DO NOT MERGE: Delay sending of attachments.

[android] Refactor attachment loading to use LiveData
[android] address first round of code review for attachment placeholders
2026-02-12 02:39:05 +01:00 · 2020-01-23 08:57:27 -03:00 · 2020-01-23 08:57:26 -03:00 · 2020-01-23 08:57:26 -03:00 · 2020-01-23 08:57:25 -03:00 · 2020-01-23 08:57:25 -03:00
294 changed files with 4527 additions and 8083 deletions
--- a/TRANSLATION.md
+++ b/TRANSLATION.md
@@ -1,9 +0,0 @@
-Translations for this project are managed through Transifex:
-
-https://transifex.com/otf/briar
-
-If you'd like to volunteer as a translator, please create a Transifex account and request to be
-added to the project's translation team. The Localization Lab has some instructions and advice for
-translators here:
-
-https://wiki.localizationlab.org/index.php/Briar
--- a/bramble-android/build.gradle
+++ b/bramble-android/build.gradle
@@ -11,8 +11,8 @@ android {
 	defaultConfig {
 		minSdkVersion 16
 		targetSdkVersion 28
-		versionCode 10209
-		versionName "1.2.9"
+		versionCode 10205
+		versionName "1.2.5"
 		consumerProguardFiles 'proguard-rules.txt'

 		testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
@@ -38,7 +38,7 @@ configurations {

 dependencies {
 	implementation project(path: ':bramble-core', configuration: 'default')
-	tor 'org.briarproject:tor-android:0.3.5.10@zip'
+	tor 'org.briarproject:tor-android:0.3.5.9@zip'
 	tor 'org.briarproject:obfs4proxy-android:0.0.11-2@zip'

 	annotationProcessor 'com.google.dagger:dagger-compiler:2.24'
--- a/bramble-android/src/main/java/org/briarproject/bramble/account/AndroidAccountManager.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/account/AndroidAccountManager.java
@@ -9,12 +9,9 @@ import org.briarproject.bramble.api.account.AccountManager;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
 import org.briarproject.bramble.api.db.DatabaseConfig;
 import org.briarproject.bramble.api.identity.IdentityManager;
-import org.briarproject.bramble.api.logging.PersistentLogManager;

 import java.io.File;
-import java.io.IOException;
 import java.util.HashSet;
-import java.util.List;
 import java.util.Set;
 import java.util.logging.Logger;

@@ -22,40 +19,26 @@ import javax.annotation.Nullable;
 import javax.annotation.concurrent.GuardedBy;
 import javax.inject.Inject;

-import static android.content.Context.MODE_PRIVATE;
 import static android.os.Build.VERSION.SDK_INT;
-import static java.util.Arrays.asList;
 import static java.util.logging.Level.INFO;
-import static java.util.logging.Level.WARNING;
-import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.util.IoUtils.deleteFileOrDir;
-import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.LogUtils.logFileOrDir;

 class AndroidAccountManager extends AccountManagerImpl
 		implements AccountManager {

 	private static final Logger LOG =
-			getLogger(AndroidAccountManager.class.getName());
-
-	/**
-	 * Directories that shouldn't be deleted when deleting the user's account.
-	 */
-	private static final List<String> PROTECTED_DIR_NAMES =
-			asList("cache", "code_cache", "lib", "shared_prefs");
+			Logger.getLogger(AndroidAccountManager.class.getName());

 	protected final Context appContext;
 	private final SharedPreferences prefs;
-	private final PersistentLogManager logManager;

 	@Inject
 	AndroidAccountManager(DatabaseConfig databaseConfig,
 			CryptoComponent crypto, IdentityManager identityManager,
-			SharedPreferences prefs, PersistentLogManager logManager,
-			Application app) {
+			SharedPreferences prefs, Application app) {
 		super(databaseConfig, crypto, identityManager);
 		this.prefs = prefs;
-		this.logManager = logManager;
 		appContext = app.getApplicationContext();
 	}

@@ -83,7 +66,6 @@ class AndroidAccountManager extends AccountManagerImpl
 				LOG.info("Contents of account directory after deleting:");
 				logFileOrDir(LOG, INFO, getDataDir());
 			}
-			replacePersistentLogger();
 		}
 	}

@@ -99,7 +81,7 @@ class AndroidAccountManager extends AccountManagerImpl
 			if (!prefs.edit().clear().commit())
 				LOG.warning("Could not clear shared preferences");
 		}
-		// Delete files, except protected directories
+		// Delete files, except lib and shared_prefs directories
 		Set<File> files = new HashSet<>();
 		File dataDir = getDataDir();
 		@Nullable
@@ -108,12 +90,14 @@ class AndroidAccountManager extends AccountManagerImpl
 			LOG.warning("Could not list files in app data dir");
 		} else {
 			for (File file : fileArray) {
-				if (!PROTECTED_DIR_NAMES.contains(file.getName())) {
+				String name = file.getName();
+				if (!name.equals("lib") && !name.equals("shared_prefs")) {
 					files.add(file);
 				}
 			}
 		}
 		files.add(appContext.getFilesDir());
+		files.add(appContext.getCacheDir());
 		addIfNotNull(files, appContext.getExternalCacheDir());
 		if (SDK_INT >= 19) {
 			for (File file : appContext.getExternalCacheDirs()) {
@@ -125,16 +109,12 @@ class AndroidAccountManager extends AccountManagerImpl
 				addIfNotNull(files, file);
 			}
 		}
-		// Clear the cache directory but don't delete it
-		File cacheDir = appContext.getCacheDir();
-		File[] children = cacheDir.listFiles();
-		if (children != null) files.addAll(asList(children));
 		for (File file : files) {
-			if (LOG.isLoggable(INFO)) {
-				LOG.info("Deleting " + file.getAbsolutePath());
-			}
 			deleteFileOrDir(file);
 		}
+		// Recreate the cache dir as some OpenGL drivers expect it to exist
+		if (!new File(dataDir, "cache").mkdirs())
+			LOG.warning("Could not recreate cache dir");
 	}

 	private File getDataDir() {
@@ -144,13 +124,4 @@ class AndroidAccountManager extends AccountManagerImpl
 	private void addIfNotNull(Set<File> files, @Nullable File file) {
 		if (file != null) files.add(file);
 	}
-
-	private void replacePersistentLogger() {
-		File logDir = appContext.getDir("log", MODE_PRIVATE);
-		try {
-			logManager.addLogHandler(logDir, getLogger(""));
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-		}
-	}
 }
--- a/bramble-android/src/main/java/org/briarproject/bramble/network/AndroidNetworkManager.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/network/AndroidNetworkManager.java
@@ -32,7 +32,6 @@ import static android.content.Intent.ACTION_SCREEN_OFF;
 import static android.content.Intent.ACTION_SCREEN_ON;
 import static android.net.ConnectivityManager.CONNECTIVITY_ACTION;
 import static android.net.ConnectivityManager.TYPE_WIFI;
-import static android.net.wifi.p2p.WifiP2pManager.WIFI_P2P_THIS_DEVICE_CHANGED_ACTION;
 import static android.os.Build.VERSION.SDK_INT;
 import static android.os.PowerManager.ACTION_DEVICE_IDLE_MODE_CHANGED;
 import static java.util.concurrent.TimeUnit.MINUTES;
@@ -77,9 +76,9 @@ class AndroidNetworkManager implements NetworkManager, Service {
 		filter.addAction(ACTION_SCREEN_ON);
 		filter.addAction(ACTION_SCREEN_OFF);
 		filter.addAction(WIFI_AP_STATE_CHANGED_ACTION);
-		filter.addAction(WIFI_P2P_THIS_DEVICE_CHANGED_ACTION);
 		if (SDK_INT >= 23) filter.addAction(ACTION_DEVICE_IDLE_MODE_CHANGED);
 		appContext.registerReceiver(networkStateReceiver, filter);
+
 	}

 	@Override
@@ -137,8 +136,7 @@ class AndroidNetworkManager implements NetworkManager, Service {
 		}

 		private boolean isApEvent(@Nullable String action) {
-			return WIFI_AP_STATE_CHANGED_ACTION.equals(action) ||
-					WIFI_P2P_THIS_DEVICE_CHANGED_ACTION.equals(action);
+			return WIFI_AP_STATE_CHANGED_ACTION.equals(action);
 		}
 	}
 }
--- a/bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPlugin.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPlugin.java
@@ -9,7 +9,6 @@ import android.content.Context;
 import android.content.Intent;
 import android.content.IntentFilter;

-import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
@@ -25,13 +24,13 @@ import java.io.IOException;
 import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.Collections;
 import java.util.List;
 import java.util.UUID;
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Executor;
 import java.util.concurrent.LinkedBlockingQueue;
-import java.util.concurrent.ScheduledExecutorService;
 import java.util.logging.Logger;

 import javax.annotation.Nullable;
@@ -48,10 +47,7 @@ import static android.bluetooth.BluetoothAdapter.SCAN_MODE_NONE;
 import static android.bluetooth.BluetoothAdapter.STATE_OFF;
 import static android.bluetooth.BluetoothAdapter.STATE_ON;
 import static android.bluetooth.BluetoothDevice.ACTION_FOUND;
-import static android.bluetooth.BluetoothDevice.DEVICE_TYPE_LE;
 import static android.bluetooth.BluetoothDevice.EXTRA_DEVICE;
-import static android.os.Build.VERSION.SDK_INT;
-import static java.util.Collections.shuffle;
 import static java.util.concurrent.TimeUnit.MILLISECONDS;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
@@ -67,7 +63,6 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {

 	private static final int MAX_DISCOVERY_MS = 10_000;

-	private final ScheduledExecutorService scheduler;
 	private final AndroidExecutor androidExecutor;
 	private final Context appContext;
 	private final Clock clock;
@@ -79,14 +74,11 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 	private volatile BluetoothAdapter adapter = null;

 	AndroidBluetoothPlugin(BluetoothConnectionLimiter connectionLimiter,
-			TimeoutMonitor timeoutMonitor, Executor ioExecutor,
-			SecureRandom secureRandom, ScheduledExecutorService scheduler,
-			AndroidExecutor androidExecutor, Context appContext, Clock clock,
-			Backoff backoff, PluginCallback callback, int maxLatency,
-			int maxIdleTime) {
-		super(connectionLimiter, timeoutMonitor, ioExecutor, secureRandom,
-				backoff, callback, maxLatency, maxIdleTime);
-		this.scheduler = scheduler;
+			Executor ioExecutor, AndroidExecutor androidExecutor,
+			Context appContext, SecureRandom secureRandom, Clock clock,
+			Backoff backoff, PluginCallback callback, int maxLatency) {
+		super(connectionLimiter, ioExecutor, secureRandom, backoff, callback,
+				maxLatency);
 		this.androidExecutor = androidExecutor;
 		this.appContext = appContext;
 		this.clock = clock;
@@ -154,12 +146,6 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 		wasEnabledByUs = true;
 	}

-	@Override
-	void onAdapterDisabled() {
-		super.onAdapterDisabled();
-		wasEnabledByUs = false;
-	}
-
 	@Override
 	@Nullable
 	String getBluetoothAddress() {
@@ -184,10 +170,9 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 		return wrapSocket(ss.accept());
 	}

-	private DuplexTransportConnection wrapSocket(BluetoothSocket s)
-			throws IOException {
-		return new AndroidBluetoothTransportConnection(this, connectionLimiter,
-				timeoutMonitor, appContext, scheduler, s);
+	private DuplexTransportConnection wrapSocket(BluetoothSocket s) {
+		return new AndroidBluetoothTransportConnection(this,
+				connectionLimiter, s);
 	}

 	@Override
@@ -255,15 +240,11 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 						break;
 					} else if (ACTION_FOUND.equals(action)) {
 						BluetoothDevice d = i.getParcelableExtra(EXTRA_DEVICE);
-						// Ignore Bluetooth LE devices
-						if (SDK_INT < 18 || d.getType() != DEVICE_TYPE_LE) {
-							String address = d.getAddress();
-							if (LOG.isLoggable(INFO))
-								LOG.info("Discovered " +
-										scrubMacAddress(address));
-							if (!addresses.contains(address))
-								addresses.add(address);
-						}
+						String address = d.getAddress();
+						if (LOG.isLoggable(INFO))
+							LOG.info("Discovered " + scrubMacAddress(address));
+						if (!addresses.contains(address))
+							addresses.add(address);
 					}
 					now = clock.currentTimeMillis();
 				}
@@ -279,7 +260,7 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 			appContext.unregisterReceiver(receiver);
 		}
 		// Shuffle the addresses so we don't always try the same one first
-		shuffle(addresses);
+		Collections.shuffle(addresses);
 		return addresses;
 	}

--- a/bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPluginFactory.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPluginFactory.java
@@ -3,7 +3,6 @@ package org.briarproject.bramble.plugin.bluetooth;
 import android.content.Context;

 import org.briarproject.bramble.api.event.EventBus;
-import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
@@ -16,7 +15,6 @@ import org.briarproject.bramble.api.system.Clock;

 import java.security.SecureRandom;
 import java.util.concurrent.Executor;
-import java.util.concurrent.ScheduledExecutorService;

 import javax.annotation.concurrent.Immutable;

@@ -27,34 +25,28 @@ import static org.briarproject.bramble.api.plugin.BluetoothConstants.ID;
 public class AndroidBluetoothPluginFactory implements DuplexPluginFactory {

 	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
-	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
 	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
 	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;

 	private final Executor ioExecutor;
-	private final ScheduledExecutorService scheduler;
 	private final AndroidExecutor androidExecutor;
 	private final Context appContext;
 	private final SecureRandom secureRandom;
 	private final EventBus eventBus;
 	private final Clock clock;
-	private final TimeoutMonitor timeoutMonitor;
 	private final BackoffFactory backoffFactory;

 	public AndroidBluetoothPluginFactory(Executor ioExecutor,
-			ScheduledExecutorService scheduler,
 			AndroidExecutor androidExecutor, Context appContext,
 			SecureRandom secureRandom, EventBus eventBus, Clock clock,
-			TimeoutMonitor timeoutMonitor, BackoffFactory backoffFactory) {
+			BackoffFactory backoffFactory) {
 		this.ioExecutor = ioExecutor;
-		this.scheduler = scheduler;
 		this.androidExecutor = androidExecutor;
 		this.appContext = appContext;
 		this.secureRandom = secureRandom;
 		this.eventBus = eventBus;
 		this.clock = clock;
-		this.timeoutMonitor = timeoutMonitor;
 		this.backoffFactory = backoffFactory;
 	}

@@ -71,13 +63,12 @@ public class AndroidBluetoothPluginFactory implements DuplexPluginFactory {
 	@Override
 	public DuplexPlugin createPlugin(PluginCallback callback) {
 		BluetoothConnectionLimiter connectionLimiter =
-				new BluetoothConnectionLimiterImpl(eventBus);
+				new BluetoothConnectionLimiterImpl();
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		AndroidBluetoothPlugin plugin = new AndroidBluetoothPlugin(
-				connectionLimiter, timeoutMonitor, ioExecutor, secureRandom,
-				scheduler, androidExecutor, appContext, clock, backoff,
-				callback, MAX_LATENCY, MAX_IDLE_TIME);
+				connectionLimiter, ioExecutor, androidExecutor, appContext,
+				secureRandom, clock, backoff, callback, MAX_LATENCY);
 		eventBus.addListener(plugin);
 		return plugin;
 	}
--- a/bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothTransportConnection.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothTransportConnection.java
@@ -1,60 +1,33 @@
 package org.briarproject.bramble.plugin.bluetooth;

 import android.bluetooth.BluetoothSocket;
-import android.content.Context;
-import android.os.PowerManager;

-import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.duplex.AbstractDuplexTransportConnection;
-import org.briarproject.bramble.util.RenewableWakeLock;

 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.util.concurrent.ScheduledExecutorService;
-
-import static android.content.Context.POWER_SERVICE;
-import static android.os.PowerManager.PARTIAL_WAKE_LOCK;
-import static java.util.concurrent.TimeUnit.MINUTES;
-import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
-import static org.briarproject.bramble.api.plugin.BluetoothConstants.PROP_ADDRESS;
-import static org.briarproject.bramble.util.AndroidUtils.getWakeLockTag;
-import static org.briarproject.bramble.util.AndroidUtils.isValidBluetoothAddress;

@NotNullByDefault
 class AndroidBluetoothTransportConnection
 		extends AbstractDuplexTransportConnection {

-	private final BluetoothConnectionLimiter connectionLimiter;
-	private final RenewableWakeLock wakeLock;
+	private final BluetoothConnectionLimiter connectionManager;
 	private final BluetoothSocket socket;
-	private final InputStream in;

 	AndroidBluetoothTransportConnection(Plugin plugin,
-			BluetoothConnectionLimiter connectionLimiter,
-			TimeoutMonitor timeoutMonitor, Context appContext,
-			ScheduledExecutorService scheduler, BluetoothSocket socket)
-			throws IOException {
+			BluetoothConnectionLimiter connectionManager,
+			BluetoothSocket socket) {
 		super(plugin);
-		this.connectionLimiter = connectionLimiter;
+		this.connectionManager = connectionManager;
 		this.socket = socket;
-		in = timeoutMonitor.createTimeoutInputStream(
-				socket.getInputStream(), plugin.getMaxIdleTime() * 2);
-		PowerManager powerManager = (PowerManager)
-				requireNonNull(appContext.getSystemService(POWER_SERVICE));
-		String tag = getWakeLockTag(appContext);
-		wakeLock = new RenewableWakeLock(powerManager, scheduler,
-				PARTIAL_WAKE_LOCK, tag, 1, MINUTES);
-		wakeLock.acquire();
-		String address = socket.getRemoteDevice().getAddress();
-		if (isValidBluetoothAddress(address)) remote.put(PROP_ADDRESS, address);
 	}

 	@Override
-	protected InputStream getInputStream() {
-		return in;
+	protected InputStream getInputStream() throws IOException {
+		return socket.getInputStream();
 	}

 	@Override
@@ -67,8 +40,7 @@ class AndroidBluetoothTransportConnection
 		try {
 			socket.close();
 		} finally {
-			wakeLock.release();
-			connectionLimiter.connectionClosed(this);
+			connectionManager.connectionClosed(this);
 		}
 	}
 }
--- a/bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPlugin.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPlugin.java
@@ -1,32 +1,25 @@
 package org.briarproject.bramble.plugin.tcp;

-import android.annotation.TargetApi;
 import android.content.Context;
 import android.net.ConnectivityManager;
-import android.net.LinkAddress;
-import android.net.LinkProperties;
 import android.net.Network;
-import android.net.NetworkCapabilities;
+import android.net.NetworkInfo;
 import android.net.wifi.WifiInfo;
 import android.net.wifi.WifiManager;

 import org.briarproject.bramble.PoliteExecutor;
-import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.network.event.NetworkStatusEvent;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.PluginCallback;
-import org.briarproject.bramble.api.settings.Settings;

 import java.io.IOException;
 import java.net.InetAddress;
-import java.net.InterfaceAddress;
-import java.net.NetworkInterface;
 import java.net.Socket;
-import java.net.SocketException;
 import java.net.UnknownHostException;
-import java.util.List;
+import java.util.Collection;
 import java.util.concurrent.Executor;
 import java.util.logging.Logger;

@@ -35,25 +28,31 @@ import javax.net.SocketFactory;

 import static android.content.Context.CONNECTIVITY_SERVICE;
 import static android.content.Context.WIFI_SERVICE;
-import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
+import static android.net.ConnectivityManager.TYPE_WIFI;
 import static android.os.Build.VERSION.SDK_INT;
 import static java.util.Collections.emptyList;
-import static java.util.Collections.list;
 import static java.util.Collections.singletonList;
-import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.api.plugin.LanTcpConstants.DEFAULT_PREF_PLUGIN_ENABLE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.ACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.INACTIVE;
-import static org.briarproject.bramble.util.IoUtils.tryToClose;
-import static org.briarproject.bramble.util.LogUtils.logException;

@NotNullByDefault
-class AndroidLanTcpPlugin extends LanTcpPlugin {
+class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {

 	private static final Logger LOG =
 			getLogger(AndroidLanTcpPlugin.class.getName());

+	private static final byte[] WIFI_AP_ADDRESS_BYTES =
+			{(byte) 192, (byte) 168, 43, 1};
+	private static final InetAddress WIFI_AP_ADDRESS;
+
+	static {
+		try {
+			WIFI_AP_ADDRESS = InetAddress.getByAddress(WIFI_AP_ADDRESS_BYTES);
+		} catch (UnknownHostException e) {
+			// Should only be thrown if the address has an illegal length
+			throw new AssertionError(e);
+		}
+	}
+
 	private final Executor connectionStatusExecutor;
 	private final ConnectivityManager connectivityManager;
 	@Nullable
@@ -63,9 +62,8 @@ class AndroidLanTcpPlugin extends LanTcpPlugin {

 	AndroidLanTcpPlugin(Executor ioExecutor, Context appContext,
 			Backoff backoff, PluginCallback callback, int maxLatency,
-			int maxIdleTime, int connectionTimeout) {
-		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime,
-				connectionTimeout);
+			int maxIdleTime) {
+		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
 		// Don't execute more than one connection status check at a time
 		connectionStatusExecutor =
 				new PoliteExecutor("AndroidLanTcpPlugin", ioExecutor, 1);
@@ -81,138 +79,34 @@ class AndroidLanTcpPlugin extends LanTcpPlugin {
 	@Override
 	public void start() {
 		if (used.getAndSet(true)) throw new IllegalStateException();
-		initialisePortProperty();
-		Settings settings = callback.getSettings();
-		state.setStarted(settings.getBoolean(PREF_PLUGIN_ENABLE,
-				DEFAULT_PREF_PLUGIN_ENABLE));
+		running = true;
 		updateConnectionStatus();
 	}

+	@Override
+	public void stop() {
+		running = false;
+		tryToClose(socket);
+	}
+
 	@Override
 	protected Socket createSocket() throws IOException {
 		return socketFactory.createSocket();
 	}

 	@Override
-	protected List<InetAddress> getUsableLocalInetAddresses(boolean ipv4) {
-		InetAddress addr = getWifiAddress(ipv4);
-		return addr == null ? emptyList() : singletonList(addr);
-	}
-
-	@Nullable
-	private InetAddress getWifiAddress(boolean ipv4) {
-		Pair<InetAddress, Boolean> wifi = getWifiIpv4Address();
-		if (ipv4) return wifi == null ? null : wifi.getFirst();
-		// If there's no wifi IPv4 address, we might be a client on an
-		// IPv6-only wifi network. We can only detect this on API 21+
-		if (wifi == null) {
-			return SDK_INT >= 21 ? getWifiClientIpv6Address() : null;
-		}
-		// Use the wifi IPv4 address to determine which interface's IPv6
-		// address we should return (if the interface has a suitable address)
-		return getIpv6AddressForInterface(wifi.getFirst());
-	}
-
-	/**
-	 * Returns a {@link Pair} where the first element is the IPv4 address of
-	 * the wifi interface and the second element is true if this device is
-	 * providing an access point, or false if this device is a client. Returns
-	 * null if this device isn't connected to wifi as an access point or client.
-	 */
-	@Nullable
-	private Pair<InetAddress, Boolean> getWifiIpv4Address() {
-		if (wifiManager == null) return null;
-		// If we're connected to a wifi network, return its address
+	protected Collection<InetAddress> getLocalIpAddresses() {
+		// If the device doesn't have wifi, don't open any sockets
+		if (wifiManager == null) return emptyList();
+		// If we're connected to a wifi network, use that network
 		WifiInfo info = wifiManager.getConnectionInfo();
-		if (info != null && info.getIpAddress() != 0) {
-			return new Pair<>(intToInetAddress(info.getIpAddress()), false);
-		}
-		List<InterfaceAddress> ifAddrs = getLocalInterfaceAddresses();
-		// If we're providing a normal access point, return its address
-		for (InterfaceAddress ifAddr : ifAddrs) {
-			if (isAndroidWifiApAddress(ifAddr)) {
-				return new Pair<>(ifAddr.getAddress(), true);
-			}
-		}
-		// If we're providing a wifi direct access point, return its address
-		for (InterfaceAddress ifAddr : ifAddrs) {
-			if (isAndroidWifiDirectApAddress(ifAddr)) {
-				return new Pair<>(ifAddr.getAddress(), true);
-			}
-		}
-		// Not connected to wifi
-		return null;
-	}
-
-	/**
-	 * Returns true if the given address belongs to a network provided by an
-	 * Android access point (including the access point's own address).
-	 * <p>
-	 * The access point's address is usually 192.168.43.1, but at least one
-	 * device (Honor 8A) may use other addresses in the range 192.168.43.0/24.
-	 */
-	private boolean isAndroidWifiApAddress(InterfaceAddress ifAddr) {
-		if (ifAddr.getNetworkPrefixLength() != 24) return false;
-		byte[] ip = ifAddr.getAddress().getAddress();
-		return ip.length == 4
-				&& ip[0] == (byte) 192
-				&& ip[1] == (byte) 168
-				&& ip[2] == (byte) 43;
-	}
-
-	/**
-	 * Returns true if the given address belongs to a network provided by an
-	 * Android wifi direct legacy mode access point (including the access
-	 * point's own address).
-	 */
-	private boolean isAndroidWifiDirectApAddress(InterfaceAddress ifAddr) {
-		if (ifAddr.getNetworkPrefixLength() != 24) return false;
-		byte[] ip = ifAddr.getAddress().getAddress();
-		return ip.length == 4
-				&& ip[0] == (byte) 192
-				&& ip[1] == (byte) 168
-				&& ip[2] == (byte) 49;
-	}
-
-	/**
-	 * Returns a link-local IPv6 address for the wifi client interface, or null
-	 * if there's no such interface or it doesn't have a suitable address.
-	 */
-	@TargetApi(21)
-	@Nullable
-	private InetAddress getWifiClientIpv6Address() {
-		for (Network net : connectivityManager.getAllNetworks()) {
-			NetworkCapabilities caps =
-					connectivityManager.getNetworkCapabilities(net);
-			if (caps == null || !caps.hasTransport(TRANSPORT_WIFI)) continue;
-			LinkProperties props = connectivityManager.getLinkProperties(net);
-			if (props == null) continue;
-			for (LinkAddress linkAddress : props.getLinkAddresses()) {
-				InetAddress addr = linkAddress.getAddress();
-				if (isIpv6LinkLocalAddress(addr)) return addr;
-			}
-		}
-		return null;
-	}
-
-	/**
-	 * Returns a link-local IPv6 address for the interface with the given IPv4
-	 * address, or null if the interface doesn't have a suitable address.
-	 */
-	@Nullable
-	private InetAddress getIpv6AddressForInterface(InetAddress ipv4) {
-		try {
-			NetworkInterface iface = NetworkInterface.getByInetAddress(ipv4);
-			if (iface == null) return null;
-			for (InetAddress addr : list(iface.getInetAddresses())) {
-				if (isIpv6LinkLocalAddress(addr)) return addr;
-			}
-			// No suitable address
-			return null;
-		} catch (SocketException e) {
-			logException(LOG, WARNING, e);
-			return null;
-		}
+		if (info != null && info.getIpAddress() != 0)
+			return singletonList(intToInetAddress(info.getIpAddress()));
+		// If we're running an access point, return its address
+		if (super.getLocalIpAddresses().contains(WIFI_AP_ADDRESS))
+			return singletonList(WIFI_AP_ADDRESS);
+		// No suitable addresses
+		return emptyList();
 	}

 	private InetAddress intToInetAddress(int ip) {
@@ -234,11 +128,9 @@ class AndroidLanTcpPlugin extends LanTcpPlugin {
 	private SocketFactory getSocketFactory() {
 		if (SDK_INT < 21) return SocketFactory.getDefault();
 		for (Network net : connectivityManager.getAllNetworks()) {
-			NetworkCapabilities caps =
-					connectivityManager.getNetworkCapabilities(net);
-			if (caps != null && caps.hasTransport(TRANSPORT_WIFI)) {
+			NetworkInfo info = connectivityManager.getNetworkInfo(net);
+			if (info != null && info.getType() == TYPE_WIFI)
 				return net.getSocketFactory();
-			}
 		}
 		LOG.warning("Could not find suitable socket factory");
 		return SocketFactory.getDefault();
@@ -246,59 +138,30 @@ class AndroidLanTcpPlugin extends LanTcpPlugin {

 	@Override
 	public void eventOccurred(Event e) {
-		super.eventOccurred(e);
 		if (e instanceof NetworkStatusEvent) updateConnectionStatus();
 	}

 	private void updateConnectionStatus() {
 		connectionStatusExecutor.execute(() -> {
-			State s = getState();
-			if (s != ACTIVE && s != INACTIVE) return;
-			Pair<InetAddress, Boolean> wifi = getPreferredWifiAddress();
-			if (wifi == null) {
-				LOG.info("Not connected to wifi");
-				socketFactory = SocketFactory.getDefault();
-				// Server sockets may not have been closed automatically when
-				// interface was taken down. If any sockets are open, closing
-				// them here will cause the sockets to be cleared and the state
-				// to be updated in acceptContactConnections()
-				if (s == ACTIVE) {
-					LOG.info("Closing server sockets");
-					tryToClose(state.getServerSocket(true), LOG, WARNING);
-					tryToClose(state.getServerSocket(false), LOG, WARNING);
-				}
-			} else if (wifi.getSecond()) {
+			if (!running) return;
+			Collection<InetAddress> addrs = getLocalIpAddresses();
+			if (addrs.contains(WIFI_AP_ADDRESS)) {
 				LOG.info("Providing wifi hotspot");
 				// There's no corresponding Network object and thus no way
 				// to get a suitable socket factory, so we won't be able to
 				// make outgoing connections on API 21+ if another network
 				// has internet access
 				socketFactory = SocketFactory.getDefault();
-				if (s == INACTIVE) bind();
+				if (socket == null || socket.isClosed()) bind();
+			} else if (addrs.isEmpty()) {
+				LOG.info("Not connected to wifi");
+				socketFactory = SocketFactory.getDefault();
+				tryToClose(socket);
 			} else {
 				LOG.info("Connected to wifi");
 				socketFactory = getSocketFactory();
-				if (s == INACTIVE) bind();
+				if (socket == null || socket.isClosed()) bind();
 			}
 		});
 	}
-
-	/**
-	 * Returns a {@link Pair} where the first element is an IP address (IPv4 if
-	 * available, otherwise IPv6) of the wifi interface and the second element
-	 * is true if this device is providing an access point, or false if this
-	 * device is a client. Returns null if this device isn't connected to wifi
-	 * as an access point or client.
-	 */
-	@Nullable
-	private Pair<InetAddress, Boolean> getPreferredWifiAddress() {
-		Pair<InetAddress, Boolean> wifi = getWifiIpv4Address();
-		// If there's no wifi IPv4 address, we might be a client on an
-		// IPv6-only wifi network. We can only detect this on API 21+
-		if (wifi == null && SDK_INT >= 21) {
-			InetAddress ipv6 = getWifiClientIpv6Address();
-			if (ipv6 != null) return new Pair<>(ipv6, false);
-		}
-		return wifi;
-	}
 }
--- a/bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPluginFactory.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPluginFactory.java
@@ -21,11 +21,10 @@ import static org.briarproject.bramble.api.plugin.LanTcpConstants.ID;
@NotNullByDefault
 public class AndroidLanTcpPluginFactory implements DuplexPluginFactory {

-	private static final int MAX_LATENCY = 30_000; // 30 seconds
-	private static final int MAX_IDLE_TIME = 30_000; // 30 seconds
-	private static final int CONNECTION_TIMEOUT = 3_000; // 3 seconds
-	private static final int MIN_POLLING_INTERVAL = 60_000; // 1 minute
-	private static final int MAX_POLLING_INTERVAL = 600_000; // 10 mins
+	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
+	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
+	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
+	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;

 	private final Executor ioExecutor;
@@ -56,8 +55,7 @@ public class AndroidLanTcpPluginFactory implements DuplexPluginFactory {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		AndroidLanTcpPlugin plugin = new AndroidLanTcpPlugin(ioExecutor,
-				appContext, backoff, callback, MAX_LATENCY, MAX_IDLE_TIME,
-				CONNECTION_TIMEOUT);
+				appContext, backoff, callback, MAX_LATENCY, MAX_IDLE_TIME);
 		eventBus.addListener(plugin);
 		return plugin;
 	}
--- a/bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/AndroidTorPlugin.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/AndroidTorPlugin.java
@@ -27,7 +27,6 @@ import static android.content.Context.MODE_PRIVATE;
 import static android.content.Context.POWER_SERVICE;
 import static android.os.PowerManager.PARTIAL_WAKE_LOCK;
 import static java.util.concurrent.TimeUnit.MINUTES;
-import static org.briarproject.bramble.util.AndroidUtils.getWakeLockTag;

@MethodsNotNullByDefault
@ParametersNotNullByDefault
@@ -54,7 +53,7 @@ class AndroidTorPlugin extends TorPlugin {
 				appContext.getSystemService(POWER_SERVICE);
 		if (pm == null) throw new AssertionError();
 		wakeLock = new RenewableWakeLock(pm, scheduler, PARTIAL_WAKE_LOCK,
-				getWakeLockTag(appContext), 1, MINUTES);
+				getWakeLockTag(), 1, MINUTES);
 	}

