically be
- * whitelisted again.  Cancelling the blacklist handle is also the
- * only way to re-enable connections from peers that were previously
- * blacklisted.
- *
- * @param cfg configuration to use
- * @param cb callback to invoke to check if connections are allowed
- * @param cb_cls closure for @a cb
- * @return NULL on error, otherwise handle for cancellation
- */
-struct GNUNET_TRANSPORT_Blacklist *
-GNUNET_TRANSPORT_blacklist (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                            GNUNET_TRANSPORT_BlacklistCallback cb,
-                            void *cb_cls);
-/**
- * Abort the blacklist.  Note that this function is the only way for
- * removing a peer from the blacklist.
- *
- * @param br handle of the request that is to be cancelled
- */
-void
-GNUNET_TRANSPORT_blacklist_cancel (struct GNUNET_TRANSPORT_Blacklist *br);
-/**
- * Handle for a plugin session state monitor.
- */
-struct GNUNET_TRANSPORT_PluginMonitor;
-/**
- * Abstract representation of a plugin's session.
- * Corresponds to the `struct GNUNET_ATS_Session` within the TRANSPORT service.
- */
-struct GNUNET_TRANSPORT_PluginSession;
-/**
- * Possible states of a session in a plugin.
- */
-enum GNUNET_TRANSPORT_SessionState
-{
-  /**
-   * The session was created (first call for each session object).
-   */
-  GNUNET_TRANSPORT_SS_INIT,
-  /**
-   * Initial session handshake is in progress.
-   */
-  GNUNET_TRANSPORT_SS_HANDSHAKE,
-  /**
-   * Session is fully UP.
-   */
-  GNUNET_TRANSPORT_SS_UP,
-  /**
-   * This is just an update about the session,
-   * the state did not change.
-   */
-  GNUNET_TRANSPORT_SS_UPDATE,
-  /**
-   * Session is being torn down and about to disappear.
-   * Last call for each session object.
-   */
-  GNUNET_TRANSPORT_SS_DONE
-};
-/**
- * Information about a plugin's session.
- */
-struct GNUNET_TRANSPORT_SessionInfo
-{
-  /**
-   * New state of the session.
-   */
-  enum GNUNET_TRANSPORT_SessionState state;
-  /**
-   * #GNUNET_YES if this is an inbound connection,
-   * #GNUNET_NO if this is an outbound connection,
-   * #GNUNET_SYSERR if connections of this plugin
-   *             are so fundamentally bidirectional
-   *             that they have no 'initiator'
-   */
-  int is_inbound;
-  /**
-   * Number of messages pending transmission for this session.
-   */
-  uint32_t num_msg_pending;
-  /**
-   * Number of bytes pending transmission for this session.
-   */
-  uint32_t num_bytes_pending;
-  /**
-   * Until when does this plugin refuse to receive to manage
-   * staying within the inbound quota?  ZERO if receive is
-   * active.
-   */
-  struct GNUNET_TIME_Absolute receive_delay;
-  /**
-   * At what time will this session timeout (unless activity
-   * happens)?
-   */
-  struct GNUNET_TIME_Absolute session_timeout;
-  /**
-   * Address used by the session.  Can be NULL if none is available.
-   */
-  const struct GNUNET_HELLO_Address *address;
-};
-/**
- * Function called by the plugin with information about the
- * current sessions managed by the plugin (for monitoring).
- *
- * @param cls closure
- * @param session session handle this information is about,
- *        NULL to indicate that we are "in sync" (initial
- *        iteration complete)
- * @param session_ctx storage location where the application
- *        can store data; will point to NULL on #GNUNET_TRANSPORT_SS_INIT,
- *        and must be reset to NULL on #GNUNET_TRANSPORT_SS_DONE
- * @param info information about the state of the session,
- *        NULL if @a session is also NULL and we are
- *        merely signalling that the initial iteration is over;
- *        NULL with @a session being non-NULL if the monitor
- *        was being cancelled while sessions were active
- */
-typedef void
-(*GNUNET_TRANSPORT_SessionMonitorCallback) (
-  void *cls,
-  struct GNUNET_TRANSPORT_PluginSession *session,
-  void **session_ctx,
-  const struct GNUNET_TRANSPORT_SessionInfo *info);
-/**
- * Install a plugin session state monitor callback.  The callback
- * will be notified whenever the session changes.
- *
- * @param cfg configuration to use
- * @param cb callback to invoke on events
- * @param cb_cls closure for @a cb
- * @return NULL on error, otherwise handle for cancellation
- */
-struct GNUNET_TRANSPORT_PluginMonitor *
-GNUNET_TRANSPORT_monitor_plugins (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                                  GNUNET_TRANSPORT_SessionMonitorCallback cb,
-                                  void *cb_cls);
-/**
- * Cancel monitoring the plugin session state.  The callback will be
- * called once for each session that is up with the "info" argument
- * being NULL (this is just to enable client-side cleanup).
