Merge pull request #729 from tendermint/release/0.11.1

Release/0.11.1
fix version
2025-07-22 15:51:57 +00:00 · 2017-10-10 18:50:15 -04:00 · 2017-10-10 18:49:08 -04:00 · 2017-10-10 11:10:48 -04:00 · 2017-10-10 11:08:14 -04:00 · 2017-10-10 10:53:21 -04:00
216 changed files with 8729 additions and 4172 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -0,0 +1,5 @@
+# CODEOWNERS: https://help.github.com/articles/about-codeowners/
+
+# Everything goes through Bucky. For now.
+*       @ebuchman
+
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,5 @@ test/p2p/data/
 test/logs
 .glide
 coverage.txt
+docs/_build
+docs/tools
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,83 @@
 # Changelog

+## Roadmap
+
+BREAKING CHANGES:
+- Upgrade the header to support better proofs on validtors, results, evidence, and possibly more
+- Better support for injecting randomness
+- Pass evidence/voteInfo through ABCI
+- Upgrade consensus for more real-time use of evidence
+
+FEATURES:
+- Peer reputation management
+- Use the chain as its own CA for nodes and validators
+- Tooling to run multiple blockchains/apps, possibly in a single process
+- State syncing (without transaction replay)
+- Improved support for querying history and state
+- Add authentication and rate-limitting to the RPC
+
+IMPROVEMENTS:
+- Improve subtleties around mempool caching and logic
+- Consensus optimizations:
+	- cache block parts for faster agreement after round changes
+	- propagate block parts rarest first
+- Better testing of the consensus state machine (ie. use a DSL)
+- Auto compiled serialization/deserialization code instead of go-wire reflection
+
+BUG FIXES:
+- Graceful handling/recovery for apps that have non-determinism or fail to halt
+- Graceful handling/recovery for violations of safety, or liveness
+
+## 0.11.1 (October 10, 2017)
+
+IMPROVEMENTS:
+ - blockchain/reactor: respondWithNoResponseMessage for missing height
+
+BUG FIXES:
+ - rpc: fixed client WebSocket timeout
+ - rpc: client now resubscribes on reconnection
+ - rpc: fix panics on missing params
+ - rpc: fix `/dump_consensus_state` to have normal json output (NOTE: technically breaking, but worth a bug fix label)
+ - types: fixed out of range error in VoteSet.addVote
+ - consensus: fix wal autofile via https://github.com/tendermint/tmlibs/blob/master/CHANGELOG.md#032-october-2-2017
+
+## 0.11.0 (September 22, 2017)
+
+BREAKING:
+ - genesis file: validator `amount` is now `power`
+ - abci: Info, BeginBlock, InitChain all take structs
+ - rpc: various changes to match JSONRPC spec (http://www.jsonrpc.org/specification), including breaking ones:
+    - requests that previously returned HTTP code 4XX now return 200 with an error code in the JSONRPC.
+    - `rpctypes.RPCResponse` uses new `RPCError` type instead of `string`.
+
+ - cmd: if there is no genesis, exit immediately instead of waiting around for one to show.
+ - types: `Signer.Sign` returns an error.
+ - state: every validator set change is persisted to disk, which required some changes to the `State` structure.
+ - p2p: new `p2p.Peer` interface used for all reactor methods (instead of `*p2p.Peer` struct).
+
+FEATURES:
+ - rpc: `/validators?height=X` allows querying of validators at previous heights.
+ - rpc: Leaving the `height` param empty for `/block`, `/validators`, and `/commit` will return the value for the latest height.
+
+IMPROVEMENTS:
+ - docs: Moved all docs from the website and tools repo in, converted to `.rst`, and cleaned up for presentation on `tendermint.readthedocs.io`
+
+BUG FIXES:
+ - fix WAL openning issue on Windows
+
+## 0.10.4 (September 5, 2017)
+
+IMPROVEMENTS:
+- docs: Added Slate docs to each rpc function (see rpc/core)
+- docs: Ported all website docs to Read The Docs
+- config: expose some p2p params to tweak performance: RecvRate, SendRate, and MaxMsgPacketPayloadSize
+- rpc: Upgrade the websocket client and server, including improved auto reconnect, and proper ping/pong
+
+BUG FIXES:
+- consensus: fix panic on getVoteBitArray
+- consensus: hang instead of panicking on byzantine consensus failures
+- cmd: dont load config for version command
+
 ## 0.10.3 (August 10, 2017)

 FEATURES:
@@ -31,7 +109,7 @@ IMPROVEMENTS:

 FEATURES:
 - Use `--trace` to get stack traces for logged errors
- types: GenesisDoc.ValidatorHash returns the hash of the genesis validator set 
+- types: GenesisDoc.ValidatorHash returns the hash of the genesis validator set
 - types: GenesisDocFromFile parses a GenesiDoc from a JSON file

 IMPROVEMENTS:
@@ -55,7 +133,7 @@ Also includes the Grand Repo-Merge of 2017.
 BREAKING CHANGES:

 - Config and Flags:
-  - The `config` map is replaced with a [`Config` struct](https://github.com/tendermint/tendermint/blob/master/config/config.go#L11), 
+  - The `config` map is replaced with a [`Config` struct](https://github.com/tendermint/tendermint/blob/master/config/config.go#L11),
 containing substructs: `BaseConfig`, `P2PConfig`, `MempoolConfig`, `ConsensusConfig`, `RPCConfig`
  - This affects the following flags:
    - `--seeds` is now `--p2p.seeds`
@@ -68,16 +146,16 @@ containing substructs: `BaseConfig`, `P2PConfig`, `MempoolConfig`, `ConsensusCon
    ```
    [p2p]
    laddr="tcp://1.2.3.4:46656"
-    
+
    [consensus]
    timeout_propose=1000
    ```
  - Use viper and `DefaultConfig() / TestConfig()` functions to handle defaults, and remove `config/tendermint` and `config/tendermint_test`
-  - Change some function and method signatures to 
+  - Change some function and method signatures to
  - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) accomodate new config

 - Logger
-  - Replace static `log15` logger with a simple interface, and provide a new implementation using `go-kit`. 
+  - Replace static `log15` logger with a simple interface, and provide a new implementation using `go-kit`.
 See our new [logging library](https://github.com/tendermint/tmlibs/log) and [blog post](https://tendermint.com/blog/abstracting-the-logger-interface-in-go) for more details
  - Levels `warn` and `notice` are removed (you may need to change them in your `config.toml`!)
  - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) to accept a logger
@@ -120,7 +198,7 @@ IMPROVEMENTS:
 - Limit `/blockchain_info` call to return a maximum of 20 blocks
 - Use `.Wrap()` and `.Unwrap()` instead of eg. `PubKeyS` for `go-crypto` types
 - RPC JSON responses use pretty printing (via `json.MarshalIndent`)
- Color code different instances of the consensus for tests 
+- Color code different instances of the consensus for tests
 - Isolate viper to `cmd/tendermint/commands` and do not read config from file for tests


@@ -148,7 +226,7 @@ IMPROVEMENTS:
 - WAL uses #ENDHEIGHT instead of #HEIGHT (#HEIGHT will stop working in 0.10.0)
 - Peers included via `--seeds`, under `seeds` in the config, or in `/dial_seeds` are now persistent, and will be reconnected to if the connection breaks

-BUG FIXES: 
+BUG FIXES:

 - Fix bug in fast-sync where we stop syncing after a peer is removed, even if they're re-added later
 - Fix handshake replay to handle validator set changes and results of DeliverTx when we crash after app.Commit but before state.Save()
@@ -164,7 +242,7 @@ message RequestQuery{
 	bytes data = 1;
 	string path = 2;
 	uint64 height = 3;
-	bool prove = 4; 
+	bool prove = 4;
 }

 message ResponseQuery{
@@ -188,7 +266,7 @@ type BlockMeta struct {
 }
 ```

- `ValidatorSet.Proposer` is exposed as a field and persisted with the `State`. Use `GetProposer()` to initialize or update after validator-set changes. 
+- `ValidatorSet.Proposer` is exposed as a field and persisted with the `State`. Use `GetProposer()` to initialize or update after validator-set changes.

 - `tendermint gen_validator` command output is now pure JSON

@@ -231,7 +309,7 @@ type BlockID struct {
 }
 ```

- `Vote` data type now includes validator address and index: 
+- `Vote` data type now includes validator address and index:

 ```
 type Vote struct {
@@ -251,7 +329,7 @@ type Vote struct {

 FEATURES:

- New message type on the ConsensusReactor, `Maj23Msg`, for peers to alert others they've seen a Maj23, 
+- New message type on the ConsensusReactor, `Maj23Msg`, for peers to alert others they've seen a Maj23,
 in order to track and handle conflicting votes intelligently to prevent Byzantine faults from causing halts:

 ```
@@ -274,7 +352,7 @@ IMPROVEMENTS:
 - Less verbose logging
 - Better test coverage (37% -> 49%)
 - Canonical SignBytes for signable types
- Write-Ahead Log for Mempool and Consensus via tmlibs/autofile 
+- Write-Ahead Log for Mempool and Consensus via tmlibs/autofile
 - Better in-process testing for the consensus reactor and byzantine faults
 - Better crash/restart testing for individual nodes at preset failure points, and of networks at arbitrary points
 - Better abstraction over timeout mechanics
@@ -354,7 +432,7 @@ FEATURES:
 - TMSP and RPC support TCP and UNIX sockets
 - Addition config options including block size and consensus parameters
 - New WAL mode `cswal_light`; logs only the validator's own votes
- New RPC endpoints: 
+- New RPC endpoints:
 	- for starting/stopping profilers, and for updating config
 	- `/broadcast_tx_commit`, returns when tx is included in a block, else an error
 	- `/unsafe_flush_mempool`, empties the mempool
@@ -375,14 +453,14 @@ BUG FIXES:

 Strict versioning only began with the release of v0.7.0, in late summer 2016.
 The project itself began in early summer 2014 and was workable decentralized cryptocurrency software by the end of that year.
-Through the course of 2015, in collaboration with Eris Industries (now Monax Indsutries), 
+Through the course of 2015, in collaboration with Eris Industries (now Monax Indsutries),
 many additional features were integrated, including an implementation from scratch of the Ethereum Virtual Machine.
 That implementation now forms the heart of [Burrow](https://github.com/hyperledger/burrow).
 In the later half of 2015, the consensus algorithm was upgraded with a more asynchronous design and a more deterministic and robust implementation.

-By late 2015, frustration with the difficulty of forking a large monolithic stack to create alternative cryptocurrency designs led to the 
+By late 2015, frustration with the difficulty of forking a large monolithic stack to create alternative cryptocurrency designs led to the
 invention of the Application Blockchain Interface (ABCI), then called the Tendermint Socket Protocol (TMSP).
 The Ethereum Virtual Machine and various other transaction features were removed, and Tendermint was whittled down to a core consensus engine
-driving an application running in another process. 
+driving an application running in another process.
 The ABCI interface and implementation were iterated on and improved over the course of 2016,
 until versioned history kicked in with v0.7.0.
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,6 +1,6 @@
 # Contributing

-Thank you for considering making contributions to Tendermint and related repositories (Basecoin, Merkleeyes, etc.)!
+Thank you for considering making contributions to Tendermint and related repositories! Start by taking a look at the [coding repo](https://github.com/tendermint/coding) for overall information on repository workflow and standards.

 Please follow standard github best practices: fork the repo, branch from the tip of develop, make some commits, and submit a pull request to develop. See the [open issues](https://github.com/tendermint/tendermint/issues) for things we need help with!

--- a/DOCKER/Dockerfile
+++ b/DOCKER/Dockerfile
@@ -1,8 +1,8 @@
 FROM alpine:3.6

 # This is the release of tendermint to pull in.
-ENV TM_VERSION 0.10.0
-ENV TM_SHA256SUM a29852b8d51c00db93c87c3d148fa419a047abd38f32b2507a905805131acc19
+ENV TM_VERSION 0.11.0
+ENV TM_SHA256SUM 7e443bac4d42f12e7beaf9cee63b4a565dad8c58895291fdedde8057088b70c5

 # Tendermint will be looking for genesis file in /tendermint (unless you change
 # `genesis_file` in config.toml). You can put your config.toml and private
--- a/DOCKER/README.md
+++ b/DOCKER/README.md
@@ -1,6 +1,7 @@
 # Supported tags and respective `Dockerfile` links

- `0.10.0`, `latest` [(Dockerfile)](https://github.com/tendermint/tendermint/blob/e5342f4054ab784b2cd6150e14f01053d7c8deb2/DOCKER/Dockerfile)
+- `0.11.0`, `latest` [(Dockerfile)](https://github.com/tendermint/tendermint/blob/9177cc1f64ca88a4a0243c5d1773d10fba67e201/DOCKER/Dockerfile)
+- `0.10.0` [(Dockerfile)](https://github.com/tendermint/tendermint/blob/e5342f4054ab784b2cd6150e14f01053d7c8deb2/DOCKER/Dockerfile)
 - `0.9.1`, `0.9`, [(Dockerfile)](https://github.com/tendermint/tendermint/blob/809e0e8c5933604ba8b2d096803ada7c5ec4dfd3/DOCKER/Dockerfile)
 - `0.9.0` [(Dockerfile)](https://github.com/tendermint/tendermint/blob/d474baeeea6c22b289e7402449572f7c89ee21da/DOCKER/Dockerfile)
 - `0.8.0`, `0.8` [(Dockerfile)](https://github.com/tendermint/tendermint/blob/bf64dd21fdb193e54d8addaaaa2ecf7ac371de8c/DOCKER/Dockerfile)
@@ -8,13 +9,24 @@

 `develop` tag points to the [develop](https://github.com/tendermint/tendermint/tree/develop) branch.

+# Quick reference
+
+* **Where to get help:**
+  [Chat on Rocket](https://cosmos.rocket.chat/)
+
+* **Where to file issues:**
+  https://github.com/tendermint/tendermint/issues
+
+* **Supported Docker versions:**
+  [the latest release](https://github.com/moby/moby/releases) (down to 1.6 on a best-effort basis)
+
 # Tendermint

 Tendermint Core is Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine, written in any programming language, and securely replicates it on many machines.

-For more background, see the [introduction](https://tendermint.com/intro).
+For more background, see the [introduction](https://tendermint.readthedocs.io/en/master/introduction.html).

-To get started developing applications, see the [application developers guide](https://tendermint.com/docs/guides/app-development).
+To get started developing applications, see the [application developers guide](https://tendermint.readthedocs.io/en/master/getting-started.html).

 # How to use this image

@@ -31,26 +43,12 @@ docker run -it --rm -v "/tmp:/tendermint" tendermint/tendermint node --proxy_app

 If you want to see many containers talking to each other, consider using [mintnet-kubernetes](https://github.com/tendermint/tools/tree/master/mintnet-kubernetes), which is a tool for running Tendermint-based applications on a Kubernetes cluster.

-# Supported Docker versions
-
-This image is officially supported on Docker version 1.13.1.
-
-Support for older versions (down to 1.6) is provided on a best-effort basis.
-
-Please see [the Docker installation documentation](https://docs.docker.com/installation/) for details on how to upgrade your Docker daemon.
-
 # License

 View [license information](https://raw.githubusercontent.com/tendermint/tendermint/master/LICENSE) for the software contained in this image.

 # User Feedback

-## Issues
-
-If you have any problems with or questions about this image, please contact us through a [GitHub](https://github.com/tendermint/tendermint/issues) issue. If the issue is related to a CVE, please check for [a `cve-tracker` issue on the `official-images` repository](https://github.com/docker-library/official-images/issues?q=label%3Acve-tracker) first.
-
-You can also reach the image maintainers via [Slack](http://forum.tendermint.com:3000/).
-
 ## Contributing

 You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.
--- a/2
+++ b/2
@@ -1,7 +1,7 @@
 GOTOOLS = \
 					github.com/mitchellh/gox \
+					github.com/tcnksm/ghr \
 					github.com/Masterminds/glide \
-					honnef.co/go/tools/cmd/megacheck

 PACKAGES=$(shell go list ./... | grep -v '/vendor/')
 BUILD_TAGS?=tendermint
--- a/README.md
+++ b/README.md
@@ -8,27 +8,22 @@ Or [Blockchain](https://en.wikipedia.org/wiki/Blockchain_(database)) for short.
 [![API Reference](
 https://camo.githubusercontent.com/915b7be44ada53c290eb157634330494ebe3e30a/68747470733a2f2f676f646f632e6f72672f6769746875622e636f6d2f676f6c616e672f6764646f3f7374617475732e737667
 )](https://godoc.org/github.com/tendermint/tendermint)
-[![chat](https://img.shields.io/badge/slack-join%20chat-pink.svg)](http://forum.tendermint.com:3000/)
+[![Rocket.Chat](https://demo.rocket.chat/images/join-chat.svg)](https://cosmos.rocket.chat/)
 [![license](https://img.shields.io/github/license/tendermint/tendermint.svg)](https://github.com/tendermint/tendermint/blob/master/LICENSE)
 [![](https://tokei.rs/b1/github/tendermint/tendermint?category=lines)](https://github.com/tendermint/tendermint)


-Branch    | Tests | Coverage | Report Card
----------|-------|----------|-------------
-develop   | [![CircleCI](https://circleci.com/gh/tendermint/tendermint/tree/develop.svg?style=shield)](https://circleci.com/gh/tendermint/tendermint/tree/develop) | [![codecov](https://codecov.io/gh/tendermint/tendermint/branch/develop/graph/badge.svg)](https://codecov.io/gh/tendermint/tendermint) | [![Go Report Card](https://goreportcard.com/badge/github.com/tendermint/tendermint/tree/develop)](https://goreportcard.com/report/github.com/tendermint/tendermint/tree/develop)
-master    | [![CircleCI](https://circleci.com/gh/tendermint/tendermint/tree/master.svg?style=shield)](https://circleci.com/gh/tendermint/tendermint/tree/master) | [![codecov](https://codecov.io/gh/tendermint/tendermint/branch/master/graph/badge.svg)](https://codecov.io/gh/tendermint/tendermint) | [![Go Report Card](https://goreportcard.com/badge/github.com/tendermint/tendermint/tree/master)](https://goreportcard.com/report/github.com/tendermint/tendermint/tree/master)
+Branch    | Tests | Coverage
+----------|-------|----------
+master    | [![CircleCI](https://circleci.com/gh/tendermint/tendermint/tree/master.svg?style=shield)](https://circleci.com/gh/tendermint/tendermint/tree/master) | [![codecov](https://codecov.io/gh/tendermint/tendermint/branch/master/graph/badge.svg)](https://codecov.io/gh/tendermint/tendermint)
+develop   | [![CircleCI](https://circleci.com/gh/tendermint/tendermint/tree/develop.svg?style=shield)](https://circleci.com/gh/tendermint/tendermint/tree/develop) | [![codecov](https://codecov.io/gh/tendermint/tendermint/branch/develop/graph/badge.svg)](https://codecov.io/gh/tendermint/tendermint)

 _NOTE: This is alpha software. Please contact us if you intend to run it in production._

-Tendermint Core is Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine, written in any programming language,
+Tendermint Core is Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language -
 and securely replicates it on many machines.

-For more background, see the [introduction](https://tendermint.com/intro).
-
-To get started developing applications, see the [application developers guide](https://tendermint.com/docs/guides/app-development).
-
-### Code of Conduct
-Please read, understand and adhere to our [code of conduct](CODE_OF_CONDUCT.md).
+For more information, from introduction to install to application development, [Read The Docs](http://tendermint.readthedocs.io/projects/tools/en/master).

 ## Install

@@ -38,39 +33,73 @@ To install from source, you should be able to:

 `go get -u github.com/tendermint/tendermint/cmd/tendermint`

-For more details (or if it fails), see the [install guide](https://tendermint.com/docs/guides/install-from-source).
-
-## Contributing
-
-Yay open source! Please see our [contributing guidelines](CONTRIBUTING.md).
+For more details (or if it fails), [read the docs](http://tendermint.readthedocs.io/projects/tools/en/master/install.html).

 ## Resources

 ### Tendermint Core

- [Introduction](https://tendermint.com/intro)
- [Docs](https://tendermint.com/docs)
- [Software using Tendermint](https://tendermint.com/ecosystem)
+All resources involving the use of, building application on, or developing for, tendermint, can be found at [Read The Docs](http://tendermint.readthedocs.io/projects/tools/en/master). Additional information about some - and eventually all - of the sub-projects below, can be found at Read The Docs.

 ### Sub-projects

 * [ABCI](http://github.com/tendermint/abci), the Application Blockchain Interface
 * [Go-Wire](http://github.com/tendermint/go-wire), a deterministic serialization library
 * [Go-Crypto](http://github.com/tendermint/go-crypto), an elliptic curve cryptography library
-* [TmLibs](http://github.com/tendermint/tmlibs), an assortment of Go libraries
-* [Merkleeyes](http://github.com/tendermint/merkleeyes), a balanced, binary Merkle tree for ABCI apps
+* [TmLibs](http://github.com/tendermint/tmlibs), an assortment of Go libraries used internally
+* [IAVL](http://github.com/tendermint/iavl), Merkleized IAVL+ Tree implementation

 ### Tools
-* [Deployment, Benchmarking, and Monitoring](https://github.com/tendermint/tools)
+* [Deployment, Benchmarking, and Monitoring](http://tendermint.readthedocs.io/projects/tools/en/develop/index.html#tendermint-tools)

 ### Applications

-* [Ethermint](http://github.com/tendermint/ethermint): Ethereum on Tendermint
-* [Basecoin](http://github.com/tendermint/basecoin), a cryptocurrency application framework
+* [Ethermint](http://github.com/tendermint/ethermint); Ethereum on Tendermint
+* [Cosmos SDK](http://github.com/cosmos/cosmos-sdk); a cryptocurrency application framework
+* [Many more](https://tendermint.readthedocs.io/en/master/ecosystem.html#abci-applications)

 ### More

+* [Master's Thesis on Tendermint](https://atrium.lib.uoguelph.ca/xmlui/handle/10214/9769)
+* [Original Whitepaper](https://tendermint.com/static/docs/tendermint.pdf)
 * [Tendermint Blog](https://blog.cosmos.network/tendermint/home)
 * [Cosmos Blog](https://blog.cosmos.network)
-* [Original Whitepaper (out-of-date)](http://www.the-blockchain.com/docs/Tendermint%20Consensus%20without%20Mining.pdf)
-* [Master's Thesis on Tendermint](https://atrium.lib.uoguelph.ca/xmlui/handle/10214/9769)
+
+## Contributing
+
+Yay open source! Please see our [contributing guidelines](CONTRIBUTING.md).
+
+## Versioning
+
+### SemVer
+
+Tendermint uses [SemVer](http://semver.org/) to determine when and how the version changes.
+According to SemVer, anything in the public API can change at any time before version 1.0.0
+
+To provide some stability to Tendermint users in these 0.X.X days, the MINOR version is used
+to signal breaking changes across a subset of the total public API. This subset includes all
+interfaces exposed to other processes (cli, rpc, p2p, etc.), as well as parts of the following packages:
+
+- types
+- rpc/client
+- config
+- node
+
+Exported objects in these packages that are not covered by the versioning scheme
+are explicitly marked by `// UNSTABLE` in their go doc comment and may change at any time.
+Functions, types, and values in any other package may also change at any time.
+
+### Upgrades
+
+In an effort to avoid accumulating technical debt prior to 1.0.0,
+we do not guarantee that breaking changes (ie. bumps in the MINOR version)
+will work with existing tendermint blockchains. In these cases you will
+have to start a new blockchain, or write something custom to get the old
+data into the new chain.
+
+However, any bump in the PATCH version should be compatible with existing histories
+(if not please open an [issue](https://github.com/tendermint/tendermint/issues)).
+
+## Code of Conduct
+
+Please read, understand and adhere to our [code of conduct](CODE_OF_CONDUCT.md).
--- a/6
+++ b/6
@@ -17,11 +17,11 @@ Vagrant.configure("2") do |config|
    usermod -a -G docker vagrant
    apt-get autoremove -y

-    curl -O https://storage.googleapis.com/golang/go1.8.linux-amd64.tar.gz
-    tar -xvf go1.8.linux-amd64.tar.gz
+    curl -O https://storage.googleapis.com/golang/go1.9.linux-amd64.tar.gz
+    tar -xvf go1.9.linux-amd64.tar.gz
    rm -rf /usr/local/go
    mv go /usr/local
-    rm -f go1.8.linux-amd64.tar.gz
+    rm -f go1.9.linux-amd64.tar.gz
    mkdir -p /home/vagrant/go/bin
    echo 'export PATH=$PATH:/usr/local/go/bin:/home/vagrant/go/bin' >> /home/vagrant/.bash_profile
    echo 'export GOPATH=/home/vagrant/go' >> /home/vagrant/.bash_profile
--- a/benchmarks/map_test.go
+++ b/benchmarks/map_test.go
@@ -1,8 +1,9 @@
 package benchmarks

 import (
-	. "github.com/tendermint/tmlibs/common"
 	"testing"
+
+	cmn "github.com/tendermint/tmlibs/common"
 )

 func BenchmarkSomething(b *testing.B) {
@@ -11,11 +12,11 @@ func BenchmarkSomething(b *testing.B) {
 	numChecks := 100000
 	keys := make([]string, numItems)
 	for i := 0; i < numItems; i++ {
-		keys[i] = RandStr(100)
+		keys[i] = cmn.RandStr(100)
 	}
 	txs := make([]string, numChecks)
 	for i := 0; i < numChecks; i++ {
-		txs[i] = RandStr(100)
+		txs[i] = cmn.RandStr(100)
 	}
 	b.StartTimer()

--- a/benchmarks/os_test.go
+++ b/benchmarks/os_test.go
@@ -4,7 +4,7 @@ import (
 	"os"
 	"testing"

-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 )

 func BenchmarkFileWrite(b *testing.B) {
@@ -14,7 +14,7 @@ func BenchmarkFileWrite(b *testing.B) {
 	if err != nil {
 		b.Error(err)
 	}
-	testString := RandStr(200) + "\n"
+	testString := cmn.RandStr(200) + "\n"
 	b.StartTimer()

 	for i := 0; i < b.N; i++ {
--- a/benchmarks/simu/counter.go
+++ b/benchmarks/simu/counter.go
@@ -1,30 +1,27 @@
 package main

 import (
+	"context"
 	"encoding/binary"
-	"time"
-	//"encoding/hex"
 	"fmt"
+	"time"

-	"github.com/gorilla/websocket"
-	"github.com/tendermint/go-wire"
-	_ "github.com/tendermint/tendermint/rpc/core/types" // Register RPCResponse > Result types
-	"github.com/tendermint/tendermint/rpc/lib/client"
-	"github.com/tendermint/tendermint/rpc/lib/types"
-	. "github.com/tendermint/tmlibs/common"
+	rpcclient "github.com/tendermint/tendermint/rpc/lib/client"
+	cmn "github.com/tendermint/tmlibs/common"
 )

 func main() {
-	ws := rpcclient.NewWSClient("127.0.0.1:46657", "/websocket")
-	_, err := ws.Start()
+	wsc := rpcclient.NewWSClient("127.0.0.1:46657", "/websocket")
+	_, err := wsc.Start()
 	if err != nil {
-		Exit(err.Error())
+		cmn.Exit(err.Error())
 	}
+	defer wsc.Stop()

 	// Read a bunch of responses
 	go func() {
 		for {
-			_, ok := <-ws.ResultsCh
+			_, ok := <-wsc.ResultsCh
 			if !ok {
 				break
 			}
@@ -37,24 +34,14 @@ func main() {
 	for i := 0; ; i++ {
 		binary.BigEndian.PutUint64(buf, uint64(i))
 		//txBytes := hex.EncodeToString(buf[:n])
-		request, err := rpctypes.MapToRequest("fakeid",
-			"broadcast_tx",
-			map[string]interface{}{"tx": buf[:8]})
-		if err != nil {
-			Exit(err.Error())
-		}
-		reqBytes := wire.JSONBytes(request)
-		//fmt.Println("!!", string(reqBytes))
 		fmt.Print(".")
-		err = ws.WriteMessage(websocket.TextMessage, reqBytes)
+		err = wsc.Call(context.TODO(), "broadcast_tx", map[string]interface{}{"tx": buf[:8]})
 		if err != nil {
-			Exit(err.Error())
+			cmn.Exit(err.Error())
 		}
 		if i%1000 == 0 {
 			fmt.Println(i)
 		}
 		time.Sleep(time.Microsecond * 1000)
 	}
-
-	ws.Stop()
 }
--- a/blockchain/pool.go
+++ b/blockchain/pool.go
@@ -6,7 +6,7 @@ import (
 	"time"

 	"github.com/tendermint/tendermint/types"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 	flow "github.com/tendermint/tmlibs/flowrate"
 	"github.com/tendermint/tmlibs/log"
 )
@@ -33,7 +33,7 @@ var peerTimeoutSeconds = time.Duration(15) // not const so we can override with
 */

 type BlockPool struct {
-	BaseService
+	cmn.BaseService
 	startTime time.Time

 	mtx sync.Mutex
@@ -59,7 +59,7 @@ func NewBlockPool(start int, requestsCh chan<- BlockRequest, timeoutsCh chan<- s
 		requestsCh: requestsCh,
 		timeoutsCh: timeoutsCh,
 	}
-	bp.BaseService = *NewBaseService(nil, "BlockPool", bp)
+	bp.BaseService = *cmn.NewBaseService(nil, "BlockPool", bp)
 	return bp
 }

@@ -137,14 +137,14 @@ func (pool *BlockPool) IsCaughtUp() bool {

 	maxPeerHeight := 0
 	for _, peer := range pool.peers {
-		maxPeerHeight = MaxInt(maxPeerHeight, peer.height)
+		maxPeerHeight = cmn.MaxInt(maxPeerHeight, peer.height)
 	}

 	// some conditions to determine if we're caught up
 	receivedBlockOrTimedOut := (pool.height > 0 || time.Since(pool.startTime) > 5*time.Second)
 	ourChainIsLongestAmongPeers := maxPeerHeight == 0 || pool.height >= maxPeerHeight
 	isCaughtUp := receivedBlockOrTimedOut && ourChainIsLongestAmongPeers
-	pool.Logger.Info(Fmt("IsCaughtUp: %v", isCaughtUp), "height", pool.height, "maxPeerHeight", maxPeerHeight)
+	pool.Logger.Info(cmn.Fmt("IsCaughtUp: %v", isCaughtUp), "height", pool.height, "maxPeerHeight", maxPeerHeight)
 	return isCaughtUp
 }

@@ -180,7 +180,7 @@ func (pool *BlockPool) PopRequest() {
 		delete(pool.requesters, pool.height)
 		pool.height++
 	} else {
-		PanicSanity(Fmt("Expected requester to pop, got nothing at height %v", pool.height))
+		cmn.PanicSanity(cmn.Fmt("Expected requester to pop, got nothing at height %v", pool.height))
 	}
 }

@@ -192,7 +192,7 @@ func (pool *BlockPool) RedoRequest(height int) {
 	pool.mtx.Unlock()

 	if request.block == nil {
-		PanicSanity("Expected block to be non-nil")
+		cmn.PanicSanity("Expected block to be non-nil")
 	}
 	// RemovePeer will redo all requesters associated with this peer.
 	// TODO: record this malfeasance
@@ -311,10 +311,10 @@ func (pool *BlockPool) debug() string {
 	str := ""
 	for h := pool.height; h < pool.height+len(pool.requesters); h++ {
 		if pool.requesters[h] == nil {
-			str += Fmt("H(%v):X ", h)
+			str += cmn.Fmt("H(%v):X ", h)
 		} else {
-			str += Fmt("H(%v):", h)
-			str += Fmt("B?(%v) ", pool.requesters[h].block != nil)
+			str += cmn.Fmt("H(%v):", h)
+			str += cmn.Fmt("B?(%v) ", pool.requesters[h].block != nil)
 		}
 	}
 	return str
@@ -352,7 +352,7 @@ func (peer *bpPeer) setLogger(l log.Logger) {

 func (peer *bpPeer) resetMonitor() {
 	peer.recvMonitor = flow.New(time.Second, time.Second*40)
-	var initialValue = float64(minRecvRate) * math.E
+	initialValue := float64(minRecvRate) * math.E
 	peer.recvMonitor.SetREMA(initialValue)
 }

@@ -394,7 +394,7 @@ func (peer *bpPeer) onTimeout() {
 //-------------------------------------

 type bpRequester struct {
-	BaseService
+	cmn.BaseService
 	pool       *BlockPool
 	height     int
 	gotBlockCh chan struct{}
@@ -415,7 +415,7 @@ func newBPRequester(pool *BlockPool, height int) *bpRequester {
 		peerID: "",
 		block:  nil,
 	}
-	bpr.BaseService = *NewBaseService(nil, "bpRequester", bpr)
+	bpr.BaseService = *cmn.NewBaseService(nil, "bpRequester", bpr)
 	return bpr
 }

--- a/blockchain/pool_test.go
+++ b/blockchain/pool_test.go
@@ -6,7 +6,7 @@ import (
 	"time"

 	"github.com/tendermint/tendermint/types"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 	"github.com/tendermint/tmlibs/log"
 )

@@ -22,7 +22,7 @@ type testPeer struct {
 func makePeers(numPeers int, minHeight, maxHeight int) map[string]testPeer {
 	peers := make(map[string]testPeer, numPeers)
 	for i := 0; i < numPeers; i++ {
-		peerID := RandStr(12)
+		peerID := cmn.RandStr(12)
 		height := minHeight + rand.Intn(maxHeight-minHeight)
 		peers[peerID] = testPeer{peerID, height}
 	}
--- a/blockchain/reactor.go
+++ b/blockchain/reactor.go
@@ -28,7 +28,6 @@ const (
 	statusUpdateIntervalSeconds = 10
 	// check if we should switch to consensus reactor
 	switchToConsensusIntervalSeconds = 1
-	maxBlockchainResponseSize        = types.MaxBlockSize + 2
 )

 type consensusReactor interface {
@@ -111,20 +110,38 @@ func (bcR *BlockchainReactor) GetChannels() []*p2p.ChannelDescriptor {
 }

 // AddPeer implements Reactor by sending our state to peer.
-func (bcR *BlockchainReactor) AddPeer(peer *p2p.Peer) {
+func (bcR *BlockchainReactor) AddPeer(peer p2p.Peer) {
 	if !peer.Send(BlockchainChannel, struct{ BlockchainMessage }{&bcStatusResponseMessage{bcR.store.Height()}}) {
 		// doing nothing, will try later in `poolRoutine`
 	}
 }

 // RemovePeer implements Reactor by removing peer from the pool.
-func (bcR *BlockchainReactor) RemovePeer(peer *p2p.Peer, reason interface{}) {
-	bcR.pool.RemovePeer(peer.Key)
+func (bcR *BlockchainReactor) RemovePeer(peer p2p.Peer, reason interface{}) {
+	bcR.pool.RemovePeer(peer.Key())
+}
+
+// respondToPeer loads a block and sends it to the requesting peer,
+// if we have it. Otherwise, we'll respond saying we don't have it.
+// According to the Tendermint spec, if all nodes are honest,
+// no node should be requesting for a block that's non-existent.
+func (bcR *BlockchainReactor) respondToPeer(msg *bcBlockRequestMessage, src p2p.Peer) (queued bool) {
+	block := bcR.store.LoadBlock(msg.Height)
+	if block != nil {
+		msg := &bcBlockResponseMessage{Block: block}
+		return src.TrySend(BlockchainChannel, struct{ BlockchainMessage }{msg})
+	}
+
+	bcR.Logger.Info("Peer asking for a block we don't have", "src", src, "height", msg.Height)
+
+	return src.TrySend(BlockchainChannel, struct{ BlockchainMessage }{
+		&bcNoBlockResponseMessage{Height: msg.Height},
+	})
 }

 // Receive implements Reactor by handling 4 types of messages (look below).
-func (bcR *BlockchainReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte) {
-	_, msg, err := DecodeMessage(msgBytes)
+func (bcR *BlockchainReactor) Receive(chID byte, src p2p.Peer, msgBytes []byte) {
+	_, msg, err := DecodeMessage(msgBytes, bcR.maxMsgSize())
 	if err != nil {
 		bcR.Logger.Error("Error decoding message", "err", err)
 		return
@@ -135,20 +152,12 @@ func (bcR *BlockchainReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte)
 	// TODO: improve logic to satisfy megacheck
 	switch msg := msg.(type) {
 	case *bcBlockRequestMessage:
-		// Got a request for a block. Respond with block if we have it.
-		block := bcR.store.LoadBlock(msg.Height)
-		if block != nil {
-			msg := &bcBlockResponseMessage{Block: block}
-			queued := src.TrySend(BlockchainChannel, struct{ BlockchainMessage }{msg})
-			if !queued {
-				// queue is full, just ignore.
-			}
-		} else {
-			// TODO peer is asking for things we don't have.
+		if queued := bcR.respondToPeer(msg, src); !queued {
+			// Unfortunately not queued since the queue is full.
 		}
 	case *bcBlockResponseMessage:
 		// Got a block.
-		bcR.pool.AddBlock(src.Key, msg.Block, len(msgBytes))
+		bcR.pool.AddBlock(src.Key(), msg.Block, len(msgBytes))
 	case *bcStatusRequestMessage:
 		// Send peer our state.
 		queued := src.TrySend(BlockchainChannel, struct{ BlockchainMessage }{&bcStatusResponseMessage{bcR.store.Height()}})
@@ -157,12 +166,18 @@ func (bcR *BlockchainReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte)
 		}
 	case *bcStatusResponseMessage:
 		// Got a peer status. Unverified.
-		bcR.pool.SetPeerHeight(src.Key, msg.Height)
+		bcR.pool.SetPeerHeight(src.Key(), msg.Height)
 	default:
 		bcR.Logger.Error(cmn.Fmt("Unknown message type %v", reflect.TypeOf(msg)))
 	}
 }

+// maxMsgSize returns the maximum allowable size of a
+// message on the blockchain reactor.
+func (bcR *BlockchainReactor) maxMsgSize() int {
+	return bcR.state.Params().BlockSizeParams.MaxBytes + 2
+}
+
 // Handle messages from the poolReactor telling the reactor what to do.
 // NOTE: Don't sleep in the FOR_LOOP or otherwise slow it down!
 // (Except for the SYNC_LOOP, which is the primary purpose and must be synchronous.)
@@ -221,7 +236,7 @@ FOR_LOOP:
 					// We need both to sync the first block.
 					break SYNC_LOOP
 				}
-				firstParts := first.MakePartSet(types.DefaultBlockPartSize)
+				firstParts := first.MakePartSet(bcR.state.Params().BlockPartSizeBytes)
 				firstPartsHeader := firstParts.Header()
 				// Finally, verify the first block using the second's commit
 				// NOTE: we can probably make this more efficient, but note that calling
@@ -230,7 +245,7 @@ FOR_LOOP:
 				err := bcR.state.Validators.VerifyCommit(
 					bcR.state.ChainID, types.BlockID{first.Hash(), firstPartsHeader}, first.Height, second.LastCommit)
 				if err != nil {
-					bcR.Logger.Info("error in validation", "err", err)
+					bcR.Logger.Error("Error in validation", "err", err)
 					bcR.pool.RedoRequest(first.Height)
 					break SYNC_LOOP
 				} else {
@@ -271,10 +286,11 @@ func (bcR *BlockchainReactor) SetEventSwitch(evsw types.EventSwitch) {
 // Messages

 const (
-	msgTypeBlockRequest   = byte(0x10)
-	msgTypeBlockResponse  = byte(0x11)
-	msgTypeStatusResponse = byte(0x20)
-	msgTypeStatusRequest  = byte(0x21)
+	msgTypeBlockRequest    = byte(0x10)
+	msgTypeBlockResponse   = byte(0x11)
+	msgTypeNoBlockResponse = byte(0x12)
+	msgTypeStatusResponse  = byte(0x20)
+	msgTypeStatusRequest   = byte(0x21)
 )

 // BlockchainMessage is a generic message for this reactor.
@@ -284,17 +300,18 @@ var _ = wire.RegisterInterface(
 	struct{ BlockchainMessage }{},
 	wire.ConcreteType{&bcBlockRequestMessage{}, msgTypeBlockRequest},
 	wire.ConcreteType{&bcBlockResponseMessage{}, msgTypeBlockResponse},
+	wire.ConcreteType{&bcNoBlockResponseMessage{}, msgTypeNoBlockResponse},
 	wire.ConcreteType{&bcStatusResponseMessage{}, msgTypeStatusResponse},
 	wire.ConcreteType{&bcStatusRequestMessage{}, msgTypeStatusRequest},
 )

 // DecodeMessage decodes BlockchainMessage.
 // TODO: ensure that bz is completely read.
-func DecodeMessage(bz []byte) (msgType byte, msg BlockchainMessage, err error) {
+func DecodeMessage(bz []byte, maxSize int) (msgType byte, msg BlockchainMessage, err error) {
 	msgType = bz[0]
 	n := int(0)
 	r := bytes.NewReader(bz)
-	msg = wire.ReadBinary(struct{ BlockchainMessage }{}, r, maxBlockchainResponseSize, &n, &err).(struct{ BlockchainMessage }).BlockchainMessage
+	msg = wire.ReadBinary(struct{ BlockchainMessage }{}, r, maxSize, &n, &err).(struct{ BlockchainMessage }).BlockchainMessage
 	if err != nil && n != len(bz) {
 		err = errors.New("DecodeMessage() had bytes left over")
 	}
@@ -311,6 +328,14 @@ func (m *bcBlockRequestMessage) String() string {
 	return cmn.Fmt("[bcBlockRequestMessage %v]", m.Height)
 }

+type bcNoBlockResponseMessage struct {
+	Height int
+}
+
+func (brm *bcNoBlockResponseMessage) String() string {
+	return cmn.Fmt("[bcNoBlockResponseMessage %d]", brm.Height)
+}
+
 //-------------------------------------

 // NOTE: keep up-to-date with maxBlockchainResponseSize
--- a/blockchain/reactor_test.go
+++ b/blockchain/reactor_test.go
@@ -0,0 +1,158 @@
+package blockchain
+
+import (
+	"bytes"
+	"testing"
+
+	wire "github.com/tendermint/go-wire"
+	cmn "github.com/tendermint/tmlibs/common"
+	"github.com/tendermint/tmlibs/db"
+	"github.com/tendermint/tmlibs/log"
+
+	cfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/p2p"
+	sm "github.com/tendermint/tendermint/state"
+	"github.com/tendermint/tendermint/types"
+)
+
+func newBlockchainReactor(logger log.Logger, maxBlockHeight int) *BlockchainReactor {
+	config := cfg.ResetTestRoot("node_node_test")
+
+	blockStoreDB := db.NewDB("blockstore", config.DBBackend, config.DBDir())
+	blockStore := NewBlockStore(blockStoreDB)
+
+	stateLogger := logger.With("module", "state")
+
+	// Get State
+	stateDB := db.NewDB("state", config.DBBackend, config.DBDir())
+	state, _ := sm.GetState(stateDB, config.GenesisFile())
+
+	state.SetLogger(stateLogger)
+	state.Save()
+
+	// Make the blockchainReactor itself
+	fastSync := true
+	bcReactor := NewBlockchainReactor(state.Copy(), nil, blockStore, fastSync)
+
+	// Next: we need to set a switch in order for peers to be added in
+	bcReactor.Switch = p2p.NewSwitch(cfg.DefaultP2PConfig())
+	bcReactor.SetLogger(logger.With("module", "blockchain"))
+
+	// Lastly: let's add some blocks in
+	for blockHeight := 1; blockHeight <= maxBlockHeight; blockHeight++ {
+		firstBlock := makeBlock(blockHeight, state)
+		secondBlock := makeBlock(blockHeight+1, state)
+		firstParts := firstBlock.MakePartSet(state.Params().BlockGossipParams.BlockPartSizeBytes)
+		blockStore.SaveBlock(firstBlock, firstParts, secondBlock.LastCommit)
+	}
+
+	return bcReactor
+}
+
+func TestNoBlockMessageResponse(t *testing.T) {
+	logBuf := new(bytes.Buffer)
+	logger := log.NewTMLogger(logBuf)
+	maxBlockHeight := 20
+
+	bcr := newBlockchainReactor(logger, maxBlockHeight)
+	go bcr.OnStart()
+	defer bcr.Stop()
+
+	// Add some peers in
+	peer := newbcrTestPeer(cmn.RandStr(12))
+	bcr.AddPeer(peer)
+
+	chID := byte(0x01)
+
+	tests := []struct {
+		height   int
+		existent bool
+	}{
+		{maxBlockHeight + 2, false},
+		{10, true},
+		{1, true},
+		{100, false},
+	}
+
+	for _, tt := range tests {
+		reqBlockMsg := &bcBlockRequestMessage{tt.height}
+		reqBlockBytes := wire.BinaryBytes(struct{ BlockchainMessage }{reqBlockMsg})
+		bcr.Receive(chID, peer, reqBlockBytes)
+		value := peer.lastValue()
+		msg := value.(struct{ BlockchainMessage }).BlockchainMessage
+
+		if tt.existent {
+			if blockMsg, ok := msg.(*bcBlockResponseMessage); !ok {
+				t.Fatalf("Expected to receive a block response for height %d", tt.height)
+			} else if blockMsg.Block.Height != tt.height {
+				t.Fatalf("Expected response to be for height %d, got %d", tt.height, blockMsg.Block.Height)
+			}
+		} else {
+			if noBlockMsg, ok := msg.(*bcNoBlockResponseMessage); !ok {
+				t.Fatalf("Expected to receive a no block response for height %d", tt.height)
+			} else if noBlockMsg.Height != tt.height {
+				t.Fatalf("Expected response to be for height %d, got %d", tt.height, noBlockMsg.Height)
+			}
+		}
+	}
+}
+
+//----------------------------------------------
+// utility funcs
+
+func makeTxs(blockNumber int) (txs []types.Tx) {
+	for i := 0; i < 10; i++ {
+		txs = append(txs, types.Tx([]byte{byte(blockNumber), byte(i)}))
+	}
+	return txs
+}
+
+func makeBlock(blockNumber int, state *sm.State) *types.Block {
+	prevHash := state.LastBlockID.Hash
+	prevParts := types.PartSetHeader{}
+	valHash := state.Validators.Hash()
+	prevBlockID := types.BlockID{prevHash, prevParts}
+	block, _ := types.MakeBlock(blockNumber, "test_chain", makeTxs(blockNumber),
+		new(types.Commit), prevBlockID, valHash, state.AppHash, state.Params().BlockGossipParams.BlockPartSizeBytes)
+	return block
+}
+
+// The Test peer
+type bcrTestPeer struct {
+	cmn.Service
+	key string
+	ch  chan interface{}
+}
+
+var _ p2p.Peer = (*bcrTestPeer)(nil)
+
+func newbcrTestPeer(key string) *bcrTestPeer {
+	return &bcrTestPeer{
+		Service: cmn.NewBaseService(nil, "bcrTestPeer", nil),
+		key:     key,
+		ch:      make(chan interface{}, 2),
+	}
+}
+
+func (tp *bcrTestPeer) lastValue() interface{} { return <-tp.ch }
+
+func (tp *bcrTestPeer) TrySend(chID byte, value interface{}) bool {
+	if _, ok := value.(struct{ BlockchainMessage }).BlockchainMessage.(*bcStatusResponseMessage); ok {
+		// Discard status response messages since they skew our results
+		// We only want to deal with:
+		// + bcBlockResponseMessage
+		// + bcNoBlockResponseMessage
+	} else {
+		tp.ch <- value
+	}
+	return true
+}
+
+func (tp *bcrTestPeer) Send(chID byte, data interface{}) bool { return tp.TrySend(chID, data) }
+func (tp *bcrTestPeer) NodeInfo() *p2p.NodeInfo               { return nil }
+func (tp *bcrTestPeer) Status() p2p.ConnectionStatus          { return p2p.ConnectionStatus{} }
+func (tp *bcrTestPeer) Key() string                           { return tp.key }
+func (tp *bcrTestPeer) IsOutbound() bool                      { return false }
+func (tp *bcrTestPeer) IsPersistent() bool                    { return true }
+func (tp *bcrTestPeer) Get(s string) interface{}              { return s }
+func (tp *bcrTestPeer) Set(string, interface{})               {}
--- a/cmd/tendermint/commands/gen_validator.go
+++ b/cmd/tendermint/commands/gen_validator.go
@@ -9,18 +9,16 @@ import (
 	"github.com/tendermint/tendermint/types"
 )

-var genValidatorCmd = &cobra.Command{
+// GenValidatorCmd allows the generation of a keypair for a
+// validator.
+var GenValidatorCmd = &cobra.Command{
 	Use:   "gen_validator",
 	Short: "Generate new validator keypair",
 	Run:   genValidator,
 }

-func init() {
-	RootCmd.AddCommand(genValidatorCmd)
-}
-
 func genValidator(cmd *cobra.Command, args []string) {
-	privValidator := types.GenPrivValidator()
+	privValidator := types.GenPrivValidatorFS("")
 	privValidatorJSONBytes, _ := json.MarshalIndent(privValidator, "", "\t")
 	fmt.Printf(`%v
 `, string(privValidatorJSONBytes))
--- a/cmd/tendermint/commands/init.go
+++ b/cmd/tendermint/commands/init.go
@@ -9,21 +9,17 @@ import (
 	cmn "github.com/tendermint/tmlibs/common"
 )

-var initFilesCmd = &cobra.Command{
+// InitFilesCmd initialises a fresh Tendermint Core instance.
+var InitFilesCmd = &cobra.Command{
 	Use:   "init",
 	Short: "Initialize Tendermint",
 	Run:   initFiles,
 }

-func init() {
-	RootCmd.AddCommand(initFilesCmd)
-}
-
 func initFiles(cmd *cobra.Command, args []string) {
 	privValFile := config.PrivValidatorFile()
 	if _, err := os.Stat(privValFile); os.IsNotExist(err) {
-		privValidator := types.GenPrivValidator()
-		privValidator.SetFile(privValFile)
+		privValidator := types.GenPrivValidatorFS(privValFile)
 		privValidator.Save()

 		genFile := config.GenesisFile()
@@ -33,8 +29,8 @@ func initFiles(cmd *cobra.Command, args []string) {
 				ChainID: cmn.Fmt("test-chain-%v", cmn.RandStr(6)),
 			}
 			genDoc.Validators = []types.GenesisValidator{types.GenesisValidator{
-				PubKey: privValidator.PubKey,
-				Amount: 10,
+				PubKey: privValidator.GetPubKey(),
+				Power:  10,
 			}}

 			genDoc.SaveAs(genFile)
--- a/cmd/tendermint/commands/probe_upnp.go
+++ b/cmd/tendermint/commands/probe_upnp.go
@@ -9,16 +9,13 @@ import (
 	"github.com/tendermint/tendermint/p2p/upnp"
 )

-var probeUpnpCmd = &cobra.Command{
+// ProbeUpnpCmd adds capabilities to test the UPnP functionality.
+var ProbeUpnpCmd = &cobra.Command{
 	Use:   "probe_upnp",
 	Short: "Test UPnP functionality",
 	RunE:  probeUpnp,
 }

-func init() {
-	RootCmd.AddCommand(probeUpnpCmd)
-}
-
 func probeUpnp(cmd *cobra.Command, args []string) error {
 	capabilities, err := upnp.Probe(logger)
 	if err != nil {
--- a/cmd/tendermint/commands/replay.go
+++ b/cmd/tendermint/commands/replay.go
@@ -6,7 +6,8 @@ import (
 	"github.com/tendermint/tendermint/consensus"
 )

-var replayCmd = &cobra.Command{
+// ReplayCmd allows replaying of messages from the WAL.
+var ReplayCmd = &cobra.Command{
 	Use:   "replay",
 	Short: "Replay messages from WAL",
 	Run: func(cmd *cobra.Command, args []string) {
@@ -14,15 +15,12 @@ var replayCmd = &cobra.Command{
 	},
 }