 	@Override
@@ -75,6 +74,7 @@ class AndroidTorPlugin extends TorPlugin {

 	@Override
 	protected void enableNetwork(boolean enable) throws IOException {
+		if (!running) return;
 		if (enable) wakeLock.acquire();
 		super.enableNetwork(enable);
 		if (!enable) wakeLock.release();
@@ -85,4 +85,17 @@ class AndroidTorPlugin extends TorPlugin {
 		super.stop();
 		wakeLock.release();
 	}
+
+	private String getWakeLockTag() {
+		PackageManager pm = appContext.getPackageManager();
+		for (PackageInfo info : pm.getInstalledPackages(0)) {
+			String name = info.packageName.toLowerCase();
+			if (name.startsWith("com.huawei.powergenie")) {
+				return "LocationManagerService";
+			} else if (name.startsWith("com.evenwell.powermonitor")) {
+				return "AudioIn";
+			}
+		}
+		return getClass().getSimpleName();
+	}
 }
--- a/bramble-android/src/main/java/org/briarproject/bramble/system/AndroidLocationUtils.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/system/AndroidLocationUtils.java
@@ -61,12 +61,12 @@ class AndroidLocationUtils implements LocationUtils {
 	private String getCountryFromPhoneNetwork() {
 		Object o = appContext.getSystemService(TELEPHONY_SERVICE);
 		TelephonyManager tm = (TelephonyManager) o;
-		return tm == null ? "" : tm.getNetworkCountryIso();
+		return tm.getNetworkCountryIso();
 	}

 	private String getCountryFromSimCard() {
 		Object o = appContext.getSystemService(TELEPHONY_SERVICE);
 		TelephonyManager tm = (TelephonyManager) o;
-		return tm == null ? "" : tm.getSimCountryIso();
+		return tm.getSimCountryIso();
 	}
 }
--- a/bramble-android/src/main/java/org/briarproject/bramble/util/AndroidUtils.java
+++ b/bramble-android/src/main/java/org/briarproject/bramble/util/AndroidUtils.java
@@ -3,8 +3,6 @@ package org.briarproject.bramble.util;
 import android.annotation.SuppressLint;
 import android.bluetooth.BluetoothAdapter;
 import android.content.Context;
-import android.content.pm.PackageInfo;
-import android.content.pm.PackageManager;
 import android.os.Build;
 import android.provider.Settings;

@@ -73,7 +71,7 @@ public class AndroidUtils {
 		return new Pair<>("", "");
 	}

-	public static boolean isValidBluetoothAddress(@Nullable String address) {
+	private static boolean isValidBluetoothAddress(@Nullable String address) {
 		return !StringUtils.isNullOrEmpty(address)
 				&& BluetoothAdapter.checkBluetoothAddress(address)
 				&& !address.equals(FAKE_BLUETOOTH_ADDRESS);
@@ -119,17 +117,4 @@ public class AndroidUtils {
 		if (SDK_INT < 24) return new String[] {"image/jpeg", "image/png"};
 		else return new String[] {"image/jpeg", "image/png", "image/gif"};
 	}
-
-	public static String getWakeLockTag(Context ctx) {
-		PackageManager pm = ctx.getPackageManager();
-		for (PackageInfo info : pm.getInstalledPackages(0)) {
-			String name = info.packageName.toLowerCase();
-			if (name.startsWith("com.huawei.powergenie")) {
-				return "LocationManagerService";
-			} else if (name.startsWith("com.evenwell.powermonitor")) {
-				return "AudioIn";
-			}
-		}
-		return ctx.getPackageName();
-	}
 }
--- a/bramble-android/src/test/java/org/briarproject/bramble/account/AndroidAccountManagerTest.java
+++ b/bramble-android/src/test/java/org/briarproject/bramble/account/AndroidAccountManagerTest.java
@@ -7,7 +7,6 @@ import android.content.pm.ApplicationInfo;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
 import org.briarproject.bramble.api.db.DatabaseConfig;
 import org.briarproject.bramble.api.identity.IdentityManager;
-import org.briarproject.bramble.api.logging.PersistentLogManager;
 import org.briarproject.bramble.test.BrambleMockTestCase;
 import org.jmock.Expectations;
 import org.jmock.lib.legacy.ClassImposteriser;
@@ -16,9 +15,7 @@ import org.junit.Before;
 import org.junit.Test;

 import java.io.File;
-import java.util.logging.Logger;

-import static android.content.Context.MODE_PRIVATE;
 import static junit.framework.Assert.assertFalse;
 import static junit.framework.Assert.assertTrue;
 import static org.briarproject.bramble.test.TestUtils.deleteTestDirectory;
@@ -30,8 +27,6 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 			context.mock(SharedPreferences.class, "prefs");
 	private final SharedPreferences defaultPrefs =
 			context.mock(SharedPreferences.class, "defaultPrefs");
-	private final PersistentLogManager logManager =
-			context.mock(PersistentLogManager.class);
 	private final DatabaseConfig databaseConfig =
 			context.mock(DatabaseConfig.class);
 	private final CryptoComponent crypto = context.mock(CryptoComponent.class);
@@ -45,7 +40,6 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 	private final File testDir = getTestDirectory();
 	private final File keyDir = new File(testDir, "key");
 	private final File dbDir = new File(testDir, "db");
-	private final File logDir = new File(testDir, "log");

 	private AndroidAccountManager accountManager;

@@ -67,7 +61,7 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 			will(returnValue(app));
 		}});
 		accountManager = new AndroidAccountManager(databaseConfig, crypto,
-				identityManager, prefs, logManager, app) {
+				identityManager, prefs, app) {
 			@Override
 			SharedPreferences getDefaultSharedPreferences() {
 				return defaultPrefs;
@@ -78,9 +72,7 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 	@Test
 	public void testDeleteAccountClearsSharedPrefsAndDeletesFiles()
 			throws Exception {
-		// Directories 'code_cache', 'lib' and 'shared_prefs' should be spared
-		File codeCacheDir = new File(testDir, "code_cache");
-		File codeCacheFile = new File(codeCacheDir, "file");
+		// Directories 'lib' and 'shared_prefs' should be spared
 		File libDir = new File(testDir, "lib");
 		File libFile = new File(libDir, "file");
 		File sharedPrefsDir = new File(testDir, "shared_prefs");
@@ -115,17 +107,10 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 			will(returnValue(cacheDir));
 			oneOf(app).getExternalCacheDir();
 			will(returnValue(externalCacheDir));
-			oneOf(app).getDir("log", MODE_PRIVATE);
-			will(returnValue(logDir));
-			oneOf(logManager).addLogHandler(with(logDir),
-					with(any(Logger.class)));
 		}});

 		assertTrue(dbDir.mkdirs());
 		assertTrue(keyDir.mkdirs());
-		assertTrue(logDir.mkdirs());
-		assertTrue(codeCacheDir.mkdirs());
-		assertTrue(codeCacheFile.createNewFile());
 		assertTrue(libDir.mkdirs());
 		assertTrue(libFile.createNewFile());
 		assertTrue(sharedPrefsDir.mkdirs());
@@ -141,9 +126,6 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {

 		assertFalse(dbDir.exists());
 		assertFalse(keyDir.exists());
-		assertFalse(logDir.exists());
-		assertTrue(codeCacheDir.exists());
-		assertTrue(codeCacheFile.exists());
 		assertTrue(libDir.exists());
 		assertTrue(libFile.exists());
 		assertTrue(sharedPrefsDir.exists());
--- a/bramble-android/witness.gradle
+++ b/bramble-android/witness.gradle
@@ -70,7 +70,7 @@ dependencyVerification {
        'org.bouncycastle:bcpkix-jdk15on:1.56:bcpkix-jdk15on-1.56.jar:7043dee4e9e7175e93e0b36f45b1ec1ecb893c5f755667e8b916eb8dd201c6ca',
        'org.bouncycastle:bcprov-jdk15on:1.56:bcprov-jdk15on-1.56.jar:963e1ee14f808ffb99897d848ddcdb28fa91ddda867eb18d303e82728f878349',
        'org.briarproject:obfs4proxy-android:0.0.11-2:obfs4proxy-android-0.0.11-2.zip:57e55cbe87aa2aac210fdbb6cd8cdeafe15f825406a08ebf77a8b787aa2c6a8a',
-        'org.briarproject:tor-android:0.3.5.10:tor-android-0.3.5.10.zip:edd83bf557fcff2105eaa0bdb3f607a6852ebe7360920929ae3039dd5f4774c5',
+        'org.briarproject:tor-android:0.3.5.9:tor-android-0.3.5.9.zip:853b0440feccd6904bd03e6b2de53a62ebcde1d58068beeadc447a7dff950bc8',
        'org.checkerframework:checker-compat-qual:2.5.3:checker-compat-qual-2.5.3.jar:d76b9afea61c7c082908023f0cbc1427fab9abd2df915c8b8a3e7a509bccbc6d',
        'org.checkerframework:checker-qual:2.5.2:checker-qual-2.5.2.jar:64b02691c8b9d4e7700f8ee2e742dce7ea2c6e81e662b7522c9ee3bf568c040a',
        'org.codehaus.groovy:groovy-all:2.4.15:groovy-all-2.4.15.jar:51d6c4e71782e85674239189499854359d380fb75e1a703756e3aaa5b98a5af0',
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/StringMap.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/StringMap.java
@@ -1,16 +1,8 @@
 package org.briarproject.bramble.api;

-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
 import java.util.Hashtable;
 import java.util.Map;

-import javax.annotation.Nullable;
-
-import static org.briarproject.bramble.util.StringUtils.fromHexString;
-import static org.briarproject.bramble.util.StringUtils.toHexString;
-
-@NotNullByDefault
 public abstract class StringMap extends Hashtable<String, String> {

 	protected StringMap(Map<String, String> m) {
@@ -60,19 +52,4 @@ public abstract class StringMap extends Hashtable<String, String> {
 	public void putLong(String key, long value) {
 		put(key, String.valueOf(value));
 	}
-
-	@Nullable
-	public byte[] getBytes(String key) {
-		String s = get(key);
-		if (s == null) return null;
-		try {
-			return fromHexString(s);
-		} catch (IllegalArgumentException e) {
-			return null;
-		}
-	}
-
-	public void putBytes(String key, byte[] value) {
-		put(key, toHexString(value));
-	}
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/account/AccountManager.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/account/AccountManager.java
@@ -1,6 +1,5 @@
 package org.briarproject.bramble.api.account;

-import org.briarproject.bramble.api.crypto.DecryptionException;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.identity.IdentityManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
@@ -14,8 +13,7 @@ public interface AccountManager {
 	 * Returns true if the manager has the database key. This will be false
 	 * before {@link #createAccount(String, String)} or {@link #signIn(String)}
 	 * has been called, and true after {@link #createAccount(String, String)}
-	 * or {@link #signIn(String)} has returned true, until
-	 * {@link #deleteAccount()} is called or the process exits.
+	 * or {@link #signIn(String)} has returned true, until the process exits.
 	 */
 	boolean hasDatabaseKey();

@@ -24,22 +22,25 @@ public interface AccountManager {
 	 * before {@link #createAccount(String, String)} or {@link #signIn(String)}
 	 * has been called, and non-null after
 	 * {@link #createAccount(String, String)} or {@link #signIn(String)} has
-	 * returned true, until {@link #deleteAccount()} is called or the process
-	 * exits.
+	 * returned true, until the process exits.
 	 */
 	@Nullable
 	SecretKey getDatabaseKey();

 	/**
-	 * Returns true if the encrypted database key can be loaded from disk.
+	 * Returns true if the encrypted database key can be loaded from disk, and
+	 * the database directory exists and is a directory.
 	 */
 	boolean accountExists();

 	/**
 	 * Creates an identity with the given name and registers it with the
 	 * {@link IdentityManager}. Creates a database key, encrypts it with the
-	 * given password and stores it on disk. {@link #accountExists()} will
-	 * return true after this method returns true.
+	 * given password and stores it on disk.
+	 * <p/>
+	 * This method does not create the database directory, so
+	 * {@link #accountExists()} will continue to return false until the
+	 * database directory is created.
 	 */
 	boolean createAccount(String name, String password);

@@ -53,19 +54,17 @@ public interface AccountManager {
 	 * Loads the encrypted database key from disk and decrypts it with the
 	 * given password.
 	 *
-	 * @throws DecryptionException If the database key could not be loaded and
-	 * decrypted.
+	 * @return true if the database key was successfully loaded and decrypted.
 	 */
-	void signIn(String password) throws DecryptionException;
+	boolean signIn(String password);

 	/**
 	 * Loads the encrypted database key from disk, decrypts it with the old
 	 * password, encrypts it with the new password, and stores it on disk,
 	 * replacing the old key.
 	 *
-	 * @throws DecryptionException If the database key could not be loaded and
-	 * decrypted.
+	 * @return true if the database key was successfully loaded, re-encrypted
+	 * and stored.
 	 */
-	void changePassword(String oldPassword, String newPassword)
-			throws DecryptionException;
+	boolean changePassword(String oldPassword, String newPassword);
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/connection/ConnectionRegistry.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/connection/ConnectionRegistry.java
@@ -1,130 +0,0 @@
-package org.briarproject.bramble.api.connection;
-
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.PluginConfig;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
-import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
-import org.briarproject.bramble.api.sync.Priority;
-
-import java.util.Collection;
-
-/**
- * Keeps track of which contacts are currently connected by which transports.
- */
-@NotNullByDefault
-public interface ConnectionRegistry {
-
-	/**
-	 * Registers an incoming connection from the given contact over the given
-	 * transport. The connection's {@link Priority priority} can be set later
-	 * via {@link #setPriority(ContactId, TransportId, InterruptibleConnection,
-	 * Priority)} if a priority record is received from the contact.
-	 * <p>
-	 * Broadcasts {@link ConnectionOpenedEvent}. Also broadcasts
-	 * {@link ContactConnectedEvent} if this is the only connection with the
-	 * contact.
-	 */
-	void registerIncomingConnection(ContactId c, TransportId t,
-			InterruptibleConnection conn);
-
-	/**
-	 * Registers an outgoing connection to the given contact over the given
-	 * transport.
-	 * <p>
-	 * Broadcasts {@link ConnectionOpenedEvent}. Also broadcasts
-	 * {@link ContactConnectedEvent} if this is the only connection with the
-	 * contact.
-	 * <p>
-	 * If the registry has any "better" connections with the given contact, the
-	 * given connection will be interrupted. If the registry has any "worse"
-	 * connections with the given contact, those connections will be
-	 * interrupted.
-	 * <p>
-	 * Connection A is considered "better" than connection B if both
-	 * connections have had their priorities set, and either A's transport is
-	 * {@link PluginConfig#getTransportPreferences() preferred} to B's, or
-	 * they use the same transport and A has higher {@link Priority priority}
-	 * than B.
-	 * <p>
-	 * For backward compatibility, connections without priorities are not
-	 * considered better or worse than other connections.
-	 */
-	void registerOutgoingConnection(ContactId c, TransportId t,
-			InterruptibleConnection conn, Priority priority);
-
-	/**
-	 * Unregisters a connection with the given contact over the given transport.
-	 * <p>
-	 * Broadcasts {@link ConnectionClosedEvent}. Also broadcasts
-	 * {@link ContactDisconnectedEvent} if this is the only connection with
-	 * the contact.
-	 */
-	void unregisterConnection(ContactId c, TransportId t,
-			InterruptibleConnection conn, boolean incoming, boolean exception);
-
-	/**
-	 * Sets the {@link Priority priority} of a connection that was previously
-	 * registered via {@link #registerIncomingConnection(ContactId, TransportId,
-	 * InterruptibleConnection)}.
-	 * <p>
-	 * If the registry has any "better" connections with the given contact, the
-	 * given connection will be interrupted. If the registry has any "worse"
-	 * connections with the given contact, those connections will be
-	 * interrupted.
-	 * <p>
-	 * Connection A is considered "better" than connection B if both
-	 * connections have had their priorities set, and either A's transport is
-	 * {@link PluginConfig#getTransportPreferences() preferred} to B's, or
-	 * they use the same transport and A has higher {@link Priority priority}
-	 * than B.
-	 * <p>
-	 * For backward compatibility, connections without priorities are not
-	 * considered better or worse than other connections.
-	 */
-	void setPriority(ContactId c, TransportId t, InterruptibleConnection conn,
-			Priority priority);
-
-	/**
-	 * Returns any contacts that are connected via the given transport.
-	 */
-	Collection<ContactId> getConnectedContacts(TransportId t);
-
-	/**
-	 * Returns any contacts that are connected via the given transport or any
-	 * {@link PluginConfig#getTransportPreferences() better} transport.
-	 */
-	Collection<ContactId> getConnectedOrBetterContacts(TransportId t);
-
-	/**
-	 * Returns true if the given contact is connected via the given transport.
-	 */
-	boolean isConnected(ContactId c, TransportId t);
-
-	/**
-	 * Returns true if the given contact is connected via any transport.
-	 */
-	boolean isConnected(ContactId c);
-
-	/**
-	 * Registers a connection with the given pending contact. Broadcasts
-	 * {@link RendezvousConnectionOpenedEvent} if this is the only connection
-	 * with the pending contact.
-	 *
-	 * @return True if this is the only connection with the pending contact,
-	 * false if it is redundant and should be closed
-	 */
-	boolean registerConnection(PendingContactId p);
-
-	/**
-	 * Unregisters a connection with the given pending contact. Broadcasts
-	 * {@link RendezvousConnectionClosedEvent}.
-	 */
-	void unregisterConnection(PendingContactId p, boolean success);
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/connection/InterruptibleConnection.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/connection/InterruptibleConnection.java
@@ -1,19 +0,0 @@
-package org.briarproject.bramble.api.connection;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-/**
- * A duplex sync connection that can be closed by interrupting its outgoing
- * sync session.
- */
-@NotNullByDefault
-public interface InterruptibleConnection {
-
-	/**
-	 * Interrupts the connection's outgoing sync session. If the underlying
-	 * transport connection is alive and the remote peer is cooperative, this
-	 * should result in both sync sessions ending and the connection being
-	 * cleanly closed.
-	 */
-	void interruptOutgoingSession();
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java
@@ -142,17 +142,16 @@ public interface CryptoComponent {
 	/**
 	 * Decrypts and authenticates the given ciphertext that has been read from
 	 * storage. The encryption and authentication keys are derived from the
-	 * given password.
+	 * given password. Returns null if the ciphertext cannot be decrypted and
+	 * authenticated (for example, if the password is wrong).
 	 *
 	 * @param keyStrengthener Used to strengthen the password-based key. If
 	 * null, or if strengthening was not used when encrypting the ciphertext,
 	 * the password-based key will not be strengthened
-	 * @throws DecryptionException If the ciphertext cannot be decrypted and
-	 * authenticated (for example, if the password is wrong).
 	 */
+	@Nullable
 	byte[] decryptWithPassword(byte[] ciphertext, String password,
-			@Nullable KeyStrengthener keyStrengthener)
-			throws DecryptionException;
+			@Nullable KeyStrengthener keyStrengthener);

 	/**
 	 * Returns true if the given ciphertext was encrypted using a strengthened
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/DecryptionException.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/DecryptionException.java
@@ -1,17 +0,0 @@
-package org.briarproject.bramble.api.crypto;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-@NotNullByDefault
-public class DecryptionException extends Exception {
-
-	private final DecryptionResult result;
-
-	public DecryptionException(DecryptionResult result) {
-		this.result = result;
-	}
-
-	public DecryptionResult getDecryptionResult() {
-		return result;
-	}
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/DecryptionResult.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/DecryptionResult.java
@@ -1,29 +0,0 @@
-package org.briarproject.bramble.api.crypto;
-
-/**
- * The result of a password-based decryption operation.
- */
-public enum DecryptionResult {
-
-	/**
-	 * Decryption succeeded.
-	 */
-	SUCCESS,
-
-	/**
-	 * Decryption failed because the format of the ciphertext was invalid.
-	 */
-	INVALID_CIPHERTEXT,
-
-	/**
-	 * Decryption failed because the {@link KeyStrengthener} used for
-	 * encryption was not available for decryption.
-	 */
-	KEY_STRENGTHENER_ERROR,
-
-	/**
-	 * Decryption failed because the password used for decryption did not match
-	 * the password used for encryption.
-	 */
-	INVALID_PASSWORD
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/StreamDecrypterFactory.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/StreamDecrypterFactory.java
@@ -19,10 +19,4 @@ public interface StreamDecrypterFactory {
 	 */
 	StreamDecrypter createContactExchangeStreamDecrypter(InputStream in,
 			SecretKey headerKey);
-
-	/**
-	 * Creates a {@link StreamDecrypter} for decrypting a log stream.
-	 */
-	StreamDecrypter createLogStreamDecrypter(InputStream in,
-			SecretKey headerKey);
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/StreamEncrypterFactory.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/crypto/StreamEncrypterFactory.java
@@ -17,12 +17,6 @@ public interface StreamEncrypterFactory {
 	 * Creates a {@link StreamEncrypter} for encrypting a contact exchange
 	 * stream.
 	 */
-	StreamEncrypter createContactExchangeStreamEncrypter(OutputStream out,
-			SecretKey headerKey);
-
-	/**
-	 * Creates a {@link StreamEncrypter} for encrypting a log stream.
-	 */
-	StreamEncrypter createLogStreamEncrypter(OutputStream out,
+	StreamEncrypter createContactExchangeStreamDecrypter(OutputStream out,
 			SecretKey headerKey);
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/event/EventBus.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/event/EventBus.java
@@ -18,8 +18,6 @@ public interface EventBus {
 	/**
 	 * Asynchronously notifies all listeners of an event. Listeners are
 	 * notified on the {@link EventExecutor}.
-	 * <p>
-	 * This method can safely be called while holding a lock.
 	 */
 	void broadcast(Event e);
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/io/TimeoutMonitor.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/io/TimeoutMonitor.java
@@ -1,15 +0,0 @@
-package org.briarproject.bramble.api.io;
-
-import java.io.InputStream;
-
-public interface TimeoutMonitor {
-
-	/**
-	 * Returns an {@link InputStream} that wraps the given stream and allows
-	 * read timeouts to be detected.
-	 *
-	 * @param timeoutMs The read timeout in milliseconds. Timeouts will be
-	 * detected eventually but are not guaranteed to be detected immediately.
-	 */
-	InputStream createTimeoutInputStream(InputStream in, long timeoutMs);
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/logging/PersistentLogManager.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/logging/PersistentLogManager.java
@@ -1,46 +0,0 @@
-package org.briarproject.bramble.api.logging;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.settings.Settings;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.Scanner;
-import java.util.logging.Handler;
-import java.util.logging.Logger;
-
-@NotNullByDefault
-public interface PersistentLogManager {
-
-	/**
-	 * The namespace of the (@link Settings) where the log key is stored.
-	 */
-	String LOG_SETTINGS_NAMESPACE = "log";
-
-	/**
-	 * The {@link Settings} key under which the log key is stored.
-	 */
-	String LOG_KEY_KEY = "logKey";
-
-	/**
-	 * Creates and returns a persistent log handler that stores its logs in
-	 * the given directory.
-	 */
-	Handler createLogHandler(File dir) throws IOException;
-
-	/**
-	 * Creates a persistent log handler that stores its logs in the given
-	 * directory and adds the handler to the given logger, replacing any
-	 * existing persistent log handler.
-	 */
-	void addLogHandler(File dir, Logger logger) throws IOException;
-
-	/**
-	 * Returns a {@link Scanner} for reading the persistent log entries stored
-	 * in the given directory.
-	 *
-	 * @param old True if the previous session's log should be loaded, or false
-	 * if the current session's log should be loaded
-	 */
-	Scanner getPersistedLog(File dir, boolean old) throws IOException;
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/BluetoothConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/BluetoothConstants.java
@@ -6,10 +6,8 @@ public interface BluetoothConstants {

 	int UUID_BYTES = 16;

-	// Transport properties
 	String PROP_ADDRESS = "address";
 	String PROP_UUID = "uuid";

-	// Default value for PREF_PLUGIN_ENABLE
-	boolean DEFAULT_PREF_PLUGIN_ENABLE = false;
+	String PREF_BT_ENABLE = "enable";
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/connection/ConnectionManager.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/connection/ConnectionManager.java
@@ -1,11 +1,8 @@
-package org.briarproject.bramble.api.connection;
+package org.briarproject.bramble.api.plugin;

 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;

@NotNullByDefault
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/ConnectionRegistry.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/ConnectionRegistry.java
@@ -0,0 +1,67 @@
+package org.briarproject.bramble.api.plugin;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
+import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
+
+import java.util.Collection;
+
+/**
+ * Keeps track of which contacts are currently connected by which transports.
+ */
+@NotNullByDefault
+public interface ConnectionRegistry {
+
+	/**
+	 * Registers a connection with the given contact over the given transport.
+	 * Broadcasts {@link ConnectionOpenedEvent}. Also broadcasts
+	 * {@link ContactConnectedEvent} if this is the only connection with the
+	 * contact.
+	 */
+	void registerConnection(ContactId c, TransportId t, boolean incoming);
+
+	/**
+	 * Unregisters a connection with the given contact over the given transport.
+	 * Broadcasts {@link ConnectionClosedEvent}. Also broadcasts
+	 * {@link ContactDisconnectedEvent} if this is the only connection with
+	 * the contact.
+	 */
+	void unregisterConnection(ContactId c, TransportId t, boolean incoming);
+
+	/**
+	 * Returns any contacts that are connected via the given transport.
+	 */
+	Collection<ContactId> getConnectedContacts(TransportId t);
+
+	/**
+	 * Returns true if the given contact is connected via the given transport.
+	 */
+	boolean isConnected(ContactId c, TransportId t);
+
+	/**
+	 * Returns true if the given contact is connected via any transport.
+	 */
+	boolean isConnected(ContactId c);
+
+	/**
+	 * Registers a connection with the given pending contact. Broadcasts
+	 * {@link RendezvousConnectionOpenedEvent} if this is the only connection
+	 * with the pending contact.
+	 *
+	 * @return True if this is the only connection with the pending contact,
+	 * false if it is redundant and should be closed
+	 */
+	boolean registerConnection(PendingContactId p);
+
+	/**
+	 * Unregisters a connection with the given pending contact. Broadcasts
+	 * {@link RendezvousConnectionClosedEvent}.
+	 */
+	void unregisterConnection(PendingContactId p, boolean success);
+}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/LanTcpConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/LanTcpConstants.java
@@ -4,15 +4,10 @@ public interface LanTcpConstants {

 	TransportId ID = new TransportId("org.briarproject.bramble.lan");

-	// Transport properties (shared with contacts)
+	// a transport property (shared with contacts)
 	String PROP_IP_PORTS = "ipPorts";
-	String PROP_PORT = "port";
-	String PROP_IPV6 = "ipv6";

-	// Local settings (not shared with contacts)
+	// a local setting
 	String PREF_LAN_IP_PORTS = "ipPorts";
-	String PREF_IPV6 = "ipv6";

-	// Default value for PREF_PLUGIN_ENABLE
-	boolean DEFAULT_PREF_PLUGIN_ENABLE = true;
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/Plugin.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/Plugin.java
@@ -3,55 +3,12 @@ package org.briarproject.bramble.api.plugin;
 import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.properties.TransportProperties;
-import org.briarproject.bramble.api.settings.SettingsManager;

 import java.util.Collection;

@NotNullByDefault
 public interface Plugin {

-	enum State {
-
-		/**
-		 * The plugin has not finished starting or has been stopped.
-		 */
-		STARTING_STOPPING,
-
-		/**
-		 * The plugin is disabled by settings. Use {@link #getReasonsDisabled()}
-		 * to find out which settings are responsible.
-		 */
-		DISABLED,
-
-		/**
-		 * The plugin is being enabled and can't yet make or receive
-		 * connections.
-		 */
-		ENABLING,
-
-		/**
-		 * The plugin is enabled and can make or receive connections.
-		 */
-		ACTIVE,
-
-		/**
-		 * The plugin is enabled but can't make or receive connections
-		 */
-		INACTIVE
-	}
-
-	/**
-	 * The string for the boolean preference
-	 * to use with the {@link SettingsManager} to enable or disable the plugin.
-	 */
-	String PREF_PLUGIN_ENABLE = "enable";
-
-	/**
-	 * Reason flag returned by {@link #getReasonsDisabled()} to indicate that
-	 * the plugin has been disabled by the user.
-	 */
-	int REASON_USER = 1;
-
 	/**
 	 * Returns the plugin's transport identifier.
 	 */
@@ -78,18 +35,9 @@ public interface Plugin {
 	void stop() throws PluginException;

 	/**
-	 * Returns the current state of the plugin.
+	 * Returns true if the plugin is running.
 	 */
-	State getState();
-
-	/**
-	 * Returns a set of flags indicating why the plugin is
-	 * {@link State#DISABLED disabled}, or 0 if the plugin is not disabled.
-	 * <p>
-	 * The flags used are plugin-specific, except the generic flag
-	 * {@link #REASON_USER}, which may be used by any plugin.
-	 */
-	int getReasonsDisabled();
+	boolean isRunning();

 	/**
 	 * Returns true if the plugin should be polled periodically to attempt to
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginCallback.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginCallback.java
@@ -1,10 +1,6 @@
 package org.briarproject.bramble.api.plugin;

 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.Plugin.State;
-import org.briarproject.bramble.api.plugin.event.TransportActiveEvent;
-import org.briarproject.bramble.api.plugin.event.TransportInactiveEvent;
-import org.briarproject.bramble.api.plugin.event.TransportStateEvent;
 import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.settings.Settings;

@@ -36,17 +32,12 @@ public interface PluginCallback extends ConnectionHandler {
 	void mergeLocalProperties(TransportProperties p);

 	/**
-	 * Informs the callback of the plugin's current state.
-	 * <p>
-	 * If the current state is different from the previous state, the callback
-	 * will broadcast a {@link TransportStateEvent}. If the current state is
-	 * {@link State#ACTIVE} and the previous state was not
-	 * {@link State#ACTIVE}, the callback will broadcast a
-	 * {@link TransportActiveEvent}. If the current state is not
-	 * {@link State#ACTIVE} and the previous state was {@link State#ACTIVE},
-	 * the callback will broadcast a {@link TransportInactiveEvent}.
-	 * <p>
-	 * This method can safely be called while holding a lock.
+	 * Signals that the transport is enabled.
 	 */
-	void pluginStateChanged(State state);
+	void transportEnabled();
+
+	/**
+	 * Signals that the transport is disabled.
+	 */
+	void transportDisabled();
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginConfig.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginConfig.java
@@ -5,8 +5,6 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
 import org.briarproject.bramble.api.plugin.simplex.SimplexPluginFactory;

 import java.util.Collection;
-import java.util.List;
-import java.util.Map;

@NotNullByDefault
 public interface PluginConfig {
@@ -16,11 +14,4 @@ public interface PluginConfig {
 	Collection<SimplexPluginFactory> getSimplexFactories();

 	boolean shouldPoll();
-
-	/**
-	 * Returns a map representing transport preferences. For each entry in the
-	 * map, connections via the transports identified by the value are
-	 * preferred to connections via the transport identified by the key.
-	 */
-	Map<TransportId, List<TransportId>> getTransportPreferences();
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginManager.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginManager.java
@@ -41,17 +41,4 @@ public interface PluginManager {
 	 * Returns any duplex plugins that support rendezvous.
 	 */
 	Collection<DuplexPlugin> getRendezvousPlugins();
-
-	/**
-	 * Enables or disables the plugin
-	 * identified by the given {@link TransportId}.
-	 * <p>
-	 * Note that this applies the change asynchronously
-	 * and there are no order guarantees.
-	 * <p>
-	 * If no plugin with the given {@link TransportId} is registered,
-	 * this is a no-op.
-	 */
-	void setPluginEnabled(TransportId t, boolean enabled);
-
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/TorConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/TorConstants.java
@@ -4,7 +4,6 @@ public interface TorConstants {

 	TransportId ID = new TransportId("org.briarproject.bramble.tor");

-	// Transport properties
 	String PROP_ONION_V2 = "onion";
 	String PROP_ONION_V3 = "onion3";

@@ -14,37 +13,14 @@ public interface TorConstants {
 	int CONNECT_TO_PROXY_TIMEOUT = 5000; // Milliseconds
 	int EXTRA_SOCKET_TIMEOUT = 30000; // Milliseconds

-	// Local settings (not shared with contacts)
 	String PREF_TOR_NETWORK = "network2";
 	String PREF_TOR_PORT = "port";
 	String PREF_TOR_MOBILE = "useMobileData";
 	String PREF_TOR_ONLY_WHEN_CHARGING = "onlyWhenCharging";

-	// Values for PREF_TOR_NETWORK
 	int PREF_TOR_NETWORK_AUTOMATIC = 0;
 	int PREF_TOR_NETWORK_WITHOUT_BRIDGES = 1;
 	int PREF_TOR_NETWORK_WITH_BRIDGES = 2;
-	// TODO: Remove when settings migration code is removed
 	int PREF_TOR_NETWORK_NEVER = 3;

-	// Default values for local settings
-	boolean DEFAULT_PREF_PLUGIN_ENABLE = true;
-	int DEFAULT_PREF_TOR_NETWORK = PREF_TOR_NETWORK_AUTOMATIC;
-	boolean DEFAULT_PREF_TOR_MOBILE = true;
-	boolean DEFAULT_PREF_TOR_ONLY_WHEN_CHARGING = false;
-
-	/**
-	 * Reason flag returned by {@link Plugin#getReasonsDisabled()}.
-	 */
-	int REASON_BATTERY = 2;
-
-	/**
-	 * Reason flag returned by {@link Plugin#getReasonsDisabled()}.
-	 */
-	int REASON_MOBILE_DATA = 4;
-
-	/**
-	 * Reason flag returned by {@link Plugin#getReasonsDisabled()}.
-	 */
-	int REASON_COUNTRY_BLOCKED = 8;
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/WanTcpConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/WanTcpConstants.java
@@ -4,7 +4,4 @@ public interface WanTcpConstants {

 	TransportId ID = new TransportId("org.briarproject.bramble.wan");

-	// Default value for PREF_PLUGIN_ENABLE
-	boolean DEFAULT_PREF_PLUGIN_ENABLE = false;
 }
-
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/AbstractDuplexTransportConnection.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/AbstractDuplexTransportConnection.java
@@ -4,7 +4,6 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;
 import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.properties.TransportProperties;

 import java.io.IOException;
 import java.io.InputStream;
@@ -15,8 +14,6 @@ import java.util.concurrent.atomic.AtomicBoolean;
 public abstract class AbstractDuplexTransportConnection
 		implements DuplexTransportConnection {

-	protected final TransportProperties remote = new TransportProperties();
-
 	private final Plugin plugin;
 	private final Reader reader;
 	private final Writer writer;
@@ -47,11 +44,6 @@ public abstract class AbstractDuplexTransportConnection
 		return writer;
 	}