- *
- * @param pm handle of the request that is to be cancelled
- */
-void
-GNUNET_TRANSPORT_monitor_plugins_cancel (
-  struct GNUNET_TRANSPORT_PluginMonitor *pm);
-/**
- * Opaque handle to the service.
- */
-struct GNUNET_TRANSPORT_CoreHandle;
-/**
- * Function called to notify transport users that another
- * peer connected to us.
- *
- * @param cls closure
- * @param peer the identity of the peer that connected; this
- *        pointer will remain valid until the disconnect, hence
- *        applications do not necessarily have to make a copy
- *        of the value if they only need it until disconnect
- * @param mq message queue to use to transmit to @a peer
- * @return closure to use in MQ handlers
- */
-typedef void *
-(*GNUNET_TRANSPORT_NotifyConnect) (
-  void *cls,
-  const struct GNUNET_PeerIdentity *peer,
-  struct GNUNET_MQ_Handle *mq);
-/**
- * Function called to notify transport users that another peer
- * disconnected from us.  The message queue that was given to the
- * connect notification will be destroyed and must not be used
- * henceforth.
- *
- * @param cls closure from #GNUNET_TRANSPORT_core_connect
- * @param peer the peer that disconnected
- * @param handlers_cls closure of the handlers, was returned from the
- *                    connect notification callback
- */
-typedef void
-(*GNUNET_TRANSPORT_NotifyDisconnect) (
-  void *cls,
-  const struct GNUNET_PeerIdentity *peer,
-  void *handler_cls);
-/**
- * Function called if we have "excess" bandwidth to a peer.
- * The notification will happen the first time we have excess
- * bandwidth, and then only again after the client has performed
- * some transmission to the peer.
- *
- * Excess bandwidth is defined as being allowed (by ATS) to send
- * more data, and us reaching the limit of the capacity build-up
- * (which, if we go past it, means we don't use available bandwidth).
- * See also the "max carry" in `struct GNUNET_BANDWIDTH_Tracker`.
- *
- * @param cls the closure
- * @param neighbour peer that we have excess bandwidth to
- * @param handlers_cls closure of the handlers, was returned from the
- *                    connect notification callback
- */
-typedef void
-(*GNUNET_TRANSPORT_NotifyExcessBandwidth) (
-  void *cls,
-  const struct GNUNET_PeerIdentity *neighbour,
-  void *handlers_cls);
-/**
- * Connect to the transport service.  Note that the connection may
- * complete (or fail) asynchronously.
- *
- * @param cfg configuration to use
- * @param self our own identity (API should check that it matches
- *             the identity found by transport), or NULL (no check)
- * @param handlers array of message handlers; note that the
- *                 closures provided will be ignored and replaced
- *                 with the respective return value from @a nc
- * @param handlers array with handlers to call when we receive messages, or NULL
- * @param cls closure for the @a nc, @a nd and @a neb callbacks
- * @param nc function to call on connect events, or NULL
- * @param nd function to call on disconnect events, or NULL
- * @param neb function to call if we have excess bandwidth to a peer, or NULL
- * @return NULL on error
- */
-struct GNUNET_TRANSPORT_CoreHandle *
-GNUNET_TRANSPORT_core_connect (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                               const struct GNUNET_PeerIdentity *self,
-                               const struct GNUNET_MQ_MessageHandler *handlers,
-                               void *cls,
-                               GNUNET_TRANSPORT_NotifyConnect nc,
-                               GNUNET_TRANSPORT_NotifyDisconnect nd,
-                               GNUNET_TRANSPORT_NotifyExcessBandwidth neb);
-/**
- * Disconnect from the transport service.
- *
- * @param handle handle returned from connect
- */
-void
-GNUNET_TRANSPORT_core_disconnect (struct GNUNET_TRANSPORT_CoreHandle *handle);
-/**
- * Checks if a given peer is connected to us and get the message queue.
- *
- * @param handle connection to transport service
- * @param peer the peer to check
- * @return NULL if disconnected, otherwise message queue for @a peer
- */
-struct GNUNET_MQ_Handle *
-GNUNET_TRANSPORT_core_get_mq (struct GNUNET_TRANSPORT_CoreHandle *handle,
-                              const struct GNUNET_PeerIdentity *peer);
-#if 0 /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-/* ifndef GNUNET_TRANSPORT_SERVICE_H */
-#endif
-/** @} */ /* end of group */
-/** @} */ /* end of group addition */
-/* end of gnunet_transport_service.h */
diff --git a/src/include/gnunet_transport_testing_ng_lib.h b/src/include/gnunet_transport_testing_ng_lib.h
new file mode 100644
index 000000000..72ec11eaf
--- /dev/null
+++ b/src/include/gnunet_transport_testing_ng_lib.h
@@ -0,0 +1,81 @@
+/*
+      This file is part of GNUnet
+      Copyright (C) 2021-2023 GNUnet e.V.