-var replayConsoleCmd = &cobra.Command{
+// ReplayConsoleCmd allows replaying of messages from the WAL in a
+// console.
+var ReplayConsoleCmd = &cobra.Command{
 	Use:   "replay_console",
 	Short: "Replay messages from WAL in a console",
 	Run: func(cmd *cobra.Command, args []string) {
 		consensus.RunReplayFile(config.BaseConfig, config.Consensus, true)
 	},
 }
-
-func init() {
-	RootCmd.AddCommand(replayCmd)
-	RootCmd.AddCommand(replayConsoleCmd)
-}
--- a/cmd/tendermint/commands/reset_priv_validator.go
+++ b/cmd/tendermint/commands/reset_priv_validator.go
@@ -9,21 +9,27 @@ import (
 	"github.com/tendermint/tmlibs/log"
 )

-var resetAllCmd = &cobra.Command{
+// ResetAllCmd removes the database of this Tendermint core
+// instance.
+var ResetAllCmd = &cobra.Command{
 	Use:   "unsafe_reset_all",
 	Short: "(unsafe) Remove all the data and WAL, reset this node's validator",
 	Run:   resetAll,
 }

-var resetPrivValidatorCmd = &cobra.Command{
+// ResetPrivValidatorCmd resets the private validator files.
+var ResetPrivValidatorCmd = &cobra.Command{
 	Use:   "unsafe_reset_priv_validator",
 	Short: "(unsafe) Reset this node's validator",
 	Run:   resetPrivValidator,
 }

-func init() {
-	RootCmd.AddCommand(resetAllCmd)
-	RootCmd.AddCommand(resetPrivValidatorCmd)
+// ResetAll removes the privValidator files.
+// Exported so other CLI tools can use  it
+func ResetAll(dbDir, privValFile string, logger log.Logger) {
+	resetPrivValidatorFS(privValFile, logger)
+	os.RemoveAll(dbDir)
+	logger.Info("Removed all data", "dir", dbDir)
 }

 // XXX: this is totally unsafe.
@@ -35,26 +41,17 @@ func resetAll(cmd *cobra.Command, args []string) {
 // XXX: this is totally unsafe.
 // it's only suitable for testnets.
 func resetPrivValidator(cmd *cobra.Command, args []string) {
-	resetPrivValidatorLocal(config.PrivValidatorFile(), logger)
+	resetPrivValidatorFS(config.PrivValidatorFile(), logger)
 }

-// Exported so other CLI tools can use  it
-func ResetAll(dbDir, privValFile string, logger log.Logger) {
-	resetPrivValidatorLocal(privValFile, logger)
-	os.RemoveAll(dbDir)
-	logger.Info("Removed all data", "dir", dbDir)
-}
-
-func resetPrivValidatorLocal(privValFile string, logger log.Logger) {
+func resetPrivValidatorFS(privValFile string, logger log.Logger) {
 	// Get PrivValidator
-	var privValidator *types.PrivValidator
 	if _, err := os.Stat(privValFile); err == nil {
-		privValidator = types.LoadPrivValidator(privValFile)
+		privValidator := types.LoadPrivValidatorFS(privValFile)
 		privValidator.Reset()
 		logger.Info("Reset PrivValidator", "file", privValFile)
 	} else {
-		privValidator = types.GenPrivValidator()
-		privValidator.SetFile(privValFile)
+		privValidator := types.GenPrivValidatorFS(privValFile)
 		privValidator.Save()
 		logger.Info("Generated PrivValidator", "file", privValFile)
 	}
--- a/cmd/tendermint/commands/root.go
+++ b/cmd/tendermint/commands/root.go
@@ -21,7 +21,8 @@ func init() {
 	RootCmd.PersistentFlags().String("log_level", config.LogLevel, "Log level")
 }

-// ParseConfig will setup the tendermint configuration properly
+// ParseConfig retrieves the default environment configuration,
+// sets up the Tendermint root and ensures that the root exists
 func ParseConfig() (*cfg.Config, error) {
 	conf := cfg.DefaultConfig()
 	err := viper.Unmarshal(conf)
@@ -33,10 +34,14 @@ func ParseConfig() (*cfg.Config, error) {
 	return conf, err
 }

+// RootCmd is the root command for Tendermint core.
 var RootCmd = &cobra.Command{
 	Use:   "tendermint",
 	Short: "Tendermint Core (BFT Consensus) in Go",
 	PersistentPreRunE: func(cmd *cobra.Command, args []string) (err error) {
+		if cmd.Name() == VersionCmd.Name() {
+			return nil
+		}
 		config, err = ParseConfig()
 		if err != nil {
 			return err
--- a/cmd/tendermint/commands/root_test.go
+++ b/cmd/tendermint/commands/root_test.go
@@ -3,15 +3,15 @@ package commands
 import (
 	"os"
 	"strconv"
+	"testing"

 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+
 	cfg "github.com/tendermint/tendermint/config"
 	"github.com/tendermint/tmlibs/cli"
-
-	"testing"
 )

 var (
--- a/cmd/tendermint/commands/run_node.go
+++ b/cmd/tendermint/commands/run_node.go
@@ -2,26 +2,12 @@ package commands

 import (
 	"fmt"
-	"time"

 	"github.com/spf13/cobra"

-	"github.com/tendermint/tendermint/node"
-	"github.com/tendermint/tendermint/types"
-	cmn "github.com/tendermint/tmlibs/common"
+	nm "github.com/tendermint/tendermint/node"
 )

-var runNodeCmd = &cobra.Command{
-	Use:   "node",
-	Short: "Run the tendermint node",
-	RunE:  runNode,
-}
-
-func init() {
-	AddNodeFlags(runNodeCmd)
-	RootCmd.AddCommand(runNodeCmd)
-}
-
 // AddNodeFlags exposes some common configuration options on the command-line
 // These are exposed for convenience of commands embedding a tendermint node
 func AddNodeFlags(cmd *cobra.Command) {
@@ -50,40 +36,32 @@ func AddNodeFlags(cmd *cobra.Command) {
 	cmd.Flags().Bool("consensus.create_empty_blocks", config.Consensus.CreateEmptyBlocks, "Set this to false to only produce blocks when there are txs or when the AppHash changes")
 }

-// Users wishing to:
-//	* Use an external signer for their validators
-//	* Supply an in-proc abci app
-// should import github.com/tendermint/tendermint/node and implement
-// their own run_node to call node.NewNode (instead of node.NewNodeDefault)
-// with their custom priv validator and/or custom proxy.ClientCreator
-func runNode(cmd *cobra.Command, args []string) error {
+// NewRunNodeCmd returns the command that allows the CLI to start a
+// node. It can be used with a custom PrivValidator and in-process ABCI application.
+func NewRunNodeCmd(nodeProvider nm.NodeProvider) *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "node",
+		Short: "Run the tendermint node",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			// Create & start node
+			n, err := nodeProvider(config, logger)
+			if err != nil {
+				return fmt.Errorf("Failed to create node: %v", err)
+			}

-	// Wait until the genesis doc becomes available
-	// This is for Mintnet compatibility.
-	// TODO: If Mintnet gets deprecated or genesis_file is
-	// always available, remove.
-	genDocFile := config.GenesisFile()
-	for !cmn.FileExists(genDocFile) {
-		logger.Info(cmn.Fmt("Waiting for genesis file %v...", genDocFile))
-		time.Sleep(time.Second)
+			if _, err := n.Start(); err != nil {
+				return fmt.Errorf("Failed to start node: %v", err)
+			} else {
+				logger.Info("Started node", "nodeInfo", n.Switch().NodeInfo())
+			}
+
+			// Trap signal, run forever.
+			n.RunForever()
+
+			return nil
+		},
 	}

-	genDoc, err := types.GenesisDocFromFile(genDocFile)
-	if err != nil {
-		return err
-	}
-	config.ChainID = genDoc.ChainID
-
-	// Create & start node
-	n := node.NewNodeDefault(config, logger.With("module", "node"))
-	if _, err := n.Start(); err != nil {
-		return fmt.Errorf("Failed to start node: %v", err)
-	} else {
-		logger.Info("Started node", "nodeInfo", n.Switch().NodeInfo())
-	}
-
-	// Trap signal, run forever.
-	n.RunForever()
-
-	return nil
+	AddNodeFlags(cmd)
+	return cmd
 }
--- a/cmd/tendermint/commands/show_validator.go
+++ b/cmd/tendermint/commands/show_validator.go
@@ -9,18 +9,15 @@ import (
 	"github.com/tendermint/tendermint/types"
 )

-var showValidatorCmd = &cobra.Command{
+// ShowValidatorCmd adds capabilities for showing the validator info.
+var ShowValidatorCmd = &cobra.Command{
 	Use:   "show_validator",
 	Short: "Show this node's validator info",
 	Run:   showValidator,
 }

-func init() {
-	RootCmd.AddCommand(showValidatorCmd)
-}
-
 func showValidator(cmd *cobra.Command, args []string) {
-	privValidator := types.LoadOrGenPrivValidator(config.PrivValidatorFile(), logger)
+	privValidator := types.LoadOrGenPrivValidatorFS(config.PrivValidatorFile())
 	pubKeyJSONBytes, _ := data.ToJSON(privValidator.PubKey)
 	fmt.Println(string(pubKeyJSONBytes))
 }
--- a/cmd/tendermint/commands/testnet.go
+++ b/cmd/tendermint/commands/testnet.go
@@ -7,16 +7,10 @@ import (

 	"github.com/spf13/cobra"

-	cmn "github.com/tendermint/tmlibs/common"
 	"github.com/tendermint/tendermint/types"
+	cmn "github.com/tendermint/tmlibs/common"
 )

-var testnetFilesCmd = &cobra.Command{
-	Use:   "testnet",
-	Short: "Initialize files for a Tendermint testnet",
-	Run:   testnetFiles,
-}
-
 //flags
 var (
 	nValidators int
@@ -24,12 +18,18 @@ var (
 )

 func init() {
-	testnetFilesCmd.Flags().IntVar(&nValidators, "n", 4,
+	TestnetFilesCmd.Flags().IntVar(&nValidators, "n", 4,
 		"Number of validators to initialize the testnet with")
-	testnetFilesCmd.Flags().StringVar(&dataDir, "dir", "mytestnet",
+	TestnetFilesCmd.Flags().StringVar(&dataDir, "dir", "mytestnet",
 		"Directory to store initialization data for the testnet")
+}

-	RootCmd.AddCommand(testnetFilesCmd)
+// TestnetFilesCmd allows initialisation of files for a
+// Tendermint testnet.
+var TestnetFilesCmd = &cobra.Command{
+	Use:   "testnet",
+	Short: "Initialize files for a Tendermint testnet",
+	Run:   testnetFiles,
 }

 func testnetFiles(cmd *cobra.Command, args []string) {
@@ -45,10 +45,10 @@ func testnetFiles(cmd *cobra.Command, args []string) {
 		}
 		// Read priv_validator.json to populate vals
 		privValFile := path.Join(dataDir, mach, "priv_validator.json")
-		privVal := types.LoadPrivValidator(privValFile)
+		privVal := types.LoadPrivValidatorFS(privValFile)
 		genVals[i] = types.GenesisValidator{
-			PubKey: privVal.PubKey,
-			Amount: 1,
+			PubKey: privVal.GetPubKey(),
+			Power:  1,
 			Name:   mach,
 		}
 	}
@@ -87,7 +87,6 @@ func ensurePrivValidator(file string) {
 	if cmn.FileExists(file) {
 		return
 	}
-	privValidator := types.GenPrivValidator()
-	privValidator.SetFile(file)
+	privValidator := types.GenPrivValidatorFS(file)
 	privValidator.Save()
 }
--- a/cmd/tendermint/commands/version.go
+++ b/cmd/tendermint/commands/version.go
@@ -8,14 +8,11 @@ import (
 	"github.com/tendermint/tendermint/version"
 )

-var versionCmd = &cobra.Command{
+// VersionCmd ...
+var VersionCmd = &cobra.Command{
 	Use:   "version",
 	Short: "Show version info",
 	Run: func(cmd *cobra.Command, args []string) {
 		fmt.Println(version.Version)
 	},
 }
-
-func init() {
-	RootCmd.AddCommand(versionCmd)
-}
--- a/cmd/tendermint/main.go
+++ b/cmd/tendermint/main.go
@@ -3,11 +3,39 @@ package main
 import (
 	"os"

-	"github.com/tendermint/tendermint/cmd/tendermint/commands"
 	"github.com/tendermint/tmlibs/cli"
+
+	cmd "github.com/tendermint/tendermint/cmd/tendermint/commands"
+	nm "github.com/tendermint/tendermint/node"
 )

 func main() {
-	cmd := cli.PrepareBaseCmd(commands.RootCmd, "TM", os.ExpandEnv("$HOME/.tendermint"))
+	rootCmd := cmd.RootCmd
+	rootCmd.AddCommand(
+		cmd.GenValidatorCmd,
+		cmd.InitFilesCmd,
+		cmd.ProbeUpnpCmd,
+		cmd.ReplayCmd,
+		cmd.ReplayConsoleCmd,
+		cmd.ResetAllCmd,
+		cmd.ResetPrivValidatorCmd,
+		cmd.ShowValidatorCmd,
+		cmd.TestnetFilesCmd,
+		cmd.VersionCmd)
+
+	// NOTE:
+	// Users wishing to:
+	//	* Use an external signer for their validators
+	//	* Supply an in-proc abci app
+	//	* Supply a genesis doc file from another source
+	//	* Provide their own DB implementation
+	// can copy this file and use something other than the
+	// DefaultNewNode function
+	nodeFunc := nm.DefaultNewNode
+
+	// Create & start node
+	rootCmd.AddCommand(cmd.NewRunNodeCmd(nodeFunc))
+
+	cmd := cli.PrepareBaseCmd(rootCmd, "TM", os.ExpandEnv("$HOME/.tendermint"))
 	cmd.Execute()
 }
--- a/config/config.go
+++ b/config/config.go
@@ -4,8 +4,6 @@ import (
 	"fmt"
 	"path/filepath"
 	"time"
-
-	"github.com/tendermint/tendermint/types" // TODO: remove
 )

 // Config defines the top level configuration for a Tendermint node
@@ -222,18 +220,30 @@ type P2PConfig struct {
 	// Maximum number of peers to connect to
 	MaxNumPeers int `mapstructure:"max_num_peers"`

-	// Time to wait before flushing messages out on the connection. In ms
+	// Time to wait before flushing messages out on the connection, in ms
 	FlushThrottleTimeout int `mapstructure:"flush_throttle_timeout"`
+
+	// Maximum size of a message packet payload, in bytes
+	MaxMsgPacketPayloadSize int `mapstructure:"max_msg_packet_payload_size"`
+
+	// Rate at which packets can be sent, in bytes/second
+	SendRate int64 `mapstructure:"send_rate"`
+
+	// Rate at which packets can be received, in bytes/second
+	RecvRate int64 `mapstructure:"recv_rate"`
 }

 // DefaultP2PConfig returns a default configuration for the peer-to-peer layer
 func DefaultP2PConfig() *P2PConfig {
 	return &P2PConfig{
-		ListenAddress:        "tcp://0.0.0.0:46656",
-		AddrBook:             "addrbook.json",
-		AddrBookStrict:       true,
-		MaxNumPeers:          50,
-		FlushThrottleTimeout: 100,
+		ListenAddress:           "tcp://0.0.0.0:46656",
+		AddrBook:                "addrbook.json",
+		AddrBookStrict:          true,
+		MaxNumPeers:             50,
+		FlushThrottleTimeout:    100,
+		MaxMsgPacketPayloadSize: 1024,   // 1 kB
+		SendRate:                512000, // 500 kB/s
+		RecvRate:                512000, // 500 kB/s
 	}
 }

@@ -308,10 +318,6 @@ type ConsensusConfig struct {
 	CreateEmptyBlocks         bool `mapstructure:"create_empty_blocks"`
 	CreateEmptyBlocksInterval int  `mapstructure:"create_empty_blocks_interval"`

-	// TODO: This probably shouldn't be exposed but it makes it
-	// easy to write tests for the wal/replay
-	BlockPartSize int `mapstructure:"block_part_size"`
-
 	// Reactor sleep duration parameters are in ms
 	PeerGossipSleepDuration     int `mapstructure:"peer_gossip_sleep_duration"`
 	PeerQueryMaj23SleepDuration int `mapstructure:"peer_query_maj23_sleep_duration"`
@@ -374,7 +380,6 @@ func DefaultConsensusConfig() *ConsensusConfig {
 		MaxBlockSizeBytes:           1, // TODO
 		CreateEmptyBlocks:           true,
 		CreateEmptyBlocksInterval:   0,
-		BlockPartSize:               types.DefaultBlockPartSize, // TODO: we shouldnt be importing types
 		PeerGossipSleepDuration:     100,
 		PeerQueryMaj23SleepDuration: 2000,
 	}
--- a/config/toml.go
+++ b/config/toml.go
@@ -119,7 +119,7 @@ var testGenesis = `{
        "type": "ed25519",
        "data":"3B3069C422E19688B45CBFAE7BB009FC0FA1B1EA86593519318B7214853803C8"
      },
-      "amount": 10,
+      "power": 10,
      "name": ""
    }
  ],
--- a/consensus/byzantine_test.go
+++ b/consensus/byzantine_test.go
@@ -5,9 +5,11 @@ import (
 	"testing"
 	"time"

+	crypto "github.com/tendermint/go-crypto"
+	data "github.com/tendermint/go-wire/data"
 	"github.com/tendermint/tendermint/p2p"
 	"github.com/tendermint/tendermint/types"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 	"github.com/tendermint/tmlibs/events"
 )

@@ -53,7 +55,7 @@ func TestByzantine(t *testing.T) {
 	eventLogger := logger.With("module", "events")
 	for i := 0; i < N; i++ {
 		if i == 0 {
-			css[i].privValidator = NewByzantinePrivValidator(css[i].privValidator.(*types.PrivValidator))
+			css[i].privValidator = NewByzantinePrivValidator(css[i].privValidator)
 			// make byzantine
 			css[i].decideProposal = func(j int) func(int, int) {
 				return func(height, round int) {
@@ -147,8 +149,8 @@ func TestByzantine(t *testing.T) {
 	case <-done:
 	case <-tick.C:
 		for i, reactor := range reactors {
-			t.Log(Fmt("Consensus Reactor %v", i))
-			t.Log(Fmt("%v", reactor))
+			t.Log(cmn.Fmt("Consensus Reactor %v", i))
+			t.Log(cmn.Fmt("%v", reactor))
 		}
 		t.Fatalf("Timed out waiting for all validators to commit first block")
 	}
@@ -188,7 +190,7 @@ func byzantineDecideProposalFunc(t *testing.T, height, round int, cs *ConsensusS
 	}
 }

-func sendProposalAndParts(height, round int, cs *ConsensusState, peer *p2p.Peer, proposal *types.Proposal, blockHash []byte, parts *types.PartSet) {
+func sendProposalAndParts(height, round int, cs *ConsensusState, peer p2p.Peer, proposal *types.Proposal, blockHash []byte, parts *types.PartSet) {
 	// proposal
 	msg := &ProposalMessage{Proposal: proposal}
 	peer.Send(DataChannel, struct{ ConsensusMessage }{msg})
@@ -218,7 +220,7 @@ func sendProposalAndParts(height, round int, cs *ConsensusState, peer *p2p.Peer,
 // byzantine consensus reactor

 type ByzantineReactor struct {
-	Service
+	cmn.Service
 	reactor *ConsensusReactor
 }

@@ -231,14 +233,14 @@ func NewByzantineReactor(conR *ConsensusReactor) *ByzantineReactor {

 func (br *ByzantineReactor) SetSwitch(s *p2p.Switch)               { br.reactor.SetSwitch(s) }
 func (br *ByzantineReactor) GetChannels() []*p2p.ChannelDescriptor { return br.reactor.GetChannels() }
-func (br *ByzantineReactor) AddPeer(peer *p2p.Peer) {
+func (br *ByzantineReactor) AddPeer(peer p2p.Peer) {
 	if !br.reactor.IsRunning() {
 		return
 	}

 	// Create peerState for peer
-	peerState := NewPeerState(peer)
-	peer.Data.Set(types.PeerStateKey, peerState)
+	peerState := NewPeerState(peer).SetLogger(br.reactor.Logger)
+	peer.Set(types.PeerStateKey, peerState)

 	// Send our state to peer.
 	// If we're fast_syncing, broadcast a RoundStepMessage later upon SwitchToConsensus().
@@ -246,10 +248,10 @@ func (br *ByzantineReactor) AddPeer(peer *p2p.Peer) {
 		br.reactor.sendNewRoundStepMessages(peer)
 	}
 }
-func (br *ByzantineReactor) RemovePeer(peer *p2p.Peer, reason interface{}) {
+func (br *ByzantineReactor) RemovePeer(peer p2p.Peer, reason interface{}) {
 	br.reactor.RemovePeer(peer, reason)
 }
-func (br *ByzantineReactor) Receive(chID byte, peer *p2p.Peer, msgBytes []byte) {
+func (br *ByzantineReactor) Receive(chID byte, peer p2p.Peer, msgBytes []byte) {
 	br.reactor.Receive(chID, peer, msgBytes)
 }

@@ -257,51 +259,42 @@ func (br *ByzantineReactor) Receive(chID byte, peer *p2p.Peer, msgBytes []byte)
 // byzantine privValidator

 type ByzantinePrivValidator struct {
-	Address      []byte `json:"address"`
-	types.Signer `json:"-"`
+	types.Signer

-	mtx sync.Mutex
+	pv types.PrivValidator
 }

 // Return a priv validator that will sign anything
-func NewByzantinePrivValidator(pv *types.PrivValidator) *ByzantinePrivValidator {
+func NewByzantinePrivValidator(pv types.PrivValidator) *ByzantinePrivValidator {
 	return &ByzantinePrivValidator{
-		Address: pv.Address,
-		Signer:  pv.Signer,
+		Signer: pv.(*types.PrivValidatorFS).Signer,
+		pv:     pv,
 	}
 }

-func (privVal *ByzantinePrivValidator) GetAddress() []byte {
-	return privVal.Address
+func (privVal *ByzantinePrivValidator) GetAddress() data.Bytes {
+	return privVal.pv.GetAddress()
 }

-func (privVal *ByzantinePrivValidator) SignVote(chainID string, vote *types.Vote) error {
-	privVal.mtx.Lock()
-	defer privVal.mtx.Unlock()
+func (privVal *ByzantinePrivValidator) GetPubKey() crypto.PubKey {
+	return privVal.pv.GetPubKey()
+}

-	// Sign
-	vote.Signature = privVal.Sign(types.SignBytes(chainID, vote))
+func (privVal *ByzantinePrivValidator) SignVote(chainID string, vote *types.Vote) (err error) {
+	vote.Signature, err = privVal.Sign(types.SignBytes(chainID, vote))
+	return err
+}
+
+func (privVal *ByzantinePrivValidator) SignProposal(chainID string, proposal *types.Proposal) (err error) {
+	proposal.Signature, err = privVal.Sign(types.SignBytes(chainID, proposal))
 	return nil
 }

-func (privVal *ByzantinePrivValidator) SignProposal(chainID string, proposal *types.Proposal) error {
-	privVal.mtx.Lock()
-	defer privVal.mtx.Unlock()
-
-	// Sign
-	proposal.Signature = privVal.Sign(types.SignBytes(chainID, proposal))
-	return nil
-}
-
-func (privVal *ByzantinePrivValidator) SignHeartbeat(chainID string, heartbeat *types.Heartbeat) error {
-	privVal.mtx.Lock()
-	defer privVal.mtx.Unlock()
-
-	// Sign
-	heartbeat.Signature = privVal.Sign(types.SignBytes(chainID, heartbeat))
+func (privVal *ByzantinePrivValidator) SignHeartbeat(chainID string, heartbeat *types.Heartbeat) (err error) {
+	heartbeat.Signature, err = privVal.Sign(types.SignBytes(chainID, heartbeat))
 	return nil
 }

 func (privVal *ByzantinePrivValidator) String() string {
-	return Fmt("PrivValidator{%X}", privVal.Address)
+	return cmn.Fmt("PrivValidator{%X}", privVal.GetAddress())
 }
--- a/consensus/common_test.go
+++ b/consensus/common_test.go
@@ -15,11 +15,12 @@ import (
 	abci "github.com/tendermint/abci/types"
 	bc "github.com/tendermint/tendermint/blockchain"
 	cfg "github.com/tendermint/tendermint/config"
+	cstypes "github.com/tendermint/tendermint/consensus/types"
 	mempl "github.com/tendermint/tendermint/mempool"
 	"github.com/tendermint/tendermint/p2p"
 	sm "github.com/tendermint/tendermint/state"
 	"github.com/tendermint/tendermint/types"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 	dbm "github.com/tendermint/tmlibs/db"
 	"github.com/tendermint/tmlibs/log"

@@ -34,7 +35,7 @@ var config *cfg.Config // NOTE: must be reset for each _test.go file
 var ensureTimeout = time.Second * 2

 func ensureDir(dir string, mode os.FileMode) {
-	if err := EnsureDir(dir, mode); err != nil {
+	if err := cmn.EnsureDir(dir, mode); err != nil {
 		panic(err)
 	}
 }
@@ -50,12 +51,12 @@ type validatorStub struct {
 	Index  int // Validator index. NOTE: we don't assume validator set changes.
 	Height int
 	Round  int
-	*types.PrivValidator
+	types.PrivValidator
 }

 var testMinPower = 10

-func NewValidatorStub(privValidator *types.PrivValidator, valIndex int) *validatorStub {
+func NewValidatorStub(privValidator types.PrivValidator, valIndex int) *validatorStub {
 	return &validatorStub{
 		Index:         valIndex,
 		PrivValidator: privValidator,
@@ -65,7 +66,7 @@ func NewValidatorStub(privValidator *types.PrivValidator, valIndex int) *validat
 func (vs *validatorStub) signVote(voteType byte, hash []byte, header types.PartSetHeader) (*types.Vote, error) {
 	vote := &types.Vote{
 		ValidatorIndex:   vs.Index,
-		ValidatorAddress: vs.PrivValidator.Address,
+		ValidatorAddress: vs.PrivValidator.GetAddress(),
 		Height:           vs.Height,
 		Round:            vs.Round,
 		Type:             voteType,
@@ -142,7 +143,7 @@ func signAddVotes(to *ConsensusState, voteType byte, hash []byte, header types.P
 func validatePrevote(t *testing.T, cs *ConsensusState, round int, privVal *validatorStub, blockHash []byte) {
 	prevotes := cs.Votes.Prevotes(round)
 	var vote *types.Vote
-	if vote = prevotes.GetByAddress(privVal.Address); vote == nil {
+	if vote = prevotes.GetByAddress(privVal.GetAddress()); vote == nil {
 		panic("Failed to find prevote from validator")
 	}
 	if blockHash == nil {
@@ -159,7 +160,7 @@ func validatePrevote(t *testing.T, cs *ConsensusState, round int, privVal *valid
 func validateLastPrecommit(t *testing.T, cs *ConsensusState, privVal *validatorStub, blockHash []byte) {
 	votes := cs.LastCommit
 	var vote *types.Vote
-	if vote = votes.GetByAddress(privVal.Address); vote == nil {
+	if vote = votes.GetByAddress(privVal.GetAddress()); vote == nil {
 		panic("Failed to find precommit from validator")
 	}
 	if !bytes.Equal(vote.BlockID.Hash, blockHash) {
@@ -170,7 +171,7 @@ func validateLastPrecommit(t *testing.T, cs *ConsensusState, privVal *validatorS
 func validatePrecommit(t *testing.T, cs *ConsensusState, thisRound, lockRound int, privVal *validatorStub, votedBlockHash, lockedBlockHash []byte) {
 	precommits := cs.Votes.Precommits(thisRound)
 	var vote *types.Vote
-	if vote = precommits.GetByAddress(privVal.Address); vote == nil {
+	if vote = precommits.GetByAddress(privVal.GetAddress()); vote == nil {
 		panic("Failed to find precommit from validator")
 	}

@@ -225,11 +226,11 @@ func subscribeToVoter(cs *ConsensusState, addr []byte) chan interface{} {
 //-------------------------------------------------------------------------------
 // consensus states

-func newConsensusState(state *sm.State, pv *types.PrivValidator, app abci.Application) *ConsensusState {
+func newConsensusState(state *sm.State, pv types.PrivValidator, app abci.Application) *ConsensusState {
 	return newConsensusStateWithConfig(config, state, pv, app)
 }

-func newConsensusStateWithConfig(thisConfig *cfg.Config, state *sm.State, pv *types.PrivValidator, app abci.Application) *ConsensusState {
+func newConsensusStateWithConfig(thisConfig *cfg.Config, state *sm.State, pv types.PrivValidator, app abci.Application) *ConsensusState {
 	// Get BlockStore
 	blockDB := dbm.NewMemDB()
 	blockStore := bc.NewBlockStore(blockDB)
@@ -258,17 +259,17 @@ func newConsensusStateWithConfig(thisConfig *cfg.Config, state *sm.State, pv *ty
 	return cs
 }

-func loadPrivValidator(config *cfg.Config) *types.PrivValidator {
+func loadPrivValidator(config *cfg.Config) *types.PrivValidatorFS {
 	privValidatorFile := config.PrivValidatorFile()
 	ensureDir(path.Dir(privValidatorFile), 0700)
-	privValidator := types.LoadOrGenPrivValidator(privValidatorFile, log.TestingLogger())
+	privValidator := types.LoadOrGenPrivValidatorFS(privValidatorFile)
 	privValidator.Reset()
 	return privValidator
 }

 func fixedConsensusStateDummy() *ConsensusState {
 	stateDB := dbm.NewMemDB()
-	state := sm.MakeGenesisStateFromFile(stateDB, config.GenesisFile())
+	state, _ := sm.MakeGenesisStateFromFile(stateDB, config.GenesisFile())
 	state.SetLogger(log.TestingLogger().With("module", "state"))
 	privValidator := loadPrivValidator(config)
 	cs := newConsensusState(state, privValidator, dummy.NewDummyApplication())
@@ -338,10 +339,10 @@ func randConsensusNet(nValidators int, testName string, tickerFunc func() Timeou
 	logger := consensusLogger()
 	for i := 0; i < nValidators; i++ {
 		db := dbm.NewMemDB() // each state needs its own db
-		state := sm.MakeGenesisState(db, genDoc)
+		state, _ := sm.MakeGenesisState(db, genDoc)
 		state.SetLogger(logger.With("module", "state", "validator", i))
 		state.Save()
-		thisConfig := ResetConfig(Fmt("%s_%d", testName, i))
+		thisConfig := ResetConfig(cmn.Fmt("%s_%d", testName, i))
 		for _, opt := range configOpts {
 			opt(thisConfig)
 		}
@@ -359,18 +360,17 @@ func randConsensusNetWithPeers(nValidators, nPeers int, testName string, tickerF
 	css := make([]*ConsensusState, nPeers)
 	for i := 0; i < nPeers; i++ {
 		db := dbm.NewMemDB() // each state needs its own db
-		state := sm.MakeGenesisState(db, genDoc)
+		state, _ := sm.MakeGenesisState(db, genDoc)
 		state.SetLogger(log.TestingLogger().With("module", "state"))
 		state.Save()
-		thisConfig := ResetConfig(Fmt("%s_%d", testName, i))
+		thisConfig := ResetConfig(cmn.Fmt("%s_%d", testName, i))
 		ensureDir(path.Dir(thisConfig.Consensus.WalFile()), 0700) // dir for wal
-		var privVal *types.PrivValidator
+		var privVal types.PrivValidator
 		if i < nValidators {
 			privVal = privVals[i]
 		} else {
-			privVal = types.GenPrivValidator()
-			_, tempFilePath := Tempfile("priv_validator_")
-			privVal.SetFile(tempFilePath)
+			_, tempFilePath := cmn.Tempfile("priv_validator_")
+			privVal = types.GenPrivValidatorFS(tempFilePath)
 		}

 		css[i] = newConsensusStateWithConfig(thisConfig, state, privVal, appFunc())
@@ -380,9 +380,9 @@ func randConsensusNetWithPeers(nValidators, nPeers int, testName string, tickerF
 	return css
 }

-func getSwitchIndex(switches []*p2p.Switch, peer *p2p.Peer) int {
+func getSwitchIndex(switches []*p2p.Switch, peer p2p.Peer) int {
 	for i, s := range switches {
-		if bytes.Equal(peer.NodeInfo.PubKey.Address(), s.NodeInfo().PubKey.Address()) {
+		if bytes.Equal(peer.NodeInfo().PubKey.Address(), s.NodeInfo().PubKey.Address()) {
 			return i
 		}
 	}
@@ -393,14 +393,14 @@ func getSwitchIndex(switches []*p2p.Switch, peer *p2p.Peer) int {
 //-------------------------------------------------------------------------------
 // genesis

-func randGenesisDoc(numValidators int, randPower bool, minPower int64) (*types.GenesisDoc, []*types.PrivValidator) {
+func randGenesisDoc(numValidators int, randPower bool, minPower int64) (*types.GenesisDoc, []*types.PrivValidatorFS) {
 	validators := make([]types.GenesisValidator, numValidators)
-	privValidators := make([]*types.PrivValidator, numValidators)
+	privValidators := make([]*types.PrivValidatorFS, numValidators)
 	for i := 0; i < numValidators; i++ {
 		val, privVal := types.RandValidator(randPower, minPower)
 		validators[i] = types.GenesisValidator{
 			PubKey: val.PubKey,
-			Amount: val.VotingPower,
+			Power:  val.VotingPower,
 		}
 		privValidators[i] = privVal
 	}
@@ -412,10 +412,10 @@ func randGenesisDoc(numValidators int, randPower bool, minPower int64) (*types.G
 	}, privValidators
 }

-func randGenesisState(numValidators int, randPower bool, minPower int64) (*sm.State, []*types.PrivValidator) {
+func randGenesisState(numValidators int, randPower bool, minPower int64) (*sm.State, []*types.PrivValidatorFS) {
 	genDoc, privValidators := randGenesisDoc(numValidators, randPower, minPower)
 	db := dbm.NewMemDB()
-	s0 := sm.MakeGenesisState(db, genDoc)
+	s0, _ := sm.MakeGenesisState(db, genDoc)
 	s0.SetLogger(log.TestingLogger().With("module", "state"))
 	s0.Save()
 	return s0, privValidators
@@ -457,7 +457,7 @@ func (m *mockTicker) ScheduleTimeout(ti timeoutInfo) {
 	if m.onlyOnce && m.fired {
 		return
 	}
-	if ti.Step == RoundStepNewHeight {
+	if ti.Step == cstypes.RoundStepNewHeight {
 		m.c <- ti
 		m.fired = true
 	}
--- a/consensus/mempool_test.go
+++ b/consensus/mempool_test.go
@@ -8,7 +8,7 @@ import (
 	abci "github.com/tendermint/abci/types"
 	"github.com/tendermint/tendermint/types"

-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 )

 func init() {
@@ -86,7 +86,7 @@ func deliverTxsRange(cs *ConsensusState, start, end int) {
 		binary.BigEndian.PutUint64(txBytes, uint64(i))
 		err := cs.mempool.CheckTx(txBytes, nil)
 		if err != nil {
-			panic(Fmt("Error after CheckTx: %v", err))
+			panic(cmn.Fmt("Error after CheckTx: %v", err))
 		}
 	}
 }
@@ -183,8 +183,8 @@ func NewCounterApplication() *CounterApplication {
 	return &CounterApplication{}
 }

-func (app *CounterApplication) Info() abci.ResponseInfo {
-	return abci.ResponseInfo{Data: Fmt("txs:%v", app.txCount)}
+func (app *CounterApplication) Info(req abci.RequestInfo) abci.ResponseInfo {
+	return abci.ResponseInfo{Data: cmn.Fmt("txs:%v", app.txCount)}
 }

 func (app *CounterApplication) DeliverTx(tx []byte) abci.Result {
@@ -201,7 +201,7 @@ func runTx(tx []byte, countPtr *int) abci.Result {
 	copy(tx8[len(tx8)-len(tx):], tx)
 	txValue := binary.BigEndian.Uint64(tx8)
 	if txValue != uint64(count) {
-		return abci.ErrBadNonce.AppendLog(Fmt("Invalid nonce. Expected %v, got %v", count, txValue))
+		return abci.ErrBadNonce.AppendLog(cmn.Fmt("Invalid nonce. Expected %v, got %v", count, txValue))
 	}
 	*countPtr += 1
 	return abci.OK
--- a/consensus/reactor.go
+++ b/consensus/reactor.go
@@ -12,6 +12,7 @@ import (
 	cmn "github.com/tendermint/tmlibs/common"
 	"github.com/tendermint/tmlibs/log"

+	cstypes "github.com/tendermint/tendermint/consensus/types"
 	"github.com/tendermint/tendermint/p2p"
 	sm "github.com/tendermint/tendermint/state"
 	"github.com/tendermint/tendermint/types"
@@ -120,14 +121,14 @@ func (conR *ConsensusReactor) GetChannels() []*p2p.ChannelDescriptor {
 }

 // AddPeer implements Reactor
-func (conR *ConsensusReactor) AddPeer(peer *p2p.Peer) {
+func (conR *ConsensusReactor) AddPeer(peer p2p.Peer) {
 	if !conR.IsRunning() {
 		return
 	}

 	// Create peerState for peer
-	peerState := NewPeerState(peer)
-	peer.Data.Set(types.PeerStateKey, peerState)
+	peerState := NewPeerState(peer).SetLogger(conR.Logger)
+	peer.Set(types.PeerStateKey, peerState)

 	// Begin routines for this peer.
 	go conR.gossipDataRoutine(peer, peerState)
@@ -142,12 +143,12 @@ func (conR *ConsensusReactor) AddPeer(peer *p2p.Peer) {
 }

 // RemovePeer implements Reactor
-func (conR *ConsensusReactor) RemovePeer(peer *p2p.Peer, reason interface{}) {
+func (conR *ConsensusReactor) RemovePeer(peer p2p.Peer, reason interface{}) {
 	if !conR.IsRunning() {
 		return
 	}
 	// TODO
-	//peer.Data.Get(PeerStateKey).(*PeerState).Disconnect()
+	//peer.Get(PeerStateKey).(*PeerState).Disconnect()
 }

 // Receive implements Reactor
@@ -156,7 +157,7 @@ func (conR *ConsensusReactor) RemovePeer(peer *p2p.Peer, reason interface{}) {
 // Peer state updates can happen in parallel, but processing of
 // proposals, block parts, and votes are ordered by the receiveRoutine
 // NOTE: blocks on consensus state for proposals, block parts, and votes
-func (conR *ConsensusReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte) {
+func (conR *ConsensusReactor) Receive(chID byte, src p2p.Peer, msgBytes []byte) {
 	if !conR.IsRunning() {
 		conR.Logger.Debug("Receive", "src", src, "chId", chID, "bytes", msgBytes)
 		return
@@ -171,7 +172,7 @@ func (conR *ConsensusReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte)
 	conR.Logger.Debug("Receive", "src", src, "chId", chID, "msg", msg)

 	// Get peer states
-	ps := src.Data.Get(types.PeerStateKey).(*PeerState)
+	ps := src.Get(types.PeerStateKey).(*PeerState)

 	switch chID {
 	case StateChannel:
@@ -191,7 +192,7 @@ func (conR *ConsensusReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte)
 				return
 			}
 			// Peer claims to have a maj23 for some BlockID at H,R,S,
-			votes.SetPeerMaj23(msg.Round, msg.Type, ps.Peer.Key, msg.BlockID)
+			votes.SetPeerMaj23(msg.Round, msg.Type, ps.Peer.Key(), msg.BlockID)
 			// Respond with a VoteSetBitsMessage showing which votes we have.
 			// (and consequently shows which we don't have)
 			var ourVotes *cmn.BitArray
@@ -228,12 +229,12 @@ func (conR *ConsensusReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte)
 		switch msg := msg.(type) {
 		case *ProposalMessage:
 			ps.SetHasProposal(msg.Proposal)
-			conR.conS.peerMsgQueue <- msgInfo{msg, src.Key}
+			conR.conS.peerMsgQueue <- msgInfo{msg, src.Key()}
 		case *ProposalPOLMessage:
 			ps.ApplyProposalPOLMessage(msg)
 		case *BlockPartMessage:
 			ps.SetHasProposalBlockPart(msg.Height, msg.Round, msg.Part.Index)
-			conR.conS.peerMsgQueue <- msgInfo{msg, src.Key}
+			conR.conS.peerMsgQueue <- msgInfo{msg, src.Key()}
 		default:
 			conR.Logger.Error(cmn.Fmt("Unknown message type %v", reflect.TypeOf(msg)))
 		}
@@ -253,7 +254,7 @@ func (conR *ConsensusReactor) Receive(chID byte, src *p2p.Peer, msgBytes []byte)
 			ps.EnsureVoteBitArrays(height-1, lastCommitSize)
 			ps.SetHasVote(msg.Vote)

-			cs.peerMsgQueue <- msgInfo{msg, src.Key}
+			cs.peerMsgQueue <- msgInfo{msg, src.Key()}

 		default:
 			// don't punish (leave room for soft upgrades)
@@ -321,7 +322,7 @@ func (conR *ConsensusReactor) FastSync() bool {
 func (conR *ConsensusReactor) registerEventCallbacks() {

 	types.AddListenerForEvent(conR.evsw, "conR", types.EventStringNewRoundStep(), func(data types.TMEventData) {
-		rs := data.Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+		rs := data.Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 		conR.broadcastNewRoundStep(rs)
 	})

@@ -344,7 +345,7 @@ func (conR *ConsensusReactor) broadcastProposalHeartbeatMessage(heartbeat types.
 	conR.Switch.Broadcast(StateChannel, struct{ ConsensusMessage }{msg})
 }

-func (conR *ConsensusReactor) broadcastNewRoundStep(rs *RoundState) {
+func (conR *ConsensusReactor) broadcastNewRoundStep(rs *cstypes.RoundState) {

 	nrsMsg, csMsg := makeRoundStepMessages(rs)
 	if nrsMsg != nil {
@@ -367,7 +368,7 @@ func (conR *ConsensusReactor) broadcastHasVoteMessage(vote *types.Vote) {
 	/*
 		// TODO: Make this broadcast more selective.
 		for _, peer := range conR.Switch.Peers().List() {
-			ps := peer.Data.Get(PeerStateKey).(*PeerState)
+			ps := peer.Get(PeerStateKey).(*PeerState)
 			prs := ps.GetRoundState()
 			if prs.Height == vote.Height {
 				// TODO: Also filter on round?
@@ -381,7 +382,7 @@ func (conR *ConsensusReactor) broadcastHasVoteMessage(vote *types.Vote) {
 	*/
 }

-func makeRoundStepMessages(rs *RoundState) (nrsMsg *NewRoundStepMessage, csMsg *CommitStepMessage) {
+func makeRoundStepMessages(rs *cstypes.RoundState) (nrsMsg *NewRoundStepMessage, csMsg *CommitStepMessage) {
 	nrsMsg = &NewRoundStepMessage{
 		Height: rs.Height,
 		Round:  rs.Round,
@@ -389,7 +390,7 @@ func makeRoundStepMessages(rs *RoundState) (nrsMsg *NewRoundStepMessage, csMsg *
 		SecondsSinceStartTime: int(time.Since(rs.StartTime).Seconds()),
 		LastCommitRound:       rs.LastCommit.Round(),
 	}
-	if rs.Step == RoundStepCommit {
+	if rs.Step == cstypes.RoundStepCommit {
 		csMsg = &CommitStepMessage{
 			Height:           rs.Height,
 			BlockPartsHeader: rs.ProposalBlockParts.Header(),
@@ -399,7 +400,7 @@ func makeRoundStepMessages(rs *RoundState) (nrsMsg *NewRoundStepMessage, csMsg *
 	return
 }

-func (conR *ConsensusReactor) sendNewRoundStepMessages(peer *p2p.Peer) {
+func (conR *ConsensusReactor) sendNewRoundStepMessages(peer p2p.Peer) {
 	rs := conR.conS.GetRoundState()
 	nrsMsg, csMsg := makeRoundStepMessages(rs)
 	if nrsMsg != nil {
@@ -410,7 +411,7 @@ func (conR *ConsensusReactor) sendNewRoundStepMessages(peer *p2p.Peer) {
 	}
 }

-func (conR *ConsensusReactor) gossipDataRoutine(peer *p2p.Peer, ps *PeerState) {
+func (conR *ConsensusReactor) gossipDataRoutine(peer p2p.Peer, ps *PeerState) {
 	logger := conR.Logger.With("peer", peer)

 OUTER_LOOP:
@@ -491,8 +492,8 @@ OUTER_LOOP:
 	}
 }

-func (conR *ConsensusReactor) gossipDataForCatchup(logger log.Logger, rs *RoundState,
-	prs *PeerRoundState, ps *PeerState, peer *p2p.Peer) {
+func (conR *ConsensusReactor) gossipDataForCatchup(logger log.Logger, rs *cstypes.RoundState,
+	prs *cstypes.PeerRoundState, ps *PeerState, peer p2p.Peer) {

 	if index, ok := prs.ProposalBlockParts.Not().PickRandom(); ok {
 		// Ensure that the peer's PartSetHeader is correct
@@ -534,7 +535,7 @@ func (conR *ConsensusReactor) gossipDataForCatchup(logger log.Logger, rs *RoundS
 	}
 }

-func (conR *ConsensusReactor) gossipVotesRoutine(peer *p2p.Peer, ps *PeerState) {
+func (conR *ConsensusReactor) gossipVotesRoutine(peer p2p.Peer, ps *PeerState) {
 	logger := conR.Logger.With("peer", peer)

 	// Simple hack to throttle logs upon sleep.
@@ -606,24 +607,24 @@ OUTER_LOOP:
 	}
 }

-func (conR *ConsensusReactor) gossipVotesForHeight(logger log.Logger, rs *RoundState, prs *PeerRoundState, ps *PeerState) bool {
+func (conR *ConsensusReactor) gossipVotesForHeight(logger log.Logger, rs *cstypes.RoundState, prs *cstypes.PeerRoundState, ps *PeerState) bool {

 	// If there are lastCommits to send...
-	if prs.Step == RoundStepNewHeight {
+	if prs.Step == cstypes.RoundStepNewHeight {
 		if ps.PickSendVote(rs.LastCommit) {
 			logger.Debug("Picked rs.LastCommit to send")
 			return true
 		}
 	}
 	// If there are prevotes to send...
-	if prs.Step <= RoundStepPrevote && prs.Round != -1 && prs.Round <= rs.Round {
+	if prs.Step <= cstypes.RoundStepPrevote && prs.Round != -1 && prs.Round <= rs.Round {
 		if ps.PickSendVote(rs.Votes.Prevotes(prs.Round)) {
 			logger.Debug("Picked rs.Prevotes(prs.Round) to send", "round", prs.Round)
 			return true
 		}
 	}
 	// If there are precommits to send...
-	if prs.Step <= RoundStepPrecommit && prs.Round != -1 && prs.Round <= rs.Round {
+	if prs.Step <= cstypes.RoundStepPrecommit && prs.Round != -1 && prs.Round <= rs.Round {
 		if ps.PickSendVote(rs.Votes.Precommits(prs.Round)) {
 			logger.Debug("Picked rs.Precommits(prs.Round) to send", "round", prs.Round)
 			return true
@@ -644,7 +645,7 @@ func (conR *ConsensusReactor) gossipVotesForHeight(logger log.Logger, rs *RoundS

 // NOTE: `queryMaj23Routine` has a simple crude design since it only comes
 // into play for liveness when there's a signature DDoS attack happening.
-func (conR *ConsensusReactor) queryMaj23Routine(peer *p2p.Peer, ps *PeerState) {
+func (conR *ConsensusReactor) queryMaj23Routine(peer p2p.Peer, ps *PeerState) {
 	logger := conR.Logger.With("peer", peer)

 OUTER_LOOP:
@@ -743,7 +744,7 @@ func (conR *ConsensusReactor) StringIndented(indent string) string {
 	s := "ConsensusReactor{\n"
 	s += indent + "  " + conR.conS.StringIndented(indent+"  ") + "\n"
 	for _, peer := range conR.Switch.Peers().List() {
-		ps := peer.Data.Get(types.PeerStateKey).(*PeerState)
+		ps := peer.Get(types.PeerStateKey).(*PeerState)
 		s += indent + "  " + ps.StringIndented(indent+"  ") + "\n"
 	}
 	s += indent + "}"
@@ -752,54 +753,6 @@ func (conR *ConsensusReactor) StringIndented(indent string) string {

 //-----------------------------------------------------------------------------

-// PeerRoundState contains the known state of a peer.
-// NOTE: Read-only when returned by PeerState.GetRoundState().
-type PeerRoundState struct {
-	Height                   int                 // Height peer is at
-	Round                    int                 // Round peer is at, -1 if unknown.
-	Step                     RoundStepType       // Step peer is at
-	StartTime                time.Time           // Estimated start of round 0 at this height
-	Proposal                 bool                // True if peer has proposal for this round
-	ProposalBlockPartsHeader types.PartSetHeader //
-	ProposalBlockParts       *cmn.BitArray       //
-	ProposalPOLRound         int                 // Proposal's POL round. -1 if none.
-	ProposalPOL              *cmn.BitArray       // nil until ProposalPOLMessage received.
-	Prevotes                 *cmn.BitArray       // All votes peer has for this round
-	Precommits               *cmn.BitArray       // All precommits peer has for this round
-	LastCommitRound          int                 // Round of commit for last height. -1 if none.
-	LastCommit               *cmn.BitArray       // All commit precommits of commit for last height.
-	CatchupCommitRound       int                 // Round that we have commit for. Not necessarily unique. -1 if none.
-	CatchupCommit            *cmn.BitArray       // All commit precommits peer has for this height & CatchupCommitRound
-}
-
-// String returns a string representation of the PeerRoundState
-func (prs PeerRoundState) String() string {
-	return prs.StringIndented("")
-}
-
-// StringIndented returns a string representation of the PeerRoundState
-func (prs PeerRoundState) StringIndented(indent string) string {
-	return fmt.Sprintf(`PeerRoundState{
-%s  %v/%v/%v @%v
-%s  Proposal %v -> %v
-%s  POL      %v (round %v)
-%s  Prevotes   %v
-%s  Precommits %v
-%s  LastCommit %v (round %v)
-%s  Catchup    %v (round %v)
-%s}`,
-		indent, prs.Height, prs.Round, prs.Step, prs.StartTime,
-		indent, prs.ProposalBlockPartsHeader, prs.ProposalBlockParts,
-		indent, prs.ProposalPOL, prs.ProposalPOLRound,
-		indent, prs.Prevotes,
-		indent, prs.Precommits,
-		indent, prs.LastCommit, prs.LastCommitRound,
-		indent, prs.CatchupCommit, prs.CatchupCommitRound,
-		indent)
-}
-
-//-----------------------------------------------------------------------------
-
 var (
 	ErrPeerStateHeightRegression = errors.New("Error peer state height regression")
 	ErrPeerStateInvalidStartTime = errors.New("Error peer state invalid startTime")
@@ -808,17 +761,19 @@ var (
 // PeerState contains the known state of a peer, including its connection
 // and threadsafe access to its PeerRoundState.
 type PeerState struct {
-	Peer *p2p.Peer
+	Peer   p2p.Peer
+	logger log.Logger

 	mtx sync.Mutex
-	PeerRoundState
+	cstypes.PeerRoundState
 }

 // NewPeerState returns a new PeerState for the given Peer
-func NewPeerState(peer *p2p.Peer) *PeerState {
+func NewPeerState(peer p2p.Peer) *PeerState {
 	return &PeerState{
-		Peer: peer,
-		PeerRoundState: PeerRoundState{
+		Peer:   peer,
+		logger: log.NewNopLogger(),
+		PeerRoundState: cstypes.PeerRoundState{
 			Round:              -1,
 			ProposalPOLRound:   -1,
 			LastCommitRound:    -1,
@@ -827,9 +782,14 @@ func NewPeerState(peer *p2p.Peer) *PeerState {
 	}
 }