-	@Override
-	public TransportProperties getRemoteProperties() {
-		return remote;
-	}
-
 	private class Reader implements TransportConnectionReader {

 		@Override
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexTransportConnection.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexTransportConnection.java
@@ -3,7 +3,6 @@ package org.briarproject.bramble.api.plugin.duplex;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;
 import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.properties.TransportProperties;

 /**
 * An interface for reading and writing data over a duplex transport. The
@@ -24,10 +23,4 @@ public interface DuplexTransportConnection {
 	 * for writing to the connection.
 	 */
 	TransportConnectionWriter getWriter();
-
-	/**
-	 * Returns a possibly empty set of {@link TransportProperties} describing
-	 * the remote peer.
-	 */
-	TransportProperties getRemoteProperties();
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/ConnectionClosedEvent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/ConnectionClosedEvent.java
@@ -13,14 +13,13 @@ public class ConnectionClosedEvent extends Event {

 	private final ContactId contactId;
 	private final TransportId transportId;
-	private final boolean incoming, exception;
+	private final boolean incoming;

 	public ConnectionClosedEvent(ContactId contactId, TransportId transportId,
-			boolean incoming, boolean exception) {
+			boolean incoming) {
 		this.contactId = contactId;
 		this.transportId = transportId;
 		this.incoming = incoming;
-		this.exception = exception;
 	}

 	public ContactId getContactId() {
@@ -34,8 +33,4 @@ public class ConnectionClosedEvent extends Event {
 	public boolean isIncoming() {
 		return incoming;
 	}
-
-	public boolean isException() {
-		return exception;
-	}
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/TransportDisabledEvent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/TransportDisabledEvent.java
@@ -2,22 +2,20 @@ package org.briarproject.bramble.api.plugin.event;

 import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.Plugin.State;
 import org.briarproject.bramble.api.plugin.TransportId;

 import javax.annotation.concurrent.Immutable;

 /**
- * An event that is broadcast when a plugin enters the {@link State#ACTIVE}
- * state.
+ * An event that is broadcast when a transport is disabled.
 */
@Immutable
@NotNullByDefault
-public class TransportActiveEvent extends Event {
+public class TransportDisabledEvent extends Event {

 	private final TransportId transportId;

-	public TransportActiveEvent(TransportId transportId) {
+	public TransportDisabledEvent(TransportId transportId) {
 		this.transportId = transportId;
 	}

--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/TransportInactiveEvent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/TransportInactiveEvent.java
@@ -2,22 +2,20 @@ package org.briarproject.bramble.api.plugin.event;

 import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.Plugin.State;
 import org.briarproject.bramble.api.plugin.TransportId;

 import javax.annotation.concurrent.Immutable;

 /**
- * An event that is broadcast when a plugin leaves the {@link State#ACTIVE}
- * state.
+ * An event that is broadcast when a transport is enabled.
 */
@Immutable
@NotNullByDefault
-public class TransportInactiveEvent extends Event {
+public class TransportEnabledEvent extends Event {

 	private final TransportId transportId;

-	public TransportInactiveEvent(TransportId transportId) {
+	public TransportEnabledEvent(TransportId transportId) {
 		this.transportId = transportId;
 	}

--- a/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/TransportStateEvent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/TransportStateEvent.java
@@ -1,32 +0,0 @@
-package org.briarproject.bramble.api.plugin.event;
-
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.Plugin.State;
-import org.briarproject.bramble.api.plugin.TransportId;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that is broadcast when the {@link State state} of a plugin changes.
- */
-@Immutable
-@NotNullByDefault
-public class TransportStateEvent extends Event {
-
-	private final TransportId transportId;
-	private final State state;
-
-	public TransportStateEvent(TransportId transportId, State state) {
-		this.transportId = transportId;
-		this.state = state;
-	}
-
-	public TransportId getTransportId() {
-		return transportId;
-	}
-
-	public State getState() {
-		return state;
-	}
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyConstants.java
@@ -11,28 +11,4 @@ public interface TransportPropertyConstants {
 	 * The maximum length of a property's key or value in UTF-8 bytes.
 	 */
 	int MAX_PROPERTY_LENGTH = 100;
-
-	/**
-	 * Message metadata key for the transport ID of a local or remote update,
-	 * as a BDF string.
-	 */
-	String MSG_KEY_TRANSPORT_ID = "transportId";
-
-	/**
-	 * Message metadata key for the version number of a local or remote update,
-	 * as a BDF long.
-	 */
-	String MSG_KEY_VERSION = "version";
-
-	/**
-	 * Message metadata key for whether an update is local or remote, as a BDF
-	 * boolean.
-	 */
-	String MSG_KEY_LOCAL = "local";
-
-	/**
-	 * Group metadata key for any discovered transport properties of the
-	 * contact, as a BDF dictionary.
-	 */
-	String GROUP_KEY_DISCOVERED = "discovered";
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyManager.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyManager.java
@@ -34,14 +34,6 @@ public interface TransportPropertyManager {
 	void addRemoteProperties(Transaction txn, ContactId c,
 			Map<TransportId, TransportProperties> props) throws DbException;

-	/**
-	 * Stores the given properties discovered from an incoming transport
-	 * connection. They will be overridden by any properties received while
-	 * adding the contact or synced from the contact.
-	 */
-	void addRemotePropertiesFromConnection(ContactId c, TransportId t,
-			TransportProperties props) throws DbException;
-
 	/**
 	 * Returns the local transport properties for all transports.
 	 */
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/Priority.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/Priority.java
@@ -1,23 +0,0 @@
-package org.briarproject.bramble.api.sync;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * A record containing a nonce for choosing between redundant sessions.
- */
-@Immutable
-@NotNullByDefault
-public class Priority {
-
-	private final byte[] nonce;
-
-	public Priority(byte[] nonce) {
-		this.nonce = nonce;
-	}
-
-	public byte[] getNonce() {
-		return nonce;
-	}
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/PriorityHandler.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/PriorityHandler.java
@@ -1,13 +0,0 @@
-package org.briarproject.bramble.api.sync;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-/**
- * An interface for handling a {@link Priority} record received by an
- * incoming {@link SyncSession}.
- */
-@NotNullByDefault
-public interface PriorityHandler {
-
-	void handle(Priority p);
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/RecordTypes.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/RecordTypes.java
@@ -10,5 +10,4 @@ public interface RecordTypes {
 	byte OFFER = 2;
 	byte REQUEST = 3;
 	byte VERSIONS = 4;
-	byte PRIORITY = 5;
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncConstants.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncConstants.java
@@ -49,10 +49,4 @@ public interface SyncConstants {
 	 * simultaneously.
 	 */
 	int MAX_SUPPORTED_VERSIONS = 10;
-
-	/**
-	 * The length of the priority nonce used for choosing between redundant
-	 * connections.
-	 */
-	int PRIORITY_NONCE_BYTES = 16;
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordReader.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordReader.java
@@ -28,8 +28,4 @@ public interface SyncRecordReader {
 	boolean hasVersions() throws IOException;

 	Versions readVersions() throws IOException;
-
-	boolean hasPriority() throws IOException;
-
-	Priority readPriority() throws IOException;
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordWriter.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordWriter.java
@@ -17,7 +17,5 @@ public interface SyncRecordWriter {

 	void writeVersions(Versions v) throws IOException;

-	void writePriority(Priority p) throws IOException;
-
 	void flush() throws IOException;
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncSessionFactory.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncSessionFactory.java
@@ -2,23 +2,18 @@ package org.briarproject.bramble.api.sync;

 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.transport.StreamWriter;

 import java.io.InputStream;

-import javax.annotation.Nullable;
-
@NotNullByDefault
 public interface SyncSessionFactory {

-	SyncSession createIncomingSession(ContactId c, InputStream in,
-			PriorityHandler handler);
+	SyncSession createIncomingSession(ContactId c, InputStream in);

-	SyncSession createSimplexOutgoingSession(ContactId c, TransportId t,
-			int maxLatency, StreamWriter streamWriter);
+	SyncSession createSimplexOutgoingSession(ContactId c, int maxLatency,
+			StreamWriter streamWriter);

-	SyncSession createDuplexOutgoingSession(ContactId c, TransportId t,
-			int maxLatency, int maxIdleTime, StreamWriter streamWriter,
-			@Nullable Priority priority);
+	SyncSession createDuplexOutgoingSession(ContactId c, int maxLatency,
+			int maxIdleTime, StreamWriter streamWriter);
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/sync/event/CloseSyncConnectionsEvent.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/sync/event/CloseSyncConnectionsEvent.java
@@ -1,26 +0,0 @@
-package org.briarproject.bramble.api.sync.event;
-
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
-
-import javax.annotation.concurrent.Immutable;
-
-/**
- * An event that is broadcast when all sync connections using a given
- * transport should be closed.
- */
-@Immutable
-@NotNullByDefault
-public class CloseSyncConnectionsEvent extends Event {
-
-	private final TransportId transportId;
-
-	public CloseSyncConnectionsEvent(TransportId transportId) {
-		this.transportId = transportId;
-	}
-
-	public TransportId getTransportId() {
-		return transportId;
-	}
-}
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamReaderFactory.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamReaderFactory.java
@@ -16,13 +16,8 @@ public interface StreamReaderFactory {

 	/**
 	 * Creates an {@link InputStream InputStream} for reading from a contact
-	 * exchange stream.
+	 * exchangestream.
 	 */
 	InputStream createContactExchangeStreamReader(InputStream in,
 			SecretKey headerKey);
-
-	/**
-	 * Creates an {@link InputStream} for reading from a log stream.
-	 */
-	InputStream createLogStreamReader(InputStream in, SecretKey headerKey);
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamWriterFactory.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/api/transport/StreamWriterFactory.java
@@ -9,18 +9,15 @@ import java.io.OutputStream;
 public interface StreamWriterFactory {

 	/**
-	 * Creates a {@link StreamWriter} for writing to a transport stream.
+	 * Creates an {@link OutputStream OutputStream} for writing to a
+	 * transport stream
 	 */
 	StreamWriter createStreamWriter(OutputStream out, StreamContext ctx);

 	/**
-	 * Creates a {@link StreamWriter} for writing to a contact exchange stream.
+	 * Creates an {@link OutputStream OutputStream} for writing to a contact
+	 * exchange stream.
 	 */
 	StreamWriter createContactExchangeStreamWriter(OutputStream out,
 			SecretKey headerKey);
-
-	/**
-	 * Creates a {@link StreamWriter} for writing to a log stream.
-	 */
-	StreamWriter createLogStreamWriter(OutputStream out, SecretKey headerKey);
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/util/IoUtils.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/util/IoUtils.java
@@ -117,10 +117,4 @@ public class IoUtils {
 			throw new IOException(e);
 		}
 	}
-
-	public static boolean isNonEmptyDirectory(File f) {
-		if (!f.isDirectory()) return false;
-		File[] children = f.listFiles();
-		return children != null && children.length > 0;
-	}
 }
--- a/bramble-api/src/main/java/org/briarproject/bramble/util/PrivacyUtils.java
+++ b/bramble-api/src/main/java/org/briarproject/bramble/util/PrivacyUtils.java
@@ -2,17 +2,13 @@ package org.briarproject.bramble.util;

 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;

-import java.net.Inet4Address;
+import java.net.Inet6Address;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.SocketAddress;

 import javax.annotation.Nullable;

-import static org.briarproject.bramble.util.StringUtils.isNullOrEmpty;
-import static org.briarproject.bramble.util.StringUtils.isValidMac;
-import static org.briarproject.bramble.util.StringUtils.toHexString;
-
@NotNullByDefault
 public class PrivacyUtils {

@@ -23,7 +19,7 @@ public class PrivacyUtils {

 	@Nullable
 	public static String scrubMacAddress(@Nullable String address) {
-		if (isNullOrEmpty(address) || !isValidMac(address)) return address;
+		if (address == null || address.length() == 0) return null;
 		// this is a fake address we need to know about
 		if (address.equals("02:00:00:00:00:00")) return address;
 		// keep first and last octet of MAC address
@@ -31,37 +27,39 @@ public class PrivacyUtils {
 				+ address.substring(14, 17);
 	}

+	@Nullable
 	public static String scrubInetAddress(InetAddress address) {
-		if (address instanceof Inet4Address) {
-			// Don't scrub local IPv4 addresses
-			if (address.isLoopbackAddress() || address.isLinkLocalAddress() ||
-					address.isSiteLocalAddress()) {
-				return address.getHostAddress();
-			}
-			// Keep first and last octet of non-local IPv4 addresses
-			return scrubIpv4Address(address.getAddress());
-		} else {
-			// Keep first and last octet of IPv6 addresses
-			return scrubIpv6Address(address.getAddress());
-		}
+		// don't scrub link and site local addresses
+		if (address.isLinkLocalAddress() || address.isSiteLocalAddress())
+			return address.toString();
+		// completely scrub IPv6 addresses
+		if (address instanceof Inet6Address) return "[scrubbed]";
+		// keep first and last octet of IPv4 addresses
+		return scrubInetAddress(address.toString());
 	}

-	private static String scrubIpv4Address(byte[] ipv4) {
-		return (ipv4[0] & 0xFF) + ".[scrubbed]." + (ipv4[3] & 0xFF);
-	}
-
-	private static String scrubIpv6Address(byte[] ipv6) {
-		String hex = toHexString(ipv6).toLowerCase();
-		return hex.substring(0, 2) + "[scrubbed]" + hex.substring(30);
+	@Nullable
+	public static String scrubInetAddress(@Nullable String address) {
+		if (address == null) return null;
+
+		int firstDot = address.indexOf(".");
+		if (firstDot == -1) return "[scrubbed]";
+		String prefix = address.substring(0, firstDot + 1);
+		int lastDot = address.lastIndexOf(".");
+		String suffix = address.substring(lastDot, address.length());
+		return prefix + "[scrubbed]" + suffix;
 	}

+	@Nullable
 	public static String scrubSocketAddress(InetSocketAddress address) {
-		return scrubInetAddress(address.getAddress());
+		InetAddress inetAddress = address.getAddress();
+		return scrubInetAddress(inetAddress);
 	}

+	@Nullable
 	public static String scrubSocketAddress(SocketAddress address) {
 		if (address instanceof InetSocketAddress)
 			return scrubSocketAddress((InetSocketAddress) address);
-		return "[scrubbed]";
+		return scrubInetAddress(address.toString());
 	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreModule.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreModule.java
@@ -1,7 +1,6 @@
 package org.briarproject.bramble;

 import org.briarproject.bramble.client.ClientModule;
-import org.briarproject.bramble.connection.ConnectionModule;
 import org.briarproject.bramble.contact.ContactModule;
 import org.briarproject.bramble.crypto.CryptoExecutorModule;
 import org.briarproject.bramble.crypto.CryptoModule;
@@ -10,10 +9,8 @@ import org.briarproject.bramble.db.DatabaseExecutorModule;
 import org.briarproject.bramble.db.DatabaseModule;
 import org.briarproject.bramble.event.EventModule;
 import org.briarproject.bramble.identity.IdentityModule;
-import org.briarproject.bramble.io.IoModule;
 import org.briarproject.bramble.keyagreement.KeyAgreementModule;
 import org.briarproject.bramble.lifecycle.LifecycleModule;
-import org.briarproject.bramble.logging.LoggingModule;
 import org.briarproject.bramble.plugin.PluginModule;
 import org.briarproject.bramble.properties.PropertiesModule;
 import org.briarproject.bramble.record.RecordModule;
@@ -30,7 +27,6 @@ import dagger.Module;

@Module(includes = {
 		ClientModule.class,
-		ConnectionModule.class,
 		ContactModule.class,
 		CryptoModule.class,
 		CryptoExecutorModule.class,
@@ -39,10 +35,8 @@ import dagger.Module;
 		DatabaseExecutorModule.class,
 		EventModule.class,
 		IdentityModule.class,
-		IoModule.class,
 		KeyAgreementModule.class,
 		LifecycleModule.class,
-		LoggingModule.class,
 		PluginModule.class,
 		PropertiesModule.class,
 		RecordModule.class,
--- a/bramble-core/src/main/java/org/briarproject/bramble/account/AccountManagerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/account/AccountManagerImpl.java
@@ -2,7 +2,6 @@ package org.briarproject.bramble.account;

 import org.briarproject.bramble.api.account.AccountManager;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.DecryptionException;
 import org.briarproject.bramble.api.crypto.KeyStrengthener;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DatabaseConfig;
@@ -18,7 +17,6 @@ import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStreamReader;
-import java.nio.charset.Charset;
 import java.util.logging.Logger;

 import javax.annotation.Nullable;
@@ -26,7 +24,6 @@ import javax.annotation.concurrent.GuardedBy;
 import javax.inject.Inject;

 import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.api.crypto.DecryptionResult.INVALID_CIPHERTEXT;
 import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.StringUtils.fromHexString;
 import static org.briarproject.bramble.util.StringUtils.toHexString;
@@ -98,7 +95,7 @@ class AccountManagerImpl implements AccountManager {
 		}
 		try {
 			BufferedReader reader = new BufferedReader(new InputStreamReader(
-					new FileInputStream(f), Charset.forName("UTF-8")));
+					new FileInputStream(f), "UTF-8"));
 			String key = reader.readLine();
 			reader.close();
 			return key;
@@ -150,7 +147,7 @@ class AccountManagerImpl implements AccountManager {
 	@GuardedBy("stateChangeLock")
 	private void writeDbKeyToFile(String key, File f) throws IOException {
 		FileOutputStream out = new FileOutputStream(f);
-		out.write(key.getBytes(Charset.forName("UTF-8")));
+		out.write(key.getBytes("UTF-8"));
 		out.flush();
 		out.close();
 	}
@@ -158,7 +155,8 @@ class AccountManagerImpl implements AccountManager {
 	@Override
 	public boolean accountExists() {
 		synchronized (stateChangeLock) {
-			return loadEncryptedDatabaseKey() != null;
+			return loadEncryptedDatabaseKey() != null
+					&& databaseConfig.getDatabaseDirectory().isDirectory();
 		}
 	}

@@ -195,24 +193,31 @@ class AccountManagerImpl implements AccountManager {
 	}

 	@Override
-	public void signIn(String password) throws DecryptionException {
+	public boolean signIn(String password) {
 		synchronized (stateChangeLock) {
-			databaseKey = loadAndDecryptDatabaseKey(password);
+			SecretKey key = loadAndDecryptDatabaseKey(password);
+			if (key == null) return false;
+			databaseKey = key;
+			return true;
 		}
 	}

 	@GuardedBy("stateChangeLock")
-	private SecretKey loadAndDecryptDatabaseKey(String password)
-			throws DecryptionException {
+	@Nullable
+	private SecretKey loadAndDecryptDatabaseKey(String password) {
 		String hex = loadEncryptedDatabaseKey();
 		if (hex == null) {
 			LOG.warning("Failed to load encrypted database key");
-			throw new DecryptionException(INVALID_CIPHERTEXT);
+			return null;
 		}
 		byte[] ciphertext = fromHexString(hex);
 		KeyStrengthener keyStrengthener = databaseConfig.getKeyStrengthener();
 		byte[] plaintext = crypto.decryptWithPassword(ciphertext, password,
 				keyStrengthener);
+		if (plaintext == null) {
+			LOG.info("Failed to decrypt database key");
+			return null;
+		}
 		SecretKey key = new SecretKey(plaintext);
 		// If the DB key was encrypted with a weak key and a key strengthener
 		// is now available, re-encrypt the DB key with a strengthened key
@@ -225,11 +230,10 @@ class AccountManagerImpl implements AccountManager {
 	}