+      GNUnet is free software: you can redistribute it and/or modify it
+      under the terms of the GNU Affero General Public License as published
+      by the Free Software Foundation, either version 3 of the License,
+      or (at your option) any later version.
+      GNUnet is distributed in the hope that it will be useful, but
+      WITHOUT ANY WARRANTY; without even the implied warranty of
+      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+      Affero General Public License for more details.
+      You should have received a copy of the GNU Affero General Public License
+      along with this program.  If not, see <http://www.gnu.org/licenses/>.
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+/**
+ * @brief API for cmds working with transport sub system.
+ * @author t3sserakt
+ */
+#ifndef GNUNET_TRANSPORT_TESTING_NG_LIB_H
+#define GNUNET_TRANSPORT_TESTING_NG_LIB_H
+#include "gnunet_util_lib.h"
+#include "gnunet_testing_lib.h"
+/**
+ * Create command.
+ *
+ * @param label name for command.
+ * @param system_label Label of the cmd to setup a test environment.
+ * @param no Decimal number representing the last byte of the IP address of this peer.
+ * @param node_ip The IP address of this node.
+ * @param cfgname Configuration file name for this peer.
+ * @param broadcast Flag indicating, if broadcast should be switched on.
+ * @return command.
+ */
+struct GNUNET_TESTING_Command
+GNUNET_TESTING_cmd_start_peer (const char *label,
+                               const char *system_label,
+                               uint32_t no,
+                               const char *node_ip,
+                               const char *cfgname,
+                               unsigned int broadcast);
+struct GNUNET_TESTING_Command
+GNUNET_TESTING_cmd_stop_peer (const char *label,
+                                const char *start_label);
+/**
+ * Create command
+ *
+ * @param label name for command
+ * @param start_peer_label Label of the cmd to start a peer.
+ * @param create_label Label of the cmd which started the test system.
+ * @param num Number globally identifying the node.
+ * @param topology The topology for the test setup.
+ * @param additional_connects Number of additional connects this cmd will wait for not triggered by this cmd.
+ * @return command.
+ */
+struct GNUNET_TESTING_Command
+GNUNET_CORE_cmd_connect_peers (
+  const char *label,
+  const char *start_peer_label,
+  const char *create_label,
+  uint32_t num,
+  struct GNUNET_TESTING_NetjailTopology *topology,
+  unsigned int additional_connects,
+  unsigned int wait_for_connect,
+  struct GNUNET_MQ_MessageHandler *handlers);
+#endif
diff --git a/src/include/gnunet_util_lib.h b/src/include/gnunet_util_lib.h
index c8737dc60..ee850bc3c 100644
--- a/src/include/gnunet_util_lib.h
+++ b/src/include/gnunet_util_lib.h
@@ -77,6 +77,7 @@ extern "C"
 #include "gnunet_helper_lib.h"
 #include "gnunet_mst_lib.h"
 #include "gnunet_mq_lib.h"
+#include "gnunet_nt_lib.h"
 #include "gnunet_nc_lib.h"
 #include "gnunet_op_lib.h"
 #include "gnunet_os_lib.h"
diff --git a/src/include/meson.build b/src/include/meson.build
new file mode 100644
index 000000000..57216c178
--- /dev/null
+++ b/src/include/meson.build
@@ -0,0 +1,123 @@
+configure_file(
+  input : 'gnunet_config.h.in',
+  output : 'gnunet_config.h',
+  configuration : cdata,
+  install: true,
+  install_dir: get_option('includedir')/'gnunet'
+)
+install_headers(
+  'gettext.h',
+  'compat.h',
+  'gnunet_abd_service.h',
+  'gnunet_applications.h',
+  'gnunet_arm_service.h',
+  'gnunet_bandwidth_lib.h',