+func (ps *PeerState) SetLogger(logger log.Logger) *PeerState {
+	ps.logger = logger
+	return ps
+}
+
 // GetRoundState returns an atomic snapshot of the PeerRoundState.
 // There's no point in mutating it since it won't change PeerState.
-func (ps *PeerState) GetRoundState() *PeerRoundState {
+func (ps *PeerState) GetRoundState() *cstypes.PeerRoundState {
 	ps.mtx.Lock()
 	defer ps.mtx.Unlock()

@@ -918,7 +878,7 @@ func (ps *PeerState) PickVoteToSend(votes types.VoteSetReader) (vote *types.Vote

 func (ps *PeerState) getVoteBitArray(height, round int, type_ byte) *cmn.BitArray {
 	if !types.IsVoteTypeValid(type_) {
-		cmn.PanicSanity("Invalid vote type")
+		return nil
 	}

 	if ps.Height == height {
@@ -1025,11 +985,14 @@ func (ps *PeerState) SetHasVote(vote *types.Vote) {
 }

 func (ps *PeerState) setHasVote(height int, round int, type_ byte, index int) {
-	logger := ps.Peer.Logger.With("peerRound", ps.Round, "height", height, "round", round)
+	logger := ps.logger.With("peerRound", ps.Round, "height", height, "round", round)
 	logger.Debug("setHasVote(LastCommit)", "lastCommit", ps.LastCommit, "index", index)

 	// NOTE: some may be nil BitArrays -> no side effects.
-	ps.getVoteBitArray(height, round, type_).SetIndex(index, true)
+	psVotes := ps.getVoteBitArray(height, round, type_)
+	if psVotes != nil {
+		psVotes.SetIndex(index, true)
+	}
 }

 // ApplyNewRoundStepMessage updates the peer state for the new round.
@@ -1160,7 +1123,7 @@ func (ps *PeerState) StringIndented(indent string) string {
 %s  Key %v
 %s  PRS %v
 %s}`,
-		indent, ps.Peer.Key,
+		indent, ps.Peer.Key(),
 		indent, ps.PeerRoundState.StringIndented(indent+"  "),
 		indent)
 }
@@ -1217,7 +1180,7 @@ func DecodeMessage(bz []byte) (msgType byte, msg ConsensusMessage, err error) {
 type NewRoundStepMessage struct {
 	Height                int
 	Round                 int
-	Step                  RoundStepType
+	Step                  cstypes.RoundStepType
 	SecondsSinceStartTime int
 	LastCommitRound       int
 }
--- a/consensus/reactor_test.go
+++ b/consensus/reactor_test.go
@@ -132,7 +132,7 @@ func TestVotingPowerChange(t *testing.T) {
 	//---------------------------------------------------------------------------
 	t.Log("---------------------------- Testing changing the voting power of one validator a few times")

-	val1PubKey := css[0].privValidator.(*types.PrivValidator).PubKey
+	val1PubKey := css[0].privValidator.GetPubKey()
 	updateValidatorTx := dummy.MakeValSetChangeTx(val1PubKey.Bytes(), 25)
 	previousTotalVotingPower := css[0].GetRoundState().LastValidators.TotalVotingPower()

@@ -193,7 +193,7 @@ func TestValidatorSetChanges(t *testing.T) {
 	//---------------------------------------------------------------------------
 	t.Log("---------------------------- Testing adding one validator")

-	newValidatorPubKey1 := css[nVals].privValidator.(*types.PrivValidator).PubKey
+	newValidatorPubKey1 := css[nVals].privValidator.GetPubKey()
 	newValidatorTx1 := dummy.MakeValSetChangeTx(newValidatorPubKey1.Bytes(), uint64(testMinPower))

 	// wait till everyone makes block 2
@@ -219,7 +219,7 @@ func TestValidatorSetChanges(t *testing.T) {
 	//---------------------------------------------------------------------------
 	t.Log("---------------------------- Testing changing the voting power of one validator")

-	updateValidatorPubKey1 := css[nVals].privValidator.(*types.PrivValidator).PubKey
+	updateValidatorPubKey1 := css[nVals].privValidator.GetPubKey()
 	updateValidatorTx1 := dummy.MakeValSetChangeTx(updateValidatorPubKey1.Bytes(), 25)
 	previousTotalVotingPower := css[nVals].GetRoundState().LastValidators.TotalVotingPower()

@@ -235,10 +235,10 @@ func TestValidatorSetChanges(t *testing.T) {
 	//---------------------------------------------------------------------------
 	t.Log("---------------------------- Testing adding two validators at once")

-	newValidatorPubKey2 := css[nVals+1].privValidator.(*types.PrivValidator).PubKey
+	newValidatorPubKey2 := css[nVals+1].privValidator.GetPubKey()
 	newValidatorTx2 := dummy.MakeValSetChangeTx(newValidatorPubKey2.Bytes(), uint64(testMinPower))

-	newValidatorPubKey3 := css[nVals+2].privValidator.(*types.PrivValidator).PubKey
+	newValidatorPubKey3 := css[nVals+2].privValidator.GetPubKey()
 	newValidatorTx3 := dummy.MakeValSetChangeTx(newValidatorPubKey3.Bytes(), uint64(testMinPower))

 	waitForAndValidateBlock(t, nPeers, activeVals, eventChans, css, newValidatorTx2, newValidatorTx3)
--- a/consensus/replay.go
+++ b/consensus/replay.go
@@ -19,6 +19,7 @@ import (
 	"github.com/tendermint/tendermint/proxy"
 	sm "github.com/tendermint/tendermint/state"
 	"github.com/tendermint/tendermint/types"
+	"github.com/tendermint/tendermint/version"
 )

 // Functionality to replay blocks and messages on recovery from a crash.
@@ -115,35 +116,13 @@ func (cs *ConsensusState) catchupReplay(csHeight int) error {
 	gr, found, err = cs.wal.group.Search("#ENDHEIGHT: ", makeHeightSearchFunc(csHeight-1))
 	if err == io.EOF {
 		cs.Logger.Error("Replay: wal.group.Search returned EOF", "#ENDHEIGHT", csHeight-1)
-		// if we upgraded from 0.9 to 0.9.1, we may have #HEIGHT instead
-		// TODO (0.10.0): remove this
-		gr, found, err = cs.wal.group.Search("#HEIGHT: ", makeHeightSearchFunc(csHeight))
-		if err == io.EOF {
-			cs.Logger.Error("Replay: wal.group.Search returned EOF", "#HEIGHT", csHeight)
-			return nil
-		} else if err != nil {
-			return err
-		}
 	} else if err != nil {
 		return err
 	} else {
 		defer gr.Close()
 	}
 	if !found {
-		// if we upgraded from 0.9 to 0.9.1, we may have #HEIGHT instead
-		// TODO (0.10.0): remove this
-		gr, _, err = cs.wal.group.Search("#HEIGHT: ", makeHeightSearchFunc(csHeight))
-		if err == io.EOF {
-			cs.Logger.Error("Replay: wal.group.Search returned EOF", "#HEIGHT", csHeight)
-			return nil
-		} else if err != nil {
-			return err
-		} else {
-			defer gr.Close()
-		}
-
-		// TODO (0.10.0): uncomment
-		// return errors.New(cmn.Fmt("Cannot replay height %d. WAL does not contain #ENDHEIGHT for %d.", csHeight, csHeight-1))
+		return errors.New(cmn.Fmt("Cannot replay height %d. WAL does not contain #ENDHEIGHT for %d.", csHeight, csHeight-1))
 	}

 	cs.Logger.Info("Catchup by replaying consensus messages", "height", csHeight)
@@ -221,7 +200,7 @@ func (h *Handshaker) NBlocks() int {
 // TODO: retry the handshake/replay if it fails ?
 func (h *Handshaker) Handshake(proxyApp proxy.AppConns) error {
 	// handshake is done via info request on the query conn
-	res, err := proxyApp.Query().InfoSync()
+	res, err := proxyApp.Query().InfoSync(abci.RequestInfo{version.Version})
 	if err != nil {
 		return errors.New(cmn.Fmt("Error calling Info: %v", err))
 	}
@@ -257,7 +236,7 @@ func (h *Handshaker) ReplayBlocks(appHash []byte, appBlockHeight int, proxyApp p
 	// If appBlockHeight == 0 it means that we are at genesis and hence should send InitChain
 	if appBlockHeight == 0 {
 		validators := types.TM2PB.Validators(h.state.Validators)
-		proxyApp.Consensus().InitChainSync(validators)
+		proxyApp.Consensus().InitChainSync(abci.RequestInitChain{validators})
 	}

 	// First handle edge cases and constraints on the storeBlockHeight
@@ -324,8 +303,11 @@ func (h *Handshaker) ReplayBlocks(appHash []byte, appBlockHeight int, proxyApp p
 func (h *Handshaker) replayBlocks(proxyApp proxy.AppConns, appBlockHeight, storeBlockHeight int, mutateState bool) ([]byte, error) {
 	// App is further behind than it should be, so we need to replay blocks.
 	// We replay all blocks from appBlockHeight+1.
+	//
 	// Note that we don't have an old version of the state,
 	// so we by-pass state validation/mutation using sm.ExecCommitBlock.
+	// This also means we won't be saving validator sets if they change during this period.
+	//
 	// If mutateState == true, the final block is replayed with h.replayBlock()

 	var appHash []byte
--- a/consensus/replay_file.go
+++ b/consensus/replay_file.go
@@ -241,12 +241,15 @@ func newConsensusStateForReplay(config cfg.BaseConfig, csConfig *cfg.ConsensusCo

 	// Get State
 	stateDB := dbm.NewDB("state", config.DBBackend, config.DBDir())
-	state := sm.MakeGenesisStateFromFile(stateDB, config.GenesisFile())
+	state, err := sm.MakeGenesisStateFromFile(stateDB, config.GenesisFile())
+	if err != nil {
+		cmn.Exit(err.Error())
+	}

 	// Create proxyAppConn connection (consensus, mempool, query)
 	clientCreator := proxy.DefaultClientCreator(config.ProxyApp, config.ABCI, config.DBDir())
 	proxyApp := proxy.NewAppConns(clientCreator, NewHandshaker(state, blockStore))
-	_, err := proxyApp.Start()
+	_, err = proxyApp.Start()
 	if err != nil {
 		cmn.Exit(cmn.Fmt("Error starting proxy app conns: %v", err))
 	}
--- a/consensus/replay_test.go
+++ b/consensus/replay_test.go
@@ -13,6 +13,7 @@ import (
 	"time"

 	"github.com/tendermint/abci/example/dummy"
+	abci "github.com/tendermint/abci/types"
 	crypto "github.com/tendermint/go-crypto"
 	wire "github.com/tendermint/go-wire"
 	cmn "github.com/tendermint/tmlibs/common"
@@ -162,8 +163,8 @@ LOOP:
 	cs.Wait()
 }

-func toPV(pv PrivValidator) *types.PrivValidator {
-	return pv.(*types.PrivValidator)
+func toPV(pv types.PrivValidator) *types.PrivValidatorFS {
+	return pv.(*types.PrivValidatorFS)
 }

 func setupReplayTest(t *testing.T, thisCase *testCase, nLines int, crashAfter bool) (*ConsensusState, chan interface{}, string, string) {
@@ -267,8 +268,6 @@ func testReplayCrashBeforeWriteVote(t *testing.T, thisCase *testCase, lineNum in
 var (
 	NUM_BLOCKS = 6 // number of blocks in the test_data/many_blocks.cswal
 	mempool    = types.MockMempool{}
-
-	testPartSize int
 )

 //---------------------------------------
@@ -319,8 +318,7 @@ func testHandshakeReplay(t *testing.T, nBlocks int, mode uint) {
 	walFile := writeWAL(string(walBody))
 	config.Consensus.SetWalFile(walFile)

-	privVal := types.LoadPrivValidator(config.PrivValidatorFile())
-	testPartSize = config.Consensus.BlockPartSize
+	privVal := types.LoadPrivValidatorFS(config.PrivValidatorFile())

 	wal, err := NewWAL(walFile, false)
 	if err != nil {
@@ -335,7 +333,7 @@ func testHandshakeReplay(t *testing.T, nBlocks int, mode uint) {
 		t.Fatalf(err.Error())
 	}

-	state, store := stateAndStore(config, privVal.PubKey)
+	state, store := stateAndStore(config, privVal.GetPubKey())
 	store.chain = chain
 	store.commits = commits

@@ -349,7 +347,7 @@ func testHandshakeReplay(t *testing.T, nBlocks int, mode uint) {
 		// run nBlocks against a new client to build up the app state.
 		// use a throwaway tendermint state
 		proxyApp := proxy.NewAppConns(clientCreator2, nil)
-		state, _ := stateAndStore(config, privVal.PubKey)
+		state, _ := stateAndStore(config, privVal.GetPubKey())
 		buildAppStateFromChain(proxyApp, state, chain, nBlocks, mode)
 	}

@@ -361,7 +359,7 @@ func testHandshakeReplay(t *testing.T, nBlocks int, mode uint) {
 	}

 	// get the latest app hash from the app
-	res, err := proxyApp.Query().InfoSync()
+	res, err := proxyApp.Query().InfoSync(abci.RequestInfo{""})
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -384,6 +382,7 @@ func testHandshakeReplay(t *testing.T, nBlocks int, mode uint) {
 }

 func applyBlock(st *sm.State, blk *types.Block, proxyApp proxy.AppConns) {
+	testPartSize := st.Params().BlockPartSizeBytes
 	err := st.ApplyBlock(nil, proxyApp.Consensus(), blk, blk.MakePartSet(testPartSize).Header(), mempool)
 	if err != nil {
 		panic(err)
@@ -398,7 +397,7 @@ func buildAppStateFromChain(proxyApp proxy.AppConns,
 	}

 	validators := types.TM2PB.Validators(state.Validators)
-	proxyApp.Consensus().InitChainSync(validators)
+	proxyApp.Consensus().InitChainSync(abci.RequestInitChain{validators})

 	defer proxyApp.Stop()
 	switch mode {
@@ -432,7 +431,7 @@ func buildTMStateFromChain(config *cfg.Config, state *sm.State, chain []*types.B
 	defer proxyApp.Stop()

 	validators := types.TM2PB.Validators(state.Validators)
-	proxyApp.Consensus().InitChainSync(validators)
+	proxyApp.Consensus().InitChainSync(abci.RequestInitChain{validators})

 	var latestAppHash []byte

@@ -503,7 +502,7 @@ func makeBlockchainFromWAL(wal *WAL) ([]*types.Block, []*types.Commit, error) {
 			// if its not the first one, we have a full block
 			if blockParts != nil {
 				var n int
-				block := wire.ReadBinary(&types.Block{}, blockParts.GetReader(), types.MaxBlockSize, &n, &err).(*types.Block)
+				block := wire.ReadBinary(&types.Block{}, blockParts.GetReader(), 0, &n, &err).(*types.Block)
 				blocks = append(blocks, block)
 			}
 			blockParts = types.NewPartSetFromHeader(*p)
@@ -524,7 +523,7 @@ func makeBlockchainFromWAL(wal *WAL) ([]*types.Block, []*types.Commit, error) {
 	}
 	// grab the last block too
 	var n int
-	block := wire.ReadBinary(&types.Block{}, blockParts.GetReader(), types.MaxBlockSize, &n, &err).(*types.Block)
+	block := wire.ReadBinary(&types.Block{}, blockParts.GetReader(), 0, &n, &err).(*types.Block)
 	blocks = append(blocks, block)
 	return blocks, commits, nil
 }
@@ -560,10 +559,10 @@ func readPieceFromWAL(msgBytes []byte) (interface{}, error) {
 // fresh state and mock store
 func stateAndStore(config *cfg.Config, pubKey crypto.PubKey) (*sm.State, *mockBlockStore) {
 	stateDB := dbm.NewMemDB()
-	state := sm.MakeGenesisStateFromFile(stateDB, config.GenesisFile())
+	state, _ := sm.MakeGenesisStateFromFile(stateDB, config.GenesisFile())
 	state.SetLogger(log.TestingLogger().With("module", "state"))

-	store := NewMockBlockStore(config)
+	store := NewMockBlockStore(config, state.Params())
 	return state, store
 }

@@ -572,13 +571,14 @@ func stateAndStore(config *cfg.Config, pubKey crypto.PubKey) (*sm.State, *mockBl

 type mockBlockStore struct {
 	config  *cfg.Config
+	params  types.ConsensusParams
 	chain   []*types.Block
 	commits []*types.Commit
 }

 // TODO: NewBlockStore(db.NewMemDB) ...
-func NewMockBlockStore(config *cfg.Config) *mockBlockStore {
-	return &mockBlockStore{config, nil, nil}
+func NewMockBlockStore(config *cfg.Config, params types.ConsensusParams) *mockBlockStore {
+	return &mockBlockStore{config, params, nil, nil}
 }

 func (bs *mockBlockStore) Height() int                       { return len(bs.chain) }
@@ -586,7 +586,7 @@ func (bs *mockBlockStore) LoadBlock(height int) *types.Block { return bs.chain[h
 func (bs *mockBlockStore) LoadBlockMeta(height int) *types.BlockMeta {
 	block := bs.chain[height-1]
 	return &types.BlockMeta{
-		BlockID: types.BlockID{block.Hash(), block.MakePartSet(bs.config.Consensus.BlockPartSize).Header()},
+		BlockID: types.BlockID{block.Hash(), block.MakePartSet(bs.params.BlockPartSizeBytes).Header()},
 		Header:  block.Header,
 	}
 }
--- a/consensus/state.go
+++ b/consensus/state.go
@@ -4,8 +4,9 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
-	"path"
+	"path/filepath"
 	"reflect"
+	"runtime/debug"
 	"sync"
 	"time"

@@ -16,6 +17,7 @@ import (
 	"github.com/tendermint/tmlibs/log"

 	cfg "github.com/tendermint/tendermint/config"
+	cstypes "github.com/tendermint/tendermint/consensus/types"
 	"github.com/tendermint/tendermint/proxy"
 	sm "github.com/tendermint/tendermint/state"
 	"github.com/tendermint/tendermint/types"
@@ -38,124 +40,6 @@ var (
 	ErrVoteHeightMismatch       = errors.New("Error vote height mismatch")
 )

-//-----------------------------------------------------------------------------
-// RoundStepType enum type
-
-// RoundStepType enumerates the state of the consensus state machine
-type RoundStepType uint8 // These must be numeric, ordered.
-
-const (
-	RoundStepNewHeight     = RoundStepType(0x01) // Wait til CommitTime + timeoutCommit
-	RoundStepNewRound      = RoundStepType(0x02) // Setup new round and go to RoundStepPropose
-	RoundStepPropose       = RoundStepType(0x03) // Did propose, gossip proposal
-	RoundStepPrevote       = RoundStepType(0x04) // Did prevote, gossip prevotes
-	RoundStepPrevoteWait   = RoundStepType(0x05) // Did receive any +2/3 prevotes, start timeout
-	RoundStepPrecommit     = RoundStepType(0x06) // Did precommit, gossip precommits
-	RoundStepPrecommitWait = RoundStepType(0x07) // Did receive any +2/3 precommits, start timeout
-	RoundStepCommit        = RoundStepType(0x08) // Entered commit state machine
-	// NOTE: RoundStepNewHeight acts as RoundStepCommitWait.
-)
-
-// String returns a string
-func (rs RoundStepType) String() string {
-	switch rs {
-	case RoundStepNewHeight:
-		return "RoundStepNewHeight"
-	case RoundStepNewRound:
-		return "RoundStepNewRound"
-	case RoundStepPropose:
-		return "RoundStepPropose"
-	case RoundStepPrevote:
-		return "RoundStepPrevote"
-	case RoundStepPrevoteWait:
-		return "RoundStepPrevoteWait"
-	case RoundStepPrecommit:
-		return "RoundStepPrecommit"
-	case RoundStepPrecommitWait:
-		return "RoundStepPrecommitWait"
-	case RoundStepCommit:
-		return "RoundStepCommit"
-	default:
-		return "RoundStepUnknown" // Cannot panic.
-	}
-}
-
-//-----------------------------------------------------------------------------
-
-// RoundState defines the internal consensus state.
-// It is Immutable when returned from ConsensusState.GetRoundState()
-// TODO: Actually, only the top pointer is copied,
-// so access to field pointers is still racey
-type RoundState struct {
-	Height             int // Height we are working on
-	Round              int
-	Step               RoundStepType
-	StartTime          time.Time
-	CommitTime         time.Time // Subjective time when +2/3 precommits for Block at Round were found
-	Validators         *types.ValidatorSet
-	Proposal           *types.Proposal
-	ProposalBlock      *types.Block
-	ProposalBlockParts *types.PartSet
-	LockedRound        int
-	LockedBlock        *types.Block
-	LockedBlockParts   *types.PartSet
-	Votes              *HeightVoteSet
-	CommitRound        int            //
-	LastCommit         *types.VoteSet // Last precommits at Height-1
-	LastValidators     *types.ValidatorSet
-}
-
-// RoundStateEvent returns the H/R/S of the RoundState as an event.
-func (rs *RoundState) RoundStateEvent() types.EventDataRoundState {
-	edrs := types.EventDataRoundState{
-		Height:     rs.Height,
-		Round:      rs.Round,
-		Step:       rs.Step.String(),
-		RoundState: rs,
-	}
-	return edrs
-}
-
-// String returns a string
-func (rs *RoundState) String() string {
-	return rs.StringIndented("")
-}
-
-// StringIndented returns a string
-func (rs *RoundState) StringIndented(indent string) string {
-	return fmt.Sprintf(`RoundState{
-%s  H:%v R:%v S:%v
-%s  StartTime:     %v
-%s  CommitTime:    %v
-%s  Validators:    %v
-%s  Proposal:      %v
-%s  ProposalBlock: %v %v
-%s  LockedRound:   %v
-%s  LockedBlock:   %v %v
-%s  Votes:         %v
-%s  LastCommit: %v
-%s  LastValidators:    %v
-%s}`,
-		indent, rs.Height, rs.Round, rs.Step,
-		indent, rs.StartTime,
-		indent, rs.CommitTime,
-		indent, rs.Validators.StringIndented(indent+"    "),
-		indent, rs.Proposal,
-		indent, rs.ProposalBlockParts.StringShort(), rs.ProposalBlock.StringShort(),
-		indent, rs.LockedRound,
-		indent, rs.LockedBlockParts.StringShort(), rs.LockedBlock.StringShort(),
-		indent, rs.Votes.StringIndented(indent+"    "),
-		indent, rs.LastCommit.StringShort(),
-		indent, rs.LastValidators.StringIndented(indent+"    "),
-		indent)
-}
-
-// StringShort returns a string
-func (rs *RoundState) StringShort() string {
-	return fmt.Sprintf(`RoundState{H:%v R:%v S:%v ST:%v}`,
-		rs.Height, rs.Round, rs.Step, rs.StartTime)
-}
-
 //-----------------------------------------------------------------------------

 var (
@@ -170,24 +54,16 @@ type msgInfo struct {

 // internally generated messages which may update the state
 type timeoutInfo struct {
-	Duration time.Duration `json:"duration"`
-	Height   int           `json:"height"`
-	Round    int           `json:"round"`
-	Step     RoundStepType `json:"step"`
+	Duration time.Duration         `json:"duration"`
+	Height   int                   `json:"height"`
+	Round    int                   `json:"round"`
+	Step     cstypes.RoundStepType `json:"step"`
 }

 func (ti *timeoutInfo) String() string {
 	return fmt.Sprintf("%v ; %d/%d %v", ti.Duration, ti.Height, ti.Round, ti.Step)
 }

-// PrivValidator is a validator that can sign votes and proposals.
-type PrivValidator interface {
-	GetAddress() []byte
-	SignVote(chainID string, vote *types.Vote) error
-	SignProposal(chainID string, proposal *types.Proposal) error
-	SignHeartbeat(chainID string, heartbeat *types.Heartbeat) error
-}
-
 // ConsensusState handles execution of the consensus algorithm.
 // It processes votes and proposals, and upon reaching agreement,
 // commits blocks to the chain and executes them against the application.
@@ -197,7 +73,7 @@ type ConsensusState struct {

 	// config details
 	config        *cfg.ConsensusConfig
-	privValidator PrivValidator // for signing votes
+	privValidator types.PrivValidator // for signing votes

 	// services for creating and executing blocks
 	proxyAppConn proxy.AppConnConsensus
@@ -206,7 +82,7 @@ type ConsensusState struct {

 	// internal state
 	mtx sync.Mutex
-	RoundState
+	cstypes.RoundState
 	state *sm.State // State until height-1.

 	// state changes may be triggered by msgs from peers,
@@ -289,13 +165,13 @@ func (cs *ConsensusState) GetState() *sm.State {
 }

 // GetRoundState returns a copy of the internal consensus state.
-func (cs *ConsensusState) GetRoundState() *RoundState {
+func (cs *ConsensusState) GetRoundState() *cstypes.RoundState {
 	cs.mtx.Lock()
 	defer cs.mtx.Unlock()
 	return cs.getRoundState()
 }

-func (cs *ConsensusState) getRoundState() *RoundState {
+func (cs *ConsensusState) getRoundState() *cstypes.RoundState {
 	rs := cs.RoundState // copy
 	return &rs
 }
@@ -308,7 +184,7 @@ func (cs *ConsensusState) GetValidators() (int, []*types.Validator) {
 }

 // SetPrivValidator sets the private validator account for signing votes.
-func (cs *ConsensusState) SetPrivValidator(priv PrivValidator) {
+func (cs *ConsensusState) SetPrivValidator(priv types.PrivValidator) {
 	cs.mtx.Lock()
 	defer cs.mtx.Unlock()
 	cs.privValidator = priv
@@ -394,7 +270,7 @@ func (cs *ConsensusState) Wait() {

 // OpenWAL opens a file to log all consensus messages and timeouts for deterministic accountability
 func (cs *ConsensusState) OpenWAL(walFile string) (err error) {
-	err = cmn.EnsureDir(path.Dir(walFile), 0700)
+	err = cmn.EnsureDir(filepath.Dir(walFile), 0700)
 	if err != nil {
 		cs.Logger.Error("Error ensuring ConsensusState wal dir", "err", err.Error())
 		return err
@@ -476,20 +352,20 @@ func (cs *ConsensusState) updateHeight(height int) {
 	cs.Height = height
 }

-func (cs *ConsensusState) updateRoundStep(round int, step RoundStepType) {
+func (cs *ConsensusState) updateRoundStep(round int, step cstypes.RoundStepType) {
 	cs.Round = round
 	cs.Step = step
 }

 // enterNewRound(height, 0) at cs.StartTime.
-func (cs *ConsensusState) scheduleRound0(rs *RoundState) {
+func (cs *ConsensusState) scheduleRound0(rs *cstypes.RoundState) {
 	//cs.Logger.Info("scheduleRound0", "now", time.Now(), "startTime", cs.StartTime)
 	sleepDuration := rs.StartTime.Sub(time.Now())
-	cs.scheduleTimeout(sleepDuration, rs.Height, 0, RoundStepNewHeight)
+	cs.scheduleTimeout(sleepDuration, rs.Height, 0, cstypes.RoundStepNewHeight)
 }

 // Attempt to schedule a timeout (by sending timeoutInfo on the tickChan)
-func (cs *ConsensusState) scheduleTimeout(duration time.Duration, height, round int, step RoundStepType) {
+func (cs *ConsensusState) scheduleTimeout(duration time.Duration, height, round int, step cstypes.RoundStepType) {
 	cs.timeoutTicker.ScheduleTimeout(timeoutInfo{duration, height, round, step})
 }

@@ -531,7 +407,7 @@ func (cs *ConsensusState) reconstructLastCommit(state *sm.State) {
 }

 // Updates ConsensusState and increments height to match that of state.
-// The round becomes 0 and cs.Step becomes RoundStepNewHeight.
+// The round becomes 0 and cs.Step becomes cstypes.RoundStepNewHeight.
 func (cs *ConsensusState) updateToState(state *sm.State) {
 	if cs.CommitRound > -1 && 0 < cs.Height && cs.Height != state.LastBlockHeight {
 		cmn.PanicSanity(cmn.Fmt("updateToState() expected state height of %v but found %v",
@@ -567,7 +443,7 @@ func (cs *ConsensusState) updateToState(state *sm.State) {

 	// RoundState fields
 	cs.updateHeight(height)
-	cs.updateRoundStep(0, RoundStepNewHeight)
+	cs.updateRoundStep(0, cstypes.RoundStepNewHeight)
 	if cs.CommitTime.IsZero() {
 		// "Now" makes it easier to sync up dev nodes.
 		// We add timeoutCommit to allow transactions
@@ -585,7 +461,7 @@ func (cs *ConsensusState) updateToState(state *sm.State) {
 	cs.LockedRound = 0
 	cs.LockedBlock = nil
 	cs.LockedBlockParts = nil
-	cs.Votes = NewHeightVoteSet(state.ChainID, height, validators)
+	cs.Votes = cstypes.NewHeightVoteSet(state.ChainID, height, validators)
 	cs.CommitRound = -1
 	cs.LastCommit = lastPrecommits
 	cs.LastValidators = state.LastValidators
@@ -615,6 +491,12 @@ func (cs *ConsensusState) newStep() {
 // Updates (state transitions) happen on timeouts, complete proposals, and 2/3 majorities.
 // ConsensusState must be locked before any internal state is updated.
 func (cs *ConsensusState) receiveRoutine(maxSteps int) {
+	defer func() {
+		if r := recover(); r != nil {
+			cs.Logger.Error("CONSENSUS FAILURE!!!", "err", r, "stack", string(debug.Stack()))
+		}
+	}()
+
 	for {
 		if maxSteps > 0 {
 			if cs.nSteps >= maxSteps {
@@ -700,7 +582,7 @@ func (cs *ConsensusState) handleMsg(mi msgInfo) {
 	}
 }

-func (cs *ConsensusState) handleTimeout(ti timeoutInfo, rs RoundState) {
+func (cs *ConsensusState) handleTimeout(ti timeoutInfo, rs cstypes.RoundState) {
 	cs.Logger.Debug("Received tock", "timeout", ti.Duration, "height", ti.Height, "round", ti.Round, "step", ti.Step)

 	// timeouts must be for current height, round, step
@@ -714,19 +596,19 @@ func (cs *ConsensusState) handleTimeout(ti timeoutInfo, rs RoundState) {
 	defer cs.mtx.Unlock()

 	switch ti.Step {
-	case RoundStepNewHeight:
+	case cstypes.RoundStepNewHeight:
 		// NewRound event fired from enterNewRound.
 		// XXX: should we fire timeout here (for timeout commit)?
 		cs.enterNewRound(ti.Height, 0)
-	case RoundStepNewRound:
+	case cstypes.RoundStepNewRound:
 		cs.enterPropose(ti.Height, 0)
-	case RoundStepPropose:
+	case cstypes.RoundStepPropose:
 		types.FireEventTimeoutPropose(cs.evsw, cs.RoundStateEvent())
 		cs.enterPrevote(ti.Height, ti.Round)
-	case RoundStepPrevoteWait:
+	case cstypes.RoundStepPrevoteWait:
 		types.FireEventTimeoutWait(cs.evsw, cs.RoundStateEvent())
 		cs.enterPrecommit(ti.Height, ti.Round)
-	case RoundStepPrecommitWait:
+	case cstypes.RoundStepPrecommitWait:
 		types.FireEventTimeoutWait(cs.evsw, cs.RoundStateEvent())
 		cs.enterNewRound(ti.Height, ti.Round+1)
 	default:
@@ -753,7 +635,7 @@ func (cs *ConsensusState) handleTxsAvailable(height int) {
 // Enter: +2/3 prevotes any or +2/3 precommits for block or any from (height, round)
 // NOTE: cs.StartTime was already set for height.
 func (cs *ConsensusState) enterNewRound(height int, round int) {
-	if cs.Height != height || round < cs.Round || (cs.Round == round && cs.Step != RoundStepNewHeight) {
+	if cs.Height != height || round < cs.Round || (cs.Round == round && cs.Step != cstypes.RoundStepNewHeight) {
 		cs.Logger.Debug(cmn.Fmt("enterNewRound(%v/%v): Invalid args. Current step: %v/%v/%v", height, round, cs.Height, cs.Round, cs.Step))
 		return
 	}
@@ -774,7 +656,7 @@ func (cs *ConsensusState) enterNewRound(height int, round int) {
 	// Setup new round
 	// we don't fire newStep for this step,
 	// but we fire an event, so update the round step first
-	cs.updateRoundStep(round, RoundStepNewRound)
+	cs.updateRoundStep(round, cstypes.RoundStepNewRound)
 	cs.Validators = validators
 	if round == 0 {
 		// We've already reset these upon new height,
@@ -795,7 +677,7 @@ func (cs *ConsensusState) enterNewRound(height int, round int) {
 	waitForTxs := cs.config.WaitForTxs() && round == 0 && !cs.needProofBlock(height)
 	if waitForTxs {
 		if cs.config.CreateEmptyBlocksInterval > 0 {
-			cs.scheduleTimeout(cs.config.EmptyBlocksInterval(), height, round, RoundStepNewRound)
+			cs.scheduleTimeout(cs.config.EmptyBlocksInterval(), height, round, cstypes.RoundStepNewRound)
 		}
 		go cs.proposalHeartbeat(height, round)
 	} else {
@@ -828,7 +710,7 @@ func (cs *ConsensusState) proposalHeartbeat(height, round int) {
 	for {
 		rs := cs.GetRoundState()
 		// if we've already moved on, no need to send more heartbeats
-		if rs.Step > RoundStepNewRound || rs.Round > round || rs.Height > height {
+		if rs.Step > cstypes.RoundStepNewRound || rs.Round > round || rs.Height > height {
 			return
 		}
 		heartbeat := &types.Heartbeat{
@@ -850,7 +732,7 @@ func (cs *ConsensusState) proposalHeartbeat(height, round int) {
 // Enter (CreateEmptyBlocks, CreateEmptyBlocksInterval > 0 ): after enterNewRound(height,round), after timeout of CreateEmptyBlocksInterval
 // Enter (!CreateEmptyBlocks) : after enterNewRound(height,round), once txs are in the mempool
 func (cs *ConsensusState) enterPropose(height int, round int) {
-	if cs.Height != height || round < cs.Round || (cs.Round == round && RoundStepPropose <= cs.Step) {
+	if cs.Height != height || round < cs.Round || (cs.Round == round && cstypes.RoundStepPropose <= cs.Step) {
 		cs.Logger.Debug(cmn.Fmt("enterPropose(%v/%v): Invalid args. Current step: %v/%v/%v", height, round, cs.Height, cs.Round, cs.Step))
 		return
 	}
@@ -858,7 +740,7 @@ func (cs *ConsensusState) enterPropose(height int, round int) {

 	defer func() {
 		// Done enterPropose:
-		cs.updateRoundStep(round, RoundStepPropose)
+		cs.updateRoundStep(round, cstypes.RoundStepPropose)
 		cs.newStep()

 		// If we have the whole proposal + POL, then goto Prevote now.
@@ -870,7 +752,7 @@ func (cs *ConsensusState) enterPropose(height int, round int) {
 	}()

 	// If we don't get the proposal and all block parts quick enough, enterPrevote
-	cs.scheduleTimeout(cs.config.Propose(round), height, round, RoundStepPropose)
+	cs.scheduleTimeout(cs.config.Propose(round), height, round, cstypes.RoundStepPropose)

 	// Nothing more to do if we're not a validator
 	if cs.privValidator == nil {
@@ -977,7 +859,8 @@ func (cs *ConsensusState) createProposalBlock() (block *types.Block, blockParts
 	txs := cs.mempool.Reap(cs.config.MaxBlockSizeTxs)

 	return types.MakeBlock(cs.Height, cs.state.ChainID, txs, commit,
-		cs.state.LastBlockID, cs.state.Validators.Hash(), cs.state.AppHash, cs.config.BlockPartSize)
+		cs.state.LastBlockID, cs.state.Validators.Hash(),
+		cs.state.AppHash, cs.state.Params().BlockPartSizeBytes)
 }

 // Enter: `timeoutPropose` after entering Propose.
@@ -986,14 +869,14 @@ func (cs *ConsensusState) createProposalBlock() (block *types.Block, blockParts
 // Prevote for LockedBlock if we're locked, or ProposalBlock if valid.
 // Otherwise vote nil.
 func (cs *ConsensusState) enterPrevote(height int, round int) {
-	if cs.Height != height || round < cs.Round || (cs.Round == round && RoundStepPrevote <= cs.Step) {
+	if cs.Height != height || round < cs.Round || (cs.Round == round && cstypes.RoundStepPrevote <= cs.Step) {
 		cs.Logger.Debug(cmn.Fmt("enterPrevote(%v/%v): Invalid args. Current step: %v/%v/%v", height, round, cs.Height, cs.Round, cs.Step))
 		return
 	}

 	defer func() {
 		// Done enterPrevote:
-		cs.updateRoundStep(round, RoundStepPrevote)
+		cs.updateRoundStep(round, cstypes.RoundStepPrevote)
 		cs.newStep()
 	}()

@@ -1048,7 +931,7 @@ func (cs *ConsensusState) defaultDoPrevote(height int, round int) {

 // Enter: any +2/3 prevotes at next round.
 func (cs *ConsensusState) enterPrevoteWait(height int, round int) {
-	if cs.Height != height || round < cs.Round || (cs.Round == round && RoundStepPrevoteWait <= cs.Step) {
+	if cs.Height != height || round < cs.Round || (cs.Round == round && cstypes.RoundStepPrevoteWait <= cs.Step) {
 		cs.Logger.Debug(cmn.Fmt("enterPrevoteWait(%v/%v): Invalid args. Current step: %v/%v/%v", height, round, cs.Height, cs.Round, cs.Step))
 		return
 	}
@@ -1059,12 +942,12 @@ func (cs *ConsensusState) enterPrevoteWait(height int, round int) {

 	defer func() {
 		// Done enterPrevoteWait:
-		cs.updateRoundStep(round, RoundStepPrevoteWait)
+		cs.updateRoundStep(round, cstypes.RoundStepPrevoteWait)
 		cs.newStep()
 	}()

 	// Wait for some more prevotes; enterPrecommit
-	cs.scheduleTimeout(cs.config.Prevote(round), height, round, RoundStepPrevoteWait)
+	cs.scheduleTimeout(cs.config.Prevote(round), height, round, cstypes.RoundStepPrevoteWait)
 }

 // Enter: `timeoutPrevote` after any +2/3 prevotes.
@@ -1074,7 +957,7 @@ func (cs *ConsensusState) enterPrevoteWait(height int, round int) {
 // else, unlock an existing lock and precommit nil if +2/3 of prevotes were nil,
 // else, precommit nil otherwise.
 func (cs *ConsensusState) enterPrecommit(height int, round int) {
-	if cs.Height != height || round < cs.Round || (cs.Round == round && RoundStepPrecommit <= cs.Step) {
+	if cs.Height != height || round < cs.Round || (cs.Round == round && cstypes.RoundStepPrecommit <= cs.Step) {
 		cs.Logger.Debug(cmn.Fmt("enterPrecommit(%v/%v): Invalid args. Current step: %v/%v/%v", height, round, cs.Height, cs.Round, cs.Step))
 		return
 	}
@@ -1083,7 +966,7 @@ func (cs *ConsensusState) enterPrecommit(height int, round int) {

 	defer func() {
 		// Done enterPrecommit:
-		cs.updateRoundStep(round, RoundStepPrecommit)
+		cs.updateRoundStep(round, cstypes.RoundStepPrecommit)
 		cs.newStep()
 	}()

@@ -1167,7 +1050,7 @@ func (cs *ConsensusState) enterPrecommit(height int, round int) {

 // Enter: any +2/3 precommits for next round.
 func (cs *ConsensusState) enterPrecommitWait(height int, round int) {
-	if cs.Height != height || round < cs.Round || (cs.Round == round && RoundStepPrecommitWait <= cs.Step) {
+	if cs.Height != height || round < cs.Round || (cs.Round == round && cstypes.RoundStepPrecommitWait <= cs.Step) {
 		cs.Logger.Debug(cmn.Fmt("enterPrecommitWait(%v/%v): Invalid args. Current step: %v/%v/%v", height, round, cs.Height, cs.Round, cs.Step))
 		return
 	}
@@ -1178,18 +1061,18 @@ func (cs *ConsensusState) enterPrecommitWait(height int, round int) {

 	defer func() {
 		// Done enterPrecommitWait:
-		cs.updateRoundStep(round, RoundStepPrecommitWait)
+		cs.updateRoundStep(round, cstypes.RoundStepPrecommitWait)
 		cs.newStep()
 	}()

 	// Wait for some more precommits; enterNewRound
-	cs.scheduleTimeout(cs.config.Precommit(round), height, round, RoundStepPrecommitWait)
+	cs.scheduleTimeout(cs.config.Precommit(round), height, round, cstypes.RoundStepPrecommitWait)

 }

 // Enter: +2/3 precommits for block
 func (cs *ConsensusState) enterCommit(height int, commitRound int) {
-	if cs.Height != height || RoundStepCommit <= cs.Step {
+	if cs.Height != height || cstypes.RoundStepCommit <= cs.Step {
 		cs.Logger.Debug(cmn.Fmt("enterCommit(%v/%v): Invalid args. Current step: %v/%v/%v", height, commitRound, cs.Height, cs.Round, cs.Step))
 		return
 	}
@@ -1198,7 +1081,7 @@ func (cs *ConsensusState) enterCommit(height int, commitRound int) {
 	defer func() {
 		// Done enterCommit:
 		// keep cs.Round the same, commitRound points to the right Precommits set.
-		cs.updateRoundStep(cs.Round, RoundStepCommit)
+		cs.updateRoundStep(cs.Round, cstypes.RoundStepCommit)
 		cs.CommitRound = commitRound
 		cs.CommitTime = time.Now()
 		cs.newStep()
@@ -1255,9 +1138,9 @@ func (cs *ConsensusState) tryFinalizeCommit(height int) {
 	cs.finalizeCommit(height)
 }

-// Increment height and goto RoundStepNewHeight
+// Increment height and goto cstypes.RoundStepNewHeight
 func (cs *ConsensusState) finalizeCommit(height int) {
-	if cs.Height != height || cs.Step != RoundStepCommit {
+	if cs.Height != height || cs.Step != cstypes.RoundStepCommit {
 		cs.Logger.Debug(cmn.Fmt("finalizeCommit(%v): Invalid args. Current step: %v/%v/%v", height, cs.Height, cs.Round, cs.Step))
 		return
 	}
@@ -1351,7 +1234,7 @@ func (cs *ConsensusState) finalizeCommit(height int) {

 	// By here,
 	// * cs.Height has been increment to height+1
-	// * cs.Step is now RoundStepNewHeight
+	// * cs.Step is now cstypes.RoundStepNewHeight
 	// * cs.StartTime is set to when we will start round0.
 }

@@ -1369,8 +1252,8 @@ func (cs *ConsensusState) defaultSetProposal(proposal *types.Proposal) error {
 		return nil
 	}

-	// We don't care about the proposal if we're already in RoundStepCommit.
-	if RoundStepCommit <= cs.Step {
+	// We don't care about the proposal if we're already in cstypes.RoundStepCommit.
+	if cstypes.RoundStepCommit <= cs.Step {
 		return nil
 	}

@@ -1411,13 +1294,14 @@ func (cs *ConsensusState) addProposalBlockPart(height int, part *types.Part, ver
 		// Added and completed!
 		var n int
 		var err error
-		cs.ProposalBlock = wire.ReadBinary(&types.Block{}, cs.ProposalBlockParts.GetReader(), types.MaxBlockSize, &n, &err).(*types.Block)
+		cs.ProposalBlock = wire.ReadBinary(&types.Block{}, cs.ProposalBlockParts.GetReader(),
+			cs.state.Params().BlockSizeParams.MaxBytes, &n, &err).(*types.Block)
 		// NOTE: it's possible to receive complete proposal blocks for future rounds without having the proposal
 		cs.Logger.Info("Received complete proposal block", "height", cs.ProposalBlock.Height, "hash", cs.ProposalBlock.Hash())
-		if cs.Step == RoundStepPropose && cs.isProposalComplete() {
+		if cs.Step == cstypes.RoundStepPropose && cs.isProposalComplete() {
 			// Move onto the next step
 			cs.enterPrevote(height, cs.Round)
-		} else if cs.Step == RoundStepCommit {
+		} else if cs.Step == cstypes.RoundStepCommit {
 			// If we're waiting on the proposal block...
 			cs.tryFinalizeCommit(height)
 		}
@@ -1462,7 +1346,7 @@ func (cs *ConsensusState) addVote(vote *types.Vote, peerKey string) (added bool,
 	// A precommit for the previous height?
 	// These come in while we wait timeoutCommit
 	if vote.Height+1 == cs.Height {
-		if !(cs.Step == RoundStepNewHeight && vote.Type == types.VoteTypePrecommit) {
+		if !(cs.Step == cstypes.RoundStepNewHeight && vote.Type == types.VoteTypePrecommit) {
 			// TODO: give the reason ..
 			// fmt.Errorf("tryAddVote: Wrong height, not a LastCommit straggler commit.")
 			return added, ErrVoteHeightMismatch
@@ -1475,7 +1359,7 @@ func (cs *ConsensusState) addVote(vote *types.Vote, peerKey string) (added bool,
 			// if we can skip timeoutCommit and have all the votes now,
 			if cs.config.SkipTimeoutCommit && cs.LastCommit.HasAll() {
 				// go straight to new round (skip timeout commit)
-				// cs.scheduleTimeout(time.Duration(0), cs.Height, 0, RoundStepNewHeight)
+				// cs.scheduleTimeout(time.Duration(0), cs.Height, 0, cstypes.RoundStepNewHeight)
 				cs.enterNewRound(cs.Height, 0)
 			}
 		}
@@ -1539,7 +1423,7 @@ func (cs *ConsensusState) addVote(vote *types.Vote, peerKey string) (added bool,
 						if cs.config.SkipTimeoutCommit && precommits.HasAll() {
 							// if we have all the votes now,
 							// go straight to new round (skip timeout commit)
-							// cs.scheduleTimeout(time.Duration(0), cs.Height, 0, RoundStepNewHeight)
+							// cs.scheduleTimeout(time.Duration(0), cs.Height, 0, cstypes.RoundStepNewHeight)
 							cs.enterNewRound(cs.Height, 0)
 						}

@@ -1600,7 +1484,7 @@ func (cs *ConsensusState) signAddVote(type_ byte, hash []byte, header types.Part

 //---------------------------------------------------------

-func CompareHRS(h1, r1 int, s1 RoundStepType, h2, r2 int, s2 RoundStepType) int {
+func CompareHRS(h1, r1 int, s1 cstypes.RoundStepType, h2, r2 int, s2 cstypes.RoundStepType) int {
 	if h1 < h2 {
 		return -1
 	} else if h1 > h2 {
--- a/consensus/state_test.go
+++ b/consensus/state_test.go
@@ -6,8 +6,9 @@ import (
 	"testing"
 	"time"

+	cstypes "github.com/tendermint/tendermint/consensus/types"
 	"github.com/tendermint/tendermint/types"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 )

 func init() {
@@ -79,8 +80,8 @@ func TestProposerSelection0(t *testing.T) {
 	<-newRoundCh

 	prop = cs1.GetRoundState().Validators.GetProposer()
-	if !bytes.Equal(prop.Address, vss[1].Address) {
-		panic(Fmt("expected proposer to be validator %d. Got %X", 1, prop.Address))
+	if !bytes.Equal(prop.Address, vss[1].GetAddress()) {
+		panic(cmn.Fmt("expected proposer to be validator %d. Got %X", 1, prop.Address))
 	}
 }

@@ -100,8 +101,8 @@ func TestProposerSelection2(t *testing.T) {
 	// everyone just votes nil. we get a new proposer each round
 	for i := 0; i < len(vss); i++ {
 		prop := cs1.GetRoundState().Validators.GetProposer()
-		if !bytes.Equal(prop.Address, vss[(i+2)%len(vss)].Address) {
-			panic(Fmt("expected proposer to be validator %d. Got %X", (i+2)%len(vss), prop.Address))
+		if !bytes.Equal(prop.Address, vss[(i+2)%len(vss)].GetAddress()) {
+			panic(cmn.Fmt("expected proposer to be validator %d. Got %X", (i+2)%len(vss), prop.Address))
 		}

 		rs := cs1.GetRoundState()
@@ -180,7 +181,7 @@ func TestBadProposal(t *testing.T) {
 	height, round := cs1.Height, cs1.Round
 	vs2 := vss[1]

-	partSize := config.Consensus.BlockPartSize
+	partSize := cs1.state.Params().BlockPartSizeBytes

 	proposalCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringCompleteProposal(), 1)
 	voteCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringVote(), 1)
@@ -247,7 +248,7 @@ func TestFullRound1(t *testing.T) {

 	// grab proposal
 	re := <-propCh
-	propBlockHash := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState).ProposalBlock.Hash()
+	propBlockHash := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState).ProposalBlock.Hash()

 	<-voteCh // wait for prevote
 	// NOTE: voteChan cap of 0 ensures we can complete this
@@ -327,7 +328,7 @@ func TestLockNoPOL(t *testing.T) {
 	vs2 := vss[1]
 	height := cs1.Height

-	partSize := config.Consensus.BlockPartSize
+	partSize := cs1.state.Params().BlockPartSizeBytes

 	timeoutProposeCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutPropose(), 1)
 	timeoutWaitCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutWait(), 1)
@@ -344,7 +345,7 @@ func TestLockNoPOL(t *testing.T) {
 	cs1.startRoutines(0)

 	re := <-proposalCh
-	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 	theBlockHash := rs.ProposalBlock.Hash()

 	<-voteCh // prevote
@@ -384,7 +385,7 @@ func TestLockNoPOL(t *testing.T) {

 	// now we're on a new round and not the proposer, so wait for timeout
 	re = <-timeoutProposeCh
-	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)

 	if rs.ProposalBlock != nil {
 		panic("Expected proposal block to be nil")
@@ -428,11 +429,11 @@ func TestLockNoPOL(t *testing.T) {
 	incrementRound(vs2)

 	re = <-proposalCh
-	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)

 	// now we're on a new round and are the proposer
 	if !bytes.Equal(rs.ProposalBlock.Hash(), rs.LockedBlock.Hash()) {
-		panic(Fmt("Expected proposal block to be locked block. Got %v, Expected %v", rs.ProposalBlock, rs.LockedBlock))
+		panic(cmn.Fmt("Expected proposal block to be locked block. Got %v, Expected %v", rs.ProposalBlock, rs.LockedBlock))
 	}

 	<-voteCh // prevote
@@ -493,7 +494,7 @@ func TestLockPOLRelock(t *testing.T) {
 	cs1, vss := randConsensusState(4)
 	vs2, vs3, vs4 := vss[1], vss[2], vss[3]

-	partSize := config.Consensus.BlockPartSize
+	partSize := cs1.state.Params().BlockPartSizeBytes

 	timeoutProposeCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutPropose(), 1)
 	timeoutWaitCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutWait(), 1)
@@ -502,8 +503,6 @@ func TestLockPOLRelock(t *testing.T) {
 	newRoundCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringNewRound(), 1)
 	newBlockCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringNewBlockHeader(), 1)

-	t.Logf("vs2 last round %v", vs2.PrivValidator.LastRound)
-
 	// everything done from perspective of cs1

 	/*
@@ -517,7 +516,7 @@ func TestLockPOLRelock(t *testing.T) {

 	<-newRoundCh
 	re := <-proposalCh
-	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 	theBlockHash := rs.ProposalBlock.Hash()

 	<-voteCh // prevote
@@ -593,7 +592,7 @@ func TestLockPOLRelock(t *testing.T) {
 	be := <-newBlockCh
 	b := be.(types.TMEventData).Unwrap().(types.EventDataNewBlockHeader)
 	re = <-newRoundCh
-	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 	if rs.Height != 2 {
 		panic("Expected height to increment")
 	}
@@ -608,7 +607,7 @@ func TestLockPOLUnlock(t *testing.T) {
 	cs1, vss := randConsensusState(4)
 	vs2, vs3, vs4 := vss[1], vss[2], vss[3]