 	@Override
-	public void changePassword(String oldPassword, String newPassword)
-			throws DecryptionException {
+	public boolean changePassword(String oldPassword, String newPassword) {
 		synchronized (stateChangeLock) {
 			SecretKey key = loadAndDecryptDatabaseKey(oldPassword);
-			encryptAndStoreDatabaseKey(key, newPassword);
+			return key != null && encryptAndStoreDatabaseKey(key, newPassword);
 		}
 	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/Connection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/Connection.java
@@ -1,79 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.logging.Logger;
-
-import javax.annotation.Nullable;
-
-import static java.util.logging.Level.WARNING;
-import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.api.transport.TransportConstants.TAG_LENGTH;
-import static org.briarproject.bramble.util.IoUtils.read;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-abstract class Connection {
-
-	protected static final Logger LOG = getLogger(Connection.class.getName());
-
-	final KeyManager keyManager;
-	final ConnectionRegistry connectionRegistry;
-	final StreamReaderFactory streamReaderFactory;
-	final StreamWriterFactory streamWriterFactory;
-
-	Connection(KeyManager keyManager, ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory) {
-		this.keyManager = keyManager;
-		this.connectionRegistry = connectionRegistry;
-		this.streamReaderFactory = streamReaderFactory;
-		this.streamWriterFactory = streamWriterFactory;
-	}
-
-	@Nullable
-	StreamContext recogniseTag(TransportConnectionReader reader,
-			TransportId transportId) {
-		StreamContext ctx;
-		try {
-			byte[] tag = readTag(reader.getInputStream());
-			return keyManager.getStreamContext(transportId, tag);
-		} catch (IOException | DbException e) {
-			logException(LOG, WARNING, e);
-			return null;
-		}
-	}
-
-	private byte[] readTag(InputStream in) throws IOException {
-		byte[] tag = new byte[TAG_LENGTH];
-		read(in, tag);
-		return tag;
-	}
-
-	void disposeOnError(TransportConnectionReader reader, boolean recognised) {
-		try {
-			reader.dispose(true, recognised);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-		}
-	}
-
-	void disposeOnError(TransportConnectionWriter writer) {
-		try {
-			writer.dispose(true);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-		}
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionManagerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionManagerImpl.java
@@ -1,114 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionManager;
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactExchangeManager;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.HandshakeManager;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.lifecycle.IoExecutor;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.security.SecureRandom;
-import java.util.concurrent.Executor;
-
-import javax.annotation.concurrent.Immutable;
-import javax.inject.Inject;
-
-@Immutable
-@NotNullByDefault
-class ConnectionManagerImpl implements ConnectionManager {
-
-	private final Executor ioExecutor;
-	private final KeyManager keyManager;
-	private final StreamReaderFactory streamReaderFactory;
-	private final StreamWriterFactory streamWriterFactory;
-	private final SyncSessionFactory syncSessionFactory;
-	private final HandshakeManager handshakeManager;
-	private final ContactExchangeManager contactExchangeManager;
-	private final ConnectionRegistry connectionRegistry;
-	private final TransportPropertyManager transportPropertyManager;
-	private final SecureRandom secureRandom;
-
-	@Inject
-	ConnectionManagerImpl(@IoExecutor Executor ioExecutor,
-			KeyManager keyManager, StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			HandshakeManager handshakeManager,
-			ContactExchangeManager contactExchangeManager,
-			ConnectionRegistry connectionRegistry,
-			TransportPropertyManager transportPropertyManager,
-			SecureRandom secureRandom) {
-		this.ioExecutor = ioExecutor;
-		this.keyManager = keyManager;
-		this.streamReaderFactory = streamReaderFactory;
-		this.streamWriterFactory = streamWriterFactory;
-		this.syncSessionFactory = syncSessionFactory;
-		this.handshakeManager = handshakeManager;
-		this.contactExchangeManager = contactExchangeManager;
-		this.connectionRegistry = connectionRegistry;
-		this.transportPropertyManager = transportPropertyManager;
-		this.secureRandom = secureRandom;
-	}
-
-
-	@Override
-	public void manageIncomingConnection(TransportId t,
-			TransportConnectionReader r) {
-		ioExecutor.execute(new IncomingSimplexSyncConnection(keyManager,
-				connectionRegistry, streamReaderFactory, streamWriterFactory,
-				syncSessionFactory, transportPropertyManager, t, r));
-	}
-
-	@Override
-	public void manageIncomingConnection(TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new IncomingDuplexSyncConnection(keyManager,
-				connectionRegistry, streamReaderFactory, streamWriterFactory,
-				syncSessionFactory, transportPropertyManager, ioExecutor,
-				t, d));
-	}
-
-	@Override
-	public void manageIncomingConnection(PendingContactId p, TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new IncomingHandshakeConnection(keyManager,
-				connectionRegistry, streamReaderFactory, streamWriterFactory,
-				handshakeManager, contactExchangeManager, this, p, t, d));
-	}
-
-	@Override
-	public void manageOutgoingConnection(ContactId c, TransportId t,
-			TransportConnectionWriter w) {
-		ioExecutor.execute(new OutgoingSimplexSyncConnection(keyManager,
-				connectionRegistry, streamReaderFactory, streamWriterFactory,
-				syncSessionFactory, transportPropertyManager, c, t, w));
-	}
-
-	@Override
-	public void manageOutgoingConnection(ContactId c, TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new OutgoingDuplexSyncConnection(keyManager,
-				connectionRegistry, streamReaderFactory, streamWriterFactory,
-				syncSessionFactory, transportPropertyManager, ioExecutor,
-				secureRandom, c, t, d));
-	}
-
-	@Override
-	public void manageOutgoingConnection(PendingContactId p, TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new OutgoingHandshakeConnection(keyManager,
-				connectionRegistry, streamReaderFactory, streamWriterFactory,
-				handshakeManager, contactExchangeManager, this, p, t, d));
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionModule.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionModule.java
@@ -1,26 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionManager;
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-
-import javax.inject.Singleton;
-
-import dagger.Module;
-import dagger.Provides;
-
-@Module
-public class ConnectionModule {
-
-	@Provides
-	ConnectionManager provideConnectionManager(
-			ConnectionManagerImpl connectionManager) {
-		return connectionManager;
-	}
-
-	@Provides
-	@Singleton
-	ConnectionRegistry provideConnectionRegistry(
-			ConnectionRegistryImpl connectionRegistry) {
-		return connectionRegistry;
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionRegistryImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionRegistryImpl.java
@@ -1,283 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.Bytes;
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.connection.InterruptibleConnection;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.event.EventBus;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.PluginConfig;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
-import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
-import org.briarproject.bramble.api.sync.Priority;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Set;
-import java.util.logging.Logger;
-
-import javax.annotation.Nullable;
-import javax.annotation.concurrent.GuardedBy;
-import javax.annotation.concurrent.ThreadSafe;
-import javax.inject.Inject;
-
-import static java.util.Collections.emptyList;
-import static java.util.logging.Level.INFO;
-import static java.util.logging.Logger.getLogger;
-
-@ThreadSafe
-@NotNullByDefault
-class ConnectionRegistryImpl implements ConnectionRegistry {
-
-	private static final Logger LOG =
-			getLogger(ConnectionRegistryImpl.class.getName());
-
-	private final EventBus eventBus;
-	private final Map<TransportId, List<TransportId>> transportPrefs;
-
-	private final Object lock = new Object();
-	@GuardedBy("lock")
-	private final Map<ContactId, List<ConnectionRecord>> contactConnections;
-	@GuardedBy("lock")
-	private final Set<PendingContactId> connectedPendingContacts;
-
-	@Inject
-	ConnectionRegistryImpl(EventBus eventBus, PluginConfig pluginConfig) {
-		this.eventBus = eventBus;
-		transportPrefs = pluginConfig.getTransportPreferences();
-		contactConnections = new HashMap<>();
-		connectedPendingContacts = new HashSet<>();
-	}
-
-	@Override
-	public void registerIncomingConnection(ContactId c, TransportId t,
-			InterruptibleConnection conn) {
-		registerConnection(c, t, conn, true);
-	}
-
-	@Override
-	public void registerOutgoingConnection(ContactId c, TransportId t,
-			InterruptibleConnection conn, Priority priority) {
-		registerConnection(c, t, conn, false);
-		setPriority(c, t, conn, priority);
-	}
-
-	private void registerConnection(ContactId c, TransportId t,
-			InterruptibleConnection conn, boolean incoming) {
-		if (LOG.isLoggable(INFO)) {
-			if (incoming) LOG.info("Incoming connection registered: " + t);
-			else LOG.info("Outgoing connection registered: " + t);
-		}
-		boolean firstConnection;
-		synchronized (lock) {
-			List<ConnectionRecord> recs = contactConnections.get(c);
-			if (recs == null) {
-				recs = new ArrayList<>();
-				contactConnections.put(c, recs);
-			}
-			firstConnection = recs.isEmpty();
-			recs.add(new ConnectionRecord(t, conn));
-		}
-		eventBus.broadcast(new ConnectionOpenedEvent(c, t, incoming));
-		if (firstConnection) {
-			LOG.info("Contact connected");
-			eventBus.broadcast(new ContactConnectedEvent(c));
-		}
-	}
-
-	@Override
-	public void setPriority(ContactId c, TransportId t,
-			InterruptibleConnection conn, Priority priority) {
-		if (LOG.isLoggable(INFO)) LOG.info("Setting connection priority: " + t);
-		List<InterruptibleConnection> toInterrupt;
-		boolean interruptNewConnection = false;
-		synchronized (lock) {
-			List<ConnectionRecord> recs = contactConnections.get(c);
-			if (recs == null) throw new IllegalArgumentException();
-			toInterrupt = new ArrayList<>(recs.size());
-			for (ConnectionRecord rec : recs) {
-				if (rec.conn == conn) {
-					// Store the priority of this connection
-					rec.priority = priority;
-				} else if (rec.priority != null) {
-					int compare = compareConnections(t, priority,
-							rec.transportId, rec.priority);
-					if (compare == -1) {
-						// The old connection is better than the new one
-						interruptNewConnection = true;
-					} else if (compare == 1 && !rec.interrupted) {
-						// The new connection is better than the old one
-						toInterrupt.add(rec.conn);
-						rec.interrupted = true;
-					}
-				}
-			}
-		}
-		if (interruptNewConnection) {
-			LOG.info("Interrupting new connection");
-			conn.interruptOutgoingSession();
-		}
-		for (InterruptibleConnection old : toInterrupt) {
-			LOG.info("Interrupting old connection");
-			old.interruptOutgoingSession();
-		}
-	}
-
-	private int compareConnections(TransportId tA, Priority pA, TransportId tB,
-			Priority pB) {
-		if (getBetterTransports(tA).contains(tB)) return -1;
-		if (getBetterTransports(tB).contains(tA)) return 1;
-		return tA.equals(tB) ? Bytes.compare(pA.getNonce(), pB.getNonce()) : 0;
-	}
-
-	private List<TransportId> getBetterTransports(TransportId t) {
-		List<TransportId> better = transportPrefs.get(t);
-		return better == null ? emptyList() : better;
-	}
-
-	@Override
-	public void unregisterConnection(ContactId c, TransportId t,
-			InterruptibleConnection conn, boolean incoming, boolean exception) {
-		if (LOG.isLoggable(INFO)) {
-			if (incoming) LOG.info("Incoming connection unregistered: " + t);
-			else LOG.info("Outgoing connection unregistered: " + t);
-		}
-		boolean lastConnection;
-		synchronized (lock) {
-			List<ConnectionRecord> recs = contactConnections.get(c);
-			if (recs == null || !recs.remove(new ConnectionRecord(t, conn)))
-				throw new IllegalArgumentException();
-			lastConnection = recs.isEmpty();
-		}
-		eventBus.broadcast(
-				new ConnectionClosedEvent(c, t, incoming, exception));
-		if (lastConnection) {
-			LOG.info("Contact disconnected");
-			eventBus.broadcast(new ContactDisconnectedEvent(c));
-		}
-	}
-
-	@Override
-	public Collection<ContactId> getConnectedContacts(TransportId t) {
-		synchronized (lock) {
-			List<ContactId> contactIds = new ArrayList<>();
-			for (Entry<ContactId, List<ConnectionRecord>> e :
-					contactConnections.entrySet()) {
-				for (ConnectionRecord rec : e.getValue()) {
-					if (rec.transportId.equals(t)) {
-						contactIds.add(e.getKey());
-						break;
-					}
-				}
-			}
-			if (LOG.isLoggable(INFO)) {
-				LOG.info(contactIds.size() + " contacts connected: " + t);
-			}
-			return contactIds;
-		}
-	}
-
-	@Override
-	public Collection<ContactId> getConnectedOrBetterContacts(TransportId t) {
-		synchronized (lock) {
-			List<TransportId> better = getBetterTransports(t);
-			List<ContactId> contactIds = new ArrayList<>();
-			for (Entry<ContactId, List<ConnectionRecord>> e :
-					contactConnections.entrySet()) {
-				for (ConnectionRecord rec : e.getValue()) {
-					if (rec.transportId.equals(t) ||
-							better.contains(rec.transportId)) {
-						contactIds.add(e.getKey());
-						break;
-					}
-				}
-			}
-			if (LOG.isLoggable(INFO)) {
-				LOG.info(contactIds.size()
-						+ " contacts connected or better: " + t);
-			}
-			return contactIds;
-		}
-	}
-
-	@Override
-	public boolean isConnected(ContactId c, TransportId t) {
-		synchronized (lock) {
-			List<ConnectionRecord> recs = contactConnections.get(c);
-			if (recs == null) return false;
-			for (ConnectionRecord rec : recs) {
-				if (rec.transportId.equals(t)) return true;
-			}
-			return false;
-		}
-	}
-
-	@Override
-	public boolean isConnected(ContactId c) {
-		synchronized (lock) {
-			List<ConnectionRecord> recs = contactConnections.get(c);
-			return recs != null && !recs.isEmpty();
-		}
-	}
-
-	@Override
-	public boolean registerConnection(PendingContactId p) {
-		boolean added;
-		synchronized (lock) {
-			added = connectedPendingContacts.add(p);
-		}
-		if (added) eventBus.broadcast(new RendezvousConnectionOpenedEvent(p));
-		return added;
-	}
-
-	@Override
-	public void unregisterConnection(PendingContactId p, boolean success) {
-		synchronized (lock) {
-			if (!connectedPendingContacts.remove(p))
-				throw new IllegalArgumentException();
-		}
-		eventBus.broadcast(new RendezvousConnectionClosedEvent(p, success));
-	}
-
-	private static class ConnectionRecord {
-
-		private final TransportId transportId;
-		private final InterruptibleConnection conn;
-		@GuardedBy("lock")
-		@Nullable
-		private Priority priority = null;
-		@GuardedBy("lock")
-		private boolean interrupted = false;
-
-		private ConnectionRecord(TransportId transportId,
-				InterruptibleConnection conn) {
-			this.transportId = transportId;
-			this.conn = conn;
-		}
-
-		@Override
-		public boolean equals(Object o) {
-			if (o instanceof ConnectionRecord) {
-				return conn == ((ConnectionRecord) o).conn;
-			} else {
-				return false;
-			}
-		}
-
-		@Override
-		public int hashCode() {
-			return conn.hashCode();
-		}
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/DuplexSyncConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/DuplexSyncConnection.java
@@ -1,109 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.connection.InterruptibleConnection;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.properties.TransportProperties;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.sync.Priority;
-import org.briarproject.bramble.api.sync.SyncSession;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.util.concurrent.Executor;
-
-import javax.annotation.Nullable;
-import javax.annotation.concurrent.GuardedBy;
-
-import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
-
-@NotNullByDefault
-abstract class DuplexSyncConnection extends SyncConnection
-		implements InterruptibleConnection {
-
-	final Executor ioExecutor;
-	final TransportId transportId;
-	final TransportConnectionReader reader;
-	final TransportConnectionWriter writer;
-	final TransportProperties remote;
-
-	private final Object interruptLock = new Object();
-
-	@GuardedBy("interruptLock")
-	@Nullable
-	private SyncSession outgoingSession = null;
-	@GuardedBy("interruptLock")
-	private boolean interruptWaiting = false;
-
-	@Override
-	public void interruptOutgoingSession() {
-		SyncSession out = null;
-		synchronized (interruptLock) {
-			if (outgoingSession == null) interruptWaiting = true;
-			else out = outgoingSession;
-		}
-		if (out != null) out.interrupt();
-	}
-
-	void setOutgoingSession(SyncSession outgoingSession) {
-		boolean interruptWasWaiting = false;
-		synchronized (interruptLock) {
-			this.outgoingSession = outgoingSession;
-			if (interruptWaiting) {
-				interruptWasWaiting = true;
-				interruptWaiting = false;
-			}
-		}
-		if (interruptWasWaiting) outgoingSession.interrupt();
-	}
-
-	DuplexSyncConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			TransportPropertyManager transportPropertyManager,
-			Executor ioExecutor, TransportId transportId,
-			DuplexTransportConnection connection) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory, syncSessionFactory,
-				transportPropertyManager);
-		this.ioExecutor = ioExecutor;
-		this.transportId = transportId;
-		reader = connection.getReader();
-		writer = connection.getWriter();
-		remote = connection.getRemoteProperties();
-	}
-
-	void onReadError(boolean recognised) {
-		disposeOnError(reader, recognised);
-		disposeOnError(writer);
-		interruptOutgoingSession();
-	}
-
-	void onWriteError() {
-		disposeOnError(reader, true);
-		disposeOnError(writer);
-	}
-
-	SyncSession createDuplexOutgoingSession(StreamContext ctx,
-			TransportConnectionWriter w, @Nullable Priority priority)
-			throws IOException {
-		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
-				w.getOutputStream(), ctx);
-		ContactId c = requireNonNull(ctx.getContactId());
-		return syncSessionFactory.createDuplexOutgoingSession(c,
-				ctx.getTransportId(), w.getMaxLatency(), w.getMaxIdleTime(),
-				streamWriter, priority);
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/HandshakeConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/HandshakeConnection.java
@@ -1,72 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionManager;
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactExchangeManager;
-import org.briarproject.bramble.api.contact.HandshakeManager;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import javax.annotation.Nullable;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-abstract class HandshakeConnection extends Connection {
-
-	final HandshakeManager handshakeManager;
-	final ContactExchangeManager contactExchangeManager;
-	final ConnectionManager connectionManager;
-	final PendingContactId pendingContactId;
-	final TransportId transportId;
-	final DuplexTransportConnection connection;
-	final TransportConnectionReader reader;
-	final TransportConnectionWriter writer;
-
-	HandshakeConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			HandshakeManager handshakeManager,
-			ContactExchangeManager contactExchangeManager,
-			ConnectionManager connectionManager,
-			PendingContactId pendingContactId,
-			TransportId transportId, DuplexTransportConnection connection) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory);
-		this.handshakeManager = handshakeManager;
-		this.contactExchangeManager = contactExchangeManager;
-		this.connectionManager = connectionManager;
-		this.pendingContactId = pendingContactId;
-		this.transportId = transportId;
-		this.connection = connection;
-		reader = connection.getReader();
-		writer = connection.getWriter();
-	}
-
-	@Nullable
-	StreamContext allocateStreamContext(PendingContactId pendingContactId,
-			TransportId transportId) {
-		try {
-			return keyManager.getStreamContext(pendingContactId, transportId);
-		} catch (DbException e) {
-			logException(LOG, WARNING, e);
-			return null;
-		}
-	}
-
-	void onError(boolean recognised) {
-		disposeOnError(reader, recognised);
-		disposeOnError(writer);
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingDuplexSyncConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingDuplexSyncConnection.java
@@ -1,107 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.sync.PriorityHandler;
-import org.briarproject.bramble.api.sync.SyncSession;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.util.concurrent.Executor;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class IncomingDuplexSyncConnection extends DuplexSyncConnection
-		implements Runnable {
-
-	IncomingDuplexSyncConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			TransportPropertyManager transportPropertyManager,
-			Executor ioExecutor, TransportId transportId,
-			DuplexTransportConnection connection) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory, syncSessionFactory,
-				transportPropertyManager, ioExecutor, transportId, connection);
-	}
-
-	@Override
-	public void run() {
-		// Read and recognise the tag
-		StreamContext ctx = recogniseTag(reader, transportId);
-		if (ctx == null) {
-			LOG.info("Unrecognised tag");
-			onReadError(false);
-			return;
-		}
-		ContactId contactId = ctx.getContactId();
-		if (contactId == null) {
-			LOG.warning("Expected contact tag, got rendezvous tag");
-			onReadError(true);
-			return;
-		}
-		if (ctx.isHandshakeMode()) {
-			// TODO: Support handshake mode for contacts
-			LOG.warning("Received handshake tag, expected rotation mode");
-			onReadError(true);
-			return;
-		}
-		connectionRegistry.registerIncomingConnection(contactId, transportId,
-				this);
-		// Start the outgoing session on another thread
-		ioExecutor.execute(() -> runOutgoingSession(contactId));
-		try {
-			// Store any transport properties discovered from the connection
-			transportPropertyManager.addRemotePropertiesFromConnection(
-					contactId, transportId, remote);
-			// Update the connection registry when we receive our priority
-			PriorityHandler handler = p -> connectionRegistry.setPriority(
-					contactId, transportId, this, p);
-			// Create and run the incoming session
-			createIncomingSession(ctx, reader, handler).run();
-			reader.dispose(false, true);
-			interruptOutgoingSession();
-			connectionRegistry.unregisterConnection(contactId, transportId,
-					this, true, false);
-		} catch (DbException | IOException e) {
-			logException(LOG, WARNING, e);
-			onReadError(true);
-			connectionRegistry.unregisterConnection(contactId, transportId,
-					this, true, true);
-		}
-	}
-
-	private void runOutgoingSession(ContactId contactId) {
-		// Allocate a stream context
-		StreamContext ctx = allocateStreamContext(contactId, transportId);
-		if (ctx == null) {
-			LOG.warning("Could not allocate stream context");
-			onWriteError();
-			return;
-		}
-		try {
-			// Create and run the outgoing session
-			SyncSession out = createDuplexOutgoingSession(ctx, writer, null);
-			setOutgoingSession(out);
-			out.run();
-			writer.dispose(false);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-			onWriteError();
-		}
-	}
-}
-
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingHandshakeConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingHandshakeConnection.java
@@ -1,93 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionManager;
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactExchangeManager;
-import org.briarproject.bramble.api.contact.HandshakeManager;
-import org.briarproject.bramble.api.contact.HandshakeManager.HandshakeResult;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class IncomingHandshakeConnection extends HandshakeConnection
-		implements Runnable {
-
-	IncomingHandshakeConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			HandshakeManager handshakeManager,
-			ContactExchangeManager contactExchangeManager,
-			ConnectionManager connectionManager,
-			PendingContactId pendingContactId,
-			TransportId transportId, DuplexTransportConnection connection) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory, handshakeManager, contactExchangeManager,
-				connectionManager, pendingContactId, transportId, connection);
-	}
-
-	@Override
-	public void run() {
-		// Read and recognise the tag
-		StreamContext ctxIn = recogniseTag(reader, transportId);
-		if (ctxIn == null) {
-			LOG.info("Unrecognised tag");
-			onError(false);
-			return;
-		}
-		PendingContactId inPendingContactId = ctxIn.getPendingContactId();
-		if (inPendingContactId == null) {
-			LOG.warning("Expected rendezvous tag, got contact tag");
-			onError(true);
-			return;
-		}
-		// Allocate the outgoing stream context
-		StreamContext ctxOut =
-				allocateStreamContext(pendingContactId, transportId);
-		if (ctxOut == null) {
-			LOG.warning("Could not allocate stream context");
-			onError(true);
-			return;
-		}
-		// Close the connection if it's redundant
-		if (!connectionRegistry.registerConnection(pendingContactId)) {
-			LOG.info("Redundant rendezvous connection");
-			onError(true);
-			return;
-		}
-		// Handshake and exchange contacts
-		try {
-			InputStream in = streamReaderFactory.createStreamReader(
-					reader.getInputStream(), ctxIn);
-			// Flush the output stream to send the outgoing stream header
-			StreamWriter out = streamWriterFactory.createStreamWriter(
-					writer.getOutputStream(), ctxOut);
-			out.getOutputStream().flush();
-			HandshakeResult result =
-					handshakeManager.handshake(pendingContactId, in, out);
-			contactExchangeManager.exchangeContacts(pendingContactId,
-					connection, result.getMasterKey(), result.isAlice(), false);
-			connectionRegistry.unregisterConnection(pendingContactId, true);
-			// Reuse the connection as a transport connection
-			connectionManager.manageIncomingConnection(transportId, connection);
-		} catch (IOException | DbException e) {
-			logException(LOG, WARNING, e);
-			onError(true);
-			connectionRegistry.unregisterConnection(pendingContactId, false);
-		}
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingSimplexSyncConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingSimplexSyncConnection.java
@@ -1,79 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.sync.PriorityHandler;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class IncomingSimplexSyncConnection extends SyncConnection implements Runnable {
-
-	private final TransportId transportId;
-	private final TransportConnectionReader reader;
-
-	IncomingSimplexSyncConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			TransportPropertyManager transportPropertyManager,
-			TransportId transportId, TransportConnectionReader reader) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory, syncSessionFactory,
-				transportPropertyManager);
-		this.transportId = transportId;
-		this.reader = reader;
-	}
-
-	@Override
-	public void run() {
-		// Read and recognise the tag
-		StreamContext ctx = recogniseTag(reader, transportId);
-		if (ctx == null) {
-			LOG.info("Unrecognised tag");
-			onError(false);
-			return;
-		}
-		ContactId contactId = ctx.getContactId();
-		if (contactId == null) {
-			LOG.warning("Received rendezvous stream, expected contact");
-			onError(true);
-			return;
-		}
-		if (ctx.isHandshakeMode()) {
-			// TODO: Support handshake mode for contacts
-			LOG.warning("Received handshake tag, expected rotation mode");
-			onError(true);
-			return;
-		}
-		try {
-			// We don't expect to receive a priority for this connection
-			PriorityHandler handler = p ->
-					LOG.info("Ignoring priority for simplex connection");
-			// Create and run the incoming session
-			createIncomingSession(ctx, reader, handler).run();
-			reader.dispose(false, true);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-			onError(true);
-		}
-	}
-
-	private void onError(boolean recognised) {
-		disposeOnError(reader, recognised);
-	}
-}
-
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingDuplexSyncConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingDuplexSyncConnection.java
@@ -1,140 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.sync.Priority;
-import org.briarproject.bramble.api.sync.PriorityHandler;
-import org.briarproject.bramble.api.sync.SyncSession;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.util.concurrent.Executor;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.api.sync.SyncConstants.PRIORITY_NONCE_BYTES;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class OutgoingDuplexSyncConnection extends DuplexSyncConnection
-		implements Runnable {
-
-	private final SecureRandom secureRandom;
-	private final ContactId contactId;
-
-	OutgoingDuplexSyncConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			TransportPropertyManager transportPropertyManager,
-			Executor ioExecutor, SecureRandom secureRandom, ContactId contactId,
-			TransportId transportId, DuplexTransportConnection connection) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory, syncSessionFactory,
-				transportPropertyManager, ioExecutor, transportId, connection);
-		this.secureRandom = secureRandom;
-		this.contactId = contactId;
-	}
-
-	@Override
-	public void run() {
-		// Allocate a stream context
-		StreamContext ctx = allocateStreamContext(contactId, transportId);
-		if (ctx == null) {
-			LOG.warning("Could not allocate stream context");
-			onWriteError();
-			return;
-		}
-		if (ctx.isHandshakeMode()) {
-			// TODO: Support handshake mode for contacts
-			LOG.warning("Cannot use handshake mode stream context");
-			onWriteError();
-			return;
-		}
-		// Start the incoming session on another thread
-		Priority priority = generatePriority();
-		ioExecutor.execute(() -> runIncomingSession(priority));
-		try {
-			// Create and run the outgoing session
-			SyncSession out =
-					createDuplexOutgoingSession(ctx, writer, priority);
-			setOutgoingSession(out);
-			out.run();
-			writer.dispose(false);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-			onWriteError();
-		}
-	}
-
-	private void runIncomingSession(Priority priority) {
-		// Read and recognise the tag
-		StreamContext ctx = recogniseTag(reader, transportId);
-		// Unrecognised tags are suspicious in this case
-		if (ctx == null) {
-			LOG.warning("Unrecognised tag for returning stream");
-			onReadError();
-			return;
-		}
-		// Check that the stream comes from the expected contact
-		ContactId inContactId = ctx.getContactId();
-		if (inContactId == null) {
-			LOG.warning("Expected contact tag, got rendezvous tag");
-			onReadError();
-			return;
-		}
-		if (!contactId.equals(inContactId)) {
-			LOG.warning("Wrong contact ID for returning stream");
-			onReadError();
-			return;
-		}
-		if (ctx.isHandshakeMode()) {
-			// TODO: Support handshake mode for contacts
-			LOG.warning("Received handshake tag, expected rotation mode");
-			onReadError();
-			return;
-		}
-		connectionRegistry.registerOutgoingConnection(contactId, transportId,
-				this, priority);
-		try {
-			// Store any transport properties discovered from the connection
-			transportPropertyManager.addRemotePropertiesFromConnection(
-					contactId, transportId, remote);
-			// We don't expect to receive a priority for this connection
-			PriorityHandler handler = p ->
-					LOG.info("Ignoring priority for outgoing connection");
-			// Create and run the incoming session
-			createIncomingSession(ctx, reader, handler).run();
-			reader.dispose(false, true);
-			interruptOutgoingSession();
-			connectionRegistry.unregisterConnection(contactId, transportId,
-					this, false, false);
-		} catch (DbException | IOException e) {
-			logException(LOG, WARNING, e);
-			onReadError();
-			connectionRegistry.unregisterConnection(contactId, transportId,
-					this, false, true);
-		}
-	}
-
-	private void onReadError() {
-		// 'Recognised' is always true for outgoing connections
-		onReadError(true);
-	}
-
-	private Priority generatePriority() {
-		byte[] nonce = new byte[PRIORITY_NONCE_BYTES];
-		secureRandom.nextBytes(nonce);
-		return new Priority(nonce);
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingHandshakeConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingHandshakeConnection.java
@@ -1,115 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionManager;
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.Contact;
-import org.briarproject.bramble.api.contact.ContactExchangeManager;
-import org.briarproject.bramble.api.contact.HandshakeManager;
-import org.briarproject.bramble.api.contact.HandshakeManager.HandshakeResult;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class OutgoingHandshakeConnection extends HandshakeConnection
-		implements Runnable {
-
-	OutgoingHandshakeConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			HandshakeManager handshakeManager,
-			ContactExchangeManager contactExchangeManager,
-			ConnectionManager connectionManager,
-			PendingContactId pendingContactId,
-			TransportId transportId, DuplexTransportConnection connection) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory, handshakeManager, contactExchangeManager,
-				connectionManager, pendingContactId, transportId, connection);
-	}
-
-	@Override
-	public void run() {
-		// Allocate the outgoing stream context
-		StreamContext ctxOut =
-				allocateStreamContext(pendingContactId, transportId);
-		if (ctxOut == null) {
-			LOG.warning("Could not allocate stream context");
-			onError();
-			return;
-		}
-		// Flush the output stream to send the outgoing stream header
-		StreamWriter out;
-		try {
-			out = streamWriterFactory.createStreamWriter(
-					writer.getOutputStream(), ctxOut);
-			out.getOutputStream().flush();
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-			onError();
-			return;
-		}
-		// Read and recognise the tag
-		StreamContext ctxIn = recogniseTag(reader, transportId);
-		// Unrecognised tags are suspicious in this case
-		if (ctxIn == null) {
-			LOG.warning("Unrecognised tag for returning stream");
-			onError();
-			return;
-		}
-		// Check that the stream comes from the expected pending contact
-		PendingContactId inPendingContactId = ctxIn.getPendingContactId();
-		if (inPendingContactId == null) {
-			LOG.warning("Expected rendezvous tag, got contact tag");
-			onError();
-			return;
-		}
-		if (!inPendingContactId.equals(pendingContactId)) {
-			LOG.warning("Wrong pending contact ID for returning stream");
-			onError();
-			return;
-		}
-		// Close the connection if it's redundant
-		if (!connectionRegistry.registerConnection(pendingContactId)) {
-			LOG.info("Redundant rendezvous connection");
-			onError();
-			return;
-		}
-		// Handshake and exchange contacts
-		try {
-			InputStream in = streamReaderFactory.createStreamReader(
-					reader.getInputStream(), ctxIn);
-			HandshakeResult result =
-					handshakeManager.handshake(pendingContactId, in, out);
-			Contact contact = contactExchangeManager.exchangeContacts(
-					pendingContactId, connection, result.getMasterKey(),
-					result.isAlice(), false);
-			connectionRegistry.unregisterConnection(pendingContactId, true);
-			// Reuse the connection as a transport connection
-			connectionManager.manageOutgoingConnection(contact.getId(),
-					transportId, connection);
-		} catch (IOException | DbException e) {
-			logException(LOG, WARNING, e);
-			onError();
-			connectionRegistry.unregisterConnection(pendingContactId, false);
-		}
-	}
-
-	private void onError() {
-		// 'Recognised' is always true for outgoing connections
-		onError(true);
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingSimplexSyncConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingSimplexSyncConnection.java
@@ -1,78 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.sync.SyncSession;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class OutgoingSimplexSyncConnection extends SyncConnection implements Runnable {
-
-	private final ContactId contactId;
-	private final TransportId transportId;
-	private final TransportConnectionWriter writer;
-
-	OutgoingSimplexSyncConnection(KeyManager keyManager,
-			ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			TransportPropertyManager transportPropertyManager,
-			ContactId contactId, TransportId transportId,
-			TransportConnectionWriter writer) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory, syncSessionFactory,
-				transportPropertyManager);
-		this.contactId = contactId;
-		this.transportId = transportId;
-		this.writer = writer;
-	}
-
-	@Override
-	public void run() {
-		// Allocate a stream context
-		StreamContext ctx = allocateStreamContext(contactId, transportId);
-		if (ctx == null) {
-			LOG.warning("Could not allocate stream context");
-			onError();
-			return;
-		}
-		try {
-			// Create and run the outgoing session
-			createSimplexOutgoingSession(ctx, writer).run();
-			writer.dispose(false);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-			onError();
-		}
-	}
-
-	private void onError() {
-		disposeOnError(writer);
-	}
-
-	private SyncSession createSimplexOutgoingSession(StreamContext ctx,
-			TransportConnectionWriter w) throws IOException {
-		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
-				w.getOutputStream(), ctx);
-		ContactId c = requireNonNull(ctx.getContactId());
-		return syncSessionFactory.createSimplexOutgoingSession(c,
-				ctx.getTransportId(), w.getMaxLatency(), streamWriter);
-	}
-}
-
--- a/bramble-core/src/main/java/org/briarproject/bramble/connection/SyncConnection.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/connection/SyncConnection.java
@@ -1,64 +0,0 @@
-package org.briarproject.bramble.connection;
-
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.properties.TransportPropertyManager;
-import org.briarproject.bramble.api.sync.PriorityHandler;
-import org.briarproject.bramble.api.sync.SyncSession;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import javax.annotation.Nullable;
-
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class SyncConnection extends Connection {
-
-	final SyncSessionFactory syncSessionFactory;
-	final TransportPropertyManager transportPropertyManager;
-
-	SyncConnection(KeyManager keyManager, ConnectionRegistry connectionRegistry,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			TransportPropertyManager transportPropertyManager) {
-		super(keyManager, connectionRegistry, streamReaderFactory,
-				streamWriterFactory);
-		this.syncSessionFactory = syncSessionFactory;
-		this.transportPropertyManager = transportPropertyManager;
-	}
-
-	@Nullable
-	StreamContext allocateStreamContext(ContactId contactId,
-			TransportId transportId) {
-		try {
-			return keyManager.getStreamContext(contactId, transportId);
-		} catch (DbException e) {
-			logException(LOG, WARNING, e);
-			return null;
-		}
-	}
-
-	SyncSession createIncomingSession(StreamContext ctx,
-			TransportConnectionReader r, PriorityHandler handler)
-			throws IOException {
-		InputStream streamReader = streamReaderFactory.createStreamReader(
-				r.getInputStream(), ctx);
-		ContactId c = requireNonNull(ctx.getContactId());
-		return syncSessionFactory
-				.createIncomingSession(c, streamReader, handler);
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java
@@ -7,7 +7,6 @@ import net.i2p.crypto.eddsa.KeyPairGenerator;
 import org.briarproject.bramble.api.crypto.AgreementPrivateKey;
 import org.briarproject.bramble.api.crypto.AgreementPublicKey;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.DecryptionException;
 import org.briarproject.bramble.api.crypto.KeyPair;
 import org.briarproject.bramble.api.crypto.KeyParser;
 import org.briarproject.bramble.api.crypto.KeyStrengthener;
@@ -40,9 +39,6 @@ import static java.lang.System.arraycopy;
 import static java.util.logging.Level.INFO;
 import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_AGREEMENT;
 import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_SIGNATURE;
-import static org.briarproject.bramble.api.crypto.DecryptionResult.INVALID_CIPHERTEXT;
-import static org.briarproject.bramble.api.crypto.DecryptionResult.INVALID_PASSWORD;
-import static org.briarproject.bramble.api.crypto.DecryptionResult.KEY_STRENGTHENER_ERROR;
 import static org.briarproject.bramble.util.ByteUtils.INT_32_BYTES;
 import static org.briarproject.bramble.util.LogUtils.logDuration;
 import static org.briarproject.bramble.util.LogUtils.now;
@@ -363,17 +359,16 @@ class CryptoComponentImpl implements CryptoComponent {
 	}

 	@Override
+	@Nullable
 	public byte[] decryptWithPassword(byte[] input, String password,
-			@Nullable KeyStrengthener keyStrengthener)
-			throws DecryptionException {
+			@Nullable KeyStrengthener keyStrengthener) {
 		AuthenticatedCipher cipher = new XSalsa20Poly1305AuthenticatedCipher();
 		int macBytes = cipher.getMacBytes();
 		// The input contains the format version, salt, cost parameter, IV,
 		// ciphertext and MAC
 		if (input.length < 1 + PBKDF_SALT_BYTES + INT_32_BYTES
-				+ STORAGE_IV_BYTES + macBytes) {
-			throw new DecryptionException(INVALID_CIPHERTEXT);
-		}
+				+ STORAGE_IV_BYTES + macBytes)
+			return null; // Invalid input
 		int inputOff = 0;
 		// Format version
 		byte formatVersion = input[inputOff];
@@ -381,7 +376,7 @@ class CryptoComponentImpl implements CryptoComponent {
 		// Check whether we support this format version
 		if (formatVersion != PBKDF_FORMAT_SCRYPT &&
 				formatVersion != PBKDF_FORMAT_SCRYPT_STRENGTHENED) {
-			throw new DecryptionException(INVALID_CIPHERTEXT);
+			return null;
 		}
 		// Salt
 		byte[] salt = new byte[PBKDF_SALT_BYTES];
@@ -390,9 +385,8 @@ class CryptoComponentImpl implements CryptoComponent {
 		// Cost parameter
 		long cost = ByteUtils.readUint32(input, inputOff);
 		inputOff += INT_32_BYTES;
-		if (cost < 2 || cost > Integer.MAX_VALUE) {
-			throw new DecryptionException(INVALID_CIPHERTEXT);
-		}
+		if (cost < 2 || cost > Integer.MAX_VALUE)
+			return null; // Invalid cost parameter
 		// IV
 		byte[] iv = new byte[STORAGE_IV_BYTES];
 		arraycopy(input, inputOff, iv, 0, iv.length);
@@ -400,10 +394,8 @@ class CryptoComponentImpl implements CryptoComponent {
 		// Derive the decryption key from the password
 		SecretKey key = passwordBasedKdf.deriveKey(password, salt, (int) cost);
 		if (formatVersion == PBKDF_FORMAT_SCRYPT_STRENGTHENED) {
-			if (keyStrengthener == null || !keyStrengthener.isInitialised()) {
-				// Can't derive the same strengthened key
-				throw new DecryptionException(KEY_STRENGTHENER_ERROR);
-			}
+			if (keyStrengthener == null || !keyStrengthener.isInitialised())
+				return null; // Can't derive the same strengthened key
 			key = keyStrengthener.strengthenKey(key);
 		}
 		// Initialise the cipher
@@ -419,7 +411,7 @@ class CryptoComponentImpl implements CryptoComponent {
 			cipher.process(input, inputOff, inputLen, output, 0);
 			return output;
 		} catch (GeneralSecurityException e) {
-			throw new DecryptionException(INVALID_PASSWORD);
+			return null; // Invalid ciphertext
 		}
 	}

--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamDecrypterFactoryImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamDecrypterFactoryImpl.java
@@ -36,10 +36,4 @@ class StreamDecrypterFactoryImpl implements StreamDecrypterFactory {
 			SecretKey headerKey) {
 		return new StreamDecrypterImpl(in, cipherProvider.get(), 0, headerKey);
 	}
-
-	@Override
-	public StreamDecrypter createLogStreamDecrypter(InputStream in,
-			SecretKey headerKey) {
-		return createContactExchangeStreamDecrypter(in, headerKey);
-	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamEncrypterFactoryImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/StreamEncrypterFactoryImpl.java
@@ -51,7 +51,7 @@ class StreamEncrypterFactoryImpl implements StreamEncrypterFactory {
 	}

 	@Override
-	public StreamEncrypter createContactExchangeStreamEncrypter(
+	public StreamEncrypter createContactExchangeStreamDecrypter(
 			OutputStream out, SecretKey headerKey) {
 		AuthenticatedCipher cipher = cipherProvider.get();
 		byte[] streamHeaderNonce = new byte[STREAM_HEADER_NONCE_LENGTH];
@@ -60,10 +60,4 @@ class StreamEncrypterFactoryImpl implements StreamEncrypterFactory {
 		return new StreamEncrypterImpl(out, cipher, 0, null, streamHeaderNonce,
 				headerKey, frameKey);
 	}
-
-	@Override
-	public StreamEncrypter createLogStreamEncrypter(OutputStream out,
-			SecretKey headerKey) {
-		return createContactExchangeStreamEncrypter(out, headerKey);
-	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/db/H2Database.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/db/H2Database.java
@@ -25,7 +25,6 @@ import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.db.JdbcUtils.tryToClose;
-import static org.briarproject.bramble.util.IoUtils.isNonEmptyDirectory;
 import static org.briarproject.bramble.util.LogUtils.logFileOrDir;

 /**
@@ -70,9 +69,8 @@ class H2Database extends JdbcDatabase {
 			LOG.info("Contents of account directory before opening DB:");
 			logFileOrDir(LOG, INFO, dir.getParentFile());
 		}
-		boolean reopen = isNonEmptyDirectory(dir);
+		boolean reopen = !dir.mkdirs();
 		if (LOG.isLoggable(INFO)) LOG.info("Reopening DB: " + reopen);
-		if (!reopen && dir.mkdirs()) LOG.info("Created database directory");
 		super.open("org.h2.Driver", reopen, key, listener);
 		if (LOG.isLoggable(INFO)) {
 			LOG.info("Contents of account directory after opening DB:");
--- a/bramble-core/src/main/java/org/briarproject/bramble/db/HyperSqlDatabase.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/db/HyperSqlDatabase.java
@@ -20,11 +20,9 @@ import java.util.logging.Logger;
 import javax.annotation.Nullable;
 import javax.inject.Inject;

-import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.db.JdbcUtils.tryToClose;
-import static org.briarproject.bramble.util.IoUtils.isNonEmptyDirectory;