+  'gnunet_bio_lib.h',
+  'gnunet_dht_block_types.h',
+  'gnunet_block_lib.h',
+  'gnunet_block_group_lib.h',
+  'gnunet_block_plugin.h',
+  'gnunet_buffer_lib.h',
+  'gnunet_child_management_lib.h',
+  'gnunet_client_lib.h',
+  'gnunet_common.h',
+  'gnunet_constants.h',
+  'gnunet_configuration_lib.h',
+  'gnunet_consensus_service.h',
+  'gnunet_container_lib.h',
+  'gnunet_conversation_service.h',
+  'gnunet_core_service.h',
+  'gnunet_crypto_lib.h',
+  'gnunet_curl_lib.h',
+  'gnunet_datacache_lib.h',
+  'gnunet_datacache_plugin.h',
+  'gnunet_datastore_service.h',
+  'gnunet_datastore_plugin.h',
+  'gnunet_db_lib.h',
+  'gnunet_dht_service.h',
+  'gnunet_dhtu_plugin.h',
+  'gnunet_disk_lib.h',
+  'gnunet_dnsparser_lib.h',
+  'gnunet_dnsstub_lib.h',
+  'gnunet_dns_service.h',
+  'gnunet_error_codes.h',
+  'gnunet_fs_service.h',
+  'gnunet_getopt_lib.h',
+  'gnunet_gns_service.h',
+  'gnunet_gnsrecord_lib.h',
+  'gnunet_gnsrecord_json_lib.h',
+  'gnunet_gnsrecord_plugin.h',
+  'gnu_name_system_record_types.h',
+  'gnunet_hello_uri_lib.h',
+  'gnunet_helper_lib.h',
+  'gnunet_identity_service.h',
+  'gnunet_reclaim_lib.h',
+  'gnunet_reclaim_plugin.h',
+  'gnunet_reclaim_service.h',
+  'gnunet_json_lib.h',
+  'gnunet_load_lib.h',
+  'gnunet_cadet_service.h',
+  'gnunet_messenger_service.h',
+  'gnunet_mhd_compat.h',
+  'gnunet_microphone_lib.h',
+  'gnunet_mst_lib.h',
+  'gnunet_mq_lib.h',
+  'gnunet_namecache_plugin.h',
+  'gnunet_namecache_service.h',
+  'gnunet_namestore_plugin.h',
+  'gnunet_namestore_service.h',
+  'gnunet_nat_auto_service.h',
+  'gnunet_nat_service.h',
+  'gnunet_nc_lib.h',
+  'gnunet_network_lib.h',
+  'gnunet_nse_service.h',
+  'gnunet_nt_lib.h',
+  'gnunet_op_lib.h',
+  'gnunet_os_lib.h',
+  'gnunet_peer_lib.h',
+  'gnunet_peerinfo_service.h',
+  'gnunet_peerstore_plugin.h',
+  'gnunet_peerstore_service.h',
+  'gnunet_plugin_lib.h',
+  'gnunet_pq_lib.h',
+  'gnunet_program_lib.h',
+  'gnunet_protocols.h',
+  'gnunet_resolver_service.h',
+  'gnunet_regex_service.h',
+  'gnunet_rest_lib.h',
+  'gnunet_rest_plugin.h',
+  'gnunet_rps_service.h',
+  'gnunet_revocation_service.h',
+  'gnunet_scalarproduct_service.h',
+  'gnunet_scheduler_lib.h',
+  'gnunet_secretsharing_service.h',
+  'gnunet_service_lib.h',
+  'gnunet_set_service.h',
+  'gnunet_seti_service.h',
+  'gnunet_setu_service.h',
+  'gnunet_signal_lib.h',
+  'gnunet_signatures.h',
+  'gnunet_socks.h',
+  'gnunet_speaker_lib.h',
+  'gnunet_sq_lib.h',
+  'gnunet_statistics_service.h',
+  'gnunet_strings_lib.h',
+  'gnunet_testbed_service.h',
+  'gnunet_testbed_logger_service.h',
+  'gnunet_testing_barrier.h',
+  'gnunet_testing_lib.h',
+  'gnunet_testing_plugin.h',
+  'gnunet_testing_ng_lib.h',
+  'gnunet_testing_netjail_lib.h',
+  'gnunet_time_lib.h',
+  'gnunet_transport_application_service.h',
+  'gnunet_transport_communication_service.h',
+  'gnunet_transport_core_service.h',
+  'gnunet_transport_monitor_service.h',
+  'gnunet_tun_lib.h',
+  'gnunet_uri_lib.h',
+  'gnunet_util_lib.h',
+  'gnunet_vpn_service.h',
+  install_dir: get_option('includedir')/'gnunet'
+  )
author	TheJackiMonster <thejackimonster@gmail.com>	2023-11-14 17:51:34 +0100
committer	TheJackiMonster <thejackimonster@gmail.com>	2023-11-14 17:51:34 +0100
commit	b8672206edfb2047132311b9a3ab3a0138bdc422 (patch)
tree	3c9361a0ba00b5f1d4944fec66cbc9a266d31ca9 /src/include
parent	34587531b0ed15bbc8d73d21123101b7ca482389 (diff)
parent	8e8c3f1e1c8c81a269c57e635153ec22fbfe216e (diff)
download	gnunet-b8672206edfb2047132311b9a3ab3a0138bdc422.tar.gz gnunet-b8672206edfb2047132311b9a3ab3a0138bdc422.zip