-	partSize := config.Consensus.BlockPartSize
+	partSize := cs1.state.Params().BlockPartSizeBytes

 	proposalCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringCompleteProposal(), 1)
 	timeoutProposeCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutPropose(), 1)
@@ -629,7 +628,7 @@ func TestLockPOLUnlock(t *testing.T) {
 	startTestRound(cs1, cs1.Height, 0)
 	<-newRoundCh
 	re := <-proposalCh
-	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 	theBlockHash := rs.ProposalBlock.Hash()

 	<-voteCh // prevote
@@ -655,7 +654,7 @@ func TestLockPOLUnlock(t *testing.T) {

 	// timeout to new round
 	re = <-timeoutWaitCh
-	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 	lockedBlockHash := rs.LockedBlock.Hash()

 	//XXX: this isnt guaranteed to get there before the timeoutPropose ...
@@ -703,7 +702,7 @@ func TestLockPOLSafety1(t *testing.T) {
 	cs1, vss := randConsensusState(4)
 	vs2, vs3, vs4 := vss[1], vss[2], vss[3]

-	partSize := config.Consensus.BlockPartSize
+	partSize := cs1.state.Params().BlockPartSizeBytes

 	proposalCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringCompleteProposal(), 1)
 	timeoutProposeCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutPropose(), 1)
@@ -715,7 +714,7 @@ func TestLockPOLSafety1(t *testing.T) {
 	startTestRound(cs1, cs1.Height, 0)
 	<-newRoundCh
 	re := <-proposalCh
-	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 	propBlock := rs.ProposalBlock

 	<-voteCh // prevote
@@ -763,7 +762,7 @@ func TestLockPOLSafety1(t *testing.T) {
 		re = <-proposalCh
 	}

-	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)

 	if rs.LockedBlock != nil {
 		panic("we should not be locked!")
@@ -824,7 +823,7 @@ func TestLockPOLSafety2(t *testing.T) {
 	cs1, vss := randConsensusState(4)
 	vs2, vs3, vs4 := vss[1], vss[2], vss[3]

-	partSize := config.Consensus.BlockPartSize
+	partSize := cs1.state.Params().BlockPartSizeBytes

 	proposalCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringCompleteProposal(), 1)
 	timeoutProposeCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutPropose(), 1)
@@ -850,7 +849,7 @@ func TestLockPOLSafety2(t *testing.T) {

 	incrementRound(vs2, vs3, vs4)

-	cs1.updateRoundStep(0, RoundStepPrecommitWait)
+	cs1.updateRoundStep(0, cstypes.RoundStepPrecommitWait)

 	t.Log("### ONTO Round 1")
 	// jump in at round 1
@@ -931,7 +930,7 @@ func TestSlashingPrevotes(t *testing.T) {
 	re := <-proposalCh
 	<-voteCh // prevote

-	rs := re.(types.EventDataRoundState).RoundState.(*RoundState)
+	rs := re.(types.EventDataRoundState).RoundState.(*cstypes.RoundState)

 	// we should now be stuck in limbo forever, waiting for more prevotes
 	// add one for a different block should cause us to go into prevote wait
@@ -999,7 +998,7 @@ func TestHalt1(t *testing.T) {
 	cs1, vss := randConsensusState(4)
 	vs2, vs3, vs4 := vss[1], vss[2], vss[3]

-	partSize := config.Consensus.BlockPartSize
+	partSize := cs1.state.Params().BlockPartSizeBytes

 	proposalCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringCompleteProposal(), 1)
 	timeoutWaitCh := subscribeToEvent(cs1.evsw, "tester", types.EventStringTimeoutWait(), 1)
@@ -1011,7 +1010,7 @@ func TestHalt1(t *testing.T) {
 	startTestRound(cs1, cs1.Height, 0)
 	<-newRoundCh
 	re := <-proposalCh
-	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs := re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)
 	propBlock := rs.ProposalBlock
 	propBlockParts := propBlock.MakePartSet(partSize)

@@ -1034,7 +1033,7 @@ func TestHalt1(t *testing.T) {
 	// timeout to new round
 	<-timeoutWaitCh
 	re = <-newRoundCh
-	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)

 	t.Log("### ONTO ROUND 1")
 	/*Round2
@@ -1052,7 +1051,7 @@ func TestHalt1(t *testing.T) {
 	// receiving that precommit should take us straight to commit
 	<-newBlockCh
 	re = <-newRoundCh
-	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*RoundState)
+	rs = re.(types.TMEventData).Unwrap().(types.EventDataRoundState).RoundState.(*cstypes.RoundState)

 	if rs.Height != 2 {
 		panic("expected height to increment")
--- a/consensus/types/height_vote_set.go
+++ b/consensus/types/height_vote_set.go
@@ -1,11 +1,11 @@
-package consensus
+package types

 import (
 	"strings"
 	"sync"

 	"github.com/tendermint/tendermint/types"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 )

 type RoundVoteSet struct {
@@ -76,7 +76,7 @@ func (hvs *HeightVoteSet) SetRound(round int) {
 	hvs.mtx.Lock()
 	defer hvs.mtx.Unlock()
 	if hvs.round != 0 && (round < hvs.round+1) {
-		PanicSanity("SetRound() must increment hvs.round")
+		cmn.PanicSanity("SetRound() must increment hvs.round")
 	}
 	for r := hvs.round + 1; r <= round; r++ {
 		if _, ok := hvs.roundVoteSets[r]; ok {
@@ -89,7 +89,7 @@ func (hvs *HeightVoteSet) SetRound(round int) {

 func (hvs *HeightVoteSet) addRound(round int) {
 	if _, ok := hvs.roundVoteSets[round]; ok {
-		PanicSanity("addRound() for an existing round")
+		cmn.PanicSanity("addRound() for an existing round")
 	}
 	// log.Debug("addRound(round)", "round", round)
 	prevotes := types.NewVoteSet(hvs.chainID, hvs.height, round, types.VoteTypePrevote, hvs.valSet)
@@ -164,7 +164,7 @@ func (hvs *HeightVoteSet) getVoteSet(round int, type_ byte) *types.VoteSet {
 	case types.VoteTypePrecommit:
 		return rvs.Precommits
 	default:
-		PanicSanity(Fmt("Unexpected vote type %X", type_))
+		cmn.PanicSanity(cmn.Fmt("Unexpected vote type %X", type_))
 		return nil
 	}
 }
@@ -194,7 +194,7 @@ func (hvs *HeightVoteSet) StringIndented(indent string) string {
 		voteSetString = roundVoteSet.Precommits.StringShort()
 		vsStrings = append(vsStrings, voteSetString)
 	}
-	return Fmt(`HeightVoteSet{H:%v R:0~%v
+	return cmn.Fmt(`HeightVoteSet{H:%v R:0~%v
 %s  %v
 %s}`,
 		hvs.height, hvs.round,
--- a/consensus/types/height_vote_set_test.go
+++ b/consensus/types/height_vote_set_test.go
@@ -1,14 +1,17 @@
-package consensus
+package types

 import (
 	"testing"

+	cfg "github.com/tendermint/tendermint/config"
 	"github.com/tendermint/tendermint/types"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 )

+var config *cfg.Config // NOTE: must be reset for each _test.go file
+
 func init() {
-	config = ResetConfig("consensus_height_vote_set_test")
+	config = cfg.ResetTestRoot("consensus_height_vote_set_test")
 }

 func TestPeerCatchupRounds(t *testing.T) {
@@ -44,10 +47,10 @@ func TestPeerCatchupRounds(t *testing.T) {

 }

-func makeVoteHR(t *testing.T, height, round int, privVals []*types.PrivValidator, valIndex int) *types.Vote {
+func makeVoteHR(t *testing.T, height, round int, privVals []*types.PrivValidatorFS, valIndex int) *types.Vote {
 	privVal := privVals[valIndex]
 	vote := &types.Vote{
-		ValidatorAddress: privVal.Address,
+		ValidatorAddress: privVal.GetAddress(),
 		ValidatorIndex:   valIndex,
 		Height:           height,
 		Round:            round,
@@ -57,7 +60,7 @@ func makeVoteHR(t *testing.T, height, round int, privVals []*types.PrivValidator
 	chainID := config.ChainID
 	err := privVal.SignVote(chainID, vote)
 	if err != nil {
-		panic(Fmt("Error signing vote: %v", err))
+		panic(cmn.Fmt("Error signing vote: %v", err))
 		return nil
 	}
 	return vote
--- a/consensus/types/reactor.go
+++ b/consensus/types/reactor.go
@@ -0,0 +1,57 @@
+package types
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/tendermint/tendermint/types"
+	cmn "github.com/tendermint/tmlibs/common"
+)
+
+//-----------------------------------------------------------------------------
+
+// PeerRoundState contains the known state of a peer.
+// NOTE: Read-only when returned by PeerState.GetRoundState().
+type PeerRoundState struct {
+	Height                   int                 // Height peer is at
+	Round                    int                 // Round peer is at, -1 if unknown.
+	Step                     RoundStepType       // Step peer is at
+	StartTime                time.Time           // Estimated start of round 0 at this height
+	Proposal                 bool                // True if peer has proposal for this round
+	ProposalBlockPartsHeader types.PartSetHeader //
+	ProposalBlockParts       *cmn.BitArray       //
+	ProposalPOLRound         int                 // Proposal's POL round. -1 if none.
+	ProposalPOL              *cmn.BitArray       // nil until ProposalPOLMessage received.
+	Prevotes                 *cmn.BitArray       // All votes peer has for this round
+	Precommits               *cmn.BitArray       // All precommits peer has for this round
+	LastCommitRound          int                 // Round of commit for last height. -1 if none.
+	LastCommit               *cmn.BitArray       // All commit precommits of commit for last height.
+	CatchupCommitRound       int                 // Round that we have commit for. Not necessarily unique. -1 if none.
+	CatchupCommit            *cmn.BitArray       // All commit precommits peer has for this height & CatchupCommitRound
+}
+
+// String returns a string representation of the PeerRoundState
+func (prs PeerRoundState) String() string {
+	return prs.StringIndented("")
+}
+
+// StringIndented returns a string representation of the PeerRoundState
+func (prs PeerRoundState) StringIndented(indent string) string {
+	return fmt.Sprintf(`PeerRoundState{
+%s  %v/%v/%v @%v
+%s  Proposal %v -> %v
+%s  POL      %v (round %v)
+%s  Prevotes   %v
+%s  Precommits %v
+%s  LastCommit %v (round %v)
+%s  Catchup    %v (round %v)
+%s}`,
+		indent, prs.Height, prs.Round, prs.Step, prs.StartTime,
+		indent, prs.ProposalBlockPartsHeader, prs.ProposalBlockParts,
+		indent, prs.ProposalPOL, prs.ProposalPOLRound,
+		indent, prs.Prevotes,
+		indent, prs.Precommits,
+		indent, prs.LastCommit, prs.LastCommitRound,
+		indent, prs.CatchupCommit, prs.CatchupCommitRound,
+		indent)
+}
--- a/consensus/types/state.go
+++ b/consensus/types/state.go
@@ -0,0 +1,126 @@
+package types
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/tendermint/tendermint/types"
+)
+
+//-----------------------------------------------------------------------------
+// RoundStepType enum type
+
+// RoundStepType enumerates the state of the consensus state machine
+type RoundStepType uint8 // These must be numeric, ordered.
+
+const (
+	RoundStepNewHeight     = RoundStepType(0x01) // Wait til CommitTime + timeoutCommit
+	RoundStepNewRound      = RoundStepType(0x02) // Setup new round and go to RoundStepPropose
+	RoundStepPropose       = RoundStepType(0x03) // Did propose, gossip proposal
+	RoundStepPrevote       = RoundStepType(0x04) // Did prevote, gossip prevotes
+	RoundStepPrevoteWait   = RoundStepType(0x05) // Did receive any +2/3 prevotes, start timeout
+	RoundStepPrecommit     = RoundStepType(0x06) // Did precommit, gossip precommits
+	RoundStepPrecommitWait = RoundStepType(0x07) // Did receive any +2/3 precommits, start timeout
+	RoundStepCommit        = RoundStepType(0x08) // Entered commit state machine
+	// NOTE: RoundStepNewHeight acts as RoundStepCommitWait.
+)
+
+// String returns a string
+func (rs RoundStepType) String() string {
+	switch rs {
+	case RoundStepNewHeight:
+		return "RoundStepNewHeight"
+	case RoundStepNewRound:
+		return "RoundStepNewRound"
+	case RoundStepPropose:
+		return "RoundStepPropose"
+	case RoundStepPrevote:
+		return "RoundStepPrevote"
+	case RoundStepPrevoteWait:
+		return "RoundStepPrevoteWait"
+	case RoundStepPrecommit:
+		return "RoundStepPrecommit"
+	case RoundStepPrecommitWait:
+		return "RoundStepPrecommitWait"
+	case RoundStepCommit:
+		return "RoundStepCommit"
+	default:
+		return "RoundStepUnknown" // Cannot panic.
+	}
+}
+
+//-----------------------------------------------------------------------------
+
+// RoundState defines the internal consensus state.
+// It is Immutable when returned from ConsensusState.GetRoundState()
+// TODO: Actually, only the top pointer is copied,
+// so access to field pointers is still racey
+type RoundState struct {
+	Height             int // Height we are working on
+	Round              int
+	Step               RoundStepType
+	StartTime          time.Time
+	CommitTime         time.Time // Subjective time when +2/3 precommits for Block at Round were found
+	Validators         *types.ValidatorSet
+	Proposal           *types.Proposal
+	ProposalBlock      *types.Block
+	ProposalBlockParts *types.PartSet
+	LockedRound        int
+	LockedBlock        *types.Block
+	LockedBlockParts   *types.PartSet
+	Votes              *HeightVoteSet
+	CommitRound        int            //
+	LastCommit         *types.VoteSet // Last precommits at Height-1
+	LastValidators     *types.ValidatorSet
+}
+
+// RoundStateEvent returns the H/R/S of the RoundState as an event.
+func (rs *RoundState) RoundStateEvent() types.EventDataRoundState {
+	edrs := types.EventDataRoundState{
+		Height:     rs.Height,
+		Round:      rs.Round,
+		Step:       rs.Step.String(),
+		RoundState: rs,
+	}
+	return edrs
+}
+
+// String returns a string
+func (rs *RoundState) String() string {
+	return rs.StringIndented("")
+}
+
+// StringIndented returns a string
+func (rs *RoundState) StringIndented(indent string) string {
+	return fmt.Sprintf(`RoundState{
+%s  H:%v R:%v S:%v
+%s  StartTime:     %v
+%s  CommitTime:    %v
+%s  Validators:    %v
+%s  Proposal:      %v
+%s  ProposalBlock: %v %v
+%s  LockedRound:   %v
+%s  LockedBlock:   %v %v
+%s  Votes:         %v
+%s  LastCommit: %v
+%s  LastValidators:    %v
+%s}`,
+		indent, rs.Height, rs.Round, rs.Step,
+		indent, rs.StartTime,
+		indent, rs.CommitTime,
+		indent, rs.Validators.StringIndented(indent+"    "),
+		indent, rs.Proposal,
+		indent, rs.ProposalBlockParts.StringShort(), rs.ProposalBlock.StringShort(),
+		indent, rs.LockedRound,
+		indent, rs.LockedBlockParts.StringShort(), rs.LockedBlock.StringShort(),
+		indent, rs.Votes.StringIndented(indent+"    "),
+		indent, rs.LastCommit.StringShort(),
+		indent, rs.LastValidators.StringIndented(indent+"    "),
+		indent)
+}
+
+// StringShort returns a string
+func (rs *RoundState) StringShort() string {
+	return fmt.Sprintf(`RoundState{H:%v R:%v S:%v ST:%v}`,
+		rs.Height, rs.Round, rs.Step, rs.StartTime)
+}
--- a/consensus/version.go
+++ b/consensus/version.go
@@ -1,7 +1,7 @@
 package consensus

 import (
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 )

 // kind of arbitrary
@@ -10,4 +10,4 @@ var Major = "0"    //
 var Minor = "2"    // replay refactor
 var Revision = "2" // validation -> commit

-var Version = Fmt("v%s/%s.%s.%s", Spec, Major, Minor, Revision)
+var Version = cmn.Fmt("v%s/%s.%s.%s", Spec, Major, Minor, Revision)
--- a/consensus/wal.go
+++ b/consensus/wal.go
@@ -6,7 +6,7 @@ import (
 	wire "github.com/tendermint/go-wire"
 	"github.com/tendermint/tendermint/types"
 	auto "github.com/tendermint/tmlibs/autofile"
-	. "github.com/tendermint/tmlibs/common"
+	cmn "github.com/tendermint/tmlibs/common"
 )

 //--------------------------------------------------------
@@ -34,7 +34,7 @@ var _ = wire.RegisterInterface(
 // TODO: currently the wal is overwritten during replay catchup
 //   give it a mode so it's either reading or appending - must read to end to start appending again
 type WAL struct {
-	BaseService
+	cmn.BaseService

 	group *auto.Group
 	light bool // ignore block parts
@@ -49,7 +49,7 @@ func NewWAL(walFile string, light bool) (*WAL, error) {
 		group: group,
 		light: light,
 	}
-	wal.BaseService = *NewBaseService(nil, "WAL", wal)
+	wal.BaseService = *cmn.NewBaseService(nil, "WAL", wal)
 	return wal, nil
 }

@@ -86,19 +86,19 @@ func (wal *WAL) Save(wmsg WALMessage) {
 	var wmsgBytes = wire.JSONBytes(TimedWALMessage{time.Now(), wmsg})
 	err := wal.group.WriteLine(string(wmsgBytes))
 	if err != nil {
-		PanicQ(Fmt("Error writing msg to consensus wal. Error: %v \n\nMessage: %v", err, wmsg))
+		cmn.PanicQ(cmn.Fmt("Error writing msg to consensus wal. Error: %v \n\nMessage: %v", err, wmsg))
 	}
 	// TODO: only flush when necessary
 	if err := wal.group.Flush(); err != nil {
-		PanicQ(Fmt("Error flushing consensus wal buf to file. Error: %v \n", err))
+		cmn.PanicQ(cmn.Fmt("Error flushing consensus wal buf to file. Error: %v \n", err))
 	}
 }

 func (wal *WAL) writeEndHeight(height int) {
-	wal.group.WriteLine(Fmt("#ENDHEIGHT: %v", height))
+	wal.group.WriteLine(cmn.Fmt("#ENDHEIGHT: %v", height))

 	// TODO: only flush when necessary
 	if err := wal.group.Flush(); err != nil {
-		PanicQ(Fmt("Error flushing consensus wal buf to file. Error: %v \n", err))
+		cmn.PanicQ(cmn.Fmt("Error flushing consensus wal buf to file. Error: %v \n", err))
 	}
 }
--- a/docs/Makefile
+++ b/docs/Makefile
@@ -0,0 +1,20 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line.
+SPHINXOPTS    =
+SPHINXBUILD   = python -msphinx
+SPHINXPROJ    = Tendermint
+SOURCEDIR     = .
+BUILDDIR      = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
--- a/docs/README.md
+++ b/docs/README.md
@@ -0,0 +1,14 @@
+Here lies our documentation. After making edits, run:
+
+```
+pip install -r requirements.txt
+make html
+```
+
+to build the docs locally then open the file `_build/html/index.html` in your browser.
+
+**WARNING:** This documentation is intended to be viewed at:
+
+https://tendermint.readthedocs.io
+
+and may contain broken internal links when viewed from Github.
--- a/docs/abci-cli.rst
+++ b/docs/abci-cli.rst
@@ -0,0 +1,255 @@
+Using ABCI-CLI
+==============
+
+To facilitate testing and debugging of ABCI servers and simple apps, we
+built a CLI, the ``abci-cli``, for sending ABCI messages from the
+command line.
+
+Install
+-------
+
+Make sure you `have Go installed <https://golang.org/doc/install>`__.
+
+Next, install the ``abci-cli`` tool and example applications:
+
+::
+
+    go get -u github.com/tendermint/abci/cmd/...
+
+If this fails, you may need to use ``glide`` to get vendored
+dependencies:
+
+::
+
+    go get github.com/Masterminds/glide
+    cd $GOPATH/src/github.com/tendermint/abci
+    glide install
+    go install ./cmd/...
+
+Now run ``abci-cli --help`` to see the list of commands:
+
+::
+
+    COMMANDS:
+       batch        Run a batch of ABCI commands against an application
+       console      Start an interactive console for multiple commands
+       echo         Have the application echo a message
+       info         Get some info about the application
+       set_option   Set an option on the application
+       deliver_tx    Append a new tx to application
+       check_tx     Validate a tx
+       commit       Get application Merkle root hash
+       help, h      Shows a list of commands or help for one command
+
+    GLOBAL OPTIONS:
+       --address "tcp://127.0.0.1:46658"    address of application socket
+       --help, -h                           show help
+       --version, -v                        print the version
+
+Dummy - First Example
+---------------------
+
+The ``abci-cli`` tool lets us send ABCI messages to our application, to
+help build and debug them.
+
+The most important messages are ``deliver_tx``, ``check_tx``, and
+``commit``, but there are others for convenience, configuration, and
+information purposes.
+
+Let's start a dummy application, which was installed at the same time as
+``abci-cli`` above. The dummy just stores transactions in a merkle tree:
+
+::
+
+    dummy
+
+In another terminal, run
+
+::
+
+    abci-cli echo hello
+    abci-cli info
+
+The application should echo ``hello`` and give you some information
+about itself.
+
+An ABCI application must provide two things:
+
+-  a socket server
+-  a handler for ABCI messages
+
+When we run the ``abci-cli`` tool we open a new connection to the
+application's socket server, send the given ABCI message, and wait for a
+response.
+
+The server may be generic for a particular language, and we provide a
+`reference implementation in
+Golang <https://github.com/tendermint/abci/tree/master/server>`__. See
+the `list of other ABCI
+implementations <https://tendermint.com/ecosystem>`__ for servers in
+other languages.
+
+The handler is specific to the application, and may be arbitrary, so
+long as it is deterministic and conforms to the ABCI interface
+specification.
+
+So when we run ``abci-cli info``, we open a new connection to the ABCI
+server, which calls the ``Info()`` method on the application, which
+tells us the number of transactions in our Merkle tree.
+
+Now, since every command opens a new connection, we provide the
+``abci-cli console`` and ``abci-cli batch`` commands, to allow multiple
+ABCI messages to be sent over a single connection.
+
+Running ``abci-cli console`` should drop you in an interactive console
+for speaking ABCI messages to your application.
+
+Try running these commands:
+
+::
+
+    > echo hello
+    -> data: hello
+
+    > info
+    -> data: {"size":0}
+
+    > commit
+    -> data: 0x
+
+    > deliver_tx "abc"
+    -> code: OK
+
+    > info
+    -> data: {"size":1}
+
+    > commit
+    -> data: 0x750502FC7E84BBD788ED589624F06CFA871845D1
+
+    > query "abc"
+    -> code: OK
+    -> data: {"index":0,"value":"abc","exists":true}
+
+    > deliver_tx "def=xyz"
+    -> code: OK
+
+    > commit
+    -> data: 0x76393B8A182E450286B0694C629ECB51B286EFD5
+
+    > query "def"
+    -> code: OK
+    -> data: {"index":1,"value":"xyz","exists":true}
+
+Note that if we do ``deliver_tx "abc"`` it will store ``(abc, abc)``,
+but if we do ``deliver_tx "abc=efg"`` it will store ``(abc, efg)``.
+
+Similarly, you could put the commands in a file and run
+``abci-cli --verbose batch < myfile``.
+
+Counter - Another Example
+-------------------------
+
+Now that we've got the hang of it, let's try another application, the
+"counter" app.
+
+The counter app doesn't use a Merkle tree, it just counts how many times
+we've sent a transaction, asked for a hash, or committed the state. The
+result of ``commit`` is just the number of transactions sent.
+
+This application has two modes: ``serial=off`` and ``serial=on``.
+
+When ``serial=on``, transactions must be a big-endian encoded
+incrementing integer, starting at 0.
+
+If ``serial=off``, there are no restrictions on transactions.
+
+We can toggle the value of ``serial`` using the ``set_option`` ABCI
+message.
+
+When ``serial=on``, some transactions are invalid. In a live blockchain,
+transactions collect in memory before they are committed into blocks. To
+avoid wasting resources on invalid transactions, ABCI provides the
+``check_tx`` message, which application developers can use to accept or
+reject transactions, before they are stored in memory or gossipped to
+other peers.
+
+In this instance of the counter app, ``check_tx`` only allows
+transactions whose integer is greater than the last committed one.
+
+Let's kill the console and the dummy application, and start the counter
+app:
+
+::
+
+    counter
+
+In another window, start the ``abci-cli console``:
+
+::
+
+    > set_option serial on
+    -> data: serial=on
+
+    > check_tx 0x00
+    -> code: OK
+
+    > check_tx 0xff
+    -> code: OK
+
+    > deliver_tx 0x00
+    -> code: OK
+
+    > check_tx 0x00
+    -> code: BadNonce
+    -> log: Invalid nonce. Expected >= 1, got 0
+
+    > deliver_tx 0x01
+    -> code: OK
+
+    > deliver_tx 0x04
+    -> code: BadNonce
+    -> log: Invalid nonce. Expected 2, got 4
+
+    > info
+    -> data: {"hashes":0,"txs":2}
+
+This is a very simple application, but between ``counter`` and
+``dummy``, its easy to see how you can build out arbitrary application
+states on top of the ABCI. `Hyperledger's
+Burrow <https://github.com/hyperledger/burrow>`__ also runs atop ABCI,
+bringing with it Ethereum-like accounts, the Ethereum virtual-machine,
+Monax's permissioning scheme, and native contracts extensions.
+
+But the ultimate flexibility comes from being able to write the
+application easily in any language.
+
+We have implemented the counter in a number of languages (see the
+example directory).
+
+To run the Node JS version, ``cd`` to ``example/js`` and run
+
+::
+
+    node app.js
+
+(you'll have to kill the other counter application process). In another
+window, run the console and those previous ABCI commands. You should get
+the same results as for the Go version.
+
+Bounties
+--------
+
+Want to write the counter app in your favorite language?! We'd be happy
+to add you to our `ecosystem <https://tendermint.com/ecosystem>`__!
+We're also offering `bounties <https://tendermint.com/bounties>`__ for
+implementations in new languages!
+
+The ``abci-cli`` is designed strictly for testing and debugging. In a
+real deployment, the role of sending messages is taken by Tendermint,
+which connects to the app using three separate connections, each with
+its own pattern of messages.
+
+For more information, see the `application developers
+guide <./app-development.html>`__. For examples of running an ABCI
+app with Tendermint, see the `getting started
+guide <./getting-started.html>`__.
--- a/docs/app-architecture.rst
+++ b/docs/app-architecture.rst
@@ -0,0 +1,125 @@
+Application Architecture Guide
+==============================
+
+Overview
+--------
+
+A blockchain application is more than the consensus engine and the
+transaction logic (eg. smart contracts, business logic) as implemented
+in the ABCI app. There are also (mobile, web, desktop) clients that will
+need to connect and make use of the app. We will assume for now that you
+have a well designed transactions and database model, but maybe this
+will be the topic of another article. This article is more interested in
+various ways of setting up the "plumbing" and connecting these pieces,
+and demonstrating some evolving best practices.
+
+Security
+--------
+
+A very important aspect when constructing a blockchain is security. The
+consensus model can be DoSed (no consensus possible) by corrupting 1/3
+of the validators and exploited (writing arbitrary blocks) by corrupting
+2/3 of the validators. So, while the security is not that of the
+"weakest link", you should take care that the "average link" is
+sufficiently hardened.
+
+One big attack surface on the validators is the communication between
+the ABCI app and the tendermint core. This should be highly protected.
+Ideally, the app and the core are running on the same machine, so no
+external agent can target the communication channel. You can use unix
+sockets (with permissions preventing access from other users), or even
+compile the two apps into one binary if the ABCI app is also writen in
+go. If you are unable to do that due to language support, then the ABCI
+app should bind a TCP connection to localhost (127.0.0.1), which is less
+efficient and secure, but still not reachable from outside. If you must
+run the ABCI app and tendermint core on separate machines, make sure you
+have a secure communication channel (ssh tunnel?)
+
+Now assuming, you have linked together your app and the core securely,
+you must also make sure no one can get on the machine it is hosted on.
+At this point it is basic network security. Run on a secure operating
+system (SELinux?). Limit who has access to the machine (user accounts,
+but also where the physical machine is hosted). Turn off all services
+except for ssh, which should only be accessible by some well-guarded
+public/private key pairs (no password). And maybe even firewall off
+access to the ports used by the validators, so only known validators can
+connect.
+
+There was also a suggestion on slack from @jhon about compiling
+everything together with a unikernel for more security, such as
+`Mirage <https://mirage.io>`__ or
+`UNIK <https://github.com/emc-advanced-dev/unik>`__.
+
+Connecting your client to the blockchain
+----------------------------------------
+
+Tendermint Core RPC
+~~~~~~~~~~~~~~~~~~~
+
+The concept is that the ABCI app is completely hidden from the outside
+world and only communicated through a tested and secured `interface
+exposed by the tendermint core <./specification/rpc.html>`__. This interface
+exposes a lot of data on the block header and consensus process, which
+is quite useful for externally verifying the system. It also includes
+3(!) methods to broadcast a transaction (propose it for the blockchain,
+and possibly await a response). And one method to query app-specific
+data from the ABCI application.
+
+Pros:
+* Server code already written
+* Access to block headers to validate merkle proofs (nice for light clients)
+* Basic read/write functionality is supported
+
+Cons:
+* Limited interface to app. All queries must be serialized into
+[]byte (less expressive than JSON over HTTP) and there is no way to push
+data from ABCI app to the client (eg. notify me if account X receives a
+transaction)
+
+Custom ABCI server
+~~~~~~~~~~~~~~~~~~
+
+This was proposed by @wolfposd on slack and demonstrated by
+`TMChat <https://github.com/wolfposd/TMChat>`__, a sample app. The
+concept is to write a custom server for your app (with typical REST
+API/websockets/etc for easy use by a mobile app). This custom server is
+in the same binary as the ABCI app and data store, so can easily react
+to complex events there that involve understanding the data format (send
+a message if my balance drops below 500). All "writes" sent to this
+server are proxied via websocket/JSON-RPC to tendermint core. When they
+come back as deliver\_tx over ABCI, they will be written to the data
+store. For "reads", we can do any queries we wish that are supported by
+our architecture, using any web technology that is useful. The general
+architecture is shown in the following diagram:
+
+Pros: \* Separates application logic from blockchain logic \* Allows
+much richer, more flexible client-facing API \* Allows pub-sub, watching
+certain fields, etc.
+
+Cons: \* Access to ABCI app can be dangerous (be VERY careful not to
+write unless it comes from the validator node) \* No direct access to
+the blockchain headers to verify tx \* You must write your own API (but
+maybe that's a pro...)
+
+Hybrid solutions
+~~~~~~~~~~~~~~~~
+
+Likely the least secure but most versatile. The client can access both
+the tendermint node for all blockchain info, as well as a custom app
+server, for complex queries and pub-sub on the abci app.
+
+Pros: All from both above solutions
+
+Cons: Even more complexity; even more attack vectors (less
+security)
+
+Scalability
+-----------
+
+Read replica using non-validating nodes? They could forward transactions
+to the validators (fewer connections, more security), and locally allow
+all queries in any of the above configurations. Thus, while
+transaction-processing speed is limited by the speed of the abci app and
+the number of validators, one should be able to scale our read
+performance to quite an extent (until the replication process drains too
+many resources from the validator nodes).
--- a/docs/app-development.rst
+++ b/docs/app-development.rst
@@ -0,0 +1,403 @@
+Application Development Guide
+=============================
+
+ABCI Design
+-----------
+
+The purpose of ABCI is to provide a clean interface between state
+transition machines on one computer and the mechanics of their
+replication across multiple computers. The former we call 'application
+logic' and the latter the 'consensus engine'. Application logic
+validates transactions and optionally executes transactions against some
+persistent state. A consensus engine ensures all transactions are
+replicated in the same order on every machine. We call each machine in a
+consensus engine a 'validator', and each validator runs the same
+transactions through the same application logic. In particular, we are
+interested in blockchain-style consensus engines, where transactions are
+committed in hash-linked blocks.
+
+The ABCI design has a few distinct components:
+
+-  message protocol
+
+   -  pairs of request and response messages
+   -  consensus makes requests, application responds
+   -  defined using protobuf
+
+-  server/client
+
+   -  consensus engine runs the client
+   -  application runs the server
+   -  two implementations:
+
+      -  async raw bytes
+      -  grpc
+
+-  blockchain protocol
+
+   -  abci is connection oriented
+   -  Tendermint Core maintains three connections:
+
+      -  `mempool connection <#mempool-connection>`__: for checking if
+         transactions should be relayed before they are committed; only
+         uses ``CheckTx``
+      -  `consensus connection <#consensus-connection>`__: for executing
+         transactions that have been committed. Message sequence is -
+         for every block -
+         ``BeginBlock, [DeliverTx, ...], EndBlock, Commit``
+      -  `query connection <#query-connection>`__: for querying the
+         application state; only uses Query and Info
+
+The mempool and consensus logic act as clients, and each maintains an
+open ABCI connection with the application, which hosts an ABCI server.
+Shown are the request and response types sent on each connection.
+
+Message Protocol
+----------------
+
+The message protocol consists of pairs of requests and responses. Some
+messages have no fields, while others may include byte-arrays, strings,
+or integers. See the ``message Request`` and ``message Response``
+definitions in `the protobuf definition
+file <https://github.com/tendermint/abci/blob/master/types/types.proto>`__,
+and the `protobuf
+documentation <https://developers.google.com/protocol-buffers/docs/overview>`__
+for more details.
+
+For each request, a server should respond with the corresponding
+response, where order of requests is preserved in the order of
+responses.
+
+Server
+------
+
+To use ABCI in your programming language of choice, there must be a ABCI
+server in that language. Tendermint supports two kinds of implementation
+of the server:
+
+-  Asynchronous, raw socket server (Tendermint Socket Protocol, also
+   known as TSP or Teaspoon)
+-  GRPC
+
+Both can be tested using the ``abci-cli`` by setting the ``--abci`` flag
+appropriately (ie. to ``socket`` or ``grpc``).
+
+See examples, in various stages of maintenance, in
+`Go <https://github.com/tendermint/abci/tree/master/server>`__,
+`JavaScript <https://github.com/tendermint/js-abci>`__,
+`Python <https://github.com/tendermint/abci/tree/master/example/python3/abci>`__,
+`C++ <https://github.com/mdyring/cpp-tmsp>`__, and
+`Java <https://github.com/jTendermint/jabci>`__.
+
+GRPC
+~~~~
+
+If GRPC is available in your language, this is the easiest approach,
+though it will have significant performance overhead.
+
+To get started with GRPC, copy in the `protobuf
+file <https://github.com/tendermint/abci/blob/master/types/types.proto>`__
+and compile it using the GRPC plugin for your language. For instance,
+for golang, the command is
+``protoc --go_out=plugins=grpc:. types.proto``. See the `grpc
+documentation for more details <http://www.grpc.io/docs/>`__. ``protoc``
+will autogenerate all the necessary code for ABCI client and server in
+your language, including whatever interface your application must
+satisfy to be used by the ABCI server for handling requests.
+
+TSP
+~~~
+
+If GRPC is not available in your language, or you require higher
+performance, or otherwise enjoy programming, you may implement your own
+ABCI server using the Tendermint Socket Protocol, known affectionately
+as Teaspoon. The first step is still to auto-generate the relevant data
+types and codec in your language using ``protoc``. Messages coming over
+the socket are Protobuf3 encoded, but additionally length-prefixed to
+facilitate use as a streaming protocol. Protobuf3 doesn't have an
+official length-prefix standard, so we use our own. The first byte in
+the prefix represents the length of the Big Endian encoded length. The
+remaining bytes in the prefix are the Big Endian encoded length.
+
+For example, if the Protobuf3 encoded ABCI message is 0xDEADBEEF (4
+bytes), the length-prefixed message is 0x0104DEADBEEF. If the Protobuf3
+encoded ABCI message is 65535 bytes long, the length-prefixed message
+would be like 0x02FFFF....
+
+Note this prefixing does not apply for grpc.
+
+An ABCI server must also be able to support multiple connections, as
+Tendermint uses three connections.
+
+Client
+------
+
+There are currently two use-cases for an ABCI client. One is a testing
+tool, as in the ``abci-cli``, which allows ABCI requests to be sent via
+command line. The other is a consensus engine, such as Tendermint Core,
+which makes requests to the application every time a new transaction is
+received or a block is committed.
+
+It is unlikely that you will need to implement a client. For details of
+our client, see
+`here <https://github.com/tendermint/abci/tree/master/client>`__.
+
+Most of the examples below are from `dummy application
+<https://github.com/tendermint/abci/blob/master/example/dummy/dummy.go>`__,
+which is a part of the abci repo. `persistent_dummy application
+<https://github.com/tendermint/abci/blob/master/example/dummy/persistent_dummy.go>`__
+is used to show ``BeginBlock``, ``EndBlock`` and ``InitChain``
+example implementations.
+
+Blockchain Protocol
+-------------------
+
+In ABCI, a transaction is simply an arbitrary length byte-array. It is
+the application's responsibility to define the transaction codec as they
+please, and to use it for both CheckTx and DeliverTx.
+
+Note that there are two distinct means for running transactions,
+corresponding to stages of 'awareness' of the transaction in the
+network. The first stage is when a transaction is received by a
+validator from a client into the so-called mempool or transaction pool -
+this is where we use CheckTx. The second is when the transaction is
+successfully committed on more than 2/3 of validators - where we use
+DeliverTx. In the former case, it may not be necessary to run all the
+state transitions associated with the transaction, as the transaction
+may not ultimately be committed until some much later time, when the
+result of its execution will be different. For instance, an Ethereum
+ABCI app would check signatures and amounts in CheckTx, but would not
+actually execute any contract code until the DeliverTx, so as to avoid
+executing state transitions that have not been finalized.
+
+To formalize the distinction further, two explicit ABCI connections are
+made between Tendermint Core and the application: the mempool connection
+and the consensus connection. We also make a third connection, the query
+connection, to query the local state of the app.
+
+Mempool Connection
+~~~~~~~~~~~~~~~~~~
+
+The mempool connection is used *only* for CheckTx requests. Transactions
+are run using CheckTx in the same order they were received by the
+validator. If the CheckTx returns ``OK``, the transaction is kept in
+memory and relayed to other peers in the same order it was received.
+Otherwise, it is discarded.
+
+CheckTx requests run concurrently with block processing; so they should
+run against a copy of the main application state which is reset after
+every block. This copy is necessary to track transitions made by a
+sequence of CheckTx requests before they are included in a block. When a
+block is committed, the application must ensure to reset the mempool
+state to the latest committed state. Tendermint Core will then filter
+through all transactions in the mempool, removing any that were included
+in the block, and re-run the rest using CheckTx against the post-Commit
+mempool state.
+
+::
+
+    func (app *DummyApplication) CheckTx(tx []byte) types.Result {
+      return types.OK
+    }
+
+Consensus Connection
+~~~~~~~~~~~~~~~~~~~~
+
+The consensus connection is used only when a new block is committed, and
+communicates all information from the block in a series of requests:
+``BeginBlock, [DeliverTx, ...], EndBlock, Commit``. That is, when a
+block is committed in the consensus, we send a list of DeliverTx
+requests (one for each transaction) sandwiched by BeginBlock and
+EndBlock requests, and followed by a Commit.
+
+DeliverTx
+^^^^^^^^^
+
+DeliverTx is the workhorse of the blockchain. Tendermint sends the
+DeliverTx requests asynchronously but in order, and relies on the
+underlying socket protocol (ie. TCP) to ensure they are received by the
+app in order. They have already been ordered in the global consensus by
+the Tendermint protocol.
+
+DeliverTx returns a abci.Result, which includes a Code, Data, and Log.
+The code may be non-zero (non-OK), meaning the corresponding transaction
+should have been rejected by the mempool, but may have been included in
+a block by a Byzantine proposer.
+
+The block header will be updated (TODO) to include some commitment to
+the results of DeliverTx, be it a bitarray of non-OK transactions, or a
+merkle root of the data returned by the DeliverTx requests, or both.
+
+::
+
+    // tx is either "key=value" or just arbitrary bytes
+    func (app *DummyApplication) DeliverTx(tx []byte) types.Result {
+      parts := strings.Split(string(tx), "=")
+      if len(parts) == 2 {
+        app.state.Set([]byte(parts[0]), []byte(parts[1]))
+      } else {
+        app.state.Set(tx, tx)
+      }
+      return types.OK
+    }
+
+Commit
+^^^^^^
+
+Once all processing of the block is complete, Tendermint sends the
+Commit request and blocks waiting for a response. While the mempool may
+run concurrently with block processing (the BeginBlock, DeliverTxs, and
+EndBlock), it is locked for the Commit request so that its state can be
+safely reset during Commit. This means the app *MUST NOT* do any
+blocking communication with the mempool (ie. broadcast\_tx) during
+Commit, or there will be deadlock. Note also that all remaining
+transactions in the mempool are replayed on the mempool connection
+(CheckTx) following a commit.
+
+The app should respond to the Commit request with a byte array, which is the deterministic
+state root of the application. It is included in the header of the next
+block. It can be used to provide easily verified Merkle-proofs of the
+state of the application.
+
+It is expected that the app will persist state to disk on Commit. The
+option to have all transactions replayed from some previous block is the
+job of the `Handshake <#handshake>`__.
+
+::
+
+    func (app *DummyApplication) Commit() types.Result {
+      hash := app.state.Hash()
+      return types.NewResultOK(hash, "")
+    }
+
+BeginBlock
+^^^^^^^^^^
+
+The BeginBlock request can be used to run some code at the beginning of
+every block. It also allows Tendermint to send the current block hash
+and header to the application, before it sends any of the transactions.
+
+The app should remember the latest height and header (ie. from which it
+has run a successful Commit) so that it can tell Tendermint where to
+pick up from when it restarts. See information on the Handshake, below.
+
+::
+
+    // Track the block hash and header information
+    func (app *PersistentDummyApplication) BeginBlock(params types.RequestBeginBlock) {
+      // update latest block info
+      app.blockHeader = params.Header
+
+      // reset valset changes
+      app.changes = make([]*types.Validator, 0)
+    }
+
+EndBlock
+^^^^^^^^
+
+The EndBlock request can be used to run some code at the end of every
+block. Additionally, the response may contain a list of validators,
+which can be used to update the validator set. To add a new validator or
+update an existing one, simply include them in the list returned in the
+EndBlock response. To remove one, include it in the list with a
+``power`` equal to ``0``. Tendermint core will take care of updating the
+validator set. Note validator set changes are only available in v0.8.0
+and up.
+
+::
+
+    // Update the validator set
+    func (app *PersistentDummyApplication) EndBlock(height uint64) (resEndBlock types.ResponseEndBlock) {
+      return types.ResponseEndBlock{Diffs: app.changes}
+    }
+
+Query Connection
+~~~~~~~~~~~~~~~~
+
+This connection is used to query the application without engaging
+consensus. It's exposed over the tendermint core rpc, so clients can
+query the app without exposing a server on the app itself, but they must
+serialize each query as a single byte array. Additionally, certain
+"standardized" queries may be used to inform local decisions, for
+instance about which peers to connect to.
+
+Tendermint Core currently uses the Query connection to filter peers upon
+connecting, according to IP address or public key. For instance,
+returning non-OK ABCI response to either of the following queries will
+cause Tendermint to not connect to the corresponding peer:
+
+-  ``p2p/filter/addr/<addr>``, where ``<addr>`` is an IP address.
+-  ``p2p/filter/pubkey/<pubkey>``, where ``<pubkey>`` is the hex-encoded
+   ED25519 key of the node (not it's validator key)
+
+Note: these query formats are subject to change!
+
+::
+
+    func (app *DummyApplication) Query(reqQuery types.RequestQuery) (resQuery types.ResponseQuery) {
+      if reqQuery.Prove {
+        value, proof, exists := app.state.Proof(reqQuery.Data)
+        resQuery.Index = -1 // TODO make Proof return index
+        resQuery.Key = reqQuery.Data
+        resQuery.Value = value
+        resQuery.Proof = proof
+        if exists {
+          resQuery.Log = "exists"
+        } else {
+          resQuery.Log = "does not exist"
+        }
+        return
+      } else {
+        index, value, exists := app.state.Get(reqQuery.Data)
+        resQuery.Index = int64(index)
+        resQuery.Value = value
+        if exists {
+          resQuery.Log = "exists"
+        } else {
+          resQuery.Log = "does not exist"
+        }
+        return
+      }
+    }
+
+Handshake
+~~~~~~~~~
+
+When the app or tendermint restarts, they need to sync to a common
+height. When an ABCI connection is first established, Tendermint will
+call ``Info`` on the Query connection. The response should contain the
+LastBlockHeight and LastBlockAppHash - the former is the last block for
+the which the app ran Commit successfully, the latter is the response
+from that Commit.
+
+Using this information, Tendermint will determine what needs to be
+replayed, if anything, against the app, to ensure both Tendermint and
+the app are synced to the latest block height.
+
+If the app returns a LastBlockHeight of 0, Tendermint will just replay
+all blocks.
+
+::
+
+    func (app *DummyApplication) Info(req types.RequestInfo) (resInfo types.ResponseInfo) {
+      return types.ResponseInfo{Data: cmn.Fmt("{\"size\":%v}", app.state.Size())}
+    }
+
+Genesis
+~~~~~~~
+
+``InitChain`` will be called once upon the genesis. ``params`` includes the
+initial validator set. Later on, it may be extended to take parts of the
+consensus params.
+
+::
+
+    // Save the validators in the merkle tree
+    func (app *PersistentDummyApplication) InitChain(params types.RequestInitChain) {
+      for _, v := range params.Validators {
+        r := app.updateValidator(v)
+        if r.IsErr() {
+          app.logger.Error("Error updating validators", "r", r)
+        }
+      }
+    }
--- a/docs/architecture/README.md
+++ b/docs/architecture/README.md
@@ -0,0 +1,5 @@
+# Architecture Decision Records
+
+This is a location to record all high-level architecture decisions in the tendermint project.  Not the implementation details, but the reasoning that happened.  This should be refered to for guidance of the "right way" to extend the application.  And if we notice that the original decisions were lacking, we should have another open discussion, record the new decisions here, and then modify the code to match.
+
+Read up on the concept in this [blog post](https://product.reverb.com/documenting-architecture-decisions-the-reverb-way-a3563bb24bd0#.78xhdix6t).
--- a/docs/architecture/adr-001-logging.md
+++ b/docs/architecture/adr-001-logging.md
--- a/docs/architecture/adr-002-event-subscription.md
+++ b/docs/architecture/adr-002-event-subscription.md
@@ -0,0 +1,90 @@
+# ADR 2: Event Subscription
+
+## Context
+
+In the light client (or any other client), the user may want to **subscribe to
+a subset of transactions** (rather than all of them) using `/subscribe?event=X`. For
+example, I want to subscribe for all transactions associated with a particular
+account. Same for fetching. The user may want to **fetch transactions based on
+some filter** (rather than fetching all the blocks). For example, I want to get
+all transactions for a particular account in the last two weeks (`tx's block
+time >= '2017-06-05'`).
+
+Now you can't even subscribe to "all txs" in Tendermint.
+
+The goal is a simple and easy to use API for doing that.
+
+![Tx Send Flow Diagram](img/tags1.png)
+
+## Decision
+
+ABCI app return tags with a `DeliverTx` response inside the `data` field (_for
+now, later we may create a separate field_). Tags is a list of key-value pairs,
+protobuf encoded.
+
+Example data:
+
+```json
+{
+  "abci.account.name": "Igor",
+  "abci.account.address": "0xdeadbeef",
+  "tx.gas": 7
+}
+```
+
+### Subscribing for transactions events
+
+If the user wants to receive only a subset of transactions, ABCI-app must
+return a list of tags with a `DeliverTx` response. These tags will be parsed and
+matched with the current queries (subscribers). If the query matches the tags,
+subscriber will get the transaction event.
+
+```
+/subscribe?query="tm.event = Tx AND tx.hash = AB0023433CF0334223212243BDD AND abci.account.invoice.number = 22"
+```
+
+A new package must be developed to replace the current `events` package. It
+will allow clients to subscribe to a different types of events in the future:
+
+```
+/subscribe?query="abci.account.invoice.number = 22"
+/subscribe?query="abci.account.invoice.owner CONTAINS Igor"
+```
+
+### Fetching transactions
+
+This is a bit tricky because a) we want to support a number of indexers, all of
+which have a different API b) we don't know whenever tags will be sufficient
+for the most apps (I guess we'll see).
+
+```
+/txs/search?query="tx.hash = AB0023433CF0334223212243BDD AND abci.account.owner CONTAINS Igor"
+/txs/search?query="abci.account.owner = Igor"
+```
+
+For historic queries we will need a indexing storage (Postgres, SQLite, ...).
+
+### Issues
+
+- https://github.com/tendermint/basecoin/issues/91
+- https://github.com/tendermint/tendermint/issues/376
+- https://github.com/tendermint/tendermint/issues/287
+- https://github.com/tendermint/tendermint/issues/525 (related)
+
+## Status
+
+proposed
+
+## Consequences
+
+### Positive
+
+- same format for event notifications and search APIs
+- powerful enough query
+
+### Negative
+
+- performance of the `match` function (where we have too many queries / subscribers)
+- there is an issue where there are too many txs in the DB
+
+### Neutral
--- a/docs/architecture/adr-003-abci-app-rpc.md
+++ b/docs/architecture/adr-003-abci-app-rpc.md
@@ -1,4 +1,4 @@
-# ADR 1: Must an ABCI-app have an RPC server?
+# ADR 3: Must an ABCI-app have an RPC server?