 /**
 * Contains all the HSQLDB-specific code for the database.
@@ -66,10 +64,7 @@ class HyperSqlDatabase extends JdbcDatabase {
 	public boolean open(SecretKey key, @Nullable MigrationListener listener)
 			throws DbException {
 		this.key = key;
-		File dir = config.getDatabaseDirectory();
-		boolean reopen = isNonEmptyDirectory(dir);
-		if (LOG.isLoggable(INFO)) LOG.info("Reopening DB: " + reopen);
-		if (!reopen && dir.mkdirs()) LOG.info("Created database directory");
+		boolean reopen = !config.getDatabaseDirectory().mkdirs();
 		super.open("org.hsqldb.jdbc.JDBCDriver", reopen, key, listener);
 		return reopen;
 	}
--- a/bramble-core/src/main/java/org/briarproject/bramble/io/IoModule.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/io/IoModule.java
@@ -1,18 +0,0 @@
-package org.briarproject.bramble.io;
-
-import org.briarproject.bramble.api.io.TimeoutMonitor;
-
-import javax.inject.Singleton;
-
-import dagger.Module;
-import dagger.Provides;
-
-@Module
-public class IoModule {
-
-	@Provides
-	@Singleton
-	TimeoutMonitor provideTimeoutMonitor(TimeoutMonitorImpl timeoutMonitor) {
-		return timeoutMonitor;
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/io/TimeoutInputStream.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/io/TimeoutInputStream.java
@@ -1,104 +0,0 @@
-package org.briarproject.bramble.io;
-
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.system.Clock;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import javax.annotation.concurrent.GuardedBy;
-
-@NotNullByDefault
-class TimeoutInputStream extends InputStream {
-
-	private final Clock clock;
-	private final InputStream in;
-	private final long timeoutMs;
-	private final CloseListener listener;
-	private final Object lock = new Object();
-	@GuardedBy("lock")
-	private long readStartedMs = -1;
-
-	TimeoutInputStream(Clock clock, InputStream in, long timeoutMs,
-			CloseListener listener) {
-		this.clock = clock;
-		this.in = in;
-		this.timeoutMs = timeoutMs;
-		this.listener = listener;
-	}
-
-	@Override
-	public int read() throws IOException {
-		synchronized (lock) {
-			readStartedMs = clock.currentTimeMillis();
-		}
-		int input = in.read();
-		synchronized (lock) {
-			readStartedMs = -1;
-		}
-		return input;
-	}
-
-	@Override
-	public int read(byte[] b) throws IOException {
-		return read(b, 0, b.length);
-	}
-
-	@Override
-	public int read(byte[] b, int off, int len) throws IOException {
-		synchronized (lock) {
-			readStartedMs = clock.currentTimeMillis();
-		}
-		int read = in.read(b, off, len);
-		synchronized (lock) {
-			readStartedMs = -1;
-		}
-		return read;
-	}
-
-	@Override
-	public void close() throws IOException {
-		try {
-			in.close();
-		} finally {
-			listener.onClose(this);
-		}
-	}
-
-	@Override
-	public int available() throws IOException {
-		return in.available();
-	}
-
-	@Override
-	public void mark(int readlimit) {
-		in.mark(readlimit);
-	}
-
-	@Override
-	public boolean markSupported() {
-		return in.markSupported();
-	}
-
-	@Override
-	public void reset() throws IOException {
-		in.reset();
-	}
-
-	@Override
-	public long skip(long n) throws IOException {
-		return in.skip(n);
-	}
-
-	boolean hasTimedOut() {
-		synchronized (lock) {
-			return readStartedMs != -1 &&
-					clock.currentTimeMillis() - readStartedMs > timeoutMs;
-		}
-	}
-
-	interface CloseListener {
-
-		void onClose(TimeoutInputStream closed);
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/io/TimeoutMonitorImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/io/TimeoutMonitorImpl.java
@@ -1,96 +0,0 @@
-package org.briarproject.bramble.io;
-
-import org.briarproject.bramble.api.io.TimeoutMonitor;
-import org.briarproject.bramble.api.lifecycle.IoExecutor;
-import org.briarproject.bramble.api.system.Clock;
-import org.briarproject.bramble.api.system.Scheduler;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.concurrent.Executor;
-import java.util.concurrent.Future;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.logging.Logger;
-
-import javax.annotation.concurrent.GuardedBy;
-import javax.inject.Inject;
-
-import static java.util.concurrent.TimeUnit.MILLISECONDS;
-import static java.util.concurrent.TimeUnit.SECONDS;
-import static java.util.logging.Level.INFO;
-import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-class TimeoutMonitorImpl implements TimeoutMonitor {
-
-	private static final Logger LOG =
-			getLogger(TimeoutMonitorImpl.class.getName());
-
-	private static final long CHECK_INTERVAL_MS = SECONDS.toMillis(10);
-
-	private final ScheduledExecutorService scheduler;
-	private final Executor ioExecutor;
-	private final Clock clock;
-	private final Object lock = new Object();
-	@GuardedBy("lock")
-	private final List<TimeoutInputStream> streams = new ArrayList<>();
-
-	@GuardedBy("lock")
-	private Future<?> task = null;
-
-	@Inject
-	TimeoutMonitorImpl(@Scheduler ScheduledExecutorService scheduler,
-			@IoExecutor Executor ioExecutor, Clock clock) {
-		this.scheduler = scheduler;
-		this.ioExecutor = ioExecutor;
-		this.clock = clock;
-	}
-
-	@Override
-	public InputStream createTimeoutInputStream(InputStream in,
-			long timeoutMs) {
-		TimeoutInputStream stream = new TimeoutInputStream(clock, in,
-				timeoutMs, this::removeStream);
-		synchronized (lock) {
-			if (streams.isEmpty()) {
-				task = scheduler.scheduleWithFixedDelay(this::checkTimeouts,
-						CHECK_INTERVAL_MS, CHECK_INTERVAL_MS, MILLISECONDS);
-			}
-			streams.add(stream);
-		}
-		return stream;
-	}
-
-	private void removeStream(TimeoutInputStream stream) {
-		Future<?> toCancel = null;
-		synchronized (lock) {
-			if (streams.remove(stream) && streams.isEmpty()) {
-				toCancel = task;
-				task = null;
-			}
-		}
-		if (toCancel != null) toCancel.cancel(false);
-	}
-
-	@Scheduler
-	private void checkTimeouts() {
-		ioExecutor.execute(() -> {
-			List<TimeoutInputStream> snapshot;
-			synchronized (lock) {
-				snapshot = new ArrayList<>(streams);
-			}
-			for (TimeoutInputStream stream : snapshot) {
-				if (stream.hasTimedOut()) {
-					LOG.info("Input stream has timed out");
-					try {
-						stream.close();
-					} catch (IOException e) {
-						logException(LOG, INFO, e);
-					}
-				}
-			}
-		});
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/logging/FlushingStreamHandler.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/logging/FlushingStreamHandler.java
@@ -1,43 +0,0 @@
-package org.briarproject.bramble.logging;
-
-import java.io.OutputStream;
-import java.util.concurrent.Executor;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.logging.Formatter;
-import java.util.logging.LogRecord;
-import java.util.logging.StreamHandler;
-
-import static java.util.concurrent.TimeUnit.MILLISECONDS;
-
-class FlushingStreamHandler extends StreamHandler {
-
-	private static final int FLUSH_DELAY_MS = 5_000;
-
-	private final ScheduledExecutorService scheduler;
-	private final Executor ioExecutor;
-	private final AtomicBoolean flushScheduled = new AtomicBoolean(false);
-
-	FlushingStreamHandler(ScheduledExecutorService scheduler,
-			Executor ioExecutor, OutputStream out, Formatter formatter) {
-		super(out, formatter);
-		this.scheduler = scheduler;
-		this.ioExecutor = ioExecutor;
-	}
-
-	@Override
-	public void publish(LogRecord record) {
-		super.publish(record);
-		if (!flushScheduled.getAndSet(true)) {
-			scheduler.schedule(this::scheduledFlush,
-					FLUSH_DELAY_MS, MILLISECONDS);
-		}
-	}
-
-	private void scheduledFlush() {
-		ioExecutor.execute(() -> {
-			flushScheduled.set(false);
-			flush();
-		});
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/logging/LoggingModule.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/logging/LoggingModule.java
@@ -1,29 +0,0 @@
-package org.briarproject.bramble.logging;
-
-import org.briarproject.bramble.api.lifecycle.LifecycleManager;
-import org.briarproject.bramble.api.logging.PersistentLogManager;
-
-import java.util.logging.Formatter;
-
-import javax.inject.Singleton;
-
-import dagger.Module;
-import dagger.Provides;
-
-@Module
-public class LoggingModule {
-
-	@Provides
-	Formatter provideFormatter() {
-		return new BriefLogFormatter();
-	}
-
-	@Provides
-	@Singleton
-	PersistentLogManager providePersistentLogManager(
-			LifecycleManager lifecycleManager,
-			PersistentLogManagerImpl persistentLogManager) {
-		lifecycleManager.registerOpenDatabaseHook(persistentLogManager);
-		return persistentLogManager;
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/logging/PersistentLogManagerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/logging/PersistentLogManagerImpl.java
@@ -1,177 +0,0 @@
-package org.briarproject.bramble.logging;
-
-import org.briarproject.bramble.api.crypto.CryptoComponent;
-import org.briarproject.bramble.api.crypto.SecretKey;
-import org.briarproject.bramble.api.db.DatabaseComponent;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.db.Transaction;
-import org.briarproject.bramble.api.lifecycle.IoExecutor;
-import org.briarproject.bramble.api.lifecycle.LifecycleManager.OpenDatabaseHook;
-import org.briarproject.bramble.api.lifecycle.ShutdownManager;
-import org.briarproject.bramble.api.logging.PersistentLogManager;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.settings.Settings;
-import org.briarproject.bramble.api.system.Scheduler;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.ByteArrayInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Scanner;
-import java.util.concurrent.Executor;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.atomic.AtomicReference;
-import java.util.logging.Formatter;
-import java.util.logging.Handler;
-import java.util.logging.Logger;
-import java.util.logging.StreamHandler;
-
-import javax.annotation.Nullable;
-import javax.annotation.concurrent.ThreadSafe;
-import javax.inject.Inject;
-
-import static java.util.logging.Level.WARNING;
-import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@ThreadSafe
-@NotNullByDefault
-class PersistentLogManagerImpl implements PersistentLogManager,
-		OpenDatabaseHook {
-
-	private static final Logger LOG =
-			getLogger(PersistentLogManagerImpl.class.getName());
-
-	private static final String LOG_FILE = "briar.log";
-	private static final String OLD_LOG_FILE = "briar.log.old";
-
-	private final ScheduledExecutorService scheduler;
-	private final Executor ioExecutor;
-	private final ShutdownManager shutdownManager;
-	private final DatabaseComponent db;
-	private final StreamReaderFactory streamReaderFactory;
-	private final StreamWriterFactory streamWriterFactory;
-	private final Formatter formatter;
-	private final SecretKey logKey;
-	private final AtomicReference<Integer> shutdownHookHandle =
-			new AtomicReference<>();
-
-	@Nullable
-	private volatile SecretKey oldLogKey = null;
-
-	@Inject
-	PersistentLogManagerImpl(
-			@Scheduler ScheduledExecutorService scheduler,
-			@IoExecutor Executor ioExecutor,
-			ShutdownManager shutdownManager,
-			DatabaseComponent db,
-			StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			Formatter formatter,
-			CryptoComponent crypto) {
-		this.scheduler = scheduler;
-		this.ioExecutor = ioExecutor;
-		this.shutdownManager = shutdownManager;
-		this.db = db;
-		this.streamReaderFactory = streamReaderFactory;
-		this.streamWriterFactory = streamWriterFactory;
-		this.formatter = formatter;
-		logKey = crypto.generateSecretKey();
-	}
-
-	@Override
-	public void onDatabaseOpened(Transaction txn) throws DbException {
-		Settings s = db.getSettings(txn, LOG_SETTINGS_NAMESPACE);
-		// Load the old log key, if any
-		byte[] oldKeyBytes = s.getBytes(LOG_KEY_KEY);
-		if (oldKeyBytes != null && oldKeyBytes.length == SecretKey.LENGTH) {
-			LOG.info("Loaded old log key");
-			oldLogKey = new SecretKey(oldKeyBytes);
-		}
-		// Store the current log key
-		s.putBytes(LOG_KEY_KEY, logKey.getBytes());
-		db.mergeSettings(txn, s, LOG_SETTINGS_NAMESPACE);
-	}
-
-	@Override
-	public Handler createLogHandler(File dir) throws IOException {
-		File logFile = new File(dir, LOG_FILE);
-		File oldLogFile = new File(dir, OLD_LOG_FILE);
-		if (oldLogFile.exists() && !oldLogFile.delete())
-			LOG.warning("Failed to delete old log file");
-		if (logFile.exists() && !logFile.renameTo(oldLogFile))
-			LOG.warning("Failed to rename log file");
-		try {
-			OutputStream out = new FileOutputStream(logFile);
-			StreamWriter writer =
-					streamWriterFactory.createLogStreamWriter(out, logKey);
-			StreamHandler handler = new FlushingStreamHandler(scheduler,
-					ioExecutor, writer.getOutputStream(), formatter);
-			// Flush the log and terminate the stream at shutdown
-			Runnable shutdownHook = () -> {
-				LOG.info("Shutting down");
-				handler.flush();
-				try {
-					writer.sendEndOfStream();
-				} catch (IOException e) {
-					logException(LOG, WARNING, e);
-				}
-			};
-			int handle = shutdownManager.addShutdownHook(shutdownHook);
-			// If a previous handler registered a shutdown hook, remove it
-			Integer oldHandle = shutdownHookHandle.getAndSet(handle);
-			if (oldHandle != null) {
-				shutdownManager.removeShutdownHook(oldHandle);
-			}
-			return handler;
-		} catch (SecurityException e) {
-			throw new IOException(e);
-		}
-	}
-
-	@Override
-	public void addLogHandler(File dir, Logger logger) throws IOException {
-		for (Handler h : logger.getHandlers()) {
-			if (h instanceof FlushingStreamHandler) logger.removeHandler(h);
-		}
-		logger.addHandler(createLogHandler(dir));
-	}
-
-	@Override
-	public Scanner getPersistedLog(File dir, boolean old)
-			throws IOException {
-		if (old) {
-			SecretKey oldLogKey = this.oldLogKey;
-			if (oldLogKey == null) {
-				LOG.info("Old log key has not been loaded");
-				return emptyScanner();
-			}
-			return getPersistedLog(new File(dir, OLD_LOG_FILE), oldLogKey);
-		} else {
-			return getPersistedLog(new File(dir, LOG_FILE), logKey);
-		}
-	}
-
-	private Scanner getPersistedLog(File logFile, SecretKey key)
-			throws IOException {
-		if (logFile.exists()) {
-			LOG.info("Reading log file");
-			InputStream in = new FileInputStream(logFile);
-			return new Scanner(streamReaderFactory.createLogStreamReader(in,
-					key));
-		} else {
-			LOG.info("Log file does not exist");
-			return emptyScanner();
-		}
-	}
-
-	private Scanner emptyScanner() {
-		return new Scanner(new ByteArrayInputStream(new byte[0]));
-	}
-}
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionManagerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionManagerImpl.java
@@ -0,0 +1,694 @@
+package org.briarproject.bramble.plugin;
+
+import org.briarproject.bramble.api.contact.Contact;
+import org.briarproject.bramble.api.contact.ContactExchangeManager;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.HandshakeManager;
+import org.briarproject.bramble.api.contact.HandshakeManager.HandshakeResult;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.lifecycle.IoExecutor;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.ConnectionManager;
+import org.briarproject.bramble.api.plugin.ConnectionRegistry;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.sync.SyncSession;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriter;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.concurrent.Executor;
+import java.util.logging.Logger;
+
+import javax.annotation.Nullable;
+import javax.inject.Inject;
+
+import static java.util.logging.Level.WARNING;
+import static java.util.logging.Logger.getLogger;
+import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
+import static org.briarproject.bramble.api.transport.TransportConstants.TAG_LENGTH;
+import static org.briarproject.bramble.util.IoUtils.read;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class ConnectionManagerImpl implements ConnectionManager {
+
+	private static final Logger LOG =
+			getLogger(ConnectionManagerImpl.class.getName());
+
+	private final Executor ioExecutor;
+	private final KeyManager keyManager;
+	private final StreamReaderFactory streamReaderFactory;
+	private final StreamWriterFactory streamWriterFactory;
+	private final SyncSessionFactory syncSessionFactory;
+	private final HandshakeManager handshakeManager;
+	private final ContactExchangeManager contactExchangeManager;
+	private final ConnectionRegistry connectionRegistry;
+
+	@Inject
+	ConnectionManagerImpl(@IoExecutor Executor ioExecutor,
+			KeyManager keyManager, StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			HandshakeManager handshakeManager,
+			ContactExchangeManager contactExchangeManager,
+			ConnectionRegistry connectionRegistry) {
+		this.ioExecutor = ioExecutor;
+		this.keyManager = keyManager;
+		this.streamReaderFactory = streamReaderFactory;
+		this.streamWriterFactory = streamWriterFactory;
+		this.syncSessionFactory = syncSessionFactory;
+		this.handshakeManager = handshakeManager;
+		this.contactExchangeManager = contactExchangeManager;
+		this.connectionRegistry = connectionRegistry;
+	}
+
+	@Override
+	public void manageIncomingConnection(TransportId t,
+			TransportConnectionReader r) {
+		ioExecutor.execute(new ManageIncomingSimplexConnection(t, r));
+	}
+
+	@Override
+	public void manageIncomingConnection(TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new ManageIncomingDuplexConnection(t, d));
+	}
+
+	@Override
+	public void manageIncomingConnection(PendingContactId p, TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new ManageIncomingHandshakeConnection(p, t, d));
+	}
+
+	@Override
+	public void manageOutgoingConnection(ContactId c, TransportId t,
+			TransportConnectionWriter w) {
+		ioExecutor.execute(new ManageOutgoingSimplexConnection(c, t, w));
+	}
+
+	@Override
+	public void manageOutgoingConnection(ContactId c, TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new ManageOutgoingDuplexConnection(c, t, d));
+	}
+
+	@Override
+	public void manageOutgoingConnection(PendingContactId p, TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new ManageOutgoingHandshakeConnection(p, t, d));
+	}
+
+	private byte[] readTag(InputStream in) throws IOException {
+		byte[] tag = new byte[TAG_LENGTH];
+		read(in, tag);
+		return tag;
+	}
+
+	private SyncSession createIncomingSession(StreamContext ctx,
+			TransportConnectionReader r) throws IOException {
+		InputStream streamReader = streamReaderFactory.createStreamReader(
+				r.getInputStream(), ctx);
+		ContactId c = requireNonNull(ctx.getContactId());
+		return syncSessionFactory.createIncomingSession(c, streamReader);
+	}
+
+	private SyncSession createSimplexOutgoingSession(StreamContext ctx,
+			TransportConnectionWriter w) throws IOException {
+		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
+				w.getOutputStream(), ctx);
+		ContactId c = requireNonNull(ctx.getContactId());
+		return syncSessionFactory.createSimplexOutgoingSession(c,
+				w.getMaxLatency(), streamWriter);
+	}
+
+	private SyncSession createDuplexOutgoingSession(StreamContext ctx,
+			TransportConnectionWriter w) throws IOException {
+		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
+				w.getOutputStream(), ctx);
+		ContactId c = requireNonNull(ctx.getContactId());
+		return syncSessionFactory.createDuplexOutgoingSession(c,
+				w.getMaxLatency(), w.getMaxIdleTime(), streamWriter);
+	}
+
+	private void disposeOnError(TransportConnectionReader reader,
+			boolean recognised) {
+		try {
+			reader.dispose(true, recognised);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+		}
+	}
+
+	private void disposeOnError(TransportConnectionWriter writer) {
+		try {
+			writer.dispose(true);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+		}
+	}
+
+	private class ManageIncomingSimplexConnection implements Runnable {
+
+		private final TransportId transportId;
+		private final TransportConnectionReader reader;
+
+		private ManageIncomingSimplexConnection(TransportId transportId,
+				TransportConnectionReader reader) {
+			this.transportId = transportId;
+			this.reader = reader;
+		}
+
+		@Override
+		public void run() {
+			// Read and recognise the tag
+			StreamContext ctx;
+			try {
+				byte[] tag = readTag(reader.getInputStream());
+				ctx = keyManager.getStreamContext(transportId, tag);
+			} catch (IOException | DbException e) {
+				logException(LOG, WARNING, e);
+				onError(false);
+				return;
+			}
+			if (ctx == null) {
+				LOG.info("Unrecognised tag");
+				onError(false);
+				return;
+			}
+			ContactId contactId = ctx.getContactId();
+			if (contactId == null) {
+				LOG.warning("Received rendezvous stream, expected contact");
+				onError(true);
+				return;
+			}
+			if (ctx.isHandshakeMode()) {
+				// TODO: Support handshake mode for contacts
+				LOG.warning("Received handshake tag, expected rotation mode");
+				onError(true);
+				return;
+			}
+			connectionRegistry.registerConnection(contactId, transportId, true);
+			try {
+				// Create and run the incoming session
+				createIncomingSession(ctx, reader).run();
+				reader.dispose(false, true);
+			} catch (IOException e) {
+				logException(LOG, WARNING, e);
+				onError(true);
+			} finally {
+				connectionRegistry.unregisterConnection(contactId, transportId,
+						true);
+			}
+		}
+
+		private void onError(boolean recognised) {
+			disposeOnError(reader, recognised);
+		}
+	}
+
+	private class ManageOutgoingSimplexConnection implements Runnable {
+
+		private final ContactId contactId;
+		private final TransportId transportId;
+		private final TransportConnectionWriter writer;
+
+		private ManageOutgoingSimplexConnection(ContactId contactId,
+				TransportId transportId, TransportConnectionWriter writer) {
+			this.contactId = contactId;
+			this.transportId = transportId;
+			this.writer = writer;
+		}
+
+		@Override
+		public void run() {
+			// Allocate a stream context
+			StreamContext ctx;
+			try {
+				ctx = keyManager.getStreamContext(contactId, transportId);
+			} catch (DbException e) {
+				logException(LOG, WARNING, e);
+				onError();
+				return;
+			}
+			if (ctx == null) {
+				LOG.warning("Could not allocate stream context");
+				onError();
+				return;
+			}
+			connectionRegistry.registerConnection(contactId, transportId,
+					false);
+			try {
+				// Create and run the outgoing session
+				createSimplexOutgoingSession(ctx, writer).run();
+				writer.dispose(false);
+			} catch (IOException e) {
+				logException(LOG, WARNING, e);
+				onError();
+			} finally {
+				connectionRegistry.unregisterConnection(contactId, transportId,
+						false);
+			}
+		}
+
+		private void onError() {
+			disposeOnError(writer);
+		}
+	}
+
+	private class ManageIncomingDuplexConnection implements Runnable {
+
+		private final TransportId transportId;
+		private final TransportConnectionReader reader;
+		private final TransportConnectionWriter writer;
+
+		@Nullable
+		private volatile SyncSession outgoingSession = null;
+
+		private ManageIncomingDuplexConnection(TransportId transportId,
+				DuplexTransportConnection connection) {
+			this.transportId = transportId;
+			reader = connection.getReader();
+			writer = connection.getWriter();
+		}
+
+		@Override
+		public void run() {
+			// Read and recognise the tag
+			StreamContext ctx;
+			try {
+				byte[] tag = readTag(reader.getInputStream());
+				ctx = keyManager.getStreamContext(transportId, tag);
+			} catch (IOException | DbException e) {
+				logException(LOG, WARNING, e);
+				onReadError(false);
+				return;
+			}
+			if (ctx == null) {
+				LOG.info("Unrecognised tag");
+				onReadError(false);
+				return;
+			}
+			ContactId contactId = ctx.getContactId();
+			if (contactId == null) {
+				LOG.warning("Expected contact tag, got rendezvous tag");
+				onReadError(true);
+				return;
+			}
+			if (ctx.isHandshakeMode()) {
+				// TODO: Support handshake mode for contacts
+				LOG.warning("Received handshake tag, expected rotation mode");
+				onReadError(true);
+				return;
+			}
+			connectionRegistry.registerConnection(contactId, transportId, true);
+			// Start the outgoing session on another thread
+			ioExecutor.execute(() -> runOutgoingSession(contactId));
+			try {
+				// Create and run the incoming session
+				createIncomingSession(ctx, reader).run();
+				reader.dispose(false, true);
+				// Interrupt the outgoing session so it finishes cleanly
+				SyncSession out = outgoingSession;
+				if (out != null) out.interrupt();
+			} catch (IOException e) {
+				logException(LOG, WARNING, e);
+				onReadError(true);
+			} finally {
+				connectionRegistry.unregisterConnection(contactId, transportId,
+						true);
+			}
+		}
+
+		private void runOutgoingSession(ContactId contactId) {
+			// Allocate a stream context
+			StreamContext ctx;
+			try {
+				ctx = keyManager.getStreamContext(contactId, transportId);
+			} catch (DbException e) {
+				logException(LOG, WARNING, e);
+				onWriteError();
+				return;
+			}
+			if (ctx == null) {
+				LOG.warning("Could not allocate stream context");
+				onWriteError();
+				return;
+			}
+			try {
+				// Create and run the outgoing session
+				SyncSession out = createDuplexOutgoingSession(ctx, writer);
+				outgoingSession = out;
+				out.run();
+				writer.dispose(false);
+			} catch (IOException e) {
+				logException(LOG, WARNING, e);
+				onWriteError();
+			}
+		}
+
+		private void onReadError(boolean recognised) {
+			disposeOnError(reader, recognised);
+			disposeOnError(writer);
+			// Interrupt the outgoing session so it finishes
+			SyncSession out = outgoingSession;
+			if (out != null) out.interrupt();
+		}
+
+		private void onWriteError() {
+			disposeOnError(reader, true);
+			disposeOnError(writer);
+		}
+	}
+
+	private class ManageOutgoingDuplexConnection implements Runnable {
+
+		private final ContactId contactId;
+		private final TransportId transportId;
+		private final TransportConnectionReader reader;
+		private final TransportConnectionWriter writer;
+
+		@Nullable
+		private volatile SyncSession outgoingSession = null;
+
+		private ManageOutgoingDuplexConnection(ContactId contactId,
+				TransportId transportId, DuplexTransportConnection connection) {
+			this.contactId = contactId;
+			this.transportId = transportId;
+			reader = connection.getReader();
+			writer = connection.getWriter();
+		}
+
+		@Override
+		public void run() {
+			// Allocate a stream context
+			StreamContext ctx;
+			try {
+				ctx = keyManager.getStreamContext(contactId, transportId);
+			} catch (DbException e) {
+				logException(LOG, WARNING, e);
+				onWriteError();
+				return;
+			}
+			if (ctx == null) {
+				LOG.warning("Could not allocate stream context");
+				onWriteError();
+				return;
+			}
+			if (ctx.isHandshakeMode()) {
+				// TODO: Support handshake mode for contacts
+				LOG.warning("Cannot use handshake mode stream context");
+				onWriteError();
+				return;
+			}
+			// Start the incoming session on another thread
+			ioExecutor.execute(this::runIncomingSession);
+			try {
+				// Create and run the outgoing session
+				SyncSession out = createDuplexOutgoingSession(ctx, writer);
+				outgoingSession = out;
+				out.run();
+				writer.dispose(false);
+			} catch (IOException e) {
+				logException(LOG, WARNING, e);
+				onWriteError();
+			}
+		}
+
+		private void runIncomingSession() {
+			// Read and recognise the tag
+			StreamContext ctx;
+			try {
+				byte[] tag = readTag(reader.getInputStream());
+				ctx = keyManager.getStreamContext(transportId, tag);
+			} catch (IOException | DbException e) {
+				logException(LOG, WARNING, e);
+				onReadError();
+				return;
+			}
+			// Unrecognised tags are suspicious in this case
+			if (ctx == null) {
+				LOG.warning("Unrecognised tag for returning stream");
+				onReadError();
+				return;
+			}
+			// Check that the stream comes from the expected contact
+			ContactId inContactId = ctx.getContactId();
+			if (inContactId == null) {
+				LOG.warning("Expected contact tag, got rendezvous tag");
+				onReadError();
+				return;
+			}
+			if (!contactId.equals(inContactId)) {
+				LOG.warning("Wrong contact ID for returning stream");
+				onReadError();
+				return;
+			}
+			if (ctx.isHandshakeMode()) {
+				// TODO: Support handshake mode for contacts
+				LOG.warning("Received handshake tag, expected rotation mode");
+				onReadError();
+				return;
+			}
+			connectionRegistry.registerConnection(contactId, transportId,
+					false);
+			try {
+				// Create and run the incoming session
+				createIncomingSession(ctx, reader).run();
+				reader.dispose(false, true);
+				// Interrupt the outgoing session so it finishes cleanly
+				SyncSession out = outgoingSession;
+				if (out != null) out.interrupt();
+			} catch (IOException e) {
+				logException(LOG, WARNING, e);
+				onReadError();
+			} finally {
+				connectionRegistry.unregisterConnection(contactId, transportId,
+						false);
+			}
+		}
+
+		private void onReadError() {
+			// 'Recognised' is always true for outgoing connections
+			disposeOnError(reader, true);
+			disposeOnError(writer);
+			// Interrupt the outgoing session so it finishes
+			SyncSession out = outgoingSession;
+			if (out != null) out.interrupt();
+		}
+
+		private void onWriteError() {
+			disposeOnError(reader, true);
+			disposeOnError(writer);
+		}
+	}
+
+	private class ManageIncomingHandshakeConnection implements Runnable {
+
+		private final PendingContactId pendingContactId;
+		private final TransportId transportId;
+		private final DuplexTransportConnection connection;
+		private final TransportConnectionReader reader;
+		private final TransportConnectionWriter writer;
+
+		private ManageIncomingHandshakeConnection(
+				PendingContactId pendingContactId, TransportId transportId,
+				DuplexTransportConnection connection) {
+			this.pendingContactId = pendingContactId;
+			this.transportId = transportId;
+			this.connection = connection;
+			reader = connection.getReader();
+			writer = connection.getWriter();
+		}
+
+		@Override
+		public void run() {
+			// Read and recognise the tag
+			StreamContext ctxIn;
+			try {
+				byte[] tag = readTag(reader.getInputStream());
+				ctxIn = keyManager.getStreamContext(transportId, tag);
+			} catch (IOException | DbException e) {
+				logException(LOG, WARNING, e);
+				onError(false);
+				return;
+			}
+			if (ctxIn == null) {
+				LOG.info("Unrecognised tag");
+				onError(false);
+				return;
+			}
+			PendingContactId inPendingContactId = ctxIn.getPendingContactId();
+			if (inPendingContactId == null) {
+				LOG.warning("Expected rendezvous tag, got contact tag");
+				onError(true);
+				return;
+			}
+			// Allocate the outgoing stream context
+			StreamContext ctxOut;
+			try {
+				ctxOut = keyManager.getStreamContext(pendingContactId,
+						transportId);
+			} catch (DbException e) {
+				logException(LOG, WARNING, e);
+				onError(true);
+				return;
+			}
+			if (ctxOut == null) {
+				LOG.warning("Could not allocate stream context");
+				onError(true);
+				return;
+			}
+			// Close the connection if it's redundant
+			if (!connectionRegistry.registerConnection(pendingContactId)) {
+				LOG.info("Redundant rendezvous connection");
+				onError(true);
+				return;
+			}
+			// Handshake and exchange contacts
+			try {
+				InputStream in = streamReaderFactory.createStreamReader(
+						reader.getInputStream(), ctxIn);
+				// Flush the output stream to send the outgoing stream header
+				StreamWriter out = streamWriterFactory.createStreamWriter(
+						writer.getOutputStream(), ctxOut);
+				out.getOutputStream().flush();
+				HandshakeResult result = handshakeManager.handshake(
+						pendingContactId, in, out);
+				Contact contact = contactExchangeManager.exchangeContacts(
+						pendingContactId, connection, result.getMasterKey(),
+						result.isAlice(), false);
+				connectionRegistry.unregisterConnection(pendingContactId, true);
+				// Reuse the connection as a transport connection
+				manageOutgoingConnection(contact.getId(), transportId,
+						connection);
+			} catch (IOException | DbException e) {
+				logException(LOG, WARNING, e);
+				onError(true);
+				connectionRegistry.unregisterConnection(pendingContactId,
+						false);
+			}
+		}
+
+		private void onError(boolean recognised) {
+			disposeOnError(reader, recognised);
+			disposeOnError(writer);
+		}
+	}
+
+	private class ManageOutgoingHandshakeConnection implements Runnable {
+
+		private final PendingContactId pendingContactId;
+		private final TransportId transportId;
+		private final DuplexTransportConnection connection;
+		private final TransportConnectionReader reader;
+		private final TransportConnectionWriter writer;
+
+		private ManageOutgoingHandshakeConnection(
+				PendingContactId pendingContactId, TransportId transportId,
+				DuplexTransportConnection connection) {
+			this.pendingContactId = pendingContactId;
+			this.transportId = transportId;
+			this.connection = connection;
+			reader = connection.getReader();
+			writer = connection.getWriter();
+		}
+
+		@Override
+		public void run() {
+			// Allocate the outgoing stream context
+			StreamContext ctxOut;
+			try {
+				ctxOut = keyManager.getStreamContext(pendingContactId,
+						transportId);
+			} catch (DbException e) {
+				logException(LOG, WARNING, e);
+				onError();
+				return;
+			}
+			if (ctxOut == null) {
+				LOG.warning("Could not allocate stream context");
+				onError();
+				return;
+			}
+			// Flush the output stream to send the outgoing stream header
+			StreamWriter out;
+			try {
+				out = streamWriterFactory.createStreamWriter(
+						writer.getOutputStream(), ctxOut);
+				out.getOutputStream().flush();
+			} catch (IOException e) {
+				logException(LOG, WARNING, e);
+				onError();
+				return;
+			}
+			// Read and recognise the tag
+			StreamContext ctxIn;
+			try {
+				byte[] tag = readTag(reader.getInputStream());
+				ctxIn = keyManager.getStreamContext(transportId, tag);
+			} catch (IOException | DbException e) {
+				logException(LOG, WARNING, e);
+				onError();
+				return;
+			}
+			// Unrecognised tags are suspicious in this case
+			if (ctxIn == null) {
+				LOG.warning("Unrecognised tag for returning stream");
+				onError();
+				return;
+			}
+			// Check that the stream comes from the expected pending contact
+			PendingContactId inPendingContactId = ctxIn.getPendingContactId();
+			if (inPendingContactId == null) {
+				LOG.warning("Expected rendezvous tag, got contact tag");
+				onError();
+				return;
+			}
+			if (!inPendingContactId.equals(pendingContactId)) {
+				LOG.warning("Wrong pending contact ID for returning stream");
+				onError();
+				return;
+			}
+			// Close the connection if it's redundant
+			if (!connectionRegistry.registerConnection(pendingContactId)) {
+				LOG.info("Redundant rendezvous connection");
+				onError();
+				return;
+			}
+			// Handshake and exchange contacts
+			try {
+				InputStream in = streamReaderFactory.createStreamReader(
+						reader.getInputStream(), ctxIn);
+				HandshakeResult result = handshakeManager.handshake(
+						pendingContactId, in, out);
+				Contact contact = contactExchangeManager.exchangeContacts(
+						pendingContactId, connection, result.getMasterKey(),
+						result.isAlice(), false);
+				connectionRegistry.unregisterConnection(pendingContactId, true);
+				// Reuse the connection as a transport connection
+				manageOutgoingConnection(contact.getId(), transportId,
+						connection);
+			} catch (IOException | DbException e) {
+				logException(LOG, WARNING, e);
+				onError();
+				connectionRegistry.unregisterConnection(pendingContactId,
+						false);
+			}
+		}
+
+		private void onError() {
+			// 'Recognised' is always true for outgoing connections
+			disposeOnError(reader, true);
+			disposeOnError(writer);
+		}
+	}
+}
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionRegistryImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionRegistryImpl.java
@@ -0,0 +1,150 @@
+package org.briarproject.bramble.plugin;
+
+import org.briarproject.bramble.api.Multiset;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.event.EventBus;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.ConnectionRegistry;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
+import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.logging.Logger;
+
+import javax.annotation.concurrent.GuardedBy;
+import javax.annotation.concurrent.ThreadSafe;
+import javax.inject.Inject;
+
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Logger.getLogger;
+
+@ThreadSafe
+@NotNullByDefault
+class ConnectionRegistryImpl implements ConnectionRegistry {
+
+	private static final Logger LOG =
+			getLogger(ConnectionRegistryImpl.class.getName());
+
+	private final EventBus eventBus;
+
+	private final Object lock = new Object();
+	@GuardedBy("lock")
+	private final Map<TransportId, Multiset<ContactId>> contactConnections;
+	@GuardedBy("lock")
+	private final Multiset<ContactId> contactCounts;
+	@GuardedBy("lock")
+	private final Set<PendingContactId> connectedPendingContacts;
+
+	@Inject
+	ConnectionRegistryImpl(EventBus eventBus) {
+		this.eventBus = eventBus;
+		contactConnections = new HashMap<>();
+		contactCounts = new Multiset<>();
+		connectedPendingContacts = new HashSet<>();
+	}
+
+	@Override
+	public void registerConnection(ContactId c, TransportId t,
+			boolean incoming) {
+		if (LOG.isLoggable(INFO)) {
+			if (incoming) LOG.info("Incoming connection registered: " + t);
+			else LOG.info("Outgoing connection registered: " + t);
+		}
+		boolean firstConnection = false;
+		synchronized (lock) {
+			Multiset<ContactId> m = contactConnections.get(t);
+			if (m == null) {
+				m = new Multiset<>();
+				contactConnections.put(t, m);
+			}
+			m.add(c);
+			if (contactCounts.add(c) == 1) firstConnection = true;
+		}
+		eventBus.broadcast(new ConnectionOpenedEvent(c, t, incoming));
+		if (firstConnection) {
+			LOG.info("Contact connected");
+			eventBus.broadcast(new ContactConnectedEvent(c));
+		}
+	}
+
+	@Override
+	public void unregisterConnection(ContactId c, TransportId t,
+			boolean incoming) {
+		if (LOG.isLoggable(INFO)) {
+			if (incoming) LOG.info("Incoming connection unregistered: " + t);
+			else LOG.info("Outgoing connection unregistered: " + t);
+		}
+		boolean lastConnection = false;
+		synchronized (lock) {
+			Multiset<ContactId> m = contactConnections.get(t);
+			if (m == null || !m.contains(c))
+				throw new IllegalArgumentException();
+			m.remove(c);
+			if (contactCounts.remove(c) == 0) lastConnection = true;
+		}
+		eventBus.broadcast(new ConnectionClosedEvent(c, t, incoming));
+		if (lastConnection) {
+			LOG.info("Contact disconnected");
+			eventBus.broadcast(new ContactDisconnectedEvent(c));
+		}
+	}
+
+	@Override
+	public Collection<ContactId> getConnectedContacts(TransportId t) {
+		synchronized (lock) {
+			Multiset<ContactId> m = contactConnections.get(t);
+			if (m == null) return Collections.emptyList();
+			List<ContactId> ids = new ArrayList<>(m.keySet());
+			if (LOG.isLoggable(INFO))
+				LOG.info(ids.size() + " contacts connected: " + t);
+			return ids;
+		}
+	}
+
+	@Override
+	public boolean isConnected(ContactId c, TransportId t) {
+		synchronized (lock) {
+			Multiset<ContactId> m = contactConnections.get(t);
+			return m != null && m.contains(c);
+		}
+	}
+
+	@Override
+	public boolean isConnected(ContactId c) {
+		synchronized (lock) {
+			return contactCounts.contains(c);
+		}
+	}
+
+	@Override
+	public boolean registerConnection(PendingContactId p) {
+		boolean added;
+		synchronized (lock) {
+			added = connectedPendingContacts.add(p);
+		}
+		if (added) eventBus.broadcast(new RendezvousConnectionOpenedEvent(p));
+		return added;
+	}
+
+	@Override
+	public void unregisterConnection(PendingContactId p, boolean success) {
+		synchronized (lock) {
+			if (!connectedPendingContacts.remove(p))
+				throw new IllegalArgumentException();
+		}
+		eventBus.broadcast(new RendezvousConnectionClosedEvent(p, success));
+	}
+}
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/PluginManagerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/PluginManagerImpl.java
@@ -1,14 +1,13 @@
 package org.briarproject.bramble.plugin;