 ## Context

--- a/docs/architecture/adr-004-historical-validators.md
+++ b/docs/architecture/adr-004-historical-validators.md
@@ -0,0 +1,38 @@
+# ADR 004: Historical Validators
+
+## Context
+
+Right now, we can query the present validator set, but there is no history.
+If you were offline for a long time, there is no way to reconstruct past validators.  This is needed for the light client and we agreed needs enhancement of the API.
+
+## Decision
+
+For every block, store a new structure that contains either the latest validator set, 
+or the height of the last block for which the validator set changed. Note this is not
+the height of the block which returned the validator set change itself, but the next block,
+ie. the first block it comes into effect for.
+
+Storing the validators will be handled by the `state` package.
+
+At some point in the future, we may consider more efficient storage in the case where the validators
+are updated frequently - for instance by only saving the diffs, rather than the whole set.
+
+An alternative approach suggested keeping the validator set, or diffs of it, in a merkle IAVL tree.
+While it might afford cheaper proofs that a validator set has not changed, it would be more complex,
+and likely less efficient. 
+
+## Status
+
+Accepted.
+
+## Consequences
+
+### Positive
+
+- Can query old validator sets, with proof.
+
+### Negative
+
+- Writes an extra structure to disk with every block.
+
+### Neutral
--- a/docs/architecture/adr-005-consensus-params.md
+++ b/docs/architecture/adr-005-consensus-params.md
@@ -0,0 +1,85 @@
+# ADR 005: Consensus Params
+
+## Context
+
+Consensus critical parameters controlling blockchain capacity have until now been hard coded, loaded from a local config, or neglected.
+Since they may be need to be different in different networks, and potentially to evolve over time within
+networks, we seek to initialize them in a genesis file, and expose them through the ABCI.
+
+While we have some specific parameters now, like maximum block and transaction size, we expect to have more in the future,
+such as a period over which evidence is valid, or the frequency of checkpoints. 
+
+## Decision
+
+### ConsensusParams
+
+No consensus critical parameters should ever be found in the `config.toml`.
+
+A new `ConsensusParams` is optionally included in the `genesis.json` file,
+and loaded into the `State`. Any items not included are set to their default value.
+A value of 0 is undefined (see ABCI, below). A value of -1 is used to indicate the parameter does not apply.
+The parameters are used to determine the validity of a block (and tx) via the union of all relevant parameters.
+
+```
+type ConsensusParams struct {
+    BlockSizeParams
+    TxSizeParams
+    BlockGossipParams
+}
+
+type BlockSizeParams struct {
+    MaxBytes int
+    MaxTxs int
+    MaxGas int
+}
+
+type TxSizeParams struct {
+    MaxBytes int
+    MaxGas int
+}
+
+type BlockGossipParams struct {
+    BlockPartSizeBytes int
+}
+```
+
+The `ConsensusParams` can evolve over time by adding new structs that cover different aspects of the consensus rules.
+
+The `BlockPartSizeBytes` and the `BlockSizeParams.MaxBytes` are enforced to be greater than 0. 
+The former because we need a part size, the latter so that we always have at least some sanity check over the size of blocks.
+
+### ABCI
+
+#### InitChain
+
+InitChain currently takes the initial validator set. It should be extended to also take parts of the ConsensusParams.
+There is some case to be made for it to take the entire Genesis, except there may be things in the genesis, 
+like the BlockPartSize, that the app shouldn't really know about.
+
+#### EndBlock
+
+The EndBlock response includes a `ConsensusParams`, which includes BlockSizeParams and TxSizeParams, but not BlockGossipParams.
+Other param struct can be added to `ConsensusParams` in the future.
+The `0` value is used to denote no change. 
+Any other value will update that parameter in the `State.ConsensusParams`, to be applied for the next block.
+Tendermint should have hard-coded upper limits as sanity checks.
+
+## Status
+
+Proposed.
+
+## Consequences
+
+### Positive
+
+- Alternative capacity limits and consensus parameters can be specified without re-compiling the software.
+- They can also change over time under the control of the application
+
+### Negative
+
+- More exposed parameters is more complexity
+- Different rules at different heights in the blockchain complicates fast sync
+
+### Neutral
+
+- The TxSizeParams, which checks validity, may be in conflict with the config's `max_block_size_tx`, which determines proposal sizes
--- a/docs/architecture/adr-template.md
+++ b/docs/architecture/adr-template.md
@@ -0,0 +1,16 @@
+# ADR 000: Template for an ADR
+
+## Context
+
+## Decision
+
+## Status
+
+
+## Consequences
+
+### Positive
+
+### Negative
+
+### Neutral
--- a/docs/architecture/img/tags1.png
+++ b/docs/architecture/img/tags1.png
--- a/docs/assets/abci.png
+++ b/docs/assets/abci.png
--- a/docs/assets/consensus_logic.png
+++ b/docs/assets/consensus_logic.png
--- a/docs/assets/tm-transaction-flow.png
+++ b/docs/assets/tm-transaction-flow.png
--- a/docs/assets/tmint-logo-blue.png
+++ b/docs/assets/tmint-logo-blue.png
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -0,0 +1,199 @@
+# -*- coding: utf-8 -*-
+#
+# Tendermint documentation build configuration file, created by
+# sphinx-quickstart on Mon Aug  7 04:55:09 2017.
+#
+# This file is execfile()d with the current directory set to its
+# containing dir.
+#
+# Note that not all possible configuration values are present in this
+# autogenerated file.
+#
+# All configuration values have a default; values that are commented out
+# serve to show the default.
+
+# If extensions (or modules to document with autodoc) are in another directory,
+# add these directories to sys.path here. If the directory is relative to the
+# documentation root, use os.path.abspath to make it absolute, like shown here.
+#
+import os
+# import sys
+# sys.path.insert(0, os.path.abspath('.'))
+import urllib
+
+import sphinx_rtd_theme
+
+
+# -- General configuration ------------------------------------------------
+
+# If your documentation needs a minimal Sphinx version, state it here.
+#
+# needs_sphinx = '1.0'
+
+# Add any Sphinx extension module names here, as strings. They can be
+# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
+# ones.
+extensions = []
+
+# Add any paths that contain templates here, relative to this directory.
+templates_path = ['_templates']
+
+# The suffix(es) of source filenames.
+# You can specify multiple suffix as a list of string:
+#
+source_suffix = ['.rst', '.md']
+# source_suffix = '.rst'
+
+# The master toctree document.
+master_doc = 'index'
+
+# General information about the project.
+project = u'Tendermint'
+copyright = u'2017, The Authors'
+author = u'Tendermint'
+
+# The version info for the project you're documenting, acts as replacement for
+# |version| and |release|, also used in various other places throughout the
+# built documents.
+#
+# The short X.Y version.
+version = u''
+# The full version, including alpha/beta/rc tags.
+release = u''
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#
+# This is also used if you do content translation via gettext catalogs.
+# Usually you set "language" from the command line for these cases.
+language = None
+
+# List of patterns, relative to source directory, that match files and
+# directories to ignore when looking for source files.
+# This patterns also effect to html_static_path and html_extra_path
+exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store', 'architecture']
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# If true, `todo` and `todoList` produce output, else they produce nothing.
+todo_include_todos = False
+
+
+# -- Options for HTML output ----------------------------------------------
+
+# The theme to use for HTML and HTML Help pages.  See the documentation for
+# a list of builtin themes.
+#
+html_theme = 'sphinx_rtd_theme'
+# html_theme = 'alabaster'
+
+# Theme options are theme-specific and customize the look and feel of a theme
+# further.  For a list of options available for each theme, see the
+# documentation.
+#
+# html_theme_options = {}
+
+# Add any paths that contain custom static files (such as style sheets) here,
+# relative to this directory. They are copied after the builtin static files,
+# so a file named "default.css" will overwrite the builtin "default.css".
+html_static_path = ['_static']
+
+# Custom sidebar templates, must be a dictionary that maps document names
+# to template names.
+#
+# This is required for the alabaster theme
+# refs: http://alabaster.readthedocs.io/en/latest/installation.html#sidebars
+html_sidebars = {
+    '**': [
+        'about.html',
+        'navigation.html',
+        'relations.html',  # needs 'show_related': True theme option to display
+        'searchbox.html',
+        'donate.html',
+    ]
+}
+
+
+# -- Options for HTMLHelp output ------------------------------------------
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = 'Tendermintdoc'
+
+
+# -- Options for LaTeX output ---------------------------------------------
+
+latex_elements = {
+    # The paper size ('letterpaper' or 'a4paper').
+    #
+    # 'papersize': 'letterpaper',
+
+    # The font size ('10pt', '11pt' or '12pt').
+    #
+    # 'pointsize': '10pt',
+
+    # Additional stuff for the LaTeX preamble.
+    #
+    # 'preamble': '',
+
+    # Latex figure (float) alignment
+    #
+    # 'figure_align': 'htbp',
+}
+
+# Grouping the document tree into LaTeX files. List of tuples
+# (source start file, target name, title,
+#  author, documentclass [howto, manual, or own class]).
+latex_documents = [
+    (master_doc, 'Tendermint.tex', u'Tendermint Documentation',
+     u'The Authors', 'manual'),
+]
+
+
+# -- Options for manual page output ---------------------------------------
+
+# One entry per manual page. List of tuples
+# (source start file, name, description, authors, manual section).
+man_pages = [
+    (master_doc, 'Tendermint', u'Tendermint Documentation',
+     [author], 1)
+]
+
+
+# -- Options for Texinfo output -------------------------------------------
+
+# Grouping the document tree into Texinfo files. List of tuples
+# (source start file, target name, title, author,
+#  dir menu entry, description, category)
+texinfo_documents = [
+    (master_doc, 'Tendermint', u'Tendermint Documentation',
+     author, 'Tendermint', 'Byzantine Fault Tolerant Consensus.',
+     'Database'),
+]
+
+repo = "https://raw.githubusercontent.com/tendermint/tools/"
+branch = "master"
+
+tools = "./tools"
+assets = tools + "/assets"
+
+if os.path.isdir(tools) != True:
+    os.mkdir(tools)
+if os.path.isdir(assets) != True:
+    os.mkdir(assets)
+
+urllib.urlretrieve(repo+branch+'/ansible/README.rst', filename=tools+'/ansible.rst')
+urllib.urlretrieve(repo+branch+'/ansible/assets/a_plus_t.png', filename=assets+'/a_plus_t.png')
+
+urllib.urlretrieve(repo+branch+'/docker/README.rst', filename=tools+'/docker.rst')
+
+urllib.urlretrieve(repo+branch+'/mintnet-kubernetes/README.rst', filename=tools+'/mintnet-kubernetes.rst')
+urllib.urlretrieve(repo+branch+'/mintnet-kubernetes/assets/gce1.png', filename=assets+'/gce1.png')
+urllib.urlretrieve(repo+branch+'/mintnet-kubernetes/assets/gce2.png', filename=assets+'/gce2.png')
+urllib.urlretrieve(repo+branch+'/mintnet-kubernetes/assets/statefulset.png', filename=assets+'/statefulset.png')
+urllib.urlretrieve(repo+branch+'/mintnet-kubernetes/assets/t_plus_k.png', filename=assets+'/t_plus_k.png')
+
+urllib.urlretrieve(repo+branch+'/terraform-digitalocean/README.rst', filename=tools+'/terraform-digitalocean.rst')
+urllib.urlretrieve(repo+branch+'/tm-bench/README.rst', filename=tools+'/benchmarking-and-monitoring.rst')
+# the readme for below is included in tm-bench
+# urllib.urlretrieve('https://raw.githubusercontent.com/tendermint/tools/master/tm-monitor/README.rst', filename='tools/tm-monitor.rst')
--- a/docs/deploy-testnets.rst
+++ b/docs/deploy-testnets.rst
@@ -0,0 +1,90 @@
+Deploy a Testnet
+================
+
+Now that we've seen how ABCI works, and even played with a few
+applications on a single validator node, it's time to deploy a test
+network to four validator nodes. For this deployment, we'll use the
+``basecoin`` application.
+
+Manual Deployments
+------------------
+
+It's relatively easy to setup a Tendermint cluster manually. The only
+requirements for a particular Tendermint node are a private key for the
+validator, stored as ``priv_validator.json``, and a list of the public
+keys of all validators, stored as ``genesis.json``. These files should
+be stored in ``~/.tendermint``, or wherever the ``$TMROOT`` variable
+might be set to.
+
+Here are the steps to setting up a testnet manually:
+
+1) Provision nodes on your cloud provider of choice
+2) Install Tendermint and the application of interest on all nodes
+3) Generate a private key for each validator using
+   ``tendermint gen_validator``
+4) Compile a list of public keys for each validator into a
+   ``genesis.json`` file.
+5) Run ``tendermint node --p2p.seeds=< seed addresses >`` on each node,
+   where ``< seed addresses >`` is a comma separated list of the IP:PORT
+   combination for each node. The default port for Tendermint is
+   ``46656``. Thus, if the IP addresses of your nodes were
+   ``192.168.0.1, 192.168.0.2, 192.168.0.3, 192.168.0.4``, the command
+   would look like:
+   ``tendermint node --p2p.seeds=192.168.0.1:46656,192.168.0.2:46656,192.168.0.3:46656,192.168.0.4:46656``.
+
+After a few seconds, all the nodes should connect to eachother and start
+making blocks! For more information, see the Tendermint Networks section
+of `the guide to using Tendermint <using-tendermint.html>`__.
+
+Automated Deployments
+---------------------
+
+While the manual deployment is easy enough, an automated deployment is
+usually quicker. The below examples show different tools that can be used
+for automated deployments.
+
+Automated Deployment using Kubernetes
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The `mintnet-kubernetes tool <https://github.com/tendermint/tools/tree/master/mintnet-kubernetes>`__
+allows automating the deployment of a Tendermint network on an already
+provisioned kubernetes cluster. For simple provisioning of a kubernetes
+cluster, check out the `Google Cloud Platform <https://cloud.google.com/>`__.
+
+Automated Deployment using Terraform and Ansible
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The `terraform-digitalocean tool <https://github.com/tendermint/tools/tree/master/terraform-digitalocean>`__
+allows creating a set of servers on the DigitalOcean cloud.
+
+The `ansible playbooks <https://github.com/tendermint/tools/tree/master/ansible>`__
+allow creating and managing a ``basecoin`` or ``ethermint`` testnet on provisioned servers.
+
+Package Deployment on Linux for developers
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The ``tendermint`` and ``basecoin`` applications can be installed from RPM or DEB packages on
+Linux machines for development purposes. The packages are configured to be validators on the
+one-node network that the machine represents. The services are not started after installation,
+this way giving an opportunity to reconfigure the applications before starting.
+
+The Ansible playbooks in the previous section use this repository to install ``basecoin``.
+After installation, additional steps are executed to make sure that the multi-node testnet has
+the right configuration before start.
+
+Install from the CentOS/RedHat repository:
+
+::
+
+    rpm --import https://tendermint-packages.interblock.io/centos/7/os/x86_64/RPM-GPG-KEY-Tendermint
+    wget -O /etc/yum.repos.d/tendermint.repo https://tendermint-packages.interblock.io/centos/7/os/x86_64/tendermint.repo
+    yum install basecoin
+
+Install from the Debian/Ubuntu repository:
+
+::
+
+    wget -O - https://tendermint-packages.interblock.io/centos/7/os/x86_64/RPM-GPG-KEY-Tendermint | apt-key add -
+    wget -O /etc/apt/sources.list.d/tendermint.list https://tendermint-packages.interblock.io/debian/tendermint.list
+    apt-get update && apt-get install basecoin
+
--- a/docs/ecosystem.rst
+++ b/docs/ecosystem.rst
@@ -0,0 +1,115 @@
+Tendermint Ecosystem
+====================
+
+Below are the many applications built using various pieces of the Tendermint stack. We thank the community for their contributions thus far  and welcome the addition of new projects. Feel free to submit a pull request to add your project!
+
+ABCI Applications
+-----------------
+
+Burrow
+^^^^^^
+
+Ethereum Virtual Machine augmented with native permissioning scheme and global key-value store, written in Go, authored by Monax Industries, and incubated `by Hyperledger <https://github.com/hyperledger/burrow>`__.
+
+cb-ledger
+^^^^^^^^^
+
+Custodian Bank Ledger, integrating central banking with the blockchains of tomorrow, written in C++, and `authored by Block Finance <https://github.com/block-finance/cpp-abci>`__.
+      
+Clearchain
+^^^^^^^^^^
+
+Application to manage a distributed ledger for money transfers that support multi-currency accounts, written in Go, and `authored by Allession Treglia <https://github.com/tendermint/clearchain>`__.
+
+Comit
+^^^^^
+
+Public service reporting and tracking, written in Go, and `authored by Zach Balder <https://github.com/zbo14/comit>`__.
+     
+Cosmos SDK
+^^^^^^^^^^
+
+A prototypical account based crypto currency state machine supporting plugins, written in Go, and `authored by Cosmos <https://github.com/cosmos/cosmos-sdk>`__.
+
+Ethermint
+^^^^^^^^^
+
+The go-ethereum state machine run as a ABCI app, written in Go, `authored by Tendermint <https://github.com/tendermint/ethermint>`__.
+
+IAVL
+^^^^
+
+Immutable AVL+ tree with Merkle proofs, Written in Go, `authored by Tendermint <https://github.com/tendermint/iavl>`__.
+
+Lotion
+^^^^^^
+
+A Javascript microframework for building blockchain applications with Tendermint, written in Javascript, `authored by Judd Keppel of Tendermint <https://github.com/keppel/lotion>`__. See also `lotion-chat <https://github.com/keppel/lotion-chat>`__ and `lotion-coin <https://github.com/keppel/lotion-coin>`__ apps written using Lotion.
+
+MerkleTree
+^^^^^^^^^^
+
+Immutable AVL+ tree with Merkle proofs, Written in Java, `authored by jTendermint <https://github.com/jTendermint/MerkleTree>`__.
+
+Passchain
+^^^^^^^^^
+
+Passchain is a tool to securely store and share passwords, tokens and other short secrets, `authored by trusch <https://github.com/trusch/passchain>`__.
+
+Passwerk
+^^^^^^^^
+
+Encrypted storage web-utility backed by Tendermint, written in Go, `authored by Rigel Rozanski <https://github.com/rigelrozanski/passwerk>`__.
+
+Py-Tendermint
+^^^^^^^^^^^^^
+
+A Python microframework for building blockchain applications with Tendermint, written in Python, `authored by Dave Bryson <https://github.com/davebryson/py-tendermint>`__.
+
+Stratumn
+^^^^^^^^
+
+SDK for "Proof-of-Process" networks, written in Go, `authored by the Stratumn team <https://github.com/stratumn/sdk>`__.
+
+TMChat
+^^^^^^
+
+P2P chat using Tendermint, written in Java, `authored by wolfposd <https://github.com/wolfposd/TMChat>`__.
+      
+
+ABCI Servers
+------------
+
+-------------------------------------------------------------+--------------------+--------------+
+| **Name**                                                    | **Author**         | **Language** |       
+|                                                             |                    |              |      
+-------------------------------------------------------------+--------------------+--------------+
+| `abci <https://github.com/tendermint/abci>`__               | Tendermint         | Go           |
+-------------------------------------------------------------+--------------------+--------------+
+| `js abci <https://github.com/tendermint/js-abci>`__         | Tendermint         | Javascript   |                       
+-------------------------------------------------------------+--------------------+--------------+
+| `cpp-tmsp <https://github.com/block-finance/cpp-abci>`__    | Martin Dyring      | C++          |
+-------------------------------------------------------------+--------------------+--------------+
+| `c-abci <https://github.com/chainx-org/c-abci>`__           | ChainX             | C            |
+-------------------------------------------------------------+--------------------+--------------+
+| `jabci <https://github.com/jTendermint/jabci>`__            | jTendermint        | Java         |
+-------------------------------------------------------------+--------------------+--------------+
+| `Spearmint <https://github.com/dennismckinnon/spearmint>`__ | Dennis Mckinnon    | Javascript   |
+-------------------------------------------------------------+--------------------+--------------+
+| `ocaml-tmsp <https://github.com/zbo14/ocaml-tmsp>`__        | Zach Balder        | Ocaml        |
+-------------------------------------------------------------+--------------------+--------------+
+| `abci_server <https://github.com/KrzysiekJ/abci_server>`__  | Krzysztof Jurewicz | Erlang       |
+-------------------------------------------------------------+--------------------+--------------+
+| `rust-tsp <https://github.com/tendermint/rust-tsp>`__       | Adrian Brink       | Rust         |
+-------------------------------------------------------------+--------------------+--------------+
+| `hs-abci <https://github.com/albertov/hs-abci>`__           | Alberto Gonzalez   | Haskell      |
+-------------------------------------------------------------+--------------------+--------------+
+| `haskell-abci <https://github.com/cwgoes/haskell-abci>`__   | Christoper Goes    | Haskell      |
+-------------------------------------------------------------+--------------------+--------------+
+
+Deployment Tools
+----------------
+
+See `deploy testnets <./deploy-testnets.html>`__ for information about all the tools built by Tendermint. We have Kubernetes, Ansible, and Terraform integrations.
+
+Cloudsoft built `brooklyn-tendermint <https://github.com/cloudsoft/brooklyn-tendermint>`__ for deploying a tendermint testnet in docker continers. It uses Clocker for Apache Brooklyn.
--- a/docs/getting-started.rst
+++ b/docs/getting-started.rst
@@ -0,0 +1,341 @@
+First Tendermint App
+====================
+
+As a general purpose blockchain engine, Tendermint is agnostic to the
+application you want to run. So, to run a complete blockchain that does
+something useful, you must start two programs: one is Tendermint Core,
+the other is your application, which can be written in any programming
+language. Recall from `the intro to ABCI <introduction.rst#ABCI-Overview>`__ that
+Tendermint Core handles all the p2p and consensus stuff, and just
+forwards transactions to the application when they need to be validated,
+or when they're ready to be committed to a block.
+
+In this guide, we show you some examples of how to run an application
+using Tendermint.
+
+Install
+-------
+
+The first apps we will work with are written in Go. To install them, you
+need to `install Go <https://golang.org/doc/install>`__ and put
+``$GOPATH/bin`` in your
+``$PATH``; see `here <https://github.com/tendermint/tendermint/wiki/Setting-GOPATH>`__ for more info.
+
+Then run
+
+::
+
+    go get -u github.com/tendermint/abci/cmd/...
+
+If there is an error, install and run the ``glide`` tool to pin the
+dependencies:
+
+::
+
+    go get github.com/Masterminds/glide
+    cd $GOPATH/src/github.com/tendermint/abci
+    glide install
+    go install ./cmd/...
+
+Now you should have the ``abci-cli`` plus two apps installed:
+
+::
+
+    dummy --help
+    counter --help
+
+These binaries are installed on ``$GOPATH/bin`` and all come from within
+the ``./cmd/...`` directory of the abci repository.
+
+Both of these example applications are in Go. See below for an
+application written in Javascript.
+
+Now, let's run some apps!
+
+Dummy - A First Example
+-----------------------
+
+The dummy app is a `Merkle
+tree <https://en.wikipedia.org/wiki/Merkle_tree>`__ that just stores all
+transactions. If the transaction contains an ``=``, eg. ``key=value``,
+then the ``value`` is stored under the ``key`` in the Merkle tree.
+Otherwise, the full transaction bytes are stored as the key and the
+value.
+
+Let's start a dummy application.
+
+::
+
+    dummy
+
+In another terminal, we can start Tendermint. If you have never run
+Tendermint before, use:
+
+::
+
+    tendermint init
+    tendermint node
+
+If you have used Tendermint, you may want to reset the data for a new
+blockchain by running ``tendermint unsafe_reset_all``. Then you can run
+``tendermint node`` to start Tendermint, and connect to the app. For
+more details, see `the guide on using
+Tendermint <./using-tendermint.html>`__.
+
+You should see Tendermint making blocks! We can get the status of our
+Tendermint node as follows:
+
+::
+
+    curl -s localhost:46657/status
+
+The ``-s`` just silences ``curl``. For nicer output, pipe the result
+into a tool like `jq <https://stedolan.github.io/jq/>`__ or
+`jsonpp <https://github.com/jmhodges/jsonpp>`__.
+
+Now let's send some transactions to the dummy.
+
+::
+
+    curl -s 'localhost:46657/broadcast_tx_commit?tx="abcd"'
+
+Note the single quote (``'``) around the url, which ensures that the
+double quotes (``"``) are not escaped by bash. This command sent a
+transaction with bytes ``abcd``, so ``abcd`` will be stored as both the
+key and the value in the Merkle tree. The response should look something
+like:
+
+::
+
+    {
+      "jsonrpc": "2.0",
+      "id": "",
+      "result": {
+        "check_tx": {
+          "code": 0,
+          "data": "",
+          "log": ""
+        },
+        "deliver_tx": {
+          "code": 0,
+          "data": "",
+          "log": ""
+        },
+        "hash": "2B8EC32BA2579B3B8606E42C06DE2F7AFA2556EF",
+        "height": 154
+      }
+    }
+
+The ``98`` is a type-byte, and can be ignored (it's useful for
+serializing and deserializing arbitrary json). Otherwise, this result is
+empty - there's nothing to report on and everything is OK.
+
+We can confirm that our transaction worked and the value got stored by
+querying the app:
+
+::
+
+    curl -s 'localhost:46657/abci_query?data="abcd"'
+
+The result should look like:
+
+::
+
+    {
+      "jsonrpc": "2.0",
+      "id": "",
+      "result": {
+        "response": {
+          "code": 0,
+          "index": 0,
+          "key": "",
+          "value": "61626364",
+          "proof": "",
+          "height": 0,
+          "log": "exists"
+        }
+      }
+    }
+
+Again, the ``112`` is the type-byte. Note the ``value`` in the result
+(``61626364``); this is the hex-encoding of the ASCII of ``abcd``. You
+can verify this in a python shell by running
+``"61626364".decode('hex')``. Stay tuned for a future release that makes
+this output more human-readable ;).
+
+Now let's try setting a different key and value:
+
+::
+
+    curl -s 'localhost:46657/broadcast_tx_commit?tx="name=satoshi"'
+
+Now if we query for ``name``, we should get ``satoshi``, or
+``7361746F736869`` in hex:
+
+::
+
+    curl -s 'localhost:46657/abci_query?data="name"'
+
+Try some other transactions and queries to make sure everything is
+working!
+
+Counter - Another Example
+-------------------------
+
+Now that we've got the hang of it, let's try another application, the
+"counter" app.
+
+The counter app doesn't use a Merkle tree, it just counts how many times
+we've sent a transaction, or committed the state.
+
+This application has two modes: ``serial=off`` and ``serial=on``.
+
+When ``serial=on``, transactions must be a big-endian encoded
+incrementing integer, starting at 0.
+
+If ``serial=off``, there are no restrictions on transactions.
+
+In a live blockchain, transactions collect in memory before they are
+committed into blocks. To avoid wasting resources on invalid
+transactions, ABCI provides the ``CheckTx`` message, which application
+developers can use to accept or reject transactions, before they are
+stored in memory or gossipped to other peers.
+
+In this instance of the counter app, with ``serial=on``, ``CheckTx``
+only allows transactions whose integer is greater than the last
+committed one.
+
+Let's kill the previous instance of ``tendermint`` and the ``dummy``
+application, and start the counter app. We can enable ``serial=on`` with
+a flag:
+
+::
+
+    counter --serial
+
+In another window, reset then start Tendermint:
+
+::
+
+    tendermint unsafe_reset_all
+    tendermint node
+
+Once again, you can see the blocks streaming by. Let's send some
+transactions. Since we have set ``serial=on``, the first transaction
+must be the number ``0``:
+
+::
+
+    curl localhost:46657/broadcast_tx_commit?tx=0x00
+
+Note the empty (hence successful) response. The next transaction must be
+the number ``1``. If instead, we try to send a ``5``, we get an error:
+
+::
+
+    > curl localhost:46657/broadcast_tx_commit?tx=0x05
+    {
+      "jsonrpc": "2.0",
+      "id": "",
+      "result": {
+        "check_tx": {
+          "code": 0,
+          "data": "",
+          "log": ""
+        },
+        "deliver_tx": {
+          "code": 3,
+          "data": "",
+          "log": "Invalid nonce. Expected 1, got 5"
+        },
+        "hash": "33B93DFF98749B0D6996A70F64071347060DC19C",
+        "height": 38
+      }
+    }
+
+But if we send a ``1``, it works again:
+
+::
+
+    > curl localhost:46657/broadcast_tx_commit?tx=0x01
+    {
+      "jsonrpc": "2.0",
+      "id": "",
+      "result": {
+        "check_tx": {
+          "code": 0,
+          "data": "",
+          "log": ""
+        },
+        "deliver_tx": {
+          "code": 0,
+          "data": "",
+          "log": ""
+        },
+        "hash": "F17854A977F6FA7EEA1BD758E296710B86F72F3D",
+        "height": 87
+      }
+    }
+
+For more details on the ``broadcast_tx`` API, see `the guide on using
+Tendermint <./using-tendermint.html>`__.
+
+CounterJS - Example in Another Language
+---------------------------------------
+
+We also want to run applications in another language - in this case,
+we'll run a Javascript version of the ``counter``. To run it, you'll
+need to `install node <https://nodejs.org/en/download/>`__.
+
+You'll also need to fetch the relevant repository, from `here <https://github.com/tendermint/js-abci>`__ then install it. As go devs, we
+keep all our code under the ``$GOPATH``, so run:
+
+::
+
+    go get github.com/tendermint/js-abci &> /dev/null
+    cd $GOPATH/src/github.com/tendermint/js-abci/example
+    npm install
+
+Kill the previous ``counter`` and ``tendermint`` processes. Now run the
+app:
+
+::
+
+    node example/app.js
+
+In another window, reset and start ``tendermint``:
+
+::
+
+    tendermint unsafe_reset_all
+    tendermint node
+
+Once again, you should see blocks streaming by - but now, our
+application is written in javascript! Try sending some transactions, and
+like before - the results should be the same:
+
+::
+
+    curl localhost:46657/broadcast_tx_commit?tx=0x00 # ok
+    curl localhost:46657/broadcast_tx_commit?tx=0x05 # invalid nonce
+    curl localhost:46657/broadcast_tx_commit?tx=0x01 # ok
+
+Neat, eh?
+
+Basecoin - A More Interesting Example
+-------------------------------------
+
+We saved the best for last; the `Cosmos SDK <https://github.com/cosmos/cosmos-sdk>`__ is a general purpose framework for building cryptocurrencies. Unlike the``dummy`` and ``counter``, which are strictly for example purposes. The reference implementation of Cosmos SDK is ``basecoin``, which demonstrates how to use the building blocks of the Cosmos SDK.
+
+The default ``basecoin`` application is a multi-asset cryptocurrency
+that supports inter-blockchain communication. For more details on how
+basecoin works and how to use it, see our `basecoin
+guide <https://github.com/cosmos/cosmos-sdk/blob/develop/docs/guide/basecoin-basics.md>`__
+
+In this tutorial you learned how to run applications using Tendermint
+on a single node. You saw how applications could be written in different
+languages, and how to send transactions and query for the latest state.
+But the true power of Tendermint comes from its ability to securely and
+efficiently run an application across a distributed network of nodes,
+while keeping them all in sync using its state-of-the-art consensus
+protocol. Next, we show you how to deploy Tendermint testnets.
--- a/docs/getting-started/#02-first-app.md
+++ b/docs/getting-started/#02-first-app.md
@@ -1,246 +0,0 @@
-# First Tendermint App
-
-As a general purpose blockchain engine, Tendermint is agnostic to the application you want to run.
-So, to run a complete blockchain that does something useful, you must start two programs:
-one is Tendermint Core, the other is your application, which can be written in any programming language.
-Recall from [the intro to ABCI](/intro/abci-overview) that Tendermint Core handles all the p2p and consensus stuff,
-and just forwards transactions to the application when they need to be validated, or when they're ready to be committed to a block.
-
-In this guide, we show you some examples of how to run an application using Tendermint.
-
-**Note:** It is highly recommended to read the [Using Tendermint Guide](/docs/guides/using-tendermint) prior to working through this tutorial.
-
-## Install
-
-First, make sure you have [installed Tendermint](/download).
-The first apps we will work with are written in Go. 
-To install them, you need to [install Go](https://golang.org/doc/install) and 
-[put `$GOPATH/bin` in your `$PATH`](https://github.com/tendermint/tendermint/wiki/Setting-GOPATH). 
-
-Then run
-
-```
-go get -u github.com/tendermint/abci/cmd/...
-```
-
-If there is an error, install and run the `glide` tool to pin the dependencies:
-
-```
-go get github.com/Masterminds/glide
-cd $GOPATH/src/github.com/tendermint/abci
-glide install
-go install ./cmd/...
-```
-
-Now you should have the `abci-cli` plus two apps installed: 
-
-```
-dummy --help
-counter --help
-```
-
-These binaries are installed on `$GOPATH/bin` and all come from within the `./cmd/...` directory of the abci repository.
-
-Both of these example applications are in Go. See below for an application written in Javascript.
-
-Now, let's run some apps!
-
-## A First Example - Dummy
-
-The dummy app is a [Merkle tree](https://en.wikipedia.org/wiki/Merkle_tree) that just stores all transactions.
-If the transaction contains an `=`, eg. `key=value`, 
-then the `value` is stored under the `key` in the Merkle tree.
-Otherwise, the full transaction bytes are stored as the key and the value.
-
-Let's start a dummy application.
-
-```
-dummy
-```
-
-In another terminal, we can start Tendermint.
-If you have never run Tendermint before, use:
-
-```
-tendermint init 
-tendermint node
-```
-
-If you have used Tendermint, you may want to reset the data for a new blockchain by running `tendermint unsafe_reset_all`.
-Then you can run `tendermint node` to start Tendermint, and connect to the app.
-For more details, see [the guide on using Tendermint](/docs/guides/using-tendermint).
-
-You should see Tendermint making blocks! 
-We can get the status of our Tendermint node as follows:
-
-```
-curl -s localhost:46657/status
-```
-
-The `-s` just silences `curl`. For nicer output, pipe the result into a tool like [jq](https://stedolan.github.io/jq/) 
-or [jsonpp](https://github.com/jmhodges/jsonpp).
-
-Now let's send some transactions to the dummy.
-
-```
-curl -s 'localhost:46657/broadcast_tx_commit?tx="abcd"'
-```
-
-Note the single quote (`'`) around the url, which ensures that the double quotes (`"`) are not escaped by bash.
-This command sent a transaction with bytes `abcd`, so `abcd` will be stored as both the key and the value in the Merkle tree.
-The response should look something like:
-
-```
-{"jsonrpc":"2.0","id":"","result":[98,{"check_tx":{},"deliver_tx":{}}],"error":""}
-```
-
-The `98` is a type-byte, and can be ignored (it's useful for serializing and deserializing arbitrary json).
-Otherwise, this result is empty - there's nothing to report on and everything is OK.
-
-We can confirm that our transaction worked and the value got stored by querying the app:
-
-```
-curl -s 'localhost:46657/abci_query?data="abcd"&path=""&prove=false'
-```
-
-The `path` and `prove` arguments can be ignored for now, and in a future release can be left out.
-The result should look like:
-
-
-```
-{"jsonrpc":"2.0","id":"","result":[112,{"response":{"value":"61626364","log":"exists"}}],"error":""}
-```
-
-Again, the `112` is the type-byte. Note the `value` in the result (`61626364`); this is the hex-encoding of the ASCII of `abcd`.
-You can verify this in a python shell by running `"61626364".decode('hex')`.
-Stay tuned for a future release that makes this output more human-readable ;). 
-
-Now let's try setting a different key and value:
-
-```
-curl -s 'localhost:46657/broadcast_tx_commit?tx="name=satoshi"'
-```
-
-Now if we query for `name`, we should get `satoshi`, or `7361746F736869` in hex:
-
-```
-curl -s 'localhost:46657/abci_query?data="name"&path=""&prove=false'
-```
-
-Try some other transactions and queries to make sure everything is working!
-
-## Another Example - Counter
-
-Now that we've got the hang of it, let's try another application, the "counter" app.
-
-The counter app doesn't use a Merkle tree, it just counts how many times we've sent a transaction,
-or committed the state. 
-
-This application has two modes: `serial=off` and `serial=on`.
-
-When `serial=on`, transactions must be a big-endian encoded incrementing integer, starting at 0.
-
-If `serial=off`, there are no restrictions on transactions.
-
-In a live blockchain, transactions collect in memory before they are committed into blocks.
-To avoid wasting resources on invalid transactions,
-ABCI provides the `CheckTx` message,
-which application developers can use to accept or reject transactions,
-before they are stored in memory or gossipped to other peers.
-
-In this instance of the counter app, with `serial=on`, `CheckTx` only allows transactions whose integer is greater than the last committed one.
-
-Let's kill the previous instance of `tendermint` and the `dummy` application, and start the counter app.
-We can enable `serial=on` with a flag:
-
-```
-counter --serial
-```
-
-In another window, reset then start Tendermint:
-
-```
-tendermint unsafe_reset_all
-tendermint node
-```
-
-Once again, you can see the blocks streaming by. Let's send some transactions.
-Since we have set `serial=on`, the first transaction must be the number `0`:
-
-```
-curl localhost:46657/broadcast_tx_commit?tx=0x00
-```
-
-Note the empty (hence successful) response.
-The next transaction must be the number `1`. If instead, we try to send a `5`, we get an error:
-
-```
-> curl localhost:46657/broadcast_tx_commit?tx=0x05
-{"jsonrpc":"2.0","id":"","result":[98,{"check_tx":{},"deliver_tx":{"code":3,"log":"Invalid nonce. Expected 1, got 5"}}],"error":""}
-```
-
-But if we send a `1`, it works again:
-
-```
-> curl localhost:46657/broadcast_tx_commit?tx=0x01
-{"jsonrpc":"2.0","id":"","result":[98,{"check_tx":{},"deliver_tx":{}}],"error":""}
-```
-
-For more details on the `broadcast_tx` API, 
-see [the guide on using Tendermint](/docs/guides/using-tendermint).
-
-## Example in Another Language - CounterJS
-
-We also want to run applications in another language - in this case, we'll run a Javascript version of the `counter`.
-To run it, you'll need to [install node](https://nodejs.org/en/download/).
-
-You'll also need to fetch the relevant repository, from https://github.com/tendermint/js-abci then install it.
-As go devs, we keep all our code under the `$GOPATH`, so run:
-
-```
-go get github.com/tendermint/js-abci &> /dev/null
-cd $GOPATH/src/github.com/tendermint/js-abci/example
-npm install
-```
-
-Kill the previous `counter` and `tendermint` processes. Now run the app:
-
-```
-node example/app.js
-```
-
-In another window, reset and start `tendermint`:
-
-```
-tendermint unsafe_reset_all
-tendermint node
-```
-
-Once again, you should see blocks streaming by - but now, our application is written in javascript!
-Try sending some transactions, and like before - the results should be the same:
-
-```
-curl localhost:46657/broadcast_tx_commit?tx=0x00 # ok
-curl localhost:46657/broadcast_tx_commit?tx=0x05 # invalid nonce
-curl localhost:46657/broadcast_tx_commit?tx=0x01 # ok
-```
-
-Neat, eh?
-
-## A More Interesting Example - Basecoin
-
-Before concluding, we'd like to introduce you to our star application, [Basecoin](https://github.com/tendermint/basecoin).
-Unlike the `dummy` and `counter`, which are strictly for example purposes, 
-`basecoin` is designed to be actually useful - it's a general purpose framework for building cryptocurrencies.
-
-The default `basecoin` application is a multi-asset cryptocurrency that supports inter-blockchain communication.
-For more details on how basecoin works and how to use it, see our [basecoin guide](https://github.com/tendermint/basecoin/blob/develop/docs/guide/basecoin-basics.md)
-
-## Next Step
-
-In this tutorial you learned how to run applications using Tendermint on a single node.
-You saw how applications could be written in different languages, 
-and how to send transactions and query for the latest state.
-But the true power of Tendermint comes from its ability to securely and efficiently run an application 
-across a distributed network of nodes, while keeping them all in sync using its state-of-the-art consensus protocol.
-This is the subject of the next tutorial, where we show you [how to deploy Tendermint networks](/docs/getting-started/deploy-testnet).
--- a/docs/getting-started/#03-deploy-testnet.md
+++ b/docs/getting-started/#03-deploy-testnet.md
@@ -1,39 +0,0 @@
-# Deploy a Testnet
-
-Now that we've seen how ABCI works, and even played with a few applications on a single validator node,
-it's time to deploy a test network to four validator nodes.
-For this deployment, we'll use the `basecoin` application.
-
-## Manual Deployments
-
-It's relatively easy to setup a Tendermint cluster manually.
-The only requirements for a particular Tendermint node are a private key for the validator,
-stored as `priv_validator.json`, and a list of the public keys of all validators, stored as `genesis.json`.
-These files should be stored in `~/.tendermint`, or wherever the `$TMROOT` variable might be set to.
-
-Here are the steps to setting up a testnet manually:
-
-1) Provision nodes on your cloud provider of choice
-2) Install Tendermint and the application of interest on all nodes
-3) Generate a private key for each validator using `tendermint gen_validator`
-4) Compile a list of public keys for each validator into a `genesis.json` file.
-5) Run `tendermint node --p2p.seeds=< seed addresses >` on each node, where `< seed addresses >` is a
-comma separated list of the IP:PORT combination for each node. The default port for Tendermint is `46656`.
-Thus, if the IP addresses of your nodes were `192.168.0.1, 192.168.0.2, 192.168.0.3, 192.168.0.4`,
-the command would look like: `tendermint node --p2p.seeds=192.168.0.1:46656,192.168.0.2:46656,192.168.0.3:46656,192.168.0.4:46656`.
-
-After a few seconds, all the nodes should connect to eachother and start making blocks!
-For more information, see the Tendermint Networks section of [the guide to using Tendermint](/docs/guides/using-tendermint).
-
-## Automated Deployments
-
-While the manual deployment is easy enough, an automated deployment is always better.
-For this, we have the [mintnet-kubernetes tool](https://github.com/tendermint/tools/tree/master/mintnet-kubernetes),
-which allows us to automate the deployment of a Tendermint network on an already provisioned kubernetes cluster.
-
-For more details, see the [mintnet-kubernetes directory](https://github.com/tendermint/tools/tree/master/mintnet-kubernetes),
-and check out [Google Cloud Platform](https://cloud.google.com/) for simple provisioning of kubernetes clusters.
-
-## Next Steps
-
-Done trying out the testnet? Continue [onwards](/docs/getting-started/next-steps).
--- a/docs/getting-started/#04-next-steps.md
+++ b/docs/getting-started/#04-next-steps.md
@@ -1,21 +0,0 @@
-# Next Steps
-
-By now you've seen how to run a simple example ABCI application on a local Tendermint node
-and on a remote Tendermint cluster. 
-
-To learn more about building ABCI applications and integrating with Tendermint, see the [Developer Guides](/docs/guides/app-development).
-To learn more about running the Tendermint software, see the [Using Tendermint Guide](/docs/guides/using-tendermint).
-
-To learn more about Tendermint's various pieces, check out the [Documentation](/docs).
-For a deeper dive, see [this thesis](https://atrium.lib.uoguelph.ca/xmlui/handle/10214/9769). 
-There is also the [original whitepaper](/static/docs/tendermint.pdf), though it is now quite outdated.
-
-The Tendermint [Software Ecosystem](/ecosystem) contains many example applications and related software built by the Tendermint team and others. Check it out for some inspiration!
-
-For details on how the software has changed, and what changes are in store, see the [Changelog](/docs/changelog) and the [Roadmap](/docs/roadmap).
-
-See our [Community](/community) page for more ways to collaborate.
-
-You can also [get in touch with the team](/contact).
-
-Most importantly, enjoy!
--- a/docs/guides/abci-cli.md
+++ b/docs/guides/abci-cli.md
@@ -1,219 +0,0 @@
-# Using the abci-cli
-
-To facilitate testing and debugging of ABCI servers and simple apps,
-we built a CLI, the `abci-cli`, for sending ABCI messages from the command line.
-
-##  Install
-
-Make sure you [have Go installed](https://golang.org/doc/install) and [put `$GOPATH/bin` in your `$PATH`](https://github.com/tendermint/tendermint/wiki/Setting-GOPATH).
-
-Next, install the `abci-cli` tool and example applications:
-
-```
-go get -u github.com/tendermint/abci/cmd/...
-```
-
-If this fails, you may need to use `glide` to get vendored dependencies:
-
-```
-go get github.com/Masterminds/glide
-cd $GOPATH/src/github.com/tendermint/abci
-glide install
-go install ./cmd/...
-```
-
-Now run `abci-cli --help` to see the list of commands:
-
-```
-COMMANDS:
-   batch        Run a batch of ABCI commands against an application
-   console      Start an interactive console for multiple commands
-   echo         Have the application echo a message
-   info         Get some info about the application
-   set_option   Set an option on the application
-   deliver_tx    Append a new tx to application
-   check_tx     Validate a tx
-   commit       Get application Merkle root hash
-   help, h      Shows a list of commands or help for one command
-
-GLOBAL OPTIONS:
-   --address "tcp://127.0.0.1:46658"    address of application socket
-   --help, -h                           show help
-   --version, -v                        print the version
-```
-
-## First Example - Dummy
-
-The `abci-cli` tool lets us send ABCI messages to our application, to help build and debug them.
-
-The most important messages are `deliver_tx`, `check_tx`, and `commit`,
-but there are others for convenience, configuration, and information purposes.
-
-Let's start a dummy application, which was installed at the same time as `abci-cli` above. The dummy just stores transactions in a merkle tree:
-
-```
-dummy
-```
-
-In another terminal, run
-
-```
-abci-cli echo hello
-abci-cli info
-```
-
-The application should echo `hello` and give you some information about itself.
-
-An ABCI application must provide two things:
-
-  - a socket server
-  - a handler for ABCI messages
-
-When we run the `abci-cli` tool we open a new connection to the application's socket server,
-send the given ABCI message, and wait for a response.
-
-The server may be generic for a particular language, and we provide a [reference implementation 
-in Golang](https://github.com/tendermint/abci/tree/master/server). 
-See the [list of other ABCI implementations](https://tendermint.com/ecosystem) 
-for servers in other languages.
-
-The handler is specific to the application, and may be arbitrary,
-so long as it is deterministic and conforms to the ABCI interface specification.
-
-So when we run `abci-cli info`, we open a new connection to the ABCI server, which calls the `Info()` method on the application, which tells us the number of transactions in our Merkle tree.
-
-Now, since every command opens a new connection, we provide the `abci-cli console` and `abci-cli batch` commands,
-to allow multiple ABCI messages to be sent over a single connection.
-
-Running `abci-cli console` should drop you in an interactive console for speaking ABCI messages to your application.
-
-Try running these commands:
-
-```
-> echo hello
-> data: hello
-
-> info
-> data: {"size":0}
-
-> commit
-> data: 0x
-
-> deliver_tx "abc"
-> code: OK
-
-> info
-> data: {"size":1}
-
-> commit
-> data: 0x750502FC7E84BBD788ED589624F06CFA871845D1
-
-> query "abc"
-> code: OK
-> data: {"index":0,"value":"abc","exists":true}
-
-> deliver_tx "def=xyz"
-> code: OK
-
-> commit
-> data: 0x76393B8A182E450286B0694C629ECB51B286EFD5
-
-> query "def"
-> code: OK
-> data: {"index":1,"value":"xyz","exists":true}
-```
-
-Note that if we do `deliver_tx "abc"` it will store `(abc, abc)`,
-but if we do `deliver_tx "abc=efg"` it will store `(abc, efg)`.
-
-Similarly, you could put the commands in a file and run `abci-cli --verbose batch < myfile`.
-
-
-## Another Example - Counter
-
-Now that we've got the hang of it, let's try another application, the "counter" app.
-
-The counter app doesn't use a Merkle tree, it just counts how many times we've sent a transaction,
-asked for a hash, or committed the state. The result of `commit` is just the number of transactions sent.
-
-This application has two modes: `serial=off` and `serial=on`.
-
-When `serial=on`, transactions must be a big-endian encoded incrementing integer, starting at 0.
-
-If `serial=off`, there are no restrictions on transactions.
-
-We can toggle the value of `serial` using the `set_option` ABCI message.
-
-When `serial=on`, some transactions are invalid.
-In a live blockchain, transactions collect in memory before they are committed into blocks.
-To avoid wasting resources on invalid transactions,
-ABCI provides the `check_tx` message,
-which application developers can use to accept or reject transactions,
-before they are stored in memory or gossipped to other peers.
-
-In this instance of the counter app, `check_tx` only allows transactions whose integer is greater than the last committed one.
-
-Let's kill the console and the dummy application, and start the counter app:
-
-```
-counter
-```
-
-In another window, start the `abci-cli console`:
-
-```
-> set_option serial on
-> data: serial=on
-
-> check_tx 0x00
-> code: OK
-
-> check_tx 0xff
-> code: OK
-
-> deliver_tx 0x00
-> code: OK
-
-> check_tx 0x00
-> code: BadNonce
-> log: Invalid nonce. Expected >= 1, got 0
-
-> deliver_tx 0x01
-> code: OK
-
-> deliver_tx 0x04
-> code: BadNonce
-> log: Invalid nonce. Expected 2, got 4
-
-> info
-> data: {"hashes":0,"txs":2}
-```
-
-This is a very simple application, but between `counter` and `dummy`, its easy to see how you can build out arbitrary application states on top of the ABCI.
-[Hyperledger's Burrow](https://github.com/hyperledger/burrow) also runs atop ABCI, bringing with it Ethereum-like accounts, the Ethereum virtual-machine, Monax's permissioning scheme, and native contracts extensions.
-
-But the ultimate flexibility comes from being able to write the application easily in any language.
-
-We have implemented the counter in a number of languages (see the example directory).
-
-To run the Node JS version, `cd` to `example/js` and run
-
-```
-node app.js
-```
-
-(you'll have to kill the other counter application process).
-In another window, run the console and those previous ABCI commands.
-You should get the same results as for the Go version.
-
-Want to write the counter app in your favorite language?! We'd be happy to add you to our [ecosystem](https://tendermint.com/ecosystem)! We're also offering [bounties](https://tendermint.com/bounties) for implementations in new languages!
-
-## Notes
-
-The `abci-cli` is designed strictly for testing and debugging. 
-In a real deployment, the role of sending messages is taken by Tendermint,
-which connects to the app using three separate connections, 
-each with its own pattern of messages. 
-
-For more information, see the [application developers guide](/docs/guides/app-development).
-For examples of running an ABCI app with Tendermint, see the [introductory guide](/docs/getting-started/first-abci-app).
--- a/docs/guides/app-architecture.md
+++ b/docs/guides/app-architecture.md
@@ -1,64 +0,0 @@
-# Application Architecture Guide
-
-## Overview
-
-A blockchain application is more than the consensus engine and the transaction logic (eg. smart contracts, business logic) as implemented in the ABCI app. There are also (mobile, web, desktop) clients that will need to connect and make use of the app. We will assume for now that you have a well designed transactions and database model, but maybe this will be the topic of another article. This article is more interested in various ways of setting up the "plumbing" and connecting these pieces, and demonstrating some evolving best practices.
-
-## Security
-
-A very important aspect when constructing a blockchain is security. The consensus model can be DoSed (no consensus possible) by corrupting 1/3 of the validators and exploited (writing arbitrary blocks) by corrupting 2/3 of the validators. So, while the security is not that of the "weakest link", you should take care that the "average link" is sufficiently hardened.
-
-One big attack surface on the validators is the communication between the ABCI app and the tendermint core. This should be highly protected. Ideally, the app and the core are running on the same machine, so no external agent can target the communication channel. You can use unix sockets (with permissions preventing access from other users), or even compile the two apps into one binary if the ABCI app is also writen in go. If you are unable to do that due to language support, then the ABCI app should bind a TCP connection to localhost (127.0.0.1), which is less efficient and secure, but still not reachable from outside. If you must run the ABCI app and tendermint core on separate machines, make sure you have a secure communication channel (ssh tunnel?)
-
-Now assuming, you have linked together your app and the core securely, you must also make sure no one can get on the machine it is hosted on.  At this point it is basic network security. Run on a secure operating system (SELinux?). Limit who has access to the machine (user accounts, but also where the physical machine is hosted).  Turn off all services except for ssh, which should only be accessible by some well-guarded public/private key pairs (no password). And maybe even firewall off access to the ports used by the validators, so only known validators can connect.
-
-There was also a suggestion on slack from @jhon about compiling everything together with a unikernel for more security, such as [Mirage](https://mirage.io) or [UNIK](https://github.com/emc-advanced-dev/unik).
-
-## Connecting your client to the blockchain
-
-### Tendermint Core RPC
-
-The concept is that the ABCI app is completely hidden from the outside world and only communicated through a tested and secured [interface exposed by the tendermint core](/docs/specs/rpc). This interface exposes a lot of data on the block header and consensus process, which is quite useful for externally verifying the system. It also includes 3(!) methods to broadcast a transaction (propose it for the blockchain, and possibly await a response). And one method to query app-specific data from the ABCI application.
-
-Pros:
-* Server code already written
-* Access to block headers to validate merkle proofs (nice for light clients)
-* Basic read/write functionality is supported
-
-Cons:
-* Limited interface to app. All queries must be serialized into []byte (less expressive than JSON over HTTP) and there is no way to push data from ABCI app to the client (eg. notify me if account X receives a transaction)
-
-### Custom ABCI server
-