-import org.briarproject.bramble.api.connection.ConnectionManager;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.lifecycle.Service;
 import org.briarproject.bramble.api.lifecycle.ServiceException;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.ConnectionManager;
 import org.briarproject.bramble.api.plugin.Plugin;
-import org.briarproject.bramble.api.plugin.Plugin.State;
 import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.PluginConfig;
 import org.briarproject.bramble.api.plugin.PluginException;
@@ -19,9 +18,8 @@ import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
 import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.plugin.event.TransportActiveEvent;
-import org.briarproject.bramble.api.plugin.event.TransportInactiveEvent;
-import org.briarproject.bramble.api.plugin.event.TransportStateEvent;
+import org.briarproject.bramble.api.plugin.event.TransportDisabledEvent;
+import org.briarproject.bramble.api.plugin.event.TransportEnabledEvent;
 import org.briarproject.bramble.api.plugin.simplex.SimplexPlugin;
 import org.briarproject.bramble.api.plugin.simplex.SimplexPluginFactory;
 import org.briarproject.bramble.api.properties.TransportProperties;
@@ -38,7 +36,6 @@ import java.util.concurrent.CopyOnWriteArrayList;
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.Executor;
 import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.concurrent.atomic.AtomicReference;
 import java.util.logging.Logger;

 import javax.annotation.concurrent.ThreadSafe;
@@ -48,9 +45,6 @@ import static java.util.logging.Level.FINE;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.api.plugin.Plugin.PREF_PLUGIN_ENABLE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.ACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.STARTING_STOPPING;
 import static org.briarproject.bramble.util.LogUtils.logDuration;
 import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.LogUtils.now;
@@ -183,26 +177,6 @@ class PluginManagerImpl implements PluginManager, Service {
 		return supported;
 	}

-	@Override
-	public void setPluginEnabled(TransportId t, boolean enabled) {
-		Plugin plugin = plugins.get(t);
-		if (plugin == null) return;
-
-		Settings s = new Settings();
-		s.putBoolean(PREF_PLUGIN_ENABLE, enabled);
-		ioExecutor.execute(() -> mergeSettings(s, t.getString()));
-	}
-
-	private void mergeSettings(Settings s, String namespace) {
-		try {
-			long start = now();
-			settingsManager.mergeSettings(s, namespace);
-			logDuration(LOG, "Merging settings", start);
-		} catch (DbException e) {
-			logException(LOG, WARNING, e);
-		}
-	}
-
 	private class PluginStarter implements Runnable {

 		private final Plugin plugin;
@@ -276,8 +250,7 @@ class PluginManagerImpl implements PluginManager, Service {
 	private class Callback implements PluginCallback {

 		private final TransportId id;
-		private final AtomicReference<State> state =
-				new AtomicReference<>(STARTING_STOPPING);
+		private final AtomicBoolean enabled = new AtomicBoolean(false);

 		private Callback(TransportId id) {
 			this.id = id;
@@ -305,7 +278,11 @@ class PluginManagerImpl implements PluginManager, Service {

 		@Override
 		public void mergeSettings(Settings s) {
-			PluginManagerImpl.this.mergeSettings(s, id.getString());
+			try {
+				settingsManager.mergeSettings(s, id.getString());
+			} catch (DbException e) {
+				logException(LOG, WARNING, e);
+			}
 		}

 		@Override
@@ -318,20 +295,15 @@ class PluginManagerImpl implements PluginManager, Service {
 		}

 		@Override
-		public void pluginStateChanged(State newState) {
-			State oldState = state.getAndSet(newState);
-			if (newState != oldState) {
-				if (LOG.isLoggable(INFO)) {
-					LOG.info(id + " changed from state " + oldState
-							+ " to " + newState);
-				}
-				eventBus.broadcast(new TransportStateEvent(id, newState));
-				if (newState == ACTIVE) {
-					eventBus.broadcast(new TransportActiveEvent(id));
-				} else if (oldState == ACTIVE) {
-					eventBus.broadcast(new TransportInactiveEvent(id));
-				}
-			}
+		public void transportEnabled() {
+			if (!enabled.getAndSet(true))
+				eventBus.broadcast(new TransportEnabledEvent(id));
+		}
+
+		@Override
+		public void transportDisabled() {
+			if (enabled.getAndSet(false))
+				eventBus.broadcast(new TransportDisabledEvent(id));
 		}

 		@Override
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/PluginModule.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/PluginModule.java
@@ -3,6 +3,8 @@ package org.briarproject.bramble.plugin;
 import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
+import org.briarproject.bramble.api.plugin.ConnectionManager;
+import org.briarproject.bramble.api.plugin.ConnectionRegistry;
 import org.briarproject.bramble.api.plugin.PluginConfig;
 import org.briarproject.bramble.api.plugin.PluginManager;

@@ -27,6 +29,20 @@ public class PluginModule {
 		return new BackoffFactoryImpl();
 	}

+	@Provides
+	@Singleton
+	ConnectionManager provideConnectionManager(
+			ConnectionManagerImpl connectionManager) {
+		return connectionManager;
+	}
+
+	@Provides
+	@Singleton
+	ConnectionRegistry provideConnectionRegistry(
+			ConnectionRegistryImpl connectionRegistry) {
+		return connectionRegistry;
+	}
+
 	@Provides
 	@Singleton
 	PluginManager providePluginManager(LifecycleManager lifecycleManager,
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/PollerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/PollerImpl.java
@@ -1,8 +1,6 @@
 package org.briarproject.bramble.plugin;

 import org.briarproject.bramble.api.Pair;
-import org.briarproject.bramble.api.connection.ConnectionManager;
-import org.briarproject.bramble.api.connection.ConnectionRegistry;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.event.ContactAddedEvent;
 import org.briarproject.bramble.api.db.DbException;
@@ -11,6 +9,8 @@ import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.ConnectionHandler;
+import org.briarproject.bramble.api.plugin.ConnectionManager;
+import org.briarproject.bramble.api.plugin.ConnectionRegistry;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.PluginManager;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;
@@ -20,8 +20,8 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexPlugin;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
 import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
-import org.briarproject.bramble.api.plugin.event.TransportActiveEvent;
-import org.briarproject.bramble.api.plugin.event.TransportInactiveEvent;
+import org.briarproject.bramble.api.plugin.event.TransportDisabledEvent;
+import org.briarproject.bramble.api.plugin.event.TransportEnabledEvent;
 import org.briarproject.bramble.api.plugin.simplex.SimplexPlugin;
 import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.properties.TransportPropertyManager;
@@ -98,21 +98,21 @@ class PollerImpl implements Poller, EventListener {
 			ConnectionClosedEvent c = (ConnectionClosedEvent) e;
 			// Reschedule polling, the polling interval may have decreased
 			reschedule(c.getTransportId());
-			// If an outgoing connection failed, try to reconnect
-			if (!c.isIncoming() && c.isException()) {
+			if (!c.isIncoming()) {
+				// Connect to the disconnected contact
 				connectToContact(c.getContactId(), c.getTransportId());
 			}
 		} else if (e instanceof ConnectionOpenedEvent) {
 			ConnectionOpenedEvent c = (ConnectionOpenedEvent) e;
 			// Reschedule polling, the polling interval may have decreased
 			reschedule(c.getTransportId());
-		} else if (e instanceof TransportActiveEvent) {
-			TransportActiveEvent t = (TransportActiveEvent) e;
-			// Poll the newly activated transport
+		} else if (e instanceof TransportEnabledEvent) {
+			TransportEnabledEvent t = (TransportEnabledEvent) e;
+			// Poll the newly enabled transport
 			pollNow(t.getTransportId());
-		} else if (e instanceof TransportInactiveEvent) {
-			TransportInactiveEvent t = (TransportInactiveEvent) e;
-			// Cancel polling for the deactivated transport
+		} else if (e instanceof TransportDisabledEvent) {
+			TransportDisabledEvent t = (TransportDisabledEvent) e;
+			// Cancel polling for the disabled transport
 			cancel(t.getTransportId());
 		}
 	}
@@ -215,7 +215,7 @@ class PollerImpl implements Poller, EventListener {
 			Map<ContactId, TransportProperties> remote =
 					transportPropertyManager.getRemoteProperties(t);
 			Collection<ContactId> connected =
-					connectionRegistry.getConnectedOrBetterContacts(t);
+					connectionRegistry.getConnectedContacts(t);
 			Collection<Pair<TransportProperties, ConnectionHandler>>
 					properties = new ArrayList<>();
 			for (Entry<ContactId, TransportProperties> e : remote.entrySet()) {
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothConnectionLimiter.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothConnectionLimiter.java
@@ -23,9 +23,17 @@ interface BluetoothConnectionLimiter {
 	boolean canOpenContactConnection();

 	/**
-	 * Informs the limiter that the given connection has been opened.
+	 * Informs the limiter that a contact connection has been opened. The
+	 * limiter may close the new connection if key agreement is in progress.
+	 * <p/>
+	 * Returns false if the limiter has closed the new connection.
 	 */
-	void connectionOpened(DuplexTransportConnection conn);
+	boolean contactConnectionOpened(DuplexTransportConnection conn);
+
+	/**
+	 * Informs the limiter that a key agreement connection has been opened.
+	 */
+	void keyAgreementConnectionOpened(DuplexTransportConnection conn);

 	/**
 	 * Informs the limiter that the given connection has been closed.
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothConnectionLimiterImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothConnectionLimiterImpl.java
@@ -1,48 +1,46 @@
 package org.briarproject.bramble.plugin.bluetooth;

-import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.sync.event.CloseSyncConnectionsEvent;

+import java.io.IOException;
+import java.util.ArrayList;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.logging.Logger;

-import javax.annotation.concurrent.GuardedBy;
 import javax.annotation.concurrent.ThreadSafe;

 import static java.util.logging.Level.INFO;
-import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.api.plugin.BluetoothConstants.ID;
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.util.LogUtils.logException;

@NotNullByDefault
@ThreadSafe
 class BluetoothConnectionLimiterImpl implements BluetoothConnectionLimiter {

 	private static final Logger LOG =
-			getLogger(BluetoothConnectionLimiterImpl.class.getName());
-
-	private final EventBus eventBus;
+			Logger.getLogger(BluetoothConnectionLimiterImpl.class.getName());

 	private final Object lock = new Object();
-	@GuardedBy("lock")
-	private final List<DuplexTransportConnection> connections =
+	// The following are locking: lock
+	private final LinkedList<DuplexTransportConnection> connections =
 			new LinkedList<>();
-	@GuardedBy("lock")
 	private boolean keyAgreementInProgress = false;

-	BluetoothConnectionLimiterImpl(EventBus eventBus) {
-		this.eventBus = eventBus;
-	}
-
 	@Override
 	public void keyAgreementStarted() {
+		List<DuplexTransportConnection> close;
 		synchronized (lock) {
 			keyAgreementInProgress = true;
+			close = new ArrayList<>(connections);
+			connections.clear();
 		}
-		LOG.info("Key agreement started");
-		eventBus.broadcast(new CloseSyncConnectionsEvent(ID));
+		if (LOG.isLoggable(INFO)) {
+			LOG.info("Key agreement started, closing " + close.size() +
+					" connections");
+		}
+		for (DuplexTransportConnection conn : close) tryToClose(conn);
 	}

 	@Override
@@ -67,22 +65,44 @@ class BluetoothConnectionLimiterImpl implements BluetoothConnectionLimiter {
 	}

 	@Override
-	public void connectionOpened(DuplexTransportConnection conn) {
+	public boolean contactConnectionOpened(DuplexTransportConnection conn) {
+		boolean accept = true;
 		synchronized (lock) {
-			connections.add(conn);
-			if (LOG.isLoggable(INFO)) {
-				LOG.info("Connection opened, " + connections.size() + " open");
+			if (keyAgreementInProgress) {
+				LOG.info("Refusing contact connection during key agreement");
+				accept = false;
+			} else {
+				LOG.info("Accepting contact connection");
+				connections.add(conn);
 			}
 		}
+		if (!accept) tryToClose(conn);
+		return accept;
+	}
+
+	@Override
+	public void keyAgreementConnectionOpened(DuplexTransportConnection conn) {
+		synchronized (lock) {
+			LOG.info("Accepting key agreement connection");
+			connections.add(conn);
+		}
+	}
+
+	private void tryToClose(DuplexTransportConnection conn) {
+		try {
+			conn.getWriter().dispose(false);
+			conn.getReader().dispose(false, false);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+		}
 	}

 	@Override
 	public void connectionClosed(DuplexTransportConnection conn) {
 		synchronized (lock) {
 			connections.remove(conn);
-			if (LOG.isLoggable(INFO)) {
+			if (LOG.isLoggable(INFO))
 				LOG.info("Connection closed, " + connections.size() + " open");
-			}
 		}
 	}

--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothPlugin.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothPlugin.java
@@ -5,14 +5,11 @@ import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.event.EventListener;
-import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementConnection;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
 import org.briarproject.bramble.api.keyagreement.event.KeyAgreementListeningEvent;
 import org.briarproject.bramble.api.keyagreement.event.KeyAgreementStoppedListeningEvent;
-import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.ConnectionHandler;
@@ -39,22 +36,16 @@ import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.logging.Logger;

 import javax.annotation.Nullable;
-import javax.annotation.concurrent.GuardedBy;
-import javax.annotation.concurrent.ThreadSafe;

 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.TRANSPORT_ID_BLUETOOTH;
-import static org.briarproject.bramble.api.plugin.BluetoothConstants.DEFAULT_PREF_PLUGIN_ENABLE;
 import static org.briarproject.bramble.api.plugin.BluetoothConstants.ID;
+import static org.briarproject.bramble.api.plugin.BluetoothConstants.PREF_BT_ENABLE;
 import static org.briarproject.bramble.api.plugin.BluetoothConstants.PROP_ADDRESS;
 import static org.briarproject.bramble.api.plugin.BluetoothConstants.PROP_UUID;
 import static org.briarproject.bramble.api.plugin.BluetoothConstants.UUID_BYTES;
-import static org.briarproject.bramble.api.plugin.Plugin.State.ACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.DISABLED;
-import static org.briarproject.bramble.api.plugin.Plugin.State.INACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.STARTING_STOPPING;
 import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.PrivacyUtils.scrubMacAddress;
 import static org.briarproject.bramble.util.StringUtils.isNullOrEmpty;
@@ -69,18 +60,17 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 			getLogger(BluetoothPlugin.class.getName());

 	final BluetoothConnectionLimiter connectionLimiter;
-	final TimeoutMonitor timeoutMonitor;

 	private final Executor ioExecutor;
 	private final SecureRandom secureRandom;
 	private final Backoff backoff;
 	private final PluginCallback callback;
-	private final int maxLatency, maxIdleTime;
+	private final int maxLatency;
 	private final AtomicBoolean used = new AtomicBoolean(false);

-	protected final PluginState state = new PluginState();
-
+	private volatile boolean running = false, contactConnections = false;
 	private volatile String contactConnectionsUuid = null;
+	private volatile SS socket = null;

 	abstract void initialiseAdapter() throws IOException;

@@ -115,35 +105,28 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 	abstract DuplexTransportConnection discoverAndConnect(String uuid);

 	BluetoothPlugin(BluetoothConnectionLimiter connectionLimiter,
-			TimeoutMonitor timeoutMonitor, Executor ioExecutor,
-			SecureRandom secureRandom, Backoff backoff,
-			PluginCallback callback, int maxLatency, int maxIdleTime) {
+			Executor ioExecutor, SecureRandom secureRandom,
+			Backoff backoff, PluginCallback callback, int maxLatency) {
 		this.connectionLimiter = connectionLimiter;
-		this.timeoutMonitor = timeoutMonitor;
 		this.ioExecutor = ioExecutor;
 		this.secureRandom = secureRandom;
 		this.backoff = backoff;
 		this.callback = callback;
 		this.maxLatency = maxLatency;
-		this.maxIdleTime = maxIdleTime;
 	}

 	void onAdapterEnabled() {
 		LOG.info("Bluetooth enabled");
 		// We may not have been able to get the local address before
 		ioExecutor.execute(this::updateProperties);
-		if (getState() == INACTIVE) bind();
+		if (shouldAllowContactConnections()) bind();
 	}

 	void onAdapterDisabled() {
 		LOG.info("Bluetooth disabled");
+		tryToClose(socket);
 		connectionLimiter.allConnectionsClosed();
-		// The server socket may not have been closed automatically
-		SS ss = state.clearServerSocket();
-		if (ss != null) {
-			LOG.info("Closing server socket");
-			tryToClose(ss);
-		}
+		callback.transportDisabled();
 	}

 	@Override
@@ -158,31 +141,38 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {

 	@Override
 	public int getMaxIdleTime() {
-		return maxIdleTime;
+		// Bluetooth detects dead connections so we don't need keepalives
+		return Integer.MAX_VALUE;
 	}

 	@Override
 	public void start() throws PluginException {
 		if (used.getAndSet(true)) throw new IllegalStateException();
-		Settings settings = callback.getSettings();
-		boolean enabledByUser = settings.getBoolean(PREF_PLUGIN_ENABLE,
-				DEFAULT_PREF_PLUGIN_ENABLE);
-		state.setStarted(enabledByUser);
 		try {
 			initialiseAdapter();
 		} catch (IOException e) {
 			throw new PluginException(e);
 		}
 		updateProperties();
-		if (enabledByUser) {
+		running = true;
+		loadSettings(callback.getSettings());
+		if (shouldAllowContactConnections()) {
 			if (isAdapterEnabled()) bind();
 			else enableAdapter();
 		}
 	}

+	private void loadSettings(Settings settings) {
+		contactConnections = settings.getBoolean(PREF_BT_ENABLE, false);
+	}
+
+	private boolean shouldAllowContactConnections() {
+		return contactConnections;
+	}
+
 	private void bind() {
 		ioExecutor.execute(() -> {
-			if (getState() != INACTIVE) return;
+			if (!isRunning() || !shouldAllowContactConnections()) return;
 			// Bind a server socket to accept connections from contacts
 			SS ss;
 			try {
@@ -191,13 +181,14 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 				logException(LOG, WARNING, e);
 				return;
 			}
-			if (!state.setServerSocket(ss)) {
-				LOG.info("Closing redundant server socket");
+			if (!isRunning() || !shouldAllowContactConnections()) {
 				tryToClose(ss);
 				return;
 			}
+			socket = ss;
 			backoff.reset();
-			acceptContactConnections(ss);
+			callback.transportEnabled();
+			acceptContactConnections();
 		});
 	}

@@ -226,39 +217,34 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 		if (changed) callback.mergeLocalProperties(p);
 	}

-	private void acceptContactConnections(SS ss) {
+	private void acceptContactConnections() {
 		while (true) {
 			DuplexTransportConnection conn;
 			try {
-				conn = acceptConnection(ss);
+				conn = acceptConnection(socket);
 			} catch (IOException e) {
-				// This is expected when the server socket is closed
-				LOG.info("Server socket closed");
-				state.clearServerSocket();
+				// This is expected when the socket is closed
+				if (LOG.isLoggable(INFO)) LOG.info(e.toString());
 				return;
 			}
-			LOG.info("Connection received");
-			connectionLimiter.connectionOpened(conn);
 			backoff.reset();
-			callback.handleConnection(conn);
+			if (connectionLimiter.contactConnectionOpened(conn))
+				callback.handleConnection(conn);
+			if (!running) return;
 		}
 	}

 	@Override
 	public void stop() {
-		SS ss = state.setStopped();
-		tryToClose(ss);
+		running = false;
+		tryToClose(socket);
+		callback.transportDisabled();
 		disableAdapterIfEnabledByUs();
 	}

 	@Override
-	public State getState() {
-		return state.getState();
-	}
-
-	@Override
-	public int getReasonsDisabled() {
-		return state.getReasonsDisabled();
+	public boolean isRunning() {
+		return running && isAdapterEnabled();
 	}

 	@Override
@@ -274,7 +260,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 	@Override
 	public void poll(Collection<Pair<TransportProperties, ConnectionHandler>>
 			properties) {
-		if (getState() != ACTIVE) return;
+		if (!isRunning() || !shouldAllowContactConnections()) return;
 		backoff.increment();
 		for (Pair<TransportProperties, ConnectionHandler> p : properties) {
 			connect(p.getFirst(), p.getSecond());
@@ -287,10 +273,13 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 		String uuid = p.get(PROP_UUID);
 		if (isNullOrEmpty(uuid)) return;
 		ioExecutor.execute(() -> {
+			if (!isRunning() || !shouldAllowContactConnections()) return;
+			if (!connectionLimiter.canOpenContactConnection()) return;
 			DuplexTransportConnection d = createConnection(p);
 			if (d != null) {
 				backoff.reset();
-				h.handleConnection(d);
+				if (connectionLimiter.contactConnectionOpened(d))
+					h.handleConnection(d);
 			}
 		});
 	}
@@ -328,15 +317,16 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {

 	@Override
 	public DuplexTransportConnection createConnection(TransportProperties p) {
-		if (getState() != ACTIVE) return null;
+		if (!isRunning() || !shouldAllowContactConnections()) return null;
 		if (!connectionLimiter.canOpenContactConnection()) return null;
 		String address = p.get(PROP_ADDRESS);
 		if (isNullOrEmpty(address)) return null;
 		String uuid = p.get(PROP_UUID);
 		if (isNullOrEmpty(uuid)) return null;
 		DuplexTransportConnection conn = connect(address, uuid);
-		if (conn != null) connectionLimiter.connectionOpened(conn);
-		return conn;
+		if (conn == null) return null;
+		// TODO: Why don't we reset the backoff here?
+		return connectionLimiter.contactConnectionOpened(conn) ? conn : null;
 	}

 	@Override
@@ -346,7 +336,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {

 	@Override
 	public KeyAgreementListener createKeyAgreementListener(byte[] commitment) {
-		if (getState() != ACTIVE) return null;
+		if (!isRunning()) return null;
 		// No truncation necessary because COMMIT_LENGTH = 16
 		String uuid = UUID.nameUUIDFromBytes(commitment).toString();
 		if (LOG.isLoggable(INFO)) LOG.info("Key agreement UUID " + uuid);
@@ -358,7 +348,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 			logException(LOG, WARNING, e);
 			return null;
 		}
-		if (getState() != ACTIVE) {
+		if (!isRunning()) {
 			tryToClose(ss);
 			return null;
 		}
@@ -372,7 +362,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 	@Override
 	public DuplexTransportConnection createKeyAgreementConnection(
 			byte[] commitment, BdfList descriptor) {
-		if (getState() != ACTIVE) return null;
+		if (!isRunning()) return null;
 		// No truncation necessary because COMMIT_LENGTH = 16
 		String uuid = UUID.nameUUIDFromBytes(commitment).toString();
 		DuplexTransportConnection conn;
@@ -392,7 +382,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 				LOG.info("Connecting to key agreement UUID " + uuid);
 			conn = connect(address, uuid);
 		}
-		if (conn != null) connectionLimiter.connectionOpened(conn);
+		if (conn != null) connectionLimiter.keyAgreementConnectionOpened(conn);
 		return conn;
 	}

@@ -432,18 +422,17 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 		}
 	}

-	@IoExecutor
 	private void onSettingsUpdated(Settings settings) {
-		boolean enabledByUser = settings.getBoolean(PREF_PLUGIN_ENABLE,
-				DEFAULT_PREF_PLUGIN_ENABLE);
-		SS ss = state.setEnabledByUser(enabledByUser);
-		State s = getState();
-		if (ss != null) {
-			LOG.info("Disabled by user, closing server socket");
-			tryToClose(ss);
+		boolean wasAllowed = shouldAllowContactConnections();
+		loadSettings(settings);
+		boolean isAllowed = shouldAllowContactConnections();
+		if (wasAllowed && !isAllowed) {
+			LOG.info("Contact connections disabled");
+			tryToClose(socket);
+			callback.transportDisabled();
 			disableAdapterIfEnabledByUs();
-		} else if (s == INACTIVE) {
-			LOG.info("Enabled by user, opening server socket");
+		} else if (!wasAllowed && isAllowed) {
+			LOG.info("Contact connections enabled");
 			if (isAdapterEnabled()) bind();
 			else enableAdapter();
 		}
@@ -462,7 +451,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 		public KeyAgreementConnection accept() throws IOException {
 			DuplexTransportConnection conn = acceptConnection(ss);
 			if (LOG.isLoggable(INFO)) LOG.info(ID + ": Incoming connection");
-			connectionLimiter.connectionOpened(conn);
+			connectionLimiter.keyAgreementConnectionOpened(conn);
 			return new KeyAgreementConnection(conn, ID);
 		}

@@ -471,70 +460,4 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 			tryToClose(ss);
 		}
 	}
-
-	@ThreadSafe
-	@NotNullByDefault
-	protected class PluginState {
-
-		@GuardedBy("this")
-		private boolean started = false,
-				stopped = false,
-				enabledByUser = false;
-
-		@GuardedBy("this")
-		@Nullable
-		private SS serverSocket = null;
-
-		synchronized void setStarted(boolean enabledByUser) {
-			started = true;
-			this.enabledByUser = enabledByUser;
-			callback.pluginStateChanged(getState());
-		}
-
-		@Nullable
-		synchronized SS setStopped() {
-			stopped = true;
-			SS ss = serverSocket;
-			serverSocket = null;
-			callback.pluginStateChanged(getState());
-			return ss;
-		}
-
-		@Nullable
-		synchronized SS setEnabledByUser(boolean enabledByUser) {
-			this.enabledByUser = enabledByUser;
-			SS ss = null;
-			if (!enabledByUser) {
-				ss = serverSocket;
-				serverSocket = null;
-			}
-			callback.pluginStateChanged(getState());
-			return ss;
-		}
-
-		synchronized boolean setServerSocket(SS ss) {
-			if (stopped || serverSocket != null) return false;
-			serverSocket = ss;
-			callback.pluginStateChanged(getState());
-			return true;
-		}
-
-		@Nullable
-		synchronized SS clearServerSocket() {
-			SS ss = serverSocket;
-			serverSocket = null;
-			callback.pluginStateChanged(getState());
-			return ss;
-		}
-
-		synchronized State getState() {
-			if (!started || stopped) return STARTING_STOPPING;
-			if (!enabledByUser) return DISABLED;
-			return serverSocket == null ? INACTIVE : ACTIVE;
-		}
-
-		synchronized int getReasonsDisabled() {
-			return getState() == DISABLED ? REASON_USER : 0;
-		}
-	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/file/FilePlugin.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/file/FilePlugin.java
@@ -16,7 +16,6 @@ import java.util.logging.Logger;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.api.plugin.FileConstants.PROP_PATH;
-import static org.briarproject.bramble.api.plugin.Plugin.State.ACTIVE;
 import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.StringUtils.isNullOrEmpty;

@@ -46,7 +45,7 @@ abstract class FilePlugin implements SimplexPlugin {

 	@Override
 	public TransportConnectionReader createReader(TransportProperties p) {
-		if (getState() != ACTIVE) return null;
+		if (!isRunning()) return null;
 		String path = p.get(PROP_PATH);
 		if (isNullOrEmpty(path)) return null;
 		try {
@@ -61,7 +60,7 @@ abstract class FilePlugin implements SimplexPlugin {

 	@Override
 	public TransportConnectionWriter createWriter(TransportProperties p) {
-		if (getState() != ACTIVE) return null;
+		if (!isRunning()) return null;
 		String path = p.get(PROP_PATH);
 		if (isNullOrEmpty(path)) return null;
 		try {
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/LanTcpPlugin.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/LanTcpPlugin.java
@@ -11,26 +11,22 @@ import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.settings.Settings;
+import org.briarproject.bramble.util.IoUtils;

 import java.io.IOException;
 import java.net.Inet4Address;
-import java.net.Inet6Address;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
-import java.net.InterfaceAddress;
 import java.net.ServerSocket;
 import java.net.Socket;
+import java.net.SocketAddress;
 import java.net.UnknownHostException;
 import java.util.ArrayList;
-import java.util.Deque;
-import java.util.LinkedList;
+import java.util.Comparator;
 import java.util.List;
 import java.util.concurrent.Executor;
 import java.util.logging.Logger;

-import javax.annotation.Nullable;
-
-import static java.lang.Integer.parseInt;
 import static java.util.Collections.addAll;
 import static java.util.Collections.emptyList;
 import static java.util.Collections.sort;
@@ -38,60 +34,28 @@ import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.TRANSPORT_ID_LAN;
-import static org.briarproject.bramble.api.plugin.LanTcpConstants.DEFAULT_PREF_PLUGIN_ENABLE;
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.ID;
-import static org.briarproject.bramble.api.plugin.LanTcpConstants.PREF_IPV6;
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.PREF_LAN_IP_PORTS;
-import static org.briarproject.bramble.api.plugin.LanTcpConstants.PROP_IPV6;
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.PROP_IP_PORTS;
-import static org.briarproject.bramble.api.plugin.LanTcpConstants.PROP_PORT;
-import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MAX_PROPERTY_LENGTH;
 import static org.briarproject.bramble.util.ByteUtils.MAX_16_BIT_UNSIGNED;
-import static org.briarproject.bramble.util.IoUtils.tryToClose;
 import static org.briarproject.bramble.util.PrivacyUtils.scrubSocketAddress;
-import static org.briarproject.bramble.util.StringUtils.fromHexString;
 import static org.briarproject.bramble.util.StringUtils.isNullOrEmpty;
 import static org.briarproject.bramble.util.StringUtils.join;
-import static org.briarproject.bramble.util.StringUtils.toHexString;
-import static org.briarproject.bramble.util.StringUtils.utf8IsTooLong;

@NotNullByDefault
 class LanTcpPlugin extends TcpPlugin {

 	private static final Logger LOG = getLogger(LanTcpPlugin.class.getName());

+	private static final LanAddressComparator ADDRESS_COMPARATOR =
+			new LanAddressComparator();
+
+	private static final int MAX_ADDRESSES = 4;
 	private static final String SEPARATOR = ",";

-	/**
-	 * The IP address of an Android device providing a wifi access point.
-	 * <p>
-	 * Most devices use this address, but at least one device (Honor 8A) may
-	 * use other addresses in the range 192.168.43.0/24.
-	 */
-	private static final InetAddress WIFI_AP_ADDRESS;
-
-	/**
-	 * The IP address of an Android device providing a wifi direct
-	 * legacy mode access point.
-	 */
-	private static final InetAddress WIFI_DIRECT_AP_ADDRESS;
-
-	static {
-		try {
-			WIFI_AP_ADDRESS = InetAddress.getByAddress(
-					new byte[] {(byte) 192, (byte) 168, 43, 1});
-			WIFI_DIRECT_AP_ADDRESS = InetAddress.getByAddress(
-					new byte[] {(byte) 192, (byte) 168, 49, 1});
-		} catch (UnknownHostException e) {
-			// Should only be thrown if the address has an illegal length
-			throw new AssertionError(e);
-		}
-	}
-
 	LanTcpPlugin(Executor ioExecutor, Backoff backoff, PluginCallback callback,
-			int maxLatency, int maxIdleTime, int connectionTimeout) {
-		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime,
-				connectionTimeout);
+			int maxLatency, int maxIdleTime) {
+		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
 	}