-This was proposed by @wolfposd on slack and demonstrated by [TMChat](https://github.com/wolfposd/TMChat), a sample app. The concept is to write a custom server for your app (with typical REST API/websockets/etc for easy use by a mobile app). This custom server is in the same binary as the ABCI app and data store, so can easily react to complex events there that involve understanding the data format (send a message if my balance drops below 500). All "writes" sent to this server are proxied via websocket/JSON-RPC to tendermint core. When they come back as deliver_tx over ABCI, they will be written to the data store. For "reads", we can do any queries we wish that are supported by our architecture, using any web technology that is useful. The general architecture is shown in the following diagram:
-
-<img alt="Application Architecture" src="../assets/images/tm-app-example.png">
-
-Pros:
-* Separates application logic from blockchain logic
-* Allows much richer, more flexible client-facing API
-* Allows pub-sub, watching certain fields, etc.
-
-Cons:
-* Access to ABCI app can be dangerous (be VERY careful not to write unless it comes from the validator node)
-* No direct access to the blockchain headers to verify tx
-* You must write your own API (but maybe that's a pro...)
-
-### Hybrid solutions
-
-Likely the least secure but most versatile. The client can access both the tendermint node for all blockchain info, as well as a custom app server, for complex queries and pub-sub on the abci app.
-
-Pros:
-* All from both above solutions
-
-Cons:
-* Even more complexity
-* Even more attack vectors (less security)
-
-## Scalability
-
-Read replica using non-validating nodes? They could forward transactions to the validators (fewer connections, more security), and locally allow all queries in any of the above configurations. Thus, while transaction-processing speed is limited by the speed of the abci app and the number of validators, one should be able to scale our read performance to quite an extent (until the replication process drains too many resources from the validator nodes).
-
-## Example Code
-
-* [TMChat](https://github.com/wolfposd/TMChat)
--- a/docs/guides/app-development.md
+++ b/docs/guides/app-development.md
@@ -1,155 +0,0 @@
-# Application Development Guide
-
-## ABCI Design
-
-The purpose of ABCI is to provide a clean interface between state transition machines on one computer and the mechanics of their replication across multiple computers. The former we call 'application logic' and the latter the 'consensus engine'. Application logic validates transactions and optionally executes transactions against some persistent state. A consensus engine ensures all transactions are replicated in the same order on every machine. We call each machine in a consensus engine a 'validator', and each validator runs the same transactions through the same application logic. In particular, we are interested in blockchain-style consensus engines, where transactions are committed in hash-linked blocks.
-
-The ABCI design has a few distinct components:
-
- message protocol
-    - pairs of request and response messages
-    - consensus makes requests, application responds
-    - defined using protobuf
- server/client
-    - consensus engine runs the client
-    - application runs the server
-    - two implementations:
-        - async raw bytes
-        - grpc
- blockchain protocol
-    - abci is connection oriented
-    - Tendermint Core maintains three connections:
-        - [mempool connection](#mempool-connection): for checking if transactions should be relayed before they are committed; only uses `CheckTx`
-        - [consensus connection](#consensus-connection): for executing transactions that have been committed. Message sequence is - for every block - `BeginBlock, [DeliverTx, ...], EndBlock, Commit`
-        - [query connection](#query-connection): for querying the application state; only uses Query and Info
-
-<img src="../assets/images/abci.png">
-
-The mempool and consensus logic act as clients, and each maintains an open ABCI connection with the application, which hosts an ABCI server. Shown are the request and response types sent on each connection.
-
-## Message Protocol
-
-The message protocol consists of pairs of requests and responses. Some messages have no fields, while others may include byte-arrays, strings, or integers. See the `message Request` and `message Response` definitions in [the protobuf definition file](https://github.com/tendermint/abci/blob/master/types/types.proto), and the [protobuf documentation](https://developers.google.com/protocol-buffers/docs/overview) for more details.
-
-For each request, a server should respond with the corresponding response, where order of requests is preserved in the order of responses.
-
-## Server
-
-To use ABCI in your programming language of choice, there must be a ABCI server in that language.
-Tendermint supports two kinds of implementation of the server:
-
- Asynchronous, raw socket server (Tendermint Socket Protocol, also known as TSP or Teaspoon)
- GRPC
-
-Both can be tested using the `abci-cli` by setting the `--abci` flag appropriately (ie. to `socket` or `grpc`).
-
-See examples, in various stages of maintenance, in [Go](https://github.com/tendermint/abci/tree/master/server), [JavaScript](https://github.com/tendermint/js-abci), [Python](https://github.com/tendermint/abci/tree/master/example/python3/abci), [C++](https://github.com/mdyring/cpp-tmsp), and [Java](https://github.com/jTendermint/jabci).
-
-### GRPC
-
-If GRPC is available in your language, this is the easiest approach,
-though it will have significant performance overhead.
-
-To get started with GRPC, copy in the [protobuf file](https://github.com/tendermint/abci/blob/master/types/types.proto) and compile it using the GRPC plugin for your language.
-For instance, for golang, the command is `protoc --go_out=plugins=grpc:. types.proto`. See the [grpc documentation for more details](http://www.grpc.io/docs/). `protoc` will autogenerate all the necessary code for ABCI client and server in your language, including whatever interface your application must satisfy to be used by the ABCI server for handling requests.
-
-### TSP
-
-If GRPC is not available in your language, or you require higher performance, or otherwise enjoy programming, you may implement your own ABCI server
-using the Tendermint Socket Protocol, known affectionaltely as Teaspoon.
-The first step is still to auto-generate the relevant data types and codec in your language using `protoc`.
-Messages coming over the socket are Protobuf3 encoded, but additionally length-prefixed to facilitate use as a streaming protocol. Protobuf3 doesn't have an official length-prefix standard, so we use our own. The first byte in the prefix represents the length of the Big Endian encoded length. The remaining bytes in the prefix are the Big Endian encoded length.
-
-For example, if the Protobuf3 encoded ABCI message is 0xDEADBEEF (4 bytes), the length-prefixed message is 0x0104DEADBEEF. If the Protobuf3 encoded ABCI message is 65535 bytes long, the length-prefixed message would be like 0x02FFFF....
-
-Note this prefixing does not apply for grpc.
-
-An ABCI server must also be able to support multiple connections, as Tendermint uses three connections.
-
-## Client
-
-There are currently two use-cases for an ABCI client.
-One is a testing tool, as in the `abci-cli`, which allows ABCI requests to be sent via command line.
-The other is a consensus engine, such as Tendermint Core, which makes requests to the application every time a new transaction is received or a block is committed.
-
-It is unlikely that you will need to implement a client. For details of our client, see [here](https://github.com/tendermint/abci/tree/master/client).
-
-## Blockchain Protocol
-
-In ABCI, a transaction is simply an arbitrary length byte-array.
-It is the application's responsibility to define the transaction codec as they please,
-and to use it for both CheckTx and DeliverTx.
-
-Note that there are two distinct means for running transactions, corresponding to stages of 'awareness'
-of the transaction in the network. The first stage is when a transaction is received by a validator from a client into the so-called mempool or transaction pool - this is where we use CheckTx. The second is when the transaction is successfully committed on more than 2/3 of validators - where we use DeliverTx. In the former case, it may not be necessary to run all the state transitions associated with the transaction, as the transaction may not ultimately be committed until some much later time, when the result of its execution will be different.
-For instance, an Ethereum ABCI app would check signatures and amounts in CheckTx, but would not actually execute any contract code until the DeliverTx, so as to avoid executing state transitions that have not been finalized.
-
-To formalize the distinction further, two explicit ABCI connections are made between Tendermint Core and the application: the mempool connection and the consensus connection. We also make a third connection, the query connection, to query the local state of the app.
-
-### Mempool Connection
-
-The mempool connection is used *only* for CheckTx requests.
-Transactions are run using CheckTx in the same order they were received by the validator.
-If the CheckTx returns `OK`, the transaction is kept in memory and relayed to other peers in the same order it was received. Otherwise, it is discarded.
-
-CheckTx requests run concurrently with block processing;
-so they should run against a copy of the main application state which is reset after every block.
-This copy is necessary to track transitions made by a sequence of CheckTx requests before they are included in a block. When a block is committed, the application must ensure to reset the mempool state to the latest committed state. Tendermint Core will then filter through all transactions in the mempool, removing any that were included in the block, and re-run the rest using CheckTx against the post-Commit mempool state.
-
-### Consensus Connection
-
-The consensus connection is used only when a new block is committed, and communicates all information from the block in a series of requests:  `BeginBlock, [DeliverTx, ...], EndBlock, Commit`.
-That is, when a block is committed in the consensus, we send a list of DeliverTx requests (one for each transaction) sandwiched by BeginBlock and EndBlock requests, and followed by a Commit.
-
-#### DeliverTx
-
-DeliverTx is the workhorse of the blockchain. Tendermint sends the DeliverTx requests asynchronously but in order,
-and relies on the underlying socket protocol (ie. TCP) to ensure they are received by the app in order. They have already been ordered in the global consensus by the Tendermint protocol.
-
-DeliverTx returns a abci.Result, which includes a Code, Data, and Log. The code may be non-zero (non-OK), meaning the corresponding transaction should have been rejected by the mempool,
-but may have been included in a block by a Byzantine proposer.
-
-The block header will be updated (TODO) to include some commitment to the results of DeliverTx, be it a bitarray of non-OK transactions, or a merkle root of the data returned by the DeliverTx requests, or both.
-
-#### Commit
-
-Once all processing of the block is complete, Tendermint sends the Commit request and blocks waiting
-for a response. While the mempool may run concurrently with block processing (the BeginBlock, DeliverTxs, and EndBlock), it is locked for the Commit request so that its state can be safely reset during Commit. This means the app *MUST NOT* do any blocking communication with the mempool (ie. broadcast_tx) during Commit, or there will be deadlock. Note also that all remaining transactions in the mempool are replayed on the mempool connection (CheckTx) following a commit.
-
-The Commit response includes a byte array, which is the deterministic state root of the application. It is included in the header of the next block. It can be used to provide easily verified Merkle-proofs of the state of the application.
-
-It is expected that the app will persist state to disk on Commit. The option to have all transactions replayed from some previous block is the job of the [Handshake](#handshake).
-
-#### BeginBlock
-
-The BeginBlock request can be used to run some code at the beginning of every block. It also allows Tendermint to send the current block hash and header to the application, before it sends any of the transactions.
-
-The app should remember the latest height and header (ie. from which it has run a successful Commit) so that it can tell Tendermint where to pick up from when it restarts. See information on the Handshake, below.
-
-#### EndBlock
-
-The EndBlock request can be used to run some code at the end of every block. Additionally, the response may contain a list of validators, which can be used to update the validator set. To add a new validator or update an existing one, simply include them in the list returned in the EndBlock response. To remove one, include it in the list with a `power` equal to `0`. Tendermint core will take care of updating the validator set. Note validator set changes are only available in v0.8.0 and up.
-
-### Query Connection
-
-This connection is used to query the application without engaging consensus. It's exposed over the tendermint core rpc, so clients can query the app without exposing a server on the app itself, but they must serialize each query as a single byte array. Additionally, certain "standardized" queries may be used to inform local decisions, for instance about which peers to connect to.
-
-Tendermint Core currently uses the Query connection to filter peers upon connecting, according to IP address or public key. For instance, returning non-OK ABCI response to either of the following queries will cause Tendermint to not connect to the corresponding peer:
-
- `p2p/filter/addr/<addr>`, where `<addr>` is an IP address.
- `p2p/filter/pubkey/<pubkey>`, where `<pubkey>` is the hex-encoded ED25519 key of the node (not it's validator key)
-
-Note: these query formats are subject to change!
-
-### Handshake
-
-When the app or tendermint restarts, they need to sync to a common height.
-When an ABCI connection is first established, Tendermint will call `Info` on the Query connection.
-The response should contain the LastBlockHeight and LastBlockAppHash
- the former is the last block for the which the app ran Commit successfully,
-the latter is the response from that Commit.
-
-Using this information, Tendermint will determine what needs to be replayed, if anything, against the app,
-to ensure both Tendermint and the app are synced to the latest block height.
-
-If the app returns a LastBlockHeight of 0, Tendermint will just replay all blocks.
--- a/docs/guides/install-from-source.md
+++ b/docs/guides/install-from-source.md
@@ -1,100 +0,0 @@
-# Install from Source
-
-This page provides instructions on installing Tendermint from source.
-To download pre-built binaries, see the [Download page](/download).
-
-## Install Go
-
-Make sure you have [installed Go](https://golang.org/doc/install) and set the `GOPATH`.
-
-## Install Tendermint
-
-You should be able to install the latest with a simple 
-
-```
-go get github.com/tendermint/tendermint/cmd/tendermint
-```
-
-Run `tendermint --help` for more.
-
-If the installation failed, a dependency may been updated and become incompatible with the latest Tendermint master branch.
-We solve this using the `glide` tool for dependency management.
-
-Fist, install `glide`:
-
-```
-go get github.com/Masterminds/glide
-```
-
-Now we can fetch the correct versions of each dependency by running:
-
-```
-cd $GOPATH/src/github.com/tendermint/tendermint
-glide install
-go install ./cmd/tendermint
-```
-
-Note that even though `go get` originally failed, 
-the repository was still cloned to the correct location in the `$GOPATH`.
-
-The latest Tendermint Core version is now installed. 
-
-### Reinstall
-
-If you already have Tendermint installed, and you make updates,
-simply 
-
-```
-cd $GOPATH/src/github.com/tendermint/tendermint
-go install ./cmd/tendermint
-```
-
-To upgrade, there are a few options:
-
- set a new `$GOPATH` and run `go get github.com/tendermint/tendermint/cmd/tendermint`. This makes a fresh copy of everything for the new version. 
- run `go get -u github.com/tendermint/tendermint/cmd/tendermint`, where the `-u` fetches the latest updates for the repository and its dependencies
- fetch and checkout the latest master branch in `$GOPATH/src/github.com/tendermint/tendermint`, and then run `glide install && go install ./cmd/tendermint` as above.
-
-Note the first two options should usually work, but may fail.
-If they do, use `glide`, as above: 
-
-```
-cd $GOPATH/src/github.com/tendermint/tendermint
-glide install
-go install ./cmd/tendermint
-```
-
-Since the third option just uses `glide` right away, it should always work.
-
-
-### Troubleshooting
-
-If `go get` failing bothers you, fetch the code using `git`:
-
-```
-mkdir -p $GOPATH/src/github.com/tendermint
-git clone https://github.com/tendermint/tendermint $GOPATH/src/github.com/tendermint/tendermint
-cd $GOPATH/src/github.com/tendermint/tendermint
-glide install
-go install ./cmd/tendermint
-```
-
-### Run
-
-To start a one-node blockchain with a simple in-process application: 
-
-```
-tendermint init
-tendermint node --proxy_app=dummy
-```
-
-See the 
-[App Development](/docs/guides/app-development)
-guide for more details on building applications,
-and the 
-[Using Tendermint](/docs/guides/using-tendermint) 
-guide for more details about using the `tendermint` program.
-
-## Next Step
-
-Learn how to [create your first ABCI app](/docs/getting-started/first-abci-app).
--- a/docs/guides/using-tendermint.md
+++ b/docs/guides/using-tendermint.md
@@ -1,306 +0,0 @@
-# Using Tendermint
-
-This is a guide to using the `tendermint` program from the command line.
-It assumes only that you [have tendermint installed](/download) and have some rudimentary idea
-of what Tendermint and ABCI are.
-
-You can see the help menu with `tendermint --help`, and the version number with `tendermint version`.
-
-## Directory Root
-
-The default directory for blockchain data is `~/.tendermint`. Override this by setting the `TMROOT` environment variable.
-
-## Initialize
-
-Initialize the root directory by running:
-
-```
-tendermint init
-```
-
-This will create a new private key (`priv_validator.json`), and a genesis file (`genesis.json`) containing the associated public key.
-This is all that's necessary to run a local testnet with one validator.
-
-For more elaborate initialization, see our [testnet deployment tool](https://github.com/tendermint/tools/tree/master/mintnet-kubernetes).
-
-## Run
-
-To run a tendermint node, use
-
-```
-tendermint node
-```
-
-By default, Tendermint will try to connect to a abci appliction on [127.0.0.1:46658](127.0.0.1:46658).
-If you have the `dummy` ABCI app installed, run it in another window.
-If you don't, kill tendermint and run an in-process version with
-
-```
-tendermint node --proxy_app=dummy
-```
-
-After a few seconds you should see blocks start streaming in.
-Note that blocks are produced regularly, even if there are no transactions.
-This changes [with this pull request](https://github.com/tendermint/tendermint/pull/584).
-
-Tendermint supports in-process versions of the dummy, counter, and nil apps that ship as examples in the [ABCI repository](https://github.com/tendermint/abci).
-It's easy to compile your own app in-process with tendermint if it's written in Go.
-If your app is not written in Go, simply run it in another process,
-and use the `--proxy_app` flag to specify the address of the socket it is listening on, for instance
-
-
-```
-tendermint node --proxy_app=/var/run/abci.sock
-```
-
-## Transactions
-
-To send a transaction, use `curl` to make requests to the Tendermint RPC server:
-
-```
-curl http://localhost:46657/broadcast_tx_commit?tx=\"abcd\"
-```
-
-For handling responses, we recommend you [install the jsonpp tool](http://jmhodges.github.io/jsonpp/) to pretty print the JSON.
-
-We can see the chain's status at the `/status` end-point:
-
-```
-curl http://localhost:46657/status |  jsonpp
-```
-
-and the `latest_app_hash` in particular:
-
-```
-curl http://localhost:46657/status |  jsonpp | grep app_hash
-```
-
-Visit [http://localhost:46657](http://localhost:46657) in your browser to see the list of other endpoints.
-Some take no arguments (like `/status`), while others specify the argument name and use `_` as a placeholder.
-
-## Reset
-
-**WARNING: UNSAFE** Only do this in development and only if you can afford to lose all blockchain data!
-
-To reset a blockchain, stop the node, remove the `~/.tendermint/data` directory and run
-
-```
-tendermint unsafe_reset_priv_validator
-```
-
-This final step is necessary to reset the `priv_validator.json`,
-which otherwise prevents you from making conflicting votes in the consensus
-(something that could get you in trouble if you do it on a real blockchain).
-If you don't reset the `priv_validator.json`, your fresh new blockchain will not make any blocks.
-
-## Configuration
-
-Tendermint uses a `config.toml` for configutation. For details, see [the documentation](/docs/specs/configuration).
-
-Notable options include the socket address of the application (`proxy_app`),
-the listenting address of the tendermint peer (`p2p.laddr`),
-and the listening address of the rpc server (`rpc.laddr`).
-
-Some fields from the config file can be overwritten with flags.
-
-## Broadcast API
-
-Earlier, we used the `broadcast_tx_commit` endpoint to send a transaction.
-When a transaction is sent to a tendermint node,
-it will run via `CheckTx` against the application.
-If it passes `CheckTx`, it will be included in the mempool,
-broadcast to other peers, and eventually included in a block.
-
-Since there are multiple phases to processing a transaction, we offer multiple endpoints to broadcast a transaction:
-
-```
-/broadcast_tx_async
-/broadcast_tx_sync
-/broadcast_tx_commit
-```
-
-These correspond to no-processing, processing through the mempool, and processing through a block, respectively.
-That is, `broadcast_tx_async`, will return right away without waiting to hear if the transaction is even valid,
-while `broadcast_tx_sync` will return with the result of running the transaction through `CheckTx`.
-Using `broadcast_tx_commit` will wait until the transaction is committed in a block or until some timeout is reached,
-but will return right away if the transaction does not pass `CheckTx`.
-The return value for `broadcast_tx_commit` includes two fields, `check_tx` and `deliver_tx`, pertaining to the result of running
-the transaction through those ABCI messages.
-
-The benefit of using `broadcast_tx_commit` is that the request returns after the transaction is committed (ie. included in a block), but that can take on the order of a second. For a quick result, use `broadcast_tx_sync`,
-but the transaction will not be committed until later, and by that point its effect on the state may change.
-
-## Tendermint Networks
-
-When `tendermint init` is run, both a `genesis.json` and `priv_validator.json` are created in `~/.tendermint`.
-The `genesis.json` might look like:
-
-```
-{
-	"app_hash": "",
-	"chain_id": "test-chain-HZw6TB",
-	"genesis_time": "0001-01-01T00:00:00.000Z",
-	"validators": [
-		{
-			"amount": 10,
-			"name": "",
-			"pub_key": [
-				1,
-				"5770B4DD55B3E08B7F5711C48B516347D8C33F47C30C226315D21AA64E0DFF2E"
-			]
-		}
-	]
-}
-```
-
-And the `priv_validator.json`:
-
-```
-{
-	"address": "4F4D895F882A18E1D1FC608D102601DA8D3570E5",
-	"last_height": 0,
-	"last_round": 0,
-	"last_signature": null,
-	"last_signbytes": "",
-	"last_step": 0,
-	"priv_key": [
-		1,
-		"F9FA3CD435BDAE54D0BCA8F1BC289D718C23D855C6DB21E8543F5E4F457E62805770B4DD55B3E08B7F5711C48B516347D8C33F47C30C226315D21AA64E0DFF2E"
-	],
-	"pub_key": [
-		1,
-		"5770B4DD55B3E08B7F5711C48B516347D8C33F47C30C226315D21AA64E0DFF2E"
-	]
-}
-```
-
-The `priv_validator.json` actually contains a private key, and should thus be kept absolutely secret;
-for now we work with the plain text.
-Note the `last_` fields, which are used to prevent us from signing conflicting messages.
-
-Note also that the `pub_key` (the public key) in the `priv_validator.json` is also present in the `genesis.json`.
-
-The genesis file contains the list of public keys which may participate in the consensus,
-and their corresponding voting power.
-Greater than 2/3 of the voting power must be active (ie. the corresponding private keys must be producing signatures)
-for the consensus to make progress.
-In our case, the genesis file contains the public key of our `priv_validator.json`,
-so a tendermint node started with the default root directory will be able to make new blocks,
-as we've already seen.
-
-If we want to add more nodes to the network, we have two choices:
-we can add a new validator node, who will also participate in the consensus
-by proposing blocks and voting on them,
-or we can add a new non-validator node, who will not participate directly,
-but will verify and keep up with the consensus protocol.
-
-### Peers
-
-To connect to peers on start-up, specify them in the `config.toml` or on the command line.
-
-For instance,
-
-```
-tendermint node --p2p.seeds "1.2.3.4:46656,5.6.7.8:46656"
-```
-
-Alternatively, you can use the `/dial_seeds` endpoint of the RPC to specify peers for a running node to connect to:
-
-```
-curl --data-urlencode "seeds=[\"1.2.3.4:46656\",\"5.6.7.8:46656\"]" localhost:46657/dial_seeds
-```
-
-Additionally, the peer-exchange protocol can be enabled using the `--pex` flag,
-though this feature is [still under development](https://github.com/tendermint/tendermint/issues/598)
-If `--pex` is enabled, peers will gossip about known peers and form a more resilient network.
-
-### Adding a Non-Validator
-
-Adding a non-validator is simple. Just copy the original `genesis.json` to `~/.tendermint` on the new machine
-and start the node, specifying seeds as necessary.
-If no seeds are specified, the node won't make any blocks, because it's not a validator,
-and it won't hear about any blocks, because it's not connected to the other peer.
-
-### Adding a Validator
-
-The easiest way to add new validators is to do it in the `genesis.json`, before starting the network.
-For instance, we could make a new `priv_validator.json`, and copy it's `pub_key` into the above genesis.
-
-We can generate a new `priv_validator.json` with the command:
-
-```
-tendermint gen_validator
-```
-
-Now we can update our genesis file. For instance, if the new `priv_validator.json` looks like:
-
-```
-{
-        "address": "AC379688105901436A34A65F185C115B8BB277A1",
-        "last_height": 0,
-        "last_round": 0,
-        "last_signature": null,
-        "last_signbytes": "",
-        "last_step": 0,
-        "priv_key": [
-                1,
-                "0D2ED337D748ADF79BE28559B9E59EBE1ABBA0BAFE6D65FCB9797985329B950C8F2B5AACAACC9FCE41881349743B0CFDE190DF0177744568D4E82A18F0B7DF94"
-        ],
-        "pub_key": [
-                1,
-                "8F2B5AACAACC9FCE41881349743B0CFDE190DF0177744568D4E82A18F0B7DF94"
-        ]
-}
-```
-
-then the new `genesis.json` will be:
-
-```
-{
-	"app_hash": "",
-	"chain_id": "test-chain-HZw6TB",
-	"genesis_time": "0001-01-01T00:00:00.000Z",
-	"validators": [
-		{
-			"amount": 10,
-			"name": "",
-			"pub_key": [
-				1,
-				"5770B4DD55B3E08B7F5711C48B516347D8C33F47C30C226315D21AA64E0DFF2E"
-			]
-		},
-		{
-			"amount": 10,
-			"name": "",
-			"pub_key": [
-				1,
-				"8F2B5AACAACC9FCE41881349743B0CFDE190DF0177744568D4E82A18F0B7DF94"
-			]
-		}
-	]
-}
-```
-
-Update the `genesis.json` in `~/.tendermint`. Copy the genesis file and the new `priv_validator.json`
-to the `~/.tendermint` on a new machine.
-
-Now run `tendermint node` on both machines, and use either `--p2p.seeds` or the `/dial_seeds` to get them to peer up.
-They should start making blocks, and will only continue to do so as long as both of them are online.
-
-To make a Tendermint network that can tolerate one of the validators failing, you need at least four validator nodes (> 2/3).
-
-Updating validators in a live network is supported but must be explicitly programmed by the application developer.
-See the [application developers guide](/docs/guides/app-development#Handshake) for more details.
-
-### Local Network
-
-To run a network locally, say on a single machine, you must change the `_laddr` fields in the `config.toml` (or using the flags)
-so that the listening addresses of the various sockets don't conflict.
-Additionally, you must set `addrbook_strict=false` in the `config.toml`,
-otherwise Tendermint's p2p library will deny making connections to peers with the same IP address.
-
-## More
-
-Got a couple nodes talking to each other using the dummy app?
-Try a more sophisticated app like [Ethermint](https://github.com/tendermint/ethermint),
-or learn more about building your own in the [Application Developer's Guide](/docs/guides/app-development).
--- a/docs/hidden/ABCI.md
+++ b/docs/hidden/ABCI.md
@@ -1,16 +0,0 @@
-# ABCI
-
-ABCI is an interface between the consensus/blockchain engine known as tendermint, and the application-specific business logic, known as an ABCi app.
-
-The tendermint core should run unchanged for all apps.  Each app can customize it, the supported transactions, queries, even the validator sets and how to handle staking / slashing stake. This customization is achieved by implementing the ABCi app to send the proper information to the tendermint engine to perform as directed.
-
-To understand this decision better, think of the design of the tendermint engine.
-
-* A blockchain is simply consensus on a unique global ordering of events.
-* This consensus can efficiently be implemented using BFT and PoS
-* This code can be generalized to easily support a large number of blockchains
-* The block-chain specific code, the interpretation of the individual events, can be implemented by a 3rd party app without touching the consensus engine core
-* Use an efficient, language-agnostic layer to implement this (ABCi)
-
-
-Bucky, please make this doc real.
--- a/docs/hidden/README.md
+++ b/docs/hidden/README.md
@@ -1,16 +0,0 @@
-# Architecture Decision Records
-
-This is a location to record all high-level architecture decisions in the tendermint project.  Not the implementation details, but the reasoning that happened.  This should be refered to for guidance of the "right way" to extend the application.  And if we notice that the original decisions were lacking, we should have another open discussion, record the new decisions here, and then modify the code to match.
-
-This is like our guide and mentor when Jae and Bucky are offline.... The concept comes from a [blog post](https://product.reverb.com/documenting-architecture-decisions-the-reverb-way-a3563bb24bd0#.78xhdix6t) that resonated among the team when Anton shared it.
-
-Each section of the code can have it's own markdown file in this directory, and please add a link to the readme.
-
-## Sections
-
-* [ABCI](./ABCI.md)
-* [go-merkle / merkleeyes](./merkle.md)
-* [Frey's thoughts on the data store](./merkle-frey.md)
-* basecoin
-* tendermint core (multiple sections)
-* ???
--- a/docs/hidden/merkle-frey.md
+++ b/docs/hidden/merkle-frey.md
@@ -1,240 +0,0 @@
-# Merkle data stores - Frey's proposal
-
-## TL;DR
-
-To allow the efficient creation of an ABCi app, tendermint wishes to provide a reference implementation of a key-value store that provides merkle proofs of the data.  These proofs then quickly allow the ABCi app to provide an app hash to the consensus engine, as well as a full proof to any client.
-
-This is equivalent to building a database, and I would propose designing it from the API first, then looking how to implement this (or make an adapter from the API to existing implementations). Once we agree on the functionality and the interface, we can implement the API bindings, and then work on building adapters to existence merkle-ized data stores, or modifying the stores to support this interface.
-
-We need to consider the API (both in-process and over the network), language bindings, maintaining handles to old state (and garbage collecting), persistence, security, providing merkle proofs, and general key-value store operations. To stay consistent with the blockchains "single global order of operations", this data store should only allow one connection at a time to have write access.
-
-## Overview
-
-* **State**
-  * There are two concepts of state, "committed state" and "working state"
-  * The working state is only accessible from the ABCi app, allows writing, but does not need to support proofs.
-  * When we commit the "working state", it becomes a new "committed state" and has an immutable root hash, provides proofs, and can be exposed to external clients.
-* **Transactions**
-  * The database always allows creating a read-only transaction at the last "committed state", this transaction can serve read queries and proofs.
-  * The database maintains all data to serve these read transactions until they are closed by the client (or time out).  This allows the client(s) to determine how much old info is needed
-  * The database can only support *maximal* one writable transaction at a time.  This makes it easy to enforce serializability, and attempting to start a second writable transaction may trigger a panic.
-* **Functionality**
-  * It must support efficient key-value operations (get/set/delete)
-  * It must support returning merkle proofs for any "committed state"
-  * It should support range queries on subsets of the key space if possible (ie. if the db doesn't hash keys)
-  * It should also support listening to changes to a desired key via pub-sub or similar method, so I can quickly notify you on a change to your balance without constant polling.
-  * It may support other db-specific query types as an extension to this interface, as long as all specified actions maintain their meaning.
-* **Interface**
-  * This interface should be domain-specific - ie. designed just for this use case
-  * It should present a simple go interface for embedding the data store in-process
-  * It should create a gRPC/protobuf API for calling from any client
-  * It should provide and maintain client adapters from our in-process interface to gRPC client calls for at least golang and Java (maybe more languages?)
-  * It should provide and maintain server adapters from our gRPC calls to the in-process interface for golang at least (unless there is another server we wish to support)
-* **Persistence**
-  * It must support atomic persistence upon committing a new block.  That is, upon crash recovery, the state is guaranteed to represent the state at the end of a complete block (along with a note of which height it was).
-  * It must delay deletion of old data as long as there are open read-only transactions referring to it, thus we must maintain some sort of WAL to keep track of pending cleanup.
-  * When a transaction is closed, or when we recover from a crash, it should clean up all no longer needed data to avoid memory/storage leaks.
-* **Security and Auth**
-  * If we allow connections over gRPC, we must consider this issues and allow both encryption (SSL), and some basic auth rules to prevent undesired access to the DB
-  * This is client-specific and does not need to be supported in the in-process, embedded version.
-
-## Details
-
-Here we go more in-depth in each of the sections, explaining the reasoning and more details on the desired behavior. This document is only the high-level architecture and should support multiple implementations.  When building out a specific implementation, a similar document should be provided for that repo, showing how it implements these concepts, and details about memory usage, storage, efficiency, etc.
-
-
-### State
-
-The current ABCi interface avoids this question a bit and that has brought confusion.  If I use `merkleeyes` to store data, which state is returned from `Query`?  The current "working" state, which I would like to refer to in my ABCi application?  Or the last committed state, which I would like to return to a client's query?  Or an old state, which I may select based on height?
-
-Right now, `merkleeyes` implements `Query` like a normal ABCi app and only returns committed state, which has lead to problems and confusion.  Thus, we need to be explicit about which state we want to view.  Each viewer can then specify which state it wants to view.  This allows the app to query the working state in DeliverTx, but the committed state in Query.
-
-We can easily provide two global references for "last committed" and "current working" states.  However, if we want to also allow querying of older commits... then we need some way to keep track of which ones are still in use, so we can garbage collect the unneeded ones. There is a non-trivial overhead in holding references to all past states, but also a hard-coded solution (hold onto the last 5 commits) may not support all clients.  We should let the client define this somehow.
-
-### Transactions
-
-Transactions (in the typical database sense) are a clean and established solution to this issue.  We can look at the [isolations levels](https://en.wikipedia.org/wiki/Isolation_(database_systems)#Serializable) which attempt to provide us things like "repeatable reads".  That means if we open a transaction, and query some data 100 times while other processes are writing to the db, we get the same result each time.  This transaction has a reference to its own local state from the time the transaction started. (We are referring to the highest isolation levels here, which correlate well this the blockchain use case).
-
-If we implement a read-only transaction as a reference to state at the time of creation of that transaction, we can then hold these references to various snapshots, one per block that we are interested, and allow the client to multiplex queries and proofs from these various blocks.
-
-If we continue using these concepts (which have informed 30+ years of server side design), we can add a few nice features to our write transactions. The first of which is `Rollback` and `Commit`.  That means all the changes we make in this transaction have no effect on the database until they are committed.  And until they are committed, we can always abort if we detect an anomaly, returning to the last committed state with a rollback.
-
-There is also a nice extension to this available on some database servers, basically, "nested" transactions or "savepoints".  This means that within one transaction, you can open a subtransaction/savepoint and continue work.  Later you have the option to commit or rollback all work since the savepoint/subtransaction.  And then continue with the main transaction.
-
-If you don't understand why this is useful, look at how basecoin needs to [hold cached state for AppTx](https://github.com/tendermint/basecoin/blob/master/state/execution.go#L126-L149), meaning that it rolls back all modifications if the AppTx returns an error. This was implemented as a wrapper in basecoin, but it is a reasonable thing to support in the DB interface itself (especially since the implementation becomes quite non-trivial as soon as you support range queries).
-
-To give a bit more reference to this concept in practice, read about [Savepoints in Postgresql](https://www.postgresql.org/docs/current/static/tutorial-transactions.html) ([reference](https://www.postgresql.org/docs/current/static/sql-savepoint.html)) or [Nesting transactions in SQL Server](http://dba-presents.com/index.php/databases/sql-server/43-nesting-transactions-and-save-transaction-command) (TL;DR: scroll to the bottom, section "Real nesting transactions with SAVE TRANSACTION")
-
-### Functionality
-
-Merkle trees work with key-value pairs, so we should most importantly focus on the basic Key-Value operations.  That is `Get`, `Set`, and `Remove`. We also need to return a merkle proof for any key, along with a root hash of the tree for committing state to the blockchain. This is just the basic merkle-tree stuff.
-
-If it is possible with the implementation, it is nice to provide access to Range Queries.  That is, return all values where the key is between X and Y.  If you construct your keys wisely, it is possible to store lists (1:N) relations this way.  Eg, storing blog posts and the key is blog:`poster_id`:`sequence`, then I could search for all blog posts by a given `poster_id`, or even return just posts 10-19 from the given poster.
-
-The construction of a tree that supports range queries was one of the [design decisions of go-merkle](https://github.com/tendermint/go-merkle/blob/master/README.md).  It is also kind of possible with [ethereum's patricia trie](https://github.com/ethereum/wiki/wiki/Patricia-Tree) as long as the key is less than 32 bytes.
-
-In addition to range queries, there is one more nice feature that we could add to our data store - listening to events. Depending on your context, this is "reactive programming", "event emitters", "notifications", etc... But the basic concept is that a client can listen for all changes to a given key (or set of keys), and receive a notification when this happens. This is very important to avoid [repeated polling and wasted queries](http://resthooks.org/) when a client simply wants to [detect changes](https://www.rethinkdb.com/blog/realtime-web/).
-
-If the database provides access to some "listener" functionality, the app can choose to expose this to the external client via websockets, web hooks, http2 push events, android push notifications, etc, etc etc.... But if we want to support modern client functionality, let's add support for this reactive paradigm in our DB interface.
-
-**TODO** support for more advanced backends, eg. Bolt....
-
-### Go Interface
-
-I will start with a simple go interface to illustrate the in-process interface.  Once there is agreement on how this looks, we can work out the gRPC bindings to support calling out of process. These interfaces are not finalized code, but I think the demonstrate the concepts better than text and provide a strawman to get feedback.
-
-```
-// DB represents the committed state of a merkle-ized key-value store
-type DB interface {
-  // Snapshot returns a reference to last committed state to use for
-  // providing proofs, you must close it at the end to garbage collect
-  // the historical state we hold on to to make these proofs
-  Snapshot() Prover
-
-  // Start a transaction - only way to change state
-  // This will return an error if there is an open Transaction
-  Begin() (Transaction, error)
-
-  // These callbacks are triggered when the Transaction is Committed
-  // to the DB.  They can be used to eg. notify clients via websockets when
-  // their account balance changes.
-  AddListener(key []byte, listener Listener)
-  RemoveListener(listener Listener)
-}
-
-// DBReader represents a read-only connection to a snapshot of the db
-type DBReader interface {
-  // Queries on my local view
-  Has(key []byte) (bool, error)
-  Get(key []byte) (Model, error)
-  GetRange(start, end []byte, ascending bool, limit int) ([]Model, error)
-  Closer
-}
-
-// Prover is an interface that lets one query for Proofs, holding the
-// data at a specific location in memory
-type Prover interface {
-  DBReader
-
-  // Hash is the AppHash (RootHash) for this block
-  Hash() (hash []byte)
-
-  // Prove returns the data along with a merkle Proof
-  // Model and Proof are nil if not found
-  Prove(key []byte) (Model, Proof, error)
-}
-
-// Transaction is a set of state changes to the DB to be applied atomically.
-// There can only be one open transaction at a time, which may only have
-// maximum one subtransaction at a time.
-// In short, at any time, there is exactly one object that can write to the
-// DB, and we can use Subtransactions to group operations and roll them back
-// together (kind of like `types.KVCache` from basecoin)
-type Transaction interface {
-  DBReader
-
-  // Change the state - will raise error immediately if this Transaction
-  // is not holding the exclusive write lock
-  Set(model Model) (err error)
-  Remove(key []byte) (removed bool, err error)
-
-  // Subtransaction starts a new subtransaction, rollback will not affect the
-  // parent.  Only on Commit are the changes applied to this transaction.
-  // While the subtransaction exists, no write allowed on the parent.
-  // (You must Commit or Rollback the child to continue)
-  Subtransaction() Transaction
-
-  // Commit this transaction (or subtransaction), the parent reference is
-  // now updated.
-  // This only updates persistant store if the top level transaction commits
-  // (You may have any number of nested sub transactions)
-  Commit() error
-
-  // Rollback ends the transaction and throw away all transaction-local state,
-  // allowing the tree to prune those elements.
-  // The parent transaction now recovers the write lock.
-  Rollback()
-}
-
-// Listener registers callbacks on changes to the data store
-type Listener interface {
-  OnSet(key, value, oldValue []byte)
-  OnRemove(key, oldValue []byte)
-}
-
-// Proof represents a merkle proof for a key
-type Proof interface {
-  RootHash() []byte
-  Verify(key, value, root []byte) bool
-}
-
-type Model interface {
-  Key() []byte
-  Value() []byte
-}
-
-// Closer releases the reference to this state, allowing us to garbage collect
-// Make sure to call it before discarding.
-type Closer interface {
-  Close()
-}
-```
-
-### Remote Interface
-
-The use-case of allowing out-of-process calls is very powerful.  Not just to provide a powerful merkle-ready data store to non-go applications.
-
-It we allow the ABCi app to maintain the only writable connections, we can guarantee that all transactions are only processed through the tendermint consensus engine.  We could then allow multiple "web server" machines "read-only" access and scale out the database reads, assuming the consensus engine, ABCi logic, and public key cryptography is more the bottleneck than the database. We could even place the consensus engine, ABCi app, and data store on one machine, connected with unix sockets for security, and expose a tcp/ssl interface for reading the data, to scale out query processing over multiple machines.
-
-But returning our focus directly to the ABCi app (which is the most important use case).  An app may well want to maintain 100 or 1000 snapshots of different heights to allow people to easily query many proofs at a given height without race conditions (very important for IBC, ask Jae).  Thus, we should not require a separate TCP connection for each height, as this gets quite awkward with so many connections. Also, if we want to use gRPC, we should consider the connections potentially transient (although they are more efficient with keep-alive).
-
-Thus, the wire encoding of a transaction or a snapshot should simply return a unique id.  All methods on a `Prover` or `Transaction` over the wire can send this id along with the arguments for the method call.  And we just need a hash map on the server to map this id to a state.
-
-The only negative of not requiring a persistent tcp connection for each snapshot is there is no auto-detection if the client crashes without explicitly closing the connections.  Thus, I would suggest adding a `Ping` thread in the gRPC interface which keeps the Snapshot alive.  If no ping is received within a server-defined time, it may automatically close those transactions.  And if we consider a client with 500 snapshots that needs to ping each every 10 seconds, that is a lot of overhead, so we should design the ping to accept a list of IDs for the client and update them all.  Or associate all snapshots with a clientID and then just send the clientID in the ping.  (Please add other ideas on how to detect client crashes without persistent connections).
-
-To encourage adoption, we should provide a nice client that uses this gRPC interface (like we do with ABCi).  For go, the client may have the exact same interface as the in-process version, just that the error call may return network errors, not just illegal operations.  We should also add a client with a clean API for Java, since that seems to be popular among app developers in the current tendermint community.  Other bindings as we see the need in the server space.
-
-### Persistence
-
-Any data store worth it's name should not lose all data on a crash.  Even [redis provides some persistence](https://redis.io/topics/persistence) these days. Ideally, if the system crashes and restarts, it should have the data at the last block N that was committed.  If the system crash during the commit of block N+1, then the recovered state should either be block N or completely committed block N+1, but no partial state between the two.  Basically, the commit must be an atomic operation (even if updating 100's of records).
-
-To avoid a lot of headaches ourselves, we can use an existing data store, such as leveldb, which provides `WriteBatch` to group all operations.
-
-The other issue is cleaning up old state.  We cannot delete any information from our persistent store, as long as any snapshot holds a reference to it (or else we get some panics when the data we query is not there).  So, we need to store the outstanding deletions that we can perform when the snapshot is `Close`d.  In addition, we must consider the case that the data store crashes with open snapshots.  Thus, the info on outstanding deletions must also be persisted somewhere.  Something like a "delete-behind log" (the opposite of a "write ahead log").
-
-This is not a concern of the generic interface, but each implementation should take care to handle this well to avoid accumulation of unused references in the data store and eventual data bloat.
-
-#### Backing stores
-
-It is way outside the scope of this project to build our own database that is capable of efficiently storing the data, provide multiple read-only snapshots at once, and save it atomically. The best approach seems to select an existing database (best a simple one) that provides this functionality and build upon it, much like the current `go-merkle` implementation builds upon `leveldb`.  After some research here are winners and losers:
-
-**Winners**
-
-* Leveldb - [provides consistent snapshots](https://ayende.com/blog/161705/reviewing-leveldb-part-xiii-smile-and-here-is-your-snapshot), and [provides tooling for building ACID compliance](http://codeofrob.com/entries/writing-a-transaction-manager-on-top-of-leveldb.html)
-  * Note there are at least two solid implementations available in go - [goleveldb](https://github.com/syndtr/goleveldb) - a pure go implementation, and [levigo](https://github.com/jmhodges/levigo) - a go wrapper around leveldb.
-  * Goleveldb is much easier to compile and cross-compile (not requiring cgo), while levigo (or cleveldb) seems to provide a significant performance boosts (but I had trouble even running benchmarks)
-* PostgreSQL - fully supports these ACID semantics if you call `SET TRANSACTION ISOLATION LEVEL SERIALIZABLE` at the beginning of a transaction (tested)
-  * This may be total overkill unless we also want to make use of other features, like storing data in multiple columns with secondary indexes.
-  * Trillian can show an example of [how to store a merkle tree in sql](https://github.com/google/trillian/blob/master/storage/mysql/tree_storage.go)
-
-**Losers**
-
-* Bolt - open [read-only snapshots can block writing](https://github.com/boltdb/bolt/issues/378)
-* Mongo - [barely even supports atomic operations](https://docs.mongodb.com/manual/core/write-operations-atomicity/), much less multiple snapshots
-
-**To investigate**
-
-* [Trillian](https://github.com/google/trillian) - has a [persistent merkle tree interface](https://github.com/google/trillian/blob/master/storage/tree_storage.go) along with [backend storage with mysql](https://github.com/google/trillian/blob/master/storage/mysql/tree_storage.go), good inspiration for our design if not directly using it
-* [Moss](https://github.com/couchbase/moss) - another key-value store in go, seems similar to leveldb, maybe compare with performance tests?
-
-### Security
-
-When allowing access out-of-process, we should provide different mechanisms to secure it.  The first is the choice of binding to a local unix socket or a tcp port.  The second is the optional use of ssl to encrypt the connection (very important over tcp).  The third is authentication to control access to the database.
-
-We may also want to consider the case of two server connections with different permissions, eg. a local unix socket that allows write access with no more credentials, and a public TCP connection with ssl and authentication that only provides read-only access.
-
-The use of ssl is quite easy in go, we just need to generate and sign a certificate, so it is nice to be able to disable it for dev machines, but it is very important for production.
-
-For authentication, let me sketch out a minimal solution. The server could just have a simple config file with key/bcrypt(password) pairs along with read/write permission level, and read that upon startup.  The client must provide a username and password in the HTTP headers when making the original HTTPS gRPC connection.
-
-This is super minimal to provide some protection. Things like LDAP, OAuth and single-sign on seem overkill and even potential security holes.  Maybe there is another solution somewhere in the middle.
--- a/docs/hidden/merkle.md
+++ b/docs/hidden/merkle.md
@@ -1,17 +0,0 @@
-# Merkle data stores
-
-To allow the efficient creation of an ABCi app, tendermint wishes to provide a reference implemention of a key-value store that provides merkle proofs of the data.  These proofs then quickly allow the ABCi app to provide an apphash to the consensus engine, as well as a full proof to any client.
-
-This engine is currently implemented in `go-merkle` with `merkleeyes` providing a language-agnostic binding via ABCi.  It uses `tmlibs/db` bindings internally to persist data to leveldb.
-
-What are some of the requirements of this store:
-
-* It must support efficient key-value operations (get/set/delete)
-* It must support persistance.
-* We must only persist complete blocks, so when we come up after a crash we are at the state of block N or N+1, but not in-between these two states.
-* It must allow us to read/write from one uncommited state (working state), while serving other queries from the last commited state. And a way to determine which one to serve for each client.
-* It must allow us to hold references to old state, to allow providing proofs from 20 blocks ago.  We can define some limits as to the maximum time to hold this data.
-* We provide in process binding in Go
-* We provide language-agnostic bindings when running the data store as it's own process.
-
-
--- a/docs/how-to-read-logs.rst
+++ b/docs/how-to-read-logs.rst
@@ -0,0 +1,165 @@
+How to read logs
+================
+
+Walk through example
+--------------------
+
+We first create three connections (mempool, consensus and query) to the
+application (locally running dummy in this case).
+
+::
+
+    I[10-04|13:54:27.364] Starting multiAppConn                        module=proxy impl=multiAppConn
+    I[10-04|13:54:27.366] Starting localClient                         module=abci-client connection=query impl=localClient
+    I[10-04|13:54:27.366] Starting localClient                         module=abci-client connection=mempool impl=localClient
+    I[10-04|13:54:27.367] Starting localClient                         module=abci-client connection=consensus impl=localClient
+
+Then Tendermint Core and the application perform a handshake.
+
+::
+
+    I[10-04|13:54:27.367] ABCI Handshake                               module=consensus appHeight=90 appHash=E0FBAFBF6FCED8B9786DDFEB1A0D4FA2501BADAD
+    I[10-04|13:54:27.368] ABCI Replay Blocks                           module=consensus appHeight=90 storeHeight=90 stateHeight=90
+    I[10-04|13:54:27.368] Completed ABCI Handshake - Tendermint and App are synced module=consensus appHeight=90 appHash=E0FBAFBF6FCED8B9786DDFEB1A0D4FA2501BADAD
+
+After that, we start a few more things like the event switch, reactors, and
+perform UPNP discover in order to detect the IP address.
+
+::
+
+    I[10-04|13:54:27.374] Starting EventSwitch                         module=types impl=EventSwitch
+    I[10-04|13:54:27.375] This node is a validator                     module=consensus
+    I[10-04|13:54:27.379] Starting Node                                module=main impl=Node
+    I[10-04|13:54:27.381] Local listener                               module=p2p ip=:: port=46656
+    I[10-04|13:54:27.382] Getting UPNP external address                module=p2p
+    I[10-04|13:54:30.386] Could not perform UPNP discover              module=p2p err="write udp4 0.0.0.0:38238->239.255.255.250:1900: i/o timeout"
+    I[10-04|13:54:30.386] Starting DefaultListener                     module=p2p impl=Listener(@10.0.2.15:46656)
+    I[10-04|13:54:30.387] Starting P2P Switch                          module=p2p impl="P2P Switch"
+    I[10-04|13:54:30.387] Starting MempoolReactor                      module=mempool impl=MempoolReactor
+    I[10-04|13:54:30.387] Starting BlockchainReactor                   module=blockchain impl=BlockchainReactor
+    I[10-04|13:54:30.387] Starting ConsensusReactor                    module=consensus impl=ConsensusReactor
+    I[10-04|13:54:30.387] ConsensusReactor                             module=consensus fastSync=false
+    I[10-04|13:54:30.387] Starting ConsensusState                      module=consensus impl=ConsensusState
+    I[10-04|13:54:30.387] Starting WAL                                 module=consensus wal=/home/vagrant/.tendermint/data/cs.wal/wal impl=WAL
+    I[10-04|13:54:30.388] Starting TimeoutTicker                       module=consensus impl=TimeoutTicker
+
+Notice the second row where Tendermint Core reports that "This node is a
+validator". It also could be just an observer (regular node).
+
+Next we replay all the messages from the WAL.
+
+::
+
+    I[10-04|13:54:30.390] Catchup by replaying consensus messages      module=consensus height=91
+    I[10-04|13:54:30.390] Replay: New Step                             module=consensus height=91 round=0 step=RoundStepNewHeight
+    I[10-04|13:54:30.390] Replay: Done                                 module=consensus
+
+"Started node" message signals that everything is ready for work.
+
+::
+
+    I[10-04|13:54:30.391] Starting RPC HTTP server on tcp socket 0.0.0.0:46657 module=rpc-server
+    I[10-04|13:54:30.392] Started node                                 module=main nodeInfo="NodeInfo{pk: PubKeyEd25519{DF22D7C92C91082324A1312F092AA1DA197FA598DBBFB6526E177003C4D6FD66}, moniker: anonymous, network: test-chain-3MNw2N [remote , listen 10.0.2.15:46656], version: 0.11.0-10f361fc ([wire_version=0.6.2 p2p_version=0.5.0 consensus_version=v1/0.2.2 rpc_version=0.7.0/3 tx_index=on rpc_addr=tcp://0.0.0.0:46657])}"
+
+Next follows a standard block creation cycle, where we enter a new round,
+propose a block, receive more than 2/3 of prevotes, then precommits and finally
+have a chance to commit a block. For details, please refer to `Consensus
+Overview
+<introduction.html#consensus-overview>`__
+or `Byzantine Consensus Algorithm
+<specification.html>`__.
+
+::
+
+    I[10-04|13:54:30.393] enterNewRound(91/0). Current: 91/0/RoundStepNewHeight module=consensus
+    I[10-04|13:54:30.393] enterPropose(91/0). Current: 91/0/RoundStepNewRound module=consensus
+    I[10-04|13:54:30.393] enterPropose: Our turn to propose            module=consensus proposer=125B0E3C5512F5C2B0E1109E31885C4511570C42 privValidator="PrivValidator{125B0E3C5512F5C2B0E1109E31885C4511570C42 LH:90, LR:0, LS:3}"
+    I[10-04|13:54:30.394] Signed proposal                              module=consensus height=91 round=0 proposal="Proposal{91/0 1:21B79872514F (-1,:0:000000000000) {/10EDEDD7C84E.../}}"
+    I[10-04|13:54:30.397] Received complete proposal block             module=consensus height=91 hash=F671D562C7B9242900A286E1882EE64E5556FE9E
+    I[10-04|13:54:30.397] enterPrevote(91/0). Current: 91/0/RoundStepPropose module=consensus
+    I[10-04|13:54:30.397] enterPrevote: ProposalBlock is valid         module=consensus height=91 round=0
+    I[10-04|13:54:30.398] Signed and pushed vote                       module=consensus height=91 round=0 vote="Vote{0:125B0E3C5512 91/00/1(Prevote) F671D562C7B9 {/89047FFC21D8.../}}" err=null
+    I[10-04|13:54:30.401] Added to prevote                             module=consensus vote="Vote{0:125B0E3C5512 91/00/1(Prevote) F671D562C7B9 {/89047FFC21D8.../}}" prevotes="VoteSet{H:91 R:0 T:1 +2/3:F671D562C7B9242900A286E1882EE64E5556FE9E:1:21B79872514F BA{1:X} map[]}"
+    I[10-04|13:54:30.401] enterPrecommit(91/0). Current: 91/0/RoundStepPrevote module=consensus
+    I[10-04|13:54:30.401] enterPrecommit: +2/3 prevoted proposal block. Locking module=consensus hash=F671D562C7B9242900A286E1882EE64E5556FE9E
+    I[10-04|13:54:30.402] Signed and pushed vote                       module=consensus height=91 round=0 vote="Vote{0:125B0E3C5512 91/00/2(Precommit) F671D562C7B9 {/80533478E41A.../}}" err=null
+    I[10-04|13:54:30.404] Added to precommit                           module=consensus vote="Vote{0:125B0E3C5512 91/00/2(Precommit) F671D562C7B9 {/80533478E41A.../}}" precommits="VoteSet{H:91 R:0 T:2 +2/3:F671D562C7B9242900A286E1882EE64E5556FE9E:1:21B79872514F BA{1:X} map[]}"
+    I[10-04|13:54:30.404] enterCommit(91/0). Current: 91/0/RoundStepPrecommit module=consensus
+    I[10-04|13:54:30.405] Finalizing commit of block with 0 txs        module=consensus height=91 hash=F671D562C7B9242900A286E1882EE64E5556FE9E root=E0FBAFBF6FCED8B9786DDFEB1A0D4FA2501BADAD
+    I[10-04|13:54:30.405] Block{
+      Header{
+        ChainID:        test-chain-3MNw2N
+        Height:         91
+        Time:           2017-10-04 13:54:30.393 +0000 UTC
+        NumTxs:         0
+        LastBlockID:    F15AB8BEF9A6AAB07E457A6E16BC410546AA4DC6:1:D505DA273544
+        LastCommit:     56FEF2EFDB8B37E9C6E6D635749DF3169D5F005D
+        Data:
+        Validators:     CE25FBFF2E10C0D51AA1A07C064A96931BC8B297
+        App:            E0FBAFBF6FCED8B9786DDFEB1A0D4FA2501BADAD
+      }#F671D562C7B9242900A286E1882EE64E5556FE9E
+      Data{
+
+      }#
+      Commit{
+        BlockID:    F15AB8BEF9A6AAB07E457A6E16BC410546AA4DC6:1:D505DA273544
+        Precommits: Vote{0:125B0E3C5512 90/00/2(Precommit) F15AB8BEF9A6 {/FE98E2B956F0.../}}
+      }#56FEF2EFDB8B37E9C6E6D635749DF3169D5F005D
+    }#F671D562C7B9242900A286E1882EE64E5556FE9E module=consensus
+    I[10-04|13:54:30.408] Executed block                               module=state height=91 validTxs=0 invalidTxs=0
+    I[10-04|13:54:30.410] Committed state                              module=state height=91 txs=0 hash=E0FBAFBF6FCED8B9786DDFEB1A0D4FA2501BADAD
+    I[10-04|13:54:30.410] Recheck txs                                  module=mempool numtxs=0 height=91
+
+List of modules
+---------------
+
+Here is the list of modules you may encounter in Tendermint's log and a little
+overview what they do.
+
+- ``abci-client`` As mentioned in `Application Development Guide
+  <app-development.html#abci-design>`__,
+  Tendermint acts as an ABCI client with respect to the application and
+  maintains 3 connections: mempool, consensus and query. The code used by
+  Tendermint Core can be found `here
+  <https://github.com/tendermint/abci/tree/master/client>`__.
+
+- ``blockchain``
+  Provides storage, pool (a group of peers), and reactor for both storing and
+  exchanging blocks between peers.
+
+- ``consensus``
+  The heart of Tendermint core, which is the implementation of the consensus
+  algorithm. Includes two "submodules": ``wal`` (write-ahead logging) for
+  ensuring data integrity and ``replay`` to replay blocks and messages on
+  recovery from a crash.
+
+- ``events``
+  Simple event notification system. The list of events can be found
+  `here
+  <https://github.com/tendermint/tendermint/blob/master/types/events.go>`__.
+  You can subscribe to them by calling ``subscribe`` RPC method.
+  Refer to `RPC docs
+  <specification/rpc.html>`__
+  for additional information.
+
+- ``mempool``
+  Mempool module handles all incoming transactions, whenever they are
+  coming from peers or the application.
+
+- ``p2p``
+  Provides an abstraction around peer-to-peer communication. For more details,
+  please check out the `README
+  <https://github.com/tendermint/tendermint/blob/56c60fba2381e4ac41d2ae38a1eb6569acfbc095/p2p/README.md>`__.
+
+- ``rpc``
+  `Tendermint's RPC <specification/rpc.html>`__.
+
+- ``rpc-server``
+  RPC server. For implementation details, please read the `README <https://github.com/tendermint/tendermint/blob/master/rpc/lib/README.md>`__.
+
+- ``state``
+  Represents the latest state and execution submodule, which executes
+  blocks against the application.
+
+- ``types``
+  A collection of the publicly exposed types and methods to work with them.
--- a/docs/images/tmint-logo-blue.png
+++ b/docs/images/tmint-logo-blue.png
--- a/docs/index.md
+++ b/docs/index.md
@@ -1,28 +0,0 @@
-# Documentation
-
-If you're new here, start with the [Tendermint Intro](/intro).
-
-To start building an ABCI application and integrating with Tendermint, 
-see the [App Development](/docs/guides/app-development)
-and [App Architecture](/docs/guides/app-architecture) guides.
-
-To learn more about running the Tendermint software, see the [Using Tendermint Guide](/docs/guides/using-tendermint).
-
-To learn more about Tendermint's various pieces, check out the [Documentation](/docs).
-For a deeper dive, see [this thesis](https://atrium.lib.uoguelph.ca/xmlui/handle/10214/9769). 
-There is also the [original whitepaper](https://tendermint.com/static/docs/tendermint.pdf), though it is now quite outdated.
-You might also be interested in the [Cosmos Whitepaper](https://cosmos.network/whitepaper),
-which describes Tendermint, ABCI, and how to build a scalable, heterogeneous, cryptocurrency network.
-
-For details on how the software has changed, and what changes are in store, see the [Changelog](https://github.com/tendermint/tendermint/blob/master/CHANGELOG.md) and the [Roadmap](https://github.com/tendermint/tendermint/blob/master/roadmap.md).
-
-If you're interested in contributing, see our [Contributor Guidelines](https://github.com/tendermint/tendermint/blob/master/CONTRIBUTING.md)
-
-The Tendermint [Software Ecosystem](/ecosystem) contains many example applications and related software built by the Tendermint team and others. 
-Check it out for some motivation and inspiration!
-
-See our [Community](/community) page for more ways to collaborate.
-
-You can also [get in touch with the team](/contact).
-
-Most importantly, enjoy!
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -0,0 +1,73 @@
+.. Tendermint documentation master file, created by
+   sphinx-quickstart on Mon Aug  7 04:55:09 2017.
+   You can adapt this file completely to your liking, but it should at least
+   contain the root `toctree` directive.
+
+Welcome to Tendermint!
+======================
+
+
+.. image:: assets/tmint-logo-blue.png
+   :height: 500px
+   :width: 500px
+   :align: center
+
+Tendermint 101
+--------------
+
+.. toctree::
+   :maxdepth: 2
+
+   introduction.rst
+   install.rst
+   getting-started.rst
+   using-tendermint.rst
+
+Tendermint Ecosystem
+--------------------
+
+.. toctree::
+   :maxdepth: 2
+
+   ecosystem.rst
+
+Tendermint Tools
+----------------
+
+.. the tools/ files are pulled in from the tools repo
+.. see the bottom of conf.py
+.. toctree::
+   :maxdepth: 2
+
+   deploy-testnets.rst
+   tools/ansible.rst
+   tools/docker.rst
+   tools/mintnet-kubernetes.rst
+   tools/terraform-digitalocean.rst
+   tools/benchmarking-and-monitoring.rst
+
+Tendermint 102
+--------------
+
+.. toctree::
+   :maxdepth: 2
+
+   abci-cli.rst
+   app-architecture.rst
+   app-development.rst
+   how-to-read-logs.rst
+
+Tendermint 201
+--------------
+
+.. toctree::
+   :maxdepth: 2
+
+   specification.rst
+
+* For a deeper dive, see `this thesis <https://atrium.lib.uoguelph.ca/xmlui/handle/10214/9769>`__.
+* There is also the `original whitepaper <https://tendermint.com/static/docs/tendermint.pdf>`__, though it is now quite outdated.
+* Readers might also be interested in the `Cosmos Whitepaper <https://cosmos.network/whitepaper>`__ which describes Tendermint, ABCI, and how to build a scalable, heterogeneous, cryptocurrency network.
+* For example applications and related software built by the Tendermint team and other, see the `software ecosystem <https://tendermint.com/ecosystem>`__.
+
+Join the `Cosmos and Tendermint Rocket Chat <https://cosmos.rocket.chat>`__ to ask questions and discuss projects.
--- a/docs/install.rst
+++ b/docs/install.rst
@@ -0,0 +1,110 @@
+Install Tendermint
+==================
+
+From Binary
+-----------
+
+To download pre-built binaries, see the `Download page <https://tendermint.com/download>`__.
+
+From Source
+-----------
+
+You'll need `go`, maybe `glide` and the tendermint source code.
+
+Install Go
+^^^^^^^^^^
+
+Make sure you have `installed Go <https://golang.org/doc/install>`__ and
+set the ``GOPATH``.
+
+Get Source Code
+^^^^^^^^^^^^^^^
+
+You should be able to install the latest with a simple
+
+::
+
+    go get github.com/tendermint/tendermint/cmd/tendermint
+
+Run ``tendermint --help`` and ``tendermint version`` to ensure your
+installation worked.
+
+If the installation failed, a dependency may been updated and become
+incompatible with the latest Tendermint master branch. We solve this
+using the ``glide`` tool for dependency management.
+
+First, install ``glide``:
+
+::
+
+    go get github.com/Masterminds/glide
+
+Now we can fetch the correct versions of each dependency by running:
+
+::
+
+    cd $GOPATH/src/github.com/tendermint/tendermint
+    glide install
+    go install ./cmd/tendermint
+
+Note that even though ``go get`` originally failed, the repository was
+still cloned to the correct location in the ``$GOPATH``.
+
+The latest Tendermint Core version is now installed.
+
+Reinstall
+---------
+
+If you already have Tendermint installed, and you make updates, simply
+
+::
+
+    cd $GOPATH/src/github.com/tendermint/tendermint
+    go install ./cmd/tendermint
+
+To upgrade, there are a few options:
+
+-  set a new ``$GOPATH`` and run
+   ``go get github.com/tendermint/tendermint/cmd/tendermint``. This
+   makes a fresh copy of everything for the new version.
+-  run ``go get -u github.com/tendermint/tendermint/cmd/tendermint``,
+   where the ``-u`` fetches the latest updates for the repository and
+   its dependencies
+-  fetch and checkout the latest master branch in
+   ``$GOPATH/src/github.com/tendermint/tendermint``, and then run
+   ``glide install && go install ./cmd/tendermint`` as above.
+
+Note the first two options should usually work, but may fail. If they
+do, use ``glide``, as above:
+
+::
+
+    cd $GOPATH/src/github.com/tendermint/tendermint
+    glide install
+    go install ./cmd/tendermint
+
+Since the third option just uses ``glide`` right away, it should always
+work.
+
+Troubleshooting
+---------------
+
+If ``go get`` failing bothers you, fetch the code using ``git``:
+
+::
+
+    mkdir -p $GOPATH/src/github.com/tendermint
+    git clone https://github.com/tendermint/tendermint $GOPATH/src/github.com/tendermint/tendermint
+    cd $GOPATH/src/github.com/tendermint/tendermint
+    glide install
+    go install ./cmd/tendermint
+
+Run
+^^^
+
+To start a one-node blockchain with a simple in-process application:
+
+::
+
+    tendermint init
+    tendermint node --proxy_app=dummy
--- a/docs/introduction.rst
+++ b/docs/introduction.rst
@@ -0,0 +1,231 @@
+Introduction
+============
+
+Welcome to the Tendermint guide! This is the best place to start if you are new
+to Tendermint.
+
+What is Tendermint?
+-------------------
+
+Tendermint is software for securely and consistently replicating an application on many machines.
+By securely, we mean that Tendermint works even if up to 1/3 of machines fail in arbitrary ways.
+By consistently, we mean that every non-faulty machine sees the same transaction log and computes the same state.
+Secure and consistent replication is a fundamental problem in distributed systems; 
+it plays a critical role in the fault tolerance of a broad range of applications, 
+from currencies, to elections, to infrastructure orchestration, and beyond.
+
+The ability to tolerate machines failing in arbitrary ways, including becoming malicious, is known as Byzantine fault tolerance (BFT).
+The theory of BFT is decades old, but software implementations have only became popular recently,
+due largely to the success of "blockchain technology" like Bitcoin and Ethereum. 
+Blockchain technology is just a reformalization of BFT in a more modern setting,
+with emphasis on peer-to-peer networking and cryptographic authentication.
+The name derives from the way transactions are batched in blocks,
+where each block contains a cryptographic hash of the previous one, forming a chain.
+In practice, the blockchain data structure actually optimizes BFT design.
+
+Tendermint consists of two chief technical components: a blockchain consensus engine and a generic application interface.
+The consensus engine, called Tendermint Core, ensures that the same transactions are recorded on every machine in the same order.
+The application interface, called the Application BlockChain Interface (ABCI), enables the transactions to be processed in any programming language.
+Unlike other blockchain and consensus solutions, which come pre-packaged with built in state machines (like a fancy key-value store,
+or a quirky scripting language), developers can use Tendermint for BFT state machine replication of applications written in 
+whatever programming language and development environment is right for them.
+
+Tendermint is designed to be easy-to-use, simple-to-understand, highly performant, and useful
+for a wide variety of distributed applications.
+
+Tendermint vs. X
+----------------
+
+Tendermint vs. Other Software
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Tendermint is broadly similar to two classes of software.
+The first class consists of distributed key-value stores, 
+like Zookeeper, etcd, and consul, which use non-BFT consensus.
+The second class is known as "blockchain technology",
+and consists of both cryptocurrencies like Bitcoin and Ethereum, 
+and alternative distributed ledger designs like Hyperledger's Burrow.
+
+Zookeeper, etcd, consul
+~~~~~~~~~~~~~~~~~~~~~~~
+
+Zookeeper, etcd, and consul are all implementations of a key-value store atop a classical, 
+non-BFT consensus algorithm. Zookeeper uses a version of Paxos called Zookeeper Atomic Broadcast,
+while etcd and consul use the Raft consensus algorithm, which is much younger and simpler.
+A typical cluster contains 3-5 machines, and can tolerate crash failures in up to 1/2 of the machines,
+but even a single Byzantine fault can destroy the system.
+
+Each offering provides a slightly different implementation of a featureful key-value store,
+but all are generally focused around providing basic services to distributed systems,
+such as dynamic configuration, service discovery, locking, leader-election, and so on.
+
+Tendermint is in essence similar software, but with two key differences:
+- It is Byzantine Fault Tolerant, meaning it can only tolerate up to a 1/3 of failures,
+but those failures can include arbitrary behaviour - including hacking and malicious attacks.
+- It does not specify a particular application, like a fancy key-value store. Instead, 
+it focuses on arbitrary state machine replication, so developers can build the application logic
+that's right for them, from key-value store to cryptocurrency to e-voting platform and beyond.
+
+The layout of this Tendermint website content is also ripped directly and without shame from
+`consul.io <https://www.consul.io/>`__ and the other `Hashicorp sites <https://www.hashicorp.com/#tools>`__.
+
+Bitcoin, Ethereum, etc.
+~~~~~~~~~~~~~~~~~~~~~~~
+
+Tendermint emerged in the tradition of cryptocurrencies like Bitcoin, Ethereum, etc.
+with the goal of providing a more efficient and secure consensus algorithm than Bitcoin's Proof of Work.
+In the early days, Tendermint had a simple currency built in, and to participate in consensus,
+users had to "bond" units of the currency into a security deposit which could be revoked if they misbehaved -
+this is what made Tendermint a Proof-of-Stake algorithm.
+
+Since then, Tendermint has evolved to be a general purpose blockchain consensus engine that can host arbitrary application states.
+That means it can be used as a plug-and-play replacement for the consensus engines of other blockchain software.
+So one can take the current Ethereum code base, whether in Rust, or Go, or Haskell, and run it as a ABCI application
+using Tendermint consensus. Indeed, `we did that with Ethereum <https://github.com/tendermint/ethermint>`__.
+And we plan to do the same for Bitcoin, ZCash, and various other deterministic applications as well.
+
+Another example of a cryptocurrency application built on Tendermint is `the Cosmos network <http://cosmos.network>`__.
+
+Other Blockchain Projects
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+`Fabric <https://github.com/hyperledger/fabric>`__ takes a similar approach to Tendermint, but is more opinionated about how the state is managed,
+and requires that all application behaviour runs in potentially many docker containers, modules it calls "chaincode". 
+It uses an implementation of `PBFT <http://pmg.csail.mit.edu/papers/osdi99.pdf>`__.
+from a team at IBM that is 
+`augmented to handle potentially non-deterministic chaincode <https://www.zurich.ibm.com/~cca/papers/sieve.pdf>`__
+It is possible to implement this docker-based behaviour as a ABCI app in Tendermint, 
+though extending Tendermint to handle non-determinism remains for future work.
+
+`Burrow <https://github.com/hyperledger/burrow>`__ is an implementation of the Ethereum Virtual Machine and Ethereum transaction mechanics,
+with additional features for a name-registry, permissions, and native contracts, and an alternative blockchain API.
+It uses Tendermint as its consensus engine, and provides a particular application state.
+
+ABCI Overview
+-------------
+
+The `Application BlockChain Interface (ABCI) <https://github.com/tendermint/abci>`__ allows for Byzantine Fault Tolerant replication of applications written in any programming language.
+
+Motivation
+~~~~~~~~~~
+
+Thus far, all blockchains "stacks" (such as `Bitcoin <https://github.com/bitcoin/bitcoin>`__) have had a monolithic design. That is, each blockchain stack is a single program that handles all the concerns of a decentralized ledger; this includes P2P connectivity, the "mempool" broadcasting of transactions, consensus on the most recent block, account balances, Turing-complete contracts, user-level permissions, etc.
+
+Using a monolithic architecture is typically bad practice in computer science.
+It makes it difficult to reuse components of the code, and attempts to do so result in complex maintanence procedures for forks of the codebase.
+This is especially true when the codebase is not modular in design and suffers from "spaghetti code".
+
+Another problem with monolithic design is that it limits you to the language of the blockchain stack (or vice versa).  In the case of Ethereum which supports a Turing-complete bytecode virtual-machine, it limits you to languages that compile down to that bytecode; today, those are Serpent and Solidity.
+
+In contrast, our approach is to decouple the consensus engine and P2P layers from the details of the application state of the particular blockchain application.
+We do this by abstracting away the details of the application to an interface, which is implemented as a socket protocol.
+
+Thus we have an interface, the Application BlockChain Interface (ABCI), and its primary implementation, the Tendermint Socket Protocol (TSP, or Teaspoon).
+
+Intro to ABCI
+~~~~~~~~~~~~~
+
+`Tendermint Core <https://github.com/tendermint/tendermint>`__ (the "consensus engine") communicates with the application via a socket protocol that 
+satisfies the `ABCI <https://github.com/tendermint/abci>`__.
+
+To draw an analogy, lets talk about a well-known cryptocurrency, Bitcoin. Bitcoin is a cryptocurrency blockchain where each node maintains a fully audited Unspent Transaction Output (UTXO) database. If one wanted to create a Bitcoin-like system on top of ABCI, Tendermint Core would be responsible for 
+
+- Sharing blocks and transactions between nodes
+- Establishing a canonical/immutable order of transactions (the blockchain)
+
+The application will be responsible for
+
+- Maintaining the UTXO database
+- Validating cryptographic signatures of transactions
+- Preventing transactions from spending non-existent transactions
+- Allowing clients to query the UTXO database.
+
+Tendermint is able to decompose the blockchain design by offering a very simple API (ie. the ABCI) between the application process and consensus process.
+
+The ABCI consists of 3 primary message types that get delivered from the core to the application. The application replies with corresponding response messages.
+
+The messages are specified here: `ABCI Message Types <https://github.com/tendermint/abci#message-types>`__.
+
+The `DeliverTx` message is the work horse of the application.  Each transaction in the blockchain is delivered with this message. The application needs to validate each transaction received with the `DeliverTx` message against the current state, application protocol, and the cryptographic credentials of the transaction. A validated transaction then needs to update the application state — by binding a value into a key values store, or by updating the UTXO database, for instance.
+
+The `CheckTx` message is similar to `DeliverTx`, but it's only for validating transactions.  Tendermint Core's mempool first checks the validity of a transaction with `CheckTx`, and only relays valid transactions to its peers.  For instance, an application may check an incrementing sequence number in the transaction and return an error upon `CheckTx` if the sequence number is old. Alternatively, they might use a capabilities based system that requires capabilities to be renewed with every transaction.
+
+The `Commit` message is used to compute a cryptographic commitment to the current application state, to be placed into the next block header. This has some handy properties. Inconsistencies in updating that state will now appear as blockchain forks which catches a whole class of programming errors. This also simplifies the development of secure lightweight clients, as Merkle-hash proofs can be verified by checking against the block hash, and that the block hash is signed by a quorum.
+
+There can be multiple ABCI socket connections to an application. Tendermint Core creates three ABCI connections to the application; one for the validation of transactions when broadcasting in the mempool, one for the consensus engine to run block proposals, and one more for querying the application state.
+
+It's probably evident that applications designers need to very carefully design their message handlers to create a blockchain that does anything useful but this architecture provides a place to start. The diagram below illustrates the flow of messages via ABCI.
+
+.. figure:: assets/abci.png
+
+A Note on Determinism
+~~~~~~~~~~~~~~~~~~~~~
+
+The logic for blockchain transaction processing must be deterministic. If the application logic weren't deterministic, consensus would not be reached among the Tendermint Core replica nodes.
+
+Solidity on Ethereum is a great language of choice for blockchain applications because, among other reasons, it is a completely deterministic programming language. However, it's also possible to create deterministic applications using existing popular languages like Java, C++, Python, or Go.  Game programmers and blockchain developers are already familiar with creating deterministic programs by avoiding sources of non-determinism such as:
+
+ * random number generators (without deterministic seeding)
+ * race conditions on threads (or avoiding threads altogether)
+ * the system clock
+ * uninitialized memory (in unsafe programming languages like C or C++)
+ * `floating point arithmetic <http://gafferongames.com/networking-for-game-programmers/floating-point-determinism/>`__.
+ * language features that are random (e.g. map iteration in Go)
+
+While programmers can avoid non-determinism by being careful, it is also possible to create a special linter or static analyzer for each language to check for determinism.  In the future we may work with partners to create such tools.
+
+Consensus Overview
+------------------
+
+Tendermint is an easy-to-understand, mostly asynchronous, BFT consensus protocol.
+The protocol follows a simple state machine that looks like this:
+
+.. figure:: assets/consensus_logic.png
+
+Participants in the protocol are called "validators";
+they take turns proposing blocks of transactions and voting on them.
+Blocks are committed in a chain, with one block at each "height".
+A block may fail to be committed, in which case the protocol moves to the next "round",
+and a new validator gets to propose a block for that height.
+Two stages of voting are required to successfully commit a block;
+we call them "pre-vote" and "pre-commit".
+A block is committed when more than 2/3 of validators pre-commit for the same block in the same round.
+
+There is a picture of a couple doing the polka because validators are doing something like a polka dance.
+When more than two-thirds of the validators pre-vote for the same block, we call that a "polka".
+Every pre-commit must be justified by a polka in the same round.
+
+Validators may fail to commit a block for a number of reasons; 
+the current proposer may be offline, or the network may be slow.
+Tendermint allows them to establish that a validator should be skipped.
+Validators wait a small amount of time to receive a complete proposal block from the proposer before voting to move to the next round.
+This reliance on a timeout is what makes Tendermint a weakly synchronous protocol, rather than an asynchronous one.
+However, the rest of the protocol is asynchronous, and validators only make progress after hearing from more than two-thirds of the validator set.
+A simplifying element of Tendermint is that it uses the same mechanism to commit a block as it does to skip to the next round.
+
+Assuming less than one-third of the validators are Byzantine, Tendermint guarantees that safety will never be violated - that is, validators will never commit conflicting blocks at the same height.
+To do this it introduces a few "locking" rules which modulate which paths can be followed in the flow diagram.
+Once a validator precommits a block, it is "locked" on that block. 
+Then, 
+
+1) it must prevote for the block it is locked on
+2) it can only unlock, and precommit for a new block, if there is a polka for that block in a later round
+
+Stake
+-----
+
+In many systems, not all validators will have the same "weight" in the consensus protocol. 
+Thus, we are not so much interested in one-third or two-thirds of the validators, but in those proportions of the total voting power, 
+which may not be uniformly distributed across individual validators.
+
+Since Tendermint can replicate arbitrary applications, it is possible to define a currency, and denominate the voting power in that currency.
+When voting power is denominated in a native currency, the system is often referred to as Proof-of-Stake.
+Validators can be forced, by logic in the application, 
+to "bond" their currency holdings in a security deposit that can be destroyed if they're found to misbehave in the consensus protocol.
+This adds an economic element to the security of the protocol, allowing one to quantify the cost of violating the assumption that less than one-third of voting power is Byzantine. 
+
+The `Cosmos Network <http://cosmos.network>`__ is designed to use this Proof-of-Stake mechanism across an array of cryptocurrencies implemented as ABCI applications.
+
+The following diagram is Tendermint in a (technical) nutshell. `See here for high resolution version <https://github.com/mobfoundry/hackatom/blob/master/tminfo.pdf>`__.
+
+.. figure:: assets/tm-transaction-flow.png
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -0,0 +1,4 @@
+sphinx
+sphinx-autobuild
+recommonmark
+sphinx_rtd_theme
--- a/docs/specification.rst
+++ b/docs/specification.rst
@@ -0,0 +1,20 @@
+#############
+Specification
+#############
+
+Here you'll find details of the Tendermint specification. See `the spec repo <https://github.com/tendermint/spec>`__ for upcoming material. Tendermint's types are produced by `godoc <https://godoc.org/github.com/tendermint/tendermint/types>`__.
+
+.. toctree::
+   :maxdepth: 2
+
+   specification/block-structure.rst
+   specification/byzantine-consensus-algorithm.rst
+   specification/configuration.rst
+   specification/fast-sync.rst
+   specification/genesis.rst
+   specification/light-client-protocol.rst
+   specification/merkle.rst
+   specification/rpc.rst
+   specification/secure-p2p.rst
+   specification/validators.rst
+   specification/wire-protocol.rst
--- a/docs/specification/block-structure.rst
+++ b/docs/specification/block-structure.rst
@@ -0,0 +1,220 @@
+Block Structure
+===============
+
+The tendermint consensus engine records all agreements by a
+supermajority of nodes into a blockchain, which is replicated among all
+nodes. This blockchain is accessible via various rpc endpoints, mainly
+``/block?height=`` to get the full block, as well as
+``/blockchain?minHeight=_&maxHeight=_`` to get a list of headers. But
+what exactly is stored in these blocks?
+
+Block
+~~~~~
+
+A
+`Block <https://godoc.org/github.com/tendermint/tendermint/types#Block>`__
+contains:
+
+-  a `Header <#header>`__ contains merkle hashes for various chain
+   states
+-  the
+   `Data <https://godoc.org/github.com/tendermint/tendermint/types#Data>`__
+   is all transactions which are to be processed
+-  the `LastCommit <#commit>`__ > 2/3 signatures for the last block
+
+The signatures returned along with block ``H`` are those validating
+block ``H-1``. This can be a little confusing, but we must also consider
+that the ``Header`` also contains the ``LastCommitHash``. It would be
+impossible for a Header to include the commits that sign it, as it would
+cause an infinite loop here. But when we get block ``H``, we find
+``Header.LastCommitHash``, which must match the hash of ``LastCommit``.
+
+Header
+~~~~~~
+
+The
+`Header <https://godoc.org/github.com/tendermint/tendermint/types#Header>`__
+contains lots of information (follow link for up-to-date info). Notably,
+it maintains the ``Height``, the ``LastBlockID`` (to make it a chain),
+and hashes of the data, the app state, and the validator set. This is
+important as the only item that is signed by the validators is the
+``Header``, and all other data must be validated against one of the
+merkle hashes in the ``Header``.
+
+The ``DataHash`` can provide a nice check on the
+`Data <https://godoc.org/github.com/tendermint/tendermint/types#Data>`__
+returned in this same block. If you are subscribed to new blocks, via
+tendermint RPC, in order to display or process the new transactions you
+should at least validate that the ``DataHash`` is valid. If it is
+important to verify autheniticity, you must wait for the ``LastCommit``
+from the next block to make sure the block header (including
+``DataHash``) was properly signed.
+
+The ``ValidatorHash`` contains a hash of the current
+`Validators <https://godoc.org/github.com/tendermint/tendermint/types#Validator>`__.
+Tracking all changes in the validator set is complex, but a client can
+quickly compare this hash with the `hash of the currently known
+validators <https://godoc.org/github.com/tendermint/tendermint/types#ValidatorSet.Hash>`__
+to see if there have been changes.
+
+The ``AppHash`` serves as the basis for validating any merkle proofs
+that come from the `ABCI
+application <https://github.com/tendermint/abci>`__. It represents the
+state of the actual application, rather that the state of the blockchain
+itself. This means it's necessary in order to perform any business
+logic, such as verifying and account balance.
+
+**Note** After the transactions are committed to a block, they still
+need to be processed in a separate step, which happens between the
+blocks. If you find a given transaction in the block at height ``H``,
+the effects of running that transaction will be first visible in the
+``AppHash`` from the block header at height ``H+1``.
+
+Like the ``LastCommit`` issue, this is a requirement of the immutability
+of the block chain, as the application only applies transactions *after*
+they are commited to the chain.
+
+Commit
+~~~~~~
+
+The
+`Commit <https://godoc.org/github.com/tendermint/tendermint/types#Commit>`__
+contains a set of
+`Votes <https://godoc.org/github.com/tendermint/tendermint/types#Vote>`__
+that were made by the validator set to reach consensus on this block.
+This is the key to the security in any PoS system, and actually no data
+that cannot be traced back to a block header with a valid set of Votes
+can be trusted. Thus, getting the Commit data and verifying the votes is
+extremely important.
+
+As mentioned above, in order to find the ``precommit votes`` for block
+header ``H``, we need to query block ``H+1``. Then we need to check the
+votes, make sure they really are for that block, and properly formatted.
+Much of this code is implemented in Go in the
+`light-client <https://github.com/tendermint/light-client>`__ package.
+If you look at the code, you will notice that we need to provide the
+``chainID`` of the blockchain in order to properly calculate the votes.
+This is to protect anyone from swapping votes between chains to fake (or
+frame) a validator. Also note that this ``chainID`` is in the
+``genesis.json`` from *Tendermint*, not the ``genesis.json`` from the
+basecoin app (`that is a different
+chainID... <https://github.com/tendermint/basecoin/issues/32>`__).
+
+Once we have those votes, and we calculated the proper `sign
+bytes <https://godoc.org/github.com/tendermint/tendermint/types#Vote.WriteSignBytes>`__
+using the chainID and a `nice helper
+function <https://godoc.org/github.com/tendermint/tendermint/types#SignBytes>`__,
+we can verify them. The light client is responsible for maintaining a
+set of validators that we trust. Each vote only stores the validators
+``Address``, as well as the ``Signature``. Assuming we have a local copy
+of the trusted validator set, we can look up the ``Public Key`` of the
+validator given its ``Address``, then verify that the ``Signature``
+matches the ``SignBytes`` and ``Public Key``. Then we sum up the total
+voting power of all validators, whose votes fulfilled all these
+stringent requirements. If the total number of voting power for a single
+block is greater than 2/3 of all voting power, then we can finally trust
+the block header, the AppHash, and the proof we got from the ABCI
+application.
+
+Vote Sign Bytes
+^^^^^^^^^^^^^^^
+
+The ``sign-bytes`` of a vote is produced by taking a
+`stable-json <https://github.com/substack/json-stable-stringify>`__-like
+deterministic JSON `wire <./wire-protocol.html>`__ encoding of
+the vote (excluding the ``Signature`` field), and wrapping it with
+``{"chain_id":"my_chain","vote":...}``.
+
+For example, a precommit vote might have the following ``sign-bytes``:
+
+.. code:: json
+
+    {"chain_id":"my_chain","vote":{"block_hash":"611801F57B4CE378DF1A3FFF1216656E89209A99","block_parts_header":{"hash":"B46697379DBE0774CC2C3B656083F07CA7E0F9CE","total":123},"height":1234,"round":1,"type":2}}
+
+Block Hash
+~~~~~~~~~~
+
+The `block
+hash <https://godoc.org/github.com/tendermint/tendermint/types#Block.Hash>`__
+is the `Simple Tree hash <Merkle-Trees#simple-tree-with-dictionaries>`__
+of the fields of the block ``Header`` encoded as a list of
+``KVPair``\ s.
+
+Transaction
+~~~~~~~~~~~
+
+A transaction is any sequence of bytes. It is up to your
+`ABCI <https://github.com/tendermint/abci>`__ application to accept or
+reject transactions.
+
+BlockID
+~~~~~~~
+
+Many of these data structures refer to the
+`BlockID <https://godoc.org/github.com/tendermint/tendermint/types#BlockID>`__,
+which is the ``BlockHash`` (hash of the block header, also referred to
+by the next block) along with the ``PartSetHeader``. The
+``PartSetHeader`` is explained below and is used internally to
+orchestrate the p2p propogation. For clients, it is basically opaque
+bytes, but they must match for all votes.
+
+PartSetHeader
+~~~~~~~~~~~~~
+
+The
+`PartSetHeader <https://godoc.org/github.com/tendermint/tendermint/types#PartSetHeader>`__
+contains the total number of pieces in a
+`PartSet <https://godoc.org/github.com/tendermint/tendermint/types#PartSet>`__,
+and the Merkle root hash of those pieces.
+
+PartSet
+~~~~~~~
+
+PartSet is used to split a byteslice of data into parts (pieces) for
+transmission. By splitting data into smaller parts and computing a
+Merkle root hash on the list, you can verify that a part is legitimately
+part of the complete data, and the part can be forwarded to other peers
+before all the parts are known. In short, it's a fast way to securely
+propagate a large chunk of data (like a block) over a gossip network.
+
+PartSet was inspired by the LibSwift project.
+
+Usage:
+
+.. code:: go
+
+    data := RandBytes(2 << 20) // Something large
+
+    partSet := NewPartSetFromData(data)
+    partSet.Total()     // Total number of 4KB parts
+    partSet.Count()     // Equal to the Total, since we already have all the parts
+    partSet.Hash()      // The Merkle root hash
+    partSet.BitArray()  // A BitArray of partSet.Total() 1's
+
+    header := partSet.Header() // Send this to the peer
+    header.Total        // Total number of parts
+    header.Hash         // The merkle root hash
+
+    // Now we'll reconstruct the data from the parts
+    partSet2 := NewPartSetFromHeader(header)
+    partSet2.Total()    // Same total as partSet.Total()
+    partSet2.Count()    // Zero, since this PartSet doesn't have any parts yet.
+    partSet2.Hash()     // Same hash as in partSet.Hash()
+    partSet2.BitArray() // A BitArray of partSet.Total() 0's
+
+    // In a gossip network the parts would arrive in arbitrary order, perhaps
+    // in response to explicit requests for parts, or optimistically in response
+    // to the receiving peer's partSet.BitArray().
+    for !partSet2.IsComplete() {
+        part := receivePartFromGossipNetwork()
+        added, err := partSet2.AddPart(part)
+        if err != nil {
+        // A wrong part,
+            // the merkle trail does not hash to partSet2.Hash()
+        } else if !added {
+            // A duplicate part already received
+        }
+    }
+
+    data2, _ := ioutil.ReadAll(partSet2.GetReader())
+    bytes.Equal(data, data2) // true
--- a/docs/specification/byzantine-consensus-algorithm.rst
+++ b/docs/specification/byzantine-consensus-algorithm.rst
@@ -0,0 +1,349 @@
+Byzantine Consensus Algorithm
+=============================
+
+Terms
+-----
+
+-  The network is composed of optionally connected *nodes*. Nodes
+   directly connected to a particular node are called *peers*.
+-  The consensus process in deciding the next block (at some *height*
+   ``H``) is composed of one or many *rounds*.
+-  ``NewHeight``, ``Propose``, ``Prevote``, ``Precommit``, and
+   ``Commit`` represent state machine states of a round. (aka
+   ``RoundStep`` or just "step").
+-  A node is said to be *at* a given height, round, and step, or at
+   ``(H,R,S)``, or at ``(H,R)`` in short to omit the step.
+-  To *prevote* or *precommit* something means to broadcast a `prevote
+   vote <https://godoc.org/github.com/tendermint/tendermint/types#Vote>`__
+   or `first precommit
+   vote <https://godoc.org/github.com/tendermint/tendermint/types#FirstPrecommit>`__
+   for something.
+-  A vote *at* ``(H,R)`` is a vote signed with the bytes for ``H`` and
+   ``R`` included in its
+   `sign-bytes <block-structure.html#vote-sign-bytes>`__.
+-  *+2/3* is short for "more than 2/3"
+-  *1/3+* is short for "1/3 or more"
+-  A set of +2/3 of prevotes for a particular block or ``<nil>`` at
+   ``(H,R)`` is called a *proof-of-lock-change* or *PoLC* for short.
+
+State Machine Overview
+----------------------
+
+At each height of the blockchain a round-based protocol is run to
+determine the next block. Each round is composed of three *steps*
+(``Propose``, ``Prevote``, and ``Precommit``), along with two special
+steps ``Commit`` and ``NewHeight``.
+
+In the optimal scenario, the order of steps is:
+
+::
+
+    NewHeight -> (Propose -> Prevote -> Precommit)+ -> Commit -> NewHeight ->...
+
+The sequence ``(Propose -> Prevote -> Precommit)`` is called a *round*.
+There may be more than one round required to commit a block at a given
+height. Examples for why more rounds may be required include:
+
+-  The designated proposer was not online.
+-  The block proposed by the designated proposer was not valid.
+-  The block proposed by the designated proposer did not propagate in
+   time.
+-  The block proposed was valid, but +2/3 of prevotes for the proposed
+   block were not received in time for enough validator nodes by the
+   time they reached the ``Precommit`` step. Even though +2/3 of
+   prevotes are necessary to progress to the next step, at least one
+   validator may have voted ``<nil>`` or maliciously voted for something
+   else.
+-  The block proposed was valid, and +2/3 of prevotes were received for
+   enough nodes, but +2/3 of precommits for the proposed block were not
+   received for enough validator nodes.
+
+Some of these problems are resolved by moving onto the next round &
+proposer. Others are resolved by increasing certain round timeout
+parameters over each successive round.
+
+State Machine Diagram
+---------------------
+
+::
+
+                                +-------------------------------------+
+                                v                                     |(Wait til `CommmitTime+timeoutCommit`)
+                          +-----------+                         +-----+-----+
+             +----------> |  Propose  +--------------+          | NewHeight |
+             |            +-----------+              |          +-----------+
+             |                                       |                ^
+             |(Else, after timeoutPrecommit)         v                |
+       +-----+-----+                           +-----------+          |
+       | Precommit |  <------------------------+  Prevote  |          |
+       +-----+-----+                           +-----------+          |
+             |(When +2/3 Precommits for block found)                  |
+             v                                                        |
+       +--------------------------------------------------------------------+
+       |  Commit                                                            |
+       |                                                                    |
+       |  * Set CommitTime = now;                                           |
+       |  * Wait for block, then stage/save/commit block;                   |
+       +--------------------------------------------------------------------+
+
+Background Gossip
+-----------------
+
+A node may not have a corresponding validator private key, but it
+nevertheless plays an active role in the consensus process by relaying
+relevant meta-data, proposals, blocks, and votes to its peers. A node
+that has the private keys of an active validator and is engaged in
+signing votes is called a *validator-node*. All nodes (not just
+validator-nodes) have an associated state (the current height, round,
+and step) and work to make progress.
+
+Between two nodes there exists a ``Connection``, and multiplexed on top
+of this connection are fairly throttled ``Channel``\ s of information.
+An epidemic gossip protocol is implemented among some of these channels
+to bring peers up to speed on the most recent state of consensus. For
+example,
+
+-  Nodes gossip ``PartSet`` parts of the current round's proposer's
+   proposed block. A LibSwift inspired algorithm is used to quickly
+   broadcast blocks across the gossip network.
+-  Nodes gossip prevote/precommit votes. A node NODE\_A that is ahead of
+   NODE\_B can send NODE\_B prevotes or precommits for NODE\_B's current
+   (or future) round to enable it to progress forward.
+-  Nodes gossip prevotes for the proposed PoLC (proof-of-lock-change)
+   round if one is proposed.
+-  Nodes gossip to nodes lagging in blockchain height with block
+   `commits <https://godoc.org/github.com/tendermint/tendermint/types#Commit>`__
+   for older blocks.
+-  Nodes opportunistically gossip ``HasVote`` messages to hint peers
+   what votes it already has.
+-  Nodes broadcast their current state to all neighboring peers. (but is
+   not gossiped further)
+
+There's more, but let's not get ahead of ourselves here.
+
+Proposals
+---------
+
+A proposal is signed and published by the designated proposer at each
+round. The proposer is chosen by a deterministic and non-choking round
+robin selection algorithm that selects proposers in proportion to their
+voting power. (see
+`implementation <https://github.com/tendermint/tendermint/blob/develop/types/validator_set.go>`__)
+
+A proposal at ``(H,R)`` is composed of a block and an optional latest
+``PoLC-Round < R`` which is included iff the proposer knows of one. This
+hints the network to allow nodes to unlock (when safe) to ensure the
+liveness property.
+
+State Machine Spec
+------------------
+
+Propose Step (height:H,round:R)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Upon entering ``Propose``: - The designated proposer proposes a block at
+``(H,R)``.
+
+The ``Propose`` step ends: - After ``timeoutProposeR`` after entering
+``Propose``. --> goto ``Prevote(H,R)`` - After receiving proposal block
+and all prevotes at ``PoLC-Round``. --> goto ``Prevote(H,R)`` - After
+`common exit conditions <#common-exit-conditions>`__
+
+Prevote Step (height:H,round:R)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Upon entering ``Prevote``, each validator broadcasts its prevote vote.
+
+-  First, if the validator is locked on a block since ``LastLockRound``
+   but now has a PoLC for something else at round ``PoLC-Round`` where
+   ``LastLockRound < PoLC-Round < R``, then it unlocks.
+-  If the validator is still locked on a block, it prevotes that.
+-  Else, if the proposed block from ``Propose(H,R)`` is good, it
+   prevotes that.
+-  Else, if the proposal is invalid or wasn't received on time, it
+   prevotes ``<nil>``.
+
+The ``Prevote`` step ends: - After +2/3 prevotes for a particular block
+or ``<nil>``. --> goto ``Precommit(H,R)`` - After ``timeoutPrevote``
+after receiving any +2/3 prevotes. --> goto ``Precommit(H,R)`` - After
+`common exit conditions <#common-exit-conditions>`__
+
+Precommit Step (height:H,round:R)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Upon entering ``Precommit``, each validator broadcasts its precommit
+vote. - If the validator has a PoLC at ``(H,R)`` for a particular block
+``B``, it (re)locks (or changes lock to) and precommits ``B`` and sets
+``LastLockRound = R``. - Else, if the validator has a PoLC at ``(H,R)``
+for ``<nil>``, it unlocks and precommits ``<nil>``. - Else, it keeps the
+lock unchanged and precommits ``<nil>``.
+
+A precommit for ``<nil>`` means "I didn’t see a PoLC for this round, but
+I did get +2/3 prevotes and waited a bit".
+
+The Precommit step ends: - After +2/3 precommits for ``<nil>``. --> goto
+``Propose(H,R+1)`` - After ``timeoutPrecommit`` after receiving any +2/3
+precommits. --> goto ``Propose(H,R+1)`` - After `common exit
+conditions <#common-exit-conditions>`__
+
+common exit conditions
+^^^^^^^^^^^^^^^^^^^^^^
+
+-  After +2/3 precommits for a particular block. --> goto ``Commit(H)``
+-  After any +2/3 prevotes received at ``(H,R+x)``. --> goto
+   ``Prevote(H,R+x)``
+-  After any +2/3 precommits received at ``(H,R+x)``. --> goto
+   ``Precommit(H,R+x)``
+
+Commit Step (height:H)
+~~~~~~~~~~~~~~~~~~~~~~
+
+-  Set ``CommitTime = now()``
+-  Wait until block is received. --> goto ``NewHeight(H+1)``
+
+NewHeight Step (height:H)
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  Move ``Precommits`` to ``LastCommit`` and increment height.
+-  Set ``StartTime = CommitTime+timeoutCommit``
+-  Wait until ``StartTime`` to receive straggler commits. --> goto
+   ``Propose(H,0)``
+
+Proofs
+------
+
+Proof of Safety
+~~~~~~~~~~~~~~~
+
+Assume that at most -1/3 of the voting power of validators is byzantine.
+If a validator commits block ``B`` at round ``R``, it's because it saw
+2/3 of precommits at round ``R``. This implies that 1/3+ of honest
+nodes are still locked at round ``R' > R``. These locked validators will
+remain locked until they see a PoLC at ``R' > R``, but this won't happen
+because 1/3+ are locked and honest, so at most -2/3 are available to
+vote for anything other than ``B``.
+
+Proof of Liveness
+~~~~~~~~~~~~~~~~~
+
+If 1/3+ honest validators are locked on two different blocks from
+different rounds, a proposers' ``PoLC-Round`` will eventually cause
+nodes locked from the earlier round to unlock. Eventually, the
+designated proposer will be one that is aware of a PoLC at the later
+round. Also, ``timeoutProposalR`` increments with round ``R``, while the
+size of a proposal are capped, so eventually the network is able to
+"fully gossip" the whole proposal (e.g. the block & PoLC).
+
+Proof of Fork Accountability
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Define the JSet (justification-vote-set) at height ``H`` of a validator
+``V1`` to be all the votes signed by the validator at ``H`` along with
+justification PoLC prevotes for each lock change. For example, if ``V1``
+signed the following precommits: ``Precommit(B1 @ round 0)``,
+``Precommit(<nil> @ round 1)``, ``Precommit(B2 @ round 4)`` (note that
+no precommits were signed for rounds 2 and 3, and that's ok),
+``Precommit(B1 @ round 0)`` must be justified by a PoLC at round 0, and
+``Precommit(B2 @ round 4)`` must be justified by a PoLC at round 4; but
+the precommit for ``<nil>`` at round 1 is not a lock-change by
+definition so the JSet for ``V1`` need not include any prevotes at round
+1, 2, or 3 (unless ``V1`` happened to have prevoted for those rounds).
+
+Further, define the JSet at height ``H`` of a set of validators ``VSet``
+to be the union of the JSets for each validator in ``VSet``. For a given
+commit by honest validators at round ``R`` for block ``B`` we can
+construct a JSet to justify the commit for ``B`` at ``R``. We say that a
+JSet *justifies* a commit at ``(H,R)`` if all the committers (validators
+in the commit-set) are each justified in the JSet with no duplicitous
+vote signatures (by the committers).
+
+-  **Lemma**: When a fork is detected by the existence of two
+   conflicting `commits <./validators.html#commiting-a-block>`__,
+   the union of the JSets for both commits (if they can be compiled)
+   must include double-signing by at least 1/3+ of the validator set.
+   **Proof**: The commit cannot be at the same round, because that would
+   immediately imply double-signing by 1/3+. Take the union of the JSets
+   of both commits. If there is no double-signing by at least 1/3+ of
+   the validator set in the union, then no honest validator could have
+   precommitted any different block after the first commit. Yet, +2/3
+   did. Reductio ad absurdum.
+
+As a corollary, when there is a fork, an external process can determine
+the blame by requiring each validator to justify all of its round votes.
+Either we will find 1/3+ who cannot justify at least one of their votes,
+and/or, we will find 1/3+ who had double-signed.
+
+Alternative algorithm
+~~~~~~~~~~~~~~~~~~~~~
+
+Alternatively, we can take the JSet of a commit to be the "full commit".
+That is, if light clients and validators do not consider a block to be
+committed unless the JSet of the commit is also known, then we get the
+desirable property that if there ever is a fork (e.g. there are two
+conflicting "full commits"), then 1/3+ of the validators are immediately
+punishable for double-signing.
+
+There are many ways to ensure that the gossip network efficiently share
+the JSet of a commit. One solution is to add a new message type that
+tells peers that this node has (or does not have) a +2/3 majority for B
+(or ) at (H,R), and a bitarray of which votes contributed towards that
+majority. Peers can react by responding with appropriate votes.
+
+We will implement such an algorithm for the next iteration of the
+Tendermint consensus protocol.
+
+Other potential improvements include adding more data in votes such as
+the last known PoLC round that caused a lock change, and the last voted
+round/step (or, we may require that validators not skip any votes). This
+may make JSet verification/gossip logic easier to implement.
+
+Censorship Attacks
+~~~~~~~~~~~~~~~~~~
+
+Due to the definition of a block
+`commit <validators.html#commiting-a-block>`__, any 1/3+