 	@Override
@@ -100,234 +64,133 @@ class LanTcpPlugin extends TcpPlugin {
 	}

 	@Override
-	public void start() {
-		if (used.getAndSet(true)) throw new IllegalStateException();
-		initialisePortProperty();
-		Settings settings = callback.getSettings();
-		state.setStarted(settings.getBoolean(PREF_PLUGIN_ENABLE,
-				DEFAULT_PREF_PLUGIN_ENABLE));
-		bind();
-	}
-
-	protected void initialisePortProperty() {
+	protected List<InetSocketAddress> getLocalSocketAddresses() {
+		// Use the same address and port as last time if available
 		TransportProperties p = callback.getLocalProperties();
-		if (isNullOrEmpty(p.get(PROP_PORT))) {
-			int port = chooseEphemeralPort();
-			p.put(PROP_PORT, String.valueOf(port));
-			callback.mergeLocalProperties(p);
-		}
-	}
-
-	@Override
-	protected boolean isEnabledByDefault() {
-		return DEFAULT_PREF_PLUGIN_ENABLE;
-	}
-
-	@Override
-	protected List<InetSocketAddress> getLocalSocketAddresses(boolean ipv4) {
-		TransportProperties p = callback.getLocalProperties();
-		int preferredPort = parsePortProperty(p.get(PROP_PORT));
 		String oldIpPorts = p.get(PROP_IP_PORTS);
-		List<InetSocketAddress> olds = parseIpv4SocketAddresses(oldIpPorts);
-
+		List<InetSocketAddress> olds = parseSocketAddresses(oldIpPorts);
 		List<InetSocketAddress> locals = new ArrayList<>();
-		List<InetSocketAddress> fallbacks = new ArrayList<>();
-		for (InetAddress local : getUsableLocalInetAddresses(ipv4)) {
-			// If we've used this address before, try to use the same port
-			int port = preferredPort;
-			for (InetSocketAddress old : olds) {
-				if (old.getAddress().equals(local)) {
-					port = old.getPort();
-					break;
+		for (InetAddress local : getLocalIpAddresses()) {
+			if (isAcceptableAddress(local)) {
+				// If this is the old address, try to use the same port
+				for (InetSocketAddress old : olds) {
+					if (old.getAddress().equals(local))
+						locals.add(new InetSocketAddress(local, old.getPort()));
 				}
+				locals.add(new InetSocketAddress(local, 0));
 			}
-			locals.add(new InetSocketAddress(local, port));
-			// Fall back to any available port
-			fallbacks.add(new InetSocketAddress(local, 0));
 		}
-		locals.addAll(fallbacks);
+		sort(locals, ADDRESS_COMPARATOR);
 		return locals;
 	}

-	private int parsePortProperty(@Nullable String portProperty) {
-		if (isNullOrEmpty(portProperty)) return 0;
-		try {
-			return parseInt(portProperty);
-		} catch (NumberFormatException e) {
-			return 0;
-		}
-	}
-
-	private List<InetSocketAddress> parseIpv4SocketAddresses(String ipPorts) {
+	private List<InetSocketAddress> parseSocketAddresses(String ipPorts) {
+		if (isNullOrEmpty(ipPorts)) return emptyList();
+		String[] split = ipPorts.split(SEPARATOR);
 		List<InetSocketAddress> addresses = new ArrayList<>();
-		if (isNullOrEmpty(ipPorts)) return addresses;
-		for (String ipPort : ipPorts.split(SEPARATOR)) {
-			InetSocketAddress a = parseIpv4SocketAddress(ipPort);
+		for (String ipPort : split) {
+			InetSocketAddress a = parseSocketAddress(ipPort);
 			if (a != null) addresses.add(a);
 		}
 		return addresses;
 	}

-	protected List<InetAddress> getUsableLocalInetAddresses(boolean ipv4) {
-		List<InterfaceAddress> ifAddrs =
-				new ArrayList<>(getLocalInterfaceAddresses());
-		// Prefer longer network prefixes
-		sort(ifAddrs, (a, b) ->
-				b.getNetworkPrefixLength() - a.getNetworkPrefixLength());
-		List<InetAddress> addrs = new ArrayList<>();
-		for (InterfaceAddress ifAddr : ifAddrs) {
-			InetAddress addr = ifAddr.getAddress();
-			if (isAcceptableAddress(addr, ipv4)) addrs.add(addr);
-		}
-		return addrs;
-	}
-
 	@Override
-	protected void setLocalSocketAddress(InetSocketAddress a, boolean ipv4) {
-		if (ipv4) setLocalIpv4SocketAddress(a);
-		else setLocalIpv6SocketAddress(a);
-	}
-
-	private void setLocalIpv4SocketAddress(InetSocketAddress a) {
+	protected void setLocalSocketAddress(InetSocketAddress a) {
 		String ipPort = getIpPortString(a);
-		updateRecentAddresses(PREF_LAN_IP_PORTS, PROP_IP_PORTS, ipPort);
-	}
-
-	private void setLocalIpv6SocketAddress(InetSocketAddress a) {
-		String hex = toHexString(a.getAddress().getAddress());
-		updateRecentAddresses(PREF_IPV6, PROP_IPV6, hex);
-	}
-
-	private void updateRecentAddresses(String settingKey, String propertyKey,
-			String item) {
 		// Get the list of recently used addresses
-		String setting = callback.getSettings().get(settingKey);
-		Deque<String> recent = new LinkedList<>();
-		if (!isNullOrEmpty(setting)) {
+		String setting = callback.getSettings().get(PREF_LAN_IP_PORTS);
+		List<String> recent = new ArrayList<>();
+		if (!isNullOrEmpty(setting))
 			addAll(recent, setting.split(SEPARATOR));
-		}
-		if (recent.remove(item)) {
-			// Move the item to the start of the list
-			recent.addFirst(item);
+		// Is the address already in the list?
+		if (recent.remove(ipPort)) {
+			// Move the address to the start of the list
+			recent.add(0, ipPort);
 			setting = join(recent, SEPARATOR);
 		} else {
-			// Add the item to the start of the list
-			recent.addFirst(item);
-			// Drop items from the end of the list if it's too long to encode
+			// Add the address to the start of the list
+			recent.add(0, ipPort);
+			// Drop the least recently used address if the list is full
+			if (recent.size() > MAX_ADDRESSES)
+				recent = recent.subList(0, MAX_ADDRESSES);
 			setting = join(recent, SEPARATOR);
-			while (utf8IsTooLong(setting, MAX_PROPERTY_LENGTH)) {
-				recent.removeLast();
-				setting = join(recent, SEPARATOR);
-			}
 			// Update the list of addresses shared with contacts
+			List<String> shared = new ArrayList<>(recent);
+			sort(shared);
+			String property = join(shared, SEPARATOR);
 			TransportProperties properties = new TransportProperties();
-			properties.put(propertyKey, setting);
+			properties.put(PROP_IP_PORTS, property);
 			callback.mergeLocalProperties(properties);
 		}
 		// Save the setting
 		Settings settings = new Settings();
-		settings.put(settingKey, setting);
+		settings.put(PREF_LAN_IP_PORTS, setting);
 		callback.mergeSettings(settings);
 	}

-	protected boolean isIpv6LinkLocalAddress(InetAddress a) {
-		return a instanceof Inet6Address && a.isLinkLocalAddress();
-	}
-
 	@Override
 	protected List<InetSocketAddress> getRemoteSocketAddresses(
-			TransportProperties p, boolean ipv4) {
-		if (ipv4) return getRemoteIpv4SocketAddresses(p);
-		else return getRemoteIpv6SocketAddresses(p);
-	}
-
-	private List<InetSocketAddress> getRemoteIpv4SocketAddresses(
 			TransportProperties p) {
-		String ipPorts = p.get(PROP_IP_PORTS);
-		List<InetSocketAddress> remotes = parseIpv4SocketAddresses(ipPorts);
-		int port = parsePortProperty(p.get(PROP_PORT));
-		// If the contact has a preferred port, we can guess their IP:port when
-		// they're providing a wifi access point
-		if (port != 0) {
-			InetSocketAddress wifiAp =
-					new InetSocketAddress(WIFI_AP_ADDRESS, port);
-			if (!remotes.contains(wifiAp)) remotes.add(wifiAp);
-			InetSocketAddress wifiDirectAp =
-					new InetSocketAddress(WIFI_DIRECT_AP_ADDRESS, port);
-			if (!remotes.contains(wifiDirectAp)) remotes.add(wifiDirectAp);
-		}
-		return remotes;
+		return parseSocketAddresses(p.get(PROP_IP_PORTS));
 	}

-	private List<InetSocketAddress> getRemoteIpv6SocketAddresses(
-			TransportProperties p) {
-		List<InetAddress> addrs = parseIpv6Addresses(p.get(PROP_IPV6));
-		int port = parsePortProperty(p.get(PROP_PORT));
-		if (addrs.isEmpty() || port == 0) return emptyList();
-		List<InetSocketAddress> remotes = new ArrayList<>();
-		for (InetAddress addr : addrs) {
-			remotes.add(new InetSocketAddress(addr, port));
-		}
-		return remotes;
-	}
-
-	private List<InetAddress> parseIpv6Addresses(String property) {
-		if (isNullOrEmpty(property)) return emptyList();
-		try {
-			List<InetAddress> addrs = new ArrayList<>();
-			for (String hex : property.split(SEPARATOR)) {
-				byte[] ip = fromHexString(hex);
-				if (ip.length == 16) addrs.add(InetAddress.getByAddress(ip));
-			}
-			return addrs;
-		} catch (IllegalArgumentException | UnknownHostException e) {
-			return emptyList();
-		}
-	}
-
-	private boolean isAcceptableAddress(InetAddress a, boolean ipv4) {
-		if (ipv4) {
-			// Accept link-local and site-local IPv4 addresses
-			boolean isIpv4 = a instanceof Inet4Address;
-			boolean link = a.isLinkLocalAddress();
-			boolean site = a.isSiteLocalAddress();
-			return isIpv4 && (link || site);
-		} else {
-			// Accept link-local IPv6 addresses
-			return isIpv6LinkLocalAddress(a);
-		}
+	private boolean isAcceptableAddress(InetAddress a) {
+		// Accept link-local and site-local IPv4 addresses
+		boolean ipv4 = a instanceof Inet4Address;
+		boolean loop = a.isLoopbackAddress();
+		boolean link = a.isLinkLocalAddress();
+		boolean site = a.isSiteLocalAddress();
+		return ipv4 && !loop && (link || site);
 	}

 	@Override
-	protected boolean isConnectable(InterfaceAddress local,
-			InetSocketAddress remote) {
+	protected boolean isConnectable(InetSocketAddress remote) {
 		if (remote.getPort() == 0) return false;
-		InetAddress remoteAddress = remote.getAddress();
-		boolean ipv4 = local.getAddress() instanceof Inet4Address;
-		if (!isAcceptableAddress(remoteAddress, ipv4)) return false;
+		if (!isAcceptableAddress(remote.getAddress())) return false;
 		// Try to determine whether the address is on the same LAN as us
-		byte[] localIp = local.getAddress().getAddress();
+		if (socket == null) return false;
+		byte[] localIp = socket.getInetAddress().getAddress();
 		byte[] remoteIp = remote.getAddress().getAddress();
-		int prefixLength = local.getNetworkPrefixLength();
-		return areAddressesInSameNetwork(localIp, remoteIp, prefixLength);
+		return addressesAreOnSameLan(localIp, remoteIp);
 	}

 	// Package access for testing
-	static boolean areAddressesInSameNetwork(byte[] localIp, byte[] remoteIp,
-			int prefixLength) {
-		if (localIp.length != remoteIp.length) return false;
-		// Compare the first prefixLength bits of the addresses
-		for (int i = 0; i < prefixLength; i++) {
-			int byteIndex = i >> 3;
-			int bitIndex = i & 7; // 0 to 7
-			int mask = 128 >> bitIndex; // Select the bit at bitIndex
-			if ((localIp[byteIndex] & mask) != (remoteIp[byteIndex] & mask)) {
-				return false; // Addresses differ at bit i
-			}
-		}
+	boolean addressesAreOnSameLan(byte[] localIp, byte[] remoteIp) {
+		// 10.0.0.0/8
+		if (isPrefix10(localIp)) return isPrefix10(remoteIp);
+		// 172.16.0.0/12
+		if (isPrefix172(localIp)) return isPrefix172(remoteIp);
+		// 192.168.0.0/16
+		if (isPrefix192(localIp)) return isPrefix192(remoteIp);
+		// Unrecognised prefix - may be compatible
 		return true;
 	}

+	private static boolean isPrefix10(byte[] ipv4) {
+		return ipv4[0] == 10;
+	}
+
+	private static boolean isPrefix172(byte[] ipv4) {
+		return ipv4[0] == (byte) 172 && (ipv4[1] & 0xF0) == 16;
+	}
+
+	private static boolean isPrefix192(byte[] ipv4) {
+		return ipv4[0] == (byte) 192 && ipv4[1] == (byte) 168;
+	}
+
+	// Returns the prefix length for an RFC 1918 address, or 0 for any other
+	// address
+	private static int getRfc1918PrefixLength(InetAddress addr) {
+		if (!(addr instanceof Inet4Address)) return 0;
+		if (!addr.isSiteLocalAddress()) return 0;
+		byte[] ipv4 = addr.getAddress();
+		if (isPrefix10(ipv4)) return 8;
+		if (isPrefix172(ipv4)) return 12;
+		if (isPrefix192(ipv4)) return 16;
+		return 0;
+	}
+
 	@Override
 	public boolean supportsKeyAgreement() {
 		return true;
@@ -346,7 +209,7 @@ class LanTcpPlugin extends TcpPlugin {
 			} catch (IOException e) {
 				if (LOG.isLoggable(INFO))
 					LOG.info("Failed to bind " + scrubSocketAddress(addr));
-				tryToClose(ss, LOG, WARNING);
+				tryToClose(ss);
 			}
 		}
 		if (ss == null || !ss.isBound()) {
@@ -362,23 +225,10 @@ class LanTcpPlugin extends TcpPlugin {
 		return new LanKeyAgreementListener(descriptor, ss);
 	}

-	private List<InetSocketAddress> getLocalSocketAddresses() {
-		List<InetSocketAddress> addrs = new ArrayList<>();
-		addrs.addAll(getLocalSocketAddresses(true));
-		addrs.addAll(getLocalSocketAddresses(false));
-		return addrs;
-	}
-
 	@Override
 	public DuplexTransportConnection createKeyAgreementConnection(
 			byte[] commitment, BdfList descriptor) {
-		ServerSocket ss = state.getServerSocket(true);
-		if (ss == null) return null;
-		InterfaceAddress local = getLocalInterfaceAddress(ss.getInetAddress());
-		if (local == null) {
-			LOG.warning("No interface for key agreement server socket");
-			return null;
-		}
+		if (!isRunning()) return null;
 		InetSocketAddress remote;
 		try {
 			remote = parseSocketAddress(descriptor);
@@ -386,11 +236,12 @@ class LanTcpPlugin extends TcpPlugin {
 			LOG.info("Invalid IP/port in key agreement descriptor");
 			return null;
 		}
-		if (!isConnectable(local, remote)) {
+		if (!isConnectable(remote)) {
 			if (LOG.isLoggable(INFO)) {
+				SocketAddress local = socket.getLocalSocketAddress();
 				LOG.info(scrubSocketAddress(remote) +
 						" is not connectable from " +
-						scrubSocketAddress(ss.getLocalSocketAddress()));
+						scrubSocketAddress(local));
 			}
 			return null;
 		}
@@ -398,8 +249,8 @@ class LanTcpPlugin extends TcpPlugin {
 			if (LOG.isLoggable(INFO))
 				LOG.info("Connecting to " + scrubSocketAddress(remote));
 			Socket s = createSocket();
-			s.bind(new InetSocketAddress(ss.getInetAddress(), 0));
-			s.connect(remote, connectionTimeout);
+			s.bind(new InetSocketAddress(socket.getInetAddress(), 0));
+			s.connect(remote);
 			s.setSoTimeout(socketTimeout);
 			if (LOG.isLoggable(INFO))
 				LOG.info("Connected to " + scrubSocketAddress(remote));
@@ -445,7 +296,22 @@ class LanTcpPlugin extends TcpPlugin {

 		@Override
 		public void close() {
-			tryToClose(ss, LOG, WARNING);
+			IoUtils.tryToClose(ss, LOG, WARNING);
+		}
+	}
+
+	static class LanAddressComparator implements Comparator<InetSocketAddress> {
+
+		@Override
+		public int compare(InetSocketAddress a, InetSocketAddress b) {
+			// Prefer addresses with non-zero ports
+			int aPort = a.getPort(), bPort = b.getPort();
+			if (aPort > 0 && bPort == 0) return -1;
+			if (aPort == 0 && bPort > 0) return 1;
+			// Prefer addresses with longer RFC 1918 prefixes
+			int aPrefix = getRfc1918PrefixLength(a.getAddress());
+			int bPrefix = getRfc1918PrefixLength(b.getAddress());
+			return bPrefix - aPrefix;
 		}
 	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/LanTcpPluginFactory.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/LanTcpPluginFactory.java
@@ -1,6 +1,5 @@
 package org.briarproject.bramble.plugin.tcp;

-import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
@@ -19,21 +18,18 @@ import static org.briarproject.bramble.api.plugin.LanTcpConstants.ID;
@NotNullByDefault
 public class LanTcpPluginFactory implements DuplexPluginFactory {

-	private static final int MAX_LATENCY = 30_000; // 30 seconds
-	private static final int MAX_IDLE_TIME = 30_000; // 30 seconds
-	private static final int CONNECTION_TIMEOUT = 3_000; // 3 seconds
-	private static final int MIN_POLLING_INTERVAL = 60_000; // 1 minute
-	private static final int MAX_POLLING_INTERVAL = 600_000; // 10 mins
+	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
+	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
+	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
+	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;

 	private final Executor ioExecutor;
-	private final EventBus eventBus;
 	private final BackoffFactory backoffFactory;

-	public LanTcpPluginFactory(Executor ioExecutor, EventBus eventBus,
+	public LanTcpPluginFactory(Executor ioExecutor,
 			BackoffFactory backoffFactory) {
 		this.ioExecutor = ioExecutor;
-		this.eventBus = eventBus;
 		this.backoffFactory = backoffFactory;
 	}

@@ -51,9 +47,7 @@ public class LanTcpPluginFactory implements DuplexPluginFactory {
 	public DuplexPlugin createPlugin(PluginCallback callback) {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
-		LanTcpPlugin plugin =  new LanTcpPlugin(ioExecutor, backoff, callback, MAX_LATENCY,
-				MAX_IDLE_TIME, CONNECTION_TIMEOUT);
-		eventBus.addListener(plugin);
-		return plugin;
+		return new LanTcpPlugin(ioExecutor, backoff, callback, MAX_LATENCY,
+				MAX_IDLE_TIME);
 	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/PortMapperImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/PortMapperImpl.java
@@ -54,13 +54,11 @@ class PortMapperImpl implements PortMapper {
 				shutdownManager.addShutdownHook(() -> deleteMapping(port));
 			}
 			String externalString = gateway.getExternalIPAddress();
-			if (externalString == null) {
-				LOG.info("External address not available");
-			} else {
+			if (LOG.isLoggable(INFO))
+				LOG.info(
+						"External address " + scrubInetAddress(externalString));
+			if (externalString != null)
 				external = InetAddress.getByName(externalString);
-				if (LOG.isLoggable(INFO))
-					LOG.info("External address " + scrubInetAddress(external));
-			}
 		} catch (IOException | SAXException e) {
 			logException(LOG, WARNING, e);
 		}
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/TcpPlugin.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/TcpPlugin.java
@@ -3,12 +3,8 @@ package org.briarproject.bramble.plugin.tcp;
 import org.briarproject.bramble.PoliteExecutor;
 import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.data.BdfList;
-import org.briarproject.bramble.api.event.Event;
-import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
-import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.ConnectionHandler;
@@ -18,16 +14,15 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 import org.briarproject.bramble.api.properties.TransportProperties;
 import org.briarproject.bramble.api.rendezvous.KeyMaterialSource;
 import org.briarproject.bramble.api.rendezvous.RendezvousEndpoint;
-import org.briarproject.bramble.api.settings.Settings;
-import org.briarproject.bramble.api.settings.event.SettingsUpdatedEvent;
+import org.briarproject.bramble.util.IoUtils;

 import java.io.IOException;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
-import java.net.InterfaceAddress;
 import java.net.NetworkInterface;
 import java.net.ServerSocket;
 import java.net.Socket;
+import java.net.SocketAddress;
 import java.net.SocketException;
 import java.net.UnknownHostException;
 import java.util.ArrayList;
@@ -40,26 +35,20 @@ import java.util.logging.Logger;
 import java.util.regex.Pattern;

 import javax.annotation.Nullable;
-import javax.annotation.concurrent.GuardedBy;
-import javax.annotation.concurrent.ThreadSafe;

+import static java.net.NetworkInterface.getNetworkInterfaces;
 import static java.util.Collections.emptyList;
 import static java.util.Collections.list;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.api.plugin.Plugin.State.ACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.DISABLED;
-import static org.briarproject.bramble.api.plugin.Plugin.State.INACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.STARTING_STOPPING;
-import static org.briarproject.bramble.util.IoUtils.tryToClose;
 import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.PrivacyUtils.scrubSocketAddress;
 import static org.briarproject.bramble.util.StringUtils.isNullOrEmpty;

@MethodsNotNullByDefault
@ParametersNotNullByDefault
-abstract class TcpPlugin implements DuplexPlugin, EventListener {
+abstract class TcpPlugin implements DuplexPlugin {

 	private static final Logger LOG = getLogger(TcpPlugin.class.getName());

@@ -69,52 +58,43 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {
 	protected final Executor ioExecutor, bindExecutor;
 	protected final Backoff backoff;
 	protected final PluginCallback callback;
-	protected final int maxLatency, maxIdleTime;
-	protected final int connectionTimeout, socketTimeout;
+	protected final int maxLatency, maxIdleTime, socketTimeout;
 	protected final AtomicBoolean used = new AtomicBoolean(false);
-	protected final PluginState state = new PluginState();
+
+	protected volatile boolean running = false;
+	protected volatile ServerSocket socket = null;

 	/**
 	 * Returns zero or more socket addresses on which the plugin should listen,
 	 * in order of preference. At most one of the addresses will be bound.
 	 */
-	protected abstract List<InetSocketAddress> getLocalSocketAddresses(
-			boolean ipv4);
+	protected abstract List<InetSocketAddress> getLocalSocketAddresses();

 	/**
 	 * Adds the address on which the plugin is listening to the transport
 	 * properties.
 	 */
-	protected abstract void setLocalSocketAddress(InetSocketAddress a,
-			boolean ipv4);
+	protected abstract void setLocalSocketAddress(InetSocketAddress a);

 	/**
 	 * Returns zero or more socket addresses for connecting to a contact with
 	 * the given transport properties.
 	 */
 	protected abstract List<InetSocketAddress> getRemoteSocketAddresses(
-			TransportProperties p, boolean ipv4);
+			TransportProperties p);

 	/**
 	 * Returns true if connections to the given address can be attempted.
 	 */
-	@SuppressWarnings("BooleanMethodIsAlwaysInverted")
-	protected abstract boolean isConnectable(InterfaceAddress local,
-			InetSocketAddress remote);
-
-	/**
-	 * Returns true if the plugin is enabled by default.
-	 */
-	protected abstract boolean isEnabledByDefault();
+	protected abstract boolean isConnectable(InetSocketAddress remote);

 	TcpPlugin(Executor ioExecutor, Backoff backoff, PluginCallback callback,
-			int maxLatency, int maxIdleTime, int connectionTimeout) {
+			int maxLatency, int maxIdleTime) {
 		this.ioExecutor = ioExecutor;
 		this.backoff = backoff;
 		this.callback = callback;
 		this.maxLatency = maxLatency;
 		this.maxIdleTime = maxIdleTime;
-		this.connectionTimeout = connectionTimeout;
 		if (maxIdleTime > Integer.MAX_VALUE / 2)
 			socketTimeout = Integer.MAX_VALUE;
 		else socketTimeout = maxIdleTime * 2;
@@ -135,50 +115,49 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {
 	@Override
 	public void start() {
 		if (used.getAndSet(true)) throw new IllegalStateException();
-		Settings settings = callback.getSettings();
-		state.setStarted(
-				settings.getBoolean(PREF_PLUGIN_ENABLE, isEnabledByDefault()));
+		running = true;
 		bind();
 	}

 	protected void bind() {
 		bindExecutor.execute(() -> {
-			if (getState() != INACTIVE) return;
-			bind(true);
-			bind(false);
+			if (!running) return;
+			if (socket != null && !socket.isClosed()) return;
+			ServerSocket ss = null;
+			for (InetSocketAddress addr : getLocalSocketAddresses()) {
+				try {
+					ss = new ServerSocket();
+					ss.bind(addr);
+					break;
+				} catch (IOException e) {
+					if (LOG.isLoggable(INFO))
+						LOG.info("Failed to bind " + scrubSocketAddress(addr));
+					tryToClose(ss);
+				}
+			}
+			if (ss == null || !ss.isBound()) {
+				LOG.info("Could not bind server socket");
+				return;
+			}
+			if (!running) {
+				tryToClose(ss);
+				return;
+			}
+			socket = ss;
+			backoff.reset();
+			InetSocketAddress local =
+					(InetSocketAddress) ss.getLocalSocketAddress();
+			setLocalSocketAddress(local);
+			if (LOG.isLoggable(INFO))
+				LOG.info("Listening on " + scrubSocketAddress(local));
+			callback.transportEnabled();
+			acceptContactConnections();
 		});
 	}

-	private void bind(boolean ipv4) {
-		ServerSocket ss = null;
-		for (InetSocketAddress addr : getLocalSocketAddresses(ipv4)) {
-			try {
-				ss = new ServerSocket();
-				ss.bind(addr);
-				break;
-			} catch (IOException e) {
-				if (LOG.isLoggable(INFO))
-					LOG.info("Failed to bind " + scrubSocketAddress(addr));
-				tryToClose(ss, LOG, WARNING);
-			}
-		}
-		if (ss == null || !ss.isBound()) {
-			LOG.info("Could not bind server socket");
-			return;
-		}
-		if (!state.setServerSocket(ss, ipv4)) {
-			LOG.info("Closing redundant server socket");
-			tryToClose(ss, LOG, WARNING);
-			return;
-		}
-		backoff.reset();
-		InetSocketAddress local =
-				(InetSocketAddress) ss.getLocalSocketAddress();
-		setLocalSocketAddress(local, ipv4);
-		if (LOG.isLoggable(INFO))
-			LOG.info("Listening on " + scrubSocketAddress(local));
-		ServerSocket finalSocket = ss;
-		ioExecutor.execute(() -> acceptContactConnections(finalSocket, ipv4));
+	protected void tryToClose(@Nullable ServerSocket ss) {
+		IoUtils.tryToClose(ss, LOG, WARNING);
+		callback.transportDisabled();
 	}

 	String getIpPortString(InetSocketAddress a) {
@@ -188,22 +167,20 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {
 		return addr + ":" + a.getPort();
 	}

-	private void acceptContactConnections(ServerSocket ss, boolean ipv4) {
-		while (true) {
+	private void acceptContactConnections() {
+		while (isRunning()) {
 			Socket s;
 			try {
-				s = ss.accept();
+				s = socket.accept();
 				s.setSoTimeout(socketTimeout);
 			} catch (IOException e) {
-				// This is expected when the server socket is closed
-				LOG.info("Server socket closed");
-				state.clearServerSocket(ss, ipv4);
+				// This is expected when the socket is closed
+				if (LOG.isLoggable(INFO)) LOG.info(e.toString());
 				return;
 			}
-			if (LOG.isLoggable(INFO)) {
+			if (LOG.isLoggable(INFO))
 				LOG.info("Connection from " +
 						scrubSocketAddress(s.getRemoteSocketAddress()));
-			}
 			backoff.reset();
 			callback.handleConnection(new TcpTransportConnection(this, s));
 		}
@@ -211,17 +188,13 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {

 	@Override
 	public void stop() {
-		for (ServerSocket ss : state.setStopped()) tryToClose(ss, LOG, WARNING);
+		running = false;
+		tryToClose(socket);
 	}

 	@Override
-	public State getState() {
-		return state.getState();
-	}
-
-	@Override
-	public int getReasonsDisabled() {
-		return state.getReasonsDisabled();
+	public boolean isRunning() {
+		return running && socket != null && !socket.isClosed();
 	}

 	@Override
@@ -237,7 +210,7 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {
 	@Override
 	public void poll(Collection<Pair<TransportProperties, ConnectionHandler>>
 			properties) {
-		if (getState() != ACTIVE) return;
+		if (!isRunning()) return;
 		backoff.increment();
 		for (Pair<TransportProperties, ConnectionHandler> p : properties) {
 			connect(p.getFirst(), p.getSecond());
@@ -256,32 +229,14 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {

 	@Override
 	public DuplexTransportConnection createConnection(TransportProperties p) {
-		DuplexTransportConnection c = createConnection(p, true);
-		if (c != null) return c;
-		return createConnection(p, false);
-	}
-
-	@Nullable
-	private DuplexTransportConnection createConnection(TransportProperties p,
-			boolean ipv4) {
-		ServerSocket ss = state.getServerSocket(ipv4);
-		if (ss == null) return null;
-		InterfaceAddress local = getLocalInterfaceAddress(ss.getInetAddress());
-		if (local == null) {
-			LOG.warning("No interface for server socket");
-			return null;
-		}
-		for (InetSocketAddress remote : getRemoteSocketAddresses(p, ipv4)) {
-			// Don't try to connect to our own address
-			if (!canConnectToOwnAddress() &&
-					remote.getAddress().equals(ss.getInetAddress())) {
-				continue;
-			}
-			if (!isConnectable(local, remote)) {
+		if (!isRunning()) return null;
+		for (InetSocketAddress remote : getRemoteSocketAddresses(p)) {
+			if (!isConnectable(remote)) {
 				if (LOG.isLoggable(INFO)) {
+					SocketAddress local = socket.getLocalSocketAddress();
 					LOG.info(scrubSocketAddress(remote) +
 							" is not connectable from " +
-							scrubSocketAddress(ss.getLocalSocketAddress()));
+							scrubSocketAddress(local));
 				}
 				continue;
 			}
@@ -289,45 +244,27 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {
 				if (LOG.isLoggable(INFO))
 					LOG.info("Connecting to " + scrubSocketAddress(remote));
 				Socket s = createSocket();
-				s.bind(new InetSocketAddress(ss.getInetAddress(), 0));
-				s.connect(remote, connectionTimeout);
+				s.bind(new InetSocketAddress(socket.getInetAddress(), 0));
+				s.connect(remote);
 				s.setSoTimeout(socketTimeout);
 				if (LOG.isLoggable(INFO))
 					LOG.info("Connected to " + scrubSocketAddress(remote));
 				return new TcpTransportConnection(this, s);
 			} catch (IOException e) {
-				if (LOG.isLoggable(INFO)) {
+				if (LOG.isLoggable(INFO))
 					LOG.info("Could not connect to " +
 							scrubSocketAddress(remote));
-				}
 			}
 		}
 		return null;
 	}

-	@Nullable
-	InterfaceAddress getLocalInterfaceAddress(InetAddress a) {
-		for (InterfaceAddress ifAddr : getLocalInterfaceAddresses()) {
-			if (ifAddr.getAddress().equals(a)) return ifAddr;
-		}
-		return null;
-	}
-
-	// Override for testing
-	protected boolean canConnectToOwnAddress() {
-		return false;
-	}
-
 	protected Socket createSocket() throws IOException {
 		return new Socket();
 	}

-	int chooseEphemeralPort() {
-		return 32768 + (int) (Math.random() * 32768);
-	}
-
 	@Nullable
-	InetSocketAddress parseIpv4SocketAddress(String ipPort) {
+	InetSocketAddress parseSocketAddress(String ipPort) {
 		if (isNullOrEmpty(ipPort)) return null;
 		String[] split = ipPort.split(":");
 		if (split.length != 2) return null;
@@ -338,7 +275,14 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {
 			InetAddress a = InetAddress.getByName(addr);
 			int p = Integer.parseInt(port);
 			return new InetSocketAddress(a, p);
-		} catch (UnknownHostException | NumberFormatException e) {
+		} catch (UnknownHostException e) {
+			if (LOG.isLoggable(WARNING))
+				// not scrubbing to enable us to find the problem
+				LOG.warning("Invalid address: " + addr);
+			return null;
+		} catch (NumberFormatException e) {
+			if (LOG.isLoggable(WARNING))
+				LOG.warning("Invalid port: " + port);
 			return null;
 		}
 	}
@@ -370,140 +314,17 @@ abstract class TcpPlugin implements DuplexPlugin, EventListener {
 		throw new UnsupportedOperationException();
 	}

-	List<InterfaceAddress> getLocalInterfaceAddresses() {
-		List<InterfaceAddress> addrs = new ArrayList<>();
-		for (NetworkInterface iface : getNetworkInterfaces()) {
-			addrs.addAll(iface.getInterfaceAddresses());
-		}
-		return addrs;
-	}
-
-	List<InetAddress> getLocalInetAddresses() {
-		List<InetAddress> addrs = new ArrayList<>();
-		for (NetworkInterface iface : getNetworkInterfaces()) {
-			addrs.addAll(list(iface.getInetAddresses()));
-		}
-		return addrs;
-	}
-
-	private List<NetworkInterface> getNetworkInterfaces() {
+	Collection<InetAddress> getLocalIpAddresses() {
 		try {
-			Enumeration<NetworkInterface> ifaces =
-					NetworkInterface.getNetworkInterfaces();
-			return ifaces == null ? emptyList() : list(ifaces);
+			Enumeration<NetworkInterface> ifaces = getNetworkInterfaces();
+			if (ifaces == null) return emptyList();
+			List<InetAddress> addrs = new ArrayList<>();
+			for (NetworkInterface iface : list(ifaces))
+				addrs.addAll(list(iface.getInetAddresses()));
+			return addrs;
 		} catch (SocketException e) {
 			logException(LOG, WARNING, e);
 			return emptyList();
 		}
 	}
-
-	@Override
-	public void eventOccurred(Event e) {
-		if (e instanceof SettingsUpdatedEvent) {
-			SettingsUpdatedEvent s = (SettingsUpdatedEvent) e;
-			if (s.getNamespace().equals(getId().getString()))
-				ioExecutor.execute(() -> onSettingsUpdated(s.getSettings()));
-		}
-	}
-
-	@IoExecutor
-	private void onSettingsUpdated(Settings settings) {
-		boolean enabledByUser =
-				settings.getBoolean(PREF_PLUGIN_ENABLE, isEnabledByDefault());
-		List<ServerSocket> toClose = state.setEnabledByUser(enabledByUser);
-		State s = getState();
-		if (!toClose.isEmpty()) {
-			LOG.info("Disabled by user, closing server sockets");
-			for (ServerSocket ss : toClose) tryToClose(ss, LOG, WARNING);
-		} else if (s == INACTIVE) {
-			LOG.info("Enabled by user, opening server sockets");
-			bind();
-		}
-	}
-
-	@ThreadSafe
-	@NotNullByDefault
-	protected class PluginState {
-
-		@GuardedBy("this")
-		private boolean started = false, stopped = false, enabledByUser = false;
-
-		@GuardedBy("this")
-		@Nullable
-		private ServerSocket serverSocketV4 = null, serverSocketV6 = null;
-
-		synchronized void setStarted(boolean enabledByUser) {
-			started = true;
-			this.enabledByUser = enabledByUser;
-			callback.pluginStateChanged(getState());
-		}
-
-		synchronized List<ServerSocket> setStopped() {
-			stopped = true;
-			List<ServerSocket> toClose = clearServerSockets();
-			callback.pluginStateChanged(getState());
-			return toClose;
-		}
-
-		@GuardedBy("this")
-		private List<ServerSocket> clearServerSockets() {
-			List<ServerSocket> toClose = new ArrayList<>(2);
-			if (serverSocketV4 != null) {
-				toClose.add(serverSocketV4);
-				serverSocketV4 = null;
-			}
-			if (serverSocketV6 != null) {
-				toClose.add(serverSocketV6);
-				serverSocketV6 = null;
-			}
-			return toClose;
-		}
-
-		synchronized List<ServerSocket> setEnabledByUser(
-				boolean enabledByUser) {
-			this.enabledByUser = enabledByUser;
-			List<ServerSocket> toClose = enabledByUser
-					? emptyList() : clearServerSockets();
-			callback.pluginStateChanged(getState());
-			return toClose;
-		}
-
-		@Nullable
-		synchronized ServerSocket getServerSocket(boolean ipv4) {
-			return ipv4 ? serverSocketV4 : serverSocketV6;
-		}
-
-		synchronized boolean setServerSocket(ServerSocket ss, boolean ipv4) {
-			if (stopped) return false;
-			if (ipv4) {
-				if (serverSocketV4 != null) return false;
-				serverSocketV4 = ss;
-			} else {
-				if (serverSocketV6 != null) return false;
-				serverSocketV6 = ss;
-			}
-			callback.pluginStateChanged(getState());
-			return true;
-		}
-
-		synchronized void clearServerSocket(ServerSocket ss, boolean ipv4) {
-			if (ipv4) {
-				if (serverSocketV4 == ss) serverSocketV4 = null;
-			} else {
-				if (serverSocketV6 == ss) serverSocketV6 = null;
-			}
-			callback.pluginStateChanged(getState());
-		}
-
-		synchronized State getState() {
-			if (!started || stopped) return STARTING_STOPPING;
-			if (!enabledByUser) return DISABLED;
-			if (serverSocketV4 != null || serverSocketV6 != null) return ACTIVE;
-			return INACTIVE;
-		}
-
-		synchronized int getReasonsDisabled() {
-			return getState() == DISABLED ? REASON_USER : 0;
-		}
-	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/WanTcpPlugin.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/WanTcpPlugin.java
@@ -10,14 +10,12 @@ import org.briarproject.bramble.api.properties.TransportProperties;
 import java.net.Inet4Address;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
-import java.net.InterfaceAddress;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.concurrent.Executor;

 import static java.util.Collections.emptyList;
 import static java.util.Collections.singletonList;
-import static org.briarproject.bramble.api.plugin.WanTcpConstants.DEFAULT_PREF_PLUGIN_ENABLE;
 import static org.briarproject.bramble.api.plugin.WanTcpConstants.ID;

@MethodsNotNullByDefault
@@ -31,10 +29,8 @@ class WanTcpPlugin extends TcpPlugin {
 	private volatile MappingResult mappingResult;

 	WanTcpPlugin(Executor ioExecutor, Backoff backoff, PortMapper portMapper,
-			PluginCallback callback, int maxLatency, int maxIdleTime,
-			int connectionTimeout) {
-		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime,
-				connectionTimeout);
+			PluginCallback callback, int maxLatency, int maxIdleTime) {
+		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
 		this.portMapper = portMapper;
 	}

@@ -44,18 +40,12 @@ class WanTcpPlugin extends TcpPlugin {
 	}

 	@Override
-	protected boolean isEnabledByDefault() {
-		return DEFAULT_PREF_PLUGIN_ENABLE;
-	}
-
-	@Override
-	protected List<InetSocketAddress> getLocalSocketAddresses(boolean ipv4) {
-		if (!ipv4) return emptyList();
+	protected List<InetSocketAddress> getLocalSocketAddresses() {
 		// Use the same address and port as last time if available
 		TransportProperties p = callback.getLocalProperties();
-		InetSocketAddress old = parseIpv4SocketAddress(p.get(PROP_IP_PORT));
+		InetSocketAddress old = parseSocketAddress(p.get(PROP_IP_PORT));
 		List<InetSocketAddress> addrs = new LinkedList<>();
-		for (InetAddress a : getLocalInetAddresses()) {
+		for (InetAddress a : getLocalIpAddresses()) {
 			if (isAcceptableAddress(a)) {
 				// If this is the old address, try to use the same port
 				if (old != null && old.getAddress().equals(a))
@@ -83,25 +73,26 @@ class WanTcpPlugin extends TcpPlugin {
 		return ipv4 && !loop && !link && !site;
 	}

+	private int chooseEphemeralPort() {
+		return 32768 + (int) (Math.random() * 32768);
+	}
+
 	@Override
 	protected List<InetSocketAddress> getRemoteSocketAddresses(
-			TransportProperties p, boolean ipv4) {
-		if (!ipv4) return emptyList();
-		InetSocketAddress parsed = parseIpv4SocketAddress(p.get(PROP_IP_PORT));
+			TransportProperties p) {
+		InetSocketAddress parsed = parseSocketAddress(p.get(PROP_IP_PORT));
 		if (parsed == null) return emptyList();
 		return singletonList(parsed);
 	}

 	@Override
-	protected boolean isConnectable(InterfaceAddress local,
-			InetSocketAddress remote) {
+	protected boolean isConnectable(InetSocketAddress remote) {
 		if (remote.getPort() == 0) return false;
 		return isAcceptableAddress(remote.getAddress());
 	}

 	@Override
-	protected void setLocalSocketAddress(InetSocketAddress a, boolean ipv4) {
-		if (!ipv4) throw new AssertionError();
+	protected void setLocalSocketAddress(InetSocketAddress a) {
 		if (mappingResult != null && mappingResult.isUsable()) {
 			// Advertise the external address to contacts
 			if (a.equals(mappingResult.getInternal())) {
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/WanTcpPluginFactory.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/WanTcpPluginFactory.java
@@ -1,6 +1,5 @@
 package org.briarproject.bramble.plugin.tcp;

-import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.lifecycle.ShutdownManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
@@ -20,22 +19,19 @@ import static org.briarproject.bramble.api.plugin.WanTcpConstants.ID;
@NotNullByDefault
 public class WanTcpPluginFactory implements DuplexPluginFactory {

-	private static final int MAX_LATENCY = 30_000; // 30 seconds
-	private static final int MAX_IDLE_TIME = 30_000; // 30 seconds
-	private static final int CONNECTION_TIMEOUT = 30_000; // 30 seconds
-	private static final int MIN_POLLING_INTERVAL = 60_000; // 1 minute
-	private static final int MAX_POLLING_INTERVAL = 600_000; // 10 mins
+	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
+	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
+	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
+	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;

 	private final Executor ioExecutor;
-	private final EventBus eventBus;
 	private final BackoffFactory backoffFactory;
 	private final ShutdownManager shutdownManager;

-	public WanTcpPluginFactory(Executor ioExecutor, EventBus eventBus,
+	public WanTcpPluginFactory(Executor ioExecutor,
 			BackoffFactory backoffFactory, ShutdownManager shutdownManager) {
 		this.ioExecutor = ioExecutor;
-		this.eventBus = eventBus;
 		this.backoffFactory = backoffFactory;
 		this.shutdownManager = shutdownManager;
 	}
@@ -54,10 +50,8 @@ public class WanTcpPluginFactory implements DuplexPluginFactory {
 	public DuplexPlugin createPlugin(PluginCallback callback) {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
-		WanTcpPlugin plugin = new WanTcpPlugin(ioExecutor, backoff,
+		return new WanTcpPlugin(ioExecutor, backoff,
 				new PortMapperImpl(shutdownManager), callback, MAX_LATENCY,
-				MAX_IDLE_TIME, CONNECTION_TIMEOUT);
-		eventBus.addListener(plugin);
-		return plugin;
+				MAX_IDLE_TIME);
 	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tor/CircumventionProvider.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tor/CircumventionProvider.java
@@ -17,7 +17,7 @@ public interface CircumventionProvider {
 	String[] BLOCKED = {"CN", "IR", "EG", "BY", "TR", "SY", "VE"};

 	/**
-	 * Countries where obfs4 or meek bridge connections are likely to work.
+	 * Countries where obfs4 bridge connection are likely to work.
 	 * Should be a subset of {@link #BLOCKED}.
 	 */
 	String[] BRIDGES = { "CN", "IR", "EG", "BY", "TR", "SY", "VE" };
--- a/bramble-core/src/main/java/org/briarproject/bramble/plugin/tor/TorPlugin.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/plugin/tor/TorPlugin.java
@@ -15,7 +15,6 @@ import org.briarproject.bramble.api.network.NetworkManager;
 import org.briarproject.bramble.api.network.NetworkStatus;
 import org.briarproject.bramble.api.network.event.NetworkStatusEvent;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.ConnectionHandler;
@@ -55,9 +54,6 @@ import java.util.logging.Logger;
 import java.util.regex.Pattern;
 import java.util.zip.ZipInputStream;

-import javax.annotation.Nullable;
-import javax.annotation.concurrent.GuardedBy;
-import javax.annotation.concurrent.ThreadSafe;
 import javax.net.SocketFactory;

 import static java.util.Arrays.asList;
@@ -69,16 +65,7 @@ import static java.util.logging.Logger.getLogger;
 import static net.freehaven.tor.control.TorControlCommands.HS_ADDRESS;
 import static net.freehaven.tor.control.TorControlCommands.HS_PRIVKEY;
 import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
-import static org.briarproject.bramble.api.plugin.Plugin.State.ACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.DISABLED;
-import static org.briarproject.bramble.api.plugin.Plugin.State.ENABLING;
-import static org.briarproject.bramble.api.plugin.Plugin.State.INACTIVE;
-import static org.briarproject.bramble.api.plugin.Plugin.State.STARTING_STOPPING;
 import static org.briarproject.bramble.api.plugin.TorConstants.CONTROL_PORT;
-import static org.briarproject.bramble.api.plugin.TorConstants.DEFAULT_PREF_PLUGIN_ENABLE;
-import static org.briarproject.bramble.api.plugin.TorConstants.DEFAULT_PREF_TOR_MOBILE;
-import static org.briarproject.bramble.api.plugin.TorConstants.DEFAULT_PREF_TOR_NETWORK;
-import static org.briarproject.bramble.api.plugin.TorConstants.DEFAULT_PREF_TOR_ONLY_WHEN_CHARGING;
 import static org.briarproject.bramble.api.plugin.TorConstants.ID;
 import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_MOBILE;
 import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_NETWORK;
@@ -89,9 +76,6 @@ import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_ONLY_WHE
 import static org.briarproject.bramble.api.plugin.TorConstants.PREF_TOR_PORT;
 import static org.briarproject.bramble.api.plugin.TorConstants.PROP_ONION_V2;
 import static org.briarproject.bramble.api.plugin.TorConstants.PROP_ONION_V3;
-import static org.briarproject.bramble.api.plugin.TorConstants.REASON_BATTERY;
-import static org.briarproject.bramble.api.plugin.TorConstants.REASON_COUNTRY_BLOCKED;
-import static org.briarproject.bramble.api.plugin.TorConstants.REASON_MOBILE_DATA;
 import static org.briarproject.bramble.plugin.tor.TorRendezvousCrypto.SEED_BYTES;
 import static org.briarproject.bramble.util.IoUtils.copyAndClose;
 import static org.briarproject.bramble.util.IoUtils.tryToClose;
@@ -129,14 +113,16 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	private final int maxLatency, maxIdleTime, socketTimeout;
 	private final File torDirectory, torFile, geoIpFile, obfs4File, configFile;
 	private final File doneFile, cookieFile;
+	private final ConnectionStatus connectionStatus;
 	private final AtomicBoolean used = new AtomicBoolean(false);

-	protected final PluginState state = new PluginState();
-
+	private volatile ServerSocket socket = null;
 	private volatile Socket controlSocket = null;
 	private volatile TorControlConnection controlConnection = null;
 	private volatile Settings settings = null;

+	protected volatile boolean running = false;
+
 	protected abstract int getProcessId();

 	protected abstract long getLastUpdateTime();
@@ -173,6 +159,7 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		configFile = new File(torDirectory, "torrc");
 		doneFile = new File(torDirectory, "done");
 		cookieFile = new File(torDirectory, ".tor/control_auth_cookie");
+		connectionStatus = new ConnectionStatus();
 		// Don't execute more than one connection status check at a time
 		connectionStatusExecutor =
 				new PoliteExecutor("TorPlugin", ioExecutor, 1);
@@ -203,7 +190,7 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 			}
 		}
 		// Load the settings
-		settings = migrateSettings(callback.getSettings());
+		settings = callback.getSettings();
 		// Install or update the assets if necessary
 		if (!assetsAreUpToDate()) installAssets();
 		if (cookieFile.exists() && !cookieFile.delete())
@@ -271,6 +258,7 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 			// Tell Tor to exit when the control connection is closed
 			controlConnection.takeOwnership();
 			controlConnection.resetConf(singletonList(OWNER));
+			running = true;
 			// Register to receive events from the Tor process
 			controlConnection.setEventHandler(this);
 			controlConnection.setEvents(asList(EVENTS));
@@ -278,12 +266,11 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 			String phase = controlConnection.getInfo("status/bootstrap-phase");
 			if (phase != null && phase.contains("PROGRESS=100")) {
 				LOG.info("Tor has already bootstrapped");
-				state.setBootstrapped();
+				connectionStatus.setBootstrapped();
 			}
 		} catch (IOException e) {
 			throw new PluginException(e);
 		}
-		state.setStarted();
 		// Check whether we're online
 		updateConnectionStatus(networkManager.getNetworkStatus(),
 				batteryManager.isCharging());
@@ -291,18 +278,6 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		bind();
 	}

-	// TODO: Remove after a reasonable migration period (added 2020-06-25)
-	private Settings migrateSettings(Settings settings) {
-		int network = settings.getInt(PREF_TOR_NETWORK,
-				DEFAULT_PREF_TOR_NETWORK);
-		if (network == PREF_TOR_NETWORK_NEVER) {
-			settings.putInt(PREF_TOR_NETWORK, DEFAULT_PREF_TOR_NETWORK);
-			settings.putBoolean(PREF_PLUGIN_ENABLE, false);
-			callback.mergeSettings(settings);
-		}
-		return settings;
-	}
-
 	private boolean assetsAreUpToDate() {
 		return doneFile.lastModified() > getLastUpdateTime();
 	}
@@ -418,11 +393,11 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 				tryToClose(ss, LOG, WARNING);
 				return;
 			}
-			if (!state.setServerSocket(ss)) {
-				LOG.info("Closing redundant server socket");
+			if (!running) {
 				tryToClose(ss, LOG, WARNING);
 				return;
 			}
+			socket = ss;
 			// Store the port number
 			String localPort = String.valueOf(ss.getLocalPort());
 			Settings s = new Settings();
@@ -437,7 +412,7 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}

 	private void publishHiddenService(String port) {
-		if (!state.isTorRunning()) return;
+		if (!running) return;
 		LOG.info("Creating hidden service");
 		String privKey = settings.get(HS_PRIVKEY);
 		Map<Integer, String> portLines = singletonMap(80, "127.0.0.1:" + port);
@@ -475,15 +450,14 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}

 	private void acceptContactConnections(ServerSocket ss) {
-		while (true) {
+		while (running) {
 			Socket s;
 			try {
 				s = ss.accept();
 				s.setSoTimeout(socketTimeout);
 			} catch (IOException e) {
-				// This is expected when the server socket is closed
-				LOG.info("Server socket closed");
-				state.clearServerSocket(ss);
+				// This is expected when the socket is closed
+				if (LOG.isLoggable(INFO)) LOG.info(e.toString());
 				return;
 			}
 			LOG.info("Connection received");
@@ -493,8 +467,10 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}

 	protected void enableNetwork(boolean enable) throws IOException {
-		state.enableNetwork(enable);
+		if (!running) return;
+		connectionStatus.enableNetwork(enable);
 		controlConnection.setConf("DisableNetwork", enable ? "0" : "1");
+		if (!enable) callback.transportDisabled();
 	}

 	private void enableBridges(boolean enable, boolean needsMeek)
@@ -518,8 +494,9 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {

 	@Override
 	public void stop() {
-		ServerSocket ss = state.setStopped();
-		tryToClose(ss, LOG, WARNING);
+		running = false;
+		tryToClose(socket, LOG, WARNING);
+		callback.transportDisabled();
 		if (controlSocket != null && controlConnection != null) {
 			try {
 				LOG.info("Stopping Tor");
@@ -533,13 +510,8 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}

 	@Override
-	public State getState() {
-		return state.getState();
-	}
-
-	@Override
-	public int getReasonsDisabled() {
-		return state.getReasonsDisabled();
+	public boolean isRunning() {
+		return running && connectionStatus.isConnected();
 	}

 	@Override
@@ -555,7 +527,7 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	@Override
 	public void poll(Collection<Pair<TransportProperties, ConnectionHandler>>
 			properties) {
-		if (getState() != ACTIVE) return;
+		if (!isRunning()) return;
 		backoff.increment();
 		for (Pair<TransportProperties, ConnectionHandler> p : properties) {
 			connect(p.getFirst(), p.getSecond());
@@ -574,7 +546,7 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {

 	@Override
 	public DuplexTransportConnection createConnection(TransportProperties p) {
-		if (getState() != ACTIVE) return null;
+		if (!isRunning()) return null;
 		String bestOnion = null;
 		String onion2 = p.get(PROP_ONION_V2);
 		String onion3 = p.get(PROP_ONION_V3);
@@ -662,8 +634,8 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 								new TorTransportConnection(this, s));
 					}
 				} catch (IOException e) {
-					// This is expected when the server socket is closed
-					LOG.info("Rendezvous server socket closed");
+					// This is expected when the socket is closed
+					if (LOG.isLoggable(INFO)) LOG.info(e.toString());
 				}
 			});
 			Map<Integer, String> portLines =
@@ -691,9 +663,10 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	@Override
 	public void circuitStatus(String status, String id, String path) {
 		if (status.equals("BUILT") &&
-				state.getAndSetCircuitBuilt()) {
+				connectionStatus.getAndSetCircuitBuilt()) {
 			LOG.info("First circuit built");
 			backoff.reset();
+			if (isRunning()) callback.transportEnabled();
 		}
 	}

@@ -724,8 +697,9 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	public void message(String severity, String msg) {
 		if (LOG.isLoggable(INFO)) LOG.info(severity + " " + msg);
 		if (severity.equals("NOTICE") && msg.startsWith("Bootstrapped 100%")) {
-			state.setBootstrapped();
+			connectionStatus.setBootstrapped();
 			backoff.reset();
+			if (isRunning()) callback.transportEnabled();
 		}
 	}

@@ -762,7 +736,7 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	private void disableNetwork() {
 		connectionStatusExecutor.execute(() -> {
 			try {
-				if (state.isTorRunning()) enableNetwork(false);
+				enableNetwork(false);
 			} catch (IOException ex) {
 				logException(LOG, WARNING, ex);
 			}
@@ -772,90 +746,63 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	private void updateConnectionStatus(NetworkStatus status,
 			boolean charging) {
 		connectionStatusExecutor.execute(() -> {
-			if (!state.isTorRunning()) return;
+			if (!running) return;
 			boolean online = status.isConnected();
 			boolean wifi = status.isWifi();
 			String country = locationUtils.getCurrentCountry();
 			boolean blocked =
 					circumventionProvider.isTorProbablyBlocked(country);
-			boolean enabledByUser = settings.getBoolean(PREF_PLUGIN_ENABLE,
-					DEFAULT_PREF_PLUGIN_ENABLE);
 			int network = settings.getInt(PREF_TOR_NETWORK,
-					DEFAULT_PREF_TOR_NETWORK);
-			boolean useMobile = settings.getBoolean(PREF_TOR_MOBILE,
-					DEFAULT_PREF_TOR_MOBILE);
+					PREF_TOR_NETWORK_AUTOMATIC);
+			boolean useMobile = settings.getBoolean(PREF_TOR_MOBILE, true);
 			boolean onlyWhenCharging =
-					settings.getBoolean(PREF_TOR_ONLY_WHEN_CHARGING,
-							DEFAULT_PREF_TOR_ONLY_WHEN_CHARGING);
+					settings.getBoolean(PREF_TOR_ONLY_WHEN_CHARGING, false);
 			boolean bridgesWork = circumventionProvider.doBridgesWork(country);
 			boolean automatic = network == PREF_TOR_NETWORK_AUTOMATIC;

 			if (LOG.isLoggable(INFO)) {
 				LOG.info("Online: " + online + ", wifi: " + wifi);
-				if (country.isEmpty()) LOG.info("Country code unknown");
+				if ("".equals(country)) LOG.info("Country code unknown");
 				else LOG.info("Country code: " + country);
 				LOG.info("Charging: " + charging);
 			}

-			int reasonsDisabled = 0;
-			boolean enableNetwork = false, enableBridges = false;
-			boolean useMeek = false, enableConnectionPadding = false;
-
-			if (!online) {
-				LOG.info("Disabling network, device is offline");
-			} else {
-				if (!enabledByUser) {
-					LOG.info("User has disabled Tor");
-					reasonsDisabled |= REASON_USER;
-				}
-				if (!charging && onlyWhenCharging) {
-					LOG.info("Configured not to use battery");
-					reasonsDisabled |= REASON_BATTERY;
-				}
-				if (!useMobile && !wifi) {
-					LOG.info("Configured not to use mobile data");
-					reasonsDisabled |= REASON_MOBILE_DATA;
-				}
-				if (automatic && blocked && !bridgesWork) {
-					LOG.info("Country is blocked");
-					reasonsDisabled |= REASON_COUNTRY_BLOCKED;
-				}
-
-				if (reasonsDisabled != 0) {
-					LOG.info("Disabling network due to settings");
-				} else {
-					LOG.info("Enabling network");
-					enableNetwork = true;
-					if (network == PREF_TOR_NETWORK_WITH_BRIDGES ||
-							(automatic && bridgesWork)) {
-						if (circumventionProvider.needsMeek(country)) {
-							LOG.info("Using meek bridges");
-							enableBridges = true;
-							useMeek = true;
-						} else {
-							LOG.info("Using obfs4 bridges");
-							enableBridges = true;
-						}
-					} else {
-						LOG.info("Not using bridges");
-					}
-					if (wifi && charging) {
-						LOG.info("Enabling connection padding");
-						enableConnectionPadding = true;
-					} else {
-						LOG.info("Disabling connection padding");
-					}
-				}
-			}
-
-			state.setReasonsDisabled(reasonsDisabled);
-
 			try {
-				if (enableNetwork) {
-					enableBridges(enableBridges, useMeek);
-					enableConnectionPadding(enableConnectionPadding);
+				if (!online) {
+					LOG.info("Disabling network, device is offline");
+					enableNetwork(false);
+				} else if (!charging && onlyWhenCharging) {
+					LOG.info("Disabling network, device is on battery");
+					enableNetwork(false);
+				} else if (network == PREF_TOR_NETWORK_NEVER ||
+						(!useMobile && !wifi)) {
+					LOG.info("Disabling network, device is using mobile data");
+					enableNetwork(false);
+				} else if (automatic && blocked && !bridgesWork) {
+					LOG.info("Disabling network, country is blocked");
+					enableNetwork(false);
+				} else if (network == PREF_TOR_NETWORK_WITH_BRIDGES ||
+						(automatic && bridgesWork)) {
+					if (circumventionProvider.needsMeek(country)) {
+						LOG.info("Enabling network, using meek bridges");
+						enableBridges(true, true);
+					} else {
+						LOG.info("Enabling network, using obfs4 bridges");
+						enableBridges(true, false);
+					}
+					enableNetwork(true);
+				} else {
+					LOG.info("Enabling network, not using bridges");
+					enableBridges(false, false);
+					enableNetwork(true);
+				}
+				if (online && wifi && charging) {
+					LOG.info("Enabling connection padding");
+					enableConnectionPadding(true);
+				} else {
+					LOG.info("Disabling connection padding");
+					enableConnectionPadding(false);
 				}
-				enableNetwork(enableNetwork);
 			} catch (IOException e) {
 				logException(LOG, WARNING, e);
 			}
@@ -863,96 +810,33 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 	}

 	private void enableConnectionPadding(boolean enable) throws IOException {
+		if (!running) return;
 		controlConnection.setConf("ConnectionPadding", enable ? "1" : "0");
 	}

-	@ThreadSafe
-	@NotNullByDefault
-	protected class PluginState {
+	private static class ConnectionStatus {

-		@GuardedBy("this")
-		private boolean started = false,
-				stopped = false,
-				networkInitialised = false,
-				networkEnabled = false,
-				bootstrapped = false,
-				circuitBuilt = false,
-				settingsChecked = false;
+		// All of the following are locking: this
+		private boolean networkEnabled = false;
+		private boolean bootstrapped = false, circuitBuilt = false;

-		@GuardedBy("this")
-		private int reasonsDisabled = 0;
-
-		@GuardedBy("this")
-		@Nullable
-		private ServerSocket serverSocket = null;
-
-		synchronized void setStarted() {
-			started = true;
-			callback.pluginStateChanged(getState());
-		}
-
-		synchronized boolean isTorRunning() {
-			return started && !stopped;
-		}
-
-		@Nullable
-		synchronized ServerSocket setStopped() {
-			stopped = true;
-			ServerSocket ss = serverSocket;
-			serverSocket = null;
-			callback.pluginStateChanged(getState());
-			return ss;
-		}
-
-		synchronized void setBootstrapped() {
+		private synchronized void setBootstrapped() {
 			bootstrapped = true;
-			callback.pluginStateChanged(getState());
 		}

-		synchronized boolean getAndSetCircuitBuilt() {
+		private synchronized boolean getAndSetCircuitBuilt() {
 			boolean firstCircuit = !circuitBuilt;
 			circuitBuilt = true;
-			callback.pluginStateChanged(getState());
 			return firstCircuit;
 		}

-		synchronized void enableNetwork(boolean enable) {
-			networkInitialised = true;
+		private synchronized void enableNetwork(boolean enable) {
 			networkEnabled = enable;
 			if (!enable) circuitBuilt = false;
-			callback.pluginStateChanged(getState());
 		}

-		synchronized void setReasonsDisabled(int reasonsDisabled) {
-			settingsChecked = true;
-			this.reasonsDisabled = reasonsDisabled;
-			callback.pluginStateChanged(getState());
-		}
-
-		// Doesn't affect getState()
-		synchronized boolean setServerSocket(ServerSocket ss) {
-			if (stopped || serverSocket != null) return false;
-			serverSocket = ss;
-			return true;
-		}
-
-		// Doesn't affect getState()
-		synchronized void clearServerSocket(ServerSocket ss) {
-			if (serverSocket == ss) serverSocket = null;
-		}
-
-		synchronized State getState() {
-			if (!started || stopped || !settingsChecked) {
-				return STARTING_STOPPING;
-			}
-			if (reasonsDisabled != 0) return DISABLED;
-			if (!networkInitialised) return ENABLING;
-			if (!networkEnabled) return INACTIVE;
-			return bootstrapped && circuitBuilt ? ACTIVE : ENABLING;
-		}
-
-		synchronized int getReasonsDisabled() {
-			return getState() == DISABLED ? reasonsDisabled : 0;
+		private synchronized boolean isConnected() {
+			return networkEnabled && bootstrapped && circuitBuilt;
 		}
 	}
 }
--- a/bramble-core/src/main/java/org/briarproject/bramble/properties/TransportPropertyManagerImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/properties/TransportPropertyManagerImpl.java
@@ -37,11 +37,6 @@ import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 import javax.inject.Inject;

-import static org.briarproject.bramble.api.properties.TransportPropertyConstants.GROUP_KEY_DISCOVERED;
-import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MSG_KEY_LOCAL;
-import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MSG_KEY_TRANSPORT_ID;
-import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MSG_KEY_VERSION;
-
@Immutable
@NotNullByDefault
 class TransportPropertyManagerImpl implements TransportPropertyManager,
@@ -116,10 +111,10 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		try {
 			// Find the latest update for this transport, if any
 			BdfDictionary d = metadataParser.parse(meta);
-			TransportId t = new TransportId(d.getString(MSG_KEY_TRANSPORT_ID));
+			TransportId t = new TransportId(d.getString("transportId"));
 			LatestUpdate latest = findLatest(txn, m.getGroupId(), t, false);
 			if (latest != null) {
-				if (d.getLong(MSG_KEY_VERSION) > latest.version) {
+				if (d.getLong("version") > latest.version) {
 					// This update is newer - delete the previous update
 					db.deleteMessage(txn, latest.messageId);
 					db.deleteMessageMetadata(txn, latest.messageId);
@@ -145,27 +140,6 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		}
 	}

-	@Override
-	public void addRemotePropertiesFromConnection(ContactId c, TransportId t,
-			TransportProperties props) throws DbException {
-		if (props.isEmpty()) return;
-		try {
-			db.transaction(false, txn -> {
-				Group g = getContactGroup(db.getContact(txn, c));
-				BdfDictionary meta = clientHelper.getGroupMetadataAsDictionary(
-						txn, g.getId());
-				BdfDictionary discovered =
-						meta.getOptionalDictionary(GROUP_KEY_DISCOVERED);
-				if (discovered == null) discovered = new BdfDictionary();
-				discovered.putAll(props);
-				meta.put(GROUP_KEY_DISCOVERED, discovered);
-				clientHelper.mergeGroupMetadata(txn, g.getId(), meta);
-			});
-		} catch (FormatException e) {
-			throw new DbException(e);
-		}
-	}
-
 	@Override
 	public Map<TransportId, TransportProperties> getLocalProperties()
 			throws DbException {
@@ -229,26 +203,12 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		Group g = getContactGroup(c);
 		try {
 			// Find the latest remote update
-			TransportProperties remote;
 			LatestUpdate latest = findLatest(txn, g.getId(), t, false);
-			if (latest == null) {
-				remote = new TransportProperties();
-			} else {
-				// Retrieve and parse the latest remote properties
-				BdfList message =
-						clientHelper.getMessageAsList(txn, latest.messageId);
-				remote = parseProperties(message);
-			}
-			// Merge in any discovered properties
-			BdfDictionary meta =
-					clientHelper.getGroupMetadataAsDictionary(txn, g.getId());
-			BdfDictionary d = meta.getOptionalDictionary(GROUP_KEY_DISCOVERED);
-			if (d == null) return remote;
-			TransportProperties merged =
-					clientHelper.parseAndValidateTransportProperties(d);
-			// Received properties override discovered properties
-			merged.putAll(remote);
-			return merged;
+			if (latest == null) return new TransportProperties();
+			// Retrieve and parse the latest remote properties
+			BdfList message =
+					clientHelper.getMessageAsList(txn, latest.messageId);
+			return parseProperties(message);
 		} catch (FormatException e) {
 			throw new DbException(e);
 		}
@@ -321,9 +281,9 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 			long now = clock.currentTimeMillis();
 			Message m = clientHelper.createMessage(g, now, body);
 			BdfDictionary meta = new BdfDictionary();
-			meta.put(MSG_KEY_TRANSPORT_ID, t.getString());
-			meta.put(MSG_KEY_VERSION, version);
-			meta.put(MSG_KEY_LOCAL, local);
+			meta.put("transportId", t.getString());
+			meta.put("version", version);
+			meta.put("local", local);
 			clientHelper.addLocalMessage(txn, m, meta, shared, false);
 		} catch (FormatException e) {
 			throw new RuntimeException(e);
@@ -342,9 +302,8 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 				.getMessageMetadataAsDictionary(txn, localGroup.getId());
 		for (Entry<MessageId, BdfDictionary> e : metadata.entrySet()) {
 			BdfDictionary meta = e.getValue();
-			TransportId t =
-					new TransportId(meta.getString(MSG_KEY_TRANSPORT_ID));
-			long version = meta.getLong(MSG_KEY_VERSION);
+			TransportId t = new TransportId(meta.getString("transportId"));
+			long version = meta.getLong("version");
 			latestUpdates.put(t, new LatestUpdate(e.getKey(), version));
 		}
 		return latestUpdates;
@@ -357,10 +316,9 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 				clientHelper.getMessageMetadataAsDictionary(txn, g);
 		for (Entry<MessageId, BdfDictionary> e : metadata.entrySet()) {
 			BdfDictionary meta = e.getValue();
-			if (meta.getString(MSG_KEY_TRANSPORT_ID).equals(t.getString())
-					&& meta.getBoolean(MSG_KEY_LOCAL) == local) {
-				return new LatestUpdate(e.getKey(),
-						meta.getLong(MSG_KEY_VERSION));
+			if (meta.getString("transportId").equals(t.getString())
+					&& meta.getBoolean("local") == local) {
+				return new LatestUpdate(e.getKey(), meta.getLong("version"));
 			}
 		}
 		return null;
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
akwizgran	fc9d4dbb66	DO NOT MERGE: Delay sending of attachments.	2020-01-23 08:57:27 -03:00
Torsten Grote	e67e55227b	[android] Refactor attachment loading to use LiveData	2020-01-23 08:57:26 -03:00
Torsten Grote	7b106f952d	[android] address first round of code review for attachment placeholders	2020-01-23 08:57:26 -03:00
Torsten Grote	e896b1fdd8	[android] support attachments arriving before the message containing them	2020-01-23 08:57:25 -03:00
Torsten Grote	bb8e736804	Show placeholders for missing attachments in ImageActivity and display attachments as they arrive while ImageActivity is open.	2020-01-23 08:57:25 -03:00
Torsten Grote	0e5231955c	Refactor attachment loading to support incremental display once loaded	2020-01-23 08:57:25 -03:00