+coalition of validators can halt the blockchain by not broadcasting
+their votes. Such a coalition can also censor particular transactions by
+rejecting blocks that include these transactions, though this would
+result in a significant proportion of block proposals to be rejected,
+which would slow down the rate of block commits of the blockchain,
+reducing its utility and value. The malicious coalition might also
+broadcast votes in a trickle so as to grind blockchain block commits to
+a near halt, or engage in any combination of these attacks.
+
+If a global active adversary were also involved, it can partition the
+network in such a way that it may appear that the wrong subset of
+validators were responsible for the slowdown. This is not just a
+limitation of Tendermint, but rather a limitation of all consensus
+protocols whose network is potentially controlled by an active
+adversary.
+
+Overcoming Forks and Censorship Attacks
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+For these types of attacks, a subset of the validators through external
+means should coordinate to sign a reorg-proposal that chooses a fork
+(and any evidence thereof) and the initial subset of validators with
+their signatures. Validators who sign such a reorg-proposal forego its
+collateral on all other forks. Clients should verify the signatures on
+the reorg-proposal, verify any evidence, and make a judgement or prompt
+the end-user for a decision. For example, a phone wallet app may prompt
+the user with a security warning, while a refrigerator may accept any
+reorg-proposal signed by +½ of the original validators.
+
+No non-synchronous Byzantine fault-tolerant algorithm can come to
+consensus when ⅓+ of validators are dishonest, yet a fork assumes that
+⅓+ of validators have already been dishonest by double-signing or
+lock-changing without justification. So, signing the reorg-proposal is a
+coordination problem that cannot be solved by any non-synchronous
+protocol (i.e. automatically, and without making assumptions about the
+reliability of the underlying network). It must be provided by means
+external to the weakly-synchronous Tendermint consensus algorithm. For
+now, we leave the problem of reorg-proposal coordination to human
+coordination via internet media. Validators must take care to ensure
+that there are no significant network partitions, to avoid situations
+where two conflicting reorg-proposals are signed.
+
+Assuming that the external coordination medium and protocol is robust,
+it follows that forks are less of a concern than `censorship
+attacks <#censorship-attacks>`__.
--- a/docs/specification/configuration.rst
+++ b/docs/specification/configuration.rst
@@ -0,0 +1,57 @@
+Configuration
+=============
+
+TendermintCore can be configured via a TOML file in
+``$TMHOME/config.toml``. Some of these parameters can be overridden by
+command-line flags.
+
+Config parameters
+~~~~~~~~~~~~~~~~~
+
+The main config parameters are defined
+`here <https://github.com/tendermint/tendermint/blob/master/config/config.go>`__.
+
+-  ``abci``: ABCI transport (socket \| grpc). *Default*: ``socket``
+-  ``db_backend``: Database backend for the blockchain and
+   TendermintCore state. ``leveldb`` or ``memdb``. *Default*:
+   ``"leveldb"``
+-  ``db_dir``: Database dir. *Default*: ``"$TMHOME/data"``
+-  ``fast_sync``: Whether to sync faster from the block pool. *Default*:
+   ``true``
+-  ``genesis_file``: The location of the genesis file. *Default*:
+   ``"$TMHOME/genesis.json"``
+-  ``log_level``: *Default*: ``"state:info,*:error"``
+-  ``moniker``: Name of this node. *Default*: ``"anonymous"``
+-  ``priv_validator_file``: Validator private key file. *Default*:
+   ``"$TMHOME/priv_validator.json"``
+-  ``prof_laddr``: Profile listen address. *Default*: ``""``
+-  ``proxy_app``: The ABCI app endpoint. *Default*:
+   ``"tcp://127.0.0.1:46658"``
+
+-  ``consensus.max_block_size_txs``: Maximum number of block txs.
+   *Default*: ``10000``
+-  ``consensus.create_empty_blocks``: Create empty blocks w/o txs.
+   *Default*: ``true``
+-  ``consensus.create_empty_blocks_interval``: Block creation interval, even if empty.
+-  ``consensus.timeout_*``: Various consensus timeout parameters
+-  ``consensus.wal_file``: Consensus state WAL. *Default*:
+   ``"$TMHOME/data/cs.wal/wal"``
+-  ``consensus.wal_light``: Whether to use light-mode for Consensus
+   state WAL. *Default*: ``false``
+
+-  ``mempool.*``: Various mempool parameters
+
+-  ``p2p.addr_book_file``: Peer address book. *Default*:
+   ``"$TMHOME/addrbook.json"``. **NOT USED**
+-  ``p2p.laddr``: Node listen address. (0.0.0.0:0 means any interface,
+   any port). *Default*: ``"0.0.0.0:46656"``
+-  ``p2p.pex``: Enable Peer-Exchange (dev feature). *Default*: ``false``
+-  ``p2p.seeds``: Comma delimited host:port seed nodes. *Default*:
+   ``""``
+-  ``p2p.skip_upnp``: Skip UPNP detection. *Default*: ``false``
+
+-  ``rpc.grpc_laddr``: GRPC listen address (BroadcastTx only). Port
+   required. *Default*: ``""``
+-  ``rpc.laddr``: RPC listen address. Port required. *Default*:
+   ``"0.0.0.0:46657"``
+-  ``rpc.unsafe``: Enabled unsafe rpc methods. *Default*: ``true``
--- a/docs/specification/fast-sync.rst
+++ b/docs/specification/fast-sync.rst
@@ -0,0 +1,34 @@
+Fast Sync
+=========
+
+Background
+----------
+
+In a proof of work blockchain, syncing with the chain is the same
+process as staying up-to-date with the consensus: download blocks, and
+look for the one with the most total work. In proof-of-stake, the
+consensus process is more complex, as it involves rounds of
+communication between the nodes to determine what block should be
+committed next. Using this process to sync up with the blockchain from
+scratch can take a very long time. It's much faster to just download
+blocks and check the merkle tree of validators than to run the real-time
+consensus gossip protocol.
+
+Fast Sync
+---------
+
+To support faster syncing, tendermint offers a ``fast-sync`` mode, which
+is enabled by default, and can be toggled in the ``config.toml`` or via
+``--fast_sync=false``.
+
+In this mode, the tendermint daemon will sync hundreds of times faster
+than if it used the real-time consensus process. Once caught up, the
+daemon will switch out of fast sync and into the normal consensus mode.
+After running for some time, the node is considered ``caught up`` if it
+has at least one peer and it's height is at least as high as the max
+reported peer height. See `the IsCaughtUp
+method <https://github.com/tendermint/tendermint/blob/b467515719e686e4678e6da4e102f32a491b85a0/blockchain/pool.go#L128>`__.
+
+If we're lagging sufficiently, we should go back to fast syncing, but
+this is an open issue:
+https://github.com/tendermint/tendermint/issues/129
--- a/docs/specification/genesis.rst
+++ b/docs/specification/genesis.rst
@@ -0,0 +1,73 @@
+Genesis
+=======
+
+The genesis.json file in ``$TMROOT`` defines the initial TendermintCore
+state upon genesis of the blockchain (`see
+definition <https://github.com/tendermint/tendermint/blob/master/types/genesis.go>`__).
+
+NOTE: This does not (yet) specify the application state (e.g. initial
+distribution of tokens). Currently we leave it up to the application to
+load the initial application genesis state. In the future, we may
+include genesis SetOption messages that get passed from TendermintCore
+to the app upon genesis.
+
+Fields
+~~~~~~
+
+-  ``genesis_time``: Official time of blockchain start.
+-  ``chain_id``: ID of the blockchain. This must be unique for every
+   blockchain. If your testnet blockchains do not have unique chain IDs,
+   you will have a bad time.
+-  ``validators``:
+-  ``pub_key``: The first element specifies the pub\_key type. 1 ==
+   Ed25519. The second element are the pubkey bytes.
+-  ``power``: The validator's voting power.
+-  ``name``: Name of the validator (optional).
+-  ``app_hash``: The expected application hash (as returned by the
+   ``Commit`` ABCI message) upon genesis. If the app's hash does not
+   match, a warning message is printed.
+
+Sample genesis.json
+~~~~~~~~~~~~~~~~~~~
+
+.. code:: json
+
+    {
+      "genesis_time": "2016-02-05T06:02:31.526Z",
+      "chain_id": "chain-tTH4mi",
+      "validators": [
+        {
+          "pub_key": [
+            1,
+            "9BC5112CB9614D91CE423FA8744885126CD9D08D9FC9D1F42E552D662BAA411E"
+          ],
+          "power": 1,
+          "name": "mach1"
+        },
+        {
+          "pub_key": [
+            1,
+            "F46A5543D51F31660D9F59653B4F96061A740FF7433E0DC1ECBC30BE8494DE06"
+          ],
+          "power": 1,
+          "name": "mach2"
+        },
+        {
+          "pub_key": [
+            1,
+            "0E7B423C1635FD07C0FC3603B736D5D27953C1C6CA865BB9392CD79DE1A682BB"
+          ],
+          "power": 1,
+          "name": "mach3"
+        },
+        {
+          "pub_key": [
+            1,
+            "4F49237B9A32EB50682EDD83C48CE9CDB1D02A7CFDADCFF6EC8C1FAADB358879"
+          ],
+          "power": 1,
+          "name": "mach4"
+        }
+      ],
+      "app_hash": "15005165891224E721CB664D15CB972240F5703F"
+    }
--- a/docs/specification/light-client-protocol.rst
+++ b/docs/specification/light-client-protocol.rst
@@ -0,0 +1,33 @@
+Light Client Protocol
+=====================
+
+Light clients are an important part of the complete blockchain system
+for most applications. Tendermint provides unique speed and security
+properties for light client applications.
+
+See our developing `light-client
+repository <https://github.com/tendermint/light-client>`__.
+
+Overview
+--------
+
+The objective of the light client protocol is to get a
+`commit <./validators.html#committing-a-block>`__ for a recent
+`block hash <./block-structure.html#block-hash>`__ where the commit
+includes a majority of signatures from the last known validator set.
+From there, all the application state is verifiable with `merkle
+proofs <./merkle.html#iavl-tree>`__.
+
+Properties
+----------
+
+-  You get the full collateralized security benefits of Tendermint; No
+   need to wait for confirmations.
+-  You get the full speed benefits of Tendermint; transactions commit
+   instantly.
+-  You can get the most recent version of the application state
+   non-interactively (without committing anything to the blockchain).
+   For example, this means that you can get the most recent value of a
+   name from the name-registry without worrying about fork censorship
+   attacks, without posting a commit and waiting for confirmations. It's
+   fast, secure, and free!
--- a/docs/specification/merkle.rst
+++ b/docs/specification/merkle.rst
@@ -0,0 +1,88 @@
+Merkle
+======
+
+For an overview of Merkle trees, see
+`wikipedia <https://en.wikipedia.org/wiki/Merkle_tree>`__.
+
+There are two types of Merkle trees used in Tendermint.
+
+-  ```IAVL+ Tree`` <#iavl-tree>`__: An immutable self-balancing binary
+   tree for persistent application state
+-  ```Simple Tree`` <#simple-tree>`__: A simple compact binary tree for
+   a static list of items
+
+IAVL+ Tree
+----------
+
+The purpose of this data structure is to provide persistent storage for
+key-value pairs (e.g. account state, name-registrar data, and
+per-contract data) such that a deterministic merkle root hash can be
+computed. The tree is balanced using a variant of the `AVL
+algorithm <http://en.wikipedia.org/wiki/AVL_tree>`__ so all operations
+are O(log(n)).
+
+Nodes of this tree are immutable and indexed by its hash. Thus any node
+serves as an immutable snapshot which lets us stage uncommitted
+transactions from the mempool cheaply, and we can instantly roll back to
+the last committed state to process transactions of a newly committed
+block (which may not be the same set of transactions as those from the
+mempool).
+
+In an AVL tree, the heights of the two child subtrees of any node differ
+by at most one. Whenever this condition is violated upon an update, the
+tree is rebalanced by creating O(log(n)) new nodes that point to
+unmodified nodes of the old tree. In the original AVL algorithm, inner
+nodes can also hold key-value pairs. The AVL+ algorithm (note the plus)
+modifies the AVL algorithm to keep all values on leaf nodes, while only
+using branch-nodes to store keys. This simplifies the algorithm while
+minimizing the size of merkle proofs
+
+In Ethereum, the analog is the `Patricia
+trie <http://en.wikipedia.org/wiki/Radix_tree>`__. There are tradeoffs.
+Keys do not need to be hashed prior to insertion in IAVL+ trees, so this
+provides faster iteration in the key space which may benefit some
+applications. The logic is simpler to implement, requiring only two
+types of nodes -- inner nodes and leaf nodes. The IAVL+ tree is a binary
+tree, so merkle proofs are much shorter than the base 16 Patricia trie.
+On the other hand, while IAVL+ trees provide a deterministic merkle root
+hash, it depends on the order of updates. In practice this shouldn't be
+a problem, since you can efficiently encode the tree structure when
+serializing the tree contents.
+
+Simple Tree
+-----------
+
+For merkelizing smaller static lists, use the Simple Tree. The
+transactions and validation signatures of a block are hashed using this
+simple merkle tree logic.
+
+If the number of items is not a power of two, the tree will not be full
+and some leaf nodes will be at different levels. Simple Tree tries to
+keep both sides of the tree the same size, but the left side may be one
+greater.
+
+::
+
+        Simple Tree with 6 items           Simple Tree with 7 items 
+                                                             
+                   *                                  *             
+                  / \                                / \            
+                /     \                            /     \          
+              /         \                        /         \        
+            /             \                    /             \      
+           *               *                  *               *     
+          / \             / \                / \             / \    
+         /   \           /   \              /   \           /   \   
+        /     \         /     \            /     \         /     \  
+       *       h2      *       h5         *       *       *       h6
+      / \             / \                / \     / \     / \        
+     h0  h1          h3  h4             h0  h1  h2  h3  h4  h5      
+
+Simple Tree with Dictionaries
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The Simple Tree is used to merkelize a list of items, so to merkelize a
+(short) dictionary of key-value pairs, encode the dictionary as an
+ordered list of ``KVPair`` structs. The block hash is such a hash
+derived from all the fields of the block ``Header``. The state hash is
+similarly derived.
--- a/docs/specification/rpc.rst
+++ b/docs/specification/rpc.rst
@@ -0,0 +1,188 @@
+RPC
+===
+
+Coming soon: RPC docs powered by `slate <https://github.com/lord/slate>`__. Until then, read on.
+
+Tendermint supports the following RPC protocols:
+
+-  URI over HTTP
+-  JSONRPC over HTTP
+-  JSONRPC over websockets
+
+Tendermint RPC is build using `our own RPC
+library <https://github.com/tendermint/tendermint/tree/master/rpc/lib>`__.
+Documentation and tests for that library could be found at
+``tendermint/rpc/lib`` directory.
+
+Configuration
+~~~~~~~~~~~~~
+
+Set the ``laddr`` config parameter under ``[rpc]`` table in the
+$TMHOME/config.toml file or the ``--rpc.laddr`` command-line flag to the
+desired protocol://host:port setting. Default: ``tcp://0.0.0.0:46657``.
+
+Arguments
+~~~~~~~~~
+
+Arguments which expect strings or byte arrays may be passed as quoted
+strings, like ``"abc"`` or as ``0x``-prefixed strings, like
+``0x616263``.
+
+URI/HTTP
+~~~~~~~~
+
+Example request:
+
+.. code:: bash
+
+    curl -s 'http://localhost:46657/broadcast_tx_sync?tx="abc"' | jq .
+
+Response:
+
+.. code:: json
+
+    {
+      "error": "",
+      "result": {
+        "hash": "2B8EC32BA2579B3B8606E42C06DE2F7AFA2556EF",
+        "log": "",
+        "data": "",
+        "code": 0
+      },
+      "id": "",
+      "jsonrpc": "2.0"
+    }
+
+The first entry in the result-array (``96``) is the method this response
+correlates with. ``96`` refers to "ResultTypeBroadcastTx", see
+`responses.go <https://github.com/tendermint/tendermint/blob/master/rpc/core/types/responses.go>`__
+for a complete overview.
+
+JSONRPC/HTTP
+~~~~~~~~~~~~
+
+JSONRPC requests can be POST'd to the root RPC endpoint via HTTP (e.g.
+``http://localhost:46657/``).
+
+Example request:
+
+.. code:: json
+
+    {
+      "method": "broadcast_tx_sync",
+      "jsonrpc": "2.0",
+      "params": [ "abc" ],
+      "id": "dontcare"
+    }
+
+JSONRPC/websockets
+~~~~~~~~~~~~~~~~~~
+
+JSONRPC requests can be made via websocket. The websocket endpoint is at
+``/websocket``, e.g. ``http://localhost:46657/websocket``. Asynchronous
+RPC functions like event ``subscribe`` and ``unsubscribe`` are only
+available via websockets.
+
+Endpoints
+~~~~~~~~~
+
+An HTTP Get request to the root RPC endpoint (e.g.
+``http://localhost:46657``) shows a list of available endpoints.
+
+::
+
+    Available endpoints:
+    http://localhost:46657/abci_info
+    http://localhost:46657/dump_consensus_state
+    http://localhost:46657/genesis
+    http://localhost:46657/net_info
+    http://localhost:46657/num_unconfirmed_txs
+    http://localhost:46657/status
+    http://localhost:46657/unconfirmed_txs
+    http://localhost:46657/unsafe_flush_mempool
+    http://localhost:46657/unsafe_stop_cpu_profiler
+    http://localhost:46657/validators
+
+    Endpoints that require arguments:
+    http://localhost:46657/abci_query?path=_&data=_&prove=_
+    http://localhost:46657/block?height=_
+    http://localhost:46657/blockchain?minHeight=_&maxHeight=_
+    http://localhost:46657/broadcast_tx_async?tx=_
+    http://localhost:46657/broadcast_tx_commit?tx=_
+    http://localhost:46657/broadcast_tx_sync?tx=_
+    http://localhost:46657/commit?height=_
+    http://localhost:46657/dial_seeds?seeds=_
+    http://localhost:46657/subscribe?event=_
+    http://localhost:46657/tx?hash=_&prove=_
+    http://localhost:46657/unsafe_start_cpu_profiler?filename=_
+    http://localhost:46657/unsafe_write_heap_profile?filename=_
+    http://localhost:46657/unsubscribe?event=_
+
+tx
+~~
+
+Returns a transaction matching the given transaction hash.
+
+**Parameters**
+
+1. hash - the transaction hash
+2. prove - include a proof of the transaction inclusion in the block in
+   the result (optional, default: false)
+
+**Returns**
+
+-  ``proof``: the ``types.TxProof`` object
+-  ``tx``: ``[]byte`` - the transaction
+-  ``tx_result``: the ``abci.Result`` object
+-  ``index``: ``int`` - index of the transaction
+-  ``height``: ``int`` - height of the block where this transaction was
+   in
+
+**Example**
+
+.. code:: bash
+
+    curl -s 'http://localhost:46657/broadcast_tx_commit?tx="abc"' | jq .
+    # {
+    #   "error": "",
+    #   "result": {
+    #     "hash": "2B8EC32BA2579B3B8606E42C06DE2F7AFA2556EF",
+    #     "log": "",
+    #     "data": "",
+    #     "code": 0
+    #   },
+    #   "id": "",
+    #   "jsonrpc": "2.0"
+    # }
+
+    curl -s 'http://localhost:46657/tx?hash=0x2B8EC32BA2579B3B8606E42C06DE2F7AFA2556EF' | jq .
+    # {
+    #   "error": "",
+    #   "result": {
+    #     "proof": {
+    #       "Proof": {
+    #         "aunts": []
+    #       },
+    #       "Data": "YWJjZA==",
+    #       "RootHash": "2B8EC32BA2579B3B8606E42C06DE2F7AFA2556EF",
+    #       "Total": 1,
+    #       "Index": 0
+    #     },
+    #     "tx": "YWJjZA==",
+    #     "tx_result": {
+    #       "log": "",
+    #       "data": "",
+    #       "code": 0
+    #     },
+    #     "index": 0,
+    #     "height": 52
+    #   },
+    #   "id": "",
+    #   "jsonrpc": "2.0"
+    # }
+
+More Examples
+~~~~~~~~~~~~~
+
+See the various bash tests using curl in ``test/``, and examples using
+the ``Go`` API in ``rpc/client/``.
--- a/docs/specification/secure-p2p.rst
+++ b/docs/specification/secure-p2p.rst
@@ -0,0 +1,73 @@
+Secure P2P
+==========
+
+The Tendermint p2p protocol uses an authenticated encryption scheme
+based on the `Station-to-Station
+Protocol <https://en.wikipedia.org/wiki/Station-to-Station_protocol>`__.
+The implementation uses
+`golang's <https://godoc.org/golang.org/x/crypto/nacl/box>`__ `nacl
+box <http://nacl.cr.yp.to/box.html>`__ for the actual authenticated
+encryption algorithm.
+
+Each peer generates an ED25519 key-pair to use as a persistent
+(long-term) id.
+
+When two peers establish a TCP connection, they first each generate an
+ephemeral ED25519 key-pair to use for this session, and send each other
+their respective ephemeral public keys. This happens in the clear.
+
+They then each compute the shared secret. The shared secret is the
+multiplication of the peer's ephemeral private key by the other peer's
+ephemeral public key. The result is the same for both peers by the magic
+of `elliptic
+curves <https://en.wikipedia.org/wiki/Elliptic_curve_cryptography>`__.
+The shared secret is used as the symmetric key for the encryption
+algorithm.
+
+The two ephemeral public keys are sorted to establish a canonical order.
+Then a 24-byte nonce is generated by concatenating the public keys and
+hashing them with Ripemd160. Note Ripemd160 produces 20byte hashes, so
+the nonce ends with four 0s.
+
+The nonce is used to seed the encryption - it is critical that the same
+nonce never be used twice with the same private key. For convenience,
+the last bit of the nonce is flipped, giving us two nonces: one for
+encrypting our own messages, one for decrypting our peer's. Which ever
+peer has the higher public key uses the "bit-flipped" nonce for
+encryption.
+
+Now, a challenge is generated by concatenating the ephemeral public keys
+and taking the SHA256 hash.
+
+Each peer signs the challenge with their persistent private key, and
+sends the other peer an AuthSigMsg, containing their persistent public
+key and the signature. On receiving an AuthSigMsg, the peer verifies the
+signature.
+
+The peers are now authenticated.
+
+All future communications can now be encrypted using the shared secret
+and the generated nonces, where each nonce is incremented by one each
+time it is used. The communications maintain Perfect Forward Secrecy, as
+the persistent key pair was not used for generating secrets - only for
+authenticating.
+
+Caveat
+------
+
+This system is still vulnerable to a Man-In-The-Middle attack if the
+persistent public key of the remote node is not known in advance. The
+only way to mitigate this is with a public key authentication system,
+such as the Web-of-Trust or Certificate Authorities. In our case, we can
+use the blockchain itself as a certificate authority to ensure that we
+are connected to at least one validator.
+
+Additional Reading
+------------------
+
+-  `Implementation <https://github.com/tendermint/go-p2p/blob/master/secret_connection.go#L49>`__
+-  `Original STS paper by Whitfield Diffie, Paul C. van Oorschot and
+   Michael J.
+   Wiener <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.216.6107&rep=rep1&type=pdf>`__
+-  `Further work on secret
+   handshakes <https://dominictarr.github.io/secret-handshake-paper/shs.pdf>`__
--- a/docs/specification/validators.rst
+++ b/docs/specification/validators.rst
@@ -0,0 +1,44 @@
+Validators
+==========
+
+Validators are responsible for committing new blocks in the blockchain.
+These validators participate in the consensus protocol by broadcasting
+*votes* which contain cryptographic signatures signed by each
+validator's public key.
+
+Some Proof-of-Stake consensus algorithms aim to create a "completely"
+decentralized system where all stakeholders (even those who are not
+always available online) participate in the committing of blocks.
+Tendermint has a different approach to block creation. Validators are
+expected to be online, and the set of validators is permissioned/curated
+by some external process. Proof-of-stake is not required, but can be
+implemented on top of Tendermint consensus. That is, validators may be
+required to post collateral on-chain, off-chain, or may not be required
+to post any collateral at all.
+
+Validators have a cryptographic key-pair and an associated amount of
+"voting power". Voting power need not be the same.
+
+Becoming a Validator
+--------------------
+
+There are two ways to become validator.
+
+1. They can be pre-established in the `genesis
+   state <./genesis.html>`__
+2. The `ABCI app responds to the EndBlock
+   message <https://github.com/tendermint/abci>`__ with changes to the
+   existing validator set.
+
+Committing a Block
+------------------
+
+*+2/3 is short for "more than 2/3"*
+
+A block is committed when +2/3 of the validator set sign `precommit
+votes <./block-structure.html#vote>`__ for that block at the same
+``round``. The +2/3 set of precommit votes is
+called a `*commit* <./block-structure.html#commit>`__. While any
+2/3 set of precommits for the same block at the same height&round can
+serve as validation, the canonical commit is included in the next block
+(see `LastCommit <./block-structure.html>`__).
--- a/docs/specification/wire-protocol.rst
+++ b/docs/specification/wire-protocol.rst
@@ -0,0 +1,172 @@
+Wire Protocol
+=============
+
+The `Tendermint wire protocol <https://github.com/tendermint/go-wire>`__
+encodes data in `c-style binary <#binary>`__ and `JSON <#json>`__ form.
+
+Supported types
+---------------
+
+-  Primitive types
+-  ``uint8`` (aka ``byte``), ``uint16``, ``uint32``, ``uint64``
+-  ``int8``, ``int16``, ``int32``, ``int64``
+-  ``uint``, ``int``: variable length (un)signed integers
+-  ``string``, ``[]byte``
+-  ``time``
+-  Derived types
+-  structs
+-  var-length arrays of a particular type
+-  fixed-length arrays of a particular type
+-  interfaces: registered union types preceded by a ``type byte``
+-  pointers
+
+Binary
+------
+
+**Fixed-length primitive types** are encoded with 1,2,3, or 4 big-endian
+bytes. - ``uint8`` (aka ``byte``), ``uint16``, ``uint32``, ``uint64``:
+takes 1,2,3, and 4 bytes respectively - ``int8``, ``int16``, ``int32``,
+``int64``: takes 1,2,3, and 4 bytes respectively - ``time``: ``int64``
+representation of nanoseconds since epoch
+
+**Variable-length integers** are encoded with a single leading byte
+representing the length of the following big-endian bytes. For signed
+negative integers, the most significant bit of the leading byte is a 1.
+
+-  ``uint``: 1-byte length prefixed variable-size (0 ~ 255 bytes)
+   unsigned integers
+-  ``int``: 1-byte length prefixed variable-size (0 ~ 127 bytes) signed
+   integers
+
+NOTE: While the number 0 (zero) is encoded with a single byte ``x00``,
+the number 1 (one) takes two bytes to represent: ``x0101``. This isn't
+the most efficient representation, but the rules are easier to remember.
+
+---------------+----------------+----------------+
+| number        | binary         | binary ``int`` |
+|               | ``uint``       |                |
+===============+================+================+
+| 0             | ``x00``        | ``x00``        |
+---------------+----------------+----------------+
+| 1             | ``x0101``      | ``x0101``      |
+---------------+----------------+----------------+
+| 2             | ``x0102``      | ``x0102``      |
+---------------+----------------+----------------+
+| 256           | ``x020100``    | ``x020100``    |
+---------------+----------------+----------------+
+| 2^(127\ *8)-1 | ``x800100...`` | overflow       |
+| \|            |                |                |
+| ``x7FFFFF...` |                |                |
+| `             |                |                |
+| \|            |                |                |
+| ``x7FFFFF...` |                |                |
+| `             |                |                |
+| \| \|         |                |                |
+| 2^(127*\ 8)   |                |                |
+---------------+----------------+----------------+
+| 2^(255\*8)-1  |
+| \|            |
+| ``xFFFFFF...` |
+| `             |
+| \| overflow   |
+| \| \| -1 \|   |
+| n/a \|        |
+| ``x8101`` \|  |
+| \| -2 \| n/a  |
+| \| ``x8102``  |
+| \| \| -256 \| |
+| n/a \|        |
+| ``x820100``   |
+| \|            |
+---------------+----------------+----------------+
+
+**Structures** are encoded by encoding the field values in order of
+declaration.
+
+.. code:: go
+
+    type Foo struct {
+        MyString string
+        MyUint32 uint32
+    }
+    var foo = Foo{"626172", math.MaxUint32}
+
+    /* The binary representation of foo:
+     0103626172FFFFFFFF
+     0103:               `int` encoded length of string, here 3
+         626172:         3 bytes of string "bar"
+               FFFFFFFF: 4 bytes of uint32 MaxUint32
+    */
+
+**Variable-length arrays** are encoded with a leading ``int`` denoting
+the length of the array followed by the binary representation of the
+items. **Fixed-length arrays** are similar but aren't preceded by the
+leading ``int``.
+
+.. code:: go
+
+    foos := []Foo{foo, foo}
+
+    /* The binary representation of foos:
+     01020103626172FFFFFFFF0103626172FFFFFFFF
+     0102:                                     `int` encoded length of array, here 2
+         0103626172FFFFFFFF:                   the first `foo`
+                           0103626172FFFFFFFF: the second `foo`
+    */
+
+    foos := [2]Foo{foo, foo} // fixed-length array
+
+    /* The binary representation of foos:
+     0103626172FFFFFFFF0103626172FFFFFFFF
+     0103626172FFFFFFFF:                   the first `foo`
+                       0103626172FFFFFFFF: the second `foo`
+    */
+
+**Interfaces** can represent one of any number of concrete types. The
+concrete types of an interface must first be declared with their
+corresponding ``type byte``. An interface is then encoded with the
+leading ``type byte``, then the binary encoding of the underlying
+concrete type.
+
+NOTE: The byte ``x00`` is reserved for the ``nil`` interface value and
+``nil`` pointer values.
+
+.. code:: go
+
+    type Animal interface{}
+    type Dog uint32
+    type Cat string
+
+    RegisterInterface(
+        struct{ Animal }{},          // Convenience for referencing the 'Animal' interface
+        ConcreteType{Dog(0),  0x01}, // Register the byte 0x01 to denote a Dog
+        ConcreteType{Cat(""), 0x02}, // Register the byte 0x02 to denote a Cat
+    )
+
+    var animal Animal = Dog(02)
+
+    /* The binary representation of animal:
+     010102
+     01:     the type byte for a `Dog`
+       0102: the bytes of Dog(02)
+    */
+
+**Pointers** are encoded with a single leading byte ``x00`` for ``nil``
+pointers, otherwise encoded with a leading byte ``x01`` followed by the
+binary encoding of the value pointed to.
+
+NOTE: It's easy to convert pointer types into interface types, since the
+``type byte`` ``x00`` is always ``nil``.
+
+JSON
+----
+
+The JSON codec is compatible with the ```binary`` <#binary>`__ codec,
+and is fairly intuitive if you're already familiar with golang's JSON
+encoding. Some quirks are noted below:
+
+-  variable-length and fixed-length bytes are encoded as uppercase
+   hexadecimal strings
+-  interface values are encoded as an array of two items:
+   ``[type_byte, concrete_value]``
+-  times are encoded as rfc2822 strings
--- a/docs/specs/block-structure.md
+++ b/docs/specs/block-structure.md
@@ -1,168 +0,0 @@
-# Block Structure
-
-The tendermint consensus engine records all agreements by a supermajority of
-nodes into a blockchain, which is replicated among all nodes.  This blockchain
-is accessible via various rpc endpoints, mainly `/block?height=` to get the full
-block, as well as `/blockchain?minHeight=_&maxHeight=_` to get a list of headers.
-But what exactly is stored in these blocks?
-
-### Block
-
-A [Block](https://godoc.org/github.com/tendermint/tendermint/types#Block) contains:
-
-* a [Header](#header) contains merkle hashes for various chain states
-* the [Data](https://godoc.org/github.com/tendermint/tendermint/types#Data) is all transactions which are to be processed
-* the [LastCommit](#commit) > 2/3 signatures for the last block
-
-The signatures returned along with block `H` are those validating block `H-1`.
-This can be a little confusing, but we must also consider that the
-`Header` also contains the `LastCommitHash`.
-It would be impossible for a Header to include the commits that sign it, as it
-would cause an infinite loop here. But when we get block `H`, we find
-`Header.LastCommitHash`, which must match the hash of `LastCommit`.
-
-### Header
-
-The [Header](https://godoc.org/github.com/tendermint/tendermint/types#Header) contains lots of information (follow
-link for up-to-date info).  Notably, it maintains the `Height`, the `LastBlockID`
-(to make it a chain), and hashes of the data, the app state, and the validator set.
-This is important as the only item that is signed by the validators is the `Header`,
-and all other data must be validated against one of the merkle hashes in the `Header`.
-
-The `DataHash` can provide a nice check on the [Data](https://godoc.org/github.com/tendermint/tendermint/types#Data)
-returned in this same block. If you are subscribed to new blocks, via tendermint RPC, in order to display or process the new transactions
-you should at least validate that the `DataHash` is valid.
-If it is important to verify autheniticity, you must wait for the `LastCommit` from the next block to make sure the block header (including `DataHash`) was properly signed.
-
-The `ValidatorHash` contains a hash of the current
-[Validators](https://godoc.org/github.com/tendermint/tendermint/types#Validator). Tracking all changes in the
-validator set is complex, but a client can quickly compare this hash
-with the [hash of the currently known validators](https://godoc.org/github.com/tendermint/tendermint/types#ValidatorSet.Hash)
-to see if there have been changes.
-
-The `AppHash` serves as the basis for validating any merkle proofs that come
-from the [ABCI application](https://github.com/tendermint/abci). It represents
-the state of the actual application, rather that the state of the blockchain
-itself. This means it's necessary in order to perform any business logic,
-such as verifying and account balance.
-
-**Note** After the transactions are committed to a block, they still need to
-be processed in a separate step, which happens between the blocks. If you
-find a given transaction in the block at height `H`, the effects of running
-that transaction will be first visible in the `AppHash` from the block
-header at height `H+1`.
-
-Like the `LastCommit` issue, this is a requirement of the
-immutability of the block chain, as the application only applies transactions
-*after* they are commited to the chain.
-
-### Commit
-
-The [Commit](https://godoc.org/github.com/tendermint/tendermint/types#Commit) contains a set of
-[Votes](https://godoc.org/github.com/tendermint/tendermint/types#Vote) that were made by the validator set to
-reach consensus on this block. This is the key to the security in any PoS
-system, and actually no data that cannot be traced back to a block header
-with a valid set of Votes can be trusted. Thus, getting the Commit data
-and verifying the votes is extremely important.
-
-As mentioned above, in order to find the `precommit votes` for block header `H`,
-we need to query block `H+1`. Then we need to check the votes, make sure they
-really are for that block, and properly formatted. Much of this code is implemented
-in Go in the [light-client](https://github.com/tendermint/light-client) package.
-If you look at the code, you will notice that we need to provide the `chainID`
-of the blockchain in order to properly calculate the votes. This is to protect
-anyone from swapping votes between chains to fake (or frame) a validator.
-Also note that this `chainID` is in the `genesis.json` from _Tendermint_,
-not the `genesis.json` from the basecoin app ([that is a different chainID...](https://github.com/tendermint/basecoin/issues/32)).
-
-Once we have those votes,
-and we calculated the proper [sign bytes](https://godoc.org/github.com/tendermint/tendermint/types#Vote.WriteSignBytes)
-using the chainID and a [nice helper function](https://godoc.org/github.com/tendermint/tendermint/types#SignBytes),
-we can verify them. The light client is responsible for maintaining a set of
-validators that we trust. Each vote only stores the validators `Address`, as well
-as the `Signature`. Assuming we have a local copy of the trusted validator set,
-we can look up the `Public Key` of the validator given its `Address`, then
-verify that the `Signature` matches the `SignBytes` and `Public Key`.
-Then we sum up the total voting power of all validators, whose votes fulfilled
-all these stringent requirements. If the total number of voting power for a single block is greater
-than 2/3 of all voting power, then we can finally trust the
-block header, the AppHash, and the proof we got from the ABCI application.
-
-#### Vote Sign Bytes
-The `sign-bytes` of a vote is produced by taking a [`stable-json`](https://github.com/substack/json-stable-stringify)-like deterministic JSON [`wire`](/docs/specs/wire-protocol) encoding of the vote (excluding the `Signature` field), and wrapping it with `{"chain_id":"my_chain","vote":...}`.
-
-For example, a precommit vote might have the following `sign-bytes`:
-
-```json
-{"chain_id":"my_chain","vote":{"block_hash":"611801F57B4CE378DF1A3FFF1216656E89209A99","block_parts_header":{"hash":"B46697379DBE0774CC2C3B656083F07CA7E0F9CE","total":123},"height":1234,"round":1,"type":2}}
-```
-
-### Block Hash
-
-The [block hash](https://godoc.org/github.com/tendermint/tendermint/types#Block.Hash) is the [Simple Tree hash](Merkle-Trees#simple-tree-with-dictionaries) of the fields of the block `Header` encoded as a list of `KVPair`s.
-
-### Transaction
-
-A transaction is any sequence of bytes. It is up to your [ABCI](https://github.com/tendermint/abci) application to accept or reject transactions.
-
-### BlockID
-
-Many of these data structures refer to the [BlockID](https://godoc.org/github.com/tendermint/tendermint/types#BlockID),
-which is the `BlockHash` (hash of the block header, also referred to by the next block)
-along with the `PartSetHeader`.  The `PartSetHeader` is explained below and is used internally
-to orchestrate the p2p propogation.  For clients, it is basically opaque bytes,
-but they must match for all votes.
-
-### PartSetHeader
-
-The [PartSetHeader](https://godoc.org/github.com/tendermint/tendermint/types#PartSetHeader) contains the total number of pieces in a [PartSet](https://godoc.org/github.com/tendermint/tendermint/types#PartSet), and the Merkle root hash of those pieces.
-
-### PartSet
-
-PartSet is used to split a byteslice of data into parts (pieces) for transmission.
-By splitting data into smaller parts and computing a Merkle root hash on the list,
-you can verify that a part is legitimately part of the complete data, and the
-part can be forwarded to other peers before all the parts are known.  In short,
-it's a fast way to securely propagate a large chunk of data (like a block) over a gossip network.
-
-PartSet was inspired by the LibSwift project.
-
-Usage:
-
-```go
-data := RandBytes(2 << 20) // Something large
-
-partSet := NewPartSetFromData(data)
-partSet.Total()     // Total number of 4KB parts
-partSet.Count()     // Equal to the Total, since we already have all the parts
-partSet.Hash()      // The Merkle root hash
-partSet.BitArray()  // A BitArray of partSet.Total() 1's
-
-header := partSet.Header() // Send this to the peer
-header.Total        // Total number of parts
-header.Hash         // The merkle root hash
-
-// Now we'll reconstruct the data from the parts
-partSet2 := NewPartSetFromHeader(header)
-partSet2.Total()    // Same total as partSet.Total()
-partSet2.Count()    // Zero, since this PartSet doesn't have any parts yet.
-partSet2.Hash()     // Same hash as in partSet.Hash()
-partSet2.BitArray() // A BitArray of partSet.Total() 0's
-
-// In a gossip network the parts would arrive in arbitrary order, perhaps
-// in response to explicit requests for parts, or optimistically in response
-// to the receiving peer's partSet.BitArray().
-for !partSet2.IsComplete() {
-    part := receivePartFromGossipNetwork()
-    added, err := partSet2.AddPart(part)
-    if err != nil {
-    // A wrong part,
-        // the merkle trail does not hash to partSet2.Hash()
-    } else if !added {
-        // A duplicate part already received
-    }
-}
-
-data2, _ := ioutil.ReadAll(partSet2.GetReader())
-bytes.Equal(data, data2) // true
-```
--- a/docs/specs/byzantine-consensus-algorithm.md
+++ b/docs/specs/byzantine-consensus-algorithm.md
@@ -1,191 +0,0 @@
-# Byzantine Consensus Algorithm
-
-_The draft 0.6 whitepaper is outdated. The new algorithm is detailed below.  See [revisions](#revisions)_
-
-## Terms
- The network is composed of optionally connected _nodes_.  Nodes directly connected to a particular node are called _peers_.
- The consensus process in deciding the next block (at some _height_ `H`) is composed of one or many _rounds_.
- `NewHeight`, `Propose`, `Prevote`, `Precommit`, and `Commit` represent state machine states of a round. (aka `RoundStep` or just "step").
- A node is said to be _at_ a given height, round, and step, or at `(H,R,S)`, or at `(H,R)` in short to omit the step.
- To _prevote_ or _precommit_ something means to broadcast a [prevote vote](https://godoc.org/github.com/tendermint/tendermint/types#Vote) or [first precommit vote](https://godoc.org/github.com/tendermint/tendermint/types#FirstPrecommit) for something.
- A vote _at_ `(H,R)` is a vote signed with the bytes for `H` and `R` included in its [`sign-bytes`](/docs/specs/block-structure#vote-sign-bytes).
- _+2/3_ is short for "more than 2/3"
- _1/3+_ is short for "1/3 or more"
- A set of +2/3 of prevotes for a particular block or `<nil>` at `(H,R)` is called a _proof-of-lock-change_ or _PoLC_ for short.
-
-## State Machine Overview
-
-At each height of the blockchain a round-based protocol is run to determine
-the next block. Each round is composed of three _steps_ (`Propose`, `Prevote`, and
-`Precommit`), along with two special steps `Commit` and `NewHeight`.
-
-In the optimal scenario, the order of steps is:
-
-```
-NewHeight -> (Propose -> Prevote -> Precommit)+ -> Commit -> NewHeight ->...
-```
-
-The sequence `(Propose -> Prevote -> Precommit)` is called a _round_. There may be more than one round required to commit a block at a given height. Examples for why more rounds may be required include:
-
- The designated proposer was not online.
- The block proposed by the designated proposer was not valid.
- The block proposed by the designated proposer did not propagate in time.
- The block proposed was valid, but +2/3 of prevotes for the proposed block were not received in time for enough validator nodes by the time they reached the `Precommit` step.  Even though +2/3 of prevotes are necessary to progress to the next step, at least one validator may have voted `<nil>` or maliciously voted for something else.
- The block proposed was valid, and +2/3 of prevotes were received for enough nodes, but +2/3 of precommits for the proposed block were not received for enough validator nodes.
-
-Some of these problems are resolved by moving onto the next round & proposer.  Others are resolved by increasing certain round timeout parameters over each successive round.
-
-## State Machine Diagram
-
-```
-                            +-------------------------------------+
-                            v                                     |(Wait til `CommmitTime+timeoutCommit`)
-                      +-----------+                         +-----+-----+
-         +----------> |  Propose  +--------------+          | NewHeight |
-         |            +-----------+              |          +-----------+
-         |                                       |                ^
-         |(Else, after timeoutPrecommit)         v                |
-   +-----+-----+                           +-----------+          |
-   | Precommit |  <------------------------+  Prevote  |          |
-   +-----+-----+                           +-----------+          |
-         |(When +2/3 Precommits for block found)                  |
-         v                                                        |
-   +--------------------------------------------------------------------+
-   |  Commit                                                            |
-   |                                                                    |
-   |  * Set CommitTime = now;                                           |
-   |  * Wait for block, then stage/save/commit block;                   |
-   +--------------------------------------------------------------------+
-```
-
-## Background Gossip
-
-A node may not have a corresponding validator private key, but it nevertheless plays an active role in the consensus process by relaying relevant meta-data, proposals, blocks, and votes to its peers. A node that has the private keys of an active validator and is engaged in signing votes is called a _validator-node_. All nodes (not just validator-nodes) have an associated state (the current height, round, and step) and work to make progress.
-
-Between two nodes there exists a `Connection`, and multiplexed on top of this connection are fairly throttled `Channel`s of information. An epidemic gossip protocol is implemented among some of these channels to bring peers up to speed on the most recent state of consensus. For example,
-
- Nodes gossip `PartSet` parts of the current round's proposer's proposed block.  A LibSwift inspired algorithm is used to quickly broadcast blocks across the gossip network.
- Nodes gossip prevote/precommit votes.  A node NODE_A that is ahead of NODE_B can send NODE_B prevotes or precommits for NODE_B's current (or future) round to enable it to progress forward.
- Nodes gossip prevotes for the proposed PoLC (proof-of-lock-change) round if one is proposed.
- Nodes gossip to nodes lagging in blockchain height with block [commits](https://godoc.org/github.com/tendermint/tendermint/types#Commit) for older blocks.
- Nodes opportunistically gossip `HasVote` messages to hint peers what votes it already has.
- Nodes broadcast their current state to all neighboring peers. (but is not gossiped further)
-
-There's more, but let's not get ahead of ourselves here.
-
-## Proposals
-
-A proposal is signed and published by the designated proposer at each round. The proposer is chosen by a deterministic and non-choking round robin selection algorithm that selects proposers in proportion to their voting power. (see [implementation](https://github.com/tendermint/tendermint/blob/develop/types/validator_set.go))
-
-A proposal at `(H,R)` is composed of a block and an optional latest `PoLC-Round < R` which is included iff the proposer knows of one.  This hints the network to allow nodes to unlock (when safe) to ensure the liveness property.
-
-## State Machine Spec
-
-### Propose Step (height:H,round:R)
-Upon entering `Propose`:
- The designated proposer proposes a block at `(H,R)`.
-
-The `Propose` step ends:
- After `timeoutProposeR` after entering `Propose`.                --> goto `Prevote(H,R)`
- After receiving proposal block and all prevotes at `PoLC-Round`. --> goto `Prevote(H,R)`
- After [common exit conditions](#common-exit-conditions)
-
-### Prevote Step (height:H,round:R)
-Upon entering `Prevote`, each validator broadcasts its prevote vote.
-
- First, if the validator is locked on a block since `LastLockRound` but now has a PoLC for something else at round `PoLC-Round` where `LastLockRound < PoLC-Round < R`, then it unlocks.
- If the validator is still locked on a block, it prevotes that.
- Else, if the proposed block from `Propose(H,R)` is good, it prevotes that.
- Else, if the proposal is invalid or wasn't received on time, it prevotes `<nil>`.
-
-The `Prevote` step ends:
- After +2/3 prevotes for a particular block or `<nil>`.           --> goto `Precommit(H,R)`
- After `timeoutPrevote` after receiving any +2/3 prevotes.        --> goto `Precommit(H,R)`
- After [common exit conditions](#common-exit-conditions)
-
-### Precommit Step (height:H,round:R)
-Upon entering `Precommit`, each validator broadcasts its precommit vote.
- If the validator has a PoLC at `(H,R)` for a particular block `B`, it (re)locks (or changes lock to) and precommits `B` and sets `LastLockRound = R`.
- Else, if the validator has a PoLC at `(H,R)` for `<nil>`, it unlocks and precommits `<nil>`.
- Else, it keeps the lock unchanged and precommits `<nil>`.
-
-A precommit for `<nil>` means "I didn’t see a PoLC for this round, but I did get +2/3 prevotes and waited a bit".
-
-The Precommit step ends:
- After +2/3 precommits for `<nil>`.                               --> goto `Propose(H,R+1)`
- After `timeoutPrecommit` after receiving any +2/3 precommits.    --> goto `Propose(H,R+1)`
- After [common exit conditions](#common-exit-conditions)
-
-#### common exit conditions
- After +2/3 precommits for a particular block.                    --> goto `Commit(H)`
- After any +2/3 prevotes received at `(H,R+x)`.                   --> goto `Prevote(H,R+x)`
- After any +2/3 precommits received at `(H,R+x)`.                 --> goto `Precommit(H,R+x)`
-
-### Commit Step (height:H)
- Set `CommitTime = now()`
- Wait until block is received.                                    --> goto `NewHeight(H+1)`
-
-### NewHeight Step (height:H)
- Move `Precommits` to `LastCommit` and increment height.
- Set `StartTime = CommitTime+timeoutCommit`
- Wait until `StartTime` to receive straggler commits.             --> goto `Propose(H,0)`
-
-## Proofs
-
-### Proof of Safety
-Assume that at most -1/3 of the voting power of validators is byzantine.  If a validator commits block `B` at round `R`, it's because it saw +2/3 of precommits at round `R`. This implies that 1/3+ of honest nodes are still locked at round `R' > R`.  These locked validators will remain locked until they see a PoLC at `R' > R`, but this won't happen because 1/3+ are locked and honest, so at most -2/3 are available to vote for anything other than `B`.
-
-### Proof of Liveness
-If 1/3+ honest validators are locked on two different blocks from different rounds, a proposers' `PoLC-Round` will eventually cause nodes locked from the earlier round to unlock.  Eventually, the designated proposer will be one that is aware of a PoLC at the later round.  Also, `timeoutProposalR` increments with round `R`, while the size of a proposal are capped, so eventually the network is able to "fully gossip" the whole proposal (e.g. the block & PoLC).
-
-### Proof of Fork Accountability
-Define the JSet (justification-vote-set) at height `H` of a validator `V1` to be all the votes signed by the validator at `H` along with justification PoLC prevotes for each lock change.  For example, if `V1` signed the following precommits: `Precommit(B1 @ round 0)`, `Precommit(<nil> @ round 1)`, `Precommit(B2 @ round 4)` (note that no precommits were signed for rounds 2 and 3, and that's ok), `Precommit(B1 @ round 0)` must be justified by a PoLC at round 0, and `Precommit(B2 @ round 4)` must be justified by a PoLC at round 4; but the precommit for `<nil>` at round 1 is not a lock-change by definition so the JSet for `V1` need not include any prevotes at round 1, 2, or 3 (unless `V1` happened to have prevoted for those rounds).
-
-Further, define the JSet at height `H` of a set of validators `VSet` to be the union of the JSets for each validator in `VSet`.  For a given commit by honest validators at round `R` for block `B` we can construct a JSet to justify the commit for `B` at `R`.
-We say that a JSet _justifies_ a commit at `(H,R)` if all the committers (validators in the commit-set) are each justified in the JSet with no duplicitous vote signatures (by the committers).
-
- **Lemma**: When a fork is detected by the existence of two conflicting [commits](/docs/specs/validators#commiting-a-block), the union of the JSets for both commits (if they can be compiled) must include double-signing by at least 1/3+ of the validator set. **Proof**: The commit cannot be at the same round, because that would immediately imply double-signing by 1/3+.  Take the union of the JSets of both commits.  If there is no double-signing by at least 1/3+ of the validator set in the union, then no honest validator could have precommitted any different block after the first commit.  Yet, +2/3 did.  Reductio ad absurdum.
-
-As a corollary, when there is a fork, an external process can determine the blame by requiring each validator to justify all of its round votes.  Either we will find 1/3+ who cannot justify at least one of their votes, and/or, we will find 1/3+ who had double-signed.
-
-### Alternative algorithm
-
-Alternatively, we can take the JSet of a commit to be the "full commit".  That is, if light clients and validators do not consider a block to be committed unless the JSet of the commit is also known, then we get the desirable property that if there ever is a fork (e.g. there are two conflicting "full commits"), then 1/3+ of the validators are immediately punishable for double-signing.
-
-There are many ways to ensure that the gossip network efficiently share the JSet of a commit.  One solution is to add a new message type that tells peers that this node has (or does not have) a +2/3 majority for B (or <nil>) at (H,R), and a bitarray of which votes contributed towards that majority.  Peers can react by responding with appropriate votes.
-
-We will implement such an algorithm for the next iteration of the Tendermint consensus protocol.
-
-Other potential improvements include adding more data in votes such as the last known PoLC round that caused a lock change, and the last voted round/step (or, we may require that validators not skip any votes).  This may make JSet verification/gossip logic easier to implement.
-
-### Censorship Attacks
-
-Due to the definition of a block [commit](/docs/specs/validators#commiting-a-block), any 1/3+ coalition of validators can halt the blockchain by not broadcasting their votes.  Such a coalition can also censor particular transactions by rejecting blocks that include these transactions, though this would result in a significant proportion of block proposals to be rejected, which would slow down the rate of block commits of the blockchain, reducing its utility and value.  The malicious coalition might also broadcast votes in a trickle so as to grind blockchain block commits to a near halt, or engage in any combination of these attacks.
-
-If a global active adversary were also involved, it can partition the network in such a way that it may appear that the wrong subset of validators were responsible for the slowdown.  This is not just a limitation of Tendermint, but rather a limitation of all consensus protocols whose network is potentially controlled by an active adversary.
-
-### Overcoming Forks and Censorship Attacks
-
-For these types of attacks, a subset of the validators through external means
-should coordinate to sign a reorg-proposal that chooses a fork (and any evidence
-thereof) and the initial subset of validators with their signatures. Validators
-who sign such a reorg-proposal forego its collateral on all other forks.
-Clients should verify the signatures on the reorg-proposal, verify any evidence,
-and make a judgement or prompt the end-user for a decision.  For example, a
-phone wallet app may prompt the user with a security warning, while a
-refrigerator may accept any reorg-proposal signed by +½ of the original
-validators.
-
-No non-synchronous Byzantine fault-tolerant algorithm can come to consensus when
-⅓+ of validators are dishonest, yet a fork assumes that ⅓+ of validators have
-already been dishonest by double-signing or lock-changing without justification.
-So, signing the reorg-proposal is a coordination problem that cannot be solved
-by any non-synchronous protocol (i.e. automatically, and without making
-assumptions about the reliability of the underlying network). It must be
-provided by means external to the weakly-synchronous Tendermint consensus
-algorithm.  For now, we leave the problem of reorg-proposal coordination to
-human coordination via internet media.  Validators must take care to ensure that
-there are no significant network partitions, to avoid situations where two
-conflicting reorg-proposals are signed.
-
-Assuming that the external coordination medium and protocol is robust, it follows that forks are less of a concern than [censorship attacks](#censorship-attacks).
--- a/Show More
+++ b/Show More